def get(self, request, *args, **kwargs):
ding_config = DingConfig.get_current()
ding_config.sync_state = 'push'
ding_config.save()
task = override_ding.delay()
return Response({'task_id': task.task_id, 'task_msg': 'override ding'})
def test_ding_qr_login(self, mock_get_ding_id):
ding_config = DingConfig.get_current()
ding_config.__dict__.update(qr_app_id='qr_app_id',
qr_app_secret='qr_app_secret',
qr_app_valid=True)
ding_config.save()
user = User.objects.create(username='******',
password='******',
name='张三',
mobile='18812341234')
user.save()
ding_id = 'ding_idding_id'
ding_user = DingUser.valid_objects.create(ding_id=ding_id, user=user)
ding_user.save()
client = self.client
mock_get_ding_id.side_effect = [{'ding_id': 'ding_idding_id',\
'openid': 'openidopenid', 'unionid': 'unionidunionid'}]
res = client.post(reverse('siteapi:ding_qr_callback'),
data={
'code': 'CODE...........',
'state': 'STATE'
})
expect = ['token', 'uuid', 'user_id', 'username', 'name', 'email', 'mobile',\
'employee_number', 'gender', 'ding_user', 'perms', 'avatar', 'roles',\
'private_email', 'position', 'is_settled', 'is_manager', 'is_admin', 'is_extern_user', 'origin_verbose']
res_dict = res.json()
res_keys = list(res_dict.keys())
self.assertEqual(res_keys, expect)
def test_meta(self):
company_config = CompanyConfig.get_current()
company_config.fullname_cn = "demo"
company_config.save()
ding_config = DingConfig.get_current()
ding_config.corp_id = "corp_id"
ding_config.save()
res = self.anonymous.get(reverse('siteapi:meta'))
expect = {
'company_config': {
'name_cn': '',
'fullname_cn': 'demo',
'name_en': '',
'fullname_en': '',
'icon': '',
'address': '',
'domain': '',
'display_name': 'demo',
'color': '',
},
'ding_config': {
'corp_id': 'corp_id',
'app_key': '',
},
'account_config': {
'support_email': False,
'support_mobile': False,
'support_email_register': False,
'support_mobile_register': False,
},
}
self.assertEqual(res.json(), expect)
def test_ding_qr_login_forbidden(self):
client = self.client
ding_config = DingConfig.get_current()
ding_config.__dict__.update(qr_app_id='qr_app_id', qr_app_secret='qr_app_secret', qr_app_valid=False)
ding_config.save()
res = client.post(reverse('siteapi:ding_qr_callback'), data={'code': 'CODE...........', 'state': 'STATE'})
expect_json = {'err_msg': 'ding qr not allowed'}
expect_code = 403
self.assertEqual(res.json(), expect_json)
self.assertEqual(res.status_code, expect_code)
def get_access_token():
'''
get ding api access token
'''
ding_config = DingConfig.get_current()
token_manager = AccessTokenManager(
app_key=ding_config.app_key,
app_secret=ding_config.app_secret,
)
return token_manager.get_access_token()
def update(self, instance, validated_data):
company_config_data = validated_data.pop('company_config', None)
if company_config_data:
serializer = CompanyConfigSerializer(CompanyConfig.get_current(),
company_config_data)
serializer.is_valid(raise_exception=True)
serializer.save()
ding_config_data = validated_data.pop('ding_config', None)
if ding_config_data:
serializer = DingConfigSerializer(DingConfig.get_current(),
ding_config_data,
partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
account_config_data = validated_data.pop('account_config', None)
if account_config_data:
serializer = AccountConfigSerializer(AccountConfig.get_current(),
account_config_data,
partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
sms_config_data = validated_data.pop('sms_config', None)
if sms_config_data:
access_secret = sms_config_data.pop('access_secret', '')
serializer = SMSConfigSerializer(SMSConfig.get_current(),
sms_config_data,
partial=True)
serializer.is_valid(raise_exception=True) # pylint: disable=not-callable
config = serializer.save()
if access_secret and access_secret != config.access_secret_encrypt:
config.access_secret = access_secret
config.is_valid = config.check_valid()
config.save()
email_config_data = validated_data.pop('email_config', None)
if email_config_data:
access_secret = email_config_data.pop('access_secret', '')
serializer = EmailConfigSerializer(EmailConfig.get_current(),
email_config_data,
partial=True)
serializer.is_valid(raise_exception=True) # pylint: disable=not-callable
config = serializer.save()
