def edit_view(self):
if request.method == "GET":
_id = request.args.get("id", "")
return_url = request.args.get("return_url", "")
result = admin.get_detail(_id=_id)
return self.render(
template="admin/edit.html",
data=result,
return_url=return_url
)
else:
req_data = self.gen_arguments
return_url = req_data.get("return_url", "")
_id = req_data.get("id")
new_password = req_data.get("new_password")
fullname = req_data.get("fullname", "")
is_admin = req_data.get("is_admin", "off")
encrypt_pwd = hashlib.sha1(new_password).hexdigest() if new_password else None
result = admin.update(
_id=_id,
password=encrypt_pwd,
fullname=fullname,
is_admin=1 if is_admin == "on" else 0
)
_handler_log.exception((u"[AdminEditHandler] admin_id:{}, is_admin:{}, "
u"operator: {}".format(utf8(_id), utf8(is_admin),
self.current_operator))
)
return self.make_write(result_code=0, result_data=self.decode_return_url(return_url))
def create_view(self):
if request.method == "GET":
breadcrumb = (
{"name": u"管理员配置", "url": ".list_view"},
{"name": u"新增管理员", "url": ".create_view"}
)
return self.render(template="admin/create.html", breadcrumb=breadcrumb)
else:
req_data = self.gen_arguments
login_email = req_data.get("login_email", "")
password = req_data.get("password", "")
fullname = req_data.get("fullname", "")
is_admin = req_data.get("is_admin", "off")
admin_info = admin.get_detail(whats="id", login_name=login_email)
if admin_info:
return self.make_write(result_code=102, result_msg=u"该邮件已经注册了")
encrypt_pwd = hashlib.sha1(password).hexdigest()
result = admin.save(
email=login_email,
password=encrypt_pwd,
fullname=fullname,
is_admin=1 if is_admin == "on" else 0
)
_handler_log.exception((u"[AdminCreateHandler] login_email:{}, is_admin:{}, "
u"operator: {}".format(utf8(login_email),
utf8(is_admin),
self.current_operator))
)
return self.make_write(result_code=0, result_data=self.reverse_url(".list_view"))
def detail_view(self):
_id = request.args.get("id", "")
return_url = request.args.get("return_url", "")
result = admin.get_detail(_id=_id)
return self.render(
template="admin/detail.html",
data=result,
return_url=self.decode_return_url(return_url)
)
def check_view(self):
req_data = self.gen_arguments
login_email = req_data.get("login_email")
if not login_email:
return self.make_write(result_code=102)
admin_info = admin.get_detail(whats="id", login_name=login_email)
result_code = 102 if admin_info else 0
return self.make_write(result_code=result_code)
def login(self):
if request.method == "GET":
return self.render("login.html")
else:
req_data = self.gen_arguments
login_name = req_data.get("login_name", "")
password = req_data.get("password", "")
user_model = req_data.get("user_model")
remote_ip = request.access_route[0]
if not login_name or not password:
return self.make_write(result_code=1002)
if user_model == "admin":
user_info = admin.get_detail(
whats="id, password, fullname, administer, validity",
login_name=login_name,
confirmed=1)
update_model = admin
elif user_model == "supplier":
user_info = suppliers.get_detail(
whats="id, password, fullname, validity",
login_name=login_name)
update_model = suppliers
else:
return self.make_write(result_code=100)
if not user_info:
return self.make_write(result_code=1003)
if user_info.validity == 0:
return self.make_write(result_code=1004)
encrypt_pwd = hashlib.sha1(password).hexdigest()
if encrypt_pwd != user_info.password:
return self.make_write(result_code=1003)
user = storage(name=user_info.fullname,
operator=login_name,
user_id=user_info.id,
user_model=user_model,
is_active=user_info.validity)
login_user(user)
if update_model is not None:
result = update_model.update(_id=user_info.id,
remote_ip=remote_ip)
return self.make_write(result_code=0,
result_data=self.reverse_url("home.home"))
def edit_pwd(self):
"""
登录密码服务
:return:
"""
if request.method == "GET":
return self.render("pwd.html")
else:
req_data = self.gen_arguments
old_password = req_data.get("old_password")
new_password = req_data.get("new_password")
user_model = req_data.get("user_model")
user_id = req_data.get("user_id")
if not old_password or not new_password:
return self.make_write(result_code=1005)
if user_model == "admin":
user_info = admin.get_detail(whats="id, password", _id=user_id)
update_model = admin
elif user_model == "supplier":
user_info = suppliers.get_detail(whats="id, password", _id=user_id)
update_model = suppliers
else:
return self.make_write(result_code=100)
if not user_info:
return self.make_write(result_code=1006)
encrypt_old_pwd = hashlib.sha1(old_password).hexdigest()
if encrypt_old_pwd != user_info.password:
return self.make_write(result_code=1006)
encrypt_pwd = hashlib.sha1(new_password).hexdigest()
result = update_model.update(_id=user_id, password=encrypt_pwd)
return self.make_write(result_code=0, result_data="")