380 lines
13 KiB
Python
380 lines
13 KiB
Python
import json
|
|
import re
|
|
from datetime import datetime
|
|
from flask import Blueprint, jsonify, request
|
|
from sqlalchemy import desc, or_
|
|
# 引入 jwt 相关函数
|
|
from flask_jwt_extended import create_access_token, jwt_required, get_jwt_identity
|
|
|
|
from extensions import db
|
|
from models import Device, DeviceHistory, MaintenanceLog, User, UserDevicePermission
|
|
|
|
# 尝试导入爬虫模块 (如果没有则跳过,防止报错)
|
|
try:
|
|
from services.core import execute_monitor_task
|
|
except ImportError:
|
|
execute_monitor_task = None
|
|
|
|
api_bp = Blueprint('api', __name__, url_prefix='/api')
|
|
|
|
|
|
# =======================
|
|
# 🔧 辅助函数 (权限核心)
|
|
# =======================
|
|
def is_admin(user_id):
|
|
"""
|
|
判断是否为超级管理员 (Root权限)
|
|
逻辑:
|
|
1. ID 为 '0' (硬编码后门) -> 通过
|
|
2. 数据库中角色为 'admin' -> 通过
|
|
"""
|
|
if str(user_id) == '0':
|
|
return True
|
|
if not user_id:
|
|
return False
|
|
try:
|
|
u = User.query.get(int(user_id))
|
|
return u and u.role == 'admin'
|
|
except:
|
|
return False
|
|
|
|
|
|
def is_manager(user_id):
|
|
"""
|
|
判断是否为管理者 (Admin OR Engineer)
|
|
用于:修改地点、切换维修模式、写日志
|
|
"""
|
|
if is_admin(user_id):
|
|
return True
|
|
try:
|
|
u = User.query.get(int(user_id))
|
|
return u and u.role == 'engineer'
|
|
except:
|
|
return False
|
|
|
|
|
|
def calculate_offset(latest_time_str):
|
|
"""计算时间滞后天数"""
|
|
if not latest_time_str or latest_time_str == "N/A": return "从未同步"
|
|
try:
|
|
clean = str(latest_time_str).split()[0].replace('_', '-')
|
|
target = datetime.strptime(clean, "%Y-%m-%d").date()
|
|
diff = (datetime.now().date() - target).days
|
|
return "当天已同步" if diff == 0 else f"滞后 {diff} 天"
|
|
except:
|
|
return "时间解析失败"
|
|
|
|
|
|
# =======================
|
|
# 0. 认证接口
|
|
# =======================
|
|
@api_bp.route('/login', methods=['POST'])
|
|
def login():
|
|
data = request.get_json()
|
|
username = data.get('username')
|
|
password = data.get('password')
|
|
|
|
# 1. 后门判定
|
|
if username == 'admin' and password == 'licahk':
|
|
token = create_access_token(identity='0', additional_claims={'role': 'admin'})
|
|
return jsonify({
|
|
'code': 200, 'message': 'Root后门登录',
|
|
'token': token, 'role': 'admin', 'user_id': 0, 'username': 'admin'
|
|
})
|
|
|
|
# 2. 正常查库登录
|
|
user = User.query.filter_by(username=username).first()
|
|
if user and user.check_password(password):
|
|
token = create_access_token(identity=str(user.id), additional_claims={'role': user.role})
|
|
return jsonify({
|
|
'code': 200, 'message': '登录成功',
|
|
'token': token, 'role': user.role, 'user_id': user.id, 'username': user.username
|
|
})
|
|
|
|
return jsonify({'code': 401, 'message': '用户名或密码错误'}), 401
|
|
|
|
|
|
# =======================
|
|
# 1. 设备接口
|
|
# =======================
|
|
@api_bp.route('/devices_overview', methods=['GET'])
|
|
@jwt_required()
|
|
def devices_overview():
|
|
try:
|
|
user_id = get_jwt_identity()
|
|
if is_admin(user_id):
|
|
target_devices = Device.query.all()
|
|
else:
|
|
perms = UserDevicePermission.query.filter_by(user_id=int(user_id)).all()
|
|
allowed_ids = [p.device_id for p in perms]
|
|
target_devices = Device.query.filter(Device.id.in_(allowed_ids)).all() if allowed_ids else []
