class AdminGroup(db.Document):
""" 管理组 """
name = db.StringField(max_length=50, verbose_name='组名')
power = db.ListField(db.ReferenceField('View'), verbose_name='使用权限')
can_create = db.ListField(db.ReferenceField('View'), verbose_name='创建权限')
can_edit = db.ListField(db.ReferenceField('View'), verbose_name='编辑权限')
can_delete = db.ListField(db.ReferenceField('View'), verbose_name='删除权限')
updated_at = db.DateTimeField(default=datetime.now, verbose_name='更新时间')
created_at = db.DateTimeField(default=datetime.now, verbose_name='创建时间')
def __unicode__(self):
return self.name
def __repr__(self):
return '<AdminGroup {name!r}>'.format(name=self.name)
@cached_property
def power_list(self):
return [x.name for x in self.power]
@cached_property
def can_create_list(self):
return [x.name for x in self.can_create]
@cached_property
def can_edit_list(self):
return [x.name for x in self.can_edit]
@cached_property
def can_delete_list(self):
return [x.name for x in self.can_delete]
class AdminLoginLog(db.Document):
""" 管理员登录日志 """
TYPE = db.choices(LOGIN='******', LOGOUT='退出登录', ERROR='登录认证失败')
user = db.ReferenceField('AdminUser', verbose_name='用户')
log_type = db.StringField(choices=TYPE.CHOICES, verbose_name='类型')
useragent = db.StringField(verbose_name='用户代理(UA)')
ip = db.StringField(max_length=20, verbose_name='IP')
created_at = db.DateTimeField(default=datetime.now, verbose_name='创建时间')
@staticmethod
def log(user, log_type, **kwargs):
ua = kwargs.get('ua', get_useragent())
ip = kwargs.get('ip', get_ip())
AdminLoginLog(user=user, log_type=log_type, useragent=ua, ip=ip).save()
@staticmethod
def login(user):
AdminLoginLog.log(user, AdminLoginLog.TYPE.LOGIN)
@staticmethod
def logout(user):
AdminLoginLog.log(user, AdminLoginLog.TYPE.LOGOUT)
@staticmethod
def error(user):
AdminLoginLog.log(user, AdminLoginLog.TYPE.ERROR)
class AdminUser(db.Document):
""" 管理员 """
uid = db.StringField(max_length=50, verbose_name='UID')
username = db.StringField(max_length=50, verbose_name='用户名')
password = db.StringField(max_length=128, verbose_name='密码')
group = db.ReferenceField('AdminGroup', verbose_name='管理组')
is_root = db.BooleanField(default=False, verbose_name='是否超级管理员')
active = db.BooleanField(default=True, verbose_name='是否激活')
freezed_at = db.DateTimeField(verbose_name='冻结时间')
logined_at = db.DateTimeField(default=datetime.now, verbose_name='登录时间')
updated_at = db.DateTimeField(default=datetime.now, verbose_name='更新时间')
created_at = db.DateTimeField(default=datetime.now, verbose_name='创建时间')
meta = dict(
ordering=['-created_at'],
)
def __unicode__(self):
return self.username
def __repr__(self):
return '<AdminUser {username!r}>'.format(username=self.username)
@property
def is_authenticated(self):
""" 是否登录 """
return True
@property
def is_active(self):
""" 是否激活 """
return self.active
@property
def is_anonymous(self):
""" 是否游客 """
return False
def get_id(self):
return str(self.username)
def hash_password(self, password):
""" hash算法加密密码 """
# 在python3中,你需要使用在generate_password_hash()上使用decode('utf-8')方法
self.password = bcrypt.generate_password_hash(password).decode('utf-8')
def verify_password(self, password):
""" 验证密码 """
return bcrypt.check_password_hash(self.password, password)
class AdminChangeLog(db.Document):
""" 管理员操作日志 """
TYPE = db.choices(CREATE='创建', EDIT='编辑', DELETE='删除')
user = db.ReferenceField('AdminUser', verbose_name='用户')
log_type = db.StringField(choices=TYPE.CHOICES, verbose_name='类型')
model = db.StringField(verbose_name='模块')
before_data = db.StringField(verbose_name='操作前数据')
after_data = db.StringField(verbose_name='操作后数据')
useragent = db.StringField(verbose_name='用户代理(UA)')
ip = db.StringField(max_length=20, verbose_name='IP')
created_at = db.DateTimeField(default=datetime.now, verbose_name='创建时间')
@staticmethod
def log(user, log_type, model, before_data, after_data, **kwargs):
ua = kwargs.get('ua', get_useragent())
ip = kwargs.get('ip', get_ip())
AdminChangeLog(user=user,
log_type=log_type,
model=model,
before_data=before_data,
after_data=after_data,
useragent=ua,
ip=ip).save()
@staticmethod
def change_data(user, model, **kwargs):
""" 变更数据 """
before = dict(id=model.id)
after = dict(id=model.id)
if kwargs.get('form'):
try:
for k, v in kwargs.get('form').data.items():
if v != model[k]:
before[k] = model[k]
after[k] = v
except:
pass
else:
before = model.to_mongo()
if kwargs.get('log_type') == AdminChangeLog.TYPE.DELETE:
after = ''
AdminChangeLog.log(
user=user,
log_type=kwargs.get('log_type'),
model=model.__class__.__name__,
before_data=str(before),
after_data=str(after),
)
@staticmethod
def ajax_change(user, model, **kwargs):
before_data = dict(id=kwargs.get('id'))
after_data = dict(id=kwargs.get('id'))
key = kwargs.get('key')
before_data[key] = kwargs.get('before_data')
after_data[key] = kwargs.get('after_data')
AdminChangeLog.log(
user=user,
model=model.__name__,
before_data=str(before_data),
after_data=str(after_data),
log_type=AdminChangeLog.TYPE.EDIT,
)