首页 仓库(发现) 帮助
登录
guorui
/
Ruoyi-Flask-admin
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: 54d903c3b8
分支列表 标签列表
Ruoyi-Flask-adm...
/
app
/
routes
/
user.py

user.py 11 KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303 
  1. # coding:utf-8
    2. 

  2. from ..base import base
    3. 

  3. from ..models import User, Organization, Role, OnLine
    4. 

  4. from flask import render_template, request
    5. 

  5. from flask import g, jsonify
    6. 

  6. import hashlib
    7. 

  7. from flask_login import login_user, logout_user, login_required, \
    8. 

  8.     current_user
    9. 

  9. from datetime import datetime
    10. 

  10. from .. import  db
    11. 

  11. import uuid
    12. 

  12. from sqlalchemy import asc, true
    13. 

  13. from sqlalchemy import desc
    14. 

  14. import flask_excel as excel
    15. 

  15. from .. import permission
    16. 

  16. 

  17. @base.route('/system/user/authRole', methods=['PUT'])
    18. 

  18. @login_required
    19. 

  19. @permission('system:role:edit')
    20. 

  20. def grant_user_role():
    21. 

  21.     id = request.args['userId']
    22. 

  22.     ids = request.args['roleIds']
    23. 

  23. 

  24.     user = User.query.get(id)
    25. 

  25. 

  26.     if not ids:
    27. 

  27.         user.roles = []
    28. 

  28.     else:
    29. 

  29.         idList = ids.split(',')
    30. 

  30.         user.roles = [Role.query.get(rid) for rid in idList]
    31. 

  31. 

  32.     db.session.add(user)
    33. 

  33. 

  34.     return jsonify({'code': 200, 'msg': '操作成功'})
    35. 

  35. 

  36. @login_required
    37. 

  37. def record_login_history(type):
    38. 

  38.     online = OnLine()
    39. 

  39.     online.ID = str(uuid.uuid4())
    40. 

  40.     online.LOGINNAME = current_user.LOGINNAME
    41. 

  41.     online.IP = request.remote_addr
    42. 

  42.     online.TYPE = type
    43. 

  43.     db.session.add(online)
    44. 

  44. 

  45. @base.route('/logout', methods=['POST'])
    46. 

  46. @login_required
    47. 

  47. def do_logout():
    48. 

  48.     record_login_history(0)
    49. 

  49.     logout_user()
    50. 

  50.     return jsonify({'success': True})
    51. 

  51. 

  52. @base.route('/login', methods=['POST'])
    53. 

  53. def do_login():
    54. 

  54.     #检查用户名是否存在
    55. 

  55.     user = User.query.filter_by(LOGINNAME=request.json['username']).first()
    56. 

  56.     
    57. 

  57.     if user is not None:
    58. 

  58.         md = hashlib.md5()
    59. 

  59.         #提交的密码MD5加密
    60. 

  60.         md.update(request.json['password'].encode('utf-8'))
    61. 

  61.         #MD5加密后的内容同数据库密码比较
    62. 

  62.         if md.hexdigest() == user.PWD:
    63. 

  63.             login_user(user)
    64. 

  64.             record_login_history(1)
    65. 

  65.             return jsonify({'msg': '登录成功~', 'code': 200, 'url': '/', 'token': str(uuid.uuid4())})
    66. 

  66.     return jsonify({'msg': '登录失败,账号密码错误~', 'code': 500})
    67. 

  67. 

  68. @base.route('/system/user/list', methods=['GET'])
    69. 

  69. @login_required
    70. 

  70. @permission('system:user:list')
    71. 

  71. def user_grid():
    72. 

  72.     filters = []
    73. 

  73.     if 'userName' in request.args:
    74. 

  74.         filters.append(User.LOGINNAME.like('%' + request.args['userName'] + '%'))
    75. 

  75.     if 'phonenumber' in request.args:
    76. 

  76.         filters.append(User.PHONENUMBER.like('%' + request.args['phonenumber'] + '%'))
    77. 

  77.     if 'params[beginTime]' in request.args and 'params[endTime]' in request.args:
    78. 

