def update(key, param): """更新记录 [description] Arguments: key string -- 主键 param dict -- [description] return: True | JsonError """ columns = [i for (i, _) in Config.__table__.columns.items()] param = {k: v for k, v in param.items() if k in columns} if 'updated_at' in columns: param['updated_at'] = utime.timestamp(3) if not key: raise JsonError('key 不能为空') try: Config.Update.filter(Config.key == key).update(param) Config.session.commit() return True except Exception as e: Config.session.rollback() SysLogger.error(e) raise JsonError('update error')
def insert(param): """插入 [description] Arguments: id int -- 主键 param dict -- [description] return: True | JsonError """ columns = [i for (i, _) in Article.__table__.columns.items()] param = {k: v for k, v in param.items() if k in columns} if 'created_at' in columns: param['created_at'] = utime.timestamp(3) category_id = param.get('category_id', 0) if not category_id: raise JsonError('文章分类缺失') description = param.get('description', '') if len(description) > 255: raise JsonError('Data too long for \'description\'') try: obj = Article(**param) Article.session.add(obj) Article.session.commit() return True except Exception as e: Article.session.rollback() SysLogger.error(e) raise JsonError('insert error')
def update(id, param): """更新记录 [description] Arguments: id int -- 主键 param dict -- [description] return: True | JsonError """ columns = [i for (i, _) in AdminRole.__table__.columns.items()] param = {k:v for k,v in param.items() if k in columns} if 'updated_at' in columns: param['updated_at'] = utime.timestamp(3) if not id: raise JsonError('ID 不能为空') try: AdminRole.Update.filter(AdminRole.id == id).update(param) AdminRole.session.commit() return True except Exception as e: AdminRole.session.rollback() SysLogger.error(e) raise JsonError('update error')
def admin_user_post(self, *args, **kwargs): """新增管理员""" role_id = self.get_argument('role_id', None) username = self.get_argument('username', None) password = self.get_argument('password', None) email = self.get_argument('email', None) mobile = self.get_argument('mobile', None) status = self.get_argument('status', '1') permission = self.get_argument('permission', []) rsa_encrypt = self.get_argument('rsa_encrypt', 1) if not username: raise JsonError('用户名不能为空') if not password: raise JsonError('密码不能为空') param = { 'status': status, 'username': username, 'password': password, 'mobile': mobile, 'email': email, 'permission': permission, 'role_id': role_id } AdminUserService.insert(param) return self.success()
def wrapper( # type: ignore self: RequestHandler, *args, **kwargs) -> Optional[Awaitable[None]]: if not self.current_user: if self.request.method in ("GET", "HEAD"): url = self.get_login_url() next_url = '' if "?" not in url: if urllib.parse.urlsplit(url).scheme: # if login url is absolute, make next absolute too next_url = self.request.full_url() else: assert self.request.uri is not None next_url = self.request.uri url += "?" + urllib.parse.urlencode( dict(redirect=next_url)) data = { 'login_url': url, 'next_url': next_url, } accept = self.request.headers.get('Accept', '') if accept.startswith('application/json'): raise JsonError('请重新登录', 706) else: return self.redirect(url) raise JsonError('请重新登录....', 706) return method(self, *args, **kwargs)
def upload(current_uid, ip, action, imgfile, path): action_set = ( 'adad', 'article/thumb', 'article/regulation', 'article/news', 'avatar', 'friendlink', 'goods/thumb', 'product', ) if action not in action_set: raise JsonError('不支持的action') resp_data = [] for img in imgfile: # 对文件进行重命名 file_ext = FileUtil.file_ext(img['filename']) path = '%s/' % path file_md5 = func.md5(img['body']) save_name = f'{file_md5}.{file_ext}' try: param = Uploader.upload_img(file_md5, img, save_name, path, { 'user_id': current_uid, 'ip': ip, }) resp_data.append(param) except Exception as e: if settings.debug: raise e SysLogger.error(e) raise JsonError('上传失败') return resp_data
def insert(param): """插入 [description] Arguments: id int -- 主键 param dict -- [description] return: True | JsonError """ columns = [i for (i, _) in Advertising.__table__.columns.items()] param = {k:v for k,v in param.items() if k in columns} if 'created_at' in columns: param['created_at'] = utime.timestamp(3) description = param.get('description', '') if len(description) > 255: raise JsonError('Data too long for \'description\'') if 'start_at' in param.keys(): param['start_at'] = param['start_at'] if param['start_at'].isnumeric() else 0 if 'end_at' in param.keys(): param['end_at'] = param['end_at'] if param['end_at'].isnumeric() else 0 try: obj = Advertising(**param) Advertising.session.add(obj) Advertising.session.commit() return True except Exception as e: Advertising.session.rollback() SysLogger.error(e) raise JsonError('insert error')
