def update_password_by_phone(self, request):
check_token = pd_token(request)
if check_token:
return check_token
phone_number = request.data.get("phone_number")
password = request.data.get("password")
# 检测密码的长度
check = pd_password(password)
if check:
return response_success_200(code=STATUS_400_BAD_REQUEST, message=check)
# 检测手机号是否被注册
if not User.objects.filter(phone_number=phone_number):
return response_success_200(code=STATUS_NOT_FOUND_ERROR, message=f"该手机号({phone_number})未被注册!!")
# 检测验证码是否正确
if not judge_code(phone_number, request.data.get('code')):
message = "验证码不正确"
return response_success_200(code=STATUS_CODE_ERROR, message=message)
# 获得用户信息
instance = self.queryset.get(phone_number=phone_number)
# 如果查询出来的信息和token中的信息不一样,则返回权限不够
if request.user != instance.pk:
return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY, message=f"没有权限修改({phone_number})")
# 设置密码
instance.password = my_encode(password)
# 保存
instance.save()
serializer = self.get_serializer(instance)
return response_success_200(message="成功!!!!")
def search_clazz(self, request, *args, **kwargs):
# teacher_pk = Class.objects.get(pk=request.GET.get('clazz')).headmaster.pk
# if request.user is not teacher_pk:
# print(request.user)
# print(teacher_pk)
# return response_error_400(status=STATUS_TOKEN_NO_AUTHORITY, message="这不是您所带班级")
# # 班级
# clazz = request.GET.get("clazz")
# work = Work.objects.filter(clazz=clazz)
check_token = pd_token(request)
if check_token:
return check_token
if request.auth not in [3]:
return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
message="权限不够,该token不是辅导员")
try:
clazz = Class.objects.get(headmaster=request.user)
except Class.DoesNotExist:
return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
message="权限不够,该token不是辅导员!")
work = Work.objects.filter(clazz=clazz)
print(work)
page = self.paginate_queryset(work)
serializer = self.serializer_class(
page, many=True, context=self.get_serializer_context())
return self.get_paginated_response(serializer.data)
def login_phone_number(self, request):
phone_number = request.data.get("phone_number")
# 检测手机号是否被注册
if not User.objects.filter(phone_number=phone_number):
return response_success_200(code=STATUS_NOT_FOUND_ERROR,
message=f"该手机号({phone_number})未被注册!!")
# 检测验证码是否正确
if not judge_code(phone_number, request.data.get('code')):
message = "验证码不正确"
return response_success_200(code=STATUS_CODE_ERROR,
message=message)
# 获得用户信息
instance = self.queryset.get(phone_number=phone_number)
# 设置token
instance.token = my_encode_token(instance.pk, instance.role,
my_encode(instance.user_name))
# 保存
instance.save()
# c3RyaW5nIDE1OTYxNjM2ODcuNTM3NzE1
# instance['teacher'] = get_info_by_token(instance.token)
serializer = self.get_serializer(instance)
# 获得角色信息
role_info = get_info_by_token(instance.token)
role_info = role_info.to_json() if role_info else None
return response_success_200(code=STATUS_200_SUCCESS,
message="成功!!!!",
data=serializer.data,
role_info=role_info)
def partial_update(self, request, *args, **kwargs):
# 检测token
check_token = pd_token(request)
if check_token:
return check_token
# 检测qq和邮箱的合法性
qq = request.data.get("qq")
email = request.data.get("email")
birthday = request.data.get("birthday")
if qq and not pd_qq(qq):
return response_success_200(code=STATUS_PARAMETER_ERROR,
message="qq格式不正确")
if email and not pd_email(email):
return response_success_200(code=STATUS_PARAMETER_ERROR,
message="email格式不正确")
if birthday:
check_time = check_time_stamp(int(birthday))
if check_time:
return response_success_200(code=STATUS_PARAMETER_ERROR,
message=check_time)
resp = super().partial_update(request, *args, **kwargs)
return response_success_200(data=resp.data)
def destroy(self, request, *args, **kwargs):
check_token = pd_token(request)
if check_token:
return check_token
if request.auth >= 0:
return response_success_200(message="没有权限")
super().destroy(request, *args, **kwargs)
return response_success_200(message="删除成功!!")
