丁丁:由于篇幅有限,这里暂时只展示python后端代码,前端js代码后面上传,有需要的也可以留言私信我。
有需要源码的添加我WX:shaozheng4455 (备注博客园)
1、view.py 使用用户、部门、公司等相关账号的创建,已经个人,部门账号的冻结,删除,相关账号目录文件的创建等操作。
# -*- coding: utf-8 -*-
#!/usr/bin/python2.7
import sys,json,hashlib,time,os,shutil,random,redis
from django.forms.models import model_to_dict
from django.contrib.auth.decorators import login_required
from django.views.decorators.csrf import csrf_exempt
from django.shortcuts import render,render_to_response,redirect,HttpResponse,HttpResponseRedirect
from django.db.models import Q
from project.models import UserInfo,TeamInfo,OneFile,TeamFile,CompanyFile def user_auth(login_user):
check_user_status = UserInfo.objects.filter(user_name=login_user)
if len(check_user_status) != 0:
return "auth_success"
else:
return "auth_failed" def recv_username_redis(ran_id):
r = redis.Redis(host='127.0.0.1', port=6379)
user_name = r.get(ran_id)
return user_name @csrf_exempt
def login(request):
if request.method=="POST":
username = request.POST.get("username")
password = request.POST.get("password")
try:
userinfo_check = UserInfo.objects.all().get(user_name=username)
if password.upper() == model_to_dict(userinfo_check)["user_passwd"]:
user_flage = model_to_dict(userinfo_check)["flage"]
if user_flage == "enable":
request.session['IS_LOGIN'] = True
user_id = random.randint(0,10000)%999
request.session['random'] = user_id
r = redis.Redis(host='127.0.0.1', port=6379)
r.set(user_id,username,ex=86400)
print(username," success")
return redirect("/index")
elif user_flage == "disable":
info = "该用户状态不可用,请联系部门管理员修改用户状态后,重新尝试登陆。"
return HttpResponse(info)
else:
info = "用户名或者密码不正确,请重新输入!"
return HttpResponse(info)
except UserInfo.DoesNotExist:
return redirect('/login')
return render_to_response("login.html") def index(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
if is_login:
username = recv_username_redis(ran_id)
result = user_auth(username)
if result == "auth_success":
check_user_roles = UserInfo.objects.filter(user_name=username)
for obj in check_user_roles:
user_roles = obj.user_roles
if user_roles == "guest":
return render(request,"index_guest.html",{"username":username})
else:
return render(request,"index.html",{"username":username})
elif result == "auth_failed":
return redirect('/login')
else:
return redirect('/login') @csrf_exempt
def user_info(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
login_user = recv_username_redis(ran_id) if is_login:
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') if request.method == "POST":
select_type = request.POST.get("type")
if select_type == "scan_one":
username = recv_username_redis(ran_id)
user_info = UserInfo.objects.filter(user_name=username)
temp_list = []
temp_dic = {}
for obj in user_info:
team_id = obj.team_id
team_info = TeamInfo.objects.filter(team_id=team_id)
temp_list = [obj.user_name,obj.user_mobile,obj.user_email,obj.user_roles,obj.flage]
user_roles = obj.user_roles
for obj_team in team_info:
team_name = obj_team.team_name
temp_list.append(team_name)
temp_dic[username] = temp_list
return HttpResponse(json.dumps(temp_dic))
elif select_type == "scan_more":
username = recv_username_redis(ran_id)
temp_list = []
temp_dic = {}
temp_num = 0 user_info = UserInfo.objects.filter(user_name=username) for obj in user_info:
team_id = obj.team_id
user_roles = obj.user_roles
team_info = TeamInfo.objects.filter(team_id=team_id)
for obj_team in team_info:
team_name = obj_team.team_name if user_roles == "guest":
return HttpResponse(json.dumps({"status":"failed"}))
elif user_roles == "admin":
user_info_team = UserInfo.objects.filter(team_id=team_id).order_by("team_id").exclude(user_roles='super_admin')
for obj in user_info_team:
temp_list = [obj.user_name,obj.user_mobile,obj.user_email,obj.user_roles,team_name,obj.flage]
temp_dic[obj.user_name] = temp_list
return HttpResponse(json.dumps(temp_dic))
elif user_roles == "super_admin":
user_info_team = UserInfo.objects.order_by('team_id')
for obj in user_info_team:
Team_name_recv = TeamInfo.objects.filter(team_id=obj.team_id)
for i in Team_name_recv:
Team_name = i.team_name
temp_list = [obj.user_name,obj.user_mobile,obj.user_email,obj.user_roles,Team_name,obj.flage]
temp_dic[obj.user_name] = temp_list
return HttpResponse(json.dumps(temp_dic)) elif select_type == "delete_user":
username = request.POST.get("username")
username1 = recv_username_redis(ran_id)
if username == username1:
return HttpResponse(json.dumps("delete_comm_user"))
check_login_user_roles = UserInfo.objects.filter(user_name=username1)
for obj in check_login_user_roles:
login_user_roles = obj.user_roles check_username_roles = UserInfo.objects.filter(user_name=username)
for obj in check_username_roles:
username_roles = obj.user_roles if username_roles == "super_admin":
if login_user_roles != "super_admin":
return HttpResponse(json.dumps("not_superadmin"))
else:
pass check_user_delete = UserInfo.objects.filter(user_name=username)
check_user_delete.update(flage='disable') for obj in check_user_delete:
user_flage = obj.flage
if user_flage == "disable":
return HttpResponse(json.dumps({"status":"success"}))
elif user_flage == "enable":
return HttpResponse(json.dumps({"status":"user_flage"})) elif select_type == "recv_team":
