def get_adminstrator():
"""
サイトにログインしwebページをクロールできるシステム管理者を返す
ユーザデータの加工、セッションの保存の後ログインをしている。
"""
password = '******'
admin = User.objects.get(pk=1)
admin.password = Common.oase_hash(password)
admin.last_login = datetime.datetime.now(pytz.timezone('UTC'))
admin.password_last_modified = datetime.datetime.now(pytz.timezone('UTC'))
admin.save(force_update=True)
PasswordHistory.objects.create(user_id=1,
password=Common.oase_hash(password),
last_update_timestamp=datetime.datetime.now(
pytz.timezone('UTC')),
last_update_user=admin.user_name)
client = Client()
session = client.session
session['cookie_age'] = (
datetime.datetime.now(pytz.timezone('UTC')) +
datetime.timedelta(minutes=30)).strftime('%Y-%m-%d %H:%M:%S')
session.save()
_ = client.login(username='******', password=password)
return client
def _reverse_conv_login_id_mailaddr(hash_login, hash_maddr, now):
"""
[メソッド概要]
メールアドレス変更情報取得処理
"""
rset = MailAddressModify.objects.filter(
mail_address_hash=hash_maddr).values('login_id', 'mail_address',
'url_expire')
for r in rset:
login_id = r['login_id']
hash_login_db = OaseCommon.oase_hash(login_id)
if hash_login == hash_login_db:
logger.user_log('LOSI10007', login_id, r['mail_address'])
# 有効期限チェック
if now >= r['url_expire']:
logger.logic_log('LOSI10008', now, r['url_expire'])
raise OASEError('MOSJA31016', 'LOSM10000')
mail_addr = r['mail_address']
return login_id, mail_addr
# メールアドレス変更情報取得失敗
else:
logger.user_log('LOSI10009', hash_maddr)
raise OASEError('MOSJA31010', 'LOSM10000')
def _check_password(request, mail_pass, uid):
"""
[メソッド概要]
パスワードチェック
"""
error_msg = {}
if len(mail_pass) <= 0:
error_msg['mailPw'] = get_message('MOSJA10004',
request.user.get_lang_mode())
logger.user_log('LOSI10012', request=request)
logger.logic_log('LOSM17015', request=request)
else:
password_hash = OaseCommon.oase_hash(mail_pass)
user = User.objects.get(user_id=uid)
if not user:
error_msg['mailPw'] = get_message('MOSJA32010',
request.user.get_lang_mode())
logger.user_log('LOSI10013', request=request)
logger.logic_log('LOSM17001', request=request)
if user and user.password != password_hash:
error_msg['mailPw'] = get_message('MOSJA32038',
request.user.get_lang_mode())
logger.user_log('LOSI10013', request=request)
logger.logic_log('LOSM17016', request=request)
return error_msg
def _validate(request, data, user):
"""
[メソッド概要]
入力チェック
"""
logger.logic_log(
'LOSI00001', 'user_id: %s, session_key: %s' %
(user.user_id, request.session.session_key))
error_msg = {}
if not user:
error_msg['user'] = get_message('MOSJA32010',
request.user.get_lang_mode())
logger.user_log('LOSM17001', request=request)
logger.logic_log(
'LOSI00002', 'user_id: %s, session_key: %s' %
(request.user.user_id, request.session.session_key))
return error_msg
# old_password_check
input_old_password = data['user_info']['oldPw']
if len(input_old_password) == 0:
error_msg['oldPw'] = get_message('MOSJA32012',
request.user.get_lang_mode())
logger.user_log('LOSM17002', request=request)
else:
password_hash = Common.oase_hash(input_old_password)
if user.password != password_hash:
error_msg['oldPw'] = get_message('MOSJA32013',
request.user.get_lang_mode())
logger.user_log('LOSM17003', request=request)
# new_password_check
new_password = data['user_info']['newPw']
if len(new_password) == 0:
error_msg['newPw'] = get_message('MOSJA32014',
request.user.get_lang_mode())
logger.user_log('LOSM17004', request=request)
