def post(self, request, team_name, *args, **kwargs):
"""
为团队开通数据中心
---
parameters:
- name: team_name
description: 当前团队名字
required: true
type: string
paramType: path
- name: region_name
description: 要开通的数据中心名称
required: true
type: string
paramType: body
"""
try:
region_name = request.data.get("region_name", None)
if not region_name:
return Response(general_message(400, "params error", "参数异常"), status=400)
team = team_services.get_tenant_by_tenant_name(team_name)
if not team:
return Response(general_message(404, "team is not found", "团队{0}不存在".format(team_name)), status=403)
is_admin = user_services.is_user_admin_in_current_enterprise(self.user, team.enterprise_id)
if not is_admin:
return Response(
general_message(403, "current user is not admin in current enterprise", "用户不为当前企业管理员"), status=403)
code, msg, tenant_region = region_services.create_tenant_on_region(team_name, region_name)
if code != 200:
return Response(general_message(code, "open region error", msg), status=code)
result = general_message(code, "success", "数据中心{0}开通成功".format(region_name))
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, result["code"])
def post(self, request, *args, **kwargs):
"""
"""
try:
username = request.data.get("username", None)
enterprise_id = request.data.get("enterprise_id", None)
enterprise_alias = request.data.get("enterprise_alias", None)
# 校验参数
if not username or not enterprise_id or not enterprise_alias:
return Response(generate_result(
"1003", "params error", "参数错误"))
user_obj = user_repo.get_user_by_user_name(username)
if not user_obj:
return Response(generate_result(
"1004", "user already exists", "用户在控制台不存在"))
# 查询企业信息
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id)
# 判断用户是否为企业管理员
if user_services.is_user_admin_in_current_enterprise(user_obj, enterprise.enterprise_id):
bean_dict = {"user_info": user_obj.to_dict()}
return Response(generate_result("0000", "success", "当前用户已经是企业管理员,已同步至管理后台", bean_dict))
# 添加企业管理员
enterprise_user_perm_repo.create_enterprise_user_perm(user_obj.user_id, enterprise.enterprise_id, "admin")
bean = {"user_info": user_obj.to_dict()}
result = generate_result("0000", "success", "添加成功", bean=bean)
except Exception as e:
logger.exception(e)
result = generate_error_result()
return Response(result)
def post(self, request, *args, **kwargs):
"""
同步云市插件分享
:param request:
:param args:
:param kwargs:
:return:
"""
try:
if not self.user.is_sys_admin:
if not user_services.is_user_admin_in_current_enterprise(self.user, self.tenant.enterprise_id):
return Response(
general_message(403, "current user is not enterprise admin", "非企业管理员无法进行此操作"), status=403
)
ent = enterprise_repo.get_enterprise_by_enterprise_id(self.tenant.enterprise_id)
if ent and not ent.is_active:
result = general_message(10407, "failed", "用户未跟云市认证")
return Response(result, 500)
page = request.GET.get('page', 1)
limit = request.GET.get('limit', 10)
plugin_name = request.GET.get('plugin_name', '')
plugins, total = market_plugin_service.sync_market_plugins(
self.tenant, self.user, page, limit, plugin_name
)
result = general_message(200, "success", "同步成功", list=plugins, total=total)
return Response(result, 200)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, 500)
def post(self, request, *args, **kwargs):
"""
同步插件模板
:param request:
:param args:
:param kwargs:
:return:
"""
try:
if not self.user.is_sys_admin:
if not user_services.is_user_admin_in_current_enterprise(self.user, self.tenant.enterprise_id):
return Response(general_message(403, "current user is not enterprise admin", "非企业管理员无法进行此操作"),
status=403)
ent = enterprise_repo.get_enterprise_by_enterprise_id(self.tenant.enterprise_id)
if ent and not ent.is_active:
result = general_message(10407, "failed", "用户未跟云市认证")
return Response(result, 500)
plugin_data = request.data
data = {
'plugin_key': plugin_data["plugin_key"],
'version': plugin_data['version']
}
market_plugin_service.sync_market_plugin_templates(self.user, self.tenant, data)
result = general_message(200, "success", "同步成功")
return Response(result, 200)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, 500)
def post(self, request, *args, **kwargs):
"""
应用上下线
---
parameters:
- name: app_id
description: rainbond app id
required: true
type: string
paramType: form
- name: action
description: 操作类型 online|offline
required: true
type: string
paramType: form
"""
try:
if not self.user.is_sys_admin:
if not user_services.is_user_admin_in_current_enterprise(
self.user, self.tenant.enterprise_id):
return Response(general_message(
403, "current user is not enterprise admin",
"非企业管理员无法进行此操作"),
status=403)
