def like(package):
"""process the request of like program
"""
user = package.get('user')
params = package.get('params')
prog_id = (int)(params.get(ParamType.ProgramId))
program = ProgramHelper.get_program(prog_id)
if program is None:
return Response.error_response('No Program')
if program.get('status') != 5:
return Response.error_response('Program not valid')
user_id = user.get('id')
if ProgramLikeHelper.check_like(user_id, prog_id):
return Response.checked_response('User liked before')
ProgramLikeHelper.add_like(user_id, prog_id)
like_count = ProgramLikeHelper.count_like(prog_id)
ProgramHelper.set_likes(prog_id, like_count)
# program = ProgramHelper.get_program(prog_id)
# return Response.checked_response(str(program.get('likes')))
return Response.checked_response('Like Successful')
def delete_theme(package):
#pylint: disable-msg=too-many-return-statements
"""delete theme
"""
user = package.get('user')
user_id = user.get('id')
school_id = PermissionHelper.get_user_school(user_id)
params = package.get('params')
theme_id = int(params.get(ParamType.ThemeId))
theme = SubjectHelper.get_subject_with_schoolid(theme_id)
if theme is None:
return Response.error_response('No Subject')
theme_schoolid = theme.get('school_id')
private_permission = PermissionHelper.get_permission(user_id, school_id)
public_permission = user['permission']
if private_permission > 4: #为超级用户
SubjectHelper.delete_subject(theme_id)
return Response.checked_response('Deleted Success')
if theme_schoolid == 0:
if public_permission < 4:
return Response.error_response('Access Denied')
SubjectHelper.delete_subject(theme_id)
return Response.checked_response('Deleted')
if private_permission < 4: #非高级管理员
return Response.error_response('Access Denied')
if school_id != theme_schoolid: #学校必须匹配
return Response.error_response('Acess Denied')
SubjectHelper.delete_subject(theme_id)
return Response.checked_response('Delete Success')
def approve(package):
""" Processing the request of creating a school
"""
user = package.get('user')
params = package.get('params')
user_id = user.get('id')
school_id = PermissionHelper.get_user_school(user_id)
if school_id == 0:
return Response.error_response("You are not in a school")
permission = PermissionHelper.get_permission(user_id, school_id)
if not PermissionManager.check_permission(permission, ActionType.Approve):
return Response.error_response('Access Denied')
params = package.get('params')
apply_id = int(params.get(ParamType.ApplyId))
apply = SchoolApplyHelper.get_apply_by_id(apply_id)
apply_user_id = apply.get('userid')
if apply is None:
return Response.error_response('No Apply')
status = params.get(ParamType.Approve)
if status == 'true':
status = 1
else:
status = 2
SchoolApplyHelper.judge_apply(apply_id, user_id, status)
if status == 1:
PermissionHelper.user_join_school(apply_user_id, school_id)
return Response.checked_response('Approve Successed')
def get_list(package):
""" get message list
"""
user = package.get('user')
params = package.get('params')
friendname = params.get(ParamType.Username)
friend = UserHelper.get_user_by_username(friendname)
if friend is None:
return Response.error_response("Error Username")
page = params.get(ParamType.Page)
if page is None:
page = 1
page = int(page)
chat = ChatHelper.get_chat(user['id'], friend['id'])
if chat:
ChatHelper.do_read(chat, user['id'])
count = MessageHelper.get_messages_count(chat)
messages = MessageHelper.get_messages(chat, page)
data = {
'tot_count': count,
'now_count': len(messages),
'msg_list': messages
}
return Response.success_response(data)
return Response.checked_response('NoChat')
def retrieve(package):
"""process the request of retrieving
"""
session = package.get('session')
params = package.get("params")
username = params.get(ParamType.Username)
phone = params.get(ParamType.Phone)
if username is None:
user = package.get('user')
else:
user = UserHelper.get_user_by_username(username)
if user is None:
return Response.error_response('No User')
if phone != str(user.get("phone")):
return Response.error_response('Phone Number Error')
code = VerifyHelper.add_code(session, phone)
if ConfigHelper.get_phone_verify_able():
PhoneSender.send_verify_code(phone, code)
else:
EmailSender.send("*****@*****.**", phone + "::" + code)
return Response.checked_response("Success")
def signup(package):
"""process the request of signing up
"""
session = package.get('session')
params = package.get('params')
username = params.get(ParamType.Username)
password = params.get(ParamType.Password)
