v2.2更新
This commit is contained in:
@@ -20,16 +20,15 @@ from middleware.permission import (
|
||||
)
|
||||
from services.admin_service import AdminService
|
||||
from services.conduct_service import ConductService
|
||||
from services.homework_service import HomeworkService
|
||||
from services.attendance_service import AttendanceService
|
||||
from services.log_service import LogService
|
||||
from utils.redis_client import RedisClient
|
||||
from schemas.admin import (
|
||||
AddPointsRequest, RevokeRequest, AddAdminRequest,
|
||||
AddStudentRequest, UpdateStudentRequest,
|
||||
UpdateHomeworkStatusRequest, AddAttendanceRequest,
|
||||
AddAttendanceRequest,
|
||||
UpdateAdminRequest, DeleteAdminRequest, ResetPasswordRequest,
|
||||
CreateAssignmentRequest, UnlockUserRequest
|
||||
UnlockUserRequest
|
||||
)
|
||||
from utils.response import success_response, error_response
|
||||
from utils.logger import get_logger
|
||||
@@ -41,18 +40,31 @@ logger = get_logger(__name__)
|
||||
|
||||
# ========== 学生管理 ==========
|
||||
|
||||
@router.get("/students/dormitories")
|
||||
async def get_dormitory_list(request: Request):
|
||||
"""获取宿舍号列表"""
|
||||
user = await get_current_user(request)
|
||||
if user["user_type"] != "admin":
|
||||
return error_response(message="仅管理员可查看", code=403)
|
||||
|
||||
from models.student import StudentModel
|
||||
dormitories = await StudentModel.get_dormitory_list()
|
||||
return success_response(data={"dormitories": dormitories})
|
||||
|
||||
|
||||
@router.get("/students")
|
||||
async def get_students(
|
||||
request: Request,
|
||||
page: int = Query(1, ge=1),
|
||||
page_size: int = Query(20, ge=1, le=1000),
|
||||
search: Optional[str] = None
|
||||
search: Optional[str] = None,
|
||||
dormitory_number: Optional[str] = None
|
||||
):
|
||||
"""获取所有学生列表(单班级)"""
|
||||
user = await get_current_user(request)
|
||||
if user["user_type"] != "admin":
|
||||
return error_response(message="仅管理员可查看学生列表", code=403)
|
||||
result = await AdminService.get_students(page=page, page_size=page_size, search=search)
|
||||
result = await AdminService.get_students(page=page, page_size=page_size, search=search, dormitory_number=dormitory_number)
|
||||
return success_response(data=result)
|
||||
|
||||
|
||||
@@ -139,7 +151,8 @@ async def update_student(request: Request, student_id: int, req: UpdateStudentRe
|
||||
result = await AdminService.update_student(
|
||||
student_id=student_id,
|
||||
name=req.name,
|
||||
parent_phone=req.parent_phone
|
||||
parent_phone=req.parent_phone,
|
||||
dormitory_number=req.dormitory_number
|
||||
)
|
||||
if result["success"]:
|
||||
await LogService.write_operation_log(
|
||||
@@ -207,6 +220,9 @@ async def reset_student_password(request: Request, student_id: int, req: ResetPa
|
||||
async def add_conduct_points(request: Request, req: AddPointsRequest):
|
||||
"""批量加减分"""
|
||||
user = await get_current_user(request)
|
||||
# 仅管理员(班主任/班干部)可操作
|
||||
if user["user_type"] != "admin":
|
||||
return error_response(message="无权进行此操作", code=403)
|
||||
result = await ConductService.add_points(
|
||||
student_ids=req.student_ids,
|
||||
