def balance_pay(request, user): # 权限判断 try: p = json.loads(request.body) out_trade_no = p['out_trade_no'] total_fee = float(p['total_fee']) orders = Order.objects.filter(no=out_trade_no) if orders.count() != 1: return JSONError("有重复订单") balance = user.balance order = orders[0] if total_fee != order.total_fee: return JSONError('金额有误!') if balance < order.total_fee: return JSONError('余额不足!') order.pay_mode = Order.BALANCE handle_pay(order, Order.BALANCE, total_fee) return JSONResponse({}) except Exception, e: traceback.print_exc() return JSONError(e.message)
def iap_finish(request, user): # 苹果内购验证 try: p = json.loads(request.body) order_no = p['order_no'] total_fee = float(p['total_fee']) product_identifier = p['product_identifier'] receipt = p['receipt'] orders = Order.objects.filter(no=order_no) if orders.count() != 1: return JSONError("有重复订单") order = orders[0] if total_fee != order.total_fee: return JSONError('金额有误!') iap = IAP.objects.create(order=order, product_identifier=product_identifier, receipt=receipt, totalfee=total_fee) iap.validate() return JSONResponse({}) except Exception, e: traceback.print_exc() return JSONError(e.message)
def grade_save(request): id = request.GET.get('id') if id == None: form = GradeForm(request.POST) else: m = get_object_or_404(Grade, pk=id) form = GradeForm(request.POST, instance=m) try: if form.is_valid(): with transaction.atomic(): if id == None: instance = form.save(commit=False) kindergarten = Kindergarten.objects.filter( kinder_managers=request.user.bind_kindergartenor ).first() instance.kindergarten = kindergarten instance.save() BizLog.objects.addnew( request.user, BizLog.INSERT, u"添加年级[%s],id=%d" % (instance.name, instance.id)) else: instance = form.save() BizLog.objects.addnew( request.user, BizLog.UPDATE, u"修改年级[%s],id=%d" % (instance.name, instance.id)) return JSONResponse({'id': instance.id}) else: return JSONError(utils.dump_form_errors(form)) except Exception, e: return JSONError(unicode(e))
def register(request): try: if request.method == 'POST': params = json.loads(request.body) vcode = params['vcode'] username = params['username'] password = params['password'] weixin_id = params['weixin_id'] referee = params['referee'] if weixin_id == "": weixin_id = None vcs = VCode.objects.filter(mobile=username).order_by('-id') if vcs.count() > 0: vc = vcs[0] else: return JSONError('请获取验证码!') if (timezone.now() - vc.add_time).seconds > 1800: return JSONError('验证码已过期,请重新获取!') if vcode != vc.vcode: return JSONError("验证码错误!") if weixin_id: try: weixin_member = Member.objects.get(weixin_id=weixin_id) if weixin_member: return JSONError("该微信已经绑定了其他手机,请直接登录或找回密码!") except KeyError, e: return JSONError("参数无效:" + e.message) except Member.DoesNotExist: pass
def commission_ratio_save(request): id = request.GET.get('id') try: if id == None: form = CommissionRatioForm(request.POST) else: instance = get_object_or_404(CommissionRatio, pk=id) form = CommissionRatioForm(request.POST, instance=instance) if form.is_valid(): if id == None: CommissionRatio.objects.filter( type=form.cleaned_data['type']).delete() cr = form.save() if id == None: BizLog.objects.addnew( request.user, BizLog.INSERT, u"添加分成比例[%s],id=%d" % (cr.get_type_display(), cr.id), cr.to_dict()) else: BizLog.objects.addnew( request.user, BizLog.UPDATE, u"修改分成比例[%s],id=%d" % (cr.get_type_display(), cr.id), cr.to_dict()) return JSONResponse({"data": cr.id}) else: return JSONError(utils.dump_form_errors(form)) except Exception, e: traceback.print_exc() return JSONError(u'保存失败!')
