def sample():
"""插入样例数据"""
Business.insert_many(business_data, fields=business_fields).execute()
Notifier.insert_many(notifier_data, fields=notifier_fields).execute()
BusinessNotifier.insert_many(businessnotifier_data, fields=businessnotifier_fields).execute()
TaskMonitor.insert_many(taskmonitor_data, fields=taskmonitor_fields).execute()
User.insert_many(user_data, fields=user_fields).execute()
Permission.insert_many(permission_data, fields=permission_fields).execute()
def test_get_by_id(self):
"""Get user by ID."""
user = User(username='******', password=generate_password_hash('cronmonpwd'), email='*****@*****.**',
phone='13912340001', status=True, admin=False)
user.save()
retrieved = User.get_by_id(user.id)
assert retrieved == user
permission = Permission(perm_list='', perm_user=user.id)
permission.save()
retrieved = Permission.get_by_id(permission.id)
assert retrieved == permission
def test_column_default_value(self):
"""Test column default value."""
user = User(username='******', password=generate_password_hash('cronmonpwd'), email='*****@*****.**',
phone='13912340002')
user.save()
assert user.status is True
assert user.admin is False
assert user.api_username is None
assert user.api_password is None
permission = Permission(perm_user=user.id)
permission.save()
assert permission.perm_list == ''
def test_column_type(self):
"""Test columns type."""
user = User(username='******', password=generate_password_hash('cronmonpwd'), email='*****@*****.**',
phone='13912340004')
user.save()
assert isinstance(user.username, str)
assert isinstance(user.password, str)
assert isinstance(user.email, str)
assert isinstance(user.phone, str)
assert isinstance(user.status, bool)
assert isinstance(user.admin, bool)
permission = Permission(perm_user=user.id)
permission.save()
assert isinstance(permission.perm_list, str)
assert isinstance(permission.perm_user, User)
def login():
"""登录路由函数"""
form = LoginForm()
if form.validate_on_submit():
try:
user = User.get(User.username == form.username.data)
# 如果用户不为空,且密码正确,不被禁用以及验证码正确(如有),则允许登录系统
if user is not None and user.verify_password(form.password.data) and user.is_active() \
and (session.get('img') == form.recaptcha.data.upper() or not CFG.VALIDATE_CODE_USE):
duration = timedelta(days=7)
login_user(user, form.rememberme.data, duration=duration)
return redirect(
request.args.get('next') or url_for('main.index'))
elif not user.is_active() and not user.is_anonymous():
flash('账户被禁用')
elif CFG.VALIDATE_CODE_USE and not session.get(
'img') == form.recaptcha.data.upper():
flash('验证码错误')
else:
flash('密码错误')
except User.DoesNotExist:
flash('用户名错误')
except:
flash('登录异常')
return render_template('auth/login.html',
form=form,
code=CFG.VALIDATE_CODE_USE)
def logout():
"""登出路由函数,登出时重写session token,确保session失效"""
user = User.get(User.id == current_user.id)
logout_user()
user.session_token = session_token_generate()
user.save()
flash('您已退出登录')
return redirect(url_for('auth.login'))
def test_superuser_normaluser_switch(self, testapp):
"""User level switch ."""
# Login
login(testapp, 'cronadmin2', 'cronadmin2')
# Create user operation
res = testapp.get(
url_for('main.permedit', _external=True, _scheme=SITE_PROTOCOL))
form = res.forms['PermEditForm']
form['username'] = '******'
form['email'] = '*****@*****.**'
form['phone'] = '16789898989'
form['api_username'] = '******'
form['api_password'] = '******'
form['admin'] = True
form['status'] = True
res = form.submit().follow()
assert u'初始密码' in res
assert u'保存成功' in res
user_id = User.get(User.username == 'userJustForTest').id
user_perm = Permission.get(Permission.perm_user == user_id).perm_list
assert user_perm == '0'
# Switch(from superuser to normaluser)
res = testapp.get(
url_for('main.permlist', _external=True, _scheme=SITE_PROTOCOL))
form = res.forms['PermSearchForm']
form['search_by'] = 'username'
form['search_content'] = 'userJustForTest'
res = form.submit()
res = res.click(linkid='pedit', index=0)
form = res.forms['PermEditForm']
form['admin'] = False
res = form.submit().follow()
assert u'修改成功' in res
user_perm = Permission.get(Permission.perm_user == user_id).perm_list
assert user_perm == ''
# Switch(from normaluser to superuser)
res = testapp.get(
url_for('main.permlist', _external=True, _scheme=SITE_PROTOCOL))
form = res.forms['PermSearchForm']
form['search_by'] = 'username'
form['search_content'] = 'userJustForTest'
res = form.submit()
res = res.click(linkid='pedit', index=0)
form = res.forms['PermEditForm']
form['admin'] = True
res = form.submit().follow()
assert u'修改成功' in res
user_perm = Permission.get(Permission.perm_user == user_id).perm_list
assert user_perm == '0'
def verify_password(api_username, api_password):
"""验证api用户名和api密码"""
if api_username and api_password:
try:
user = User.get(User.api_username == api_username,
User.status == True)
except:
g.current_user = AnonymousUser()
return True
else:
return False
g.current_user = user
return user.verify_api_password(api_password)
def test_check_password(self):
"""Check password."""
