def callback(id): """ 修改记录 """ # 检查用户权限 _common_logic.check_user_power() name = web_helper.get_form('name', '角色名称') department_id = convert_helper.to_int0( web_helper.get_form('department_id', '部门id')) page_power = web_helper.get_form('page_power', '权限列表', is_check_null=False) if page_power == ',': page_power = '' _positions_logic = positions_logic.PositionsLogic() positions_result = _positions_logic.get_model_for_cache(id) if department_id != positions_result.get('department_id'): return web_helper.return_msg(-1, '该角色所属部门错误,请与管理员联系') # 组合更新字段 fields = { 'name': string(name), 'page_power': string(page_power), } # 读取记录 result = _positions_logic.edit_model(id, fields) if result: # 直接输出json return web_helper.return_msg(0, '提交成功', result) else: return web_helper.return_msg(-1, "提交失败")
def callback(id): """ 修改记录 """ # 检查用户权限 _common_logic.check_user_power() name = web_helper.get_form('name', '部门名称') parent_id = convert_helper.to_int0(web_helper.get_form('parent_id', '父id', is_check_null=False)) sort = convert_helper.to_int0(web_helper.get_form('sort', '排序', is_check_null=False)) is_leaf = web_helper.get_form('is_leaf', '是否最终节点', is_check_null=False) _department_logic = department_logic.DepartmentLogic() # 如果没有设置排序,则自动获取当前级别最大的序号加1 if sort == 0: sort = _department_logic.get_max('parent_id', 'parent_id=' + str(parent_id)) + 1 # 组合更新字段 fields = { 'name': string(name), 'sort': sort, 'is_leaf': is_leaf, } # 修改记录 result = _department_logic.edit_model(id, fields) if result: return web_helper.return_msg(0, '提交成功', result) else: return web_helper.return_msg(-1, "提交查询失败")
def callback(): """ 修改记录 """ # 检查用户权限 _common_logic.check_user_power() front_cover_img = web_helper.get_form('front_cover_img', '图片') content = web_helper.get_form('content', '内容', is_check_special_char=False) # 防sql注入攻击处理 content = string_helper.filter_str(content, "'") # 防xss攻击处理 content = string_helper.clear_xss(content) fields = { 'front_cover_img': string(front_cover_img), 'content': string(content), } # 更新记录 _infomation_logic = infomation_logic.InfomationLogic() result = _infomation_logic.edit_model(1, fields) if result: return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, "提交失败")
def uploadArtical(): uid = web_helper.get_form('id', '主键(时间戳)') tit = str( base64.b64decode(web_helper.get_form('tit', '标题').replace(" ", "+")), "utf-8") txt = web_helper.get_form('txt', '内容').replace(" ", "+") tip = str( base64.b64decode(web_helper.get_form('tip', '标签').replace(" ", "+")), "utf-8") newArt = web_helper.get_form('new', '是否是新文章') if ("n" == newArt): insert = """ insert into "articaltable" ("id", "artical_name", "artical_type", "likesnum", "answernum", "readnum", "artical") values (%s, %s, %s, 0, 0, 0, %s) """ data = (uid, tit, tip, txt) beTip = db_helper.write(insert, data) else: updata = """ UPDATE "articaltable" SET "artical_name"= %s, "artical_type"= %s, "artical" = %s WHERE id=%s; """ data = (tit, tip, txt, uid) beTip = db_helper.write(updata, data) print(beTip, uid, tit, txt, tip) return web_helper.return_msg(-1 if (beTip == "False") else 0, '上传成功')
def callback(): """ 新增记录 """ # 检查用户权限 _common_logic.check_user_power() name = web_helper.get_form('name', '角色名称') department_id = convert_helper.to_int0( web_helper.get_form('department_id', '部门id')) page_power = web_helper.get_form('page_power', '权限列表', is_check_null=False) _department_logic = department_logic.DepartmentLogic() # 读取对应的部门记录 department_result = _department_logic.get_model_for_cache(department_id) if not department_result: return web_helper.return_msg(-1, "部门不存在") _positions_logic = positions_logic.PositionsLogic() # 组合更新字段 fields = { 'name': string(name), 'department_id': department_id, 'department_code': string(department_result.get('code', '')), 'department_name': string(department_result.get('name', '')), 'page_power': string(page_power), } # 读取记录 result = _positions_logic.add_model(fields) if result: # 直接输出json return web_helper.return_msg(0, '提交成功') else: return web_helper.return_msg(-1, "提交失败")