team_info = TeamInfo.objects.order_by("team_id")
temp_dic = {}
for obj in team_info:
temp_dic[obj.team_id] = obj.team_name
return HttpResponse(json.dumps(temp_dic)) elif select_type == "restore_user":
user_name = request.POST.get("username") #需要解冻的账号
login_user = recv_username_redis(ran_id) #进行解冻的账号,判断两者是否是同一个部门,或者是否是超级管理员。 check_username_team = UserInfo.objects.filter(user_name=user_name)
for obj in check_username_team:
username_team_id = obj.team_id
username_roles = obj.user_roles check_loginuser_team = UserInfo.objects.filter(user_name=login_user)
for obj in check_loginuser_team:
loginuser_team_id = obj.team_id
loginuser_roles = obj.user_roles if loginuser_roles == "super_admin" or int(username_team_id) == int(loginuser_team_id):
pass
else:
return HttpResponse(json.dumps({"status":"userteam_no_comm"})) check_team_flage = TeamInfo.objects.filter(team_id=username_team_id)
for obj in check_team_flage:
team_flage = obj.flage
if team_flage == "disable":
return HttpResponse(json.dumps({"status":"team_flage_disable"}))
else:
restore_user = UserInfo.objects.filter(user_name=user_name)
restore_user.update(flage="enable")
for obj in restore_user:
user_flage = obj.flage if user_flage == "enable":
return HttpResponse(json.dumps({"status":"success"}))
elif user_flage == "disable":
return HttpResponse(json.dumps({"status":"user_flage"}))
elif select_type == "add_user":
username = request.POST.get("username")
password = request.POST.get("password")
mobile = request.POST.get("mobile")
email = request.POST.get("email")
roles = request.POST.get("roles")
team = request.POST.get("team").split(":")[1]
password_sha256 = hashlib.sha256(password.encode("utf-8")).hexdigest().upper()
check_user = UserInfo.objects.filter(user_name=username)
if len(check_user) == 0:
temp_path_random = str(random.randint(0,10000)%999)
team_path_dir = TeamInfo.objects.filter(team_id=team)
for obj in team_path_dir:
team_path = obj.team_path
team_path_del = obj.team_path_del one_path = team_path+"/"+username
one_path_del = team_path_del+"/"+username user_add = UserInfo.objects.create(user_name=username,user_passwd=password_sha256,user_mobile=mobile,user_email=email,user_roles=roles,team_id=team,flage='enable',user_path=one_path,user_path_del=one_path_del)
user_add.save() mkdir(one_path)
mkdir(one_path_del) check_user = UserInfo.objects.filter(user_name=username)
if len(check_user) != 0:
return HttpResponse(json.dumps({"status":"success"}))
else:
return HttpResponse(json.dumps({"status":"add_failed"}))
else:
return HttpResponse(json.dumps({"status":"user_exist"}))
elif select_type == "change_user":
username = request.POST.get("username")
password = request.POST.get("password")
mobile = request.POST.get("mobile")
email = request.POST.get("email")
roles = request.POST.get("roles")
team = int(request.POST.get("team").split(":")[1]) update_user_info = UserInfo.objects.filter(user_name=username)
for obj in update_user_info:
old_team = obj.team_id
old_user_path = obj.user_path
old_user_path_del = obj.user_path_del recv_new_team_path = TeamInfo.objects.filter(team_id=team)
for obj in recv_new_team_path:
new_team_path = obj.team_path
new_team_path_del = obj.team_path_del if len(password) != 0:
password_sha256 = hashlib.sha256(password.encode("utf-8")).hexdigest().upper()
update_user_info.update(user_passwd=password_sha256)
if len(mobile) != 0:
update_user_info.update(user_mobile=mobile)
if len(email) != 0:
update_user_info.update(user_email=email)
if roles != "NULL":
update_user_info.update(user_roles=roles)
if team != "NULL":
if int(team) != int(old_team):
update_user_info.update(team_id=team)
update_user_info.update(user_path=new_team_path+"/"+username)
update_user_info.update(user_path_del=new_team_path_del+"/"+username) os.system("mv -f "+old_user_path+" "+new_team_path+" &")
os.system("mv -f "+old_user_path_del+" "+new_team_path_del+" &") recv_old_onefile_path = OneFile.objects.filter(user_id=username)
for obj in recv_old_onefile_path:
file_id = obj.onefile_dir.split("/").pop()
file_del_id = obj.onefile_del_dir.split("/").pop()
recv_old_onefile_path.update(onefile_dir=new_team_path+"/"+username+"/"+file_id)
recv_old_onefile_path.update(onefile_del_dir=new_team_path_del+"/"+username+"/"+file_id) old_all_list = []
old_del_all_list = []
new_all_list = []
new_del_all_list = []
old_teamfile_userlist = TeamFile.objects.filter(team_id=old_team)
for obj in old_teamfile_userlist:
old_all_list = json.loads(obj.teamfile_all_list)
old_del_all_list = json.loads(obj.teamfile_del_dir_all_list)
if username in old_all_list:
old_all_list.remove(username)
if username in old_del_all_list:
old_del_all_list.remove(username)
old_teamfile_userlist.update(teamfile_all_list=json.dumps(old_all_list))
old_teamfile_userlist.update(teamfile_del_dir_all_list=json.dumps(old_del_all_list)) new_teamfile_userlist = TeamFile.objects.filter(team_id=team)
for obj in new_teamfile_userlist:
new_all_list = json.loads(obj.teamfile_all_list)
new_del_all_list = json.loads(obj.teamfile_del_dir_all_list)
new_all_list.append(username)
new_del_all_list.append(username)
new_all_list = list(set(new_all_list))
new_del_all_list = list(set(new_del_all_list))