|
|
|
|
return jsonify({'code': 200, 'data': [d.to_dict() for d in target_devices]})
|
|
except Exception as e:
|
|
return jsonify({'code': 500, 'message': str(e)})
|
|
|
|
|
|
@api_bp.route('/device_data_by_date', methods=['GET'])
|
|
@jwt_required(optional=True)
|
|
def device_data_by_date():
|
|
name = request.args.get('name')
|
|
date_str = request.args.get('date')
|
|
if not name or not date_str: return jsonify({'code': 400}), 400
|
|
|
|
device = Device.query.filter_by(name=name).first()
|
|
if not device: return jsonify({'code': 404}), 404
|
|
|
|
hist = DeviceHistory.query.filter(DeviceHistory.device_id == device.id, DeviceHistory.data_time.like(f"{date_str}%")).order_by(desc(DeviceHistory.id)).first()
|
|
content = hist.json_data if hist else (device.json_data if device.latest_time and str(device.latest_time).startswith(date_str) else None)
|
|
|
|
if content:
|
|
if isinstance(content, str):
|
|
try: content = json.loads(content)
|
|
except: pass
|
|
return jsonify({'code': 200, 'name': device.name, 'source': device.source, 'content': content})
|
|
return jsonify({'code': 404, 'message': '无数据'}), 404
|
|
|
|
|
|
# =======================
|
|
# 2. 用户管理 (Admin Only)
|
|
# =======================
|
|
@api_bp.route('/admin/users', methods=['GET'])
|
|
@jwt_required()
|
|
def admin_get_users():
|
|
if not is_admin(get_jwt_identity()): return jsonify({'code': 403}), 403
|
|
users = User.query.order_by(desc(User.created_at)).all()
|
|
result = []
|
|
for u in users:
|
|
if str(u.id) == str(get_jwt_identity()): continue
|
|
perms = UserDevicePermission.query.filter_by(user_id=u.id).all()
|
|
result.append({
|
|
"id": u.id, "username": u.username, "role": u.role,
|
|
"created_at": u.created_at, "allowed_device_ids": [p.device_id for p in perms]
|
|
})
|
|
return jsonify({'code': 200, 'data': result})
|
|
|
|
|
|
@api_bp.route('/admin/create_user', methods=['POST'])
|
|
@jwt_required()
|
|
def admin_create_user():
|
|
if not is_admin(get_jwt_identity()): return jsonify({'code': 403}), 403
|
|
data = request.get_json()
|
|
if User.query.filter_by(username=data.get('username')).first():
|
|
return jsonify({'code': 400, 'msg': '用户名已存在'}), 400
|
|
u = User(username=data.get('username'), role=data.get('role', 'client'))
|
|
u.set_password(data.get('password'))
|
|
db.session.add(u)
|
|
db.session.commit()
|
|
return jsonify({'code': 200, 'msg': '创建成功'})
|
|
|
|
|
|
@api_bp.route('/admin/delete_user', methods=['POST'])
|
|
@jwt_required()
|
|
def admin_delete_user():
|
|
curr = get_jwt_identity()
|
|
if not is_admin(curr): return jsonify({'code': 403}), 403
|
|
uid = request.get_json().get('user_id')
|
|
if str(uid) == str(curr): return jsonify({'code': 400, 'msg': '无法删除自己'}), 400
|
|
user = User.query.get(uid)
|
|
if user:
|
|
UserDevicePermission.query.filter_by(user_id=user.id).delete()
|
|
db.session.delete(user)
|
|
db.session.commit()
|
|
return jsonify({'code': 200, 'msg': '删除成功'})
|
|
|
|
|
|
@api_bp.route('/admin/assign_devices', methods=['POST'])
|
|
@jwt_required()
|
|
def admin_assign_devices():
|
|
if not is_admin(get_jwt_identity()): return jsonify({'code': 403}), 403
|
|
data = request.get_json()
|
|
