diff --git a/dsLightRag/Routes/TeachingModel/api/LoginController.py b/dsLightRag/Routes/TeachingModel/api/LoginController.py index 76ec3328..62610f10 100644 --- a/dsLightRag/Routes/TeachingModel/api/LoginController.py +++ b/dsLightRag/Routes/TeachingModel/api/LoginController.py @@ -108,13 +108,14 @@ async def login(request: Request, response: Response): if not username or not password: return {"success": False, "message": "用户名和密码不能为空"} - password = md5_encrypt(password) - select_user_sql: str = "SELECT person_id, person_name, identity_id, login_name, xb, bureau_id, org_id, pwdmd5 FROM t_sys_loginperson WHERE login_name = '" + username + "' AND b_use = 1" + # password = md5_encrypt(password) + password = get_ldap_password(password) + select_user_sql: str = "SELECT person_id, person_name, identity_id, login_name, xb, bureau_id, org_id, pwdmd5, pwd, city_id, area_id, bureau_id FROM t_sys_loginperson WHERE login_name = '" + username + "' AND b_use = 1" userlist = await find_by_sql(select_user_sql,()) user = userlist[0] if userlist else None logging.info(f"查询结果: {user}") - if user and user['pwdmd5'] == password: # 验证的cas用户密码,md5加密的版本 - token = create_access_token({"user_id": user['person_id'], "identity_id": user['identity_id']}) + if user and user['pwd'] == password: # 验证的cas用户密码,md5加密的版本 + token = create_access_token({"user_id": user['person_id'], "identity_id": user['identity_id'], "city_id": user['city_id'], "area_id": user['area_id'], "bureau_id": user['bureau_id']}) CookieUtil.set_cookie( res=response, key="auth_token", diff --git a/dsLightRag/Routes/TeachingModel/api/ThemeController.py b/dsLightRag/Routes/TeachingModel/api/ThemeController.py index 6b9ccf12..43ac7227 100644 --- a/dsLightRag/Routes/TeachingModel/api/ThemeController.py +++ b/dsLightRag/Routes/TeachingModel/api/ThemeController.py @@ -6,6 +6,7 @@ from Util.Database import * from Util.ParseRequest import * from Routes.TeachingModel.auth.dependencies import * from Util.PageUtil import * +from Util.PersonUtil import get_person_info from Util.TranslateUtil import * # 创建一个路由实例,需要依赖get_current_user,登录后才能访问 @@ -19,16 +20,37 @@ router = APIRouter(dependencies=[Depends(get_current_user)]) async def list(request: Request): # 获取参数 person_id = await get_request_str_param(request, "person_id", True, True) + person_info = await get_person_info(person_id) + if person_info is None: + return {"success": False, "message": "用户不存在!"} + stage_id = await get_request_num_param(request, "stage_id", False, True, -1) subject_id = await get_request_num_param(request, "subject_id", False, True, -1) + scope_type = await get_request_num_param(request, "scope_type", False, True, 0) page_number = await get_request_num_param(request, "page_number", False, True,1) page_size = await get_request_num_param(request, "page_size", False, True, 10) theme_name = await get_request_str_param(request, "theme_name", False, True) - print(stage_id, person_id, subject_id, page_number, page_size, theme_name) + city_id = person_info["city_id"] + area_id = person_info["area_id"] + bureau_id = person_info["bureau_id"] + + # 拼接查询SQL语句 # 修改列表获取逻辑,我能管理啥? 我自己创建的+共享给我管理的 + select_theme_sql: str = " select * from t_ai_teaching_model_theme WHERE is_deleted = 0 " + # scope_type --> 0:全部;1:共享给市;2:共享给区;3:共享给校;4:共享给人;5:本人创建; + if scope_type == 0: + select_theme_sql += " and ((person_id = '" + person_id + "') or ( id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and permission_type = 1 and ((scope_type = 1 and scope_value = '" + city_id + "') or (scope_type = 2 and scope_value = '" + area_id + "') or (scope_type = 3 and scope_value = '" + bureau_id + "') or (scope_type = 4 and scope_value = '" + person_id + "')))))" + elif scope_type == 1: + select_theme_sql += " and id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and scope_type = 1 and scope_value = '" + city_id + "' and permission_type = 1)" + elif scope_type == 2: + select_theme_sql += " and id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and scope_type = 2 and scope_value = '" + area_id + "' and permission_type = 1)" + elif scope_type == 3: + select_theme_sql += " and id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and scope_type = 3 and scope_value = '" + bureau_id + "' and permission_type = 1)" + elif scope_type == 4: + select_theme_sql += " and id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and scope_type = 4 and scope_value = '" + person_id + "' and permission_type = 1)" + elif scope_type == 5: + select_theme_sql += " and person_id = '" + person_id + "'" - # 拼接查询SQL语句 - select_theme_sql: str = " SELECT * FROM t_ai_teaching_model_theme WHERE