Gitiles
Code Review Sign In
gerrit.lilingkun.com / API-TRM / c4b4f3dd4349f4af914118e259fcf4b0cb27a356 / . / Merge / back_trm / app / routes.py
blob: 625ea6d1bcdd26485d160fbcfc5d1462f60d57de [file] [log] [blame]
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]1from flask import Blueprint, render_template
2from .functions.Fpost import Fpost;
3from sqlalchemy import create_engine
4from sqlalchemy.orm import sessionmaker
5from config import Config
6from flask import jsonify,request
7
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]8
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]9main = Blueprint('main', __name__)
10
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]11
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]12@main.route('/sgiveadmin',methods=['POST','GET'])
13def giveadmin():
14 data=request.get_json()
15 print(data)
16 engine=create_engine(Config.SQLURL)
17 SessionLocal = sessionmaker(bind=engine)
18 session = SessionLocal()
19 f=Fpost(session)
20 checres=f.checkid(data['userid'],'superadmin')
21 if(not checres):
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]22 f.recordlog(data['userid'],
23 'error',
24 '系统需要超级管理员才能执行修改用户角色的操作,但是当前用户不是超级管理员',
25 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]26 return jsonify({'status': 'error', 'message': 'Unauthorized'})
27
28 res=f.giveadmin(data['targetid'])
29 if not res:
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]30 f.recordlog(data['userid'],
31 'error',
32 f"尝试修改用户{data['targetid']}角色为admin失败,用户不存在",
33 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]34 return jsonify({'status': 'error', 'message': 'User not found'})
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]35 f.recordlog(data['userid'],
36 'behavior',
37 f'用户角色为admin修改成功,用户ID: {data["targetid"]} 被修改为管理员',
38 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]39 return jsonify({'status': 'success', 'message': 'User role updated to admin'})
40
41@main.route('/sgiveuser',methods=['POST','GET'])
42def giveuser():
43 data=request.get_json()
44 print(data)
45 engine=create_engine(Config.SQLURL)
46 SessionLocal = sessionmaker(bind=engine)
47 session = SessionLocal()
48 f=Fpost(session)
49 checres=f.checkid(data['userid'],'superadmin')
50 if(not checres):
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]51 f.recordlog(data['userid'],
52 'error',
53 '系统需要超级管理员才能执行修改用户角色的操作,但是当前用户不是超级管理员',
54 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]55 return jsonify({'status': 'error', 'message': 'Unauthorized'})
56
57 res=f.giveuser(data['targetid'])
58 if not res:
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]59 f.recordlog(data['userid'],
60 'error',
61 f"尝试修改用户{data['targetid']}为user失败,用户不存在",
62 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]63 return jsonify({'status': 'error', 'message': 'User not found'})
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]64 f.recordlog(data['userid'],
65 'behavior',
66 f'用户角色修改成功,用户ID: {data["targetid"]} 被修改为普通用户',
67 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]68 return jsonify({'status': 'success', 'message': 'User role updated to user'})
69
70
71@main.route('/sgivesuperadmin',methods=['POST','GET'])
72def givesuperadmin():
73 data=request.get_json()
74 print(data)
75 engine=create_engine(Config.SQLURL)
76 SessionLocal = sessionmaker(bind=engine)
77 session = SessionLocal()
78 f=Fpost(session)
79 checres=f.checkid(data['userid'],'superadmin')
80 if(not checres):
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]81 f.recordlog(data['userid'],
82 'error',
83 '系统需要超级管理员才能执行修改用户角色的操作,但是当前用户不是超级管理员',
84 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]85 return jsonify({'status': 'error', 'message': 'Unauthorized'})
86
87 res=f.givesuperadmin(data['targetid'])
88 if not res:
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]89 f.recordlog(data['userid'],
90 'error',
91 f'尝试修改用户{data["targetid"]}角色为superadmin失败,用户不存在',
92 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]93 return jsonify({'status': 'error', 'message': 'User not found'})
