def cms_addcmsuser():
if request.method == 'GET':
roles = CMS_Role.query.all()
context = dict(roles=roles)
return render_template('cms/cms_addcmsuser.html', **context)
else:
form = AddCMSUserForm(request.form)
if form.validate():
email = form.email.data
username = form.username.data
password = form.password.data
roles = request.form.getlist('roles[]')
db_user = CMS_User.query.filter_by(email=email).first()
if not db_user:
user = CMS_User(email=email,
username=username,
password=password)
if roles:
for role_id in roles:
role = CMS_Role.query.filter_by(id=role_id).first()
user.roles.append(role)
db.session.add(user)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'必须选择一个分组')
else:
return xtjson.json_params_error(message=u'该邮箱已注册!')
else:
return xtjson.json_params_error(message=form.get_error())
def add_post():
if flask.request.method == 'GET':
boards = BoardModel.query.all()
return flask.render_template('front/front_addpost.html', boards=boards)
else:
form = AddPostForm(flask.request.form)
if form.validate():
title = form.title.data
content = form.content.data
board_id = form.board_id.data
post_model = PostModel(title=title, content=content)
# board_model = BoardModel.query.get(board_id).first()
# board_model = BoardModel.query.filter(BoardModel.id == board_id).first()
board_model = BoardModel.query.filter_by(id=board_id).first()
if not board_model:
return xtjson.json_params_error(message=u'没有该模板!')
post_model.board = board_model
post_model.author = flask.g.front_user
# 写帖子积分+2
post_model.author.points += 2
db.session.add(post_model)
db.session.commit()
# db.session.close()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def add_cmsuser():
if flask.request.method == 'GET':
roles = CMSRole.query.all()
context = {
'roles': roles
}
return flask.render_template('cms/cms_addcmsuser.html', **context)
else:
form = CMSAddUserForm(flask.request.form)
if form.validate():
email = form.email.data
username = form.username.data
password = form.password.data
roles = flask.request.form.getlist('roles[]')
if not roles:
return xtjson.json_params_error(message=u'必须制定最少一个分组!')
user = CMSUser(email=email, username=username, password=password)
for role_id in roles:
role = CMSRole.query.get(role_id)
role.users.append(user)
# user.roles.append(role)
# db.session.add(user)
# 先 user.roles.append(role),再 db.session.add(user)。因为user没有添加到数据库
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def send_message():
phone = request.args.get('phone')
if not phone:
return xtjson.json_params_error(message=u'必须指定一个手机号码')
if xtcache.get(phone):
return xtjson.json_params_error(message=u'验证码已发送,60秒内有效')
app_key = contants.APP_KEY
app_secret = contants.APP_SECRET
req = top.setDefaultAppInfo(app_key,app_secret)
req = top.api.AlibabaAliqinFcSmsNumSendRequest()
req.extend=""
req.sms_type='normal'
req.sms_free_sign_name = contants.ALIDAYU_SIGN_NAME
graph_captcha = captcha.gene_text()
req.sms_param = "{code:%s}"% graph_captcha
req.rec_num = phone.decode('utf-8').encode('ascii')
req.sms_template_code = contants.ALIDAYU_TEMPLATE_CODE
try:
resp = req.getResponse()
xtcache.set(phone,graph_captcha)
print xtcache.get(graph_captcha)
return xtjson.json_result()
except Exception,e:
print e
return xtjson.json_server_error()
def edit_cmsuser():
# /edit_cmsuser/?user_id=xxx
# /edit_cmsuser/xxx/
if flask.request.method == 'GET':
user_id = flask.request.args.get('user_id')
if not user_id:
flask.abort(404)
user = CMSUser.query.get(user_id)
roles = CMSRole.query.all()
current_roles = [role.id for role in user.roles]
context = {
'user': user,
'roles': roles,
'current_roles': current_roles # 存储当前用户所有的角色id
}
return flask.render_template('cms/cms_editcmsuser.html', **context)
else:
user_id = flask.request.form.get('user_id')
roles = flask.request.form.getlist('roles[]')
if not user_id:
return xtjson.json_params_error(message=u'没有指定id!')