app_id = request.data.get("app_id", None)
action = request.data.get("action", None)
if not app_id:
return Response(general_message(400, "app id is null",
"请指明需要安装的应用"),
status=400)
if not action:
return Response(general_message(400, "action is not specified",
"操作类型未指定"),
status=400)
if action not in ("online", "offline"):
return Response(general_message(400, "action is not allow",
"不允许的操作类型"),
status=400)
code, app = market_app_service.get_rain_bond_app_by_pk(app_id)
if not app:
return Response(general_message(404, "not found", "云市应用不存在"),
status=404)
if app.enterprise_id == "public":
if not self.user.is_sys_admin:
return Response(general_message(
403, "only system admin can manage public app",
"非平台管理员无权操作"),
status=403)
if action == "online":
app.is_complete = True
else:
app.is_complete = False
app.save()
result = general_message(200, "success", "操作成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def get_permissions_by_user(self, user, enterprise_id):
if not isinstance(user, Users):
raise ErrorUser("user is not rainbond user")
# TODO:impl rbac
# TODO: get perm list by user_services.get_user_in_enterprise_perm
if user_services.is_user_admin_in_current_enterprise(user, enterprise_id):
return ["all"]
return None
def login_api_user(self, username, password):
user = user_services.get_user_by_username(username)
if not user:
return None
if not user.check_password(password):
return None
if user_services.is_user_admin_in_current_enterprise(user, user.enterprise_id):
return self.get_token(user)
return None
def post(self, request, *args, **kwargs):
"""
同步下载云市组详情模板到云帮
---
parameters:
- name: tenantName
description: 团队名称
required: true
type: string
paramType: path
- name: body
description: 需要同步的应用[{"group_key":"xxxxxxx","version":"xxxxxx","template_version":"xxxx"}]
required: true
type: string
paramType: body
"""
try:
group_key = request.data.get("group_key", None)
group_version = request.data.get("group_version", [])
template_version = request.data.get("template_version", "v2")
if not group_version or not group_key:
return Response(general_message(400, "app is null",
"请指明需要更新的应用"),
status=400)
ent = enterprise_repo.get_enterprise_by_enterprise_id(
self.tenant.enterprise_id)
if ent and not ent.is_active:
result = general_message(10407, "failed", "用户未跟云市认证")
return Response(result, 500)
if not self.user.is_sys_admin:
if not user_services.is_user_admin_in_current_enterprise(
self.user, self.tenant.enterprise_id):
return Response(general_message(
403, "current user is not enterprise admin",
"非企业管理员无法进行此操作"),
status=403)
logger.debug("start synchronized market apps detail")
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
self.tenant.enterprise_id)
if not enterprise.is_active:
return Response(general_message(10407,
"enterprise is not active",
"您的企业未激活"),
status=403)
for version in group_version:
market_sycn_service.down_market_group_app_detail(
self.user, self.tenant, group_key, version,
template_version)
result = general_message(200, "success", "应用同步成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def post(self, request, enterprise_id, *args, **kwargs):
"""
应用上下线
---
parameters:
- name: app_id
description: rainbond app id
required: true
type: string
paramType: form
- name: action
description: 操作类型 online|offline
required: true
type: string
paramType: form
"""
try:
if not self.user.is_sys_admin:
if not user_services.is_user_admin_in_current_enterprise(self.user, self.tenant.enterprise_id):
return Response(general_message(403, "current user is not enterprise admin", "非企业管理员无法进行此操作"), status=403)
app_id = request.data.get("app_id", None)
app_version_list = request.data.get("app_versions", [])
action = request.data.get("action", None)
if not app_id:
return Response(general_message(400, "group_key is null", "请指明需要安装应用的app_id"), status=400)
if not app_version_list:
return Response(general_message(400, "group_version_list is null", "请指明需要安装应用的版本"), status=400)
if not action:
return Response(general_message(400, "action is not specified", "操作类型未指定"), status=400)
if action not in ("online", "offline"):
return Response(general_message(400, "action is not allow", "不允许的操作类型"), status=400)
for app_version in app_version_list:
app, version = market_app_service.get_rainbond_app_and_version(self.user.enterprise_id, app_id, app_version)
if not version:
return Response(general_message(404, "not found", "云市应用不存在"), status=404)
if action == "online":
version.is_complete = True
else:
version.is_complete = False
app.update_time = datetime.datetime.now()
app.save()
version.update_time = datetime.datetime.now()
