def create_tenant_role(self, user_id, tenant_name, role_id_list):
"""修改用户在团队中的角色"""
tenant = self.get_tenant(tenant_name=tenant_name)
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
user_role = role_repo.add_user_role_in_tenant_by_user_id_tenant_id_role_id(
user_id=user_id, tenant_id=tenant.pk, enterprise_id=enterprise.pk, role_id_list=role_id_list)
return user_role
def get_or_create_user_and_enterprise(self, oauth_user):
try:
user = user_repo.get_enterprise_user_by_username(
oauth_user.enterprise_id, oauth_user.name)
except Users.DoesNotExist:
user_info = dict()
user_info["email"] = oauth_user.email
user_info["nick_name"] = oauth_user.name
user_info["client_ip"] = oauth_user.client_ip
user_info["phone"] = oauth_user.phone
user_info["real_name"] = oauth_user.real_name
user_info["is_active"] = 1
password = "******"
user_info["enterprise_center_user_id"] = oauth_user.id
user = Users(**user_info)
user.set_password(password)
user.save()
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
oauth_user.enterprise_id)
if not enterprise:
enterprise = enterprise_services.create_oauth_enterprise(
oauth_user.enterprise_domain, oauth_user.enterprise_name,
oauth_user.enterprise_id)
user_services.make_user_as_admin_for_enterprise(
user.user_id, enterprise.enterprise_id)
user.enterprise_id = enterprise.enterprise_id
user.save()
return user
def post(self, request):
serializer = CreateTeamReqSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
team_data = serializer.data
en = enterprise_services.get_enterprise_by_enterprise_id(request.data.get("enterprise_id"))
if not en:
raise serializers.ValidationError("指定企业不存在")
region = None
if team_data.get("region", None):
region = region_services.get_region_by_region_name(team_data.get("region"))
if not region:
raise serializers.ValidationError("指定数据中心不存在")
try:
user = user_services.get_user_by_user_id(team_data.get("creater", 0))
except UserNotExistError:
user = request.user
code, msg, team = team_services.create_team(user, en, team_alias=team_data["tenant_name"])
if code == 200 and region:
code, message, bean = region_services.create_tenant_on_region(team.tenant_name, region.region_name)
if code != 200:
team.delete()
raise serializers.ValidationError("数据中心创建团队时发生错误")
if code == 200:
re = TeamBaseInfoSerializer(team)
return Response(re.data, status=status.HTTP_201_CREATED)
else:
return Response(None, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def get(self, request, *args, **kwargs):
enterprise_id = request.GET.get("enterprise_id", None)
if enterprise_id:
enter = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id)
if not enter:
return Response(
generate_result("0404", "enterprise is not found", "企业不存在"))
try:
tenant_list = tenant_service.get_all_tenant()
if not tenant_list:
result = generate_result('0000', 'success', '查询成功', list=[])
return Response(result)
bean = dict()
bean["tenant_num"] = len(tenant_list)
user_list = user_repo.get_all_users()
bean["user_num"] = len(user_list)
sort_list = []
cursor = connection.cursor()
cursor.execute(
"select t.tenant_alias,t.tenant_id, count(s.ID) as num from tenant_info as t left join tenant_service as s on t.tenant_id=s.tenant_id group by tenant_id order by num desc limit 0,5;")
tenant_tuples = cursor.fetchall()
for tenant_tuple in tenant_tuples:
tenant_alias_list = list()
tenant_alias_list.append(tenant_tuple[0])
sort_list.append(tenant_alias_list)
result = generate_result('0000', 'success', '查询成功', list=sort_list, bean=bean)
except Exception as e:
logger.exception(e)
result = generate_result('9999', 'system error', '系统异常')
return Response(result)
else:
result = generate_result("1003", "the enterprise alias cannot be empty", "企业别名不能为空")
return Response(result)
def post(self, request, *args, **kwargs):
"""
"""
try:
username = request.data.get("username", None)
enterprise_id = request.data.get("enterprise_id", None)
enterprise_alias = request.data.get("enterprise_alias", None)
# 校验参数
if not username or not enterprise_id or not enterprise_alias:
return Response(generate_result(
"1003", "params error", "参数错误"))
