diff --git a/test_client/src/api/user.js b/test_client/src/api/user.js
index a72fe94..e27ac2e 100644
--- a/test_client/src/api/user.js
+++ b/test_client/src/api/user.js
@@ -64,4 +64,12 @@ export function deleteUser(id, data) {
})
}
+export function changePassword(data) {
+ return request({
+ url: '/rbac/user/password/',
+ method: 'put',
+ data
+ })
+}
+
diff --git a/test_client/src/layout/components/Navbar.vue b/test_client/src/layout/components/Navbar.vue
index e8a4fac..7ec580c 100644
--- a/test_client/src/layout/components/Navbar.vue
+++ b/test_client/src/layout/components/Navbar.vue
@@ -16,6 +16,11 @@
首页
+
+
+ 修改密码
+
+
@@ -32,7 +32,7 @@
- 证书查询
+ 成绩报告单查询
diff --git a/test_mini/project.config.json b/test_mini/project.config.json
index 3f8eef0..631541b 100644
--- a/test_mini/project.config.json
+++ b/test_mini/project.config.json
@@ -18,15 +18,15 @@
"checkInvalidKey": true,
"checkSiteMap": true,
"uploadWithSourceMap": true,
- "compileHotReLoad": false,
"babelSetting": {
"ignore": [],
"disablePlugins": [],
"outputPath": ""
},
- "useIsolateContext": true,
- "useCompilerModule": true,
- "userConfirmedUseCompilerModuleSwitch": false
+ "useCompilerModule": false,
+ "userConfirmedUseCompilerModuleSwitch": false,
+ "compileHotReLoad": false,
+ "useIsolateContext": true
},
"compileType": "miniprogram",
"libVersion": "2.10.3",
diff --git a/test_server/crm/migrations/0020_consumer_create_admin.py b/test_server/crm/migrations/0020_consumer_create_admin.py
new file mode 100644
index 0000000..d8694d9
--- /dev/null
+++ b/test_server/crm/migrations/0020_consumer_create_admin.py
@@ -0,0 +1,21 @@
+# Generated by Django 3.0.4 on 2020-08-10 03:51
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+ ('crm', '0019_auto_20200802_0931'),
+ ]
+
+ operations = [
+ migrations.AddField(
+ model_name='consumer',
+ name='create_admin',
+ field=models.ForeignKey(default=1, on_delete=django.db.models.deletion.DO_NOTHING, to=settings.AUTH_USER_MODEL),
+ ),
+ ]
diff --git a/test_server/crm/models.py b/test_server/crm/models.py
index 0027b2c..f95a7a4 100644
--- a/test_server/crm/models.py
+++ b/test_server/crm/models.py
@@ -1,6 +1,6 @@
from django.db import models
import django.utils.timezone as timezone
-from rbac.models import SoftCommonModel, CommonModel
+from rbac.models import SoftCommonModel, CommonModel, UserProfile
from question.models import Questioncat, Question
from examtest.models_paper import WorkScope
from django.contrib.postgres.fields import JSONField
@@ -71,6 +71,8 @@ class Consumer(CommonModel):
ID_number = models.CharField('身份证号', max_length=100, null=True, blank=True)
realname = models.CharField('真实姓名', max_length=100, null=True, blank=True)
+ create_admin = models.ForeignKey(UserProfile, default=1, on_delete=models.DO_NOTHING)
+
class Meta:
verbose_name = '客户'
diff --git a/test_server/crm/views.py b/test_server/crm/views.py
index a634e80..d93136b 100644
--- a/test_server/crm/views.py
+++ b/test_server/crm/views.py
@@ -123,7 +123,9 @@ class ConsumerViewSet(ModelViewSet):
def get_queryset(self):
queryset = self.queryset
- queryset = self.get_serializer_class().setup_eager_loading(queryset)
+ queryset = self.get_serializer_class().setup_eager_loading(queryset)
+ if not self.request.user.is_superuser:
+ queryset = queryset.filter(create_admin = self.request.user)
return queryset
def create(self, request, *args, **kwargs):
diff --git a/test_server/examtest/views.py b/test_server/examtest/views.py
index 94fb73a..dc1236d 100644
--- a/test_server/examtest/views.py
+++ b/test_server/examtest/views.py
@@ -219,7 +219,7 @@ class ExamTestViewSet(ModelViewSet):
"""
考试记录列表和详情
"""
- perms_map = [{'get': 'examtest_list'},{'post': '*'}]
+ perms_map = [{'get': 'examtest_view'},{'post': '*'}]
pagination_class = CommonPagination
queryset = ExamTest.objects.filter(is_delete=0).all()
serializer_class = ExamTestListSerializer
