def frozen_user(desc): ''' 说明:冻结用户接口 参数:Authorization,dmp_user_id,说明:指定用户标识token,没有dmp_user_id默认指定冻结自己,有dmp_user_id冻结指定id的用户,将confirmed改为false,数据类型:JSON 返回值:成功返回状态码及对应提示信息,数据类型:JSON,数据格式:{'msg':'pass','results':null,'status':xxx} ''' if request.method == 'POST': data = request.json auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) try: # 没有dmp_user_id,默认冻结自己 if data == None: frozen_user_obj = Users.query.filter( Users.id == res['id']).first() else: dmp_user_id = data.get('dmp_user_id') frozen_user_obj = Users.query.filter( Users.id == dmp_user_id).first() # 超级管理员不可以冻结 if frozen_user_obj.id == 1: return resp_hanlder(code=4003, msg=RET.alert_code[4003]) frozen_user_obj.confirmed = False db.session.commit() return resp_hanlder(code=4004, msg=RET.alert_code[4004]) except Exception as err: return resp_hanlder(code=999, msg=str(err))
def icon(desc): ''' 说明:修改用户头像接口 参数:Authorization,说明:修改指定用户的头像信息,数据类型:JSON 返回值:成功返回状态码、对应提示信息及头像地址,数据类型:JSON,数据格式:{'msg':'pass','results':'http://pass','status':xxx} ''' if request.method == 'POST': try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) data = request.json if data == None: return resp_hanlder(code=999) icon_obj_str = data.get('bin') icon_obj_str = icon_obj_str.split(',')[-1] current_obj = Users.query.filter(Users.id == res['id']).first() icon_data = base64.b64decode(icon_obj_str) icon_name = uuid_str() + '.jpg' save_url = current_app.config.get("SAVE_URL") origin_icon = current_obj.icon if origin_icon: origin_icon_path = os.path.join(save_url, origin_icon) if os.path.exists(origin_icon_path): os.remove(origin_icon_path) new_icon_path = os.path.join(save_url, icon_name) with open(new_icon_path, 'wb') as new_icon: new_icon.write(icon_data) current_obj.icon = current_app.config.get("ICON_URL") + icon_name current_obj.put() icon_url = current_obj.icon return resp_hanlder(code=4001, msg=RET.alert_code[4001], result=icon_url) except Exception as err: db.session.rollback() return resp_hanlder(code=999, msg=str(err))
def ugdel(desc): ''' 说明:删除用户组接口 参数:Authorization,dmp_group_id,说明:删除指定 dmp_permission为用户组对应的权限,creator为创建者,若有creator参数则选择,没有creator则默认为当前登录的用户,数据类型:JSON 返回值:成功返回状态码、对应提示信息及添加的用户组信息,数据类型:JSON,数据格式:{'msg':'...','results':{'x':'x'},'status':xxx} ''' if request.method == 'DELETE': # 删除用户组 try: # + auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json dmp_group_id = data.get('dmp_group_id') del_group_obj = Groups.query.filter( Groups.id == dmp_group_id).first() # 没有设置级联删除,手动删除用户组关联的所有用户对象 Users.query.filter(Users.dmp_group_id == dmp_group_id).delete() db.session.delete(del_group_obj) db.session.commit() return resp_hanlder(code=5007, msg=RET.alert_code[5007]) except Exception as err: return resp_hanlder(code=999, msg=str(err))
def update_archive_by_id(id, desc): """ 修改文件夹信息 --- tags: - BI parameters: - name: id in: path type: int required: true description: url参数id - name: dashboard_archive_name in: path type: string required: true description: 修改之后的文件夹名称 responses: 0: description: ok """ if request.method == 'PUT': try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json if data == None: return resp_hanlder(code=999) dashboard_archive_name = data.get('dashboard_archive_name') # 字段表单验证 form = ArchiveForm(meta={"csrf": False}) if not form.validate_on_submit(): return resp_hanlder(code=999, err=str(form.errors)) update_dashboard_archive_obj = DashboardArchive.query.filter( DashboardArchive.id == id).first() if update_dashboard_archive_obj.created_dmp_user_id == res.get( 'id'): if dashboard_archive_name and update_dashboard_archive_obj: update_dashboard_archive_obj.dashboard_archive_name = dashboard_archive_name update_dashboard_archive_obj.changed_dmp_user_id = res.get( 'id') db.session.commit() return resp_hanlder(code=0, msg='看板文件夹信息修改成功.', result=update_dashboard_archive_obj. dashboard_archive_to_dict()) else: return resp_hanlder(code=999, msg='请正确输入修改文件夹信息.') else: return resp_hanlder(code=301, msg='没有权限修改其他看板文件夹信息.') except Exception as err: db.session.rollback() return resp_hanlder(code=999, err=str(err))
def get_secret_key(desc): """ 获取个人密钥 --- tags: - Bi parameters: - name: expires in: path type: int required: true description: 到期时间 responses: 0: description: ok """ import datetime import jwt try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json if data == None: payload = { 'exp': datetime.datetime.utcnow() + datetime.timedelta(days=0, seconds=60*60*24), 'iat': datetime.datetime.utcnow(), 'user_id': res.get('id') } jwt_token_bytes = jwt.encode( payload, current_app.config.get('SECRET_KEY'), algorithm='HS256' ) return resp_hanlder(code=0, msg='个人密钥获取成功.', result={'self_token': jwt_token_bytes.decode('utf-8')}) else: expires = data.get('expires') expires = int(expires) payload = { 'exp': datetime.datetime.utcnow() + datetime.timedelta(days=0, seconds=expires), 'iat': datetime.datetime.utcnow(), 'user_id': res.get('id') } jwt_token_bytes = jwt.encode( payload, current_app.config.get('SECRET_KEY'), algorithm='HS256' ) return resp_hanlder(code=0, msg='个人密钥获取成功.', result={'self_token': jwt_token_bytes.decode('utf-8')}) except Exception as err: return resp_hanlder(code=999, err=str(err))
def permission_init(cls, auth_token): # 当前角色对应的权限列表 user_permissions_list = [] res = PuttingData.get_obj_data(Users, auth_token) user_group_obj = Groups.query.filter( Groups.id == res.get('dmp_group_id')).first() user_permissions_obj_list = user_group_obj.permissions for p in user_permissions_obj_list: d = {} d['route'] = p.route user_permissions_list.append(d) return user_permissions_list
def post_group(desc): ''' 说明:添加编辑用户组接口 参数:Authorization,dmp_group_id,dmp_group_name,creator,dmp_permission 说明:用户标识信息token,dmp_group_name为用户组名,dmp_group_id为编辑的用户组id,dmp_permission为用户组对应的权限(列表), creator为创建者,若有creator参数则选择,没有creator则默认为当前登录的用户,数据类型:JSON 返回值:成功返回状态码、对应提示信息及添加的用户组信息,数据类型:JSON,数据格式:{'msg':'...','results':{'x':'x'},'status':xxx} ''' auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) data = request.json dmp_group_id = data.get('dmp_group_id') dmp_group_name = data.get('dmp_group_name') creator = data.get('creator') dmp_permission_str = data.get('dmp_permission') dmp_permission_list = [int(p) for p in dmp_permission_str] # 添加用户组信息 if request.method == 'POST' and dmp_group_id == None: try: group_obj = Groups(dmp_group_name=dmp_group_name) db.session.add(group_obj) db.session.commit() ret_data = EnvelopedData.post_edit(res, group_obj, creator, dmp_permission_list, dmp_group_name) return resp_hanlder(code=5005, msg=RET.alert_code[5005], result=ret_data) except Exception as err: db.session.rollback() return resp_hanlder(code=999, msg=str(err)) # 编辑用户组信息 elif request.method == 'PUT' and dmp_group_id != None: try: edit_group_obj = Groups.query.filter( Groups.id == dmp_group_id).first() edit_group_obj.dmp_group_name = dmp_group_name ret_data = EnvelopedData.post_edit(res, edit_group_obj, creator, dmp_permission_list, dmp_group_name) return resp_hanlder(code=5004, msg=RET.alert_code[5004], result=ret_data) except Exception as err: db.session.rollback() return resp_hanlder(code=999, msg=str(err)) return resp_hanlder(code=999)
def delete_charts_by_id(id, desc): """ 删除图表 --- tags: - BI parameters: - name: id in: path type: int required: true description: url参数id responses: 0: description: ok """ try: auth_token = request.headers.get('Authorization') data = request.json if data == None: return resp_hanlder(code=999) dmp_dashboard_id = data.get('dmp_dashboard_id') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) d_chart_obj = Chart.query.filter(Chart.id == id).first() # 1. 判断该表所属的看板是否存在 chart_belong_dashboard_obj = Dashboard.query.filter( Dashboard.id == dmp_dashboard_id).first() if chart_belong_dashboard_obj == None: return resp_hanlder(code=999, msg='当前看板已被删除') # 2. 看板存在,表不存在 if chart_belong_dashboard_obj != None and d_chart_obj == None: return resp_hanlder(code=999, msg='当前图表已被删除') if Chart.exist_item_by_id(id): del_chart_obj = Chart.get(id) if del_chart_obj.created_dmp_user_id == res.get('id') or res.get( 'id') == 1: del_chart_obj.delete() return resp_hanlder(code=0, msg='图表删除成功.') else: return resp_hanlder(code=999, msg='没有权限删除图表,请联系超级管理员.') else: return resp_hanlder(code=999, msg='图表ID错误或对象不存在,请重新确认.') except Exception as err: db.session.rollback() return resp_hanlder(code=999, err=str(err))
def get_charts_by_dashboard_id(dashboard_id, desc): """ 获取图表信息 --- tags: - BI parameters: - name: dashboard_id in: path type: int required: true description: url参数id(看板ID) responses: 0: description: ok """ try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) get_chart_obj = Chart.query.filter( Chart.dmp_dashboard_id == dashboard_id).first() if get_chart_obj: change_chart_obj = Chart.query.filter( Chart.dmp_dashboard_id == dashboard_id).all() change_chart_obj_dict_list = [ c.chart_to_dict() for c in change_chart_obj ] for d in change_chart_obj_dict_list: data_table_obj = DataTable.query.filter( DataTable.id == d.get('dmp_data_table_id')).first() if d.get('dmp_data_table_id' ) != None and data_table_obj != None: table_case_id = data_table_obj.dmp_case_id d['dmp_case_id'] = table_case_id else: d['dmp_data_table_id'] = None d['dmp_case_id'] = None return resp_hanlder(code=0, msg='获取图表信息成功.', result=change_chart_obj_dict_list) return resp_hanlder(code=999, msg='看板ID获取失败.') except Exception as err: db.session.rollback() return resp_hanlder(code=999, err=str(err))
def rbac_middleware(): url_rule = str(request.path) print('url_rule:', url_rule) # 白名单 for i in Config.WHITE_LIST: if re.match(i, url_rule): return # 登录状态的校验 # 验证有没有token,有继续执行,没有报错 try: auth_token = request.headers['Authorization'] except Exception as err: return resp_hanlder(code=201, err=err) # 有token,验证其有效性 if auth_token: res = UserVerify.verify_token(auth_token) if res == True: pass # token失效或token验证失败,重新登陆 else: return resp_hanlder(code=201, msg=res) # 免认证的校验 for i in Config.NO_PERMISSION_LIST: if re.match(i, url_rule): return # 管理员拥有所有权限 try: res = PuttingData.get_obj_data(Users, auth_token) if isinstance(res, dict): if res.get('dmp_group_id') == 1: return else: return resp_hanlder(code=999, msg=res) except Exception as err: return resp_hanlder(code=999, err=err) # 权限校验 permissions = INIT_PERMISSION.permission_init(auth_token) for i in permissions: if re.match(r'^{}$'.format(i['route']), url_rule): return print('The user does not have access rights') return resp_hanlder(code=301)
def register(desc): ''' 说明:用户注册及超级管理员单一添加用户接口 参数:dmp_username,real_name,password,email;说明:客户端请求参数信息,数据类型:JSON 返回值:成功与失败返回对应的状态码及提示信息,数据类型:JSON,数据格式:{'msg':'pass','results':null,'status':xxx} ''' try: user_obj = Users.query.filter_by(id=1).first() # 判断初始状态有没有超级用管理员,没有则不能创建用户,必须要先创建一个超级管理员 ret = UserVerify.judge_superuser(user_obj) if ret: return resp_hanlder(code=999, msg=ret) data = request.json if data == None: return resp_hanlder(code=999) auth_token = data.get('Authorization') dmp_username = data.get('dmp_username') real_name = data.get('real_name') passwd = data.get('password') email = data.get('email') user = Users(dmp_username=dmp_username, real_name=real_name, password=passwd, email=email, leader_dmp_user_id=1) res_token = PuttingData.get_obj_data(Users, auth_token) if auth_token != None and isinstance(res_token, dict): res = PuttingData.root_add_user( data, res_token, user, dmp_username, real_name) # 返回字典-管理员单一添加成功 if isinstance(res, dict): return resp_hanlder(code=0, msg=res) # 返回元组-管理员/教师单一添加缺少参数 elif isinstance(res, tuple): return resp_hanlder(code=999, msg=res[1]) # 普通管理员和教师无法添加管理员角色,需要超级管理员添加 elif res == -1: return resp_hanlder(code=999, msg='无法添加管理员用户组用户,请联系管理员添加.') elif res == -2: return resp_hanlder(code=999, msg='无法添加管理员或教师用户组用户,请联系管理员添加.') # 返回token错误的字符串-注册成功(注册时无token) db.session.add(user) db.session.commit() ValidationEmail().activate_email(user, email) return resp_hanlder(code=1001, msg=RET.alert_code[1001]) except Exception as err: db.session.rollback() return resp_hanlder(code=999, msg=str(err))