new_teamfile_userlist.update(teamfile_all_list=json.dumps(new_all_list))
new_teamfile_userlist.update(teamfile_del_dir_all_list=json.dumps(new_del_all_list)) change_team_id = TeamFile.objects.filter(own_user=username)
change_team_id.update(team_id=team)
else:
pass
return HttpResponse(json.dumps({"status":"success"}))
elif select_type == "recv_user_info":
user_name = recv_username_redis(ran_id)
user_info = UserInfo.objects.filter(user_name=user_name)
temp_dic = {}
for obj in user_info:
Team_name_recv = TeamInfo.objects.filter(team_id=obj.team_id)
for i in Team_name_recv:
Team_name = i.team_name
temp_dic["username"] = obj.user_name
temp_dic["roles"] = obj.user_roles
temp_dic["team"] = Team_name
return HttpResponse(json.dumps(temp_dic))
elif select_type == "delete_session":
sessionid = request.session.session_key
del request.session['IS_LOGIN']
is_login = request.session.get('IS_LOGIN', False)
if is_login == False:
r = redis.Redis(host='127.0.0.1', port=6379)
r.delete(random)
return HttpResponse(json.dumps("success"))
else:
return render_to_response("user_info.html")
else:
return redirect('/login') @csrf_exempt
def user_manager(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') if request.method == "POST":
pass
else:
return render_to_response("user_manager.html")
else:
return redirect('/login') def mkdir(path):
path=path.strip()
path=path.rstrip("\\")
isExists=os.path.exists(path)
if not isExists:
os.makedirs(path)
else:
pass def ftp_bak(source_path,desc_path):
Time = time.strftime('%Y-%m-%d',time.localtime(time.time()))
rename_path = source_path+"_"+Time
os.rename(source_path,source_path+"_"+Time)
os.system("mv -f "+rename_path+" "+desc_path+" &") @csrf_exempt
def permiss_manager(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') if request.method == "POST":
select_type = request.POST.get("type")
if select_type == "cerate_team":
username = recv_username_redis(ran_id)
teamname = request.POST.get("teamname")
Teamname_check = TeamInfo.objects.filter(team_name=teamname)
if len(Teamname_check) == 0:
Time = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time())) temp_path_random = str(random.randint(0,10000)%999)
team_path = "/opt/FTP/"+temp_path_random
team_path_del = "/opt/FTP/"+temp_path_random+"_del" team_add = TeamInfo.objects.create(team_name=teamname,create_user=username,datatime=Time,flage="enable",team_path=team_path,team_path_del=team_path_del)
team_add.save() mkdir(team_path)
mkdir(team_path_del)
os.makedirs(team_path+"/items")
os.makedirs(team_path_del+"/items")
Teamname_add_check = TeamInfo.objects.filter(team_name=teamname) if len(Teamname_add_check) != 0:
return HttpResponse(json.dumps({"status":"success"}))
else:
return HttpResponse(json.dumps({"status":"team_add_failed"}))
else:
return HttpResponse(json.dumps({"status":"team_exist"}))
elif select_type == "recv_team_info":
username = recv_username_redis(ran_id)
user_info = UserInfo.objects.filter(user_name=username)
temp_dic = {}
for obj in user_info:
Team_name_recv = TeamInfo.objects.filter(team_id=obj.team_id)
for i in Team_name_recv:
Team_name = i.team_name
temp_dic["username"] = obj.user_name
temp_dic["roles"] = obj.user_roles
temp_dic["team"] = Team_name if temp_dic["roles"] == "admin":
team_info = TeamInfo.objects.filter(team_name=temp_dic["team"])
team_info_dic = {}
for obj in team_info:
team_info_dic[obj.team_id] = [obj.team_name,obj.create_user,obj.datatime,obj.flage]
temp_dic["team_info"]=team_info_dic
elif temp_dic["roles"] == "super_admin":
team_info_dic = {}
team_info = TeamInfo.objects.order_by("team_id")
for obj in team_info:
team_info_dic[obj.team_id] = [obj.team_name,obj.create_user,obj.datatime,obj.flage]
temp_dic["team_info"]=team_info_dic return HttpResponse(json.dumps(temp_dic)) elif select_type == "delete_team":
team_name = request.POST.get("team_name")
username = recv_username_redis(ran_id) user_info = UserInfo.objects.filter(user_name=username)
for obj in user_info:
username_roles = obj.user_roles if username_roles != "super_admin":
return HttpResponse(json.dumps({"status":"no delete"})) check_team = TeamInfo.objects.filter(team_name=team_name) for obj in check_team:
team_id = obj.team_id check_team.update(flage='disable')
for obj in check_team:
flage = obj.flage check_User = UserInfo.objects.filter(team_id=team_id)
if len(check_User) != 0:
check_User.update(flage="disable")
for obj in check_User:
User_flage = obj.flage
User_name = obj.user_name
else:
User_flage = "disable" if flage == "disable" and User_flage == "disable":
return HttpResponse(json.dumps({"status":"success"}))
elif flage == "enable":
return HttpResponse(json.dumps({"status":"flage"}))
elif User_flage == "enable":
return HttpResponse(json.dumps({"status":"User_flage"}))
elif select_type == "restore_team" :
team_name = request.POST.get("team_name")
username = recv_username_redis(ran_id)
check_username_team = UserInfo.objects.filter(user_name=username)
for obj in check_username_team:
login_user_team_id = obj.team_id
login_user_roles = obj.user_roles restore_team = TeamInfo.objects.filter(team_name=team_name) if login_user_roles == "super_admin":
restore_team.update(flage='enable')
else:
return HttpResponse(json.dumps({"status":"dont restore"}))
