def delete(request): to_be_deleted_id = request.GET.get('id') to_be_deleted = models.myClass.objects.get(id=to_be_deleted_id) user_id = request.session['user_id'] message = "" try: # 如果用户是teacher request.session.get('user_type', 'Teacher') authority = getAuthority('delete', 'Class', 'Teacher', to_be_deleted_id, user_id) if authority: if to_be_deleted.students.count() == 0: to_be_deleted.delete() else: message = "You cannot delete it, because it's referenced by others" else: message = 'Do not have the right of this operation' except: try: # 如果用户是student request.session.get('user_type', 'Student') authority = getAuthority('delete', 'Class', 'Student', to_be_deleted_id, user_id) if authority: if to_be_deleted.students.count() == 0: to_be_deleted.delete() else: message = "You cannot delete it, because it's referenced by others" else: message = 'Do not have the right of this operation' except: message = 'Please login' class_form = forms.myClass() class_modify_form = forms.myClass_modify() class_set = models.myClass.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in class_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Class', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in class_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Class', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' return render( request, 'manager/ManagePage/ManageClass.html', { 'class_set': show_result, 'class_form': class_form, 'modify_tag': -1, 'message': message, 'class_modify_form': class_modify_form, })
def query(request): show_result = [] # 这是最终展示给用户的搜索结果 if request.method == "GET": option = request.GET.get('option') query_val = request.GET.get('query_val') query_result = [] user_id = request.session['user_id'] try: # 如果用户是teacher request.session.get('user_type', 'Teacher') if option == 'change_id': # 搜索所有结果,其中会有非法结果 query_result = models.MajorTransfer.objects.filter(change_id=query_val) elif option == 'change_date': query_result = models.MajorTransfer.objects.filter(change_date=query_val) elif option == 'student': query_result = models.MajorTransfer.objects.filter(student=query_val) elif option == 'original_class': query_result = models.MajorTransfer.objects.filter(original_class=query_val) elif option == 'current_class': query_result = models.MajorTransfer.objects.filter(current_class=query_val) elif option == 'relationship': query_result = models.MajorTransfer.objects.filter(has_transfered_communist_youth_league_relationship=query_val) for result in query_result: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'MajorTransfer', 'Teacher', result.student.student_id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是student request.session.get('user_type', 'Student') if option == 'change_id': # 搜索所有结果,其中会有非法结果 query_result = models.MajorTransfer.objects.filter(change_id=query_val) elif option == 'change_date': query_result = models.MajorTransfer.objects.filter(change_date=query_val) elif option == 'student': query_result = models.MajorTransfer.objects.filter(student=query_val) elif option == 'original_class': query_result = models.MajorTransfer.objects.filter(original_class=query_val) elif option == 'current_class': query_result = models.MajorTransfer.objects.filter(current_class=query_val) elif option == 'relationship': query_result = models.MajorTransfer.objects.filter(has_transfered_communist_youth_league_relationship=query_val) for result in query_result: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'MajorTransfer', 'Student', result.student.student_id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' # 返回结果给页面 major_transfer_form = forms.MajorTransfer() major_transfer_modify_form = forms.MajorTransfer_modify() return render( request, 'manager/ManagePage/ManageMajorTransfer.html', { 'major_transfer_set' : show_result, 'major_transfer_form' : major_transfer_form, 'modify_tag' : -1, 'major_transfer_modify_form' : major_transfer_modify_form, } )
def delete(request): to_be_deleted_id = request.GET.get('id') print(to_be_deleted_id) to_be_deleted = models.GradeTransfer.objects.get( change_id=to_be_deleted_id) user_id = request.session['user_id'] message = "" try: # 如果用户是teacher request.session.get('user_type', 'Teacher') authority = getAuthority('delete', 'GradeTransfer', 'Teacher', to_be_deleted_id, user_id) if authority: to_be_deleted.delete() else: message = 'Do not have the right of this operation' except: try: # 如果用户是student request.session.get('user_type', 'Student') authority = getAuthority('delete', 'GradeTransfer', 'Student', to_be_deleted_id, user_id) if authority: to_be_deleted.delete() else: message = 'Do not have the right of this operation' except: message = 'Please login' grade_transfer_form = forms.GradeTransfer() grade_transfer_modify_form = forms.GradeTransfer_modify() grade_transfer_set = models.GradeTransfer.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in grade_transfer_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'GradeTransfer', 'Teacher', result.student.student_id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in grade_transfer_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'GradeTransfer', 'Student', result.student.student_id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' return render( request, 'manager/ManagePage/ManageGradeTransfer.html', { 'grade_transfer_set': show_result, 'grade_transfer_form': grade_transfer_form, 'modify_tag': -1, 'message': message, 'grade_transfer_modify_form': grade_transfer_modify_form, })
