Viajero/Achievement_Inputing
2
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity

新增“数据编辑”

Browse Source
This commit is contained in:
Viajero-tect
2025-11-13 19:31:15 +08:00
parent cf57f981c0
commit 127f5c5926
3 changed files with 70 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
db.sqlite3
View File

Binary file not shown.

10
elastic/templates/elastic/manage.html
View File

@@ -36,8 +36,8 @@
</thead> </thead>
<tbody> <tbody>
{% for it in items %} {% for it in items %}
<tr data-id="{{ it._id }}" data-writer="{{ it.writer_id }}" data-image="{{ it.image }}"> <tr data-id="{{ it.id }}" data-writer="{{ it.writer_id }}" data-image="{{ it.image }}">
<td style="max-width:140px; word-break:break-all;">{{ it._id }}</td> <td style="max-width:140px; word-break:break-all;">{{ it.id }}</td>
<td> <td>
{% if it.image %} {% if it.image %}
<img src="/media/{{ it.image }}" onerror="this.src='';" /> <img src="/media/{{ it.image }}" onerror="this.src='';" />
@@ -49,8 +49,8 @@
</td> </td>
<td>{{ it.writer_id }}</td> <td>{{ it.writer_id }}</td>
<td> <td>
<button class="btn btn-primary" onclick="openEdit('{{ it._id }}')">编辑</button> <button class="btn btn-primary" onclick="openEdit('{{ it.id }}')">编辑</button>
<button class="btn btn-danger" onclick="doDelete('{{ it._id }}')">删除</button> <button class="btn btn-danger" onclick="doDelete('{{ it.id }}')">删除</button>
</td> </td>
</tr> </tr>
{% endfor %} {% endfor %}
@@ -173,4 +173,4 @@ function doDelete(id){
} }
</script> </script>
</body> </body>
</html> </html>

103
elastic/views.py
View File

@@ -10,6 +10,7 @@ from django.conf import settings
from django.http import JsonResponse from django.http import JsonResponse
from django.shortcuts import render from django.shortcuts import render
from django.views.decorators.http import require_http_methods from django.views.decorators.http import require_http_methods
from django.views.decorators.csrf import ensure_csrf_cookie
from django.views.decorators.csrf import csrf_exempt from django.views.decorators.csrf import csrf_exempt
from .es_connect import ( from .es_connect import (
create_index_with_mapping, create_index_with_mapping,
@@ -95,8 +96,17 @@ def get_all_data(request):
@require_http_methods(["DELETE"]) @require_http_methods(["DELETE"])
@csrf_exempt @csrf_exempt
def delete_data(request, doc_id): def delete_data(request, doc_id):
"""删除数据""" """删除数据(需登录;管理员或作者本人)"""
if not request.session.get("user_id"):
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
try: try:
existing = get_by_id(doc_id)
if not existing:
return JsonResponse({"status": "error", "message": "数据不存在"}, status=404)
is_admin = (request.session.get("permission", 1) == 0)
is_owner = str(existing.get("writer_id", "")) == str(request.session.get("user_id"))
if not (is_admin or is_owner):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
success = delete_by_id(doc_id) success = delete_by_id(doc_id)
if success: if success:
return JsonResponse({"status": "success", "message": "数据删除成功"}) return JsonResponse({"status": "success", "message": "数据删除成功"})
@@ -109,10 +119,35 @@ def delete_data(request, doc_id):
@require_http_methods(["PUT"]) @require_http_methods(["PUT"])
@csrf_exempt @csrf_exempt
def update_data(request, doc_id): def update_data(request, doc_id):
"""更新数据""" """更新数据(需登录;管理员或作者本人)"""
if not request.session.get("user_id"):
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
try: try:
data = json.loads(request.body.decode('utf-8')) payload = json.loads(request.body.decode('utf-8'))
success = update_by_id(doc_id, data) except Exception:
return JsonResponse({"status": "error", "message": "JSON无效"}, status=400)
try:
existing = get_by_id(doc_id)
if not existing:
return JsonResponse({"status": "error", "message": "数据不存在"}, status=404)
is_admin = (request.session.get("permission", 1) == 0)
is_owner = str(existing.get("writer_id", "")) == str(request.session.get("user_id"))
if not (is_admin or is_owner):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
updated = {}
if "writer_id" in payload:
updated["writer_id"] = payload["writer_id"]
if "image" in payload:
updated["image"] = payload["image"]
if "data" in payload:
v = payload["data"]
if isinstance(v, dict):
updated["data"] = json.dumps(v, ensure_ascii=False)
else:
updated["data"] = str(v)
success = update_by_id(doc_id, updated)
if success: if success:
return JsonResponse({"status": "success", "message": "数据更新成功"}) return JsonResponse({"status": "success", "message": "数据更新成功"})
else: else:
@@ -265,13 +300,15 @@ def ocr_and_extract_info(image_path: str):
return parse_response(response_text) return parse_response(response_text)
# 上传页面
@require_http_methods(["GET"]) @require_http_methods(["GET"])
def upload_page(request): def upload_page(request):
# if not request.session.get("user_id"): session_user_id = request.session.get("user_id")
# from django.shortcuts import redirect if session_user_id is None:
# return redirect("/accounts/login/") from django.shortcuts import redirect
return render(request, "elastic/upload.html") return redirect("/accounts/login/")
user_id_qs = request.GET.get("user_id")
context = {"user_id": user_id_qs or session_user_id}
return render(request, "elastic/upload.html", context)
# 上传并识别(不入库) # 上传并识别(不入库)
@@ -341,36 +378,26 @@ def confirm(request):
@require_http_methods(["GET"]) @require_http_methods(["GET"])
@ensure_csrf_cookie
def manage_page(request): def manage_page(request):
if not request.session.get("user_id"): session_user_id = request.session.get("user_id")
if session_user_id is None:
from django.shortcuts import redirect from django.shortcuts import redirect
return redirect("/accounts/login/") return redirect("/accounts/login/")
if request.session.get("permission", 1) != 0: is_admin = (request.session.get("permission", 1) == 0)
from django.http import HttpResponseForbidden raw_results = search_all()
return HttpResponseForbidden("forbidden") if not is_admin:
results = search_all() uid = str(session_user_id)
return render(request, "elastic/manage.html", {"items": results}) raw_results = [r for r in raw_results if str(r.get("writer_id", "")) == uid]
# 规范化键,避免模板点号访问下划线前缀字段
results = []
@require_http_methods(["GET"]) for r in raw_results:
def manage_page(request): results.append({
if not request.session.get("user_id"): "id": r.get("_id", ""),
from django.shortcuts import redirect "writer_id": r.get("writer_id", ""),
return redirect("/accounts/login/") "image": r.get("image", ""),
if request.session.get("permission", 1) != 0: "data": r.get("data", ""),
from django.http import HttpResponseForbidden
return HttpResponseForbidden("forbidden")
results = search_all()
expanded = []
for item in results:
try:
data_obj = json.loads(item.get("data", "{}")) if isinstance(item.get("data"), str) else {}
except Exception:
data_obj = {}
expanded.append({
"_id": item.get("_id", ""),
"writer_id": item.get("writer_id", ""),
"image": item.get("image", ""),
"data": data_obj,
}) })
return render(request, "elastic/manage.html", {"items": expanded}) user_id_qs = request.GET.get("user_id")
context = {"items": results, "user_id": user_id_qs or session_user_id}
return render(request, "elastic/manage.html", context)