jees
/
PLM_demo


			
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
							from django.http import JsonResponse, HttpResponse
from django.views.decorators.csrf import csrf_exempt
from django.forms.models import model_to_dict
from .model_handler import UserHandler, CompanyHandler
from .func import is_admin


def user_list(request):
    result = {'code': 1, 'content': None}
    if not is_admin(request):
        return HttpResponse(status=403)
    company = CompanyHandler.get_by_id(request.session.get('company_id'))
    if request.method == 'GET':
        users = UserHandler.search_by_company(company)
        users.order_by('admin')
        user_list = []
        for u in users:
            u_dict = model_to_dict(u)
            del u_dict['password']
            user_list.append(u_dict)
            result['code'] = 0
            result['content'] = user_list
        return JsonResponse(result)


@csrf_exempt
def user_search(request):
    result = {'code': 1, 'content': None}
    company = CompanyHandler.get_by_id(request.session.get('company_id'))
    if request.method == 'GET':
        users = UserHandler.search_like_name(request.GET.get('user_name'), company)
        user_list = []
        for user in users:
            user_list.append(model_to_dict(user))
        result = {'code': 0, 'content': user_list}
        return JsonResponse(result)


@csrf_exempt
def user_delete(request):
    result = {'code': 1, 'content': None}
    if not is_admin(request):
        return HttpResponse(status=403)
    if request.method == 'POST':
        delete_user_id = request.POST.get('delete_user_id')
        delete_user = UserHandler.get_by_id(delete_user_id)
        delete_user.delete()
        result = {'code': 0, 'content': 'deleted'}
        return JsonResponse(result)


@csrf_exempt
def user_admin_change(request):
    result = {'code': 1, 'content': None}
    if not is_admin(request):
        return HttpResponse(status=403)
    if request.method == 'POST':
        company = CompanyHandler.get_by_id(request.session.get('company_id'))
        user = UserHandler.get_by_id(request.session.get('user_id'))
        target_user_id = request.POST.get('target_user_id')
        target_user = UserHandler.get_by_id(target_user_id)
        if target_user.id == user.id:
            result['content'] = '不能修改自己管理员权限'
            return JsonResponse(result)
        new_admin_status = not target_user.admin
        if new_admin_status:
            target_user.admin = True
            target_user.save()
            result = {'code': 0, 'content': None}
        else:       # 当去除管理员时候，检索目前是否有2个管理员，以防止管理员全部删光了
            admins = UserHandler.search_by_company(company=company).filter(admin=True)
            if len(admins) <= 1:
                result = {'code': 11, 'content': '管理员仅有一位不能再删除了'}
            else:
                target_user = UserHandler.get_by_id(target_user_id)
                target_user.admin = False
                target_user.save()
                result = {'code': 0, 'content': None}

        return JsonResponse(result)