if access_secret and access_secret != config.access_secret_encrypt:
config.access_secret = access_secret
config.is_valid = config.check_valid()
config.save()
instance.refresh_from_db()
return instance
def sync_ding():
'''
同步钉钉数据
'''
ding_config = DingConfig.get_current()
if ding_config.sync_state == 'pull':
import_ding()
elif ding_config.sync_state == 'push':
override_ding()
elif ding_config.sync_state == '':
return
def setUp(self):
super().setUp()
account_config = AccountConfig.get_current()
account_config.allow_email = True
account_config.allow_mobile = True
account_config.allow_register = True
account_config.allow_ding_qr = True
account_config.save()
ding_config = DingConfig.get_current()
ding_config.qr_app_valid = True
ding_config.save()
def entrypoint():
'''
import dingding data
'''
ding_config = DingConfig.get_current()
token_manager = AccessTokenManager(ding_config.app_key, ding_config.app_secret, DINGDING_APP_VERSION)
department_manager = DepartmentManager(token_manager)
user_manager = UserManager(token_manager)
role_manager = RoleManager(token_manager)
db_executer = cli_factory(EXECUTERS)(User.objects.get(username='******'))
root_dep = Dept.objects.get(uid=DEPARTMENT_ROOT_UID)
build_department_user_rawdata(db_executer, user_manager, department_manager, DEPARTMENT_ROOT_ID, root_dep)
build_group_rawdata(db_executer, role_manager)
def test_ding_qr_login(self, mock_get_ding_id):
ding_config = DingConfig.get_current()
ding_config.__dict__.update(qr_app_id='qr_app_id', qr_app_secret='qr_app_secret', qr_app_valid=True)
ding_config.save()
user = User.objects.create(username='******', password='******', name='张三', mobile='18812341234')
user.save()
ding_id = 'test_ding_id'
ding_user = DingUser.valid_objects.create(ding_id=ding_id, user=user)
ding_user.save()
client = self.client
mock_get_ding_id.side_effect = ['test_ding_id']
res = client.post(reverse('siteapi:ding_qr_callback'), data={'code': 'CODE...........', 'state': 'STATE'})
self.assertIsNot('', res.json()['token'])
def get_ding_id(self):
'''
从钉钉获取dingId
'''
appid = DingConfig.get_current().qr_app_id
appsecret = DingConfig.get_current().qr_app_secret
access_token = requests.get(constants.QR_GET_ACCESS_TOKEN_URL, params={'appid':appid,\
'appsecret':appsecret}).json()['access_token']
get_psstt_code = requests.post(constants.QR_GET_PSSTT_CODE_URL, params={'access_token':access_token},\
json={'tmp_auth_code':self.code})
openid = get_psstt_code.json()['openid']
persistent_code = get_psstt_code.json()['persistent_code']
sns_token = requests.post(constants.QR_GET_SNS_TOKEN_URL, params={'access_token':access_token},\
json={'openid':openid, 'persistent_code':persistent_code}).json()['sns_token']
resp = requests.get(constants.QR_GET_USER_INFO_URL,\
params={'sns_token': sns_token}).json()
errcode = resp.get('errcode', '')
errmsg = resp.get('errmsg', '')
if errcode != 0:
raise APICallError('Failed to get ding id,code:%s, msg:%s' % (errcode, errmsg))
self.ding_id = resp.get('user_info', '')['dingId']
return self.ding_id
def entrypoint():
'''
override dingding data
'''
ding_config = DingConfig.get_current()
token_manager = AccessTokenManager(ding_config.app_key,
ding_config.app_secret,
DINGDING_APP_VERSION)
department_manager = DepartmentManager(token_manager)
user_manager = UserManager(token_manager)
override_ding_dept(department_manager)
override_ding_role(department_manager)
override_ding_user(user_manager)
def __init__(self, app_key=None, app_secret=None, app_version=None, agent_id=None):
"""
初始化钉钉相关参数
"""
if app_key and app_secret and app_version and agent_id:
self.token_manager = AccessTokenManager(app_key, app_secret, app_version)
else:
ding_config = DingConfig.get_current()
self.token_manager = AccessTokenManager(ding_config.app_key, ding_config.app_secret, DINGDING_APP_VERSION)
self.user_manager = UserManager(self.token_manager)
self.dept_manager = DepartmentManager(self.token_manager)
self.role_manager = RoleManager(self.token_manager)
self.agent_id = AGENT_ID
def get_ding_id(self, code):
'''
从钉钉获取ding_id
'''
appid = DingConfig.get_current().qr_app_id
appsecret = DingConfig.get_current().qr_app_secret
access_token = requests.get(self.get_access_url, params={'appid':appid,\
