From 311eb3243f718b37dc5de57aebcdef0a9adfa288 Mon Sep 17 00:00:00 2001
From: bettleChen <2207153529@qq.com>
Date: Tue, 12 Sep 2023 17:59:29 +0800
Subject: [PATCH] update code

---
 EduSystemServer/API/views.py                |  5 +-
 EduSystemServer/EduSystemServer/settings.py | 18 +++++
 EduSystemServer/EduSystemServer/utils.py    | 38 +++++++++++
 EduSystemServer/Student/views.py            | 15 +++-
 EduSystemServer/course/urls.py              |  4 +-
 EduSystemServer/course/views.py             | 76 ++++++++++++++++++++-
 6 files changed, 148 insertions(+), 8 deletions(-)

diff --git a/EduSystemServer/API/views.py b/EduSystemServer/API/views.py
index e34babd..f37abf4 100644
--- a/EduSystemServer/API/views.py
+++ b/EduSystemServer/API/views.py
@@ -2,15 +2,12 @@ import json
 from datetime import datetime, timedelta
 
 import jwt
-from django.shortcuts import render
-from django.http import JsonResponse, HttpResponse
 
-# Create your views here.
 from django.views.decorators.csrf import csrf_exempt
 from Student.models import *
 from teacher.models import Teacher
-from EduSystemServer.utils import ResponseUtil
 from EduSystemServer.settings import TOKEN_KEY
+from EduSystemServer.utils import *
 
 # 用户登录成功后生成 JWT Token
 def generate_jwt_token(user, _type):
diff --git a/EduSystemServer/EduSystemServer/settings.py b/EduSystemServer/EduSystemServer/settings.py
index d12448c..6e6a12c 100644
--- a/EduSystemServer/EduSystemServer/settings.py
+++ b/EduSystemServer/EduSystemServer/settings.py
@@ -62,6 +62,24 @@ MIDDLEWARE = [
     'API.middle.JWTMiddleware',
 ]
 
+LOGGING = {
+    'version': 1,
+    'disable_existing_loggers': False,
+    'handlers': {
+        'console': {
+            'level': 'DEBUG',  # 调整日志级别为 DEBUG 以记录 SQL 查询
+            'class': 'logging.StreamHandler',
+        },
+    },
+    'loggers': {
+        'django.db.backends': {
+            'handlers': ['console'],
+            'level': 'DEBUG',
+            'propagate': False,
+        },
+    },
+}
+
 
 
 ROOT_URLCONF = 'EduSystemServer.urls'
diff --git a/EduSystemServer/EduSystemServer/utils.py b/EduSystemServer/EduSystemServer/utils.py
index 625de0b..ac1584e 100644
--- a/EduSystemServer/EduSystemServer/utils.py
+++ b/EduSystemServer/EduSystemServer/utils.py
@@ -1,5 +1,43 @@
+from functools import wraps
+from django.http import HttpResponseForbidden, JsonResponse
 
 
+def student_required(view_func):
+    """
+    装饰器：用于权限控制
+    """
+    @wraps(view_func)
+    def _wrapped_view(request, *args, **kwargs):
+        if request.jwt_payload.get("type") == 'student':
+            return view_func(request, *args, **kwargs)
+        else:
+            return JsonResponse(ResponseUtil.error("你没有该权限进行操作！"))
+    return _wrapped_view
+
+def teacher_required(view_func):
+    """
+    装饰器：用于权限控制
+    """
+    @wraps(view_func)
+    def _wrapped_view(request, *args, **kwargs):
+        if request.jwt_payload.get("type") ==  'teacher':
+            return view_func(request, *args, **kwargs)
+        else:
+            return JsonResponse(ResponseUtil.error("你没有该权限进行操作！"))
+    return _wrapped_view
+
+def admin_required(view_func):
+    """
+    装饰器：用于权限控制
+    """
+    @wraps(view_func)
+    def _wrapped_view(request, *args, **kwargs):
+        if request.jwt_payload.get("type") == 'admin':
+            return view_func(request, *args, **kwargs)
+        else:
+            return JsonResponse(ResponseUtil.error("你没有该权限进行操作！"))
+    return _wrapped_view
+
 class ResponseUtil:
     @staticmethod
     def ok(data, message="success!"):
diff --git a/EduSystemServer/Student/views.py b/EduSystemServer/Student/views.py
index cb2ed17..41704cc 100644
--- a/EduSystemServer/Student/views.py
+++ b/EduSystemServer/Student/views.py
@@ -9,7 +9,7 @@ from django.http import JsonResponse
 from course.models import SC, Course
 from .models import Student
 
-from EduSystemServer.utils import ResponseUtil
+from EduSystemServer.utils import *
 from Student.models import Student
 from .models import Student
 from django.views.decorators.csrf import csrf_exempt
@@ -120,6 +120,8 @@ def studnets(request):
 
 
 @csrf_exempt
+@teacher_required
+@admin_required
 def add_student(request):
     if not request.method == "POST":
         return JsonResponse(ResponseUtil.error("request method error!"))
@@ -140,10 +142,12 @@ def add_student(request):
     return JsonResponse(result)
 
 @csrf_exempt
+@teacher_required
+@admin_required
 def search_student(request):
     currentPage = request.GET.get("currentPage")
     pageSize = request.GET.get("pageSize")
-    request_data = json.loads(request.body)
+    request_data = request.POST
     search_students = Student.objects.all()
     if not request_data.get("sid") == "":
         search_students =search_students.filter(sid=request_data.get("sid"))
@@ -169,6 +173,8 @@ def search_student(request):
 
