def adminLogin(): if request.method == 'POST': u = Admins() email = request.form.get('email') pwd = request.form.get('pwd') u = Admins.objects(email=email, pwd=pwd).first() if u != None: adminbean = {'id': str(u._id), 'email': u.email, 'role': u.role} # print(loginbean) session['adminbean'] = adminbean return redirect('/adminhome') #重定向 else: return ('<script>alert("账号/密码错误");location.href="/";</script>')
def create_tables(): database.connect() database.create_tables([Goods, Admins, Orders_Info, Orders_Content], safe=True) Goods.create(name='.BASE_CAT', amount=0) Goods.create(name='Браслеты', amount=100, parent_id=1) Goods.create(name='Значки', amount=75, parent_id=1) Goods.create(name='Кружки', amount=150, price=100, parent_id=1) Goods.create(name='Синие', amount=50, price=10, parent_id=2) Goods.create(name='Красные', amount=36, price=15, parent_id=2) Goods.create(name='Желтые', amount=14, price=20, parent_id=2) Goods.create(name='Жестяные', amount=30, price=17, parent_id=3) Goods.create(name='Деревянные', amount=45, price=13, parent_id=3) Admins.create(chat_id='1234') database.close()
def get_admin(): admins = Admins.select().where(Admins.id != 1) if (not admins.exists()): raise OverflowError('Магазин закрыт!') chat_ids = [admin.chat_id for admin in admins] chat_id = choice(chat_ids) return chat_id
def instatiate_admin(privileg): admin = Admins(update_company=privileg, update_privilegs=privileg, update_colleague=privileg, update_box=privileg) return admin
def adminLogin(): if request.method == 'POST': email=request.form.get('email') pwd = request.form.get('pwd') u = Admins.objects(email=email,pwd=pwd).first() if u!=None: adminbean = {'id':str(u._id),'email':u.email,'role':u.role} session['adminbean']=adminbean return redirect('/applyList') else: return '账号/密码错误'
def signup_post(): email = request.form.get('email') password = request.form.get('password') user = Admins.query.filter_by(User=email).first() # if this returns a user, then the email already exists in database if user: # if a user is found, we want to redirect back to signup page so user can try again flash('Email address already exists') return redirect(url_for('auth.signup')) # create a new user with the form data. Hash the password so the plaintext version isn't saved. new_user = Admins(User=email, Password=generate_password_hash(password, method='sha256')) # add the new user to the database db.session.add(new_user) db.session.commit() return redirect(url_for('auth.login'))
def check_id(chat_id): admins = Admins.select() chat_ids = [admin.chat_id for admin in admins] return chat_id in chat_ids
def demote_admin(chat_id): query = Admins.delete().where(Admins.chat_id == chat_id) query.execute()
def reg_admin(chat_id): admin = Admins.select().where(Admins.chat_id == chat_id) if (not admin.exists()): Admins.create(chat_id=chat_id)
def get_password(): password = Admins.select().where(Admins.id == 1)[0] return password.chat_id
def check_fair(): admins = Admins.select().where(Admins.id != 1) if (admins.exists()): return True return False
def update_privilegs(id): colleague = Colleagues.query.get(id) # authenticate colleague: if not is_auth_privilegs(current_user, colleague): return unathorized("You are not authorized to modify privilegs.", "error") form = UpdatePrivilegsForm() admin_privilegs = get_admin(colleague) if form.validate_on_submit(): if not current_user.check_password(form.password.data): flash("Invalid password. Please log in again.", "warning") logout_user() return redirect(url_for("login")) admin = Admins.query.filter( Admins.colleague_id == colleague.id).first() success = "" error = "" if not admin: # add new admin: admin = Admins(update_company=form.update_company.data, update_privilegs=form.update_privilegs.data, update_colleague=form.update_colleague.data, update_box=form.update_box.data, colleague_id=colleague.id) db.session.add(admin) success += f"{colleague.fullname()} added successfully to the Admin Team.\n " error += f"Any error occured. Please try again.\n " else: # update privilegs: if admin_privilegs.update_company != form.update_company.data: admin.update_company = form.update_company.data success += f"{colleague.fullname()} 'Update Company' privileg successfully changed to {form.update_company.data}.\n " error += f"Any error occured. Please try again.\n " if admin_privilegs.update_privilegs != form.update_privilegs.data: # get all admins of company with update_company privileg: privileg_admins = db.session.query(Colleagues, Admins).filter( Colleagues.id == Admins.colleague_id, Colleagues.company_id == current_user.company_id, Admins.update_privilegs == True).all() # check if the colleague is the last admin with update_privileg: if len(privileg_admins) < 2: # refuse the deletion of last privileg admin: flash( f"Deletion refused because You are the last admin with update_privileg.", "warning") return redirect(url_for("privilegs")) admin.update_privilegs = form.update_privilegs.data success = f"{colleague.fullname()} 'Update Privilegs' privileg successfully changed to {form.update_privilegs.data}.\n " error = f"Any error occured. Please try again.\n " if admin_privilegs.update_colleague != form.update_colleague.data: admin.update_colleague = form.update_colleague.data success += f"{colleague.fullname()} 'Update Colleague' privileg successfully changed to {form.update_colleague.data}.\n " error += f"Any error occured. Please try again.\n " if admin_privilegs.update_box != form.update_box.data: admin.update_box = form.update_box.data success += f"{colleague.fullname()} 'Update Idea Box' privileg successfully changed to {form.update_box.data}.\n " error += f"Any error occured. Please try again.\n " try: db.session.commit() flash(success, "inform") except: db.session.rollback() flash(error, "error") # delete admin from the table if there is no privilegs: admin = Admins.query.filter( Admins.colleague_id == colleague.id).first() is_any_privileg = admin.update_company or admin.update_privilegs or admin.update_colleague or admin.update_box if not is_any_privileg: # delete admin: try: db.session.delete(admin) db.session.commit() flash( f"{colleague.fullname()} successfully deleted from the Admin team.", "inform") except: db.session.rollback() flash( f"Any error occured by deleting {colleague.fullname()} from the Adnin team. Please try again.", "error") return redirect(url_for("privilegs")) return render_template("update_privilegs.html", form=form, colleague=colleague, admin=admin_privilegs, avatar=get_avatar(colleague), nav=get_nav(current_user))