def get_team_permission(user, team_id): ''' 用户可以查看所能管理的用户在其他资源上的角色 :param user: 调用者 :param target_user_id: 被查看者 :return: ''' pm_list_sys = InternalAPI.get_user_permissions_on_resource(user, RS_SYS) status, errmsg, team = TeamAPI.get(user, team_id) if not status: return False, '获取团队出错', None pm_list_org = [] if team.organization: pm_list_org = InternalAPI.get_user_permissions_on_resource( user=user, resource_type=RS_ORG, resource_id=team.organization.id ) # 系统管理员 或者 组织管理员 if pm_list_sys[PM_RETRIEVE_SYSTEM_ROLE] or ( len(pm_list_org) != 0 and pm_list_org[PM_RETRIEVE_ORGANIZATION_ROLE]): ret = {} return True, None, ret return False, ARK_ERRMSG_CONTENT[1201], None
def create(user, organization_id, name, description=None): try: errmsg = list() if organization_id == None: errmsg.append('组织ID不能为空') if name == None or len(name) == 0: errmsg.append('团队名字不能为空') if len(errmsg) != 0: return False, ','.join(errmsg), None pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_ORG, organization_id ) if not pm_list[PM_CREATE_TEAM]: return False, ARK_ERRMSG_CONTENT[1201] org = Organization.objects.get(id=organization_id) team = Team(name=name, organization=org) if description is not None: team.description = description with transaction.atomic(): team.save() InternalAPI.update_resource_and_roles_relationship( RS_TEAM, team.id ) return True, None except Exception as e: return False, str(e)
def create(user, organization_id, name, url, username, scm_type, description=None, branch=None, revision=None): try: errmsg = list() if organization_id == None: errmsg.append('组织ID不能为空') if name == None or len(name) == 0: errmsg.append('项目名字不能为空') if url == None or len(url) == 0: errmsg.append('URL不能为空') if username == None or len(username) == 0: errmsg.append('项目的用户名不能为空') if scm_type == None: errmsg.append('源码管理类型不能为空') if len(errmsg) != 0: return False, ','.join(errmsg), None pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_ORG, organization_id) if not pm_list[PM_CREATE_PROJECT]: return False, ARK_ERRMSG_CONTENT[1201] org = Organization.objects.get(id=organization_id) pro = Project(name=name, url=url, username=username, scm_type=scm_type, organization=org) if description is not None and len(description) != 0: pro.description = description else: pro.description = '' if branch is not None and len(branch) != 0: pro.branch = branch else: pro.branch = 'master' if revision is not None: pro.revision = revision with transaction.atomic(): pro.save() InternalAPI.update_resource_and_roles_relationship( RS_PRO, pro.id) return True, None, pro except Exception as e: return False, str(e)
def update(user, organization_id, name=None, description=None): try: if organization_id == None: return False, '组织id传入不合法' if name == None or len(name) == 0: return False, '组织名字不能为空' pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_ORG, organization_id) if not pm_list[PM_UPDATE_ORGANIZATION]: return False, ARK_ERRMSG_CONTENT[1201] org = Organization.objects.get(id=organization_id) if name is not None: org.name = name if description is not None: org.description = description org.save() return True, None except Exception as e: return False, str(e)
def launch(user, template_id): try: pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_TEM, template_id) if not pm_list[PM_LAUNCH_TEMPLATE]: return False, ARK_ERRMSG_CONTENT[1201] tem = JobTemplate.objects.get(id=template_id) # 先在数据库里创建一条job记录,再向gearman发一个任务 job = Job.objects.create( name=tem.name, description='play', status='pending', start_time=timezone.now(), #end_time=timezone.now(), extra_variables=tem.extra_variables, result='', user=user, job_template=tem, ) client = gear.Client() client.addServer(settings.GEARMAN_SERVER, 4730) client.waitForServer() job.status = 'running' job.save() inv = tem.inventory inv_file = os.path.join(settings.INVENTORY_DIR, str(inv.id) + '_' + str(job.id) + '.yaml') with open(inv_file, 'w') as f: f.write(inv.gen_content()) job_data = { 'callback_url': settings.CALLBACK_HOST + reverse('job:remote_update', kwargs={'job_id': job.id}), 'inventory_file': inv_file, 'playbook_file': os.path.join(settings.PROJECT_DIR, str(tem.project.id), tem.playbook), 'args': { 'extra_variables': json.loads(tem.extra_variables), 'limit': tem.limit, 'forks': str(tem.forks), 'job_tags': tem.job_tags if tem.job_tags != '' else None, 'verbosity': '2', "check": False, }, } gearman_job = gear.Job('run_playbook', bytes(json.dumps(job_data), 'utf-8')) client.submitJob(gearman_job, background=True) return True, None except Exception as e: return False, str(e)
def templates_view(request): try: status, msg, tems = TemplateAPI.all(request.user) if not status: return HttpResponse(msg) templates = [] for i in tems: templates.append({ 'template': i, 'pm': InternalAPI.get_user_permissions_on_resource( request.user, RS_TEM, i.id), }) context = { 'app': template_app, 'templates': templates, } return render(request, 'project/templates.html', context) except Exception as e: return HttpResponse(str(e))
def add_into_group(user, host_id, group_id): try: host = Host.objects.get(id=host_id) pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_INV, host.inventory.id ) if not pm_list.get(PM_ADD_HOST_INTO_GROUP): return False, ARK_ERRMSG_CONTENT[1201] group = Group.objects.get(id=group_id) if host.inventory != group.inventory: return False, 'host and group are not in the same inventory' # 判断是否是一个叶子组 if not GroupAPI._can_be_leaf_group(group): return False, '主机不能加入加入到非叶子组' if not group.host_set.filter(id=host.id).exists(): group.host_set.add(host) return True, None except Exception as e: return False, str(e)
def add_into_group(user, cgid, pgid): try: cg = Group.objects.get(id=cgid) pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_INV, cg.inventory.id ) if not pm_list.get(PM_ADD_GROUP_INTO_GROUP): return False, ARK_ERRMSG_CONTENT[1201] pg = Group.objects.get(id=pgid) if cg.inventory != pg.inventory: return False, 'child group and parent group' \ 'are not in the same inventory' if cg == pg: return False, 'cannot add group to itself' if GroupAPI.__is_leaf_group(pg): return False, 'parent主机组不能是叶子主机组' if cg.parent_groups.filter(id=pg.id).exists(): return True, None if cg in pg.ancestors: return False, '形成环了' cg.parent_groups.add(pg) return True, None except Exception as e: return False, str(e)
def remove_from_group(user, cgid, pgid): try: cg = Group.objects.get(id=cgid) pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_INV, cg.inventory.id ) if not pm_list.get(PM_REMOVE_GROUP_FROM_GROUP): return False, ARK_ERRMSG_CONTENT[1201] pg = Group.objects.get(id=pgid) if cg.inventory != pg.inventory: return False, 'child group and parent group' \ 'are not in the same inventory' if cg == pg: return False, 'cannot delete group from itself' if not cg.parent_groups.filter(id=pg.id).exists(): return False, 'child group does not belong to parent group' cg.parent_groups.remove(pg) return True, None except Exception as e: return False, str(e)
def inventories_view(request): try: status, msg, orgs = OrganizationAPI.all(request.user) if not status: return HttpResponse(msg) filted_orgs = [] for org in orgs: if InternalAPI.get_user_permissions_on_resource( request.user, RS_ORG, org.id ).get(PM_CREATE_INVENTORY): filted_orgs.append(org) context = { 'app': app, 'organizations': filted_orgs, 'path_api_inventories': reverse('inventory:api_inventories'), 'path_api_inventory_create': reverse('inventory:api_inventory_create') } return render(request, 'inventory/inventories.html', context) except Exception as e: return HttpResponse(str(e))
