def post_myfavourite(request):
OperateLog.create_log(request)
if not request.method == "POST":
return JsonResponse({"error": "请求方式不正确"},
status=status.HTTP_405_METHOD_NOT_ALLOWED)
user = request.user
if str(user) == 'AnonymousUser':
return JsonResponse({"error": "请先登录"},
status=status.HTTP_400_BAD_REQUEST)
bod = request.body
bod = str(bod, encoding="utf-8")
params = json.loads(bod)
na_id = params.get("na_id")
naviagetion = Navigations.objects.get(pk=na_id)
user_favriout = UserFaviourt.objects.filter(user_faviourt=user).exists()
if not user_favriout:
fa = UserFaviourt.objects.create(user_faviourt=user)
faviourt = UserFaviourt.objects.get(user_faviourt=user)
queryset = Navigations.objects.filter(
navigation_fav__user_faviourt=user.id).distinct()
for i in queryset:
if i.id == int(na_id):
return JsonResponse({"error": "不能重复收藏"},
status=status.HTTP_400_BAD_REQUEST)
faviourt.faviourt.add(naviagetion)
return JsonResponse({"info": "收藏成功"}, status=status.HTTP_200_OK)
def set_sort(request):
OperateLog.create_log(request)
if not request.method == "POST":
return JsonResponse({"error": "请求方式不正确"},
status=status.HTTP_405_METHOD_NOT_ALLOWED)
user = request.user
bod = request.body
bod = str(bod, encoding="utf-8")
params = json.loads(bod)
# {"1": "类型id"}
try:
sort_info = params.get("sort_info")
sort_dict = {"username": user, "order": sort_info}
ex = SortInfo.objects.filter(username=user).exists()
if ex:
SortInfo.objects.filter(username=user).update(order=sort_info)
else:
SortInfo.objects.create(**sort_dict)
except Exception as e:
return JsonResponse({
"error": "设置失败",
"data": str(e)
},
status=status.HTTP_400_BAD_REQUEST)
return JsonResponse({"info": "设置成功"}, status=status.HTTP_200_OK)
def update(self, request, *args, **kwargs):
instance = self.get_object()
serializer = self.get_serializer(instance, data=request.data)
serializer.is_valid(raise_exception=True)
self.perform_update(serializer)
OperateLog.create_log(request)
return Response(serializer.data)
def user_delete(request):
OperateLog.create_log(request)
if not request.method == "DELETE":
return JsonResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED, data={})
permission = request.user.has_perm("auth.delete_user")
if permission == False:
return JsonResponse({"error": "你没有权限操作"}, status=status.HTTP_403_FORBIDDEN)
cn = request.GET.get('cn', '')
# 获取登录模式
login_sets = get_login_model()
mode = login_model
try:
if mode == 1:
# 删除ldap用户信息
ldap_user_delete(cn)
ret = User.objects.filter(user_profile__create_source=1).filter(username=cn).delete()
elif mode == 2:
ret = User.objects.filter(user_profile__create_source=2).filter(username=cn).delete()
elif mode == 3 or mode == 4:
# 删除ldap用户信息
ldap_user_delete(cn)
ret = User.objects.filter(username=cn).delete()
return JsonResponse({"message": "删除成功"}, status=status.HTTP_200_OK)
except Exception as e:
return JsonResponse({"error": "删除失败: " + str(e.args)}, status=status.HTTP_400_BAD_REQUEST)
def user_add(request):
OperateLog.create_log(request)
if not request.method == "POST":
return JsonResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED, data={})
# 当前用户是否拥有新增用户权限
permission = request.user.has_perm("auth.add_user")
if permission == False:
return JsonResponse({"error": "你没有权限操作"}, status=status.HTTP_403_FORBIDDEN)
bod = request.body
bod = str(bod, encoding="utf-8")
