Viajero/Achievement_Inputing
2
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 4 Wiki Activity

新增“用户管理”

Browse Source
This commit is contained in:
Viajero-tect
2025-11-15 21:24:57 +08:00
parent a896613726
commit 14788fd59d
7 changed files with 64 additions and 149 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
elastic/views.py
View File

@@ -13,7 +13,7 @@ from django.views.decorators.http import require_http_methods
from django.views.decorators.csrf import ensure_csrf_cookie
from django.views.decorators.csrf import csrf_exempt, ensure_csrf_cookie, csrf_protect
from .es_connect import *
from openai import OpenAI
from .es_connect import update_user_by_id as es_update_user_by_id, delete_user_by_id as es_delete_user_by_id
from PIL import Image
@@ -107,7 +107,7 @@ def delete_data(request, doc_id):
if not existing:
return JsonResponse({"status": "error", "message": "数据不存在"}, status=404)
is_admin = (user_existing.get('permission') ) == 0
is_admin = int(user_existing.get('permission')) == 0
is_owner = str(existing.get("writer_id", "")) == str(request.session.get("user_id"))
if not (is_admin or is_owner):
@@ -143,7 +143,7 @@ def update_data(request, doc_id):
if not existing:
return JsonResponse({"status": "error", "message": "数据不存在"}, status=404)
is_admin = (user_existing.get('permission')) == 0
is_admin = int(user_existing.get('permission')) == 0
is_owner = str(existing.get("writer_id", "")) == str(request.session.get("user_id"))
if not (is_admin or is_owner):
@@ -188,7 +188,7 @@ def get_data(request, doc_id):
def add_user(request):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if request.session.get("permission", 1) != 0:
if int(request.session.get("permission", 1)) != 0:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
try:
payload = json.loads(request.body.decode("utf-8"))
@@ -224,7 +224,7 @@ def add_user(request):
def get_users(request):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if request.session.get("permission", 1) != 0:
if int(request.session.get("permission", 1)) != 0:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
try:
q = (request.GET.get("search") or "").strip()
@@ -236,41 +236,12 @@ def get_users(request):
return JsonResponse({"status": "error", "message": str(e)}, status=500)
@require_http_methods(["DELETE"])
@csrf_exempt
def delete_user(request, username):
"""删除用户"""
try:
success = delete_user_by_username(username)
if success:
return JsonResponse({"status": "success", "message": "用户删除成功"})
else:
return JsonResponse({"status": "error", "message": "用户删除失败"}, status=500)
except Exception as e:
return JsonResponse({"status": "error", "message": str(e)}, status=500)
@require_http_methods(["PUT"])
@csrf_exempt
def update_user(request, username):
"""更新用户权限"""
try:
data = json.loads(request.body.decode('utf-8'))
new_permission = int(data.get('permission', 1))
success = update_user_permission(username, new_permission)
if success:
return JsonResponse({"status": "success", "message": "用户权限更新成功"})
else:
return JsonResponse({"status": "error", "message": "用户权限更新失败"}, status=500)
except Exception as e:
return JsonResponse({"status": "error", "message": str(e)}, status=500)
@require_http_methods(["POST"])
@csrf_protect
def update_user_by_id_view(request, user_id):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if request.session.get("permission", 1) != 0:
if int(request.session.get("permission", 1)) != 0:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
try:
payload = json.loads(request.body.decode("utf-8"))
@@ -285,7 +256,7 @@ def update_user_by_id_view(request, user_id):
return JsonResponse({"status": "error", "message": "用户名已存在"}, status=409)
if new_password and len(new_password) < 6:
return JsonResponse({"status": "error", "message": "密码长度至少为6位"}, status=400)
ok = update_user_by_id(
ok = es_update_user_by_id(
user_id,
username=new_username if new_username else None,
permission=int(new_permission) if new_permission is not None else None,
@@ -300,9 +271,9 @@ def update_user_by_id_view(request, user_id):
def delete_user_by_id_view(request, user_id):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if request.session.get("permission", 1) != 0:
if int(request.session.get("permission", 1)) != 0:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
ok = delete_user_by_id(user_id)
ok = es_delete_user_by_id(user_id)
if not ok:
return JsonResponse({"status": "error", "message": "用户删除失败"}, status=500)
return JsonResponse({"status": "success", "message": "用户删除成功"})
@@ -325,6 +296,7 @@ def string_to_json(s):
# 移植自 a.py 的核心:调用大模型进行 OCR/信息抽取
def ocr_and_extract_info(image_path: str):
from openai import OpenAI
def encode_image(path: str) -> str:
with open(path, "rb") as f:
return base64.b64encode(f.read()).decode("utf-8")
@@ -519,7 +491,9 @@ def manage_page(request):
from django.shortcuts import redirect
return redirect("/accounts/login/")
# is_admin = (request.session.get("permission", 1) == 0)
if int(request.session.get("permission", 1)) != 0:
from django.shortcuts import redirect
return redirect("/main/home/")
raw_results = search_all()
# if not is_admin:
# uid = str(session_user_id)
@@ -544,7 +518,7 @@ def user_manage(request):
if session_user_id is None:
from django.shortcuts import redirect
return redirect("/accounts/login/")
if request.session.get("permission", 1) != 0:
if int(request.session.get("permission", 1)) != 0:
from django.shortcuts import redirect
return redirect("/main/home/")
user_id_qs = request.GET.get("user_id")