def destroy(self, request, *args, **kwargs):
check_token = pd_adm_token(request)
if check_token:
return check_token
pk = kwargs.get('pk')
if not School.objects.filter(pk=pk):
return response_success_200(message="学校未找到")
super().destroy(request, *args, **kwargs)
return response_success_200(message="成功")
def select_class(self, class_id):
print(class_id)
timetable = self.queryset.filter(clazz=class_id)
print(timetable)
if not timetable:
return response_success_200(code=STATUS_NOT_FOUND_ERROR,
message="该班级没有课表")
serializer = self.get_serializer(timetable, many=True)
return response_success_200(data=serializer.data)
def pd_token(request):
token = request.META.get("HTTP_TOKEN")
if request.user == STATUS_TOKEN_OVER:
return response_success_200(code=STATUS_TOKEN_OVER, message="token失效")
elif request.user == STATUS_TOKEN_PARAMETER_ERROR:
return response_success_200(code=STATUS_TOKEN_PARAMETER_ERROR,
message="token参数错误!!!!!")
elif not User.objects.filter(token=token):
return response_success_200(code=STATUS_TOKEN_OVER, message="token失效")
return None
def partial_update(self, request, *args, **kwargs):
check_token = pd_super_adm_token(request)
if check_token:
return check_token
# 需要修改的
pk = kwargs['pk']
if not self.queryset.filter(pk=pk):
return response_success_200(code=STATUS_404_NOT_FOUND, message="id未找到")
resp = super().partial_update(request, *args, **kwargs)
return response_success_200(data=resp.data)
def partial_update(self, request, *args, **kwargs):
check_token = pd_token(request)
if check_token:
return check_token
if request.auth not in [-1, -2, 3]:
return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
message="没有权限")
resp = super().partial_update(request, *args, **kwargs)
return response_success_200(data=resp.data)
def check_pk_and_permission(request, pk):
if pk:
if not Regular.objects.filter(pk=pk):
return response_success_200(code=STATUS_404_NOT_FOUND, message="id未找到")
check_token = pd_token(request)
if check_token:
return check_token
if request.auth >= 0: # 普通用户
if not Regular.objects.filter(user_id=request.user, id=pk):
return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY, message="没有访问权限!!!!!!!!!!!!!!!!!!!!!")
def retrieve_by_token(self, request):
check_token = pd_token(request)
if check_token:
return check_token
if request.auth != 1:
return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
message="权限不够,该token不是学生")
instance = self.queryset.get(user_id=request.user)
serializer = self.get_serializer(instance)
return response_success_200(data=serializer.data)
def destroy(self, request, *args, **kwargs):
check_token = pd_super_adm_token(request)
if check_token:
return check_token
# 需要修改的
pk = kwargs['pk']
if not self.queryset.filter(pk=pk):
return response_success_200(code=STATUS_404_NOT_FOUND, message="id未找到")
# 删除
super().destroy(request, *args, **kwargs)
return response_success_200(message="成功")
def destroy(self, request, *args, **kwargs):
check_token = pd_token(request)
if check_token:
return check_token
if request.auth >= 0:
return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
message="没有权限")
# return super().destroy(request, *args, **kwargs)
super().destroy(request, *args, **kwargs)
return response_success_200(message="删除成功!!")