user_obj = user_repo.get_user_by_user_name(username)
if not user_obj:
return Response(generate_result(
"1004", "user already exists", "用户在控制台不存在"))
# 查询企业信息
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id)
# 判断用户是否为企业管理员
if user_services.is_user_admin_in_current_enterprise(user_obj, enterprise.enterprise_id):
bean_dict = {"user_info": user_obj.to_dict()}
return Response(generate_result("0000", "success", "当前用户已经是企业管理员,已同步至管理后台", bean_dict))
# 添加企业管理员
enterprise_user_perm_repo.create_enterprise_user_perm(user_obj.user_id, enterprise.enterprise_id, "admin")
bean = {"user_info": user_obj.to_dict()}
result = generate_result("0000", "success", "添加成功", bean=bean)
except Exception as e:
logger.exception(e)
result = generate_error_result()
return Response(result)
def add_user_to_team(self, request, tenant, user_ids, identitys):
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
enterprise_id=tenant.enterprise_id)
if enterprise:
user = request.user
user_perms = team_services.get_user_perm_identitys_in_permtenant(
user_id=user.user_id, tenant_name=tenant.tenant_name)
user_ids = [int(r) for r in list(set(user_ids))]
exist_team_user = PermRelTenant.objects.filter(
tenant_id=tenant.ID, user_id__in=user_ids).all()
remove_ids = list()
exist = []
for user in exist_team_user:
exist.append(user.user_id)
new_user_list = list()
if ('admin' in user_perms) or ('owner' in user_perms):
for user_id in user_ids:
if user_id not in exist:
for identity in identitys:
new_user_list.append(
PermRelTenant(user_id=user_id,
tenant_id=tenant.pk,
identity=identity,
enterprise_id=enterprise.ID))
if new_user_list:
try:
PermRelTenant.objects.bulk_create(new_user_list)
except Exception as e:
logging.exception(e)
finally:
return remove_ids
else:
return None
def get_oauth_services(self):
rst = []
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
self.enterprise_id)
if enterprise.ID != 1:
oauth_services = OAuthServices.objects.filter(
~Q(oauth_type="enterprisecenter"),
eid=enterprise.enterprise_id,
is_deleted=False,
enable=True)
else:
oauth_services = OAuthServices.objects.filter(
eid=enterprise.enterprise_id, is_deleted=False, enable=True)
if oauth_services:
for oauth_service in oauth_services:
try:
api = get_oauth_instance(oauth_service.oauth_type,
oauth_service, None)
authorize_url = api.get_authorize_url()
rst.append({
"service_id": oauth_service.ID,
"enable": oauth_service.enable,
"name": oauth_service.name,
"oauth_type": oauth_service.oauth_type,
"is_console": oauth_service.is_console,
"home_url": oauth_service.home_url,
"eid": oauth_service.eid,
"is_auto_login": oauth_service.is_auto_login,
"is_git": oauth_service.is_git,
"authorize_url": authorize_url,
})
except NoSupportOAuthType:
continue
return rst
def __init_region_resource_data(self, region, level="open"):
region_resource = {}
region_resource["region_id"] = region.region_id
region_resource["region_alias"] = region.region_alias
region_resource["region_name"] = region.region_name
region_resource["status"] = region.status
region_resource["region_type"] = (json.loads(region.region_type)
if region.region_type else [])
region_resource["enterprise_id"] = region.enterprise_id
region_resource["url"] = region.url
region_resource["scope"] = region.scope
if level == "open":
region_resource["wsurl"] = region.wsurl
region_resource["httpdomain"] = region.httpdomain
region_resource["tcpdomain"] = region.tcpdomain
region_resource["ssl_ca_cert"] = region.ssl_ca_cert
region_resource["cert_file"] = region.cert_file
region_resource["key_file"] = region.key_file
region_resource["desc"] = region.desc
region_resource["total_memory"] = 0
region_resource["used_memory"] = 0
region_resource["total_cpu"] = 0
region_resource["used_cpu"] = 0
region_resource["total_disk"] = 0
region_resource["used_disk"] = 0
region_resource["rbd_version"] = "unknown"
region_resource["health_status"] = "ok"
region_resource["enterprise_id"] = region.enterprise_id
enterprise_info = enterprise_services.get_enterprise_by_enterprise_id(
region.enterprise_id)
if enterprise_info:
region_resource[
