Viajero/Achievement_Inputing
3
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases 13 Wiki Activity

[0.2.7.4][ci]
All checks were successful
CI / docker-ci (push) Successful in 24s
Details

Browse Source
This commit is contained in:
DSQ
2026-03-17 22:45:56 +08:00
parent 85dd7bc991
commit 71a0723a74
11 changed files with 1191 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
elastic/documents.py
View File

@@ -35,6 +35,9 @@ class UserDocument(Document):
user_id = fields.LongField()
username = fields.KeywordField()
email = fields.KeywordField()
registration_code = fields.KeywordField()
can_manage_registration_codes = fields.IntegerField()
registration_manage_keys = fields.KeywordField(multi=True)
password_hash = fields.KeywordField()
password_salt = fields.KeywordField()
permission = fields.IntegerField() # 还是2种权限0为管理员1为用户区别在于0有全部权限1在数据管理页面有搜索框但是索引到的录入信息要根据其用户id查询其key若其中之一与用户的manage_key字段匹配就显示否则不显示

120
elastic/es_connect.py
View File

@@ -783,6 +783,9 @@ def write_user_data(user_data):
password_salt=pwd_salt_b64,
permission=perm_val,
email=user_data.get('email'),
registration_code=(user_data.get('registration_code') or None),
can_manage_registration_codes=int(user_data.get('can_manage_registration_codes') or 0),
registration_manage_keys=list(user_data.get('registration_manage_keys') or []),
key=list(user_data.get('key') or []),
manage_key=list(user_data.get('manage_key') or []),
)
@@ -836,6 +839,9 @@ def get_all_users():
"username": hit.username,
"permission": int(hit.permission),
"email": getattr(hit, 'email', None),
"registration_code": getattr(hit, 'registration_code', None),
"can_manage_registration_codes": int(getattr(hit, 'can_manage_registration_codes', 0) or 0),
"registration_manage_keys": list(getattr(hit, 'registration_manage_keys', []) or []),
"key": list(getattr(hit, 'key', []) or []),
"manage_key": list(getattr(hit, 'manage_key', []) or []),
})
@@ -857,6 +863,9 @@ def get_user_by_id(user_id):
"username": hit.username,
"permission": int(hit.permission),
"email": getattr(hit, 'email', None),
"registration_code": getattr(hit, 'registration_code', None),
"can_manage_registration_codes": int(getattr(hit, 'can_manage_registration_codes', 0) or 0),
"registration_manage_keys": list(getattr(hit, 'registration_manage_keys', []) or []),
"key": list(getattr(hit, 'key', []) or []),
"manage_key": list(getattr(hit, 'manage_key', []) or []),
}
@@ -880,7 +889,7 @@ def delete_user_by_id(user_id):
print(f"删除用户失败: {str(e)}")
return False
def update_user_by_id(user_id, username=None, permission=None, password=None, key=None):
def update_user_by_id(user_id, username=None, permission=None, password=None, key=None, manage_key=None, registration_code=None, can_manage_registration_codes=None, registration_manage_keys=None):
try:
search = UserDocument.search()
search = search.query("term", user_id=int(user_id))
@@ -898,9 +907,118 @@ def update_user_by_id(user_id, username=None, permission=None, password=None, ke
doc.password_salt = salt_b64
if key is not None:
doc.key = list(key)
if manage_key is not None:
doc.manage_key = list(manage_key)
if registration_code is not None:
doc.registration_code = str(registration_code) if str(registration_code).strip() else None
if can_manage_registration_codes is not None:
try:
doc.can_manage_registration_codes = int(can_manage_registration_codes)
except Exception:
doc.can_manage_registration_codes = 0
if registration_manage_keys is not None:
doc.registration_manage_keys = list(registration_manage_keys)
doc.save()
return True
return False
except Exception as e:
print(f"更新用户失败: {str(e)}")
return False
def _rc_request_now_iso():
return datetime.now(timezone.utc).isoformat()
def create_registration_code_manage_request(user_id: int, username: str, reason: str):
try:
rid = uuid.uuid4().hex
doc = {
"kind": "registration_code_manage_request",
"request_id": rid,
"user_id": int(user_id),
"username": str(username or ""),
"reason": str(reason or ""),
"status": "pending",
"created_at": _rc_request_now_iso(),
}
es.index(index=GLOBAL_INDEX_NAME, id=rid, body=doc)
return rid
except Exception as e:
print(f"创建注册码管理申请失败: {str(e)}")
return None
def find_pending_registration_code_manage_request(user_id: int):
try:
body = {
"size": 1,
"query": {
"bool": {
"must": [
{"term": {"kind": "registration_code_manage_request"}},
{"term": {"user_id": int(user_id)}},
{"term": {"status": "pending"}},
]
}
},
"sort": [{"created_at": {"order": "desc"}}],
}
resp = es.search(index=GLOBAL_INDEX_NAME, body=body)
hits = (resp.get("hits") or {}).get("hits") or []
if not hits:
return None
h = hits[0]
src = h.get("_source") or {}
src["_id"] = h.get("_id")
return src
except Exception as e:
print(f"查询注册码管理申请失败: {str(e)}")
return None
def get_registration_code_manage_request(request_id: str):
try:
resp = es.get(index=GLOBAL_INDEX_NAME, id=str(request_id))
src = resp.get("_source") or {}
if (src.get("kind") or "") != "registration_code_manage_request":
return None
src["_id"] = resp.get("_id")
return src
except Exception:
return None
def list_registration_code_manage_requests(status: str = None, limit: int = 200):
try:
must = [{"term": {"kind": "registration_code_manage_request"}}]
if status:
must.append({"term": {"status": str(status)}})
body = {
"size": max(1, min(int(limit or 200), 500)),
"query": {"bool": {"must": must}},
"sort": [{"created_at": {"order": "desc"}}],
}
resp = es.search(index=GLOBAL_INDEX_NAME, body=body)
hits = (resp.get("hits") or {}).get("hits") or []
out = []
for h in hits:
src = h.get("_source") or {}
src["_id"] = h.get("_id")
out.append(src)
return out
except Exception as e:
print(f"列出注册码管理申请失败: {str(e)}")
return []
