def create_admin_user(request): """创建管理员""" msg = '' status = False res = {'status': status, 'msg': msg} username = request.POST.get('username', '') group_id = request.POST.get('group_id', '') try: if not username: msg = af.USERNAME_EMPTY assert False check_user = UserProfile.objects.filter(username=username) if check_user: msg = af.USER_EXIST assert False group = Group.objects.filter(id=group_id).first() except AssertionError: res['msg'] = _(msg) return json_response(res) password = '' # ldap 密码使用云密码 identity = 'is_admin' creator_username = request.user.username param = { 'username': username, 'password': password, 'group': group, 'identity': identity, 'creator_username': creator_username } user = create_user(**param) if not user: res['msg'] = _(af.PARAM_ERROR) return json_response(res) log_msg = om.CREATE_USER % (creator_username, identity, username) OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg) status = True res['status'] = status return json_response(res)
def get_sso_token(request): """退出 {"hasLogon":true,"type":1,"account":"*****@*****.**", "cdate":1558602246000,"adate":1558602246000,"err":0,"ec":0} {"hasLogon":false,"type":-1,"account":"", "cdate":null,"adate":null,"err":12,"ec":0} """ backend_path = 'django.contrib.auth.backends.AllowAllUsersModelBackend' token = request.GET.get("ioss") if token: md5 = hashlib.md5() md5.update((settings.SSO_NAME + token + "CssoC").encode('utf-8')) url = ("https://sso.chinacache.com:443/queryByTokenId?" "clientName={}" "&tokenId={}" "&md5Hash={}").format(settings.SSO_NAME, token, md5.hexdigest()) res = requests.get(url) has_login = res.json().get('hasLogon', False) user = None if has_login: username = res.json().get('account', '') user = UserProfile.objects.filter(username=username).first() if not user: identity = 'is_admin' # 管理员登录通过sso校验,系统生成随机密码不需要记录 password = "".join( random.sample(string.ascii_letters + string.digits, 10)) group = Group.objects.filter(name='客服').first() user = create_user(username, password, group, identity) if user: user.backend = backend_path auth_login(request, user) return HttpResponseRedirect('/base/base/', {})
def create_child_user(request): """创建子账号号用户""" msg = '' status = False res = { 'status': status, 'msg': msg } username = request.POST.get('username', '') password = request.POST.get('password', '') is_api = request.POST.get('is_api', 0) reset_password = request.POST.get('reset_password', 0) email = request.POST.get('email', '') mobile = request.POST.get('mobile', '') remark = request.POST.get('remark', '') perm_strategy_ids = request.POST.getlist('perm_strategy[]', '') try: if not username: msg = af.USERNAME_EMPTY assert False check_user = UserProfile.objects.filter(username=username) if check_user: msg = af.USER_EXIST assert False if not password: msg = af.PASSWORD_EMPTY assert False is_api = int_check(is_api) if is_api is None: msg = af.PARAM_ERROR assert False reset_password = int_check(reset_password) if reset_password is None: msg = af.PARAM_ERROR assert False except AssertionError: res['msg'] = _(msg) return json_response(res) if is_api: print('给api通信') identity = 'is_child' group = Group.objects.filter(id=GroupProfile.CUSTOMER_CHILD_ID).first() creator_username = request.user.username param = { 'username': username, 'password': password, 'group': group, 'identity': identity, 'email': email, 'mobile': mobile, 'remark': remark, 'reset_password': True if reset_password else False, 'creator_username': creator_username } user = create_user(**param) if not user: res['msg'] = _(af.PARAM_ERROR) return json_response(res) UserPermStrategy.assign_perm(perm_strategy_ids, user) log_msg = om.CREATE_USER % (creator_username, identity, username) OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg) status = True res['status'] = status return json_response(res)
def admin_create_parent_user(request): """创建父账号用户""" msg = '' status = False res = {'status': status, 'msg': msg} username = request.POST.get('username', '') password = request.POST.get('password', '') company = request.POST.get('company', '') linkman = request.POST.get('linkman', '') email = request.POST.get('email', '') mobile = request.POST.get('mobile', '') is_api = request.POST.get('is_api', '') is_active = request.POST.get('is_active', '1') perm_list = request.POST.getlist('perm[]', []) try: if not username: msg = af.USERNAME_EMPTY assert False check_user = UserProfile.objects.filter(username=username) if check_user: msg = af.USER_EXIST assert False if not password: msg = af.PASSWORD_EMPTY assert False if not company: msg = af.COMPANY_EMPTY assert False is_api = int(is_api) if is_api is None: msg = af.PARAM_ERROR assert False is_active = int_check(is_active) if is_active is None: msg = af.PARAM_ERROR assert False except AssertionError: res['msg'] = _(msg) return json_response(res) identity = 'is_parent' group = Group.objects.filter(id=GroupProfile.CUSTOMER_ID).first() creator_username = request.user.username param = { 'username': username, 'password': password, 'group': group, 'identity': identity, 'company': company, 'linkman': linkman, 'email': email, 'mobile': mobile, 'creator_username': creator_username, 'is_api': True if is_api else False } user = create_user(**param) if not user: res['msg'] = _(af.PARAM_ERROR) return json_response(res) if not is_active: user.is_active = False user.save() for perm_code in perm_list: PermUser.assign_perm(perm_code, user) if perm_code == 'client_cdn_menu': cdn_product = Product.objects.filter(code='CDN').first() cdn_strategy = Strategy.get_obj_from_property('CC', 'CDN', 'CDN') user.product_list.add(cdn_product) user.strategy_list.add(cdn_strategy) user.save() # elif perm_code == 'client_security_menu': # sec_product = Product.objects.filter(code='SECURITY').first() # sec_strategy = Strategy.get_obj_from_property( # 'QINGSONG', 'SECURITY', 'WAF') # user.product_list.add(sec_product) # user.strategy_list.add(sec_strategy) # user.save() log_msg = om.CREATE_USER % (creator_username, identity, username) OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg) status = True res['status'] = status return json_response(res)
def create_parent_user(request): """创建父账号用户""" msg = '' status = False res = {'status': status, 'msg': msg} username = request.POST.get('username', '') password = request.POST.get('password', '') company = request.POST.get('company', '') user_type = request.POST.get('user_type', '') linkman = request.POST.get('linkman', '') email = request.POST.get('email', '') mobile = request.POST.get('mobile', '') perm_list = request.POST.getlist('perm[]', '') try: if not username: msg = af.USERNAME_EMPTY assert False check_user = UserProfile.objects.filter(username=username) if check_user: msg = af.USER_EXIST assert False if not password: msg = af.PASSWORD_EMPTY assert False if not company: msg = af.COMPANY_EMPTY assert False except AssertionError: res['msg'] = msg return json_response(res) identity = user_type group = Group.objects.filter(id=GroupProfile.CUSTOMER_ID) creator_username = request.user.username param = { 'username': username, 'password': password, 'group': group, 'identity': identity, 'company': company, 'linkman': linkman, 'email': email, 'mobile': mobile, 'creator_username': creator_username } user = create_user(**param) if not user: res['msg'] = af.PARAM_ERROR return json_response(res) if perm_list: for perm_id in perm_list: PermUser.assign_perm(perm_id, user) log_msg = om.CREATE_USER % (creator_username, identity, username) OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg) status = True res['status'] = status return json_response(res)