points_change=req.points_change,
|
||||
@@ -236,6 +252,9 @@ async def add_conduct_points(request: Request, req: AddPointsRequest):
|
||||
async def revoke_conduct_record(request: Request, req: RevokeRequest):
|
||||
"""撤销扣分记录"""
|
||||
user = await get_current_user(request)
|
||||
# 仅管理员(班主任/班干部)可操作
|
||||
if user["user_type"] != "admin":
|
||||
return error_response(message="无权进行此操作", code=403)
|
||||
result = await ConductService.revoke_record(
|
||||
record_id=req.record_id,
|
||||
revoker_id=user["user_id"]
|
||||
@@ -264,6 +283,9 @@ async def revoke_conduct_record(request: Request, req: RevokeRequest):
|
||||
async def restore_conduct_record(request: Request, req: RevokeRequest):
|
||||
"""反撤销(恢复)已撤销的记录"""
|
||||
user = await get_current_user(request)
|
||||
# 仅管理员(班主任/班干部)可操作
|
||||
if user["user_type"] != "admin":
|
||||
return error_response(message="无权进行此操作", code=403)
|
||||
result = await ConductService.restore_record(
|
||||
record_id=req.record_id,
|
||||
restorer_id=user["user_id"]
|
||||
@@ -319,86 +341,6 @@ async def get_conduct_history(
|
||||
return error_response(message=f"获取历史记录失败: {str(e)}")
|
||||
|
||||
|
||||
# ========== 作业管理 ==========
|
||||
|
||||
@router.get("/homework/assignments")
|
||||
async def get_assignments(request: Request):
|
||||
"""获取作业列表"""
|
||||
user = await get_current_user(request)
|
||||
role = await PermissionChecker.get_user_role(user["user_id"])
|
||||
if role not in ["班主任", "学习委员"]:
|
||||
return error_response(message="无权限", code=403)
|
||||
result = await HomeworkService.get_assignments(user["user_id"])
|
||||
return success_response(data=result)
|
||||
|
||||
|
||||
@router.get("/homework/submissions/{assignment_id}")
|
||||
async def get_submissions(request: Request, assignment_id: int):
|
||||
"""获取作业提交记录"""
|
||||
user = await get_current_user(request)
|
||||
role = await PermissionChecker.get_user_role(user["user_id"])
|
||||
if role not in ["班主任", "学习委员"]:
|
||||
return error_response(message="无权限", code=403)
|
||||
result = await HomeworkService.get_submissions(
|
||||
assignment_id=assignment_id,
|
||||
user_id=user["user_id"]
|
||||
)
|
||||
return success_response(data=result)
|
||||
|
||||
|
||||
@router.post("/homework/assignment")
|
||||
async def create_assignment(request: Request, req: CreateAssignmentRequest):
|
||||
"""发布作业(班主任)"""
|
||||
user = await get_current_user(request)
|
||||
is_teacher = await PermissionChecker.check_is_teacher(user["user_id"])
|
||||
if not is_teacher:
|
||||
return error_response(message="仅班主任可发布作业", code=403)
|
||||
result = await HomeworkService.create_assignment(
|
||||
subject_id=req.subject_id,
|
||||
title=req.title,
|
||||
description=req.description,
|
||||
deadline=req.deadline,
|
||||
created_by=user["user_id"]
|
||||
)
|
||||
if result["success"]:
|
||||
await LogService.write_operation_log(
|
||||
operator_id=user["user_id"], operator_name=user["real_name"],
|
||||
operator_role="班主任", operation_type="create_assignment",
|
||||
target_type="homework",
|
||||
details=f"发布作业: {title}",
|
||||
ip=request.client.host
|
||||
)
|
||||
return success_response(data=result, message="作业发布成功")
|
||||
else:
|