def decide_registration_code_manage_request(request_id: str, status: str, reviewed_by: int, reviewer_note: str = None):
try:
sid = str(status or "").strip().lower()
if sid not in ("approved", "rejected"):
return False
doc = {
"status": sid,
"reviewed_at": _rc_request_now_iso(),
"reviewed_by": int(reviewed_by),
"reviewer_note": str(reviewer_note or ""),
}
es.update(index=GLOBAL_INDEX_NAME, id=str(request_id), body={"doc": doc})
return True
except Exception as e:
print(f"审批注册码管理申请失败: {str(e)}")
return False

110
elastic/templates/elastic/registration_codes.html
View File

@@ -38,6 +38,16 @@
</style>
{% csrf_token %}
<script>
const IS_ADMIN = {{ is_admin|yesno:"true,false" }};
const HAS_MANAGE_KEY = {{ has_manage_key|yesno:"true,false" }};
const CAN_MANAGE_REG = {{ can_manage_registration_codes|yesno:"true,false" }};
const MY_KEYS_RAW = JSON.parse('{{ my_keys_json|default:"[]"|escapejs }}');
const MY_KEYS_SET = new Set((Array.isArray(MY_KEYS_RAW) ? MY_KEYS_RAW : []).map(v => String(v || '').trim()).filter(Boolean));
const MY_MANAGE_KEYS_RAW = JSON.parse('{{ manage_keys_json|default:"[]"|escapejs }}');
const MY_MANAGE_KEYS_SET = new Set((Array.isArray(MY_MANAGE_KEYS_RAW) ? MY_MANAGE_KEYS_RAW : []).map(v => String(v || '').trim()).filter(Boolean));
const ALLOWED_MANAGE_KEYS_RAW = JSON.parse('{{ allowed_manage_keys_json|default:"[]"|escapejs }}');
const ALLOWED_MANAGE_KEYS_SET = new Set((Array.isArray(ALLOWED_MANAGE_KEYS_RAW) ? ALLOWED_MANAGE_KEYS_RAW : []).map(v => String(v || '').trim()).filter(Boolean));
function getCookie(name){const v=`; ${document.cookie}`;const p=v.split(`; ${name}=`);if(p.length===2) return p.pop().split(';').shift();}
async function loadKeys(){
const resp=await fetch('/elastic/registration-codes/keys/');
@@ -48,8 +58,17 @@
keySel.innerHTML=''; mkeySel.innerHTML='';
opts.forEach(k=>{
const o=document.createElement('option'); o.value=k; o.textContent=k; keySel.appendChild(o);
const o2=document.createElement('option'); o2.value=k; o2.textContent=k; mkeySel.appendChild(o2);
const o2=document.createElement('option'); o2.value=k; o2.textContent=k;
if ((!IS_ADMIN) && HAS_MANAGE_KEY) {
const v = String(k || '').trim();
if (v && !ALLOWED_MANAGE_KEYS_SET.has(v)) o2.disabled = true;
}
mkeySel.appendChild(o2);
});
if ((!IS_ADMIN) && HAS_MANAGE_KEY) {
Array.from(keySel.options).forEach(o => { if (MY_KEYS_SET.has(String(o.value || '').trim())) o.selected = true; });
Array.from(mkeySel.options).forEach(o => { o.selected = false; });
}
}
async function addKey(){
const keyName=(document.getElementById('newKey').value||'').trim();
@@ -58,7 +77,12 @@
const resp=await fetch('/elastic/registration-codes/keys/add/',{method:'POST',credentials:'same-origin',headers:{'Content-Type':'application/json','X-CSRFToken':csrftoken||''},body:JSON.stringify({key:keyName})});
const data=await resp.json();
const msg=document.getElementById('msg');
if(resp.ok && data.status==='success'){msg.textContent='新增key成功'; msg.className='notice success'; msg.style.display='block'; document.getElementById('newKey').value=''; loadKeys();}
if(resp.ok && data.status==='success'){
if ((!IS_ADMIN) && HAS_MANAGE_KEY) {
ALLOWED_MANAGE_KEYS_SET.add(keyName);
}
msg.textContent='新增key成功'; msg.className='notice success'; msg.style.display='block'; document.getElementById('newKey').value=''; loadKeys();
}
else{msg.textContent=data.message||'新增失败'; msg.className='notice error'; msg.style.display='block';}
}
async function deleteSelectedKey(){
@@ -72,20 +96,28 @@
alert('请先在下方列表中选择一个要删除的Key');
return;
}
if ((!IS_ADMIN) && HAS_MANAGE_KEY) {
const v = String(selectedKey || '').trim();
if (!v || !ALLOWED_MANAGE_KEYS_SET.has(v)) {
const msg=document.getElementById('msg');
msg.textContent='只能删除自己新增的 key';
msg.className='notice error';
msg.style.display='block';
return;
}
}
if(!confirm(`确定要全局删除Key \"${selectedKey}\" 吗?\n该操作将:\n1. 从全局可选Key列表中移除\n2. 从所有包含此Key的注册码中同步清除\n此操作不可恢复!`)) return;
const ov=document.getElementById('overlay'); ov.style.display='flex';
const csrftoken=getCookie('csrftoken');
const resp=await fetch('/elastic/registration-codes/keys/remove/',{
method:'POST',
credentials:'same-origin',
headers:{'Content-Type':'application/json','X-CSRFToken':csrftoken||''},
body:JSON.stringify({key:selectedKey})
});
const url = '/elastic/registration-codes/keys/remove/';
const resp=await fetch(url,{method:'POST',credentials:'same-origin',headers:{'Content-Type':'application/json','X-CSRFToken':csrftoken||''},body:JSON.stringify({key:selectedKey})});
const data=await resp.json();
const msg=document.getElementById('msg');
if(resp.ok && data.status==='success'){
if ((!IS_ADMIN) && HAS_MANAGE_KEY) {
ALLOWED_MANAGE_KEYS_SET.delete(String(selectedKey||'').trim());
}
msg.textContent = data.message || '删除成功';
msg.className='notice success';
msg.style.display='block';
@@ -98,14 +130,51 @@
}
ov.style.display='none';
}
function selectedValues(sel){return Array.from(sel.selectedOptions).map(o=>o.value);}
function enableToggleSelect(sel){ sel.addEventListener('mousedown',function(e){ if(e.target && e.target.tagName==='OPTION'){ e.preventDefault(); const op=e.target; op.selected=!op.selected; this.dispatchEvent(new Event('change',{bubbles:true})); } }); }
function clearSelection(id){ const sel=document.getElementById(id); Array.from(sel.options).forEach(o=>o.selected=false); }
function selectedValues(sel){return Array.from(sel.selectedOptions).map(o=>o.value);}
function enableToggleSelect(sel){
sel.addEventListener('mousedown', function(e){
if(e.target && e.target.tagName==='OPTION'){
e.preventDefault();
const op=e.target;
if (op.disabled) return;
op.selected = !op.selected;
this.dispatchEvent(new Event('change',{bubbles:true}));
