def GetSearchConditional(userInfo, permissionScopeCode, search, roleIds, enabled, auditStates, departmentId): """ 获取SQL查询串 Args: permissionScopeCode (string): 权限码 search (string): 查询字段 roleIds (string[]): 用户角色ID字典 enabled (string): 启用标志 auditStates (string): 审核状态 departmentId (string): 组织机构ID Returns: returnValue (int): SQL组合查询串 """ LogService.WriteLog(userInfo, __class__.__name__, FrameworkMessage.UserService, sys._getframe().f_code.co_name, FrameworkMessage.UserService_UpdateUser, '') #easyui search whereConditional = 'piuser.DELETEMARK = 0 AND piuser.ISVISIBLE = 1 ' if enabled: whereConditional = whereConditional + ' AND ( piuser.ENABLED = 1 ) ' if search: whereConditional = whereConditional + ' AND ( piuser.USERNAME LIKE \'' + search + '\'' \ + ' OR piuser.CODE LIKE \'' + search + '\'' \ + ' OR piuser.REALNAME LIKE \'' + search + '\'' \ + ' OR piuser.QUICKQUERY LIKE \'' + search + '\'' \ + ' OR piuser.DEPARTMENTNAME LIKE \'' + search + '\'' \ + ' OR piuser.DESCRIPTION LIKE \'' + search + '\')' if departmentId: organizeIds = OrganizeService.GetChildrensById(None, departmentId) if len(organizeIds) > 0: whereConditional = whereConditional + ' AND (piuser.COMPANYID IN (' + StringHelper.ArrayToList(None, organizeIds, '\'') + ')' \ + ' OR piuser.COMPANYID IN (' + StringHelper.ArrayToList(None, organizeIds, '\'') + ')' \ + ' OR piuser.DEPARTMENTID IN (' + StringHelper.ArrayToList(None, organizeIds, '\'') + ')' \ + ' OR piuser.SUBDEPARTMENTID IN (' + StringHelper.ArrayToList(None, organizeIds, '\'') + ')' \ + ' OR piuser.WORKGROUPID IN (' + StringHelper.ArrayToList(None, organizeIds, '\'') + '))' whereConditional = whereConditional + ' OR piuser.ID IN (' \ + ' SELECT ID' \ + ' FROM piuser' \ + ' WHERE (piuserorganize.DELETEMARK = 0)' \ + ' AND (' \ + ' piuserorganize.COMPANYID=' + departmentId + '\' OR ' \ + ' piuserorganize.SUBCOMPANYID=' + departmentId + '\' OR ' \ + ' piuserorganize.DEPARTMENTID=' + departmentId + '\' OR ' \ + ' piuserorganize.SUBDEPARTMENTID=' + departmentId + '\' OR ' \ + ' piuserorganize.WORKGROUPID=' + departmentId + '\'))' if auditStates: whereConditional = whereConditional + ' AND (piuser.AUDITSTATUS=\'' + auditStates + '\')' if roleIds: roles = StringHelper.ArrayToList(None, roleIds, '\'') whereConditional = whereConditional + ' AND (piuser.ID IN ( SELECT USERID FROM piuserrole WHERE ROLEID IN (' + roles + ')))' return whereConditional
def GetDTByOrganize(userInfo, organizeId, containChildren): """ 按组织结构获取员工列表 Args: organizeId (string): 组织结构id containChildren (bool): 组织结构是否包含子机构 Returns: returnValue (List): 员工列表 """ LogService.WriteLog(userInfo, __class__.__name__, FrameworkMessage.StaffService, sys._getframe().f_code.co_name, FrameworkMessage.StaffService_GetDTByOrganize, organizeId) if containChildren: organizeIds = OrganizeService.GetChildrensById(None, organizeId) staffIds = [] for staff in Pistafforganize.objects.filter(Q(organizeid__in=organizeIds) & Q(deletemark=0)): staffIds.append(staff.staffid) returnValue = Pistaff.objects.filter(Q(id__in=staffIds) & Q(deletemark=0)).order_by('sortcode') return returnValue else: starffIds = [] for staff in Pistafforganize.objects.filter(Q(organizeid=organizeId) & Q(deletemark=0)): starffIds.append(staff.staffid) returnValue = Pistaff.objects.filter(Q(id__in=starffIds) & Q(deletemark=0)).order_by('sortcode') return returnValue