def class_save(request): id = request.GET.get('id') if id == None: form = ClassForm(request.POST) else: m = get_object_or_404(Classes, pk=id) form = ClassForm(request.POST, instance=m) try: if form.is_valid(): with transaction.atomic(): instance = form.save() if id == None: BizLog.objects.addnew( request.user, BizLog.INSERT, u"添加班级[%s],id=%d" % (instance.name, instance.id)) else: instance = form.save() BizLog.objects.addnew( request.user, BizLog.UPDATE, u"修改班级[%s],id=%d" % (instance.name, instance.id)) return JSONResponse({'id': instance.id}) else: return JSONError(utils.dump_form_errors(form)) except Exception, e: return JSONError(unicode(e))
def drawing_account_save(request): id = request.GET.get('id') if id == None: form = DrawingAccountForm(request.POST) else: m = get_object_or_404(DrawingAccount, pk=id) form = DrawingAccountForm(request.POST, instance=m) try: if form.is_valid(): with transaction.atomic(): instance = form.save(request=request) if id == None: BizLog.objects.addnew( request.user, BizLog.INSERT, u"添加提现账号[%s],id=%d" % (instance.account_number, instance.id)) else: BizLog.objects.addnew( request.user, BizLog.UPDATE, u"修改提现账号[%s],id=%d" % (instance.account_number, instance.id)) return JSONResponse({'id': instance.id}) else: return JSONError(utils.dump_form_errors(form)) except Exception, e: return JSONError(unicode(e))
def attendance_save(request): id = request.GET.get('id') if id == None: # 多个学生考勤信息 try: with transaction.atomic(): classes = request.user.bind_teacher.classes att = Attendance.objects.filter(classes=classes, date=utils.strfdate( timezone.now())) if att.exists(): return JSONError(u'今日考勤已生成,请勿重复操作') stu_dict = dict(request.POST) for i in range(len(stu_dict['student'])): stu = Student.objects.get(id=stu_dict['student'][i]) Attendance.objects.create(student=stu, classes=classes, submitter=request.user, status=stu_dict['status'][i], notes=stu_dict['notes'][i]) BizLog.objects.addnew( request.user, BizLog.UPDATE, u"添加学生[%s]考勤,id=%d" % (stu.name, stu.id)) return JSONResponse({}) except Exception, e: return JSONError(str(e))
def feedback_submit(request, user): params = json.loads(request.body) if params['type'] == '' or params['content'] == '': return JSONError('参数无效!') try: Feedback.objects.create(type=params['type'], content=params['content'], create_user_id=request.GET.get('user')) except Exception, e: return JSONError('提交出错!')
def token(request, token, user): try: user = User.objects.get(pk=user) except User.DoesNotExist: return JSONError("用户不存在。") if token_generator.check_token(user, token): user.last_login = timezone.now() user.save() return JSONResponse({'data': {}}) else: return JSONError("账户登录已过期,请重新登录!")
def auth_weixin(request): params = json.loads(request.body) if not params.has_key('weixin_id'): return JSONError('参数无效!') user = None member = None try: member = Member.objects.get(weixin_id=params['weixin_id']) user = member.user except Member.DoesNotExist: return JSONErrorCode(3, u'用户不存在!') except Exception, e: print e return JSONError(u'登录出现错误!!')
def drawing_record_accept(request): pk = request.GET.get('id') status = int(request.GET.get('status')) notes = request.GET.get('notes') try: with transaction.atomic(): drawing = get_object_or_404(Drawing, pk=int(pk)) drawing.status = status drawing.notes = notes DrawingStatus.objects.create(main=drawing, status=status, create_user=request.user) if status == Drawing.PENDING: status_text = u'提现中' elif status == Drawing.FINISHED: status_text = u'已完成' if drawing.total_fee > drawing.create_user.balance: raise Exception(u'余额不足,无法完成操作!') drawing.create_user.balance -= drawing.total_fee drawing.create_user.save() drawing.balance_after = drawing.create_user.balance else: status_text = u'拒绝' drawing.save() BizLog.objects.addnew( request.user, BizLog.UPDATE, u"%s[%s],id=%d" % (status_text, drawing.no, drawing.id)) return JSONResponse({}) except Exception, e: return JSONError(unicode(e))
def account_save(request): """保存用户帐号""" id = request.GET.get('id') if id == None: form = AccountForm(request.POST) else: user = get_object_or_404(User, pk=id) form = ChangeAccountForm(request.POST, instance=user) try: if form.is_valid(): with transaction.atomic(): if id == None: user = User.objects.create_user( form.cleaned_data['username'], form.cleaned_data['password'], type=form.cleaned_data['type'], name=form.cleaned_data['name'], is_active=form.cleaned_data['is_active'], ) if form.cleaned_data['type'] == User.COMPANY: perms = Permission.objects.filter( codename__in=[ 'manage_company', ]) # 由于不确定后续是否对该类型用户添加多个权限,因此使用__in的过滤方法 elif form.cleaned_data['type'] == User.INVESTORS: perms = Permission.objects.filter(codename__in=[ 'manage_investors', ]) user.user_permissions.set(perms) # 未用户添加(多个)权限(set(查询集)) BizLog.objects.addnew( request.user, BizLog.INSERT, u"添加帐号[%s],id=%d" % (user.username, user.id), user.to_dict()) else: user = form.save() BizLog.objects.addnew( request.user, BizLog.UPDATE, u"修改帐号[%s],id=%d" % (user.username, user.id), user.to_dict()) return JSONResponse({'id': user.id}) else: return JSONError(utils.dump_form_errors(form)) except Exception, e: traceback.print_exc() return JSONError(unicode(e))