  78.         filters.append(User.CREATEDATETIME >  request.args['params[beginTime]'])
    79. 

  79.         filters.append(User.CREATEDATETIME <  request.args['params[endTime]'])
    80. 

  80. 

  81.     order_by = []
    82. 

  82.     if request.form.get('sort'):
    83. 

  83.         if request.form.get('order') == 'asc':
    84. 

  84.             order_by.append(asc(getattr(User,request.form.get('sort').upper())))
    85. 

  85.         elif request.form.get('order') == 'desc':
    86. 

  86.             order_by.append(desc(getattr(User,request.form.get('sort').upper())))
    87. 

  87.         else:
    88. 

  88.             order_by.append(getattr(User,request.form.get('sort').upper()))
    89. 

  89. 

  90.     page = request.args.get('pageNum', 1, type=int)
    91. 

  91.     rows = request.args.get('pageSize', 10, type=int)
    92. 

  92.     pagination = User.query.filter(*filters).order_by(*order_by).paginate(
    93. 

  93.         page=page, per_page=rows, error_out=False)
    94. 

  94.     users = pagination.items
    95. 

  95. 

  96.     return jsonify({'rows': [user.to_json() for user in users], 'total': pagination.total, 'code': 200, 'msg': '查询成功'})
    97. 

  97. 

  98. @base.route('/system/user/', methods=['GET'])
    99. 

  99. @login_required
    100. 

  100. def syuser_get():
    101. 

  101.     json = {'code': 200, 'msg': ''}
    102. 

  102.     json['roles'] = [role.to_json() for role in Role.query.all()]
    103. 

  103.     json['posts'] = []
    104. 

  104.     return jsonify(json)
    105. 

  105. 

  106. @base.route('/system/user/<id>', methods=['GET'])
    107. 

  107. @login_required
    108. 

  108. @permission('system:user:query')
    109. 

  109. def syuser_getById(id):
    110. 

  110.     user = User.query.get(id)
    111. 

  111. 

  112.     if user:
    113. 

  113.         json = {'code': 200, 'msg': '', 'data': user.to_json()}
    114. 

  114.         if len(user.roles.all()) > 0:
    115. 

  115.             json['roles'] = [role.to_json() for role in user.roles]
    116. 

  116.             json['roleIds'] = [role.ID for role in user.roles]
    117. 

  117. 

  118.         return jsonify(json)
    119. 

  119.     else:
    120. 

  120.         return jsonify({'success': False, 'msg': 'error'})
    121. 

  121. 

  122. @base.route('/system/user', methods=['PUT'])
    123. 

  123. @login_required
    124. 

  124. @permission('system:user:edit')
    125. 

  125. def syuser_update():
    126. 

  126.     id = request.json['userId']
    127. 

  127.     userName = request.json['userName']
    128. 

  128.     
    129. 

  129.     # if User.query.filter(User.LOGINNAME == loginname).filter(User.ID != id).first():
    130. 

  130.     #     return jsonify({'code': 201, 'msg': '更新用户失败,用户名已存在!'})
    131. 

  131. 

  132.     user = User.query.get(id)
    133. 

  133. 

  134.     user.UPDATEDATETIME = datetime.now()
    135. 

  135.     if 'nickName' in request.json: user.NAME = request.json['nickName'] 
    136. 

  136.     if 'sex' in request.json: user.SEX = request.json['sex']
    137. 

  137.     if 'email' in request.json: user.EMAIL = request.json['email']
    138. 

  138.     if 'phonenumber' in request.json: user.PHONENUMBER = request.json['phonenumber']
    139. 

  139.     if 'deptId' in request.json: user.organizations = Organization.query.filter(Organization.ID == request.json['deptId']).all()
    140. 

  140.     if 'roleIds' in request.json:
    141. 

  141.         user.roles = [Role.query.get(roleId) for roleId in request.json['roleIds']]
    142. 

  142. 

  143.     db.session.add(user)
    144. 

  144. 

  145.     return jsonify({'code': 200, 'msg': '更新成功!'})
    146. 

  146. 

  147. @base.route('/system/user', methods=['POST'])
    148. 

  148. @login_required
    149. 