if not roles:
return xtjson.json_params_error(message=u'必须指定一个组!')
user = CMSUser.query.get(user_id)
# 清掉之前的角色信息
user.roles[:] = []
# 添加新的角色
for role_id in roles:
role_model = CMSRole.query.get(role_id)
user.roles.append(role_model)
db.session.commit()
return xtjson.json_result()
def edit_cmsuser():
if request.method == 'GET':
id = request.args.get('user_id')
if id:
user = User.query.get(id)
roles = CMSRoles.query.all()
current_id = [role.id for role in user.roles]
context = {'user': user, 'roles': roles, 'current_id': current_id}
return render_template('cms/edit_cmsuser.html', **context)
else:
return flask.abort
else:
roles = request.form.getlist('roles[]')
user_id = request.form.get('user_id')
if not user_id:
return xtjson.json_params_error(message=u'用户id不存在')
if not roles:
return xtjson.json_params_error(message=u'没有指定角色')
user = User.query.get(user_id)
user.roles[:] = []
for role in roles:
role_model = CMSRoles.query.get(role)
user.roles.append(role_model)
db.session.commit()
return xtjson.json_result()
def telphone_captcha():
telphone = flask.request.args.get('telphone')
if not telphone:
return xtjson.json_params_error(message=u'请输入手机号码!')
if xtcache.get(telphone):
return xtjson.json_params_error(message=u'该手机号码已经申请过验证码,请在10分钟后再试!')
telphone_captcha = xtcaptcha.Captcha.gene_text()
xtcache.set(telphone,telphone_captcha,timeout=600) # 10分钟过期
app_key = ''
app_secret = ''
req = top.setDefaultAppInfo(app_key,app_secret)
req = top.api.AlibabaAliqinFcSmsNumSendRequest()
req.extend = ""
req.sms_type = 'normal'
req.sms_free_sign_name = 'python论坛'
req.sms_param = "{code:'%s'}" % telphone_captcha
req.rec_num = telphone.decode('utf-8').encode('ascii')
req.sms_template_code = 'SMS_37105066'
try:
resp = req.getResponse()
return xtjson.json_result()
except Exception,e:
return xtjson.json_params_error(message=u'短信发送太频繁')
def sms_captcha():
telephone = flask.request.args.get('telephone')
if not telephone:
return xtjson.json_params_error(message=u'手机号不能为空!')
p2 = re.compile('^0\d{2,3}\d{7,8}$|^1[3587]\d{9}$|^147\d{8}')
phonematch = p2.match(telephone)
if not phonematch:
return xtjson.json_params_error(message=u'手机号格式错误')
tel = FrontUser.query.filter_by(telephone=telephone).first()
if tel:
return xtjson.json_params_error(message=u'该手机号已被注册,请勿重复注册')
if xtcache.get(telephone):
return xtjson.json_params_error(message=u'验证码已发送,请于1分钟后重新发送')
app_key = constants.ALIDAYU_APP_KEY
app_secret = constants.ALIDAYU_APP_SECRET
req = top.setDefaultAppInfo(app_key, app_secret)
req = top.api.AlibabaAliqinFcSmsNumSendRequest()
req.extend = ""
req.sms_type = 'normal'
req.sms_free_sign_name = constants.ALIDAYU_SIGN_NAME
# 给模版的参数
captcha = Captcha.gene_text()
req.sms_param = "{code:'%s'}" % captcha
req.rec_num = telephone.decode('utf-8').encode('ascii')
req.sms_template_code = constants.ALIDAYU_TEMPLATE_CODE
try:
resp = req.getResponse()
xtcache.set(telephone, captcha)
return xtjson.json_result()
except Exception, e:
print e
return xtjson.json_server_error()
def star_post():
form = StarpostForm(request.form)
if form.validate():
post_id = form.post_id.data
is_star = form.is_star.data
postmodel = Post.query.get(post_id)
starpostmodel = PoststarsModel.query.filter_by(
post_id=post_id, author_id=flask.g.front_user.id).first()
if is_star:
if starpostmodel:
return xtjson.json_params_error(message=u'您已对该帖子已经点过赞!')