def query(request): show_result = [] # 这是最终展示给用户的搜索结果 if request.method == "GET": option = request.GET.get('option') query_val = request.GET.get('query_val') query_result = [] user_id = request.session['user_id'] try: # 如果用户是teacher request.session.get('user_type', 'Teacher') if option == 'lesson_id': # 搜索所有结果,其中会有非法结果 query_result = models.ValidLesson.objects.filter(lesson=query_val) elif option == 'teacher_id': query_result = models.ValidLesson.objects.filter(teacher=query_val) elif option == 'begin_date': query_result = models.ValidLesson.objects.filter(begin_date=query_val) elif option == 'begin_semester': query_result = models.ValidLesson.objects.filter(begin_semester=query_val) elif option == 'begin_time': query_result = models.ValidLesson.objects.filter(begin_time=query_val) for result in query_result: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'ValidLesson', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是student request.session.get('user_type', 'Student') if option == 'lesson_id': # 搜索所有结果,其中会有非法结果 query_result = models.ValidLesson.objects.filter(lesson=query_val) elif option == 'teacher_id': query_result = models.ValidLesson.objects.filter(teacher=query_val) elif option == 'begin_date': query_result = models.ValidLesson.objects.filter(begin_date=query_val) elif option == 'begin_semester': query_result = models.ValidLesson.objects.filter(begin_semester=query_val) elif option == 'begin_time': query_result = models.ValidLesson.objects.filter(begin_time=query_val) for result in query_result: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'ValidLesson', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' # 返回结果给页面 validlesson_form = forms.ValidLesson() validlesson_modify_form = forms.ValidLesson_modify() return render( request, 'manager/ManagePage/ManageCourse.html', { 'validlesson_set' : show_result, 'validlesson_form' : validlesson_form, 'modify_tag' : -1, 'validlesson_modify_form' : validlesson_modify_form, } )
def delete(request): to_be_deleted_id = request.GET.get('id') to_be_deleted = models.ValidLesson.objects.get(lesson=to_be_deleted_id) user_id = request.session['user_id'] message = "" try: # 如果用户是teacher request.session.get('user_type', 'Teacher') authority = getAuthority('delete', 'ValidLesson', 'Teacher', to_be_deleted_id, user_id) if authority: to_be_deleted.delete() else: message = 'Do not have the right of this operation' except: try: # 如果用户是student request.session.get('user_type', 'Student') authority = getAuthority('delete', 'ValidLesson', 'Student', to_be_deleted_id, user_id) if authority: to_be_deleted.delete() else: message = 'Do not have the right of this operation' except: message = 'Please login' validlesson_form = forms.ValidLesson() validlesson_modify_form = forms.ValidLesson_modify() validlesson_set = models.ValidLesson.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in validlesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'ValidLesson', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in validlesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'ValidLesson', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' return render( request, 'manager/ManagePage/ManageCourse.html', { 'validlesson_set' : show_result, 'validlesson_form' : validlesson_form, 'modify_tag' : -1, 'message': message, 'validlesson_modify_form' : validlesson_modify_form, } )
def query(request): show_result = [] # 这是最终展示给用户的搜索结果 if request.method == "GET": option = request.GET.get('option') query_val = request.GET.get('query_val') query_result = [] user_id = request.session['user_id'] try: # 如果用户是teacher request.session.get('user_type', 'Teacher') if option == 'id': # 搜索所有结果,其中会有非法结果 query_result = models.Campus.objects.filter(id=query_val) elif option == 'name': query_result = models.Campus.objects.filter(name=query_val) elif option == 'address': query_result = models.Campus.objects.filter(address=query_val) for result in query_result: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Campus', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是student request.session.get('user_type', 'Student') if option == 'id': # 搜索所有结果,其中会有非法结果 query_result = models.Campus.objects.filter(id=query_val) elif option == 'name': query_result = models.Campus.objects.filter(name=query_val) elif option == 'address': query_result = models.Campus.objects.filter( address=query_val) for result in query_result: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Campus', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' # 返回结果给页面 campus_form = forms.Campus() campus_modify_form = forms.Campus_modify() return render( request, 'manager/ManagePage/ManageCampus.html', { 'campus_set': show_result, 'campus_form': campus_form, 'modify_tag': -1, 'campus_modify_form': campus_modify_form, })