def GetDepartmentUsers(userInfo, departmentId, containChildren): """ 得到指定部门包含的用户列表 Args: departmentId (string): 部门主键 containChildren (string): 是否包含子部门 Returns: returnValue (List[Dic[Piuser]]): 用户列表 """ LogService.WriteLog(userInfo, __class__.__name__, FrameworkMessage.UserService, sys._getframe().f_code.co_name, FrameworkMessage.UserService_GetDepartmentUsers, departmentId + '/' + containChildren) returnValue = [] if not departmentId: returnValue = Piuser.objects.filter( Q(deletemark=0)).order_by('sortcode') elif containChildren: organizeIds = OrganizeService.GetChildrensIdByCode( None, Piorganize.objects.get(id=departmentId).code) returnValue = UserSerivce.GetDTByOrganizes(None, organizeIds) else: returnValue = UserSerivce.GetDataTableByDepartment( None, departmentId) return returnValue
def MoveTo(request): try: organizeId = request.POST['organizeId'] parentId = request.POST['parentId'] except: organizeId = None parentId = None if organizeId and parentId: returnValue = OrganizeService.MoveTo(None, organizeId, parentId) if returnValue: response = HttpResponse() response.content = json.dumps({ 'Success': True, 'Data': '1', 'Message': '移动成功!' }) return response else: response = HttpResponse() response.content = json.dumps({ 'Success': False, 'Data': '0', 'Message': '移动失败!' }) return response
def GetEntity(request): try: key = request.POST['key'] except: key = None entity = OrganizeService.GetEntity(None, key) response = HttpResponse() response.content = entity.toJSON() return response
def GetDTByPage(userInfo, searchValue, departmentId, roleId, pageSize=50, order=None): """ 分页查询 Args: searchValue (string): 查询字段 departmentId (string): 部门主键 roleId (string): 角色主键 pageSize (int): 每页显示 order (string): 排序 Returns: returnValue (Paginator): 用户分页列表 """ LogService.WriteLog(userInfo, __class__.__name__, FrameworkMessage.UserService, sys._getframe().f_code.co_name, FrameworkMessage.UserService_GetDTByPage, '') #countSqlQuery =' SELECT * FROM ' + Piuser._meta.db_table + ' WHERE ' countSqlQuery = 'SELECT PIUSER.* ,PIUSERLOGON.FIRSTVISIT,PIUSERLOGON.PREVIOUSVISIT,PIUSERLOGON.LASTVISIT,PIUSERLOGON.IPADDRESS,PIUSERLOGON.MACADDRESS,PIUSERLOGON.LOGONCOUNT,PIUSERLOGON.USERONLINE FROM PIUSER LEFT OUTER JOIN PIUSERLOGON ON PIUSER.ID = PIUSERLOGON.ID WHERE ' whereConditional = Piuser._meta.db_table + '.DELETEMARK' + ' = 0 ' \ + " AND " + Piuser._meta.db_table + '.ENABLED' + ' = 1 ' \ + " AND " + Piuser._meta.db_table + '.ISVISIBLE' + ' = 1 ' if departmentId: organizeIds = OrganizeService.GetChildrensById(None, departmentId) if len(organizeIds) != 0: whereConditional = whereConditional + " AND (" + Piuser._meta.db_table + '.COMPANYID IN (' + StringHelper.ArrayToList(None,organizeIds,"\'") + ')' \ + " OR " + Piuser._meta.db_table + '.SUBCOMPANYID IN (' + StringHelper.ArrayToList(None,organizeIds,"\'") + ')' \ + " OR " + Piuser._meta.db_table + '.DEPARTMENTID IN (' + StringHelper.ArrayToList(None,organizeIds,"\'") + ')' \ + " OR " + Piuser._meta.db_table + '.SUBDEPARTMENTID IN (' + StringHelper.ArrayToList(None,organizeIds,"\'") + ')' \ + " OR " + Piuser._meta.db_table + '.WORKGROUPID IN (' + StringHelper.ArrayToList(None,organizeIds,"\'") + '))' if roleId: whereConditional = whereConditional + ' AND ( ' + Piuser._meta.db_table + '.ID IN' \ + ' (SELECT USERID FROM ' + Piuserrole._meta.db_table \ + ' WHERE ROLEID = \'' + roleId + '\'' \ + ' AND ENABLED = 1' \ + ' AND DELETEMARK = 0 ))' if searchValue: whereConditional = whereConditional + " AND (" + searchValue + ')' if order: whereConditional = whereConditional + " ORDER BY " + order countSqlQuery = countSqlQuery + ' ' + whereConditional userList = DbCommonLibaray.executeQuery(None, countSqlQuery) returnValue = Paginator(userList, pageSize) return returnValue
def GetOrganizeScope(userInfo, permissionItemScopeCode, isInnerOrganize): """ 获取组织机构权限域数据 Args: Returns: """ if userInfo.IsAdministrator or (not permissionItemScopeCode) or (not SystemInfo.EnableUserAuthorizationScope): dataTable = OrganizeService.GetDT(None) else: dataTable = ScopPermission.GetOrganizeDTByPermissionScope(None, userInfo, userInfo.Id, permissionItemScopeCode) if isInnerOrganize and dataTable: dataTable = dataTable.filter(Q(isinnerorganize='1')).order_by('sortcode') return dataTable
def Delete(request): try: key = request.POST['key'] except: key = '' returnValue = OrganizeService.SetDeleted(None, [key]) if returnValue: response = HttpResponse() response.content = json.dumps({'Success': True, 'Data': '1', 'Message': FrameworkMessage.MSG0013}) return response else: response = HttpResponse() response.content = json.dumps({'Success': False, 'Data': '0', 'Message': FrameworkMessage.MSG3020}) return response
def GetOrganizeByCategory(request): try: organizeCategory = request.GET['organizeCategory'] except: organizeCategory = '' returnValue = "[]" dtOrganize = OrganizeService.GetDTByValues(None, {'category':organizeCategory, 'enabled':1, 'deletemark':0}) if dtOrganize and len(dtOrganize) > 0: returnValue = '[' for org in dtOrganize: returnValue = returnValue + org.toJSON() + "," returnValue = returnValue.strip(",") returnValue = returnValue + "]" response = HttpResponse() response.content = returnValue return response return returnValue
def GetSearchConditional(self, userInfo, permissionScopeCode, search, roleIds, enabled, auditStates, departmentId): LogService.WriteLog(userInfo, __class__.__name__, FrameworkMessage.UserService, sys._getframe().f_code.co_name, FrameworkMessage.UserService_GetSearchConditional, '') search = StringHelper.GetSearchString(self, search) whereConditional = 'piuser.deletemark=0 and piuser.isvisible=1 ' if not enabled == None: if enabled == True: whereConditional = whereConditional + " and ( piuser.enabled = 1 )" else: whereConditional = whereConditional + " and ( piuser.enabled = 0 )" if search: whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'username' + " LIKE '" + search + "'" \ + " OR " + 'piuser' + "." + 'code' + " LIKE '" + search + "'" \ + " OR " + 'piuser' + "." + 'realname' + " LIKE '" + search + "'" \ + " OR " + 'piuser' + "." + 'quickquery' + " LIKE '" + search + "'" \ + " OR " + 'piuser' + "." + 'departmentname' + " LIKE '" + search + "'" \ + " OR " + 'piuser' + "." + 'description' + " LIKE '" + search + "')" if departmentId: organizeIds = OrganizeService.GetChildrensById(self, departmentId) if organizeIds and len(organizeIds) > 0: whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'companyid' + " IN (" + StringHelper.ArrayToList(self, organizeIds,"'") + ")" \ + " OR " + 'piuser' + "." + 'companyid' + " IN (" + StringHelper.ArrayToList(self, organizeIds, "'") + ")" \ + " OR " + 'piuser' + "." + 'departmentid' + " IN (" + StringHelper.ArrayToList(self, organizeIds, "'") + ")" \ + " OR " + 'piuser' + "." + 'subdepartmentid' + " IN (" + StringHelper.ArrayToList(self, organizeIds, "'") + ")" \ + " OR " + 'piuser' + "." + 'workgroupid' + " IN (" + StringHelper.ArrayToList(self, organizeIds, "'") + "))" whereConditional = whereConditional + " OR " + 'piuser' + "." + 'id' + " IN (" \ + " SELECT " + 'userid' \ + " FROM " + 'piuserorganize' \ + " WHERE (" + 'piuserorganize' + "." + 'deletemark' + " = 0 ) " \ + " AND (" \ + 'piuserorganize' + "." + 'companyid' + " = '" + departmentId + "' OR " \ + 'piuserorganize' + "." + 'subcompanyid' + " = '" + departmentId + "' OR " \ + 'piuserorganize' + "." + 'departmentid' + " = '" + departmentId + "' OR " \ + 'piuserorganize' + "." + 'subdepartmentid' + " = '" + departmentId + "' OR " \ + 'piuserorganize' + "." + 'workgroupid' + " = '" + departmentId + "')) " if auditStates: whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'auditstatus' + " = '" + auditStates + "')" if roleIds and len(roleIds) > 0: roles = StringHelper.ArrayToList(self, roleIds, "'") whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'id' + " IN (" + "SELECT " + 'userid' + " FROM " + 'piuserrole' + " WHERE " + 'roleid' + " IN (" + roles + ")" + "))" if (not userInfo.IsAdministrator ) and SystemInfo.EnableUserAuthorizationScope: permissionScopeItemId = PermissionItemService.GetId( self, permissionScopeCode) if permissionScopeItemId: #从小到大的顺序进行显示,防止错误发生 organizeIds = PermissionScopeService.GetOrganizeIds( self, userInfo.Id, permissionScopeCode) #没有任何数据权限 if PermissionScope.PermissionScopeDic.get('No') in organizeIds: whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'id' + " = NULL ) " #按详细设定的数据 if PermissionScope.PermissionScopeDic.get( 'Detail') in organizeIds: userIds = PermissionScopeService.GetUserIds( self, userInfo.Id, permissionScopeCode) whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'id' + " IN (" + StringHelper.ObjectsToList( userIds) + ")) " #自己的数据,仅本人 if PermissionScope.PermissionScopeDic.get( 'User') in organizeIds: whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'id' + " = '" + userInfo.Id + "') " #用户所在工作组数据 if PermissionScope.PermissionScopeDic.get( 'UserWorkgroup') in organizeIds: whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'workgroupid' + " = '" + userInfo.WorkgroupId + "') " #用户所在部门数据 if PermissionScope.PermissionScopeDic.get( 'UserDepartment') in organizeIds: whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'departmentid' + " = '" + userInfo.DepartmentId + "') " #用户所在公司数据 if PermissionScope.PermissionScopeDic.get( 'UserCompany') in organizeIds: whereConditional = whereConditional + " AND (" + 'piuser' + "." + 'companyid' + " = '" + userInfo.CompanyId + "') " #全部数据,这里就不用设置过滤条件了 if PermissionScope.PermissionScopeDic.get( 'All') in organizeIds: pass return whereConditional
def SubmitForm(request): try: IsOk = '1' try: key = request.GET['key'] except: key = None try: Manager = request.GET['Manager'] except: Manager = None try: AssistantManager = request.GET['AssistantManager'] except: AssistantManager = None if not key: Message = "新增成功。" else: Message = "修改成功。" response = HttpResponse() curUser = CommonUtils.Current(response, request) if not key: org = Piorganize() org = org.loadJson(request) if org.managerid: org.manager = UserSerivce.GetEntity(CommonUtils.Current(response, request), org.managerid).realname if org.assistantmanagerid: org.assistantmanager = UserSerivce.GetEntity(CommonUtils.Current(response, request), org.assistantmanagerid).realname org.id = uuid.uuid4() org.deletemark = 0 org.createuserid = curUser.Id org.createon = datetime.datetime.now() org.createby = curUser.RealName org.modifiedon = org.createon org.modifiedby = org.createby org.modifieduserid = curUser.Id returnCode, returnMessage, returnValue = OrganizeService.Add(None, org) if returnCode == StatusCode.statusCodeDic['OKAdd']: response.content = json.dumps({'Success': True, 'Data': IsOk, 'Message': returnMessage}) return response else: response.content = json.dumps({'Success': False, 'Data': '0', 'Message': returnMessage}) return response else: org = OrganizeService.GetEntity(None, key) if org: org = org.loadJson(request) if curUser: org.modifiedby = curUser.RealName org.modifieduserid = curUser.Id returnCode, returnMessage = OrganizeService.Update(None, org) if returnCode == StatusCode.statusCodeDic['OKUpdate']: response.content = json.dumps({'Success': True, 'Data': IsOk, 'Message': returnMessage}) return response else: response.content = json.dumps({'Success': False, 'Data': '0', 'Message': returnMessage}) return response except Exception as e: print(e) response = HttpResponse() response.content = json.dumps({'Success': False, 'Data': '0', 'Message': FrameworkMessage.MSG3020}) return response