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]94 f.recordlog(data['userid'],
95 'behavior',
96 f'用户角色修改成功,用户ID: {data["targetid"]} 被修改为超级管理员',
97 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]98 return jsonify({'status': 'success', 'message': 'User role updated to superadmin'})
99
100@main.route('/sgetuserlist',methods=['POST','GET'])
101def userlist():
102 data=request.get_json()
103 print(data)
104 engine=create_engine(Config.SQLURL)
105 SessionLocal = sessionmaker(bind=engine)
106 session = SessionLocal()
107 f=Fpost(session)
108 checres=f.checkid(data['userid'],'superadmin')
109 if(not checres):
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]110 f.recordlog(data['userid'],
111 'error',
112 '系统需要超级管理员才能执行获取用户列表的操作,但是当前用户不是超级管理员',
113 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]114 return jsonify({'status': 'error', 'message': 'Unauthorized'})
115 res=f.getuserlist()
116 respons=[]
117 for datai in res:
118 respons.append({
119 'id': datai[0],
120 'username': datai[1],
121 'role': datai[2]
122 })
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]123
124 f.recordlog(data['userid'],
125 'access',
126 '获取用户列表成功',
127 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]128 return jsonify(respons)
129
130@main.route('/apostlist',methods=['POST','GET'])
131def postlist():
132 data=request.get_json()
133 print(data)
134 engine=create_engine(Config.SQLURL)
135 SessionLocal = sessionmaker(bind=engine)
136 session = SessionLocal()
137 f=Fpost(session)
138 checres=f.checkid(data['userid'],'admin')
139 if(not checres):
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]140 f.recordlog(data['userid'],
141 'error',
142 '系统需要管理员才能执行获取帖子列表的操作,但是当前用户不是管理员',
143 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]144 return jsonify({'status': 'error', 'message': 'Unauthorized'})
145 res=f.getlist()
146 respons=[]
147 for datai in res:
148 respons.append({
149 'id': datai[0],
150 'title': datai[1],
151 'status': datai[2]
152 })
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]153 f.recordlog(data['userid'],
154 'access',
155 '获取帖子列表成功',
156 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]157 return jsonify(respons)
158
159@main.route('/agetpost',methods=['POST','GET'])
160def post():
161 data=request.get_json()
162 engine=create_engine(Config.SQLURL)
163 SessionLocal = sessionmaker(bind=engine)
164 session = SessionLocal()
165 f=Fpost(session)
166 checres=f.checkid(data['userid'],'admin')
167 if(not checres):
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]168 f.recordlog(data['userid'],
169 'error',
170 '系统需要管理员才能执行获取帖子详情的操作,但是当前用户不是管理员',
171 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]172 return jsonify({'status': 'error', 'message': 'Unauthorized'})
173 res=f.getpost(data['postid'])
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]174 if not res:
175 f.recordlog(data['userid'],
176 'error',
177 f'尝试获取帖子{data["postid"]}失败,帖子不存在',
178 request.remote_addr)
179 return jsonify({'status': 'error', 'message': 'Post not found'})
180 f.recordlog(data['userid'],
181 'access',
182 f'获取帖子详情成功,帖子ID: {data["postid"]}',
183 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]184 return jsonify(res.to_dict() if res else {})
185
186@main.route('/areview',methods=['POST','GET'])
187def review():
188 data=request.get_json()
189 engine=create_engine(Config.SQLURL)
190 SessionLocal = sessionmaker(bind=engine)
191 session = SessionLocal()
192 f=Fpost(session)
193 checres=f.checkid(data['userid'],'admin')
194 if(not checres):
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]195 f.recordlog(data['userid'],
196 'error',
197 '系统需要管理员才能执行帖子审核的操作,但是当前用户不是管理员',
198 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]199 return jsonify({'status': 'error', 'message': 'Unauthorized'})
200
201 res=f.review(data['postid'],data['status'])
202 if not res:
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]203 f.recordlog(data['userid'],
204 'error',
