合并JWL,WZY,TRM代码

Change-Id: Ifb4fcad3c06733e1e005e7d8d9403e3561010fb4
diff --git a/TRM/back/app/routes.py b/TRM/back/app/routes.py
index 19ff870..41b022b 100644
--- a/TRM/back/app/routes.py
+++ b/TRM/back/app/routes.py
@@ -7,6 +7,81 @@
 
 main = Blueprint('main', __name__)
 
+@main.route('/sgiveadmin',methods=['POST','GET'])
+def giveadmin():
+    data=request.get_json()
+    print(data)
+    engine=create_engine(Config.SQLURL)
+    SessionLocal = sessionmaker(bind=engine)
+    session = SessionLocal()
+    f=Fpost(session)
+    checres=f.checkid(data['userid'],'superadmin')
+    if(not checres):
+        return jsonify({'status': 'error', 'message': 'Unauthorized'})
+    
+    res=f.giveadmin(data['targetid'])
+    if not res:
+        return jsonify({'status': 'error', 'message': 'User not found'})
+    
+    return jsonify({'status': 'success', 'message': 'User role updated to admin'})
+
+@main.route('/sgiveuser',methods=['POST','GET'])
+def giveuser():
+    data=request.get_json()
+    print(data)
+    engine=create_engine(Config.SQLURL)
+    SessionLocal = sessionmaker(bind=engine)
+    session = SessionLocal()
+    f=Fpost(session)
+    checres=f.checkid(data['userid'],'superadmin')
+    if(not checres):
+        return jsonify({'status': 'error', 'message': 'Unauthorized'})
+    
+    res=f.giveuser(data['targetid'])
+    if not res:
+        return jsonify({'status': 'error', 'message': 'User not found'})
+    
+    return jsonify({'status': 'success', 'message': 'User role updated to user'})
+
+
+@main.route('/sgivesuperadmin',methods=['POST','GET'])
+def givesuperadmin():
+    data=request.get_json()
+    print(data)
+    engine=create_engine(Config.SQLURL)
+    SessionLocal = sessionmaker(bind=engine)
+    session = SessionLocal()
+    f=Fpost(session)
+    checres=f.checkid(data['userid'],'superadmin')
+    if(not checres):
+        return jsonify({'status': 'error', 'message': 'Unauthorized'})
+    
+    res=f.givesuperadmin(data['targetid'])
+    if not res:
+        return jsonify({'status': 'error', 'message': 'User not found'})
+    
+    return jsonify({'status': 'success', 'message': 'User role updated to superadmin'})
+
+@main.route('/sgetuserlist',methods=['POST','GET'])
+def userlist():
+    data=request.get_json()
+    print(data)
+    engine=create_engine(Config.SQLURL)
+    SessionLocal = sessionmaker(bind=engine)
+    session = SessionLocal()
+    f=Fpost(session)
+    checres=f.checkid(data['userid'],'superadmin')
+    if(not checres):
+        return jsonify({'status': 'error', 'message': 'Unauthorized'})
+    res=f.getuserlist()
+    respons=[]
+    for datai in res:
+        respons.append({
+            'id': datai[0],
+            'username': datai[1],
+            'role': datai[2]
+        })
+    return jsonify(respons)
 
 @main.route('/apostlist',methods=['POST','GET'])
 def postlist():
@@ -16,7 +91,7 @@
     SessionLocal = sessionmaker(bind=engine)
     session = SessionLocal()
     f=Fpost(session)
-    checres=f.checkid(data['userid'])
+    checres=f.checkid(data['userid'],'admin')
     if(not checres):
         return jsonify({'status': 'error', 'message': 'Unauthorized'})
     res=f.getlist()
@@ -36,7 +111,7 @@
     SessionLocal = sessionmaker(bind=engine)
     session = SessionLocal()
     f=Fpost(session)
-    checres=f.checkid(data['userid'])
+    checres=f.checkid(data['userid'],'admin')
     if(not checres):
         return jsonify({'status': 'error', 'message': 'Unauthorized'})
     res=f.getpost(data['postid'])
@@ -50,7 +125,7 @@
     SessionLocal = sessionmaker(bind=engine)
     session = SessionLocal()
     f=Fpost(session)
-    checres=f.checkid(data['userid'])
+    checres=f.checkid(data['userid'],'admin')
     if(not checres):
         return jsonify({'status': 'error', 'message': 'Unauthorized'})
     
@@ -69,7 +144,7 @@
     SessionLocal = sessionmaker(bind=engine)
     session = SessionLocal()
     f=Fpost(session)
-    checres=f.checkid(data['userid'])
+    checres=f.checkid(data['userid'],'admin')
     if(not checres):
         return jsonify({'status': 'error', 'message': 'Unauthorized'})