"enterprise_alias"] = enterprise_info.enterprise_alias
return region_resource
def get(self, req):
ent = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=req.user.enterprise_id)
if ent is None:
raise Response({"msg": "企业不存在"}, status.HTTP_404_NOT_FOUND)
data = config_service.list_by_keys(config_service.base_cfg_keys)
data["ENTERPRISE_ALIAS"] = ent.enterprise_alias
serializer = BaseConfigRespSerializer(data)
return Response(serializer.data)
def get(self, request, *args, **kwargs):
"""
查询我的详情
---
"""
code = 200
user = self.user
tenants = team_services.get_current_user_tenants(user_id=user.user_id)
user_detail = dict()
user_detail["user_id"] = user.user_id
user_detail["user_name"] = user.nick_name
user_detail["email"] = user.email
user_detail["enterprise_id"] = user.enterprise_id
user_detail["phone"] = user.phone
user_detail["git_user_id"] = user.git_user_id
user_detail["is_sys_admin"] = user.is_sys_admin
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
user.enterprise_id)
user_detail["is_enterprise_active"] = enterprise.is_active
user_detail["is_enterprise_admin"] = self.is_enterprise_admin
tenant_list = list()
for tenant in tenants:
tenant_info = dict()
is_team_owner = False
team_region_list = region_services.get_region_list_by_team_name(
team_name=tenant.tenant_name)
tenant_info["team_id"] = tenant.ID
tenant_info["team_name"] = tenant.tenant_name
tenant_info["team_alias"] = tenant.tenant_alias
tenant_info["limit_memory"] = tenant.limit_memory
tenant_info["pay_level"] = tenant.pay_level
tenant_info["region"] = team_region_list
tenant_info["creater"] = tenant.creater
tenant_info["create_time"] = tenant.create_time
if tenant.creater == user.user_id:
is_team_owner = True
role_list = user_kind_role_service.get_user_roles(
kind="team", kind_id=tenant.tenant_id, user=user)
tenant_info["role_name_list"] = role_list["roles"]
perms = user_kind_perm_service.get_user_perms(
kind="team",
kind_id=tenant.tenant_id,
user=user,
is_owner=is_team_owner,
is_ent_admin=self.is_enterprise_admin)
tenant_info["tenant_actions"] = perms["permissions"]
tenant_info["is_team_owner"] = is_team_owner
tenant_list.append(tenant_info)
user_detail["teams"] = tenant_list
oauth_services = oauth_user_repo.get_user_oauth_services_info(
eid=request.user.enterprise_id, user_id=request.user.user_id)
user_detail["oauth_services"] = oauth_services
result = general_message(code,
"Obtain my details to be successful.",
"获取我的详情成功",
bean=user_detail)
return Response(result, status=code)
def add_user_role_to_team(self, tenant, user_ids, role_ids):
"""在团队中添加一个用户并给用户分配一个角色"""
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
if enterprise:
for user_id in user_ids:
# for role_id in role_ids:
PermRelTenant.objects.update_or_create(user_id=user_id, tenant_id=tenant.pk, enterprise_id=enterprise.pk)
user = user_repo.get_by_user_id(user_id)
user_kind_role_service.update_user_roles(kind="team", kind_id=tenant.tenant_id, user=user, role_ids=role_ids)
def post(self, request, enterprise_id, *args, **kwargs):
tenant_name = request.data.get("tenant_name", None)
user_name = request.data.get("user_name", None)
email = request.data.get("email", None)
password = request.data.get("password", None)
re_password = request.data.get("re_password", None)
role_ids = request.data.get("role_ids", None)
phone = request.data.get("phone", None)
real_name = request.data.get("real_name", None)
tenant = team_services.get_tenant_by_tenant_name(tenant_name)
if len(password) < 8:
result = general_message(400, "len error", "密码长度最少为8位")
return Response(result)
# check user info
is_pass, msg = user_services.check_params(user_name, email, password,
re_password,
request.user.enterprise_id)
if not is_pass:
result = general_message(403, "user information is not passed",
msg)
return Response(result)
client_ip = user_services.get_client_ip(request)
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
enterprise_id)
# create user
oauth_instance, _ = user_services.check_user_is_enterprise_center_user(
request.user.user_id)
if oauth_instance:
user = user_services.create_enterprise_center_user_set_password(
