def delete_certificate_by_pk(self, pk): certificate = domain_repo.get_certificate_by_pk(pk) if certificate: certificate.delete() return 200, u"success" else: return 404, u"证书不存在"
def __check_domain_name(self, team_name, domain_name, domain_type, certificate_id): if not domain_name: return 400, u"域名不能为空" zhPattern = re.compile(u'[\u4e00-\u9fa5]+') match = zhPattern.search(domain_name.decode('utf-8')) if match: return 400, u"域名不能包含中文" # a租户绑定了域名manage.com,b租户就不可以在绑定该域名,只有a租户下可以绑定 s_domain = domain_repo.get_domain_by_domain_name(domain_name) if s_domain: team = team_services.get_tenant_by_tenant_name(team_name) if team: if s_domain.tenant_id != team.tenant_id: return 400, u"该域名已被其他团队使用" # re_exp = "^(?=^.{3,255}$)[a-zA-Z0-9][-a-zA-Z0-9]{0,62}(\.[a-zA-Z0-9][-a-zA-Z0-9]{0,62})+$" # if not re.match(re_exp, domain_name): # return 400, u"域名不规范(示例:www.example.com 域名不应包含协议头)" if len(domain_name) > 256: return 400, u"域名过长" if certificate_id: certificate_info = domain_repo.get_certificate_by_pk(int(certificate_id)) cert = base64.b64decode(certificate_info.certificate) data = analyze_cert(cert) certificat_domain_name = data["issued_to"] if certificat_domain_name.startswith('*'): domain_suffix = certificat_domain_name[2:] else: domain_suffix = certificat_domain_name logger.debug('---------domain_suffix-------->{0}'.format(domain_suffix)) domain_str = domain_name.encode('utf-8') if not domain_str.endswith(domain_suffix): return 400, u"域名和证书不匹配" return 200, u"success"
def update_certificate(self, region_name, tenant, certificate_id, new_alias, certificate, private_key, certificate_type): cert_is_effective(certificate) cert = domain_repo.get_certificate_by_pk(certificate_id) if cert is None: raise err_cert_not_found if cert.alias != new_alias: self.__check_certificate_alias(tenant, new_alias) cert.alias = new_alias if certificate: cert.certificate = base64.b64encode(certificate) if certificate_type: cert.certificate_type = certificate_type if private_key: cert.private_key = private_key cert.save() # update all ingress related to the certificate body = { "certificate_id": cert.certificate_id, "certificate_name": "foobar", "certificate": base64.b64decode(cert.certificate), "private_key": cert.private_key, } region_api.update_ingresses_by_certificate(region_name, tenant.tenant_name, body)
def update_certificate(self, tenant, certificate_id, alias, certificate, private_key, certificate_type): cert_is_effective(certificate, private_key) cert = domain_repo.get_certificate_by_pk(certificate_id) if cert is None: raise err_cert_not_found if cert.alias != alias: self.__check_certificate_alias(tenant, alias) cert.alias = alias if certificate: cert.certificate = base64.b64encode(bytes(certificate, 'utf-8')) if certificate_type: cert.certificate_type = certificate_type if private_key: cert.private_key = private_key cert.save() # update all ingress related to the certificate body = { "certificate_id": cert.certificate_id, "certificate_name": "foobar", "certificate": base64.b64decode(cert.certificate).decode(), "private_key": cert.private_key, } team_regions = region_services.get_team_usable_regions( tenant.tenant_name, tenant.enterprise_id) for team_region in team_regions: try: region_api.update_ingresses_by_certificate( team_region.region_name, tenant.tenant_name, body) except Exception as e: logger.debug(e) continue return cert
def __check_domain_name(self, team_name, domain_name, domain_type, certificate_id): if not domain_name: return 400, u"域名不能为空" zhPattern = re.compile(u'[\u4e00-\u9fa5]+') match = zhPattern.search(domain_name.decode('utf-8')) if match: return 400, u"域名不能包含中文" # re_exp = "^(?=^.{3,255}$)[a-zA-Z0-9][-a-zA-Z0-9]{0,62}(\.[a-zA-Z0-9][-a-zA-Z0-9]{0,62})+$" # if not re.match(re_exp, domain_name): # return 400, u"域名不规范(示例:www.example.com 域名不应包含协议头)" if len(domain_name) > 256: return 400, u"域名过长" if certificate_id: certificate_info = domain_repo.get_certificate_by_pk(int(certificate_id)) cert = base64.b64decode(certificate_info.certificate) data = analyze_cert(cert) certificat_domain_name = data["issued_to"] if not certificat_domain_name.startswith("*"): if certificat_domain_name != domain_name: return 400, u"域名和证书不匹配" else: domain_suffix = certificat_domain_name[2:] if not domain_name.endwith(domain_suffix): return 400, u"域名和证书不匹配" return 200, u"success"