def callback(id): """ 修改记录 """ name = web_helper.get_form('name', '产品名称') code = web_helper.get_form('code', '产品编码') product_class_id = convert_helper.to_int0(web_helper.get_form('product_class_id', '产品分类')) standard = web_helper.get_form('standard', '产品规格') quality_guarantee_period = web_helper.get_form('quality_guarantee_period', '保质期') place_of_origin = web_helper.get_form('place_of_origin', '产地') front_cover_img = web_helper.get_form('front_cover_img', '封面图片') content = web_helper.get_form('content', '产品描述', is_check_special_char=False) # 防sql注入攻击处理 content = string_helper.filter_str(content, "'") # 防xss攻击处理 content = string_helper.clear_xss(content) is_enable = convert_helper.to_int0(web_helper.get_form('is_enable', '是否启用')) # 编辑记录 sql = """ update product set name=%s, code=%s, product_class_id=%s, standard=%s, quality_guarantee_period=%s, place_of_origin=%s, front_cover_img=%s, content=%s, is_enable=%s where id=%s returning id""" vars = (name, code, product_class_id, standard, quality_guarantee_period, place_of_origin, front_cover_img, content, is_enable, id) # 写入数据库 result = db_helper.write(sql, vars) # 判断是否提交成功 if result and result[0].get('id'): return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, "提交失败")
def callback(): """ 新增记录 """ name = web_helper.get_form('name', '产品名称') code = web_helper.get_form('code', '产品编码') product_class_id = convert_helper.to_int0(web_helper.get_form('product_class_id', '产品分类')) standard = web_helper.get_form('standard', '产品规格') quality_guarantee_period = web_helper.get_form('quality_guarantee_period', '保质期') place_of_origin = web_helper.get_form('place_of_origin', '产地') front_cover_img = web_helper.get_form('front_cover_img', '封面图片') content = web_helper.get_form('content', '产品描述', is_check_special_char=False) # 防sql注入攻击处理 content = string_helper.filter_str(content, "'") # 防xss攻击处理 content = string_helper.clear_xss(content) is_enable = convert_helper.to_int0(web_helper.get_form('is_enable', '是否启用')) # 添加记录(使用returning这个函数能返回指定的字段值,这里要求返回新添加记录的自增id值) sql = """insert into product (name, code, product_class_id, standard, quality_guarantee_period, place_of_origin, front_cover_img, content, is_enable) values (%s, %s, %s, %s, %s, %s, %s, %s, %s) returning id""" vars = (name, code, product_class_id, standard, quality_guarantee_period, place_of_origin, front_cover_img, content, is_enable) # 写入数据库 result = db_helper.write(sql, vars) # 判断是否提交成功 if result and result[0].get('id'): return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, "提交失败")
def record(): name = web_helper.get_form('name', '姓名为空', False) cardno = web_helper.get_form('cardno', '准考证号为空', False) ip = web_helper.get_ip() print(name, cardno, ip) sql = '''insert into searchrecord (name,cardno,ip) VALUES (%(name)s,%(cardno)s,%(ip)s) returning id''' par = {'name': name, 'cardno': cardno, 'ip': ip} result = db_helper.write(sql, par) if result: return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, '失败')
def callback(id): name = web_helper.get_form('name', '', False) is_enable = convert_helper.to_int_default( web_helper.get_form('is_enable', '', False), 0) sql = '''update product_class set name=%(name)s ,is_enable=%(is_enable)s where id=%(id)s returning id''' par = {'name': name, 'is_enable': is_enable, 'id': id} result = db_helper.write(sql, par) if result: return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, '失败')