UserDevicePermission.query.filter_by(user_id=data.get('user_id')).delete()
|
|
for did in data.get('device_ids', []):
|
|
db.session.add(UserDevicePermission(user_id=data.get('user_id'), device_id=did))
|
|
db.session.commit()
|
|
return jsonify({'code': 200, 'msg': '权限已保存'})
|
|
|
|
|
|
# =======================
|
|
# 3. 日志与工具 (权限隔离)
|
|
# =======================
|
|
@api_bp.route('/logs/list', methods=['GET'])
|
|
@jwt_required()
|
|
def get_logs():
|
|
"""
|
|
获取日志列表
|
|
权限逻辑更新:
|
|
- Admin: 可以看所有
|
|
- Engineer/Client: 只能看自己名下设备的日志 (严格过滤)
|
|
"""
|
|
user_id = get_jwt_identity()
|
|
keyword = request.args.get('keyword', '')
|
|
start_date = request.args.get('start_date')
|
|
end_date = request.args.get('end_date')
|
|
|
|
query = MaintenanceLog.query
|
|
|
|
# 🛡️ 权限隔离
|
|
if not is_admin(user_id):
|
|
perms = UserDevicePermission.query.filter_by(user_id=int(user_id)).all()
|
|
if not perms: return jsonify({'code': 200, 'data': []})
|
|
allowed_names = [d.name for d in Device.query.filter(Device.id.in_([p.device_id for p in perms])).all()]
|
|
query = query.filter(MaintenanceLog.device_name.in_(allowed_names))
|
|
|
|
if keyword:
|
|
kw = f"%{keyword}%"
|
|
query = query.filter(or_(
|
|
MaintenanceLog.device_name.like(kw), MaintenanceLog.engineer.like(kw),
|
|
MaintenanceLog.location.like(kw), MaintenanceLog.content.like(kw)
|
|
))
|
|
|
|
if start_date and end_date:
|
|
try:
|
|
s = datetime.strptime(start_date, '%Y-%m-%d')
|
|
e = datetime.strptime(end_date, '%Y-%m-%d').replace(hour=23, minute=59, second=59)
|
|
query = query.filter(MaintenanceLog.timestamp.between(s, e))
|
|
except: pass
|
|
|
|
logs = query.order_by(desc(MaintenanceLog.timestamp)).all()
|
|
return jsonify({'code': 200, 'data': [l.to_dict() for l in logs]})
|
|
|
|
|
|
@api_bp.route('/logs/add', methods=['POST'])
|
|
@jwt_required()
|
|
def add_log():
|
|
if not is_manager(get_jwt_identity()): return jsonify({'code': 403}), 403
|
|
data = request.get_json()
|
|
# 后端安全校验:如果是工程师,建议再次校验 engineer 字段是否匹配其 username
|
|
db.session.add(MaintenanceLog(
|
|
device_name=data.get('device_name'),
|
|
engineer=data.get('engineer'),
|
|
location=data.get('location'),
|
|
content=data.get('content')
|
|
))
|
|
db.session.commit()
|
|
return jsonify({'code': 200})
|
|
|
|
|
|
@api_bp.route('/logs/update', methods=['POST'])
|
|
@jwt_required()
|
|
def update_log():
|
|
if not is_manager(get_jwt_identity()): return jsonify({'code': 403}), 403
|
|
data = request.get_json()
|
|
log = MaintenanceLog.query.get(data.get('id'))
|
|
if not log: return jsonify({'code': 404}), 404
|
|
|
|
log.engineer = data.get('engineer')
|
|
log.location = data.get('location')
|
|
log.content = data.get('content')
|
|
db.session.commit()
|
|
return jsonify({'code': 200, 'msg': '更新成功'})
|
|
|
|
|
|
@api_bp.route('/logs/delete', methods=['POST'])
|
|
@jwt_required()
|
|
def delete_log():
|
|
if not is_admin(get_jwt_identity()): return jsonify({'code': 403}), 403
|
|
log = MaintenanceLog.query.get(request.get_json().get('id'))
|
|
if log:
|
|
db.session.delete(log)
|
|
db.session.commit()
|
|
return jsonify({'code': 200})
|
|
return jsonify({'code': 404})
|
|
|
|
|
|
# =======================
|
|
# 4. 系统检测与控制 (原有功能完整保留)
|