version.save()
result = general_message(200, "success", "操作成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def get(self, request, team_name, user_name, *args, **kwargs):
"""
用户详情
---
parameters:
- name: team_name
description: 团队名
required: true
type: string
paramType: path
- name: user_name
description: 用户名
required: true
type: string
paramType: path
"""
try:
# u, perms = user_services.get_user_detail(tenant_name=team_name, nick_name=user_name)
team = team_services.get_tenant_by_tenant_name(team_name)
is_user_enter_amdin = user_services.is_user_admin_in_current_enterprise(
self.user, team.enterprise_id)
perms = team_services.get_user_perm_identitys_in_permtenant(
self.user.user_id, team_name)
role_list = team_services.get_user_perm_role_in_permtenant(
user_id=self.user.user_id, tenant_name=team_name)
# teams = [{"team_identity": perm.identity} for perm in perms]
data = dict()
data["nick_name"] = self.user.nick_name
data["email"] = self.user.email
# data["teams_identity"] = teams[0]["team_identity"]
data["teams_identity"] = perms + role_list
data["is_user_enter_amdin"] = is_user_enter_amdin
code = 200
result = general_message(code,
"user details query success.",
"用户详情获取成功",
bean=data)
return Response(result, status=code)
except UserNotExistError as e:
logger.exception(e)
code = 400
result = general_message(code,
"this user does not exist on this team.",
"该用户不存在这个团队")
return Response(result, status=code)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=500)
def delete(self, request, team_name, *args, **kwargs):
"""
删除当前团队
---
parameters:
- name: team_name
description: 要删除的团队
required: true
type: string
paramType: path
"""
code = 200
identity_list = team_services.get_user_perm_identitys_in_permtenant(
user_id=request.user.user_id, tenant_name=team_name)
perm_tuple = team_services.get_user_perm_in_tenant(
user_id=request.user.user_id, tenant_name=team_name)
team = team_services.get_tenant_by_tenant_name(team_name)
if not user_services.is_user_admin_in_current_enterprise(
request.user, team.enterprise_id):
if "owner" not in identity_list and "drop_tenant" not in perm_tuple:
code = 400
result = general_message(code, "no identity",
"您不是最高管理员,不能删除团队")
return Response(result, status=code)
try:
service_count = team_services.get_team_service_count_by_team_name(
team_name=team_name)
if service_count >= 1:
result = general_message(400, "failed", "当前团队内有应用,不可以删除")
return Response(result, status=400)
status = team_services.delete_tenant(tenant_name=team_name)
if not status:
result = general_message(code, "delete a tenant successfully",
"删除团队成功")
else:
code = 400
result = general_message(code, "delete a tenant failed",
"删除团队失败")
except Tenants.DoesNotExist as e:
code = 400
logger.exception(e)
result = generate_result(code, "tenant not exist",
"{}团队不存在".format(team_name))
except Exception as e:
code = 500
result = general_message(code, "sys exception", "系统异常")
logger.exception(e)
return Response(result, status=code)
def get(self, request, enterprise_id, *args, **kwargs):
page = int(request.GET.get("page", 1))
page_size = int(request.GET.get("page_size", 10))
name = request.GET.get("name", None)
if not user_services.is_user_admin_in_current_enterprise(
request.user, enterprise_id):
result = general_message(
401, "is not admin",
"用户'{}'不是企业管理员".format(request.user.nick_name))
return Response(result, status=status.HTTP_200_OK)
teams, total = team_services.get_enterprise_teams(enterprise_id,
query=name,
page=page,
page_size=page_size)
data = {
"total_count": total,
"page": page,
"page_size": page_size,
"list": teams
}
result = general_message(200, "success", None, bean=data)
return Response(result, status=status.HTTP_200_OK)
def delete(self, request, tenant_name, user_id, *args, **kwargs):
"""
删除用户
---
parameters:
- name: tenant_name
description: 租户名称
required: true
type: string
paramType: path
- name: user_id
description: 用户名
required: true
type: string
paramType: path
"""
try:
tenants = Tenants.objects.filter(creater=user_id).all()
# 团队拥有者不可删
if tenants:
tenant_alias_list = []
for tenant in tenants:
tenant_alias_list.append(tenant.tenant_alias)
return Response(
generate_result("1112", "delete error", "当前用户是团队的拥有者,请先移交团队管理权或删除团队", list=tenant_alias_list))
# 企业管理员不可删
user = user_service.get_user_by_user_id(user_id)
if user_services.is_user_admin_in_current_enterprise(user, user.enterprise_id):
return Response(generate_result("1004", "user is enter admin", "当前用户为企业管理员,无法删除"))
user_service.delete_user(user_id)
result = generate_result("0000", "success", "删除成功")
except Exception as e:
logger.exception(e)
