def table_item_save(request):
person_id = None
if ('person_id' in request.POST) and request.POST['person_id'].isdigit():
person_id = int(request.POST['person_id'])
user_login = request.POST[
'user_login'] if 'user_login' in request.POST else None
if not user_login:
raise HTTPBadRequest('"user_login" is required parameter')
if not person_id:
users = DBSession.query(User).filter(User.login == user_login).all()
if len(users) > 0:
return {
'Result': 'Error',
'Message': u'Такой логин уже присутствует в системе'
}
with transaction.manager:
if person_id:
person = DBSession.query(Person) \
.options(joinedload('user')) \
.filter(Person.id == person_id) \
.all()[0]
user = person.user
else:
person = Person()
DBSession.add(person)
user = User()
DBSession.add(user)
person.user = user
for attr in request.POST:
table_name, field = attr.split('_')
if field == 'id':
continue
if table_name == 'person':
setattr(person, field, request.POST[attr])
if table_name == 'user':
setattr(user, field, request.POST[attr])
if 'user_active' in request.POST and request.POST['user_active']:
user.active = True
else:
user.active = False
if 'user_password' in request.POST and request.POST['user_password']:
user.password = User.password_hash(request.POST['user_password'])
DBSession.flush()
DBSession.refresh(user)
DBSession.refresh(person)
person_json = person.as_json_dict('person_')
user_json = user.as_json_dict('user_')
item_json = person_json.copy()
item_json.update(user_json)
return {'Result': 'OK', 'Record': item_json}
def table_item_save(request):
session = DBSession()
session.expire_on_commit = False
if ('person_id' in request.POST) and request.POST['person_id'].isdigit():
person_id = int(request.POST['person_id'])
person = session.query(Person) \
.options(joinedload('user')) \
.filter(Person.id == person_id) \
.all()[0]
user = person.user
else:
person = Person()
user = User()
session.add(user)
person.user = user
for attr in request.POST:
table_name, field = attr.split('_')
if field == 'id':
continue
if table_name == 'person':
setattr(person, field, request.POST[attr])
if table_name == 'user':
setattr(user, field, request.POST[attr])
if 'user_active' in request.POST and request.POST['user_active']:
user.active = True
else:
user.active = False
if 'user_password' in request.POST and request.POST['user_password']:
user.password = User.password_hash(request.POST['user_password'])
session.add(person)
try:
transaction.commit()
except IntegrityError:
transaction.abort()
return {
'Result': 'Error',
'Message': u'Такой логин уже присутствует в системе'
}
person_json = person.as_json_dict('person_')
user_json = user.as_json_dict('user_')
item_json = person_json.copy()
item_json.update(user_json)
session.close()
return {
'Result': 'OK',
'Record': item_json
}
def login(request):
message = None
if hasattr(request, 'exception') and isinstance(request.exception,
HTTPForbidden):
message = u"Недостаточно прав доступа для выполнения указанной операции!"
login_url = route_url('login', request)
referrer = request.url
if referrer == login_url:
referrer = route_url('home', request)
next_url = route_url('home', request)
login = ''
password = ''
if 'form.submitted' in request.params:
login = request.params['login']
password = request.params['password']
try:
dbsession = DBSession()
user = dbsession.query(User)\
.filter_by(login=login, password=User.password_hash(password), active=True)\
.one()
dbsession.close()
headers = remember(request, user.id)
return HTTPFound(location=next_url, headers=headers)
except NoResultFound:
pass
message = u"Неверный логин или пароль!"
return dict(
message=message,
url=request.application_url + '/login',
next_url=next_url,
login=login,
password=password,
)
def login(request):
message = None
if hasattr(request, 'exception') and isinstance(request.exception, HTTPForbidden):
message = u"Недостаточно прав доступа для выполнения указанной операции!"
login_url = route_url('login', request)
referrer = request.url
if referrer == login_url:
referrer = route_url('home', request)
next_url = route_url('home', request)
login = ''
password = ''
if 'form.submitted' in request.params:
login = request.params['login']
password = request.params['password']
try:
dbsession = DBSession()
user = dbsession.query(User)\
.filter_by(login=login, password=User.password_hash(password), active=True)\
.one()
dbsession.close()
headers = remember(request, user.id)
return HTTPFound(location=next_url, headers=headers)
except NoResultFound:
pass
message = u"Неверный логин или пароль!"
return dict(
message = message,
url = request.application_url + '/login',
next_url = next_url,
login = login,
password = password,
)
def table_item_save(request):
person_id = None
if ('person_id' in request.POST) and request.POST['person_id'].isdigit():
person_id = int(request.POST['person_id'])
user_login = request.POST['user_login'] if 'user_login' in request.POST else None
if not user_login:
raise HTTPBadRequest('"user_login" is required parameter')
if not person_id:
users = DBSession.query(User).filter(User.login == user_login).all()
if len(users) > 0:
return {
'Result': 'Error',
'Message': u'Такой логин уже присутствует в системе'
}
with transaction.manager:
if person_id:
person = DBSession.query(Person) \
.options(joinedload('user')) \
.filter(Person.id == person_id) \
.all()[0]
user = person.user
else:
person = Person()
DBSession.add(person)
user = User()
DBSession.add(user)
person.user = user
for attr in request.POST:
table_name, field = attr.split('_')
if field == 'id':
continue
if table_name == 'person':
setattr(person, field, request.POST[attr])
if table_name == 'user':
setattr(user, field, request.POST[attr])
if 'user_active' in request.POST and request.POST['user_active']:
user.active = True
else:
user.active = False
if 'user_password' in request.POST and request.POST['user_password']:
user.password = User.password_hash(request.POST['user_password'])
DBSession.flush()
DBSession.refresh(user)
DBSession.refresh(person)
person_json = person.as_json_dict('person_')
user_json = user.as_json_dict('user_')
item_json = person_json.copy()
item_json.update(user_json)
return {
'Result': 'OK',
'Record': item_json
}
