def get_managers_by_company_uuid(self, company_uuid):
'''
查询该公司下的所有运营者
:param company_id:
:return:
'''
managers_info = {}
com_db = CompanyDao(session=self.session)
company_name = com_db.get_company_by_uuid(company_uuid,False)['name']
role_rule_db = RoleRulesDao(session=self.session)
roles_info = role_rule_db.get_roles_dict()
cond = and_(UserConf.company_uuid == company_uuid, UserConf.type == UserConf.TYPE_ROLE_MGR)
managers = self.session.query(UserConf).filter(cond).all()
for manager in managers:
role_info = {
'name': manager.rule,
'title': roles_info[manager.rule]
}
if managers_info.get(manager.user_id):
managers_info[manager.user_id]['roles'].append(role_info)
else:
managers_info[manager.user_id] = {
'roles':[role_info],
'company': company_name,
'user_id': manager.user_id
}
return managers_info.values()
def get_user(self):
token = self.request.headers.get("user_token", None)
rule_db = RuleDao(session=self.session)
setting_db = SettingsDao(session=self.session)
redis = RedisBase()
token_info = redis.get_token_info(token)
company_uuid = token_info.get('company_uuid', None)
app_version_info = token_info.get("app_version_info")
update_at = str_to_datetime(
token_info['update_at']).strftime('%Y-%m-%d %H:%M:%S')
avatar = self.get_avatar(token_info['uuid'])
# 日志
self.log_user_action(token_info.get("uuid"), "get_user",
token_info.get("uuid"))
if app_version_info:
# app_version_info = json.loads(app_version_info)
is_newest = setting_db.is_newest_version(
app_version_info.get('app_version'),
app_version_info.get('m_platform'))
if not is_newest:
self.set_status(
CODE_APP_NEW_VERSION_AVAILABLE,
token_status[CODE_APP_NEW_VERSION_AVAILABLE]['msg'])
if company_uuid:
com_db = CompanyDao(session=self.session)
syndicate = com_db.get_company_by_uuid(
token_info['syndicate_uuid'])
#根据公司再对显示权限进行过滤。这里一定不能修改token的内容。
company_rules = rule_db.get_rules_by_level(Rules.LV_COMPANY,
token_info['rule'])
result = {
'uuid': token_info['uuid'],
'name': token_info['name'],
'py_full': token_info['py_full'],
'role_group': token_info['role_group'],
'role': token_info['role'],
'rule': company_rules,
'avatar': avatar,
'company': token_info['company']['name'],
'company_uuid': company_uuid,
'syndicate': {
'name': syndicate['name'],
'media_solution': syndicate['media_solution']
},
"openid": token_info['openid'],
'update_at': update_at,
}
return result
else: #如果没有选择公司,则返回给另外一些显示权限。
syndicate_rules = rule_db.get_rules_by_level(
Rules.LV_SYNDICATE, token_info['rule'])
token_info['rule'] = list(syndicate_rules)
#token_info['rule'] = syndicate_rules,
token_info['avatar'] = avatar
token_info['update_at'] = update_at
return token_info
def list(self):
beg = self.get_argument("beg",0)
count = self.get_argument("count",30)
search = self.get_argument("search","")
sort = self.get_argument('sort','py')
self.logger.info("beg:"+str(beg)+"count:"+str(count))
token = self.request.headers.get("user_token",None)
redis = RedisBase()
token_info = redis.get_token_info(token)
user_id = token_info['uuid']
role_group = token_info['role_group']
role_type = self.get_user_conf_type(role_group)
usr_conf_db = UserConfDao(session=self.session)
companys = usr_conf_db.get_companys_by_userid_and_type(user_id, role_type)
company_list = []
com_db = CompanyDao(session=self.session)
if role_group == Users.ROLE_SUP_MGR:
company_list = com_db.get_companys(companys[0], search) # 一个超级管理员只能管理一个集团
