def home(request): # 只有职能化人员可以查看 is_functor = is_user_functor(request) if not is_functor: return HttpResponseForbidden() prepare_view_all_business(request) return render(request, 'core/base_vue.html', {})
def get_object_list(self, request): if is_user_functor(request): # 职能化用户只返回有创建任务权限的模板 templates = super(TaskTemplateResource, self).get_object_list(request) return get_objects_for_user(request.user, CREATE_TASK_PERM_NAME, templates) else: return super(TaskTemplateResource, self).get_object_list(request)
def mysetting(request): # 嵌入CICD hide_header = request.GET.get('hide_header', '') is_maintainer = False is_functor = is_user_functor(request) is_auditor = is_user_auditor(request) if request.resolver_match: biz_cc_id = request.resolver_match.kwargs.get('biz_cc_id') else: biz_cc_id = '' biz_cc_name = '' if biz_cc_id: try: biz = Business.objects.get(cc_id=biz_cc_id) is_maintainer = request.user.has_perm("manage_business", biz) biz_cc_name = biz.cc_name except Exception as e: logger.error( 'mysetting get business[biz_cc_id=%s] info error: %s' % (biz_cc_id, e)) return { 'MEDIA_URL': settings.MEDIA_URL, # MEDIA_URL 'STATIC_URL': settings.STATIC_URL, # 本地静态文件访问 'BK_PAAS_HOST': settings.BK_PAAS_HOST, 'APP_PATH': request.get_full_path(), # 当前页面,主要为了login_required做跳转用 'LOGIN_URL': settings.LOGIN_URL, # 登录链接 'LOGOUT_URL': settings.LOGOUT_URL, # 登出链接 'RUN_MODE': settings.RUN_MODE, # 运行模式 'APP_CODE': settings.APP_CODE, # 在蓝鲸系统中注册的 "应用编码" 'SITE_URL': settings.SITE_URL, # URL前缀 'REMOTE_STATIC_URL': settings.REMOTE_STATIC_URL, # 远程静态资源url 'STATIC_VERSION': settings.STATIC_VERSION, # 静态资源版本号,用于指示浏览器更新缓存 'BK_URL': settings.BK_URL, # 蓝鲸平台URL 'gettext': _, # 国际化 '_': _, # 国际化 'LANGUAGES': settings.LANGUAGES, # 国际化 # 自定义变量 'RUN_VER': settings.RUN_VER, 'RUN_VER_NAME': settings.RUN_VER_NAME, 'REMOTE_ANALYSIS_URL': settings.REMOTE_ANALYSIS_URL, 'REMOTE_API_URL': settings.REMOTE_API_URL, 'USERNAME': request.user.username, # 'NICK': request.session.get('nick', ''), # 用户昵称 'NICK': request.user.username, # 用户昵称 'AVATAR': request.session.get('avatar', ''), # 用户头像 'CUR_POS': get_cur_pos_from_url(request), 'BIZ_CC_ID': biz_cc_id, 'BIZ_CC_NAME': biz_cc_name, 'HIDE_HEADER': 1 if str(hide_header) == '1' else 0, 'is_maintainer': 1 if is_maintainer else 0, 'is_functor': 1 if is_functor else 0, 'is_auditor': 1 if is_auditor else 0, }
def get_object_list(self, request): # fetch business from CMDB try: biz_list = prepare_user_business(request) except exceptions.Unauthorized: return HttpResponse(status=401) except exceptions.Forbidden: # target business does not exist (irregular request) return HttpResponseForbidden() except exceptions.APIError as e: return HttpResponse(status=503, content=e.error) if is_user_functor(request): return super(BusinessResource, self).get_object_list(request).exclude(life_cycle__in=['3', _(u"停运")]) else: cc_id_list = [biz.cc_id for biz in biz_list] return super(BusinessResource, self).get_object_list(request).filter(cc_id__in=cc_id_list)
