taiyi/Kamixitong
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2a132259fb
Kamixitong/app/api/admin_old.py
taiyi a398ebd0c9 第一次提交
2025-11-11 21:39:12 +08:00

346 lines
10 KiB
Python
Raw Blame History

from flask import request, jsonify, current_app
from app import db
from app.models import Admin
from . import api_bp
from flask_login import current_user, login_required
from werkzeug.security import generate_password_hash
import functools
def require_admin(f):
"""管理员权限验证装饰器"""
@functools.wraps(f)
def decorated_function(*args, **kwargs):
# 检查用户是否已认证
if not current_user.is_authenticated:
return jsonify({
'success': False,
'message': '需要登录'
}), 401
# 检查是否为超级管理员
if not current_user.is_super_admin():
return jsonify({
'success': False,
'message': '需要超级管理员权限'
}), 403
return f(*args, **kwargs)
return decorated_function
def validate_admin_data(data, is_create=True):
"""验证管理员数据"""
if not data:
return False, '请求数据为空'
current_app.logger.info(f"Validating admin data: {data}, is_create: {is_create}")
if is_create:
username = data.get('username', '').strip()
if not username:
return False, '用户名不能为空'
# 检查用户名是否已存在
existing = Admin.query.filter_by(username=username).first()
if existing:
return False, '用户名已存在'
# 检查密码是否为空
password = data.get('password', '')
if not password or not password.strip():
return False, '密码不能为空'
# 检查密码长度
if len(password.strip()) < 6:
return False, '密码长度至少6位'
# 验证邮箱格式(如果提供)
email = data.get('email', '').strip()
if email and '@' not in email:
return False, '邮箱格式不正确'
# 验证角色
role = data.get('role')
current_app.logger.info(f"Role value: {role}, type: {type(role)}")
if role is not None and role not in [0, 1]:
return False, '角色值无效'
# 验证状态
status = data.get('status')
current_app.logger.info(f"Status value: {status}, type: {type(status)}")
if status is not None and status not in [0, 1]:
return False, '状态值无效'
return True, ''
@api_bp.route('/admins', methods=['GET'])
@require_admin
def get_admins():
"""获取管理员列表"""
try:
page = request.args.get('page', 1, type=int)
per_page = min(request.args.get('per_page', 10, type=int), 100)
keyword = request.args.get('keyword', '').strip()
role = request.args.get('role', type=int) if request.args.get('role') != '' else None
status = request.args.get('status', type=int) if request.args.get('status') != '' else None
query = Admin.query
# 关键词搜索
if keyword:
query = query.filter(Admin.username.contains(keyword))
# 角色筛选
if role is not None:
query = query.filter(Admin.role == role)
# 状态筛选
if status is not None:
query = query.filter(Admin.status == status)
# 分页
pagination = query.paginate(
page=page, per_page=per_page, error_out=False
)
admins = [admin.to_dict() for admin in pagination.items]
return jsonify({
'success': True,
'data': {
'admins': admins,
'pagination': {
'page': page,
'per_page': per_page,
'total': pagination.total,
'pages': pagination.pages,
'has_prev': pagination.has_prev,
'has_next': pagination.has_next
}
}
})
except Exception as e:
current_app.logger.error(f"获取管理员列表失败: {str(e)}")
return jsonify({
'success': False,
'message': '服务器内部错误'
}), 500
@api_bp.route('/admins', methods=['POST'])
@require_admin
def create_admin():
"""创建管理员"""
try:
data = request.get_json()
current_app.logger.info(f"Received data for create_admin: {data}")
if not data:
current_app.logger.warning("No data received for create_admin")
return jsonify({
'success': False,
'message': '请求数据为空'
}), 400
# 验证数据
is_valid, message = validate_admin_data(data, is_create=True)
if not is_valid:
current_app.logger.warning(f"Validation failed for create_admin: {message}")
return jsonify({
'success': False,
'message': message
}), 400
