def add_cmsuser(): if request.method == 'GET': roles = CMSRole.query.all() context = { 'roles': roles } return render_template('cms/cms_addcmsuser.html',**context) else: form = CMSAddUserForm(request.form) if form.validate(): email = form.email.data username = form.username.data password = form.password.data roles = request.form.getlist('roles[]') if not roles: return xjson.json_params_error(message=u'必须指定最少一个分组!') user = CMSUser(email=email,username=username,password=password) for role_id in roles: role = CMSRole.query.get(role_id) role.users.append(user) # 如果是通过user.roles.append(role) # 那么还需要通过db.session.add(user)添加用户到session中 # 这是因为user还没有添加到数据库中 db.session.commit() return xjson.json_success() else: return xjson.json_params_error(message=form.get_error())
def edit_cmsuser(): if request.method == 'GET': user_id = request.args.get('user_id') if not user_id: abort(404) user = CMSUser.query.get(user_id) roles = CMSRole.query.all() current_roles = [role.id for role in user.roles] context = { 'user': user, 'roles': roles, 'current_roles': current_roles } return render_template('cms/cms_editcmsuser.html',**context) else: user_id = request.form.get('user_id') roles = request.form.getlist('roles[]') if not user_id: return xjson.json_params_error(message=u'没有指定id!') if not roles: return xjson.json_params_error(message=u'必须指定一个组!') user = CMSUser.query.get(user_id) # 清掉之前的角色信息 user.roles[:] = [] # 添加新的角色 for role_id in roles: role_model = CMSRole.query.get(role_id) user.roles.append(role_model) db.session.commit() return xjson.json_success()
def email_captcha(): email = request.args.get('email') if not email: return xjson.json_paramserror('请传递邮箱地址') #生成6位数的随机验证码 source = list(string.ascii_letters) source.extend(map(lambda x:str(x),range(0,10))) captcha = ''.join(random.sample(source,6)) #发送验证码邮件 msg = Message('Aroma的BBS论坛更换邮箱验证码', recipients=[email], body='您的验证码是:{},5分钟内有效'.format(captcha) ) try: mail.send(msg) except Exception as err: print(err) return xjson.json_servererror(message='邮件发送失败') # 验证码存入memcache print(email+'*'*10+captcha) xcache.set(email, captcha) return xjson.json_success(message='邮件发送成功')
def settings(): if request.method == 'GET': return render_template('front/front_settings.html') else: form = SettingsForm(request.form) if form.validate(): username = form.username.data realname = form.realname.data email = form.email.data avatar = form.avatars.data signature = form.signature.data user_model = g.front_user user_model.username = username if realname: user_model.realname = realname if email: user_model.email = email if avatar: user_model.avatars = avatar if signature: user_model.signature = signature db.session.commit() return xjson.json_success() else: return xjson.json_params_error(message=form.get_error())
def aboard(): add_form_board = AddBoardForm(request.form) if add_form_board.validate(): name = add_form_board.name.data board = BoardModel(name=name) db.session.add(board) db.session.commit() return xjson.json_success(message='添加板块成功') else: return xjson.json_params_error(message=add_form_board.get_error())
def dboard(): board_id = request.form.get('board_id') if not board_id: return xjson.json_params_error(message='请传入板块id') board = BoardModel.query.get(board_id) if not board: return xjson.json_params_error(message='没有这个板块') db.session.delete(board) db.session.commit() return xjson.json_success(message='删除板块成功')
def dcomment(): comment_id = request.form.get('comment_id') if not comment_id: return xjson.json_params_error(message='请传入评论id') comment = CommentModel.query.get(comment_id) if not comment: return xjson.json_params_error(message='没有这个评论') db.session.delete(comment) db.session.commit() return xjson.json_success(message='删除评论成功')
def acomment(): add_form_comment = AddCommentForm(request.form) if add_form_comment.validate(): name = add_form_comment.name.data comment = CommentModel(name=name) db.session.add(comment) db.session.commit() return xjson.json_success(message='添加评论成功') else: return xjson.json_param_error(message=add_form_comment.get_error())
def post(self): resetemail_form = RestEmailForm(request.form) if resetemail_form.validate(): email = resetemail_form.email.data g.cms_user.email = email db.session.commit() return xjson.json_success('邮箱修改成功') else: message = resetemail_form.get_errors() return xjson.json_params_error(message)