def bind_domain(self, tenant, user, service, domain_name, container_port, protocol, certificate_id, domain_type, rule_extensions): code, msg = self.__check_domain_name(tenant.tenant_name, domain_name, domain_type, certificate_id) if code != 200: return code, msg certificate_info = None http_rule_id = make_uuid(domain_name) if certificate_id: certificate_info = domain_repo.get_certificate_by_pk( int(certificate_id)) data = dict() data["domain"] = domain_name data["service_id"] = service.service_id data["tenant_id"] = tenant.tenant_id data["container_port"] = int(container_port) data["protocol"] = protocol data["http_rule_id"] = http_rule_id # 证书信息 data["certificate"] = "" data["private_key"] = "" data["certificate_name"] = "" if rule_extensions: data["rule_extensions"] = rule_extensions if certificate_info: data["certificate"] = base64.b64decode( certificate_info.certificate) data["private_key"] = certificate_info.private_key data["certificate_name"] = certificate_info.alias data["certificate_id"] = certificate_info.certificate_id region_api.bind_http_domain(service.service_region, tenant.tenant_name, data) domain_info = dict() region = region_repo.get_region_by_region_name(service.service_region) domain_info["service_id"] = service.service_id domain_info["service_name"] = service.service_alias domain_info["domain_name"] = domain_name domain_info["domain_type"] = domain_type domain_info["service_alias"] = service.service_cname domain_info["create_time"] = datetime.datetime.now().strftime( '%Y-%m-%d %H:%M:%S') domain_info["container_port"] = int(container_port) domain_info["protocol"] = "http" if certificate_id: domain_info["protocol"] = "https" if rule_extensions: domain_info["rule_extensions"] = rule_extensions domain_info[ "certificate_id"] = certificate_info.ID if certificate_info else 0 domain_info["http_rule_id"] = http_rule_id domain_info["type"] = 1 domain_info["service_alias"] = service.service_cname domain_info["tenant_id"] = tenant.tenant_id domain_info["region_id"] = region.region_id domain_repo.add_service_domain(**domain_info) return 200, u"success"
def delete_certificate_by_pk(self, pk): cert = domain_repo.get_certificate_by_pk(pk) if not cert: raise err_cert_not_found # can't delete the cerificate that till has http rules http_rules = domain_repo.list_service_domains_by_cert_id(pk) if http_rules: raise err_still_has_http_rules cert.delete()
def get_certificate_by_pk(self, pk): certificate = domain_repo.get_certificate_by_pk(pk) if not certificate: return 404, u"证书不存在", None data = dict() data["alias"] = certificate.alias data["certificate_type"] = certificate.certificate_type data["id"] = certificate.ID data["tenant_id"] = certificate.tenant_id data["certificate"] = base64.b64decode(certificate.certificate) data["private_key"] = certificate.private_key return 200, u"success", data
def update_certificate(self, tenant, certificate_id, new_alias, certificate, private_key): certif = domain_repo.get_certificate_by_pk(certificate_id) if certif.alias != new_alias: code, msg = self.__check_certificate_alias(tenant, new_alias) if code != 200: return code, msg certif.alias = new_alias if certif: certif.certificate = certificate if private_key: certif.private_key = private_key certif.save() return 200, "success"