else:
re_obj = re.match(
r'^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!#$%&()*+,-./;<=>?@\[\]^_{}|~]).{8,}$',
new_password)
if not re_obj:
error_msg['newPw'] = get_message('MOSJA32015',
request.user.get_lang_mode())
logger.user_log('LOSM17005', request=request)
new_password_conf = data['user_info']['newPwConf']
if new_password != new_password_conf:
error_msg['newPwConf'] = get_message('MOSJA32016',
request.user.get_lang_mode())
logger.user_log('LOSM17006', request=request)
logger.logic_log(
'LOSI00002', 'user_id: %s, session_key: %s' %
(request.user.user_id, request.session.session_key))
return error_msg
def onetime_pass_exec(request):
"""
[メソッド概要]
ワンタイムパスワード発行処理
"""
logger.logic_log('LOSI00001', 'None', request=request)
##################################################
# requestデータ構造チェック
##################################################
json_str = request.POST.get('user_info', None)
if json_str == None:
msg = get_message('MOSJA32009')
logger.user_log('LOSM17011', request=request)
return HttpResponseServerError(msg)
data = json.loads(json_str)
if not 'user_info' in data and \
not 'loginId' in data['user_info'] and \
not 'mailAddr' in data['user_info'] :
msg = get_message('MOSJA32009')
logger.user_log('LOSM17011', request=request)
return HttpResponseServerError(msg)
# request内容
error_flag = False
error_msg = {}
user = {}
password = ''
ttl_hour = ''
try:
with transaction.atomic():
##################################################
# 入力データチェック
##################################################
login_id = data['user_info']['loginId']
mail_address = data['user_info']['mailAddr']
user, error_flag, error_msg = _validate(request, login_id, mail_address)
##################################################
# ランダムパスワード生成
##################################################
if error_flag == False:
ttl_hour = int(System.objects.get(config_id='INITIAL_PASS_VALID_PERIOD').value)
# ランダムパスワード生成
password = RandomPassword().get_password()
update_time = datetime.datetime.now(pytz.timezone('UTC'))
user.password = Common.oase_hash(password)
user.last_update_user = user.user_name
user.last_update_timestamp = update_time
user.password_last_modified = update_time
password_expire = None
if ttl_hour == 0:
# datetime supportで日時がずれoverflowするため9000年とした
password_expire = datetime.datetime.strptime('9000-12-31 23:59:59', '%Y-%m-%d %H:%M:%S')
else:
password_expire = update_time + datetime.timedelta(hours=ttl_hour)
user.password_expire = password_expire
user.save()
except User.DoesNotExist:
error_flag = True
error_msg['loginId'] = get_message('MOSJA32031')
logger.user_log('LOSM17014', login_id, request=request)
except Exception as e:
error_flag = True
logger.logic_log('LOSI00005', traceback.format_exc(), request=request)
error_msg['db'] = get_message('MOSJA32019') + str('\n') + str(e.args)
##################################################
# ユーザにワンタイムパスワードをメールで通知
##################################################
# 署名用URL生成
req_protcol = request.scheme
req_host = request.get_host()
login_url = reverse('web_app:top:login')
inquiry_url = reverse('web_app:top:inquiry')
login_url = '%s://%s%s' % (req_protcol, req_host, login_url)
inquiry_url = '%s://%s%s' % (req_protcol, req_host, inquiry_url)
if error_flag == False:
smtp = OASEMailSMTP()
user_mail = OASEMailOnetimePasswd(
mail_address, mail_address, user.user_name, password, ttl_hour, inquiry_url, login_url