def organizations_view(request): user = request.user try: status, errmsg, orgs = OrganizationAPI.all(user=user) if not status: return render(request, 'error.html', {ARK_ERRMSG: errmsg}) pm_list = InternalAPI.get_user_permissions_on_resource( user=user, resource_type=RS_SYS) if PM_CREATE_ORGANIZATION not in pm_list: pm_create_org = False else: pm_create_org = pm_list[PM_CREATE_ORGANIZATION] if PM_DELETE_ORGANIZATION not in pm_list: pm_delete_org = False else: pm_delete_org = pm_list[PM_DELETE_ORGANIZATION] context = { 'app': app, 'pm_create_org': pm_create_org, 'pm_delete_org': pm_delete_org, 'organizations': orgs, } return render(request, 'organization/organization_list.html', context) except Exception as e: return render(request, 'error.html', {ARK_ERRMSG: str(e)})
def inventory_host_detail_view(request, inventory_id, host_id): try: status, msg, inv = InventoryAPI.get(request.user, inventory_id) if not status: return HttpResponse(msg) status, msg, host = HostAPI.get(request.user, host_id) if not status: return HttpResponse(msg) if host.inventory != inv: return HttpResponse(ARK_ERRMSG_CONTENT[1201]) context = { 'app': app, 'inventory': inv, 'pm': InternalAPI.get_user_permissions_on_resource( request.user, RS_INV, inv.id ), 'host': host, 'path_api_edit': reverse('inventory:api_host_edit', kwargs={'host_id': host.id}) } return render(request, 'inventory/inventory_host_detail.html', context) except Exception as e: return HttpResponse(str(e))
def team_info_user_view(request, team_id): ''' 团队内用户的view :param request: :param team_id: :return: ''' user = request.user try: if request.method == 'GET': status, errmsg, team = TeamAPI.get(user=user, team_id=team_id) if not status: return HttpResponse(errmsg) status, errmsg, team_users = TeamAPI.get_team_users(user, team_id) if not status: return HttpResponse(errmsg) pm_list = InternalAPI.get_user_permissions_on_resource( user=user, resource_type=RS_TEAM, resource_id=team.id) if PM_ADD_TEAM_ROLE not in pm_list: pm_add_team_role = False else: pm_add_team_role = pm_list[PM_ADD_TEAM_ROLE] # 不能添加团队角色 相当于不能给团队添加用户 也就是该user是个普通用户 if not pm_add_team_role: team_users = team_users.exclude( roles__name__in=[RO_SYS_ADMIN, RO_ORG_ADMIN]) team_users_with_role = list() for user_item in team_users: user_role_on_team = InternalAPI.get_user_roles_on_resource( user=user_item, resource_type=RS_TEAM, resource_id=team_id) team_users_with_role.append([user_item, user_role_on_team]) system_admin = Helper.is_system_admin(user) context = { 'app': app, 'team': team, 'pm_add_team_role': pm_add_team_role, 'team_users': team_users_with_role, 'system_admin': system_admin } return render(request, 'organization/team_info_user.html', context) except Exception as e: return HttpResponse(str(e))
def all(user): try: orgs = InternalAPI.get_user_resources_by_resource_type( user, RS_ORG) orgs = orgs.distinct() return True, None, orgs except Exception as e: return False, str(e), None
def create(user, organization_id, name, description=None, vars=None): try: pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_ORG, organization_id ) if not pm_list.get(PM_CREATE_INVENTORY): return False, ARK_ERRMSG_CONTENT[1201] org = Organization.objects.get(id=organization_id) if not name or len(name)<4 or len(name)>32: return False, '名称长度必须为4~32个字符' if Inventory.objects.filter(name=name, organization=org).exists(): return False, '组织中已存在同名仓库' inv = Inventory(name=name, organization=org) if description is not None: if len(description) > 128: return False, '描述长度必须小于等于128个字符' inv.description = description if vars is not None: if vars != '': try: tmp_vars = json.loads(vars) if not isinstance(tmp_vars, dict): return False, '变量必须为对象形式的数据' except json.decoder.JSONDecodeError: return False, '变量必须为JSON格式的数据' inv.vars = vars with transaction.atomic(): inv.save() InternalAPI.update_resource_and_roles_relationship( RS_INV, inv.id ) return True, None except Exception as e: return False, str(e) if settings.DEBUG else '未知的错误'
