Viajero/Achievement_Inputing
2
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases 2 Wiki Activity

新增“数据编辑”

Browse Source
This commit is contained in:
Viajero-tect
2025-11-14 23:10:50 +08:00
parent 9dcd353815
commit 98056b2515
4 changed files with 66 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
db.sqlite3
View File

Binary file not shown.

22
elastic/es_connect.py
View File

@@ -230,7 +230,7 @@ def update_by_id(doc_id, updated_data):
try:
# 获取文档
achievement = AchievementDocument.get(id=doc_id)
print(doc_id)
# 更新字段
if 'writer_id' in updated_data:
achievement.writer_id = updated_data['writer_id']
@@ -327,6 +327,26 @@ def write_user_data(user_data):
print(f"用户数据写入失败: {str(e)}")
return False
def get_user_by_id(user_id):
try:
search = UserDocument.search()
search = search.query("term", user_id=user_id)
response = search.execute()
if response.hits:
hit = response.hits[0]
return {
"user_id": hit.user_id,
"username": hit.username,
"password": hit.password,
"permission": hit.permission
}
return None
except Exception as e:
print(f"获取用户数据失败: {str(e)}")
return None
def get_user_by_username(username):
"""
根据用户名获取用户数据

4
elastic/indexes.py
View File

@@ -1,5 +1,5 @@
INDEX_NAME = "wordsearch266666789"
USER_NAME = "users_123"
INDEX_NAME = "wordsearch266666"
USER_NAME = "users"
ACHIEVEMENT_INDEX_NAME = INDEX_NAME
USER_INDEX_NAME = USER_NAME
GLOBAL_INDEX_NAME = "global11111"

68
elastic/views.py
View File

@@ -84,21 +84,32 @@ def get_all_data(request):
@csrf_exempt
def delete_data(request, doc_id):
"""删除数据(需登录;管理员或作者本人)"""
if not request.session.get("user_id"):
request_user=request.session.get("user_id")
# request_admin=request.session.get("permisssion")
if request_user is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
try:
existing = get_by_id(doc_id)
user_existing=get_user_by_id(request_user)
if not existing:
return JsonResponse({"status": "error", "message": "数据不存在"}, status=404)
is_admin = (request.session.get("permission", 1) == 0)
is_admin = (user_existing.get('permission') ) == 0
is_owner = str(existing.get("writer_id", "")) == str(request.session.get("user_id"))
if not (is_admin or is_owner):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
success = delete_by_id(doc_id)
if success:
return JsonResponse({"status": "success", "message": "数据删除成功"})
else:
return JsonResponse({"status": "error", "message": "数据删除失败"}, status=500)
except Exception as e:
return JsonResponse({"status": "error", "message": str(e)}, status=500)
@@ -107,18 +118,24 @@ def delete_data(request, doc_id):
@csrf_exempt
def update_data(request, doc_id):
"""更新数据(需登录;管理员或作者本人)"""
# if not request.session.get("user_id"):
# return JsonResponse({"status": "error", "message": "未登录"}, status=401)
request_user = request.session.get("user_id")
if request_user is None:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
try:
payload = json.loads(request.body.decode('utf-8'))
except Exception:
return JsonResponse({"status": "error", "message": "JSON无效"}, status=400)
try:
existing = get_by_id(doc_id)
user_existing = get_user_by_id(request_user)
if not existing:
return JsonResponse({"status": "error", "message": "数据不存在"}, status=404)
is_admin = (request.session.get("permission", 1) == 0)
is_admin = (user_existing.get('permission')) == 0
is_owner = str(existing.get("writer_id", "")) == str(request.session.get("user_id"))
if not (is_admin or is_owner):
return JsonResponse({"status": "error", "message": "无权限"}, status=403)
@@ -306,14 +323,14 @@ def upload_page(request):
# 上传并识别(不入库)
@require_http_methods(["POST"])
def upload(request):
# if not request.session.get("user_id"):
# fallback_uid = request.POST.get("user_id") or request.GET.get("user_id")
# if fallback_uid:
# request.session["user_id"] = fallback_uid
# request.session.setdefault("permission", 1)
# else:
# return JsonResponse({"status": "error", "message": "未登录"}, status=401)
#
if request.session.get("user_id") is None:
fallback_uid = request.POST.get("user_id") or request.GET.get("user_id")
if fallback_uid:
request.session["user_id"] = fallback_uid
request.session.setdefault("permission", 1)
else:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
file = request.FILES.get("file")
if not file:
return JsonResponse({"status": "error", "message": "未选择文件"}, status=400)
@@ -348,18 +365,18 @@ def upload(request):
# 确认并入库
@require_http_methods(["POST"])
def confirm(request):
# if not request.session.get("user_id"):
# # 允许从payload中带入user_id作为后备便于前端已知用户时继续操作
# try:
# payload_for_uid = json.loads(request.body.decode("utf-8"))
# except Exception:
# payload_for_uid = {}
# fb_uid = (payload_for_uid or {}).get("user_id")
# if fb_uid:
# request.session["user_id"] = fb_uid
# request.session.setdefault("permission", 1)
# else:
# return JsonResponse({"status": "error", "message": "未登录"}, status=401)
if request.session.get("user_id") is None:
# 允许从payload中带入user_id作为后备便于前端已知用户时继续操作
try:
payload_for_uid = json.loads(request.body.decode("utf-8"))
except Exception:
payload_for_uid = {}
fb_uid = (payload_for_uid or {}).get("user_id")
if fb_uid:
request.session["user_id"] = fb_uid
request.session.setdefault("permission", 1)
else:
return JsonResponse({"status": "error", "message": "未登录"}, status=401)
try:
payload = json.loads(request.body.decode("utf-8"))
@@ -392,6 +409,7 @@ def manage_page(request):
if session_user_id is None:
from django.shortcuts import redirect
return redirect("/accounts/login/")
# is_admin = (request.session.get("permission", 1) == 0)
raw_results = search_all()
# if not is_admin: