diff --git a/EduSystemServer/API/views.py b/EduSystemServer/API/views.py index e34babd..f37abf4 100644 --- a/EduSystemServer/API/views.py +++ b/EduSystemServer/API/views.py @@ -2,15 +2,12 @@ import json from datetime import datetime, timedelta import jwt -from django.shortcuts import render -from django.http import JsonResponse, HttpResponse -# Create your views here. from django.views.decorators.csrf import csrf_exempt from Student.models import * from teacher.models import Teacher -from EduSystemServer.utils import ResponseUtil from EduSystemServer.settings import TOKEN_KEY +from EduSystemServer.utils import * # 用户登录成功后生成 JWT Token def generate_jwt_token(user, _type): diff --git a/EduSystemServer/EduSystemServer/settings.py b/EduSystemServer/EduSystemServer/settings.py index d12448c..6e6a12c 100644 --- a/EduSystemServer/EduSystemServer/settings.py +++ b/EduSystemServer/EduSystemServer/settings.py @@ -62,6 +62,24 @@ MIDDLEWARE = [ 'API.middle.JWTMiddleware', ] +LOGGING = { + 'version': 1, + 'disable_existing_loggers': False, + 'handlers': { + 'console': { + 'level': 'DEBUG', # 调整日志级别为 DEBUG 以记录 SQL 查询 + 'class': 'logging.StreamHandler', + }, + }, + 'loggers': { + 'django.db.backends': { + 'handlers': ['console'], + 'level': 'DEBUG', + 'propagate': False, + }, + }, +} + ROOT_URLCONF = 'EduSystemServer.urls' diff --git a/EduSystemServer/EduSystemServer/utils.py b/EduSystemServer/EduSystemServer/utils.py index 625de0b..ac1584e 100644 --- a/EduSystemServer/EduSystemServer/utils.py +++ b/EduSystemServer/EduSystemServer/utils.py @@ -1,5 +1,43 @@ +from functools import wraps +from django.http import HttpResponseForbidden, JsonResponse +def student_required(view_func): + """ + 装饰器:用于权限控制 + """ + @wraps(view_func) + def _wrapped_view(request, *args, **kwargs): + if request.jwt_payload.get("type") == 'student': + return view_func(request, *args, **kwargs) + else: + return JsonResponse(ResponseUtil.error("你没有该权限进行操作!")) + return _wrapped_view + +def teacher_required(view_func): + """ + 装饰器:用于权限控制 + """ + @wraps(view_func) + def _wrapped_view(request, *args, **kwargs): + if request.jwt_payload.get("type") == 'teacher': + return view_func(request, *args, **kwargs) + else: + return JsonResponse(ResponseUtil.error("你没有该权限进行操作!")) + return _wrapped_view + +def admin_required(view_func): + """ + 装饰器:用于权限控制 + """ + @wraps(view_func) + def _wrapped_view(request, *args, **kwargs): + if request.jwt_payload.get("type") == 'admin': + return view_func(request, *args, **kwargs) + else: + return JsonResponse(ResponseUtil.error("你没有该权限进行操作!")) + return _wrapped_view + class ResponseUtil: @staticmethod def ok(data, message="success!"): diff --git a/EduSystemServer/Student/views.py b/EduSystemServer/Student/views.py index cb2ed17..41704cc 100644 --- a/EduSystemServer/Student/views.py +++ b/EduSystemServer/Student/views.py @@ -9,7 +9,7 @@ from django.http import JsonResponse from course.models import SC, Course from .models import Student -from EduSystemServer.utils import ResponseUtil +from EduSystemServer.utils import * from Student.models import Student from .models import Student from django.views.decorators.csrf import csrf_exempt @@ -120,6 +120,8 @@ def studnets(request): @csrf_exempt +@teacher_required +@admin_required def add_student(request): if not request.method == "POST": return JsonResponse(ResponseUtil.error("request method error!")) @@ -140,10 +142,12 @@ def add_student(request): return JsonResponse(result) @csrf_exempt +@teacher_required +@admin_required def search_student(request): currentPage = request.GET.get("currentPage") pageSize = request.GET.get("pageSize") - request_data = json.loads(request.body) + request_data = request.POST search_students = Student.objects.all() if not request_data.get("sid") == "": search_students =search_students.filter(sid=request_data.get("sid")) @@ -169,6 +173,8 @@ def search_student(request): @csrf_exempt +@teacher_required +@admin_required def del_student(request): if not request.method == "GET": return JsonResponse(ResponseUtil.error("request method error!")) @@ -183,6 +189,7 @@ def del_student(request): @csrf_exempt +@student_required def select_course(request): if not request.method == "POST": return