def home(request):
username = request.user.username
if is_user_functor(request):
return HttpResponseRedirect(settings.SITE_URL + 'function/home/')
if is_user_auditor(request):
return HttpResponseRedirect(settings.SITE_URL + 'audit/home/')
try:
biz_list = prepare_user_business(request)
except exceptions.Unauthorized:
return HttpResponseRedirect(settings.SITE_URL + 'error/401/')
except exceptions.Forbidden:
return HttpResponseRedirect(settings.SITE_URL + 'error/403/')
except exceptions.APIError as e:
ctx = {
'system': e.system,
'api': e.api,
'message': e.message,
}
logger.error(json.dumps(ctx))
return HttpResponse(status=503, content=json.dumps(ctx))
if biz_list:
try:
obj = UserBusiness.objects.get(user=username)
biz_cc_id = obj.default_buss
biz_cc_id_list = [item.cc_id for item in biz_list]
if biz_cc_id not in set(biz_cc_id_list):
biz_cc_id = biz_cc_id_list[0]
obj.default_buss = biz_cc_id
obj.save()
except UserBusiness.DoesNotExist:
biz_cc_id = biz_list[0].cc_id
UserBusiness.objects.create(user=username, default_buss=biz_cc_id)
return HttpResponseRedirect(settings.SITE_URL + 'business/home/' + str(biz_cc_id) + '/')
else:
return HttpResponseRedirect(settings.SITE_URL + 'error/406/')
def prepare_business(request, cc_id, use_cache=True):
# first, get the business object
user = request.user
if user.is_superuser or is_user_functor(request) or is_user_auditor(request):
try:
obj, created, extras = get_business_obj(request, cc_id, use_cache)
except Exception:
objs = Business.objects.filter(cc_id=cc_id)
if not objs.exists():
raise exceptions.Forbidden()
obj = objs[0]
extras = {}
else:
obj, created, extras = get_business_obj(request, cc_id, use_cache)
# access archived business is not allowed
if not obj.available():
raise exceptions.Forbidden()
# then, update business object relationships
if extras:
update_relationships(request, obj, extras)
# update user info (uin and nick name)
update_user_info(request, cc_id)
return obj
def home(request):
# 只有职能化人员可以查看
is_functor = is_user_functor(request)
if not is_functor:
return HttpResponseForbidden()
prepare_view_all_business(request)
return render(request, 'core/base_vue.html', {})
def mysetting(request):
# 嵌入CICD,隐藏头部
hide_header = int(request.GET.get('hide_header', '0') == '1')
is_superuser = int(request.user.is_superuser)
is_functor = int(is_user_functor(request))
is_auditor = int(is_user_auditor(request))
business_timezone = request.session.get('blueking_timezone',
settings.TIME_ZONE)
cur_pos = get_cur_pos_from_url(request)
ctx = {
'MEDIA_URL': settings.MEDIA_URL, # MEDIA_URL
'STATIC_URL': settings.STATIC_URL, # 本地静态文件访问
'BK_PAAS_HOST': settings.BK_PAAS_HOST,
'APP_PATH': request.get_full_path(), # 当前页面,主要为了login_required做跳转用
'LOGIN_URL': settings.LOGIN_URL, # 登录链接
'RUN_MODE': settings.RUN_MODE, # 运行模式
'APP_CODE': settings.APP_CODE, # 在蓝鲸系统中注册的 "应用编码"
'APP_NAME': settings.APP_NAME, # 应用名称
'SITE_URL': settings.SITE_URL, # URL前缀
'REMOTE_STATIC_URL': settings.REMOTE_STATIC_URL, # 远程静态资源url