def delete(request): to_be_deleted_id = request.GET.get('id') to_be_deleted = models.Campus.objects.get(id=to_be_deleted_id) user_id = request.session['user_id'] message = "" try: # 如果用户是teacher request.session.get('user_type', 'Teacher') authority = getAuthority('delete', 'Campus', 'Teacher', to_be_deleted_id, user_id) if authority: if to_be_deleted.major.count() == 0: to_be_deleted.delete() else: message = "You cannot delete it, because it's referenced by others" else: message = 'Do not have the right of this operation' except: try: # 如果用户是student request.session.get('user_type', 'Student') authority = getAuthority('delete', 'Campus', 'Student', to_be_deleted_id, user_id) if authority: if to_be_deleted.major.count() == 0: to_be_deleted.delete() else: message = "You cannot delete it, because it's referenced by others" else: message = 'Do not have the right of this operation' except: message = 'Please login' campus_form = forms.Campus() campus_modify_form = forms.Campus_modify() campus_set = models.Campus.objects.all() return render( request, 'manager/ManagePage/ManageCampus.html', { 'campus_set': campus_set, 'campus_form': campus_form, 'modify_tag': -1, 'message': message, 'campus_modify_form': campus_modify_form, })
def classes(request): modify_tag = -1 message = '' show_result = [] class_set = models.myClass.objects.all() user_id = request.session['user_id'] if request.GET.get('modify_tag'): modify_tag = request.GET.get('modify_tag') try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in class_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Class', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in class_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Class', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' #message = request.session['user_type'] class_form = forms.myClass() class_modify_form = forms.myClass_modify() return render( request, 'manager/ManagePage/ManageClass.html', { 'class_set': show_result, 'class_form': class_form, 'modify_tag': modify_tag, 'class_modify_form': class_modify_form, 'message': message, })
def grade_transfer(request): modify_tag = -1 message = '' show_result = [] grade_transfer_set = models.GradeTransfer.objects.all() user_id = request.session['user_id'] if request.GET.get('modify_tag'): modify_tag = request.GET.get('modify_tag') try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in grade_transfer_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'GradeTransfer', 'Teacher', result.student.student_id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in grade_transfer_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'GradeTransfer', 'Student', result.student.student_id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' grade_transfer_form = forms.GradeTransfer() grade_transfer_modify_form = forms.GradeTransfer_modify() return render( request, 'manager/ManagePage/ManageGradeTransfer.html', { 'grade_transfer_set': show_result, 'grade_transfer_form': grade_transfer_form, 'modify_tag': modify_tag, 'grade_transfer_modify_form': grade_transfer_modify_form, 'message': message, })
def course(request): modify_tag = -1 message = '' show_result = [] validlesson_set = models.ValidLesson.objects.all() user_id = request.session['user_id'] if request.GET.get('modify_tag'): modify_tag = request.GET.get('modify_tag') try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in validlesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'ValidLesson', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in validlesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'ValidLesson', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' validlesson_form = forms.ValidLesson() validlesson_modify_form = forms.ValidLesson_modify() return render( request, 'manager/ManagePage/ManageCourse.html', { 'validlesson_set' : show_result, 'validlesson_form' : validlesson_form, 'modify_tag' : modify_tag, 'validlesson_modify_form' : validlesson_modify_form, 'message': message, } )
def add(request): message = '' if request.method == 'POST': add_form = forms.Student(request.POST) print(add_form.errors) user_id = request.session['user_id'] # 权限控制——这一部分用于判断账号类型,因为student只有管理员能操作,所以以下直接不允许相关操作 if add_form.is_valid(): student_id = add_form.cleaned_data.get('id') student_id_type = add_form.cleaned_data.get('id_type') student_name = add_form.cleaned_data.get('name') student_sex = add_form.cleaned_data.get('sex') student_birthday = add_form.cleaned_data.get('birthday') student_nationality = add_form.cleaned_data.get('nationality') student_family_address = add_form.cleaned_data.get('family_address') student_family_postcode = add_form.cleaned_data.get('family_postcode') student_family_telephone = add_form.cleaned_data.get('family_telephone') student_entry_date = add_form.cleaned_data.get('entry_date') student_email = add_form.cleaned_data.get('email') student_student_id = add_form.cleaned_data.get('student_id') student_password = add_form.cleaned_data.get('password') student_myClass = add_form.cleaned_data.get('myClass') try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority('add', 'Student', 'Teacher', student_id, user_id) if authority: myClass = models.myClass.objects.get(name=student_myClass) new_student = models.Student.objects.create( id = student_id, id_type = student_id_type, name = student_name, sex = student_sex, birthday = student_birthday, nationality = student_nationality, family_address = student_family_address, family_postcode = student_family_postcode, family_telephone = student_family_telephone, entry_date = student_entry_date, email = student_email, student_id = student_student_id, password = student_password, myClass = student_myClass, ) print(new_student.myClass) else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Teacher') authority = getAuthority('add', 'Student', 'Teacher', student_id, user_id) if authority: new_student = models.Student( student_id, student_id_type, student_name, student_sex, student_birthday, student_nationality, student_family_address, student_family_postcode, student_family_telephone, student_entry_date, student_email, student_student_id, student_password, student_myClass, ) new_student.