commit by Kalman.CHENG ☆

dsLightRag/Routes/TeachingModel/api/LoginController.py

@@ -108,13 +108,14 @@ async def login(request: Request, response: Response):
     if not username or not password:
         return {"success": False, "message": "用户名和密码不能为空"}
 
-    password = md5_encrypt(password)
+    # password = md5_encrypt(password)
-    select_user_sql: str = "SELECT person_id, person_name, identity_id, login_name, xb, bureau_id, org_id, pwdmd5 FROM t_sys_loginperson WHERE login_name = '" + username + "' AND b_use = 1"
+    password = get_ldap_password(password)
+    select_user_sql: str = "SELECT person_id, person_name, identity_id, login_name, xb, bureau_id, org_id, pwdmd5, pwd, city_id, area_id, bureau_id FROM t_sys_loginperson WHERE login_name = '" + username + "' AND b_use = 1"
     userlist = await find_by_sql(select_user_sql,())
     user = userlist[0] if userlist else None
     logging.info(f"查询结果: {user}")
-    if user and user['pwdmd5'] == password:  # 验证的cas用户密码，md5加密的版本
+    if user and user['pwd'] == password:  # 验证的cas用户密码，md5加密的版本
-        token = create_access_token({"user_id": user['person_id'], "identity_id": user['identity_id']})
+        token = create_access_token({"user_id": user['person_id'], "identity_id": user['identity_id'], "city_id": user['city_id'], "area_id": user['area_id'], "bureau_id": user['bureau_id']})
         CookieUtil.set_cookie(
             res=response,
             key="auth_token",

dsLightRag/Routes/TeachingModel/api/ThemeController.py

@@ -6,6 +6,7 @@ from Util.Database import *
 from Util.ParseRequest import *
 from Routes.TeachingModel.auth.dependencies import *
 from Util.PageUtil import *
+from Util.PersonUtil import get_person_info
 from Util.TranslateUtil import *
 
 # 创建一个路由实例,需要依赖get_current_user,登录后才能访问
@@ -19,16 +20,37 @@ router = APIRouter(dependencies=[Depends(get_current_user)])
 async def list(request: Request):
     # 获取参数
     person_id = await get_request_str_param(request, "person_id", True, True)
+    person_info = await get_person_info(person_id)
+    if person_info is None:
+        return {"success": False, "message": "用户不存在！"}
+
     stage_id = await get_request_num_param(request, "stage_id", False, True, -1)
     subject_id = await get_request_num_param(request, "subject_id", False, True, -1)
+    scope_type = await get_request_num_param(request, "scope_type", False, True, 0)
     page_number = await get_request_num_param(request, "page_number", False, True,1)
     page_size = await get_request_num_param(request, "page_size", False, True, 10)
     theme_name = await get_request_str_param(request, "theme_name", False, True)
 
-    print(stage_id, person_id, subject_id, page_number, page_size, theme_name)
+    city_id = person_info["city_id"]
+    area_id = person_info["area_id"]
+    bureau_id = person_info["bureau_id"]
+
+    # 拼接查询SQL语句 # 修改列表获取逻辑，我能管理啥？ 我自己创建的+共享给我管理的
+    select_theme_sql: str = " select * from t_ai_teaching_model_theme WHERE is_deleted = 0 "
+    # scope_type --> 0：全部；1：共享给市；2：共享给区；3：共享给校；4：共享给人；5：本人创建；
+    if scope_type == 0:
+        select_theme_sql += " and ((person_id = '" + person_id + "') or ( id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and permission_type = 1 and ((scope_type = 1 and scope_value = '" + city_id + "') or (scope_type = 2 and scope_value = '" + area_id + "') or (scope_type = 3 and scope_value = '" + bureau_id + "') or (scope_type = 4 and scope_value = '" + person_id + "')))))"
+    elif scope_type == 1:
+        select_theme_sql += " and id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and scope_type = 1 and scope_value = '" + city_id + "' and permission_type = 1)"
+    elif scope_type == 2:
+        select_theme_sql += " and id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and scope_type = 2 and scope_value = '" + area_id + "' and permission_type = 1)"
+    elif scope_type == 3:
+        select_theme_sql += " and id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and scope_type = 3 and scope_value = '" + bureau_id + "' and permission_type = 1)"
+    elif scope_type == 4:
+        select_theme_sql += " and id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and scope_type = 4 and scope_value = '" + person_id + "' and permission_type = 1)"
+    elif scope_type == 5:
+        select_theme_sql += " and person_id = '" + person_id + "'"
 
-    # 拼接查询SQL语句
-    select_theme_sql: str = " SELECT * FROM t_ai_teaching_model_theme WHERE is_deleted = 0 and person_id = '" + person_id + "'"
     if stage_id != -1:
         select_theme_sql += " and stage_id = " + str(stage_id)
     if subject_id != -1:
@@ -37,6 +59,8 @@ async def list(request: Request):
         select_theme_sql += " and theme_name like '%" + theme_name + "%'"
     select_theme_sql += " ORDER BY create_time DESC"
 