)
send_result = smtp.send_mail(user_mail)
if send_result:
send_result = get_message(send_result)
error_flag = True
error_msg['mail'] = send_result
logger.logic_log('LOSE17000', send_result, request=request)
# 結果レスポンス
response_data = {}
response_data['status'] = 'success' if error_flag == False else 'failure'
response_data['error_msg'] = error_msg
response_json = json.dumps(response_data)
logger.logic_log('LOSI00002', response_data['status'], request=request)
return HttpResponse(response_json, content_type="application/json")
def authenticate(self, request, username=None, password=None, **kwargs):
try:
with transaction.atomic():
password_hash = Common.oase_hash(password)
now = datetime.datetime.now(pytz.timezone('UTC'))
user = User.objects.select_for_update().get(
login_id=username,
login_id__contains=username,
disuse_flag='0',
sso_id=0)
uid = user.user_id
msg = None
self.check_account_lock_parameter(now, user, uid, username)
# パスワードが一致したらユーザ情報を返却し終了
if user.password == password_hash:
# ミス回数,アカウントロック回数リセット
user.password_count = 0
user.account_lock_times = 0
user.save(force_update=True)
return user
logger.logic_log('LOSI13014', username, user.password_count,
user.account_lock_times)
msg = 'MOSJA10006'
pass_err_obj = System.objects.get(
config_id='PASS_ERROR_THRESHOLD')
pass_err_int = int(pass_err_obj.value)
if pass_err_int != 0 and uid > 0:
# ミス回数カウントアップ
if user.password_count is None:
user.password_count = 1
else:
user.password_count += 1
# 規定回数到達ならばロック
if user.password_count >= pass_err_int:
locktime_obj = System.objects.get(
config_id='ACCOUNT_LOCK_PERIOD')
locktime_int = int(locktime_obj.value)
user.account_lock_time = now + timedelta(
minutes=locktime_int)
logger.logic_log('LOSI13015', username,
user.password_count, pass_err_int,
user.account_lock_time)
msg = 'MOSJA10007'
# ロックタイミングでミス回数リセット
user.password_count = 0
user.account_lock_times += 1
# アカウントロック上限回数に達したらアカウントを永久ロック&メール通知
# アカウントロック上限回数が 0 の時はロックしない
acct_lock_max = int(
System.objects.get(
config_id='ACCOUNT_LOCK_MAX_TIMES').value)
if user.account_lock_times >= acct_lock_max >= 1 and user.pk != 1:
logger.logic_log('LOSI13016', username,
user.account_lock_times,
acct_lock_max)
user.account_lock_flag = True
self._send_user_locked_mail(user.login_id, request)
msg = 'MOSJA10017'
# ユーザデータ更新
user.save(force_update=True)
except System.DoesNotExist:
logger.system_log('LOSM00001', traceback.format_exc())
msg = 'MOSJA10015'
except OASELoginError as e:
logger.user_log('LOSM00001', traceback.format_exc())
msg = e.msg_id
raise OASELoginError(msg)
def pass_ch_exec(request):
"""
[メソッド概要]
パスワード変更処理
"""
logger.logic_log(
'LOSI00001', 'user_id: %s, session_key: %s' %
(request.user.user_id, request.session.session_key))
# requestデータ構造チェック
json_str = request.POST.get('user_info', None)
if json_str == None:
msg = get_message('MOSJA32009', request.user.get_lang_mode())
logger.user_log('LOSM17000')
return HttpResponseServerError(msg)
data = json.loads(json_str)
if not 'user_info' in data and \
not 'oldPw' in data['user_info'] and \
not 'newPw' in data['user_info'] and \
not 'newPwConf' in data['user_info'] :
msg = get_message('MOSJA32009', request.user.get_lang_mode())
logger.user_log('LOSM17000')
return HttpResponseServerError(msg)
uid = request.user.user_id
if not 'loginId' in data['user_info'] and uid == '':
msg = get_message('MOSJA32009', request.user.get_lang_mode())