@@ -244,6 +244,8 @@ class ExamTestViewSet(ModelViewSet):
queryset = queryset.filter(start_time__gte=self.request.query_params['start'] )
if self.request.query_params.get('end'):
queryset = queryset.filter(start_time__lte=self.request.query_params['end'])
+ if not self.request.user.is_superuser:
+ queryset = queryset.filter(consumer__create_admin = self.request.user)
return queryset
@action(methods=['get'], detail=False,url_path='self', url_name='selftest', perms_map = [{'*':'my_examtest'}])
def selftest(self, request, pk=None):
diff --git a/test_server/rbac/views/user.py b/test_server/rbac/views/user.py
index afc334b..8955510 100644
--- a/test_server/rbac/views/user.py
+++ b/test_server/rbac/views/user.py
@@ -65,13 +65,13 @@ class UserViewSet(ModelViewSet):
"""
perms_map = ({'get': 'user_list'}, {'post': 'user_create'}, {'put': 'user_update'},
{'delete': 'user_delete'})
- queryset = UserProfile.objects.filter(is_delete=0).all().order_by('-id')
+ queryset = UserProfile.objects.filter(is_delete=0).all()
serializer_class = UserListSerializer
pagination_class = CommonPagination
# filter_backends = (DjangoFilterBackend, SearchFilter, OrderingFilter)
filter_fields = ('is_active',)
# search_fields = ('username', 'name', 'mobile', 'email')
- ordering_fields = ('-id',)
+ ordering_fields = ('id',)
# authentication_classes = (JSONWebTokenAuthentication,)
# permission_classes = (RbacPermission,IsAuthenticated)
@@ -107,38 +107,30 @@ class UserViewSet(ModelViewSet):
if password:
request.data['password'] = make_password(password)
else:
- request.data['password'] = make_password('0000')
+ request.data['password'] = make_password('fs0000')
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
self.perform_create(serializer)
headers = self.get_success_headers(serializer.data)
return Response(serializer.data, headers=headers)
- @action(methods=['post'], detail=True, permission_classes=[IsAuthenticated],
- url_path='change_passwd', url_name='change_passwd')
- def set_password(self, request, pk=None):
- perms = UserInfoView.get_permission_from_role(request)
- user = UserProfile.objects.get(id=pk)
- if 'admin' in perms or 'user_all' in perms or request.user.is_superuser:
+ @action(methods=['put'], detail=False, permission_classes=[IsAuthenticated], # perms_map={'put':'change_password'}
+ url_name='change_password')
+ def password(self, request, pk=None):
+ """
+ 修改密码
+ """
+ user = request.user
+ old_password = request.data['old_password']
+ if check_password(old_password, user.password):
new_password1 = request.data['new_password1']
new_password2 = request.data['new_password2']
if new_password1 == new_password2:
user.set_password(new_password2)
user.save()
- return Response({"detail": '密码修改成功!'})
+ return Response('密码修改成功!')
else:
- return Response({"error": '新密码两次输入不一致!'})
+ return Response({'error': '新密码两次输入不一致!'})
else:
- old_password = request.data['old_password']
- if check_password(old_password, user.password):
- new_password1 = request.data['new_password1']
- new_password2 = request.data['new_password2']
- if new_password1 == new_password2:
- user.set_password(new_password2)
- user.save()
- return Response({"error": '密码修改成功!'})
- else:
- return Response({"error": '新密码两次输入不一致!'})
- else:
- return Response({"error": '旧密码错误!'})
+ return Response({'error':'旧密码错误!'})
diff --git a/test_server/utils/response.py b/test_server/utils/response.py
index 9fdac67..13f8553 100644
--- a/test_server/utils/response.py
+++ b/test_server/utils/response.py
@@ -45,7 +45,7 @@ class FitJSONRenderer(JSONRenderer):
response = renderer_context.get("response")
response_body.code = response.status_code
if response_body.code >= 400: # drf异常
- response_body.msg = response.data
+ response_body.msg = data['detail'] if 'detail' in data else data
elif data and 'error' in data and data['error']:# 自传异常,key为error
response_body.code = data.get("code",400)
response_body.msg = data.get("error", "")