ASJServer/AdminController/UserManageController.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
"""
@Copyright (C) ansjer cop Video Technology Co.,Ltd.All rights reserved.
@AUTHOR: ASJRD018
@NAME: AnsjerFormal
@software: PyCharm
@DATE: 2018/9/11 15:08
@Version: python3.6
@MODIFY DECORD:ansjer dev
@file: UserController.py
@Contact: chanjunkai@163.com
"""
import datetime
import traceback
import time
import logging
import jwt
import simplejson
import simplejson as json
import requests
from django.contrib.auth.hashers import make_password, check_password  # 对密码加密模块
from django.db.models import Q
from django.http import HttpResponseRedirect
from django.utils.decorators import method_decorator
from django.utils.timezone import utc
from django.views.decorators.csrf import csrf_exempt
from django.views.generic import TemplateView
from jwt.algorithms import RSAAlgorithm
from ratelimit.decorators import ratelimit

from Ansjer.config import AuthCode_Expire, SERVER_DOMAIN, APNS_CONFIG, JPUSH_CONFIG, FCM_CONFIG, TUTK_PUSH_DOMAIN
from Controller.CheckUserData import DataValid, date_handler, RandomStr
from Model.models import Device_User, Role, UidPushModel, UserOauth2Model, UserExModel, Device_Info, UidSetModel, \
    UserAppFrequencyModel, CountryIPModel, CountryModel, UidChannelSetModel, MenuModel
from Object.AWS.SesClassObject import SesClassObject
from Object.AliSmsObject import AliSmsObject
from Object.RedisObject import RedisObject
from Object.ResponseObject import ResponseObject
from Object.TokenObject import TokenObject
from Service.CommonService import CommonService
from Service.ModelService import ModelService
from Service.TemplateService import TemplateService
from django.views.generic import View
import base64
import random
from io import BytesIO
from PIL import Image, ImageDraw, ImageFont
from django.shortcuts import HttpResponse
from Ansjer.config import BASE_DIR


# 登录
class LoginView(TemplateView):
    @method_decorator(csrf_exempt)  # @csrf_exempt
    def dispatch(self, *args, **kwargs):
        return super(LoginView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        request_dict = request.POST
        language = request_dict.get('language', 'en')
        response = ResponseObject(language,'pc')

        return self.validates(request_dict, response)



    def validates(self, request_dict, response):
        username = request_dict.get('username', None)
        password = request_dict.get('password', None)
        if not username or not password:
            return response.json(111)
        username = username.strip()
        password = password.strip()
        data_valid = DataValid()
        if data_valid.email_validate(username):
            return self.do_email_login(username, password, response)
        elif data_valid.mobile_validate(username):
            return self.do_phone_login(username, password, response)
        elif data_valid.name_validate(username):
            return self.do_name_login(username, password, response)
        else:
            return response.json(107)

    def do_email_login(self, email, password, response):
        user_qs = Device_User.objects.filter(Q(username=email) | Q(userEmail=email))
        return self.valid_login(user_qs, password, response)

    def do_phone_login(self, phone, password, response):
        user_qs = Device_User.objects.filter(Q(phone=phone) | Q(username=phone), is_active=True, user_isValid=True)
        return self.valid_login(user_qs, password, response)

    def do_name_login(self, username, password, response):
        user_qs = Device_User.objects.filter(Q(username=username) | Q(phone=username) | Q(userEmail=username),
                                             is_active=True, user_isValid=True)
        return self.valid_login(user_qs, password, response)

    def valid_login(self, user_qs, password, response):
        if not user_qs.exists():
            return response.json(104)
        # users = user_qs.values('role__rid', 'role__roleName', 'userID', 'role', 'NickName', 'username', 'userEmail',
        #                        'phone', 'password', 'userIconPath', 'user_isValid', 'is_active')[0]
        users = user_qs.values('role__rid', 'role__roleName', 'userID', 'NickName', 'username', 'userEmail',
                               'phone', 'password', 'userIconPath')[0]
        if not check_password(password, users['password']):
            return response.json(111)
        userID = users['userID']
        tko = TokenObject(returntpye='pc')
        res = tko.generate(
            data={'userID': userID, 'lang': response.lang, 'user': users['username'], 'm_code': '123413243214'})
        if tko.code == 0:
            now_time = datetime.datetime.utcnow().replace(tzinfo=utc).astimezone(utc)
            user_qs.update(last_login=now_time, language=response.lang)
            res['rid'] = users['role__rid']
            res['roleName'] = users['role__roleName']
            res['permList'] = ModelService.own_permission(userID)
            res['userID'] = userID
            # 昵称，邮箱，电话，刷新，头像
            userIconPath = str(users['userIconPath'])
            if userIconPath and userIconPath.find('static/') != -1:
                userIconPath = userIconPath.replace('static/', '').replace('\\', '/')
                res['userIconUrl'] = SERVER_DOMAIN + 'account/getAvatar/' + userIconPath
            else:
                res['userIconUrl'] = ''
            res['NickName'] = users['NickName'] if users['NickName'] is not None else ''
            res['username'] = users['username'] if users['username'] is not None else ''
            res['userEmail'] = users['userEmail'] if users['userEmail'] is not None else ''
            res['phone'] = users['phone'] if users['phone'] is not None else ''
            return response.json(0, res)
        else:
            return response.json(tko.code)



