def update(self, request, *args, **kwargs): # pylint: disable=unused-argument, too-many-locals
'''
黑白名单局部操作
'''
perm = self.get_object()
clean = self.request.data.get('clean', False)
if clean:
UserPerm.valid_objects.filter(perm=perm).update(status='0')
DeptPerm.valid_objects.filter(perm=perm).update(status='0')
GroupPerm.valid_objects.filter(perm=perm).update(status='0')
user_perm_status = self.request.data.get('user_perm_status', [])
for ups in user_perm_status:
user = User.valid_objects.filter(username=ups['uid']).first()
if user:
owner_perm = UserPerm.get(user, perm)
owner_perm.update_status(ups['status'])
node_perm_status = self.request.data.get('node_perm_status', [])
for nps in node_perm_status:
node, _ = Dept.retrieve_node(nps['uid'])
if node:
node_perm = node.owner_perm_cls.get(node, perm)
node_perm.update_status(nps['status'])
cli = LOG_CLI()
cli.assign_perm_owners(perm)
return Response({
'user_perm_status': user_perm_status,
'node_perm_status': node_perm_status
})
def patch(self, request, uid): # pylint: disable=unused-argument
"""
update group perms
"""
data = request.data
group = self.get_object()
perm_statuses = data.get('perm_statuses', []) if data else []
for perm_status in perm_statuses:
try:
perm = Perm.valid_objects.get_queryset().get(
uid=perm_status['uid'])
except ObjectDoesNotExist:
raise ValidationError({
'perm_statuses':
['perm:{} does not exist'.format(perm_status['uid'])]
})
group_perm = GroupPerm.valid_objects.get_queryset().get(
owner=group, perm=perm)
group_perm.update_status(perm_status['status'])
res_group_perms = GroupPerm.valid_objects.filter(
owner=group, perm__uid__in=[item['uid'] for item in perm_statuses])
cli = LOG_CLI()
cli.assign_node_perms(group)
return Response(self.get_serializer(res_group_perms, many=True).data)
def patch(self, request, uid): # pylint: disable=unused-argument
"""
update user perms
"""
dept = self.get_object()
perm_statuses = request.data.get('perm_statuses', [])
for perm_status in perm_statuses:
try:
perm = Perm.valid_objects.get_queryset().get(
uid=perm_status['uid'])
except ObjectDoesNotExist:
raise ValidationError({
'perm_statuses':
['perm:{} does not exist'.format(perm_status['uid'])]
})
if not perm.under_manage(request.user):
raise ValidationError({
'perm_statuses':
['perm:{} out of scope'.format(perm_status['uid'])]
})
dept_perm = DeptPerm.valid_objects.get_queryset().get(owner=dept,
perm=perm)
dept_perm = dept_perm.update_status(perm_status['status'])
res_dept_perms = DeptPerm.valid_objects.filter(
owner=dept, perm__uid__in=[item['uid'] for item in perm_statuses])
cli = LOG_CLI()
cli.assign_node_perms(dept)
return Response(self.get_serializer(res_dept_perms, many=True).data)
def perform_destroy(self, instance):
"""
delete config
"""
cli = LOG_CLI()
cli.delete_i18n_mobile_config(instance)
instance.kill()
def perform_update(self, serializer):
"""
update config detail
"""
super().perform_update(serializer) # pylint: disable=no-member
cli = LOG_CLI()
cli.update_i18n_mobile_config(serializer.instance)
def perform_destroy(self, instance):
'''
reject if not editable
'''
if not instance.editable:
raise MethodNotAllowed('DELETE protected APP')
cli = LOG_CLI()
cli.delete_app(instance)
instance.delete()
def perform_destroy(self, instance):
'''
硬删除
'''
if not instance.editable:
raise MethodNotAllowed('DELETE protected perm')
instance.kill()
cli = LOG_CLI()
cli.delete_perm(instance)
def update(self, request, *args, **kwargs): # pylint: disable=unused-argument, too-many-locals
'''
黑白名单局部操作
'''
perm = self.get_object()
clean = self.request.data.get('clean', False)
if clean:
UserPerm.valid_objects.filter(perm=perm).update(status='0')
