def updateApp(req):
"""
修改应用
:param req:
:return:
"""
cr = webapi.SuccCallReturn()
try:
id = webapi.GET(req, 'id')
app_id = webapi.GET(req, 'app_id')
name = webapi.GET(req, 'name')
comment = webapi.GET(req, 'comment')
status = webapi.GET(req, 'status')
app_id = app_id.strip()
name = name.strip()
status = status.strip()
if not app_id or not name or not name:
return webapi.FailCallReturn(
ErrorDefs.ParameterIllegal).httpResponse()
callback = webapi.GET(req, 'callback')
cr.setCallBackJsonp(callback)
creator_id = webapi.sessionValue(req, 'user_id')
creator = core.AdminUser.objects.get(id=(int(creator_id)))
app = core.Application.objects.get(id=int(id))
#应用标识不能更新
# if app_id:
# appforid = core.Application.objects.filter(app_id = app_id)
# if appforid:
# return webapi.FailCallReturn(ErrorDefs.AppExisted).httpResponse()
# app.app_id = app_id[:40]
if name: app.name = name[:40]
if comment: app.comment = comment[:200]
if status:
app.status = int(status)
app.creator = creator
#app.create_time = datetime.datetime.now()
app.save()
log = service.common.logging.createLog(
cloudfish.base.AdminUserActionType.UpdateApplicate, request=req)
log.result = 0
log.target = app.name
log.detail = str(req.META['REMOTE_ADDR'])
log.save()
except:
traceback.print_exc()
cr = webapi.FailCallReturn(
ErrorDefs.InternalException).setCallBackJsonp(callback)
return cr.httpResponse()
def updateNotice(r):
"""
更新系统通知消息
"""
cr = webapi.SuccCallReturn()
callback = None
try:
notice_id = webapi.GET(r, 'id')
title = webapi.GET(r, 'title')
content = webapi.GET(r, 'content')
alert = webapi.GET(r, 'alert', 0)
end_alert_time = webapi.GET(r, 'end_alert_time', None)
alert = int(alert)
if alert:
alert = True
else:
alert = False
if end_alert_time:
end_alert_time = lemon.utils.misc.mk_datetime(end_alert_time)
callback = webapi.GET(r, 'callback')
cr.setCallBackJsonp(callback)
if not notice_id:
return webapi.FailCallReturn(
errors.ErrorDefs.ParameterIllegal).httpResponse()
user_id = webapi.sessionValue(r, 'user_id')
admin = core.AdminUser.objects.get(id=int(user_id))
notice = core.Notice.objects.get(id=int(notice_id))
notice.issuer = admin
if title != None:
notice.title = title[:255]
if content != None:
notice.content = content[:2000]
notice.modify_time = datetime.datetime.now()
notice.alert = alert
notice.end_alert_time = end_alert_time
notice.save()
cr.result = notice.id
log = service.common.logging.createLog(
lemon.basetype.LogActionType.L313, notice.title, request=r)
log.save()
except:
traceback.print_exc()
cr = webapi.FailCallReturn(
errors.ErrorDefs.InternalException).setCallBackJsonp(callback)
return cr.httpResponse()
def process_request(self, req):
"""
session 检查
- 超时或用户身份为鉴定,提示用户登录
webapi权限调用检查
- 业务用户与管理员api调用控制
- 不同权限用户的api调用控制
:param request:
:return:
"""
if model.django.project.settings.DEBUG:
print 'PATH:', req.path
print 'GET:', req.GET
print 'POST:', req.POST
print 'USER_ID:', webapi.sessionValue(req, 'user_id')
print 'USER_ROLE:', webapi.sessionValue(req, 'user_role')
print 'USER_TYPE:', webapi.sessionValue(req, 'user_type')
real_ip = req.META.get('HTTP_X_REAL_IP')
if real_ip:
req.META['REMOTE_ADDR'] = real_ip
prefix = '/webapi/'
# if req.path[-1]!='/':
# req.path +='/'
# return
#
if req.path.find('/api/fileserver/') != -1:
return
if req.path.find('/static/') != -1:
return
#此处必须判别 当前登录的用户类型 admin/user,
if req.path.find(prefix) != -1:
IGNAL_LIST = ('/login', '/logout', '/getSignImage', '/',
'/getIdentity')
match = False
for path in IGNAL_LIST:
if req.path.find(path) != -1:
match = True
break
if match:
return
user_id = webapi.sessionValue(req, 'user_id')
# user_role = webapi.sessionValue(req,'user_id')
# user_type = webapi.sessionValue(req,'user_type') # user or admin_user
if not user_id:
return webapi.FailCallReturn(
errors.ErrorDefs.SessionExpired).httpResponse()
else:
user_type = webapi.sessionValue(req, 'user_type')
# if req.path.find('/webapi/ras/')!=-1 and user_type!=basetype.LoginUserType.USER:
# print 'error: cross user privillages access! (current user is not USER)'
# return webapi.FailCallReturn(errors.ErrorDefs.PermissionDenied)
# if req.path.find('/webapi/admin/')!=-1 and user_type!=basetype.LoginUserType.ADMIN:
# print 'error: cross user privillages access! (current user is not ADMIN)'
# return webapi.FailCallReturn(errors.ErrorDefs.PermissionDenied)
# todo
# 启用身份状态识别,导致 文件下载 错误: user_id 不存在 ????
# 可能是 /ras时注销了用户会话??
if 1:
user_id = webapi.sessionValue(req, 'user_id')
if not user_id:
# if req.path=='/admin/':
return render_to_response('adminLogin.html')
# else:
# return render_to_response('adminIndex.html')
return
def createApp(req):
"""
添加应用
@params:
@return:
{status,errcode,result}
"""
cr = webapi.SuccCallReturn()
callback = None
try:
app_id = webapi.GET(req, 'app_id')
name = webapi.GET(req, 'name')
comment = webapi.GET(req, 'comment')
status = webapi.GET(req, 'status')
app_id = app_id.strip()
name = name.strip()
status = status.strip()
if not app_id or not name:
return webapi.FailCallReturn(
ErrorDefs.ParameterIllegal).httpResponse()
callback = webapi.GET(req, 'callback')
cr.setCallBackJsonp(callback)
creator_id = webapi.sessionValue(req, 'user_id')
creator = core.AdminUser.objects.get(id=(int(creator_id)))
app = core.Application()
if app_id:
appforid = core.Application.objects.filter(app_id=app_id)
if appforid:
return webapi.FailCallReturn(
ErrorDefs.AppExisted).httpResponse()
app.app_id = app_id[:40]
if name: app.name = name[:40]
if comment: app.comment = comment[:200]
if status:
app.status = int(status)
app.creator = creator
app.create_time = datetime.datetime.now()
app.access_token = lemon.utils.misc.genUUID()
app.secret_key = lemon.utils.misc.random_password()
app.save()
result = app.id
cr.assign(result)
log = service.common.logging.createLog(
cloudfish.base.AdminUserActionType.CreateApplicate, request=req)
log.result = 0
log.target = app.name
log.detail = str(req.META['REMOTE_ADDR'])
log.save()
except:
traceback.print_exc()
cr = webapi.FailCallReturn(
ErrorDefs.InternalException).setCallBackJsonp(callback)
return cr.httpResponse()
def ras(req):
# print 'ras',req.path
user_type = webapi.sessionValue(req, 'user_type', 0)
if user_type and user_type != lemon.basetype.LoginUserType.USER:
del req.session['user_id']
return render_to_response('index.html')