def _get_user_info(request, use_cache=True):
"""
获取用户基本信息
@param request:
@param use_cache:
@return:
"""
user = request.user
cache_key = "%s_get_user_info_%s" % (CACHE_PREFIX, user.username)
data = cache.get(cache_key)
if not (use_cache and data):
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
auth = getattr(client, settings.ESB_AUTH_COMPONENT_SYSTEM)
get_user_info = getattr(auth, settings.ESB_AUTH_GET_USER_INFO)
userinfo = get_user_info({})
userinfo.setdefault('code', -1)
if userinfo['result']:
data = userinfo['data']
if data:
cache.set(cache_key, data, DEFAULT_CACHE_TIME_FOR_CC)
elif userinfo['code'] in ('20101', 20101):
raise exceptions.Unauthorized(userinfo['message'])
elif userinfo['code'] in ('20103', 20103, '20201', 20201, '20202',
20202):
raise exceptions.Forbidden(userinfo['message'])
else:
raise exceptions.APIError(
settings.ESB_AUTH_COMPONENT_SYSTEM, 'get_user',
userinfo.get('detail_message', userinfo['message']))
return data
def get_user_info(request):
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
auth = getattr(client, settings.ESB_AUTH_COMPONENT_SYSTEM)
get_user_info = getattr(auth, settings.ESB_AUTH_GET_USER_INFO)
user_info = get_user_info({})
if 'data' in user_info:
user_info['data']['bk_supplier_account'] = 0
return user_info
def _get_user_business_list(request, use_cache=True):
"""Get authorized business list for a exact username.
:param object request: django request object.
:param bool use_cache: (Optional)
"""
user = request.user
cache_key = "%s_get_user_business_list_%s" % (CACHE_PREFIX, user.username)
data = cache.get(cache_key)
if not (use_cache and data):
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
result = client.cc.get_app_by_user_role({
'user_role':
','.join(roles.CC_ROLES),
# 'user_role': roles.MAINTAINERS,
})
if result['result']:
data = result['data']
# 获取用户所属开发商信息
user_info = _get_user_info(request)
# 兼容多开发商和单开发商模式
if user_info.get('company_list', []):
owner_list = [
owner['company_code']
for owner in user_info['company_list']
]
elif user_info.get('company_code'):
owner_list = [user_info.get('company_code')]
else:
owner_list = []
# 按照开发商过滤
for role, biz_list in data.iteritems():
temp_list = []
for item in biz_list:
if item.get('LifeCycle') not in ['3', _(u"停运")]:
if owner_list:
if item['Owner'] in owner_list:
temp_list.append(item)
else:
temp_list.append(item)
data.update({role: temp_list})
cache.set(cache_key, data, DEFAULT_CACHE_TIME_FOR_CC)
elif result['code'] in ('20101', 20101):
raise exceptions.Unauthorized(result['message'])
elif result['code'] in ('20103', 20103, '20201', 20201, '20202',
20202):
raise exceptions.Forbidden(result['message'])
else:
raise exceptions.APIError(
'cc', 'get_app_by_user_role',
result.get('detail_message', result['message']))
return data
def is_user_role(request, role):
if role not in ROLE_MAPS or settings.RUN_VER == 'community':
return False
cache_key = "%s_is_user_%s_%s" % (CACHE_PREFIX, role, request.user.username)
is_role = cache.get(cache_key)
if is_role is None:
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
auth = getattr(client, settings.ESB_AUTH_COMPONENT_SYSTEM)
get_user_info = getattr(auth, settings.ESB_AUTH_GET_USER_INFO)
result = get_user_info({})
if result['result'] and result['data']['role'] == ROLE_MAPS[role]:
is_role = True
else:
is_role = False
cache.set(cache_key, is_role, settings.DEFAULT_CACHE_TIME_FOR_AUTH)
return is_role
def _get_business_info(request, app_id, use_cache=True, use_maintainer=False):
"""Get detail infomations for a exact app_id.
@param object request: django request object.
@param int app_id: cc_id of core.business model.