else:
for com_uuid in companys:
company = com_db.get_company_by_uuid(com_uuid,False)
if company['name'].find(search) == -1:
continue
result = {
'uuid': com_uuid,
'name': company['name'],
'desc': company['desc'],
'property': company['property'],
'py': company['py'],
'id': company['id']
}
company_list.append(result)
company_list.sort(key=lambda com: com[sort])
self.log_user_action(token_info.get("uuid"),"company_list","-")
result = {
'result': True,
'count': len(company_list),
'companys': company_list[int(beg):int(beg)+int(count)] if (int(beg)+int(count)) <= len(company_list) else company_list[int(beg):]
}
return result
def login_viewer(self, user_id, telephone, app_version_info):
'''
TODO:处理管理员登陆。
:return:
'''
usr_status_db = UserLastStatusDao(session=self.session)
usr_conf_db = UserConfDao(session=self.session)
com_db = CompanyDao(session=self.session)
status = usr_status_db.get_specific_status(user_id, Users.ROLE_VIEWER,
setting.PLATFORM_MOBILE)
if status and status.token and self.redis.exists_token(status.token):
old_token = self.redis.get_token_info(status.token)
old_token['status'] = {
'code': CODE_USER_KICKED,
'msg': token_status[CODE_USER_KICKED]['msg']
}
self.redis.set_token(status.token, json.dumps(old_token), False)
# 如果是手机端,则在登陆时一次性将公司列表也返回
companys = usr_conf_db.get_companys_by_userid_and_type(
user_id, UserConf.TYPE_ROLE_VIEWER)
company_list = []
for com_uuid in companys:
company = com_db.get_company_by_uuid(com_uuid, False)
t_item = {
'uuid': com_uuid,
'name': company['name'],
'desc': company['desc'],
'property': company['property'],
'py': company['py'],
'id': company['id']
}
company_list.append(t_item)
company_list.sort(key=lambda com: com["py"])
# 日志
self.log_user_action(user_id, "login", Users.ROLE_VIEWER)
return company_list, self.set_token_info_and_user_conf(
user_id, Users.ROLE_VIEWER, telephone, setting.PLATFORM_MOBILE,
app_version_info)
def login_wx(self):
# 获取参数
code = self.get_argument("code", None)
platform = self.get_argument("from", "web")
state = self.get_argument("state", None)
syn_uuid = self.get_argument("syn_uuid", None)
# 获取state中存储的信息
state_info = self.redis.get_state_info(state) if state else None
result = {}
# 未获取认证码
if (platform == setting.PLATFORM_WEB and
(not code or not state)) or (platform == setting.PLATFORM_MOBILE
and (not code or not syn_uuid)):
result.update({"result": False, "msg": err_msgs['PARAMS_MISSING']})
self.set_status(400)
elif platform == setting.PLATFORM_WEB and not state_info:
result.update({
"result": False,
"msg": err_msgs['STATE_TIME_OUT'],
})
self.set_status(400)
else:
if platform == setting.PLATFORM_WEB:
# 获取角色
role = state_info.get('role')
else:
role = Users.ROLE_VIEWER
# 换取access_token等信息
auth_info = exchange_for_access_token(code, None, platform)
# auth_info获取失败
if auth_info.get('errcode', 0):
result.update({
"result": False,
"msg": err_msgs[str(auth_info.get('errcode', 0))]
})
self.set_status(502)
else:
# 查找拥有此openid的用户
user_db = UserDao(session=self.session)
user = user_db.get_user_by_openid_and_role(
auth_info['openid'], role)
if not user:
result.update({
"result": False,
"msg": err_msgs['WX_NOT_BOUND']
})
self.set_status(400)
else:
# 用户已登录将其踢出
usr_status_db = UserLastStatusDao(session=self.session)
status = usr_status_db.get_specific_status(
user.user_id, role, platform)
if status and status.token and self.redis.exists_token(