  149. @permission('system:user:add')
    150. 

  150. def syuser_save():
    151. 

  151.     if User.query.filter_by(LOGINNAME = request.json['userName']).first():
    152. 

  152.         return jsonify({'success': False, 'msg': '新建用户失败,用户名已存在!'})
    153. 

  153. 

  154.     user = User()
    155. 

  155. 

  156.     user.ID = str(uuid.uuid4())
    157. 

  157. 

  158.     md = hashlib.md5()
    159. 

  159.     md.update(request.json['password'].encode('utf-8'))
    160. 

  160.     user.PWD = md.hexdigest()
    161. 

  161. 

  162.     with db.session.no_autoflush:
    163. 

  163.         if 'nickName' in request.json: user.NAME = request.json['nickName'] 
    164. 

  164.         if 'sex' in request.json: user.SEX = request.json['sex']
    165. 

  165.         if 'email' in request.json: user.EMAIL = request.json['email']
    166. 

  166.         if 'phonenumber' in request.json: user.PHONENUMBER = request.json['phonenumber']
    167. 

  167.         if 'deptId' in request.json: user.organizations = Organization.query.filter(Organization.ID == request.json['deptId']).all()
    168. 

  168.         if 'roleIds' in request.json:
    169. 

  169.             user.roles = [Role.query.get(roleId) for roleId in request.json['roleIds']]
    170. 

  170. 

  171.         user.LOGINNAME = request.json['userName']
    172. 

  172. 

  173.         # add current use to new user
    174. 

  174.         #current_user.roles.append(user)
    175. 

  175. 

  176.         db.session.add(user)
    177. 

  177. 

  178.     return jsonify({'code': 200, 'msg': '新建用户成功!'})
    179. 

  179. 

  180. @base.route('/system/user/<id>', methods=['DELETE'])
    181. 

  181. @login_required
    182. 

  182. @permission('system:user:remove')
    183. 

  183. def syuser_delete(id):
    184. 

  184.     user = User.query.get(id)
    185. 

  185.     if user:
    186. 

  186.         db.session.delete(user)
    187. 

  187. 

  188.     return jsonify({'code': 200, 'msg': '删除成功'})
    189. 

  189. 

  190. @base.route('/system/user/profile/updatePwd', methods=['PUT']) 
    191. 

  191. @login_required
    192. 

  192. def syuser_update_pwd():
    193. 

  193.     user = User.query.get(current_user.ID)
    194. 

  194. 

  195.     if user:
    196. 

  196.         md = hashlib.md5()
    197. 

  197.         #提交的密码MD5加密
    198. 

  198.         md.update(request.args.get('oldPassword').encode('utf-8'))
    199. 

  199.         #MD5加密后的内容同数据库密码比较
    200. 

  200.         if md.hexdigest() != user.PWD:
    201. 

  201.             return jsonify({'code': 400, 'msg': '旧密码错误'})
    202. 

  202. 

  203.         md = hashlib.md5()
    204. 

  204.         md.update(request.args.get('newPassword').encode('utf-8'))
    205. 

  205.         user.PWD = md.hexdigest()
    206. 

  206.         db.session.add(user)
    207. 

  207.     return jsonify({'code': 200, 'msg': '修改成功'})
    208. 

  208. 

  209. @base.route('/getInfo', methods=['GET'])
    210. 

  210. @login_required
    211. 

  211. def syuser_info():
    212. 

  212.     resources = []
    213. 

  213.     resourceTree = []
    214. 

  214. 

  215.     resources += [res for org in current_user.organizations for res in org.resources if org.resources]
    216. 

  216.     resources += [res for role in current_user.roles for res in role.resources if role.resources]
    217. 

  217.     
    218. 

  218.     # remove repeat
    219. 

  219.     new_dict = dict()
    220. 

  220.     for obj in resources:
    221. 

  221.         if obj.ID not in new_dict:
    222. 

  222.             new_dict[obj.ID] = obj
    223. 

  223. 

  224.     for resource in new_dict.values():
    225. 

  225.         resourceTree.append(resource.PERMS)
    226. 

  226. 