DeptPerm.valid_objects.filter(perm=perm).update(status='0')
GroupPerm.valid_objects.filter(perm=perm).update(status='0')
user_perm_status = self.request.data.get('user_perm_status', [])
node_perm_status = self.request.data.get('node_perm_status', [])
if not isinstance(user_perm_status, list):
raise ValidationError({'user_perm_status': ['must be a list']})
if not isinstance(node_perm_status, list):
raise ValidationError({'node_perm_status': ['must be a list']})
for ups in user_perm_status:
user = User.valid_objects.filter(username=ups['uid']).first()
# TODO: 目前对每个对象都逐一检验 under_manage,开销大; 且对于没有权限的,只是静默跳过,没有提示。需改进。
if not (user and user.under_manage(request.user)):
raise ValidationError(
{'user_perm_status': [f'invalid uid: `{ups["uid"]}`']})
ups['instance'] = user
for nps in node_perm_status:
node, _ = Dept.retrieve_node(nps['uid'])
if not (node and node.under_manage(request.user)):
raise ValidationError(
{'node_perm_status': [f'invalid uid: `{nps["uid"]}`']})
nps['instance'] = node
for ups in user_perm_status:
instance = ups.pop('instance')
owner_perm = UserPerm.get(instance, perm)
owner_perm.update_status(ups['status'])
for nps in node_perm_status:
instance = nps.pop('instance')
owner_perm = instance.owner_perm_cls.get(instance, perm)
owner_perm.update_status(nps['status'])
cli = LOG_CLI()
cli.assign_perm_owners(perm)
return Response({
'user_perm_status': user_perm_status,
'node_perm_status': node_perm_status
})
def get_token(self, open_id): # pylint: disable=no-self-use
'''
从QQUser表查询用户,返回token
'''
qq_user = QQUser.valid_objects.filter(open_id=open_id).first()
if qq_user:
user = qq_user.user
token = user.token
LOG_CLI(user).user_login()
context = {'token': token, **UserWithPermSerializer(user).data}
else:
context = {'token': '', 'third_party_id': open_id}
return context
def get_token(self, unionid): # pylint: disable=no-self-use
'''
从Wechat表查询用户,返回token
'''
wechat_user = WechatUser.valid_objects.filter(unionid=unionid).first()
if wechat_user:
user = wechat_user.user
token = user.token
LOG_CLI(user).user_login()
context = {'token': token, **UserWithPermSerializer(user).data}
else:
context = {'token': '', 'third_party_id': unionid}
return context
def get_token(self, alipay_user_id): # pylint: disable=no-self-use
'''
从AlipayUser表查询用户,返回token
'''
alipay_user = AlipayUser.valid_objects.filter(alipay_user_id=alipay_user_id).first()
if alipay_user:
user = alipay_user.user
token = user.token
LOG_CLI(user).user_login()
context = {'token': token, **UserWithPermSerializer(user).data}
else:
context = {'token': '', 'third_party_id': alipay_user_id}
return context
def get_token(self, user_id): # pylint: disable=no-self-use
"""
从Github表查询用户,返回token
"""
github_user = GithubUser.valid_objects.filter(github_user_id=user_id).first()
if github_user:
user = github_user.user
token = user.token
LOG_CLI(user).user_login()
context = {'token': token, **UserWithPermSerializer(user).data}
else:
context = {'token': '', 'third_party_id': user_id}
return context
def update(self, request, *args, **kwargs): # pylint: disable=unused-argument
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
validated_data = serializer.validated_data
user = validated_data.pop('user')
if user.is_settled:
raise AuthenticationFailed({'only for unsettled user'})
cli = CLI(user=user)
user.__dict__.update(validated_data)
user.save()
cli.set_user_password(user, validated_data['password'])
LOG_CLI(user).user_activate()
return Response({
# 'token': user.token,
**UserWithPermSerializer(user).data,
})
def post(self, request):
'''
绑定用户
'''
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