for obj in restore_team:
team_id = obj.team_id
flage = obj.flage if flage == "enable":
return HttpResponse(json.dumps({"status":"success"}))
elif flage == "disable":
return HttpResponse(json.dumps({"status":"flage"})) else:
return render_to_response("permiss_manager.html")
else:
return redirect('/login')
2、ftp.py 实现个人文件、部门文件、公司文件的上传,下载,删除,和文件的对外共享,已经共享码的生成。
# -*- coding: utf-8 -*-
#!/usr/bin/python2.7
import sys,json,random,os,time,redis,hashlib
from django.forms.models import model_to_dict
from django.contrib.auth.decorators import login_required
from django.views.decorators.csrf import csrf_exempt
from django.shortcuts import render,render_to_response,redirect,HttpResponse
from django.http import StreamingHttpResponse
from django.http import FileResponse
from django.db.models import Q
from project.models import UserInfo,TeamInfo,OneFile,TeamFile,CompanyFile def user_auth(login_user):
check_user_status = UserInfo.objects.filter(user_name=login_user)
if len(check_user_status) != 0:
return "auth_success"
else:
return "auth_failed" def recv_username_redis(ran_id):
r = redis.Redis(host='127.0.0.1', port=6379)
user_name = r.get(ran_id)
return user_name #创建目录在这里进行
@csrf_exempt
def ftp(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') if request.method == "POST":
username = recv_username_redis(ran_id)
select_type = request.POST.get("type")
if select_type == "recv_username_filelist": #获取个人相关的文件信息,涉及个人、部门、公司
recv_team_id = UserInfo.objects.filter(user_name=username)
for obj in recv_team_id:
team_id = obj.team_id recv_one_file = OneFile.objects.filter(user_id=username).order_by("-lasttime")
recv_team_file = TeamFile.objects.filter(team_id=team_id).order_by("-lasttime")
recv_company_file = CompanyFile.objects.order_by("own_user").order_by("-lasttime")
temp_num1 = 0
temp_dic1 = {}
Data = {}
for obj in recv_one_file:
if os.path.exists(obj.onefile_dir):
temp_dic1[temp_num1] = [obj.onefile_name,obj.file_size,obj.datatime,obj.lasttime,obj.user_id,obj.flage,obj.onefile_share,obj.onefile_dir]
temp_num1 += 1
else:
pass
Data["recv_one_file"] = temp_dic1 temp_num2 = 0
temp_dic2 = {}
for obj in recv_team_file:
if os.path.exists(obj.teamfile_dir):
temp_dic2[temp_num2] = [obj.teamfile_name,obj.file_size,obj.datatime,obj.lasttime,obj.own_user,obj.flage,obj.teamfile_dir]
temp_num2 += 1
else:
pass
Data["recv_team_file"] = temp_dic2 temp_num3 = 0
temp_dic3 = {}
for obj in recv_company_file:
if os.path.exists(obj.companyfile_dir):
temp_dic3[temp_num3] = [obj.companyfile_name,obj.file_size,obj.datatime,obj.lasttime,obj.own_user,obj.flage,obj.companyfile_dir]
temp_num3 += 1
else:
pass
Data["recv_company_file"] = temp_dic3
return HttpResponse(json.dumps(Data))
elif select_type == "recv_recycle_filelist":
#后期如果需要添加彻底删除模块,则将对应文件的状态修改为disable,这里的文件显示则只显示状态为enable的就可以,默认文件保存在数据库中不删除,同时定期备份的话只需要将FTP和del_FTP两个目录整体打包备份即可。
recv_team_id = UserInfo.objects.filter(user_name=username)
for obj in recv_team_id:
team_id = obj.team_id
recv_one_file = OneFile.objects.filter(user_id=username).order_by("-lasttime")
recv_team_file = TeamFile.objects.filter(team_id=team_id).order_by("-lasttime")
recv_company_file = CompanyFile.objects.order_by("own_user").order_by("-lasttime")
temp_num = 0
temp_dic = {}
Data = {}
for obj in recv_one_file:
if os.path.exists(obj.onefile_del_dir):
temp_dic[temp_num] = [obj.onefile_name,obj.file_size,obj.datatime,obj.lasttime,obj.user_id,obj.flage,obj.onefile_del_dir]
temp_num += 1
else:
pass
for obj in recv_team_file:
if os.path.exists(obj.teamfile_del_dir):
temp_dic[temp_num] = [obj.teamfile_name,obj.file_size,obj.datatime,obj.lasttime,obj.own_user,obj.flage,obj.teamfile_del_dir]
temp_num += 1
else:
pass
for obj in recv_company_file:
if os.path.exists(obj.companyfile_del_dir):
temp_dic[temp_num] = [obj.companyfile_name,obj.file_size,obj.datatime,obj.lasttime,obj.own_user,obj.flage,obj.companyfile_del_dir]
temp_num += 1
else:
pass
return HttpResponse(json.dumps(temp_dic))
elif select_type == "recv_share_list_info": #获取共享文件列表信息
Data = {}
recv_share_flage = OneFile.objects.filter(user_id=username)
r = redis.Redis(host='127.0.0.1', port=6379)
for obj in recv_share_flage:
temp_dic = {}
if len(obj.onefile_share) != 0:
temp_dic["file_name"] = obj.onefile_name
temp_dic["file_path"] = obj.onefile_dir
temp_dic["file_size"] = obj.file_size
get_key = json.loads(r.get(obj.onefile_share))
temp_dic["get_url"] = "http://192.168.12.11/get_auth?"+obj.onefile_share
temp_dic["get_random"] = get_key["random"]
TTL = r.ttl(obj.onefile_share)/3600/24
temp_dic["get_ttl"] = TTL
Data[obj.onefile_dir] = temp_dic
else:
pass
if len(Data) == 0:
return HttpResponse(json.dumps("failed"))
else:
return HttpResponse(json.dumps(Data))
elif select_type == "select_one_file": #文件查找
file_name = request.POST.get("file_name")
recv_one_file = OneFile.objects.filter(Q(onefile_name__icontains=file_name,user_id=username))
temp_dic = {}
temp_num = 0
for obj in recv_one_file:
if os.path.exists(obj.onefile_dir):
temp_dic[temp_num] = [obj.onefile_name,obj.file_size,obj.datatime,obj.lasttime,obj.user_id,obj.flage,obj.onefile_share,obj.onefile_dir]
temp_num += 1
else:
pass
if len(temp_dic) == 0:
return HttpResponse(json.dumps("failed"))