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: message = "Please check what you've entered" # 渲染动态页面 student_set = models.Student.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in student_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Student', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in student_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Student', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: # message = 'Please login' pass student_form = forms.Student() student_modify_form = forms.Student_modify() return render( request, 'manager/ManagePage/ManageStudent.html', { 'student_set' : show_result, 'student_form' : student_form, 'modify_tag' : -1, 'student_modify_form' : student_modify_form, 'message' : message } )
def modify(request): if request.method == 'POST': modify_form = forms.Student_modify(request.POST) message = '' user_id = request.session['user_id'] if modify_form.is_valid(): student_id_type = modify_form.cleaned_data.get('id_type') student_name = modify_form.cleaned_data.get('name') student_sex = modify_form.cleaned_data.get('sex') student_birthday = modify_form.cleaned_data.get('birthday') student_nationality = modify_form.cleaned_data.get('nationality') student_family_address = modify_form.cleaned_data.get('family_address') student_family_postcode = modify_form.cleaned_data.get('family_postcode') student_family_telephone = modify_form.cleaned_data.get('family_telephone') student_entry_date = modify_form.cleaned_data.get('entry_date') student_email = modify_form.cleaned_data.get('email') student_password = modify_form.cleaned_data.get('password') student_myClass = modify_form.cleaned_data.get('myClass') tag = request.GET.get('tag') to_be_modified = models.Student.objects.get(id=tag) try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority('modify', 'Student', 'Teacher', to_be_modified.student_id, user_id) if authority: try: to_be_modified.id_type = student_id_type to_be_modified.name = student_name to_be_modified.sex = student_sex to_be_modified.birthday = student_birthday to_be_modified.nationality = student_nationality to_be_modified.family_address = student_family_address to_be_modified.family_postcode = student_family_postcode to_be_modified.family_telephone = student_family_telephone to_be_modified.entry_date = student_entry_date to_be_modified.email = student_email to_be_modified.password = student_password to_be_modified.myClass = student_myClass to_be_modified.save() except: print('testt') else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Student') authority = getAuthority('modify', 'Student', 'Student', tag, user_id) if authority: to_be_modified.id_type = student_id_type to_be_modified.name = student_name to_be_modified.sex = student_sex to_be_modified.birthday = student_birthday to_be_modified.nationality = student_nationality to_be_modified.family_address = student_family_address to_be_modified.family_postcode = student_family_postcode to_be_modified.family_telephone = student_family_telephone to_be_modified.entry_date = student_entry_date to_be_modified.email = student_name to_be_modified.password = student_password to_be_modified.myClass = student_myClass to_be_modified.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: message = 'Please check out what you write' # 渲染动态页面 student_set = models.Student.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Student') for result in student_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Student', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in student_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Student', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' student_form = forms.Student() student_modify_form = forms.Student_modify() return render( request, 'manager/ManagePage/ManageStudent.html', { 'student_set' : student_set, 'student_form' : student_form, 'modify_tag' : -1, 'message' : message, 'student_modify_form' : student_modify_form, } )
def query(request): show_result = [] # 这是最终展示给用户的搜索结果 if request.method == "GET": option = request.GET.get('option') query_val = request.GET.get('query_val') query_result = [] user_id = request.session['user_id'] try: # 如果用户是Teacher request.session.get('user_type', 'Teacher') if option == 'id': # 搜索所有结果,其中会有非法结果 query_result = models.Student.objects.filter(id=query_val) elif option == 'id_type': query_result = models.Student.objects.filter(id_type=query_val) elif option == 'name': query_result = models.Student.objects.filter(name=query_val) elif option == 'sex': query_result = models.Student.objects.filter(sex=query_val) elif option == 'birthday': query_result = models.Student.objects.filter(birthday=query_val) elif option == 'nationality': query_result = models.Student.objects.filter(nationality=query_val) elif option == 'family_address': query_result = models.Student.objects.filter(family_address=query_val) elif option == 'family_postcode': query_result = models.Student.objects.filter(family_postcode=query_val) elif option == 