def update_project_user(user_id, user_name, project_name, member):
if not check_user_name(user_name):
return 0
try:
# user_id = UserManager.get_user_id_by_name(user_name)
# if not user_id[0]:
# return False, user_id[1]
project_id = ProjectManager.get_project_id_by_name(project_name)
if not project_id[0]:
return False, project_id[1]
admin_token = get_token()
if not admin_token:
return False, 500
role_id = RolesManager.get_role_id_by_name(member)
if not role_id[0]:
return False, role_id[1]
header = {'X-Auth-Token': admin_token.strip()}
ret = put_http(url=options.project_ep + '/%s/users/%s/roles/%s' %
(project_id[1], user_id[1], role_id[1]),
headers=header)
if ret.status_code != 204:
em = "update project user failure"
LOG.exception(em)
return False, 500
return True, 200
except Exception as e:
LOG.exception(e)
return False, 500
def create_project(project_name, description="", enabled=False):
data = {
"project": {
"description": description,
"domain_id": "default",
"enabled": enabled,
"is_domain": False,
"name": project_name
}
}
if not check_user_name(project_name):
return False, 400
try:
admin_token = get_token()
if not admin_token:
return False, 500
data = json.dumps(data)
header = {
'Content-type': 'application/json',
'X-Auth-Token': admin_token.strip()
}
ret = post_http(url=options.project_ep, data=data, headers=header)
if ret.status_code != 201:
if ret.status_code == 409:
em = "create project error. name: <{0}>. project is already exist".format(
project_name)
LOG.exception(em)
return False, ret.status_code
em = "create project error. name: <{0}>".format(project_name)
LOG.exception(em)
return False, ret.status_code
return True, 200
except Exception as e:
LOG.exception(e)
return False, 500
def get_user_id_by_name(user_name):
try:
# check user_name is it valid
if not check_user_name(user_name):
return False, 400
admin_token = get_token()
if not admin_token:
em = "get admin token error"
LOG.exception(em)
return False, 500
header = {
'Content-type': 'application/json',
'X-Auth-Token': admin_token.strip()
}
ret = get_http(url=options.user_ep + "?name=%s" % user_name,
headers=header)
if ret.status_code != 200:
em = "get user's id error"
LOG.exception(em)
return False, 500
data = ret.json()
return True, data.get('users')[0].get("id")
except Exception as e:
LOG.exception(e)
return False, 500
def change_project_status(project_id, status):
"""this method to change project status by project id
status: is a boolean True or False
"""
try:
data = {
"project": {
"enabled": status,
}
}
admin_token = get_token()
if not admin_token:
em = "change project status error. can not get admin token"
LOG.exception(em)
return False, 500
data = json.dumps(data)
header = {'X-Auth-Token': admin_token.strip()}
ret = patch_http(headers=header, data=data)
if ret.status_code != 200:
em = "change project status error. project id: <{0}>".format(
project_id)
LOG.exception(em)
return False, ret.status_code
return True, 200
except Exception as e:
em = "change project status error. id: <{0}>. msg: <{1}>".format(
project_id, e)
LOG.exception(em)
return False, 500
def change_user_password_os(user_id, password):
try:
admin_token = get_token()
if not admin_token:
em = "can not get admin token"
LOG.exception(em)
return False, 500
url = options.user_ep + "/%s" % user_id
header = {
'Content-type': 'application/json',
'X-Auth-Token': admin_token.strip()
}
data = {"user": {"password": password}}
data = json.dumps(data)
ret = patch_http(url=url, headers=header, data=data)
if ret.status_code != 200:
em = "update user's password error. user id: <{0}>".format(
user_id)
LOG.exception(em)
return False, ret.status_code
return True, 200
except Exception as e:
em = "change user password error. user id: <{0}>. msg: <{1}>".format(
user_id, e)
LOG.exception(em)
return False, 500
def reset_password_os(rand_id, password):
"""reset password from OpenStack"""
try:
# check password is it strong
if not check_password(password):
return False, 400
backend = cache.Backend()
user_data = backend.get(rand_id)
if not user_data:
em = "can not found rand_id from redis"
LOG.exception(em)
return False, 400
user_id = user_data.get("user_id")
admin_token = get_token()
url = options.user_ep + "/%s" % user_id
header = {
'Content-type': 'application/json',
'X-Auth-Token': admin_token.strip()
}
data = {"user": {"password": password}}
data = json.dumps(data)
ret = patch_http(url=url, headers=header, data=data)
if ret.status_code != 200:
em = "update user's password error. user id: <{0}>".format(
user_id)
LOG.exception(em)
return False, ret.status_code
backend.delete(rand_id)
return True, 200
except Exception as e:
em = "reset password error, msg: {0}".format(e)
LOG.exception(em)
return False, 500
def get_role_id_by_name(member_name="user"):
try:
admin_token = get_token()
if not admin_token:
return False, 500
header = {
'Content-type': 'application/json',
'X-Auth-Token': admin_token.strip()
}
ret = get_http(url=options.roles_ep + "?name=%s" % member_name,
headers=header)
if ret.status_code != 200:
em = "get role id error....."