starpostmodel = PoststarsModel()
starpostmodel.author = flask.g.front_user
starpostmodel.post = postmodel
db.session.commit()
return xtjson.json_result()
else:
if starpostmodel:
db.session.delete(starpostmodel)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'您还没有该帖子点赞,无需取消点赞操作')
else:
return xtjson.json_params_error(message=form.error_message())
def post_addcomment():
if flask.request.method == 'GET':
post_id = flask.request.args.get('post_id', type=int)
comment_id = flask.request.args.get('comment_id', type=int)
context = {'post': PostModel.query.get(post_id)}
if comment_id:
context['origin_comment'] = CommentModel.query.get(comment_id)
return flask.render_template('front/front_addcomment.html', **context)
else:
form = FrontAddCommentForm(flask.request.form)
if form.validate():
# 先判断该用户是否满足COMMENT_ALLOW_POINTS个积分
if flask.g.front_user.points < constants.COMMENT_ALLOW_POINTS:
message = u'您必须达到%s个积分才能评论!' % constants.COMMENT_ALLOW_POINTS
return xtjson.json_params_error(message=message)
post_id = form.post_id.data
content = form.content.data
comment_id = form.comment_id.data
comment_model = CommentModel(content=content)
comment_model.author = flask.g.front_user
post_model = PostModel.query.get(post_id)
comment_model.post = post_model
if comment_id:
origin_comment = CommentModel.query.get(comment_id)
comment_model.origin_comment = origin_comment
# 评论一次加comment_up_points个积分
flask.g.front_user.points += constants.COMMENT_UP_POINTS
db.session.add(comment_model)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def post_star():
form = FrontPostStarForm(flask.request.form)
if form.validate():
post_id = form.post_id.data
is_star = form.is_star.data
post_model = PostModel.query.get(post_id)
star_model = PostStarModel.query.filter_by(
author_id=flask.g.front_user.id, post_id=post_id).first()
if is_star:
if star_model:
return xtjson.json_params_error(message=u'已点赞,无需再赞')
star_model = PostStarModel()
star_model.author = flask.g.front_user
star_model.post = post_model
# 点赞一次加star_up_points个积分
flask.g.front_user.points += constants.STAR_UP_POINTS
db.session.add(star_model)
db.session.commit()
return xtjson.json_result()
else:
if star_model:
# 取消点赞一次扣除star_up_points个积分
flask.g.front_user.points -= constants.STAR_UP_POINTS
db.session.delete(star_model)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'你尚未点赞')
else:
return xtjson.json_params_error(message=form.get_error())
def star_post():
form = StarPostForm(flask.request.form)
if form.validate():
post_id = form.post_id.data
is_star = form.is_star.data
post_model = PostModel.query.get(post_id)
star_model = PostStarModel.query.filter_by(
author_id=flask.g.front_user.id, post_id=post_id).first()
if is_star:
# 要从数据库中查找一下,当前这个点赞是否存在,如果不存在,就添加,否则就提示已经点赞了
if star_model:
return xtjson.json_params_error(message=u'您已经给这篇帖子点赞了,无需再点!')
star_model = PostStarModel()
star_model.author = flask.g.front_user
star_model.post = post_model
db.session.add(star_model)
db.session.commit()
return xtjson.json_result()
else:
if star_model:
db.session.delete(star_model)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'你尚未对该帖子进行点赞!')