data = json.loads(bod)
username = data["cn"]
# 校验ldap是否有该用户
ldap_exit = User.objects.filter(user_profile__create_source=1).filter(username=username).exists()
# 校验本地是否有该用户
local_exit = User.objects.filter(user_profile__create_source=2).filter(username=username).exists()
# 获取登录模式
login_sets = get_login_model()
mode = login_model
if mode == 1:
# 如果ldap没有该用户
if ldap_exit == False:
with transaction.atomic():
ldap_user_add(**data)
lu = local_user_add(**data)
up = UserProfile.objects.create(user=lu, create_source=1, is_enable=1)
return JsonResponse({"info": "新增成功"}, status=status.HTTP_200_OK)
# 如果ldap存在该用户
else:
return JsonResponse({"error": "ldap已存在该用户"}, status=status.HTTP_400_BAD_REQUEST)
elif mode == 2:
# 如果本地没有该用户
if local_exit == False:
with transaction.atomic():
lu = local_user_add(**data)
up = UserProfile.objects.create(user=lu, create_source=2, is_enable=1)
return JsonResponse({"info": "新增成功"}, status=status.HTTP_200_OK)
# 如果本地存在该用户
else:
return JsonResponse({"error": "本地已存在该用户"}, status=status.HTTP_400_BAD_REQUEST)
elif mode == 3 or mode == 4:
# 本地或者ldap存在该用户则不进行新增
if (ldap_exit == False) and (local_exit == False):
with transaction.atomic():
# ldap新增
ldap_user_add(**data)
lu = local_user_add(**data)
lup = UserProfile.objects.create(user=lu, create_source=1, is_enable=1)
# 本地新增
bu = local_user_add(**data)
bup = UserProfile.objects.create(user=bu, create_source=2, is_enable=1)
return JsonResponse({"info": "新增成功"}, status=status.HTTP_200_OK)
else:
return JsonResponse({"error": "ldap或本地已存在该用户"}, status=status.HTTP_400_BAD_REQUEST)
def home_top(request):
op = OpenStationManage.objects.filter(station_info__classify=2).count()
data = []
# 总量查询集
total_base_query = RefactoringConsultingAndVisitors.objects.all()
i_dict = {}
valid_con = total_base_query.aggregate(
consulting_total=Sum('valid_consulting'))
invalid_con = total_base_query.aggregate(
invalid_consulting=Sum('invalid_consulting'))
valid_vis = total_base_query.aggregate(valid_visitors=Sum('unique_vistor'))
i_dict["name"] = "历史重构咨询量"
i_dict["total"] = int(valid_con.get('consulting_total', 0)) + int(
invalid_con.get('invalid_consulting', 0))
data.append(i_dict)
v_dict = {}
v_dict["name"] = "历史重构访客量"
v_dict["total"] = int(valid_vis.get('valid_visitors', 0))
data.append(v_dict)
o_dict = {}
o_dict["name"] = "历史重构站点数量"
o_dict["total"] = op
data.append(o_dict)
OperateLog.create_log(request)
return Response(data=data, status=status.HTTP_200_OK)
def user_detail(request):
OperateLog.create_log(request)
user = request.GET.get("user", "")
try:
with connect_ldap() as c:
c.search('cn=%s,ou=Users,dc=xiaoneng,dc=cn' % user,
search_filter='(objectClass=inetOrgPerson)',
attributes=['sn', 'cn', 'mail', 'memberof'])
# 获取所有角色(所有角色)
ret = get_group_role()
if not isinstance(ret, list):
return Response({"error": ret}, status=status.HTTP_400_BAD_REQUEST)
# 获取总的分组以及角色字典
permissions_dict = update_info(ret)
# 获取某个人的所有权限,并对字典赋值
result = {}
for item in c.entries:
memberof = item.entry_attributes_as_dict['memberOf']
print('zxymemberof', memberof)
result.update({
"cn": item.entry_attributes_as_dict['cn'][0],
"sn": item.entry_attributes_as_dict['sn'][0],
"mail": item.entry_attributes_as_dict['mail'][0],
"permission": dn_update_permission(memberof, permissions_dict)
})
return Response(result, status=status.HTTP_200_OK)
except Exception as e:
return Response({"error": str(e.args)}, status=status.HTTP_400_BAD_REQUEST)
def personal_changepassword(request):
if not request.method == "POST":
return JsonResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED, data={})
data = ast.literal_eval(request.body.decode('utf-8'))
OperateLog.create_log(request)
try:
with connect_ldap() as c:
c.search('ou=Users,dc=xiaoneng,dc=cn',
search_filter='(objectClass=inetOrgPerson)',
attributes=['userPassword', 'cn'],
search_scope=SUBTREE)
ldap_password = ''
dn = ''
for i in c.entries:
cn = i.entry_attributes_as_dict['cn'][0]
print(cn)
if i.entry_attributes_as_dict['cn'][0] == request.user.get_username():
ldap_password = i.entry_attributes_as_dict['userPassword'][0]
dn = i.entry_dn
break
if ldap_password and sha.verify(data['old_password'], ldap_password):
c.modify(dn, {'userpassword': [(MODIFY_REPLACE, sha.hash(data['new_password']))]})
# 修改本地密码
user = User.objects.get(username=cn)
user.password = sha.hash(data['new_password'])
user.save()
else:
return JsonResponse(status=status.HTTP_400_BAD_REQUEST,
data={"result": False, "error": '旧密码错误, 验证失败'})
return JsonResponse(status=status.HTTP_200_OK,
data={"result": True, "message": "修改成功"})
except Exception as e:
return JsonResponse(status=status.HTTP_400_BAD_REQUEST,
data={"result": False, "error": str(e.args)})
def get_myfavourite(request):
OperateLog.create_log(request)
date = []
host = str(request.get_host())
username_id = request.user.id
if username_id:
queryset = Navigations.objects.filter(
navigation_fav__user_faviourt=username_id).distinct()
for i in queryset:
id = i.id
name = i.name_navigations
url = i.url
image = 'http://' + host + '/upload/' + str(i.image)
desc = i.desc
date.append({
"id": id,
"name_navigations": name,
"url": url,
"image": image,
"desc": desc
})
else:
return JsonResponse({"error": "请登录"},
status=status.HTTP_400_BAD_REQUEST)
return JsonResponse({"date": date}, status=status.HTTP_200_OK)
def login_config(request):
if not (request.method == "PUT" or request.method == "POST"):
return JsonResponse({"error": "request method not allowed"},
status=status.HTTP_405_METHOD_NOT_ALLOWED)
permission = request.user.has_perm("setup.change_loginconfig")
if permission == False:
return JsonResponse({"error": "你没有权限操作"},
status=status.HTTP_403_FORBIDDEN)
bod = request.body
bod = str(bod, encoding="utf-8")
bod = json.loads(bod)
# 获取参数
auth_ldap_bind_dn = bod.get("AUTH_LDAP_BIND_DN",
"cn=admin,dc=xiaoneng,dc=cn")
auth_ldap_bind_password = bod.get("AUTH_LDAP_BIND_PASSWORD",
"password6666")
user_ldapsearch = bod.get("USER_LDAPSearch", "ou=Users,dc=xiaoneng,dc=cn")
user_scope_subtree = bod.get("USER_SCOPE_SUBTREE", "(cn=%(user)s)")
group_ldapsearch = bod.get("GROUP_LDAPSearch",
"cn=LDAP,ou=Roles,dc=xiaoneng,dc=cn")
group_scope_subtree = bod.get("GROUP_SCOPE_SUBTREE",
"(objectClass=groupOfUniqueNames)")
is_active = bod.get("is_active", "(objectClass=groupOfUniqueNames)")
is_staff = bod.get("is_staff",
"cn=users,cn=LDAP,ou=Roles,dc=xiaoneng,dc=cn")
is_superuser = bod.get("is_superuser",
"cn=ldap-admin,cn=LDAP,ou=Roles,dc=xiaoneng,dc=cn")
ldap_server_url = bod.get("ldap_server_url", "ldap.xiaoneng.cn")
ldap_name = bod.get("ldap_name", "ldap://ldap.xiaoneng.cn")
login_model = bod.get("login_model")
model_info = {
"auth_ldap_bind_dn": auth_ldap_bind_dn,
