ok

common/db/db_user.py

@@ -7,6 +7,7 @@ from database import get_db
 from models import *
 from extensions import logger
 from utils import *
+from common.enc import mpfun
 
 def get_user_name_by_id(db: Session, user_id: int) -> str:
     row = db.query(SysUser).filter(SysUser.user_id == user_id).first()
@@ -15,9 +16,9 @@ def get_user_name_by_id(db: Session, user_id: int) -> str:
     
     return ""
 
-
 def get_user_id_by_phonenumber(db: Session, phonenumber: str) -> int:
-    row = db.query(SysUser).filter(SysUser.phonenumber == phonenumber).first()
+    # 手机号码已加密
+    row = db.query(SysUser).filter(SysUser.phonenumber == mpfun.enc_data(phonenumber)).first()
     if row is not None:
         return row.user_id
 

common/enc/three_proofing_responsible_person_data.py

@@ -0,0 +1,79 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+
+from . import mpfun
+from models import *
+from sqlalchemy.orm import Session
+from database import get_local_db
+
+# 三防责任人管理人员信息表
+
+# 加密和HMAC签名
+def sign_row(db: Session, row: ThreeProofingResponsiblePerson) -> None:
+    if row.sign != '':
+        return
+    
+    unit_id = str(row.unit_id) # 单位ID
+    unit_name = mpfun.base64_data(row.unit_name) # 单位名称
+    name = mpfun.base64_data(row.name) # 联系人
+    position = mpfun.base64_data(row.position) # 职务
+    area_code2 = row.area_code2 # 区划编码2
+    area_code = str(row.area_code) # 区划编码
+    phone = mpfun.enc_data(row.phone) # 手机号码
+    telephone = mpfun.enc_data(row.telephone) # 办公电话
+    del_flag = row.del_flag # 是否已删除
+
+    sign_data = ",".join([unit_id, unit_name, name, position, area_code2, area_code, phone, telephone, del_flag])
+    sign_hmac = mpfun.sign_data(sign_data)
+    # print('sign_data:', sign_data)
+    # print('sign_hmac:', sign_hmac)
+
+    row.phone = phone
+    row.telephone = telephone
+    row.sign = sign_hmac
+    
+    db.commit()
+
+# 比较字段合并字符串是否和MAC值匹配上,调用密码服务器[验证HMAC]接口
+def sign_valid_row(row: ThreeProofingResponsiblePerson) -> bool:
+    if row.sign == '':
+        return True
+
+    # 关键字段合并字符串
+    sign_data = get_sign_str(row)
+    # print('sys_user sign_data:', sign_data)
+    
+    # 原HMACSM3数值
+    sign_hmac = row.sign
+    # print('sign_hmac:', sign_hmac)
+
+    return mpfun.hmac_verify(sign_data, sign_hmac)
+
+# 生成待签名的字符串
+def get_sign_str(row: ThreeProofingResponsiblePerson) -> str:
+    unit_id = str(row.unit_id) # 单位ID
+    unit_name = mpfun.base64_data(row.unit_name) # 单位名称
+    name = mpfun.base64_data(row.name) # 联系人
+    position = mpfun.base64_data(row.position) # 职务
+    area_code2 = row.area_code2 # 区划编码2
+    area_code = str(row.area_code) # 区划编码
+    phone = mpfun.enc_data(row.phone) # 手机号码
+    telephone = mpfun.enc_data(row.telephone) # 办公电话
+    del_flag = row.del_flag # 是否已删除
+
+    # 关键字段合并字符串
+    sign_data = ",".join([unit_id, unit_name, name, position, area_code2, area_code, phone, telephone, del_flag])
+    return sign_data
+
+# 生成HAMC签名值
+def get_sign_hmac(row: ThreeProofingResponsiblePerson) -> str:
+    sign_data = get_sign_str(row)
+    return mpfun.sign_data(sign_data) 
+
+# 对所有数据进行签名
+def sign_table():
+    print('sign_three_proofing_responsible_person table =====>>>')
+    with get_local_db() as db:
+        rows = db.query(ThreeProofingResponsiblePerson).filter(ThreeProofingResponsiblePerson.sign == '').all()
+        for row in rows:
+            sign_row(db, row)

jobs/sign_data_job.py

@@ -2,7 +2,6 @@
 # -*- coding: utf-8 -*-
 
 from models.base import *
-from config import settings
 from utils import *
 from extensions import logger
 from datetime import datetime
@@ -12,6 +11,7 @@ from common.enc import sys_user_data, sys_post_data, sys_role_data, sys_dept_dat
 from common.enc import sys_user_role_data, sys_user_post_data, sys_role_dept_data, sys_role_menu_data
 from common.enc import sys_czrz_data
 from common.enc import emergency_contact_info_data
+from common.enc import three_proofing_responsible_person_data
 
 
 # 对数据进行加密处理
@@ -35,9 +35,6 @@ def sign_data_proc():
     # 系统菜单表
     sys_menu_data.sign_table()
     
-    # 系统图层菜单表
-    sys_menu_layer_data.sign_table()
-    
     # 2.系统关联表
     # 用户角色表
     sys_user_role_data.sign_table()
@@ -54,6 +51,9 @@ def sign_data_proc():
     # 业务表
     # 应急预案人员信息表
     emergency_contact_info_data.sign_table()
+
+    # 三防责任人管理人员信息表
+    three_proofing_responsible_person_data.sign_table()
     
     # 操作日志表
     sys_czrz_data.sign_table()

models/three_proofing_responsible_base.py

@@ -22,6 +22,10 @@ class ThreeProofingResponsiblePerson(Base):
     create_by = Column(BigInteger, default=None, comment='创建者')
     update_by = Column(BigInteger, default=None, comment='更新者')
     del_flag = Column(String(1), default='0', comment='删除标志（0代表存在 2代表删除）')
+    sign = Column(String, server_default='', default='', comment='HMACSM3数值')
+
+    class Config:
+        orm_mode = True
 
 
 class ThreeProofingResponsibleType(Base):
@@ -37,6 +41,10 @@ class ThreeProofingResponsibleType(Base):
     create_by = Column(BigInteger, default=None, comment='创建者')
     update_by = Column(BigInteger, default=None, comment='更新者')
     del_flag = Column(String(1), default='0', comment='删除标志（0代表存在 2代表删除）')
+
+    class Config:
+        orm_mode = True
+
 class ThreeProofingResponsibleOtherType(Base):
     __tablename__ = 'three_proofing_responsible_other_type'
 
@@ -51,6 +59,9 @@ class ThreeProofingResponsibleOtherType(Base):
     update_by = Column(BigInteger, default=None, comment='更新者')
     del_flag = Column(String(1), default='0', comment='删除标志（0代表存在 2代表删除）')
 
+    class Config:
+        orm_mode = True
+
 class ThreeProofingResponsiblePersonType(Base):
     __tablename__ = 'three_proofing_responsible_person_type'
 
@@ -65,6 +76,9 @@ class ThreeProofingResponsiblePersonType(Base):
     update_by = Column(BigInteger, default=None, comment='更新者')
     del_flag = Column(String(1), default='0', comment='删除标志（0代表存在 2代表删除）')
 
+    class Config:
+        orm_mode = True
+
 class ThreeProofingResponsiblePersonOtherInfo(Base):
     __tablename__ = 'three_proofing_responsible_person_other_info'
 
@@ -81,6 +95,9 @@ class ThreeProofingResponsiblePersonOtherInfo(Base):
     update_by = Column(BigInteger, default=None, comment='更新者')
     del_flag = Column(String(1), default='0', comment='删除标志（0代表存在 2代表删除）')
 
+    class Config:
+        orm_mode = True
+
 class ThreeProofingResponsiblePersonOtherType(Base):
     __tablename__ = 'three_proofing_responsible_person_other_type'
 
@@ -95,6 +112,8 @@ class ThreeProofingResponsiblePersonOtherType(Base):
     update_by = Column(BigInteger, default=None, comment='更新者')
     del_flag = Column(String(1), default='0', comment='删除标志（0代表存在 2代表删除）')
 
+    class Config:
+        orm_mode = True
 
 class ThreeProofingResponsiblePersonImportFileStatus(Base):
     __tablename__ = 'three_proofing_responsible_person_import_file_status'
@@ -108,4 +127,7 @@ class ThreeProofingResponsiblePersonImportFileStatus(Base):
     create_time = Column(DateTime, default=datetime.now, comment='创建时间')
     update_time = Column(DateTime, default=datetime.now, onupdate=datetime.now, comment='更新时间')
     user_id = Column(String(255), nullable=False, comment='操作账号')
-    remark = Column(Text, comment='备注')
+    remark = Column(Text, comment='备注')
+
+    class Config:
+        orm_mode = True

routers/api/ThreeProofingResponsible/person.py

@@ -22,7 +22,10 @@ from datetime import datetime, timedelta
 import pandas as pd
 import xlrd
 from common.db import db_dept
-from exceptions import AppException
+from exceptions import AppException, HmacException
+from common.enc import mpfun, three_proofing_responsible_person_data
+from common.db import db_czrz
+from common.auth_user import *
 
 router = APIRouter()
 
@@ -30,9 +33,11 @@ router = APIRouter()
 
 @router.post('/create')
 async def create_contact(
-        db: Session = Depends(get_db),
-        body=Depends(remove_xss_json),
-        user_id=Depends(valid_access_token)
+    request: Request,
+    auth_user: AuthUser = Depends(find_auth_user),
+    db: Session = Depends(get_db),
+    body=Depends(remove_xss_json),
+    user_id=Depends(valid_access_token)
 ):
     try:
         # 提取请求数据
@@ -52,7 +57,8 @@ async def create_contact(
             order_num=body['order_num']
         unit_id = db_dept.get_dept_id_by_name(db, unit_name)
         user_id_1 = db_user.get_user_id_by_phonenumber(db,phone)
-        # 创建新的预案记录
+
+        # 创建新的记录
         new_person = ThreeProofingResponsiblePerson(
             unit_id=unit_id,
             unit_name=unit_name,
@@ -69,9 +75,11 @@ async def create_contact(
         # 添加到数据库会话并提交
         type_list = body['type_list']
         if isinstance(type_list,list) and len(type_list)>0:
-
             db.add(new_person)
             db.commit()
+
+            three_proofing_responsible_person_data.sign_table()
+
         else:
             return JSONResponse(status_code=404,content={
                 'code': 404,
@@ -121,7 +129,11 @@ async def create_contact(
             db.rollback()
             traceback.print_exc()
             new_person.del_flag='2'
+
         db.commit()
+
+        db_czrz.log(db, auth_user, "系统管理", f"后台管理新建三防责任人管理人员信息成功", request.client.host)
+
         # 返回创建成功的响应
         return {
             "code": 200,
@@ -137,9 +149,11 @@ async def create_contact(
 
 @router.put('/update')
 async def update_contact(
-        db: Session = Depends(get_db),
-        body=Depends(remove_xss_json),
-        user_id=Depends(valid_access_token)
+    request: Request,
+    auth_user: AuthUser = Depends(find_auth_user),
+    db: Session = Depends(get_db),
+    body=Depends(remove_xss_json),
+    user_id=Depends(valid_access_token)
 ):
     try:
         # 提取请求数据
@@ -156,24 +170,36 @@ async def update_contact(
         person.name = body['name']
         person.area_code = body['area_code']
         area_info = id_get_area_info(db, body['area_code'])
+        
         if area_info:
             person.area_code2 = area_info.area_code
         person.position = body['position']
-        person.phone = body['phone']
+        person.phone = mpfun.enc_data(body['phone'])
+        
         if 'telephone' in body:
-            person.telephone=body['telephone']
+            person.telephone = mpfun.enc_data(body['telephone'])
         person.order_num = body['order_num']
+        
         if body['order_num']=='':
             person.order_num = -1
         person.unit_id = db_dept.get_dept_id_by_name(db, body['unit_name'])
+
+        person.update_by = user_id
+        person.update_time = datetime.now()
+        person.sign = three_proofing_responsible_person_data.get_sign_hmac(person)
+        
+
         type_list = body['type_list']
         old_person_type_list=get_person_type_by_person_id(db,person.id)
+        
         for old_person_type in old_person_type_list:
             old_person_type.del_flag='2'
         old_person_other_info_list = get_person_other_info_by_person_id(db,person.id)
+        
         for old_person_other_info in old_person_other_info_list:
             old_person_other_info.del_flag = '2'
         old_person_other_type_list = get_person_other_type_by_person_id(db,person.id)
+        
         for old_person_other_type in old_person_other_type_list:
             old_person_other_type.del_flag = '2'
 
@@ -219,6 +245,8 @@ async def update_contact(
         # 更新到数据库会话并提交
         db.commit()
 
+        db_czrz.log(db, auth_user, "系统管理", f"后台管理更新三防责任人管理人员信息成功", request.client.host)
+
         # 返回创建成功的响应
         return {
             "code": 200,
@@ -311,8 +339,8 @@ async def get_emergency_contact_list(
                 "area_code": info.area_code,
                 "area_name": area_info.area_name,
                 "position": info.position,
-                "phone": info.phone,
-                "telephone":info.telephone,
+                "phone": mpfun.dec_data(info.phone),
+                "telephone": mpfun.dec_data(info.telephone),
                 "order_num": order_num,
                 "online_status":'0',
                 "create_time": info.create_time.strftime('%Y-%m-%d %H:%M:%S'),
@@ -366,8 +394,8 @@ async def get_emergency_contact_id_info(
             "area_code":contact.area_code,
             "area_name": area_info.area_name,
             "position": contact.position,
-            "phone": contact.phone,
-            "telephone":contact.telephone,
+            "phone": mpfun.dec_data(contact.phone),
+            "telephone":mpfun.dec_data(contact.telephone),
             "order_num":order_num,
             "online_status":'0',
             "create_time": contact.create_time.strftime('%Y-%m-%d %H:%M:%S'),
@@ -424,10 +452,12 @@ async def get_emergency_contact_id_info(
 
 @router.delete('/delete')
 async def delete_emergency_plans(
-        ids: list,
-        db: Session = Depends(get_db),
-        body=Depends(remove_xss_json),
-        user_id=Depends(valid_access_token)
+    request: Request,
+    ids: list,
+    db: Session = Depends(get_db),
+    body=Depends(remove_xss_json),
+    auth_user: AuthUser = Depends(find_auth_user),
+    user_id=Depends(valid_access_token)
 ):
     try:
         # 提取请求数据
@@ -442,10 +472,14 @@ async def delete_emergency_plans(
             })
         for contact in contacts:
             contact.del_flag = '2'
-            contact.create_by = user_id
+            contact.update_by = user_id
+            contact.update_time = datetime.now()
+            contact.sign = three_proofing_responsible_person_data.get_sign_hmac(contact)
         # 更新到数据库会话并提交
         db.commit()
 
+        db_czrz.log(db, auth_user, "系统管理", f"后台管理删除三防责任人管理人员信息成功", request.client.host)
+
         # 返回创建成功的响应
         return {
             "code": 200,
@@ -460,10 +494,12 @@ async def delete_emergency_plans(
 
