def List(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
data = self.Post('data')
page = self.Post('page')
limit = self.Post('limit')
if not data or not page or not limit:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
fid = Util.Trim(param['fid']) if 'fid' in param.keys() else ''
title = Util.Trim(param['title']) if 'title' in param.keys() else ''
url = Util.Trim(param['url']) if 'url' in param.keys() else ''
# 统计
m = SysMenu()
m.Columns('count(*) AS num')
m.Where('fid like %s AND title like %s AND url like %s',
'%' + fid + '%', '%' + title + '%', '%' + url + '%')
total = m.FindFirst()
# 查询
m.Columns('id', 'fid', 'title', 'ico',
'FROM_UNIXTIME(ctime, %s) as ctime',
'FROM_UNIXTIME(utime, %s) as utime', 'sort', 'url',
'controller', 'action')
m.Where('fid like %s AND title like %s AND url like %s',
'%Y-%m-%d %H:%i:%s', '%Y-%m-%d %H:%i:%s', '%' + fid + '%',
'%' + title + '%', '%' + url + '%')
m.Order('sort DESC', 'fid')
m.Page(int(page), int(limit))
list = m.Find()
# 数据
for val in list:
val['action'] = Util.JsonDecode(
val['action']) if str(val['action']) != '' else ''
# 返回
return self.GetJSON({
'code': 0,
'msg': '成功',
'list': list,
'total': total['num']
})
def Perm(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
id = self.Post('id')
data = self.Post('data')
if not id or not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
# 执行
m = SysMenu()
m.Set({'action': data})
m.Where('id=%s', id)
if m.Update():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '更新失败!'})
def Del(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
data = self.Post('data')
if not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
ids = Util.Implode(',', param)
# 执行
m = SysMenu()
m.Where('id in(' + ids + ')')
if m.Delete():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '删除失败!'})
def Verify(token: str, urlPerm: str):
# Token
if token=='' : return 'Token不能为空!'
tData = Safety.Decode(token)
if not tData : return 'Token验证失败!'
# 是否过期
uid = str(tData['uid'])
redis = Redis()
time = redis.Ttl(Env.admin_token_prefix+'_token_'+uid)
redis.Close()
if time <1 : return 'Token已过期!'
# 续期
if Env.admin_token_auto :
redis = Redis()
redis.Expire(Env.admin_token_prefix+'_token_'+uid, Env.admin_token_time)
redis.Expire(Env.admin_token_prefix+'_perm_'+uid, Env.admin_token_time)
redis.Close()
# URL权限
if urlPerm=='' : return ''
arr = Util.Explode('/', urlPerm)
action = arr[-1:][0]
controller = Util.Implode('/', arr[:-1])
# 菜单
menu = SysMenu()
menu.Columns('id', 'action')
menu.Where('controller=%s', controller)
menuData = menu.FindFirst()
if not menuData : return '菜单验证无效!'
# 验证-菜单
id = str(menuData['id'])
permData = AdminToken.Perm(token)
if id not in permData.keys() : return '无权访问菜单!'
# 验证-动作
actionVal = permData[id]
permArr = Util.JsonDecode(menuData['action'])
permVal = 0
for val in permArr :
if action==val['action'] :
permVal = int(val['perm'])
break
if actionVal&permVal==0 : return '无权访问动作!'
return ''
def Edit(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
id = self.Post('id')
data = self.Post('data')
if not id or not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
title = Util.Trim(param['title']) if 'title' in param.keys() else ''
if title == '':
return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'})
# 数据
m = SysMenu()
m.Set({
'fid':
Util.Trim(param['fid']) if 'fid' in param.keys() else 0,
'title':
title,
'url':
Util.Trim(param['url']) if 'url' in param.keys() else '',
'ico':
Util.Trim(param['ico']) if 'ico' in param.keys() else '',
'sort':
Util.Trim(param['sort']) if 'sort' in param.keys() else 0,
'controller':
Util.Trim(param['controller'])
if 'controller' in param.keys() else '',
'utime':
Util.Time(),
})
m.Where('id=%s', id)
if m.Update():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '更新失败!'})