}
});
}
function clearSelection(id){
const sel=document.getElementById(id);
Array.from(sel.options).forEach(o=>{ o.selected = false; });
}
async function generateCode(){
const ov=document.getElementById('overlay'); ov.style.display='flex';
const csrftoken=getCookie('csrftoken');
const keys=selectedValues(document.getElementById('keys'));
const manageKeys=selectedValues(document.getElementById('manageKeys'));
const keySel = document.getElementById('keys');
let keys=selectedValues(keySel);
if ((!IS_ADMIN) && HAS_MANAGE_KEY) {
const selected = new Set(keys.map(k=>String(k||'').trim()).filter(Boolean));
const missing = Array.from(MY_KEYS_SET).filter(k => !selected.has(k));
if (missing.length) {
const msg=document.getElementById('msg');
msg.textContent = `必须选择导师原有的 key${missing.join('、')}`;
msg.className='notice error';
msg.style.display='block';
ov.style.display='none';
return;
}
}
let manageKeys=selectedValues(document.getElementById('manageKeys'));
if ((!IS_ADMIN) && HAS_MANAGE_KEY) {
const hasForbidden = manageKeys.some(k => !ALLOWED_MANAGE_KEYS_SET.has(String(k || '').trim()));
if (hasForbidden) {
const msg=document.getElementById('msg');
msg.textContent='manage_key 只能选择本页新增的 key';
msg.className='notice error';
msg.style.display='block';
ov.style.display='none';
return;
}
}
const mode=document.getElementById('expireMode').value;
let days=30; if(mode==='month') days=30; else if(mode==='fouryears') days=1460; else { const d=parseInt(document.getElementById('customDays').value||'30'); days=isNaN(d)?30:Math.max(1,d);}
const resp=await fetch('/elastic/registration-codes/generate/',{method:'POST',credentials:'same-origin',headers:{'Content-Type':'application/json','X-CSRFToken':csrftoken||''},body:JSON.stringify({keys,manage_keys:manageKeys,expires_in_days:days})});
@@ -138,7 +207,12 @@
function formatDate(t){ if(!t) return ''; try{ const d = new Date(t); if(String(d)!='Invalid Date'){ const p=n=>String(n).padStart(2,'0'); return `${d.getFullYear()}-${p(d.getMonth()+1)}-${p(d.getDate())} ${p(d.getHours())}:${p(d.getMinutes())}`;} }catch(e){} return ''; }
async function revokeCode(code){ const csrftoken=getCookie('csrftoken'); const resp=await fetch('/elastic/registration-codes/revoke/',{method:'POST',credentials:'same-origin',headers:{'Content-Type':'application/json','X-CSRFToken':csrftoken||''},body:JSON.stringify({code})}); const msg=document.getElementById('msg'); const data=await resp.json(); if(resp.ok && data.status==='success'){ msg.textContent='已作废'; msg.className='notice success'; msg.style.display='block'; loadCodes(); } else { msg.textContent=data.message||'作废失败'; msg.className='notice error'; msg.style.display='block'; } }
document.addEventListener('click',function(e){ const btn=e.target; if(btn && btn.matches('button[data-code]')){ revokeCode(btn.getAttribute('data-code')); }});
document.addEventListener('DOMContentLoaded',()=>{loadKeys(); enableToggleSelect(document.getElementById('keys')); enableToggleSelect(document.getElementById('manageKeys')); loadCodes();});
document.addEventListener('DOMContentLoaded',()=>{
loadKeys();
enableToggleSelect(document.getElementById('keys'));
enableToggleSelect(document.getElementById('manageKeys'));
loadCodes();
});
</script>
</head>
<body>
@@ -155,16 +229,20 @@
<div class="main">
<div class="card fade-in">
<h2>管理注册码</h2>
{% if is_admin or has_manage_key or can_manage_registration_codes %}
<div class="row">
<div class="col">
<label>管理 Key</label>
<div style="display:flex; gap:8px;">
<input id="newKey" type="text" placeholder="输入新的key进行新增或在下方选择后删除" style="flex: 1;" />
<button class="btn btn-secondary" onclick="addKey()">新增 Key</button>
{% if is_admin or has_manage_key %}
<button class="btn btn-danger" onclick="deleteSelectedKey()">删除选中 Key</button>
{% endif %}
</div>
</div>
</div>
{% endif %}
<div class="row" style="margin-top:12px;">
<div class="col">
<label>选择 keys</label>
@@ -384,4 +462,4 @@
loadRecent();
</script>
</body>
</html>
</html>

333
elastic/templates/elastic/users.html
View File

@@ -163,7 +163,7 @@
.modal-content {
background-color: white;
margin: 10% auto;
margin: 6% auto;
padding: 20px;
border-radius: 8px;
width: 80%;
@@ -207,6 +207,71 @@
margin-top: 5px;
text-align: center;
}
.keys-box {
max-height: 140px;
overflow: auto;
border: 1px solid #d1d5db;
border-radius: 6px;
padding: 8px 10px;
background: #fff;
}
.key-item {
display: flex;
align-items: center;
gap: 8px;
padding: 4px 0;
font-size: 14px;
color: #111827;
user-select: none;
}
.key-item input[type="checkbox"] {
width: auto;
padding: 0;
margin: 0;
}
.key-edit-row {
display: flex;
gap: 10px;
align-items: center;
}
.selected-keys {
display: flex;
flex-wrap: wrap;
gap: 8px;
margin-top: 10px;
}
.key-tag {
display: inline-flex;
align-items: center;
gap: 8px;
padding: 6px 10px;
border-radius: 999px;
background: #eef2ff;
color: #1f2937;
border: 1px solid #c7d2fe;
font-size: 13px;
}
.key-tag button {
border: none;
background: transparent;
cursor: pointer;
color: #4b5563;
font-size: 14px;
line-height: 1;
}
.key-tag.locked {
background: #f3f4f6;
border: 1px solid #e5e7eb;
color: #374151;
}
</style>
</head>
<body>
@@ -306,7 +371,7 @@
<label for="username">用户名</label>
<input type="text" id="username" name="username" required>
</div>
<div class="form-group">
<div class="form-group" id="permissionGroup">
<label for="permission">权限</label>
<select id="permission" name="permission" required>
<option value="0">管理员</option>
@@ -314,6 +379,28 @@
</select>
</div>
</div>
<div class="form-group">
<label>Key从已有 Key 中选择)</label>
<div class="key-edit-row">
<select id="userKeySelect"></select>