logger.user_log('LOSM17000')
return HttpResponseServerError(msg)
error_flag = False
error_msg = {}
try:
with transaction.atomic():
# request内容チェック
update_time = datetime.datetime.now(pytz.timezone('UTC'))
password_generation = 0
pw_history_list = PasswordHistory.objects.filter(
user_id=uid).order_by('last_update_timestamp')
##################################################
# 入力値チェック
##################################################
# Userの対象レコードをロック
user = User.objects.select_for_update().get(user_id=uid)
error_msg = _validate(request, data, user)
##################################################
# パスワード判定
##################################################
if len(error_msg) <= 0:
# 同一パスワード設定不可世代数取得
password_generation = int(
System.objects.get(config_id='Pass_generate_manage').value)
new_password_hash = Common.oase_hash(data['user_info']['newPw'])
# パスワード履歴テーブルが0以上かつパスワード履歴チェックフラグがTrueの場合、世代数分新パスワードと比較
if len(pw_history_list) > 0 and user.pass_hist_check_flag:
for pw_history in pw_history_list:
if pw_history.password == new_password_hash:
error_msg['newPw'] = get_message(
'MOSJA32018', request.user.get_lang_mode())
logger.user_log('LOSM17008', request=request)
##################################################
# ユーザ情報更新
##################################################
if len(error_msg) <= 0:
logger.user_log('LOSI17000', uid, request.session.session_key,
password_generation, len(pw_history_list))
user.password = new_password_hash
user.last_update_user = user.user_name
user.last_update_timestamp = update_time
user.password_last_modified = update_time
user.password_expire = None
user.save(force_update=True)
##################################################
# パスワード履歴の更新
##################################################
if password_generation > 0:
pw_history_list_length = len(pw_history_list)
if password_generation <= pw_history_list_length:
loop = (pw_history_list_length -
password_generation) + 1
for i in range(loop):
pw_history_list[i].delete()
new_pw_history = PasswordHistory(
user_id=user.user_id,
password=new_password_hash,
last_update_timestamp=update_time,
last_update_user=user.user_name,
)
new_pw_history.save(force_insert=True)
except User.DoesNotExist:
error_msg['user'] = get_message('MOSJA32010',
request.user.get_lang_mode())
logger.logic_log('LOSM17001', request=request)
except System.DoesNotExist:
error_msg['system'] = get_message('MOSJA32011',
request.user.get_lang_mode())
logger.logic_log('LOSM17007', 'Pass_generate_manage', request=request)
except Exception as e:
traceback.print_exc()
error_msg['db'] = get_message(
'MOSJA32019', request.user.get_lang_mode()) + str(e.args)
logger.logic_log('LOSM17009',
'traceback: %s' % (traceback.format_exc()),
request=request)
if len(error_msg) > 0:
error_flag = True
# 結果レスポンス
response_data = {}
response_data['status'] = 'success' if error_flag == False else 'failure'
response_data['error_msg'] = error_msg
response_json = json.dumps(response_data, ensure_ascii=False)
logger.logic_log(
'LOSI00002', 'user_id: %s, session_key: %s' %
(request.user.user_id, request.session.session_key))
return HttpResponse(response_json, content_type="application/json")
def modify_mailaddr(request):
"""
[メソッド概要]
メールアドレス変更処理
"""
msg = {}
error_msg = {}
result = 'success'
now = datetime.datetime.now(pytz.timezone('UTC'))
mail_pass = request.POST.get('password', '')