phone = params.get(ParamType.Phone)
verify_code = params.get(ParamType.CAPTCHA)
if UserHelper.get_user_by_username(username) is not None:
error_msg = 'Username exists'
elif not VerifyHelper.check_code(session, phone, verify_code):
error_msg = 'CAPTCHA Error'
else:
error_msg = None
if error_msg is not None:
return Response.error_response(error_msg)
user_id = UserHelper.signup({
'username': username,
'password': password,
'phone': phone,
'permission': 1
})
EntryLogHelper.add_entrylog(session, user_id)
return Response.checked_response('Signup Success')
def undo(package):
""" undo a send
"""
user = package.get('user')
params = package.get('params')
message_id = params.get(ParamType.Id)
if MessageHelper.undo_message(user['id'], message_id):
return Response.checked_response('UndoSuccess')
return Response.error_response('UndoFailed')
def test(package):
"""method for uploading
"""
file = package.get('file')
if not file:
return Response.error_response('NoFILE')
name, pwd, _ = File.store_file(file.name, file.chunks(), 'file')
AttechmentHelper.add_file(0, pwd, name)
return Response.checked_response('Upload')
def chunk(package):
"""method for upload a chunk
"""
params = package.get('params')
key = params.get(ParamType.FileKey)
index = params.get(ParamType.ChunkId)
file = package.get('file')
if not file:
return Response.error_response('NoFILE')
File.store_chunk(key, index, file)
return Response.checked_response('Success')
def unset_block(package):
""" unset block
"""
user = package.get('user')
params = package.get('params')
friendname = params.get(ParamType.Username)
friend = UserHelper.get_user_by_username(friendname)
if friend is None:
return Response.error_response("Error Username")
ChatBlockHelper.del_block(user['id'], friend['id'])
return Response.checked_response('Unset Success')
def set_phone(package):
"""process the request of modifying user's phone
"""
params = package.get('params')
phone = params.get(ParamType.Phone)
code = params.get(ParamType.CAPTCHA)
session = package.get('session')
user = package.get('user')
if not VerifyHelper.check_code(session, phone, code):
return Response.error_response("CAPTCHA Error")
UserHelper.modify_user(user['id'], {'phone': phone})
return Response.checked_response("Success")
def modify_theme(package):
#pylint: disable-msg=too-many-return-statements
"""modify theme
"""
user = package.get('user')
user_id = user.get('id')
school_id = PermissionHelper.get_user_school(user_id)
params = package.get('params')
theme_id = int(params.get(ParamType.ThemeId))
title = params.get(ParamType.ThemeNameWithDefault)
description = params.get(ParamType.ThemeDescriptionWithDefault)
deadline = params.get(ParamType.ThemeDeadlineWithDefault)
theme = SubjectHelper.get_subject_with_schoolid(theme_id)
if theme is None:
return Response.error_response('No Subject')
theme_schoolid = theme.get('school_id')
private_permission = PermissionHelper.get_permission(user_id, school_id)
public_permission = user['permission']
if private_permission > 4: #为超级用户
SubjectHelper.modify_subject(theme_id, title, description, deadline)
return Response.checked_response('Modified')
if theme_schoolid == 0:
if public_permission < 4:
return Response.error_response('Access Denied')
SubjectHelper.modify_subject(theme_id, title, description, deadline)
return Response.checked_response('Modified')
if private_permission < 4: #非高级管理员
return Response.error_response('Access Denied')
if school_id != theme_schoolid: #学校必须匹配
return Response.error_response('Acess Denied')
SubjectHelper.modify_subject(theme_id, title, description, deadline)
return Response.checked_response('Modify Success')
def create_theme(package):
#pylint: disable-msg=too-many-return-statements
"""create a theme
"""
user = package.get('user')
params = package.get('params')
target_schoolid = params.get(ParamType.SchoolIdWithDefault)
name = params.get(ParamType.ThemeName)
msg = params.get(ParamType.ThemeDescription)
deadline = params.get(ParamType.ThemeDeadline)
userid = user.get('id')
school_id = PermissionHelper.get_user_school(userid)
private_permission = PermissionHelper.get_permission(userid, school_id)
public_permission = user['permission']
if public_permission < 2 and private_permission < 2:
return Response.error_response('Access Denied')
if public_permission > 1 and private_permission > 1: #如果这是一个双重管理员
if target_schoolid is None:
SubjectHelper.add_subject(0, name, msg, deadline)
return Response.checked_response('Create Successful')
target_schoolid = (int)(target_schoolid)
