def prepare(self): if not self.current_user: self.write_error(401, "请先登录再使用") raise Finish() # 获取中转站和员工身份(优先从cookie中获取) station_id = self.get_secure_cookie("ph_station_id") filters = list() if station_id: filters.append(models.TransferStation.id == station_id) staff_station = self.session.query(models.Staff, models.TransferStation)\ .join(models.TransferStation, models.TransferStation.id == models.Staff.station_id)\ .filter(*filters, models.TransferStation.status == 0, models.Staff.status == 0, models.Staff.account_id == self.current_user.id, or_(models.Staff.super_admin_status == 1, models.Staff.admin_status == 1))\ .first() # 如果没有中转站或员工身份 if not staff_station: if self.should_check_identity(): self.clear_current_user() self.clear_current_station_cookie() self.write_error(401, "没有有效的管理员身份") raise Finish() self.current_staff = staff_station[0] if staff_station else None self.current_station = staff_station[1] if staff_station else None
def prepare(self): if not self.current_user: self.write_error(401, "请先登录再使用") raise Finish() # 获取中转站和采购员身份(优先从cookie中获取) station_id = self.get_secure_cookie("ph_station_id") filters = list() if station_id: filters.append(models.TransferStation.id == station_id) staff_station = self.session.query(models.Staff, models.TransferStation) \ .join(models.TransferStation, models.TransferStation.id == models.Staff.station_id) \ .filter(*filters, models.TransferStation.status == 0, models.Staff.status == 0, models.Staff.account_id == self.current_user.id, models.Staff.purchaser_status == 1) \ .first() if not staff_station: self.clear_current_user() self.clear_current_station_cookie() self.write_error(401, "没有有效的采购员权限") raise Finish() self.current_staff = staff_station[0] if staff_station else None self.current_station = staff_station[1] if staff_station else None
def session_id(self) -> ObjectId: raw_session_id = self.handler.get_argument("session_id", None) if raw_session_id is None: self.handler.set_status(428, "missing param(s) session_id") raise Finish() try: return ObjectId(raw_session_id) except InvalidId: self.handler.set_status( 412, "invalid param=session_id,session_id=%s" % raw_session_id) raise Finish()
def product_id(self) -> ObjectId: raw_product_id = self.handler.get_argument("product_id", None) if not raw_product_id: self.handler.set_status(428, "missing param(s) product_id") raise Finish() try: return ObjectId(raw_product_id) except InvalidId: self.handler.set_status( 412, "invalid param=product_id,product_id=%s" % raw_product_id) raise Finish()
def body(self) -> dict: try: return loads(self.handler.request.body.decode("utf-8")) except: self.handler.set_status( 412, "invalid body,body=%s" % self.handler.request.body) raise Finish()
def type(self): _type = self.handler.get_argument("type", None) if _type is None: self.handler.set_status(428, "missing param=type") raise Finish() else: return _type
def locale(self): locale = self.handler.get_argument("locale", None) if locale is None: self.handler.set_status(428, "missing param=locale") raise Finish() else: return locale
def context_id(self, context_id) -> ObjectId: try: return ObjectId(context_id) except: self.handler.set_status( 412, "invalid param=context_id,context_id=%s" % context_id) raise Finish()
def meta_data(self) -> str: try: return self.body()["meta_data"] if "meta_data" in self.body( ) else None except: self.handler.set_status(412, "body [mete_data] direction") raise Finish()
def write_error(self, msg='error.', status_code=404): data = dict( code=status_code, msg=msg ) self.write_json(data, status_code) raise Finish()
def user_id(self, user_id) -> ObjectId: try: return ObjectId(user_id) except: self.handler.set_status( 412, "invalid param=user_id,user_id=%s" % user_id) raise Finish()
def validate(data, rules, handler=None): """ 数据校验主控函数 :param data: 待校验的数据,一般是指从页面POST的dict类型的数据 :param rules: 校验规则列表,每个rule是一个(func, para1, para2, ...)元组,其中,func是校验工具函数。关于para1、para2等参数: 1. 如果是字符串格式,则表示data的属性,将data[para1]数据作为参数传递给func函数 2. 如果不是字符串格式,则直接作为参数传递给func函数 :param handler: Web请求响应对象,指定则发送错误消息并抛出异常结束 :return: 如果校验有误,则返回校验错误,格式为{key: (error_code, message)},其中,key为data的属性。无误,则无返回值。 """ errs = {} for rule in rules: func = rule[0] kw = { para: data.get(para) for para in rule[1:] if isinstance(para, str) } args = [para for para in rule[1:] if not isinstance(para, str)] ret = func(*args, **kw) if ret: errs.update(ret) if errs and handler: handler.send_error_response(errs) raise Finish() return errs or None
def json_success(self, msg=None, **kwargs): "Return success as a JSON object" assert "success" not in kwargs and "message" not in kwargs resp = {"success": True, **kwargs} if msg is not None: resp["message"] = msg raise Finish(json.dumps(resp))
async def _method(*args, **kwargs): try: return await coro(*args, **kwargs) except QueryPipelineInterrupt as itr: raise Finish(itr.details) except QueryPipelineException as exc: raise HTTPError(exc.code, None, exc.details, reason=exc.summary)