<button type="button" id="addUserKeyBtn" class="btn btn-primary">添加</button>
<button type="button" id="clearUserKeyBtn" class="btn">清空</button>
</div>
<div id="userKeysSelected" class="selected-keys"></div>
<div id="userKeysReadonlyGroup" style="display:none; margin-top: 10px;">
<div style="font-weight: 600; color: #374151; font-size: 13px; margin-bottom: 6px;">导师Key不可修改</div>
<div id="userKeysReadonly" class="selected-keys"></div>
</div>
</div>
<div class="form-group" id="manageKeyGroup">
<label>Manage Key从已有 Key 中选择)</label>
<div class="key-edit-row">
<select id="userManageKeySelect"></select>
<button type="button" id="addUserManageKeyBtn" class="btn btn-primary">添加</button>
<button type="button" id="clearUserManageKeyBtn" class="btn">清空</button>
</div>
<div id="userManageKeysSelected" class="selected-keys"></div>
</div>
<div class="form-group">
<label for="password">密码</label>
<input type="password" id="password" name="password" required>
@@ -340,6 +427,14 @@
</div>
<script>
const IS_ADMIN = {{ is_admin|yesno:"true,false" }};
const IS_TUTOR = {{ is_tutor|yesno:"true,false" }};
const MY_MANAGE_KEYS_RAW = JSON.parse('{{ manage_keys_json|default:"[]"|escapejs }}');
const MY_KEYS_RAW = JSON.parse('{{ my_keys_json|default:"[]"|escapejs }}');
let KEY_OPTIONS_CACHE = null;
let MODAL_SELECTED_KEYS = [];
let MODAL_SELECTED_MANAGE_KEYS = [];
// 获取CSRF令牌的函数
function getCookie(name) {
const value = `; ${document.cookie}`;
@@ -430,10 +525,7 @@
if (!select) return;
select.innerHTML = '<option value="">全部Key</option>';
try {
const resp = await fetch('/elastic/keys-for-filter/', { credentials: 'same-origin' });
const data = await resp.json();
if (data.status !== 'success') return;
const keys = data.data || [];
const keys = await fetchKeyOptions();
keys.forEach(k => {
const opt = document.createElement('option');
opt.value = String(k || '').trim();
@@ -448,22 +540,205 @@
});
}
function normalizeStr(v) {
return String(v || '').trim();
}
const MY_MANAGE_KEYS = (Array.isArray(MY_MANAGE_KEYS_RAW) ? MY_MANAGE_KEYS_RAW : [])
.map(normalizeStr)
.filter(Boolean);
const MY_MANAGE_KEYS_SET = new Set(MY_MANAGE_KEYS);
const MY_KEYS = (Array.isArray(MY_KEYS_RAW) ? MY_KEYS_RAW : [])
.map(normalizeStr)
.filter(Boolean);
const MY_KEYS_SET = new Set(MY_KEYS);
async function fetchKeyOptions() {
if (Array.isArray(KEY_OPTIONS_CACHE)) return KEY_OPTIONS_CACHE;
try {
const resp = await fetch('/elastic/keys-for-filter/', { credentials: 'same-origin' });
const data = await resp.json();
if (data.status !== 'success') return [];
const keys = (data.data || []).map(normalizeStr).filter(Boolean);
KEY_OPTIONS_CACHE = keys;
return keys;
} catch (e) {
return [];
}
}
function setSelectOptions(selectId, options) {
const select = document.getElementById(selectId);
if (!select) return;
select.innerHTML = '<option value="">请选择Key</option>';
(options || []).forEach(k => {
const s = normalizeStr(k);
if (!s) return;
const opt = document.createElement('option');
opt.value = s;
opt.textContent = s;
select.appendChild(opt);
});
}
function setSelectOptionsMixed(selectId, enabledOptions, disabledOptions) {
const select = document.getElementById(selectId);
if (!select) return;
select.innerHTML = '<option value="">请选择Key</option>';
(enabledOptions || []).forEach(k => {
const s = normalizeStr(k);
if (!s) return;
const opt = document.createElement('option');
opt.value = s;
opt.textContent = s;
select.appendChild(opt);
});
(disabledOptions || []).forEach(k => {
const s = normalizeStr(k);
if (!s) return;
const opt = document.createElement('option');
opt.value = s;
opt.textContent = s;
opt.disabled = true;
select.appendChild(opt);
});
}
function renderSelectedTags(containerId, selectedArr) {
const container = document.getElementById(containerId);
if (!container) return;
container.innerHTML = '';
(selectedArr || []).forEach(k => {
const tag = document.createElement('span');
tag.className = 'key-tag';
const text = document.createElement('span');
text.textContent = k;
const btn = document.createElement('button');
btn.type = 'button';
btn.textContent = '×';
btn.addEventListener('click', () => {
const idx = selectedArr.indexOf(k);
if (idx >= 0) selectedArr.splice(idx, 1);
renderSelectedTags(containerId, selectedArr);
});
tag.appendChild(text);
tag.appendChild(btn);
container.appendChild(tag);
});
}
function renderReadonlyTags(containerId, keysArr) {
const container = document.getElementById(containerId);
if (!container) return;
container.innerHTML = '';
(keysArr || []).forEach(k => {
const tag = document.createElement('span');
tag.className = 'key-tag locked';
const text = document.createElement('span');
text.textContent = k;
tag.appendChild(text);
container.appendChild(tag);
});
}
function setReadonlyKeysVisible(visible) {
const group = document.getElementById('userKeysReadonlyGroup');
if (group) group.style.display = visible ? '' : 'none';
}
function setKeyEditorDisabled(prefix, disabled) {
const select = document.getElementById(prefix + 'Select');
const addBtn = document.getElementById('add' + prefix.charAt(0).toUpperCase() + prefix.slice(1) + 'Btn');
const clearBtn = document.getElementById('clear' + prefix.charAt(0).toUpperCase() + prefix.slice(1) + 'Btn');
if (select) select.disabled = !!disabled;
if (addBtn) addBtn.disabled = !!disabled;
if (clearBtn) clearBtn.disabled = !!disabled;
}
function addFromSelect(selectId, selectedArr, renderId) {
const select = document.getElementById(selectId);
if (!select) return;
const v = normalizeStr(select.value);
if (!v) return;
if (!selectedArr.includes(v)) selectedArr.push(v);
renderSelectedTags(renderId, selectedArr);
}
function clearSelected(selectedArr, renderId) {
selectedArr.length = 0;
