def sample(): """插入样例数据""" Business.insert_many(business_data, fields=business_fields).execute() Notifier.insert_many(notifier_data, fields=notifier_fields).execute() BusinessNotifier.insert_many(businessnotifier_data, fields=businessnotifier_fields).execute() TaskMonitor.insert_many(taskmonitor_data, fields=taskmonitor_fields).execute() User.insert_many(user_data, fields=user_fields).execute() Permission.insert_many(permission_data, fields=permission_fields).execute()
def test_get_by_id(self): """Get user by ID.""" user = User(username='******', password=generate_password_hash('cronmonpwd'), email='*****@*****.**', phone='13912340001', status=True, admin=False) user.save() retrieved = User.get_by_id(user.id) assert retrieved == user permission = Permission(perm_list='', perm_user=user.id) permission.save() retrieved = Permission.get_by_id(permission.id) assert retrieved == permission
def test_column_default_value(self): """Test column default value.""" user = User(username='******', password=generate_password_hash('cronmonpwd'), email='*****@*****.**', phone='13912340002') user.save() assert user.status is True assert user.admin is False assert user.api_username is None assert user.api_password is None permission = Permission(perm_user=user.id) permission.save() assert permission.perm_list == ''
def test_column_type(self): """Test columns type.""" user = User(username='******', password=generate_password_hash('cronmonpwd'), email='*****@*****.**', phone='13912340004') user.save() assert isinstance(user.username, str) assert isinstance(user.password, str) assert isinstance(user.email, str) assert isinstance(user.phone, str) assert isinstance(user.status, bool) assert isinstance(user.admin, bool) permission = Permission(perm_user=user.id) permission.save() assert isinstance(permission.perm_list, str) assert isinstance(permission.perm_user, User)
def login(): """登录路由函数""" form = LoginForm() if form.validate_on_submit(): try: user = User.get(User.username == form.username.data) # 如果用户不为空,且密码正确,不被禁用以及验证码正确(如有),则允许登录系统 if user is not None and user.verify_password(form.password.data) and user.is_active() \ and (session.get('img') == form.recaptcha.data.upper() or not CFG.VALIDATE_CODE_USE): duration = timedelta(days=7) login_user(user, form.rememberme.data, duration=duration) return redirect( request.args.get('next') or url_for('main.index')) elif not user.is_active() and not user.is_anonymous(): flash('账户被禁用') elif CFG.VALIDATE_CODE_USE and not session.get( 'img') == form.recaptcha.data.upper(): flash('验证码错误') else: flash('密码错误') except User.DoesNotExist: flash('用户名错误') except: flash('登录异常') return render_template('auth/login.html', form=form, code=CFG.VALIDATE_CODE_USE)
def logout(): """登出路由函数,登出时重写session token,确保session失效""" user = User.get(User.id == current_user.id) logout_user() user.session_token = session_token_generate() user.save() flash('您已退出登录') return redirect(url_for('auth.login'))
def test_superuser_normaluser_switch(self, testapp): """User level switch .""" # Login login(testapp, 'cronadmin2', 'cronadmin2') # Create user operation res = testapp.get( url_for('main.permedit', _external=True, _scheme=SITE_PROTOCOL)) form = res.forms['PermEditForm'] form['username'] = '******' form['email'] = '*****@*****.