'family_telephone': query_result = models.Student.objects.filter(family_telephone=query_val) elif option == 'entry_date': query_result = models.Student.objects.filter(entry_date=query_val) elif option == 'email': query_result = models.Student.objects.filter(email=query_val) elif option == 'student_id': query_result = models.Student.objects.filter(student_id=query_val) elif option == 'myClass': query_result = models.Student.objects.filter(myClass=query_val) for result in query_result: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Student', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是student request.session.get('user_type', 'Student') if option == 'id': # 搜索所有结果,其中会有非法结果 query_result = models.Student.objects.filter(id=query_val) elif option == 'id_type': query_result = models.Student.objects.filter(id_type=query_val) elif option == 'name': query_result = models.Student.objects.filter(name=query_val) elif option == 'sex': query_result = models.Student.objects.filter(sex=query_val) elif option == 'birthday': query_result = models.Student.objects.filter(birthday=query_val) elif option == 'nationality': query_result = models.Student.objects.filter(nationality=query_val) elif option == 'family_address': query_result = models.Student.objects.filter(family_address=query_val) elif option == 'family_postcode': query_result = models.Student.objects.filter(family_postcode=query_val) elif option == 'family_telephone': query_result = models.Student.objects.filter(family_telephone=query_val) elif option == 'entry_date': query_result = models.Student.objects.filter(entry_date=query_val) elif option == 'email': query_result = models.Student.objects.filter(email=query_val) elif option == 'student_id': query_result = models.Student.objects.filter(student_id=query_val) elif option == 'myClass': query_result = models.Student.objects.filter(myClass=query_val) for result in query_result: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Student', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' # 返回结果给页面 student_form = forms.Student() student_modify_form = forms.Student_modify() return render( request, 'manager/ManagePage/ManageStudent.html', { 'student_set' : show_result, 'student_form' : student_form, 'modify_tag' : -1, 'student_modify_form' : student_modify_form, } )
def add(request): message = '' if request.method == 'POST': add_form = forms.myClass(request.POST) #print(add_form.cleaned_data.get('id')) print(add_form.errors) user_id = request.session['user_id'] # 权限控制——这一部分用于判断账号类型,因为campus只有管理员能操作,所以以下直接不允许相关操作 if add_form.is_valid(): class_id = add_form.cleaned_data.get('id') class_name = add_form.cleaned_data.get('name') set_up_date = add_form.cleaned_data.get('date') head_teacher = add_form.cleaned_data.get('head_teacher') grade = add_form.cleaned_data.get('grade') class_major = add_form.cleaned_data.get('major') try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority('add', 'Class', 'Teacher', class_id, user_id) if authority: class_major_in = models.Major.objects.get(name=class_major) class_teacher = models.Teacher.objects.get( name=head_teacher) new_class = models.myClass(class_id, class_name, set_up_date, head_teacher=class_teacher, grade=grade, major=class_major_in) new_class.save() else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Teacher') authority = getAuthority('add', 'Class', 'Teacher', class_id, user_id) if authority: class_major_in = models.Major.objects.get( name=class_major) class_teacher = models.Teacher.objects.get( name=head_teacher) new_class = models.myClass(class_id, class_name, set_up_date, head_teacher=class_teacher, grade=grade, major=class_major_in) new_class.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: message = "Please check what you've entered" # 渲染动态页面 class_set = models.myClass.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in class_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Class', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in class_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Class', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' class_form = forms.myClass() class_modify_form = forms.myClass_modify() return render( request, 'manager/ManagePage/ManageClass.html', { 'class_set': show_result, 'class_form': class_form, 'modify_tag': -1, 'class_modify_form': class_modify_form, 'message': message })
def add(request): message = '' if request.method == 'POST': add_form = forms.Campus(request.POST) user_id = request.session['user_id'] # 权限控制——这一部分用于判断账号类型,因为campus只有管理员能操作,所以以下直接不允许相关操作 if add_form.is_valid(): campus_id = add_form.cleaned_data.get('id') campus_name = add_form.cleaned_data.get('name') campus_address = add_form.cleaned_data.get('address') try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority('add', 'Campus', 'Teacher', campus_id, user_id) if authority: new_campus = models.Campus(campus_id, campus_name, campus_address) new_campus.save() else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Student') authority = getAuthority('add', 'Campus', 'Student', campus_id, user_id) if authority: new_campus = models.Campus(campus_id, campus_name, campus_address) new_campus.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: message = "Please check what you've entered" # 渲染动态页面 campus_set = models.Campus.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in campus_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Campus', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in campus_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Campus', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' campus_form = forms.Campus() campus_modify_form = forms.Campus_modify() return render( request, 'manager/ManagePage/ManageCampus.html', { 'campus_set': show_result, 'campus_form': campus_form, 'modify_tag': -1, 'campus_modify_form': campus_modify_form, 'message': message })
