def adduser():
username = request.json.get('username')
password = request.json.get('password')
usertype = request.json.get('usertype')
Authorization = request.headers.get("Authorization")
tokeninfo = Auth.put_user_role(Authorization)
role = tokeninfo[0]
user_id = tokeninfo[1]
if request.method == 'POST':
print(username, password, usertype)
if not all([username, password, usertype]):
return jsonify({"message": "参数不完整"}), 403
elif int(usertype) == 1:
return jsonify({"message": "无权限创建"}), 403
elif role == int(usertype):
return jsonify({"message": "无权限创建"}), 403
elif role == 3:
return jsonify({"message": "无权限访问"}), 403
user = User.query.filter_by(username=username).first()
if user:
return jsonify({"message": "用户已经存在"}), 403
else:
User(username=username, password=password).save()
check = User.query.filter(User.username == username).first()
check.addrole(usertype)
return jsonify({"message": "创建成功"})
def upavatar():
Authorization = request.headers.get("Authorization")
tokeninfo = Auth.put_user_role(Authorization)
user_id = tokeninfo[1]
user = User.query.filter(User.id == user_id).first()
src = get_pic()
user.uppic(src)
return jsonify({"message": src})
def about():
if request.method == 'GET':
Authorization = request.headers.get("Authorization")
tokeninfo = Auth.put_user_role(Authorization)
s_role = tokeninfo[0]
user_id = tokeninfo[1]
result = UserAuthentication.Get_about(user_id, s_role)
return jsonify({"data": result})
def userlist():
if request.method == 'GET':
Authorization = request.headers.get("Authorization")
tokeninfo = Auth.put_user_role(Authorization)
role = tokeninfo[0]
user_id = tokeninfo[1]
if role == 1 or role == 2:
result = UserAuthentication.Get_User_List(3)
return jsonify({"data": result})
else:
return jsonify({"message": "无权限"}), 403
def deluser():
if request.method == 'POST':
username = request.json.get('username')
Authorization = request.headers.get("Authorization")
tokeninfo = Auth.put_user_role(Authorization)
user_id = tokeninfo[1]
result = UserAuthentication.Delete_user(user_id, username)
if result == True:
return jsonify({"message": "用户已删除"})
else:
return jsonify({"message": "无权限删除"}), 403
def description():
if request.method == 'POST':
username = request.json.get("username")
des = request.json.get("description")
Authorization = request.headers.get("Authorization")
tokeninfo = Auth.put_user_role(Authorization)
user_id = tokeninfo[1]
user = User.query.filter(User.id == user_id).first()
if username == user.username:
user.updesc(des)
return jsonify({"message": "修改成功"})
else:
return jsonify({"message": "修改失败"}), 403
def lockuser():
username = request.json.get('username')
userlock = request.json.get('userlock')
print(username, userlock)
if request.method == 'POST':
Authorization = request.headers.get("Authorization")
tokeninfo = Auth.put_user_role(Authorization)
user_id = tokeninfo[1]
if not all([username, str(userlock)]):
abort(401)
result = UserAuthentication.Locked_user(user_id, username, userlock)
if result == True:
return jsonify({"message": "执行完成"})
else:
return jsonify({"message": "无权限执行"}), 404
def updatepwd():
username = request.json.get("username")
oldpwd = request.json.get("oldpwd")
newpwd = request.json.get('newpwd')
Authorization = request.headers.get("Authorization")
tokeninfo = Auth.put_user_role(Authorization)
user_id = tokeninfo[1]
if request.method == 'POST':
print(username, oldpwd, newpwd)
if not all([username, oldpwd, newpwd]):
return jsonify({"message": "参数不完整"}), 401
result = UserAuthentication.Upwd_user(user_id, username, oldpwd,
newpwd)
if result == True:
return jsonify({"message": "修改成功"})
else:
return jsonify({"message": "修改失败"}), 403
def admin_upwd():
if request.method == 'POST':
username = request.json.get("username")
newpwd = request.json.get('newpwd')
oldpwd = ""
Authorization = request.headers.get("Authorization")
tokeninfo = Auth.put_user_role(Authorization)
role = tokeninfo[0]
user_id = tokeninfo[1]
if role == 1 or role == 2:
result = UserAuthentication.Upwd_user(user_id, username, oldpwd,
newpwd)
else:
abort(401)
if result == True:
return jsonify({"message": "修改成功"})
else:
return jsonify({"message": "修改失败"}), 403