'appsecret':appsecret}).json()['access_token']
get_psstt_code = requests.post(self.get_persistent_code_url, params={'access_token':access_token},\
json={'tmp_auth_code':code})
openid = get_psstt_code.json()['openid']
persistent_code = get_psstt_code.json()['persistent_code']
sns_token = requests.post(self.get_sns_url, params={'access_token':access_token},\
json={'openid':openid, 'persistent_code':persistent_code}).json()['sns_token']
user_info = requests.get(self.get_ding_info_url,
params={
'sns_token': sns_token
}).json()['user_info']
user_ids = {
'ding_id': user_info['dingId'],
'openid': user_info['openid'],
'unionid': user_info['unionid']
}
return user_ids
def __init__(self,
app_key=None,
app_secret=None,
app_version=None,
agent_id=None):
"""
初始化钉钉相关参数
"""
if app_key and app_secret and app_version and agent_id:
self.token_manager = AccessTokenManager(app_key, app_secret,
app_version)
else:
ding_config = DingConfig.get_current()
self.token_manager = AccessTokenManager(
ding_config.app_key, ding_config.app_secret,
TOKEN_FROM_APPKEY_APPSECRET)
self.user_manager = UserManager(self.token_manager)
self.dept_manager = DepartmentManager(self.token_manager)
self.role_manager = RoleManager(self.token_manager)
def test_meta(self):
account_config = AccountConfig.get_current()
account_config.allow_ding_qr = True
account_config.save()
company_config = CompanyConfig.get_current()
company_config.fullname_cn = "demo"
company_config.save()
ding_config = DingConfig.get_current()
ding_config.corp_id = "corp_id"
ding_config.qr_app_id = 'qr_app_id'
ding_config.qr_app_valid = True
ding_config.save()
res = self.anonymous.get(reverse('siteapi:meta'))
expect = {
'company_config': {
'name_cn': '',
'fullname_cn': 'demo',
'name_en': '',
'fullname_en': '',
'icon': '',
'address': '',
'domain': '',
'display_name': 'demo',
'color': '',
},
'ding_config': {
'corp_id': 'corp_id',
'app_key': '',
'qr_app_id':'qr_app_id',
'qr_callback_url':'http://localhost/siteapi/v1/ding/qr/callback/'
},
'account_config': {
'support_email': False,
'support_mobile': False,
'support_email_register': False,
'support_mobile_register': False,
'support_ding_qr': True,
},
}
self.assertEqual(res.json(), expect)
def test_meta(self):
account_config = AccountConfig.get_current()
account_config.allow_ding_qr = True
account_config.allow_alipay_qr = True
account_config.allow_qq_qr = True
account_config.allow_work_wechat_qr = True
account_config.allow_wechat_qr = True
account_config.save()
company_config = CompanyConfig.get_current()
company_config.fullname_cn = "demo"
company_config.save()
ding_config = DingConfig.get_current()
ding_config.corp_id = "corp_id"
ding_config.qr_app_id = 'qr_app_id'
ding_config.qr_app_valid = True
ding_config.save()
alipay_config = AlipayConfig.get_current()
alipay_config.app_id = 'test_app_id'
alipay_config.qr_app_valid = True
alipay_config.save()
qq_config = QQConfig.get_current()
qq_config.app_id = 'test_app_id'
qq_config.redirect_uri = 'test_redirect_uri'
qq_config.qr_app_valid = True
qq_config.save()
work_wechat_config = WorkWechatConfig.get_current()
work_wechat_config.corp_id = 'test_corp_id'
work_wechat_config.agent_id = 'test_agent_id'
work_wechat_config.qr_app_valid = True
work_wechat_config.save()
wechat_config = WechatConfig.get_current()
wechat_config.appid = 'test_appid'
wechat_config.secret = 'test_secret'
wechat_config.qr_app_valid = True
wechat_config.save()
contactsconfig = ContactsConfig.get_current()
contactsconfig.is_show = True
contactsconfig.save()
res = self.anonymous.get(reverse('siteapi:meta'))
expect = {
'company_config': {
'name_cn': '',
'fullname_cn': 'demo',
'name_en': '',
'fullname_en': '',
'icon': '',
'address': '',
'domain': '',
'display_name': 'demo',
'color': '',
},
'ding_config': {
'corp_id': 'corp_id',
'app_key': '',
'qr_app_id': 'qr_app_id',
},
'account_config': {
'support_email': False,
'support_mobile': False,
'support_email_register': False,
'support_mobile_register': False,
'support_ding_qr': True,
'support_alipay_qr': True,
'support_qq_qr': True,
'support_work_wechat_qr': True,
'support_wechat_qr': True,
},
'alipay_config': {
'app_id': 'test_app_id',
},
'qq_config': {
'app_id': 'test_app_id',
},
'work_wechat_config': {
