def get_or_create_user_and_enterprise(self, oauth_user): try: user = user_repo.get_enterprise_user_by_username( oauth_user.enterprise_id, oauth_user.name) except Users.DoesNotExist: user_info = dict() user_info["email"] = oauth_user.email user_info["nick_name"] = oauth_user.name user_info["client_ip"] = oauth_user.client_ip user_info["phone"] = oauth_user.phone user_info["real_name"] = oauth_user.real_name user_info["is_active"] = 1 password = "******" user_info["enterprise_center_user_id"] = oauth_user.id user = Users(**user_info) user.set_password(password) user.save() enterprise = enterprise_services.get_enterprise_by_enterprise_id( oauth_user.enterprise_id) if not enterprise: enterprise = enterprise_services.create_oauth_enterprise( oauth_user.enterprise_domain, oauth_user.enterprise_name, oauth_user.enterprise_id) user_services.make_user_as_admin_for_enterprise( user.user_id, enterprise.enterprise_id) user.enterprise_id = enterprise.enterprise_id user.save() return user
def __init_and_create_user_tenant(self, user, enterprise): # 创建租户信息 code, msg, team = team_services.create_team(user, enterprise) if code != 200: logger.debug("account.login", "create tenant error") return code, msg, team # 创建用户在团队的权限 perm_info = { "user_id": user.user_id, "tenant_id": team.ID, "identity": "owner", "enterprise_id": enterprise.pk } perm_services.add_user_tenant_perm(perm_info) # 创建用户在企业的权限 user_services.make_user_as_admin_for_enterprise( user.user_id, enterprise.enterprise_id) # 为团队开通默认数据中心并在数据中心创建租户 code, msg, tenant_region = region_services.create_tenant_on_region( team.tenant_name, team.region) if code != 200: logger.debug("account.login", "create teanant on region error") return code, msg, team # 如果没有领过资源包,为默认开通的数据中心领取免费资源包 result = region_services.get_enterprise_free_resource( tenant_region.tenant_id, enterprise.enterprise_id, tenant_region.region_name, user.nick_name) logger.debug( "account.login", "get free resource on [{}] to team {}: {}".format( tenant_region.region_name, team.tenant_name, result)) user.is_active = True user.save() return code, msg, team
def post(self, request, *args, **kwargs): """ 注册用户、需要先访问captcha路由来获取验证码 --- parameters: - name: user_name description: 用户名 required: true type: string paramType: body - name: email description: 邮箱 required: true type: string paramType: body - name: password description: 密码,最少八位 required: true type: string paramType: body - name: password_repeat description: 确认密码 required: true type: string paramType: body - name: captcha_code description: 验证码 required: true type: string paramType: body - name: register_type description: 注册方式 暂: 邀请注册 invitation 其它方式暂无 有拓展再修改 required: false type: string paramType: body - name: value description: 数值 此处需要 team_id required: false type: string paramType: body - name: enter_name description: 企业名称 required: false type: string paramType: body """ try: import copy querydict = copy.copy(request.data) captcha_code = request.session.get("captcha_code") querydict.update({u'real_captcha_code': captcha_code}) client_ip = request.META.get("REMOTE_ADDR", None) register_form = RegisterForm(querydict) if register_form.is_valid(): nick_name = register_form.cleaned_data["user_name"] email = register_form.cleaned_data["email"] password = register_form.cleaned_data["password"] # 创建一个用户 user_info = dict() user_info["email"] = email user_info["nick_name"] = nick_name user_info["client_ip"] = client_ip user_info["is_active"] = 1 user = Users(**user_info) user.set_password(password) user.save() enterprise = enterprise_services.get_enterprise_first() if not enterprise: enter_name = request.data.get("enter_name", None) enterprise = enterprise_services.create_enterprise( enter_name, enter_name) # 创建用户在企业的权限 user_services.make_user_as_admin_for_enterprise( user.user_id, enterprise.enterprise_id) user.enterprise_id = enterprise.enterprise_id user.save() if Users.objects.count() == 1: SuperAdminUser.objects.create(user_id=user.user_id) enterprise = enterprise_services.get_enterprise_first() register_type = request.data.get("register_type", None) value = request.data.get("value", None) if register_type == "invitation": perm = perms_repo.add_user_tenant_perm( perm_info={ "user_id": user.user_id, "tenant_id": value, "identity": "viewer", "enterprise_id": enterprise.ID }) if not perm: result = general_message(400, "invited failed", "团队关联失败,注册失败") return Response(result, status=400) data = dict() data["user_id"] = user.user_id data["nick_name"] = user.nick_name data["email"] = user.email data["enterprise_id"] = user.enterprise_id payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) data["token"] = token result = general_message(200, "register success", "注册成功", bean=data) response = Response(result, status=200) return response else: error = { "error": list(json.loads( register_form.errors.as_json()).values())[0][0].get( "message", "参数错误") } result = general_message(400, "failed", "{}".format(error["error"])) return Response(result, status=400) except Exception as e: logger.exception(e) result = error_message(e.message) return Response(result, status=500)