def __check_domain_name(self, team_id, region_id, domain_name, certificate_id=None): if not domain_name: raise ServiceHandleException(status_code=400, error_code=400, msg="domain can not be empty", msg_show="域名不能为空") zh_pattern = re.compile('[\\u4e00-\\u9fa5]+') match = zh_pattern.search(domain_name) if match: raise ServiceHandleException( status_code=400, error_code=400, msg="domain can not be include chinese", msg_show="域名不能包含中文") # a租户绑定了域名manage.com,b租户就不可以在绑定该域名,只有a租户下可以绑定 s_domain = domain_repo.get_domain_by_domain_name(domain_name) if s_domain and s_domain.tenant_id != team_id and s_domain.region_id == region_id: raise ServiceHandleException(status_code=400, error_code=400, msg="domain be used other team", msg_show="域名已经被其他团队使用") if len(domain_name) > 256: raise ServiceHandleException(status_code=400, error_code=400, msg="domain more than 256 bytes", msg_show="域名超过256个字符") if certificate_id: certificate_info = domain_repo.get_certificate_by_pk( int(certificate_id)) cert = base64.b64decode(certificate_info.certificate).decode() data = analyze_cert(cert) sans = data["issued_to"] for certificat_domain_name in sans: if certificat_domain_name.startswith('*'): domain_suffix = certificat_domain_name[2:] else: domain_suffix = certificat_domain_name if domain_name.endswith(domain_suffix): return raise ServiceHandleException(status_code=400, error_code=400, msg="domain", msg_show="域名与选择的证书不匹配")
def update_certificate(self, tenant, certificate_id, new_alias, certificate, private_key, certificate_type): if not cert_is_effective(certificate): return 400, u'证书无效' certif = domain_repo.get_certificate_by_pk(certificate_id) if certif.alias != new_alias: code, msg = self.__check_certificate_alias(tenant, new_alias) if code != 200: return code, msg certif.alias = new_alias if certif: certif.certificate = base64.b64encode(certificate) if certif.certificate_type != certificate_type: certif.certificate_type = certificate_type if private_key: certif.private_key = private_key certif.save() return 200, "success"
def bind_domain(self, tenant, user, service, domain_name, container_port, protocol, certificate_id, domain_type): code, msg = self.__check_domain_name(tenant.tenant_name, domain_name, domain_type) if code != 200: return code, msg certificate_info = None if protocol != self.HTTP: if not certificate_id: return 400, u"证书不能为空" certificate_info = domain_repo.get_certificate_by_pk(int(certificate_id)) data = {} data["uuid"] = make_uuid(domain_name) data["domain_name"] = domain_name data["service_alias"] = service.service_alias data["tenant_id"] = tenant.tenant_id data["tenant_name"] = tenant.tenant_name data["service_port"] = int(container_port) data["protocol"] = protocol data["add_time"] = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S') data["add_user"] = user.nick_name data["enterprise_id"] = tenant.enterprise_id # 证书信息 data["certificate"] = "" data["private_key"] = "" data["certificate_name"] = "" if certificate_info: data["certificate"] = certificate_info.certificate data["private_key"] = certificate_info.private_key data["certificate_name"] = certificate_info.alias region_api.bindDomain(service.service_region, tenant.tenant_name, service.service_alias, data) domain_info = dict() domain_info["service_id"] = service.service_id domain_info["service_name"] = service.service_alias domain_info["domain_name"] = domain_name domain_info["domain_type"] = domain_type domain_info["create_time"] = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S') domain_info["container_port"] = int(container_port) domain_info["protocol"] = protocol domain_info["certificate_id"] = certificate_info.ID if certificate_info else 0 domain_repo.add_service_domain(**domain_info) return 200, u"success"
