merge

@@ -28,34 +28,35 @@ client_id_base64 = base64.b64encode('{0}:{1}'.format(
     conf.IWA_CLIENT_ID, conf.IWA_CLIENT_SECRET).encode('utf-8')).decode('utf-8')
     conf.IWA_CLIENT_ID, conf.IWA_CLIENT_SECRET).encode('utf-8')).decode('utf-8')
 
 
 
 
-class LoginView(ObtainJSONWebToken, GenericView):
-
-    def post(self, request, *args, **kwargs):
-        # 登录次数限制
-        remote_ip = request.META.get('HTTP_X_REAL_IP', '')
-        user_name = request.data.get('username', '')
-        times = rh.get_login_times(remote_ip)
-        if isinstance(times, str) and int(times) >= LOGIN_TIMES_LIMIT:
-            raise self.invalid_params(msg="重试次数限制")
-
-        res = super(LoginView, self).post(request, *args, **kwargs)
-        self.running_log.info('[users.login] username: {0}'.format(user_name))
-
-        if res.status_code == status.HTTP_400_BAD_REQUEST:
-            rh.set_login_times(remote_ip, LOGIN_TIMES_LIMIT_EXPIRES)
-            raise self.invalid_params(msg="用户名或密码错误")
-        serializer = self.get_serializer(data=request.data)
-        serializer.is_valid()
-        user = serializer.object.get('user')
-        user_role = UserRole.objects.filter(auth_user_id=user.id).first()
-        data = {
-            'user_id': user.id,
-            'user_name': user.username,
-            'token': res.data.get('token'),
-            'role':  user_role.role if user_role else -1
-        }
-        rh.set_token(res.data.get('token')[-10:], user.username)
-        return response.ok(data=data)
+# class LoginView(ObtainJSONWebToken, GenericView):
+
+#     def post(self, request, *args, **kwargs):
+#         # 登录次数限制
+#         remote_ip = request.META.get('HTTP_X_REAL_IP', '')
+#         user_name = request.data.get('username', '')
+#         times = rh.get_login_times(remote_ip)
+#         if isinstance(times, str) and int(times) >= LOGIN_TIMES_LIMIT:
+#             raise self.invalid_params(msg="重试次数限制")
+
+#         res = super(LoginView, self).post(request, *args, **kwargs)
+#         self.running_log.info('[users.login] username: {0}'.format(user_name))
+
+#         if res.status_code == status.HTTP_400_BAD_REQUEST:
+#             rh.set_login_times(remote_ip, LOGIN_TIMES_LIMIT_EXPIRES)
+#             raise self.invalid_params(msg="用户名或密码错误")
+#         serializer = self.get_serializer(data=request.data)
+#         serializer.is_valid()
+#         user = serializer.object.get('user')
+#         user_role = UserRole.objects.filter(auth_user_id=user.id).first()
+#         data = {
+#             'user_id': user.id,
+#             'user_name': user.username,
+#             'token': res.data.get('token'),
+#             'role':  user_role.role if user_role else -1
+#         }
+#         rh.set_token(res.data.get('token')[-10:], user.username)
+#         rh.set_token(res.data.get('token')[-11:], user_role.role if user_role else -1)
+#         return response.ok(data=data)
 
 
 
 
 class IWALoginView(IWABaseView, GenericView):
 class IWALoginView(IWABaseView, GenericView):
@@ -85,9 +86,10 @@ class IWALoginView(IWABaseView, GenericView):
         is_valid, data = self.validate(q_number)
         is_valid, data = self.validate(q_number)
 
 
         if is_valid:
         if is_valid:
-            rh.set_token(data.get('token')[-10:], data.get('user_name'))
             user_role = UserRole.objects.filter(auth_user_id=data.get('user_id')).first()
             user_role = UserRole.objects.filter(auth_user_id=data.get('user_id')).first()
             data['role'] = user_role.role if user_role else -1
             data['role'] = user_role.role if user_role else -1
+            rh.set_token(data.get('token')[-10:], data.get('user_name'))
+            rh.set_token(data.get('token')[-11:], user_role.role if user_role else -1)
             return response.ok(data=data)
             return response.ok(data=data)
         else:
         else:
             self.no_permission(data)
             self.no_permission(data)

@@ -5,5 +5,7 @@ from . import views
 urlpatterns = [
 urlpatterns = [
     path(r'', views.DocView.as_view()),
     path(r'', views.DocView.as_view()),
     path(r'query/employee', views.EmployeeView.as_view()),
     path(r'query/employee', views.EmployeeView.as_view()),
+    path(r'invoice/downloadExcel', views.InvoiceExcelView.as_view()),
+    path(r'invoice/queryInfo', views.InvoiceQueryInfoView.as_view()),
     path(r'contract/v1', views.SEContractView.as_view()),
     path(r'contract/v1', views.SEContractView.as_view()),
 ]
 ]