def post(self): signup_form = SignUpForm(request.form) if signup_form.validate(): username = signup_form.username.data password = signup_form.password1.data user = FrontUser(username=username, password=password) db.session.add(user) db.session.commit() return xjson.json_success('恭喜您,注册成功') else: return xjson.json_params_error(signup_form.get_error())
def dpost(): post_id = request.form.get("post_id") if not post_id: return xjson.json_params_error('请传入帖子id!') post = PostModel.query.get(post_id) if not post: return xjson.json_params_error("没有这篇帖子!") db.session.delete(post) db.session.commit() return xjson.json_success()
def dbanner(): banner_id = request.form.get('banner_id') if not banner_id: return xjson.json_params_error(message='请传入轮播图id!') banner = BannerModel.query.get(banner_id) if not banner: return xjson.json_params_error(message='没有这个轮播图!') db.session.delete(banner) db.session.commit() return xjson.json_success()
def uhpost(): post_id = request.form.get("post_id") if not post_id: return xjson.json_params_error('请传入帖子id!') post = PostModel.query.get(post_id) if not post: return xjson.json_params_error("没有这篇帖子!") highlight = HighlightPostModel.query.filter_by(post_id=post_id).first() db.session.delete(highlight) db.session.commit() return xjson.json_success()
def abanner(): form = AddBannerForm(request.form) if form.validate(): name = form.name.data image_url = form.image_url.data link_url = form.link_url.data priority = form.priority.data banner = BannerModel(name=name,image_url=image_url,link_url=link_url,priority=priority) db.session.add(banner) db.session.commit() return xjson.json_success() else: return xjson.json_params_error(message=form.get_error())
def hpost(): post_id = request.form.get("post_id") if not post_id: return xjson.json_params_error('请传入帖子id!') post = PostModel.query.get(post_id) if not post: return xjson.json_params_error("没有这篇帖子!") highlight = HighlightPostModel() highlight.post = post db.session.add(highlight) db.session.commit() return xjson.json_success()
def uboard(): update_board_form = UpdateBoardForm(request.form) if update_board_form.validate(): board_id = update_board_form.board_id.data name = update_board_form.name.data if board_id: board = BoardModel.query.get(board_id) board.name = name db.session.commit() return xjson.json_success(message='更新成功') else: return xjson.json_params_error(message='板块不存在') else: return xjson.json_params_error(message=update_board_form.get_error())
def black_front_user(): form = CMSBlackFrontUserForm(request.form) if form.validate(): user_id = form.user_id.data is_black = form.is_black.data user = FrontUser.query.get(user_id) if not user: abort(404) user.is_active = not is_black db.session.commit() return xjson.json_success(message="成功移出黑名单") else: return xjson.json_params_error(message=form.get_error())
def ucomment(): update_comment_form = UpdateCommentForm(request.form) if update_comment_form.validate(): comment_id = update_comment_form.comment_id.data name = update_comment_form.name.data if comment_id: comment = CommentModel.query.get(comment_id) comment.name = name db.session.commit() return xjson.json_success(message='更新成功') else: return xjson.json_param_error(message='评论不存在') else: return xjson.json_param_error(message=update_comment_form.get_error())
def add_role(): if request.method == 'GET': permissions = CMSPersmission.PERMISSION_MAP return render_template('cms/cms_addrole.html',permissions=permissions) else: name = request.form.get('name') desc = request.form.get('desc') permissions = request.form.getlist('permissions[]') all_permission = 0 for x in permissions: all_permission |= int(x) role = CMSRole(name=name,desc=desc,permissions=all_permission) db.session.add(role) db.session.commit() return xjson.json_success()
def post(self): resetpwd_form = ResetPwdForm(request.form) if resetpwd_form.validate(): oldpwd = resetpwd_form.oldpwd.data newpwd = resetpwd_form.newpwd.data user = g.cms_user if user.check_password(oldpwd): user.password = newpwd db.session.commit() return xjson.json_success('修改成功') else: return xjson.json_params_error('原密码错误') else: message = resetpwd_form.get_error() return xjson.json_params_error(message)
def post(self): signin_form = SignInForm(request.form) if signin_form.validate(): telephone = signin_form.telephone.data password = signin_form.password.data remember = signin_form.remember.data user = FrontUser.query.filter_by(telephone=telephone).first() if user and user.check_password(password): session[config.FRONT_USER_ID] = user.id if remember: session.premanent = True return xjson.json_success('登陆成功') else: return xjson.json_params_error('手机号或密码错误') else: return xjson.json_params_error(signin_form.get_error())