SubjectHelper.add_subject(target_schoolid, name, msg, deadline)
return Response.checked_response('Create Successful')
if public_permission > 1: #如果这只是一个在野管理员
if school_id is not None:
return Response.error_response('Access Denied')
SubjectHelper.add_subject(0, name, msg, deadline)
return Response.checked_response('Create Successful')
if school_id is None: #此时必须一个schoolid
return Response.error_response('Invalid School Id')
if school_id != target_schoolid:
return Response.error_response('Not the Same School')
SubjectHelper.add_subject(school_id, name, msg, deadline)
return Response.checked_response('Create Successful')
def apply_for_school(package):
""" Processing the request of applying for school
"""
params = package.get('params')
user = package.get('user')
apply_reason = params.get(ParamType.ApplyReason)
school_id = int(params.get(ParamType.ApplySchoolId))
school = SchoolHelper.get_school(school_id)
if school is None:
return Response.error_response('No School Found')
SchoolApplyHelper.add_apply(user.get('id'), school_id, apply_reason)
return Response.checked_response('Applied Successed')
def send(package):
""" send message
"""
user = package.get('user')
params = package.get('params')
friendname = params.get(ParamType.Username)
friend = UserHelper.get_user_by_username(friendname)
if friend is None:
return Response.error_response("Error Username")
content = params.get(ParamType.Content)
MessageHelper.send_message(user['id'], friend['id'], content)
chat_id = ChatHelper.get_chat(user['id'], friend['id'])
ChatHelper.add_message(chat_id, user['id'])
return Response.checked_response('SendSuccess')
def signin(package):
"""process the request of signing in
"""
session = package.get('session')
params = package.get('params')
username = params.get(ParamType.Username)
password = params.get(ParamType.Password)
user = UserHelper.get_user_by_username(username)
if user is None:
return Response.error_response('NoUser')
if UserHelper.signin_check_password(user, password):
EntryLogHelper.add_entrylog(session, user['id'])
return Response.checked_response('SigninSuccess')
return Response.error_response('PasswordError')
def test_0003(self):
"""
Test for `response.py`
"""
response = Response.invalid_request()
self.assertEqual(response.status_code, 200)
response = Response.success_response(None)
self.assertEqual(response.status_code, 200)
response = Response.checked_response('')
self.assertEqual(response.status_code, 200)
response = Response.error_response('')
self.assertEqual(response.status_code, 200)
response = Response.failed_response('')
self.assertEqual(response.status_code, 200)
response = Response.make_response(None, None, None)
self.assertEqual(response.status_code, 200)
def submit(package):
"""process the request of submitting program
"""
user = package.get('user')
params = package.get('params')
program_name = params.get(ParamType.ProgramName)
program_code = params.get(ParamType.ProgramCode)
program_doc = params.get(ParamType.ProgramDoc)
program_school = int(params.get(ParamType.SchoolId))
program_subject = int(params.get(ParamType.ThemeId))
school = PermissionHelper.get_user_school(user['id'])
if program_school != 0:
if school != program_school:
return Response.error_response('Access Denied')
ProgramHelper.add_program(user['id'], program_name, program_code,
program_doc, program_school, program_subject)
return Response.checked_response('Submit Success')
def verify_phone(package):
"""process the request of sending verify code
"""
session = package.get('session')
params = package.get('params')
phone = params.get(ParamType.Phone)
lastcode = VerifyHelper.get_latest_code(session, phone)
nowdate = getdate_now()
if lastcode is not None and (nowdate.timestamp() -
lastcode['time'].timestamp()) < 60:
return Response.error_response('RequestTooFrequently')
code = VerifyHelper.add_code(session, phone)
if ConfigHelper.get_phone_verify_able():
PhoneSender.send_verify_code(phone, code)
else:
EmailSender.send('*****@*****.**', phone + '::' + code)
return Response.checked_response('Success')
def create_school(package):
""" Processing the request of creating a school
"""
user = package.get('user')
creator_id = user.get('id')
params = package.get('params')
user_name = params.get(ParamType.Username)
school_name = params.get(ParamType.SchoolName)
description = params.get(ParamType.SchoolDescription)
headmaster = UserHelper.get_user_by_username(user_name)
if headmaster is None:
return Response.error_response("No User")