  227.     return jsonify({'msg': '登录成功~', 'code': 200, \
    228. 

  228.         'user': {'userName': current_user.LOGINNAME, 'avatar': '', 'nickName': current_user.NAME, 'userId': current_user.ID}, \
    229. 

  229.         'roles': [role.NAME for role in current_user.roles], 'permissions': resourceTree})
    230. 

  230. 

  231. @base.route('/system/user/profile', methods=['GET'])
    232. 

  232. @login_required
    233. 

  233. def syuser_profile():
    234. 

  234.      return jsonify({'msg': '操作成功', 'code': 200, \
    235. 

  235.         'data': current_user.to_json(), \
    236. 

  236.         'postGroup': current_user.organizations[0].NAME if len(current_user.organizations) > 0 else '', \
    237. 

  237.         'roleGroup': [role.NAME for role in current_user.roles]})
    238. 

  238. 

  239. @base.route('/system/user/profile', methods=['PUT'])
    240. 

  240. @login_required
    241. 

  241. def syuser_update_profile():
    242. 

  242.     id = request.json['userId']
    243. 

  243.     userName = request.json['userName']
    244. 

  244.     user = User.query.get(id)
    245. 

  245. 

  246.     user.UPDATEDATETIME = datetime.now()
    247. 

  247.     if 'nickName' in request.json: user.NAME = request.json['nickName'] 
    248. 

  248.     if 'sex' in request.json: user.SEX = request.json['sex']
    249. 

  249.     if 'email' in request.json: user.EMAIL = request.json['email']
    250. 

  250.     if 'phonenumber' in request.json: user.PHONENUMBER = request.json['phonenumber']
    251. 

  251. 

  252.     db.session.add(user)
    253. 

  253. 

  254.     return jsonify({'code': 200, 'msg': '更新成功!'})
    255. 

  255. 

  256. @base.route('/system/user/authRole/<id>', methods=['GET'])
    257. 

  257. @login_required
    258. 

  258. def syuser_auth_role(id):
    259. 

  259.     user = User.query.get(id)
    260. 

  260.     userRoles = [role for role in user.roles]
    261. 

  261.     allRoles = Role.query.all()
    262. 

  262.     for allRole in allRoles:
    263. 

  263.         for userRole in userRoles:
    264. 

  264.             if userRole.ID == allRole.ID:
    265. 

  265.                 allRole.flag = True
    266. 

  266. 

  267.     return jsonify({'code': 200, 'msg': '操作成功', 'roles': [role.to_json() for role in allRoles], 'user': user.to_json()})
    268. 

  268. 

  269. @base.route('/base/syuser/export', methods=['POST'])
    270. 

  270. @login_required
    271. 

  271. def user_export():
    272. 

  272.     rows = []
    273. 

  273.     rows.append(['登录名', '姓名', '创建时间', '修改时间', '性别'])
    274. 

  274. 

  275.     users = User.query.all()
    276. 

  276.     for user in users:
    277. 

  277.         row = []
    278. 

  278.         row.append(user.LOGINNAME)
    279. 

  279.         row.append(user.NAME)
    280. 

  280.         row.append(user.CREATEDATETIME)
    281. 

  281.         row.append(user.UPDATEDATETIME)
    282. 

  282.         if user.SEX == '0':
    283. 

  283.             row.append('女')
    284. 

  284.         elif user.SEX == '1':
    285. 

  285.             row.append('男')
    286. 

  286.         rows.append(row)
    287. 

  287. 

  288.     return excel.make_response_from_array(rows, "csv",
    289. 

  289.                                           file_name="user")
    290. 

  290. 

  291. 

  292. @base.route('/system/user/changeStatus', methods=['PUT'])
    293. 

  293. @login_required
    294. 

  294. @permission('system:user:edit')
    295. 

  295. def syuser_status_update():
    296. 

  296.     user = User.query.get(request.json['userId'])
    297. 

  297. 

  298.     if 'status' in request.json: user.STATUS = request.json['status']
    299. 

  299. 

  300.     db.session.add(user)
    301. 

  301. 

  302.     return jsonify({'code': 200, 'msg': '操作成功'})
    303. 

  303.