def update(id, param): """更新记录 [description] Arguments: id int -- 主键 param dict -- [description] return: True | JsonError """ columns = [i for (i, _) in Goods.__table__.columns.items()] param = {k: v for k, v in param.items() if k in columns} if 'updated_at' in columns: param['updated_at'] = utime.timestamp(3) if not id: raise JsonError('ID 不能为空') if 'thumb' in param.keys(): try: param['thumb'] = json_decode(param['thumb']) except Exception as e: param['thumb'] = {} try: Goods.Update.filter(Goods.id == id).update(param) Goods.session.commit() return True except Exception as e: Goods.session.rollback() SysLogger.error(e) raise JsonError('update error')
def update(user_id, param, rsa_encrypt=0): """ 保存用户数据 :param user: 用户数据字典 :param rsa_encrypt: :param user_id: :return: """ columns = [i for (i, _) in AdminUser.__table__.columns.items()] param = {k: v for k, v in param.items() if k in columns} if 'updated_at' in columns: param['updated_at'] = utime.timestamp(3) if 'username' in param.keys(): if param['username']: if AdminUserService.check_username(param['username'], user_id): raise JsonError('名称已被占用') else: del param['username'] if 'password' in param.keys(): if param['password']: if settings.login_pwd_rsa_encrypt and int( rsa_encrypt) == 1 and len(param['password']) > 4: private_key = sys_config('login_rsa_priv_key') param['password'] = RSAEncrypter.decrypt( param['password'], private_key) param['password'] = make_password(param['password']) else: del param['password'] if 'email' in param.keys(): if param['email']: if AdminUserService.check_email(param['email'], user_id): raise JsonError('邮箱已被占用') else: param['email'] = None if 'mobile' in param.keys(): if param['mobile']: if AdminUserService.check_mobile(param['mobile'], user_id): raise JsonError('电话号码已被占用') else: param['mobile'] = None try: if user_id: AdminUser.Update.filter(AdminUser.id == user_id).update(param) else: obj = AdminUser(**param) AdminUser.session.add(obj) except Exception as e: raise e else: AdminUser.session.commit() return True
def unlock_user(user_id, password): is_rsa = sys_config('login_pwd_rsa_encrypt') if int(is_rsa) == 1: private_key = sys_config('login_rsa_priv_key') try: password = RSAEncrypter.decrypt(password, private_key) except Exception as e: raise JsonError(msg='签名失败', code=11) user = AdminUser.Q.filter(AdminUser.id == user_id).first() if user is None: raise JsonError('用户信息出错') if check_password(password, user.password) == False: raise JsonError('密码错误') return True
def page_list(where, page, per_page): """列表记录 Arguments: where dict -- 查询条件 page int -- 当前页 per_page int -- 每页记录数 return: Paginate 对象 | None """ query = Goods.Q if 'id' in where.keys(): query = query.filter(Goods.id == where['id']) if 'title' in where.keys(): query = query.filter(Goods.title == where['title']) if 'status' in where.keys(): query = query.filter(Goods.status == where['status']) else: query = query.filter(Goods.status != -1) if 'recommended' in where.keys(): query = query.filter(Goods.recommended == where['recommended']) pagelist_obj = query.paginate(page=page, per_page=per_page) if pagelist_obj is None: raise JsonError('暂无数据') return GoodsAssembler.page_list(pagelist_obj, page, per_page)
def page_list(where, page, per_page): """列表记录 Arguments: where dict -- 查询条件 page int -- 当前页 per_page int -- 每页记录数 return: Paginate 对象 | None """ query = AdminUser.Q if 'mobile' in where.keys(): query = query.filter(AdminUser.mobile == where['mobile']) if 'username' in where.keys(): query = query.filter(AdminUser.username == where['username']) if 'role_id' in where.keys(): query = query.filter(AdminUser.role_id == where['role_id']) if 'status' in where.keys(): query = query.filter(AdminUser.status == where['status']) else: query = query.filter(AdminUser.status != -1) pagelist_obj = query.paginate(page=page, per_page=per_page) if pagelist_obj is None: raise JsonError('暂无数据') return AdminUserAssembler.page_list(pagelist_obj, page, per_page)