username = data.get('username', '').strip()
email = data.get('email', '').strip()
role = data.get('role', 0)
status = data.get('status', 1)
password = data.get('password', '')
current_app.logger.info(f"Creating admin with username: {username}, role: {role}, status: {status}")
# 创建管理员
admin = Admin(
username=username,
email=email,
role=role,
status=status
)
admin.set_password(password)
db.session.add(admin)
db.session.commit()
return jsonify({
'success': True,
'message': '管理员创建成功',
'data': admin.to_dict()
})
except Exception as e:
db.session.rollback()
current_app.logger.error(f"创建管理员失败: {str(e)}")
return jsonify({
'success': False,
'message': '服务器内部错误'
}), 500
@api_bp.route('/admins/<int:admin_id>', methods=['GET'])
@require_admin
def get_admin(admin_id):
"""获取管理员详情"""
try:
admin = Admin.query.get(admin_id)
if not admin:
return jsonify({
'success': False,
'message': '管理员不存在'
}), 404
return jsonify({
'success': True,
'data': admin.to_dict()
})
except Exception as e:
current_app.logger.error(f"获取管理员详情失败: {str(e)}")
return jsonify({
'success': False,
'message': '服务器内部错误'
}), 500
@api_bp.route('/admins/<int:admin_id>', methods=['PUT'])
@require_admin
def update_admin(admin_id):
"""更新管理员"""
try:
admin = Admin.query.get(admin_id)
if not admin:
return jsonify({
'success': False,
'message': '管理员不存在'
}), 404
data = request.get_json()
if not data:
return jsonify({
'success': False,
'message': '请求数据为空'
}), 400
# 验证数据
is_valid, message = validate_admin_data(data, is_create=False)
if not is_valid:
return jsonify({
'success': False,
'message': message
}), 400
# 更新字段
if 'email' in data:
admin.email = data['email'].strip()
if 'role' in data:
admin.role = data['role']
if 'status' in data:
admin.status = data['status']
# 如果提供了密码,则更新密码
password = data.get('password', '')
if password and password.strip():
admin.set_password(password)
# 更新时间自动更新
db.session.commit()
return jsonify({
'success': True,
'message': '管理员更新成功',
'data': admin.to_dict()
})
except Exception as e:
db.session.rollback()
current_app.logger.error(f"更新管理员失败: {str(e)}")
return jsonify({
'success': False,
'message': '服务器内部错误'
}), 500
@api_bp.route('/admins/<int:admin_id>/toggle-status', methods=['POST'])
@require_admin
def toggle_admin_status(admin_id):
"""切换管理员状态"""
try:
admin = Admin.query.get(admin_id)
if not admin:
return jsonify({
'success': False,
'message': '管理员不存在'
}), 404
# 不允许禁用自己
if current_user.admin_id == admin_id and admin.status == 1:
return jsonify({
'success': False,
'message': '不能禁用当前登录的管理员'
}), 400
# 切换状态
admin.status = 0 if admin.status == 1 else 1
db.session.commit()
status_name = '正常' if admin.status == 1 else '禁用'
action = '启用' if admin.status == 1 else '禁用'
return jsonify({
'success': True,
'message': f'管理员已{action}',
'data': {
'status': admin.status,
'status_name': status_name
}
})
except Exception as e:
db.session.rollback()
current_app.logger.error(f"切换管理员状态失败: {str(e)}")
return jsonify({
'success': False,
'message': '服务器内部错误'
}), 500
@api_bp.route('/admins/<int:admin_id>', methods=['DELETE'])
@require_admin
def delete_admin(admin_id):
"""删除管理员"""
try:
admin = Admin.query.get(admin_id)
if not admin:
return jsonify({
'success': False,
'message': '管理员不存在'
}), 404
# 不允许删除自己
if current_user.admin_id == admin_id:
return jsonify({
'success': False,
'message': '不能删除当前登录的管理员'
}), 400
db.session.delete(admin)
db.session.commit()
return jsonify({
'success': True,
'message': '管理员删除成功'
})
except Exception as e:
db.session.rollback()
current_app.logger.error(f"删除管理员失败: {str(e)}")
return jsonify({
'success': False,
'message': '服务器内部错误'
}), 500
Reference in New Issue View Git Blame Copy Permalink