def post(self, *args, **kwargs):
loginname = self.post_arguments.get("loginname", None)
nickname = self.post_arguments.get("nickname", None)
password = self.post_arguments.get("password", None)
password_ok = self.post_arguments.get("password_ok", None)
is_valid = self.post_arguments.get("is_valid", None)
if loginname is None:
raise UserException(code=10001, desc="loginname不能为空")
else:
user = UserService().get_user_by_username(loginname)
if user:
raise UserException(code=11011)
if nickname is None:
raise UserException(code=10001, desc="nickname不能为空")
if password is None:
raise UserException(code=10001, desc="密码不能为空")
if password != password_ok:
raise UserException(code=10001, desc="两次密码不一致")
UserService().add_user(
loginname=loginname,
nickname=nickname,
password=password,
is_valid=is_valid
)
return Result(code=0)
def login(self, username=None, password=None):
""" 判断用户是否允许登陆 """
user = self.userDAO.get_user_by_username(username)
try:
assert user is not None
if user.is_valid == 'no':
raise UserException(code=11000)
if user.password == self.utils.md5(password):
user.token = self.userDAO.make_token()
data = user.columnitems
data['token'] = user.token
# 获取用的所有角色
data['roles'] = []
roles = self.userDAO.get_user_roles(user.id)
if roles:
data['roles'].extend([role.role for role in roles])
else:
raise UserException(11012)
self.userDAO.update_user_info(user.id, token=user.token)
# 将token存到redis中
res = self.redis.setex(self.token_key(user.token),
24 * 60 * 60 * 30, data)
return Result(code=0, data=data)
else:
raise UserException(code=11001)
except AssertionError as ae:
raise UserException(code=11002)
def post(self, *args, **kwargs):
name = self.post_arguments.get('name', None)
role = self.post_arguments.get('role', None)
desc = self.post_arguments.get('desc', None)
if role is None:
raise UserException(code=10001, desc="请填写角色代号")
if name is None:
raise UserException(code=10001, desc="请填写角色名称")
return RoleService().add_role(name=name, role=role, desc=desc)
def post(self, *args, **kwargs):
auth = self.post_arguments.get("auth", None)
name = self.post_arguments.get("name", None)
if auth is None:
raise UserException(code=10001, desc="请填写权限点")
if name is None:
raise UserException(code=10001, desc="请填写权限点名称")
return AuthService().add_auth(name=name, auth_code=auth)
def post(self, *args, **kwargs):
role = self.post_arguments.get('role', None)
alias = self.post_arguments.get('alias', None)
desc = self.post_arguments.get('desc', None)
if role is None:
raise UserException(code=10001, desc="请填写角色")
if alias is None:
raise UserException(code=10001, desc="请填写角色别名")
if desc is None:
raise UserException(code=10001, desc="请填写角色职能")
return RoleDAO().add_role(role, alias, desc)
def addUserInfo(self, userName, password, phone, email):
message = self.userInfoMapper.getUserInfoByPhoneOrEmail(phone=phone,
email=email)
if message:
raise UserException(code=11011, desc=message)
if phone.isdigit() is False or len(phone) != 11:
raise UserException(code=11007)
if re.match(r'^([\w]+\.*)([\w]+)\@[\w]+\.\w{3}(\.\w{2}|)$',
email) is None:
raise UserException(code=11008)
self.userInfoMapper.addUserInfo(userName, self.utils.md5(password),
phone, email)
return Result(msg='用户添加完成')
def have_power(self, uid=None, auth=None):
"""" 判断用户是否有权限使用该接口 """
# 用户所有角色
roles = self.roleDAO.get_user_roles(uid)
roles = [role.role for role in roles]
# 权限对象
auth_obj = self.authDAO.get_auth_by_code(auth)
if not auth_obj:
raise UserException(code=403, desc="抱歉,您没有 {name} 的使用权限".format(name=auth))
# 判断该权限是否在角色中
res = self.authDAO.have_power(roles, auth_obj.id)
if not res:
raise UserException(code=403, desc="抱歉,您没有 {name} 功能的使用权限".format(name=auth_obj.name))