# 登录
class noPasslogin(TemplateView):
    @method_decorator(csrf_exempt)  # @csrf_exempt
    def dispatch(self, *args, **kwargs):
        return super(noPasslogin, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        request_dict = request.POST
        language = request_dict.get('language', 'en')
        response = ResponseObject(language,'pc')

        return self.validates(request_dict, response)



    def validates(self, request_dict, response):
        username = request_dict.get('username', None)
        if not username:
            return response.json(111)
        username = username.strip()
        data_valid = DataValid()
        if data_valid.email_validate(username):
            return self.do_email_login(username, response)
        elif data_valid.mobile_validate(username):
            return self.do_phone_login(username, response)
        elif data_valid.name_validate(username):
            return self.do_name_login(username, response)
        else:
            return response.json(107)

    def do_email_login(self, email, response):
        user_qs = Device_User.objects.filter(Q(username=email))
        return self.valid_login(user_qs, response)

    def do_phone_login(self, phone, response):
        user_qs = Device_User.objects.filter(Q(phone=phone), is_active=True, user_isValid=True)
        return self.valid_login(user_qs, response)

    def do_name_login(self, username, response):
        user_qs = Device_User.objects.filter(Q(username=username) | Q(phone=username) | Q(userEmail=username),
                                             is_active=True, user_isValid=True)
        return self.valid_login(user_qs, response)

    def valid_login(self, user_qs, response):
        if not user_qs.exists():
            return response.json(104)
        # users = user_qs.values('role__rid', 'role__roleName', 'userID', 'role', 'NickName', 'username', 'userEmail',
        #                        'phone', 'password', 'userIconPath', 'user_isValid', 'is_active')[0]
        users = user_qs.values('role__rid', 'role__roleName', 'userID', 'NickName', 'username', 'userEmail',
                               'phone', 'password', 'userIconPath')[0]

        userID = users['userID']
        tko = TokenObject(returntpye='pc')
        res = tko.generate(
            data={'userID': userID, 'lang': response.lang, 'user': users['username'], 'm_code': '123413243214'})
        if tko.code == 0:
            now_time = datetime.datetime.utcnow().replace(tzinfo=utc).astimezone(utc)
            user_qs.update(last_login=now_time, language=response.lang)
            res['rid'] = users['role__rid']
            res['roleName'] = users['role__roleName']
            res['permList'] = ModelService.own_permission(userID)
            res['userID'] = userID
            # 昵称，邮箱，电话，刷新，头像
            userIconPath = str(users['userIconPath'])
            if userIconPath and userIconPath.find('static/') != -1:
                userIconPath = userIconPath.replace('static/', '').replace('\\', '/')
                res['userIconUrl'] = SERVER_DOMAIN + 'account/getAvatar/' + userIconPath
            else:
                res['userIconUrl'] = ''
            res['NickName'] = users['NickName'] if users['NickName'] is not None else ''
            res['username'] = users['username'] if users['username'] is not None else ''
            res['userEmail'] = users['userEmail'] if users['userEmail'] is not None else ''
            res['phone'] = users['phone'] if users['phone'] is not None else ''
            return response.json(0, res)
        else:
            return response.json(tko.code)


# 获取登录权限
class GetPermissions(TemplateView):
    @method_decorator(csrf_exempt)  # @csrf_exempt
    def dispatch(self, *args, **kwargs):
        return super(GetPermissions, self).dispatch(*args, **kwargs)

    def get(self, request, *args, **kwargs):
        token = request.META.get('HTTP_AUTHORIZATION')
        request.encoding = 'utf-8'
        request_dict = request.GET
        language = request_dict.get('language', 'en')
        response = ResponseObject(language, 'pc')
        return self.validates(request_dict,token, response)




    def validates(self, request_dict,token, response):
        tko = TokenObject(token,returntpye='pc')
        response.lang = tko.lang
        if tko.code != 0:
            return response.json(tko.code)
        userID = tko.userID