'corp_id': 'test_corp_id',
'agent_id': 'test_agent_id'
},
'wechat_config': {
'appid': 'test_appid'
},
"contacts_config": {
"is_show": True
}
}
self.assertEqual(res.json(), expect)
def update(self, instance, validated_data): # pylint: disable=too-many-locals, too-many-statements, too-many-branches
company_config_data = validated_data.pop('company_config', None)
if company_config_data:
if not Dept.valid_objects.filter(parent__uid='root').exists():
uid = gen_uid(name=company_config_data.get('name_cn', ''),
cls=Dept)
parent_dept = Dept.valid_objects.filter(uid='root').first()
cli = CLI()
dept_data = {
'parent_uid': 'root',
'name': company_config_data.get('name_cn', ''),
'uid': uid,
}
child_dept = cli.create_dept(dept_data)
cli.add_dept_to_dept(child_dept, parent_dept)
else:
company_dept = Dept.valid_objects.filter(
parent__uid='root').first()
company_dept.name = company_config_data.get('name_cn', '')
company_dept.save()
serializer = CompanyConfigSerializer(CompanyConfig.get_current(),
company_config_data)
serializer.is_valid(raise_exception=True)
serializer.save()
account_config_data = validated_data.pop('account_config', None)
if account_config_data:
serializer = AccountConfigSerializer(AccountConfig.get_current(),
account_config_data,
partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
ding_config_data = validated_data.pop('ding_config', None)
if ding_config_data:
serializer = DingConfigSerializer(DingConfig.get_current(),
ding_config_data,
partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
sms_config_data = validated_data.pop('sms_config', None)
if sms_config_data:
access_secret = sms_config_data.pop('access_secret', '')
config = SMSConfig.get_current()
serializer = SMSConfigSerializer(config,
sms_config_data,
partial=True)
serializer.is_valid(raise_exception=True) # pylint: disable=not-callable
config.__dict__.update(serializer.validated_data)
if access_secret:
config.access_secret = access_secret
if not config.check_valid():
raise ValidationError({'sms': ['invalid']})
config.is_valid = True
config.save()
email_config_data = validated_data.pop('email_config', None)
if email_config_data:
access_secret = email_config_data.pop('access_secret', '')
config = EmailConfig.get_current()
serializer = EmailConfigSerializer(config,
email_config_data,
partial=True)
serializer.is_valid(raise_exception=True) # pylint: disable=not-callable
config.__dict__.update(serializer.validated_data)
if access_secret:
config.access_secret = access_secret
if not config.check_valid():
raise ValidationError({'email': ['invalid']})
config.is_valid = True
config.save()
alipay_config_data = validated_data.pop('alipay_config', None)
if alipay_config_data:
if alipay_config_data["app_id"] != '':
serializer = AlipayConfigSerializer(AlipayConfig.get_current(),
alipay_config_data,
partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
qq_config_data = validated_data.pop('qq_config', None)
if qq_config_data:
serializer = QQConfigSerializer(QQConfig.get_current(),
qq_config_data,
partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
work_wechat_config_data = validated_data.pop('work_wechat_config',
None)
if work_wechat_config_data:
serializer = WorkWechatConfigSerializer(WorkWechatConfig.get_current(),\
work_wechat_config_data, partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
wechat_config_data = validated_data.pop('wechat_config', None)
if wechat_config_data:
serializer = WechatConfigSerializer(WechatConfig.get_current(),\
wechat_config_data, partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
password_config_data = validated_data.pop('password_config', None)
if password_config_data:
config = PasswordComplexityConfig.get_current()
serializer = PasswordConfigSerializer(config,
password_config_data,
partial=True)
serializer.is_valid(raise_exception=True) # pylint: disable=not-callable
config.__dict__.update(serializer.validated_data)
config.save()
github_config = validated_data.pop('github_config', None)
if github_config:
config = GithubConfig.get_current()
serializer = GithubConfigSerializer(config,
github_config,
partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
instance.refresh_from_db()
return instance
def update(self, instance, validated_data):