status.token):
old_token = self.redis.get_token_info(status.token)
old_token['status'] = {
'code': CODE_USER_KICKED,
'msg': token_status[CODE_USER_KICKED]['msg']
}
self.redis.set_token(status.token,
json.dumps(old_token), False)
# 设置token信息
info = json.dumps(
self.gen_token_info(user.user_id, role, platform, {}))
token = self.build_token(user.telephone)
self.redis.set_token(token, info, platform=platform)
# 设置用户最后一次状态表中的token信息
usr_status_db = UserLastStatusDao(session=self.session)
usr_status_db.set_token(user.user_id,
role,
token,
platform=platform)
# 日志
self.log_user_action(user.user_id, "login_wx", "-")
result.update({
"result": True,
"msg": "OK",
"token": token,
})
if platform == setting.PLATFORM_MOBILE:
# 如果是手机端,则在登陆时一次性将公司列表也返回
usr_conf_db = UserConfDao(session=self.session)
com_db = CompanyDao(session=self.session)
companys = usr_conf_db.get_companys_by_userid_and_type(
user.user_id, UserConf.TYPE_ROLE_VIEWER)
company_list = []
for com_uuid in companys:
company = com_db.get_company_by_uuid(
com_uuid, False)
t_item = {
'uuid': com_uuid,
'name': company['name'],
'desc': company['desc'],
'property': company['property'],
'py': company['py'],
'id': company['id']
}
company_list.append(t_item)
company_list.sort(key=lambda com: com["py"])
result.update(companys=company_list,
hostname=syn_uuid +
setting.HOST_NAME_SUFFIX)
return result
def pkg_token(self, user_id, role_group, platform):
'''
:param user_id:
:param role_group:
:param platform:
:return:
'''
#TODO: 此方法要修改成逻辑更清晰的,且需要的数据都是通过参数传入,而不依赖数据库。依赖之前的token,如果之前的为NONE,则使用当前传入数据重新构建一个。
# 获取用户相关信息
user_db = UserDao(session=self.session)
user_info = user_db.user(user_id)
if (platform == 'mobile'):
expire_time = setting.TOKEN_EXPIRE_TIME_FOR_MOBILE
else:
expire_time = setting.TOKEN_EXPIRE_TIME
if role_group == Users.ROLE_ADMIN:
token = {
"uuid": user_id,
"openid":user_info['openid'],
"name": user_info['user_name'],
"expire_time": expire_time,
"role_group": role_group,
"rule": ['rule_sys_manager_syndicate','rule_sys_manager_super'],
"status": {
'code': CODE_OK,
'msg': token_status[CODE_OK]['msg']
}
}
return token
# 获取用户user_conf表中对应的role_type
role_type = self.get_user_conf_type(role_group)
# 根据最后状态表得到用户的company_id
usr_status_db = UserLastStatusDao(session=self.session)
status = usr_status_db.get_specific_status(user_id, role_group, platform)
com_db = CompanyDao(session=self.session)
if status and status.company_uuid and com_db.com_exists(status.company_uuid): # 最后状态表没有数据或者上次操作的公司不存在需要重新选择公司
company_uuid = status.company_uuid
# 查询公司的相关信息
com_db = CompanyDao(session=self.session)
com_info = com_db.get_company_by_uuid(company_uuid)
# 查询该角色在该公司下的角色和权限
user_conf = UserConfDao(session=self.session)
if role_group == Users.ROLE_SUP_MGR:
roles = user_conf.get_spec_roles(user_id,com_info['parent']['uuid'],role_type)
else:
roles = user_conf.get_spec_roles(user_id,company_uuid,role_type)
role_rule_db = RoleRulesDao(session=self.session)
rules = []
for role in roles:
rules.extend(role_rule_db.get_role_rules(role))
token = {
"name": user_info['user_name'],
"uuid": user_id,
"openid":user_info['openid'],
"role": roles,
"role_group": role_group,
"expire_time": expire_time,
"rule": rules,
"company_uuid": company_uuid,
"company": {
'name': com_info['name'],
'es_host': ES_HOST,
'es_index': com_info['index']
},
"syndicate_uuid": com_info['parent']['uuid'],
