def assignrole(request):
initialise()
subs_list_assigned = []
if request.method == "POST":
subs_list = json.loads(request.POST["subs_list"])
user_id = request.POST["user_id"]
t_id = request.POST["tenant_id"]
token_user = request.POST["token_user"]
global client_secret
global client_id
access_token = get_acacess_token_app(tenant_id=t_id,client_id=client_id,client_secret=client_secret,resource="https://graph.windows.net/")
if access_token["status"] == "1":
principal_id = get_principal_id(token=access_token["details"],tenant_id=t_id,client_id=client_id)
for subs in subs_list:
role_assgn_id = str(uuid.uuid4())
global role_def_id_contributor
put_url = "https://management.azure.com//subscriptions/" + subs +"/providers/Microsoft.Authorization/roleAssignments/" + role_assgn_id + "?api-version=2014-07-01-preview"
body = {"properties":{"roleDefinitionId":"/subscriptions/"+ subs +"/providers/Microsoft.Authorization/roleDefinitions/" + role_def_id_contributor ,"principalId":principal_id}}
headers_val = {"Authorization":"Bearer " + token_user, "Content-Type":"application/json"}
req = Request(method="PUT",headers=headers_val,json=body,url=put_url)
req_prepped = req.prepare()
s = Session()
res = Response()
res = s.send(req_prepped)
if res.status_code == 201:
subs_list_assigned.append({"subscriptionid":subs,"assigned_status":True})
### Save the subscription details in the model
subscription_list = []
for subs in subs_list_assigned:
subscription_list.append(subs)
auth_settings = {}
auth_settings['auth_type']="A"
auth_settings['client_id']=client_id
auth_settings['tenant_id']=t_id
auth_settings['redirect_uri']=redirect_uri
auth_settings['client_secret']=client_secret
auth_settings['subscription_id']=json.dumps(subscription_list)
auth_settings['user'] = user_id
user = User.objects.get(pk=auth_settings['user'])
if AuthSettings.objects.filter(user_id_id=auth_settings['user']).exists():
u = AuthSettings.objects.get(user_id_id=auth_settings['user'])
u.delete()
settings = AuthSettings(user_id=user,auth_type=auth_settings['auth_type'],client_id=auth_settings['client_id'],tenant_id=auth_settings['tenant_id'],client_secret=auth_settings['client_secret'],redirect_uri=auth_settings['redirect_uri'],subscription_id=auth_settings['subscription_id'])
settings.save()
results = "<table><tr><td>You can now deploy resources through this application into following subscriptions</td></tr>"
for sa in subs_list_assigned:
results += "<tr><td>"+ sa["subscriptionid"] +"</td></tr>"
results += "</table>"
return HttpResponse(results)
def set_auth_settings(request):
if request.method == "POST":
print(request)
auth_settings = {}
auth_settings['auth_type']=request.POST['authtypeid']
auth_settings['client_id']=request.POST['inp_clientid_txt']
auth_settings['tenant_id']=request.POST['inp_tenantid_txt']
auth_settings['redirect_uri']=request.POST['inp_redirecturi_txt']
auth_settings['client_secret']=request.POST['inp_clientsecret_txt']
auth_settings['subscription_id']=request.POST['inp_subsid_txt']
auth_settings['user'] = request.POST['user_id']
user = User.objects.get(pk=auth_settings['user'])
if AuthSettings.objects.filter(user_id_id=auth_settings['user']).exists():
u = AuthSettings.objects.get(user_id_id=auth_settings['user'])
u.delete()
settings = AuthSettings(user_id=user,auth_type=auth_settings['auth_type'],client_id=auth_settings['client_id'],tenant_id=auth_settings['tenant_id'],client_secret=auth_settings['client_secret'],redirect_uri=auth_settings['redirect_uri'],subscription_id=auth_settings['subscription_id'])
settings.save()
return HttpResponse("Your settings have been saved")
else:
authorization_list = [{"id":"A","name":"Application only"},{"id":"U","name":"User based"}]
template_params = {"authorization_list":authorization_list}
return render(request,"set_authsettings.html",template_params)
def assignrole(request):
initialise()
subs_list_assigned = []
if request.method == "POST":
subs_list = json.loads(request.POST["subs_list"])
user_id = request.POST["user_id"]
t_id = request.POST["tenant_id"]
token_user = request.POST["token_user"]
global client_secret
global client_id
access_token = get_acacess_token_app(
tenant_id=t_id,
client_id=client_id,
client_secret=client_secret,
resource="https://graph.windows.net/")
if access_token["status"] == "1":
principal_id = get_principal_id(token=access_token["details"],
tenant_id=t_id,
client_id=client_id)
for subs in subs_list:
role_assgn_id = str(uuid.uuid4())
global role_def_id_contributor
put_url = "https://management.azure.com//subscriptions/" + subs + "/providers/Microsoft.Authorization/roleAssignments/" + role_assgn_id + "?api-version=2014-07-01-preview"
body = {
"properties": {
"roleDefinitionId":
"/subscriptions/" + subs +
"/providers/Microsoft.Authorization/roleDefinitions/" +
role_def_id_contributor,
"principalId":
principal_id
}
}
headers_val = {
"Authorization": "Bearer " + token_user,
"Content-Type": "application/json"
}
req = Request(method="PUT",
headers=headers_val,
json=body,
url=put_url)
req_prepped = req.prepare()
s = Session()
res = Response()
res = s.send(req_prepped)
if res.status_code == 201:
subs_list_assigned.append({
"subscriptionid": subs,
"assigned_status": True
})
### Save the subscription details in the model
subscription_list = []
for subs in subs_list_assigned:
subscription_list.append(subs)
auth_settings = {}
auth_settings['auth_type'] = "A"
auth_settings['client_id'] = client_id
auth_settings['tenant_id'] = t_id
auth_settings['redirect_uri'] = redirect_uri
auth_settings['client_secret'] = client_secret
auth_settings['subscription_id'] = json.dumps(subscription_list)
auth_settings['user'] = user_id
user = User.objects.get(pk=auth_settings['user'])
if AuthSettings.objects.filter(user_id_id=auth_settings['user']).exists():
u = AuthSettings.objects.get(user_id_id=auth_settings['user'])
u.delete()
settings = AuthSettings(user_id=user,
auth_type=auth_settings['auth_type'],
client_id=auth_settings['client_id'],
tenant_id=auth_settings['tenant_id'],
client_secret=auth_settings['client_secret'],
redirect_uri=auth_settings['redirect_uri'],
subscription_id=auth_settings['subscription_id'])
settings.save()
results = "<table><tr><td>You can now deploy resources through this application into following subscriptions</td></tr>"
for sa in subs_list_assigned:
results += "<tr><td>" + sa["subscriptionid"] + "</td></tr>"
results += "</table>"
return HttpResponse(results)