renderSelectedTags(renderId, selectedArr);
}
// 打开添加用户模态框
function openAddModal() {
async function openAddModal() {
document.getElementById('modalTitle').textContent = '添加用户';
document.getElementById('userForm').reset();
document.getElementById('userId').value = '';
document.getElementById('username').disabled = false;
document.getElementById('permission').disabled = false;
document.getElementById('permissionGroup').style.display = '';
document.getElementById('manageKeyGroup').style.display = '';
const options = await fetchKeyOptions();
if ((!IS_ADMIN) && IS_TUTOR) {
const enabled = (options || []).map(normalizeStr).filter(k => k && !MY_KEYS_SET.has(k));
setSelectOptionsMixed('userKeySelect', enabled, MY_KEYS);
} else {
setSelectOptions('userKeySelect', options);
}
setSelectOptions('userManageKeySelect', options);
MODAL_SELECTED_KEYS = [];
MODAL_SELECTED_MANAGE_KEYS = [];
renderSelectedTags('userKeysSelected', MODAL_SELECTED_KEYS);
renderSelectedTags('userManageKeysSelected', MODAL_SELECTED_MANAGE_KEYS);
setReadonlyKeysVisible(false);
renderReadonlyTags('userKeysReadonly', []);
setKeyEditorDisabled('userKey', false);
setKeyEditorDisabled('userManageKey', false);
document.getElementById('password').required = true;
document.getElementById('confirmPassword').required = true;
document.getElementById('userModal').style.display = 'block';
}
// 打开编辑用户模态框
function openEditModal(user) {
async function openEditModal(user) {
document.getElementById('modalTitle').textContent = '编辑用户';
document.getElementById('username').value = user.username;
document.getElementById('userId').value = user.user_id;
document.getElementById('permission').value = user.permission;
const options = await fetchKeyOptions();
setSelectOptions('userManageKeySelect', options);
const allUserKeys = (Array.isArray(user.key) ? user.key : (user.key ? [user.key] : [])).map(normalizeStr).filter(Boolean);
const lockedKeys = allUserKeys.filter(k => MY_KEYS_SET.has(k));
if ((!IS_ADMIN) && IS_TUTOR) {
const enabled = (options || []).map(normalizeStr).filter(k => k && !MY_KEYS_SET.has(k));
setSelectOptionsMixed('userKeySelect', enabled, MY_KEYS);
} else {
setSelectOptions('userKeySelect', options);
}
MODAL_SELECTED_KEYS = IS_ADMIN ? allUserKeys : allUserKeys.filter(k => !MY_KEYS_SET.has(k));
MODAL_SELECTED_MANAGE_KEYS = (Array.isArray(user.manage_key) ? user.manage_key : (user.manage_key ? [user.manage_key] : [])).map(normalizeStr).filter(Boolean);
MODAL_SELECTED_KEYS = Array.from(new Set(MODAL_SELECTED_KEYS));
MODAL_SELECTED_MANAGE_KEYS = Array.from(new Set(MODAL_SELECTED_MANAGE_KEYS));
renderSelectedTags('userKeysSelected', MODAL_SELECTED_KEYS);
renderSelectedTags('userManageKeysSelected', MODAL_SELECTED_MANAGE_KEYS);
setReadonlyKeysVisible((!IS_ADMIN) && IS_TUTOR && lockedKeys.length > 0);
renderReadonlyTags('userKeysReadonly', ((!IS_ADMIN) && IS_TUTOR) ? Array.from(new Set(lockedKeys)) : []);
if (IS_ADMIN) {
document.getElementById('username').disabled = false;
document.getElementById('permission').disabled = false;
document.getElementById('permissionGroup').style.display = '';
document.getElementById('manageKeyGroup').style.display = '';
setKeyEditorDisabled('userKey', false);
setKeyEditorDisabled('userManageKey', false);
} else {
document.getElementById('username').disabled = true;
document.getElementById('permission').disabled = true;
document.getElementById('permissionGroup').style.display = 'none';
document.getElementById('manageKeyGroup').style.display = 'none';
setKeyEditorDisabled('userKey', !IS_TUTOR);
setKeyEditorDisabled('userManageKey', true);
}
document.getElementById('password').required = false;
document.getElementById('confirmPassword').required = false;
document.getElementById('userModal').style.display = 'block';
@@ -499,10 +774,15 @@
return;
}
const data = {
username: username,
permission: parseInt(permission)
};
const data = {};
if (IS_ADMIN) {
data.username = username;
data.permission = parseInt(permission);
data.key = MODAL_SELECTED_KEYS;
data.manage_key = MODAL_SELECTED_MANAGE_KEYS;
} else {
data.key = MODAL_SELECTED_KEYS;
}
if (password) {
data.password = password;
@@ -539,7 +819,9 @@
if (result.status === 'success') {
showNotification(userId ? '用户更新成功' : '用户添加成功');
document.getElementById('userModal').style.display = 'none';
loadUsers();
const searchTerm = (document.getElementById('searchInput') || {}).value || '';
const key = (document.getElementById('keyFilter') || {}).value || '';
loadUsers(searchTerm, key);
} else {
showNotification(result.message || '操作失败', false);
}
@@ -624,6 +906,31 @@
});
}
const addUserKeyBtn = document.getElementById('addUserKeyBtn');
if (addUserKeyBtn) {
addUserKeyBtn.addEventListener('click', function() {
addFromSelect('userKeySelect', MODAL_SELECTED_KEYS, 'userKeysSelected');
});
}
const clearUserKeyBtn = document.getElementById('clearUserKeyBtn');
if (clearUserKeyBtn) {
clearUserKeyBtn.addEventListener('click', function() {
clearSelected(MODAL_SELECTED_KEYS, 'userKeysSelected');
});
}
const addUserManageKeyBtn = document.getElementById('addUserManageKeyBtn');
if (addUserManageKeyBtn) {
addUserManageKeyBtn.addEventListener('click', function() {
addFromSelect('userManageKeySelect', MODAL_SELECTED_MANAGE_KEYS, 'userManageKeysSelected');
});
}
const clearUserManageKeyBtn = document.getElementById('clearUserManageKeyBtn');
if (clearUserManageKeyBtn) {
clearUserManageKeyBtn.addEventListener('click', function() {
clearSelected(MODAL_SELECTED_MANAGE_KEYS, 'userManageKeysSelected');
});
}
// 点击模态框外部关闭模态框
window.addEventListener('click', function(event) {
const modals = document.querySelectorAll('.modal');

1
elastic/urls.py