def get(self, request, *args, **kwargs): """ 获取单个http策略 """ try: http_rule_id = request.GET.get("http_rule_id", None) # 判断参数 if not http_rule_id: return Response(general_message(400, "parameters are missing", "参数缺失"), status=400) domain = domain_repo.get_service_domain_by_http_rule_id( http_rule_id) if domain: bean = domain.to_dict() if domain.certificate_id: certificate_info = domain_repo.get_certificate_by_pk( int(domain.certificate_id)) service = service_repo.get_service_by_service_id( domain.service_id) service_alias = service.service_cname if service else '' group_name = '' if service: gsr = group_service_relation_repo.get_group_by_service_id( service.service_id) group = group_repo.get_group_by_id(int(gsr.group_id)) group_name = group.group_name if group else '' bean.update({"certificate_name": certificate_info.alias}) bean.update({"service_alias": service_alias}) bean.update({"group_name": group_name}) else: bean = dict() result = general_message(200, "success", "查询成功", bean=bean) except Exception as e: logger.exception(e) result = error_message(e.message) return Response(result, status=result["code"])
def update_httpdomain(self, tenant, service, http_rule_id, update_data, re_model=False): service_domain = domain_repo.get_service_domain_by_http_rule_id( http_rule_id) if not service_domain: raise ServiceHandleException(msg="no found", status_code=404) domain_info = service_domain.to_dict() domain_info.update(update_data) self.__check_domain_name(tenant.tenant_id, service_domain.region_id, domain_info["domain_name"], certificate_id=domain_info["certificate_id"]) certificate_info = None if domain_info["certificate_id"]: certificate_info = domain_repo.get_certificate_by_pk( int(domain_info["certificate_id"])) data = dict() data["domain"] = domain_info["domain_name"] data["service_id"] = service.service_id data["tenant_id"] = tenant.tenant_id data["tenant_name"] = tenant.tenant_name data["container_port"] = int(domain_info["container_port"]) data["enterprise_id"] = tenant.enterprise_id data["http_rule_id"] = http_rule_id data["path"] = domain_info["domain_path"] if domain_info[ "domain_path"] else None data["cookie"] = domain_info["domain_cookie"] if domain_info[ "domain_cookie"] else None data["header"] = domain_info["domain_heander"] if domain_info[ "domain_heander"] else None data["weight"] = int(domain_info["the_weight"]) if "rule_extensions" in list(update_data.keys()): if domain_info["rule_extensions"]: data["rule_extensions"] = domain_info["rule_extensions"] else: try: rule_extensions = eval(domain_info["rule_extensions"]) except Exception: rule_extensions = [] if rule_extensions: data["rule_extensions"] = rule_extensions # 证书信息 data["certificate"] = "" data["private_key"] = "" data["certificate_name"] = "" data["certificate_id"] = "" if certificate_info: data["certificate"] = base64.b64decode( certificate_info.certificate).decode() data["private_key"] = certificate_info.private_key data["certificate_name"] = certificate_info.alias data["certificate_id"] = certificate_info.certificate_id try: # 给数据中心传送数据更新域名 region_api.update_http_domain(service.service_region, tenant.tenant_name, data) except region_api.CallApiError as e: if e.status != 404: raise e if "rule_extensions" in list(update_data.keys()): rule_extensions_str = "" # 拼接字符串,存入数据库 for rule in update_data["rule_extensions"]: last_index = len(update_data["rule_extensions"]) - 1 if last_index == update_data["rule_extensions"].index(rule): rule_extensions_str += rule["key"] + ":" + rule["value"] continue rule_extensions_str += rule["key"] + ":" + rule["value"] + "," else: rule_extensions_str = domain_info["rule_extensions"] domain_info["rule_extensions"] = rule_extensions_str if domain_info["domain_path"] and domain_info["domain_path"] != "/" or \ domain_info["domain_cookie"] or domain_info["domain_heander"]: domain_info["is_senior"] = True domain_info["protocol"] = "http" if domain_info["certificate_id"]: domain_info["protocol"] = "https" domain_info["certificate_id"] = domain_info[ "certificate_id"] if domain_info["certificate_id"] else 0 domain_info["domain_path"] = domain_info["domain_path"] if domain_info[ "domain_path"] else '/' domain_info["domain_cookie"] = domain_info[ "domain_cookie"] if domain_info["domain_cookie"] else "" domain_info["domain_heander"] = domain_info[ "domain_heander"] if domain_info["domain_heander"] else "" domain_info["container_port"] = int(domain_info["container_port"]) domain_info["service_id"] = service.service_id domain_info["service_name"] = service.service_alias model_data = ServiceDomain(**domain_info) model_data.save() if re_model: return model_data return domain_info
def bind_httpdomain(self, tenant, user, service, httpdomain, return_model=False): domain_name = httpdomain["domain_name"] certificate_id = httpdomain["certificate_id"] rule_extensions = httpdomain.get("rule_extensions", []) domain_path = httpdomain.get("domain_path", None) domain_cookie = httpdomain.get("domain_cookie", None) domain_heander = httpdomain.get("domain_heander", None) protocol = httpdomain.get("protocol", None) domain_type = httpdomain["domain_type"] auto_ssl = httpdomain["auto_ssl"] auto_ssl_config = httpdomain["auto_ssl_config"] region = region_repo.get_region_by_region_name(service.service_region) # 校验域名格式 self.__check_domain_name(tenant.tenant_id, region.region_id, domain_name, certificate_id) http_rule_id = make_uuid(domain_name) domain_info = dict() certificate_info = None if certificate_id: certificate_info = domain_repo.get_certificate_by_pk( int(certificate_id)) data = dict() data["uuid"] = make_uuid(domain_name) data["domain"] = domain_name data["service_id"] = service.service_id data["tenant_id"] = tenant.tenant_id data["tenant_name"] = tenant.tenant_name data["protocol"] = protocol data["container_port"] = int(httpdomain["container_port"]) data["add_time"] = self.get_time_now() data["add_user"] = user.nick_name if user else "" data["enterprise_id"] = tenant.enterprise_id data["http_rule_id"] = http_rule_id data["path"] = domain_path data["cookie"] = domain_cookie data["header"] = domain_heander data["weight"] = int(httpdomain.get("the_weight", 100)) if rule_extensions: data["rule_extensions"] = rule_extensions data["certificate"] = "" data["private_key"] = "" data["certificate_name"] = "" data["certificate_id"] = "" if certificate_info: data["certificate"] = base64.b64decode( certificate_info.certificate).decode() data["private_key"] = certificate_info.private_key data["certificate_name"] = certificate_info.alias data["certificate_id"] = certificate_info.certificate_id try: region_api.bind_http_domain(service.service_region, tenant.tenant_name, data) except region_api.CallApiError as e: if e.status != 404: raise e if domain_path and domain_path != "/" or domain_cookie or domain_heander: domain_info["is_senior"] = True if protocol: domain_info["protocol"] = protocol else: domain_info["protocol"] = "http" if certificate_id: domain_info["protocol"] = "https" domain_info["http_rule_id"] = http_rule_id domain_info["service_id"] = service.service_id domain_info["service_name"] = service.service_alias domain_info["domain_name"] = domain_name domain_info["domain_type"] = domain_type domain_info["service_alias"] = service.service_cname domain_info["create_time"] = self.get_time_now() domain_info["container_port"] = int(httpdomain["container_port"]) domain_info[ "certificate_id"] = certificate_info.ID if certificate_info else 0 domain_info["domain_path"] = domain_path if domain_path else '/' domain_info["domain_cookie"] = domain_cookie if domain_cookie else "" domain_info[ "domain_heander"] = domain_heander if domain_heander else "" domain_info["the_weight"] = int(httpdomain.get("the_weight", 100)) domain_info["tenant_id"] = tenant.tenant_id domain_info["auto_ssl"] = auto_ssl domain_info["auto_ssl_config"] = auto_ssl_config rule_extensions_str = "" if rule_extensions: # 拼接字符串,存入数据库 for rule in rule_extensions: last_index = len(rule_extensions) - 1 if last_index == rule_extensions.index(rule): rule_extensions_str += rule["key"] + ":" + rule["value"] continue rule_extensions_str += rule["key"] + ":" + rule["value"] + "," domain_info["rule_extensions"] = rule_extensions_str domain_info["region_id"] = region.region_id region = region_repo.get_region_by_region_name(service.service_region) # 判断类型(默认or自定义) if domain_name != "{0}.{1}.{2}.{3}".format( httpdomain["container_port"], service.service_alias, tenant.tenant_name, region.httpdomain): domain_info["type"] = 1 # 高级路由 model = domain_repo.add_service_domain(**domain_info) if return_model: return model domain_info.update({"rule_extensions": rule_extensions}) if certificate_info: domain_info.update({"certificate_name": certificate_info.alias}) return domain_info
def update_httpdomain(self, tenant, user, service, domain_name, container_port, certificate_id, domain_type, domain_path, domain_cookie, domain_heander, http_rule_id, the_weight, rule_extensions): # 校验域名格式 code, msg = self.__check_domain_name(tenant.tenant_name, domain_name, domain_type, certificate_id) domain_info = dict() if code != 200: return code, msg, domain_info certificate_info = None if certificate_id: certificate_info = domain_repo.get_certificate_by_pk( int(certificate_id)) data = dict() data["domain"] = domain_name data["service_id"] = service.service_id data["tenant_id"] = tenant.tenant_id data["tenant_name"] = tenant.tenant_name data["container_port"] = int(container_port) data["enterprise_id"] = tenant.enterprise_id data["http_rule_id"] = http_rule_id data["path"] = domain_path if domain_path else None data["cookie"] = domain_cookie if domain_cookie else None data["header"] = domain_heander if domain_heander else None data["weight"] = int(the_weight) if rule_extensions: data["rule_extensions"] = rule_extensions # 证书信息 data["certificate"] = "" data["private_key"] = "" data["certificate_name"] = "" data["certificate_id"] = "" if certificate_info: data["certificate"] = base64.b64decode( certificate_info.certificate) data["private_key"] = certificate_info.private_key data["certificate_name"] = certificate_info.alias data["certificate_id"] = certificate_info.certificate_id try: # 给数据中心传送数据更新域名 region_api.update_http_domain(service.service_region, tenant.tenant_name, data) except region_api.CallApiError as e: if e.status != 404: raise e service_domain = domain_repo.get_service_domain_by_http_rule_id( http_rule_id) service_domain.delete() region = region_repo.get_region_by_region_name(service.service_region) # 高级路由 if domain_path and domain_path != "/" or domain_cookie or domain_heander: domain_info["is_senior"] = True domain_info["protocol"] = "http" if certificate_id: domain_info["protocol"] = "https" domain_info["http_rule_id"] = http_rule_id domain_info["service_id"] = service.service_id domain_info["service_name"] = service.service_alias domain_info["domain_name"] = domain_name domain_info["domain_type"] = domain_type domain_info["service_alias"] = service.service_cname domain_info["create_time"] = datetime.datetime.now().strftime( '%Y-%m-%d %H:%M:%S') domain_info["container_port"] = int(container_port) domain_info[ "certificate_id"] = certificate_info.ID if certificate_info else 0 domain_info["domain_path"] = domain_path if domain_path else '/' domain_info["domain_cookie"] = domain_cookie if domain_cookie else "" domain_info[ "domain_heander"] = domain_heander if domain_heander else "" domain_info["the_weight"] = the_weight domain_info["tenant_id"] = tenant.tenant_id rule_extensions_str = "" if rule_extensions: # 拼接字符串,存入数据库 for rule in rule_extensions: last_index = len(rule_extensions) - 1 if last_index == rule_extensions.index(rule): rule_extensions_str += rule["key"] + ":" + rule["value"] continue rule_extensions_str += rule["key"] + ":" + rule["value"] + "," domain_info["rule_extensions"] = rule_extensions_str domain_info["region_id"] = region.region_id region = region_repo.get_region_by_region_name(service.service_region) # 判断类型(默认or自定义) if domain_name != str(container_port) + "." + str( service.service_alias) + "." + str( tenant.tenant_name) + "." + str(region.httpdomain): domain_info["type"] = 1 domain_repo.add_service_domain(**domain_info) domain_info.update({"rule_extensions": rule_extensions}) if certificate_info: domain_info.update({"certificate_name": certificate_info.alias}) return 200, u"success", domain_info
