def post_myfavourite(request): OperateLog.create_log(request) if not request.method == "POST": return JsonResponse({"error": "请求方式不正确"}, status=status.HTTP_405_METHOD_NOT_ALLOWED) user = request.user if str(user) == 'AnonymousUser': return JsonResponse({"error": "请先登录"}, status=status.HTTP_400_BAD_REQUEST) bod = request.body bod = str(bod, encoding="utf-8") params = json.loads(bod) na_id = params.get("na_id") naviagetion = Navigations.objects.get(pk=na_id) user_favriout = UserFaviourt.objects.filter(user_faviourt=user).exists() if not user_favriout: fa = UserFaviourt.objects.create(user_faviourt=user) faviourt = UserFaviourt.objects.get(user_faviourt=user) queryset = Navigations.objects.filter( navigation_fav__user_faviourt=user.id).distinct() for i in queryset: if i.id == int(na_id): return JsonResponse({"error": "不能重复收藏"}, status=status.HTTP_400_BAD_REQUEST) faviourt.faviourt.add(naviagetion) return JsonResponse({"info": "收藏成功"}, status=status.HTTP_200_OK)
def set_sort(request): OperateLog.create_log(request) if not request.method == "POST": return JsonResponse({"error": "请求方式不正确"}, status=status.HTTP_405_METHOD_NOT_ALLOWED) user = request.user bod = request.body bod = str(bod, encoding="utf-8") params = json.loads(bod) # {"1": "类型id"} try: sort_info = params.get("sort_info") sort_dict = {"username": user, "order": sort_info} ex = SortInfo.objects.filter(username=user).exists() if ex: SortInfo.objects.filter(username=user).update(order=sort_info) else: SortInfo.objects.create(**sort_dict) except Exception as e: return JsonResponse({ "error": "设置失败", "data": str(e) }, status=status.HTTP_400_BAD_REQUEST) return JsonResponse({"info": "设置成功"}, status=status.HTTP_200_OK)
def update(self, request, *args, **kwargs): instance = self.get_object() serializer = self.get_serializer(instance, data=request.data) serializer.is_valid(raise_exception=True) self.perform_update(serializer) OperateLog.create_log(request) return Response(serializer.data)
def user_delete(request): OperateLog.create_log(request) if not request.method == "DELETE": return JsonResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED, data={}) permission = request.user.has_perm("auth.delete_user") if permission == False: return JsonResponse({"error": "你没有权限操作"}, status=status.HTTP_403_FORBIDDEN) cn = request.GET.get('cn', '') # 获取登录模式 login_sets = get_login_model() mode = login_model try: if mode == 1: # 删除ldap用户信息 ldap_user_delete(cn) ret = User.objects.filter(user_profile__create_source=1).filter(username=cn).delete() elif mode == 2: ret = User.objects.filter(user_profile__create_source=2).filter(username=cn).delete() elif mode == 3 or mode == 4: # 删除ldap用户信息 ldap_user_delete(cn) ret = User.objects.filter(username=cn).delete() return JsonResponse({"message": "删除成功"}, status=status.HTTP_200_OK) except Exception as e: return JsonResponse({"error": "删除失败: " + str(e.args)}, status=status.HTTP_400_BAD_REQUEST)
def user_add(request): OperateLog.create_log(request) if not request.method == "POST": return JsonResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED, data={}) # 当前用户是否拥有新增用户权限 permission = request.user.has_perm("auth.add_user") if permission == False: return JsonResponse({"error": "你没有权限操作"}, status=status.HTTP_403_FORBIDDEN) bod = request.body bod = str(bod, encoding="utf-8") data = json.loads(bod) username = data["cn"] # 校验ldap是否有该用户 ldap_exit = User.objects.filter(user_profile__create_source=1).filter(username=username).exists() # 校验本地是否有该用户 local_exit = User.objects.filter(user_profile__create_source=2).filter(username=username).exists() # 获取登录模式 login_sets = get_login_model() mode = login_model if mode == 1: # 如果ldap没有该用户 if ldap_exit == False: with transaction.atomic(): ldap_user_add(**data) lu = local_user_add(**data) up = UserProfile.objects.create(user=lu, create_source=1, is_enable=1) return JsonResponse({"info": "新增成功"}, status=status.HTTP_200_OK) # 如果ldap存在该用户 else: return JsonResponse({"error": "ldap已存在该用户"}, status=status.HTTP_400_BAD_REQUEST) elif