"auth_ldap_bind_password": auth_ldap_bind_password,
"user_ldapsearch": user_ldapsearch,
"user_scope_subtree": user_scope_subtree,
"group_ldapsearch": group_ldapsearch,
"group_scope_subtree": group_scope_subtree,
"is_active": is_active,
"is_staff": is_staff,
"is_superuser": is_superuser,
"ldap_server_url": ldap_server_url,
"ldap_name": ldap_name,
"login_model": login_model,
"ldap": "oa"
}
ret = LoginLdapConfig.objects.update_or_create(defaults=model_info,
**{"ldap": "oa"})
if login_model == '1':
pro1 = UserProfile.objects.filter(create_source=1).update(is_enable=1)
pro2 = UserProfile.objects.filter(create_source=2).update(is_enable=0)
elif login_model == '2':
pro1 = UserProfile.objects.filter(create_source=1).update(is_enable=0)
pro2 = UserProfile.objects.filter(create_source=2).update(is_enable=1)
elif login_model == '3' or login_model == '4':
pro = UserProfile.objects.update(is_enable=1)
OperateLog.create_log(request)
return JsonResponse({'info': '设置成功'}, status=status.HTTP_200_OK)
def list(self, request, *args, **kwargs):
OperateLog.create_log(request)
queryset = self.filter_queryset(self.get_queryset())
serializer = self.get_serializer(queryset, many=True)
data = serializer.data
data_list = []
s = 0
user = request.user
print('user', user, type(user))
if str(user) == 'AnonymousUser':
for ds in data:
s += 1
data_list.append({"la": 1, "ch": ds})
return Response(data_list, status=status.HTTP_200_OK)
else:
# 获取存储的所有排序
data_list = []
sort_info = SortInfo.objects.filter(username=user).first()
# 判断sort_info为空
s = 0
if sort_info == None:
for ds in data:
s = s + 1
data_list.append({"la": s, "ch": ds})
# 如果排序不为空
else:
sort_info = sort_info.order
sort_info = eval(sort_info)
# 所有type的id集合
type_id = set()
for d in data:
type_id.add(d["id"])
# 获取排序的id
sort_id = set()
for s, t in sort_info.items():
sort_id.add(t)
# 获取未排序的id
df_id = type_id - sort_id
print('df_id', df_id)
# 获取排序的元素
for j, q in sort_info.items():
for i in data:
if i["id"] == q:
data_list.append({"la": j, "ch": i})
# 为n赋值,大于df_id的最大值
n = int(j)
# 添加未排序的type
for df in df_id:
for da in data:
if int(df) == int(da["id"]):
n = n + 1
data_list.append({"la": n, "ch": da})
return Response(data_list)
def destroy(self, request, *args, **kwargs):
pk = kwargs
model_query = GoodsModel.objects.all()
model_num = model_query.filter(good_parents=pk['pk']).count()
if model_num > 0:
return Response({'error': '该模块含有子类无法删除'},
status=status.HTTP_400_BAD_REQUEST)
OperateLog.create_log(request)
return super(GoodsModelSet, self).destroy(request, *args, **kwargs)
def update(self, request, *args, **kwargs):
try:
with transaction.atomic():
super(UserViewSet, self).update(request, *args, **kwargs)
OperateLog.create_log(request)
return Response({}, status=status.HTTP_200_OK)
except Exception as e:
return Response({"error": str(e)},
status=status.HTTP_400_BAD_REQUEST)
def destroy(self, request, *args, **kwargs):
version_id = VersionRepository.objects.all().filter(
parent=kwargs['pk'])
if version_id:
return Response({'error': '该版本还有子版本,请先删除子产品'},
status=status.HTTP_400_BAD_REQUEST)
OperateLog.create_log(request)
return super(VersionRepositoryManage,
self).destroy(request, *args, **kwargs)
def list_role_members(request):
OperateLog.create_log(request)
role = request.GET.get('role')
group = request.GET.get('group')
result = get_member(role, group)
