增加后台管理员相关接口(增删改查)
4 fichiers modifiés avec 140 ajouts et 0 suppressions
+ 123
- 0
api/admin_views.py
@@ -11,8 +11,10 @@ from django.db import transaction |
||
| 11 | 11 |
from django.db.models import Count, Q, Sum |
| 12 | 12 |
from django_logit import logit |
| 13 | 13 |
from django_response import response |
| 14 |
+from django.contrib.auth.hashers import make_password |
|
| 14 | 15 |
from paginator import pagination |
| 15 | 16 |
from TimeConvert import TimeConvert as tc |
| 17 |
+from pysnippets.strsnippets import strip |
|
| 16 | 18 |
|
| 17 | 19 |
from account.models import UserInfo |
| 18 | 20 |
from api.encrypt_views import get_ciphertext |
@@ -1635,3 +1637,124 @@ def complement_code_contacted(request): |
||
| 1635 | 1637 |
log.save() |
| 1636 | 1638 |
|
| 1637 | 1639 |
return response() |
| 1640 |
+ |
|
| 1641 |
+ |
|
| 1642 |
+def administrator_list(request): |
|
| 1643 |
+ brand_id = request.POST.get('brand_id', settings.KODO_DEFAULT_BRAND_ID)
|
|
| 1644 |
+ admin_id = request.POST.get('admin_id', '')
|
|
| 1645 |
+ page = request.POST.get('page', 1)
|
|
| 1646 |
+ num = request.POST.get('num', 20)
|
|
| 1647 |
+ |
|
| 1648 |
+ if brand_id != settings.KODO_DEFAULT_BRAND_ID: |
|
| 1649 |
+ return response(ProductBrandStatusCode.BRAND_NOT_MATCH) |
|
| 1650 |
+ |
|
| 1651 |
+ try: |
|
| 1652 |
+ administrator = AdministratorInfo.objects.get(admin_id=admin_id, user_status=AdministratorInfo.ACTIVATED, status=True) |
|
| 1653 |
+ except AdministratorInfo.DoesNotExist: |
|
| 1654 |
+ return response(AdministratorStatusCode.ADMINISTRATOR_NOT_FOUND) |
|
| 1655 |
+ |
|
| 1656 |
+ if administrator.admin_type != AdministratorInfo.ADMINISTRATOR: |
|
| 1657 |
+ return response(AdministratorStatusCode.ADMINISTRATOR_PERMISSION_DENIED) |
|
| 1658 |
+ |
|
| 1659 |
+ logs = AdministratorInfo.objects.filter(status=True).order_by('-created_at')
|
|
| 1660 |
+ |
|
| 1661 |
+ count = logs.count() |
|
| 1662 |
+ logs, left = pagination(logs, page, num) |
|
| 1663 |
+ logs = [log.admindata for log in logs] |
|
| 1664 |
+ return response(200, 'Get Admin List Success', u'获取后台管理员成功', data={
|
|
| 1665 |
+ 'logs': logs, |
|
| 1666 |
+ 'left': left, |
|
| 1667 |
+ 'count': count |
|
| 1668 |
+ }) |
|
| 1669 |
+ |
|
| 1670 |
+ |
|
| 1671 |
+def administrator_create(request): |
|
| 1672 |
+ brand_id = request.POST.get('brand_id', settings.KODO_DEFAULT_BRAND_ID)
|
|
| 1673 |
+ admin_id = request.POST.get('admin_id', '')
|
|
| 1674 |
+ |
|
| 1675 |
+ admin_type = request.POST.get('admin_type', '')
|
|
| 1676 |
+ phone = request.POST.get('phone', '')
|
|
| 1677 |
+ name = request.POST.get('name', '')
|
|
| 1678 |
+ password = request.POST.get('password', '')
|
|
| 1679 |
+ brand_name = request.POST.get('brand_name', '')
|
|
| 1680 |
+ |
|
| 1681 |
+ if brand_id != settings.KODO_DEFAULT_BRAND_ID: |
|
| 1682 |
+ return response(ProductBrandStatusCode.BRAND_NOT_MATCH) |
|
| 1683 |
+ |
|
| 1684 |
+ try: |
|
| 1685 |