"syndicate": com_info['parent']['name']
}
else:
user_conf_db = UserConfDao(session=self.session)
syndicate_uuid = user_conf_db.get_companys_by_userid_and_type(user_id,role_type)[0]
syndicate_info = com_db.get_company_by_uuid(syndicate_uuid,False)
roles = user_conf_db.get_spec_roles(user_id,syndicate_uuid,role_type)
role_rule_db = RoleRulesDao(session=self.session)
rules = []
for role in roles:
rules.extend(role_rule_db.get_role_rules(role))
token = {
"name": user_info['user_name'],
"uuid": user_id,
"openid":user_info['openid'],
"role": roles,
"role_group": role_group,
"expire_time": expire_time,
"rule": rules,#['rule_setting_personal','rule_ac_manager_company'],
"syndicate_uuid": syndicate_uuid,
"syndicate": syndicate_info['name']
}
token['status'] = {
'code': CODE_OK,
'msg': token_status[CODE_OK]['msg']
}
return token
def gen_token_info(self, user_id=None, role_group=None, platform='web', old_token_info=None, **kwargs):
'''
查询与生成token_info相关的信息,并调用组装函数组装token
:param user_id: 用户ID
:param role_group: 用户角色组
:param platform: 登录平台
:param old_token_info: 旧的token
:param kwargs: 需要更新的内容,不管是重新生成还是更新旧的token,格式需要注意:指定的key可以是openid,name,update_at,role,role_group,rule,company,syndicate_uuid,syndicate.
:return:
'''
#TODO: 此方法要修改成逻辑更清晰的,且需要的数据都是通过参数传入,而不依赖数据库。依赖之前的token,如果之前的为NONE,则使用当前传入数据重新构建一个。
token_info = {}
# 移动端存入app的版本信息和登录平台信息
if platform == setting.PLATFORM_MOBILE:
token_info.update(expire_time=setting.TOKEN_EXPIRE_TIME_FOR_MOBILE,app_version_info=kwargs.get("app_version_info"),platform=platform)
else:
token_info.update(expire_time=setting.TOKEN_EXPIRE_TIME,platform=platform)
# 根据之前的token更新键值对,不需要重新生成新token
if old_token_info:
for k,v in kwargs.items():
if old_token_info.has_key(k):
old_token_info.update({k:v})
token_info.update(old_token_info)
else:
user_db = UserDao(session=self.session)
usr_status_db = UserLastStatusDao(session=self.session)
com_db = CompanyDao(session=self.session)
user_conf_db = UserConfDao(session=self.session)
role_rule_db = RoleRulesDao(session=self.session)
# 获取用户相关信息
user_info = user_db.user(user_id)
# 获取用户user_conf表中对应的role_type
role_type = self.get_user_conf_type(role_group)
if role_group == Users.ROLE_ADMIN:
# TODO 获取admin角色rules的函数可能需要修改成通过role_group参数获取,当前是role参数,也可以通过新建一个函数获取
roles = user_conf_db.get_spec_roles(user_id,UserConf.ACC_COM_ID,role_type)
com_and_synd_info = None
else:
# 根据最后状态表得到用户的company_id
status = usr_status_db.get_specific_status(user_id, role_group, platform)
com_and_synd_info = {}
# 查询公司的相关信息(包括公司和集团)
if status and status.company_uuid and com_db.com_exists(status.company_uuid): # 最后状态表没有数据或者上次操作的公司不存在需要重新选择公司
com_and_synd_info.update(com_db.get_company_by_uuid(status.company_uuid))
else:
syndicate_uuid = user_conf_db.get_companys_by_userid_and_type(user_id,role_type)[0]
com_and_synd_info.update(com_db.get_company_by_uuid(syndicate_uuid,False))
# 获取roles
if com_and_synd_info.get('parent') and role_group == Users.ROLE_SUP_MGR:
roles = user_conf_db.get_spec_roles(user_id,com_and_synd_info['parent']['uuid'],role_type)
else:
roles = user_conf_db.get_spec_roles(user_id,com_and_synd_info['uuid'],role_type)
# 获取rules
rules = []
for role in roles:
rules.extend(role_rule_db.get_role_rules(role))
token_info.update(self.pkg_token_v2(user_info, role_group, roles=roles, rules=rules,com_and_synd_info=com_and_synd_info,**kwargs))
return token_info