def callback(): name = web_helper.get_form('name', '', False) is_enable = convert_helper.to_int_default( web_helper.get_form('is_enable', '', False), 0) sql = '''insert into product_class (name,is_enable) VALUES (%(name)s,%(is_enable)s) returning id''' par = {'name': name, 'is_enable': is_enable} result = db_helper.write(sql, par) if result: return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, '失败')
def uploadImage(): """保存文章上传的图片""" upload_image = str(web_helper.get_form('image', '图片')).replace(" ", "+") upload_time = web_helper.get_form('times', '时间戳') save_path = "./static/images/mduploadImg/" + upload_time + ".png" imgdata = base64.b64decode(upload_image) file = open(save_path, 'wb') file.write(imgdata) file.close() return web_helper.return_msg(0, '登录成功')
def callback(id): """ 修改记录 """ name = web_helper.get_form('name', '分类名称') is_enable = convert_helper.to_int0(web_helper.get_form('is_enable', '是否启用')) # 编辑记录 sql = """update product_class set name=%s, is_enable=%s where id=%s returning id""" vars = (name, is_enable, id) # 写入数据库 result = db_helper.write(sql, vars) # 判断是否提交成功 if result and result[0].get('id'): return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, "提交失败")
def callback(): """ 新增记录 """ name = web_helper.get_form('name', '分类名称') is_enable = convert_helper.to_int0(web_helper.get_form('is_enable', '是否启用')) # 添加记录(使用returning这个函数能返回指定的字段值,这里要求返回新添加记录的自增id值) sql = """insert into product_class (name, is_enable) values (%s, %s) returning id""" vars = (name, is_enable) # 写入数据库 result = db_helper.write(sql, vars) # 判断是否提交成功 if result and result[0].get('id'): return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, "提交失败")
def callback(): """ 新增记录 """ # 检查用户权限 _common_logic.check_user_power() name = web_helper.get_form('name', '菜单名称') icon = web_helper.get_form('icon', '菜单小图标', True, 10, False, is_check_special_char=False) icon = icon.replace('\'', '').replace('|', '').replace('%', '') page_url = web_helper.get_form('page_url', '页面URL', is_check_null=False) interface_url = web_helper.get_form('interface_url', '接口url', is_check_null=False, is_check_special_char=False) # 替换编码 interface_url = interface_url.replace('@', '').replace('\'', '').replace('|', '').replace('%', '') parent_id = convert_helper.to_int0(web_helper.get_form('parent_id', '父id', is_check_null=False)) sort = convert_helper.to_int0(web_helper.get_form('sort', '排序', is_check_null=False)) is_leaf = web_helper.get_form('is_leaf', '是否最终节点', is_check_null=False) is_show = web_helper.get_form('is_show', '是否显示', is_check_null=False) is_enabled = web_helper.get_form('is_enabled', '是否启用', is_check_null=False) _menu_info_logic = menu_info_logic.MenuInfoLogic() # 计算深度级别,即当前菜单在哪一级 if parent_id == 0: level = 0 else: level = _menu_info_logic.get_value_for_cache(parent_id, 'level') + 1 # 如果没有设置排序,则自动获取当前级别最大的序号加1 if sort == 0: sort = _menu_info_logic.get_max('sort', 'parent_id=' + str(parent_id)) + 1 # 组合更新字段 fields = { 'name': string(name), 'icon': string(icon), 'page_url': string(page_url), 'interface_url': string(interface_url), 'parent_id': parent_id, 'sort': sort, 'level': level, 'is_leaf': is_leaf, 'is_show': is_show, 'is_enabled': is_enabled, } # 新增记录 result = _menu_info_logic.add_model(fields) if result: return web_helper.return_msg(0, '提交成功') else: return web_helper.return_msg(-1, "提交失败")