def mysetting(request): # 嵌入CICD hide_header = int(request.GET.get('hide_header', '0') == '1') is_superuser = int(request.user.is_superuser) is_functor = int(is_user_functor(request)) is_auditor = int(is_user_auditor(request)) business_timezone = request.session.get('blueking_timezone', settings.TIME_ZONE) return { 'MEDIA_URL': settings.MEDIA_URL, # MEDIA_URL 'STATIC_URL': settings.STATIC_URL, # 本地静态文件访问 'BK_PAAS_HOST': settings.BK_PAAS_HOST, 'APP_PATH': request.get_full_path(), # 当前页面,主要为了login_required做跳转用 'LOGIN_URL': settings.LOGIN_URL, # 登录链接 'LOGOUT_URL': settings.LOGOUT_URL, # 登出链接 'RUN_MODE': settings.RUN_MODE, # 运行模式 'APP_CODE': settings.APP_CODE, # 在蓝鲸系统中注册的 "应用编码" 'SITE_URL': settings.SITE_URL, # URL前缀 'REMOTE_STATIC_URL': settings.REMOTE_STATIC_URL, # 远程静态资源url 'STATIC_VERSION': settings.STATIC_VERSION, # 静态资源版本号,用于指示浏览器更新缓存 'BK_URL': settings.BK_URL, # 蓝鲸平台URL 'gettext': _, # 国际化 '_': _, # 国际化 'LANGUAGES': settings.LANGUAGES, # 国际化 # 自定义变量 'RUN_VER': settings.RUN_VER, 'RUN_VER_NAME': settings.RUN_VER_NAME, 'REMOTE_ANALYSIS_URL': settings.REMOTE_ANALYSIS_URL, 'REMOTE_API_URL': settings.REMOTE_API_URL, 'USERNAME': request.user.username, # 'NICK': request.session.get('nick', ''), # 用户昵称 'NICK': request.user.username, # 用户昵称 'AVATAR': request.session.get('avatar', ''), # 用户头像 'CUR_POS': get_cur_pos_from_url(request), 'BK_CC_HOST': settings.BK_CC_HOST, 'RSA_PUB_KEY': settings.RSA_PUB_KEY, 'STATIC_VER': settings.STATIC_VER[settings.RUN_MODE], 'import_v1_flag': 1 if settings.IMPORT_V1_TEMPLATE_FLAG else 0, 'HIDE_HEADER': hide_header, 'IS_SUPERUSER': is_superuser, 'IS_FUNCTOR': is_functor, 'IS_AUDITOR': is_auditor, 'BUSINESS_TIMEZONE': business_timezone }
def home(request): username = request.user.username if is_user_functor(request): return HttpResponseRedirect(SITE_URL + 'function/home/') if is_user_auditor(request): return HttpResponseRedirect(SITE_URL + 'audit/home/') try: biz_list = prepare_user_business(request) except exceptions.Unauthorized: # permission denied for target business (irregular request) return HttpResponse(status=406) except exceptions.Forbidden: # target business does not exist (irregular request) return HttpResponseForbidden() except exceptions.APIError as e: ctx = { 'system': e.system, 'api': e.api, 'message': e.message, } ctx.update(context_processors.get_constant_settings()) return render_mako_context(request, '503.html', ctx) if biz_list: try: obj = UserBusiness.objects.get(user=username) biz_cc_id = obj.default_buss biz_cc_id_list = [item.cc_id for item in biz_list] if biz_cc_id not in biz_cc_id_list: biz_cc_id = biz_cc_id_list[0] obj.default_buss = biz_cc_id obj.save() except UserBusiness.DoesNotExist: biz_cc_id = biz_list[0].cc_id UserBusiness.objects.create(user=username, default_buss=biz_cc_id) return HttpResponseRedirect( SITE_URL + 'business/home/' + str(biz_cc_id) + '/') else: company_info = _get_user_info(request) ctx = { "OwenerName": company_info.get('company_name') or _(u'蓝鲸'), "OwenerUin": company_info.get('company_code') or _(u'管理员'), } ctx.update(context_processors.get_constant_settings()) return render_mako_context(request, '/temp/register.html', ctx)
def get_object_list(self, request): if is_user_functor(request) or is_user_auditor(request): return super(BusinessResource, self).get_object_list(request) all_flag = request.GET.get('all', '0') if request.user.is_superuser and str(all_flag) == '1': return super(BusinessResource, self).get_object_list(request) try: # fetch business from CMDB biz_list = prepare_user_business(request) except exceptions.Unauthorized: return HttpResponse(status=401) except exceptions.Forbidden: # target business does not exist (irregular request) return HttpResponseForbidden() except exceptions.APIError as e: return HttpResponse(status=503, content=e.error) cc_id_list = [biz.cc_id for biz in biz_list] return super( BusinessResource, self).get_object_list(request).filter(cc_id__in=cc_id_list)