def all(desc): if request.method == 'GET': try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) # 获取当前所有权限信息 permissions_all = Permissions.query.all() permissions_list = [] for per_permission_obj in permissions_all: permissions_list.append(per_permission_obj) res_permission_list = [ p.permission_to_dict() for p in permissions_list ] return resp_hanlder(code=6001, msg=RET.alert_code[6001], result=res_permission_list) except Exception as err: resp_hanlder(code=999, msg=str(err))
def activate(desc): ''' 说明:用户邮箱激活接口 参数:Authorization,说明:邮件生成的客户端标识,通过json传入,数据类型:JSON 返回值:成功返回状态码及对应提示信息,数据类型:JSON,数据格式:{'msg':'pass','results':null,'status':xxx} ''' try: # 激活邮箱--注册时激活、token失效或者忘记导致未激活 token = request.json.get('authorization') res = PuttingData.get_obj_data(Users, token) # 校验token的有效期及正确性 if isinstance(res, dict): if res.get('confirmed') == True: return resp_hanlder(code=999, msg=RET.alert_code[1014]) # 已激活,confirmed为True if Users.check_activate_token(res) == True: return resp_hanlder(code=1009, msg=RET.alert_code[1009]) else: return resp_hanlder(code=2002, msg=RET.alert_code[2002]) except Exception as err: return resp_hanlder(code=999, msg=str(err))
def udel(desc): ''' 说明:删除用户接口 参数:Authorization,dmp_user_id,说明:指定用户标识token,超级管理员无法删除,根据dmp_user_id删除指定的用户信息,数据类型:JSON 返回值:成功返回状态码及对应提示信息,数据类型:JSON,数据格式:{'msg':'pass','results':null,'status':xxx} ''' if request.method == 'DELETE': try: # + auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json if data == None: return resp_hanlder(code=999) dmp_user_id = data.get('dmp_user_id') del_user_obj = Users.query.filter(Users.id == dmp_user_id).first() # 超级管理员无法删除 if del_user_obj.id == 1: return resp_hanlder(code=4005, msg=RET.alert_code[4005]) else: # 逻辑删除,并改变用户名(加了时间戳) del_time = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()) del_time = del_time.split( ' ')[0] + "-" + del_time.split(' ')[1] if '[' and ']' not in del_user_obj.dmp_username: del_user_obj.is_deleted = True del_user_obj.dmp_username = del_user_obj.dmp_username + \ '[DELETED ON:' + del_time + ']' del_user_obj.email = del_user_obj.email + \ '[DELETED ON:' + del_time + ']' db.session.commit() else: dn = del_user_obj.dmp_username.split('[')[0] del_user_obj.dmp_username = dn + '[' + del_time + ']' db.session.commit() return resp_hanlder(code=4006, msg=RET.alert_code[4006]) except Exception as err: return resp_hanlder(code=999, msg=str(err))
def delete_archive_by_id(id, desc): """ 删除文件夹 --- tags: - BI parameters: - name: id in: path type: int required: true description: url参数id responses: 0: description: ok """ try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) del_archive_obj = DashboardArchive.query.filter( DashboardArchive.id == id).first() if del_archive_obj == None: return resp_hanlder(code=999, msg='当前看板文件夹已被删除') if del_archive_obj.created_dmp_user_id == res.get('id') or res.get( 'id') == 1: if del_archive_obj and id: del_archive_obj.delete() return resp_hanlder(code=0, msg='看板文件夹删除成功.') else: return resp_hanlder(code=999, msg='看板文件夹ID错误或对象不存在,请重新确认.') else: return resp_hanlder(code=999, msg='没有权限删除看板文件夹,请联系超级管理员.') except Exception as err: db.session.rollback() return resp_hanlder(code=999, err=str(err))
def add_dashboard(desc): """ 创建看板 --- tags: - BI parameters: - name: dmp_dashboard_name in: path type: string required: true description: 看板名称 - name: upper_dmp_dashboard_archive_id in: path type: int required: false description: 父文件夹ID - name: charts_position in: path type: string required: false description: 图表布局信息 responses: 0: description: ok """ try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json if data == None: return resp_hanlder(code=999) dmp_dashboard_name = data.get('dmp_dashboard_name') charts_position = data.get('charts_position') upper_dmp_dashboard_archive_id = data.get( 'upper_dmp_dashboard_archive_id') form = DashboardForm(meta={"csrf": False}) if not form.validate_on_submit(): return resp_hanlder(code=999, err=str(form.errors)) # 不允许用户A在用户B创建的文件夹下新建看板 dashboard_archive_obj = DashboardArchive.query.filter( DashboardArchive.id == upper_dmp_dashboard_archive_id).first() # 登录用户的id与文件夹创建者的id不相同 不能创建(排除created_dmp_user_id=None的情况,等于None可以创建) if dashboard_archive_obj != None: if res.get('id') != dashboard_archive_obj.created_dmp_user_id \ and upper_dmp_dashboard_archive_id != None: return resp_hanlder(code=999, msg='无法在其他用户文件夹下创建看板') else: if dmp_dashboard_name: dashboard_obj = Dashboard( dmp_dashboard_name=dmp_dashboard_name, upper_dmp_dashboard_archive_id= upper_dmp_dashboard_archive_id, charts_position=charts_position, release=0, created_dmp_user_id=res.get('id'), changed_dmp_user_id=res.get('id')) db.session.add(dashboard_obj) db.session.commit() return resp_hanlder( code=0, msg='数据看板创建成功.', result=dashboard_obj.dashboard_to_dict()) else: return resp_hanlder(code=999, msg='请确认新创建的看板名称是否存在并确认其是否正确.') else: if dmp_dashboard_name: dashboard_obj = Dashboard( dmp_dashboard_name=dmp_dashboard_name, upper_dmp_dashboard_archive_id= upper_dmp_dashboard_archive_id, charts_position=charts_position, release=0, created_dmp_user_id=res.get('id'), changed_dmp_user_id=res.get('id')) db.session.add(dashboard_obj) db.session.commit() return resp_hanlder(code=0, msg='数据看板创建成功.', result=dashboard_obj.dashboard_to_dict()) else: return resp_hanlder(code=999, msg='请确认新创建的看板名称是否存在并确认其是否正确.') except Exception as err: db.session.rollback() return resp_hanlder(code=999, err=str(err))