def kindergartenor_save(request): id = request.GET.get('id') if id == None: form = KindergartenManagerForm(request.POST) else: user = get_object_or_404(User, pk=id) form = ChangeKindergartenManagerForm(request.POST, instance=user) try: if form.is_valid(): with transaction.atomic(): if id == None: user = User.objects.create_user( form.cleaned_data['username'], form.cleaned_data['password'], name=form.cleaned_data['name'], is_active=form.cleaned_data['is_active'], type=form.cleaned_data['type']) perms = Permission.objects.filter(codename__in=[ 'manage_kindergardenor', ]) user.user_permissions.set(perms) kindergartenor = KindergartenManager.objects.create( user=user, kindergarten_id=form.data['kindergarten']) kindergartenor.save() BizLog.objects.addnew( request.user, BizLog.INSERT, u"添加幼儿园园长帐号[%s],id=%d" % (user.username, user.id), user.to_dict()) else: user = form.save() kindergartenor = user.bind_kindergartenor kindergartenor.kindergarten_id = form.data['kindergarten'] kindergartenor.save() BizLog.objects.addnew( request.user, BizLog.UPDATE, u"修改幼儿园园长帐号[%s],id=%d" % (user.username, user.id), kindergartenor.to_dict()) return JSONResponse({'id': user.id}) else: return JSONError(utils.dump_form_errors(form)) except Exception, e: traceback.print_exc() return JSONError(unicode(e))
def feedback_save(request): id = request.GET.get('id') if id == None: form = FeedbackForm(request.POST) else: instance = get_object_or_404(Feedback, pk=id) form = FeedbackForm(request.POST, instance=instance) try: if form.is_valid(): instance = form.save() return JSONResponse({'id': instance.id}) else: return JSONError(utils.dump_form_errors(form)) except Exception, e: return JSONError(unicode(e))
def drawing_add(request, user): params = json.loads(request.body) if user.balance < params['total_fee']: return JSONError(u'余额不足!') try: #with transaction.atomic(): Drawing.objects.create(total_fee=params['total_fee'], balance_before=user.balance, account_bank=params['account_bank'], account_number=params['account_number'], account_name=params['account_name'], type=params['type'], create_user=user) except Exception, e: traceback.print_exc() return JSONError(u'提现失败')
def member_blanace(request, user): if user.type == User.MEMBER: member = user.member_user balance = member.balance data = {'balance': balance} return JSONResponse({'data': data}) else: return JSONError("身份有误!")
def teacher_save(request): id = request.GET.get('id') # User的id if id == None: form = TeacherForm(request.POST) else: m = get_object_or_404(User, pk=id) # user form = ChangeTeacherForm(request.POST, instance=m) try: if form.is_valid(): with transaction.atomic(): if id == None: user = User.objects.create_user( form.cleaned_data['username'], form.cleaned_data['password'], type=User.TEACHER, name=form.cleaned_data['name'], is_active=form.cleaned_data['is_active'], ) perms = Permission.objects.filter( codename__in=['manage_teacher']) user.user_permissions.set(perms) instance = Teacher.objects.create( user=user, classes_id=form.cleaned_data['classes'][0]) instance.save() BizLog.objects.addnew( request.user, BizLog.INSERT, u"添加教师[%s],id=%d" % (instance.user.name, instance.user.id)) else: instance = form.save(commit=False) teacher = instance.bind_teacher teacher.classes_id = int(form.cleaned_data['classes'][0]) teacher.save() instance.save() BizLog.objects.addnew( request.user, BizLog.UPDATE, u"修改教师[%s],id=%d" % (instance.name, instance.id)) return JSONResponse({'id': instance.id}) else: return JSONError(utils.dump_form_errors(form)) except Exception, e: return JSONError(unicode(e))
def group_save(request): id = request.GET.get('id') if id == None: form = GroupForm(request.POST) else: group = get_object_or_404(Group, pk=id) form = GroupForm(request.POST, instance=group) try: if form.is_valid(): group = form.save() return JSONResponse({'id': group.id}) else: return JSONError(utils.dump_form_errors(form)) except Exception, e: traceback.print_exc() return JSONError(unicode(e))
def member_profile_save(request, user): try: if request.method == 'POST': name = request.POST.get("name") head_img = request.FILES.get("head_img") gender = request.POST.get("gender") grade = request.POST.get("grade") try: with transaction.atomic(): #判断name是否已经存在 if name: name_count = Member.objects.filter( user__name=name).exclude(user__pk=user.pk).count() if name_count > 0: return JSONError(u'昵称已经存在!') user.name = name user.save() if gender: user.gender = gender user.save() member = user.bind_member if grade: member.grade_id = grade member.save() if head_img: unixtime = int(time.mktime(timezone.now().timetuple())) file_name = "member/%d_%d.png" % (user.pk, unixtime) f = open(os.path.join(settings.MEDIA_ROOT, file_name), 'wb') for chunk in head_img.chunks(chunk_size=1024): f.write(chunk) f.close() member.icon = file_name member.save() except KeyError, e: return JSONError("参数无效:" + e.message) else:
def kindergarten_data(request): try: rows = Kindergarten.objects.all() result = [] for row in rows: item = {'id': row.id, 'name': row.name} result.append(item) return JSONResponse(result) except Exception, e: return JSONError(str(e))
def reset_password(request): """重置密码""" try: params = json.loads(request.body) username = params['username'] new_password = params['new_password'] vcode = params['vcode'] except Exception, e: traceback.print_exc() return JSONError('参数有误!')