View File

@@ -38,6 +38,7 @@ urlpatterns = [
path('registration-codes/keys/', views.get_keys_list_view, name='get_keys_list'),
path('registration-codes/keys/add/', views.add_key_view, name='add_key'),
path('registration-codes/keys/remove/', views.remove_key_view, name='remove_key'),
path('registration-codes/keys/unallow/', views.unallow_tutor_added_key_view, name='unallow_tutor_added_key'),
path('registration-codes/generate/', views.generate_registration_code_view, name='generate_registration_code'),
path('registration-codes/list/', views.list_registration_codes_view, name='list_registration_codes'),
path('registration-codes/revoke/', views.revoke_registration_code_view, name='revoke_registration_code'),

277
elastic/views.py
View File

@@ -489,6 +489,8 @@ def update_user_by_id_view(request, user_id):
new_username = (payload.get("username") or "").strip()
new_permission = payload.get("permission")
new_password = (payload.get("password") or "").strip()
raw_keys = payload.get("key", None)
raw_manage_keys = payload.get("manage_key", None)
if new_password and len(new_password) < 6:
return JsonResponse({"status": "error", "message": "密码长度至少为6位"}, status=400)
@@ -498,6 +500,28 @@ def update_user_by_id_view(request, user_id):
requester_mgr = set(requester.get("manage_key") or [])
target_keys = set(target.get("key") or [])
def normalize_keys(v):
if v is None:
return None
if isinstance(v, list):
parts = v
elif isinstance(v, str):
parts = re.split(r"[,;;、\r\n]+", v)
else:
parts = [v]
out = []
seen = set()
for p in parts:
s = str(p).strip().strip(";")
if not s or s in seen:
continue
seen.add(s)
out.append(s)
return out
new_keys = normalize_keys(raw_keys)
new_manage_keys = normalize_keys(raw_manage_keys)
if is_admin:
if new_username:
other = get_user_by_username(new_username)
@@ -508,6 +532,8 @@ def update_user_by_id_view(request, user_id):
username=new_username if new_username else None,
permission=int(new_permission) if new_permission is not None else None,
password=new_password if new_password else None,
key=new_keys,
manage_key=new_manage_keys,
)
return JsonResponse({"status": "success"}) if ok else JsonResponse({"status": "error", "message": "用户更新失败"}, status=500)
@@ -518,9 +544,25 @@ def update_user_by_id_view(request, user_id):
return JsonResponse({"status": "success"}) if ok else JsonResponse({"status": "error", "message": "用户更新失败"}, status=500)
if requester_mgr and (target_keys & requester_mgr):
if not new_password or new_username or new_permission is not None:
return JsonResponse({"status": "error", "message": "导师仅允许修改密码"}, status=403)
ok = es_update_user_by_id(user_id, password=new_password)
if new_username or new_permission is not None or new_manage_keys is not None:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
if not new_password and new_keys is None:
return JsonResponse({"status": "error", "message": "缺少更新内容"}, status=400)
merged_keys = None
if new_keys is not None:
try:
new_keys_set = set(new_keys)
except Exception:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
requester_locked = set(normalize_keys(requester.get("key")) or [])
if new_keys_set & requester_locked:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
existing_keys = [str(v).strip() for v in list(target.get("key") or []) if str(v).strip()]
preserved = [k for k in existing_keys if k in requester_locked]
merged_keys = preserved + [str(v).strip() for v in list(new_keys) if str(v).strip() and str(v).strip() not in requester_locked]
seen = set()
merged_keys = [k for k in merged_keys if not (k in seen or seen.add(k))]
ok = es_update_user_by_id(user_id, password=new_password if new_password else None, key=merged_keys)
return JsonResponse({"status": "success"}) if ok else JsonResponse({"status": "error", "message": "用户更新失败"}, status=500)
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
@@ -1019,17 +1061,39 @@ def analytics_recent_view(request):
@require_http_methods(["POST"])
@csrf_protect
def remove_key_view(request):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
is_admin = int(request.session.get("permission", 1)) == 0
try:
payload = json.loads(request.body.decode("utf-8"))
key_to_remove = payload.get("key")
if not key_to_remove:
return JsonResponse({"status": "error", "message": "缺少key参数"}, status=400)
key_to_remove = str(key_to_remove).strip()
if not key_to_remove:
return JsonResponse({"status": "error", "message": "缺少key参数"}, status=400)
if not is_admin:
me = get_user_by_id(request.session.get("user_id")) or {}
if not (me.get("manage_key") or []):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
allowed = {str(x).strip() for x in list(request.session.get("tutor_added_manage_keys") or []) if str(x).strip()}
if key_to_remove not in allowed:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
from .es_connect import delete_key_globally
ok, count = delete_key_globally(key_to_remove)
if ok:
if not is_admin:
cur = [str(x).strip() for x in list(request.session.get("tutor_added_manage_keys") or []) if str(x).strip()]
cur = [k for k in cur if k != key_to_remove]
request.session["tutor_added_manage_keys"] = cur
try:
request.session.modified = True
except Exception:
pass
return JsonResponse({"status": "success", "message": f"已成功全局删除 Key '{key_to_remove}',并同步清理了 {count} 个注册码。"})
else:
return JsonResponse({"status": "error", "message": "删除失败"}, status=500)
@@ -1039,6 +1103,35 @@ def remove_key_view(request):
except Exception as e:
return JsonResponse({"status": "error", "message": str(e)}, status=500)
@require_http_methods(["POST"])
@csrf_protect
def unallow_tutor_added_key_view(request):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if int(request.session.get("permission", 1)) == 0:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