def get(self, request, tenantName, *args, **kwargs): try: page = int(request.GET.get("page", 1)) page_size = int(request.GET.get("page_size", 10)) search_conditions = request.GET.get("search_conditions", None) tenant = team_services.get_tenant_by_tenant_name(tenantName) region = region_repo.get_region_by_region_name(self.response_region) total = domain_repo.get_all_domain_count_by_tenant_and_region_id(tenant.tenant_id, region.region_id) start = (page - 1) * page_size remaining_num = total - (page - 1) * page_size end = page_size if remaining_num < page_size: end = remaining_num try: # 查询分页排序 if search_conditions: cursor = connection.cursor() cursor.execute( "select domain_name, type, is_senior, certificate_id, service_alias, protocol, service_name, container_port, http_rule_id, service_id, domain_path, domain_cookie, domain_heander, the_weight, is_outer_service from service_domain where tenant_id='{0}' and region_id='{1}' and domain_name like '%{2}%' or service_alias like '%{3}%' or group_name like '%{4}%' order by type desc LIMIT {5},{6};".format( tenant.tenant_id, region.region_id, search_conditions, search_conditions, search_conditions, start, end)) tenant_tuples = cursor.fetchall() else: cursor = connection.cursor() cursor.execute( "select domain_name, type, is_senior, certificate_id, service_alias, protocol, service_name, container_port, http_rule_id, service_id, domain_path, domain_cookie, domain_heander, the_weight, is_outer_service from service_domain where tenant_id='{0}' and region_id='{1}' order by type desc LIMIT {2},{3};".format( tenant.tenant_id, region.region_id, start, end)) tenant_tuples = cursor.fetchall() except Exception as e: logger.exception(e) result = general_message(405, "faild", "查询数据库失败") return Response(result) # 拼接展示数据 domain_list = list() for tenant_tuple in tenant_tuples: service = service_repo.get_service_by_service_id(tenant_tuple[9]) service_alias = service.service_cname if service else '' group_name = '' group_id = 0 if service: gsr = group_service_relation_repo.get_group_by_service_id(service.service_id) if gsr: group = group_repo.get_group_by_id(int(gsr.group_id)) group_name = group.group_name if group else '' group_id = int(gsr.group_id) domain_dict = dict() certificate_info = domain_repo.get_certificate_by_pk(int(tenant_tuple[3])) if not certificate_info: domain_dict["certificate_alias"] = '' else: domain_dict["certificate_alias"] = certificate_info.alias domain_dict["domain_name"] = tenant_tuple[5] + "://" + tenant_tuple[0] domain_dict["type"] = tenant_tuple[1] domain_dict["is_senior"] = tenant_tuple[2] domain_dict["group_name"] = group_name domain_dict["service_cname"] = service_alias domain_dict["service_alias"] = tenant_tuple[6] domain_dict["container_port"] = tenant_tuple[7] domain_dict["http_rule_id"] = tenant_tuple[8] domain_dict["service_id"] = tenant_tuple[9] domain_dict["domain_path"] = tenant_tuple[10] domain_dict["domain_cookie"] = tenant_tuple[11] domain_dict["domain_heander"] = tenant_tuple[12] domain_dict["the_weight"] = tenant_tuple[13] domain_dict["is_outer_service"] = tenant_tuple[14] domain_dict["group_id"] = group_id domain_list.append(domain_dict) bean = dict() bean["total"] = total result = general_message(200, "success", "查询成功", list=domain_list, bean=bean) except Exception as e: logger.exception(e) result = error_message(e.message) return Response(result)
def get_certificate_by_pk(self, pk): certificate = domain_repo.get_certificate_by_pk(pk) if not certificate: return 404, u"证书不存在", None return 200, u"success", certificate