xtu202105570201
/
libmangers
1
0
Fork 2
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '42660d8296'
${ noResults }
libmangers/core/usermanager.py

170 lines
8.4 KiB
Raw Blame History Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

import hashlib
class UserManager:
def __init__(self, db_connection):
self.db_connection = db_connection
self.logged_in_user = None
self.create_default_admin()
def create_default_admin(self):
cur = self.db_connection.cursor()
cur.execute('SELECT * FROM Account WHERE userID="admin"')
admin_account = cur.fetchone()
if not admin_account:
default_password = "admin" # 默认密码是admin实际情况下应该设置更复杂的密码
passwordHash = hashlib.sha256(default_password.encode()).hexdigest() # 使用SHA-256算法对密码进行哈希
cur.execute('INSERT INTO Account(userID, passwordHash, permission) VALUES(?, ?, ?)',
("admin", passwordHash, "Admin"))
self.db_connection.commit()
def login(self, userID, password):
cur = self.db_connection.cursor()
passwordHash = hashlib.sha256(password.encode()).hexdigest()
cur.execute('SELECT * FROM Account WHERE userID=? AND passwordHash=?', (userID, passwordHash))
user = cur.fetchone()
if user:
self.logged_in_user = user
print("Login successful")
return True
else:
print("Login failed")
return False
def logout(self):
self.logged_in_user = None
def add_user(self, userID, password, permission):
if self.logged_in_user and self.logged_in_user[2] == 'Admin':
cur = self.db_connection.cursor()
passwordHash = hashlib.sha256(password.encode()).hexdigest()
cur.execute('INSERT INTO Account(userID, passwordHash, permission) VALUES(?, ?, ?)', (userID, passwordHash, permission))
self.db_connection.commit()
else:
print("Permission denied")
def add_book_info(self,ISBN, author, summary, price, publicationDate, category):
if self.logged_in_user and self.logged_in_user[2] == 'Admin': # 检查当前登录的用户是否有Admin权限
cur = self.db_connection.cursor()
cur.execute('''
INSERT INTO BookInfo(ISBN, author, summary, price, publicationDate, category) VALUES(?, ?, ?, ?, ?, ?)
''', (ISBN, author, summary, price, publicationDate, category))
self.db_connection.commit()
else:
print("Only Admin can add books.")
def add_book(self, bookId, ISBN, location):
if self.logged_in_user and self.logged_in_user[2] == 'Admin': # 检查当前登录的用户是否有Admin权限
cur = self.db_connection.cursor()
cur.execute('''INSERT INTO MainBook(bookID, ISBN, borrowStatus) VALUES(?, ?, 'borrowed')''', bookId, ISBN)
cur.execute('''INSERT INTO BookLocation(bookID, location) VALUES(?, ?)''', bookId, location)
self.db_connection.commit()
else:
print("Only Admin can add books.")
def delete_book(self, bookID):
if self.logged_in_user and self.logged_in_user[2] == 'Admin': # 检查当前登录的用户是否有Admin权限
cur = self.db_connection.cursor()
cur.execute('DELETE FROM MainBook WHERE bookID=?', (bookID,))
cur.execute('DELETE FROM BookLocation WHERE bookID=?', (bookID,))
cur.execute('DELETE FROM BorrowRecord WHERE bookID=?', (bookID,))
cur.execute('DELETE FROM BookInfo WHERE ISBN=(SELECT ISBN FROM MainBook WHERE bookID=?)', (bookID,))
self.db_connection.commit()
else:
print("Only Admin can delete books.")
def change_book_location(self, bookID, new_location):
if self.logged_in_user and self.logged_in_user[2] == 'Admin': # 检查当前登录的用户是否有Admin权限
cur = self.db_connection.cursor()
cur.execute('UPDATE BookLocation SET location=? WHERE bookID=?', (new_location, bookID))
self.db_connection.commit()
else:
print("Only Admin can change book location.")