else:
return xtjson.json_params_error(message=form.get_error())
def add_comment():
if flask.request.method == 'GET':
post_id = flask.request.args.get('post_id')
post_model = PostModel.query.get(post_id)
# db.session.close()
return flask.render_template('front/front_addcoment.html',
post=post_model)
else:
if flask.g.front_user.points < settings.COMMENT_ALLOW_POINTS:
message = u'你的积分是%s,少于评论需求的%s积分,去发布帖子、写评论和做任务' \
u'挣积分吧~' % (flask.g.front_user.points, settings.COMMENT_ALLOW_POINTS)
return xtjson.json_params_error(message=message)
form = AddCommentForm(flask.request.form)
if form.validate():
post_id = form.post_id.data
content = form.content.data
comment_model = CommentModel(content=content)
post_model = PostModel.query.get(post_id)
comment_model.post = post_model
comment_model.author = flask.g.front_user
# 评论积分+1
comment_model.author.points += 1
db.session.add(comment_model)
db.session.commit()
# db.session.close()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def cms_edit_cmsuser():
if request.method == 'GET':
user_id = request.args.get('user_id')
user = CMS_User.query.filter_by(id=user_id).first()
roles = CMS_Role.query.all()
if user:
context = dict(roles=roles, user=user)
return render_template('cms/cms_edit_cmsuser.html', **context)
else:
abort(404)
else:
role_ids = request.form.getlist('roles[]')
user_id = request.form.get('user_id')
user = CMS_User.query.filter_by(id=user_id).first()
user_role_ids = [role.id for role in user.roles]
if role_ids:
if role_ids and role_ids == user_role_ids:
return xtjson.json_params_error(message=u'原信息与提交信息一致,无需修改')
else:
user.roles = []
for role_id in role_ids:
role = CMS_Role.query.filter_by(id=role_id).first()
user.roles.append(role)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'必须选择一个分组')
def top_article(request):
# method(GET,POST)
# 参数
# wiki
form = TopArticleForm(request.POST)
if form.is_valid():
uid = form.cleaned_data.get('uid')
articleModel = ArticleModel.objects.filter(pk=uid).first()
if articleModel:
if not articleModel.thumbnail:
return xtjson.json_params_error(message=u'有缩略图的文章才能置顶')
topModel = articleModel.top
if not topModel:
topModel = TopModel()
# 如果存在,也save一下,这样就会更新operate_time了
topModel.save()
articleModel.top = topModel
articleModel.save(update_fields=['top'])
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'该文章不存在')
else:
return form.get_error_response()
def edit_cms_user():
if flask.request.method == 'GET':
user_id = flask.request.args.get('user_id')
if not user_id:
return flask.abort(404)
user = CMSUser.query.get(user_id)
roles = CMSRole.query.all()
current_roles = [role.id for role in user.roles ]
context = {
'user' : user,
'roles' : roles,
'current_roles' : current_roles
}
return flask.render_template('cms/cms_editcmsuser.html', **context)
else:
user_id = flask.request.form.get('user_id')
if not user_id:
return xtjson.json_params_error(message=u'用户不存在')
roles = flask.request.form.getlist('roles[]')
if not roles:
return xtjson.json_params_error(message=u'必须最少指定一个分组')
user = CMSUser.query.get(user_id)
user.roles[:] = []
for role_id in roles:
role_model = CMSRole.query.get(role_id)
user.roles.append(role_model)
db.session.commit()
return xtjson.json_result()
def post(self):
uuid = self.get_argument('uuid', '')
want_remove = self.get_argument('want_remove', '')
if not uuid:
message = xtjson.json_params_error(message=u'必须指定文件uuid!')
self.write(message)
else:
file = File.by_field_first(uuid=uuid)
if not file:
message = xtjson.json_params_error(message=u'没有找到该文件!')
self.write(message)
else:
if not file.is_removed:
if want_remove == '1':
file.is_removed = True
self.db.commit()
self.write(xtjson.json_result())
else:
message = xtjson.json_params_error(
message=u'该文件没有被删除,无需取消删除!')
