def save():
import pyotp
oid = request.form.get("inid")
login_id = request.form.get("inloginid")
user = {}
if strings.is_not_blank(oid):
user = um.get_user_byid(oid)
if user is None:
user = {}
else: # 判断重复
duser = um.get_user_byloginid(login_id)
if duser is not None:
return "用户登录ID已经存在!"
user["loginid"] = login_id
user["name"] = request.form.get("inname")
password = request.form.get("inpassword", None)
if strings.is_not_blank(password):
# 不为空则重置密码
salt, enpassword = um.make_password(password)
user["salt"] = salt
user["password"] = enpassword
user['email'] = request.form.get('email', None)
if strings.is_blank(oid):
user['otpsecret'] = pyotp.random_base32()
um.save_user(user)
return "success"
def get():
uid = request.form.get("id")
if strings.is_not_blank(uid):
menu = get_menu(uid)
if menu is not None:
return strings.to_json(menu)
return "failed"
def get():
uid = request.form.get("id")
if strings.is_not_blank(uid):
func = get_function(uid)
if func is not None:
return strings.to_json(func)
return "failed"
def fetch(self, raw=False):
if raw:
sql_arr = [self._sql]
else:
sql_arr = ["select _page.* from (", self._sql, ") _page"]
if strings.is_not_blank(self._order_by_clause):
sql_arr.append("order by")
sql_arr.append(self._order_by_clause)
if self._fetch_rows >= 0:
sql_arr.append("limit " + str(self._start) + "," +
str(self._fetch_rows))
try:
self._context.begin()
cursor = self._build_cursor_sql(" ".join(sql_arr))
fetchall = cursor.fetchall()
logger.debug(" ".join(sql_arr), DAO_LOGGER)
logger.debug(strings.to_json(self._params), DAO_LOGGER)
self._context.commit()
return list(
map(lambda o: dict(zip([k.lower() for k in cursor.keys()], o)),
fetchall))
except Exception as e:
self._context.rollback()
raise e
def login_ajax():
import pyotp
username = request.form.get("username")
password = request.form.get("password")
remember = request.form.get("remember", "") == 'true'
user = get_user_byloginid(username)
if not user:
return 'failed'
# otp verify
if setting.get_bool('system.otp.enabled'):
if strings.is_not_blank(user.get('otpsecret')):
totp = pyotp.TOTP(user.get('otpsecret'))
if not totp.verify(request.form.get('otp', None)):
return 'failed'
if check_user_password(user, password):
set_cookie(
'AUTHTOKEN',
add_umsession(user['id'],
setting.get_int('system.session.timeout', 86400)),
10)
if remember:
set_cookie('USERNAME', user["loginid"], 15)
else:
set_cookie('USERNAME', '', 0)
return "success"
return 'failed'
def wrapper(*args, **kwargs):
from raphael.utils.dao.query import DaoQuery
from collections import Iterable, Sized
g.params = json.loads(request.form.get("params"))
get_result = f(*args, **kwargs)
if isinstance(get_result, DaoQuery):
page_index = int(request.form.get("page_index"))
page_size = int(request.form.get("page_size"))
order_by = request.form.get("order_by")
if strings.is_not_blank(order_by):
get_result.order_by(order_by)
if page_size > 0:
res = get_result.pagination((page_index - 1) * page_size,
page_size).fetch()
else:
res = get_result.fetch()
# call batch
if hasattr(g, 'table_batch'):
res = g.table_batch(res)
result = {"res": res, "count": get_result.count()}
elif isinstance(get_result, (Iterable, Sized)):
result = {"res": list(get_result), "count": len(get_result)}
else:
raise ValueError("get_result is not in reason.")