@@ -57,6 +57,7 @@ from .models import (
     AFCCmsStatusInfo,
     AFCCmsStatusInfo,
     Configs
     Configs
 )
 )
+from common.exceptions import (NoPermissionException)
 from .named_enum import ErrorType, AutoResult, WholeResult, RPAResult, SystemName, RequestTeam
 from .named_enum import ErrorType, AutoResult, WholeResult, RPAResult, SystemName, RequestTeam
 from .mixins import DocHandler, MPOSHandler, PreSEHandler
 from .mixins import DocHandler, MPOSHandler, PreSEHandler
 from . import consts
 from . import consts
@@ -65,6 +66,8 @@ from celery_compare.tasks import compare, fsm_compare
 from prese.compare import get_empty_result
 from prese.compare import get_empty_result
 
 
 import time
 import time
+from django.http import HttpResponse
+from django.utils.encoding import escape_uri_path
 
 
 
 
 class CustomDate(fields.Date):
 class CustomDate(fields.Date):
@@ -567,6 +570,10 @@ mpos_args = {
     'file_base64_content': fields.List(fields.Str(), required=True, validate=validate.Length(min=1)),
     'file_base64_content': fields.List(fields.Str(), required=True, validate=validate.Length(min=1)),
 }
 }
 
 
+invoice_download_args = {
+    'application_entity': fields.Int(required=True),
+    'application_ids':  fields.Str(required=True),
+}
 
 
 class UploadDocView(GenericView, DocHandler):
 class UploadDocView(GenericView, DocHandler):
     # permission_classes = []
     # permission_classes = []
@@ -1065,6 +1072,18 @@ class DocView(DocGenericView, DocHandler):
         create_time_start = args.get('create_time_start')
         create_time_start = args.get('create_time_start')
         create_time_end = args.get('create_time_end')
         create_time_end = args.get('create_time_end')
 
 
+        # 角色权限不符，返回空列表
+        token = request.META.get("HTTP_AUTHORIZATION")
+        user_role = rh.get_token(token[-11:])
+        self.running_log.info('[api doc] [user_role={0} business_type={1}] '.format(user_role, business_type))
+        if user_role or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
+            pagination = {'current': page, 'total': 0, 'page_size': page_size}
+            res = {
+            'pagination': pagination,
+            'doc_list': []
+            }
+            return response.ok(data=res)
+
         status_query = Q(status=status) if status is not None else Q()
         status_query = Q(status=status) if status is not None else Q()
         application_id_query = Q(application_id__contains=application_id) if application_id is not None else Q()
         application_id_query = Q(application_id__contains=application_id) if application_id is not None else Q()
         data_source_query = Q(data_source=data_source) if data_source is not None else Q()
         data_source_query = Q(data_source=data_source) if data_source is not None else Q()
@@ -1230,6 +1249,14 @@ class CompareResultView(GenericView):
         scheme = args.get('scheme')
         scheme = args.get('scheme')
         case_id = args.get('case_id')
         case_id = args.get('case_id')
         is_auto = args.get('auto')
         is_auto = args.get('auto')
+
+        # 角色权限不符，返回异常
+        token = request.META.get("HTTP_AUTHORIZATION")
+        user_role = rh.get_token(token[-11:])
+        self.running_log.info('[CompareResultView] [user_role={0}] '.format(user_role))
+        if user_role or user_role == '-1' or (user_role == '1' and entity == 'HIL') or (user_role == '2' and entity == 'AFC'):
+            raise NoPermissionException('no permission')
+
         if is_auto == 1:
         if is_auto == 1:
             result_table = HILAutoSettlement if entity == consts.HIL_PREFIX else AFCAutoSettlement
             result_table = HILAutoSettlement if entity == consts.HIL_PREFIX else AFCAutoSettlement
 
 
@@ -1628,6 +1655,18 @@ class AutoSettlementView(GenericView):
 
 
         is_fsm = args.get('is_fsm')
         is_fsm = args.get('is_fsm')
 
 
+        # 角色权限不符，返回空列表
+        token = request.META.get("HTTP_AUTHORIZATION")
+        user_role = rh.get_token(token[-11:])
+        self.running_log.info('[AutoSettlementView] [user_role={0}] '.format(user_role))
+        if user_role or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
+            pagination = {'current': page, 'total': 0, 'page_size': page_size}
+            res = {
+            'pagination': pagination,
+            'doc_list': []
+            }
+            return response.ok(data=res)
+
         if isinstance(auto_result, int):
         if isinstance(auto_result, int):
             auto_result = consts.RESULT_MAP.get(auto_result)
             auto_result = consts.RESULT_MAP.get(auto_result)
         if isinstance(whole_result, int):
         if isinstance(whole_result, int):
@@ -1712,6 +1751,13 @@ class AutoSettlementExcelView(GenericView):
 
 
         is_fsm = args.get('is_fsm')
         is_fsm = args.get('is_fsm')
 
 
+        # 角色权限不符，返回异常
+        token = request.META.get("HTTP_AUTHORIZATION")
+        user_role = rh.get_token(token[-11:])
+        self.running_log.info('[AutoSettlementExcelView] [user_role={0}] '.format(user_role))
+        if user_role or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
+            raise NoPermissionException('no permission')
+
         if isinstance(auto_result, int):
         if isinstance(auto_result, int):
             auto_result = consts.RESULT_MAP.get(auto_result)
             auto_result = consts.RESULT_MAP.get(auto_result)
         if isinstance(whole_result, int):
         if isinstance(whole_result, int):
@@ -1860,6 +1906,86 @@ class GoView(GenericView):
             else:
             else:
                 return response.error_msg(msg='识别错误')
                 return response.error_msg(msg='识别错误')
                 