def check_password(self, request, *args, **kwargs):
password = request.data.get("password")
# print(password)
check_token = pd_token(request)
if check_token:
return check_token
password = my_encode(password)
# 获得pk
pk = request.user
if not User.objects.filter(pk=pk, password=password):
return response_success_200(code=STATUS_NOT_FOUND_ERROR,
message="用户名不存在或密码错误")
return response_success_200(message="当前token用户密码正确")
def add_course(timetable_id: int, course_id: int):
if not Course.objects.filter(id=course_id):
return response_success_200(code=STATUS_NOT_FOUND_ERROR,
message="课程id不存在")
try:
Timetable.objects.get(pk=timetable_id).course_info.add(course_id)
except Timetable.DoesNotExist:
return response_success_200(code=STATUS_404_NOT_FOUND, message="课表不存在")
print(timetable_id)
print(course_id)
return None
def batch_import(self, request, *args, **kwargs):
# check_token = pd_adm_token(request)
# if check_token:
# return check_token
file = request.FILES.get("file")
check_file = batch_import_test(file)
if check_file:
return check_file
excel_data = pd.read_excel(file, header=0, dtype='str')
for dt in excel_data.iterrows():
# 添加用户信息
card = dt[1]['身份证']
phone_number = dt[1]['手机号码']
if not dt[1]['家长姓名'] or not card:
continue
if User.objects.filter(user_name=card):
message = card + "身份证已经注册存在"
return response_success_200(code=STATUS_PARAMETER_ERROR,
message=message)
if User.objects.filter(phone_number=phone_number):
message = phone_number + "手机号码已经存在"
return response_success_200(code=STATUS_PARAMETER_ERROR,
message=message)
# print(dt[1]['班级'])
print(phone_number)
password = my_encode(phone_number)
# 分析身份证
id_card = IdCard(card)
# 创建用户详情
user_details_id = UserDetails.objects.create(
name=dt[1]['家长姓名'],
sex=id_card.sex,
card=card,
birthday=date_to_time_stamp(year=id_card.birth_year,
month=id_card.birth_month,
day=id_card.birth_day),
qq=dt[1]['QQ(选填)'],
email=dt[1]['邮箱(选填)'],
).id
# 创建user
user_id = User.objects.create(user_name=card,
password=password,
phone_number=phone_number,
role=2,
user_details_id=user_details_id).id
Parent.objects.create(user_id=user_id, )
return response_success_200(message="成功!!!!")
def check_update_info(regular_category_id, user_id, class_id=None, pk=None):
if regular_category_id:
if not RegularCategory.objects.filter(id=regular_category_id):
return response_success_200(code=STATUS_404_NOT_FOUND, message="无效的regular_category")
if user_id:
if not User.objects.filter(id=user_id):
return response_success_200(code=STATUS_404_NOT_FOUND, message="无效的user")
if pk:
if not Regular.objects.filter(pk=pk):
return response_success_200(code=STATUS_404_NOT_FOUND, message="id未找到")
if class_id:
if not Class.objects.filter(id=class_id):
return response_success_200(code=STATUS_404_NOT_FOUND, message="class_id未找到")
return None
def check_insert_info(title, regular_category_id, user_id, class_id, request):
if not title:
return response_success_200(code=STATUS_NULL, message="title不能为空")
if not regular_category_id:
return response_success_200(code=STATUS_NULL, message="regular_category不能为空")
if not user_id:
return response_success_200(code=STATUS_NULL, message="user不能为空")
check_update = check_update_info(regular_category_id, user_id, class_id=class_id)
if check_update:
return check_update
if request.auth >= 0: # 普通用户添加
if user_id != request.user:
return response_success_200(code=STATUS_PARAMETER_ERROR, message="user_id参数不正确,只能填写本人的id")
def create(self, request, *args, **kwargs):
clazz = request.data.get('clazz')
week = request.data.get('week')
if not Class.objects.filter(id=clazz):
message = "班级ID信息不存在"
return response_success_200(status=STATUS_PARAMETER_ERROR,
message=message)
if Timetable.objects.filter(clazz_id=clazz).filter(week=week):
message = "课程已经添加"
return response_success_200(status=STATUS_PARAMETER_ERROR,
message=message)
# 把课程添加到课程表中
resp = super().create(request)
return response_success_200(data=resp.data)
def destroy(self, request, *args, **kwargs):
check_token = pd_token(request)
if check_token:
return check_token
role = request.auth
if role not in [-2, -1, 3]:
return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
message="没有权限")
# 先删除用户
check_del = del_user_and_user_details(1, kwargs.get("pk"))
if check_del:
return check_del
# 删除学生
# super().destroy(request, *args, **kwargs)
return response_success_200(message="成功")
def retrieve_by_token(self, request):
token = request.META.get("HTTP_TOKEN")
# token = request.data.get("token")
print(token)
print(request.user)
if request.user == STATUS_TOKEN_OVER:
return response_success_200(staus=STATUS_TOKEN_OVER,
message="token失效")
elif request.user == STATUS_PARAMETER_ERROR:
return response_success_200(staus=STATUS_PARAMETER_ERROR,
message="参数错误!!!!!")