 @router.delete('/delete/{id}')
 async def delete_emergency_plans(
-        id: int,
-        db: Session = Depends(get_db),
-        body=Depends(remove_xss_json),
-        user_id=Depends(valid_access_token)
+    request: Request,
+    id: int,
+    db: Session = Depends(get_db),
+    body=Depends(remove_xss_json),
+    auth_user: AuthUser = Depends(find_auth_user),
+    user_id=Depends(valid_access_token)
 ):
     try:
         contact = get_person_info_by_id(db, id)
@@ -473,10 +509,14 @@ async def delete_emergency_plans(
                 'errmsg': '联系人不存在'
             })
         contact.del_flag = '2'
-        contact.create_by = user_id
+        contact.update_by = user_id
+        contact.update_time = datetime.now()
+        contact.sign = three_proofing_responsible_person_data.get_sign_hmac(contact)
         # 更新到数据库会话并提交
         db.commit()
 
+        db_czrz.log(db, auth_user, "系统管理", f"后台管理删除三防责任人管理人员信息成功", request.client.host)
+
         # 返回创建成功的响应
         return {
             "code": 200,
@@ -505,6 +545,7 @@ def string_type_parent_id_create_data(db,string,type_parent_id,file_info,new_per
             file_info.remark= file_info.remark+f'\n行<{row+1}>责任类别未找到<{type_name}>'
             return reslte ,False
     return reslte ,True
+
 def other_type_string_type_parent_id_create_data(db,string,type_parent_id,file_info,new_person,user_id,row) :
     type_name_list = [i for i in string.split('，')]
     reslte = []
@@ -523,6 +564,7 @@ def other_type_string_type_parent_id_create_data(db,string,type_parent_id,file_i
             file_info.error_num +=1
             return reslte ,False
     return reslte ,True
+
 def import_data(db,file_path,user_id,file_info):
 
     import_status = True
@@ -564,7 +606,7 @@ def import_data(db,file_path,user_id,file_info):
         phone_list = [i for i in phone.split('，')]
         user_id_1=-1
         for i in phone_list:
-            user_id_1 = db_user.get_user_id_by_phonenumber(db,i)
+            user_id_1 = db_user.get_user_id_by_phonenumber(db, i)
             if user_id_1 != -1:
                 break
 
@@ -589,6 +631,7 @@ def import_data(db,file_path,user_id,file_info):
                 import_status = False
             area_code2 = area_code.area_code
             area_code = area_code.id
+        
         new_person = ThreeProofingResponsiblePerson(
             unit_id=unit_id,
             unit_name=unit_name,
@@ -600,11 +643,14 @@ def import_data(db,file_path,user_id,file_info):
             telephone=telephone,
             user_id=user_id_1,
             order_num=order_num,
-            create_by=user_id
+            create_by=user_id,
+            sign = ''
         )
         data.append(new_person)
         db.add(new_person)
         db.commit()
+
+
         # 党委政府
         a1 = sheet.cell(row, 6).value
         if a1 != '':
@@ -819,13 +865,17 @@ def import_data(db,file_path,user_id,file_info):
             db.delete(info)
     file_info.status = 2
     db.commit()
+
+    three_proofing_responsible_person_data.sign_table()
+
 @router.post('/createImport')
 async def create_contact(
-        background_tasks: BackgroundTasks,
-        db: Session = Depends(get_db),
-        body=Depends(remove_xss_json),
-        user_id=Depends(valid_access_token),
-
+    request: Request,
+    background_tasks: BackgroundTasks,
+    db: Session = Depends(get_db),
+    body=Depends(remove_xss_json),
+    auth_user: AuthUser = Depends(find_auth_user),
+    user_id=Depends(valid_access_token)
 ):
     try:
         # 提取请求数据
@@ -854,6 +904,8 @@ async def create_contact(
         db.commit()
         background_tasks.add_task(import_data,db,file_path, user_id,new_file)
 