user_name, email, password, "admin add", enterprise, client_ip,
phone, real_name, oauth_instance)
else:
user = user_services.create_user_set_password(
user_name, email, password, "admin add", enterprise, client_ip,
phone, real_name)
result = general_message(200, "success", "添加用户成功")
if tenant:
create_perm_param = {
"user_id": user.user_id,
"tenant_id": tenant.ID,
"identity": "",
"enterprise_id": enterprise.ID,
}
team_repo.create_team_perms(**create_perm_param)
if role_ids:
user_kind_role_service.update_user_roles(
kind="team",
kind_id=tenant.tenant_id,
user=user,
role_ids=role_ids)
user.is_active = True
user.save()
result = general_message(200, "success", "添加用户成功")
return Response(result)
def user_is_exist_in_team(self, user_list, tenant_name):
"""判断一个用户是否存在于一个团队中"""
tenant = self.get_tenant(tenant_name=tenant_name)
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
for user_id in user_list:
obj = PermRelTenant.objects.filter(user_id=user_id, tenant_id=tenant.pk, enterprise_id=enterprise.pk)
if obj:
return obj[0].user_id
else:
return False
def post(self, request, *args, **kwargs):
"""
同步下载云市组详情模板到云帮
---
parameters:
- name: tenantName
description: 团队名称
required: true
type: string
paramType: path
- name: body
description: 需要同步的应用[{"group_key":"xxxxxxx","version":"xxxxxx","template_version":"xxxx"}]
required: true
type: string
paramType: body
"""
try:
group_key = request.data.get("group_key", None)
group_version = request.data.get("group_version", [])
template_version = request.data.get("template_version", "v2")
if not group_version or not group_key:
return Response(general_message(400, "app is null",
"请指明需要更新的应用"),
status=400)
ent = enterprise_repo.get_enterprise_by_enterprise_id(
self.tenant.enterprise_id)
if ent and not ent.is_active:
result = general_message(10407, "failed", "用户未跟云市认证")
return Response(result, 500)
if not self.user.is_sys_admin:
if not user_services.is_user_admin_in_current_enterprise(
self.user, self.tenant.enterprise_id):
return Response(general_message(
403, "current user is not enterprise admin",
"非企业管理员无法进行此操作"),
status=403)
logger.debug("start synchronized market apps detail")
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
self.tenant.enterprise_id)
if not enterprise.is_active:
return Response(general_message(10407,
"enterprise is not active",
"您的企业未激活"),
status=403)
for version in group_version:
market_sycn_service.down_market_group_app_detail(
self.user, self.tenant, group_key, version,
template_version)
result = general_message(200, "success", "应用同步成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def post(self, request):
"""
初始化团队和数据中心信息
---
parameters:
- name: team_alias
description: 团队别名
required: true
type: string
paramType: form
- name: region_name
description: 数据中心名称
required: true
type: string
paramType: form
"""
try:
team_alias = request.data.get("team_alias", None)
region_name = request.data.get("region_name", None)
if not team_alias:
return Response(general_message(400, "team alias is null", "团队名称不能为空"), status=400)
if not region_name:
return Response(general_message(400, "region name is null", "请选择数据中心"), status=400)
r = re.compile('^[a-zA-Z0-9_\\-\\u4e00-\\u9fa5]+$')
if not r.match(team_alias):
return Response(general_message(400, "team alias is not allow", "组名称只支持中英文下划线和中划线"), status=400)
team = team_services.get_team_by_team_alias(team_alias)
if team:
return Response(general_message(409, "region alias is exist", "团队名称{0}已存在".format(team_alias)), status=409)
region = region_repo.get_region_by_region_name(region_name)
if not region:
return Response(general_message(404, "region not exist", "需要开通的数据中心{0}不存在".format(region_name)), status=404)
enterprise = console_enterprise_service.get_enterprise_by_enterprise_id(self.user.enterprise_id)
if not enterprise:
return Response(general_message(404, "user's enterprise is not found", "无法找到用户所在的数据中心"))
team = team_services.create_team(self.user, enterprise, [region_name], team_alias)
# 为团队开通默认数据中心并在数据中心创建租户
tenant_region = region_services.create_tenant_on_region(enterprise.enterprise_id, team.tenant_name, team.region)