|
# =======================
|
|
@api_bp.route('/run_monitor', methods=['POST'])
|
|
@jwt_required()
|
|
def run_monitor():
|
|
if not is_admin(get_jwt_identity()): return jsonify({'code': 403}), 403
|
|
if not execute_monitor_task: return jsonify({'code': 500, 'msg': '爬虫模块未加载'})
|
|
|
|
try:
|
|
task_result = execute_monitor_task()
|
|
if not task_result: return jsonify({'code': 200, 'msg': '无任务'})
|
|
|
|
scraped_list = task_result.get('device_list', [])
|
|
now_str = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
|
|
count = 0
|
|
|
|
for item in scraped_list:
|
|
d_name = item.get('name')
|
|
if not d_name: continue
|
|
|
|
d_raw = item.get('raw_json', {})
|
|
target_time = item.get('target_time')
|
|
source = item.get('source', '')
|
|
|
|
# 针对 106 源码进行特殊路径解析
|
|
if '106' in str(source):
|
|
try:
|
|
path_str = d_raw.get('path', '')
|
|
match = re.search(r'/Data/(\d{4}_\d{2}_\d{2})/\w+_(\d{2}_\d{2}_\d{2})\.csv', path_str)
|
|
if match:
|
|
target_time = f"{match.group(1).replace('_', '-')} {match.group(2).replace('_', ':')}"
|
|
except: pass
|
|
|
|
json_str = json.dumps(d_raw, ensure_ascii=False)
|
|
device = Device.query.filter_by(name=d_name).first()
|
|
if not device:
|
|
device = Device(name=d_name, source=source)
|
|
db.session.add(device)
|
|
db.session.flush()
|
|
|
|
device.status = item.get('status')
|
|
device.current_value = item.get('value')
|
|
device.latest_time = target_time
|
|
device.check_time = now_str
|
|
device.json_data = json_str
|
|
device.offset = calculate_offset(target_time)
|
|
|
|
db.session.add(DeviceHistory(
|
|
device_id=device.id, status=device.status,
|
|
result_data=device.current_value, data_time=target_time,
|
|
json_data=json_str
|
|
))
|
|
count += 1
|
|
|
|
db.session.commit()
|
|
return jsonify({'code': 200, 'message': f'更新 {count} 台设备'})
|
|
except Exception as e:
|
|
db.session.rollback()
|
|
return jsonify({'code': 500, 'message': str(e)})
|
|
|
|
|
|
@api_bp.route('/update_site', methods=['POST'])
|
|
@jwt_required()
|
|
def update_site():
|
|
if not is_manager(get_jwt_identity()): return jsonify({'code': 403}), 403
|
|
d = Device.query.filter_by(name=request.get_json().get('name')).first()
|
|
if d:
|
|
d.install_site = request.get_json().get('site')
|
|
db.session.commit()
|
|
return jsonify({'code': 200})
|
|
return jsonify({'code': 404})
|
|
|
|
|
|
@api_bp.route('/toggle_maintenance', methods=['POST'])
|
|
@jwt_required()
|
|
def toggle_maintenance():
|
|
if not is_manager(get_jwt_identity()): return jsonify({'code': 403}), 403
|
|
d = Device.query.filter_by(name=request.get_json().get('name')).first()
|
|
if d:
|
|
d.is_maintaining = request.get_json().get('is_maintaining')
|
|
db.session.commit()
|
|
return jsonify({'code': 200})
|
|
return jsonify({'code': 404})
|
|
|
|
|
|
@api_bp.route('/toggle_hidden', methods=['POST'])
|
|
@jwt_required()
|
|
def toggle_hidden():
|
|
if not is_admin(get_jwt_identity()): return jsonify({'code': 403}), 403
|
|
d = Device.query.filter_by(name=request.get_json().get('name')).first()
|
|
if d:
|
|
d.is_hidden = request.get_json().get('is_hidden')
|
|
db.session.commit()
|
|
return jsonify({'code': 200})
|
|
return jsonify({'code': 404}) |