def create_admin_user(request):
"""创建管理员"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
group_id = request.POST.get('group_id', '')
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username)
if check_user:
msg = af.USER_EXIST
assert False
group = Group.objects.filter(id=group_id).first()
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
password = '' # ldap 密码使用云密码
identity = 'is_admin'
creator_username = request.user.username
param = {
'username': username,
'password': password,
'group': group,
'identity': identity,
'creator_username': creator_username
}
user = create_user(**param)
if not user:
res['msg'] = _(af.PARAM_ERROR)
return json_response(res)
log_msg = om.CREATE_USER % (creator_username, identity, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def get_sso_token(request):
"""退出
{"hasLogon":true,"type":1,"account":"*****@*****.**",
"cdate":1558602246000,"adate":1558602246000,"err":0,"ec":0}
{"hasLogon":false,"type":-1,"account":"",
"cdate":null,"adate":null,"err":12,"ec":0}
"""
backend_path = 'django.contrib.auth.backends.AllowAllUsersModelBackend'
token = request.GET.get("ioss")
if token:
md5 = hashlib.md5()
md5.update((settings.SSO_NAME + token + "CssoC").encode('utf-8'))
url = ("https://sso.chinacache.com:443/queryByTokenId?"
"clientName={}"
"&tokenId={}"
"&md5Hash={}").format(settings.SSO_NAME, token, md5.hexdigest())
res = requests.get(url)
has_login = res.json().get('hasLogon', False)
user = None
if has_login:
username = res.json().get('account', '')
user = UserProfile.objects.filter(username=username).first()
if not user:
identity = 'is_admin'
# 管理员登录通过sso校验,系统生成随机密码不需要记录
password = "".join(
random.sample(string.ascii_letters + string.digits, 10))
group = Group.objects.filter(name='客服').first()
user = create_user(username, password, group, identity)
if user:
user.backend = backend_path
auth_login(request, user)
return HttpResponseRedirect('/base/base/', {})
def create_child_user(request):
"""创建子账号号用户"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
username = request.POST.get('username', '')
password = request.POST.get('password', '')
is_api = request.POST.get('is_api', 0)
reset_password = request.POST.get('reset_password', 0)
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
remark = request.POST.get('remark', '')
perm_strategy_ids = request.POST.getlist('perm_strategy[]', '')
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username)
if check_user:
msg = af.USER_EXIST
assert False
if not password:
msg = af.PASSWORD_EMPTY
assert False
is_api = int_check(is_api)
if is_api is None:
msg = af.PARAM_ERROR
assert False
reset_password = int_check(reset_password)
if reset_password is None:
msg = af.PARAM_ERROR
assert False
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
if is_api:
print('给api通信')
identity = 'is_child'
group = Group.objects.filter(id=GroupProfile.CUSTOMER_CHILD_ID).first()
creator_username = request.user.username
param = {
'username': username,
'password': password,
'group': group,
'identity': identity,
'email': email,
'mobile': mobile,
'remark': remark,
'reset_password': True if reset_password else False,
'creator_username': creator_username
}
user = create_user(**param)
if not user:
res['msg'] = _(af.PARAM_ERROR)
return json_response(res)
UserPermStrategy.assign_perm(perm_strategy_ids, user)
log_msg = om.CREATE_USER % (creator_username, identity, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def admin_create_parent_user(request):
"""创建父账号用户"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
password = request.POST.get('password', '')
company = request.POST.get('company', '')
linkman = request.POST.get('linkman', '')
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
is_api = request.POST.get('is_api', '')
is_active = request.POST.get('is_active', '1')
perm_list = request.POST.getlist('perm[]', [])
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username)
if check_user:
msg = af.USER_EXIST
assert False
if not password:
msg = af.PASSWORD_EMPTY
assert False
if not company:
msg = af.COMPANY_EMPTY
assert False
is_api = int(is_api)
if is_api is None:
msg = af.PARAM_ERROR
assert False
is_active = int_check(is_active)
if is_active is None:
msg = af.PARAM_ERROR
assert False
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
identity = 'is_parent'
group = Group.objects.filter(id=GroupProfile.CUSTOMER_ID).first()
creator_username = request.user.username
param = {
'username': username,
'password': password,
'group': group,
'identity': identity,
'company': company,
'linkman': linkman,
'email': email,
'mobile': mobile,
'creator_username': creator_username,
'is_api': True if is_api else False
}
user = create_user(**param)
if not user:
res['msg'] = _(af.PARAM_ERROR)
return json_response(res)
if not is_active:
user.is_active = False
user.save()
for perm_code in perm_list:
PermUser.assign_perm(perm_code, user)
if perm_code == 'client_cdn_menu':
cdn_product = Product.objects.filter(code='CDN').first()
cdn_strategy = Strategy.get_obj_from_property('CC', 'CDN', 'CDN')
user.product_list.add(cdn_product)
user.strategy_list.add(cdn_strategy)
user.save()
# elif perm_code == 'client_security_menu':
# sec_product = Product.objects.filter(code='SECURITY').first()
# sec_strategy = Strategy.get_obj_from_property(
# 'QINGSONG', 'SECURITY', 'WAF')
# user.product_list.add(sec_product)
# user.strategy_list.add(sec_strategy)
# user.save()
log_msg = om.CREATE_USER % (creator_username, identity, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def create_parent_user(request):
"""创建父账号用户"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
password = request.POST.get('password', '')
company = request.POST.get('company', '')
user_type = request.POST.get('user_type', '')
linkman = request.POST.get('linkman', '')
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
perm_list = request.POST.getlist('perm[]', '')
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username)
if check_user:
msg = af.USER_EXIST
assert False
if not password:
msg = af.PASSWORD_EMPTY
assert False
if not company:
msg = af.COMPANY_EMPTY
assert False
except AssertionError:
res['msg'] = msg
return json_response(res)
identity = user_type
group = Group.objects.filter(id=GroupProfile.CUSTOMER_ID)
creator_username = request.user.username
param = {
'username': username,
'password': password,
'group': group,
'identity': identity,
'company': company,
'linkman': linkman,
'email': email,
'mobile': mobile,
'creator_username': creator_username
}
user = create_user(**param)
if not user:
res['msg'] = af.PARAM_ERROR
return json_response(res)
if perm_list:
for perm_id in perm_list:
PermUser.assign_perm(perm_id, user)
log_msg = om.CREATE_USER % (creator_username, identity, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)