else:
return HttpResponse(json.dumps(temp_dic))
elif select_type == "select_team_file": #部门文件查找
file_name = request.POST.get("file_name")
recv_team_id = UserInfo.objects.filter(user_name=username)
for obj in recv_team_id:
team_id = obj.team_id recv_team_file = TeamFile.objects.filter(Q(teamfile_name__icontains=file_name,team_id=team_id))
temp_dic = {}
temp_num = 0
for obj in recv_team_file:
if os.path.exists(obj.teamfile_dir):
temp_dic[temp_num] = [obj.teamfile_name,obj.file_size,obj.datatime,obj.lasttime,obj.own_user,obj.flage,obj.teamfile_dir]
temp_num += 1
else:
pass
if len(temp_dic) == 0:
return HttpResponse(json.dumps("failed"))
else:
return HttpResponse(json.dumps(temp_dic))
else:
return render_to_response("ftp.html")
else:
return redirect('/login') #文件对应码,使用随机生成,和文件明对应。
def generate_verification_code():
''' 随机生成6位的验证码 '''
code_list = []
for i in range(10): # 0-9数字
code_list.append(str(i))
for i in range(65, 91): # A-Z
code_list.append(chr(i))
for i in range(97, 123): # a-z
code_list.append(chr(i)) myslice = random.sample(code_list, 6) # 从list中随机获取6个元素,作为一个片断返回
verification_code = ''.join(myslice) # list to string
return verification_code #共享文件,生成共享码保存到redis,展示到前端
@csrf_exempt
def share_one_file(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') if request.method == "POST":
# share_url = request.POST.get("url")
select_type = request.POST.get("type")
if select_type == "share_one_file": #共享一个文件
file_name = request.POST.get("file_name")
share_path = request.POST.get("share_path")
Random6 = generate_verification_code() get_file_path = OneFile.objects.filter(onefile_name=file_name,onefile_dir=share_path)
for obj in get_file_path:
file_path = obj.onefile_dir get_team_id = UserInfo.objects.filter(user_name=login_user)
for obj in get_team_id:
team_id = obj.team_id r = redis.Redis(host='127.0.0.1', port=6379)
share_url = "http://192.168.12.11:8080/get_auth?file_name="+file_name+"&type=auth_get"
Data = json.dumps({"url":share_url,"random":Random6,"user":login_user}) file_path_join = file_path+"_"+login_user
set_result = r.set(hashlib.sha256(file_path_join.encode("utf-8")).hexdigest(),Data,ex=864000,nx=True)
if set_result:
get_info = {"url":"http://192.168.12.11:8080/get_auth?"+hashlib.sha256(file_path_join.encode("utf-8")).hexdigest(),"random":Random6}
recv_data = json.dumps({"status":"success","info":get_info,"ttl":10}) #10天
get_file_path.update(onefile_share=hashlib.sha256(file_path_join.encode("utf-8")).hexdigest())
else:
Random = json.loads(r.get(hashlib.sha256(file_path_join.encode("utf-8")).hexdigest()))["random"]
get_info = {"url":"http://192.168.12.11:8080/get_auth?"+hashlib.sha256(file_path_join.encode("utf-8")).hexdigest(),"random":Random}
TTL = r.ttl(hashlib.sha256(file_path_join.encode("utf-8")).hexdigest())/3600/24
recv_data = json.dumps({"status":"exist","info":get_info,"ttl":TTL}) #TTL转换成天 return HttpResponse(recv_data)
elif select_type == "del_share_one_file": #取消一个文件共享
file_name = request.POST.get("file_name")
file_path = request.POST.get("file_path")
get_file_path = OneFile.objects.filter(onefile_name=file_name,onefile_dir=file_path)
for obj in get_file_path:
file_share = obj.onefile_share
get_file_path.update(onefile_share="")
r = redis.Redis(host='127.0.0.1', port=6379)
r.delete(file_share)
get_share = r.get(file_share)
if get_share != None:
return HttpResponse(json.dumps({"status":"failed"}))
else:
return HttpResponse(json.dumps({"status":"success"}))
elif select_type == "del_one_file": #删除一个文件
file_name = request.POST.get("file_name")
file_path = request.POST.get("file_path")
recv_file_path = OneFile.objects.filter(onefile_name=file_name,onefile_dir=file_path)
for obj in recv_file_path:
source_path = obj.onefile_dir
desc_path = obj.onefile_del_dir
share_flage = obj.onefile_share
if len(share_flage) != 0:
return HttpResponse(json.dumps({"status":"share"}))
else:
os.system("mv "+source_path+" "+desc_path)
if os.path.exists(source_path):
return HttpResponse(json.dumps({"status":"failed"}))
else:
return HttpResponse(json.dumps({"status":"success"}))
elif select_type == "del_team_file": #删除一个部门文件
file_name = request.POST.get("file_name")
file_path = request.POST.get("file_path").split(":")[0]
recv_file_path = TeamFile.objects.filter(teamfile_name=file_name,teamfile_dir=file_path)
for obj in recv_file_path:
source_path = obj.teamfile_dir
desc_path = obj.teamfile_del_dir
file_user = obj.own_user
if login_user != file_user:
return HttpResponse(json.dumps({"status":"user_err"}))
else:
os.system("mv "+source_path+" "+desc_path)
if os.path.exists(source_path):
return HttpResponse(json.dumps({"status":"failed"}))
else:
return HttpResponse(json.dumps({"status":"success"}))
elif select_type == "Restoring_files": #还原一个被删除的文件
file_name = request.POST.get("file_name")
restor_path = request.POST.get("restor_path") #回收站中的地址
desc_path = ("").join(restor_path.split("_del")) #需要还原回去的地址
status = os.system("mv "+restor_path+" "+desc_path)
if os.path.exists(desc_path):
return HttpResponse(json.dumps({"status":"success"}))
else:
return HttpResponse(json.dumps({"status":"failed"})) else:
return render_to_response("share_file.html")
else:
return redirect('/login') #个人文件上传