def post(self): resetpwd_form = ResetPwdForm(request.form) if resetpwd_form.validate(): oldpwd = resetpwd_form.oldpwd.data newpwd = resetpwd_form.newpwd.data user = g.cms_user if user.check_password(oldpwd): user.password = newpwd db.session.commit() #因为接受的是ajax,所以这里使用jsonify返回数据 #返回code字段表示状态码,message信息提示 return xjson.json_success('修改成功') else: return xjson.json_paramserror('原密码错误') else: message = resetpwd_form.errors return xjson.json_paramserror(message.popitem()[1][0])
def add_comment(): add_comment_form = AddCommentForm(request.form) if add_comment_form.validate(): content = add_comment_form.content.data post_id = add_comment_form.post_id.data post = PostModel.query.get(post_id) if post: comment = CommentModel(content=content) comment.post = post comment.author = g.front_user db.session.add(comment) db.session.commit() return xjson.json_success() else: return xjson.json_param_error('没有这篇帖子!') else: return xjson.json_param_error(add_comment_form.get_error())
def sms_captcha(): sms_captcha_form = SmsCaptchaForm(request.form) if sms_captcha_form.validate(): telephone = sms_captcha_form.telephone.data #生成随机的验证,之前图片那里有方法实现了,我们直接调用就行,生成6位的验证码 radom_code = Captcha.gene_text(6) cont = '测试bbs,您的验证码为:%s' % (radom_code) params = {'code': cont} result = send_sms(telephone, params) dict_res = json.loads(result) if dict_res['code'] == 0: xcache.set(telephone,radom_code) #把手机号作为key return xjson.json_success('短信发送成功') else: return xjson.json_server_error('短信发送失败') else: return xjson.json_params_error('参数错误')
def post(self): resetpwd_form = RestPwdForm(request.form) if resetpwd_form.validate(): oldpwd = resetpwd_form.oldpwd.data newpwd = resetpwd_form.newpwd.data user = g.cms_user if user.check_password(oldpwd): user.password = newpwd db.session.commit() # 因为接受的是ajax,所以这里使用jsonify返回数据 # 返回code字段表示状态码,message信息提示 return xjson.json_success("修改成功") else: return xjson.json_params_error("原密码错误") else: message = resetpwd_form.get_errors() return jsonify({"code": 400, "message": message})
def ubanner(): form = UpdateBannerForm(request.form) if form.validate(): banner_id = form.banner_id.data name = form.name.data image_url = form.image_url.data link_url = form.link_url.data priority = form.priority.data banner = BannerModel.query.get(banner_id) if banner: banner.name = name banner.image_url = image_url banner.link_url = link_url banner.priority = priority db.session.commit() return xjson.json_success() else: return xjson.json_params_error(message='没有这个轮播图!') else: return xjson.json_params_error(message=form.get_error())
def apost(): if request.method == 'GET': boards = BoardModel.query.all() return render_template('front/front_apost.html', boards=boards) else: add_post_form = AddPostForm(request.form) if add_post_form.validate(): title = add_post_form.title.data content = add_post_form.content.data board_id = add_post_form.board_id.data board = BoardModel.query.get(board_id) if not board: return xjson.json_param_error(message='没有这个板块') post = PostModel(title=title, content=content) post.board = board post.author = g.front_user db.session.add(post) db.session.commit() return xjson.json_success() else: return xjson.json_param_error(message=add_post_form.get_error())
def edit_role(): if request.method == 'GET': role_id = request.args.get('role_id') role = CMSRole.query.filter_by(id=role_id).first() permissions = CMSPersmission.PERMISSION_MAP context = { 'role': role, 'permissions': permissions } return render_template('cms/cms_addrole.html',**context) else: role_id = request.form.get('role_id') name = request.form.get('name') desc = request.form.get('desc') permissions = request.form.get('permissions[]') role = CMSRole.query.filter_by(id=role_id).first() role.name = name role.desc = desc role.permissions = reduce(lambda x,y:int(x)|int(y),permissions) db.session.commit() return xjson.json_success()
def email_captcha(): #/cms/emai_capthcha/[email protected] email = request.args.get('email') if not email: return xjson.json_params_error('请传递邮件参数!') #生成6位数的随机验证码 source = list(string.ascii_letters) source.extend(map(lambda x: str(x), range(0, 10))) captcha = ''.join(random.sample(source, 6)) #发送邮件 msg = Message('BBS论坛更换邮箱验证码', recipients=[email], body='您的验证码:{},5分钟内有效'.format(captcha)) try: mail.send(msg) except Exception as err: print(err) return xjson.json_server_error(message='邮件发送失败') #验证码存入memcached xcache.set(email, captcha) return xjson.json_success(message='邮件发送成功')