def info(desc): ''' 说明:获取用户资料接口 参数:Authorization,dmp_user_id,说明:没有dmp_user_id默认返回当前用户信息,有dmp_user_id返回指定id的用户信息,数据类型:JSON 返回值:成功返回状态码、对应提示信息及用户资料信息,数据类型:JSON,数据格式:{'msg':'pass','results':{'x':'x'},'status':xxx} ''' if request.method == 'GET': # 默认返回当前用户信息,若传dmp_user_id参数,则返回指定id的用户信息 # 返回json中包含当前用户的权限信息 try: data = request.json auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) # 没有dmp_user_id:表示当前用户信息 if data == None: # 当前用户 current_obj = Users.query.filter(Users.id == res['id']).first() dmp_group_name = Groups.query.filter( Groups.id == res['dmp_group_id']).first().dmp_group_name # 当前用户所对应的用户组 u_group = current_obj.groups ret = EnvelopedData.info_s2_data(u_group, res, dmp_group_name) # 教师及管理员登录时,则展示所有管理员及教师--直属管理者,以及展示属于is_show=1或者is_show=2的用户组用户 user_obj_list = Users.query.filter( Users.is_deleted == 0, or_((Users.dmp_group_id == 1), (Users.dmp_group_id == 2))).all() # 判断属于新添加用户组的用户,如果他们的用户组的is_show=1或者is_show=2,则append进入 add_user_list = Users.query.filter( Users.is_deleted == 0, Users.dmp_group_id != 1, Users.dmp_group_id != 2, Users.dmp_group_id != 3).all() user_dict = EnvelopedData.build_data_structures_ulist( add_user_list) show_class_root_teacher_list = [] for k, v in user_dict.items(): is_show = EnvelopedData.estimate_classify(v) if is_show == 1 or is_show == 2: add_show_user_obj = Users.query.filter( Users.id == k).first() show_class_root_teacher_list.append(add_show_user_obj) user_obj_list = user_obj_list + show_class_root_teacher_list new_res = EnvelopedData.info_s1_data(user_obj_list, ret) return resp_hanlder(code=3002, msg=RET.alert_code[3002], result=new_res) dmp_user_id = data.get('dmp_user_id') get_user_info_obj = Users.query.filter( Users.id == dmp_user_id).first() get_user_info_dict = get_user_info_obj.user_to_dict() u_group = get_user_info_obj.groups dmp_group_name = Groups.query.filter( Groups.id == get_user_info_dict['dmp_group_id']).first().dmp_group_name ret = EnvelopedData.info_s2_data( u_group, get_user_info_dict, dmp_group_name) # 展示所有管理员及教师 user_obj_list = Users.query.filter( Users.is_deleted == 0, or_((Users.dmp_group_id == 1), (Users.dmp_group_id == 2))).all() # 判断属于新添加用户组的用户,如果他们的用户组的is_show=1或者is_show=2,则append进入 add_user_list = Users.query.filter( Users.is_deleted == 0, Users.dmp_group_id != 1, Users.dmp_group_id != 2, Users.dmp_group_id != 3).all() user_dict = EnvelopedData.build_data_structures_ulist( add_user_list) show_class_root_teacher_list = [] for k, v in user_dict.items(): is_show = EnvelopedData.estimate_classify(v) if is_show == 1 or is_show == 2: add_show_user_obj = Users.query.filter( Users.id == k).first() show_class_root_teacher_list.append(add_show_user_obj) user_obj_list = user_obj_list + show_class_root_teacher_list new_ret = EnvelopedData.info_s1_data(user_obj_list, ret) return resp_hanlder(code=3003, msg=RET.alert_code[3003], result=new_ret) except Exception as err: return resp_hanlder(code=999, msg=str(err))
def changeprofile(desc): ''' 说明:修改用户资料接口 参数:Authorization,dmp_user_id,password,email,confirmed,dmp_group_id,leader_dmp_user_id, 说明:指定用户标识token,没有dmp_user_id默认修改当前用户信息,有dmp_user_id修改指定id的用户信息,email为用户邮箱, confirmed为用户状态是否激活,dmp_group_id为用户所属组,leader_dmp_user_id为用户所属直属领导者,数据类型:JSON 返回值:成功返回状态码、对应提示信息及修改后的用户资料信息,数据类型:JSON,数据格式:{'msg':'pass','results':{'x':'x'},'status':xxx} ''' if request.method == 'PUT': # + try try: # 修改信息-不允许修改权限信息(与用户组关联),展示的时候默认阴影,不能勾选;要是想修改权限,只能修改用户组权限 data = request.json if data == None: return resp_hanlder(code=999) dmp_user_id = data.get('dmp_user_id') passwd = data.get('password') email = data.get('email') confirmed = data.get('confirmed') dmp_group_id = data.get('dmp_group_id') leader_dmp_user_id = data.get('leader_dmp_user_id') dmp_username = data.get('dmp_username') real_name = data.get('real_name') dmp_user_info = data.get('dmp_user_info') auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) current_obj = Users.query.filter(Users.id == res['id']).first() if not dmp_user_id: # 管理员、教师、学生--只修改dmp_username、real_name、password和email四个字段信息 # 修改邮箱时,发送邮件进行验证 if confirmed == None and dmp_group_id == None and leader_dmp_user_id == None: # 单独修改用户简介的信息 if dmp_user_info != None and not dmp_username and not real_name and not passwd and not email: current_obj.dmp_user_info = dmp_user_info db.session.commit() return resp_hanlder(code=1015, msg=RET.alert_code[1015]) # 单独修改密码的信息 elif passwd and not dmp_username and not real_name and not email and not dmp_user_info: current_obj.password = passwd db.session.commit() return resp_hanlder(code=1015, msg=RET.alert_code[1015]) # 获取当前登录用户信息(同时修改4个参数信息-新邮箱需要重新发送邮箱校验),并进行修改--root、teacher、student都可 else: ret = EnvelopedData.edit_private_info( current_obj, email, passwd, dmp_username, real_name) if isinstance(ret, str): return resp_hanlder(code=0, msg=ret) else: return resp_hanlder(code=999, msg=ret[1]) EnvelopedData.changeprofile(current_obj, email, passwd, dmp_group_id, confirmed, leader_dmp_user_id, dmp_username, real_name) # 构建返回数据:包括用户对应的用户组及用户组权限 select_group_obj = Groups.query.filter( Groups.id == dmp_group_id).first() ret_obj = Users.query.filter(Users.id == res['id']).first() ret_obj_dict = ret_obj.user_to_dict() ret_obj_dict = EnvelopedData.p_changeprofile( select_group_obj, ret_obj_dict) return resp_hanlder(code=3004, msg=RET.alert_code[3004], result=ret_obj_dict) choose_user_obj = Users.query.filter( Users.id == dmp_user_id).first() choose_user_obj_dict = choose_user_obj.user_to_dict() # ori_dmp_group_id = choose_user_obj_dict.get('dmp_group_id') EnvelopedData.changeprofile(choose_user_obj, email, passwd, dmp_group_id, confirmed, leader_dmp_user_id, dmp_username, real_name) select_group_obj = Groups.query.filter( Groups.id == dmp_group_id).first() choose_user_obj_dict = EnvelopedData.p_changeprofile( select_group_obj, choose_user_obj_dict) return resp_hanlder(code=3006, msg=RET.alert_code[3006], result=choose_user_obj_dict) except Exception as err: db.session.rollback() return resp_hanlder(code=999, msg=str(err))
