def post(self):
body_json = request.json
try:
variety_id = int(body_json.get('variety_id'))
group_name = body_json.get('name')
if not group_name:
raise ValueError('group ERROR')
utoken = body_json.get('utoken')
except Exception as e:
return jsonify({"message": "参数错误"}), 400
user_info = verify_json_web_token(utoken)
if not user_info or user_info['role_num'] > enums.RESEARCH:
return jsonify({"message": "登录已过期或不能操作"})
user_id = user_info['id']
db_connection = MySQLConnection()
cursor = db_connection.get_cursor()
# 查询用户权限
auth_statement = "SELECT `id` FROM `link_user_variety` " \
"WHERE `user_id`=%d AND `variety_id`=%d;" % (user_id, variety_id)
cursor.execute(auth_statement)
if not cursor.fetchone():
db_connection.close()
return jsonify({"message": "没有权限,不能这样操作"}), 400
save_statement = "INSERT INTO `info_variety_trendgroup` " \
"(`name`,`variety_id`,`author_id`) " \
"VALUES (%s,%s,%s);"
cursor.execute(save_statement, (group_name, variety_id, user_id))
new_id = db_connection.insert_id()
update_sort_statement = "UPDATE `info_variety_trendgroup` SET `sort`=%d WHERE `id`=%d;" % (
new_id, new_id)
cursor.execute(update_sort_statement)
db_connection.commit()
db_connection.close()
return jsonify({"message": "添加组成功!"}), 201
def post(self):
body_json = request.json
utoken = body_json.get('utoken', None)
user_info = verify_json_web_token(utoken)
if not user_info:
return jsonify({"message": "登录已过期!"}), 400
if user_info['role_num'] > 2:
return jsonify({"message": "没有权限进行这个操作!"}), 400
module_name = body_json.get('module_name', None)
parent_id = body_json.get('parent_id', None)
if not module_name:
return jsonify({"message": "参数错误! NOT FOUND NAME."}), 400
db_connection = MySQLConnection()
cursor = db_connection.get_cursor()
try:
if not parent_id:
insert_statement = "INSERT INTO `info_module` (`name`) VALUES (%s);"
cursor.execute(insert_statement, module_name)
else:
parent_id = int(parent_id)
insert_statement = "INSERT INTO `info_module`(`name`,`parent_id`) VALUES (%s,%s);"
cursor.execute(insert_statement, (module_name, parent_id))
new_mid = db_connection.insert_id() # 新加入的id
update_statement = "UPDATE `info_module` SET `sort`=%s WHERE `id`=%s;"
cursor.execute(update_statement, (new_mid, new_mid))
db_connection.commit()
except Exception as e:
db_connection.rollback()
db_connection.close()
return jsonify({"message": "添加失败{}".format(e)}), 400
else:
db_connection.close()
return jsonify({"message": "添加成功!"}), 201
def post(self):
json_body = request.json
imgcid = json_body.get('image_code_id', '')
machine_code = json_body.get('machine_code', None)
client = get_client(machine_code)
if not client:
return jsonify({'message': 'INVALID CLIENT,无法注册!'})
role_num = 5
if client['is_manager'] == 1:
role_num = 4
username = json_body.get('username', None)
password = json_body.get('password', None)
phone = json_body.get('phone', None)
email = json_body.get('email', '')
image_code = json_body.get('imgcode', None)
agent = request.headers.get('User-Agent', '')
user_origin = ''
if agent.startswith('Delivery'):
user_origin = 'delivery'
if not all([username, password, phone, image_code]):
return jsonify({'message': '请提交完整数据.'})
if not re.match(r'^[1][3-9][0-9]{9}$', phone): # 手机号验证
return jsonify({"message": "手机号有误!"})
redis_connection = RedisConnection()
real_imgcode = redis_connection.get_value('imgcid_%s' %
imgcid) # 取出验证码
if not real_imgcode or image_code.lower() != real_imgcode.lower():
return jsonify({"message": "验证码错误!"})
password = hash_user_password(password)
db_connection = MySQLConnection()
cursor = db_connection.get_cursor()
try:
save_statement = "INSERT INTO `info_user`(`username`,`password`,`phone`,`email`,`role_num`,`origin`)" \
"VALUES (%s,%s,%s,%s,%s,%s);"
cursor.execute(
save_statement,
(username, password, phone, email, role_num, user_origin))
# 写入第三方表(记录用户可登录的客户端表)
new_user_id = db_connection.insert_id()
client_id = int(client['id'])
expire_time = datetime.datetime.strptime("3000-01-01", "%Y-%m-%d")
uc_save_statement = "INSERT INTO `link_user_client`(`user_id`,`client_id`,`expire_time`)" \
"VALUES (%s,%s,%s);"
cursor.execute(uc_save_statement,
(new_user_id, client_id, expire_time))
db_connection.commit()
except Exception as e:
current_app.logger.error("用户注册错误:{}".format(e))
db_connection.rollback() # 事务回滚
db_connection.close()
return jsonify({"message": "注册失败%s" % str(e)}), 400
else:
return jsonify({"message": "注册成功"}), 201
def post(self):
json_data = request.json
token = json_data.get('utoken', None)
if not user_is_admin(token):
return jsonify("登录已过期或没有权限进行这个操作."), 400
# 验证上传的数据
module_name = json_data.get('module_name', None)
module_page_url = json_data.get('page_url', None)
module_parent_id = json_data.get('parent_id', None)
if not module_name:
return jsonify("请填写名称!"), 400
if module_parent_id and not module_page_url:
return jsonify("子级模块需填写页面路径!"), 400
module_page_url += ".html" # 加上后缀
# 写入数据库
db_connection = MySQLConnection()
cursor = db_connection.get_cursor()
try:
if not module_parent_id:
save_statement = "INSERT INTO `work_module` (`name`,`page_url`,`parent_id`) VALUES (%s,'',NULL);"
cursor.execute(save_statement, module_name)
new_id = db_connection.insert_id()
else:
save_statement = "INSERT INTO `work_module` (`name`,`page_url`,`parent_id`) VALUES (%s,%s,%s);"
cursor.execute(
save_statement,
(module_name, module_page_url, module_parent_id))
new_id = db_connection.insert_id()
# 修改sort值
update_sort_statement = "UPDATE `work_module` SET `sort`=%s WHERE `id`=%s;"
cursor.execute(update_sort_statement, (new_id, new_id))
db_connection.commit()
except Exception as e:
logger = current_app.logger
logger.error("新增系统模块错误:" + str(e))
db_connection.close()
return jsonify("系统发生了个错误。"), 400
else:
db_connection.close()
return self.get() # 查询所有
def post(self):
json_data = request.json
token = json_data.get('utoken', None)
if not user_is_admin(token):
return jsonify("登录已过期或没有权限进行这个操作."), 400
# 验证上传的数据
variety_name = json_data.get('variety_name', None)
variety_group_id = json_data.get('parent_id', None)
variety_en_code = json_data.get('en_code', None)
if not variety_name:
return jsonify("请填写名称!"), 400
if variety_group_id and not variety_en_code:
return jsonify("品种请填写英文代码."), 400
# 写入数据库
db_connection = MySQLConnection()
cursor = db_connection.get_cursor()
try:
if not variety_group_id:
save_statement = "INSERT INTO `variety` (`name`,`parent_id`) VALUES (%s,NULL);"
cursor.execute(save_statement, variety_name)
new_id = db_connection.insert_id()
else:
save_statement = "INSERT INTO `variety` (`name`, `parent_id`,`en_code`) VALUES (%s,%s,%s);"
cursor.execute(
save_statement,
(variety_name, variety_group_id, variety_en_code))
new_id = db_connection.insert_id()
# 修改sort值
update_sort_statement = "UPDATE `variety` SET `sort`=%s WHERE `id`=%s;"
cursor.execute(update_sort_statement, (new_id, new_id))
db_connection.commit()
except Exception as e:
logger = current_app.logger
logger.error("新增品种错误:" + str(e))
db_connection.close()
return jsonify("系统发生了个错误。"), 400
else:
db_connection.close()
return self.get() # 查询所有
def post(self):
body_json = request.json
utoken = body_json.get('utoken', None)
user_info = verify_json_web_token(utoken)
if not user_info:
return jsonify({"message": "登录已过期!"}), 400