# 公有云,如果没有领过资源包,为开通的数据中心领取免费资源包
if settings.MODULES.get('SSO_LOGIN'):
result = region_services.get_enterprise_free_resource(tenant_region.tenant_id, enterprise.enterprise_id,
tenant_region.region_name, self.user.nick_name)
logger.debug("get free resource on [{}] to team {}: {}".format(tenant_region.region_name, team.tenant_name,
result))
self.user.is_active = True
self.user.save()
result = general_message(200, "success", "初始化成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def add_user_to_team(self, tenant, user_id, role_ids=None):
user = user_repo.get_by_user_id(user_id)
if not user:
raise ServiceHandleException(msg="user not found", msg_show="用户不存在", status_code=404)
exist_team_user = PermRelTenant.objects.filter(tenant_id=tenant.ID, user_id=user.user_id)
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
if exist_team_user:
raise ServiceHandleException(msg="user exist", msg_show="用户已经加入此团队")
PermRelTenant.objects.create(tenant_id=tenant.ID, user_id=user.user_id, identity="", enterprise_id=enterprise.ID)
if role_ids:
user_kind_role_service.update_user_roles(kind="team", kind_id=tenant.tenant_id, user=user, role_ids=role_ids)
def add_user_to_team_by_viewer(self, tenant, user_id):
"""在团队中添加一个用户并给用户分配一个默认viewer权限"""
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
enterprise_id=tenant.enterprise_id)
if enterprise:
viewer = user_role_repo.get_viewer_role()
PermRelTenant.objects.update_or_create(user_id=user_id,
tenant_id=tenant.pk,
identity="viewer",
enterprise_id=enterprise.pk,
role_id=viewer.pk)
def get(self, request, team_name):
"""
查询企业的充值记录
---
parameters:
- name: start
description: 开始时间
required: true
type: string
paramType: query
- name: end
description: 结束时间
required: true
type: string
paramType: query
- name: page
description: 页数(默认第一页)
required: false
type: string
paramType: query
- name: page_size
description: 每页展示个数(默认10个)
required: false
type: string
paramType: query
"""
try:
start_time = request.GET.get("start")
end_time = request.GET.get("end")
page = request.GET.get("page", 1)
page_size = request.GET.get("page_size", 10)
team = team_services.get_tenant_by_tenant_name(team_name)
if not team:
return Response(general_message(404, "team not found",
"团队{0}不存在".format(team_name)),
status=404)
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
team.enterprise_id)
res, data = market_api.get_enterprise_recharge_records(
team.tenant_id, enterprise.enterprise_id, start_time, end_time,
page, page_size)
result = general_message(200,
"get recharge record success",
"查询成功",
list=data["data"]["list"],
total=data["data"]["total"])
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def change_tenant_role(self, user_id, tenant_name, role_id_list):
"""修改用户在团队中的角色"""
try:
tenant = self.get_tenant(tenant_name=tenant_name)
except Tenants.DoesNotExist:
tenant = self.get_team_by_team_id(tenant_name)
if tenant is None:
raise Tenants.DoesNotExist()
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
user_role = role_repo.update_user_role_in_tenant_by_user_id_tenant_id_role_id(
user_id=user_id, tenant_id=tenant.pk, enterprise_id=enterprise.pk, role_id_list=role_id_list)
return user_role
def add_user_to_team_by_viewer(self, tenant, user_id):
"""在团队中添加一个用户并给用户分配一个默认viewer权限"""
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
if enterprise:
try:
PermRelTenant.objects.update_or_create(
user_id=user_id, tenant_id=tenant.pk, identity="viewer", enterprise_id=enterprise.pk)
except Exception as e:
logging.exception(e)
raise Exception("创建失败:%s" % e.message)
else:
return None
def post(self, request, *args, **kwargs):
"""
新建团队
---
parameters:
- name: team_alias
description: 团队名
required: true
type: string
paramType: body
- name: useable_regions
description: 可用数据中心 ali-sh,ali-hz
required: false
type: string
paramType: body
"""
try:
user = request.user
team_alias = request.data.get("team_alias", None)
useable_regions = request.data.get("useable_regions", "")
regions = []
if not team_alias:
result = general_message(400, "failed", "团队名不能为空")
return Response(result, status=400)
if useable_regions:
regions = useable_regions.split(",")
if Tenants.objects.filter(tenant_alias=team_alias, enterprise_id=user.enterprise_id).exists():
result = general_message(400, "failed", "该团队名已存在")
return Response(result, status=400)
else:
enterprise = console_enterprise_service.get_enterprise_by_enterprise_id(self.user.enterprise_id)
if not enterprise:
return Response(general_message(500, "user's enterprise is not found", "无企业信息"), status=500)
team = team_services.create_team(self.user, enterprise, regions, team_alias)
for r in regions:
try:
region_services.create_tenant_on_region(enterprise.enterprise_id, team.tenant_name, r)
except ServiceHandleException as e:
logger.exception(e)
except Exception as e:
logger.exception(e)
return Response(general_message(200, "success", "团队添加成功", bean=team.to_dict()))
except TenantExistError as e:
logger.exception(e)
code = 400
result = general_message(code, "team already exists", "该团队已存在")
return Response(result, status=code)
except NoEnableRegionError as e:
logger.exception(e)
code = 400
result = general_message(code, "no enable region", "无可用数据中心")
return Response(result, status=code)
def add_user_role_to_team(self, tenant, user_ids, role_ids):
"""在团队中添加一个用户并给用户分配一个角色"""
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
enterprise_id=tenant.enterprise_id)
if enterprise:
for user_id in user_ids:
for role_id in role_ids:
PermRelTenant.objects.update_or_create(
user_id=user_id,
tenant_id=tenant.pk,
enterprise_id=enterprise.pk,
role_id=role_id,
defaults={"role_id": role_id})
def __process_invite_tenant(self, user, data):
email, tenant_name, identity = data[1], data[2], data[3]
tenant = team_services.get_tenant_by_tenant_name(tenant_name)
tenant_perm = perm_services.get_user_tenant_perm(tenant.ID, user.user_id)
if not tenant_perm:
invite_enter = enterprise_services.get_enterprise_by_enterprise_id(tenant.enterprise_id)
perm_info = {
"user_id": user.user_id,
"tenant_id": tenant.ID,
"identity": identity,
"enterprise_id": invite_enter.pk
}
perm_services.add_user_tenant_perm(perm_info)
def change_tenant_identity(self, user_id, tenant_name, new_identitys):
tenant = self.get_tenant_by_tenant_name(tenant_name=tenant_name)
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
team_repo.delete_user_perms_in_permtenant(user_id=user_id, tenant_id=tenant.ID)
new_perm_list = list()
for identity in new_identitys:
new_perm_list.append(
PermRelTenant(user_id=user_id, tenant_id=tenant.pk, identity=identity, enterprise_id=enterprise.ID))
if new_perm_list:
try:
PermRelTenant.objects.bulk_create(new_perm_list)
except Exception as e:
logging.exception(e)
def post(self, request, enterprise_id, *args, **kwargs):
user_id = request.data.get("user_id")
try:
user = user_services.get_user_by_user_id(user_id)
ent = enterprise_services.get_enterprise_by_enterprise_id(
enterprise_id)
if ent is None:
result = general_message(404, "no found", "未找到该企业")
else:
user_services.create_admin_user(user, ent)
result = general_message(201, "success", None)
except UserNotExistError:
result = general_message(404, "no found", "未找到该用户")
return Response(result, status=201)
def user_is_exist_in_team(self, user_list, tenant_name):
"""判断一个用户是否存在于一个团队中"""
try:
tenant = self.get_tenant(tenant_name=tenant_name)
except Tenants.DoesNotExist:
tenant = self.get_team_by_team_id(tenant_name)
if tenant is None:
raise Tenants.DoesNotExist()
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
for user_id in user_list:
obj = PermRelTenant.objects.filter(user_id=user_id, tenant_id=tenant.pk, enterprise_id=enterprise.pk)
if obj:
return obj[0].user_id
return False
def post(self, request, enterprise_id, *args, **kwargs):
tenant_name = request.data.get("tenant_name", None)
user_name = request.data.get("user_name", None)
email = request.data.get("email", None)
password = request.data.get("password", None)
re_password = request.data.get("re_password", None)
role_ids = request.data.get("role_ids", None)
if len(password) < 8:
result = general_message(400, "len error", "密码长度最少为8位")
return Response(result)
