From 109c06e1d9fdc7ce7d0ecabb37a51a52e1f4add5 Mon Sep 17 00:00:00 2001 From: DSQ Date: Thu, 12 Mar 2026 19:00:36 +0800 Subject: [PATCH] =?UTF-8?q?=E9=A1=B5=E9=9D=A2(?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- accounts/templates/accounts/profile.html | 5 ++- accounts/views.py | 5 --- elastic/es_connect.py | 19 -------- elastic/templates/elastic/manage.html | 13 +++++- elastic/views.py | 56 +++++++++++++++++++++++- main/templates/main/home.html | 2 + 6 files changed, 72 insertions(+), 28 deletions(-) diff --git a/accounts/templates/accounts/profile.html b/accounts/templates/accounts/profile.html index 92aae5f..ef74f22 100644 --- a/accounts/templates/accounts/profile.html +++ b/accounts/templates/accounts/profile.html @@ -59,7 +59,7 @@

用户名: {{ profile_user.username }}

用户ID: {{ profile_user.user_id }}

-

所属班级: {{ user_class|default:"未填写" }}

+

所属: {{ profile_user.key|join:"、"|default:"未填写" }}

权限级别: {{ permission_name }}

@@ -74,6 +74,9 @@ {% else %}
无图片
{% endif %} +
+ 管理此条 +
{% endfor %} diff --git a/accounts/views.py b/accounts/views.py index 555d843..8546698 100644 --- a/accounts/views.py +++ b/accounts/views.py @@ -90,16 +90,11 @@ def profile_page(request): raw_results = [r for r in search_all() if str(r.get("writer_id", "")) == str(session_user_id)] achievements = _attach_image_urls(request, raw_results) - # 提取班级信息 (key 字段中的第一个值) - keys = user.get("key") or [] - user_class = keys[0] if keys else "" - permission_name = "管理员" if int(user.get("permission", 1)) == 0 else "普通用户" context = { "username": request.session.get("username"), "profile_user": user, - "user_class": user_class, "permission_name": permission_name, "achievements": achievements, } diff --git a/elastic/es_connect.py b/elastic/es_connect.py index 7868ca7..88e4a5f 100644 --- a/elastic/es_connect.py +++ b/elastic/es_connect.py @@ -793,25 +793,6 @@ def write_user_data(user_data): print(f"用户数据写入失败: {str(e)}") return False -def get_user_by_id(user_id): - try: - search = UserDocument.search() - search = search.query("term", user_id=user_id) - response = search.execute() - - if response.hits: - hit = response.hits[0] - return { - "user_id": hit.user_id, - "username": hit.username, - "permission": hit.permission - } - return None - - except Exception as e: - print(f"获取用户数据失败: {str(e)}") - return None - def get_user_by_username(username): """ 根据用户名获取用户数据 diff --git a/elastic/templates/elastic/manage.html b/elastic/templates/elastic/manage.html index 3ceb9e1..a0298e5 100644 --- a/elastic/templates/elastic/manage.html +++ b/elastic/templates/elastic/manage.html @@ -307,7 +307,7 @@ function renderTable(data) { if (!data || data.length === 0) { const row = document.createElement('tr'); - row.innerHTML = '暂无数据'; + row.innerHTML = '暂无数据'; tableBody.appendChild(row); return; } @@ -335,7 +335,16 @@ function renderTable(data) { `; } catch (e) { - displayData = `
${escapeHtml(displayData)}
`; + displayData = ` + + + + + + + +
原始数据${escapeHtml(displayData)}
+ `; } row.innerHTML = ` diff --git a/elastic/views.py b/elastic/views.py index 937f41a..772c3c6 100644 --- a/elastic/views.py +++ b/elastic/views.py @@ -23,6 +23,36 @@ from .es_connect import ( from PIL import Image +def _filter_results_for_user(request, results): + session_user_id = request.session.get("user_id") + if session_user_id is None: + return [] + + me = get_user_by_id(session_user_id) or {} + is_admin = int(request.session.get("permission", 1)) == 0 + + if is_admin: + return results + + uid = str(session_user_id) + manage_keys = me.get("manage_key", []) or [] + + filtered = [] + for r in results: + # 1. 自己的提交 + if str(r.get("writer_id", "")) == uid: + filtered.append(r) + continue + + # 2. 管理的提交 + if manage_keys: + r_data = str(r.get("data", "")) + for mk in manage_keys: + if mk and str(mk) in r_data: + filtered.append(r) + break + return filtered + def _image_ref_to_url(request, image_ref: str) -> str: s = str(image_ref or '').strip() if not s: @@ -132,6 +162,7 @@ def search(request): return JsonResponse({"status": "error", "message": "搜索关键词不能为空"}, status=400) results = search_data(query) + results = _filter_results_for_user(request, results) data = _attach_writer_names(_attach_image_urls(request, results)) return JsonResponse({"status": "success", "data": data}) except Exception as e: @@ -147,6 +178,7 @@ def fuzzy_search(request): return JsonResponse({"status": "error", "message": "搜索关键词不能为空"}, status=400) results = search_by_any_field(keyword) + results = _filter_results_for_user(request, results) data = _attach_writer_names(_attach_image_urls(request, results)) return JsonResponse({"status": "success", "data": data}) except Exception as e: @@ -156,7 +188,13 @@ def fuzzy_search(request): def get_all_data(request): """获取所有数据""" try: + session_user_id = request.session.get("user_id") + if session_user_id is None: + return JsonResponse({"status": "error", "message": "未登录"}, status=401) + results = search_all() + results = _filter_results_for_user(request, results) + data = _attach_writer_names(_attach_image_urls(request, results)) return JsonResponse({"status": "success", "data": data}) except Exception as e: @@ -694,7 +732,23 @@ def manage_page(request): raw_results = search_all() else: uid = str(session_user_id) - raw_results = [r for r in search_all() if str(r.get("writer_id", "")) == uid] + manage_keys = me.get("manage_key", []) or [] + + all_data = search_all() + raw_results = [] + for r in all_data: + # 1. 自己的提交 + if str(r.get("writer_id", "")) == uid: + raw_results.append(r) + continue + + # 2. 管理的提交 (检查 data 中是否包含 manage_key) + if manage_keys: + r_data = str(r.get("data", "")) + for mk in manage_keys: + if mk and str(mk) in r_data: + raw_results.append(r) + break results = [] for r in raw_results: diff --git a/main/templates/main/home.html b/main/templates/main/home.html index 1267c86..64856da 100644 --- a/main/templates/main/home.html +++ b/main/templates/main/home.html @@ -41,8 +41,10 @@
主页 图片上传与识别 + {% if is_admin %} 数据管理 用户管理 + {% endif %} 个人中心 {% if is_admin %} 注册码管理