if isinstance(result, list):
return Response(result)
if isinstance(result, str):
return Response({"result": False, "error": result})
def destroy(self, request, *args, **kwargs):
instance = self.get_object()
site_num = instance.company_info.count()
if not site_num:
instance.delete()
OperateLog.create_log(request)
return Response(status=status.HTTP_204_NO_CONTENT)
else:
return Response({"error": "有站点在该行业,不可删除"},
status=status.HTTP_400_BAD_REQUEST)
def update(self, request, *args, **kwargs):
data = request.data
instance = self.get_object()
serializer = self.get_serializer(instance, data=data)
serializer.is_valid(raise_exception=True)
with transaction.atomic():
instance = serializer.save()
OperateLog.create_log(request)
return Response(MultipleGoodsSerializer(instance).data,
status=status.HTTP_200_OK)
def destroy(self, request, *args, **kwargs):
instance = self.get_object()
ad_status = Advertising.objects.all().filter(pk=kwargs['pk']) \
.values_list('ad_status', flat=True)
if ad_status[0] == 1:
return Response({'error': '该商品已经上架,请下架后再删除'},
status=status.HTTP_400_BAD_REQUEST)
self.perform_destroy(instance)
OperateLog.create_log(request)
return Response(status=status.HTTP_200_OK)
def destroy(self, request, *args, **kwargs):
today = datetime.date.today()
putaway_off_time = MultipleGoods.objects.all().filter(pk=kwargs['pk'])\
.values_list('putaway_off_time', flat=True)
if putaway_off_time[0] >= today:
return Response({'error': '该商品已经上架,请下架后再删除'},
status=status.HTTP_400_BAD_REQUEST)
OperateLog.create_log(request)
return super(MultipleProductManageset,
self).destroy(request, *args, **kwargs)
def create(self, request, *args, **kwargs):
try:
with transaction.atomic():
super(VersionProductManage,
self).create(request, *args, **kwargs)
OperateLog.create_log(request)
return Response({}, status=status.HTTP_200_OK)
except Exception as e:
return Response({'error': str(e)},
status=status.HTTP_400_BAD_REQUEST)
def update(self, request, *args, **kwargs):
try:
super(TagManageSet, self).update(request, *args, **kwargs)
OperateLog.create_log(request)
return Response({}, status=status.HTTP_200_OK)
except Exception as e:
return Response({
'error': '该标签已存在',
'e': str(e)
},
status=status.HTTP_400_BAD_REQUEST)
def create(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
try:
with transaction.atomic():
self.perform_create(serializer)
except Exception as e:
return Response({'error': str(e)},
status=status.HTTP_400_BAD_REQUEST)
OperateLog.create_log(request)
return Response(status=status.HTTP_200_OK)
def logout(request):
"""
function:登出
param: request
return:
"""
if not request.method == "GET":
return JsonResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED, data={})
auth.logout(request)
OperateLog.logout(request)
return HttpResponse('success', status=status.HTTP_200_OK)
def delete_myfaourite(request):
OperateLog.create_log(request)
if not request.method == "DELETE":
return JsonResponse({"error": "请求方式不正确"},
status=status.HTTP_405_METHOD_NOT_ALLOWED)
na_id = request.GET.get("na_id")
user = request.user
favorite = UserFaviourt.objects.get(user_faviourt=user)
navigation = Navigations.objects.get(pk=na_id)
favorite.faviourt.remove(navigation)
return JsonResponse({"info": "取消收藏成功"}, status=status.HTTP_200_OK)
def classic_week_pwd(request):
#查看redis脚本执行状态 进行中=1,已完成=2,执行失败=3