+        
+        db_czrz.log(db, auth_user, "系统管理", f"后台管理导入三防责任人管理人员信息成功", request.client.host)
 
         # 返回创建成功的响应
         return {

routers/api/ThreeProofingResponsible/person_self.py

@@ -21,7 +21,10 @@ from utils import *
 from datetime import datetime, timedelta
 import pandas as pd
 from common.db import db_dept
-from exceptions import AppException
+from exceptions import AppException, HmacException
+from common.enc import mpfun, three_proofing_responsible_person_data
+from common.db import db_czrz
+from common.auth_user import *
 
 router = APIRouter()
 
@@ -29,9 +32,11 @@ router = APIRouter()
 
 @router.post('/create')
 async def create_contact(
-        db: Session = Depends(get_db),
-        body=Depends(remove_xss_json),
-        user_id=Depends(valid_access_token)
+    request: Request,
+    auth_user: AuthUser = Depends(find_auth_user),
+    db: Session = Depends(get_db),
+    body=Depends(remove_xss_json),
+    user_id=Depends(valid_access_token)
 ):
     try:
         # 提取请求数据
@@ -109,7 +114,7 @@ async def create_contact(
                         other_type_2_name=other_type_2_name,
                         denger_point_name=denger_point_name,
                         person_id=new_person.id,
-                        create_by=user_id
+                        create_by=user_id,
                     )
                     db.add(new_person_other_info)
         except:
@@ -118,6 +123,9 @@ async def create_contact(
             new_person.del_flag='2'
 
         db.commit()
+
+        db_czrz.log(db, auth_user, "系统管理", f"后台管理新建三防责任人管理人员信息成功", request.client.host)
+
         # 返回创建成功的响应
         return {
             "code": 200,
@@ -132,9 +140,11 @@ async def create_contact(
 
 @router.put('/update')
 async def update_contact(
-        db: Session = Depends(get_db),
-        body=Depends(remove_xss_json),
-        user_id=Depends(valid_access_token)
+    request: Request,
+    auth_user: AuthUser = Depends(find_auth_user),
+    db: Session = Depends(get_db),
+    body=Depends(remove_xss_json),
+    user_id=Depends(valid_access_token)
 ):
     try:
         # 提取请求数据
@@ -151,11 +161,16 @@ async def update_contact(
         person.name = body['name']
         person.area_code = body['area_code']
         person.position = body['position']
-        person.phone = body['phone']
+        person.phone = mpfun.enc_data(body['phone'])
         if 'telephone' in body:
-            person.telephone=body['telephone']
+            person.telephone=mpfun.enc_data(body['telephone'])
         person.order_num = body['order_num']
         person.unit_id = db_dept.get_dept_id_by_name(db, body['unit_name'])
+
+        person.update_by = user_id
+        person.update_time = datetime.now()
+        person.sign = three_proofing_responsible_person_data.get_sign_hmac(person)
+
         type_list = body['type_list']
         old_person_type_list = get_person_type_by_person_id(db, person.id)
         for old_person_type in old_person_type_list:
@@ -208,6 +223,8 @@ async def update_contact(
         # 更新到数据库会话并提交
         db.commit()
 
+        db_czrz.log(db, auth_user, "系统管理", f"后台管理更新三防责任人管理人员信息成功", request.client.host)
+
         # 返回创建成功的响应
         return {
             "code": 200,
@@ -323,8 +340,8 @@ async def get_emergency_contact_id_info(
             "area_code":contact.area_code,
             "area_name": area_info.area_name,
             "position": contact.position,
-            "phone": contact.phone,
-            "telephone":contact.telephone,
+            "phone": mpfun.dec_data(contact.phone),
+            "telephone": mpfun.dec_data(contact.telephone),
             "order_num":order_num,
             "online_status":'0',
             "create_time": contact.create_time.strftime('%Y-%m-%d %H:%M:%S'),