You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
256 lines
14 KiB
256 lines
14 KiB
# coding=utf-8
|
|
import base64
|
|
import datetime
|
|
import hashlib
|
|
import json
|
|
import time
|
|
from django.http import Http404
|
|
from django.http import HttpResponse
|
|
from django.template import RequestContext
|
|
from django.views.decorators.csrf import csrf_exempt
|
|
from django.shortcuts import render_to_response, redirect
|
|
import simplejson
|
|
from finance.models import Bill
|
|
from access.models import ActionJ, User
|
|
from lms.settings import DOMAIN, NAME, SUPPORT, SUPPORT_PHONE, SUPPORT_TIME, ADDRESS, COMMENT_SECRET
|
|
from django.db.models import Q
|
|
|
|
from lms.tools import comment_auth_data
|
|
from management.models import ModalTask
|
|
from management.tools import get_modals
|
|
|
|
|
|
def api_decor(without_auth=False, check_request=False, method='GET', need_keys=[], check_request_values=False,
|
|
need_values={}):
|
|
# Обслуживание API запроса
|
|
# check_request - проверяет введенные ключи. Если есть все необходимые - продолжает выполнение
|
|
# check_request_values - проверяет значение ключей request. ТОЛЬКО при наличии проверок check_request и
|
|
# совпадении ключей need_keys и check_request_values
|
|
# context_in - поправка вывода context при ошибке
|
|
def wrap(fun):
|
|
@csrf_exempt
|
|
def _render_json(request, *args, **kwargs):
|
|
if not request.user.is_authenticated() and not without_auth:
|
|
raise Http404
|
|
|
|
if request.user.is_authenticated() or without_auth:
|
|
if request.user.is_authenticated():
|
|
if not request.user.last_ip:
|
|
request.user.set_request_data(request)
|
|
request.user.last_time = datetime.datetime.now()
|
|
if request.user.status == 'OFF':
|
|
request.user.status = 'ON'
|
|
request.user.save()
|
|
|
|
result = True
|
|
if check_request:
|
|
keys_in = []
|
|
if method == 'GET':
|
|
keys_in = request.GET.keys()
|
|
elif method == 'POST':
|
|
keys_in = request.POST.keys()
|
|
|
|
# Проверка существования ключей в request
|
|
for i in need_keys:
|
|
if i not in keys_in:
|
|
result = False
|
|
break
|
|
|
|
# Проверка значений в request
|
|
if check_request_values and result:
|
|
for key, value in need_values.iteritems():
|
|
if method == 'GET' and (key not in need_keys or request.GET[key] != value):
|
|
result = False
|
|
break
|
|
elif method == 'POST' and (key not in need_keys or request.POST[key] != value):
|
|
result = False
|
|
break
|
|
if result:
|
|
data = fun(request, {'code': '0', 'response': '', 'data': ''}, *args, **kwargs)
|
|
else:
|
|
context_in = {'code': '0', 'response': 'KEYS ARE NOT VALID', 'data': ''}
|
|
data = context_in
|
|
response = HttpResponse(simplejson.dumps(data), content_type='application/json; charset=utf-8')
|
|
#response['Content-Security-Policy'] = "default-src 'self'"
|
|
return response
|
|
else:
|
|
response = HttpResponse(simplejson.dumps({'code': '0', 'response': '', 'data': ''}),
|
|
content_type='application/json; charset=utf-8')
|
|
#response['Content-Security-Policy'] = "default-src 'self'"
|
|
return response
|
|
|
|
return _render_json
|
|
|
|
return wrap
|
|
|
|
|
|
def response_decor(template, without_auth=False, description=''):
|
|
# Обслуживание стандартного запроса http
|
|
def wrap_response(func):
|
|
def _render_json(request, *args, **kwargs):
|
|
if request.user.is_authenticated() or without_auth:
|
|
parameters = func(request, *args, **kwargs)
|
|
parameters['DOMAIN'] = DOMAIN
|
|
parameters['NAME'] = NAME
|
|
parameters['SUPPORT'] = SUPPORT
|
|
parameters['SUPPORT_PHONE'] = SUPPORT_PHONE
|
|
parameters['SUPPORT_TIME'] = SUPPORT_TIME
|
|
parameters['ADDRESS'] = ADDRESS
|
|
parameters['ONLINE'] = User.objects.filter(status='ON').count()
|
|
parameters['COMMENT_USER_INFO'] = comment_auth_data(request.user) if request.user.is_authenticated() else ''
|
|
|
|
if request.user.is_authenticated():
|
|
if ModalTask.objects.filter(Q(user__email=request.user.email, modal__title='aicfb3')|Q(user__email=request.user.email, modal__title='aicfb2')|Q(user__email=request.user.email, modal__title='aicfb1')).exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email).first()
|
|
parameters['show_fb'] = m.modal.text
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(Q(user__email=request.user.email, modal__title='diplom_nameless')|Q(user__email=request.user.email, modal__title='gazprom')|Q(user__email=request.user.email, modal__title='yota')|Q(user__email=request.user.email, modal__title=' kaspi')|Q(user__email=request.user.email, modal__title='mosru')).exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email).first()
|
|
parameters[m.modal.title] = m.modal.text
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='csh_new_year').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='csh_new_year').first()
|
|
parameters['csh_new_year'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='web_html').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='web_html').first()
|
|