mode == 2: # 如果本地没有该用户 if local_exit == False: with transaction.atomic(): lu = local_user_add(**data) up = UserProfile.objects.create(user=lu, create_source=2, is_enable=1) return JsonResponse({"info": "新增成功"}, status=status.HTTP_200_OK) # 如果本地存在该用户 else: return JsonResponse({"error": "本地已存在该用户"}, status=status.HTTP_400_BAD_REQUEST) elif mode == 3 or mode == 4: # 本地或者ldap存在该用户则不进行新增 if (ldap_exit == False) and (local_exit == False): with transaction.atomic(): # ldap新增 ldap_user_add(**data) lu = local_user_add(**data) lup = UserProfile.objects.create(user=lu, create_source=1, is_enable=1) # 本地新增 bu = local_user_add(**data) bup = UserProfile.objects.create(user=bu, create_source=2, is_enable=1) return JsonResponse({"info": "新增成功"}, status=status.HTTP_200_OK) else: return JsonResponse({"error": "ldap或本地已存在该用户"}, status=status.HTTP_400_BAD_REQUEST)
def home_top(request): op = OpenStationManage.objects.filter(station_info__classify=2).count() data = [] # 总量查询集 total_base_query = RefactoringConsultingAndVisitors.objects.all() i_dict = {} valid_con = total_base_query.aggregate( consulting_total=Sum('valid_consulting')) invalid_con = total_base_query.aggregate( invalid_consulting=Sum('invalid_consulting')) valid_vis = total_base_query.aggregate(valid_visitors=Sum('unique_vistor')) i_dict["name"] = "历史重构咨询量" i_dict["total"] = int(valid_con.get('consulting_total', 0)) + int( invalid_con.get('invalid_consulting', 0)) data.append(i_dict) v_dict = {} v_dict["name"] = "历史重构访客量" v_dict["total"] = int(valid_vis.get('valid_visitors', 0)) data.append(v_dict) o_dict = {} o_dict["name"] = "历史重构站点数量" o_dict["total"] = op data.append(o_dict) OperateLog.create_log(request) return Response(data=data, status=status.HTTP_200_OK)
def user_detail(request): OperateLog.create_log(request) user = request.GET.get("user", "") try: with connect_ldap() as c: c.search('cn=%s,ou=Users,dc=xiaoneng,dc=cn' % user, search_filter='(objectClass=inetOrgPerson)', attributes=['sn', 'cn', 'mail', 'memberof']) # 获取所有角色(所有角色) ret = get_group_role() if not isinstance(ret, list): return Response({"error": ret}, status=status.HTTP_400_BAD_REQUEST) # 获取总的分组以及角色字典 permissions_dict = update_info(ret) # 获取某个人的所有权限,并对字典赋值 result = {} for item in c.entries: memberof = item.entry_attributes_as_dict['memberOf'] print('zxymemberof', memberof) result.update({ "cn": item.entry_attributes_as_dict['cn'][0], "sn": item.entry_attributes_as_dict['sn'][0], "mail": item.entry_attributes_as_dict['mail'][0], "permission": dn_update_permission(memberof, permissions_dict) }) return Response(result, status=status.HTTP_200_OK) except Exception as e: return Response({"error": str(e.args)}, status=status.HTTP_400_BAD_REQUEST)
def personal_changepassword(request): if not request.method == "POST": return JsonResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED, data={}) data = ast.literal_eval(request.body.decode('utf-8')) OperateLog.create_log(request) try: with connect_ldap() as c: c.search('ou=Users,dc=xiaoneng,dc=cn', search_filter='(objectClass=inetOrgPerson)', attributes=['userPassword', 'cn'], search_scope=SUBTREE) ldap_password = '' dn = '' for i in c.entries: cn = i.entry_attributes_as_dict['cn'][0] print(cn) if i.entry_attributes_as_dict['cn'][0] == request.user.get_username(): ldap_password = i.entry_attributes_as_dict['userPassword'][0] dn = i.entry_dn break if ldap_password and sha.verify(data['old_password'], ldap_password): c.modify(dn, {'userpassword': [(MODIFY_REPLACE, sha.hash(data['new_password']))]}) # 修改本地密码 user = User.objects.get(username=cn) user.password = sha.hash(data['new_password']) user.save() else: return JsonResponse(status=status.HTTP_400_BAD_REQUEST, data={"result": False, "error": '旧密码错误, 验证失败'}) return JsonResponse(status=status.HTTP_200_OK, data={"result": True, "message": "修改成功"}) except Exception as e: return JsonResponse(status=status.HTTP_400_BAD_REQUEST, data={"result": False, "error": str(e.args)})