def all(user): try: tems = InternalAPI.get_user_resources_by_resource_type( user, RS_TEM) return True, None, tems except Exception as e: return False, str(e), None
def update( user, host_id, name=None, ip=None, description=None, status=None, vars=None ): try: host = Host.objects.get(id=host_id) pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_INV, host.inventory.id ) if not pm_list.get(PM_UPDATE_HOST): return False, ARK_ERRMSG_CONTENT[1201] if name is not None: if len(name)<4 or len(name)>64: return False, '名称长度必须为4~64个字符' if Host.objects.filter(name=name, inventory=host.inventory).exclude(id=host.id).exists(): return False, '仓库中已存在同名主机' host.name = name if ip is not None: if not ip: return False, '必须填写IP地址' if not is_valid_ip_address(ip): return False, 'IP地址非法' host.ip = ip if description is not None: if len(description) > 128: return False, '描述长度必须小于等于128个字符' host.description = description if status is not None: host.status = status if vars is not None: if vars != '': try: tmp_vars = json.loads(vars) if not isinstance(tmp_vars, dict): return False, '变量必须为对象形式的数据' except json.decoder.JSONDecodeError: return False, '变量必须为JSON格式的数据' host.vars = vars host.save() return True, None except Exception as e: return False, str(e)
def all(user): try: tems = InternalAPI.get_user_resources_by_resource_type( user, RS_TEM) jobs = Job.objects.filter(job_template__in=tems) return True, None, jobs except Exception as e: return False, str(e), None
def team_info_detail_view(request, team_id): context = dict() user = request.user try: if request.method == 'GET': status, errmsg, team = TeamAPI.get(user=user, team_id=team_id) if not status: return HttpResponse(errmsg) choices = [(team.organization.id, team.organization.name)] team_info_form = TeamInfoForm(initial={ 'name': team.name, 'description': team.description }) team_info_form.fields['organization'].choices = choices pm_list = InternalAPI.get_user_permissions_on_resource( user=user, resource_type=RS_TEAM, resource_id=team.id) if PM_UPDATE_TEAM not in pm_list: pm_update_team = False else: pm_update_team = pm_list[PM_UPDATE_TEAM] if not pm_update_team: fields = ['name', 'description', 'organization'] for field in fields: team_info_form.fields[field].widget.attrs.update( {'disabled': 'true'}) context = { 'app': app, 'team': team, 'team_info_form': team_info_form, 'pm_update_team': pm_update_team } return render(request, 'organization/team_info_detail.html', context) elif request.method == 'POST': team_info_form = TeamInfoForm(request.POST) if team_info_form.is_valid(): team_info_form = team_info_form.cleaned_data name = team_info_form.get('name') description = team_info_form.get('description') status, errmsg = TeamAPI.update(user=user, team_id=team_id, name=name, description=description) if not status: return HttpResponse(errmsg) else: return HttpResponseRedirect( reverse('organization:team_info_detail', kwargs={'team_id': team_id})) else: context[ARK_ERRMSG] = team_info_form.errors return render(request, 'error.html', context) except Exception as e: context[ARK_ERRMSG] = str(e) return render(request, 'error.html', context)
def team_info_user_add_view(request, team_id): ''' 向团队内添加用户的view :param request: :param team_id: :return: ''' user = request.user try: if request.method == 'GET': status, errmsg, team = TeamAPI.get(user=user, team_id=team_id) if not status: return HttpResponse(errmsg) org_users = team.organization.users # 列出该组织内没有团队的用户 all_teams = Team.objects.all() org_users_not_has_team = org_users.exclude( roles__team__in=all_teams).all() pm_list = InternalAPI.get_user_permissions_on_resource( user=user, resource_type=RS_TEAM, resource_id=team.id) if PM_ADD_TEAM_ROLE not in pm_list: pm_add_team_role = False else: pm_add_team_role = pm_list[PM_ADD_TEAM_ROLE] if not