def check_borrower(self, bookID):
if self.logged_in_user and self.logged_in_user[2] == 'Admin': # 检查当前登录的用户是否有Admin权限
cur = self.db_connection.cursor()
cur.execute('SELECT borrowingUser FROM BorrowRecord WHERE bookID=? AND actualReturnTime IS NULL', (bookID,))
borrower = cur.fetchone()
if borrower:
print(f"The book {bookID} is currently borrowed by {borrower[0]}")
else:
print(f"The book {bookID} is currently not borrowed.")
else:
print("Only Admin can check borrower.")
def check_borrow_record(self, bookID):
if self.logged_in_user and self.logged_in_user[2] == 'Admin': # 检查当前登录的用户是否有Admin权限
cur = self.db_connection.cursor()
cur.execute('SELECT * FROM BorrowRecord WHERE bookID=?', (bookID,))
records = cur.fetchall()
for record in records:
print(record)
else:
print("Only Admin can check borrow record.")
def change_user_permission(self, userID, new_permission):
if self.logged_in_user and self.logged_in_user[2] == 'Admin': # 检查当前登录的用户是否有Admin权限
cur = self.db_connection.cursor()
cur.execute('UPDATE Account SET permission=? WHERE userID=?', (new_permission, userID))
self.db_connection.commit()
else:
print("Only Admin can change user permission.")
def borrow_book(self, bookID, expectedReturnTime):
if self.logged_in_user and self.logged_in_user[2] == 'User': # 检查当前登录的用户是否有User权限
cur = self.db_connection.cursor()
# 检查该图书是否可用
cur.execute('SELECT borrowStatus FROM MainBook WHERE bookID=?', (bookID,))
borrowStatus = cur.fetchone()[0]
if borrowStatus == 'available':
# 更新图书的借阅状态
cur.execute('UPDATE MainBook SET borrowStatus=? WHERE bookID=?', ('borrowed', bookID))
# 添加一条新的借阅记录
cur.execute('''
INSERT INTO BorrowRecord(bookID, borrowTime, expectedReturnTime, borrowingUser)
VALUES(?, datetime("now"), ?, ?)
''', (bookID, expectedReturnTime, self.logged_in_user[0]))
self.db_connection.commit()
print("You have successfully borrowed the book.")
else:
print("The book is currently not available.")
else:
print("Only User can borrow books.")
def return_book(self, bookID):
if self.logged_in_user and self.logged_in_user[2] == 'User': # 检查当前登录的用户是否有User权限
cur = self.db_connection.cursor()
# 检查该用户是否真的借阅了这本图书
cur.execute('SELECT * FROM BorrowRecord WHERE bookID=? AND borrowingUser=? AND actualReturnTime IS NULL',
(bookID, self.logged_in_user[0]))
if cur.fetchone():
# 更新图书的借阅状态
cur.execute('UPDATE MainBook SET borrowStatus=? WHERE bookID=?', ('available', bookID))
# 更新借阅记录中的实际归还时间
cur.execute(
'UPDATE BorrowRecord SET actualReturnTime=datetime("now") WHERE bookID=? AND borrowingUser=? AND actualReturnTime IS NULL',
(bookID, self.logged_in_user[0]))
self.db_connection.commit()
print("You have successfully returned the book.")
else:
print("You didn't borrow this book.")
else:
print("Only User can return books.")
def find_book(self, bookID):
# 检查用户是否有权限查找书籍
if self.logged_in_user and self.logged_in_user[2] in ['Admin', 'User']:
# 在数据库中查找书籍
cur = self.db_connection.cursor()
cur.execute('''
SELECT * FROM MainBook WHERE bookID = ?
''', (bookID,))
book = cur.fetchone()
if book is not None:
return book
else:
print("Book not found.")
return None
else:
print("Permission Denied: You do not have the required permissions to find books.")
return None
Reference in new issue View Git Blame Copy Permalink