def update_charts_by_id(id, desc): """ 修改图表 --- tags: - BI parameters: - name: chart_name in: path type: string required: true description: 图表名称 - name: dmp_data_table_id in: path type: int required: false description: 数据源表ID - name: query_string in: path type: string required: false description: 查询语句 - name: chart_data in: path type: string required: false description: 图表数据 - name: chart_type in: path type: int required: true description: 图表类型代码,柱状图1,折线图2,饼图3,地图4,雷达图5 - name: chart_params in: path type: string required: false description: 图表参数 - name: description in: path type: string required: false description: 图表简介 - name: charts_position in: path type: string required: true description: 图表布局信息 - name: dmp_dashboard_id in: path type: id required: int description: 数据看板ID responses: 0: description: ok """ if request.method == 'PUT': try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json if data == None: return resp_hanlder(code=999) chart_name = data.get('chart_name') dmp_data_table_id = data.get('dmp_data_table_id') query_string = data.get('query_string') chart_data = data.get('chart_data') chart_type = data.get('chart_type') chart_params = data.get('chart_params') description = data.get('description') charts_position = data.get('charts_position') dmp_dashboard_id = data.get('dmp_dashboard_id') form = ChartForm(meta={"csrf": False}) if not form.validate_on_submit(): return resp_hanlder(code=999, err=str(form.errors)) chart_obj = Chart.query.filter(Chart.id == id).first() # 1. 判断该表所属的看板是否存在 chart_belong_dashboard_obj = Dashboard.query.filter( Dashboard.id == dmp_dashboard_id).first() if chart_belong_dashboard_obj == None: return resp_hanlder(code=999, msg='当前看板已被删除') # 2. 看板存在,表不存在 if chart_belong_dashboard_obj != None and chart_obj == None: return resp_hanlder(code=999, msg='当前图表已被删除') # 3. 已发布看板不能修改图表信息 if chart_belong_dashboard_obj.release == 1: return resp_hanlder(code=999, msg='当前看板已被发布') # 图表信息只能自己修改,其他人无权修改 if chart_obj.created_dmp_user_id == res.get('id'): if chart_name and chart_type and dmp_dashboard_id \ and charts_position and chart_obj: chart_obj.chart_name = chart_name chart_obj.chart_type = chart_type chart_obj.charts_position = charts_position chart_obj.dmp_dashboard_id = dmp_dashboard_id if dmp_data_table_id != None: chart_obj.dmp_data_table_id = dmp_data_table_id if query_string != None: chart_obj.query_string = query_string if chart_data != None: chart_obj.chart_data = chart_data if chart_params != None: chart_obj.chart_params = chart_params if description != None: chart_obj.description = description chart_obj.changed_dmp_user_id = res.get('id') db.session.commit() return resp_hanlder(code=0, msg='图表信息修改成功.', result=chart_obj.chart_to_dict()) else: return resp_hanlder(code=999, msg='请正确输入修改图表所必要的参数信息.') else: return resp_hanlder(code=301, msg='没有权限修改其他图表信息.') except Exception as err: db.session.rollback() return resp_hanlder(code=999, err=str(err))
def add_chart(desc): """ 添加图表接口 --- tags: - BI parameters: - name: chart_name in: path type: string required: true description: 图表名称 - name: dmp_data_table_id in: path type: int required: false description: 数据源表ID - name: query_string in: path type: string required: false description: 查询语句 - name: chart_data in: path type: string required: false description: 图表数据 - name: chart_type in: path type: int required: true description: 图表类型代码,柱状图1,折线图2,饼图3,地图4,雷达图5 - name: chart_params in: path type: string required: false description: 图表参数 - name: description in: path type: string required: false description: 图表简介 - name: charts_position in: path type: string required: true description: 图表布局数据 - name: dmp_dashboard_id in: path type: id required: int description: 数据看板ID responses: 0: description: ok """ try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json if data == None: return resp_hanlder(code=999) chart_name = data.get('chart_name') dmp_data_table_id = data.get('dmp_data_table_id') query_string = data.get('query_string') chart_data = data.get('chart_data') chart_type = data.get('chart_type') chart_params = data.get('chart_params') description = data.get('description') charts_position = data.get('charts_position') dmp_dashboard_id = data.get('dmp_dashboard_id') # 字段表单验证 form = ChartForm(meta={"csrf": False}) if not form.validate_on_submit(): return resp_hanlder(code=999, msg=str(form.errors)) chart_belong_dashboard_obj = Dashboard.query.filter( Dashboard.id == dmp_dashboard_id).first() if chart_belong_dashboard_obj == None: return resp_hanlder(code=999, msg='当前看板已被删除') if chart_belong_dashboard_obj.release == 1: return resp_hanlder(code=999, msg='当前看板已被发布') if chart_name and chart_type and dmp_dashboard_id and charts_position: chart_obj = Chart(chart_name=chart_name, dmp_data_table_id=dmp_data_table_id, query_string=query_string, chart_data=chart_data, chart_type=chart_type, params=chart_params, description=description, charts_position=charts_position, dmp_dashboard_id=dmp_dashboard_id, created_dmp_user_id=res.get('id'), changed_dmp_user_id=res.get('id')) db.session.add(chart_obj) db.session.commit() return resp_hanlder(code=0, msg='图表添加成功.', result=chart_obj.chart_to_dict()) else: return resp_hanlder(code=999, msg='缺少必要参数,并确定其参数是否正确.') except Exception as err: db.session.rollback() return resp_hanlder(code=999, msg=str(err), err=str(err))