parameters['web_html'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='web_gerasimenko').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='web_gerasimenko').first()
|
|
parameters['web_gerasimenko'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='JavaScript_geras').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='JavaScript_geras').first()
|
|
parameters['JavaScript_geras'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='JavaScript_yegor').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='JavaScript_yegor').first()
|
|
parameters['JavaScript_yegor'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='Java_geras').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='Java_geras').first()
|
|
parameters['Java_geras'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='Java_it').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='Java_it').first()
|
|
parameters['Java_it'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='IOS').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='IOS').first()
|
|
parameters['IOS'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='web_start').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='web_start').first()
|
|
parameters['web_start'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='excel').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='excel').first()
|
|
parameters['excel'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if ModalTask.objects.filter(user__email=request.user.email, modal__title='PR').exists():
|
|
m = ModalTask.objects.filter(user__email=request.user.email, modal__title='PR').first()
|
|
parameters['PR'] = True
|
|
m.user.remove(request.user)
|
|
|
|
if parameters and parameters.get('redirect'):
|
|
return redirect(parameters['redirect'])
|
|
else:
|
|
if request.user.is_authenticated():
|
|
parameters['bills'] = Bill.objects.filter(
|
|
Q(user=request.user, status='W') | Q(user=request.user, status='P'))
|
|
parameters['actions'] = ActionJ.objects.filter(student=request.user).order_by('-id')[:5]
|
|
response = render_to_response(template, parameters, context_instance=RequestContext(request))
|
|
#response['Content-Security-Policy'] = "default-src 'self'"
|
|
return response
|
|
else:
|
|
parameters = {'AUTH': True,
|
|
'DOMAIN': DOMAIN,
|
|
'NAME': NAME,
|
|
'ONLINE': User.objects.filter(status='ON').count(),
|
|
'SUPPORT': SUPPORT,
|
|
'SUPPORT_PHONE': SUPPORT_PHONE,
|
|
'SUPPORT_TIME': SUPPORT_TIME,
|
|
'ADDRESS': ADDRESS,
|
|
'COMMENT_USER_INFO': '',
|
|
'MODALS': get_modals(request)}
|
|
if parameters and parameters.get('redirect'):
|
|
return redirect(parameters['redirect'])
|
|
else:
|
|
response = render_to_response('access_error.html', parameters, context_instance=RequestContext(request))
|
|
#response['Content-Security-Policy'] = "default-src 'self'"
|
|
return response
|
|
|
|
return _render_json
|
|
|
|
return wrap_response
|
|
|
|
|
|
def out_api_decor(without_auth=False, check_request=False, method='GET', need_keys=[], check_request_values=False,
|
|
need_values={}):
|
|
# Обслуживание API запроса
|
|
# check_request - проверяет введенные ключи. Если есть все необходимые - продолжает выполнение
|
|
# check_request_values - проверяет значение ключей request. ТОЛЬКО при наличии проверок check_request и
|
|
# совпадении ключей need_keys и check_request_values
|
|
# context_in - поправка вывода context при ошибке
|
|
def wrap(fun):
|
|
@csrf_exempt
|
|
def _render_json(request, *args, **kwargs):
|
|
keys_in = []
|
|
if request.user.is_authenticated() or without_auth:
|
|
if request.user.is_authenticated():
|
|
request.user.last_time = datetime.datetime.now()
|
|
if request.user.status == 'OFF':
|
|
request.user.status = 'ON'
|
|
request.user.save()
|
|
result = True
|
|
if check_request:
|
|
if method == 'GET':
|
|
keys_in = request.GET.keys()
|
|
elif method == 'POST':
|
|
keys_in = request.POST.keys()
|
|
|
|
# Проверка существования ключей в request
|
|
for i in need_keys:
|
|
if i not in keys_in:
|
|
result = False
|
|
break
|
|
|
|
# Проверка значений в request
|
|
if check_request_values and result:
|
|
for key, value in need_values.iteritems():
|
|
if method == 'GET' and (key not in need_keys or request.GET[key] != value):
|
|
result = False
|
|
break
|
|
elif method == 'POST' and (key not in need_keys or request.POST[key] != value):
|
|
result = False
|
|
break
|
|
if result:
|
|
data = fun(request, {'code': '0', 'response': '', 'data': ''}, *args, **kwargs)
|
|
else:
|
|
context_in = {'code': '0', 'response': 'KEYS ARE NOT VALID', 'data': keys_in}
|
|
data = context_in
|
|
response = HttpResponse(simplejson.dumps(data), content_type='application/json; charset=utf-8')
|
|
response['Access-Control-Allow-Origin'] = '*'
|
|
return response
|
|
else:
|
|
response = HttpResponse(simplejson.dumps({'code': '0', 'response': '', 'data': ''}),
|
|
content_type='application/json; charset=utf-8')
|
|
response['Access-Control-Allow-Origin'] = '*'
|
|
return response
|
|
|
|
return _render_json
|
|
|
|
return wrap
|
|
|