instance = self.queryset.get(user_info=request.user)
serializer = self.get_serializer(instance)
return response_success_200(data=serializer.data)
def create(self, request, *args, **kwargs):
check_token = pd_super_adm_token(request)
if check_token:
return check_token
resp = super().create(request)
return response_success_200(data=resp.data)
def search_is_system(request, is_system):
token = request.META.get("HTTP_TOKEN")
print(token)
print(type(token))
if not token or token == 'null': # 没有传token, 返回系统的
return Regular.objects.filter(is_system=1), True
if is_system is None: # 没有传参
# 判断token的是否为超级管理员
check_token = pd_super_adm_token(request)
if check_token:
return check_token, False
return Regular.objects.all(), True
is_system = int(is_system)
if is_system == 1:
return Regular.objects.filter(is_system=1), True
elif is_system == 0: # 浏览自己添加的信息
# 判断token的可用性
check_token = pd_token(request)
if check_token:
return check_token, False
# 返回该用户的所有非系统regular
return Regular.objects.filter(user_id=request.user, is_system=0), True
elif is_system == 2:
# 判断token的可用性
check_token = pd_token(request)
if check_token:
return check_token, False
# 返回该用户的所有系统以及个人非系统的regular
return Regular.objects.filter(
Q(user_id=request.user, is_system=0) | Q(is_system=1)), True
return response_success_200(message="参数错误"), False
def check_phone_code(self, request, *args, **kwargs):
phone_number = request.data.get("phone_number")
code = request.data.get("code")
check_token = pd_token(request)
if check_token:
return check_token
# 检测手机号是否被注册
# if not User.objects.filter(phone_number=phone_number):
# return response_success_200(code=STATUS_NOT_FOUND_ERROR, message=f"该手机号({phone_number})未被注册!!")
# 检测验证码是否正确
if not judge_code(phone_number, code):
message = "验证码不正确"
return response_success_200(code=STATUS_CODE_ERROR,
message=message)
return response_success_200(code=STATUS_200_SUCCESS,
message="手机验证码正确!")
def batch_import_test(file):
excel_data = pd.read_excel(file, header=0, dtype='str')
# print(excel_data)
test = []
i = 0
for dt in excel_data.iterrows():
i = i + 1
message = ""
clazz = dt[1]['班级']
week = dt[1]['星期']
teacher = ['课程老师工号']
for j in range(1, 9):
s = dt[1]['课程老师工号' + str(j)]
if s is not np.nan:
teacher.append(s)
if week not in ['星期一', '星期二', '星期三', '星期四', '星期五', '星期六', '星期日']:
message += "星期不正确"
if not Class.objects.filter(class_name=clazz):
message += ",班级不存在"
for j in range(1, len(teacher)):
if not Teacher.objects.filter(pk=teacher[j]):
message += ",第" + str(j) + "节课老师不存在"
if message:
test.append({"index": i, "message": message})
if len(test) > 0:
return response_success_200(code=STATUS_PARAMETER_ERROR,
message="有错误信息",
err_data=test,
length=len(test))
return None
def batch_import(self, request, *args, **kwargs):
check_token = pd_adm_token(request)
if check_token:
return check_token
file = request.FILES.get("file")
check_file = batch_import_test(file)
if check_file:
return check_file
excel_data = pd.read_excel(file, header=0, dtype='str')
for dt in excel_data.iterrows():
clazz = dt[1]['班级']
# week = dt[1]['星期']
teacher = ['课程老师工号']
allweek = ['星期', '星期一', '星期二', '星期三', '星期四', '星期五', '星期六', '星期日']
index = allweek.index(dt[1]['星期'])
if Week.objects.filter(index=index):