def belong(desc): if request.method == 'GET': try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json # 判断当前登录用户的is_show的值,如果is_show=2,则都显示,如果is_show=1,则属于教师组分类,则显示教师组以下的用户组,is_show=3,学生无法进入changeprofile接口 # 超级管理员可以获取所有用户组信息,并选择添加 if res.get('id') == 1: groups_all = Groups.query.all() res_group_list = EnvelopedData.return_group_list(groups_all) return resp_hanlder(code=5001, msg=RET.alert_code[5001], result=res_group_list) # 普通管理员---is_show=1,展示除了管理员用户组的所有用户组,在判断新添加的用户组所属类别 if res.get('id') != 1 and res.get('dmp_group_id') == 1: except_admin_groups_list = Groups.query.filter( Groups.id != 1).all() # 教师、学生及新添加 add_groups_list = Groups.query.filter(Groups.id != 1, Groups.id != 2, Groups.id != 3).all() # 表示有新添加的用户组,需要判断is_show的值并返回 if len(add_groups_list) != None: ag_dict = EnvelopedData.build_data_structures( add_groups_list) for k, v in ag_dict.items(): is_show = EnvelopedData.estimate_classify(v) # 除了管理员类别的新添加用户组 # is_show = 1,则表示为管理员类别组,不显示,移除 if is_show == 1: except_admin_groups_list.remove( Groups.query.filter(Groups.id == k).first()) continue else: # 不进行操作 continue res_group_list = EnvelopedData.return_group_list( except_admin_groups_list) return resp_hanlder( code=5001, msg='Display all user group information successfully.', result=res_group_list) else: res_group_list = EnvelopedData.return_group_list( except_admin_groups_list) return resp_hanlder( code=5001, msg='Display all user group information successfully.', result=res_group_list) # 教师展示可分配用户组--展示教师用户组以下级别的用户组(student),以及新添加的用户组is_show=0 if res.get('dmp_group_id') == 2: except_teacher_groups_list = Groups.query.filter( Groups.id != 1, Groups.id != 2).all() # 排除管理员、教师的用户组列表 # 新添加的用户组,需要筛选is_show=0的用户组作为显示 add_groups_list = Groups.query.filter(Groups.id != 1, Groups.id != 2, Groups.id != 3).all() if len(add_groups_list) != None: ag_dict = EnvelopedData.build_data_structures( add_groups_list) for k, v in ag_dict.items(): is_show = EnvelopedData.estimate_classify(v) # 除了管理员类别的新添加用户组 # is_show = 1 或者 is_show = 2,则表示为管理员类别组或者教师类别组,不显示,移除 if is_show == 1 or is_show == 2: except_teacher_groups_list.remove( Groups.query.filter(Groups.id == k).first()) continue else: # 不进行操作 continue res_group_list = EnvelopedData.return_group_list( except_teacher_groups_list) return resp_hanlder( code=5001, msg='Display all user group information successfully.', result=res_group_list) else: # 没有新添加的用户组,默认仅展示学生用户组 res_group_list = EnvelopedData.return_group_list( except_teacher_groups_list) return resp_hanlder( code=5001, msg='Display all user group information successfully.', result=res_group_list) # 属于新添加用户组的用户登录--判断新添加的用户组的is_show的值,如果is_show=2--普通管理员,如果is_show=1--教师,如果is_show=3--学生,不考虑 if res.get('dmp_group_id') != 1 and res.get( 'dmp_group_id') != 2 and res.get('dmp_group_id') != 3: add_group_obj = Groups.query.filter( Groups.id == res.get('dmp_group_id')).first() add_group_obj_list = [] add_group_obj_list.append(add_group_obj) ag_dict = EnvelopedData.build_data_structures( add_group_obj_list) for k, v in ag_dict.items(): is_show = EnvelopedData.estimate_classify(v) # is_show = 1 ---相当于管理员类,显示除了管理员组,级别以下的所有用户组 if is_show == 1: # 重新判断新添加用户组的is_show,并判断是否展示 except_admin_groups_list = Groups.query.filter( Groups.id != 1).all() # 教师、学生及新添加 add_groups_list = Groups.query.filter( Groups.id != 1, Groups.id != 2, Groups.id != 3).all() child_ag_dict = EnvelopedData.build_data_structures( add_groups_list) for k, v in child_ag_dict.items(): child_is_show = EnvelopedData.estimate_classify(v) # 如果新添加用户组的is_show=1---相当于管理员类,则不显示,删除 if child_is_show == 1: except_admin_groups_list.remove( Groups.query.filter( Groups.id == k).first()) continue else: # 不进行操作 continue res_group_list = EnvelopedData.return_group_list( except_admin_groups_list) return resp_hanlder( code=5001, msg= 'Display all user group information successfully.', result=res_group_list) if is_show == 2: except_teacher_groups_list = Groups.query.filter( Groups.id != 1, Groups.id != 2).all() # 排除管理员、教师的用户组列表 add_groups_list = Groups.query.filter( Groups.id != 1, Groups.id != 2, Groups.id != 3).all() child_ag_dict = EnvelopedData.build_data_structures( add_groups_list) for k, v in child_ag_dict.items(): child_is_show = EnvelopedData.estimate_classify(v) # 如果新添加用户组的is_show=1 或者 is_show=2---相当于管理员类或者教师组类,则不显示,删除 if child_is_show == 1 or child_is_show == 2: except_teacher_groups_list.remove( Groups.query.filter( Groups.id == k).first()) continue else: # 不进行操作 continue res_group_list = EnvelopedData.return_group_list( except_teacher_groups_list) return resp_hanlder( code=5001, msg= 'Display all user group information successfully.', result=res_group_list) else: return resp_hanlder( code=999, msg= 'The permissions of the user group are displayed incorrectly. ' 'Please contact the administrator to check.') except Exception as err: return resp_hanlder(code=999, msg=str(err))
