def get_or_create_user_and_enterprise(self, oauth_user):
try:
user = user_repo.get_enterprise_user_by_username(
oauth_user.enterprise_id, oauth_user.name)
except Users.DoesNotExist:
user_info = dict()
user_info["email"] = oauth_user.email
user_info["nick_name"] = oauth_user.name
user_info["client_ip"] = oauth_user.client_ip
user_info["phone"] = oauth_user.phone
user_info["real_name"] = oauth_user.real_name
user_info["is_active"] = 1
password = "******"
user_info["enterprise_center_user_id"] = oauth_user.id
user = Users(**user_info)
user.set_password(password)
user.save()
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
oauth_user.enterprise_id)
if not enterprise:
enterprise = enterprise_services.create_oauth_enterprise(
oauth_user.enterprise_domain, oauth_user.enterprise_name,
oauth_user.enterprise_id)
user_services.make_user_as_admin_for_enterprise(
user.user_id, enterprise.enterprise_id)
user.enterprise_id = enterprise.enterprise_id
user.save()
return user
def __init_and_create_user_tenant(self, user, enterprise):
# 创建租户信息
code, msg, team = team_services.create_team(user, enterprise)
if code != 200:
logger.debug("account.login", "create tenant error")
return code, msg, team
# 创建用户在团队的权限
perm_info = {
"user_id": user.user_id,
"tenant_id": team.ID,
"identity": "owner",
"enterprise_id": enterprise.pk
}
perm_services.add_user_tenant_perm(perm_info)
# 创建用户在企业的权限
user_services.make_user_as_admin_for_enterprise(
user.user_id, enterprise.enterprise_id)
# 为团队开通默认数据中心并在数据中心创建租户
code, msg, tenant_region = region_services.create_tenant_on_region(
team.tenant_name, team.region)
if code != 200:
logger.debug("account.login", "create teanant on region error")
return code, msg, team
# 如果没有领过资源包,为默认开通的数据中心领取免费资源包
result = region_services.get_enterprise_free_resource(
tenant_region.tenant_id, enterprise.enterprise_id,
tenant_region.region_name, user.nick_name)
logger.debug(
"account.login", "get free resource on [{}] to team {}: {}".format(
tenant_region.region_name, team.tenant_name, result))
user.is_active = True
user.save()
return code, msg, team
def post(self, request, *args, **kwargs):
"""
注册用户、需要先访问captcha路由来获取验证码
---
parameters:
- name: user_name
description: 用户名
required: true
type: string
paramType: body
- name: email
description: 邮箱
required: true
type: string
paramType: body
- name: password
description: 密码,最少八位
required: true
type: string
paramType: body
- name: password_repeat
description: 确认密码
required: true
type: string
paramType: body
- name: captcha_code
description: 验证码
required: true
type: string
paramType: body
- name: register_type
description: 注册方式 暂: 邀请注册 invitation 其它方式暂无 有拓展再修改
required: false
type: string
paramType: body
- name: value
description: 数值 此处需要 team_id
required: false
type: string
paramType: body
- name: enter_name
description: 企业名称
required: false
type: string
paramType: body
"""
try:
import copy
querydict = copy.copy(request.data)
captcha_code = request.session.get("captcha_code")
querydict.update({u'real_captcha_code': captcha_code})
client_ip = request.META.get("REMOTE_ADDR", None)
register_form = RegisterForm(querydict)
if register_form.is_valid():
nick_name = register_form.cleaned_data["user_name"]
email = register_form.cleaned_data["email"]
password = register_form.cleaned_data["password"]
# 创建一个用户
user_info = dict()
user_info["email"] = email
user_info["nick_name"] = nick_name
user_info["client_ip"] = client_ip
user_info["is_active"] = 1
user = Users(**user_info)
user.set_password(password)
user.save()
enterprise = enterprise_services.get_enterprise_first()
if not enterprise:
enter_name = request.data.get("enter_name", None)
enterprise = enterprise_services.create_enterprise(
enter_name, enter_name)
