from rest_framework.filters import SearchFilter, OrderingFilter from rest_framework.permissions import IsAuthenticated from rest_framework.views import APIView from rest_framework.viewsets import ModelViewSet from rest_framework.response import Response from rest_framework.permissions import IsAuthenticated from rest_framework.decorators import action from rest_framework import status from django_filters.rest_framework import DjangoFilterBackend from openpyxl import Workbook, load_workbook import requests from rest_framework_jwt.serializers import jwt_encode_handler, jwt_payload_handler import json from utils.custom import CommonPagination from rbac.permission import RbacPermission from .models import Company, Consumer, PaySubject from .serializers import CompanySerializer, ConsumerSerializer, ConsumerCUSerializer from server import settings from question.models import Questioncat appid = 'wx5c39b569f01c27db' secret = '68762892f8df2b4a0b1940c5250a8dc0' class CompanyViewSet(ModelViewSet): """ 客户企业:增删改查 """ perms_map = ( {'*': 'admin'}, {'*': 'company_all'}, {'get': 'company_list'}, {'post': 'company_create'}, {'put': 'company_update'}, {'delete': 'company_delete'}) queryset = Company.objects.filter(is_delete=0).all() serializer_class = CompanySerializer pagination_class = None #不分页 filter_backends = [DjangoFilterBackend,SearchFilter, OrderingFilter] search_fields = ('^name',) ordering_fields = ('id',) ordering = ['-id'] def check_permissions(self, request): """ Check if the request should be permitted. Raises an appropriate exception if the request is not permitted. """ if request.method == 'GET': pass else: for permission in self.get_permissions(): if not permission.has_permission(request, self): self.permission_denied( request, message=getattr(permission, 'message', None) ) def destroy(self, request, *args, **kwargs): #逻辑删除 instance = self.get_object() # self.perform_destroy(instance) instance.is_delete = True instance.save() return Response(status=status.HTTP_204_NO_CONTENT) class ConsumerViewSet(ModelViewSet): """ 学员:增删改查 """ perms_map = ( {'*': 'admin'}, {'*': 'consumer_all'}, {'get': 'consumer_list'}, {'post': 'consumer_create'}, {'put': 'consumer_update'}, {'delete': 'consumer_delete'}) queryset = Consumer.objects.filter(is_delete=0).all() serializer_class = ConsumerSerializer pagination_class = CommonPagination ordering_fields = ('id',) ordering = ['id'] filter_backends = [DjangoFilterBackend, SearchFilter, OrderingFilter] filterset_fields = ('company',) search_fields = ('^name',) def get_serializer_class(self): if self.action == 'list': return ConsumerSerializer else: return ConsumerCUSerializer def destroy(self, request, *args, **kwargs): #逻辑删除 instance = self.get_object() # self.perform_destroy(instance) instance.is_delete = True instance.save() return Response(status=status.HTTP_204_NO_CONTENT) @action(methods=['post'], detail=False, permission_classes=[IsAuthenticated], url_path='import', url_name='import_consumer') def import_consumer(self, request): """ 导入用户 """ xlsxpath = request.data['path'] fullpath = settings.BASE_DIR + xlsxpath wb = load_workbook(fullpath) sheet = wb.worksheets[0] # 验证文件内容 if sheet['a2'].value != '姓名': return Response({"error":"姓名列错误!"}) if sheet['b2'].value != '账户(微信绑定的手机号)': return Response({"error":"账户列错误!"}) if sheet['c2'].value != '单位': return Response({"error":"单位列错误!"}) companydict = {} consumerdict = {} companys = Company.objects.filter(is_delete=0) for i in companys: companydict[i.name] = i.id i = 3 while sheet['B'+str(i)].value: name = sheet['A'+str(i)].value if name: name = name.replace(' ', '') username = sheet['B'+str(i)].value if username: username = str(username).replace(' ', '') companyname = sheet['C'+str(i)].value if companyname: companyname = companyname.replace(' ', '') if companyname not in companydict: return Response({"error":"不存在单位("+companyname+")!请先新建"}) else: companyobj = Company.objects.get(id=companydict[companyname]) if Consumer.objects.filter(username = username).exists(): consumerdict[username]=i else: obj = Consumer() obj.name = name obj.username = username obj.company = companyobj obj.save() subjects = Questioncat.objects.filter(is_subject=True,is_delete=False) if subjects.exists(): PaySubject.objects.create(subject=subjects.first(), consumer=obj) i = i + 1 if consumerdict: return {"code":206,"data":consumerdict,"msg":"导入部分成功"} else: return Response(status=status.HTTP_200_OK) class ConsumerMPLoginView(APIView): """ 小程序登陆颁发token """ authentication_classes=() permission_classes=() def post(self, request, *args, **kwargs): code = request.data['code'] info = requests.get('https://api.weixin.qq.com/sns/jscode2session?appid='+appid+'&secret='+secret+'&js_code=' + code+'&grant_type=authorization_code').content.decode('utf-8') info = json.loads(info) openid = info['openid'] session_key = info['session_key'] try: consumer = Consumer.objects.get(openid = openid) serializer = ConsumerSerializer(instance=consumer) except: return Response("匿名用户",status=status.HTTP_401_UNAUTHORIZED) payload = jwt_payload_handler(consumer) token = jwt_encode_handler(payload) return Response({"token":token,"session_key":session_key, "openid":openid, "userinfo":serializer.data}) class ConsumerLogoutView(APIView): authentication_classes = () permission_classes = () def get(self, request, *args, **kwargs): return Response(status=status.HTTP_200_OK)