user = User(username='******', password=generate_password_hash('cronmonpwd'), email='*****@*****.**',
phone='13912340005', api_username='******', api_password='******')
assert user.verify_password('cronmonpwd') is True
assert user.verify_password('yourpwd') is False
assert user.verify_api_password('test5_api_pwd') is True
assert user.verify_api_password('test5_api_wrongpwd') is False
def password_change(db_model, form, template):
"""密码修改模版渲染
:param db_model: 数据库model
:param form: 模版
:param template: 模版
:return: 渲染后的模版
"""
# 修改记录
id = current_user.id
if id:
# 查询
model = db_model.get(db_model.id == id)
if request.method == 'GET':
utils.model_to_form(model, form)
# 提交操作
if request.method == 'POST':
if form.validate_on_submit():
user = User.get(User.username == form.username.data)
if user.verify_password(form.old_password.data):
new_password_hash = generate_password_hash(
form.new_password.data)
query = (db_model.update({
db_model.password:
new_password_hash
}).where(db_model.id == id))
query.execute()
flash('密码修改成功')
else:
flash('原密码不对')
else:
utils.flash_errors(form)
else:
abort(403)
return render_template(template, form=form, current_user=current_user)
def insert_first_admin():
"""插入系统初始管理员帐号,相关用户属性可后续自行更改"""
first_admin = User()
first_admin.username = '******'
first_admin.password_hash = 'cronadmin'
first_admin.email = '*****@*****.**'
first_admin.phone = '13912345678'
first_admin.status = True
first_admin.admin = True
first_admin.api_username = '******'
first_admin.api_password = '******'
first_admin.save()
first_admin_perm = Permission()
first_admin_perm.perm_list = '0'
first_admin_perm.perm_user = 1
first_admin_perm.save()
def emptybusinesscheck():
"""获取没有联系人的业务,并同时发给系统管理员和对应的业务管理员"""
# 获取空联系人业务信息,如果结果为空,则退出后续检查
subq = BusinessNotifier.select().where(BusinessNotifier.business_id == Business.id)
query1 = Business.select().where((~fn.EXISTS(subq)) & (Business.status == True))
if not query1:
return
# 获取管理员列表
query2 = User.select().where((User.admin == True) & (User.status == True))
# 列表生成(系统管理员)
# stridlist用作和perm_list进行交叉比对
stridlist = []
strlist = []
infolist = []
subject = 'Empty Business - SystemAdmin'
for i in query1:
biz = str(i.id) + ' : ' + i.business_name
strlist.append(biz)
bizid = str(i.id)
stridlist.append(bizid)
mailstring = "\n".join(strlist)
for item in query2:
subinfolist = []
notifier = item.email
subinfolist.append(notifier)
subinfolist.append(mailstring)
subinfolist.append(subject)
infolist.append(subinfolist)
# 发送告警信息给系统管理员
send_email(infolist)
# 列表生成(业务管理员)
strlist = []
infolist = []
subject = 'Empty Business - BizAdmin'
user_perm_list = Permission.select().join(User)\
.where((Permission.perm_list != '0') & (Permission.perm_list != '') & (User.status == 1))
for item in user_perm_list:
user_perm_list_item = item.perm_list.split()
# perm_list和无联系人业务id列表进行交叉比对
business_intersection = [x for x in user_perm_list_item if x in set(stridlist)]
if business_intersection:
subinfolist = []
notifier = item.perm_user.email
subinfolist.append(notifier)
# 根据id获取业务名称作为邮件正文
for perm_item in business_intersection:
biz = Business.select().where(Business.id == perm_item).get().business_name
strlist.append(biz)
mailstring = "\n".join(strlist)
subinfolist.append(mailstring)