+ administrator = AdministratorInfo.objects.get(admin_id=admin_id, user_status=AdministratorInfo.ACTIVATED, status=True) |
|
| 1686 |
+ except AdministratorInfo.DoesNotExist: |
|
| 1687 |
+ return response(AdministratorStatusCode.ADMINISTRATOR_NOT_FOUND) |
|
| 1688 |
+ |
|
| 1689 |
+ if administrator.admin_type != AdministratorInfo.ADMINISTRATOR: |
|
| 1690 |
+ return response(AdministratorStatusCode.ADMINISTRATOR_PERMISSION_DENIED) |
|
| 1691 |
+ |
|
| 1692 |
+ encryption = make_password(strip(password), settings.MAKE_PASSWORD_SALT, settings.MAKE_PASSWORD_HASHER) |
|
| 1693 |
+ |
|
| 1694 |
+ AdministratorInfo.objects.create( |
|
| 1695 |
+ brand_id=brand_id, |
|
| 1696 |
+ brand_name=brand_name, |
|
| 1697 |
+ admin_type=admin_type, |
|
| 1698 |
+ phone=phone, |
|
| 1699 |
+ name=name, |
|
| 1700 |
+ password='', |
|
| 1701 |
+ encryption=encryption, |
|
| 1702 |
+ ) |
|
| 1703 |
+ |
|
| 1704 |
+ return response(200, 'Create Admin Success', u'创建后台管理员成功') |
|
| 1705 |
+ |
|
| 1706 |
+ |
|
| 1707 |
+def administrator_update(request): |
|
| 1708 |
+ brand_id = request.POST.get('brand_id', settings.KODO_DEFAULT_BRAND_ID)
|
|
| 1709 |
+ admin_id = request.POST.get('admin_id', '')
|
|
| 1710 |
+ |
|
| 1711 |
+ target_admin_id = request.POST.get('target_admin_id', '')
|
|
| 1712 |
+ admin_type = int(request.POST.get('admin_type', 3))
|
|
| 1713 |
+ phone = request.POST.get('phone', '')
|
|
| 1714 |
+ name = request.POST.get('name', '')
|
|
| 1715 |
+ password = request.POST.get('password', '')
|
|
| 1716 |
+ |
|
| 1717 |
+ if brand_id != settings.KODO_DEFAULT_BRAND_ID: |
|
| 1718 |
+ return response(ProductBrandStatusCode.BRAND_NOT_MATCH) |
|
| 1719 |
+ |
|
| 1720 |
+ try: |
|
| 1721 |
+ administrator = AdministratorInfo.objects.get(admin_id=admin_id, user_status=AdministratorInfo.ACTIVATED, status=True) |
|
| 1722 |
+ except AdministratorInfo.DoesNotExist: |
|
| 1723 |
+ return response(AdministratorStatusCode.ADMINISTRATOR_NOT_FOUND) |
|
| 1724 |
+ |
|
| 1725 |
+ if administrator.admin_type != AdministratorInfo.ADMINISTRATOR: |
|
| 1726 |
+ return response(AdministratorStatusCode.ADMINISTRATOR_PERMISSION_DENIED) |
|
| 1727 |
+ |
|
| 1728 |
+ encryption = make_password(strip(password), settings.MAKE_PASSWORD_SALT, settings.MAKE_PASSWORD_HASHER) |
|
| 1729 |
+ |
|
| 1730 |
+ AdministratorInfo.objects.filter(admin_id=target_admin_id, brand_id=brand_id).update( |
|
| 1731 |
+ admin_type=admin_type, |
|
| 1732 |
+ phone=phone, |
|
| 1733 |
+ name=name, |
|
| 1734 |
+ password='', |
|
| 1735 |
+ encryption=encryption, |
|
| 1736 |
+ ) |
|
| 1737 |
+ |
|
| 1738 |
+ return response(200, 'Update Admin Success', u'更新后台管理员成功') |
|
| 1739 |
+ |
|
| 1740 |
+ |
|
| 1741 |
+def administrator_delete(request): |
|
| 1742 |
+ brand_id = request.POST.get('brand_id', settings.KODO_DEFAULT_BRAND_ID)
|
|
| 1743 |
+ admin_id = request.POST.get('admin_id', '')
|
|
| 1744 |
+ target_admin_id = request.POST.get('target_admin_id', '')
|
|
| 1745 |
+ |
|
| 1746 |
+ if brand_id != settings.KODO_DEFAULT_BRAND_ID: |
