def fresh_session(cls): # 0.超管 if current_user.role == SUPER: return True spaces = current_user.has_spaces() # 1.无空间权限且非超管 if not spaces and current_user.role <> SUPER: raise WalleError(Code.space_empty) default_space = spaces.keys()[0] # 2.第一次登录无空间 if not current_user.last_space: current_user.last_space = default_space current_user.save() session['space_id'] = default_space session['space_info'] = spaces[session['space_id']] # 3.空间权限有修改 if current_user.last_space and current_user.last_space not in spaces.keys( ): raise WalleError(Code.space_error) session['space_id'] = current_user.last_space session['space_info'] = spaces[current_user.last_space] session['space_list'] = spaces.values() current_app.logger.info( '============ SecurityResource.__init__ ============')
def init_repo(self): if not os.path.exists(self.dir_codebase_project): # 检查 目录是否存在 command = 'mkdir -p %s' % (self.dir_codebase_project) # TODO remove current_app.logger.info(command) self.local.run(command, wenv=self.config()) with self.local.cd(self.dir_codebase_project): is_git_dir = self.local.run('git status', exception=False, wenv=self.config()) if is_git_dir.exited != Code.Ok: # 否则当作新项目检出完整代码 # 检查 目录是否存在 command = 'rm -rf %s' % (self.dir_codebase_project) self.local.run(command, wenv=self.config()) command = 'git clone %s %s' % (self.project_info['repo_url'], self.dir_codebase_project) current_app.logger.info('cd %s command: %s ', self.dir_codebase_project, command) result = self.local.run(command, wenv=self.config()) if result.exited != Code.Ok: raise WalleError(Code.shell_git_init_fail, message=result.stdout)
def list_branch(self): with self.local.cd(self.dir_codebase_project): command = 'git pull' result = self.local.run(command, wenv=self.config()) if result.exited != Code.Ok: raise WalleError(Code.shell_git_pull_fail, message=result.stdout) current_app.logger.info(self.dir_codebase_project) command = 'git branch -r' result = self.local.run(command, pty=False, wenv=self.config()) # if result.exited != Code.Ok: # raise WalleError(Code.shell_run_fail) # TODO 三种可能: false, error, success branches = result.stdout.strip() branches = branches.split('\n') # 去除 origin/HEAD -> 当前指向 # 去除远端前缀 branches = [ branch.strip().lstrip('origin/') for branch in branches if not branch.strip().startswith('origin/HEAD') ] return branches return None
def deploy(self): ''' 2.检出代码 :param project_name: :return: ''' self.stage = self.stage_deploy self.sequence = 2 # # # copy to a local version # self.release_version = '%s_%s_%s' % ( # self.project_name, self.task_id, time.strftime('%Y%m%d_%H%M%S', time.localtime(time.time()))) with self.localhost.cd(self.local_codebase): command = 'cp -rf %s %s' % (self.dir_codebase_project, self.release_version) current_app.logger.info('cd %s command: %s ', self.dir_codebase_project, command) result = self.localhost.local(command, wenv=self.config()) # 更新到指定 commit_id with self.localhost.cd(self.local_codebase + self.release_version): command = 'git reset -q --hard %s' % ( self.taskMdl.get('commit_id')) result = self.localhost.local(command, wenv=self.config()) if result.exited != Code.Ok: raise WalleError(Code.shell_git_fail, message=result.stdout)
def decorator(*args, **kwargs): current_app.logger.info( '============== gte_develop_or_uid.decorator ======') if self.is_gte_develop_or_uid(current_user.id): current_app.logger.info( '============== gte_develop_or_uid.if ======') return func(*args, **kwargs) raise WalleError(Code.not_allow)
def deploy(self): ''' 2.检出代码 :param project_name: :return: ''' self.stage = self.stage_deploy self.sequence = 2 current_app.logger.info('git dir: %s', self.dir_codebase_project + '/.git') # 如果项目底下有 .git 目录则认为项目完整,可以直接检出代码 # TODO 不标准 if os.path.exists(self.dir_codebase_project + '/.git'): with self.local.cd(self.dir_codebase_project): command = 'pwd && git pull' result = self.local.run(command, wenv=self.config()) else: # 否则当作新项目检出完整代码 with self.local.cd(self.dir_codebase_project): command = 'pwd && git clone %s .' % ( self.project_info['repo_url']) current_app.logger.info('cd %s command: %s ', self.dir_codebase_project, command) result = self.local.run(command, wenv=self.config()) # copy to a local version self.release_version = '%s_%s_%s' % ( self.project_name, self.task_id, time.strftime('%Y%m%d_%H%M%S', time.localtime(time.time()))) with self.local.cd(self.local_codebase): command = 'cp -rf %s %s' % (self.dir_codebase_project, self.release_version) current_app.logger.info('cd %s command: %s ', self.dir_codebase_project, command) result = self.local.run(command, wenv=self.config()) # 更新到指定 commit_id with self.local.cd(self.local_codebase + self.release_version): command = 'git reset -q --hard %s' % ( self.taskMdl.get('commit_id')) result = self.local.run(command, wenv=self.config()) if result.exited != Code.Ok: raise WalleError(Code.shell_git_fail, message=result.stdout)
def update_project(self, project_id, members, group_name=None): space_info = walle.model.project.ProjectModel.query.filter_by( id=project_id).first().to_json() group_model = self.members(group_id=space_info['space_id']) user_update = [] for member in members: user_update.append(member['user_id']) current_app.logger.info(group_model['user_ids']) current_app.logger.info(user_update) # project新增用户是否在space's group中,无则抛出 if list(set(user_update).difference(set(group_model['user_ids']))): raise WalleError(Code.user_not_in_space) # 修改用户组成员 # clean up filters = { MemberModel.source_id == project_id, MemberModel.source_type == self.source_type_project, } MemberModel.query.filter(*filters).delete() # insert all for member in members: insert = { 'user_id': member['user_id'], 'source_id': project_id, 'source_type': self.source_type_project, 'access_level': member['role'].upper(), 'status': self.status_available, } group = MemberModel(**insert) db.session.add(group) ret = db.session.commit() return ret
def decorator(*args, **kwargs): if self.role_upper_developer(): return func(*args, **kwargs) raise WalleError(Code.not_allow)
def decorator(*args, **kwargs): if self.is_gte_develop_or_uid(current_user.id): return func(*args, **kwargs) raise WalleError(Code.not_allow)