# 校验用户信息
is_pass, msg = user_services.check_params(user_name, email, password,
re_password)
if not is_pass:
result = general_message(403, "user information is not passed",
msg)
return Response(result)
client_ip = user_services.get_client_ip(request)
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
enterprise_id)
# 创建用户
user = user_services.create_user_set_password(user_name, email,
password, "admin add",
enterprise, client_ip)
result = general_message(200, "success", "添加用户成功")
if role_ids:
try:
role_id_list = [int(id) for id in role_ids.split(",")]
except Exception as e:
logger.exception(e)
code = 400
result = general_message(code, "params is empty", "参数格式不正确")
return Response(result, status=code)
for id in role_id_list:
if id not in team_services.get_all_team_role_id(
tenant_name=tenant_name):
code = 400
result = general_message(code, "The role does not exist",
"该角色在团队中不存在")
return Response(result, status=code)
# 创建用户团队关系表
if tenant_name:
team_services.create_tenant_role(user_id=user.user_id,
tenant_name=tenant_name,
role_id_list=role_id_list)
user.is_active = True
user.save()
result = general_message(200, "success", "添加用户成功")
return Response(result)
def get(self, request, *args, **kwargs):
"""
查询我的详情
---
"""
try:
p = PermActions()
code = 200
user = self.user
user.actions = UserActions()
tenants = team_services.get_current_user_tenants(user_id=user.user_id)
user_detail = dict()
user_detail["user_id"] = user.user_id
user_detail["user_name"] = user.nick_name
user_detail["email"] = user.email
user_detail["enterprise_id"] = user.enterprise_id
user_detail["phone"] = user.phone
user_detail["git_user_id"] = user.git_user_id
user_detail["is_sys_admin"] = user.is_sys_admin
enterprise = enterprise_services.get_enterprise_by_enterprise_id(user.enterprise_id)
user_detail["is_enterprise_active"] = enterprise.is_active
tenant_list = list()
for tenant in tenants:
tenant_info = dict()
team_region_list = region_services.get_region_list_by_team_name(request=request,
team_name=tenant.tenant_name)
tenant_info["team_id"] = tenant.ID
tenant_info["team_name"] = tenant.tenant_name
tenant_info["team_alias"] = tenant.tenant_alias
tenant_info["limit_memory"] = tenant.limit_memory
tenant_info["pay_level"] = tenant.pay_level
tenant_info["region"] = team_region_list
tenant_info["creater"] = tenant.creater
tenant_info["create_time"] = tenant.create_time
perms_list = team_services.get_user_perm_identitys_in_permtenant(user_id=user.user_id,
tenant_name=tenant.tenant_name)
final_identity = perms.get_highest_identity(perms_list)
tenant_info["identity"] = final_identity
tenant_actions = p.keys('tenant_{0}_actions'.format(final_identity))
user.actions.set_actions('tenant', tenant_actions)
tenant_info["tenant_actions"] = user.actions.tenant_actions
tenant_list.append(tenant_info)
user_detail["teams"] = tenant_list
result = general_message(code, "Obtain my details to be successful.", "获取我的详情成功", bean=user_detail)
except Exception as e:
code = 500
logger.exception(e)
result = error_message(e.message)
return Response(result, status=code)
def post(self, req, *args, **kwargs):
serializer = CreateAdminUserReqSerializer(data=req.data)
serializer.is_valid(raise_exception=True)
try:
user = user_services.get_user_by_user_id(req.data["user_id"])
except UserNotExistError:
raise exceptions.NotFound("用户'{}'不存在".format(req.data["user_id"]))
ent = enterprise_services.get_enterprise_by_enterprise_id(req.data["eid"])
if ent is None:
raise serializers.ValidationError("企业'{}'不存在".format(req.data["eid"]), status.HTTP_404_NOT_FOUND)
user_services.create_admin_user(user, ent)
return Response(None, status.HTTP_201_CREATED)
def add_user_role_to_team(self, request, tenant, user_ids, role_ids):
"""在团队中添加一个用户并给用户分配一个角色"""
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
if enterprise:
try:
for user_id in user_ids:
for role_id in role_ids:
PermRelTenant.objects.update_or_create(user_id=user_id, tenant_id=tenant.pk,
enterprise_id=enterprise.pk, role_id=role_id,
defaults={"role_id": role_id})
except Exception as e:
logging.exception(e)
raise Exception("创建失败:%s" % e.message)
else:
return None