week = Week.objects.get(index=index)
else:
week = Week.objects.create(index=index)
course = [
'课程', ' 第一节课', ' 第二节课', ' 第三节课', ' 第四节课', ' 第五节课', ' 第六节课',
' 第七节课', ' 第八节课'
]
for j in range(1, 9):
s = dt[1]['课程老师工号' + str(j)]
if s is not np.nan:
teacher.append(s)
# 检测之前的课表是否已经存在了,存在就先删除
t2 = Timetable.objects.filter(
week=week, clazz=Class.objects.get(class_name=clazz))
Course.objects.filter(timetable__in=[x.pk for x in t2]).delete()
t2.delete()
# try:
# t = Timetable.objects.get(week=week, clazz=Class.objects.get(class_name=clazz))
# Course.objects.filter(timetable=t).delete()
# t.delete()
# print("删除成功")
# except Timetable.DoesNotExist:
# print("没有")
# except Timetable.MultipleObjectsReturned:
#
# print("多个")
# 创建timetable表
timetable = Timetable.objects.create(
week=week, clazz=Class.objects.get(class_name=clazz))
for j in range(1, len(teacher)):
# print(j)
Course.objects.create(
teacher=Teacher.objects.get(pk=teacher[j]),
course_name=dt[1][course[j]],
index=j,
timetable=timetable)
return response_success_200(message="成功!!!!")
def partial_update(self, request, *args, **kwargs):
check_token = pd_token(request)
if check_token:
return check_token
resp = super().partial_update(request, *args, **kwargs)
return response_success_200(data=resp.data)
def batch_import(self, request, *args, **kwargs):
check_token = pd_adm_token(request)
if check_token:
return check_token
file = request.FILES.get("file")
check_file = batch_import_test(file)
if check_file:
return check_file
excel_data = pd.read_excel(file, header=0, dtype='str')
for dt in excel_data.iterrows():
if not dt[1]['老师姓名'] or not dt[1]['身份证'] or not dt[1]['学校名称']:
continue
# 添加用户信息
card = dt[1]['身份证']
phone_number = dt[1]['手机号码']
school = dt[1]['学校名称']
if User.objects.filter(user_name=card):
return response_success_200(code=STATUS_PARAMETER_ERROR, message="身份证已经注册存在")
if User.objects.filter(phone_number=phone_number):
return response_success_200(code=STATUS_PARAMETER_ERROR, message="手机号码已经注册存在")
if not School.objects.filter(school_name=school):
return response_success_200(code=STATUS_PARAMETER_ERROR, message="学校不存在")
password = my_encode(phone_number)
# 分析身份证
id_card = IdCard(card)
# 创建用户详情
user_details_id = UserDetails.objects.create(
name=dt[1]['老师姓名'],
sex=id_card.sex,
card=card,
birthday=date_to_time_stamp(year=id_card.birth_year, month=id_card.birth_month, day=id_card.birth_day),
qq=dt[1]['QQ(选填)'],
email=dt[1]['邮箱(选填)'],
).id
# 创建user
user_id = User.objects.create(
user_name=card, password=password,
phone_number=phone_number, role=0, user_details_id=user_details_id
).id
Teacher.objects.create(
user_id=user_id,
title=dt[1]['职称'],
school=School.objects.get(school_name=school),
)
return response_success_200(message="成功!!!!")
def destroy_all2(self, request, *args, **kwargs):
check_token = pd_token(request)
if check_token:
return check_token
role = request.auth
if role not in [-2, -1, 3]:
return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
message="没有权限")
# print(request.data)
list = request.data.get("id_list")
print(list)
# # 先删除用户
for i in list:
check_del = del_user_and_user_details(1, int(i))
if check_del:
return check_del
return response_success_200(message="成功")