def user_change_password(request, user): params = json.loads(request.body) if params['password'] == '' or params['new_password'] == '': return JSONError('参数无效!') password = params['password'] new_password = params['new_password'] if user.check_password(password): user.set_password(new_password) user.save() else: return JSONError('原密码不正确!') user.token = token_generator.make_token(user) user.save() return JSONResponse({'data': {'token': user.token}})
def store_cart_remove(request, user): params = json.loads(request.body) try: product_ids = params['product_ids'] except KeyError: return JSONError(u'参数无效!') try: product_ids = product_ids.split(',') for id in product_ids: Cart.objects.filter( product_id = id, create_user = user ).delete() return JSONResponse({'data': {}}) except Exception: traceback.print_exc() return JSONError(u'移除失败!')
def store_cart_clear(request, user): try: Cart.objects.filter( create_user = user ).delete() return JSONResponse({'data': {}}) except Exception: traceback.print_exc() return JSONError(u'移除失败!')
def auth(request): params = json.loads(request.body) if not params.has_key('username') or not params.has_key('password'): return JSONError('参数无效!') user = None member = None try: member = Member.objects.get(user__username=params['username']) user = member.user except Member.DoesNotExist: return JSONErrorCode(3, u'用户不存在!') except: pass if user == None: return JSONError('用户名或密码错误!') if not user.check_password(params['password']): return JSONError('用户名或密码错误!') if not user.is_active: return JSONError("帐号被禁用!") if user.type != User.MEMBER: return JSONError("非会员帐号不允许登录!") user.last_login = timezone.now() user.last_login_ip = request.META.get('REMOTE_ADDR') user.save() token = token_generator.make_token(user) data = { 'token': token, # 'rc_token':member.rc_token, 'name': user.name, 'user': user.pk, # 'type': user.type, } data['member'] = member.to_api_dict() return JSONResponse({'data': data})
def student_data(request): try: rows = Student.objects.filter( classes=request.user.bind_teacher.classes) data = [] for row in rows: item = {'id': row.id, 'name': row.name} data.append(item) return JSONResponse(data) except Exception, e: return JSONError(str(e))
def store_cart_update(request, user): params = json.loads(request.body) try: product_id = params['product_id'] quantily = params['quantily'] except KeyError: return JSONError(u'参数无效!') try: Cart.objects.filter( product_id = product_id, create_user = user ).update( quantily=quantily ) return JSONResponse({'data': {}}) except Exception: traceback.print_exc() return JSONError(u'更新失败!')
def member_payment_save(request, user): params = json.loads(request.body) try: user.member_user.pay_mode = params['pay_mode'] user.member_user.pay_account = params['pay_account'] user.member_user.pay_name = params['pay_name'] user.member_user.save() return JSONResponse({'data': {}}) except KeyError, e: return JSONError("参数无效:" + e.message)
def activity_save(request): if not request.user.has_perm('account.manage_kindergardenor'): raise PermissionDenied() id = request.GET.get('id') if id == None: form = ActivityForm(request.POST) else: act = get_object_or_404(Activity, pk=id) form = ActivityForm(request.POST, instance=act) try: if form.is_valid(): with transaction.atomic(): if id == None: act = form.save(commit=False) act.create_user = request.user # 活动编辑人即是活动发布人 act.save() else: act = form.save() if id == None: BizLog.objects.addnew( request.user, BizLog.INSERT, u"添加活动[%s],id=%d" % (act.title, act.id), act.to_dict()) else: BizLog.objects.addnew( request.user, BizLog.UPDATE, u"修改活动[%s],id=%d" % (act.title, act.id), act.to_dict()) # name = 'image' # for file in request.FILES: # filename = utils.handle_image_upload(request,Activity.path_and_rename,request.FILES[file],name,act) # if file == name: # act.image = filename # act.save() return JSONResponse({'id': act.id}) else: return JSONError(utils.dump_form_errors(form)) except Exception, e: traceback.print_exc() return JSONError(unicode(e))