@param use_maintainer: 使用运维身份请求
"""
username = request.user.username
business = Business.objects.get(cc_id=app_id)
cache_key = "%s_get_business_info_%s_%s" % (CACHE_PREFIX, app_id, username)
data = cache.get(cache_key)
if not (use_cache and data):
if use_maintainer:
client = get_client_by_user_and_biz_id(username, app_id)
else:
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
result = client.cc.search_business({
'bk_supplier_account': business.cc_owner,
'condition': {
'bk_biz_id': int(app_id)
}
})
if result['result']:
if not result['data']['info']:
raise exceptions.Forbidden()
data = result['data']['info'][0]
elif result.get('code') in ('20101', 20101):
raise exceptions.Unauthorized(result['message'])
elif result.get('code') in ('20103', 20103, '20201', 20201,
'20202', 20202):
raise exceptions.Forbidden(result['message'])
else:
raise exceptions.APIError(
'cc',
'get_app_by_id',
result.get('detail_message', result['message'])
)
cache.set(cache_key, data, DEFAULT_CACHE_TIME_FOR_CC)
return data
def get_role_user_list(request, role):
if role not in ROLE_MAPS:
return []
cache_key = "%s_get_%s_user_list" % (CACHE_PREFIX, role)
user_list = cache.get(cache_key)
if user_list is None:
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
auth = getattr(client, settings.ESB_AUTH_COMPONENT_SYSTEM)
result = auth.get_all_users({'bk_role': ROLE_MAPS[role]})
if result['result']:
user_list = [user['bk_username'] for user in result['data']]
else:
logger.warning('client.%s.get_all_user error: %s' %
(settings.ESB_AUTH_COMPONENT_SYSTEM, result))
user_list = []
cache.set(cache_key, user_list, settings.DEFAULT_CACHE_TIME_FOR_AUTH)
return user_list
def update_user_info(request, cc_id, use_cache=True):
cache_key = "%s_update_user_info_%s" % (CACHE_PREFIX, cc_id)
data = cache.get(cache_key)
if not (use_cache and data):
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
auth = getattr(client, settings.ESB_AUTH_COMPONENT_SYSTEM)
get_user_info = getattr(auth, settings.ESB_AUTH_GET_USER_INFO)
result = get_user_info({})
if result['result']:
_update_user_info(result['data'])
elif result['code'] in ('20101', 20101):
raise exceptions.Unauthorized(result['message'])
elif result['code'] in ('20103', 20103):
raise exceptions.Forbidden(result['message'])
else:
raise exceptions.APIError(
settings.ESB_AUTH_COMPONENT_SYSTEM, 'get_user',
result.get('detail_message', result['message']))
cache.set(cache_key, True, DEFAULT_CACHE_TIME_FOR_CC)
def _get_business_info(request, app_id, use_cache=True, use_maintainer=False):
"""Get detail infomations for a exact app_id.
@param object request: django request object.
@param int app_id: cc_id of core.business model.
@param use_maintainer: 使用运维身份请求
"""
username = request.user.username
cache_key = "%s_get_business_info_%s_%s" % (CACHE_PREFIX, app_id, username)
data = cache.get(cache_key)
if not (use_cache and data):
if use_maintainer:
client = get_client_by_user_and_biz_id(username, app_id)
else:
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
result = client.cc.get_app_by_id({
'app_id':
app_id,
'uin_to_openid_column':
','.join(roles.CC_ROLES),
})
if result['result']:
data = result['data'][0]
elif result['code'] in ('20101', 20101):
raise exceptions.Unauthorized(result['message'])
elif result['code'] in ('20103', 20103, '20201', 20201, '20202',
20202):
raise exceptions.Forbidden(result['message'])
else:
raise exceptions.APIError(
'cc', 'get_app_by_id',
result.get('detail_message', result['message']))
cache.set(cache_key, data, DEFAULT_CACHE_TIME_FOR_CC)
return data
def get_client_by_request(*args, **kwargs):
client = gcloud_settings.ESB_GET_CLIENT_BY_REQUEST(*args, **kwargs)
if hasattr(client, 'set_bk_api_ver'):
client.set_bk_api_ver('')
return client