pm_add_team_role: return HttpResponse(ARK_ERRMSG_CONTENT[1201]) context = { 'app': app, 'organization': team.organization, 'organization_id': team.organization.id, 'team': team, 'org_users_not_has_team': org_users_not_has_team, } return render(request, 'organization/team_info_user_add.html', context) else: if request.is_ajax() and request.method == 'POST': ajax_data = request.POST.get('data') data = json.loads(ajax_data) user_ids = data.get('user_ids') team_role = int(data.get('team_role')) for user_id in user_ids: status, errmsg = UserAndTeamRoleAPI.add_role_to_user( user=user, target_user_id=int(user_id), role_id=team_role) if not status: return JsonResponse({ ARK_STATUS: False, ARK_ERRMSG: errmsg }) else: return JsonResponse({ARK_STATUS: True}) except Exception as e: return HttpResponse(str(e))
def create( user, inventory_id, name, ip, description=None, status=None, vars=None ): try: pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_INV, inventory_id ) if not pm_list.get(PM_CREATE_HOST): return False, ARK_ERRMSG_CONTENT[1201] inv = Inventory.objects.get(id=inventory_id) if not name or len(name)<4 or len(name)>64: return False, '名称长度必须为4~64个字符' if Host.objects.filter(name=name, inventory=inv).exists(): return False, '仓库中已存在同名主机' if not ip: return False, '必须填写IP地址' if not is_valid_ip_address(ip): return False, 'IP地址非法' if Host.objects.filter(ip=ip, inventory=inv).exists(): return False, '仓库中已存在相同IP地址' host = Host(name=name, ip=ip, inventory=inv) if description is not None: if len(description) > 128: return False, '描述长度必须小于等于128个字符' host.description = description if vars is not None: if vars != '': try: tmp_vars = json.loads(vars) if not isinstance(tmp_vars, dict): return False, '变量必须为对象形式的数据' except json.decoder.JSONDecodeError: return False, '变量必须为JSON格式的数据' host.vars = vars if status is not None: host.status = status host.save() return True, None except Exception as e: return False, str(e) if settings.DEBUG else '未知的错误'
def organization_detail_view(request, organization_id): user = request.user try: if request.method == 'GET': status, errmsg, organization = OrganizationAPI.get( user=user, organization_id=organization_id) if not status: return HttpResponse(errmsg) pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_ORG, organization_id) if PM_UPDATE_ORGANIZATION not in pm_list: pm_update_org = False else: pm_update_org = pm_list[PM_UPDATE_ORGANIZATION] # 组织信息 org_info_form = OrganizationInfoForm( initial={ 'name': organization.name, 'description': organization.description }) if not pm_update_org: org_info_form.fields['name'].widget.attrs.update( {'disabled': 'true'}) org_info_form.fields['description'].widget.attrs.update( {'disabled': 'true'}) context = { 'app': app, 'org_info_form': org_info_form, 'organization': organization, 'pm_update_org': pm_update_org, 'organization_id': organization_id, } return render(request, 'organization/organization_info_detail.html', context) elif request.method == 'POST': data = request.POST org_info_form = OrganizationInfoForm(data) if org_info_form.is_valid(): data = org_info_form.cleaned_data name = data.get('name') description = data.get('description') status, errmsg = OrganizationAPI.update( user=user, organization_id=organization_id, name=name, description=description) if not status: return HttpResponse(errmsg) return HttpResponseRedirect( reverse('organization:organization_detail', kwargs={'organization_id': organization_id})) else: return HttpResponse(org_info_form.errors) except Exception as e: return HttpResponse(str(e))