def info(desc): ''' 说明:获取用户组信息接口 参数:Authorization,说明:用户标识信息token,管理员具有的权限,数据类型:String 返回值:成功返回状态码、对应提示信息及所有用户组信息,数据类型:JSON,数据格式:{'msg':'...','results':[{'x':'x'},...],'status':xxx} ''' if request.method == 'GET': try: # + auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json if data == None: # 超级管理员可以获取所有用户组信息及用户组对应的权限,并选择添加 if res.get('id') == 1: groups_all = Groups.query.all() res_group_list = EnvelopedData.return_group_list( groups_all) return resp_hanlder(code=5001, msg=RET.alert_code[5001], result=res_group_list) # 普通管理员--获取低于此用户组的所有用户组信息,包括新添加的用户组的is_show=2 / is_show=3 # 或者新添加的用户组属于管理员用户组分类,和普通管理员显示的用户组信息一样 # 凡是可以进入此接口的必然是 超级管理员和普通管理员或者是属于管理员分类的用户组 # 默认普通管理员 if res.get('id') != 1: except_admin_groups_list = Groups.query.filter( Groups.id != 1).all() # 教师、学生及新添加 add_groups_list = Groups.query.filter( Groups.id != 1, Groups.id != 2, Groups.id != 3).all() # 表示有新添加的用户组,需要判断is_show的值并返回 if len(add_groups_list) != None: ag_dict = EnvelopedData.build_data_structures( add_groups_list) for k, v in ag_dict.items(): is_show = EnvelopedData.estimate_classify(v) # 除了管理员类别的新添加用户组 # is_show = 1,则表示为管理员类别组,不显示,移除 if is_show == 1: except_admin_groups_list.remove( Groups.query.filter( Groups.id == k).first()) continue else: # 不进行操作 continue res_group_list = EnvelopedData.return_group_list( except_admin_groups_list) return resp_hanlder(code=5001, msg=RET.alert_code[5001], result=res_group_list) else: res_group_list = EnvelopedData.return_group_list( except_admin_groups_list) return resp_hanlder(code=5001, msg=RET.alert_code[5001], result=res_group_list) else: dmp_group_id = data.get('dmp_group_id') current_group_obj = Groups.query.filter( Groups.id == dmp_group_id).first() current_group_permission_list = current_group_obj.permissions current_group_obj_dict = EnvelopedData.grouplist( current_group_permission_list, current_group_obj) return resp_hanlder(code=5002, msg=RET.alert_code[5002], result=current_group_obj_dict) except Exception as err: return resp_hanlder(code=999, msg=str(err))
def update_dashboard_by_id(id, desc): """ 修改看板 --- tags: - BI parameters: - name: id in: path type: int required: true description: url参数id - name: dmp_dashboard_name in: path type: string required: false description: 看板名称 - name: description in: path type: string required: false description: 简介 - name: upper_dmp_dashboard_archive_id in: path type: int required: false description: 父文件夹ID - name: charts_position in: path type: string required: false description: 图表布局信息 - name: release in: path type: int required: false description: 发布状态 responses: 0: description: ok """ try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json if data == None: return resp_hanlder(code=999) dmp_dashboard_name = data.get('dmp_dashboard_name') description = data.get('description') charts_position = data.get('charts_position') release = data.get('release') upper_dmp_dashboard_archive_id = data.get( 'upper_dmp_dashboard_archive_id') form = DashboardForm(meta={"csrf": False}) if not form.validate_on_submit(): return resp_hanlder(code=999, err=str(form.errors)) dashboard_obj = Dashboard.query.filter(Dashboard.id == id).first() if dashboard_obj == None: return resp_hanlder(code=999, msg='当前看板已被删除') # 已发布的看板不能修改看板信息 if release: pass else: if dashboard_obj.release == 1: return resp_hanlder(code=999, msg='当前看板已被发布') else: pass # 看板只有自己和超级管理员能修改,别人无权利修改 if dashboard_obj.created_dmp_user_id == res.get('id') or res.get( 'id') == 1: # if dmp_dashboard_name and id: if dmp_dashboard_name != None: dashboard_obj.dmp_dashboard_name = dmp_dashboard_name if description != None: dashboard_obj.description = description if charts_position != None: dashboard_obj.charts_position = charts_position if release != None: dashboard_obj.release = release if upper_dmp_dashboard_archive_id != None: dashboard_obj.upper_dmp_dashboard_archive_id = upper_dmp_dashboard_archive_id dashboard_obj.changed_dmp_user_id = res.get('id') # db.session.commit() dashboard_obj.save() return resp_hanlder(code=0, msg='看板数据修改成功.', result=dashboard_obj.dashboard_to_dict()) else: return resp_hanlder(code=301, msg='没有权限修改其他看板信息.') except Exception as err: db.session.rollback() return resp_hanlder(code=999, err=str(err))
def add_archive(desc): """ 创建文件夹 --- tags: - BI parameters: - name: dashboard_archive_name in: path type: string required: true description: 文件夹名称 - name: upper_dmp_dashboard_archive_id in: path type: int required: false description: 父文件夹名称 responses: 0: description: ok """ if request.method == 'POST': try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) if not isinstance(res, dict): return resp_hanlder(code=999) data = request.json if data == None: return resp_hanlder(code=999) dashboard_archive_name = data.get('dashboard_archive_name') upper_dmp_dashboard_archive_id = data.get( 'upper_dmp_dashboard_archive_id') # 字段表单验证 form = ArchiveForm(meta={"csrf": False}) if not form.validate_on_submit(): return resp_hanlder(code=999, err=str(form.errors)) if upper_dmp_dashboard_archive_id: upper_archive_obj = DashboardArchive.query.filter( DashboardArchive.id == upper_dmp_dashboard_archive_id).first() if upper_archive_obj: if upper_archive_obj.created_dmp_user_id == res.get('id'): da_obj = DashboardArchive( dashboard_archive_name=dashboard_archive_name, upper_dmp_dashboard_archive_id= upper_dmp_dashboard_archive_id, created_dmp_user_id=res.get('id'), changed_dmp_user_id=res.get('id')) db.session.add(da_obj) db.session.commit() return resp_hanlder( code=0, msg='子看板文件夹创建成功.', result=da_obj.dashboard_archive_to_dict()) else: return resp_hanlder(code=999, msg='无法在其他用户文件夹下创建文件夹.') else: return resp_hanlder(code=999, msg='父文件夹对象不存在,请重新操作.') else: if dashboard_archive_name: da_obj = DashboardArchive( dashboard_archive_name=dashboard_archive_name, upper_dmp_dashboard_archive_id= upper_dmp_dashboard_archive_id, created_dmp_user_id=res.get('id'), changed_dmp_user_id=res.get('id')) db.session.add(da_obj) db.session.commit() return resp_hanlder( code=0, msg='看板文件夹创建成功.', result=da_obj.dashboard_archive_to_dict()) else: return resp_hanlder(code=999, msg='请确认新创建的看板文件夹名称是否存在并确认其是否正确.') except Exception as err: db.session.rollback() return resp_hanlder(err=err)
