def put(self): req = edit_biz.parse_args(strict=True) bid = req["id"] name = req["name"] appid = req.get("appid") # 业务系统不允许重名 # 查询一下这个 name 存不存在 if name and TbBusiness.query.filter(TbBusiness.name == name, TbBusiness.code != bid).first(): return Msg.BUSINESS_NAME_ALREADY_EXIST, 400 business = TbBusiness.query.filter_by(code=bid).first() if not business: return Msg.BUSINESS_NOT_EXIST, 400 business.name = name business.appid = str(uuid4()).replace("-", "") if appid else business.appid msg = "SUPPORT | B_USER | EDIT_BUSINESS | SUCCESS | USER: {} {} | BUSINESS: {} {}".format( request.current_user.code, request.current_user.name, business.code, business.name) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="BUSINESS", type="EDIT") db.session.add(operation) db.session.commit() app.logger.info(msg) return {}, 200
def post(self): req = add_user.parse_args(strict=True) merchant = TbMerchant.query.filter_by(code=req["merchantId"]).first() if not TbMerchant: return Msg.MERCHANT_NOT_EXIST, 400 phone = req["mobile"] if len(phone) != 11 or TbUser.query.filter_by(phone=phone).first(): return Msg.PHONE_USED, 400 user = TbUser( phone=phone, name=req.get("name"), sex=req.get("sex"), wechat=req.get("wechat"), qq=req.get("qq"), mail=req.get("mail"), address=req.get("address"), merchant_code=merchant.code, ) user.generate_password("123456") merchant.users.append(user) db.session.add(user) db.session.commit() user.code = str(1000000000 + user.id) msg = "SUPPORT | B_USER | EDIT_USER | SUCCESS | EDITOR: {} {} | USER: {} {} | MERCHANT: {} {}".format( request.current_user.code, request.current_user.name, user.code, user.name, merchant.code, merchant.name) operation = TbOperation(operator_code=user.code, content=msg, category="USER_MANAGE", type="ADD") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def post(self): req = add_biz.parse_args(strict=True) user = request.current_user name = req["name"] appid = req["appid"] if TbBusiness.query.filter_by(name=name).first(): return Msg.BUSINESS_NAME_ALREADY_EXIST, 400 business = TbBusiness( name=name, appid=str(uuid4()).replace("-", "") if appid else None, creator=user) if user.merchant: mer_biz = TbMerchantBusiness(merchant_code=user.merchant.code, business_code=business.code) db.session.add(mer_biz) business.merchant.add(user.merchant) db.session.add(business) db.session.commit() business.code = str(business.id + 1200000000) msg = "SUPPORT | B_USER | ADD_BUSINESS | SUCCESS | USER: {} {} | BUSINESS: {} {}".format( user.code, user.name, business.code, business.code, business.name) operation = TbOperation(operator_code=user.code, content=msg, category="BUSINESS", type="ADD") db.session.add(operation) db.session.commit() app.logger.info(msg) return {}, 200
def post(self): schema = Schema({"name": And(str, len), "production": And(str, len)}) req, error = validate_schema(schema, request.json) if error: return error, 400 name = req["name"] if TbMerchant.query.filter_by(name=name).first(): return Msg.MERCHANT_NAME_ALREADY_EXIST, 400 mer = TbMerchant(name=name) db.session.add(mer) db.session.commit() mer.code = "{:08}".format(mer.id) pro = TbProduction(name=req["production"], merchant_code=mer.code, status=True) mer.production.append(pro) db.session.add(pro) db.session.commit() pro.code = str(pro.id + 1600000000) msg = "SUPPORT | B_USER | ADD_MERCHAT | SUCCESS | USER: {} {} | MERCHAT: {} {} | PRODUCTION: {} {}".format( request.current_user.code, request.current_user.name, mer.code, mer.name, pro.code, pro.name) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="MERCHANT", type="ADD") db.session.add(operation) db.session.commit() app.logger.info(msg) return {}, 200