mail_addr = request.POST.get('mail', '')
uid = request.user.user_id
login_id = request.user.login_id
emo_chk = UnicodeCheck()
logger.logic_log('LOSI00001', mail_pass, mail_addr, request=request)
if uid == '':
error_msg = get_message('MOSJA32009', request.user.get_lang_mode())
logger.user_log('LOSM17000')
return HttpResponseServerError(error_msg)
try:
# パスワードチェック
error_msg = _check_password(request, mail_pass, uid)
# 値チェック
if mail_addr == request.user.mail_address:
error_msg['txtMailAddr'] = get_message(
'MOSJA31008', request.user.get_lang_mode())
logger.user_log('LOSI10001', login_id, mail_addr, request=request)
logger.logic_log('LOSM10000', request=request)
# バリデーションチェック
dot_string = r'[\w!#$%&\'*+\-\/=?^`{|}~]+(\.[\w!#$%&\'*+\-\/=?^`{|}~]+)*'
quoted_string = r'"([\w!#$%&\'*+\-\/=?^`{|}~. ()<>\[\]:;@,]|\\[\\"])+"'
domain = r'([a-zA-Z\d\-]+\.)+[a-zA-Z]+'
ip_v4 = r'(\d{1,3}(\.\d{1,3}){3}'
ip_v6 = r'IPv6:[\da-fA-F]{0,4}(:[\da-fA-F]{0,4}){1,5}(:\d{1,3}(\.\d{1,3}){3}|(:[\da-fA-F]{0,4}){0,2}))'
mail_ip_addr = r'\[' + ip_v4 + r'|' + ip_v6 + r'\]'
mail_pattern = r'^(' + dot_string + r'|' + quoted_string + \
r')@(' + domain + r'|' + mail_ip_addr + r')$'
if len(mail_addr) <= 0:
error_msg['txtMailAddr'] = get_message(
'MOSJA31004', request.user.get_lang_mode())
logger.user_log('LOSI10002', request=request)
logger.logic_log('LOSM10000', request=request)
elif len(mail_addr) > 256:
error_msg['txtMailAddr'] = get_message(
'MOSJA31005', request.user.get_lang_mode())
logger.user_log('LOSI10003', request=request)
logger.logic_log('LOSM10000', request=request)
# 絵文字チェック
value_list = emo_chk.is_emotion(mail_addr)
if len(value_list) > 0:
error_msg['txtMailAddr'] = get_message(
'MOSJA31018', request.user.get_lang_mode())
logger.user_log('LOSI10011', request=request)
logger.logic_log('LOSM10000', request=request)
elif not re.match(mail_pattern, mail_addr):
error_msg['txtMailAddr'] = get_message(
'MOSJA31006', request.user.get_lang_mode())
logger.user_log('LOSI10004', request=request)
logger.logic_log('LOSM10000', request=request)
# 機密情報URL生成
req_protcol = request.scheme
req_host = request.get_host()
modify_url = reverse('web_app:user:user_determ_mailaddr')
hash_login = OaseCommon.oase_hash(login_id)
hash_maddr = OaseCommon.oase_hash(mail_addr)
modify_url = '%s://%s%s?arg=%s&tok=%s' % (
req_protcol, req_host, modify_url, hash_login, hash_maddr)
# 重複チェック
error_msg = _check_duplication(request, error_msg, mail_addr, now,
login_id)
# DB保存
hour_expire = int(
System.objects.get(config_id='MAILADDR_URL_VALID_PERIOD').value)
url_expire = now + datetime.timedelta(hours=hour_expire)
rcnt = MailAddressModify.objects.filter(
login_id=login_id, login_id__contains=login_id).count()
if rcnt > 0:
MailAddressModify.objects.filter(
login_id=login_id, login_id__contains=login_id).update(
mail_address=mail_addr,
mail_address_hash=hash_maddr,
url_expire=url_expire,
last_update_timestamp=now,
last_update_user=request.user.user_name)
else:
MailAddressModify(login_id=login_id,
mail_address=mail_addr,
mail_address_hash=hash_maddr,
url_expire=url_expire,
last_update_timestamp=now,
last_update_user=request.user.user_name).save(
force_insert=True)
if len(error_msg) == 0:
# 署名用URL生成
req_protcol = request.scheme
req_host = request.get_host()
login_url = reverse('web_app:top:login')
inquiry_url = reverse('web_app:top:inquiry')
login_url = '%s://%s%s' % (req_protcol, req_host, login_url)