def organization_user_add_view(request, organization_id): user = request.user try: if request.method == 'GET': status, errmsg, organization = OrganizationAPI.get( user=user, organization_id=organization_id) if not status: return HttpResponse(errmsg) org_users = organization.users pm_list = InternalAPI.get_user_permissions_on_resource( user=user, resource_type=RS_ORG, resource_id=organization.id) if PM_ADD_ORGANIZATION_ROLE not in pm_list: pm_add_organization_role = False else: pm_add_organization_role = pm_list[PM_ADD_ORGANIZATION_ROLE] # 列出没有组织的普通用户 users_not_has_org = None all_orgs = Organization.objects.all() if pm_add_organization_role: users_not_has_org = User.objects.\ exclude(roles__organization__in=all_orgs).\ exclude(roles__name=RO_SYS_ADMIN).all().distinct() else: return HttpResponse(ARK_ERRMSG_CONTENT[1201]) context = { 'app': app, 'organization': organization, 'organization_id': organization_id, 'org_users': org_users, 'users_not_has_org': users_not_has_org } return render(request, 'organization/organization_info_user_add.html', context) else: if request.is_ajax() and request.method == 'POST': ajax_data = request.POST.get('data') data = json.loads(ajax_data) user_ids = data.get('user_ids') org_role = int(data.get('org_role')) for user_id in user_ids: status, errmsg, = UserAndTeamRoleAPI.add_role_to_user( user=user, target_user_id=int(user_id), role_id=org_role) if not status: return JsonResponse({ ARK_STATUS: False, ARK_ERRMSG: errmsg }) else: return JsonResponse({ARK_STATUS: True}) except Exception as e: return HttpResponse(str(e))
def project_roles_view(request, project_id): try: status, errmsg, pro = ProjectAPI.get(request.user, project_id) if not status: return render(request, 'error.html', {ARK_ERRMSG: errmsg}) users = pro.users users_with_roles = list() for user in users: status, errmsg, roles = \ UserAndTeamRoleAPI.get_user_roles_on_resource( user=request.user, target_user_id=user.id, resource_type=RS_PROJECT, resource_id=project_id ) if status: users_with_roles.append([user, roles]) teams = pro.teams teams_with_roles = list() for team in teams: status, errmsg, roles = \ UserAndTeamRoleAPI.get_team_roles_on_resource( user=request.user, target_team_id=team.id, resource_type=RS_PROJECT, resource_id=project_id ) if status: teams_with_roles.append([team, roles]) all_users = pro.organization.users all_teams = pro.organization.team_set.all() pm_list = InternalAPI.get_user_permissions_on_resource( user=request.user, resource_type=RS_PROJECT, resource_id=pro.id) context = { 'app': project_app, 'project': pro, 'pm': pm_list, 'users_with_roles': users_with_roles, 'teams_with_roles': teams_with_roles, 'all_users': all_users, 'all_teams': all_teams, 'roles': pro.roles.filter(resource_type=RS_PROJECT), } return render(request, 'project/project_roles.html', context) except Exception as e: return render(request, 'error.html', {ARK_ERRMSG: str(e)})
def template_roles_view(request, template_id): try: status, msg, tem = TemplateAPI.get(request.user, template_id) if not status: return HttpResponse(msg) users = tem.users users_with_roles = [] for user in users: status, msg, roles = UserAndTeamRoleAPI.get_user_roles_on_resource( request.user, user.id, RS_TEM, template_id) if status: users_with_roles.append([user, roles]) teams = tem.teams teams_with_roles = [] for team in teams: status, msg, roles = UserAndTeamRoleAPI.get_team_roles_on_resource( request.user, team.id, RS_TEM, template_id) if status: teams_with_roles.append([team, roles]) all_users = tem.organization.users context = { 'app': template_app, 'template': tem, 'pm': InternalAPI.get_user_permissions_on_resource( request.user, RS_TEM, tem.id), 'users_with_roles': users_with_roles, 'teams_with_roles': teams_with_roles, 'all_users': all_users, 'all_teams': tem.organization.team_set.all(), 'roles': tem.roles.filter(resource_type=RS_TEM), } return render(request, 'project/template_roles.html', context) except Exception as e: return HttpResponse(str(e))