JsonResponse(ResponseUtil.error("request method error!")) @@ -205,7 +212,11 @@ def select_course(request): return JsonResponse(ResponseUtil.error(str(E))) +@student_required def get_grade(request): + """ + 获取学生成绩 + """ if not request.method == "GET": return ResponseUtil.error("request method error!") try: diff --git a/EduSystemServer/course/urls.py b/EduSystemServer/course/urls.py index 8090b87..4db2a9c 100644 --- a/EduSystemServer/course/urls.py +++ b/EduSystemServer/course/urls.py @@ -6,5 +6,7 @@ urlpatterns = [ path("", courses), path("getCourseById", get_course_by_student_id), path("deleteSelectCourse", delete_select_course), - path("seacherCourse", search_course) + path("seacherCourse", search_course), + path("getStudentCourse", get_student_select_course), + path("editGrade", edit_grade) ] \ No newline at end of file diff --git a/EduSystemServer/course/views.py b/EduSystemServer/course/views.py index 6ee8de6..9200258 100644 --- a/EduSystemServer/course/views.py +++ b/EduSystemServer/course/views.py @@ -1,12 +1,13 @@ import json from django.core.paginator import Paginator, PageNotAnInteger, EmptyPage +from django.db.models import F, Subquery, Max from django.shortcuts import render # Create your views here. from django.http import JsonResponse -from EduSystemServer.utils import ResponseUtil +from EduSystemServer.utils import * from course.models import * from django.views.decorators.csrf import csrf_exempt from io import BytesIO @@ -73,6 +74,9 @@ def courses(request): def search_course(request): + """ + 通过条件查询课程,并且分页显示 + """ if not request.method == "GET": return JsonResponse(ResponseUtil.error("request method error!")) teacher_name = request.GET.get("tName") @@ -105,6 +109,9 @@ def search_course(request): def get_course_by_student_id(request): + """ + 通过学生ID获取学生的选课 + """ if not request.method == "GET": return JsonResponse(ResponseUtil.error("request method error!")) s_username = request.jwt_payload.get("username") @@ -119,6 +126,9 @@ def get_course_by_student_id(request): def delete_select_course(request): + """ + 删除选课 + """ if not request.method == "GET": return JsonResponse(ResponseUtil.error("request method error!")) try: @@ -130,4 +140,68 @@ def delete_select_course(request): except Exception as E: return JsonResponse(ResponseUtil.error(E)) +@csrf_exempt +@teacher_required +@admin_required +def get_student_select_course(request): + """ + 获取所有学生的所有选课 + """ + if not request.method == "POST": + return JsonResponse(ResponseUtil.error("request method error!")) + current_page = request.GET.get("currentPage") + sname = request.POST.get("sname") + className = request.POST.get("className") + courseName = request.POST.get("courseName") + courseType = request.POST.get("courseType") + sc_list = SC.objects.all().filter( + sid__name__contains=sname, + sid__class_name__contains=className, + cid__name__contains=courseName, + cid__type__contains=courseType + ).annotate( + sname=F("sid__name"), + className=F("sid__class_name"), + cname=F("cid__name"), ctype=F("cid__type"), + endGrade=F("end_grade"), + middleGrade=F("middle_grade") + ).values( + "sname", "className", "cname", + "ctype", "endGrade", "middleGrade", + "sid", "cid" + ).distinct() + paginator = Paginator(sc_list, 10) + try: + sc_list = paginator.page(current_page).object_list + except PageNotAnInteger: + sc_list = paginator.page(1) + except EmptyPage: + sc_list = paginator.page(paginator.num_pages).object_list + data = [] + for student in sc_list: + data.append(student) + result = ResponseUtil.ok(data, "success!") + result["pageTotal"] = paginator.count + result["pageNum"] = paginator.num_pages + return JsonResponse(result) + +@teacher_required +@admin_required +@csrf_exempt +def edit_grade(request): + """ + 成绩录入 + """ + if not request.method == "POST": + return JsonResponse(ResponseUtil.error("request method error!")) + try: + sid = request.POST.get("sid") + cid = request.POST.get("cid") + sc = SC.objects.filter(sid=sid, cid=cid).first() + sc.middle_grade = request.POST.get("middleGrade") + sc.end_grade = request.POST.get("endGrade") + sc.save() + return JsonResponse(ResponseUtil.ok(None, "成绩修改成功!")) + except Exception as E: + return JsonResponse(ResponseUtil.error(str(E)))