def modify(request): if request.method == 'POST': modify_form = forms.GradeTransfer_modify(request.POST) message = '' user_id = request.session['user_id'] print(modify_form.errors) if modify_form.is_valid(): grade_transfer_change_date = modify_form.cleaned_data.get( 'change_date') grade_transfer_original_class = modify_form.cleaned_data.get( 'original_class') grade_transfer_current_class = modify_form.cleaned_data.get( 'current_class') grade_transfer_degrade_reason = modify_form.cleaned_data.get( 'degrade_reason') tag = request.GET.get('tag') to_be_modified = models.GradeTransfer.objects.get(change_id=tag) try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority('modify', 'GradeTransfer', 'Teacher', tag, user_id) if authority: to_be_modified.change_date = grade_transfer_change_date to_be_modified.original_class = grade_transfer_original_class to_be_modified.current_class = grade_transfer_current_class to_be_modified.degrade_reason = grade_transfer_degrade_reason to_be_modified.save() else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Student') authority = getAuthority('modify', 'GradeTransfer', 'Student', tag, user_id) if authority: to_be_modified.change_date = grade_transfer_change_date to_be_modified.original_class = grade_transfer_original_class to_be_modified.current_class = grade_transfer_current_class to_be_modified.degrade_reason = grade_transfer_degrade_reason to_be_modified.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: message = 'Please check out what you write' # 渲染动态页面 grade_transfer_set = models.GradeTransfer.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in grade_transfer_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'GradeTransfer', 'Teacher', result.student.student_id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in grade_transfer_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'GradeTransfer', 'Student', result.student.student_id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' grade_transfer_form = forms.GradeTransfer() grade_transfer_modify_form = forms.GradeTransfer_modify() return render( request, 'manager/ManagePage/ManageGradeTransfer.html', { 'grade_transfer_set': grade_transfer_set, 'grade_transfer_form': grade_transfer_form, 'modify_tag': -1, 'message': message, 'grade_transfer_modify_form': grade_transfer_modify_form, })
def add(request): message = '' if request.method == 'POST': add_form = forms.ValidLesson(request.POST) user_id = request.session['user_id'] # 权限控制——这一部分用于判断账号类型,因为validlesson只有管理员能操作,所以以下直接不允许相关操作 if add_form.is_valid(): validlesson_id = add_form.cleaned_data.get('lesson') validlesson_teacher = add_form.cleaned_data.get('teacher') validlesson_begin_date = add_form.cleaned_data.get('begin_date') validlesson_begin_semester = add_form.cleaned_data.get('begin_semester') validlesson_begin_time = add_form.cleaned_data.get('begin_time') try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority('add', 'ValidLesson', 'Teacher', validlesson_id, user_id) if authority: new_validlesson = models.ValidLesson(lesson=validlesson_id, teacher=validlesson_teacher,begin_date=validlesson_begin_date,begin_semester=validlesson_begin_semester, begin_time=validlesson_begin_time) new_validlesson.save() else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Student') authority = getAuthority('add', 'ValidLesson', 'Student', validlesson_id, user_id) if authority: new_validlesson = models.ValidLesson(lesson=validlesson_id, teacher=validlesson_teacher,begin_date=validlesson_begin_date,begin_semester=validlesson_begin_semester, begin_time=validlesson_begin_time) new_validlesson.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: print(add_form.errors) message = "Please check what you've entered" # 渲染动态页面 validlesson_set = models.ValidLesson.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in validlesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'ValidLesson', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in validlesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'ValidLesson', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' validlesson_form = forms.ValidLesson() validlesson_modify_form = forms.ValidLesson_modify() return render( request, 'manager/ManagePage/ManageCourse.html', { 'validlesson_set' : show_result, 'validlesson_form' : validlesson_form, 'modify_tag' : -1, 'validlesson_modify_form' : validlesson_modify_form, 'message' : message } )