def get_myfavourite(request): OperateLog.create_log(request) date = [] host = str(request.get_host()) username_id = request.user.id if username_id: queryset = Navigations.objects.filter( navigation_fav__user_faviourt=username_id).distinct() for i in queryset: id = i.id name = i.name_navigations url = i.url image = 'http://' + host + '/upload/' + str(i.image) desc = i.desc date.append({ "id": id, "name_navigations": name, "url": url, "image": image, "desc": desc }) else: return JsonResponse({"error": "请登录"}, status=status.HTTP_400_BAD_REQUEST) return JsonResponse({"date": date}, status=status.HTTP_200_OK)
def login_config(request): if not (request.method == "PUT" or request.method == "POST"): return JsonResponse({"error": "request method not allowed"}, status=status.HTTP_405_METHOD_NOT_ALLOWED) permission = request.user.has_perm("setup.change_loginconfig") if permission == False: return JsonResponse({"error": "你没有权限操作"}, status=status.HTTP_403_FORBIDDEN) bod = request.body bod = str(bod, encoding="utf-8") bod = json.loads(bod) # 获取参数 auth_ldap_bind_dn = bod.get("AUTH_LDAP_BIND_DN", "cn=admin,dc=xiaoneng,dc=cn") auth_ldap_bind_password = bod.get("AUTH_LDAP_BIND_PASSWORD", "password6666") user_ldapsearch = bod.get("USER_LDAPSearch", "ou=Users,dc=xiaoneng,dc=cn") user_scope_subtree = bod.get("USER_SCOPE_SUBTREE", "(cn=%(user)s)") group_ldapsearch = bod.get("GROUP_LDAPSearch", "cn=LDAP,ou=Roles,dc=xiaoneng,dc=cn") group_scope_subtree = bod.get("GROUP_SCOPE_SUBTREE", "(objectClass=groupOfUniqueNames)") is_active = bod.get("is_active", "(objectClass=groupOfUniqueNames)") is_staff = bod.get("is_staff", "cn=users,cn=LDAP,ou=Roles,dc=xiaoneng,dc=cn") is_superuser = bod.get("is_superuser", "cn=ldap-admin,cn=LDAP,ou=Roles,dc=xiaoneng,dc=cn") ldap_server_url = bod.get("ldap_server_url", "ldap.xiaoneng.cn") ldap_name = bod.get("ldap_name", "ldap://ldap.xiaoneng.cn") login_model = bod.get("login_model") model_info = { "auth_ldap_bind_dn": auth_ldap_bind_dn, "auth_ldap_bind_password": auth_ldap_bind_password, "user_ldapsearch": user_ldapsearch, "user_scope_subtree": user_scope_subtree, "group_ldapsearch": group_ldapsearch, "group_scope_subtree": group_scope_subtree, "is_active": is_active, "is_staff": is_staff, "is_superuser": is_superuser, "ldap_server_url": ldap_server_url, "ldap_name": ldap_name, "login_model": login_model, "ldap": "oa" } ret = LoginLdapConfig.objects.update_or_create(defaults=model_info, **{"ldap": "oa"}) if login_model == '1': pro1 = UserProfile.objects.filter(create_source=1).update(is_enable=1) pro2 = UserProfile.objects.filter(create_source=2).update(is_enable=0) elif login_model == '2': pro1 = UserProfile.objects.filter(create_source=1).update(is_enable=0) pro2 = UserProfile.objects.filter(create_source=2).update(is_enable=1) elif login_model == '3' or login_model == '4': pro = UserProfile.objects.update(is_enable=1) OperateLog.create_log(request) return JsonResponse({'info': '设置成功'}, status=status.HTTP_200_OK)
def list(self, request, *args, **kwargs): OperateLog.create_log(request) queryset = self.filter_queryset(self.get_queryset()) serializer = self.get_serializer(queryset, many=True) data = serializer.data data_list = [] s = 0 user = request.user print('user', user, type(user)) if str(user) == 'AnonymousUser': for ds in data: s += 1 data_list.append({"la": 1, "ch": ds}) return Response(data_list, status=status.HTTP_200_OK) else: # 获取存储的所有排序 data_list = [] sort_info = SortInfo.objects.filter(username=user).first() # 判断sort_info为空 s = 0 if sort_info == None: for ds in data: s = s + 1 data_list.append({"la": s, "ch": ds}) # 如果排序不为空 else: sort_info = sort_info.order sort_info = eval(sort_info) # 所有type的id集合 type_id = set() for d in data: type_id.add(d["id"]) # 获取排序的id sort_id = set() for s, t in sort_info.items(): sort_id.add(t) # 获取未排序的id df_id = type_id - sort_id print('df_id', df_id) # 获取排序的元素 for j, q in sort_info.items(): for i in data: if i["id"] == q: data_list.append({"la": j, "ch": i}) # 为n赋值,大于df_id的最大值 n = int(j) # 添加未排序的type for df in df_id: for da in data: if int(df) == int(da["id"]): n = n + 1 data_list.append({"la": n, "ch": da}) return Response(data_list)