return strings.to_json(result)
def table():
@webutils.table_batch
def batch(res):
for item in res:
# parse data field
arr = []
if item['type'] == 1: # date
pass
elif item['type'] == 2: # interval
interval = json.loads(item['data'])
for field, unit in ('weeks',
'w'), ('days',
'd'), ('hours',
'h'), ('minutes',
'm'), ('seconds',
's'):
val = num.safe_int(interval[field])
if val:
arr.append(str(val) + unit)
item['data'] = ' '.join(arr)
elif item['type'] == 3: # cron
cron = json.loads(item['data'])
zero_flag = False
for field in 'year', 'day_of_week', 'month', 'day', 'hour', 'minute', 'second':
if cron[field]:
zero_flag = True
arr.append(cron[field])
else:
arr.append('0' if zero_flag else '*')
item['data'] = ' '.join(reversed(arr))
# is in current job list
job = task.get_job(item['id'], models.TASK_DATABASE)
item['active'] = job is not None
# add next run
item['next_run'] = None if job is None else job.next_run_time
return res
cond = {}
if strings.is_not_blank(g.params.get("type", None)):
cond['type'] = num.safe_int(g.params["type"])
if strings.is_not_blank(g.params.get("module", None)):
cond['module'] = g.params["module"]
if strings.is_not_blank(g.params.get("modulelike", None)):
cond['modulelike'] = g.params["modulelike"]
if strings.is_not_blank(g.params.get("sourceid", None)):
cond['sourceid'] = g.params["sourceid"]
return models.find_schedules(**cond)
def get():
uid = request.form.get("id")
if strings.is_not_blank(uid):
user = um.get_user_byid(uid)
if user is not None:
user.pop('password', None)
user.pop('salt', None)
return strings.to_json(user)
return "failed"
def save():
oid = request.form.get("id")
func = {}
if strings.is_not_blank(oid):
func = get_function(oid)
if func is None:
func = {}
func["name"] = request.form.get("name")
save_function(func)
return "success"
def auth_table():
params = {
'sourceentityin': (models.ENTITY_HOST, models.ENTITY_HOSTGROUP,
models.ENTITY_COMMAND, models.ENTITY_COMMANDGROUP,
models.ENTITY_SERVICE, models.ENTITY_SERVICEPOINT),
'grantentityin': (models.ENTITY_USER, models.ENTITY_GROUP),
}
for a in 'sourceentity', 'sourceid', 'grantentity', 'grantid':
val = g.params.get('q' + a)
if strings.is_not_blank(val):
params[a] = val
return um_models.find_auth(**params)
def save():
oid = strings.strip_to_none(request.form.get('id', None))
name = request.form.get('name', None)
if strings.is_blank(name):
return 'Name cannot be blank'
# check duplication
cond = {'name': name}
if strings.is_not_blank(oid):
cond['notid'] = oid
if find_settings(**cond).count() > 0:
return 'Name has already been exist!'
CmSettingCache.save_obj({
'id': oid,
'name': name,
'value': request.form.get('value', None)
})
return 'success'
def user_session():
if request.endpoint is None:
return
from ...modules.user.models import get_user_byid, get_user_byloginid, get_umsession_bytoken
try:
token = webutils.get_cookie('AUTHTOKEN')
if strings.is_not_blank(token):
session = get_umsession_bytoken(token)
if session is not None:
user = get_user_byid(session['user_id'])
if user is not None:
g.curr_user = user
return
webutils.set_cookie('AUTHTOKEN', '', expire_days=0)
g.curr_user = get_user_byloginid('guest')
except:
logger.error_traceback()
def save():
oid = request.form.get("id")
parentid = strings.strip_to_empty(request.form.get('parentid', ''))
menu = {}
if strings.is_not_blank(oid):
menu = get_menu(oid)
if menu is None:
menu = {}
else:
menu['sort'] = find_menu(parentid=parentid).count() + 1
menu["name"] = request.form.get("name", '')
menu['type'] = num.safe_int(request.form.get('type', 0))
menu["url"] = request.form.get("url", None)
menu["target"] = request.form.get("target", None)
menu['parentid'] = parentid
menu['icon'] = request.form.get('icon', '')
menu['mark'] = request.form.get('mark', '')
save_menu(menu)
return "success"
def actual_get(cls, user_id):
import copy
from operator import itemgetter
menus = []
ret = []
if get_user_byid(user_id) is not None:
my_menu_db = find_my_menu_db(user_id).order_by('name').fetch()
menus = copy.deepcopy(my_menu_db)
# serialize
for menu in menus:
if strings.is_blank(menu.get('parentid')):
menu['children'] = []
ret.append(menu)
for menu in menus:
if strings.is_not_blank(menu.get('parentid')):
for m in ret:
if m['id'] == menu['parentid']:
m['children'].append(menu)
for m in ret:
m['children'] = sorted(m['children'], key=itemgetter('sort'))
return sorted(ret, key=itemgetter('sort'))
def table():
cond = {}
qname = g.params.get('qname')
if strings.is_not_blank(qname):
cond['namelike'] = qname
return find_settings(**cond)
def delete(self, table_name, obj):
assert isinstance(obj, dict)
if ("id" in obj) and strings.is_not_blank(obj["id"]):
self.delete_byid(table_name, obj["id"])
def remove_tmp_file():
if strings.is_not_blank(user_id):
try:
os.remove(svg_path)
except:
pass
def _save_cache(cls, key, obj, time=0):
if strings.is_not_blank(key):
return memcached_client.set(cls._get_exact_key(key), obj, time=time)
return None
