2019-07-21 22:08:04 +08:00
|
|
|
|
from django.core.exceptions import PermissionDenied # 权限拒绝异常
|
2020-03-29 20:48:02 +08:00
|
|
|
|
from django.http import Http404,JsonResponse
|
2019-12-01 20:44:16 +08:00
|
|
|
|
from app_admin.models import SysSetting
|
2020-03-29 20:48:02 +08:00
|
|
|
|
from app_api.models import UserToken
|
|
|
|
|
|
from django import VERSION as django_version
|
2019-07-21 22:08:04 +08:00
|
|
|
|
|
|
|
|
|
|
# 超级管理员用户需求
|
|
|
|
|
|
def superuser_only(function):
|
|
|
|
|
|
"""限制视图只有超级管理员能够访问"""
|
|
|
|
|
|
def _inner(request, *args, **kwargs):
|
|
|
|
|
|
if request.user.is_authenticated:
|
|
|
|
|
|
if not request.user.is_superuser:
|
|
|
|
|
|
raise PermissionDenied
|
|
|
|
|
|
else:
|
|
|
|
|
|
raise PermissionDenied
|
|
|
|
|
|
return function(request, *args, **kwargs)
|
|
|
|
|
|
|
2019-12-01 20:44:16 +08:00
|
|
|
|
return _inner
|
|
|
|
|
|
|
|
|
|
|
|
# 开放注册需求
|
|
|
|
|
|
def open_register(function):
|
|
|
|
|
|
'''只有开放注册才能访问'''
|
|
|
|
|
|
def _inner(request,*args,**kwargs):
|
|
|
|
|
|
try:
|
|
|
|
|
|
status = SysSetting.objects.get(name='close_register')
|
|
|
|
|
|
except:
|
|
|
|
|
|
# 如果不存在close_register这个属性,那么表示是开放注册的
|
|
|
|
|
|
return function(request, *args, **kwargs)
|
|
|
|
|
|
if status.value == 'on':
|
|
|
|
|
|
raise Http404
|
|
|
|
|
|
return function(request, *args, **kwargs)
|
|
|
|
|
|
|
|
|
|
|
|
return _inner
|
2020-01-15 21:03:44 +08:00
|
|
|
|
|
|
|
|
|
|
# 请求头验证
|
|
|
|
|
|
def check_headers(function):
|
|
|
|
|
|
def _inner(request,*args,**kwargs):
|
|
|
|
|
|
metas = request.META
|
2020-03-07 09:30:11 +08:00
|
|
|
|
# if 'HTTP_COOKIE' not in metas:
|
|
|
|
|
|
# raise Http404
|
|
|
|
|
|
if 'HTTP_USER_AGENT' not in metas:
|
2020-01-15 21:03:44 +08:00
|
|
|
|
raise Http404
|
|
|
|
|
|
return function(request, *args, **kwargs)
|
2020-03-07 09:30:11 +08:00
|
|
|
|
return _inner
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# 开放前台文集导出
|
|
|
|
|
|
def allow_report_file(function):
|
|
|
|
|
|
def _inner(request,*args,**kwargs):
|
|
|
|
|
|
try:
|
|
|
|
|
|
status = SysSetting.objects.get(name='enable_project_report')
|
|
|
|
|
|
except:
|
|
|
|
|
|
# 如果不存在enable_project_report这个属性,那么表示是禁止导出的
|
|
|
|
|
|
raise Http404
|
|
|
|
|
|
# 启用导出
|
|
|
|
|
|
if status.value == 'on':
|
|
|
|
|
|
return function(request, *args, **kwargs)
|
|
|
|
|
|
else:
|
|
|
|
|
|
raise Http404
|
2020-03-29 20:48:02 +08:00
|
|
|
|
return _inner
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Token头验证
|
|
|
|
|
|
# def check_token(function):
|
|
|
|
|
|
# def _inner(request,*args,**kwargs):
|
|
|
|
|
|
# if django_version[0] == 2 and django_version[1] >= 2:
|
|
|
|
|
|
# headers = request.headers
|
|
|
|
|
|
# print(headers)
|
|
|
|
|
|
# if 'Mrdoc-Token' not in headers:
|
|
|
|
|
|
# return JsonResponse({'data':'非法请求'})
|
|
|
|
|
|
# else:
|
|
|
|
|
|
# token = headers['Mrdoc-Token']
|
|
|
|
|
|
# is_vail = UserToken.objects.filter(token=token)
|
|
|
|
|
|
# if is_vail.exists():
|
|
|
|
|
|
# return function(request,*args,**kwargs)
|
|
|
|
|
|
# else:
|
|
|
|
|
|
# return JsonResponse({'data':'无效Token'})
|
|
|
|
|
|
# else:
|
|
|
|
|
|
# metas = request.META
|
|
|
|
|
|
# return _inner
|