205 f'尝试审核帖子{data["postid"]}失败,帖子不存在',
206 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]207 return jsonify({'status': 'error', 'message': 'Post not found'})
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]208 f.recordlog(data['userid'],
209 'behavior',
210 f'帖子审核成功,帖子ID: {data["postid"]} 状态更新为 {data["status"]}',
211 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]212 return jsonify({'status': 'success', 'message': 'Post reviewed successfully'})
213
214
215
216@main.route('/nginxauth',methods=['POST','GET'])
217def nginxauth():
218 data=request.get_json()
219 engine=create_engine(Config.SQLURL)
220 SessionLocal = sessionmaker(bind=engine)
221 session = SessionLocal()
222 f=Fpost(session)
223 checres=f.checkid(data['userid'],'admin')
224 if(not checres):
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]225 f.recordlog(data['userid'],
226 'error',
227 '系统需要管理员才能执行Nginx认证的操作,但是当前用户不是管理员',
228 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]229 return jsonify({'status': 'error', 'message': 'Unauthorized'})
230
231 res=f.nginxauth(data['postid'],data['status'])
232 if not res:
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]233 f.recordlog(data['userid'],
234 'error',
235 f'尝试更新Nginx认证状态失败,帖子{data["postid"]}不存在',
236 request.remote_addr)
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]237 return jsonify({'status': 'error', 'message': 'Post not found'})
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]238 f.recordlog(data['userid'],
239 'behavior',
240 f'Nginx认证状态更新成功,帖子ID: {data["postid"]} 状态更新为 {data["status"]}',
241 request.remote_addr)
242 return jsonify({'status': 'success', 'message': 'Nginx auth updated successfully'})
243
244@main.route('/getsyscost',methods=['POST','GET'])
245def getsyscost():
246 data=request.get_json()
247 engine=create_engine(Config.SQLURL)
248 SessionLocal = sessionmaker(bind=engine)
249 session = SessionLocal()
250 f=Fpost(session)
251 checres=f.checkid(data['userid'],'superadmin')
252 if(not checres):
253 f.recordlog(data['userid'],
254 'error',
255 '系统需要管理员才能执行获取系统性能消耗的操作,但是当前用户不是管理员',
256 request.remote_addr)
257 return jsonify({'status': 'error', 'message': 'Unauthorized'})
TRM-codingd1cbf672025-06-18 15:15:08 +0800[diff] [blame]258
TRM-codingc4b4f3d2025-06-18 19:02:46 +0800[diff] [blame^]259 res=f.getsyscost()
260 if not res:
261 f.recordlog(data['userid'],
262 'error',
263 '尝试获取系统性能消耗数据失败,数据不存在',
264 request.remote_addr)
265 return jsonify({'status': 'error', 'message': 'No performance data found'})
266
267 f.recordlog(data['userid'],
268 'access',
269 '获取系统性能消耗数据成功',
270 request.remote_addr)
271 resdata = []
272 for datai in res:
273 resdata.append({
274 'id': datai.id,
275 'record_time': datai.record_time.isoformat(),
276 'endpoint': datai.endpoint,
277 'elapsed_time': datai.elapsed_time,
278 'cpu_user': datai.cpu_user,
279 'cpu_system': datai.cpu_system,
280 'memory_rss': datai.memory_rss
281 })
282 return jsonify(resdata)
283@main.route('/getrecordlog',methods=['POST','GET'])
284def getrecordlog():
285 data=request.get_json()
286 engine=create_engine(Config.SQLURL)
287 SessionLocal = sessionmaker(bind=engine)
288 session = SessionLocal()
289 f=Fpost(session)
290 checres=f.checkid(data['userid'],'admin')
291 if(not checres):
292 f.recordlog(data['userid'],
293 'error',
294 '系统需要管理员才能执行获取日志的操作,但是当前用户不是管理员',
295 request.remote_addr)
296 return jsonify({'status': 'error', 'message': 'Unauthorized'})
297
298 res=f.getrecordlog()
299 if not res:
300 f.recordlog(data['userid'],
301 'error',
302 '尝试获取日志失败,日志不存在',
303 request.remote_addr)
304 return jsonify({'status': 'error', 'message': 'No logs found'})
305
306 f.recordlog(data['userid'],
307 'access',
308 '获取日志成功',
309 request.remote_addr)
310
311 resdata = []
312 for datai in res:
313 resdata.append({
314 'id': datai.id,
315 'user_id': datai.user_id,
316 'type': datai.type,
317 'content': datai.content,
318 'ip': datai.ip,
319 'created_at': datai.created_at.isoformat()
320 })
321
322 return jsonify(resdata)
323