diff --git a/backend/ddl_killer/utils/webScrap.py b/backend/ddl_killer/utils/webScrap.py index 2fd5fd5c9b3f6317ec5331766325408b4a115e56..1c3d56bae602e2fba1f5445f8825af828e7aead2 100644 --- a/backend/ddl_killer/utils/webScrap.py +++ b/backend/ddl_killer/utils/webScrap.py @@ -452,7 +452,8 @@ def updateFromCourse(uid, account, password): ass['create_time'] = ass['create_time'].split('-')[0]+'-'+'%02d'%(int(ass['create_time'].split('-')[1]))+'-'+'%02d'%(int(ass['create_time'].split('-')[2].split(' ')[0]))+' '+ass['create_time'].split('-')[2].split(' ')[1] ass['urls'] = i.find('a').get('href') homework_detail = bs(s.get(ass['urls'], cookies=cookie, headers=header).text, 'html.parser') - + if ass['urls'] and "sakai_action=doView" in ass['urls']: + ass['urls'] = ass['urls'].split('sakai_action=doView')[0] try: ass['content'] = homework_detail.find('div', {'class': 'textPanel'}).text except: diff --git a/backend/ddl_killer/views.py b/backend/ddl_killer/views.py index 2bd2570867ff888143984d90604f56c708ad497f..10a2d8fe9abd4167cad0c4dfeda8a79de36d1e59 100644 --- a/backend/ddl_killer/views.py +++ b/backend/ddl_killer/views.py @@ -51,7 +51,7 @@ class Token(): def create_user(request): #用户注册 response={} try: - # print(request.body) + print(request.body) data = json.loads(request.body.decode()) check_user = User.objects.filter(uid=data["uid"]) if check_user.exists() and check_user[0].is_active == True: # 已经注册且激活 @@ -90,8 +90,12 @@ def create_user(request): #用户注册 return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') def edit_user(request): + response={} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') try: - response={} data = json.loads(request.body.decode()) uid=data['uid'] user=User.objects.get(uid=uid) @@ -185,6 +189,10 @@ def login_user(request): def logout_user(request): response = {} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') response['code'] = 200 response['msg'] = 'Success.' # print(request.session.session_key) @@ -194,6 +202,12 @@ def logout_user(request): def show_user(request, uid): #展示用户信息 response = {} + + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') + user = User.objects.get(uid=uid) # print(uid) response['msg'] = 'Success.' @@ -206,6 +220,10 @@ def show_user(request, uid): #展示用户信息 def update_courses(request, uid): #从课程中心获取用户所选课程并同步作业及资源及通知 response = {} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') data = json.loads(request.body.decode()) user_obj=User.objects.get(uid=uid) username = data['username'] @@ -326,6 +344,10 @@ def update_courses(request, uid): #从课程中心获取用户所选课程并同 def show_user_courses(request, uid): #用户查看自己所选课程 response = {} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') response['code'] = 200 response["data"]=[] usercourse = UserCourse.objects.filter(user__uid=uid) @@ -342,6 +364,10 @@ def show_user_courses(request, uid): #用户查看自己所选课程 def admin_add_task(request, uid, cid): # 课程管理员为选择了所有课的人添加task response={} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') data = json.loads(request.body.decode()) usercourse = UserCourse.objects.get(user__uid=uid, course__cid=cid) this_course = Course.objects.get(course_id=cid) @@ -393,6 +419,10 @@ def admin_add_task(request, uid, cid): # 课程管理员为选择了所有课的 def add_task(request, uid): #用户个人添加task(需要选择或输入participant),传入的json有participant一项列表存储接收者的学号,uid记录发布者(有修改权) response={} #没有course_id项也不需要修改course_id项 + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') data = json.loads(request.body.decode()) print(data['tid']) if data['tid']!=-1: #若此项task已存在则视为修改此task的属性信息 @@ -473,6 +503,10 @@ def add_task(request, uid): #用户个人添加task(需要选择或输入partici def show_user_tasks(request, uid): #用户查看自己的所有任务及ddl response = {} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') try: usertask = UserTask.objects.filter(user__uid=uid, is_deleted=False) response["data"] = [] @@ -481,6 +515,14 @@ def show_user_tasks(request, uid): #用户查看自己的所有任务及ddl response['code'] = 200 for t in usertask: # print(t) + if t.task.urls and "panel=Main" in t.task.urls: + # print(t.task.urls) + if t.is_finished: + homework_url = t.task.urls+"sakai_action=doView_grade" + else: + homework_url = t.task.urls+"sakai_action=doView_submission" + else: + homework_url = t.task.urls response["data"].append({ "tid": t.task.tid, "title": t.task.title, @@ -488,7 +530,7 @@ def show_user_tasks(request, uid): #用户查看自己的所有任务及ddl "content": t.task.content, "platform": t.task.platform, "category": t.task.category, - "urls": t.task.urls, + "urls": homework_url, "ddl_time": t.task.ddl_time, "notification_time": t.notification_time, "notification_alert": t.notification_alert, @@ -516,6 +558,10 @@ def show_user_tasks(request, uid): #用户查看自己的所有任务及ddl def show_course_tasks(request, uid, cid): #用户uid,相应课程cid response={} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') response['code']=200 response['msg']='Success.' response['data'] =[] @@ -524,6 +570,14 @@ def show_course_tasks(request, uid, cid): #用户uid,相应课程cid usertask = UserTask.objects.filter(user__uid=uid, is_deleted=False) #从该用户的所有task中筛选出和cid建立联系的task for ut in usertask: ct=CourseTask.objects.filter(course__cid=cid,task__tid=ut.task.tid) + if ut.task.urls and "panel=Main" in ut.task.urls: + #print(ut.task.urls) + if ut.is_finished: + homework_url = ut.task.urls+"sakai_action=doView_grade" + else: + homework_url = ut.task.urls+"sakai_action=doView_submission" + else: + homework_url = ut.task.urls if ct.exists(): response["data"].append({ "tid": ut.task.tid, @@ -532,7 +586,7 @@ def show_course_tasks(request, uid, cid): #用户uid,相应课程cid "content": ut.task.content, "platform": ut.task.platform, "category": ut.task.category, - "urls": ut.task.urls, + "urls": homework_url, "ddl_time": ut.task.ddl_time, "notification_time": ut.notification_time, "notification_alert": ut.notification_alert, @@ -547,6 +601,10 @@ def show_course_tasks(request, uid, cid): #用户uid,相应课程cid def appoint_course_admin(request, cid, uid): #授予普通用户某门课程的管理权 response={} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') response['code']=200 response['msg']='Success.' usercourse = UserCourse.objects.filter(user__uid=uid,course__cid=cid) @@ -573,6 +631,10 @@ def appoint_course_admin(request, cid, uid): #授予普通用户某门课程的 def alter_task_state(request, uid, tid): response={} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') usertask = UserTask.objects.filter(user__uid=uid,task__tid=tid, is_deleted=False) if usertask.exists(): ut=UserTask.objects.get(user__uid=uid,task__tid=tid) @@ -591,6 +653,10 @@ def add_resources(request, uid, cid): print(uid) print(request) print(cid) + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') try: data = json.loads(request.body.decode()) if not UserCourse.objects.filter(user__uid=uid, course__cid=cid).exists: @@ -620,6 +686,10 @@ def add_resources(request, uid, cid): def show_course_resources(request, uid, cid): response={} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') try: if not UserCourse.objects.filter(user__uid=uid, course__cid=cid).exists: response['code'] = 404 @@ -653,6 +723,10 @@ def show_course_resources(request, uid, cid): def show_course_notifications(request, uid, cid): response={} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') usercourse = UserCourse.objects.filter(course__cid=cid, user__uid=uid) if not usercourse.exists(): response['code'] = 404 @@ -677,6 +751,7 @@ def show_course_notifications(request, uid, cid): def q2ldbchange(request): try: + #""" for t in Task.objects.all(): url=t.urls if url and 'sakai_action=doView' in url: @@ -684,6 +759,7 @@ def q2ldbchange(request): t.urls = preUrl t.save() print(t.urls) + #""" pass except: traceback.print_exc() @@ -691,6 +767,10 @@ def q2ldbchange(request): def delete_task(request, uid, tid): response = {} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') usertask = UserTask.objects.filter(user__uid=uid, task__tid=tid) if usertask.exists(): ut = usertask[0] @@ -710,6 +790,10 @@ def delete_task(request, uid, tid): def personal_setting(request, uid): # 个人设置,如果是GET则直接返回个人设置;如果是POST则修改后返回个人设置 response = {} + if not request.META.get("HTTP_AUTHORIZATION") or not check_password(uid,request.META.get("HTTP_AUTHORIZATION")): + response['code'] = 401 + response['msg'] = "Authorization failed!" + return JsonResponse(response, json_dumps_params={'ensure_ascii':False}, charset='utf_8_sig') user = User.objects.get(uid=uid) # if user.exists(): print(request.method)