def callback(): """ 新增记录 """ # 检查用户权限 _common_logic.check_user_power() name = web_helper.get_form('name', '部门名称') parent_id = convert_helper.to_int0(web_helper.get_form('parent_id', '父id', is_check_null=False)) sort = convert_helper.to_int0(web_helper.get_form('sort', '排序', is_check_null=False)) is_leaf = web_helper.get_form('is_leaf', '是否最终节点', is_check_null=False) _department_logic = department_logic.DepartmentLogic() # 计算深度级别,即当前部门在哪一级;并生成部门编码 if parent_id == 0: level = 0 code = _department_logic.create_code('') else: model = _department_logic.get_model_for_cache(parent_id) if not model: return web_helper.return_msg(-1, "您选择的部门不存在") level = model.get('level', 0) + 1 code = _department_logic.create_code(model.get('code', '')) # 如果没有设置排序,则自动获取当前级别最大的序号加1 if sort == 0: sort = _department_logic.get_max('parent_id', 'parent_id=' + str(parent_id)) + 1 # 组合更新字段 fields = { 'name': string(name), 'code': string(code), 'parent_id': parent_id, 'sort': sort, 'level': level, 'is_leaf': is_leaf, } # 新增记录 result = _department_logic.add_model(fields) if result: return web_helper.return_msg(0, '提交成功') else: return web_helper.return_msg(-1, "提交失败")
def callback(): """ 新增记录 """ # 检查用户权限 _common_logic.check_user_power() name = web_helper.get_form('name', '产品名称') code = web_helper.get_form('code', '产品编码') product_class_id = convert_helper.to_int0( web_helper.get_form('product_class_id', '产品分类')) standard = web_helper.get_form('standard', '产品规格') quality_guarantee_period = web_helper.get_form('quality_guarantee_period', '保质期') place_of_origin = web_helper.get_form('place_of_origin', '产地') front_cover_img = web_helper.get_form('front_cover_img', '封面图片') content = web_helper.get_form('content', '产品描述', is_check_special_char=False) # 防sql注入攻击处理 content = string_helper.filter_str(content, "'") # 防xss攻击处理 content = string_helper.clear_xss(content) is_enable = convert_helper.to_int0(web_helper.get_form( 'is_enable', '是否启用')) # 设置新增参数 fields = { 'name': string(name), 'code': string(code), 'product_class_id': product_class_id, 'standard': string(standard), 'quality_guarantee_period': string(quality_guarantee_period), 'place_of_origin': string(place_of_origin), 'front_cover_img': string(front_cover_img), 'content': string(content), 'is_enable': is_enable, } # 实例化product表操作类ProductLogic _product_logic = product_logic.ProductLogic() # 新增记录 result = _product_logic.add_model(fields) # 判断是否提交成功 if result: return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, "提交失败")
def validate(): """使用勾子处理接口访问事件""" r = request # 获取路径 path_info = request.environ.get('PATH_INFO') # 记录参数 # 图标等不用处理 直接返回 if path_info in ['/favicon.ico', '/', '/api/verify/']: return request_log = 'url:' + path_info + ';ip:' + web_helper.get_ip() try: if request.json: request_log = request_log + ';params(json):' + urllib.parse.unquote( str(request.json)) except: pass try: if request.query_string: request_log = request_log + ';params(get):' + request.query_string if request.method == 'POST': request_log = request_log + ';params(post):' + urllib.parse.unquote( str(request.params.__dict__)) log_helper.info(request_log) print(request_log) except: pass # put等方法特殊处理 if request.method == 'POST': _method = web_helper.get_form('_method', False) if _method: # if request.POST.get('_method'): request.environ[ 'REQUEST_METHOD'] = _method #request.POST.get('_method', '') print('_method:' + _method + '|') # elif request.json.get() # 登录验证 url_list = ["/api/login/", "/api/logout/"] if path_info in url_list: return else: s = str(api.__dict__) session = web_helper.get_session() # 获取用户id manager_id = session.get('id', 0) login_name = session.get('login_name', 0) print('manager_id:' + str(manager_id) + 'login_name:' + str(login_name)) # 判断用户是否登录 # if not manager_id or not login_name: # web_helper.return_raise(web_helper.return_msg(-404, "您的登录已失效,请重新登录")) print(4)