        user_qs = Device_User.objects.filter(userID=userID)
        if not user_qs.exists():
            return response.json(104)
        #待补充逻辑
        username = user_qs[0].username
        userIconPath = user_qs[0].userIconPath.url
        if userIconPath:
            if userIconPath.find('static/') != -1:
                userIconPath = userIconPath.replace('static/', '').replace('\\', '/')
                userIconUrl = SERVER_DOMAIN + 'account/getAvatar/' + userIconPath

        role_qs = Role.objects.filter(device_user=userID)
        menu_qs = MenuModel.objects.filter(role__in=role_qs,menutype=2);
        perms = []
        for menu in menu_qs:
            perms.append(menu.menu_code)
        res={
          "code": 200,
          "msg": "success",
          "data": {
            "roles": ["admin"], # 一个用户可包含多个角色如["admin","editor","XXXX"]，必须返回，如小项目用不到角色权限请返回 ["admin"]
            "ability": ["READ", "WRITE", "DELETE"], # 如果用不到rabc精细化权限可以不返回，建议返回
            "username": username, # 用户名，必须返回
            "avatar": userIconUrl,# 头像，必须返回
            "perms": perms
          }
        }
        return response.json(0, res)


# 获取菜单
class GetList(TemplateView):
    @method_decorator(csrf_exempt)  # @csrf_exempt
    def dispatch(self, *args, **kwargs):
        return super(GetList, self).dispatch(*args, **kwargs)

    def get(self, request, *args, **kwargs):
        token = request.META.get('HTTP_AUTHORIZATION')
        request.encoding = 'utf-8'
        request_dict = request.GET
        language = request_dict.get('language', 'en')
        response = ResponseObject(language, 'pc')
        return self.validates(request_dict,token, response)


    def validates(self, request_dict,token, response):
        tko = TokenObject(token,returntpye='pc')
        response.lang = tko.lang
        if tko.code != 0:
            return response.json(tko.code)
        userID = tko.userID

        role_qs =Role.objects.filter(device_user=userID)
        menu_qs = MenuModel.objects.filter(parentId=0,role__in=role_qs,menutype=1);
        list = []
        i = 0
        for menu in menu_qs:
            list.append(
                {
                'id': menu.id,
                'parentId': menu.parentId,
                'path': menu.path,
                'name': menu.name,
                'component': menu.component,
                'meta': {
                        'hidden': menu.hidden,
                        'levelHidden': menu.levelHidden,
                        'title': menu.title,
                        'icon': menu.icon,
                        'isCustomSvg':menu.isCustomSvg,
                        'noKeepAlive': menu.noKeepAlive,
                        'noClosable':menu.noClosable,
                        'badge': menu.badge,
                        'tabHidden': menu.tabHidden,
                        'activeMenu': menu.activeMenu,
                        'dot':menu.dot,
                        'dynamicNewTab': menu.dynamicNewTab,
                        'sort': menu.sort
                    }
                }
            )
        menu_qs = MenuModel.objects.filter(role__in=role_qs,menutype=1)
        menulist = self.menulist(menu_qs, list)

        return response.json(0, {'list':menulist})

    def menulist(self,menu_qs,list):
        for menulist in list:
            for menu in menu_qs:
                if menulist['id'] == menu.parentId:
                    if 'children' not in menulist:
                        menulist['children'] = []
                    menulist['children'].append(
                        {
                        'id': menu.id,
                        'parentId': menu.parentId,
                        'path': menu.path,
                        'name': menu.name,
                        'component': menu.component,
                        'meta': {
                                'hidden': menu.hidden,
                                'levelHidden': menu.levelHidden,
                                'title': menu.title,
                                'icon': menu.icon,
                                'isCustomSvg': menu.isCustomSvg,
                                'noKeepAlive': menu.noKeepAlive,
                                'noClosable': menu.noClosable,
                                'badge': menu.badge,
                                'tabHidden': menu.tabHidden,
                                'activeMenu': menu.activeMenu,
                                'dot': menu.dot,
                                'dynamicNewTab': menu.dynamicNewTab,
                                'sort': menu.sort
                            }
                        }
                    )
                    self.menulist(menu_qs,menulist['children'])

        return list



class UserManagement(View):
    def get(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        operation = kwargs.get('operation')
        return self.validation(request.GET, request, operation)

    def post(self, request, *args, **kwargs):
        request.encoding = 'utf-8'
        operation = kwargs.get('operation')
        return self.validation(request.POST, request, operation)