def put(self): schema = Schema({ "id": And(str), "businessId": And(str), "path": And(str, len), "method": And(str, len), "name": And(str, len), "visible": And(bool) }) req, error = validate_schema(schema, request.json) if error: return error, 400 interface = TbInterface.query.filter_by(code=req["id"]).first() if not interface: return Msg.INTERFACE_NOT_EXIST, 400 business = TbBusiness.query.filter_by(code=req["businessId"]).first() if not business: return Msg.BUSINESS_NOT_EXIST, 400 interface.name = req["name"] interface.path = req["path"] interface.method = req["method"] interface.business_code = business.code interface.visible = req["visible"] msg = "SUPPORT | B_USER | EDIT_INTERFACE | SUCCESS | USER: {} {} | INTERFACE: {} {} {}".format( request.current_user.code, request.current_user.name, interface.code, interface.name, interface.path) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="INTERFACE", type="EDIT") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def put(self): schema = Schema({ "id": And(str), "businessId": And(str), "path": And(str, len), "name": And(str, len), "visible": And(bool) }) req, error = validate_schema(schema, request.json) if error: return error, 400 menu = TbMenu.query.filter_by(code=req["id"]).first() if not menu: return Msg.MENU_NOT_EXIST, 400 business = TbBusiness.query.filter_by(code=req["businessId"]).first() if not business: return Msg.BUSINESS_NOT_EXIST, 400 menu.name = req["name"] menu.path = req["path"] menu.business_code = business.code menu.visible = req.get("visible") msg = "SUPPORT | B_USER | EDIT_MENU | SUCCESS | USER: {} {} | MENU: {} {} {}".format( request.current_user.code, request.current_user.name, menu.code, menu.name, menu.path) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="MENU", type="EDIT") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def put(self): """ 修改用户密码 """ req = modify_password.parse_args(strict=True) if req["newPassword"] != req["verifyPassword"]: return Msg.PARAMS_ERROR, 400 user = request.current_user if user.verify_password(req["oldPassword"]): user.generate_password(req["newPassword"]) db.session.commit() key = "support_jwt_{}".format(request.current_user.code) redis_delete(key) msg = "SUPPORT | B_USER | MODIFY_PASSOWRD | SUCCESS | USER_CODE: {} | USER_NAME: {}".format( user.code, user.name) operation = TbOperation(operator_code=user.code, content=msg, category="USER", type="EDIT") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200 return Msg.OLD_PASSWORD_ERROR, 400
def put(self): """更新产品信息""" schema = Schema({ "production_code": And(str), "appkey": And(str), "appid": And(str), "sign": And(str) }) req, error = validate_schema(schema, request.json) if error: return error, 400 production = TbProduction.query.filter_by( code=req["production_code"]).first() if not production: return Msg.PRODUCTION_NOT_EXIST, 400 production.sms_appkey = req["appkey"] production.sms_appid = req["appid"] production.sms_sign = req["sign"] msg = "SUPPORT | B_USER | UPDATE_PRODUCTION | SUCCESS | EDITOR: {} {} | PRODUCTION: {} {} | MERCHANT: {} {}".