def pre_transform_hook(self, options, res): # raw == 1 is reserved for adding underscore fields if options.control.raw == 2: raise Finish(res) return res
def json_success(self, msg=None, **kwargs): 'Return success as a JSON object' assert 'success' not in kwargs and 'message' not in kwargs resp = {'success': True, **kwargs} if msg is not None: resp['message'] = msg raise Finish(json.dumps(resp))
def finish_with_json(self, data): """Turn data to JSON format before finish.""" self.set_header('Content-Type', 'application/json') if O_O.debug: if self.request.method == 'POST': info_list = [ f'\033[0;33mOutput: {self.request.method} {self.request.path}' ] if self.request.query: query_list = [ f'\033[0;33m{i[0]:15s} {i[1]}' for i in parse.parse_qsl(self.request.query) ] info_list.append('\n' + '\n'.join(query_list)) if self.request.body: try: info_list.append('\n\033[0;33m' + self.request.body.decode()) except UnicodeDecodeError: pass if data: info_list.append('\n\033[0;33m' + json.dumps(data)) dump_out(*info_list) raise Finish(json.dumps(data).encode())
def product_id(self, product_id) -> ObjectId: try: return ObjectId(product_id) except: self.handler.set_status( 412, "invalid param=product_id,product_id=%s" % product_id) raise Finish()
def get_json_data(self): try: data = json.loads(self.request.body.decode()) return data except json.decoder.JSONDecodeError as e: logger.error("JSON parse error: %s" % e) self.set_status(400) raise Finish()
def finish_with_json(self, data): """Turn data to JSON format before finish.""" self.set_header('Content-Type', 'application/json') if O_O.debug: dump_out(f'Output: {self.request.method} {self.request.path}', str(data['data'])) raise Finish(json.dumps(data).encode())
def rev(self): raw_rev = self.handler.get_argument("_rev", None) try: return ObjectId(raw_rev) if raw_rev is not None else None except InvalidId: self.handler.set_status(428, "invalid param=_rev,_rev=%s" % raw_rev) raise Finish()
def context_id(self): raw_context_id = self.handler.get_argument("context_id", None) if not raw_context_id: self.handler.set_status(428) self.handler.finish( json_encode({ "status": "error", "message": "missing param(s) context_id" })) raise Finish() try: return ObjectId(raw_context_id) except InvalidId: self.handler.set_status( 412, "invalid param=context_id,context_id=%s" % raw_context_id) raise Finish()
def user_id(self) -> ObjectId: raw_user_id = self.handler.get_argument("user_id", None) try: return ObjectId(raw_user_id) if raw_user_id is not None else None except InvalidId: self.handler.set_status( 428, "invalid param=user_id,user_id=%s" % raw_user_id) raise Finish()
def _check_post_data(self): if self.request.method == 'POST': if hasattr(self, 'required_fields') and len(self.required_fields): data = self.get_data() missing_fields = ", ".join(self.required_fields - data.keys()) if missing_fields: self.write_error(400, f'Error: missing field(s): {missing_fields}') raise Finish()
def _check_jwt(self): if self.request.method != 'OPTIONS': # maybe not? try: if not self.verify_jwt(): raise Finish() except ExpiredSignatureError: self.write_error(401, 'Authorization token is expired') raise Finish() except DecodeError: self.write_error(401, 'Invalid authorization token') raise Finish() except Exception as e: self.write_error(401, 'Failed to read authorization token') logging.warning('Failed to read authorization token\n', e) raise Finish() else: logging.info(f'OPTIONS headers: {self.request.headers}')
def update_status(self, demand_order, status): """更新订货单状态""" wish_order = models.WishOrder.get_by_id(self.session, demand_order.wish_order_id) if not wish_order: self.send_fail("没有找到对应的意向单") raise Finish() if wish_order.status >= 3: self.send_fail("意向单已截止订货") raise Finish() # 不能回到初始状态 if status == 0 and demand_order.status > 0: self.send_fail("状态无效") raise Finish() demand_order.status = status
def pre_transform_hook(self, options, res): """ Override this in subclasses. By default, return query response, if requested. Might want to persist this behavior by calling super(). """ if options.control.raw: raise Finish(res) return res
def pre_query_hook(self, options, query): """ Override this in subclasses. By default, return raw query, if requested. Might want to persist this behavior by calling super(). """ if options.control.rawquery: raise Finish(query.to_dict()) return query
def post(self, path): if not self.has_admin_role(): self.write_error(403) raise Finish() prop = 'user.threshold' data = self.get_data() try: increment = int(data.get('increment', 0)) except ValueError: self.write_error(400, f"Error: invalid number") raise Finish() set_property(prop, str(int(get_property(prop)) + increment)) invite_next_users() self.success(status=201) self.finish()
def created(self) -> datetime: raw_created = self.body()["created"] if "created" in self.body( ) else None try: return dateutil.parser.parse(raw_created) except: self.handler.set_status(412, "invalid created,created=%s" % raw_created) raise Finish()