def put_user():
"""
添加或者修改用户
:return:
"""
user = User()
for key in user.__dict__.keys():
if key in request.args.keys():
user.__dict__[key] = request.args.get(key)
if key == 'id':
user.id = int(user.id)
if user.id:
for item in user.__dict__.items():
if item[1]:
res = __validate_user(item[0], item[1])
if res:
return res
admin = session.get('admin', None)
current_user = session.get('user', None)
if not (admin or current_user):
return jsonify(status=False, msg="请先登录!")
if not admin and current_user['id'] != user.id:
return jsonify(status=False, msg="没有权限!")
if user.status and not admin:
return jsonify(status=False, msg="没有权限!")
user.update()
if current_user:
if user.pwd:
session.clear()
else:
for key in current_user.keys():
if user.__dict__[key]:
current_user[key] = user.__dict__[key]
session['user'] = current_user
else:
for item in user.__dict__.items():
res = __validate_user(item[0], item[1])
if res:
return res
user.add()
return jsonify(status=True)
def remove_user():
"""
删除用户
"""
id = request.args.get('id', type=int)
user = User()
user.id = id
admin = session.get('admin', None)
current_user = session.get('user', None)
if not admin:
if not current_user:
return jsonify(status=False, msg='请先登录!')
else:
if current_user['id'] != user.id:
return jsonify(status=False, msg='不能删除别人账号!')
user.remove()
if not admin and current_user['id'] == user.id:
session.clear()
return jsonify(status=True)