def team_info_role_view(request, team_id): context = dict() user = request.user try: if request.method == 'GET': status, errmsg, result = UserAndTeamRoleAPI.get_team_role( user=user, team_id=team_id) if not status: context = {'errmsg': errmsg} return render(request, 'error.html', context) status, errmsg, team = TeamAPI.get(user=user, team_id=team_id) if not status: context = {'errmsg': errmsg} return render(request, 'error.html', context) # is_system_admin = Helper.is_system_admin(target_user) pm_list = InternalAPI.get_user_permissions_on_resource( user=user, resource_type=RS_SYS) if PM_ADD_SYSTEM_ROLE in pm_list: pm_add_system_role = pm_list[PM_ADD_SYSTEM_ROLE] else: pm_add_system_role = False pm_add_team_role = False team_pm_list = InternalAPI.get_user_permissions_on_resource( user=user, resource_type=RS_TEAM, resource_id=team_id) if PM_ADD_TEAM_ROLE in team_pm_list: pm_add_team_role = team_pm_list[PM_ADD_TEAM_ROLE] context = { 'app': app, 'team_role': result, 'team': team, 'pm_add_system_role': pm_add_system_role, 'pm_add_team_role': pm_add_team_role } return render(request, 'organization/team_info_role.html', context) except Exception as e: context[ARK_ERRMSG] = str(e) return render(request, 'error.html', context)
def get(user, job_id): try: job = Job.objects.get(id=job_id) pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_TEM, job.job_template.id) if not pm_list[PM_RETRIEVE_JOB]: return False, ARK_ERRMSG_CONTENT[1201], None return True, None, job except Exception as e: return False, str(e), None
def update(user, project_id, name=None, url=None, username=None, scm_type=None, description=None, branch=None, revision=None): try: errmsg = list() if project_id == None: errmsg.append('项目ID不能为空') if len(errmsg) != 0: return False, ','.join(errmsg), None pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_PRO, project_id) if not pm_list[PM_UPDATE_PROJECT]: return False, ARK_ERRMSG_CONTENT[1201] pro = Project.objects.get(id=project_id) if name is not None: pro.name = name if description is not None and len(description) != 0: pro.description = description else: pro.description = '' if url is not None and len(url): pro.url = url if branch is not None and len(branch): pro.branch = branch if revision is not None and len(revision): pro.revision = revision if username is not None and len(username): pro.username = username if scm_type is not None: pro.scm_type = scm_type pro.save() return True, None except Exception as e: return False, str(e)
def sync(user, project_id, password): try: pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_PRO, project_id) if not pm_list[PM_SYNC_PROJECT]: return False, ARK_ERRMSG_CONTENT[1201] pro = Project.objects.get(id=project_id) # 先在数据库里创建一条job记录,再向gearman发一个任务 job = Job.objects.create( name='update_repo', description='sync git', status='pending', start_time=timezone.now(), end_time=timezone.now(), result='', user=user, job_template=None, ) client = gear.Client() client.addServer(settings.GEARMAN_SERVER, 4730) client.waitForServer() job.status = 'running' job.save() pro.last_sync_job = job pro.save() job_data = { 'callback_url': settings.CALLBACK_HOST + reverse('job:remote_update', kwargs={'job_id': job.id}), 'inventory_file': settings.GIT_SYNC_INVENTORY, 'playbook_file': settings.GIT_SYNC_PLAYBOOK, 'args': { 'extra_variables': { 'gituser': pro.username, 'gitpassword': password, 'giturl': pro.url.replace('https://', ''), 'gitbranch': pro.branch, }, }, } gearman_job = gear.Job('run_playbook', bytes(json.dumps(job_data), 'utf-8')) client.submitJob(gearman_job, background=True) return True, None except Exception as e: return False, str(e)
def get(user, template_id): try: pm_list = InternalAPI.get_user_permissions_on_resource( user, RS_TEM, template_id) if not pm_list[PM_RETRIEVE_TEMPLATE]: return False, ARK_ERRMSG_CONTENT[1201], None tem = JobTemplate.objects.get(id=template_id) return True, None, tem except Exception as e: return False, str(e), None