self.write(message)
else:
if want_remove == '0':
file.is_removed = False
self.db.commit()
self.write(xtjson.json_result())
else:
message = xtjson.json_params_error(
message=u'该文件已删除,无需重复删除!')
self.write(message)
def add_cms_user():
if flask.request.method == "GET":
roles = CMSRole.query.all()
context = {
'roles': roles
}
return flask.render_template('cms/cms_addcmsuser.html', **context)
else:
form = CMSAdduserForm(flask.request.form)
if form.validate():
username = form.username.data
email = form.email.data
password = form.password.data
roles = flask.request.form.getlist('roles[]')
print roles
if not roles:
return xtjson.json_params_error(message=u'必须最少指定一个分组!')
user = CMSUser(username=username,email=email,password=password)
for role_id in roles:
role = CMSRole.query.get(role_id)
role.users.append(user)
if email == CMSUser.query.filter_by(email=email).first():
return xtjson.json_params_error(message=u'该CMS用户已经存在,请勿重复添加!')
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def post_star():
form = PostStarForm(flask.request.form)
if form.validate():
post_id = form.post_id.data
is_star = form.is_star.data
post_model = PostModel.query.get(post_id)
star_model = PostStarModel.query.filter_by(
author_id=flask.g.front_user.id, post_id=post_id).first()
# 如果表单中获取到点赞的信息,再去判断数据库中这个点赞是否存在,若存在,则提示已点赞,否则添加
if is_star:
if star_model:
return xtjson.json_params_error(message=u'您已经给这篇帖子点赞了,无需再点!')
star_model = PostStarModel()
star_model.author = flask.g.front_user
star_model.post = post_model
db.session.add(star_model)
db.session.commit()
return xtjson.json_result()
else:
# 如果表单中不存在点赞的信息,再去数据库中查是否存在,如果存在就将它删掉,若不存在就是还没有点赞
if star_model:
db.session.delete(star_model)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'你尚未对该帖子进行点赞!')
else:
return xtjson.json_params_error(message=form.get_error())
def settings():
if flask.request.method == 'POST':
form = SettingsForm(flask.request.form)
if form.validate():
id = form.id.data
username = form.username.data
realname = form.realname.data
qq = form.qq.data
avatar = form.avatar.data
signature = form.signature.data
user = FrontUser.query.get(id)
if user:
if username and len(username) > 0:
user.username = username
if realname and len(realname) > 0:
user.realname = realname
if qq and len(qq) > 0:
user.qq = qq
if avatar and len(avatar) > 0:
user.avatar = avatar
if signature and len(signature) > 0:
user.signature = signature
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=u'该用户不存在!')
else:
return xtjson.json_params_error(message=form.get_error())
else:
return flask.render_template('front/account/front_settings.html')
def sms_captcha():
telephone = flask.request.args.get('telephone')
# 获取用户名,用于发送短信验证码显示用户名
# username = flask.request.args.get('username')
if not telephone:
return xtjson.json_params_error(message=u'必须指定手机号码!')
if xtcache.get(telephone):
return xtjson.json_params_error(message=u'验证码已发送,请1分钟后重复发送!')
# if not username:
# return xtjson.json_params_error(message=u'必须输入用户名!')
# 阿里大于APP_KEY及APP_SECRET
app_key = constants.APP_KEY
app_secret = constants.APP_SECRET
req = top.setDefaultAppInfo(app_key, app_secret)
req = top.api.AlibabaAliqinFcSmsNumSendRequest()
req.extend = ""
req.sms_type = 'normal'
# 签名名称
req.sms_free_sign_name = constants.SIGN_NAME
# 随即生成字符串
captcha = Captcha.gene_text()
# 设置短信的模板
req.sms_param = "{code:%s}" % captcha
# req.sms_param = "{username:%s,code:%s}" % (username, captcha)
req.rec_num = telephone.decode('utf-8').encode('ascii')
req.sms_template_code = constants.TEMPLATE_CODE
try:
resp = req.getResponse()
xtcache.set(telephone, captcha)
return xtjson.json_result()
except Exception, e:
print e
return xtjson.json_server_error()
def del_board():
board_id = flask.request.form.get('board_id')
board = BoardModel.query.get(board_id)
if not board_id and board:
return xtjson.json_params_error(message=u'出错了!!')