LOG.exception(em)
return False, ret.status_code
roles = ret.json().get("roles")
if not roles:
em = "can not get member name from OpenStack. name: <{0}>".format(
member_name)
LOG.exception(em)
return False, 500
return True, ''.join(
[s.get("id") for s in roles if s.get("name") == member_name])
except Exception as e:
LOG.exception(e)
return False, 500
def get_auth_info(user_id, id=None, auth_type=None):
result = []
auth_infos = AuthInfo.query.filter(
and_(
AuthInfo.user_id == user_id,
AuthInfo.deleted == False,
)).all()
if id:
auth_infos = AuthInfo.query.filter(
and_(AuthInfo.user_id == user_id, AuthInfo.deleted == False,
AuthInfo.id == id)).all()
elif auth_type:
auth_infos = AuthInfo.query.filter(
and_(AuthInfo.user_id == user_id, AuthInfo.deleted == False,
AuthInfo.auth_type == auth_type)).all()
# if not auth_infos:
# return {}
for auth_info in auth_infos:
# 得到图片
images = Images.query.filter(
and_(Images.deleted == False,
Images.auth_info_id == auth_info.id)).all()
auth_info.image_list = []
for image in images:
auth_info.image_list.append({
"id": image.id,
"url": get_pictuer_url(image.name)
})
result.append(auth_info)
# 老的实名认证获取信息
admin_token = get_token()
if admin_token:
url = options.worder_ep + u"/work_orders/?title=实名认证&user_id={0}&status=1&is_admin=True".format(
user_id)
headers = {"X-Auth-Token": admin_token.strip()}
ret = get_http(url=url, headers=headers).json()
if ret.get("code") == 0 and ret.get("data"):
auth_type = ret.get("data")[0].get("app_service_id")
# 企业申请
if auth_type == "98ff8097-f1f0-11e7-815d-00b367deaa81":
auth_type = 2
# 个人申请
if auth_type == "98af11e3-f1f0-11e7-a7e8-004b6ca3331e":
auth_type = 1
data_obj = AuthInfo()
data_obj.image_list = ret.get("data")[0].get("image_list")
data_obj.auth_type = auth_type
data_obj.status = ret.get("data")[0].get("status")
data_obj.created_at = ret.get("data")[0].get("created_at")
data_obj.user_id = ret.get("data")[0].get("user_id")
data_obj.user_name = ret.get("data")[0].get("user_name")
data_obj.auth_phone = ret.get("data")[0].get("auth_phone")
data_obj.auth_id = ret.get("data")[0].get("auth_id")
result.append(data_obj)
return result
def get_cmdb_info_by_uuid(uuid):
"""根据uuid从cmdb获取数据"""
try:
admin_token = get_token()
url = "{0}/assets/{1}".format(options.cmdb_ep, uuid)
headers = {'X-Auth-Token': admin_token.strip()}
ret = get_http(url=url, headers=headers)
if ret.status_code != 200:
em = "get data from cmdb error...."
LOG.exception(em)
return {}
return ret.json()
except Exception as e:
em = "get data from cmdb error. msg: <{0}>".format(e)
LOG.exception(em)
return {}
def add_user(user_name, password, description=""):
"""add user to openstack"""
try:
# check user_name is it valid
if not check_user_name(user_name):
return False, 400
# check password is it strong
if not check_password(password):
return False, 400
admin_token = get_token()
if not admin_token:
em = "get admin token error"
LOG.exception(em)
return False, 500
header = {
'Content-type': 'application/json',
'X-Auth-Token': admin_token.strip()
}
data = {
"user": {
"enabled": True,
"name": user_name,
"password": password,
"description": description
}
}
data = json.dumps(data)
ret = post_http(url=options.user_ep, data=data, headers=header)
if ret.status_code != 201:
if ret.status_code == 409:
em = "create user error. name: <{0}>. user is already exist".format(
user_name)
LOG.exception(em)
return False, ret.status_code
em = "create user error. name: <{0}>".format(user_name)
LOG.exception(em)
return False, ret.status_code
return True, 200
except Exception as e:
LOG.exception(e)
return False, 500
def get_project_id_by_name(project_name):
if not check_user_name(project_name):
return False, 400
try:
admin_token = get_token()
if not admin_token:
return False, 500
header = {
'Content-type': 'application/json',
'X-Auth-Token': admin_token.strip()
}
ret = get_http(url=options.project_ep + '?name=%s' % project_name,
headers=header)
if ret.status_code != 200:
em = "get project id by name error. name: <{0}>".format(
project_name)
LOG.exception(em)
return False, ret.status_code
project_id = ret.json().get("projects")[0].get("id")
return True, project_id
except Exception as e:
LOG.exception(e)
return False, 500
def real_name_auth(user_id):
"""从cmdb处获取实名认证信息"""
admin_token = get_token()
if not admin_token:
em = "get admin token error"
LOG.exception(em)
return False
headers = {'X-Auth-Token': admin_token}
# 生成请求url
url = parse_url(options.cmdb_host,
path="/work_orders/",
port=options.cmdb_port,
user_id=user_id,
title="实名认证",
is_admin=True)
ret = get_http(url=url, headers=headers)
if ret.json().get("code") != 0:
em = "get real name auth from cmdb error"
LOG.exception(em)
return False
data = ret.json()
if data.get("data"):
return ret.json().get("data")[0]
return False