result = generate_result("9999", "system error", "系统异常")
return Response(result)
def get(self, request, *args, **kwargs):
"""
查询我的详情
---
"""
try:
p = PermActions()
code = 200
user = self.user
user.actions = UserActions()
tenants = team_services.get_current_user_tenants(
user_id=user.user_id)
user_detail = dict()
user_detail["user_id"] = user.user_id
user_detail["user_name"] = user.nick_name
user_detail["email"] = user.email
user_detail["enterprise_id"] = user.enterprise_id
user_detail["phone"] = user.phone
user_detail["git_user_id"] = user.git_user_id
user_detail["is_sys_admin"] = user.is_sys_admin
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
user.enterprise_id)
user_detail["is_enterprise_active"] = enterprise.is_active
is_user_enter_amdin = user_services.is_user_admin_in_current_enterprise(
self.user, user.enterprise_id)
user_detail["is_user_enter_amdin"] = is_user_enter_amdin
tenant_list = list()
for tenant in tenants:
tenant_info = dict()
team_region_list = region_services.get_region_list_by_team_name(
request=request, team_name=tenant.tenant_name)
tenant_info["team_id"] = tenant.ID
tenant_info["team_name"] = tenant.tenant_name
tenant_info["team_alias"] = tenant.tenant_alias
tenant_info["limit_memory"] = tenant.limit_memory
tenant_info["pay_level"] = tenant.pay_level
tenant_info["region"] = team_region_list
tenant_info["creater"] = tenant.creater
tenant_info["create_time"] = tenant.create_time
perms_list = team_services.get_user_perm_identitys_in_permtenant(
user_id=user.user_id, tenant_name=tenant.tenant_name)
perms_role_id_list = team_services.get_user_perm_role_id_in_permtenant(
user_id=user.user_id, tenant_name=tenant.tenant_name)
perms_tuple = ()
if perms_list:
final_identity = perms.get_highest_identity(perms_list)
tenant_actions = p.keys(
'tenant_{0}_actions'.format(final_identity))
perms_tuple += tenant_actions
else:
final_identity = []
role_name_list = [
role_repo.get_role_name_by_role_id(role_id=role_id)
for role_id in perms_role_id_list
]
for role_id in perms_role_id_list:
tenant_actions = role_perm_repo.get_perm_by_role_id(
role_id=role_id)
perms_tuple += tenant_actions
if final_identity:
tenant_info["role_name_list"] = [final_identity
] + role_name_list
else:
tenant_info["role_name_list"] = role_name_list
user.actions.set_actions('tenant', tuple(set(perms_tuple)))
tenant_info["tenant_actions"] = user.actions.tenant_actions
tenant_list.append(tenant_info)
user_detail["teams"] = tenant_list
result = general_message(code,
"Obtain my details to be successful.",
"获取我的详情成功",
bean=user_detail)
except Exception as e:
code = 500
logger.exception(e)
result = error_message(e.message)
return Response(result, status=code)
def post(self, request, *args, **kwargs):
"""
back manager get access token for console
---
parameters:
- name: username
description: 用户名
required: true
type: string
paramType: path
- name: password
description: 密码
required: true
type: string
paramType: form
- name: enterprise_id
description: 企业ID
required: true
type: string
paramType: form
- name: enterprise_alias
description: 企业别名
required: true
type: string
paramType: form
"""
try:
auth = request.data.get('Authorization', '')
if auth != settings.MANAGE_SECRET_KEY:
return Response(generate_result("0401", "authorization error", "验证未通过"))
username = request.data.get("username", None)
password = request.data.get("password", None)
enterprise_id = request.data.get("enterprise_id", None)
enterprise_alias = request.data.get("enterprise_alias", None)
# 校验参数
if not username or not password or not enterprise_id or not enterprise_alias:
return Response(generate_result(
"1003", "params error", "参数错误"))
user_obj = user_repo.get_user_by_user_name(username)
if not user_obj:
return Response(generate_result(
"1004", "user already exists", "用户名在控制台不存在"))
# 查询企业信息
enterprise = enterprise_services.get_enterprise_by_enterprise_alias(enterprise_alias)
logger.debug('----------type----------->{0}'.format(type(enterprise)))
if not enterprise:
return Response(generate_result(
"1005", "enterprise already exists", "当前企业在控制台不存在"))
# 检验用户是否为该企业的企业管理员
if not user_services.is_user_admin_in_current_enterprise(user_obj, enterprise.enterprise_id):
return Response(generate_result(
"1006", "user is not enterprise admin", "当前用户不是该企业的企业管理员"))
token = auth_service.create_token_auth_user(username, password)
bean = {"console_access_token": token.key, "enterprise_info": enterprise.to_dict()}
result = generate_result("0000", "success", "信息获取成功", bean)
except Exception as e:
logger.exception(e)
result = generate_error_result()
return Response(result)