ding_id = serializer.validated_data['ding_id']
ding_user = DingUser.objects.filter(user=user).first()
if ding_user:
ding_user.ding_id = ding_id
else:
ding_user = DingUser.objects.create(ding_id=ding_id, user=user)
ding_user.save()
token = user.token
data = {'token': token, **UserWithPermSerializer(user).data}
LOG_CLI(user).user_login()
return Response(data, HTTP_201_CREATED)
def post(self, request):
"""
绑定用户
"""
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
github_user_id = serializer.validated_data['user_id']
github_user = GithubUser.valid_objects.filter(user=user).first()
if github_user:
github_user.github_user_id = github_user_id
else:
github_user = GithubUser.valid_objects.create(github_user_id=github_user_id, user=user)
github_user.save()
token = user.token
data = {'token': token, **UserWithPermSerializer(user).data}
LOG_CLI(user).user_login()
return Response(data, HTTP_201_CREATED)
def post(self, request):
'''
绑定用户
'''
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
unionid = serializer.validated_data['user_id']
wechat_user = WechatUser.valid_objects.filter(user=user).first()
if wechat_user:
wechat_user.unionid = unionid
else:
wechat_user = WechatUser.valid_objects.create(unionid=unionid, user=user)
wechat_user.save()
token = user.token
data = {'token': token, **UserWithPermSerializer(user).data}
LOG_CLI(user).user_login()
return Response(data, HTTP_201_CREATED)
def post(self, request): # pylint: disable=no-self-use
'''
get oneid token by ding code
'''
code = request.data.get('code', None)
if not code:
raise ValidationError({'code': ['this field is requried']})
ding_userid = self.auth_code(code)
user = User.valid_objects.filter(ding_user__uid=ding_userid).first()
if not user:
raise ValidationError({'code': ["this account hasn't registered"]})
res = UserWithPermSerializer(user).data
res.update(token=user.token)
LOG_CLI(user).user_login()
return Response(data=res)
def post(self, request, *args, **kwargs):
"""Respond to POSTed username/password with token."""
serializer = AuthTokenSerializer(data=request.data, context={'request': request})
if serializer.is_valid():
res = self.pre_get_token(request)
if res:
return res
user = serializer.validated_data['user']
token, _ = ExpiringToken.objects.get_or_create(user=user)
if token.expired():
# If the token is expired, generate a new one.
token.delete()
token = ExpiringToken.objects.create(user=user)
data = {'token': token.key, **self.attachment(token)}
LOG_CLI(user).user_login()
user.update_last_active_time()
return Response(data)
return Response(serializer.errors, status=HTTP_400_BAD_REQUEST)
def perform_create(self, serializer):
user = serializer.save()
LOG_CLI(serializer.instance).user_register()
return user
def perform_update(self, serializer):
super().perform_update(serializer)
LOG_CLI(serializer.instance).user_reset_password()
def perform_create(self, serializer):
super().perform_create(serializer.instance)
LOG_CLI(serializer.instance).user_register()
def perform_create(self, serializer):
"""save with i18n mobile config"""
serializer.is_valid(raise_exception=True)
serializer.save()
cli = LOG_CLI()
cli.create_i18n_mobile_config(serializer.instance)
def perform_update(self, serializer):
super().perform_update(serializer) # pylint: disable=no-member
LOG_CLI().update_config()
def perform_update(self, serializer):
super().perform_update(serializer) # pylint: disable=no-member
cli = LOG_CLI()
cli.update_app(serializer.instance, serializer.validated_data)
def perform_create(self, serializer):
super().perform_create(serializer) # pylint: disable=no-member
cli = LOG_CLI()
cli.create_perm(serializer.instance)