@csrf_exempt
def file_put_one(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') if request.method == "POST":
username = recv_username_redis(ran_id)
Data = request.FILES.get("one_navigation_bar_put") if Data:
one_file_random = str(random.randint(0,10000)%999) #用户默认上传文件的名称,和上传文件的真实名称做关联
one_file_path = UserInfo.objects.filter(user_name=username)
for obj in one_file_path:
one_dir_path = obj.user_path
one_del_dir_path = obj.user_path_del save_file_name = one_dir_path+"/"+one_file_random
save_del_file_name = one_del_dir_path+"/"+one_file_random
#save_file_name = "/opt/Django/auto_ops/111"
file_name = Data.name
file_size = Data.size check_file_exist_sql = OneFile.objects.filter(onefile_name=file_name,user_id=username)
for obj in check_file_exist_sql:
if os.path.exists(obj.onefile_dir):
return HttpResponse("file_exist")
else:
pass
# if len(check_file_exist_sql) != 0:
# return HttpResponse("file_exist")
# else:
# pass with open(save_file_name,"wb") as new_file:
for chunk in Data.chunks():
new_file.write(chunk)
new_file.close() if os.path.exists(save_file_name):
if os.path.isfile(save_file_name):
file_type = "file"
elif os.path.isdir(save_file_name):
file_type = "dir" check_file_size = os.path.getsize(save_file_name)
Time = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
if int(check_file_size) == int(file_size):
file_size = file_size/float(1024*1024)
file_size = str(round(file_size,2))+"MB" save_file = OneFile.objects.create(user_id=username,onefile_dir=save_file_name,onefile_dir_all_list=json.dumps([username]),onefile_name=file_name,onefile_del_dir=save_del_file_name,onefile_del_dir_all_list=json.dumps([username]),onefile_del_name=file_name,datatime=Time,lasttime=Time,file_type=file_type,flage='enable',file_size=file_size)
save_file.save()
check_save_file = OneFile.objects.filter(onefile_name=file_name)
if len(check_save_file) == 0:
return HttpResponse("save_sql_failed")
else:
return HttpResponse("success")
else:
return HttpResponse("put_failed") #上传失败,大小不一致 else:
return HttpResponse("Put_NULL") #上传失败,没检测到文件 else:
return HttpResponse("Data_NULL") #检测ajax的数据包是否有数据 else:
return render_to_response("ftp.html")
else:
return redirect('/login') #部门文件上传
@csrf_exempt
def file_put_team(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') if request.method == "POST":
username = recv_username_redis(ran_id)
Data = request.FILES.get("team_navigation_bar_put") if Data:
team_file_random = str(random.randint(0,10000)%999) #用户默认上传文件的名称,和上传文件的真实名称做关联
team_id_recv = UserInfo.objects.filter(user_name=username)
for obj in team_id_recv:
team_id = obj.team_id team_file_path = TeamInfo.objects.filter(team_id=team_id)
for obj in team_file_path:
team_dir_path = obj.team_path
team_del_dir_path = obj.team_path_del save_file_name = team_dir_path+"/items/"+team_file_random
save_del_file_name = team_del_dir_path+"/items/"+team_file_random
file_name = Data.name
file_size = Data.size check_file_exist_sql = TeamFile.objects.filter(teamfile_name=file_name)
for obj in check_file_exist_sql:
if os.path.exists(obj.teamfile_dir):
return HttpResponse("file_exist")
else:
pass
# if len(check_file_exist_sql) != 0:
# return HttpResponse("file_exist")
# else:
# pass with open(save_file_name,"wb") as new_file:
for chunk in Data.chunks():
new_file.write(chunk)
new_file.close() if os.path.exists(save_file_name):
if os.path.isfile(save_file_name):
file_type = "file"
elif os.path.isdir(save_file_name):
file_type = "dir" check_file_size = os.path.getsize(save_file_name)
Time = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
if int(check_file_size) == int(file_size):
file_size = file_size/float(1024*1024)
file_size = str(round(file_size,2))+"MB" team_user_list = UserInfo.objects.filter(team_id=team_id)
user_list = []
for obj in team_user_list:
user_list.append(obj.user_name) save_file = TeamFile.objects.create(team_id=team_id,own_user=username,teamfile_dir=save_file_name,teamfile_all_list=json.dumps(user_list),teamfile_name=file_name,teamfile_del_dir=save_del_file_name,teamfile_del_dir_all_list=json.dumps(user_list),teamfile_del_name=file_name,datatime=Time,lasttime=Time,file_type=file_type,flage='enable',file_size=file_size)
save_file.save()
check_save_file = TeamFile.objects.filter(teamfile_name=file_name)
if len(check_save_file) == 0:
return HttpResponse("save_sql_failed")
else:
return HttpResponse("success")
else:
return HttpResponse("put_failed") #上传失败,大小不一致
else:
return HttpResponse("Put_NULL") #上传失败,没检测到文件
else:
return HttpResponse("Data_NULL") #检测ajax的数据包是否有数据
else:
return render_to_response("ftp.html")
else:
return redirect('/login') #公司文件上传
@csrf_exempt
def file_put_company(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') if request.method == "POST":
username = recv_username_redis(ran_id)
Data = request.FILES.get("company_navigation_bar_put") if Data:
team_file_random = str(random.randint(0,10000)%999) #用户默认上传文件的名称,和上传文件的真实名称做关联 save_file_name = "/opt/FTP/company/"+team_file_random
save_del_file_name = "/opt/FTP_BAK/company/"+team_file_random
file_name = Data.name
file_size = Data.size check_file_exist_sql = CompanyFile.objects.filter(companyfile_name=file_name)
for obj in check_file_exist_sql:
if os.path.exists(obj.companyfile_dir):
return HttpResponse("file_exist")
else:
pass
# if len(check_file_exist_sql) != 0:
# return HttpResponse("file_exist")
# else:
# pass with open(save_file_name,"wb") as new_file:
for chunk in Data.chunks():
new_file.write(chunk)
new_file.close() if os.path.exists(save_file_name):
if os.path.isfile(save_file_name):
file_type = "file"
elif os.path.isdir(save_file_name):
file_type = "dir" check_file_size = os.path.getsize(save_file_name)
Time = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()))
if int(check_file_size) == int(file_size):
file_size = file_size/float(1024*1024)
file_size = str(round(file_size,2))+"MB" user_list = []
save_file = CompanyFile.objects.create(own_user=username,companyfile_dir=save_file_name,companyfile_all_list=json.dumps(user_list),companyfile_name=file_name,companyfile_del_dir=save_del_file_name,companyfile_del_dir_all_list=json.dumps(user_list),companyfile_del_name=file_name,datatime=Time,lasttime=Time,file_type=file_type,flage='enable',file_size=file_size)
save_file.save()
check_save_file = CompanyFile.objects.filter(companyfile_name=file_name)
if len(check_save_file) == 0:
return HttpResponse("save_sql_failed")
else:
return HttpResponse("success")
else:
return HttpResponse("put_failed") #上传失败,大小不一致 else:
return HttpResponse("Put_NULL") #上传失败,没检测到文件 else:
return HttpResponse("Data_NULL") #检测ajax的数据包是否有数据 else:
return render_to_response("ftp.html")
else:
return redirect('/login') #个人文件下载
def file_get_one(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
get_type = request.GET.get("type") if is_login and get_type == "get":
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') username = recv_username_redis(ran_id)
file_name = request.GET.get("file_name") get_file_path = OneFile.objects.filter(onefile_name=file_name)
for obj in get_file_path:
file_path = obj.onefile_dir
file=open(file_path,'rb')
response =FileResponse(file)
response['Content-Type']='application/octet-stream'
response['Content-Disposition']='attachment;filename="'+file_name.encode("utf-8")+'"'
return response
elif get_type == "get_auth": #匿名下载
file_name = request.GET.get("file_name")
user = request.GET.get("user")
get_file_path = OneFile.objects.filter(onefile_name=file_name,user_id=user)
for obj in get_file_path:
file_path = obj.onefile_dir
file=open(file_path,'rb')
response =FileResponse(file)
response['Content-Type']='application/octet-stream'
response['Content-Disposition']='attachment;filename="'+file_name.encode("utf-8")+'"'
return response
else:
return redirect('/login') #匿名下载模块
@csrf_exempt
def get_auth(request):
r = redis.Redis(host='127.0.0.1', port=6379)
if request.method == "POST":
Random = request.POST.get("Random")
file_name = request.POST.get("file_name")
user = request.POST.get("user") get_file_path = OneFile.objects.filter(onefile_name=file_name)
for obj in get_file_path:
file_path = obj.onefile_dir
file_size = obj.file_size
file_user = obj.user_id
file_path_join = file_path+"_"+user recv_redis_auth = json.loads(r.get(hashlib.sha256(file_path_join.encode("utf-8")).hexdigest()))
file_time = r.ttl(hashlib.sha256(file_path_join.encode("utf-8")).hexdigest())/3600/24 if recv_redis_auth["random"] == Random:
return HttpResponse(json.dumps({"status":"success","file_name1":file_name,"file_size":file_size,"file_user":file_user,"file_time":file_time}))
else:
return HttpResponse(json.dumps({"status":"failed"}))
else:
url_info = request.get_full_path().split("?")[1]
redis_url = json.loads(r.get(url_info))
file_name = redis_url["url"].split("file_name=")[1].split("&")[0]
user = redis_url["user"]
return render(request,"get_auth.html",{"file_name":file_name,"user":user}) #部门文件下载
def file_get_team(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False) if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') username = recv_username_redis(ran_id)
file_name = request.GET.get("file_name") get_file_path = TeamFile.objects.filter(teamfile_name=file_name)
for obj in get_file_path:
file_path = obj.teamfile_dir file=open(file_path,'rb')
response =FileResponse(file)
response['Content-Type']='application/octet-stream'
response['Content-Disposition']='attachment;filename="'+file_name.encode("utf-8")+'"'
return response
else:
return redirect('/login') #公司文件下载
def file_get_company(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False) if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') username = recv_username_redis(ran_id)
file_name = request.GET.get("file_name") get_file_path = CompanyFile.objects.filter(companyfile_name=file_name)
for obj in get_file_path:
file_path = obj.companyfile_dir file=open(file_path,'rb')
response =FileResponse(file)
response['Content-Type']='application/octet-stream'
response['Content-Disposition']='attachment;filename="'+file_name.encode("utf-8")+'"'
return response
else:
return redirect('/login') #回收站
@csrf_exempt
def recycle(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') if request.method == "POST":
username = recv_username_redis(ran_id)
select_type = request.POST.get("type")
else:
return render_to_response("recycle.html")
else:
return redirect('/login') #文件共享
@csrf_exempt
def share_info(request):