is_deleted = 0 and person_id = '" + person_id + "'" if stage_id != -1: select_theme_sql += " and stage_id = " + str(stage_id) if subject_id != -1: @@ -37,6 +59,8 @@ async def list(request: Request): select_theme_sql += " and theme_name like '%" + theme_name + "%'" select_theme_sql += " ORDER BY create_time DESC" + print(select_theme_sql) + # 查询主题列表 page = await get_page_data_by_sql(select_theme_sql, page_number, page_size) person_ids = "" @@ -54,6 +78,7 @@ async def list(request: Request): item["stage_name"] = stage_map.get(str(item["stage_id"]), "未知学段") item["subject_name"] = subject_map.get(str(item["subject_id"]), "未知学科") item["person_name"] = person_map.get(str(item["person_id"]), "未知姓名") + item["can_share"] = 1 if person_id == item['person_id'] else 0 return {"success": True, "message": "查询成功!", "data": page} @@ -156,18 +181,101 @@ async def get_list_by_stage_subject(request: Request): stage_id = await get_request_num_param(request, "stage_id", False, True, -1) subject_id = await get_request_num_param(request, "subject_id", False, True, -1) + person_info = await get_person_info(person_id) + if person_info is None: + return {"success": False, "message": "用户不存在!"} + + city_id = person_info["city_id"] + area_id = person_info["area_id"] + bureau_id = person_info["bureau_id"] + # 拼接查询SQL语句 - select_theme_sql: str = " select id as theme_id, theme_name from t_ai_teaching_model_theme where is_deleted = 0 and person_id = '" + person_id + "'" + select_theme_sql: str = " select id as theme_id, theme_name from t_ai_teaching_model_theme where is_deleted = 0 " + # 不用加permission_type判断,因为permission_type有两个选项,管理和查看,能管理的都能看,so,不用管permission_type + select_theme_sql += " and ((person_id = '" + person_id + "') or ( id in (select theme_id from t_ai_teaching_model_theme_scope where check_flag = 1 and is_deleted = 0 and ((scope_type = 1 and scope_value = '" + city_id + "') or (scope_type = 2 and scope_value = '" + area_id + "') or (scope_type = 3 and scope_value = '" + bureau_id + "') or (scope_type = 4 and scope_value = '" + person_id + "')))))" + if stage_id != -1: select_theme_sql += " and stage_id = " + str(stage_id) if subject_id != -1: select_theme_sql += " and subject_id = " + str(subject_id) + print(select_theme_sql) + select_theme_result = await find_by_sql(select_theme_sql,()) + if select_theme_result is None: + select_theme_result = [] return {"success": True, "message": "查询成功!", "data": {"theme_list": select_theme_result}} +@router.post("/share") +async def share(request: Request): + # 获取参数 + theme_id = await get_request_num_param(request, "theme_id", True, True, None) + scope_type = await get_request_num_param(request, "scope_type", True, True, None) + scope_value = await get_request_str_param(request, "scope_value", True, True) + permission_type = await get_request_num_param(request, "permission_type", True, True, None) + person_id = await get_request_str_param(request, "person_id", True, True) + expires_at = await get_request_str_param(request, "expires_at", False, True) + + now = datetime.datetime.now() + # 组装参数 + param = {"theme_id": theme_id,"scope_type": scope_type,"scope_value": scope_value,"created_by": person_id,"created_at": now, "check_flag": 1, "checked_at": now, "checked_info": "默认审核通过", "permission_type": permission_type, "granted_at": now} + if expires_at != "": + param["expires_at"] = datetime.datetime.strptime(expires_at, "%Y-%m-%d") + + print(param) + # 插入数据 + id = await insert("t_ai_teaching_model_theme_scope", param, False) + return {"success": True, "message": "保存成功!", "data": {"insert_id": id}} +@router.get("/myShareList") +async def my_share_list(request: Request): + # 获取参数 + person_id = await get_request_str_param(request, "person_id", True, True) + person_info = await get_person_info(person_id) + if person_info is None: + return {"success": False, "message": "用户不存在!"} + scope_type = await get_request_num_param(request, "scope_type", True, True, None) + stage_id = await get_request_num_param(request, "stage_id", False, True, -1) + subject_id = await get_request_num_param(request, "subject_id", False, True, -1) + theme_name = await get_request_str_param(request, "theme_name", False, True) + page_number = await get_request_num_param(request, "page_number", False, True, 1) + page_size = await get_request_num_param(request, "page_size", False, True, 10) + # 拼接查询SQL语句 + column_str: str = "t1.id as theme_id, t1.theme_name, t1.short_name, t1.theme_icon, t1.stage_id, t1.subject_id, t1.quote_count, t1.search_flag, t1.train_flag, t2.id as scope_id, t2.scope_type, t2.scope_value, t2.created_by, t2.created_at, t2.check_flag, t2.permission_type, t2.granted_at, t2.expires_at " + select_theme_sql: str = f" select {column_str} from t_ai_teaching_model_theme t1, t_ai_teaching_model_theme_scope t2 where t1.is_deleted = 0 and t2.is_deleted = 0 and t1.id = t2.theme_id and t2.created_by = '{person_id}' " + # scope_type --> 0:全部;1:共享给市;2:共享给区;3:共享给校;4:共享给人; + if scope_type != 0: + select_theme_sql += " and t2.scope_type = " + str(scope_type) + if stage_id != -1: + select_theme_sql += " and t1.stage_id = " + str(stage_id) + if subject_id != -1: + select_theme_sql += " and t1.subject_id = " + str(subject_id) + if theme_name != "": + select_theme_sql += " and t1.theme_name like '%" + theme_name + "%' " + select_theme_sql += "ORDER BY t1.create_time DESC " + + page = await get_page_data_by_sql(select_theme_sql, page_number, page_size) + + person_name = person_info["person_name"] + stage_map = await get_stage_map() + subject_map = await get_subject_map() + + for item in page["list"]: + item["stage_name"] = stage_map.get(str(item["stage_id"]), "未知学段") + item["subject_name"] = subject_map.get(str(item["subject_id"]), "未知学科") + item["person_name"] = person_name + + return {"success": True, "message": "查询成功!", "data": page} + +@router.post("/deleteShare") +async def delete_share(request: Request): + # 获取参数 + scope_id = await get_request_num_param(request, "scope_id", True, True, None) + result = await delete_by_id("t_ai_teaching_model_theme_scope", "id", scope_id) + if not result: + return {"success": False, "message": "删除失败!"} + return {"success": True, "message": "删除成功!"} \ No newline at end of file diff --git a/dsLightRag/Start.py b/dsLightRag/Start.py index 42a3de1f..8849aac9 100644 --- a/dsLightRag/Start.py +++ b/dsLightRag/Start.py @@ -108,8 +108,6 @@ app.include_router(theme_router, prefix="/api/theme", tags=["theme"]) app.include_router(document_router, prefix="/api/document", tags=["document"]) # 问题相关(大模型应用) app.include_router(teaching_model_router, prefix="/api/teaching/model", tags=["teacher_model"]) -# 教学答疑 -app.include_router(teaching_model_router, prefix="/api/teaching/model", tags=["teacher_model"]) if __name__ == "__main__": - uvicorn.run(app, host="0.0.0.0", port=8200) + uvicorn.run(app, host="0.0.0.0", port=8100) diff --git a/dsLightRag/Util/CommonUtil.py b/dsLightRag/Util/CommonUtil.py index 909ee2c4..ae2a06e4 100644 --- a/dsLightRag/Util/CommonUtil.py +++ b/dsLightRag/Util/CommonUtil.py @@ -1,4 +1,5 @@ import hashlib +import base64 import logging # 配置日志 @@ -14,4 +15,33 @@ def md5_encrypt(text): # 获取十六进制表示的哈希值 encrypted_text = md5_hash.hexdigest() - return encrypted_text \ No newline at end of file + return encrypted_text + + +def get_ldap_password(password): + try: + # 计算MD5哈希值 + md5pass = md5_encrypt(password) + + # 每两个字节压缩成一个十六进制字符 + ba_keyword = bytearray() + for i in range(0, len(md5pass), 2): + try: + ba_keyword.append(int(md5pass[i:i + 2], 16) & 0xff) + except Exception as e: + logger.error(f"======================错误密码:{md5pass}") + logger.error(e, exc_info=True) + return None + + # Base64编码 + newstr = base64.b64encode(ba_keyword).decode('utf-8') + return newstr + + except Exception as err: + logger.error(f"出错的密码:{password}") + logger.error(err, exc_info=True) + return None + + +if __name__ == '__main__': + print(get_ldap_password("123456")) \ No newline at end of file diff --git a/dsLightRag/Util/Database.py b/dsLightRag/Util/Database.py index 54f7c1c7..59fd1980 100644 --- a/dsLightRag/Util/Database.py +++ b/dsLightRag/Util/Database.py @@ -40,6 +40,10 @@ async def insert(tableName, param, onlyForParam=False): columns.append(key) values.append(value) placeholders.append(f"${len(values)}") + else: + columns.append(key) + values.append(value) + placeholders.append(f"${len(values)}") else: columns.append(key) values.append(None) diff --git a/dsLightRag/Util/PersonUtil.py b/dsLightRag/Util/PersonUtil.py new file mode 100644 index 00000000..de2cca4b --- /dev/null +++ b/dsLightRag/Util/PersonUtil.py @@ -0,0 +1,22 @@ +import logging + +from Util.Database import find_by_sql + +# 配置日志 +logging.basicConfig(level=logging.INFO, format="%(asctime)s - %(levelname)s - %(message)s") +logger = logging.getLogger(__name__) + + +################################ +# 功能:根据person_id获取人员信息 +# 作者:Kalman.CHENG ☆ +# 时间:2025-09-09 +# 备注: +################################ +async def get_person_info(person_id): + select_person_sql: str = f"select * from t_sys_loginperson where person_id = '{person_id}' and b_use = 1" + select_person_result = await find_by_sql(select_person_sql, ()) + if select_person_result: + return select_person_result[0] + else: + return None \ No newline at end of file