def insert(param): """插入 [description] Arguments: id int -- 主键 param dict -- [description] return: True | JsonError """ columns = [i for (i, _) in AdminRole.__table__.columns.items()] param = {k:v for k,v in param.items() if k in columns} if 'created_at' in columns: param['created_at'] = utime.timestamp(3) try: obj = AdminRole(**param) AdminRole.session.add(obj) AdminRole.session.commit() return True except Exception as e: AdminRole.session.rollback() SysLogger.error(e) raise JsonError('insert error')
def page_list(where, page, per_page): """列表记录 Arguments: where dict -- 查询条件 page int -- 当前页 per_page int -- 每页记录数 return: Paginate 对象 | None """ query = Friendlink.Q if 'title' in where.keys(): query = query.filter(Friendlink.title == where['title']) if 'status' in where.keys(): query = query.filter(Friendlink.status == where['status']) else: query = query.filter(Friendlink.status != -1) query = query.order_by(Friendlink.sort.desc()) pagelist_obj = query.paginate(page=page, per_page=per_page) if pagelist_obj is None: raise JsonError('暂无数据') return pagelist_obj
def menu_list(uid): """ 获取菜单树 """ if not(uid>0): raise JsonError('请登录', 706) menu_json = os.path.join(settings.ROOT_PATH, 'datas', 'json', 'menu.json') menus = [] try: with open(menu_json) as f: menus = json.loads(f.read()) except Exception as e: pass user = AdminUser.Q.filter(AdminUser.id==uid).first() if AdminUserService.is_super_role(uid, user.role_id): return menus # print('query.statement: ', query.statement) permission = user.user_permission + user.role_permission if user else [] def _filter_permission(m1): """ 检查菜单是否存在授权列表中 """ if not m1: return False name = m1.get('name', '') if name not in permission: return False m1['children'] = list(filter(_filter_permission, m1.get('children', []))) return m1 return list(filter(_filter_permission, menus))
def page_list(where, page, per_page): """列表记录 Arguments: where dict -- 查询条件 page int -- 当前页 per_page int -- 每页记录数 return: Paginate 对象 | None """ query = Goods.Q if 'id' in where.keys(): query = query.filter(Goods.id == where['id']) if 'title' in where.keys(): query = query.filter(Goods.title == where['title']) if 'status' in where.keys(): query = query.filter(Goods.status == where['status']) else: query = query.filter(Goods.status != -1) if 'recommended' in where.keys(): query = query.filter(Goods.recommended == where['recommended']) pagelist_obj = query.paginate(page=page, per_page=per_page) if pagelist_obj is None: raise JsonError('暂无数据') category_map = {} category_ids = [obj.category_id for obj in pagelist_obj.items] category_list = GoodsCategoryService.category_list(category_ids) for category in category_list: category_map[category.id] = category return GoodsAssembler.page_list(pagelist_obj, page, per_page, category_map)
def insert(param): """插入 [description] Arguments: id int -- 主键 param dict -- [description] return: True | JsonError """ columns = [i for (i, _) in Goods.__table__.columns.items()] param = {k: v for k, v in param.items() if k in columns} if 'created_at' in columns: param['created_at'] = utime.timestamp(3) if 'thumb' in param.keys(): try: param['thumb'] = json_decode(param['thumb']) except Exception as e: param['thumb'] = {} raise e else: param['thumb'] = {} try: obj = Goods(**param) Goods.session.add(obj) Goods.session.commit() return True except Exception as e: Goods.session.rollback() SysLogger.error(e) raise JsonError('insert error')
def menu_init_get(self): """获取特定版本所有菜单 | 超级管理员才有的权限,编辑菜单之前调用 """ if not self.super_role(): # 非超级管理员 raise JsonError('未授权', 401) # self.apis = AdminMenuService.api_node_list() def filter_menu(i2): """ 根据name过滤menu里面已经存在的API """ if not i2: return [] try: name = i2.get('name', '') children = i2.get('children', []) if name in self.apis.keys(): # print('name ', name, type(self.apis), self.apis.keys()) # 根据name过滤menu里面已经存在的API i2['name'] = self.apis[name]['name'] # i2['title'] = self.apis[name]['title'] # path 以后台配置为准,所以不需要覆盖 path i2['method'] = self.apis[name]['method'] self.apis.pop(name) i2['children'] = [filter_menu(i3) for i3 in children] return i2 except Exception as e: # print('i2', i2) raise e menu_list = AdminMenuService.menu_list(1) # 一定要先执行 filter_menu/1 再返回self.apis.items() left = [filter_menu(i2) for i2 in menu_list] # right = [i1 for (k,i1) in self.apis.items()] right = [] return self.success(data={'right': right, 'left': left})