# 创建用户在企业的权限
user_services.make_user_as_admin_for_enterprise(
user.user_id, enterprise.enterprise_id)
user.enterprise_id = enterprise.enterprise_id
user.save()
if Users.objects.count() == 1:
SuperAdminUser.objects.create(user_id=user.user_id)
enterprise = enterprise_services.get_enterprise_first()
register_type = request.data.get("register_type", None)
value = request.data.get("value", None)
if register_type == "invitation":
perm = perms_repo.add_user_tenant_perm(
perm_info={
"user_id": user.user_id,
"tenant_id": value,
"identity": "viewer",
"enterprise_id": enterprise.ID
})
if not perm:
result = general_message(400, "invited failed",
"团队关联失败,注册失败")
return Response(result, status=400)
data = dict()
data["user_id"] = user.user_id
data["nick_name"] = user.nick_name
data["email"] = user.email
data["enterprise_id"] = user.enterprise_id
payload = jwt_payload_handler(user)
token = jwt_encode_handler(payload)
data["token"] = token
result = general_message(200,
"register success",
"注册成功",
bean=data)
response = Response(result, status=200)
return response
else:
error = {
"error":
list(json.loads(
register_form.errors.as_json()).values())[0][0].get(
"message", "参数错误")
}
result = general_message(400, "failed",
"{}".format(error["error"]))
return Response(result, status=400)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=500)
def post(self, request, *args, **kwargs):
try:
# 获取sso的user_id
sso_user_id = request.data.get('uid')
sso_user_token = request.data.get('token')
sso_enterprise_id = request.data.get('eid')
rf = request.data.get('rf') or 'sso'
market_client_id = request.data.get('eid')
market_client_token = request.data.get('etoken')
if not market_client_id or not market_client_token:
msg = "no market_client_id or market_client_token"
logger.debug('account.login', msg)
return Response({'success': False, 'msg': msg})
rf_username = request.data.get('rf_username') or ''
logger.debug(
'account.login',
'request.sso_user_id:{0} request.sso_user_token:{1} request.sso_enterprise_id:{2}'
.format(sso_user_id, sso_user_token, sso_enterprise_id))
is_pass, msg = self.__check_params(sso_user_id, sso_user_token,
sso_enterprise_id)
if not is_pass:
return Response({'success': False, 'msg': msg})
is_pass, msg, sso_user = self.__get_auth_user_token(
sso_user_id, sso_user_token)
if not is_pass:
return Response({'success': False, 'msg': msg})
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
sso_user.get('eid'))
if not enterprise:
sso_company = sso_user.get('company')
enterprise = enterprise_services.create_tenant_enterprise(
sso_user.get('eid'), sso_company, sso_company, True)
user = self.__update_user_info(sso_user, sso_user_id,
sso_user_token, rf)
# 保存访问云市的token
domain = os.getenv('GOODRAIN_APP_API',
settings.APP_SERVICE_API["url"])
client_auth_service.save_market_access_token(
enterprise.enterprise_id, domain, market_client_id,
market_client_token)
key = request.data.get('key')
logger.debug('invite key: {0}'.format(key))
if key:
logger.debug('account.login',
'invite register: {}'.format(key))
data = AuthCode.decode(str(key), 'goodrain').split(',')
logger.debug(data)
action = data[0]
if action == 'invite_tenant':
self.__process_invite_tenant(user, data)
elif action == 'invite_service':
self.__process_invite_service(user, data)
user.is_active = True
user.save()
logger.debug('account.login',
'user invite register successful')
else:
logger.debug(
'account.login',
'register/login user.is_active:{}'.format(user.is_active))
if not user.is_active:
# 如果注册用户是通过云市私有交付创建的企业客户, 则将厂商账户加入到其客户企业的管理员列表
agent_sso_user_id = request.data.get('agent_sid')
logger.debug('account.login',
'agent_sid: {}'.format(agent_sso_user_id))
if agent_sso_user_id:
code, msg, team = self.__init_and_create_user_tenant(
user, enterprise)
if code != 200:
return Response({
'success': False,
'msg': msg
},
status=500)
agent_user = user_services.get_user_by_sso_user_id(
agent_sso_user_id)
if agent_user:
# 创建用户在团队的权限
perm_info = {
"user_id": agent_user.user_id,
"tenant_id": team.ID,
"identity": "admin",
"enterprise_id": enterprise.pk
}
perm_services.add_user_tenant_perm(perm_info)
logger.debug(
'account.login',
'agent manage team success: {}'.format(
perm_info))
else:
user_services.make_user_as_admin_for_enterprise(
user.user_id, enterprise.enterprise_id)
user.is_active = True
user.save()
logger.debug('account.login',
"enterprise id {0}".format(enterprise.enterprise_id))
teams = team_services.get_enterprise_teams(
enterprise.enterprise_id)
data_list = [{
'uid': user.sso_user_id,
'tenant_id': t.tenant_id,
'tenant_name': t.tenant_name,
'tenant_alias': t.tenant_alias,
'eid': t.enterprise_id
} for t in teams]
return Response({'success': True, 'list': data_list}, status=200)
except Exception as e:
logger.exception(e)
return Response({'success': False, 'msg': e.message}, status=500)
def post(self, request, *args, **kwargs):
"""
创建租户并开通数据中心
---
parameters:
- name: region_name
description: 数据中心名称
required: true
type: string
paramType: form
- name: team_alias
description: 团队名称
required: true
type: string
paramType: form
"""
try:
team = None
team_alias = request.data.get("team_alias", None)
region_name = request.data.get("region_name", None)
need_creare_team = False
if not team_alias:
need_creare_team = True
team_alias = "{0}的团队".format(request.user.nick_name)
else:
team = team_services.get_team_by_team_alias(team_alias)
if not team:
return self.error_response(code=status.HTTP_404_NOT_FOUND, msg="team is not found",
msg_show="团队{0}不存在".format(team_alias))
if not region_name:
return self.error_response(code=status.HTTP_406_NOT_ACCEPTABLE, msg='region name is null!',
msg_show="数据中心名称不能为空")
region = region_repo.get_region_by_region_name(region_name)
if not region:
return self.error_response(code=status.HTTP_404_NOT_FOUND, msg="region is not found",
msg_show="数据中心{0}不存在".format(region_name))
enterprise = enterprise_services.get_enterprise_by_enterprise_id(request.user.enterprise_id)
if not enterprise:
return self.error_response(code=status.HTTP_404_NOT_FOUND, msg="enterprise is not found",
msg_show="用户所在企业不存在")
if need_creare_team:
code, msg, team = team_services.create_team(request.user, enterprise, [region_name], team_alias)
if not code:
return self.error_response(code=code, msg="create team error",
msg_show="初始化团队失败")
perm_info = {
"user_id": request.user.user_id,
"tenant_id": team.ID,
"identity": "owner",
"enterprise_id": enterprise.pk
}
perm_services.add_user_tenant_perm(perm_info)
# 创建用户在企业的权限
user_services.make_user_as_admin_for_enterprise(request.user.user_id, enterprise.enterprise_id)
# 为团队开通默认数据中心并在数据中心创建租户
code, msg, tenant_region = region_services.create_tenant_on_region(team.tenant_name, team.region)
if code != 200:
if not code:
return self.error_response(code=code, msg="create tenant on region error",
msg_show="数据中心创建团队失败")
request.user.is_active = True
request.user.save()
result = self.success_response(team.to_dict())
else:
code, msg, tenant_region = region_services.create_tenant_on_region(team.tenant_name, region_name)
if code != 200:
if not code:
return self.error_response(code=code, msg="create tenant on region error",
msg_show="数据中心创建团队失败")
request.user.is_active = True
request.user.save()
result = self.success_response(team.to_dict())
except Exception as e:
logger.exception(e)
result = self.error_response(status.HTTP_500_INTERNAL_SERVER_ERROR, "system error", "系统异常")
return result