if user_info['role_num'] > 2:
return jsonify({"message": "没有权限进行这个操作!"}), 400
variety_name = body_json.get('variety_name', None)
variety_name_en = body_json.get('variety_name_en', None)
exchange_num = body_json.get('exchange_num', 0)
parent_id = body_json.get('parent_num', 0)
if not variety_name:
return jsonify("参数错误! NOT FOUND NAME."), 400
# 保存
db_connection = MySQLConnection()
cursor = db_connection.get_cursor()
try:
if not parent_id:
insert_statement = "INSERT INTO `info_variety` (`name`) VALUES (%s);"
cursor.execute(insert_statement, variety_name)
else:
parent_id = int(parent_id)
exchange_num = int(exchange_num)
variety_name_en = variety_name_en.upper()
insert_statement = "INSERT INTO `info_variety` (`name`,`name_en`,`parent_id`,`exchange`) VALUES (%s,%s,%s,%s);"
cursor.execute(
insert_statement,
(variety_name, variety_name_en, parent_id, exchange_num))
new_vid = db_connection.insert_id()
cursor.execute(
"UPDATE `info_variety` SET `sort`=%d WHERE `id`=%d;" %
(new_vid, new_vid))
db_connection.commit()
except Exception as e:
db_connection.rollback()
db_connection.close()
current_app.logger.error("增加品种错误:{}".format(e))
return jsonify({"message": "增加品种错误."}), 400
else:
db_connection.close()
return jsonify({"message": "增加品种成功!"}), 201
def initial_tables_and_data():
# 连接mysql
db_connection = MySQLConnection()
cursor = db_connection.get_cursor()
# 系统模块信息表
cursor.execute("CREATE TABLE IF NOT EXISTS `work_module` ("
"`id` INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT,"
"`name` VARCHAR(32) NOT NULL,"
"`page_url` VARCHAR (255) DEFAULT '',"
"`sort` INT(11) NOT NULL DEFAULT 0,"
"`parent_id` INT(11) DEFAULT NULL,"
"`is_active` BIT NOT NULL DEFAULT 1,"
"`is_private` BIT NOT NULL DEFAULT 0"
");")
# 创建用户信息表
cursor.execute(
"CREATE TABLE IF NOT EXISTS `user_info` ("
"`id` INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT,"
"`name` VARCHAR(255) NOT NULL UNIQUE,"
"`fixed_code` VARCHAR(8) NOT NULL UNIQUE,"
"`join_time` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,"
"`update_time` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,"
"`password` VARCHAR(32) NOT NULL,"
"`phone` VARCHAR(11) NOT NULL DEFAULT '',"
"`email` VARCHAR(64) NOT NULL DEFAULT '',"
"`is_admin` BIT NOT NULL DEFAULT 0,"
"`is_active` BIT NOT NULL DEFAULT 0,"
"`org_id` INT(11) NOT NULL DEFAULT 0"
");")
# 用户与不用提交的模块第三方表
cursor.execute("CREATE TABLE IF NOT EXISTS `user_ndo_module` ("
"`id` INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT,"
"`user_id` INT(11) NOT NULL,"
"`module_id` INT(11) NOT NULL,"
"`is_active` BIT NOT NULL DEFAULT 1,"
"UNIQUE KEY `user_id`(`user_id`,`module_id`)"
");")
# 系统中品种信息表
cursor.execute("CREATE TABLE IF NOT EXISTS `variety` ("
"`id` INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT,"
"`name` VARCHAR(32) NOT NULL UNIQUE,"
"`en_code` VARCHAR(16) NOT NULL DEFAULT '',"
"`sort` INT(11) NOT NULL DEFAULT 0,"
"`parent_id` INT(11) DEFAULT NULL,"
"`is_active` BIT NOT NULL DEFAULT 1,"
"UNIQUE KEY `name_unique`(`name`,`en_code`)"
");")
"""添加系统默认菜单"""
# 加入系统设置菜单组
save_module = "INSERT INTO `work_module` (`name`,`page_url`,`parent_id`) VALUES ('系统设置','',NULL);"
cursor.execute(save_module)
new_mid = db_connection.insert_id() # 返回的id
# 修改sort
update_sort_statement = "UPDATE `work_module` SET `sort`=%s WHERE `id`=%s;"
cursor.execute(update_sort_statement, (new_mid, new_mid))
# 插入系统模块管理
insert_statement = "INSERT INTO `work_module` (`name`,`page_url`,`parent_id`) VALUES ('系统模块管理','sys-modules.html',%s);"
cursor.execute(insert_statement, (new_mid, ))
new_mid = db_connection.insert_id() # 返回的id