def admin_user_put(self, id, *args, **kwargs): role_id = self.get_argument('role_id', None) username = self.get_argument('username', None) password = self.get_argument('password', None) rsa_encrypt = self.get_argument('rsa_encrypt', '0') email = self.get_argument('email', None) mobile = self.get_argument('mobile', None) status = self.get_argument('status', '0') permission = self.get_argument('permission', []) if not id: raise JsonError('Edit用户ID不能为空') param = { 'id': id, 'status': status, 'username': username, 'mobile': mobile, 'email': email } param['permission'] = '[]' try: param['permission'] = json.dumps(permission) except Exception as e: pass if role_id: param['role_id'] = role_id AdminUserService.update(id, param, rsa_encrypt) return self.success(data=param)
def is_super_role(uid, role_id=0): """"判断当前用户是否超级用户""" if not uid: raise JsonError('用户ID不能为空') if not role_id: user = AdminUserService.get(uid) role_id = user.role_id if user else 0 return True if (int(uid) in settings.SUPER_ADMIN) or ( int(role_id) == settings.SUPER_ROLE_ID) else False
def unlock_user(self): """锁屏解锁""" password = self.get_argument('password', None) if not password: raise JsonError('请输入密码') current_uid = self.current_user.get('id', 0) AdminUserService.unlock_user(current_uid, password) return self.success()
def menu_post(self): """保存修改的菜单 | 超级管理员才有的权限 """ if not self.super_role(): # 非超级管理员 raise JsonError('未授权', 401) tree = self.get_argument('tree') if '\\u' in tree: tree = tree.encode('utf-8').decode('unicode_escape') # print('tree ', type(tree), tree) try: tree = json.loads(tree) AdminMenuService.save_data(tree) except JsonError as e: raise e except json.decoder.JSONDecodeError as e: raise JsonError('需要json数据') except Exception as e: raise e self.success()
def admin_change_pwd(self): """ 修改密码 :return: """ password = self.get_argument('password', None) rsa_encrypt = self.get_argument('rsa_encrypt', None) admin_id = self.get_argument('admin_id', None) if password is None or rsa_encrypt is None or admin_id is None: raise JsonError('参数必须') AdminUserService.change_pwd(password, rsa_encrypt, admin_id) return self.success()
def update(id, param): """更新记录 [description] Arguments: id int -- 主键 param dict -- [description] return: True | JsonError """ columns = [i for (i, _) in Advertising.__table__.columns.items()] param = {k:v for k,v in param.items() if k in columns} if 'updated_at' in columns: param['updated_at'] = utime.timestamp(3) if 'start_at' in param.keys(): param['start_at'] = param['start_at'] if param['start_at'].isnumeric() else 0 if 'end_at' in param.keys(): param['end_at'] = param['end_at'] if param['end_at'].isnumeric() else 0 description = param.get('description', '') if len(description) > 255: raise JsonError('Data too long for \'description\'') if not id: raise JsonError('ID 不能为空') try: Advertising.Update.filter(Advertising.id == id).update(param) Advertising.session.commit() return True except Exception as e: Advertising.session.rollback() SysLogger.error(e) raise JsonError('update error')
def update(id, param): """更新记录 [description] Arguments: id int -- 主键 param dict -- [description] return: True | JsonError """ columns = [i for (i, _) in Article.__table__.columns.items()] param = {k: v for k, v in param.items() if k in columns} if 'updated_at' in columns: param['updated_at'] = utime.timestamp(3) description = param.get('description', '') if len(description) > 255: raise JsonError('Data too long for \'description\'') if not id: raise JsonError('ID 不能为空') status = param.get('status', None) category_id = param.get('category_id', 0) if not category_id: raise JsonError('文章分类缺失') try: Article.Update.filter(Article.id == id).update(param) Article.session.commit() return True except Exception as e: Article.session.rollback() SysLogger.error(e) raise JsonError('update error')
def get(id): """获取单条记录 [description] Arguments: id int -- 主键 return: Friendlink Model 实例 | None """ if not id: raise JsonError('ID不能为空') obj = Friendlink.Q.filter(Friendlink.id == id).first() return obj
def get(key): """获取单条记录 [description] Arguments: key string -- 主键 return: Config Model 实例 | None """ if not key: raise JsonError('key不能为空') obj = Config.Q.filter(Config.key == key).first() return obj
def get(id): """获取单条记录 [description] Arguments: id int -- 主键 return: AdminRole Model 实例 | None """ if not id: raise JsonError('ID不能为空') obj = AdminRole.Q.filter(AdminRole.id == id).first() return obj
def get(id): """获取单条记录 [description] Arguments: id int -- 主键 return: UserFriendNotice Model 实例 | None """ if not id: raise JsonError('ID不能为空') obj = UserFriendNotice.Q.filter(UserFriendNotice.id == id).first() return obj
def get(id): """获取单条记录 [description] Arguments: id int -- 主键 return: GoodsCategory Model 实例 | None """ if not id: raise JsonError('ID不能为空') obj = GoodsCategory.Q.filter(GoodsCategory.id == id).first() return obj