me = get_user_by_id(request.session.get("user_id")) or {}
if not (me.get("manage_key") or []):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
try:
payload = json.loads(request.body.decode("utf-8"))
except Exception:
return JsonResponse({"status": "error", "message": "JSON无效"}, status=400)
key_name = (payload.get("key") or "").strip()
if not key_name:
return JsonResponse({"status": "error", "message": "key不能为空"}, status=400)
cur = list(request.session.get("tutor_added_manage_keys") or [])
cur = [str(x).strip() for x in cur if str(x).strip()]
if key_name not in cur:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
cur = [k for k in cur if k != key_name]
request.session["tutor_added_manage_keys"] = cur
try:
request.session.modified = True
except Exception:
pass
return JsonResponse({"status": "success"})
@require_http_methods(["GET"])
@ensure_csrf_cookie
def user_manage(request):
@@ -1049,6 +1142,15 @@ def user_manage(request):
is_admin = int(request.session.get("permission", 1)) == 0
me = get_user_by_id(session_user_id) or {}
has_manage = bool(me.get("manage_key"))
manage_keys = list(me.get("manage_key") or [])
raw_my_keys = me.get("key") or []
if isinstance(raw_my_keys, list):
my_keys = raw_my_keys
elif isinstance(raw_my_keys, str):
my_keys = re.split(r"[,;;、\r\n]+", raw_my_keys)
else:
my_keys = [raw_my_keys]
my_keys = [str(x).strip() for x in my_keys if str(x).strip()]
user_id_qs = request.GET.get("user_id")
context = {
"user_id": user_id_qs or session_user_id,
@@ -1056,6 +1158,8 @@ def user_manage(request):
"is_admin": is_admin,
"is_tutor": (not is_admin) and has_manage,
"is_student": (not is_admin) and (not has_manage),
"manage_keys_json": json.dumps(manage_keys, ensure_ascii=False),
"my_keys_json": json.dumps(my_keys, ensure_ascii=False),
}
return render(request, "elastic/users.html", context)
@@ -1066,14 +1170,36 @@ def registration_code_manage_page(request):
if session_user_id is None:
from django.shortcuts import redirect
return redirect("/accounts/login/")
if int(request.session.get("permission", 1)) != 0:
is_admin = int(request.session.get("permission", 1)) == 0
me = get_user_by_id(session_user_id) or {}
has_manage = bool(me.get("manage_key"))
can_manage_reg = int(me.get("can_manage_registration_codes") or 0) == 1
if (not is_admin) and (not has_manage) and (not can_manage_reg):
from django.shortcuts import redirect
return redirect("/main/home/")
user_id_qs = request.GET.get("user_id")
me = get_user_by_id(session_user_id) or {}
raw_my_keys = me.get("key") or []
if isinstance(raw_my_keys, list):
my_keys = raw_my_keys
elif isinstance(raw_my_keys, str):
my_keys = re.split(r"[,;;、\r\n]+", raw_my_keys)
else:
my_keys = [raw_my_keys]
my_keys = [str(x).strip() for x in my_keys if str(x).strip()]
if can_manage_reg and (not has_manage) and (not is_admin):
allowed_manage_keys = [str(x).strip() for x in list(me.get("registration_manage_keys") or []) if str(x).strip()]
else:
allowed_manage_keys = list(request.session.get("tutor_added_manage_keys") or [])
allowed_manage_keys = [str(x).strip() for x in allowed_manage_keys if str(x).strip()]
context = {
"user_id": user_id_qs or session_user_id,
"username": me.get("username"),
"is_admin": is_admin,
"has_manage_key": has_manage,
"can_manage_registration_codes": can_manage_reg,
"my_keys_json": json.dumps(my_keys, ensure_ascii=False),
"manage_keys_json": json.dumps(list(me.get("manage_key") or []), ensure_ascii=False),
"allowed_manage_keys_json": json.dumps(allowed_manage_keys, ensure_ascii=False),
}
return render(request, "elastic/registration_codes.html", context)
@@ -1081,8 +1207,16 @@ def registration_code_manage_page(request):
def get_keys_list_view(request):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if int(request.session.get("permission", 1)) != 0:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
is_admin = int(request.session.get("permission", 1)) == 0
if not is_admin:
me = get_user_by_id(request.session.get("user_id")) or {}
has_manage = bool(me.get("manage_key") or [])
can_manage_reg = int(me.get("can_manage_registration_codes") or 0) == 1
if (not has_manage) and (not can_manage_reg):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
if can_manage_reg and (not has_manage):
lst = [str(x).strip() for x in list(me.get("registration_manage_keys") or []) if str(x).strip()]
return JsonResponse({"status": "success", "data": lst})
lst = get_keys_list()
return JsonResponse({"status": "success", "data": lst})
@@ -1091,8 +1225,13 @@ def get_keys_list_view(request):
def add_key_view(request):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if int(request.session.get("permission", 1)) != 0:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
is_admin = int(request.session.get("permission", 1)) == 0
if not is_admin:
me = get_user_by_id(request.session.get("user_id")) or {}
has_manage = bool(me.get("manage_key") or [])
can_manage_reg = int(me.get("can_manage_registration_codes") or 0) == 1
if (not has_manage) and (not can_manage_reg):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
try:
payload = json.loads(request.body.decode("utf-8"))
except Exception:
@@ -1100,9 +1239,29 @@ def add_key_view(request):
key_name = (payload.get("key") or "").strip()
if not key_name:
return JsonResponse({"status": "error", "message": "key不能为空"}, status=400)
cur_global = set(get_keys_list() or [])
if key_name in cur_global:
return JsonResponse({"status": "error", "message": "key已存在"}, status=409)
ok = ensure_key_in_list(key_name)
if not ok:
return JsonResponse({"status": "error", "message": "key已存在或写入失败"}, status=409)
