163 lines
6.2 KiB
Python
163 lines
6.2 KiB
Python
from rest_framework.filters import SearchFilter, OrderingFilter
|
|
from rest_framework.permissions import IsAuthenticated
|
|
from rest_framework.views import APIView
|
|
from rest_framework.viewsets import ModelViewSet
|
|
from rest_framework.response import Response
|
|
from rest_framework.permissions import IsAuthenticated
|
|
from rest_framework.decorators import action
|
|
from rest_framework import status
|
|
from django_filters.rest_framework import DjangoFilterBackend
|
|
from openpyxl import Workbook, load_workbook
|
|
import requests
|
|
from rest_framework_jwt.serializers import jwt_encode_handler, jwt_payload_handler
|
|
import json
|
|
|
|
from utils.custom import CommonPagination
|
|
from rbac.permission import RbacPermission
|
|
from .models import Company, Consumer
|
|
from .serializers import CompanySerializer, ConsumerSerializer
|
|
from server import settings
|
|
|
|
appid = 'wx5c39b569f01c27db'
|
|
secret = '68762892f8df2b4a0b1940c5250a8dc0'
|
|
|
|
class CompanyViewSet(ModelViewSet):
|
|
"""
|
|
客户企业:增删改查
|
|
"""
|
|
perms_map = (
|
|
{'*': 'admin'}, {'*': 'company_all'}, {'get': 'company_list'}, {'post': 'company_create'},
|
|
{'put': 'company_update'}, {'delete': 'company_delete'})
|
|
queryset = Company.objects.filter(is_delete=0).all()
|
|
serializer_class = CompanySerializer
|
|
pagination_class = None #不分页
|
|
filter_backends = [DjangoFilterBackend,SearchFilter, OrderingFilter]
|
|
search_fields = ('^name',)
|
|
ordering_fields = ('id',)
|
|
ordering = ['-id']
|
|
|
|
def check_permissions(self, request):
|
|
"""
|
|
Check if the request should be permitted.
|
|
Raises an appropriate exception if the request is not permitted.
|
|
"""
|
|
if request.method == 'GET':
|
|
pass
|
|
else:
|
|
for permission in self.get_permissions():
|
|
if not permission.has_permission(request, self):
|
|
self.permission_denied(
|
|
request, message=getattr(permission, 'message', None)
|
|
)
|
|
|
|
def destroy(self, request, *args, **kwargs): #逻辑删除
|
|
instance = self.get_object()
|
|
# self.perform_destroy(instance)
|
|
instance.is_delete = True
|
|
instance.save()
|
|
return Response(status=status.HTTP_204_NO_CONTENT)
|
|
|
|
class ConsumerViewSet(ModelViewSet):
|
|
"""
|
|
学员:增删改查
|
|
"""
|
|
perms_map = (
|
|
{'*': 'admin'}, {'*': 'consumer_all'}, {'get': 'consumer_list'}, {'post': 'consumer_create'},
|
|
{'put': 'consumer_update'}, {'delete': 'consumer_delete'})
|
|
queryset = Consumer.objects.filter(is_delete=0).all()
|
|
serializer_class = ConsumerSerializer
|
|
pagination_class = CommonPagination
|
|
ordering_fields = ('id',)
|
|
ordering = ['id']
|
|
filter_backends = [DjangoFilterBackend, SearchFilter, OrderingFilter]
|
|
filterset_fields = ('is_paid','company')
|
|
search_fields = ('^name',)
|
|
|
|
|
|
def destroy(self, request, *args, **kwargs): #逻辑删除
|
|
instance = self.get_object()
|
|
# self.perform_destroy(instance)
|
|
instance.is_delete = True
|
|
instance.save()
|
|
return Response(status=status.HTTP_204_NO_CONTENT)
|
|
|
|
@action(methods=['post'], detail=False, permission_classes=[IsAuthenticated],
|
|
url_path='import', url_name='import_consumer')
|
|
def import_consumer(self, request):
|
|
"""
|
|
导入用户
|
|
"""
|
|
xlsxpath = request.data['path']
|
|
fullpath = settings.BASE_DIR + xlsxpath
|
|
wb = load_workbook(fullpath)
|
|
sheet = wb.worksheets[0]
|
|
# 验证文件内容
|
|
if sheet['a2'].value != '姓名':
|
|
return Response({"error":"姓名列错误!"})
|
|
if sheet['b2'].value != '账户(微信绑定的手机号)':
|
|
return Response({"error":"账户列错误!"})
|
|
if sheet['c2'].value != '单位':
|
|
return Response({"error":"单位列错误!"})
|
|
companydict = {}
|
|
consumerdict = {}
|
|
companys = Company.objects.filter(is_delete=0)
|
|
for i in companys:
|
|
companydict[i.name] = i.id
|
|
i = 3
|
|
while sheet['B'+str(i)].value:
|
|
name = sheet['A'+str(i)].value
|
|
if name:
|
|
name = name.replace(' ', '')
|
|
username = sheet['B'+str(i)].value
|
|
if username:
|
|
username = str(username).replace(' ', '')
|
|
companyname = sheet['C'+str(i)].value
|
|
if companyname:
|
|
companyname = companyname.replace(' ', '')
|
|
if companyname not in companydict:
|
|
return Response({"error":"不存在单位("+companyname+")!请先新建"})
|
|
else:
|
|
companyobj = Company.objects.get(id=companydict[companyname])
|
|
if Consumer.objects.filter(username = username).exists():
|
|
consumerdict[username]=i
|
|
else:
|
|
obj = Consumer()
|
|
obj.name = name
|
|
obj.username = username
|
|
obj.company = companyobj
|
|
obj.is_paid = True
|
|
obj.save()
|
|
i = i + 1
|
|
if consumerdict:
|
|
return {"code":206,"data":consumerdict,"msg":"导入部分成功"}
|
|
else:
|
|
return Response(status=status.HTTP_200_OK)
|
|
|
|
|
|
class ConsumerMPLoginView(APIView):
|
|
"""
|
|
小程序登陆颁发token
|
|
"""
|
|
authentication_classes=()
|
|
permission_classes=()
|
|
def post(self, request, *args, **kwargs):
|
|
code = request.data['code']
|
|
info = requests.get('https://api.weixin.qq.com/sns/jscode2session?appid='+appid+'&secret='+secret+'&js_code=' +
|
|
code+'&grant_type=authorization_code').content.decode('utf-8')
|
|
info = json.loads(info)
|
|
openid = info['openid']
|
|
session_key = info['session_key']
|
|
try:
|
|
consumer = Consumer.objects.get(openid = openid)
|
|
serializer = ConsumerSerializer(instance=consumer)
|
|
except:
|
|
return Response("匿名用户",status=status.HTTP_401_UNAUTHORIZED)
|
|
payload = jwt_payload_handler(consumer)
|
|
token = jwt_encode_handler(payload)
|
|
return Response({"token":token,"session_key":session_key, "openid":openid, "userinfo":serializer.data})
|
|
|
|
class ConsumerLogoutView(APIView):
|
|
authentication_classes = ()
|
|
permission_classes = ()
|
|
def get(self, request, *args, **kwargs):
|
|
return Response(status=status.HTTP_200_OK) |