def check_rights(right, target=None, token=None, user_id=None): """ 检查权限 :param right:目标权限 :param target: 目标附加值(可选) :param token: token(可选) :param user_id: 用户id(可选) :return:boolean """ if not token and not user_id: return False user_info = database.get('User', [ or_( database.get_model('User').ID == user_id, database.get_model('User').token == token) ], first=True) if user_info: rights_info = database.get( 'UserRight', [database.get_model('UserRight').user_id == user_info.ID]) for item in rights_info: if check_right(item.user_right, right, target, item.target): return True return False
def get_users(): """ 获取所有用户 :return: """ users = database.get('User', [], first=False) return reply_json(1, get_dicts_from_models(users))
def get_notice(): """ 获取通知 :return: """ notice_info = database.get('Notice', [], first=False) return reply_json(1, get_dicts_from_models(notice_info, formatted=True))
def get_comment(): """ 获取评论 :return: """ article_id = request.values.get('article_id') comments = database.get('Comment', [ or_(database.get_model('Comment').father is None, database.get_model('Comment').father == ''), database.get_model('Comment').article_id == article_id]) data = [] for item in comments: children = database.get('Comment', [database.get_model('Comment').father == item.ID]) father = item.get_dict(formatted=True) father.update({'children': get_dicts_from_models(children, formatted=True)}) data.append(father) return reply_json(1, data)
def __init__(self): super().__init__(RIGHTS_CODE_LIST['DeleteComment']) self.comment_id = int(request.form['comment_id']) if request.method == 'POST' else \ int(request.values.get('comment_id')) self.comment = database.get('Comment', [database.get_model('Comment').ID == self.comment_id]) if not self.comment: raise self.RightInitFailException()
def login(): user_name = request.form['username'] password = request.form['password'] user_info = database.get('User', [ or_(database.get_model('User').username == user_name, database.get_model('User').Snum == user_name, ), database.get_model('User').password == generate_password(password), ], first=True) if user_info: face_vector = request.form['face_vector'].split(',') face_vector1 = [] for i in face_vector: face_vector1.append(float(i)) if user_info.face_vector: standard_vector = user_info.face_vector.split(',') standard_vector1 = [] for i in standard_vector: standard_vector1.append(float(i)) if check_face_vector(face_vector1, standard_vector1): res = database.update('User', [or_(database.get_model('User').username == user_name, database.get_model('User').Snum == user_name, )], {'token': new_token()}) if res: record_user_action(2, user_id=user_info.ID) return reply_json(1, {'token': res.token}) else: return reply_json(-1) return reply_json(-8) return reply_json(-8) return reply_json(-6)
def get_articles(): """ 获取文章列表 :return: """ tag_id = request.values.get('tag_id') articles = database.get('Article', [database.get_model('Article').tag == tag_id]) return reply_json(1, get_dicts_from_models(articles, formatted=True))
def get_tag_children(tag_id): """ 获取tag的子目录 :param tag_id: tag id :return: dict """ children = database.get('Tag', [database.get_model('Tag').father == tag_id]) return get_dicts_from_models(children, get_children=True)
def get_rights_by_token(self) -> list: """ 通过token来获取对应用户的所有基础权限 :return: 权限列表 """ data = [] rights = database.get( 'UserRight', [database.get_model('UserRight').user_id == self.user_id]) for item in rights: if item.right_type == 0: data.append(item.get_dict(check=True)) elif item.right_type == 1: group_rights = database.get('UserGroupRights', [ database.get_model('UserGroupRights').group_id == item.user_right ]) data += get_dicts_from_models(group_rights, check=True) return data
def get_user_model(user_id=None, token=None): """ 通过token或者用户id获取用户实例 :param user_id: 用户id :param token: token :return: model(未知用户=None) """ return database.get('User', [or_(database.get_model('User').token == token, database.get_model('User').ID == user_id)], first=True)
def __init__(self): super().__init__() self.history_id = int(request.form['history_id']) if request.method == 'POST' else \ int(request.values.get('history_id')) article = database.get( 'History', [database.get_model('History').ID == self.history_id], first=True) if not article: raise self.RightInitFailException() self.article_id = article.article_id
def get_history(): """ 获取历史列表 :return: """ article_id = request.values.get('article_id') history = database.get( 'History', [database.get_model('History').article_id == article_id]) data = get_dicts_from_models(history, formatted=True) return reply_json(1, data)
def get_father_tag(father_id, tag_list): """ 获取父tag :return: """ father = database.get('Tag', [database.get_model('Tag').ID == father_id], first=True) if father: tag_list.insert(0, father.ID) get_father_tag(father.father, tag_list)
def new_token(): """ 获取一个不重复的token :return: token """ token = random_char() check = database.get('User', [get_model('User').token == token]) if check: return new_token() # 递归调用 return token
def check_s_num(): """ 检查学号是否可以被注册 :return: """ s_num = request.values.get('s_num') user_info = database.get('User', [database.get_model('User').Snum == s_num], first=True) if user_info: return reply_json(1) if not user_info.password else reply_json(-9) return reply_json(-10)