    def validation(self, request_dict, request, operation):
        language = request_dict.get('language', 'en')
        response = ResponseObject(language, 'pc')
        if operation == '??':
            return 0
        else:
            tko = TokenObject(request.META.get('HTTP_AUTHORIZATION'), returntpye='pc')
            if tko.code != 0:
                return response.json(tko.code)
            response.lang = tko.lang
            userID = tko.userID
            if operation == 'getUserInfo':
                return self.getUserInfo(userID, request_dict, response)
            elif operation == 'AddOrEditAccount':
                return self.AddOrEditAccount(userID, request_dict, response)
            elif operation == 'doDelete':
                return self.doDelete(userID, request_dict, response)
            else:
                return response.json(404)

    def getUserInfo(self, userID, request_dict, response):
        print('request_dict: ', request_dict)
        username = request_dict.get('username', '').strip()   # 移除字符串头尾的空格
        pageNo = request_dict.get('pageNo', None)
        pageSize = request_dict.get('pageSize', None)

        if not all([pageNo, pageSize]):
            return response.json(444)

        page = int(pageNo)
        line = int(pageSize)
        try:
            if username:    # 查询
                # 校验查询输入数据是否匹配用户名,手机或邮箱正则
                dataValid = DataValid()
                if not (dataValid.name_validate(username) or dataValid.mobile_validate(username) \
                        or dataValid.email_validate(username)):
                    return response.json(444)
                device_user_qs = Device_User.objects.filter(username=username)
                if not device_user_qs.exists():
                    device_user_qs = Device_User.objects.filter(phone=username)
                    if not device_user_qs.exists():
                        device_user_qs = Device_User.objects.filter(userEmail=username)
                        if not device_user_qs.exists():
                            return response.json(104)

            else:
                device_user_qs = Device_User.objects.filter()  # 查询全部
            total = len(device_user_qs)
            device_users = device_user_qs[(page - 1) * line:page * line]
            user_list = []
            for device_user in device_users:
                role = device_user.role.first()
                rid = role.rid if role else 1   # 不存在角色默认分配为'Users'
                user_list.append({
                    'userID': device_user.userID,
                    'username': device_user.username,
                    'NickName': device_user.NickName,
                    'role': Role.objects.get(rid=rid).roleName,
                    'phone': device_user.phone,
                    'userEmail': device_user.userEmail,
                    'data_joined': device_user.data_joined.strftime("%Y-%m-%d %H:%M:%S"),
                    'last_login': device_user.last_login.strftime("%Y-%m-%d %H:%M:%S"),
                    'online': device_user.online,
                })
            print('user_list: ', user_list)
            return response.json(0, {'list': user_list, 'total': total})
        except Exception as e:
            print(e)
            return response.json(500, repr(e))

    def AddOrEditAccount(self, userID, request_dict, response):
        # 添加/编辑用户
        print('request_dict: ', request_dict)
        username = request_dict.get('username', '').strip()   # 移除字符串头尾的空格
        userEmail = request_dict.get('userEmail', '').strip()
        roleName = request_dict.get('role', None)
        password = request_dict.get('password', None)
        isEdit = request_dict.get('isEdit', None)

        if not all([username, userEmail, roleName, password]):
            return response.json(444)

        # 校验用户名,邮箱,密码是否符合规则
        dataValid = DataValid()
        if not dataValid.name_validate(username) or not dataValid.email_validate(userEmail) \
                or not dataValid.password_validate(password):
            return response.json(444)

        try:
            if isEdit:  # 编辑用户信息
                userID = request_dict.get('userID')
                user_data = {
                    "username": username,
                    "NickName": username,
                    "userEmail": userEmail,
                    "password": make_password(password),
                }
                device_user_qs = Device_User.objects.filter(userID=userID)
                device_user_qs.update(**user_data)

                # 如果角色改变,修改用户角色
                device_user_role = device_user_qs[0].role
                user_role = device_user_role.first()
                if not user_role or roleName != user_role.roleName:
                    device_user_role.clear()
                    role_qs = Role.objects.filter(roleName=roleName)  # 账号角色
                    device_user_qs[0].role.set(role_qs)
            else:   # 添加用户
                # 查询邮箱是否已注册
                if Device_User.objects.filter(userEmail=userEmail).exists():
                    return response.json(103)
                role_qs = Role.objects.filter(roleName=roleName)    # 账号角色
                # 创建用户
                user_data = {
                    "username": username,
                    "NickName": username,
                    "userEmail": userEmail,
                    "password": make_password(password),
                    "userID": CommonService.getUserID(μs=False, setOTAID=True),
                    "is_active": True,
                    "user_isValid": True,
                }
                Device_User.objects.create(**user_data).role.set(role_qs)
            return response.json(0)
        except Exception as e:
            print(e)
            return response.json(500, repr(e))

    def doDelete(self, userID, request_dict, response):
        userID = request_dict.get('userID', '')
        Device_User.objects.filter(userID=userID).delete()
        return response.json(0)