+    print(select_theme_sql)
+
     # 查询主题列表
     page = await get_page_data_by_sql(select_theme_sql, page_number, page_size)
     person_ids = ""
@@ -54,6 +78,7 @@ async def list(request: Request):
         item["stage_name"] = stage_map.get(str(item["stage_id"]), "未知学段")
         item["subject_name"] = subject_map.get(str(item["subject_id"]), "未知学科")
         item["person_name"] = person_map.get(str(item["person_id"]), "未知姓名")
+        item["can_share"] = 1 if person_id == item['person_id'] else 0
 
     return {"success": True, "message": "查询成功！", "data": page}
 
@@ -156,18 +181,101 @@ async def get_list_by_stage_subject(request: Request):
     stage_id = await get_request_num_param(request, "stage_id", False, True, -1)
     subject_id = await get_request_num_param(request, "subject_id", False, True, -1)
 
+    person_info = await get_person_info(person_id)
+    if person_info is None:
+        return {"success": False, "message": "用户不存在！"}
+
+    city_id = person_info["city_id"]
+    area_id = person_info["area_id"]
+    bureau_id = person_info["bureau_id"]
+
     # 拼接查询SQL语句
-    select_theme_sql: str = " select id as theme_id, theme_name from t_ai_teaching_model_theme where is_deleted = 0 and person_id = '" + person_id + "'"
+    select_theme_sql: str = " select id as theme_id, theme_name from t_ai_teaching_model_theme where is_deleted = 0 "
+    # 不用加permission_type判断，因为permission_type有两个选项，管理和查看，能管理的都能看，so，不用管permission_type
+    select_theme_sql += " and ((person_id = '" + person_id + "') or ( id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and ((scope_type = 1 and scope_value = '" + city_id + "') or (scope_type = 2 and scope_value = '" + area_id + "') or (scope_type = 3 and scope_value = '" + bureau_id + "') or (scope_type = 4 and scope_value = '" + person_id + "')))))"
+
     if stage_id != -1:
         select_theme_sql += " and stage_id = " + str(stage_id)
     if subject_id != -1:
         select_theme_sql += " and subject_id = " + str(subject_id)
+    print(select_theme_sql)
+
     select_theme_result = await find_by_sql(select_theme_sql,())
+    if select_theme_result is None:
+        select_theme_result = []
 
     return {"success": True, "message": "查询成功！", "data": {"theme_list": select_theme_result}}
 
 
+@router.post("/share")
+async def share(request: Request):
+    # 获取参数
+    theme_id = await get_request_num_param(request, "theme_id", True, True, None)
+    scope_type = await get_request_num_param(request, "scope_type", True, True, None)
+    scope_value = await get_request_str_param(request, "scope_value", True, True)
+    permission_type = await get_request_num_param(request, "permission_type", True, True, None)
+    person_id = await get_request_str_param(request, "person_id", True, True)
+    expires_at = await get_request_str_param(request, "expires_at", False, True)
+
+    now = datetime.datetime.now()
+    # 组装参数
+    param = {"theme_id": theme_id,"scope_type": scope_type,"scope_value": scope_value,"created_by": person_id,"created_at": now, "check_flag": 1, "checked_at": now, "checked_info": "默认审核通过", "permission_type": permission_type, "granted_at": now}
+    if expires_at != "":
+        param["expires_at"] = datetime.datetime.strptime(expires_at, "%Y-%m-%d")
+
+    print(param)
+    # 插入数据
+    id = await insert("t_ai_teaching_model_theme_scope", param, False)
+    return {"success": True, "message": "保存成功！", "data": {"insert_id": id}}
 
 
+@router.get("/myShareList")
+async def my_share_list(request: Request):
+    # 获取参数
+    person_id = await get_request_str_param(request, "person_id", True, True)
+    person_info = await get_person_info(person_id)
+    if person_info is None:
+        return {"success": False, "message": "用户不存在！"}
 
+    scope_type = await get_request_num_param(request, "scope_type", True, True, None)
+    stage_id = await get_request_num_param(request, "stage_id", False, True, -1)
+    subject_id = await get_request_num_param(request, "subject_id", False, True, -1)
+    theme_name = await get_request_str_param(request, "theme_name", False, True)
+    page_number = await get_request_num_param(request, "page_number", False, True, 1)
+    page_size = await get_request_num_param(request, "page_size", False, True, 10)
 