'STATIC_VERSION': settings.STATIC_VERSION, # 静态资源版本号,用于指示浏览器更新缓存
'BK_URL': settings.BK_URL, # 蓝鲸平台URL
'gettext': _, # 国际化
'_': _, # 国际化
'LANGUAGES': settings.LANGUAGES, # 国际化
# 自定义变量
'OPEN_VER': settings.OPEN_VER,
'RUN_VER': settings.RUN_VER,
'RUN_VER_NAME': settings.RUN_VER_NAME,
'REMOTE_ANALYSIS_URL': settings.REMOTE_ANALYSIS_URL,
'REMOTE_API_URL': settings.REMOTE_API_URL,
'USERNAME': request.user.username,
# 'NICK': request.session.get('nick', ''), # 用户昵称
'NICK': request.user.username, # 用户昵称
'AVATAR': request.session.get('avatar', ''), # 用户头像
'CUR_POS': cur_pos,
'BK_CC_HOST': settings.BK_CC_HOST,
'RSA_PUB_KEY': settings.RSA_PUB_KEY,
'STATIC_VER': settings.STATIC_VER[settings.RUN_MODE],
'import_v1_flag': 1 if settings.IMPORT_V1_TEMPLATE_FLAG else 0,
'HIDE_HEADER': hide_header,
'IS_SUPERUSER': is_superuser,
'IS_FUNCTOR': is_functor,
'IS_AUDITOR': is_auditor,
'BUSINESS_TIMEZONE': business_timezone
}
# 管理员入口,需要设置默认业务,否则无法访问业务相关页面
if cur_pos == 'admin':
try:
obj = UserBusiness.objects.get(user=request.user.username)
biz_cc_id = obj.default_buss
except UserBusiness.DoesNotExist:
biz_cc_id = 0
ctx['biz_cc_id'] = biz_cc_id
return ctx
def mysetting(request):
# 嵌入CICD,隐藏头部
hide_header = int(request.GET.get('hide_header', '0') == '1')
is_superuser = int(request.user.is_superuser)
is_functor = int(is_user_functor(request))
is_auditor = int(is_user_auditor(request))
default_project = get_default_project_for_user(request.user.username)
project_timezone = request.session.get('blueking_timezone',
settings.TIME_ZONE)
cur_pos = get_cur_pos_from_url(request)
ctx = {
'MEDIA_URL': settings.MEDIA_URL, # MEDIA_URL
'STATIC_URL': settings.STATIC_URL, # 本地静态文件访问
'BK_PAAS_HOST': settings.BK_PAAS_HOST,
'APP_PATH': request.get_full_path(), # 当前页面,主要为了login_required做跳转用
'LOGIN_URL': settings.LOGIN_URL, # 登录链接
'RUN_MODE': settings.RUN_MODE, # 运行模式
'APP_CODE': settings.APP_CODE, # 在蓝鲸系统中注册的 "应用编码"
'APP_NAME': settings.APP_NAME, # 应用名称
'SITE_URL': settings.SITE_URL, # URL前缀
'REMOTE_STATIC_URL': settings.REMOTE_STATIC_URL, # 远程静态资源url
'STATIC_VERSION': settings.STATIC_VERSION, # 静态资源版本号,用于指示浏览器更新缓存
'BK_URL': settings.BK_URL, # 蓝鲸平台URL
'gettext': _, # 国际化
'_': _, # 国际化
'LANGUAGES': settings.LANGUAGES, # 国际化
# 自定义变量
'OPEN_VER': settings.OPEN_VER,
'RUN_VER': settings.RUN_VER,
'RUN_VER_NAME': settings.RUN_VER_NAME,
'REMOTE_ANALYSIS_URL': settings.REMOTE_ANALYSIS_URL,
'REMOTE_API_URL': settings.REMOTE_API_URL,
'USERNAME': request.user.username,
# 'NICK': request.session.get('nick', ''), # 用户昵称
'NICK': request.user.username, # 用户昵称
'AVATAR': request.session.get('avatar', ''), # 用户头像
'CUR_POS': cur_pos,
'BK_CC_HOST': settings.BK_CC_HOST,
'RSA_PUB_KEY': settings.RSA_PUB_KEY,
'STATIC_VER': settings.STATIC_VER[settings.RUN_MODE],
'import_v1_flag': 1 if settings.IMPORT_V1_TEMPLATE_FLAG else 0,
'HIDE_HEADER': hide_header,
'IS_SUPERUSER': is_superuser,
'IS_FUNCTOR': is_functor,
'IS_AUDITOR': is_auditor,
'PROJECT_TIMEZONE': project_timezone,