def modify(request): if request.method == 'POST': modify_form = forms.ValidLesson_modify(request.POST) message = '' user_id = request.session['user_id'] if modify_form.is_valid(): validlesson_teacher = modify_form.cleaned_data.get('teacher') validlesson_begin_date = modify_form.cleaned_data.get('begin_date') validlesson_begin_semester = modify_form.cleaned_data.get('begin_semester') validlesson_begin_time = modify_form.cleaned_data.get('begin_time') tag = request.GET.get('tag') to_be_modified = models.ValidLesson.objects.get(lesson=tag) print(to_be_modified.lesson.id) try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority('modify', 'ValidLesson', 'Teacher', tag, user_id) if authority: to_be_modified.teacher = validlesson_teacher to_be_modified.begin_date = validlesson_begin_date to_be_modified.begin_semester = validlesson_begin_semester to_be_modified.begin_time = validlesson_begin_time to_be_modified.save() else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Student') authority = getAuthority('modify', 'ValidLesson', 'Student', tag, user_id) if authority: to_be_modified.teacher = validlesson_teacher to_be_modified.begin_date = validlesson_begin_date to_be_modified.begin_semester = validlesson_begin_semester to_be_modified.begin_time = validlesson_begin_time to_be_modified.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: message = 'Please check out what you write' # 渲染动态页面 validlesson_set = models.ValidLesson.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in validlesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'ValidLesson', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in validlesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'ValidLesson', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' validlesson_form = forms.ValidLesson() validlesson_modify_form = forms.ValidLesson_modify() return render( request, 'manager/ManagePage/ManageCourse.html', { 'validlesson_set' : validlesson_set, 'validlesson_form' : validlesson_form, 'modify_tag' : -1, 'message' : message, 'validlesson_modify_form' : validlesson_modify_form, } )
def modify(request): if request.method == 'POST': modify_form = forms.myClass_modify(request.POST) message = '' user_id = request.session['user_id'] print(modify_form.errors) if modify_form.is_valid(): class_name = modify_form.cleaned_data.get('name') class_date = modify_form.cleaned_data.get('date') head_teacher = modify_form.cleaned_data.get('head_teacher') class_grade = modify_form.cleaned_data.get('grade') class_major = modify_form.cleaned_data.get('major') tag = request.GET.get('tag') to_be_modified = models.myClass.objects.get(id=tag) try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority('modify', 'Class', 'Teacher', tag, user_id) if authority: to_be_modified.name = class_name to_be_modified.date = class_date to_be_modified.head_teacher = head_teacher to_be_modified.grade = class_grade to_be_modified.major = class_major to_be_modified.save() else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Student') authority = getAuthority('modify', 'Class', 'Teacher', tag, user_id) if authority: to_be_modified.name = class_name to_be_modified.date = class_date to_be_modified.head_teacher = head_teacher to_be_modified.grade = class_grade to_be_modified.major = class_major to_be_modified.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: message = 'Please check out what you write' # 渲染动态页面 class_set = models.myClass.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in class_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Class', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in class_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Class', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' class_form = forms.myClass() class_modify_form = forms.myClass_modify() return render( request, 'manager/ManagePage/ManageClass.html', { 'class_set': class_set, 'class_form': class_form, 'modify_tag': -1, 'message': message, 'class_modify_form': class_modify_form, })
def add(request): message = '' if request.method == 'POST': add_form = forms.Lesson(request.POST) user_id = request.session['user_id'] # 权限控制——这一部分用于判断账号类型,因为lesson只有管理员能操作,所以以下直接不允许相关操作 if add_form.is_valid(): lesson_id = add_form.cleaned_data.get('id') lesson_name = add_form.cleaned_data.get('name') lesson_major = add_form.cleaned_data.get('major') lesson_test_type = add_form.cleaned_data.get('test_type') lesson_status = add_form.cleaned_data.get('lesson_status') try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority('add', 'Lesson', 'Teacher', lesson_id, user_id) if authority: lesson_major_in = models.Major.objects.get( name=lesson_major) new_lesson = models.Lesson(lesson_id, lesson_name, major=lesson_major_in, test_type=lesson_test_type, lesson_status=lesson_status) new_lesson.save() else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Student') authority = getAuthority('add', 'Lesson', 'Student', lesson_id, user_id) if authority: lesson_major_in = models.Major.objects.get( name=lesson_major) new_lesson = models.Lesson(lesson_id, lesson_name, major=lesson_major_in, test_type=lesson_test_type, lesson_status=lesson_status) new_lesson.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: message = "Please check what you've entered" # 渲染动态页面 lesson_set = models.Lesson.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in lesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Lesson', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in lesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Lesson', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' lesson_form = forms.Lesson() lesson_modify_form = forms.Lesson_modify() return render( request, 'manager/ManagePage/ManageLesson.html', { 'lesson_set': show_result, 'lesson_form': lesson_form, 'modify_tag': -1, 'lesson_modify_form': lesson_modify_form, 'message': message })
