def turn_on_switch():
# 开放登录
if request.method == 'DELETE':
# 查询表中是否有该标记
button = SwitchList.query.filter(SwitchList.account == 'turnofflogin').first()
# 有则删掉,开放登陆
if button:
db.session.delete(button)
return Success(msg='网站开放登陆成功')
else:
return Success(msg='网站已经开放登陆,无需再次开放')
# 关闭开放
elif request.method == 'POST':
try:
# 查询出表中所有数据
account = SwitchList.query.all()
except Exception as e:
raise SQLMissException
try:
# 将标记添加到表中,并把之前的加进去可以访问的账号通通删除
button = SwitchList(account='turn_off_login')
db.session.delete(account)
db.session.commit()
db.session.add(button)
db.session.commit()
except Exception as e:
raise SQLException(msg='限制登录失败,无法访问数据库')
return Success(msg='限制登录开启成功')
else:
raise LoginException('请求有误,拒绝访问')
def processing_information():
if request.method == 'POST':
form = MessageWtforms(data=request.json)
form.validate_error_message()
messages = message()
messages.set_attrs(form.data)
try:
store_processing_data(messages, form)
except Exception as e:
raise SQLException()
return Success()
elif request.method == 'GET':
try:
if g.root == 2:
data = data_to_dict(message.query.all())
elif g.root == 1:
data = data_to_dict(
message.query.filter(
message.first_choice == g.root_name).all())
data2 = data_to_dict(
message.query.filter(
message.second_choice == g.root_name).all())
data.update(data2)
elif g.root == 0:
Users = User.query.filter(User.openid == g.openid).first()
messages = message.query.filter(
message.student_id == Users.student_id).order_by(
-message.id).first()
data = data_to_dict(messages)
except:
raise SQLMissException()
if data is None:
return SQLMissException(msg='没有查询到数据')
return jsonify(data)
elif request.method == 'DELETE':
if g.root != 2:
raise RootException
else:
del_id = request.form.get('student_id')
try:
messages = message.query.filter(
message.student_id == del_id).first()
except:
SQLMissException(msg='查询不到该条数据')
try:
db.session.delete(messages)
db.session.commit()
except:
SQLException(msg='报名信息删除失败')
return Success(msg='删除成功')
def manager_auth():
if request.method == 'POST':
form = CreatAdminWtforms(request.form)
form.validate_error_message()
superuers = SuperUser()
superuers.set_attrs(form.data)
if SuperUser.query.filter(
SuperUser.student_id == superuers.student_id).first() is None:
try:
db.session.add(superuers)
db.session.commit()
except Exception as e:
SQLException(msg='无法写入数据库')
else:
raise SQLException(msg='此账号已存在,创建失败')
return Success(msg='账号创建成功')
elif request.method == 'GET':
try:
superuser = SuperUser.query.all()
except:
raise SQLMissException
return jsonify(show_root_message(superuser))
elif request.method == 'DELETE':
del_id = request.form.get('student_id')
superuser = SuperUser.query.filter(
SuperUser.student_id == del_id).first()
if superuser is None:
raise SQLMissException(msg='数据库不存在该条数据')
users = User.query.filter(User.student_id == del_id).first()
if users:
users.root = '0'
users.root_name = '7'
db.session.commit()
try:
db.session.delete(superuser)
db.session.commit()
except:
raise SQLException(msg='数据无法删除')
return Success(msg='删除成功')
def change_password():
form = ChangePasswordWtform(request.form)
form.validate_error_message()
superusers = SuperUser.query.filter(
SuperUser.student_id == g.openid).first()
if superusers and superusers.check_password(form.password.data):
try:
superusers.password = form.password1.data
db.session.commit()
except:
raise SQLException()
return Success(msg='密码修改成功')
elif superusers.check_password(form.password.data) == False:
return RootException(msg='密码错误,修改失败')
else:
return SQLMissException(msg='无此账号信息,请检查是否输入有误')
def creat_super():
data = SuperUser.query.filter(SuperUser.account == 'super_admins').first()
try:
if not data:
superuser = SuperUser(root='2',
root_name='0',
account='super_admins',
password='******',
student_id='无',
student_name='无')
db.session.add(superuser)
db.session.commit()
return Success(msg='创建成功')
except:
raise SQLException()
else:
return jsonify('该用户已存在,不可再创建')
def access_list():
# 一键导入所有超管和普通管理员账号,实现管理员的开放登陆
if request.method == 'PUT':
try:
superuser = SuperUser.query.all()
except Exception as e:
raise SQLMissException(msg='查询不到对应数据,请检查数据库连接')
# 获取超管和普通管理员的账号导入到可登录名单的表中
get_and_add_account(superuser)
return Success(msg='普通管理员登录开启')
# 单独添加人员访问后台
elif request.method == 'POST':
# 传入的账号格式验证:满足12个字符串(即学号的长度)。
# 数据从body的form-data中获取获取数据
data = AccessAccount(data=request.form)
data.validate_error_message()
account = SwitchList(account=data.account)
try:
# 添加到数据库中
db.session.add(account)
db.session.commit()
except Exception as e:
raise SQLException(msg='数据无法上传,请检查数据库连接')
# 获取登录人员
elif request.method == 'GET':
try:
account_list = SwitchList.query.all()
except Exception as e:
raise SQLMissException(msg='查询不到数据,请检查数据库连接')
account_list_data = print_account_list(account_list)
return jsonify(account_list_data)
elif request.method == 'DELETE':
try:
data = SwitchList.query.filter(SwitchList.account == request.form.get('account')).first()
except Exception as e:
raise SQLMissException(msg='获取数据失败,请检查数据库连接')
try:
db.session.delete(data)
db.session.commit()
except Exception as e:
raise SQLException(msg='数据更新失败,请检查数据库连接')
def wx_register_root():
if request.method == 'POST':
form = WeiXinRegisterRootWtform(request.form)
form.validate_error_message()
superusers = SuperUser.query.filter(
SuperUser.student_id == form.student_id.data).first()
if superusers and superusers.check_password(form.password.data):
users = User.query.filter(User.openid == g.openid).first()
users.root = superusers.root
users.root_name = superusers.root_name
superusers.student_name = users.student_name = form.student_name.data
users.student_id = form.student_id.data
db.session.commit()
return Success(msg='权限提升成功')
elif superusers is None:
return SQLMissException(msg='您没有被邀请,请联系管理员解决')
elif superusers.check_password(form.password.data) == False:
return RootException(msg='邀请码错误')
if request.method == 'GET':
users = User.query.filter(User.openid == g.openid).first()
return jsonify(show_root_message(users))
def personal_information():
if request.method == 'POST':
form = PersonalMessageWtforms(data=request.form)
form.validate_error_message()
superusers = SuperUser.query.filter(
SuperUser.student_id == form.student_id.data).first()
if superusers:
raise RootException(msg='您无法更改学号和姓名,请先获取邀请码,或者和管理员联系')
try:
store_personal_data(form)
except:
raise SQLException()
return Success()
elif request.method == 'GET':
try:
Users = User.query.filter(User.openid == g.openid).first()
except:
raise SQLMissException()
if not Users:
raise SQLMissException(msg='该条数据不存在')
return jsonify({
'student_id': Users.student_id,
'student_name': Users.student_name
})