**' form['phone'] = '16789898989' form['api_username'] = '******' form['api_password'] = '******' form['admin'] = True form['status'] = True res = form.submit().follow() assert u'初始密码' in res assert u'保存成功' in res user_id = User.get(User.username == 'userJustForTest').id user_perm = Permission.get(Permission.perm_user == user_id).perm_list assert user_perm == '0' # Switch(from superuser to normaluser) res = testapp.get( url_for('main.permlist', _external=True, _scheme=SITE_PROTOCOL)) form = res.forms['PermSearchForm'] form['search_by'] = 'username' form['search_content'] = 'userJustForTest' res = form.submit() res = res.click(linkid='pedit', index=0) form = res.forms['PermEditForm'] form['admin'] = False res = form.submit().follow() assert u'修改成功' in res user_perm = Permission.get(Permission.perm_user == user_id).perm_list assert user_perm == '' # Switch(from normaluser to superuser) res = testapp.get( url_for('main.permlist', _external=True, _scheme=SITE_PROTOCOL)) form = res.forms['PermSearchForm'] form['search_by'] = 'username' form['search_content'] = 'userJustForTest' res = form.submit() res = res.click(linkid='pedit', index=0) form = res.forms['PermEditForm'] form['admin'] = True res = form.submit().follow() assert u'修改成功' in res user_perm = Permission.get(Permission.perm_user == user_id).perm_list assert user_perm == '0'
def verify_password(api_username, api_password): """验证api用户名和api密码""" if api_username and api_password: try: user = User.get(User.api_username == api_username, User.status == True) except: g.current_user = AnonymousUser() return True else: return False g.current_user = user return user.verify_api_password(api_password)
def test_check_password(self): """Check password.""" user = User(username='******', password=generate_password_hash('cronmonpwd'), email='*****@*****.**', phone='13912340005', api_username='******', api_password='******') assert user.verify_password('cronmonpwd') is True assert user.verify_password('yourpwd') is False assert user.verify_api_password('test5_api_pwd') is True assert user.verify_api_password('test5_api_wrongpwd') is False
def password_change(db_model, form, template): """密码修改模版渲染 :param db_model: 数据库model :param form: 模版 :param template: 模版 :return: 渲染后的模版 """ # 修改记录 id = current_user.id if id: # 查询 model = db_model.get(db_model.id == id) if request.method == 'GET': utils.model_to_form(model, form) # 提交操作 if request.method == 'POST': if form.validate_on_submit(): user = User.get(User.username == form.username.data) if user.verify_password(form.old_password.data): new_password_hash = generate_password_hash( form.new_password.data) query = (db_model.update({ db_model.password: new_password_hash }).where(db_model.id == id)) query.execute() flash('密码修改成功') else: flash('原密码不对') else: utils.flash_errors(form) else: abort(403) return render_template(template, form=form, current_user=current_user)
def insert_first_admin(): """插入系统初始管理员帐号,相关用户属性可后续自行更改""" first_admin = User() first_admin.username = '******' first_admin.password_hash = 'cronadmin' first_admin.email = '*****@*****.**' first_admin.phone = '13912345678' first_admin.status = True first_admin.admin = True first_admin.api_username = '******' first_admin.api_password = '******' first_admin.save() first_admin_perm = Permission() first_admin_perm.perm_list = '0' first_admin_perm.perm_user = 1 first_admin_perm.save()
def emptybusinesscheck(): """获取没有联系人的业务,并同时发给系统管理员和对应的业务管理员""" # 获取空联系人业务信息,如果结果为空,则退出后续检查 subq = BusinessNotifier.select().where(BusinessNotifier.business_id == Business.id) query1 = Business.select().where((~fn.EXISTS(subq)) & (Business.status == True)) if not query1: return # 获取管理员列表 query2 = User.select().where((User.admin == True) & (User.status == True)) # 列表生成(系统管理员) # stridlist用作和perm_list进行交叉比对 stridlist = [] strlist = [] infolist = [] subject = 'Empty Business - SystemAdmin' for i in query1: biz = str(i.id) + ' : ' + i.business_name strlist.append(biz) bizid = str(i.id) stridlist.append(bizid) mailstring = "\n".join(strlist) for item in query2: subinfolist = [] notifier = item.email subinfolist.append(notifier) subinfolist.append(mailstring) subinfolist.append(subject) infolist.append(subinfolist) # 发送告警信息给系统管理员 send_email(infolist) # 列表生成(业务管理员) strlist = [] infolist = [] subject = 'Empty Business - BizAdmin' user_perm_list = Permission.select().join(User)\ .where((Permission.perm_list != '0') & (Permission.perm_list != '') & (User.status == 1)) for item in user_perm_list: user_perm_list_item = item.perm_list.split() # perm_list和无联系人业务id列表进行交叉比对 business_intersection = [x for x in user_perm_list_item if x in set(stridlist)] if business_intersection: subinfolist = [] notifier = item.perm_user.email subinfolist.append(notifier) # 根据id获取业务名称作为邮件正文 for perm_item in business_intersection: biz = Business.select().where(Business.id == perm_item).get().business_name strlist.append(biz) mailstring = "\n".join(strlist) subinfolist.append(mailstring) subinfolist.append(subject) infolist.append(subinfolist) # 发送告警信息给业务管理员 send_email(infolist)
def form_edit(db_model, form, template, form2=False): """通用编辑模版(新增和修改) :param db_model: 数据库model :param form: 表单 :param template: 模版 :param form2: 第二个表单,进行权限分离时需要用到 :return: 渲染后的模版 """ # 获取参数已经生成编辑和新增路径 action, id, bid, page, length, search_content, search_by, perm_list = get_parm( ) redirect_path_edit = ('main.' + template.split('.')[0]).replace( 'edit', 'list') redirect_path_add = ('main.' + template.split('.')[0]) # 修改操作(id存在) if id: # 如果是指定model,则记录操作前对应字段值 if db_model == Business or db_model == TaskMonitor: try: status_old = db_model.select().where( db_model.id == id).get().status except: abort(500) if db_model == User: try: admin_old = db_model.select().where( db_model.id == id).get().admin except: abort(500) # 权限检查 if not (bid in perm_list or perm_list == ['0']): abort(403) # 模型转表单 model = db_model.get(db_model.id == id) if request.method == 'GET': utils.model_to_form(model, form) # 提交修改 if request.method == 'POST': try: if form.validate_on_submit(): # 如果业务状态为禁用,则不允许操作 if db_model == TaskMonitor or db_model == BusinessNotifier: biz_status = Business.select().join(db_model).where( Business.id == bid).get().status if not biz_status: flash('关联业务为禁用状态') return redirect(url_for(redirect_path_edit)) # 如果是指定model,则记录表单提交前指定字段值 if db_model == Business or db_model == TaskMonitor: status_new = form.status.data if db_model == User: admin_new = form.admin.data # 提交数据 utils.form_to_model(form, model) model.save() # 如果业务状态从启用变为禁用,则对应的所有监控任务会被禁用 if db_model == Business: if status_old != status_new and status_new is False: toupdate = (TaskMonitor.update({ TaskMonitor.status: False }).where(TaskMonitor.business == id)) toupdate.execute() # 如果监控任务状态从启用变为禁用,则对应的告警状态会被重置 if db_model == TaskMonitor: if status_old != status_new and status_new is False: toupdate = (TaskMonitor.update({ TaskMonitor.warning: False }).where(TaskMonitor.id == id)) toupdate.execute() # 如果修改用户角色,则进行关联表相关操作 # 如果从业务管理员到系统管理员,则将perm_list修改为0 if db_model == User and admin_old != admin_new: if admin_new is True: toupdate = (Permission.update({ Permission.perm_list: '0' }).where(Permission.perm_user == id)) toupdate.execute() # 如果从系统管理员到业务管理员,则将perm_list修改为空值 else: toupdate = (Permission.update({ Permission.perm_list: '' }).where(Permission.perm_user == id)) toupdate.execute() flash('修改成功') return redirect(url_for(redirect_path_edit)) else: utils.flash_errors(form) except peewee.IntegrityError as e: flash(e) # 新增操作(id不存在) else: # 如果form2存在,则将form替换成form2,目前限于2种表单操作(业务联系人和任务表单) # 此类表单进行新增操作时,会进行‘status’是否为真的判断,在编辑操作时则不进行 if form2: form = form2 try: if form.validate_on_submit(): model = db_model() utils.form_to_model(form, model) model.save() # 如果为用户model,则进行修改权限model操作,如果是超级管理员,则将perm_list更新为‘0’,否则保留默认值 if db_model == User: user_id = User.select().where( User.username == form.username.data).get().id toadd = Permission() toadd.perm_user = user_id if form.admin.data: toadd.perm_list = '0' toadd.save() flash('保存成功') return redirect(url_for(redirect_path_add)) else: utils.flash_errors(form) except peewee.IntegrityError as e: flash(e) return render_template(template, form=form, current_user=current_user)