company_config_data = validated_data.pop('company_config', None)
if company_config_data:
serializer = CompanyConfigSerializer(CompanyConfig.get_current(),
company_config_data)
serializer.is_valid(raise_exception=True)
serializer.save()
ding_config_data = validated_data.pop('ding_config', None)
if ding_config_data:
serializer = DingConfigSerializer(DingConfig.get_current(),
ding_config_data,
partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
account_config_data = validated_data.pop('account_config', None)
if account_config_data:
serializer = AccountConfigSerializer(AccountConfig.get_current(),
account_config_data,
partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
sms_config_data = validated_data.pop('sms_config', None)
if sms_config_data:
access_secret = sms_config_data.pop('access_secret', '')
config = SMSConfig.get_current()
serializer = SMSConfigSerializer(config,
sms_config_data,
partial=True)
serializer.is_valid(raise_exception=True) # pylint: disable=not-callable
config.__dict__.update(serializer.validated_data)
if access_secret:
config.access_secret = access_secret
if not config.check_valid():
raise ValidationError({'sms': ['invalid']})
config.is_valid = True
config.save()
email_config_data = validated_data.pop('email_config', None)
if email_config_data:
access_secret = email_config_data.pop('access_secret', '')
config = EmailConfig.get_current()
serializer = EmailConfigSerializer(config,
email_config_data,
partial=True)
serializer.is_valid(raise_exception=True) # pylint: disable=not-callable
config.__dict__.update(serializer.validated_data)
if access_secret:
config.access_secret = access_secret
if not config.check_valid():
raise ValidationError({'email': ['invalid']})
config.is_valid = True
config.save()
instance.refresh_from_db()
return instance
def update(self, instance, validated_data):
company_config_data = validated_data.pop('company_config', None)
if company_config_data:
if not Dept.valid_objects.filter(parent__uid='root').exists():
uid = gen_uid(name=company_config_data.get('name_cn', ''), cls=Dept)
parent_dept = Dept.valid_objects.filter(uid='root').first()
cli = CLI()
dept_data = {
'parent_uid': 'root',
'name': company_config_data.get('name_cn', ''),
'uid': uid,
}
child_dept = cli.create_dept(dept_data)
cli.add_dept_to_dept(child_dept, parent_dept)
else:
company_dept = Dept.valid_objects.filter(parent__uid='root').first()
company_dept.name = company_config_data.get('name_cn', '')
company_dept.save()
serializer = CompanyConfigSerializer(CompanyConfig.get_current(), company_config_data)
serializer.is_valid(raise_exception=True)
serializer.save()
ding_config_data = validated_data.pop('ding_config', None)
if ding_config_data:
serializer = DingConfigSerializer(DingConfig.get_current(), ding_config_data, partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
account_config_data = validated_data.pop('account_config', None)
if account_config_data:
serializer = AccountConfigSerializer(AccountConfig.get_current(), account_config_data, partial=True)
serializer.is_valid(raise_exception=True)
serializer.save()
sms_config_data = validated_data.pop('sms_config', None)
if sms_config_data:
access_secret = sms_config_data.pop('access_secret', '')
config = SMSConfig.get_current()
serializer = SMSConfigSerializer(config, sms_config_data, partial=True)
serializer.is_valid(raise_exception=True) # pylint: disable=not-callable
config.__dict__.update(serializer.validated_data)
if access_secret:
config.access_secret = access_secret
if not config.check_valid():
raise ValidationError({'sms': ['invalid']})
config.is_valid = True
config.save()
email_config_data = validated_data.pop('email_config', None)
if email_config_data:
access_secret = email_config_data.pop('access_secret', '')
config = EmailConfig.get_current()
serializer = EmailConfigSerializer(config, email_config_data, partial=True)
serializer.is_valid(raise_exception=True) # pylint: disable=not-callable
config.__dict__.update(serializer.validated_data)
if access_secret:
config.access_secret = access_secret
if not config.check_valid():
raise ValidationError({'email': ['invalid']})
config.is_valid = True
config.save()
instance.refresh_from_db()
return instance
