MOD:

冯轩
Showing 2 changed files with 38 additions and 38 deletions
src/apps/account/views.py
src/apps/doc/views.py
--- a/src/apps/account/views.py
View file @2a6f1eb
+++ b/src/apps/account/views.py
View file @2a6f1eb
@@ -28,35 +28,35 @@ client_id_base64 = base64.b64encode('{0}:{1}'.format(
    conf.IWA_CLIENT_ID, conf.IWA_CLIENT_SECRET).encode('utf-8')).decode('utf-8')


-class LoginView(ObtainJSONWebToken, GenericView):
-
-    def post(self, request, *args, **kwargs):
-        # 登录次数限制
-        remote_ip = request.META.get('HTTP_X_REAL_IP', '')
-        user_name = request.data.get('username', '')
-        times = rh.get_login_times(remote_ip)
-        if isinstance(times, str) and int(times) >= LOGIN_TIMES_LIMIT:
-            raise self.invalid_params(msg="重试次数限制")
-
-        res = super(LoginView, self).post(request, *args, **kwargs)
-        self.running_log.info('[users.login] username: {0}'.format(user_name))
-
-        if res.status_code == status.HTTP_400_BAD_REQUEST:
-            rh.set_login_times(remote_ip, LOGIN_TIMES_LIMIT_EXPIRES)
-            raise self.invalid_params(msg="用户名或密码错误")
-        serializer = self.get_serializer(data=request.data)
-        serializer.is_valid()
-        user = serializer.object.get('user')
-        user_role = UserRole.objects.filter(auth_user_id=user.id).first()
-        data = {
-            'user_id': user.id,
-            'user_name': user.username,
-            'token': res.data.get('token'),
-            'role':  user_role.role if user_role else -1
-        }
-        rh.set_token(res.data.get('token')[-10:], user.username)
-        rh.set_token(res.data.get('token')[-11:], user_role.role if user_role else -1)
-        return response.ok(data=data)
+# class LoginView(ObtainJSONWebToken, GenericView):
+
+#     def post(self, request, *args, **kwargs):
+#         # 登录次数限制
+#         remote_ip = request.META.get('HTTP_X_REAL_IP', '')
+#         user_name = request.data.get('username', '')
+#         times = rh.get_login_times(remote_ip)
+#         if isinstance(times, str) and int(times) >= LOGIN_TIMES_LIMIT:
+#             raise self.invalid_params(msg="重试次数限制")
+
+#         res = super(LoginView, self).post(request, *args, **kwargs)
+#         self.running_log.info('[users.login] username: {0}'.format(user_name))
+
+#         if res.status_code == status.HTTP_400_BAD_REQUEST:
+#             rh.set_login_times(remote_ip, LOGIN_TIMES_LIMIT_EXPIRES)
+#             raise self.invalid_params(msg="用户名或密码错误")
+#         serializer = self.get_serializer(data=request.data)
+#         serializer.is_valid()
+#         user = serializer.object.get('user')
+#         user_role = UserRole.objects.filter(auth_user_id=user.id).first()
+#         data = {
+#             'user_id': user.id,
+#             'user_name': user.username,
+#             'token': res.data.get('token'),
+#             'role':  user_role.role if user_role else -1
+#         }
+#         rh.set_token(res.data.get('token')[-10:], user.username)
+#         rh.set_token(res.data.get('token')[-11:], user_role.role if user_role else -1)
+#         return response.ok(data=data)


 class IWALoginView(IWABaseView, GenericView):
--- a/src/apps/doc/views.py
View file @2a6f1eb
+++ b/src/apps/doc/views.py
View file @2a6f1eb
@@ -1070,7 +1070,7 @@ class DocView(DocGenericView, DocHandler):
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
        self.running_log.info('[api doc] [user_role={0} business_type={1}] '.format(user_role, business_type))
-        if user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
+        if user_role or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
            pagination = {'current': page, 'total': 0, 'page_size': page_size}
            res = {
            'pagination': pagination,
@@ -1247,8 +1247,8 @@ class CompareResultView(GenericView):
        # 角色权限不符，返回异常
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
-        self.running_log.info('[api doc] [user_role={0}] '.format(user_role))
-        if user_role == '-1' or (user_role == '1' and entity == 'HIL') or (user_role == '2' and entity == 'AFC'):
+        self.running_log.info('[CompareResultView] [user_role={0}] '.format(user_role))
+        if user_role or user_role == '-1' or (user_role == '1' and entity == 'HIL') or (user_role == '2' and entity == 'AFC'):
            raise NoPermissionException('no permission')

        if is_auto == 1:
@@ -1644,8 +1644,8 @@ class AutoSettlementView(GenericView):
        # 角色权限不符，返回空列表
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
-        self.running_log.info('[api doc] [user_role={0}] '.format(user_role))
-        if user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
+        self.running_log.info('[AutoSettlementView] [user_role={0}] '.format(user_role))
+        if user_role or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
            pagination = {'current': page, 'total': 0, 'page_size': page_size}
            res = {
            'pagination': pagination,
@@ -1740,8 +1740,8 @@ class AutoSettlementExcelView(GenericView):
        # 角色权限不符，返回异常
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
-        self.running_log.info('[api doc] [user_role={0}] '.format(user_role))
-        if user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
+        self.running_log.info('[AutoSettlementExcelView] [user_role={0}] '.format(user_role))
+        if user_role or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
            raise NoPermissionException('no permission')

        if isinstance(auto_result, int):
@@ -1906,7 +1906,7 @@ class InvoiceExcelView(GenericView):
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
        self.running_log.info('[InvoiceExcelView] [user_role={0}] '.format(user_role))
-        if user_role == '-1' or (user_role == '1' and application_entity == 'HIL') or (user_role == '2' and application_entity == 'AFC'):
+        if user_role or user_role == '-1' or (user_role == '1' and application_entity == 'HIL') or (user_role == '2' and application_entity == 'AFC'):
            raise NoPermissionException('no permission')

        url = 'http://127.0.0.1:8088/napi/invoice/downloadExcelOri'
@@ -1950,7 +1950,7 @@ class InvoiceQueryInfoView(GenericView):
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
        self.running_log.info('[InvoiceQueryInfoView] [user_role={0}] '.format(user_role))
-        if user_role == '-1' or (user_role == '1' and application_entity == 'HIL') or (user_role == '2' and application_entity == 'AFC'):
+        if user_role or user_role == '-1' or (user_role == '1' and application_entity == 'HIL') or (user_role == '2' and application_entity == 'AFC'):
            raise NoPermissionException('no permission')

        url = 'http://127.0.0.1:8088/napi/invoice/queryInfoOri'