\ format(request.current_user.code, request.current_user.name, production.code, production.name, production.merchant.code, production.merchant.name) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="PRODUCTION", type="EDIT") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def post(self): schema = Schema({"name": And(str, len), "businessId": And(str), "interface": [str], "menu": [str]}) req, error = validate_schema(schema, request.json) if error: return error, 400 user = request.current_user name = req["name"] business_code = req["businessId"] # 只允许 admin 用户添加用户中心角色 if not user.is_admin and business_code == get_business_code(): logger.info("SUPPORT | B_USER | ADD_ROLE | FAILED | USER: {} {} | REASON | {}".format( user.code, user.name, "user has not permission to add a role")) return Msg.PARAMS_ERROR, 400 # 检测角色名是否重复 """ 逻辑如下: 超级管理员: 检测 name + merchant + business == None 唯一 普通用户: 检测 name + merchant + business 是否唯一 """ condition = [TbRole.name == name, TbRole.business_code == business_code] if user.merchant: condition.append(TbRole.merchant_code == user.merchant_code) else: condition.append(TbRole.merchant_code == None) role = TbRole.query.filter(*condition).first() if role: return Msg.ROLE_NAME_ALREADY_EXIST, 400 biz = TbBusiness.query.filter_by(code=business_code).first() if not biz: return Msg.BUSINESS_NOT_EXIST, 400 role = TbRole(name=name, creator_code=user.code, business_code=biz.code) try: db.session.add(role) user.create_roles.append(role) biz.roles.append(role) if user.merchant: user.merchant.roles.append(role) role.merchant_code = user.merchant.code data = role_insert(role, req["interface"], req["menu"]) if data == {}: role.code = str(1300000000 + role.id) msg = "SUPPORT | B_USER | ADD_ROLE | SUCCESS | USER: {} {} | ROLE: {} {}".format( user.code, user.name, role.code, role.name) operation = TbOperation(operator_code=user.code, content=msg, category="ROLE", type="ADD") db.session.add(operation) db.session.commit() logger.info(msg) return data, 200 else: db.session.rollback() return data, 400 except Exception as e: logger.info("add role failed, error: {}".format(str(e))) db.session.rollback() return Msg.ADD_ROLE_FAILED, 400
def put(self): schema = Schema({ "id": And(str), "name": And(str, len), "businessId": And(str), "interface": [str], "menu": [str]}) req, error = validate_schema(schema, request.json) if error: return error, 400 user = request.current_user code = req["id"] name = req.get("name") business_code = req.get("businessId") interface = req.get("interface") menu = req.get("menu") condition = [TbRole.name == name, TbRole.code != code, TbRole.business_code == business_code] if user.merchant: condition.append(TbRole.merchant_code == user.merchant_code) else: condition.append(TbRole.merchant_code == None) dup_role = TbRole.query.filter(*condition).first() if dup_role: return Msg.ROLE_NAME_ALREADY_EXIST, 400 biz = TbBusiness.query.filter_by(code=business_code).first() if not biz: return Msg.BUSINESS_NOT_EXIST, 400 role = TbRole.query.filter_by(code=code).first() # 只允许 admin 用户修改用户中心角色 if not user.is_admin and role.business.appid == app.config["USER_CENTER"]: msg = "SUPPORT | B_USER | EDIT_ROLE | FAILED | USER: {} {} | ROLE: {} {} | REASON | {}".format( user.code, user.name, role.code, role.name, "user has not permission to edit role") logger.info(msg) return Msg.PARAMS_ERROR, 400 if not role: return Msg.ROLE_NOT_EXIST, 400 role.name = name role.interface.clear() role.menu.clear() role.business = biz data = role_insert(role, interface, menu) if data == {}: msg = "SUPPORT | B_USER | EDIT_ROLE | SUCCESS | USER: {} {} | ROLE: {} {}".format( user.code, user.name, role.code, role.name) operation = TbOperation(operator_code=user.code, content=msg, category="ROLE", type="ADD") db.session.add(operation) db.session.commit() logger.info(msg) return data, 200 else: db.session.rollback() return data, 400