inquiry_url = '%s://%s%s' % (req_protcol, req_host, inquiry_url)
# メール送信
obj_smtp = OASEMailSMTP(request=request)
obj_mail = OASEMailModifyMailAddressNotify(mail_addr,
request.user.user_name,
hour_expire, modify_url,
inquiry_url, login_url)
send_result = obj_smtp.send_mail(obj_mail)
if send_result:
error_msg['system'] = get_message(send_result,
request.user.get_lang_mode())
logger.user_log('LOSI10006', request=request)
logger.logic_log('LOSM10000', request=request)
except Exception as e:
logger.logic_log('LOSI00005', traceback.format_exc(), request=request)
error_msg['system'] = get_message('MOSJA31014',
request.user.get_lang_mode())
if len(error_msg) > 0:
result = 'failure'
else:
msg['system'] = get_message('MOSJA31017', request.user.get_lang_mode())
data = {
'status': result,
'msg': msg,
'error_msg': error_msg,
}
respdata = json.dumps(data)
logger.logic_log('LOSI00002', result, request=request)
return HttpResponse(respdata, content_type="application/json")
def modify(request):
"""
[メソッド概要]
データ更新処理
"""
#====アカウント追加時の初期値====#
disp = defs.DISP_MODE.DEFAULT
lang = defs.LANG_MODE.JP
msg = ''
error_msg = ''
error_msg_user_name = ''
error_msg_login_id = ''
error_msg_mail = ''
error_msg_user_group = ''
json_str = request.POST.get('json_str',None)
logger.logic_log('LOSI00001', 'json_str: %s' % json_str, request=request)
if json_str is None:
msg = get_message('MOSJA24001', request.user.get_lang_mode())
logger.user_log('LOSM05002', request=request)
raise Http404
try:
with transaction.atomic():
json_str = json.loads(json_str)
#=================ロック=============================#
# リクエストされたグループIDを取得
group_ids_req = []
for rq in json_str['insertInfo']:
for gid in rq['add_group_id']:
if len(gid) != 0:
gid = int(gid)
if gid not in group_ids_req:
group_ids_req.append(gid)
for rq in json_str['updateInfo']:
for gid in rq['add_group_id']:
if len(gid) != 0:
gid = int(gid)
if gid not in group_ids_req:
group_ids_req.append(gid)
for gid in rq['del_group_id']:
if len(gid) != 0:
gid = int(gid)
if gid not in group_ids_req:
group_ids_req.append(gid)
group_ids_req.sort()
# グループ管理をロック
group_ids_db = []
for gid in group_ids_req:
gr = Group.objects.select_for_update().filter(group_id=gid)
if len(gr) <= 0:
logger.user_log('LOSM05005', 'group_id: %s' % gid , request=request)
continue
group_ids_db.append(gr[0].group_id)
group_ids_diff = list(set(group_ids_req) ^ set(group_ids_db))
# 更新レコードのリスト作成(administrator除く)
update_info = []
update_userid_list = []
for rq in json_str['updateInfo']:
if int(rq['user_id']) != 1:
update_info.append(rq)
update_userid_list.append(int(rq['user_id']))
else:
logger.user_log('LOSM05008', 'update_user_info: %s ' % rq , request=request)
# 削除レコードのリスト作成(administrator除く)
del_info = []
del_userid_list = []
for rq in json_str['delInfo']:
if int(rq['user_id']) != 1:
del_info.append(rq)
del_userid_list.append(int(rq['user_id']))
else:
logger.user_log('LOSM05008', 'delete_user_info: %s ' % rq , request=request)
# 更新/削除ユーザをロック
mod_user_list = update_userid_list + del_userid_list
mod_user_list.sort()
for m in mod_user_list:
User.objects.select_for_update().filter(pk=m)
#=================チェック===========================#
# 入力データチェック データ不正であればresponseを返す
error_flag, error_msg_user_name, error_msg_login_id, error_msg_mail, error_msg_user_group = _validate(json_str, group_ids_diff, request=request)
if error_flag:
response_json = json.dumps({
'status' : 'failure',
'error_msg_user_name' : error_msg_user_name,
'error_msg_login_id' : error_msg_login_id,
'error_msg_mail' : error_msg_mail,
'error_msg_user_group': error_msg_user_group,
'msg' : '',
})
logger.user_log('LOSM05004', 'error_msg_user_name: %s' % error_msg_user_name, request=request)
logger.user_log('LOSM05004', 'error_msg_login_id: %s' % error_msg_login_id, request=request)
logger.user_log('LOSM05004', 'error_msg_mail: %s' % error_msg_mail, request=request)
logger.user_log('LOSM05004', 'error_msg_user_group: %s' % error_msg_user_group, request=request)
logger.logic_log('LOSI00002', 'json_str: %s' % json_str, request=request)
return HttpResponse(response_json, content_type="application/json")
#=================更新===============================#
update_list = []
del_usergroup_list = {}
add_usergroup_list = {}
user_info = {}
logger.user_log('LOSI05000', update_info, request=request)
for rq in update_info:
user_info[int(rq['user_id'])] = {
'user_name': rq['user_name'],
'login_id' : rq['login_id'],
'mail' : rq['mail'],
'add_group_id' : rq['add_group_id'],
'del_group_id' : rq['del_group_id'],
}
users = User.objects.filter(pk__in=update_userid_list, disuse_flag='0')
for u in users:
u.user_name = user_info[u.pk]['user_name']
u.login_id = user_info[u.pk]['login_id'] if u.sso_id == 0 else u.login_id
u.mail_address = user_info[u.pk]['mail']
u.last_update_timestamp = datetime.datetime.now(pytz.timezone('UTC'))
u.last_update_user = request.user.user_name
add_usergroup_list[u.user_id] = [int(s) for s in user_info[u.pk]['add_group_id']]
del_usergroup_list[u.user_id] = [int(s) for s in user_info[u.pk]['del_group_id']]
update_list.append(u)
for u in update_list:
u.save()
if u.pk in add_usergroup_list:
for g in add_usergroup_list[u.pk]:
ug = UserGroup(
user_id = u.pk,
group_id = g,
last_update_user = request.user.user_name,
)
ug.save(force_insert=True)
if u.pk in del_usergroup_list:
UserGroup.objects.filter(user_id=u.pk, group_id__in=del_usergroup_list[u.pk]).delete()
logger.user_log('LOSI05001', update_info, request=request)
#=================削除===============================#
logger.user_log('LOSI05002', del_info, request=request)
User.objects.filter(pk__in=del_userid_list).delete()
UserGroup.objects.filter(user_id__in=del_userid_list).delete()
PasswordHistory.objects.filter(user_id__in=del_userid_list).delete()
logger.user_log('LOSI05003', del_info, request=request)
#==================新規追加===============================#
insert_list = []
insert_usergroup_list = {}
insert_list_pwhist = []
create_list = []
create_err_flag = False
ttl_hour = int(System.objects.get(config_id='INITIAL_PASS_VALID_PERIOD').value)
for rq in json_str['insertInfo']:
# ランダムパスワード生成
password = RandomPassword().get_password()
password_hash = Common.oase_hash(password)
password_expire = None
if ttl_hour == 0:
# datetime supportで日時がずれoverflowするため9000年とした
password_expire = datetime.datetime.strptime('9000-12-31 23:59:59', '%Y-%m-%d %H:%M:%S')
else:
password_expire = datetime.datetime.now(pytz.timezone('UTC')) + datetime.timedelta(hours=ttl_hour)
user = User(
user_name = rq['user_name'],
login_id = rq['login_id'],
mail_address = rq['mail'],
password = password_hash,
disp_mode_id = disp,
lang_mode_id = lang,
password_count = 0,
password_expire = password_expire,
last_update_user = request.user.user_name,