'DEFAULT_PROJECT_ID': default_project.id if default_project else ''
}
return ctx
def get_object_list(self, request):
if is_user_functor(request) or is_user_auditor(request):
return super(BusinessResource, self).get_object_list(request)
all_flag = request.GET.get('all', '0')
if request.user.is_superuser and str(all_flag) == '1':
return super(BusinessResource, self).get_object_list(request)
try:
# fetch business from CMDB
biz_list = prepare_user_business(request)
except (exceptions.Unauthorized, exceptions.Forbidden, exceptions.APIError) as e:
logger.error(u'get business list[username=%s] from CMDB raise error: %s' % (request.user.username, e))
return super(BusinessResource, self).get_object_list(request)
cc_id_list = [biz.cc_id for biz in biz_list]
return super(BusinessResource, self).get_object_list(request).filter(cc_id__in=cc_id_list)
def get_object_list(self, request):
if is_user_functor(request) or is_user_auditor(request):
return super(BusinessResource, self).get_object_list(request)
all_flag = request.GET.get('all', '0')
if request.user.is_superuser and str(all_flag) == '1':
return super(BusinessResource, self).get_object_list(request)
try:
# fetch business from CMDB
biz_list = prepare_user_business(request)
except exceptions.Unauthorized:
return HttpResponse(status=401)
except exceptions.Forbidden:
# target business does not exist (irregular request)
return HttpResponseForbidden()
except exceptions.APIError as e:
return HttpResponse(status=503, content=e.error)
cc_id_list = [biz.cc_id for biz in biz_list]
return super(
BusinessResource,
self).get_object_list(request).filter(cc_id__in=cc_id_list)
def read_list(self, object_list, bundle):
"""
@summary: 管理员——返回所有有view_business权限的业务(所有业务)下的流程模板
业务管理员——返回所有有view_business权限的业务(运维身份的业务)下的流程模板
业务普通人员——返回所有有view_business权限的业务(属于某一人员角色的业务)下的有操作权限的流程模板
职能化人员——返回所有有view_business权限的业务(所有业务)下的有新建任务权限的流程模板
@param object_list:
@param bundle:
@return:
"""
templates = super(TaskTemplateAuthorization,
self).read_list(object_list, bundle)
user = bundle.request.user
if user.is_superuser:
return templates
biz_cc_id = bundle.request.GET.get('business__cc_id')
if not biz_cc_id and templates.exists():
biz_cc_id = templates[0].business.cc_id
if biz_cc_id is not None:
try:
biz = Business.objects.get(cc_id=biz_cc_id)
except Business.DoesNotExist:
return []
if user.has_perm('manage_business', biz):
return templates
if is_user_functor(bundle.request):
return get_objects_for_user(user,
PermNm.CREATE_TASK_PERM_NAME,
templates,
any_perm=True)
return get_objects_for_user(user,
PermNm.PERM_LIST,
templates,
any_perm=True)
def get_object_list(self, request):
if is_user_functor(request) or request.user.is_superuser:
return super(FunctionTaskResource, self).get_object_list(request)
else:
return super(FunctionTaskResource,
self).get_object_list(request).none()
def mysetting(request):
# 嵌入CICD,隐藏头部
language = request.COOKIES.get("blueking_language", "zh-cn")
