def license_info():
"""
查看证书信息
:return:
"""
product_key = request.args.get("product_key")
record = None
if product_key:
record = License.query.get(product_key)
# 判断证书是否存在,如果存在就返回有效时间
if record:
is_enable, msg = util.check_license(record.content)
if is_enable:
return JsonResult.success(
"证书有效!", dict(msg, machine_info=util.get_machine_info()))
else:
res = {
"machine_info": util.get_machine_info(),
}
return JsonResult.error("%s ,请联系相关销售进行申请证书!" % msg, res)
else:
res = {"machine_info": util.get_machine_info()}
return JsonResult.error("证书不存在,请联系相关销售进行申请证书!", res)
def update_permission(id):
permission = Permission.query.get(id)
if permission is None:
return JsonResult.error("对象不存在,id=%s" % id)
args = request.get_json()
# 将参数加载进去
param_tool.set_dict_parm(permission, args)
db.session.commit()
return JsonResult.success("更新成功!", {"id": permission.id})
def update_permission_scope(id):
obj = PermissionScope.query.get(id)
if obj is None:
return JsonResult.error("对象不存在,id=%s" % id)
args = request.get_json()
# 将参数加载进去
param_tool.set_dict_parm(obj, args)
db.session.commit()
return JsonResult.success("更新成功!", {"id": obj.id})
def update_role():
id = request.args.get("id")
obj = Role.query.get(id)
if obj is None:
return JsonResult.error("对象不存在,id=%s" % id)
args = request.get_json()
if "password" in args:
args.pop("password")
# 将参数加载进去
param_tool.set_dict_parm(obj, args)
db.session.commit()
return JsonResult.success("更新成功!", {"id": obj.id})
def get_group_permissions():
permission_scope_key = request.args.get("permission_scope_key")
q = Permission.query.join(PermissionScopeRetail,
PermissionScopeRetail.permission_key == Permission.key) \
.filter(PermissionScopeRetail.permission_scope_key == permission_scope_key)
list = q.all()
return JsonResult.queryResult(list)
def update_group_permissions():
args = request.get_json()
permission_scope_key = request.args.get("permission_scope_key")
permission_keys = args.get("permission_keys")
group_permissions = PermissionScopeRetail.query.filter(
PermissionScopeRetail.permission_scope_key ==
permission_scope_key).all()
for permission_key in permission_keys:
# 判断数据库中是否已经存在该用户
selected = [
pr for pr in group_permissions
if pr.permission_key == permission_key
]
if len(selected) == 0:
role_permission = PermissionScopeRetail(
permission_scope_key=permission_scope_key,
permission_key=permission_key)
db.session.add(role_permission)
else: # 已存在的角色,从user_roles中删掉,剩下的是要删除的用户
group_permissions.remove(selected[0])
# 删除已经不存在的数据
[
db.session.delete(group_permission)
for group_permission in group_permissions
]
db.session.commit()
permission_context.load_permission()
return JsonResult.success("更新权限分组成功!")
def user_list():
"""
用户列表
:return:
"""
id = request.args.get("id")
if id:
return get_user(id)
q = db.session.query(User.id, User.department_key, func.max(User.name).label("name"),
func.max(User.loginid).label("loginid"), func.max(User.telephone)
.label("telephone"), func.max(User.address).label("address"),
func.string_agg(func.cast(Role.id, Text), ',').label("roles")).outerjoin(UserRole,
UserRole.user_id == User.id).outerjoin(
Role, Role.id == UserRole.role_id).group_by(User.id)
name = request.args.get("name")
if name is not None:
q = q.filter(User.name.like("%" + name.split(".")[-1] + "%"))
# q = q.order_by(User.name.desc())
offset = int(request.args.get('offset'))
limit = int(request.args.get('limit'))
sort = request.args.get('sort')
if sort == None:
sort = "-id"
res, total = sql_tool.model_page(q, limit, offset, sort)
return JsonResult.res_page(res, total)
def role_permissions_list():
role_id = request.args.get("role_id")
q = Permission.query.join(PermissionScopeRetail, PermissionScopeRetail.permission_key == Permission.key) \
.join(RolePermissionScope,
RolePermissionScope.permission_scope_key == PermissionScopeRetail.permission_scope_key) \
.filter(RolePermissionScope.role_id == role_id)
list = q.all()
return JsonResult.queryResult(list)
def del_permission(id):
"删除权限"
permission = Permission.query.get(id)
db.session.delete(permission)
# sql = """ delete from ts_meetasr_log where meetid='%s' """ % meetid
# db.session.execute(sql)
db.session.commit()
return JsonResult.success("删除成功!", {"id": id})
def get_role(id):
"""
# 详细角色信息
:param id:
:return:
"""
obj = Role.query.get(id)
return JsonResult.queryResult(obj)
def add_permission_scope():
obj = PermissionScope()
args = request.get_json()
# 将参数加载进去
param_tool.set_dict_parm(obj, args)
db.session.add(obj)
db.session.commit()
return JsonResult.success("创建成功!", {"id": obj.id})
def get_user(id):
"""
详细用户信息
:param id:
:return:
"""
obj = User.query.get(id)
return JsonResult.queryResult(obj)
def add_role():
obj = Role()
args = request.get_json()
# 将参数加载进去
param_tool.set_dict_parm(obj, args)
obj.opr_at = int(time.time())
db.session.add(obj)