def put(self): """ """ schema = Schema({ "user_code": And(str), "category": And(Use(int), lambda x: x in list(ConfigNameMap.name.keys())), }, ignore_extra_keys=True) req, error = validate_schema(schema, request.json) if error: return error, 400 user = TbUser.query.filter_by(code=request.json.pop("user_code")).first() # 解锁 release_lock(req, user) request.json.pop("category") category = ConfigNameMap.name[req["category"]] if not user: return Msg.USER_NOT_EXISTS, 400 # 处理 VERSION version = get_version(category) # 处理 python 精度问题 request.json["VERSION"] = round(version + 0.1, 2) # support 的配置里面需要隔离掉 SQLALCHEMY_DATABASE_URI if category == ConfigNameMap.SUPPORT and request.json.get("SQLALCHEMY_DATABASE_URI"): request.json.pop("SQLALCHEMY_DATABASE_URI") data = { "config": request.json, "creator_name": user.name, "creator_code": user.code, "create_time": utc_timestamp(), "category": category, "is_sync": False } msg = "SUPPORT | MONITOR | EDIT_CONFIG | SUCCESS | USER: {} {} | CATEGORY: {}".format( user.code, user.name, category) try: support_config_storage.insert_one(data) operation = TbOperation( operator_code=user.code, content=msg, operate_time=utc_timestamp(), category=category, type="EDIT" ) db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200 except Exception as e: logger.warn("SUPPORT | MONITOR | EDIT_CONFIG | FAILED | CATEGORY: {}| ERROR: {}".format(category, str(e))) return Msg.UPDATE_CONFIG_FAILED, 400
def delete(self): req = delete_menu.parse_args(strict=True) menu = TbMenu.query.filter_by(code=req["id"]).first() msg = "SUPPORT | B_USER | DELETE_MENU | SUCCESS | USER: {} {} | MENU: {} {} {}".format( request.current_user.code, request.current_user.name, menu.code, menu.name, menu.path) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="MENU", type="DELETE") db.session.add(operation) logger.info(msg) try: db.session.delete(menu) db.session.commit() except Exception as e: pass finally: return {}, 200
def post(self): schema = Schema({ "businessId": And(str), "interface": [{ "path": And(str, len), "method": And(str, len), "name": And(str, len), "visible": And(bool) }] }) req, error = validate_schema(schema, request.json) if error: return error, 400 user = request.current_user biz = TbBusiness.query.filter_by(code=req["businessId"]).first() if not biz: return Msg.BUSINESS_NOT_EXIST, 400 inters = [] for i in req["interface"]: inter = TbInterface.query.filter_by(business_code=biz.code, path=i["path"], method=i["method"]).first() if inter: # 通过 path 和 method 来确定一个接口,用户就是对这个接口进行修改 inter.name = i["name"] inter.visible = i["visible"] else: interface = TbInterface( name=i["name"], path=i["path"], method=i["method"], visible=i["visible"], creator_code=user.code, business_code=biz.code, ) biz.interface.append(interface) db.session.add(interface) inters.append(interface) db.session.commit() for i in inters: i.code = str(1400000000 + i.id) msg = "SUPPORT | B_USER | ADD_INTERFACE | SUCCESS | USER: {} {} | INTERFACE: {}".format( user.code, user.name, [i.name for i in inters]) operation = TbOperation(operator_code=user.code, content=msg, category="INTERFACE", type="ADD") db.session.add(operation) db.session.commit() logger.info(Msg) return {}, 200
def operator_log(operator_id, log_data): """ 记录用户敏感操作 :param operator_id: 用户ID :param log_data: 记录信息 :return: None """ operation = TbOperation(operator_code=operator_id, content=log_data, type="EDIT", category="MARCHANT_CREDIT") try: db.session.add(operation) db.session.commit() except Exception as e: db.session.rollback() raise RequestsError(code=1014020001) # 数据库操作失败
def put(self): req = asign_appid.parse_args(strict=True) business = TbBusiness.query.filter_by(code=req["id"]).first() if not business: return Msg.BUSINESS_NOT_EXIST, 400 business.appid = str(uuid4()).replace( "-", "") if not business.appid else business.appid msg = "SUPPORT | B_USER | ASSIGN_APPID | SUCCESS | USER: {} {} | BUSINESS: {} {}".format( request.current_user.code, request.current_user.name, business.code, business.code, business.name) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="BUSINESS", type="EDIT") db.session.add(operation) db.session.commit() app.logger.info(msg) return {}, 200
