def post(self, request, *args, **kwargs): enterprise_id = request.data.get("enterprise_id") tenant_id = request.data.get("tenant_id") if tenant_id and enterprise_id: teams = Tenants.objects.filter(tenant_id=tenant_id, enterprise_id=enterprise_id) elif tenant_id and not enterprise_id: teams = Tenants.objects.filter(tenant_id=tenant_id) elif not tenant_id and enterprise_id: teams = Tenants.objects.filter(enterprise_id=enterprise_id) else: teams = Tenants.objects.all() if not teams: print(u"未发现团队, 初始化结束") return for team in teams: role_kind_services.init_default_roles(kind="team", kind_id=team.tenant_id) users = team_repo.get_tenant_users_by_tenant_ID(team.ID) admin = role_kind_services.get_role_by_name(kind="team", kind_id=team.tenant_id, name=u"管理员") developer = role_kind_services.get_role_by_name(kind="team", kind_id=team.tenant_id, name=u"开发者") if not admin or not developer: raise ServiceHandleException(msg="init failed", msg_show=u"初始化失败") if users: for user in users: if user.user_id == team.creater: user_kind_role_service.update_user_roles( kind="team", kind_id=team.tenant_id, user=user, role_ids=[admin.ID]) else: user_kind_role_service.update_user_roles( kind="team", kind_id=team.tenant_id, user=user, role_ids=[developer.ID]) result = general_message(msg="success", msg_show=u"初始化权限分配成功", code=200) return Response(result, status=200)
def put(self, request, team_name, user_id, *args, **kwargs): roles = request.data.get("roles") team_users = team_services.get_team_users(self.tenant) user = team_users.filter(user_id=user_id).first() user_kind_role_service.update_user_roles(kind="team", kind_id=self.tenant.tenant_id, user=user, role_ids=roles) data = user_kind_role_service.get_user_roles(kind="team", kind_id=self.tenant.tenant_id, user=user) result = general_message(200, "success", None, bean=data) return Response(result, status=200)
def add_user_role_to_team(self, tenant, user_ids, role_ids): """在团队中添加一个用户并给用户分配一个角色""" enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id) if enterprise: for user_id in user_ids: # for role_id in role_ids: PermRelTenant.objects.update_or_create(user_id=user_id, tenant_id=tenant.pk, enterprise_id=enterprise.pk) user = user_repo.get_by_user_id(user_id) user_kind_role_service.update_user_roles(kind="team", kind_id=tenant.tenant_id, user=user, role_ids=role_ids)
def post(self, request, enterprise_id, *args, **kwargs): tenant_name = request.data.get("tenant_name", None) user_name = request.data.get("user_name", None) email = request.data.get("email", None) password = request.data.get("password", None) re_password = request.data.get("re_password", None) role_ids = request.data.get("role_ids", None) phone = request.data.get("phone", None) real_name = request.data.get("real_name", None) tenant = team_services.get_tenant_by_tenant_name(tenant_name) if len(password) < 8: result = general_message(400, "len error", "密码长度最少为8位") return Response(result) # check user info is_pass, msg = user_services.check_params(user_name, email, password, re_password, request.user.enterprise_id) if not is_pass: result = general_message(403, "user information is not passed", msg) return Response(result) client_ip = user_services.get_client_ip(request) enterprise = enterprise_services.get_enterprise_by_enterprise_id( enterprise_id) # create user oauth_instance, _ = user_services.check_user_is_enterprise_center_user( request.user.user_id) if oauth_instance: user = user_services.create_enterprise_center_user_set_password( user_name, email, password, "admin add", enterprise, client_ip, phone, real_name, oauth_instance) else: user = user_services.create_user_set_password( user_name, email, password, "admin add", enterprise, client_ip, phone, real_name) result = general_message(200, "success", "添加用户成功") if tenant: create_perm_param = { "user_id": user.user_id, "tenant_id": tenant.ID, "identity": "", "enterprise_id": enterprise.ID, } team_repo.create_team_perms(**create_perm_param) if role_ids: user_kind_role_service.update_user_roles( kind="team", kind_id=tenant.tenant_id, user=user, role_ids=role_ids) user.is_active = True user.save() result = general_message(200, "success", "添加用户成功") return Response(result)
def add_user_to_team(self, tenant, user_id, role_ids=None): user = user_repo.get_by_user_id(user_id) if not user: raise ServiceHandleException(msg="user not found", msg_show="用户不存在", status_code=404) exist_team_user = PermRelTenant.objects.filter(tenant_id=tenant.ID, user_id=user.user_id) enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id) if exist_team_user: raise ServiceHandleException(msg="user exist", msg_show="用户已经加入此团队") PermRelTenant.objects.create(tenant_id=tenant.ID, user_id=user.user_id, identity="", enterprise_id=enterprise.ID) if role_ids: user_kind_role_service.update_user_roles(kind="team", kind_id=tenant.tenant_id, user=user, role_ids=role_ids)
def put(self, req, team_id, user_id): if req.user.user_id == user_id: raise serializers.ValidationError("您不能修改自己的权限!", status.HTTP_400_BAD_REQUEST) serializer = CreateTeamUserReqSerializer(data=req.data) serializer.is_valid(raise_exception=True) role_ids = req.data["role_ids"].replace(" ", "").split(",") user = user_repo.get_by_user_id(user_id) user_kind_role_service.update_user_roles(kind="team", kind_id=self.team.tenant_id, user=user, role_ids=role_ids) return Response(None, status.HTTP_200_OK)
def create_team(self, user, enterprise, region_list=None, team_alias=None): team_name = self.random_tenant_name(enterprise=user.enterprise_id, length=8) is_public = settings.MODULES.get('SSO_LOGIN') if not is_public: pay_type = 'payed' pay_level = 'company' else: pay_type = 'free' pay_level = 'company' expired_day = 7 if hasattr(settings, "TENANT_VALID_TIME"): expired_day = int(settings.TENANT_VALID_TIME) expire_time = datetime.datetime.now() + datetime.timedelta( days=expired_day) default_region = "" if region_list and len(region_list) > 0: default_region = region_list[0] if not team_alias: team_alias = "{0}的团队".format(user.nick_name) params = { "tenant_name": team_name, "pay_type": pay_type, "pay_level": pay_level, "creater": user.user_id, "region": default_region, "expired_time": expire_time, "tenant_alias": team_alias, "enterprise_id": enterprise.enterprise_id, "limit_memory": 0, } team = team_repo.create_tenant(**params) create_perm_param = { "user_id": user.user_id, "tenant_id": team.ID, "identity": "owner", "enterprise_id": enterprise.ID, } team_repo.create_team_perms(**create_perm_param) # init default roles role_kind_services.init_default_roles(kind="team", kind_id=team.tenant_id) admin_role = role_kind_services.get_role_by_name( kind="team", kind_id=team.tenant_id, name=u"管理员") user_kind_role_service.update_user_roles(kind="team", kind_id=team.tenant_id, user=user, role_ids=[admin_role.ID]) return team
def handle(self, *args, **options): tenant_id = options['tenant_id'] enterprise_id = options['enterprise_id'] if tenant_id and enterprise_id: teams = Tenants.objects.filter(tenant_id=tenant_id, enterprise_id=enterprise_id) elif tenant_id and not enterprise_id: teams = Tenants.objects.filter(tenant_id=tenant_id) elif not tenant_id and enterprise_id: teams = Tenants.objects.filter(enterprise_id=enterprise_id) else: teams = Tenants.objects.all() if not teams: print(u"未发现团队, 初始化结束") return for team in teams: role_kind_services.init_default_roles(kind="team", kind_id=team.tenant_id) users = team_repo.get_tenant_users_by_tenant_ID(team.ID) admin = role_kind_services.get_role_by_name(kind="team", kind_id=team.tenant_id, name=u"管理员") developer = role_kind_services.get_role_by_name( kind="team", kind_id=team.tenant_id, name=u"开发者") if not admin or not developer: raise ServiceHandleException(msg="init failed", msg_show=u"初始化失败") if users: for user in users: if user.user_id == team.creater: user_kind_role_service.update_user_roles( kind="team", kind_id=team.tenant_id, user=user, role_ids=[admin.ID]) else: user_kind_role_service.update_user_roles( kind="team", kind_id=team.tenant_id, user=user, role_ids=[developer.ID])