guorui
/
Ruoyi-Flask-admin


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157
							# coding:utf-8
from ..base import base
from ..models import User, Organization, Role
from flask import render_template, request
from flask import g, jsonify
import hashlib
from flask_login import login_user, logout_user, login_required, \
    current_user
from datetime import datetime
from .. import  db
import uuid

@base.route('/login', methods=['GET'])
def login():
    return render_template('login.html')

@base.route('/securityJsp/base/SyuserForm.jsp', methods=['GET'])
def form_user():
    return render_template('user/form.html', id=request.args.get('id', ''))

@base.route('/securityJsp/base/SyuserOrganizationGrant.jsp', methods=['GET'])
def grant_user_organization_page():
    return render_template('user/grant_organization.html', id=request.args.get('id', ''))

@base.route('/securityJsp/base/SyuserRoleGrant.jsp', methods=['GET'])
def grant_user_role_page():
    return render_template('user/grant_role.html', id=request.args.get('id', ''))

@base.route('/base/syuser!grantOrganization.action', methods=['POST'])
def grant_user_organization():
    id = request.form.get('id')
    ids = request.form.get('ids')

    user = User.query.get(id)

    if not ids:
        user.organizations = []
    else:
        idList = ids.split(',')
        user.organizations = [Organization.query.get(rid) for rid in idList]

    db.session.add(user)

    return jsonify({'success': True})

@base.route('/base/syuser!grantRole.action', methods=['POST'])
def grant_user_role():
    id = request.form.get('id')
    ids = request.form.get('ids')

    user = User.query.get(id)

    if not ids:
        user.roles = []
    else:
        idList = ids.split(',')
        user.roles = [Role.query.get(rid) for rid in idList]

    db.session.add(user)

    return jsonify({'success': True})

@base.route('/base/syuser!doNotNeedSessionAndSecurity_logout.action', methods=['POST'])
def do_logout():
    logout_user()
    return jsonify({'success': True})

@base.route('/base/syuser!doNotNeedSessionAndSecurity_login.action', methods=['POST'])
def do_login():
    #检查用户名是否存在
    user = User.query.filter_by(LOGINNAME=request.form['data.loginname']).first()
    
    if user is not None:
        md = hashlib.md5()
        #提交的密码MD5加密
        md.update(request.form['data.pwd'].encode('utf-8'))
        #MD5加密后的内容同数据库密码比较
        if md.hexdigest() == user.PWD:
            login_user(user)
            return jsonify({'success': True, 'msg': ''})
    return jsonify({'success': False, 'msg': 'password error'})

@base.route('/securityJsp/base/Syuser.jsp', methods=['GET'])
def index_user():
    return render_template('user/index.html')

@base.route('/base/syuser!grid.action', methods=['POST'])
def user_grid():
    page = request.form.get('page', 1, type=int)
    rows = request.form.get('rows', 10, type=int)
    pagination = User.query.paginate(
        page, per_page=rows, error_out=False)
    users = pagination.items

    return jsonify([user.to_json() for user in users])

@base.route('/base/syuser!getById.action', methods=['POST'])
def syuser_getById():
    user = User.query.get(request.form.get('id'))

    if user:
        return jsonify(user.to_json())
    else:
        return jsonify({'success': False, 'msg': 'error'})

@base.route('/base/syuser!update.action', methods=['POST'])
def syuser_update():
    id = request.form.get('data.id')
    loginname = request.form.get('data.loginname')
    
    if User.query.filter(User.LOGINNAME == loginname).filter(User.ID != id).first():
        return jsonify({'success': False, 'msg': '更新用户失败，用户名已存在！'})

    user = User.query.get(id)

    user.UPDATEDATETIME = datetime.now()
    user.LOGINNAME = request.form.get('data.loginname')
    user.NAME = request.form.get('data.name')
    user.SEX = request.form.get('data.sex')
    user.PHOTO = request.form.get('data.photo')

    db.session.add(user)

    return jsonify({'success': True, 'msg': '更新成功！'})

@base.route('/base/syuser!save.action', methods=['POST'])
def syuser_save():
    if User.query.filter_by(LOGINNAME = request.form.get('data.loginname')).first():
        return jsonify({'success': False, 'msg': '新建用户失败，用户名已存在！'})

    user = User()

    user.ID = str(uuid.uuid4())

    md = hashlib.md5()
    md.update('123456'.encode('utf-8'))
    user.PWD = md.hexdigest()

    user.NAME = request.form.get('data.name')
    user.LOGINNAME = request.form.get('data.loginname')
    user.SEX = request.form.get('data.sex')
    user.PHOTO = request.form.get('data.photo')

    # add current use to new user
    #current_user.roles.append(user)

    db.session.add(user)

    return jsonify({'success': True, 'msg': '新建用户成功！默认密码：123456'})

@base.route('/base/syuser!delete.action', methods=['POST'])
def syuser_delete():
    user = User.query.get(request.form.get('id'))
    if user:
        db.session.delete(user)

    return jsonify({'success': True})