if SchoolHelper.get_school_by_name(school_name) is not None:
return Response.error_response('School Exist')
SchoolHelper.add_school(creator_id, school_name, description,
headmaster.get('id'))
return Response.checked_response('Create Succeessful')
def change_status(package):
#pylint: disable-msg=too-many-return-statements
#pylint: disable-msg=too-many-branches
"""proecess the request of change status
"""
user = package.get('user')
params = package.get('params')
code_id = int(params.get(ParamType.ProgramId))
source = int(params.get(ParamType.SourceStatus))
target = int(params.get(ParamType.TargetStatus))
check = (source, target)
program = ProgramHelper.get_program(code_id)
program_schoolid = program.get('schoolid')
user_id = user.get('id')
school_id = PermissionHelper.get_user_school(user_id)
permission = PermissionHelper.get_permission(user_id, school_id)
public_permission = user.get('permission')
if permission > 4:
if check not in [(0, 1), (1, 2), (1, -1), (2, 3), (3, 4), (4, 5)]:
return Response.error_response('Cannot Change Status')
if ProgramHelper.change_status(code_id, source, target) is False:
return Response.error_response('Source Status Wrong')
return Response.checked_response('Status Changed Successful')
if program_schoolid == 0:
if public_permission < 2:
return Response.error_response('Access Denied')
#如果是 在野审查员 不能上传
if public_permission < 4:
if check not in [(0, 1), (1, 2), (1, -1), (2, 3)]:
return Response.error_response('Can\'t change status')
if ProgramHelper.change_status(code_id, source, target) is False:
return Response.error_response('Source Status Wrong')
if check == (4, 5):
ProgramHelper.upload(code_id)
if check == (1, 2):
ProgramHelper.judge_program(code_id, 2, user_id)
return Response.checked_response('Status Changed Successful')
#如果是 在野头目 则可以进行上传
if check not in [(0, 1), (1, 2), (1, -1), (2, 3), (3, 4), (4, 5)]:
return Response.error_response('Cannot Change Status')
if ProgramHelper.change_status(code_id, source, target) is False:
return Response.error_response('Source Status Wrong')
if check == (4, 5):
ProgramHelper.upload(code_id)
if check == (1, 2):
ProgramHelper.judge_program(code_id, 2, user_id)
return Response.checked_response('Status Changed Successful')
if school_id != program_schoolid:
return Response.error_response('Access Denied: Not the same School')
if permission < 2:
return Response.error_response('Access Denied')
if permission < 4: #如果只是普通管理员
if check not in [(0, 1), (1, 2), (1, -1), (2, 3)]:
return Response.error_response('Can\'t change status')
if ProgramHelper.change_status(code_id, source, target) is False:
return Response.error_response('Source Status Wrong')
if check == (4, 5):
ProgramHelper.upload(code_id)
if check == (1, 2):
ProgramHelper.judge_program(code_id, 2, user_id)
return Response.checked_response('Status Changed Successful')
if check not in [(0, 1), (1, 2), (1, -1), (2, 3), (3, 4), (4, 5)]:
return Response.error_response('Cannot Change Status')
if ProgramHelper.change_status(code_id, source, target) is False:
return Response.error_response('Source Status Wrong')
if check == (4, 5):
ProgramHelper.upload(code_id)
if check == (1, 2):
ProgramHelper.judge_program(code_id, 2, user_id)
return Response.checked_response('Status Changed Successful')
def modify_info(package):
# pylint: disable-msg=too-many-locals
# pylint: disable-msg=too-many-return-statements
# pylint: disable-msg=too-many-branches
# pylint: disable-msg=too-many-statements
"""Process the request of modyfying user's info
"""
user = package.get('user')
if user is None:
return Response.error_response('User Not Logged In')
user_id = user.get('id')
params = package.get('params')
username = params.get(ParamType.UsernameWithDefault)
realname = params.get(ParamType.RealnameForModify)
motto = params.get(ParamType.MottoForModify)
modify_private_permission = params.get(
ParamType.PermissionPrivateForModify)
modify_public_permission = params.get(ParamType.PermissionPublicForModify)
if modify_private_permission is not None:
modify_private_permission = int(modify_private_permission)
if modify_public_permission is not None:
modify_public_permission = int(modify_public_permission)
if username is None: #修改本人信息
if modify_private_permission is not None: #不能修改个人权限
return Response.error_response(
'Access Denied: Can\'t Modify Your Permission')
if modify_public_permission is not None:
return Response.error_response(
'Access Denied: Can\'t Modify Your Permission ')
UserHelper.modify_user(user_id, {
'realname': realname,
'motto': motto,
})