req = Redis_base().get("classic_week_pwd")
if req == 1:
return JsonResponse({}, safe=False)
else:
Redis_base().set("classic_week_pwd", 1)
classic_week_pwd_async()
request.body = json.dumps({"data": ""}).encode()
request.method = "SCRIPT"
OperateLog.create_log(request)
return JsonResponse({}, safe=False)
def create(self, request, *args, **kwargs):
if request.user not in User.objects.all():
return Response({'error': '亲,请先登录!'},
status=status.HTTP_400_BAD_REQUEST)
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
self.perform_create(serializer)
headers = self.get_success_headers(serializer.data)
OperateLog.create_log(request)
return Response(serializer.data,
status=status.HTTP_200_OK,
headers=headers)
def create(self, request, *args, **kwargs):
try:
with transaction.atomic():
super(GoodsModelSet, self).create(request, *args, **kwargs)
OperateLog.create_log(request)
return Response({}, status=status.HTTP_200_OK)
except Exception as e:
return Response({
'error': '该模块已存在',
'e': str(e)
},
status=status.HTTP_400_BAD_REQUEST)
def create_put_up(request):
today = datetime.date.today()
bod = request.body
bod = str(bod, encoding="utf-8")
bod = json.loads(bod)
goods_sn = bod.get('goods_sn', '')
on_time = bod.get('putaway_recent_on_time', '1970-01-01').strip()
off_time = bod.get('putaway_off_time', '1970-01-01').strip()
sell_status = bod.get('sell_status', '1')
recommend = bod.get('recommend', '2')
put_price = bod.get('put_price', '0')
goods_price = bod.get('goods_price', '')
user = request.user.last_name
on_time = str_to_date(on_time)
off_time = str_to_date(off_time)
today = datetime.date.today()
# 判断请求方式以及上架状态
if (request.method == 'PUT') and (on_time <= today) and (off_time > today):
return Response({'error': '上架商品无法修改,请先下架'},
status=status.HTTP_400_BAD_REQUEST)
# 单品上架新增信息
s_goods_info = {
"putaway_recent_on_time": on_time,
"putaway_off_time": off_time,
"sell_status": sell_status,
"recommend": recommend,
"put_price": put_price,
"putaway_operator": user,
"goods_price": goods_price
}
# 组合商品上架新增信息
m_goods_info = {
"putaway_recent_on_time": on_time,
"putaway_off_time": off_time,
"sell_status": sell_status,
"recommend": recommend,
"put_price": put_price,
"putaway_operator": user,
}
if goods_sn[0] == 'A':
res = SingleGoods.objects.filter(goods_sn=goods_sn).update(
**s_goods_info)
if goods_sn[0] == 'B':
res = MultipleGoods.objects.filter(m_goods_sn=goods_sn).update(
**m_goods_info)
OperateLog.create_log(request)
return Response({"info": "上架成功"}, status=status.HTTP_200_OK)
def create(self, request, *args, **kwargs):
industry = request.data.get('industry', '').strip()
if industry:
if self.is_unique(industry):
Industry.objects.create(industry=industry)
OperateLog.create_log(request)
return Response(status=status.HTTP_201_CREATED)
else:
return Response({'error': '该行业已存在'},
status=status.HTTP_400_BAD_REQUEST)
else:
return Response({'error': '参数错误,无行业名'},
status=status.HTTP_400_BAD_REQUEST)
def update_all_open_station(request):
if Redis_base().get("all_open_station_status") == 1:
return Response({"status": 1}, status=status.HTTP_200_OK)
else:
handle_update_all_open_station()
request.body = json.dumps({"data": ""}).encode()
request.method = "SCRIPT"
OperateLog.create_log(request)
Redis_base().set("all_open_station_status", 1)
return Response(status=status.HTTP_200_OK)