|
| 1747 |
+ return response(ProductBrandStatusCode.BRAND_NOT_MATCH) |
|
| 1748 |
+ |
|
| 1749 |
+ try: |
|
| 1750 |
+ administrator = AdministratorInfo.objects.get(admin_id=admin_id, user_status=AdministratorInfo.ACTIVATED, status=True) |
|
| 1751 |
+ except AdministratorInfo.DoesNotExist: |
|
| 1752 |
+ return response(AdministratorStatusCode.ADMINISTRATOR_NOT_FOUND) |
|
| 1753 |
+ |
|
| 1754 |
+ if administrator.admin_type != AdministratorInfo.ADMINISTRATOR: |
|
| 1755 |
+ return response(AdministratorStatusCode.ADMINISTRATOR_PERMISSION_DENIED) |
|
| 1756 |
+ |
|
| 1757 |
+ |
|
| 1758 |
+ AdministratorInfo.objects.filter(admin_id=target_admin_id).update(status=False) |
|
| 1759 |
+ |
|
| 1760 |
+ return response(200, 'Delete Admin Success', u'删除后台管理员成功') |
+ 5
- 0
api/urls.py
@@ -181,6 +181,11 @@ urlpatterns += [ |
||
| 181 | 181 |
url(r'^admin/member/goods/details$', admin_views.member_goods_details, name='member_goods_details'), |
| 182 | 182 |
url(r'^admin/member/goods/create$', admin_views.member_goods_create, name='member_goods_create'), |
| 183 | 183 |
url(r'^admin/member/goods/update$', admin_views.member_goods_update, name='member_goods_update'), |
| 184 |
+ |
|
| 185 |
+ url(r'^admin/administrator/list$', admin_views.administrator_list, name='administrator_list'), |
|
| 186 |
+ url(r'^admin/administrator/create$', admin_views.administrator_create, name='administrator_create'), |
|
| 187 |
+ url(r'^admin/administrator/update$', admin_views.administrator_update, name='administrator_update'), |
|
| 188 |
+ url(r'^admin/administrator/delete$', admin_views.administrator_delete, name='administrator_delete'), |
|
| 184 | 189 |
] |
| 185 | 190 |
|
| 186 | 191 |
urlpatterns += [ |
+ 10
- 0
mch/models.py
@@ -57,6 +57,16 @@ class AdministratorInfo(BaseModelMixin): |
||
| 57 | 57 |
def __unicode__(self): |
| 58 | 58 |
return u'{}-{}'.format(self.name, self.phone)
|
| 59 | 59 |
|
| 60 |
+ @property |
|
| 61 |
+ def admindata(self): |
|
| 62 |
+ return {
|
|
| 63 |
+ 'admin_id': self.admin_id, |
|
| 64 |
+ 'admin_type': self.admin_type, |
|
| 65 |
+ 'phone': self.phone, |
|
| 66 |
+ 'name': self.name, |
|
| 67 |
+ 'created_at': tc.local_string(utc_dt=self.created_at, format='%Y-%m-%d'), |
|
| 68 |
+ } |
|
| 69 |
+ |
|
| 60 | 70 |
|
| 61 | 71 |
class OperatorInfo(BaseModelMixin): |
| 62 | 72 |
ACTIVATED = 1 |
+ 2
- 0
utils/error/errno_utils.py
@@ -128,6 +128,8 @@ class MaintenanceStatusCode(BaseStatusCode): |
||
| 128 | 128 |
class AdministratorStatusCode(BaseStatusCode): |
| 129 | 129 |
""" 操作员相关错误码 4002xx """ |
| 130 | 130 |
ADMINISTRATOR_NOT_FOUND = StatusCodeField(400201, 'Administrator Not Found', description=u'管理员不存在') |
| 131 |
+ ADMINISTRATOR_PERMISSION_DENIED = StatusCodeField(508002, 'Administrator Permission Denied', description=u'管理员权限不足') |
|
| 132 |
+ |
|
| 131 | 133 |
# 密码 |
| 132 | 134 |
ADMINISTRATOR_PASSWORD_ERROR = StatusCodeField(400202, 'Administrator Password Error', description=u'管理员密码错误') |
| 133 | 135 |
# 手机号 |