db.session.commit()
return JsonResult.success("创建成功!", {"id": obj.id})
def license_upload():
"""
证书控制 - 上传证书文件
:return:
"""
file = request.files.get("license")
content = file.read()
file.close()
is_allow, info = util.check_license(content)
if is_allow:
record = License(product_key=info["product_key"],
content=content.decode())
db.session.merge(record)
return JsonResult.success("注册成功")
else:
return JsonResult.error("注册失败,%s" % info), HTTPStatus.FORBIDDEN
def add_user():
"""
增加用户
:return:
"""
obj = User()
args = request.get_json()
# 将参数加载进去
param_tool.set_dict_parm(obj, args)
password = args.get("password")
password = com_tool.get_MD5_code(password)
obj.password = password
db.session.add(obj)
try:
db.session.commit()
except Exception as e:
return JsonResult.error("创建失败,用户名重复!", {"loginid": obj.loginid})
return JsonResult.success("创建成功!", {"userid": obj.id})
def update_user_password():
"""
# 修改密码
:param id:
:return:
"""
id = request.args.get("id")
obj = User.query.get(id)
if obj is None:
return JsonResult.error("对象不存在,id=%s" % id)
args = request.get_json()
if "old_password" in args and obj.password == com_tool.get_MD5_code(args["old_password"]):
if "new_password" in args:
new_passwd = com_tool.get_MD5_code(args["new_password"])
obj.password = new_passwd
db.session.commit()
return JsonResult.success("修改密码成功!", {"id": obj.id})
else:
return JsonResult.error("修改密码失败,请输入新密码!")
else:
return JsonResult.error("修改密码失败,旧密码错误!")
def del_role():
"""
删除角色
:param id:
:return:
"""
id = request.args.get("id")
obj = Role.query.get(id)
db.session.delete(obj)
# sql = """ delete from ts_meetasr_log where meetid='%s' """ % meetid
# db.session.execute(sql)
db.session.commit()
return JsonResult.success("删除成功!", {"id": id})
def del_permission_scope(id):
"""
删除
:param id:
:return:
"""
permission_scope_key = request.args.get("id")
obj = PermissionScope.query.get(id)
db.session.delete(obj)
# sql = "delete from ts_meetasr_log where meetid='%s' " % meetid
# db.session.execute(sql)
db.session.commit()
return JsonResult.success("删除成功!", {"id": id})
def permission_scope_list():
id = request.args.get("id")
if id:
return get_permission_scope(id)
q = PermissionScope.query
name = request.args.get("name")
if name is not None:
q = q.filter(PermissionScope.name.like("%" + name + "%"))
q = q.order_by(PermissionScope.name.desc())
offset = int(request.args.get('offset'))
limit = int(request.args.get('limit'))
sort = request.args.get('sort')
if sort == None:
sort = "-id"
res, total = sql_tool.model_page(q, limit, offset, sort)
return JsonResult.res_page(res, total)
def permission_list():
q = Permission.query
id = request.args.get("id")
if id:
return get_permission(id)
name = request.args.get("name")
if name is not None:
q = q.filter(Permission.name.like("%" + name + "%"))
q = q.order_by(Permission.name.desc())
offset = int(request.args.get('offset'))
limit = int(request.args.get('limit'))
page = int(offset / limit)
if page == 0: page = 1
page = q.paginate(page=page, per_page=limit)
return JsonResult.page(page)
def update_user_roles():
data = request.get_json()
user_id = request.args.get("id")
role_ids = data.get("role_ids")
user_roles = UserRole.query.filter(UserRole.user_id == user_id).all()
for role_id in role_ids:
# 判断数据库中是否已经存在该用户
selected = [ur for ur in user_roles if ur.role_id == role_id]
if len(selected) == 0:
user_role = UserRole(user_id=user_id, role_id=role_id)
db.session.add(user_role)
else: # 已存在的角色,从user_roles中删掉,剩下的是要删除的用户
user_roles.remove(selected[0])
# 删除已经不存在的数据
[db.session.delete(user_role) for user_role in user_roles]
db.session.commit()
return JsonResult.success("更新用户角色成功!")
def update_role_permission_scopes():
id = request.args.get("id")
args = request.get_json()
# delete before
db.session.execute(RolePermissionScope.__table__.delete().where(RolePermissionScope.role_id == id))
# add new
role_permission_scope = args.get("role_permission_scope")
for permission_scope in role_permission_scope:
role_permission_scope = RolePermissionScope(role_id=id, permission_scope_key=permission_scope.get("key"),
product_key=permission_scope.get("product_key"))
db.session.add(role_permission_scope)
db.session.commit()
# reload
permission_context.load_permission()
return JsonResult.success("更新角色权限成功!")
def get_permission(id):
permission = Permission.query.get(id)
return JsonResult.queryResult(permission)
def current_user():
if current_token:
return jsonify(get_user_extend_info(current_token.user))
else:
return JsonResult.error()
def user_roles_list():
user_id = request.args.get("user_id")
list = Role.query.join(UserRole, UserRole.role_id == Role.id).filter(
UserRole.user_id == user_id).all()
return JsonResult.queryResult(list)
def get_permission_scope(id):
obj = PermissionScope.query.get(id)
return JsonResult.queryResult(obj)