def callback(): """ 修改记录 """ front_cover_img = web_helper.get_form('front_cover_img', '图片') content = web_helper.get_form('content', '内容', is_check_special_char=False) # 防sql注入攻击处理 content = string_helper.filter_str(content, "'") # 防xss攻击处理 content = string_helper.clear_xss(content) # 更新记录 sql = """update infomation set front_cover_img=%s, content=%s where id=1""" vars = ( front_cover_img, content, ) # 写入数据库 db_helper.write(sql, vars) # 直接输出json return web_helper.return_msg(0, '成功')
def callback(): """ 修改记录 """ front_cover_img = web_helper.get_form('front_cover_img', '图片') content = web_helper.get_form('content', '内容', is_check_special_char=False) # 防sql注入攻击处理 content = string_helper.filter_str(content, "'") # 防xss攻击处理 content = string_helper.clear_xss(content) # 更新记录 sql = """update infomation set front_cover_img=%s, content=%s where id=1 returning id""" vars = ( front_cover_img, content, ) # 写入数据库 result = db_helper.write(sql, vars) if result and result[0].get('id'): return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, "提交失败")
def callback1(): """ 修改记录 """ front_cover_img = web_helper.get_form('front_cover_img', '图片') content = web_helper.get_form('content', '内容', is_check_special_char=False) # 防sql注入攻击处理 content = string_helper.filter_str(content, "'") # 防xss攻击处理 content = string_helper.clear_xss(content) # 更新记录 sql = """update infomation set front_cover_img=%s, content=%s where id=1""" vars = ( front_cover_img, content, ) # 写入数据库 with db_helper.PgHelper(db_config.DB, db_config.IS_OUTPUT_SQL) as db: db.execute(sql, vars) db.commit() # 直接输出json return web_helper.return_msg(0, '成功')
def deleteArtical(): uid = web_helper.get_form('uid', '主键(时间戳)') deleteArtical = """ delete from "articaltable" where id = %s """ data = (uid, ) beTip = db_helper.write(deleteArtical, data) if beTip == "False": return web_helper.return_msg( -1, '删除失败', ) else: selectArticalList = """ select "id", "artical_name", "artical_type", "likesnum", "answernum", "readnum" from "articaltable" """ recode_result = db_helper.read(selectArticalList) return web_helper.return_msg(0, '删除成功', recode_result)
def post_login(): """用户登陆验证""" ############################################################## # 获取并验证客户端提交的参数 ############################################################## username = web_helper.get_form('username', '帐号') password = web_helper.get_form('password', '密码') verify = web_helper.get_form('verify', '验证码') ip = web_helper.get_ip() ############################################################## # 从session中读取验证码信息 ############################################################## s = web_helper.get_session() verify_code = s.get('verify_code') # 删除session中的验证码(验证码每提交一次就失效) if 'verify_code' in s: del s['verify_code'] s.save() # 判断用户提交的验证码和存储在session中的验证码是否相同 if verify.upper() != verify_code: return web_helper.return_msg(-1, '验证码错误') ############################################################## ### 判断用户登录失败次数,超出次做登录限制 ### # 获取管理员登录密码错误限制次数,0=无限制,x次/小时 limit_login_count = 10 # 获取操作出错限制值 is_ok, msg, operation_times_key, error_count = security_helper.check_operation_times('login_error_count', limit_login_count, web_helper.get_ip(), False) # 判断操作的出错次数是否已超出了限制 if not is_ok: return web_helper.return_msg(-1, msg) ############################################################## ### 获取登录用户记录,并进行登录验证 ### ############################################################## # 初始化操作日志记录类 _manager_operation_log_logic = manager_operation_log_logic.ManagerOperationLogLogic() # 初始化管理员逻辑类 _manager_logic = manager_logic.ManagerLogic() # 从数据库中读取用户信息 manager_result = _manager_logic.get_model_for_cache_of_where('login_name=' + string(username)) # 判断用户记录是否存在 if not manager_result: return web_helper.return_msg(-1, '账户不存在') # 获取管理员id manager_id = manager_result.get('id', 0) # 获取管理员姓名 manager_name = manager_result.get('name', '') ############################################################## ### 验证用户登录密码与状态 ### ############################################################## # 对客户端提交上来的验证进行md5加密将转为大写(为了密码的保密性,这里进行双重md5加密,加密时从第一次加密后的密串中提取一段字符串出来进行再次加密,提取的串大家可以自由设定) # pwd = encrypt_helper.md5(encrypt_helper.md5(password)[1:30]).upper() # 对客户端提交上来的验证进行md5加密将转为大写(只加密一次) pwd = encrypt_helper.md5(password).upper() # 检查登录密码输入是否正确 if pwd != manager_result.get('login_password').upper(): # 记录出错次数 security_helper.add_operation_times(operation_times_key) # 记录日志 _manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '【' + manager_name + '】输入的登录密码错误') return web_helper.return_msg(-1, '密码错误') # 检查该账号虽否禁用了 if not manager_result.get('is_enabled'): # 记录出错次数 security_helper.add_operation_times(operation_times_key) # 记录日志 _manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '【' + manager_name + '】账号已被禁用,不能登录系统') return web_helper.return_msg(-1, '账号已被禁用') # 登录成功,清除登录错误记录 security_helper.del_operation_times(operation_times_key) ############################################################## ### 把用户信息保存到session中 ### ############################################################## manager_id = manager_result.get('id') s['id'] = manager_id s['login_name'] = username s['name'] = manager_result.get('name') s['positions_id'] = manager_result.get('positions_id') s.save() ############################################################## ### 更新用户信息到数据库 ### ############################################################## # 更新当前管理员最后登录时间、Ip与登录次数(字段说明,请看数据字典) fields = { 'last_login_time': 'now()', 'last_login_ip': string(ip), 'login_count': 'login_count+1', } # 写入数据库 _manager_logic.edit_model(manager_id, fields) # 记录日志 _manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '【' + manager_name + '】登陆成功') return web_helper.return_msg(0, '登录成功')
def post_login(): """用户登陆验证""" ############################################################## # 获取并验证客户端提交的参数 ############################################################## username = web_helper.get_form('username', '帐号') password = web_helper.get_form('password', '密码') verify = web_helper.get_form('verify', '验证码') ip = web_helper.get_ip() ############################################################## # 从session中读取验证码信息 ############################################################## s = web_helper.get_session() verify_code = s.get('verify_code') print(verify, s) # 删除session中的验证码(验证码每提交一次就失效) if 'verify_code' in s: del s['verify_code'] s.save() # 判断用户提交的验证码和存储在session中的验证码是否相同 if verify.upper() != verify_code: return web_helper.return_msg(-1, '验证码错误') ############################################################## ### 获取登录用户记录,并进行登录验证 ### ############################################################## sql = """select * from manager where login_name='%s'""" % (username, ) # 从数据库中读取用户信息 manager_result = db_helper.read(sql) # 判断用户记录是否存在 if not manager_result: return web_helper.return_msg(-1, '账户不存在') ############################################################## ### 验证用户登录密码与状态 ### ############################################################## # 对客户端提交上来的验证进行md5加密将转为大写(为了密码的保密性,这里进行双重md5加密,加密时从第一次加密后的密串中提取一段字符串出来进行再次加密,提取的串大家可以自由设定) # pwd = encrypt_helper.md5(encrypt_helper.md5(password)[1:30]).upper() # 