 
 @csrf_exempt
+@teacher_required
+@admin_required
 def del_student(request):
     if not request.method == "GET":
         return JsonResponse(ResponseUtil.error("request method error!"))
@@ -183,6 +189,7 @@ def del_student(request):
 
 
 @csrf_exempt
+@student_required
 def select_course(request):
     if not request.method == "POST":
         return JsonResponse(ResponseUtil.error("request method error!"))
@@ -205,7 +212,11 @@ def select_course(request):
         return JsonResponse(ResponseUtil.error(str(E)))
 
 
+@student_required
 def get_grade(request):
+    """
+    获取学生成绩
+    """
     if not request.method == "GET":
         return ResponseUtil.error("request method error!")
     try:
diff --git a/EduSystemServer/course/urls.py b/EduSystemServer/course/urls.py
index 8090b87..4db2a9c 100644
--- a/EduSystemServer/course/urls.py
+++ b/EduSystemServer/course/urls.py
@@ -6,5 +6,7 @@ urlpatterns = [
     path("", courses),
     path("getCourseById", get_course_by_student_id),
     path("deleteSelectCourse", delete_select_course),
-    path("seacherCourse", search_course)
+    path("seacherCourse", search_course),
+    path("getStudentCourse", get_student_select_course),
+    path("editGrade", edit_grade)
 ]
\ No newline at end of file
diff --git a/EduSystemServer/course/views.py b/EduSystemServer/course/views.py
index 6ee8de6..9200258 100644
--- a/EduSystemServer/course/views.py
+++ b/EduSystemServer/course/views.py
@@ -1,12 +1,13 @@
 import json
 
 from django.core.paginator import Paginator, PageNotAnInteger, EmptyPage
+from django.db.models import F, Subquery, Max
 from django.shortcuts import render
 
 # Create your views here.
 from django.http import JsonResponse
 
-from EduSystemServer.utils import ResponseUtil
+from EduSystemServer.utils import *
 from course.models import *
 from django.views.decorators.csrf import csrf_exempt
 from io import BytesIO
@@ -73,6 +74,9 @@ def courses(request):
 
 
 def search_course(request):
+    """
+    通过条件查询课程，并且分页显示
+    """
     if not request.method == "GET":
         return JsonResponse(ResponseUtil.error("request method error!"))
     teacher_name = request.GET.get("tName")
@@ -105,6 +109,9 @@ def search_course(request):
 
 
 def get_course_by_student_id(request):
+    """
+    通过学生ID获取学生的选课
+    """
     if not request.method == "GET":
         return JsonResponse(ResponseUtil.error("request method error!"))
     s_username = request.jwt_payload.get("username")
@@ -119,6 +126,9 @@ def get_course_by_student_id(request):
 
 
 def delete_select_course(request):
+    """
+    删除选课
+    """
     if not request.method == "GET":
         return JsonResponse(ResponseUtil.error("request method error!"))
     try:
@@ -130,4 +140,68 @@ def delete_select_course(request):
     except Exception as E:
         return JsonResponse(ResponseUtil.error(E))
 
+@csrf_exempt
+@teacher_required
+@admin_required
+def get_student_select_course(request):
+    """
+    获取所有学生的所有选课
+    """
+    if not request.method == "POST":
+        return JsonResponse(ResponseUtil.error("request method error!"))
+    current_page = request.GET.get("currentPage")
+    sname = request.POST.get("sname")
+    className = request.POST.get("className")
+    courseName = request.POST.get("courseName")
+    courseType = request.POST.get("courseType")
+    sc_list = SC.objects.all().filter(
+        sid__name__contains=sname,
+        sid__class_name__contains=className,
+        cid__name__contains=courseName,
+        cid__type__contains=courseType
+    ).annotate(
+        sname=F("sid__name"),
+        className=F("sid__class_name"),
+        cname=F("cid__name"), ctype=F("cid__type"),
+        endGrade=F("end_grade"),
+        middleGrade=F("middle_grade")
+    ).values(
+        "sname", "className", "cname",
+        "ctype", "endGrade", "middleGrade",
+        "sid", "cid"
+        ).distinct()
+    paginator = Paginator(sc_list, 10)
+    try:
+        sc_list = paginator.page(current_page).object_list
+    except PageNotAnInteger:
+        sc_list = paginator.page(1)
+    except EmptyPage:
+        sc_list = paginator.page(paginator.num_pages).object_list
+    data = []
+    for student in sc_list:
+        data.append(student)
+    result = ResponseUtil.ok(data, "success!")
+    result["pageTotal"] = paginator.count
+    result["pageNum"] = paginator.num_pages
+    return JsonResponse(result)
+
+@teacher_required
+@admin_required
+@csrf_exempt
+def edit_grade(request):
+    """
+    成绩录入
+    """
+    if not request.method == "POST":
+        return JsonResponse(ResponseUtil.error("request method error!"))
+    try:
+        sid = request.POST.get("sid")
+        cid = request.POST.get("cid")
+        sc = SC.objects.filter(sid=sid, cid=cid).first()
+        sc.middle_grade = request.POST.get("middleGrade")
+        sc.end_grade = request.POST.get("endGrade")
+        sc.save()
+        return JsonResponse(ResponseUtil.ok(None, "成绩修改成功！"))
+    except Exception as E:
+        return JsonResponse(ResponseUtil.error(str(E)))