def table_item_save(request): person_id = None if ('person_id' in request.POST) and request.POST['person_id'].isdigit(): person_id = int(request.POST['person_id']) user_login = request.POST[ 'user_login'] if 'user_login' in request.POST else None if not user_login: raise HTTPBadRequest('"user_login" is required parameter') if not person_id: users = DBSession.query(User).filter(User.login == user_login).all() if len(users) > 0: return { 'Result': 'Error', 'Message': u'Такой логин уже присутствует в системе' } with transaction.manager: if person_id: person = DBSession.query(Person) \ .options(joinedload('user')) \ .filter(Person.id == person_id) \ .all()[0] user = person.user else: person = Person() DBSession.add(person) user = User() DBSession.add(user) person.user = user for attr in request.POST: table_name, field = attr.split('_') if field == 'id': continue if table_name == 'person': setattr(person, field, request.POST[attr]) if table_name == 'user': setattr(user, field, request.POST[attr]) if 'user_active' in request.POST and request.POST['user_active']: user.active = True else: user.active = False if 'user_password' in request.POST and request.POST['user_password']: user.password = User.password_hash(request.POST['user_password']) DBSession.flush() DBSession.refresh(user) DBSession.refresh(person) person_json = person.as_json_dict('person_') user_json = user.as_json_dict('user_') item_json = person_json.copy() item_json.update(user_json) return {'Result': 'OK', 'Record': item_json}
def table_item_save(request): session = DBSession() session.expire_on_commit = False if ('person_id' in request.POST) and request.POST['person_id'].isdigit(): person_id = int(request.POST['person_id']) person = session.query(Person) \ .options(joinedload('user')) \ .filter(Person.id == person_id) \ .all()[0] user = person.user else: person = Person() user = User() session.add(user) person.user = user for attr in request.POST: table_name, field = attr.split('_') if field == 'id': continue if table_name == 'person': setattr(person, field, request.POST[attr]) if table_name == 'user': setattr(user, field, request.POST[attr]) if 'user_active' in request.POST and request.POST['user_active']: user.active = True else: user.active = False if 'user_password' in request.POST and request.POST['user_password']: user.password = User.password_hash(request.POST['user_password']) session.add(person) try: transaction.commit() except IntegrityError: transaction.abort() return { 'Result': 'Error', 'Message': u'Такой логин уже присутствует в системе' } person_json = person.as_json_dict('person_') user_json = user.as_json_dict('user_') item_json = person_json.copy() item_json.update(user_json) session.close() return { 'Result': 'OK', 'Record': item_json }
def login(request): message = None if hasattr(request, 'exception') and isinstance(request.exception, HTTPForbidden): message = u"Недостаточно прав доступа для выполнения указанной операции!" login_url = route_url('login', request) referrer = request.url if referrer == login_url: referrer = route_url('home', request) next_url = route_url('home', request) login = '' password = '' if 'form.submitted' in request.params: login = request.params['login'] password = request.params['password'] try: dbsession = DBSession() user = dbsession.query(User)\ .filter_by(login=login, password=User.password_hash(password), active=True)\ .one() dbsession.close() headers = remember(request, user.id) return HTTPFound(location=next_url, headers=headers) except NoResultFound: pass message = u"Неверный логин или пароль!" return dict( message=message, url=request.application_url + '/login', next_url=next_url, login=login, password=password, )
def login(request): message = None if hasattr(request, 'exception') and isinstance(request.exception, HTTPForbidden): message = u"Недостаточно прав доступа для выполнения указанной операции!" login_url = route_url('login', request) referrer = request.url if referrer == login_url: referrer = route_url('home', request) next_url = route_url('home', request) login = '' password = '' if 'form.submitted' in request.params: login = request.params['login'] password = request.params['password'] try: dbsession = DBSession() user = dbsession.query(User)\ .filter_by(login=login, password=User.password_hash(password), active=True)\ .one() dbsession.close() headers = remember(request, user.id) return HTTPFound(location=next_url, headers=headers) except NoResultFound: pass message = u"Неверный логин или пароль!" return dict( message = message, url = request.application_url + '/login', next_url = next_url, login = login, password = password, )
def table_item_save(request): person_id = None if ('person_id' in request.POST) and request.POST['person_id'].isdigit(): person_id = int(request.POST['person_id']) user_login = request.POST['user_login'] if 'user_login' in request.POST else None if not user_login: raise HTTPBadRequest('"user_login" is required parameter') if not person_id: users = DBSession.query(User).filter(User.login == user_login).all() if len(users) > 0: return { 'Result': 'Error', 'Message': u'Такой логин уже присутствует в системе' } with transaction.manager: if person_id: person = DBSession.query(Person) \ .options(joinedload('user')) \ .filter(Person.id == person_id) \ .all()[0] user = person.user else: person = Person() DBSession.add(person) user = User() DBSession.add(user) person.user = user for attr in request.POST: table_name, field = attr.split('_') if field == 'id': continue if table_name == 'person': setattr(person, field, request.POST[attr]) if table_name == 'user': setattr(user, field, request.POST[attr]) if 'user_active' in request.POST and request.POST['user_active']: user.active = True else: user.active = False if 'user_password' in request.POST and request.POST['user_password']: user.password = User.password_hash(request.POST['user_password']) DBSession.flush() DBSession.refresh(user) DBSession.refresh(person) person_json = person.as_json_dict('person_') user_json = user.as_json_dict('user_') item_json = person_json.copy() item_json.update(user_json) return { 'Result': 'OK', 'Record': item_json }