||||
return error_response(message=result["message"])
|
||||
|
||||
|
||||
@router.put("/homework/submission")
|
||||
async def update_submission_status(request: Request, req: UpdateHomeworkStatusRequest):
|
||||
"""更新作业提交状态(班主任或学习委员)"""
|
||||
user = await get_current_user(request)
|
||||
role = await PermissionChecker.get_user_role(user["user_id"])
|
||||
if role not in ["班主任", "学习委员"]:
|
||||
return error_response(message="无权进行此操作", code=403)
|
||||
result = await HomeworkService.update_submission_status(
|
||||
submission_id=req.submission_id,
|
||||
status=req.status,
|
||||
comments=req.comments,
|
||||
apply_deduction=req.apply_deduction,
|
||||
operator_id=user["user_id"]
|
||||
)
|
||||
if result["success"]:
|
||||
await LogService.write_operation_log(
|
||||
operator_id=user["user_id"], operator_name=user["real_name"],
|
||||
operator_role=role, operation_type="update_submission",
|
||||
target_type="homework", target_id=req.submission_id,
|
||||
details=f"状态: {req.status}",
|
||||
ip=request.client.host
|
||||
)
|
||||
return success_response(message="状态更新成功")
|
||||
else:
|
||||
return error_response(message=result["message"])
|
||||
|
||||
|
||||
# ========== 考勤管理 ==========
|
||||
|
||||
|
||||
@@ -36,21 +36,6 @@ async def get_child_conduct(request: Request):
|
||||
return success_response(data=result)
|
||||
|
||||
|
||||
@router.get("/child/homework")
|
||||
async def get_child_homework(request: Request):
|
||||
"""
|
||||
获取子女作业情况
|
||||
"""
|
||||
user = await get_current_user(request)
|
||||
|
||||
if user["user_type"] != "parent":
|
||||
return error_response(message="仅限家长访问", code=403)
|
||||
|
||||
result = await ParentService.get_child_homework(user["user_id"])
|
||||
|
||||
return success_response(data=result)
|
||||
|
||||
|
||||
@router.get("/child/attendance")
|
||||
async def get_child_attendance(request: Request):
|
||||
"""
|
||||
|
||||
231
backend/routes/upgrade.py
Normal file
231
backend/routes/upgrade.py
Normal file
@@ -0,0 +1,231 @@
|
||||
# ===========================================
|
||||
# 班级操行分管理系统 - 升级管理路由
|
||||
#
|
||||
# 开发者: Canglan
|
||||
# 版权归属: Sea Network Technology Studio
|
||||
#
|
||||
# 版权所有 © Sea Network Technology Studio
|
||||
# ===========================================
|
||||
|
||||
from fastapi import APIRouter, Request
|
||||
from utils.database import execute_query, execute_update, get_pool
|
||||
from utils.response import success_response, error_response
|
||||
from utils.logger import setup_logger
|
||||
from middleware.permission import PermissionChecker
|
||||
import os
|
||||
import re
|
||||
|
||||
logger = setup_logger()
|
||||
router = APIRouter()
|
||||
|
||||
# 版本列表(按顺序)
|
||||
ALL_VERSIONS = {
|
||||
'1.7': 'v1.7.sql',
|
||||
'1.8': 'v1.8.sql',
|
||||
'2.0': 'v2.0.sql',
|
||||
'2.0.1': 'v2.0.1.sql',
|
||||
'2.1': 'v2.1.sql',
|
||||
'2.2': 'v2.2.sql',
|
||||
}
|
||||
|
||||
|
||||
@router.get("/check")
|
||||
async def check_upgrade(request: Request):
|
||||
"""检查数据库版本是否需要升级"""
|
||||
# 权限检查:仅班主任可执行升级操作
|
||||
user_type = getattr(request.state, 'user_type', None)
|
||||
if user_type != 'admin':
|
||||
