def user_delete(request, pk):
# data = json.loads(request.body.decode())
_obj = from_sql_get_data(
"""select * from auth_user where id='{}';""".format(str(pk)))["data"]
if len(_obj) < 1:
return Response(status=204, data={"result": "Not Found This Object."})
uname = _obj[0]["username"]
_user = request.user ##
_visitor = _user.username
if uname == _visitor:
return Response(status=204,
data={"result": "You Can't Opreate Yourself."})
### 2019-3-28 不能自己删除自己
_userprofile = from_sql_get_data(
"""select * from (select auth_user.id as uid, username, date_joined, email, identity, last_login, truename from auth_user
left join userprofile on auth_user.id = userprofile.user_id) as main_user where username='******';"""
.format(_visitor))["data"]
if len(_userprofile) < 1:
return Response(status=204, data={"result": "You have not Authed."})
### 必须管理员才能删除
if _userprofile[0]["identity"] != "SuperManager":
return Response(status=204, data={"result": "Not Permit to Opreate."})
flag = False
try:
from services.models import UserProfile
UserProfile.objects.filter(username=uname).delete()
except:
pass
finally:
from django.contrib.auth.models import User
try:
User.objects.get(id=int(pk)).delete()
flag = True
except:
flag = False
return Response(status=201,
data={
"result": "Delete Success.",
"flag": flag
})
def l_authenticate(username, password, **kwargs):
_sql = """select auth_user.username as username, passwd from userprofile
left join auth_user on userprofile.user_id=auth_user.id where username='******';""".format(
username=username)
_data = from_sql_get_data(_sql)["data"]
if len(_data) > 0:
passwd = _data[0]["passwd"]
md5_passwd = md5(passwd.encode('utf-8')).hexdigest()
if md5_passwd == str(password):
return User.objects.get(username=username)
return None
def check_stat(self):
"""
2019-4-29 删除IP关联的这个关系。删除了44行的这个IP内容
and ip='{ip}'
:return:
"""
from services.utils.db_utils import from_sql_get_data
_sql = """select * from {db_table} where opreate_time > SUBDATE(now(),interval {ana_time} second)
and url='{url}' and status=401 and username='******' limit 10;""".format(
db_table=self.db_table,
url=self.url,
# ip=self.ip,
username=self.username,
ana_time=str(self.user_manage.caculate_period))
_datas = from_sql_get_data(_sql)["data"]
if len(_datas) >= self.user_manage.user_login_times_len:
return False
return True
def get_all_users(request):
# data = json.loads(request.body.decode())
data = request.GET
pager = data["page"] if "page" in data.keys() else 1
query_sql = """select auth_user.id as uid, username, date_joined, email, identity, last_login, truename from auth_user
left join userprofile on auth_user.id = userprofile.user_id order by date_joined desc;"""
p = Paginator(from_sql_get_data(query_sql)["data"], 10)
all_counts = p.count # 对象总数
page_count = p.num_pages # 总页数
pj = p.page(pager)
objs = pj.object_list
res_data = objs ## 主要的对象
return Response({
"res": res_data,
"page_count": page_count,
"pager": pager,
"all_counts": all_counts
})