def initial(self, request, *args, **kwargs):
super(AppBaseView, self).initial(request, *args, **kwargs)
service_alias = kwargs.get("serviceAlias", None)
if not service_alias:
raise ImportError("You url not contains args - serviceAlias -")
services = TenantServiceInfo.objects.filter(service_alias=service_alias, tenant_id=self.tenant.tenant_id)
if services:
self.service = services[0]
if self.service.tenant_id != self.tenant.tenant_id:
team_info = Tenants.objects.filter(tenant_id=self.service.tenant_id)
if team_info:
raise BusinessException(
response=Response(
general_message(10403, "service team is not current team", "应用{0}不属于当前团队".format(service_alias),
{"service_team_name": team_info[0].tenant_name}),
status=404))
else:
raise BusinessException(
response=Response(
general_message(10403, "service team is not current team", "应用{0}不属于当前团队且其团队不存在".format(
service_alias), {"service_team_name": ""}),
status=404))
# 请求应用资源的数据中心与用户当前页面数据中心不一致
if self.service.service_region != self.response_region:
raise BusinessException(
Response(
general_message(10404, "service region is not current region", "应用{0}不属于当前数据中心".format(service_alias),
{"service_region": self.service.service_region}),
status=404))
else:
raise BusinessException(
Response(general_message(404, "service not found", "应用{0}不存在".format(service_alias)), status=404))
self.initial_header_info(request)
def initial(self, request, *args, **kwargs):
super(PluginBaseView, self).initial(request, *args, **kwargs)
plugin_id = kwargs.get("plugin_id", None)
if not plugin_id:
raise ImportError("You url not contains args - plugin_id -")
tenant_plugin = TenantPlugin.objects.filter(plugin_id=plugin_id)
if tenant_plugin:
self.plugin = tenant_plugin[0]
if self.plugin.tenant_id != self.tenant.tenant_id:
team_info = Tenants.objects.filter(tenant_id=self.plugin.tenant_id)
if team_info:
raise BusinessException(
response=Response(general_message(10403, "plugin team is not current team", "插件不属于当前团队"), status=404))
else:
raise BusinessException(
response=Response(general_message(10403, "current team is not exist", "团队不存在"), status=404))
# 请求应用资源的数据中心与用户当前页面数据中心不一致
if self.plugin.region != self.response_region:
raise BusinessException(
Response(general_message(10404, "plugin region is not current region", "插件不属于当前数据中心"), status=404))
else:
raise BusinessException(Response(general_message(404, "plugin not found", "插件不存在"), status=404))
self.initial_header_info(request)
build_version = kwargs.get("build_version", None)
if build_version:
plugin_build_version = PluginBuildVersion.objects.filter(plugin_id=plugin_id, build_version=build_version)
if plugin_build_version:
self.plugin_version = plugin_build_version[0]
else:
raise BusinessException(
response=Response(
general_message(10403, "plugin id {0}, build version {1} is not exist".format(plugin_id, build_version),
"当前版本插件不存在"),
status=404))
def check_perm(perm, user, tenantName=None, serviceAlias=None):
if isinstance(user, AnonymousUser):
raise PermissionDenied('this resource need login status', redirect_url='/login')
if tenantName is None:
raise UrlParseError(500, 'tenantName is None')
if not hasattr(user, 'actions'):
user.actions = UserActions()
p = PermActions()
try:
tenant = Tenants.objects.get(tenant_name=tenantName)
identitys = team_services.get_user_perm_identitys_in_permtenant(user_id=user.pk, tenant_name=tenant.tenant_name)
role_id_list = team_services.get_user_perm_role_id_in_permtenant(user_id=user.pk, tenant_name=tenant.tenant_name)
if not identitys and not role_id_list:
raise PermRelTenant.DoesNotExist
tenant_actions_tuple = ()
if identitys:
tenant_identity = get_highest_identity(identitys)
tenant_actions = p.keys('tenant_{0}_actions'.format(tenant_identity))
tenant_actions_tuple += tenant_actions
if role_id_list:
for role_id in role_id_list:
perm_tuple = role_perm_repo.get_perm_by_role_id(role_id=role_id)
tenant_actions_tuple += perm_tuple
user.actions.set_actions('tenant', tuple(set(tenant_actions_tuple)))
if serviceAlias is not None:
service = TenantServiceInfo.objects.get(tenant_id=tenant.tenant_id, service_alias=serviceAlias)
user_service_perms_id_list = ServiceRelPerms.objects.filter(
user_id=user.pk, service_id=service.pk).values_list(
"perm_id", flat=True)
perm_codename_list = role_perm_repo.get_perm_list_by_perm_id_list(perm_id_list=user_service_perms_id_list)
user.actions.set_actions('service', perm_codename_list)
except Tenants.DoesNotExist:
raise UrlParseError(404, 'no matching tenantName for {0}'.format(tenantName))
except TenantServiceInfo.DoesNotExist:
raise UrlParseError(404, 'no matching serviceAlias for {0}'.format(serviceAlias))
except PermRelTenant.DoesNotExist:
tenant = Tenants.objects.filter(tenant_name=tenantName)[0]
if not user.is_sys_admin and tenantName != "grdemo":
raise UrlParseError(403, 'no permissions for user {0} on tenant {1}'.format(user.nick_name, tenant.tenant_name))
user.actions.set_actions('tenant', p.keys('tenant_viewer_actions'))
except PermRelService.DoesNotExist:
pass
# if user.is_sys_admin:
# return True
if perm in user.actions:
return True
raise BusinessException(Response(general_message(403, "you don't have enough permissions", "您无权限执行此操作"), status=403))
def initial(self, request, *args, **kwargs):
super(ComposeGroupBaseView, self).initial(request, *args, **kwargs)
group_id = kwargs.get("group_id", None)
if not group_id:
raise ImportError("You url not contains args - group_id -")
group = group_repo.get_group_by_pk(self.tenant.tenant_id, self.response_region, group_id)
if group:
self.group = group
else:
raise BusinessException(Response(general_message(404, "group not found", "组ID{0}不存在".format(group_id)), status=404))
self.initial_header_info(request)
def initial(self, request, *args, **kwargs):
super(ComposeBaseView, self).initial(request, *args, **kwargs)
compose_id = kwargs.get("compose_id", None)
if not compose_id:
raise ImportError("You url not contains args - compose_id -")
group_compose = compose_repo.get_group_compose_by_compose_id(compose_id)
if group_compose:
self.group_compose = group_compose
else:
raise BusinessException(
Response(general_message(404, "compose not found", "compose组{0}不存在".format(compose_id)), status=404))
self.initial_header_info(request)