wushaodong
/
decorate


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172
							#coding=utf-8
import traceback
from django.db.models import Q
from rest_framework.decorators import action
from django.db import transaction
from rest_framework.views import APIView
from rest_framework.serializers import ValidationError
from utils.permission import permission_required, isLogin
from django.contrib.auth.models import Group, Permission
from rest_framework_jwt.views import ObtainJSONWebToken,VerifyJSONWebToken,RefreshJSONWebToken
from utils import response_error, response_ok
from django.contrib.auth import get_user_model
User = get_user_model()
from apps.account.serializers import JWTSerializer, EmployeeSerializer, GroupDictSerializer, GroupSerializer
from utils.custom_modelviewset import CustomModelViewSet
from apps.account.filters import UserFilter, GroupFilter
from apps.account.models import ManageStoreUser
from apps.log.models import BizLog
from apps.account.consts import PermissionMenu
from collections import OrderedDict

class LoginView(ObtainJSONWebToken):
    serializer_class = JWTSerializer

    def post(self, request, *args, **kwargs):
        try:
            ser = self.serializer_class(data=request.data)
            ser.request = request
            if ser.is_valid(raise_exception=True):
                return response_ok(ser.validated_data)
        except ValidationError as e:
            return response_error(e.detail['error'][0])

class RefreshTokenView(RefreshJSONWebToken):
    def post(self, request, *args, **kwargs):
        try:
            ser = self.serializer_class(data=request.data)
            if ser.is_valid(raise_exception=True):
                return response_ok({'token': ser.validated_data['token']})
        except ValidationError as e:
            return response_error(u'登录状态失效，请重新登录')

class EmployeeViewSet(CustomModelViewSet):
    permission_classes = [isLogin, ]
    queryset = User.objects.filter()
    serializer_class = EmployeeSerializer

    @permission_required('account.browse_user')
    def filter_queryset(self, queryset):
        queryset = queryset.filter()
        user = self.request.user
        queryset = queryset.filter(
            Q(store_id__in=self.request.user.get_manager_range()) |
            Q(id=user.id) |
            Q(create_user=user))

        f = UserFilter(self.request.GET, queryset=queryset)
        return f.qs

    @permission_required('account.add_user')
    def perform_create(self, serializer):
        super(EmployeeViewSet, self).perform_create(serializer)
        instance = serializer.instance
        validated_data = serializer.validated_data
        BizLog.objects.addnew(self.request.user, BizLog.INSERT,
                              u'添加用户[%s]，id=%d' % (instance.name, instance.id), validated_data)

    @permission_required('account.add_user')
    def perform_update(self, serializer):
        super(EmployeeViewSet, self).perform_update(serializer)
        instance = serializer.instance
        validated_data = serializer.validated_data
        BizLog.objects.addnew(self.request.user, BizLog.UPDATE,
                              u'修改用户[%s]，id=%d' % (instance.name, instance.id), validated_data)

    @permission_required('account.delete_user')
    def perform_destroy(self, instance):
        ManageStoreUser.objects.filter(manage_user=instance).delete()
        BizLog.objects.filter(user=instance).delete()
        BizLog.objects.addnew(self.request.user, BizLog.DELETE,
                              u'删除账号[%s]，id=%d' % (instance.username, instance.id))
        super(EmployeeViewSet, self).perform_destroy(instance)

    @action(methods=['post'], detail=True)
    def branch(self, request, pk):
        data = request.POST.get('managers')
        try:
            with transaction.atomic():
                ManageStoreUser.objects.filter(manage_user_id=pk).delete()
                rows = data.split(',')
                for row in rows:
                    branch = row.split('_')[1]
                    ManageStoreUser.objects.create(store_id=branch,manage_user_id=pk)
            return response_ok()
        except Exception as e:
            traceback.print_exc()
            return response_error(u'保存失败')

class GroupsViewSet(CustomModelViewSet):
    permission_classes = [isLogin, ]
    queryset = Group.objects.filter()
    serializer_class = GroupSerializer

    @permission_required('account.manager_permissions')
    def filter_queryset(self, queryset):
        if not self.request.user.is_superuser:
            groups =  self.request.user.groups.all()
            queryset =queryset.filter(id__in=[g.id for g in groups])
        f = GroupFilter(self.request.GET, queryset=queryset)
        return f.qs

    @permission_required('account.manager_permissions')
    def perform_create(self, serializer):
        super(GroupsViewSet, self).perform_create(serializer)
        instance = serializer.instance
        validated_data = serializer.validated_data
        BizLog.objects.addnew(self.request.user, BizLog.INSERT,
                              u'添加权限组[%s]，id=%d' % (instance.name, instance.id), validated_data)

    @permission_required('account.manager_permissions')
    def perform_update(self, serializer):
        super(GroupsViewSet, self).perform_update(serializer)
        instance = serializer.instance
        validated_data = serializer.validated_data
        BizLog.objects.addnew(self.request.user, BizLog.UPDATE,
                              u'修改权限组[%s]，id=%d' % (instance.name, instance.id), validated_data)

    @permission_required('account.manager_permissions')
    def destroy(self, request, *args, **kwargs):
        with transaction.atomic():
            instance = self.get_object()
            # user_count = instance.user_set.all().count()
            # if user_count:
            #     raise CustomError(u'该权限组已分配给用户，禁止删除！')

            BizLog.objects.addnew(self.request.user, BizLog.UPDATE,
                                  u'删除权限组[%s]，id=%d' % (instance.name, instance.id))
            instance.delete()
        return response_ok()

class PermissionsListView(APIView):
    permission_classes = [isLogin, ]

    def get(self, request):
        rows = Permission.objects.all().exclude(name__startswith='Can')
        perms_menus = PermissionMenu()
        rows = perms_menus.sort_perms(rows)
        menus = OrderedDict()
        for row in rows:
            item = {'id': row.id, 'name': row.name}
            mn = perms_menus.get_menuname_of_contenttype(row.content_type.app_label, row.content_type.model)
            if mn in menus:
                permissions = menus[mn]
            else:
                permissions = menus[mn] = OrderedDict()
            if row.content_type.name in permissions:
                if not item in permissions[row.content_type.name]:
                    permissions[row.content_type.name].append(item)
            else:
                permissions[row.content_type.name] = [item, ]
        return response_ok(menus)

class PermissionDictView(APIView):
    permission_classes = [isLogin, ]
    def get(self, request):
        rows = Group.objects.filter()
        print()
        if not request.user.is_superuser:
            groups = request.user.groups.all()
            rows =rows.filter(id__in=[g.id for g in groups])
        serializer = GroupDictSerializer(rows, many=True)
        return response_ok(serializer.data)