def read_list(self, object_list, bundle): """ @summary: 管理员——返回所有有view_business权限的业务(所有业务)下的流程模板 业务管理员——返回所有有view_business权限的业务(运维身份的业务)下的流程模板 业务普通人员——返回所有有view_business权限的业务(属于某一人员角色的业务)下的有操作权限的流程模板 职能化人员——返回所有有view_business权限的业务(所有业务)下的有新建任务权限的流程模板 @param object_list: @param bundle: @return: """ templates = super(TaskTemplateAuthorization, self).read_list(object_list, bundle) user = bundle.request.user if user.is_superuser: return templates biz_cc_id = bundle.request.GET.get('business__cc_id') if not biz_cc_id and templates.exists(): biz_cc_id = templates[0].business.cc_id if biz_cc_id is not None: try: biz = Business.objects.get(cc_id=biz_cc_id) except Business.DoesNotExist: return [] if user.has_perm('manage_business', biz): return templates if is_user_functor(bundle.request): return get_objects_for_user(user, PermNm.CREATE_TASK_PERM_NAME, templates, any_perm=True) return get_objects_for_user(user, PermNm.PERM_LIST, templates, any_perm=True)
def prepare_business(request, cc_id, use_cache=True): # first, get the business object user = request.user if user.is_superuser or is_user_functor(request) or is_user_auditor( request): try: obj, created, extras = get_business_obj(request, cc_id, use_cache) except Exception: objs = Business.objects.filter(cc_id=cc_id) if not objs.exists(): raise exceptions.Forbidden() obj = objs[0] extras = {} else: obj, created, extras = get_business_obj(request, cc_id, use_cache) # then, update business object relationships if extras: update_relationships(request, obj, extras) # update user info (uin and nick name) update_user_info(request, cc_id) return obj
def home(request): username = request.user.username if is_user_functor(request): return HttpResponseRedirect(settings.SITE_URL + 'function/home/') if is_user_auditor(request): return HttpResponseRedirect(settings.SITE_URL + 'audit/home/') try: biz_list = prepare_user_business(request) except exceptions.Unauthorized: return HttpResponseRedirect(settings.SITE_URL + 'error/401/') except exceptions.Forbidden: return HttpResponseRedirect(settings.SITE_URL + 'error/403/') except exceptions.APIError as e: ctx = { 'system': e.system, 'api': e.api, 'message': e.message, } logger.error(json.dumps(ctx)) return HttpResponse(status=503, content=json.dumps(ctx)) if biz_list: try: obj = UserBusiness.objects.get(user=username) biz_cc_id = obj.default_buss biz_cc_id_list = [item.cc_id for item in biz_list] if biz_cc_id not in set(biz_cc_id_list): biz_cc_id = biz_cc_id_list[0] obj.default_buss = biz_cc_id obj.save() except UserBusiness.DoesNotExist: biz_cc_id = biz_list[0].cc_id UserBusiness.objects.create(user=username, default_buss=biz_cc_id) return HttpResponseRedirect(settings.SITE_URL + 'business/home/' + str(biz_cc_id) + '/') else: return HttpResponseRedirect(settings.SITE_URL + 'error/406/')
def get_object_list(self, request): if is_user_functor(request): return super(FunctionTaskResource, self).get_object_list(request) else: return super(FunctionTaskResource, self).get_object_list(request).none()