subinfolist.append(subject)
infolist.append(subinfolist)
# 发送告警信息给业务管理员
send_email(infolist)
def form_edit(db_model, form, template, form2=False):
"""通用编辑模版(新增和修改)
:param db_model: 数据库model
:param form: 表单
:param template: 模版
:param form2: 第二个表单,进行权限分离时需要用到
:return: 渲染后的模版
"""
# 获取参数已经生成编辑和新增路径
action, id, bid, page, length, search_content, search_by, perm_list = get_parm(
)
redirect_path_edit = ('main.' + template.split('.')[0]).replace(
'edit', 'list')
redirect_path_add = ('main.' + template.split('.')[0])
# 修改操作(id存在)
if id:
# 如果是指定model,则记录操作前对应字段值
if db_model == Business or db_model == TaskMonitor:
try:
status_old = db_model.select().where(
db_model.id == id).get().status
except:
abort(500)
if db_model == User:
try:
admin_old = db_model.select().where(
db_model.id == id).get().admin
except:
abort(500)
# 权限检查
if not (bid in perm_list or perm_list == ['0']):
abort(403)
# 模型转表单
model = db_model.get(db_model.id == id)
if request.method == 'GET':
utils.model_to_form(model, form)
# 提交修改
if request.method == 'POST':
try:
if form.validate_on_submit():
# 如果业务状态为禁用,则不允许操作
if db_model == TaskMonitor or db_model == BusinessNotifier:
biz_status = Business.select().join(db_model).where(
Business.id == bid).get().status
if not biz_status:
flash('关联业务为禁用状态')
return redirect(url_for(redirect_path_edit))
# 如果是指定model,则记录表单提交前指定字段值
if db_model == Business or db_model == TaskMonitor:
status_new = form.status.data
if db_model == User:
admin_new = form.admin.data
# 提交数据
utils.form_to_model(form, model)
model.save()
# 如果业务状态从启用变为禁用,则对应的所有监控任务会被禁用
if db_model == Business:
if status_old != status_new and status_new is False:
toupdate = (TaskMonitor.update({
TaskMonitor.status:
False
}).where(TaskMonitor.business == id))
toupdate.execute()
# 如果监控任务状态从启用变为禁用,则对应的告警状态会被重置
if db_model == TaskMonitor:
if status_old != status_new and status_new is False:
toupdate = (TaskMonitor.update({
TaskMonitor.warning:
False
}).where(TaskMonitor.id == id))
toupdate.execute()
# 如果修改用户角色,则进行关联表相关操作
# 如果从业务管理员到系统管理员,则将perm_list修改为0
if db_model == User and admin_old != admin_new:
if admin_new is True:
toupdate = (Permission.update({
Permission.perm_list:
'0'
}).where(Permission.perm_user == id))
toupdate.execute()
# 如果从系统管理员到业务管理员,则将perm_list修改为空值
else:
toupdate = (Permission.update({
Permission.perm_list:
''
}).where(Permission.perm_user == id))
toupdate.execute()
flash('修改成功')
return redirect(url_for(redirect_path_edit))
else:
utils.flash_errors(form)
except peewee.IntegrityError as e:
flash(e)
# 新增操作(id不存在)
else:
# 如果form2存在,则将form替换成form2,目前限于2种表单操作(业务联系人和任务表单)
# 此类表单进行新增操作时,会进行‘status’是否为真的判断,在编辑操作时则不进行
if form2:
form = form2
try:
if form.validate_on_submit():
model = db_model()
utils.form_to_model(form, model)
model.save()
# 如果为用户model,则进行修改权限model操作,如果是超级管理员,则将perm_list更新为‘0’,否则保留默认值
if db_model == User:
user_id = User.select().where(
User.username == form.username.data).get().id
toadd = Permission()
toadd.perm_user = user_id
if form.admin.data:
toadd.perm_list = '0'
toadd.save()
flash('保存成功')
return redirect(url_for(redirect_path_add))
else:
utils.flash_errors(form)
except peewee.IntegrityError as e:
flash(e)
return render_template(template, form=form, current_user=current_user)