return error_response(message="仅管理员可执行升级操作", code=403)
|
||||
|
||||
is_teacher = await PermissionChecker.check_is_teacher(
|
||||
getattr(request.state, 'user_id', 0)
|
||||
)
|
||||
if not is_teacher:
|
||||
return error_response(message="仅班主任可执行升级操作", code=403)
|
||||
|
||||
user_id = request.state.user.get('user_id') if hasattr(request.state, 'user') else getattr(request.state, 'user_id', None)
|
||||
|
||||
# 检测当前数据库版本
|
||||
current_version = '0.0.0'
|
||||
try:
|
||||
row = await execute_query(
|
||||
"SELECT setting_value FROM system_settings WHERE setting_key = 'db_version'"
|
||||
)
|
||||
if row:
|
||||
current_version = row[0]['setting_value']
|
||||
except Exception:
|
||||
pass # 表不存在时使用默认值
|
||||
|
||||
# 读取目标版本(从 VERSION 文件)
|
||||
version_file = os.path.join(os.path.dirname(os.path.dirname(__file__)), '..', 'VERSION')
|
||||
version_file = os.path.normpath(version_file)
|
||||
target_version = '0.0.0'
|
||||
try:
|
||||
if os.path.exists(version_file):
|
||||
with open(version_file, 'r') as f:
|
||||
target_version = f.read().strip()
|
||||
except Exception:
|
||||
pass
|
||||
|
||||
# 计算需要升级的步骤
|
||||
needs_upgrade = _compare_versions(target_version, current_version) > 0
|
||||
|
||||
steps = []
|
||||
for version, file_name in sorted(ALL_VERSIONS.items(), key=lambda x: _version_tuple(x[0])):
|
||||
if _compare_versions(version, current_version) > 0 and _compare_versions(version, target_version) <= 0:
|
||||
steps.append({'version': version, 'file': file_name})
|
||||
|
||||
return success_response(data={
|
||||
'needs_upgrade': needs_upgrade,
|
||||
'current': current_version,
|
||||
'target': target_version,
|
||||
'steps': steps
|
||||
})
|
||||
|
||||
|
||||
@router.post("/step")
|
||||
async def execute_upgrade_step(request: Request):
|
||||
"""执行单个升级步骤"""
|
||||
# 权限检查:仅班主任可执行升级操作
|
||||
user_type = getattr(request.state, 'user_type', None)
|
||||
if user_type != 'admin':
|
||||
return error_response(message="仅管理员可执行升级操作", code=403)
|
||||
|
||||
is_teacher = await PermissionChecker.check_is_teacher(
|
||||
getattr(request.state, 'user_id', 0)
|
||||
)
|
||||
if not is_teacher:
|
||||
return error_response(message="仅班主任可执行升级操作", code=403)
|
||||
|
||||
user_id = request.state.user.get('user_id') if hasattr(request.state, 'user') else getattr(request.state, 'user_id', None)
|
||||
|
||||
body = await request.json()
|
||||
version = body.get('version', '')
|
||||
|
||||
if not version:
|
||||
return error_response(message='缺少版本号参数', code=400)
|
||||
|
||||
if version not in ALL_VERSIONS:
|
||||
return error_response(message=f'未知版本: {version}', code=400)
|
||||
|
||||
# SQL 文件路径
|
||||
sql_dir = os.path.join(os.path.dirname(os.path.dirname(__file__)), '..', 'sql', 'upgrades')
|
||||
sql_file = os.path.normpath(os.path.join(sql_dir, ALL_VERSIONS[version]))
|
||||
|
||||
if not os.path.exists(sql_file):
|
||||
return error_response(message=f'SQL 文件不存在: {ALL_VERSIONS[version]}', code=500)
|
||||
|
||||
try:
|
||||
# 读取并执行 SQL
|
||||
with open(sql_file, 'r', encoding='utf-8') as f:
|
||||
sql_content = f.read().strip()
|
||||
|
||||
if sql_content and sql_content != '--':
|
||||
# 使用 aiomysql 直接执行多条 SQL
|