def destroy(self, request, *args, **kwargs): pk = kwargs model_query = GoodsModel.objects.all() model_num = model_query.filter(good_parents=pk['pk']).count() if model_num > 0: return Response({'error': '该模块含有子类无法删除'}, status=status.HTTP_400_BAD_REQUEST) OperateLog.create_log(request) return super(GoodsModelSet, self).destroy(request, *args, **kwargs)
def update(self, request, *args, **kwargs): try: with transaction.atomic(): super(UserViewSet, self).update(request, *args, **kwargs) OperateLog.create_log(request) return Response({}, status=status.HTTP_200_OK) except Exception as e: return Response({"error": str(e)}, status=status.HTTP_400_BAD_REQUEST)
def destroy(self, request, *args, **kwargs): version_id = VersionRepository.objects.all().filter( parent=kwargs['pk']) if version_id: return Response({'error': '该版本还有子版本,请先删除子产品'}, status=status.HTTP_400_BAD_REQUEST) OperateLog.create_log(request) return super(VersionRepositoryManage, self).destroy(request, *args, **kwargs)
def list_role_members(request): OperateLog.create_log(request) role = request.GET.get('role') group = request.GET.get('group') result = get_member(role, group) if isinstance(result, list): return Response(result) if isinstance(result, str): return Response({"result": False, "error": result})
def destroy(self, request, *args, **kwargs): instance = self.get_object() site_num = instance.company_info.count() if not site_num: instance.delete() OperateLog.create_log(request) return Response(status=status.HTTP_204_NO_CONTENT) else: return Response({"error": "有站点在该行业,不可删除"}, status=status.HTTP_400_BAD_REQUEST)
def update(self, request, *args, **kwargs): data = request.data instance = self.get_object() serializer = self.get_serializer(instance, data=data) serializer.is_valid(raise_exception=True) with transaction.atomic(): instance = serializer.save() OperateLog.create_log(request) return Response(MultipleGoodsSerializer(instance).data, status=status.HTTP_200_OK)
def destroy(self, request, *args, **kwargs): instance = self.get_object() ad_status = Advertising.objects.all().filter(pk=kwargs['pk']) \ .values_list('ad_status', flat=True) if ad_status[0] == 1: return Response({'error': '该商品已经上架,请下架后再删除'}, status=status.HTTP_400_BAD_REQUEST) self.perform_destroy(instance) OperateLog.create_log(request) return Response(status=status.HTTP_200_OK)
def destroy(self, request, *args, **kwargs): today = datetime.date.today() putaway_off_time = MultipleGoods.objects.all().filter(pk=kwargs['pk'])\ .values_list('putaway_off_time', flat=True) if putaway_off_time[0] >= today: return Response({'error': '该商品已经上架,请下架后再删除'}, status=status.HTTP_400_BAD_REQUEST) OperateLog.create_log(request) return super(MultipleProductManageset, self).destroy(request, *args, **kwargs)
def create(self, request, *args, **kwargs): try: with transaction.atomic(): super(VersionProductManage, self).create(request, *args, **kwargs) OperateLog.create_log(request) return Response({}, status=status.HTTP_200_OK) except Exception as e: return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST)
def update(self, request, *args, **kwargs): try: super(TagManageSet, self).update(request, *args, **kwargs) OperateLog.create_log(request) return Response({}, status=status.HTTP_200_OK) except Exception as e: return Response({ 'error': '该标签已存在', 'e': str(e) }, status=status.HTTP_400_BAD_REQUEST)
def create(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) try: with transaction.atomic(): self.perform_create(serializer) except Exception as e: return Response({'error': str(e)}, status=status.HTTP_400_BAD_REQUEST) OperateLog.create_log(request) return Response(status=status.HTTP_200_OK)