def post(self, request, *args, **kwargs): try: # 获取sso的user_id sso_user_id = request.data.get('uid') sso_user_token = request.data.get('token') sso_enterprise_id = request.data.get('eid') rf = request.data.get('rf') or 'sso' market_client_id = request.data.get('eid') market_client_token = request.data.get('etoken') if not market_client_id or not market_client_token: msg = "no market_client_id or market_client_token" logger.debug('account.login', msg) return Response({'success': False, 'msg': msg}) rf_username = request.data.get('rf_username') or '' logger.debug( 'account.login', 'request.sso_user_id:{0} request.sso_user_token:{1} request.sso_enterprise_id:{2}' .format(sso_user_id, sso_user_token, sso_enterprise_id)) is_pass, msg = self.__check_params(sso_user_id, sso_user_token, sso_enterprise_id) if not is_pass: return Response({'success': False, 'msg': msg}) is_pass, msg, sso_user = self.__get_auth_user_token( sso_user_id, sso_user_token) if not is_pass: return Response({'success': False, 'msg': msg}) enterprise = enterprise_services.get_enterprise_by_enterprise_id( sso_user.get('eid')) if not enterprise: sso_company = sso_user.get('company') enterprise = enterprise_services.create_tenant_enterprise( sso_user.get('eid'), sso_company, sso_company, True) user = self.__update_user_info(sso_user, sso_user_id, sso_user_token, rf) # 保存访问云市的token domain = os.getenv('GOODRAIN_APP_API', settings.APP_SERVICE_API["url"]) client_auth_service.save_market_access_token( enterprise.enterprise_id, domain, market_client_id, market_client_token) key = request.data.get('key') logger.debug('invite key: {0}'.format(key)) if key: logger.debug('account.login', 'invite register: {}'.format(key)) data = AuthCode.decode(str(key), 'goodrain').split(',') logger.debug(data) action = data[0] if action == 'invite_tenant': self.__process_invite_tenant(user, data) elif action == 'invite_service': self.__process_invite_service(user, data) user.is_active = True user.save() logger.debug('account.login', 'user invite register successful') else: logger.debug( 'account.login', 'register/login user.is_active:{}'.format(user.is_active)) if not user.is_active: # 如果注册用户是通过云市私有交付创建的企业客户, 则将厂商账户加入到其客户企业的管理员列表 agent_sso_user_id = request.data.get('agent_sid') logger.debug('account.login', 'agent_sid: {}'.format(agent_sso_user_id)) if agent_sso_user_id: code, msg, team = self.__init_and_create_user_tenant( user, enterprise) if code != 200: return Response({ 'success': False, 'msg': msg }, status=500) agent_user = user_services.get_user_by_sso_user_id( agent_sso_user_id) if agent_user: # 创建用户在团队的权限 perm_info = { "user_id": agent_user.user_id, "tenant_id": team.ID, "identity": "admin", "enterprise_id": enterprise.pk } perm_services.add_user_tenant_perm(perm_info) logger.debug( 'account.login', 'agent manage team success: {}'.format( perm_info)) else: user_services.make_user_as_admin_for_enterprise( user.user_id, enterprise.enterprise_id) user.is_active = True user.save() logger.debug('account.login', "enterprise id {0}".format(enterprise.enterprise_id)) teams = team_services.get_enterprise_teams( enterprise.enterprise_id) data_list = [{ 'uid': user.sso_user_id, 'tenant_id': t.tenant_id, 'tenant_name': t.tenant_name, 'tenant_alias': t.tenant_alias, 'eid': t.enterprise_id } for t in teams] return Response({'success': True, 'list': data_list}, status=200) except Exception as e: logger.exception(e) return Response({'success': False, 'msg': e.message}, status=500)
def post(self, request, *args, **kwargs): """ 创建租户并开通数据中心 --- parameters: - name: region_name description: 数据中心名称 required: true type: string paramType: form - name: team_alias description: 团队名称 required: true type: string paramType: form """ try: team = None team_alias = request.data.get("team_alias", None) region_name = request.data.get("region_name", None) need_creare_team = False if not team_alias: need_creare_team = True team_alias = "{0}的团队".format(request.user.nick_name) else: team = team_services.get_team_by_team_alias(team_alias) if not team: return self.error_response(code=status.HTTP_404_NOT_FOUND, msg="team is not found", msg_show="团队{0}不存在".format(team_alias)) if not region_name: return self.error_response(code=status.HTTP_406_NOT_ACCEPTABLE, msg='region name is null!', msg_show="数据中心名称不能为空") region = region_repo.get_region_by_region_name(region_name) if not region: return self.error_response(code=status.HTTP_404_NOT_FOUND, msg="region is not found", msg_show="数据中心{0}不存在".format(region_name)) enterprise = enterprise_services.get_enterprise_by_enterprise_id(request.user.enterprise_id) if not enterprise: return self.error_response(code=status.HTTP_404_NOT_FOUND, msg="enterprise is not found", msg_show="用户所在企业不存在") if need_creare_team: code, msg, team = team_services.create_team(request.user, enterprise, [region_name], team_alias) if not code: return self.error_response(code=code, msg="create team error", msg_show="初始化团队失败") perm_info = { "user_id": request.user.user_id, "tenant_id": team.ID, "identity": "owner", "enterprise_id": enterprise.pk } perm_services.add_user_tenant_perm(perm_info) # 创建用户在企业的权限 user_services.make_user_as_admin_for_enterprise(request.user.user_id, enterprise.enterprise_id) # 为团队开通默认数据中心并在数据中心创建租户 code, msg, tenant_region = region_services.create_tenant_on_region(team.tenant_name, team.region) if code != 200: if not code: return self.error_response(code=code, msg="create tenant on region error", msg_show="数据中心创建团队失败") request.user.is_active = True request.user.save() result = self.success_response(team.to_dict()) else: code, msg, tenant_region = region_services.create_tenant_on_region(team.tenant_name, region_name) if code != 200: if not code: return self.error_response(code=code, msg="create tenant on region error", msg_show="数据中心创建团队失败") request.user.is_active = True request.user.save() result = self.success_response(team.to_dict()) except Exception as e: logger.exception(e) result = self.error_response(status.HTTP_500_INTERNAL_SERVER_ERROR, "system error", "系统异常") return result