+    # 拼接查询SQL语句
+    column_str: str = "t1.id as theme_id, t1.theme_name, t1.short_name, t1.theme_icon, t1.stage_id, t1.subject_id, t1.quote_count, t1.search_flag, t1.train_flag, t2.id as scope_id, t2.scope_type, t2.scope_value, t2.created_by, t2.created_at, t2.check_flag, t2.permission_type, t2.granted_at, t2.expires_at "
+    select_theme_sql: str = f" select {column_str} from t_ai_teaching_model_theme t1, t_ai_teaching_model_theme_scope t2 where t1.is_deleted = 0 and t2.is_deleted = 0 and t1.id = t2.theme_id and t2.created_by = '{person_id}' "
+    # scope_type --> 0：全部；1：共享给市；2：共享给区；3：共享给校；4：共享给人；
+    if scope_type != 0:
+        select_theme_sql += " and t2.scope_type = " + str(scope_type)
+    if stage_id != -1:
+        select_theme_sql += " and t1.stage_id = " + str(stage_id)
+    if subject_id != -1:
+        select_theme_sql += " and t1.subject_id = " + str(subject_id)
+    if theme_name != "":
+        select_theme_sql += " and t1.theme_name like '%" + theme_name + "%' "
+    select_theme_sql += "ORDER BY t1.create_time DESC "
+
+    page = await get_page_data_by_sql(select_theme_sql, page_number, page_size)
+
+    person_name = person_info["person_name"]
+    stage_map = await get_stage_map()
+    subject_map = await get_subject_map()
+
+    for item in page["list"]:
+        item["stage_name"] = stage_map.get(str(item["stage_id"]), "未知学段")
+        item["subject_name"] = subject_map.get(str(item["subject_id"]), "未知学科")
+        item["person_name"] = person_name
+
+    return {"success": True, "message": "查询成功！", "data": page}
+
+@router.post("/deleteShare")
+async def delete_share(request: Request):
+    # 获取参数
+    scope_id = await get_request_num_param(request, "scope_id", True, True, None)
+    result = await delete_by_id("t_ai_teaching_model_theme_scope", "id", scope_id)
+    if not result:
+        return {"success": False, "message": "删除失败！"}
+    return {"success": True, "message": "删除成功！"}

dsLightRag/Start.py

@@ -108,8 +108,6 @@ app.include_router(theme_router, prefix="/api/theme", tags=["theme"])
 app.include_router(document_router, prefix="/api/document", tags=["document"])
 # 问题相关（大模型应用）
 app.include_router(teaching_model_router, prefix="/api/teaching/model", tags=["teacher_model"])
-# 教学答疑
-app.include_router(teaching_model_router, prefix="/api/teaching/model", tags=["teacher_model"])
 
 if __name__ == "__main__":
-    uvicorn.run(app, host="0.0.0.0", port=8200)
+    uvicorn.run(app, host="0.0.0.0", port=8100)

dsLightRag/Util/CommonUtil.py

@@ -1,4 +1,5 @@
 import hashlib
+import base64
 import logging
 
 # 配置日志
@@ -14,4 +15,33 @@ def md5_encrypt(text):
     # 获取十六进制表示的哈希值
     encrypted_text = md5_hash.hexdigest()
 
-    return encrypted_text
+    return encrypted_text
+
+
+def get_ldap_password(password):
+    try:
+        # 计算MD5哈希值
+        md5pass = md5_encrypt(password)
+
+        # 每两个字节压缩成一个十六进制字符
+        ba_keyword = bytearray()
+        for i in range(0, len(md5pass), 2):
+            try:
+                ba_keyword.append(int(md5pass[i:i + 2], 16) & 0xff)
+            except Exception as e:
+                logger.error(f"======================错误密码：{md5pass}")
+                logger.error(e, exc_info=True)
+                return None
+
+        # Base64编码
+        newstr = base64.b64encode(ba_keyword).decode('utf-8')
+        return newstr
+
+    except Exception as err:
+        logger.error(f"出错的密码：{password}")
+        logger.error(err, exc_info=True)
+        return None
+
+
+if __name__ == '__main__':
+    print(get_ldap_password("123456"))

dsLightRag/Util/Database.py

@@ -40,6 +40,10 @@ async def insert(tableName, param, onlyForParam=False):
                 columns.append(key)
                 values.append(value)
                 placeholders.append(f"${len(values)}")
+            else:
+                columns.append(key)
+                values.append(value)
+                placeholders.append(f"${len(values)}")
         else:
             columns.append(key)
             values.append(None)

dsLightRag/Util/PersonUtil.py

@@ -0,0 +1,22 @@
+import logging
+
+from Util.Database import find_by_sql
+
+# 配置日志
+logging.basicConfig(level=logging.INFO, format="%(asctime)s - %(levelname)s - %(message)s")
+logger = logging.getLogger(__name__)
+
+
+################################
+# 功能：根据person_id获取人员信息
+# 作者：Kalman.CHENG ☆
+# 时间：2025-09-09
+# 备注：
+################################
+async def get_person_info(person_id):
+    select_person_sql: str = f"select * from t_sys_loginperson where person_id = '{person_id}' and b_use = 1"
+    select_person_result = await find_by_sql(select_person_sql, ())
+    if select_person_result:
+        return select_person_result[0]
+    else:
+        return None