if board.posts:
return xtjson.json_params_error(message=u'此板块存在帖子,不能删除!')
db.session.delete(board)
db.session.commit()
return xtjson.json_result()
def sms_captcha():
telephone = request.args.get('telephone')
if not telephone:
return xtjson.json_params_error(message='请输入邮箱')
if rhjcache.get(telephone):
return xtjson.json_params_error(message='已向该邮箱发送验证码,请2分钟后再试')
text = xtcaptcha.Captcha.gene_text()
celery_send_sms.delay(telephone=telephone, captcha=text)
rhjcache.set(telephone, text.lower(), time=2 * 60)
return xtjson.json_result()
def post(self):
form = CMSResetmailForm(flask.request.form)
if form.validate():
email = form.email.data
if flask.g.cms_user.email == email:
return xtjson.json_params_error(message=u'新邮箱与老邮箱一致,无需修改!')
flask.g.cms_user.email = email
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def delete_cmsrole():
form = CMSIdForm(flask.request.form)
if form.validate():
id = form.id.data
role = CMSRole.query.filter_by(id=id).first()
if len(role.users) > 0:
return xtjson.json_params_error(message=u'该组下还存在用户,不能删除!')
db.session.delete(role)
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def delete_board():
board_id = request.form.get('board_id')
if not board_id:
return xtjson.json_params_error(message=u'必须指定版块ID')
else:
board = BoardModel.query.filter_by(id=board_id).first()
if not board:
return xtjson.json_params_error(message=u'该板块不存在')
else:
db.session.delete(board)
db.session.commit()
return xtjson.json_result()
def black_cms_user():
form = CMSBlackCMSUserForm(flask.request.form)
if form.validate():
user_id = form.user_id.data
if user_id == flask.g.cms_user.id:
return xtjson.json_params_error(message=u'不能拉黑自己')
is_black = form.is_black.data
user = CMSUser.query.get(user_id)
user.is_active = not is_black
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.get_error())
def delete_board():
board_id = flask.request.form.get('board_id')
if not board_id:
return xtjson.json_params_error(message=u'没有板块id')
board = BoardModel.query.filter_by(id=board_id).first()
if not board:
return xtjson.json_params_error(message=u'没有该板块')
#判断板块下帖子是否大于0
# if board.posts.count[0] > 0:
# return xtjson.json_params_error(message=u'该板块下有帖子,不能删除,请先删除帖子')
db.session.delete(board)
db.session.commit()
return xtjson.json_result()
def is_black():
form = PullBlack(request.form)
if form.validate():
user_id = form.user_id.data
if user_id == flask.g.cms_user.id:
return xtjson.json_params_error(message=u'用户不能拉黑自己')
is_black = form.is_black.data
user = User.query.get(user_id)
user.is_active = not is_black
db.session.commit()
return xtjson.json_result()
else:
return xtjson.json_params_error(message=form.error_message())
def add_board():
author = request.form.get('author')
board_name = request.form.get('name')
if not board_name:
return xtjson.json_params_error(message=u'添加的版块名称不能为空!')
boardmodel = Boards.query.filter_by(name=board_name).first()
if boardmodel:
return xtjson.json_params_error(message=u'该版块已存在,无需添加!')
board = Boards(name=board_name)
author = User.query.filter_by(username=author).first()
board.author = author
db.session.commit()
return xtjson.json_result()