                 
+class InvoiceExcelView(GenericView):
+    permission_classes = [IsAuthenticated]
+    authentication_classes = [OAuth2AuthenticationWithUser]
+
+    # 下载发票excel
+    @use_args(invoice_download_args, location='data')
+    def post(self, request, args):
+        application_ids = args.get('application_ids')
+        application_entity = args.get('application_entity')
+
+        # 角色权限不符，返回异常
+        token = request.META.get("HTTP_AUTHORIZATION")
+        user_role = rh.get_token(token[-11:])
+        self.running_log.info('[InvoiceExcelView] [user_role={0}] '.format(user_role))
+        if user_role or user_role == '-1' or (user_role == '1' and application_entity == 'HIL') or (user_role == '2' and application_entity == 'AFC'):
+            raise NoPermissionException('no permission')
+
+        url = 'http://127.0.0.1:8088/napi/invoice/downloadExcelOri'
+        body = {
+            'applicationIds': application_ids,
+            'applicationEntity': application_entity
+        }
+        try:
+            self.running_log.info("request java invoice excel api, url:{0}, body:{1}".format(url, json.dumps(body)))
+            headers = {
+                'Content-Type': 'application/json'
+            }
+            resp = requests.post(url, headers=headers, json=body)
+            self.running_log.info("java invoice excel api finish, applicationIds:{0},{1}".format(application_ids, resp.text))
+            res_json = json.loads(resp.text)
+            file_path = res_json.get('result')
+            self.running_log.info("java invoice excel after process, filePath:{0}".format(file_path))
+            current_time = time.strftime('%Y-%m-%d_%H_%M_%S', time.localtime())
+            download_file_name = "发票信息提取-" + current_time + ".xlsx"
+            f = open(file_path,"rb")
+            response = HttpResponse(content_type='application/vnd.openxmlformats-officedocument.spreadsheetml.sheet')
+            response['Content-Disposition'] = 'attachment; filename="{0}"'.format(escape_uri_path(download_file_name))
+            response['Access-Control-Expose-Headers'] = 'content-disposition'
+            response.write(f.read())
+            f.close()
+            return response
+        except Exception as e:
+            self.running_log.error("invoice excel request to java error, url:{0}, param:{1}, errorMsg:{2}".format(
+                url, json.dumps(body), traceback.format_exc()))
+
+class InvoiceQueryInfoView(GenericView):
+    permission_classes = [IsAuthenticated]
+    authentication_classes = [OAuth2AuthenticationWithUser]
+
+    @use_args(invoice_download_args, location='data')
+    def post(self, request, args):
+        application_ids = args.get('application_ids')
+        application_entity = args.get('application_entity')
+
+        # 角色权限不符，返回异常
+        token = request.META.get("HTTP_AUTHORIZATION")
+        user_role = rh.get_token(token[-11:])
+        self.running_log.info('[InvoiceQueryInfoView] [user_role={0}] '.format(user_role))
+        if user_role or user_role == '-1' or (user_role == '1' and application_entity == 'HIL') or (user_role == '2' and application_entity == 'AFC'):
+            raise NoPermissionException('no permission')
+
+        url = 'http://127.0.0.1:8088/napi/invoice/queryInfoOri'
+        body = {
+            'applicationIds': application_ids,
+            'applicationEntity': application_entity
+        }
+        try:
+            self.running_log.info("request java invoice info api, url:{0}, body:{1}".format(url, json.dumps(body)))
+            headers = {
+                'Content-Type': 'application/json'
+            }
+            resp = requests.post(url, headers=headers, json=body)
+            self.running_log.info("java invoice info api finish, applicationIds:{0},{1}".format(application_ids, resp.text))
+            res_json = json.loads(resp.text)
+            java_result = res_json.get('result')
+            return response.ok(data=java_result)
+        except Exception as e:
+            self.running_log.error("invoice info request to java error, url:{0}, param:{1}, errorMsg:{2}".format(
+                url, json.dumps(body), traceback.format_exc()))
+
 def notifyCmsPass(self, request):
 def notifyCmsPass(self, request):
     args = request.data
     args = request.data
     cms_info = args.get('content', {})
     cms_info = args.get('content', {})

@@ -100,7 +100,7 @@ DATABASES = {
 for db_setting in DATABASES.values():
 for db_setting in DATABASES.values():
     db_setting['OPTIONS'] = {
     db_setting['OPTIONS'] = {
         'driver': 'ODBC Driver 17 for SQL Server',
         'driver': 'ODBC Driver 17 for SQL Server',
-        'extra_params': "odbc_cursortype=2"
+        'extra_params': "odbc_cursortype=2;TrustServerCertificate=yes;Encrypt=yes"
     }
     }
 
 
 # set this to False if you want to turn off pyodbc's connection pooling
 # set this to False if you want to turn off pyodbc's connection pooling