# coding:utf-8
from ..base import base
from ..models import User, Organization, Role
from flask import render_template, request
from flask import g, jsonify
import hashlib
from flask_login import login_user, logout_user, login_required, \
current_user
from datetime import datetime
from .. import db
import uuid
@base.route('/login', methods=['GET'])
def login():
return render_template('login.html')
@base.route('/securityJsp/base/SyuserForm.jsp', methods=['GET'])
def form_user():
return render_template('user/form.html', id=request.args.get('id', ''))
@base.route('/securityJsp/base/SyuserOrganizationGrant.jsp', methods=['GET'])
def grant_user_organization_page():
return render_template('user/grant_organization.html', id=request.args.get('id', ''))
@base.route('/securityJsp/base/SyuserRoleGrant.jsp', methods=['GET'])
def grant_user_role_page():
return render_template('user/grant_role.html', id=request.args.get('id', ''))
@base.route('/base/syuser!grantOrganization.action', methods=['POST'])
def grant_user_organization():
id = request.form.get('id')
ids = request.form.get('ids')
user = User.query.get(id)
if not ids:
user.organizations = []
else:
idList = ids.split(',')
user.organizations = [Organization.query.get(rid) for rid in idList]
db.session.add(user)
return jsonify({'success': True})
@base.route('/base/syuser!grantRole.action', methods=['POST'])
def grant_user_role():
id = request.form.get('id')
ids = request.form.get('ids')
user = User.query.get(id)
if not ids:
user.roles = []
else:
idList = ids.split(',')
user.roles = [Role.query.get(rid) for rid in idList]
db.session.add(user)
return jsonify({'success': True})
@base.route('/base/syuser!doNotNeedSessionAndSecurity_login.action', methods=['POST'])
def do_login():
#检查用户名是否存在
user = User.query.filter_by(LOGINNAME=request.form['data.loginname']).first()
if user is not None:
md = hashlib.md5()
#提交的密码MD5加密
md.update(request.form['data.pwd'])
#MD5加密后的内容同数据库密码比较
if md.hexdigest() == user.PWD:
login_user(user)
return jsonify({'success': True, 'msg': ''})
return jsonify({'success': False, 'msg': 'password error'})
@base.route('/securityJsp/base/Syuser.jsp', methods=['GET'])
def index_user():
return render_template('user/index.html')
@base.route('/base/syuser!grid.action', methods=['POST'])
def user_grid():
page = request.form.get('page', 1, type=int)
rows = request.form.get('rows', 10, type=int)
pagination = User.query.paginate(
page, per_page=rows, error_out=False)
users = pagination.items
return jsonify([user.to_json() for user in users])
@base.route('/base/syuser!getById.action', methods=['POST'])
def syuser_getById():
user = User.query.get(request.form.get('id'))
if user:
return jsonify(user.to_json())
else:
return jsonify({'success': False, 'msg': 'error'})
@base.route('/base/syuser!update.action', methods=['POST'])
def syuser_update():
id = request.form.get('data.id')
loginname = request.form.get('data.loginname')
if User.query.filter(User.LOGINNAME == loginname).filter(User.ID != id).first():
return jsonify({'success': False, 'msg': '更新用户失败,用户名已存在!'})
user = User.query.get(id)
user.UPDATEDATETIME = datetime.now()
user.LOGINNAME = request.form.get('data.loginname')
user.NAME = request.form.get('data.name')
user.SEX = request.form.get('data.sex')
user.PHOTO = request.form.get('data.photo')
db.session.add(user)
return jsonify({'success': True, 'msg': '更新成功!'})
@base.route('/base/syuser!save.action', methods=['POST'])
def syuser_save():
if User.query.filter_by(LOGINNAME = request.form.get('data.loginname')).first():
return jsonify({'success': False, 'msg': '新建用户失败,用户名已存在!'})
user = User()
user.ID = uuid.uuid4()
md = hashlib.md5()
md.update('123456')
user.PWD = md.hexdigest()
user.NAME = request.form.get('data.name')
user.LOGINNAME = request.form.get('data.loginname')
user.SEX = request.form.get('data.sex')
user.PHOTO = request.form.get('data.photo')
# add current use to new user
#current_user.roles.append(user)
db.session.add(user)
return jsonify({'success': True, 'msg': '新建用户成功!默认密码:123456'})
@base.route('/base/syuser!delete.action', methods=['POST'])
def syuser_delete():
user = User.query.get(request.form.get('id'))
if user:
db.session.delete(user)
return jsonify({'success': True})