is_login = request.session.get('IS_LOGIN',False)
ran_id = request.session.get('random',False)
if is_login:
login_user = recv_username_redis(ran_id)
result = user_auth(login_user)
if result == "auth_success":
pass
elif result == "auth_failed":
return redirect('/login') if request.method == "POST":
username = recv_username_redis(ran_id)
print(username)
else:
return render_to_response("share_info.html")
else:
return redirect('/login')
3、models.py 数据表设计
# -*- coding: utf-8 -*-
from __future__ import unicode_literals from django.db import models #存放部门信息
class TeamInfo(models.Model):
team_id = models.AutoField(primary_key=True)
team_name = models.CharField(max_length=128,verbose_name="部门名称")
create_user = models.CharField(max_length=64,verbose_name="创建人")
datatime = models.CharField(max_length=64,verbose_name="时间")
flage = models.CharField(max_length=32,verbose_name="状态标记")
team_path = models.CharField(max_length=1024,verbose_name="部门目录地址")
team_path_del = models.CharField(max_length=1024,verbose_name="部门目录地址")
def __str__(self):
return "%s %s %s %s" %(self.team_id,self.team_name,self.datatime,self.create_user) #存放用户信息
class UserInfo(models.Model):
team = models.ForeignKey('TeamInfo')
user_name = models.CharField(max_length=128,verbose_name="姓名",primary_key=True)
user_passwd = models.CharField(max_length=512,verbose_name="密码")
user_mobile = models.CharField(max_length=32,verbose_name="手机")
user_email = models.CharField(max_length=32,verbose_name="邮箱")
user_roles = models.CharField(max_length=32,verbose_name="角色") #分为超级管理员super admin、管理员admin、普通用户guest
flage = models.CharField(max_length=32,verbose_name="状态标记")
user_path = models.CharField(max_length=1024,verbose_name="个人目录地址")
user_path_del = models.CharField(max_length=1024,verbose_name="个人目录地址")
def __str__(self):
return "%s" %(self.user_name) #个人ftp文件信息
class OneFile(models.Model):
user = models.ForeignKey('UserInfo')
onefile_dir = models.CharField(max_length=1024,verbose_name="个人目录地址")
onefile_dir_all_list = models.CharField(max_length=1024,verbose_name="授权列表")
onefile_name = models.CharField(max_length=128,verbose_name="文件名")
onefile_del_dir = models.CharField(max_length=1024,verbose_name="个人目录地址-回收站")
onefile_del_dir_all_list = models.CharField(max_length=1024,verbose_name="授权列表")
onefile_del_name = models.CharField(max_length=128,verbose_name="文件名")
datatime = models.CharField(max_length=64,verbose_name="上传时间")
lasttime = models.CharField(max_length=64,verbose_name="最后修改时间")
file_type = models.CharField(max_length=64,verbose_name="文件类型")
flage = models.CharField(max_length=32,verbose_name="状态标记")
file_size = models.CharField(max_length=32,verbose_name="文件大小")
onefile_share = models.CharField(max_length=512,verbose_name="文件分享标记") def __str__(self):
return "%s %s %s %s %s %s" %(self.onefile_dir,self.onefile_dir_all_list,self.onefile_del_dir,self.onefile_del_dir_all_list,self.datatime,self.lasttime) #部门ftp文件信息
class TeamFile(models.Model):
team = models.ForeignKey('TeamInfo')
own_user = models.CharField(max_length=32,verbose_name="文件所有者")
teamfile_dir = models.CharField(max_length=1024,verbose_name="部门目录地址")
teamfile_all_list = models.CharField(max_length=1024,verbose_name="授权列表")
teamfile_name = models.CharField(max_length=128,verbose_name="文件名")
teamfile_del_dir = models.CharField(max_length=1024,verbose_name="部门目录地址")
teamfile_del_dir_all_list = models.CharField(max_length=1024,verbose_name="授权列表")
teamfile_del_name = models.CharField(max_length=128,verbose_name="文件名")
datatime = models.CharField(max_length=64,verbose_name="上传时间")
lasttime = models.CharField(max_length=64,verbose_name="最后修改时间")
file_type = models.CharField(max_length=64,verbose_name="文件类型")
flage = models.CharField(max_length=32,verbose_name="状态标记")
file_size = models.CharField(max_length=32,verbose_name="文件大小") def __str__(self):
return "%s %s %s %s %s %s" %(self.teamfile_dir,self.teamfile_all_list,self.teamfile_del_dir,self.teamfile_del_dir_all_list,self.datatime,self.lasttime) #公司ftp文件信息,默认只有管理员,超级管理员,上传人可以删除,其他人都不能做删除
class CompanyFile(models.Model):
own_user = models.CharField(max_length=32,verbose_name="文件所有者")
companyfile_dir = models.CharField(max_length=1024,verbose_name="公司目录地址")
companyfile_all_list = models.CharField(max_length=1024,verbose_name="授权列表")
companyfile_name = models.CharField(max_length=128,verbose_name="文件名")
companyfile_del_dir = models.CharField(max_length=1024,verbose_name="公司目录地址")
companyfile_del_dir_all_list = models.CharField(max_length=1024,verbose_name="授权列表")
companyfile_del_name = models.CharField(max_length=128,verbose_name="文件名")
datatime = models.CharField(max_length=64,verbose_name="上传时间")
lasttime = models.CharField(max_length=64,verbose_name="最后修改时间")
file_type = models.CharField(max_length=64,verbose_name="文件类型")
flage = models.CharField(max_length=32,verbose_name="状态标记")
file_size = models.CharField(max_length=32,verbose_name="文件大小") def __str__(self):
return "%s %s %s %s %s %s" %(self.companyfile_dir,self.companyfile_all_list,self.companyfile_del_dir,self.companyfile_del_dir_all_list,self.datatime,self.lasttime)
4、数据库中数据存放样式:
5、文件上传到服务器中之后,是做了随机重命名的,所以如果没有拿到数据库中对应的原始文件名进行重命名还原,是无法知道文件的名称的。
有需要源码的添加我WX:shaozheng4455 (备注博客园)