run_ver_key = "BKAPP_RUN_VER_NAME" if language == "zh-cn" else "BKAPP_RUN_VER_NAME_{}".format(language.upper())
file_manager_type = "BKAPP_FILE_MANAGER_TYPE"
hide_header = int(request.GET.get("hide_header", "0") == "1")
is_superuser = int(request.user.is_superuser)
is_functor = int(is_user_functor(request))
is_auditor = int(is_user_auditor(request))
default_project = get_default_project_for_user(request.user.username)
project_timezone = request.session.get("blueking_timezone", settings.TIME_ZONE)
cur_pos = get_cur_pos_from_url(request)
frontend_entry_url = "{}bk_sops".format(settings.STATIC_URL) if settings.RUN_VER == "open" else "/static/bk_sops"
ctx = {
"MEDIA_URL": settings.MEDIA_URL, # MEDIA_URL
"STATIC_URL": settings.STATIC_URL, # 本地静态文件访问
"BK_PAAS_HOST": settings.BK_PAAS_HOST,
"BK_CC_HOST": settings.BK_CC_HOST,
"BK_JOB_HOST": settings.BK_JOB_HOST,
"BK_IAM_SAAS_HOST": settings.BK_IAM_SAAS_HOST,
"BK_IAM_APP_CODE": settings.BK_IAM_APP_CODE,
"BK_USER_MANAGE_HOST": settings.BK_USER_MANAGE_HOST,
"APP_PATH": request.get_full_path(), # 当前页面,主要为了login_required做跳转用
"LOGIN_URL": settings.LOGIN_URL, # 登录链接
"RUN_MODE": settings.RUN_MODE, # 运行模式
"APP_CODE": settings.APP_CODE, # 在蓝鲸系统中注册的 "应用编码"
"APP_NAME": settings.APP_NAME, # 应用名称
"SITE_URL": settings.SITE_URL, # URL前缀
"REMOTE_STATIC_URL": settings.REMOTE_STATIC_URL, # 远程静态资源url
"STATIC_VERSION": settings.STATIC_VERSION, # 静态资源版本号,用于指示浏览器更新缓存
"BK_URL": settings.BK_URL, # 蓝鲸平台URL
"gettext": _, # 国际化
"_": _, # 国际化
"LANGUAGES": settings.LANGUAGES, # 国际化
# 自定义变量
"OPEN_VER": settings.OPEN_VER,
"RUN_VER": settings.RUN_VER,
"RUN_VER_NAME": EnvironmentVariables.objects.get_var(run_ver_key, settings.RUN_VER_NAME),
"REMOTE_ANALYSIS_URL": settings.REMOTE_ANALYSIS_URL,
"REMOTE_API_URL": settings.REMOTE_API_URL,
"USERNAME": request.user.username,
# 'NICK': request.session.get('nick', ''), # 用户昵称
"NICK": request.user.username, # 用户昵称
"AVATAR": request.session.get("avatar", ""), # 用户头像
"CUR_POS": cur_pos,
"RSA_PUB_KEY": settings.RSA_PUB_KEY,
"STATIC_VER": settings.STATIC_VER[settings.RUN_MODE],
"import_v1_flag": 1 if settings.IMPORT_V1_TEMPLATE_FLAG else 0,
"HIDE_HEADER": hide_header,
"IS_SUPERUSER": is_superuser,
"IS_FUNCTOR": is_functor,
"IS_AUDITOR": is_auditor,
"PROJECT_TIMEZONE": project_timezone,
"DEFAULT_PROJECT_ID": default_project.id if default_project else "",
"FILE_UPLOAD_ENTRY": env.BKAPP_FILE_UPLOAD_ENTRY,
"MEMBER_SELECTOR_DATA_HOST": settings.BK_MEMBER_SELECTOR_DATA_HOST,
"BK_STATIC_URL": frontend_entry_url,
"BK_DOC_URL": settings.BK_DOC_URL,
"FEEDBACK_URL": settings.FEEDBACK_URL,
"FILE_MANAGER_TYPE": EnvironmentVariables.objects.get_var(file_manager_type, env.BKAPP_FILE_MANAGER_TYPE),
"MAX_NODE_EXECUTE_TIMEOUT": settings.MAX_NODE_EXECUTE_TIMEOUT,
"BK_PLUGIN_DEVELOP_URL": settings.BK_PLUGIN_DEVELOP_URL,
}
# custom context config
custom_context = getattr(settings, "CUSTOM_HOME_RENDER_CONTEXT", {})
if isinstance(custom_context, dict):
ctx.update(custom_context)
return ctx