return JsonResponse({"status": "error", "message": "写入失败"}, status=500)
if not is_admin:
uid = request.session.get("user_id")
if has_manage:
cur = list(request.session.get("tutor_added_manage_keys") or [])
cur = [str(x).strip() for x in cur if str(x).strip()]
if key_name not in cur:
cur.append(key_name)
request.session["tutor_added_manage_keys"] = cur
try:
request.session.modified = True
except Exception:
pass
elif can_manage_reg:
cur = [str(x).strip() for x in list((me or {}).get("registration_manage_keys") or []) if str(x).strip()]
if key_name not in cur:
cur.append(key_name)
es_update_user_by_id(uid, registration_manage_keys=cur)
return JsonResponse({"status": "success"})
@require_http_methods(["POST"])
@@ -1110,19 +1269,89 @@ def add_key_view(request):
def generate_registration_code_view(request):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if int(request.session.get("permission", 1)) != 0:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
uid = request.session.get("user_id")
is_admin = int(request.session.get("permission", 1)) == 0
if not is_admin:
me = get_user_by_id(uid) or {}
has_manage = bool(me.get("manage_key") or [])
can_manage_reg = int(me.get("can_manage_registration_codes") or 0) == 1
if (not has_manage) and (not can_manage_reg):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
try:
payload = json.loads(request.body.decode("utf-8"))
except Exception:
return JsonResponse({"status": "error", "message": "JSON无效"}, status=400)
keys = list(payload.get("keys") or [])
manage_keys = list(payload.get("manage_keys") or [])
if not is_admin:
if has_manage:
my_keys = []
try:
my_keys = [str(x).strip() for x in list((me or {}).get("key") or []) if str(x).strip()]
except Exception:
my_keys = []
allowed_manage = set()
try:
allowed_manage = {str(x).strip() for x in list(request.session.get("tutor_added_manage_keys") or []) if str(x).strip()}
except Exception:
allowed_manage = set()
normalized_keys = []
seen = set()
for v in list(keys or []):
s = str(v).strip()
if not s or s in seen:
continue
seen.add(s)
normalized_keys.append(s)
missing = [k for k in my_keys if k not in seen]
if missing:
return JsonResponse(
{"status": "error", "message": f"必须选择导师原有的 key{''.join(missing)}"},
status=400,
)
keys = normalized_keys
clean_manage = []
manage_seen = set()
for v in list(manage_keys or []):
s = str(v).strip()
if not s or s in manage_seen:
continue
if s not in allowed_manage:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
manage_seen.add(s)
clean_manage.append(s)
manage_keys = clean_manage
else:
allowed = {str(x).strip() for x in list((me or {}).get("registration_manage_keys") or []) if str(x).strip()}
norm_keys = []
seen = set()
for v in list(keys or []):
s = str(v).strip()
if not s or s in seen:
continue
if s not in allowed:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
seen.add(s)
norm_keys.append(s)
if not norm_keys:
return JsonResponse({"status": "error", "message": "至少选择一个 key"}, status=400)
keys = norm_keys
clean_manage = []
manage_seen = set()
for v in list(manage_keys or []):
s = str(v).strip()
if not s or s in manage_seen:
continue
if s not in allowed:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
manage_seen.add(s)
clean_manage.append(s)
manage_keys = clean_manage
try:
days = int(payload.get("expires_in_days", 30))
except Exception:
days = 30
result = generate_registration_code(keys=keys, manage_keys=manage_keys, expires_in_days=days, created_by=request.session.get("user_id"))
result = generate_registration_code(keys=keys, manage_keys=manage_keys, expires_in_days=days, created_by=uid)
if not result:
return JsonResponse({"status": "error", "message": "生成失败"}, status=500)
return JsonResponse({"status": "success", "data": result})
@@ -1131,9 +1360,15 @@ def generate_registration_code_view(request):
def list_registration_codes_view(request):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if int(request.session.get("permission", 1)) != 0:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
uid = request.session.get("user_id")
is_admin = int(request.session.get("permission", 1)) == 0
if not is_admin:
me = get_user_by_id(uid) or {}
if (not (me.get("manage_key") or [])) and (int(me.get("can_manage_registration_codes") or 0) != 1):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
data = list_registration_codes()
if not is_admin:
data = [it for it in (data or []) if str(it.get("created_by")) == str(uid)]
return JsonResponse({"status": "success", "data": data})
@@ -1198,8 +1433,12 @@ def keys_for_filter_view(request):
def revoke_registration_code_view(request):
if request.session.get("user_id") is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if int(request.session.get("permission", 1)) != 0:
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
uid = request.session.get("user_id")
is_admin = int(request.session.get("permission", 1)) == 0
if not is_admin:
me = get_user_by_id(uid) or {}
if (not (me.get("manage_key") or [])) and (int(me.get("can_manage_registration_codes") or 0) != 1):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
try:
payload = json.loads(request.body.decode("utf-8"))
except Exception:
@@ -1207,6 +1446,10 @@ def revoke_registration_code_view(request):
code = (payload.get("code") or "").strip()
if not code:
return JsonResponse({"status": "error", "message": "缺少code"}, status=400)
if not is_admin:
info = get_registration_code(code)
if not info or str(info.get("created_by")) != str(uid):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
ok = revoke_registration_code(code)
if not ok:
return JsonResponse({"status": "error", "message": "作废失败"}, status=500)