def logout(request): """ function:登出 param: request return: """ if not request.method == "GET": return JsonResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED, data={}) auth.logout(request) OperateLog.logout(request) return HttpResponse('success', status=status.HTTP_200_OK)
def delete_myfaourite(request): OperateLog.create_log(request) if not request.method == "DELETE": return JsonResponse({"error": "请求方式不正确"}, status=status.HTTP_405_METHOD_NOT_ALLOWED) na_id = request.GET.get("na_id") user = request.user favorite = UserFaviourt.objects.get(user_faviourt=user) navigation = Navigations.objects.get(pk=na_id) favorite.faviourt.remove(navigation) return JsonResponse({"info": "取消收藏成功"}, status=status.HTTP_200_OK)
def classic_week_pwd(request): #查看redis脚本执行状态 进行中=1,已完成=2,执行失败=3 req = Redis_base().get("classic_week_pwd") if req == 1: return JsonResponse({}, safe=False) else: Redis_base().set("classic_week_pwd", 1) classic_week_pwd_async() request.body = json.dumps({"data": ""}).encode() request.method = "SCRIPT" OperateLog.create_log(request) return JsonResponse({}, safe=False)
def create(self, request, *args, **kwargs): if request.user not in User.objects.all(): return Response({'error': '亲,请先登录!'}, status=status.HTTP_400_BAD_REQUEST) serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) self.perform_create(serializer) headers = self.get_success_headers(serializer.data) OperateLog.create_log(request) return Response(serializer.data, status=status.HTTP_200_OK, headers=headers)
def create(self, request, *args, **kwargs): try: with transaction.atomic(): super(GoodsModelSet, self).create(request, *args, **kwargs) OperateLog.create_log(request) return Response({}, status=status.HTTP_200_OK) except Exception as e: return Response({ 'error': '该模块已存在', 'e': str(e) }, status=status.HTTP_400_BAD_REQUEST)
def create_put_up(request): today = datetime.date.today() bod = request.body bod = str(bod, encoding="utf-8") bod = json.loads(bod) goods_sn = bod.get('goods_sn', '') on_time = bod.get('putaway_recent_on_time', '1970-01-01').strip() off_time = bod.get('putaway_off_time', '1970-01-01').strip() sell_status = bod.get('sell_status', '1') recommend = bod.get('recommend', '2') put_price = bod.get('put_price', '0') goods_price = bod.get('goods_price', '') user = request.user.last_name on_time = str_to_date(on_time) off_time = str_to_date(off_time) today = datetime.date.today() # 判断请求方式以及上架状态 if (request.method == 'PUT') and (on_time <= today) and (off_time > today): return Response({'error': '上架商品无法修改,请先下架'}, status=status.HTTP_400_BAD_REQUEST) # 单品上架新增信息 s_goods_info = { "putaway_recent_on_time": on_time, "putaway_off_time": off_time, "sell_status": sell_status, "recommend": recommend, "put_price": put_price, "putaway_operator": user, "goods_price": goods_price } # 组合商品上架新增信息 m_goods_info = { "putaway_recent_on_time": on_time, "putaway_off_time": off_time, "sell_status": sell_status, "recommend": recommend, "put_price": put_price, "putaway_operator": user, } if goods_sn[0] == 'A': res = SingleGoods.objects.filter(goods_sn=goods_sn).update( **s_goods_info) if goods_sn[0] == 'B': res = MultipleGoods.objects.filter(m_goods_sn=goods_sn).update( **m_goods_info) OperateLog.create_log(request) return Response({"info": "上架成功"}, status=status.HTTP_200_OK)
def create(self, request, *args, **kwargs): industry = request.data.get('industry', '').strip() if industry: if self.is_unique(industry): Industry.objects.create(industry=industry) OperateLog.create_log(request) return Response(status=status.HTTP_201_CREATED) else: return Response({'error': '该行业已存在'}, status=status.HTTP_400_BAD_REQUEST) else: return Response({'error': '参数错误,无行业名'}, status=status.HTTP_400_BAD_REQUEST)
def update_all_open_station(request): if Redis_base().get("all_open_station_status") == 1: return Response({"status": 1}, status=status.HTTP_200_OK) else: handle_update_all_open_station() request.body = json.dumps({"data": ""}).encode() request.method = "SCRIPT" OperateLog.create_log(request) Redis_base().set("all_open_station_status", 1) return Response(status=status.HTTP_200_OK)