def get_history_article(): """ 获取历史文章 :return: """ history_id = request.values.get('history_id') history = database.get('History', [database.get_model('History').id == history_id], first=True) return reply_json(1, history.get_dict( formatted=True)) if history else reply_json(-7)
def get_article_tag(): """ 获取文章标题 :return: """ article_id = request.values.get('article_id') tags = database.get( 'ArticleTag', [database.get_model('ArticleTag').article_id == article_id]) data = get_dicts_from_models(tags) return reply_json(1, data=data)
def get_tag_article(tag_id): """ 获取tag树中的文章 :param tag_id:tag id :return:dict """ articles = database.get('Article', [database.get_model('Article').tag == tag_id]) data = [] for article in articles: data.append(article.get_tag_format()) return data
def get_tag_tree(): """ 获取tag树 :return: """ tags1 = database.get('Tag', []) # 不知道为啥就这个不能用is None 来查找,没信心搞定的请不要乱动 tags = [] for item in tags1: if not item.father: tags.append(item) data = get_dicts_from_models(tags, get_children=True) return reply_json(1, data)
def get_tag_list(): """ 获取tag链 :return: """ tag_id = request.values.get('tag_id') tag_info = database.get('Tag', [database.get_model('Tag').ID == tag_id], first=True) if tag_info: data = [tag_info.ID] get_father_tag(tag_info.father, data) return reply_json(1, data) return reply_json(-5)
def add_user(): """ 添加新用户 :return: """ s_num = request.form['s_num'] if not database.get('User', [database.get_model('User').Snum == s_num], first=True): group = request.form['group'] flag = database.add('User', {'Snum': s_num, 'group': group, 'face_vector': ''}) if flag: return reply_json(1) return reply_json(-1) return reply_json(-9)
def get_article(): """ 获取article :return: """ article_id = request.values.get('article_id') article_info = database.get( 'Article', [database.get_model('Article').ID == article_id], first=True) if article_info: data = article_info.get_dict(formatted=True) return reply_json(1, data) return reply_json(-7)
def change_face_vector(): """ 修改人脸识别信息 :return: """ token = request.form['token'] if database.get('User', [database.get_model('User').token == token], first=True): face_vector = request.form['face_vector'] user_info = database.update('User', [database.get_model('User').token == token], {'face_vector': face_vector}) if user_info: return reply_json(1) return reply_json(-1) return reply_json(0)
def register(): """ 注册功能 :return: """ s_num = request.form['s_num'] user_info = database.get('User', [database.get_model('User').Snum == s_num], first=True) if user_info: if not user_info.password: username = request.form['username'] if database.get('User', [database.get_model('User').username == username]): return reply_json(-11) password = request.form['password'] face_vector = request.form['face_vector'] flag = database.update('User', [database.get_model('User').Snum == s_num], {'password': generate_password(password), 'username': username, 'face_vector': face_vector}) if flag: database.add('UserRight', {'user_right': flag.group, 'user_id': flag.ID}) return reply_json(1) return reply_json(-1) return reply_json(-9) return reply_json(-10)
def record_user_action(code, target=None, token=None, user_id=None): if not token and not user_id: return False user_info = database.get('User', [ or_( database.get_model('User').ID == user_id, database.get_model('User').token == token) ], first=True) if database.add( 'UserAction', { 'user_id': user_info.ID, 'type': code, 'desc': USER_ACTION_LIST[code], 'target': target }): return True return False
def update_new_api(): """ 从旧new_api升级到新new_api :return: """ username = request.form['username'] password = request.form['password'] user_info = database.get('User', [ or_(database.get_model('User').username == username, database.get_model('User').Snum == username, ), database.get_model('User').password == generate_password(password), ], first=True) if user_info: face_vector = request.form['face_vector'] flag = database.update('User', [database.get_model('User').ID == user_info.ID], {'face_vector': face_vector}) if flag: database.add('UserRight', {'user_right': -1 if user_info.group == 1 else 0, 'user_id': user_info.ID}) return reply_json(1) return reply_json(-1) return reply_json(0)
def get_face_vector(): """ 获取面部向量 :return: """ user_name = request.form['username'] password = request.form['password'] user_info = database.get('User', [ or_(database.get_model('User').username == user_name, database.get_model('User').Snum == user_name, ), database.get_model('User').password == generate_password(password), ], first=True) if user_info: if user_info.face_vector: vector = user_info.face_vector.split(',') data = [] for i in vector: data.append(float(i)) return reply_json(1, {'face_vector': data}) return reply_json(3) return reply_json(-6)
def __init__(self): super().__init__(RIGHTS_CODE_LIST['AddCommentByTag']) self.article_id = int(request.form['article_id']) if request.method == 'POST' else \ int(request.values.get('article_id')) article = database.get('Article', [database.get_model('Article').ID == self.article_id]) self.tag_id = int(article.tag.split(',')[-1])
def inner(*args, **kwargs): token = request.form['token'] if request.method == 'POST' else request.values.get('token') user_info = database.get('User', [database.get_model('User').token == token], first=True) return redirect('/require_login') if not ( user_info and token and user_info.face_vector) else func(*args, **kwargs)
def server_state(): info = database.get('User', [], first=True) if info: return reply_json(1) return reply_json(-3)