对客户端提交上来的验证进行md5加密将转为大写(只加密一次) pwd = encrypt_helper.md5(password).upper() # 检查登录密码输入是否正确 if pwd != manager_result[0].get('login_password', ''): return web_helper.return_msg(-1, '密码错误') # 检查该账号虽否禁用了 if manager_result[0].get('is_enable', 0) == 0: return web_helper.return_msg(-1, '账号已被禁用') ############################################################## ### 把用户信息保存到session中 ### ############################################################## manager_id = manager_result[0].get('id', 0) s['id'] = manager_id s['login_name'] = username s.save() ############################################################## ### 更新用户信息到数据库 ### ############################################################## # 更新当前管理员最后登录时间、Ip与登录次数(字段说明,请看数据字典) sql = """update manager set last_login_time=%s, last_login_ip=%s, login_count=login_count+1 where id=%s""" # 组合更新值 vars = ( 'now()', ip, manager_id, ) # 写入数据库 db_helper.write(sql, vars) data = [{'a': 1, 'b': 2, 'c': 3, 'd': 4, 'e': 5}] return web_helper.return_msg(0, '登录成功', data)
def callback(): """ 新增记录 """ # 检查用户权限 _common_logic.check_user_power() name = web_helper.get_form('name', '管理员名称') sex = web_helper.get_form('sex', '性别', is_check_null=False) if sex != '男': sex = '女' mobile = web_helper.get_form('mobile', '手机号码', is_check_null=False) if mobile and not string_helper.is_mobile(mobile): return web_helper.return_msg(-1, '手机号码格式不正确') birthday = web_helper.get_form('birthday', '出生日期', is_check_null=False) if birthday: birthday = convert_helper.to_date(birthday) email = web_helper.get_form('email', 'email', is_check_null=False) if email and not string_helper.is_email(email): return web_helper.return_msg(-1, 'Email格式不正确') remark = web_helper.get_form('remark', '备注', is_check_null=False) department_id = convert_helper.to_int0( web_helper.get_form('department_id', '所属部门')) positions_id = convert_helper.to_int0( web_helper.get_form('positions_id', '所属职位')) is_work = convert_helper.to_int0(web_helper.get_form('is_work', '工作状态')) is_enabled = web_helper.get_form('is_enabled', '是否启用', is_check_null=False) login_name = web_helper.get_form('login_name', '登录账号') login_password = web_helper.get_form('login_password1', '登录密码', is_check_special_char=False) if len(login_password) < 6: return web_helper.return_msg(-1, '登录密码长度必须大于等于6位') login_password = encrypt_helper.md5( encrypt_helper.md5(login_password)[2:24]) # 判断提交的部门id是否正确 _department_logic = department_logic.DepartmentLogic() department_result = _department_logic.get_model_for_cache(department_id) if not department_result: return web_helper.return_msg(-1, '所属部门不存在') # 判断提交的职位id是否正确 _positions_logic = positions_logic.PositionsLogic() positions_result = _positions_logic.get_model_for_cache(positions_id) if not positions_result or positions_result.get( 'department_id') != department_id: return web_helper.return_msg(-1, '所属职位不存在') _manager_logic = manager_logic.ManagerLogic() # 组合更新字段 fields = { 'name': string(name), 'sex': string(sex), 'mobile': string(mobile), 'email': string(email), 'remark': string(remark), 'department_id': department_id, 'department_code': string(department_result.get('code', '')), 'department_name': string(department_result.get('name', '')), 'positions_id': positions_id, 'positions_name': string(positions_result.get('name', '')), 'is_work': is_work, 'is_enabled': is_enabled, 'login_name': string(login_name), 'login_password': string(login_password), } if birthday: fields['birthday'] = string(str(birthday)) # 添加记录 result = _manager_logic.add_model(fields) if result: return web_helper.return_msg(0, '成功') else: return web_helper.return_msg(-1, "提交失败")