def post(self, *args, **kwargs):
power = self.post_arguments.get("power", None)
name = self.post_arguments.get("name", None)
desc = self.post_arguments.get("desc", None)
if power is None:
raise UserException(code=10001, desc="请填写权限点")
if name is None:
raise UserException(code=10001, desc="请填写权限点名称")
if desc is None:
raise UserException(code=10001, desc="请填写权限点描述")
return PowerDAO().add_power(power, name, desc)
def forbidden_user_login(self, uid):
""" 禁止指定用户登陆 """
try:
self.userDAO.update_user_info(uid, is_valid='no')
return Result(code=0)
except Exception as ex:
raise UserException(code=11004)
def allow_user_login(self, uid):
""" 允许指定用户登陆 """
try:
self.userDAO.update_user_info(uid, is_valid='yes')
return Result(code=0)
except Exception as ex:
raise UserException(code=11004)
def user_del_roles(self, uid=None, roles=[]):
""" 用户除去指定角色 """
if len(roles) > 0:
self.userDAO.user_del_roles(uid, roles)
return Result(code=0)
else:
raise UserException(11006)
def userLogin(self, loginName, password):
userInfo = self.userInfoMapper.getUserInfoByLoginName(loginName)
if userInfo is None:
raise UserException(code=11002)
if userInfo.state == '2':
raise UserException(code=11000)
if userInfo.password == self.utils.md5(password):
token = str(uuid.uuid1())
userId = self.userInfoMapper.updTokenByUserId(
userId=userInfo.user_id, token=token)
self.redis.setex(token, 24 * 60 * 60, {'userId': userId})
return Result(data={
'token': token,
'userName': userInfo.user_name
},
msg='登录成功')
else:
raise UserException(code=11001)
def post(self, *args, **kwargs):
loginname = self.post_arguments.get("loginname", None)
nickname = self.post_arguments.get("nickname", None)
password = self.post_arguments.get("password", None)
checkPass = self.post_arguments.get("checkPass", None)
is_valid = self.post_arguments.get("is_valid", None)
if loginname is None:
raise UserException(code=10001, desc="loginname不能为空")
if nickname is None:
raise UserException(code=10001, desc="nickname不能为空")
if password is None:
raise UserException(code=10001, desc="密码不能为空")
if password != checkPass:
raise UserException(code=10001, desc="两次密码不一致")
UserService().add_user(loginname=loginname,
nickname=nickname,
password=password,
is_valid=is_valid)
return Result(code=0)
def add_user(self, loginname=None, nickname=None, password=None, is_valid=1):
""" 添加用户 """
userinfo = UserService().get_user_by_username(loginname)
if userinfo:
raise UserException(code=11011)
user = UserDO()
user.loginname = loginname
user.nickname = nickname
user.password = self.utils.md5(password)
user.is_valid = is_valid
self.userDAO.add_user(user=user)
return user
def user_add_roles(self, uid=None, roles=[]):
""" 给用户新增角色 """
result = Result()
objs = []
if len(roles) > 0:
for role in roles:
tmp = UserRoleDO()
tmp.uid = uid
tmp.role = role
objs.append(tmp)
del tmp
self.userDAO.add_roles_for_user(objs)
result.code = 0
else:
raise UserException(code=11005)
return result
def logout(self, userId, token):
if self.redis.delete(token):
self.userInfoMapper.updTokenByUserId(userId, token=None)
return Result(msg='退出成功')
else:
raise UserException(code=11003)
def post(self, *args, **kwargs):
user_id = self.post_arguments.get("uid", None)
if user_id is None:
raise UserException(code=10001, desc="请传入需要操作的用户id")
return UserService().allow_user_login(user_id)
def post(self, *args, **kwargs):
frm = UserLoginForm(self)
if not frm.validate():
raise UserException(code=10001, desc="请传入正确的参数")
return UserService().login(frm.username, frm.password)
def logout(self, uid=None, token=None):
if self.redis.delete(self.token_key(token)):
self.userDAO.update_user_info(uid, token=None)
return Result(code=0, msg="退出成功")
else:
raise UserException(code=11003)