def put(self): req = reset_pwd.parse_args(strict=True) user = TbUser.query.filter_by(code=req["id"]).first() if not user: return Msg.USER_NOT_EXISTS, 400 user.generate_password("123456") msg = "SUPPORT | B_USER | RESET_PASSWORD | SUCCESS | EDITOR: {} {} | USER: {} {}".format( request.current_user.code, request.current_user.name, user.code, user.name) operation = TbOperation(operator_code=user.code, content=msg, category="USER_MANAGE", type="EDIT") db.session.add(operation) db.session.commit() redis.delete("support_jwt_{}".format(user.code)) logger.info(msg) return {}, 200
def operator_log(operator_id, log_data, method): """ 记录用户敏感操作 :param method: 方法 :param operator_id: 用户ID :param log_data: 记录信息 :return: None """ operation = TbOperation(operator_code=operator_id, content=log_data, type=str(method), category="INTERFACE_CONF") try: db.session.add(operation) db.session.commit() except Exception as e: db.session.rollback() raise RequestsError(code=1014020001) # 数据库操作失败
def put(self): req = active_user.parse_args(strict=True) user = TbUser.query.filter_by(code=req["id"]).first() if not user: return Msg.USER_NOT_EXISTS, 400 user.active = req["status"] if req["status"] is False: redis_delete("support_jwt_{}".format(user.code)) msg = "SUPPORT | B_USER | ACTIVE_USER | SUCCESS | EDITOR: {} {} | USER: {} {} | STATUS: {}".format( request.current_user.code, request.current_user.name, user.code, user.name, req["status"]) operation = TbOperation(operator_code=user.code, content=msg, category="USER_MANAGE", type="EDIT") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def delete(self): req = delete_inter.parse_args(strict=True) interface = TbInterface.query.filter_by(code=req["id"]).first() msg = "SUPPORT | B_USER | DELETE_INTERFACE | SUCCESS | USER: {} {} | INTERFACE: {} {} {} {}".format( request.current_user.code, request.current_user.name, interface.code, interface.name, interface.path, interface.method) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="INTERFACE", type="DELETE") db.session.add(operation) logger.info(msg) try: db.session.delete(interface) db.session.commit() except Exception as e: pass finally: return {}, 200
def post(self): schema = Schema({ "businessId": And(str), "menu": [{ "path": And(str, len), "name": And(str, len), "visible": And(bool) }] }) req, error = validate_schema(schema, request.json) if error: return error, 400 biz = TbBusiness.query.filter_by(code=req["businessId"]).first() if not biz: return Msg.BUSINESS_NOT_EXIST, 400 menus = [] for i in req["menu"]: menu = TbMenu.query.filter_by(business_code=biz.code, path=i["path"]).first() if menu: # 通过 path 来确定一个菜单,用户就是对这个接口进行修改 menu.name = i["name"] menu.visible = i["visible"] else: menu = TbMenu( name=i["name"], path=i["path"], creator_code=request.current_user.code, business_code=biz.code, visible=i["visible"], ) biz.menu.append(menu) menus.append(menu) db.session.add_all(menus) db.session.commit() for menu in menus: menu.code = str(1500000000 + menu.id) msg = "SUPPORT | B_USER | ADD_MENU | SUCCESS | USER: {} {} | MENU: {}".format( request.current_user.code, request.current_user.name, [i.name for i in menus]) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="MENU", type="ADD") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def put(self): schema = Schema({ Optional("sex"): str, Optional("address"): str, Optional("wechat"): str, Optional("qq"): str, Optional("mail"): str, "name": str, "id": str, "mobile": str }) req, error = validate_schema(schema, request.json) if error: return error, 400 current_user = request.current_user user = TbUser.query.filter_by(code=req["id"]).first() if not user: return Msg.USER_NOT_EXISTS, 400 phone = req["mobile"] if len(phone) != 11: return Msg.PARAMS_ERROR, 400 elif TbUser.query.filter(TbUser.code != req["id"], TbUser.phone == phone).first(): return Msg.PHONE_USED, 400 user.phone = phone user.name = req["name"] user.sex = req.get("sex", user.sex) user.mail = req.get("mail", user.mail) user.wechat = req.get("wechat", user.wechat) user.qq = req.get("qq", user.qq) user.address = req.get("address", user.address) user.update_time = utc_timestamp() msg = "SUPPORT | B_USER | EDIT_USER | SUCCESS | EDITOR: {} {} | USER: {} {} | MERCHANT: {} {}".format( current_user.code, current_user.name, user.code, user.name, user.merchant.code, user.merchant.name) operation = TbOperation(operator_code=user.code, content=msg, category="USER_MANAGE", type="EDIT") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def put(self): req = active_biz.parse_args(strict=True) business = TbBusiness.query.filter_by(code=req["id"]).first() if not business: return Msg.BUSINESS_NOT_EXIST, 400 if not business.appid: return Msg.ASSIGN_APPID_FIRST, 400 business.status = req["status"] msg = "SUPPORT | B_USER | ACTIVE_BUSINESS | SUCCESS | USER: {} {} | BUSINESS: {} {} | STATUS: {}".format( request.current_user.code, request.current_user.name, business.code, business.name, req["status"]) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="BUSINESS", type="EDIT") db.session.add(operation) db.session.commit() app.logger.info(msg) return {}, 200
def sync_config(category: str, user: TbUser, wait_to_sync_config: dict, _type: str) -> tuple: """ 同步配置 """ cache_data = CacheData(category) if category == "SUPPORT": # 现在的配置 now_config = support_config_db.find_one() or {} if not judge_version(now_config, wait_to_sync_config): return Msg.WRONG_VERSION, 400 # 先remove 再 insert support_config_db.delete_many({}) support_config_db.insert_one(wait_to_sync_config.get("config")) wait_to_sync_config.get("config").pop("_id") app.config.update(wait_to_sync_config.get("config")) cache_data.set(wait_to_sync_config.get("config")) logger.info("SUPPORT | SYNC {} CONFIG".format(category)) else: now_config = zk.get_config(category) if not judge_version(now_config, wait_to_sync_config): return Msg.WRONG_VERSION, 400 status = zk.write_config(category, wait_to_sync_config["config"]) if status is False: return Msg.SYNC_FAILED, 400 cache_data.set(wait_to_sync_config["config"]) logger.info("SUPPORT | SYNC {} CONFIG".format(category)) # 将待更新数据里面的 is_sync 修改为 True wait_to_sync_config["is_sync"] = True _id = str(wait_to_sync_config.pop("_id")) support_config_storage.update({"_id": ObjectId(_id)}, wait_to_sync_config) msg = "SUPPORT | MONITOR | {} | SUCCESS | USER: {} {} | CATEGORY: {}".format( _type, user.code, user.name, category) operation = TbOperation(operator_code=user.code, content=msg, operate_time=utc_timestamp(), category=category, type=_type) db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def put(self): """ 对商户业务系统进行修改 业务系统别名 业务系统 logo """ schema = Schema({ "business": [{ "business_code": And(str), "business_name": And(str), "alias": And(str), "logo": And(str) }], "merchant_code": And(str), "user_code": And(str) }) req, error = validate_schema(schema, request.json, remove_blank=True) if error: return error, 400 query_set = TbMerchantBusiness.query.filter_by( merchant_code=req["merchant_code"]) for i in req["business"]: biz_code = i["business_code"] mer_biz = query_set.filter_by(business_code=biz_code).first() if not mer_biz: return Msg.MERCHANT_BUSINESS_NOT_EXIST, 400 mer_biz.alias = i["alias"] mer_biz.logo = i["logo"] msg = "SUPPORT | MARCHANT_MANAGE | EDIT_MARCHANT_BUSINESS | SUCCESS | USER: {} | BUSINESS: {}".format( req["user_code"], [(i["business_name"], i["alias"]) for i in req["business"]]) operation = TbOperation(operator_code=req["user_code"], content=msg, type="EDIT", category="MARCHANT_MANAGE") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def put(self): req = auth.parse_args(strict=True) current_user = request.current_user user = TbUser.query.filter_by(code=req["id"]).first() if not user: return Msg.USER_NOT_EXISTS, 400 user.roles.clear() for i in req["roles"]: role = TbRole.query.filter_by(code=i).first() if not role: return Msg.ROLE_NOT_EXIST, 400 elif not current_user.is_admin and role.business.appid == app.config["USER_CENTER"]: return Msg.PARAMS_ERROR, 400 else: user.roles.append(role) msg = "SUPPORT | B_USER | AUTH | SUCCESS | EDITOR: {} {} | USER: {} {}".format( request.current_user.code, request.current_user.name, user.code, user.name) operation = TbOperation(operator_code=user.code, content=msg, category="AUTH", type="EDIT") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def put(self): schema = Schema({ "id": And(str), "name": And(str, len), "production": And(str, len) }) req, error = validate_schema(schema, request.json, remove_blank=True) if error: return error, 400 mer = TbMerchant.query.filter_by(code=req["id"]).first() dup_mer = TbMerchant.query.filter_by(name=req["name"]).first() if dup_mer and dup_mer.code != mer.code: return Msg.MERCHANT_NAME_ALREADY_EXIST, 400 mer.name = req["name"] production = TbProduction.query.filter_by( merchant_code=req["id"]).first() if not production: return Msg.PRODUCTION_NOT_EXIST, 400 production.name = req.get("production") msg = "SUPPORT | B_USER | EDIT_MERCHAT | SUCCESS | USER: {} {} | MERCHAT: {} {} | PRODUCTION: {} {}".format( request.current_user.code, request.current_user.name, mer.code, mer.name, production.code, production.name) operation = TbOperation(operator_code=request.current_user.code, content=msg, category="MERCHANT", type="EDIT") db.session.add(operation) db.session.commit() app.logger.info(msg) # 删除 redis 商户的缓存 key = "tb_merchant:code:{}".format(mer.code) redis_delete(key) # 删除 redis 产品的缓存 key = "tb_production:merchant_code:{}".format(mer.code) redis_delete(key) return {}, 200
def post(self): req, error = validate_schema(universal_schema, request.json) if error: return error, 400 category = ConfigNameMap.name[req["category"]] config_info = support_config_storage.find_one({ "_id": ObjectId(req["id"]), "category": category }) user = TbUser.query.filter_by(code=req["user_code"]).first() if not user: return Msg.USER_NOT_EXISTS, 400 # 把获取到的配置信息插入库中 version = get_version(category) + 0.1 config_info["config"]["VERSION"] = version + 0.1 support_config_storage.insert_one({ "config": config_info["config"], "creator_name": user.name, "creator_code": user.code, "create_time": utc_timestamp(), "category": category, "is_sync": False }) msg = "SUPPORT | MONITOR | CONFIG_ROLL_BACK | SUCCESS | USER: {} {} | CATEGORY: {} | CONFIG: {}".format( user.code, user.name, category, config_info["config"]) operation = TbOperation( operator_code=user.code, content=msg, operate_time=utc_timestamp(), category=category, type="CONFIG_ROLL_BACK" ) db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def delete(self): req = delete_role.parse_args(strict=True) role = TbRole.query.filter_by(code=req["id"]).first() user = request.current_user