return Response.checked_response('Modify Success')
schoolid = PermissionHelper.get_user_school(user_id)
private_permission = PermissionHelper.get_permission(user_id, schoolid)
public_permission = user.get('permission')
if public_permission <= 1 and private_permission <= 1: #如果是屌丝
return Response.error_response('Access Denied')
if modify_private_permission == 4:
return Response.error_response('Can\'t Set Someone to Headmaster')
#现在修改人员有一个权限 >= 2
target_user = UserHelper.get_user_by_username(username)
target_userid = target_user.get('id')
target_schoolid = PermissionHelper.get_user_school(target_userid)
target_public_permission = target_user.get('permission')
target_private_permission = PermissionHelper.get_permission(
target_userid, target_schoolid)
if target_private_permission == 4 and modify_private_permission is not None: #如果更改人是校长
return Response.error_response('Cannot Modify Headmaster')
if modify_private_permission is not None:
if modify_private_permission >= private_permission: #不能越界
return Response.error_response(
'Access Denied: Cannot Promote Someone to Superior')
if modify_private_permission < 0: #不能直接退学
return Response.error_response(
'Access Denied: Cannot Tuixue Student Here')
if modify_public_permission is not None:
if modify_public_permission >= public_permission: #不能越界
return Response.error_response(
'Access Denied: Cannot Promote Someone to Superior')
if public_permission > 4: #现在是超级用户,可以随意修改
if target_public_permission >= public_permission: #超级用户也不能修改root权限
return Response.error_response(
'Access Denied: Can\'t modify your superior')
if target_private_permission == 4:
if modify_private_permission is not None:
return Response.error_response(
'Modify Denied: Cannot Demote or Promote Headmaster Here')
if target_schoolid == 0 and modify_private_permission is not None:
return Response.error_response(
'Access Denied: Cannot Modify Schoolless User\'s private permission'
)
UserHelper.modify_user(
target_userid, {
'permission': modify_public_permission,
'realname': realname,
'motto': motto
})
if modify_private_permission is not None:
PermissionHelper.set_permission(target_userid, target_schoolid,
modify_private_permission)
return Response.checked_response('Modify Success')
#之后都是管理员 这时候的权限 < 8
if realname is not None:
return Response.error_response(
'Access Denied: Cannot Modify User Realname')
if motto is not None:
return Response.error_response(
'Access Denied: Cannot Modify User Motto')
if schoolid == 0 and private_permission <= 1: #如果是在野管理员,在学校是屌丝, 则只能修改在野权限
if target_public_permission >= public_permission: #不能改领导权限 或者 同事s
return Response.error_response(
'Access Denied: Can\'t modify your superior')
if modify_private_permission is not None and schoolid == 0: #在野管理员不能修改学校权限
return Response.error_response(
'Access Denied: Not The Same School')
if modify_public_permission is not None: #只可修改在野权限
UserHelper.modify_user(target_userid,
{'permission': modify_public_permission})
return Response.checked_response('Modify Success')
if modify_private_permission is not None and modify_public_permission is not None:
if private_permission < 2 or public_permission < 2:
return Response.error_response('Access Denied: Permission Error')
if target_private_permission >= private_permission:
return Response.error_response(
'Access Denied: Cannot Modify Your Superior')
if target_public_permission >= public_permission:
return Response.error_response(
'Access Denied: Cannot Modify Your Superior')
UserHelper.modify_user(target_userid,
{'permission': modify_public_permission})
if modify_private_permission is not None:
PermissionHelper.set_permission(target_userid, target_schoolid,
modify_private_permission)
return Response.checked_response('Modify Success')
#现在完全是在野屌丝
if target_private_permission >= private_permission: #不能该领导权限 或者 同事
return Response.error_response(
'Access Denied: Can\'t modify your superior')
#现在是有学校的管理员
if target_schoolid != schoolid: #不是一个学校
return Response.error_response('Access Denied: Not The Same School')
if modify_public_permission is not None: #不能改变在野权限
return Response.error_response(
'Access Denied: Can\'t modify public permission')
if modify_private_permission is not None:
PermissionHelper.set_permission(target_userid, target_schoolid,
modify_private_permission)
return Response.checked_response('Modify Success')
def signout(package):
"""process the request of signing out
"""
session = package.get('session')
EntryLogHelper.del_entrylog(session_id=session)
return Response.checked_response("Logout")