def add(request): message = '' if request.method == 'POST': add_form = forms.GradeTransfer(request.POST) user_id = request.session['user_id'] print(add_form.errors) # 权限控制——这一部分用于判断账号类型,因为grade_transfer只有管理员能操作,所以以下直接不允许相关操作 if add_form.is_valid(): grade_transfer_change_id = add_form.cleaned_data.get('change_id') grade_transfer_change_date = add_form.cleaned_data.get( 'change_date') grade_transfer_student = add_form.cleaned_data.get('student') grade_transfer_original_class = add_form.cleaned_data.get( 'original_class') grade_transfer_current_class = add_form.cleaned_data.get( 'current_class') grade_transfer_degrade_reason = add_form.cleaned_data.get( 'degrade_reason') try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority( 'add', 'GradeTransfer', 'Teacher', models.Student.objects.get( name=grade_transfer_student).student_id, user_id) if authority: if grade_transfer_student.myClass == grade_transfer_original_class: original = models.myClass.objects.get( name=grade_transfer_original_class) current = models.myClass.objects.get( name=grade_transfer_current_class) student = models.Student.objects.get( name=grade_transfer_student) print(original, current) new_grade_transfer = models.GradeTransfer( change_id=grade_transfer_change_id, change_date=grade_transfer_change_date, student=grade_transfer_student, original_class=original, current_class=current, degrade_reason=grade_transfer_degrade_reason, ) new_grade_transfer.save() print(grade_transfer_student.student_id) target = models.Student.objects.get( student_id=grade_transfer_student.student_id) target.myClass = grade_transfer_current_class target.save() else: message = 'Invalid operation' else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Student') authority = getAuthority('add', 'GradeTransfer', 'Teacher', grade_transfer_student.student_id, user_id) if authority: new_grade_transfer = models.GradeTransfer( grade_transfer_change_id, grade_transfer_change_date, grade_transfer_student, grade_transfer_original_class, grade_transfer_current_class, grade_transfer_degrade_reason, ) new_grade_transfer.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: message = "Please check what you've entered" # 渲染动态页面 grade_transfer_set = models.GradeTransfer.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in grade_transfer_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'GradeTransfer', 'Teacher', result.student.student_id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in grade_transfer_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'GradeTransfer', 'Student', result.student.student_id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' grade_transfer_form = forms.GradeTransfer() grade_transfer_modify_form = forms.GradeTransfer_modify() return render( request, 'manager/ManagePage/ManageGradeTransfer.html', { 'grade_transfer_set': show_result, 'grade_transfer_form': grade_transfer_form, 'modify_tag': -1, 'grade_transfer_modify_form': grade_transfer_modify_form, 'message': message })
def modify(request): if request.method == 'POST': modify_form = forms.Lesson_modify(request.POST) message = '' user_id = request.session['user_id'] if modify_form.is_valid(): lesson_name = modify_form.cleaned_data.get('name') lesson_address = modify_form.cleaned_data.get('address') lesson_major = modify_form.cleaned_data.get('major') lesson_test_type = modify_form.cleaned_data.get('test_type') lesson_status = modify_form.cleaned_data.get('lesson_status') tag = request.GET.get('tag') to_be_modified = models.Lesson.objects.get(id=tag) try: # 如果用户是老师 request.session.get('user_type', 'Teacher') authority = getAuthority('modify', 'Lesson', 'Teacher', tag, user_id) if authority: to_be_modified.name = lesson_name to_be_modified.address = lesson_address to_be_modified.major = lesson_major to_be_modified.test_type = lesson_test_type to_be_modified.lesson_status = lesson_status to_be_modified.save() else: message = 'Do not have the right of this operation' except: try: # 如果用户是学生 request.session.get('user_type', 'Student') authority = getAuthority('modify', 'Lesson', 'Student', tag, user_id) if authority: to_be_modified.name = lesson_name to_be_modified.address = lesson_address to_be_modified.major = lesson_major to_be_modified.test_type = lesson_test_type to_be_modified.lesson_status = lesson_status to_be_modified.save() else: message = 'Do not have the right of this operation' except: message = 'Please login' else: message = 'Please check out what you write' # 渲染动态页面 lesson_set = models.Lesson.objects.all() show_result = [] try: # 如果用户是老师 request.session.get('user_type', 'Teacher') for result in lesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Lesson', 'Teacher', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: try: # 如果用户是学生 request.session.get('user_type', 'Student') for result in lesson_set: # 剔除所有结果中的非法结果 authority = getAuthority('query', 'Lesson', 'Student', result.id, user_id) # 检查用户对该元素的query权限 if authority: show_result.append(result) except: message = 'Please login' lesson_form = forms.Lesson() lesson_modify_form = forms.Lesson_modify() return render( request, 'manager/ManagePage/ManageLesson.html', { 'lesson_set': lesson_set, 'lesson_form': lesson_form, 'modify_tag': -1, 'message': message, 'lesson_modify_form': lesson_modify_form, })