||||
pool = get_pool()
|
||||
async with pool.acquire() as conn:
|
||||
async with conn.cursor() as cursor:
|
||||
# 分割 SQL 语句(按 DELIMITER 处理存储过程)
|
||||
await _execute_sql_content(cursor, sql_content)
|
||||
await conn.commit()
|
||||
|
||||
# 更新版本号
|
||||
await execute_update(
|
||||
"INSERT INTO system_settings (setting_key, setting_value) VALUES ('db_version', %s) "
|
||||
"ON DUPLICATE KEY UPDATE setting_value = %s",
|
||||
(version, version)
|
||||
)
|
||||
|
||||
# 重新检测版本
|
||||
new_version = '0.0.0'
|
||||
try:
|
||||
row = await execute_query(
|
||||
"SELECT setting_value FROM system_settings WHERE setting_key = 'db_version'"
|
||||
)
|
||||
if row:
|
||||
new_version = row[0]['setting_value']
|
||||
except Exception:
|
||||
pass
|
||||
|
||||
logger.info(f"数据库升级成功: v{version} ({ALL_VERSIONS[version]})")
|
||||
|
||||
return success_response(data={
|
||||
'success': True,
|
||||
'version': version,
|
||||
'message': f"升级至 v{version} 成功 ({ALL_VERSIONS[version]})",
|
||||
'current': new_version
|
||||
})
|
||||
|
||||
except Exception as e:
|
||||
logger.error(f"数据库升级失败: v{version} - {str(e)}")
|
||||
return error_response(message=f"升级至 v{version} 失败: {str(e)}", code=500)
|
||||
|
||||
|
||||
def _compare_versions(v1: str, v2: str) -> int:
|
||||
"""比较两个版本号,返回 1/0/-1"""
|
||||
t1 = _version_tuple(v1)
|
||||
t2 = _version_tuple(v2)
|
||||
if t1 > t2:
|
||||
return 1
|
||||
elif t1 < t2:
|
||||
return -1
|
||||
return 0
|
||||
|
||||
|
||||
def _version_tuple(v: str) -> tuple:
|
||||
"""将版本字符串转为可比较的元组"""
|
||||
parts = []
|
||||
for p in v.split('.'):
|
||||
try:
|
||||
parts.append(int(p))
|
||||
except ValueError:
|
||||
parts.append(0)
|
||||
return tuple(parts)
|
||||
|
||||
|
||||
async def _execute_sql_content(cursor, sql_content: str):
|
||||
"""执行 SQL 内容,处理存储过程中的 DELIMITER"""
|
||||
# 如果包含 DELIMITER,需要特殊处理
|
||||
if 'DELIMITER' in sql_content:
|
||||
# 移除 DELIMITER 行,按 $$ 分割存储过程
|
||||
lines = sql_content.split('\n')
|
||||
current_block = []
|
||||
in_procedure = False
|
||||
|
||||
for line in lines:
|
||||
stripped = line.strip()
|
||||
if stripped.upper().startswith('DELIMITER $$'):
|
||||
in_procedure = True
|
||||
current_block = []
|
||||
continue
|
||||
elif stripped.upper() == 'DELIMITER ;':
|
||||
# 执行累积的存储过程块
|
||||
if current_block:
|
||||
proc_sql = '\n'.join(current_block).strip()
|
||||
if proc_sql:
|
||||
await cursor.execute(proc_sql)
|
||||
in_procedure = False
|
||||
current_block = []
|
||||
continue
|
||||
elif stripped.upper().startswith('DELIMITER'):
|
||||
continue
|
||||
|
||||
if in_procedure:
|
||||
current_block.append(line)
|
||||
else:
|
||||
# 普通SQL,按分号分割执行
|
||||
if stripped and not stripped.startswith('--'):
|
||||
# 简单的按分号分割
|
||||
for stmt in stripped.split(';'):
|
||||
stmt = stmt.strip()
|
||||
if stmt:
|
||||
await cursor.execute(stmt)
|
||||
else:
|
||||
# 无 DELIMITER,简单执行
|
||||
# 按 CREATE 分割以支持多语句
|
||||
# 分割 SQL 语句
|
||||
statements = re.split(r';\s*\n', sql_content)
|
||||
for stmt in statements:
|
||||
stmt = stmt.strip()
|
||||
if stmt and stmt != '--':
|
||||
await cursor.execute(stmt)
|
||||
Reference in New Issue
Block a user