last_update_timestamp = datetime.datetime.now(pytz.timezone('UTC')),
)
insert_list.append(user)
insert_usergroup_list[rq['login_id']] = rq['add_group_id']
create_info = {
'name' : rq['user_name'],
'mail' : rq['mail'],
'pass' : password,
'id' : rq['login_id'],
}
create_list.append(create_info)
Pass_generate_manage = int(System.objects.get(config_id='Pass_generate_manage').value)
logger.user_log('LOSI05004', json_str['insertInfo'], Pass_generate_manage, request=request)
# create処理
for i in insert_list:
i.save(force_insert=True)
# userが登録できたらusergroupを登録
for j in insert_usergroup_list[i.login_id]:
usergroup = UserGroup(
user_id = i.pk,
group_id = j,
last_update_user = request.user.user_name,
)
usergroup.save(force_insert=True)
if Pass_generate_manage > 0:
passwd_history = PasswordHistory(
user_id = i.user_id,
password = password_hash,
last_update_timestamp = datetime.datetime.now(pytz.timezone('UTC')),
last_update_user = request.user.user_name,
)
insert_list_pwhist.append(passwd_history)
if len(insert_list_pwhist) > 0:
PasswordHistory.objects.bulk_create(insert_list_pwhist)
logger.user_log('LOSI05005', json_str['insertInfo'], Pass_generate_manage, request=request)
# 署名用URL生成
req_protcol = request.scheme
req_host = request.get_host()
login_url = reverse('web_app:top:login')
inquiry_url = reverse('web_app:top:inquiry')
login_url = '%s://%s%s' % (req_protcol, req_host, login_url)
inquiry_url = '%s://%s%s' % (req_protcol, req_host, inquiry_url)
# 新規登録ユーザに初期ユーザIDをメールで通知
msg_ids = []
if len(create_list) > 0 and create_err_flag == False:
smtp = OASEMailSMTP(request=request)
for u in create_list:
user_mail = OASEMailInitialLoginID(
request.user.mail_address, u['mail'], u['name'], u['id'], ttl_hour, inquiry_url, login_url
)
send_result = smtp.send_mail(user_mail)
logger.logic_log('LOSI05006', u['mail'], u['id'], request=request)
if send_result and send_result not in msg_ids:
msg_ids.append(send_result)
send_result = get_message(send_result, request.user.get_lang_mode())
error_flag = True
if msg:
msg += '\n'
msg += send_result
# 新規登録ユーザに初期パスワードをメールで通知
if len(create_list) > 0 and create_err_flag == False:
smtp = OASEMailSMTP(request=request)
for u in create_list:
user_mail = OASEMailInitialPasswd(
request.user.mail_address, u['mail'], u['name'], u['pass'], ttl_hour, inquiry_url, login_url
)
send_result = smtp.send_mail(user_mail)
logger.logic_log('LOSI05007', u['mail'], request=request)
if send_result and send_result not in msg_ids:
msg_ids.append(send_result)
send_result = get_message(send_result, request.user.get_lang_mode())
error_flag = True
if msg:
msg += '\n'
msg += send_result
except Exception as e:
error_flag = True
logger.logic_log('LOSM05003', 'json_str: %s, traceback: %s' % (json_str, traceback.format_exc()), request=request)
# 結果レスポンス
response_data = {}
# 異常処理
if error_flag == True:
response_data['status'] = 'failure'
response_data['error_msg'] = error_msg
response_data['msg'] = msg
logger.logic_log('LOSM05007', 'json_str: %s, response_data: %s, traceback: %s' % (json_str, response_data, traceback.format_exc()), request=request)
# 正常処理
else:
response_data['status'] = 'success'
response_data['redirect_url'] = '/oase_web/system/user'
response_json = json.dumps(response_data)
logger.logic_log('LOSI00002', 'json_str: %s, response_json: %s' % (json_str, response_json), request=request)
return HttpResponse(response_json, content_type="application/json")