def ulist(desc): ''' 说明:获取用户列表接口,管理员显示所有用户,教师显示直属管理者是自己的用户 参数:Authorization,说明:用户登录标识token,数据类型:String 返回值:成功返回状态码、对应提示信息及用户列表,数据类型:JSON,数据格式:{'msg':'pass','results':[{'x':'x'},..'],'status':xxx} ''' if request.method == 'GET': # 获取用户列表 try: auth_token = request.headers.get('Authorization') res = PuttingData.get_obj_data(Users, auth_token) # 超级管理员显示所有的用户 if res.get('id') == 1: all_user_obj_list = Users.query.filter( Users.is_deleted == 0).all() new_user_obj_dict_list = EnvelopedData.ulist( all_user_obj_list, res=None) return resp_hanlder(code=3001, msg=RET.alert_code[3001], result=new_user_obj_dict_list) # 普通管理员只显示管理员级别以下的所有用户(teacher/student或者一些属于新添加用户组的用户等), # 即只拥有用户管理或用户组管理(理论上,实际不可能单独拥有用户组管理权限)之一的权限 if res.get('dmp_group_id') == 1 and res.get('id') != 1: # 新添加用户组的所有用户对象 add_user_obj = Users.query.filter( Users.dmp_group_id != 1, Users.dmp_group_id != 2, Users.dmp_group_id != 3).all() user_dict = EnvelopedData.build_data_structures_ulist( add_user_obj) show_user_list = [] for k, v in user_dict.items(): is_show = EnvelopedData.estimate_classify(v) # 新添加的用户组 没有同时 拥有用户管理和用户组管理权限,则普通管理员显示 if is_show != 1: add_show_user_obj = Users.query.filter( Users.id == k, Users.is_deleted == 0).first() if add_show_user_obj == None: continue if add_show_user_obj: show_user_list.append(add_show_user_obj) else: continue # 普通管理员默认只展示教师和学生,不展示新添加的用户组用户,需要判断才能决定是否展示 all_user_obj_list = Users.query.filter( Users.is_deleted == 0, or_((Users.dmp_group_id == 2), (Users.dmp_group_id == 3))).all() # 将默认初始化的可以展示的用户和新添加判断后可以展示的用户 相加 all_user_obj_list = all_user_obj_list + show_user_list new_user_obj_dict_list = EnvelopedData.ulist( all_user_obj_list, res=None) return resp_hanlder(code=3001, msg=RET.alert_code[3001], result=new_user_obj_dict_list) # 教师登录,只显示直属管理者是自己的学生,且排除逻辑删除的学生 # else: if res.get('dmp_group_id') == 2: # 新添加用户组的所有用户对象 add_user_obj = Users.query.filter( Users.dmp_group_id != 1, Users.dmp_group_id != 2, Users.dmp_group_id != 3).all() user_dict = EnvelopedData.build_data_structures_ulist( add_user_obj) show_child_user_list = [] for k, v in user_dict.items(): is_show = EnvelopedData.estimate_classify(v) # 新添加的用户组 同时没有 拥有用户管理和用户组管理权限,则教师显示 # 相当于is_show==3,先判断是属于学生用户组类别 if is_show != 1 and is_show != 2 and is_show != 4: add_show_user_obj = Users.query.filter( Users.id == k, Users.is_deleted == 0).first() if add_show_user_obj == None: continue if add_show_user_obj.leader_dmp_user_id == res.get('id'): show_child_user_list.append(add_show_user_obj) else: continue # 教师默认只展示直属领导的学生,不展示新添加的用户组用户,需要判断同时没有那两种权限才能展示 # all_students_list = Users.query.filter(and_((Users.leader_dmp_user_id == res['id']), (Users.is_deleted == 0))).all() # 筛选默认用户组中:剔除逻辑删除用户、学生属于当前老师的 all_students_list = Users.query.filter( and_(Users.dmp_group_id > 0, Users.dmp_group_id < 4), Users.leader_dmp_user_id == res['id'], Users.is_deleted == 0).all() all_students_list = all_students_list + show_child_user_list new_stu_obj_dict_list = EnvelopedData.ulist( all_students_list, res) # 教师类用户组登录时,如果超级管理员将当前登录用户的直属领导划分为自己,则展示页不展示自己 for user_obj in new_stu_obj_dict_list: if user_obj.get('dmp_username') == res.get('dmp_username'): new_stu_obj_dict_list.remove(user_obj) else: continue return resp_hanlder(code=3001, msg=RET.alert_code[3001], result=new_stu_obj_dict_list) # 属于新添加的用户组用户登录 else: # 针对新添加的用户组 # 用户属于新添加的用户组,拿到用户对应的新用户组--对应的新用户组权限--判断权限中有无/user/list/,/usergroup/info/权限 # 判断is_show的值,如果为1,则相当于管理员,如果为2,则相当于教师,如果为3,则相当于学生,没权限访问ulist接口 new_obj = Users.query.filter(Users.id == res.get('id')).first() new_group = new_obj.groups new_permission_list = new_group.permissions l = [] for p in new_permission_list: l.append({'route': p.route}) is_show = EnvelopedData.estimate_classify(l) # 相当于普通管理员,能够看到普通管理员用户组级别以下的所有用户信息(过滤掉管理员、及同级别的新用户组用户) if is_show == 1: all_user_obj_list = Users.query.filter( Users.is_deleted == 0, Users.dmp_group_id != 1, Users.dmp_group_id != res.get('dmp_group_id')).all() new_user_obj_dict_list = EnvelopedData.ulist( all_user_obj_list, res=None) g = EnvelopedData.glist(new_user_obj_dict_list) # 进行新添用户组的is_show判断 for u in g: u_p = u.get('u_group_permission') is_show = EnvelopedData.estimate_classify(u_p) # 判断新添加的用户组的is_show,如果新添加的用户组is_show等于1,相当于管理员权限,不显示,删掉 if is_show == 1: new_user_obj_dict_list.remove(u) return resp_hanlder(code=3001, msg=RET.alert_code[3001], result=new_user_obj_dict_list) # 相当于教师,能够看到教师用户组级别以下的所有用户组信息,用户组只有/user/list/及其他,没有/usergroup/info/ # 将管理员用户组、教师用户组及同级别的新用户组的用户信息过滤掉, # 还得判断新添加其他的用户组的is_show,is_show=3才能给教师权限类别 显示 if is_show == 2: all_user_list = Users.query.filter( Users.is_deleted == 0, Users.dmp_group_id != 1, Users.dmp_group_id != 2, Users.dmp_group_id != res.get('dmp_group_id')).all() new_user_obj_dict_list = EnvelopedData.ulist( all_user_list, res) g = EnvelopedData.glist(new_user_obj_dict_list) for u in g: u_p = u.get('u_group_permission') is_show = EnvelopedData.estimate_classify(u_p) # 判断新添加的用户组的is_show,如果is_show等于1或2,相对于教师权限来说就不显示,删掉 if is_show == 1 or is_show == 2: new_user_obj_dict_list.remove(u) return resp_hanlder(code=3001, msg=RET.alert_code[3001], result=new_user_obj_dict_list) # 下面两个条件无法进入 if is_show == 3: # 没有权限进入此路由 return resp_hanlder(code=999, msg='You do not have permission to access this route, ' 'or the permissions are incorrectly assigned, ' 'please contact the administrator') if is_show == 4: return resp_hanlder(code=999, msg='There is a problem with user rights allocation, ' 'please contact the administrator to resolve it') else: return resp_hanlder(code=999, msg='There is a problem with user rights allocation, ' 'please contact the administrator to resolve it') except Exception as err: return resp_hanlder(code=999, msg=str(err))