# 修改sort字段的值
update_sort_statement = "UPDATE `work_module` SET `sort`=%s WHERE `id`=%s;"
cursor.execute(update_sort_statement, (new_mid, new_mid))
"""添加一个默认管理员信息"""
# 新增一个管理员信息
save_admin = "INSERT INTO `user_info` (`name`,`fixed_code`,`password`,`is_admin`,`is_active`) VALUES ('管理员','rdyj321','bbe7977cef5fcf80a39b801fcfdda5e0', 1, 1);"
cursor.execute(save_admin)
# 提交数据
db_connection.commit()
db_connection.close() # 关闭数据库连接
def create_tables():
db_connection = MySQLConnection()
cursor = db_connection.get_cursor()
# 客户端信息表
cursor.execute(
"CREATE TABLE IF NOT EXISTS `info_client` ("
"`id` INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT,"
"`name` VARCHAR(128) NOT NULL DEFAULT '',"
"`machine_code` VARCHAR(32) NOT NULL UNIQUE,"
"`join_time` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,"
"`update_time` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,"
"`is_manager` BIT NOT NULL DEFAULT 0,"
"`origin` VARCHAR(10) NOT NULL DEFAULT '',"
"`is_active` BIT NOT NULL DEFAULT 1"
");")
# 系统功能模块表
# level字段对应用户的角色枚举值
cursor.execute("CREATE TABLE IF NOT EXISTS `info_module` ("
"`id` INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT,"
"`name` VARCHAR(128) NOT NULL UNIQUE,"
"`parent_id` INT(11) DEFAULT NULL,"
"`level` INT(11) DEFAULT 5,"
"`sort` INT(11) DEFAULT 0,"
"`is_active` BIT NOT NULL DEFAULT 1"
");")
# 用户-模块表(记录可进入的,level表示的是那些用户可见与否)
cursor.execute("CREATE TABLE IF NOT EXISTS `link_user_module` ("
"`id` INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT,"
"`user_id` INT(11) NOT NULL,"
"`module_id` INT(11) NOT NULL,"
"`expire_time` DATETIME NOT NULL,"
"UNIQUE KEY `usermodule`(`user_id`,`module_id`)"
");")
# 添加系统管理模块
cursor.execute(
"INSERT INTO `info_module` (`name`,`level`) VALUES ('系统管理', 4);")
new_mid = db_connection.insert_id()
# 更新sort
cursor.execute("UPDATE `info_module` SET `sort`=%d WHERE `id`=%d" %
(new_mid, new_mid))
cursor.execute(
"INSERT INTO `info_module` (`name`,`parent_id`,`level`) VALUES ('运营管理', %d, 2);"
% new_mid)
new_mid = db_connection.insert_id()
cursor.execute("UPDATE `info_module` SET `sort`=%d WHERE `id`=%d" %
(new_mid, new_mid))
cursor.execute(
"INSERT INTO `info_module` (`name`,`parent_id`,`level`) VALUES ('角色管理', %d, 1);"
% new_mid)
new_mid = db_connection.insert_id()
cursor.execute("UPDATE `info_module` SET `sort`=%d WHERE `id`=%d" %
(new_mid, new_mid))
# 品种信息表
cursor.execute("CREATE TABLE IF NOT EXISTS `info_variety` ("
"`id` INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT,"
"`name` VARCHAR(128) NOT NULL,"
"`name_en` VARCHAR(16) NOT NULL DEFAULT '',"
"`parent_id` INT(11) DEFAULT NULL,"
"`exchange` TINYINT(3) NOT NULL DEFAULT 0,"
"`sort` INT(11) DEFAULT 0,"
"`is_active` BIT NOT NULL DEFAULT 1,"
"UNIQUE KEY `varietyname`(`name`,`name_en`)"
");")
# 增加品种4个分组
cursor.execute("INSERT INTO `info_variety` (`name`) VALUES ('金融股指');")
new_vid = db_connection.insert_id()
cursor.execute("UPDATE `info_variety` SET `sort`=%d WHERE `id`=%d" %
(new_vid, new_vid))
cursor.execute("INSERT INTO `info_variety` (`name`) VALUES ('农业产品');")
new_vid = db_connection.insert_id()
cursor.execute("UPDATE `info_variety` SET `sort`=%d WHERE `id`=%d" %
(new_vid, new_vid))
cursor.execute("INSERT INTO `info_variety` (`name`) VALUES ('化工材料');")
new_vid = db_connection.insert_id()
cursor.execute("UPDATE `info_variety` SET `sort`=%d WHERE `id`=%d" %
(new_vid, new_vid))
cursor.execute("INSERT INTO `info_variety` (`name`) VALUES ('黑色金属');")
new_vid = db_connection.insert_id()
cursor.execute("UPDATE `info_variety` SET `sort`=%d WHERE `id`=%d" %
(new_vid, new_vid))
db_connection.commit()
db_connection.close()