if role: # 只允许 admin 用户删除用户中心角色 if not user.is_admin and role.business.appid == app.config["USER_CENTER"]: logger.info("SUPPORT | B_USER | DELTE_ROLE | FAILD | USER: {} {} | ROLE: {} {} | REASON | {}".format( user.code, user.name, role.code, role.name, "user has not permission to delete role")) return Msg.PARAMS_ERROR, 400 # 删除角色 # 判断用户是否有此角色 msg = "SUPPORT | B_USER | DELTE_ROLE | SUCCESS | USER: {} {} | ROLE: {} {}".format( user.code, user.name, role.code, role.name) operation = TbOperation(operator_code=user.code, content=msg, category="ROLE", type="DELETE") db.session.add(operation) logger.info(msg) try: db.session.delete(role) db.session.commit() except Exception as e: pass finally: return {}, 200
def put(self): """ 修改用户信息 """ req = user_info.parse_args(strict=True) user = request.current_user user.name = req.get("name") user.sex = req.get("sex") if req.get("sex") else "unknown" user.address = req.get("address") user.wechat = req.get("wechat") user.qq = req.get("qq") user.avatar = req.get("avatar") user.mail = req.get("mail") user.update_time = utc_timestamp() msg = "SUPPORT | B_USER | EDIT_SELF_INFO | SUCCESS | USER_CODE: {} | USER_NAME: {}".format( user.code, user.name) operation = TbOperation(operator_code=user.code, content=msg, category="USER", type="EDIT") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200
def put(self): """ 更新产品信息 """ schema = Schema({ "production": [{ Optional("appid"): And(str), Optional("official_account_name"): And(str), Optional("amount_limit"): And(int), "name": And(str), "code": And(str), "logo": And(str), "icon": And(str), "face_flag": And(bool), "e_sign": And(bool) }], "merchant_code": And(str), "user_code": And(str) }) req, error = validate_schema(schema, request.json, remove_blank=True) if error: return error, 400 user = TbUser.query.filter_by(code=req["user_code"]).first() if not user: return Msg.USER_NOT_EXISTS, 400 query_set = TbProduction.query.filter_by( merchant_code=req["merchant_code"]) for i in req["production"]: pro = query_set.filter_by(code=i["code"]).first() if not pro: return Msg.PRODUCTION_NOT_EXIST, 400 # 如果用户传了 appid if i.get("appid"): if TbMerchantPublic.query.filter( TbMerchantPublic.production_code != pro.code, TbMerchantPublic.appid == i["appid"]).first(): return Msg.OFFICIAL_ACCOUNT_ALREADY_EXIST, 400 public = TbMerchantPublic.query.filter_by( production_code=pro.code).first() # 如果没有检测到公众号,就创建一个,否则进行一次修改 if not public: pub = TbMerchantPublic(name=i.get("official_account_name"), appid=i["appid"], creator_code=user.code, merchant_code=req["merchant_code"], production_code=pro.code) db.session.add(pub) else: public.appid = i["appid"] public.name = i.get("official_account_name") # 删除 redis 公众号的缓存 appid_key = "merchant_public:appid:{}".format( i.get("appid")) redis_delete(appid_key) pro.name = i["name"] pro.logo = i["logo"] pro.icon = i["icon"] pro.face_flag = i["face_flag"] pro.e_sign = i["e_sign"] pro.amount_limit = i.get("amount_limit") if i["face_flag"] else 0 # 删除 redis 产品的缓存 pro_key = "tb_production:merchant_code:{}".format( req["merchant_code"]) redis_delete(pro_key) msg = "SUPPORT | PRODUCTION | EDIT_PRODUCTION | SUCCESS | USER: {} {} | PRODUCTION: {}".format( user.code, user.name, req["production"], ) try: operation = TbOperation(operator_code=req["user_code"], content=msg, type="EDIT", category="PRODUCTION") db.session.add(operation) db.session.commit() logger.info(msg) return {}, 200 except Exception as e: logger.warn( "SUPPORT PRODUCTION | EDIT_PRODUCTION | FAILED | USER: {} {} | ERROR: {}" .format(user.code, user.name, str(e))) db.session.rollback() return Msg.UPDATE_PRODUCTION_FAILED, 400