def get(self, request: HttpRequest): code = request.GET.get('code') redirect_url = request.GET.get('redirect_url') login_url = reverse('authentication:login') if not self.verify_state(): return self.get_verify_state_failed_response(redirect_url) feishu = FeiShu(app_id=settings.FEISHU_APP_ID, app_secret=settings.FEISHU_APP_SECRET) user_id = feishu.get_user_id_by_code(code) if not user_id: # 正常流程不会出这个错误,hack 行为 msg = _('Failed to get user from FeiShu') response = self.get_failed_response(login_url, title=msg, msg=msg) return response user = get_object_or_none(User, feishu_id=user_id) if user is None: title = _('FeiShu is not bound') msg = _('Please login with a password and then bind the FeiShu') response = self.get_failed_response(login_url, title=title, msg=msg) return response try: self.check_oauth2_auth(user, settings.AUTH_BACKEND_FEISHU) except errors.AuthFailedError as e: self.set_login_failed_mark() msg = e.msg response = self.get_failed_response(login_url, title=msg, msg=msg) return response return self.redirect_to_guard_view()
def get(self, request: HttpRequest): code = request.GET.get('code') redirect_url = request.GET.get('redirect_url') login_url = reverse('authentication:login') if not self.verify_state(): return self.get_verify_state_failed_response(redirect_url) dingtalk = DingTalk(appid=settings.DINGTALK_APPKEY, appsecret=settings.DINGTALK_APPSECRET, agentid=settings.DINGTALK_AGENTID) userid = dingtalk.get_userid_by_code(code) if not userid: # 正常流程不会出这个错误,hack 行为 msg = _('Failed to get user from DingTalk') response = self.get_failed_reponse(login_url, title=msg, msg=msg) return response user = get_object_or_none(User, dingtalk_id=userid) if user is None: title = _('DingTalk is not bound') msg = _('Please login with a password and then bind the WeCom') response = self.get_failed_reponse(login_url, title=title, msg=msg) return response try: self.check_oauth2_auth(user, settings.AUTH_BACKEND_DINGTALK) except errors.AuthFailedError as e: self.set_login_failed_mark() msg = e.msg response = self.get_failed_reponse(login_url, title=msg, msg=msg) return response return self.redirect_to_guard_view()
def approve(self, request, *args, **kwargs): instance = self.get_object() action = instance.ACTION_APPROVE self._check_can_set_action(instance, action) meta = instance.meta confirmed_assets = meta.get('confirmed_assets', []) assets = list(Asset.objects.filter(id__in=confirmed_assets)) if not assets: raise NotHaveConfirmedAssets(detail=_('Confirm assets first')) if len(assets) != len(confirmed_assets): raise ConfirmedAssetsChanged(detail=_('Confirmed assets changed')) confirmed_system_user = meta.get('confirmed_system_user') if not confirmed_system_user: raise NotHaveConfirmedSystemUser( detail=_('Confirm system-user first')) system_user = get_object_or_none(SystemUser, id=confirmed_system_user) if system_user is None: raise ConfirmedSystemUserChanged( detail=_('Confirmed system-user changed')) self._create_asset_permission(instance, assets, system_user) return Response({'detail': _('Succeed')})
def get(self, request: HttpRequest): code = request.GET.get('code') redirect_url = request.GET.get('redirect_url') login_url = reverse('authentication:login') if not self.verify_state(): return self.get_verify_state_failed_response(redirect_url) wecom = WeCom(corpid=settings.WECOM_CORPID, corpsecret=settings.WECOM_SECRET, agentid=settings.WECOM_AGENTID) wecom_userid, __ = wecom.get_user_id_by_code(code) if not wecom_userid: # 正常流程不会出这个错误,hack 行为 msg = _('Failed to get user from WeCom') response = self.get_failed_reponse(login_url, title=msg, msg=msg) return response user = get_object_or_none(User, wecom_id=wecom_userid) if user is None: title = _('WeCom is not bound') msg = _('Please login with a password and then bind the WeCom') response = self.get_failed_reponse(login_url, title=title, msg=msg) return response try: self.check_oauth2_auth(user, settings.AUTH_BACKEND_WECOM) except errors.AuthFailedError as e: self.set_login_failed_mark() msg = e.msg response = self.get_failed_reponse(login_url, title=msg, msg=msg) return response return self.redirect_to_guard_view()
def get(self, request: HttpRequest, user_id): code = request.GET.get('code') redirect_url = request.GET.get('redirect_url') if not self.verify_state(): return self.get_verify_state_failed_response(redirect_url) user = get_object_or_none(User, id=user_id) if user is None: logger.error( f'WeComQR bind callback error, user_id invalid: user_id={user_id}' ) msg = _('Invalid user_id') response = self.get_failed_reponse(redirect_url, msg, msg) return response if user.wecom_id: response = self.get_already_bound_response(redirect_url) return response wecom = WeCom(corpid=settings.WECOM_CORPID, corpsecret=settings.WECOM_SECRET, agentid=settings.WECOM_AGENTID) wecom_userid, __ = wecom.get_user_id_by_code(code) if not wecom_userid: msg = _('WeCom query user failed') response = self.get_failed_reponse(redirect_url, msg, msg) return response user.wecom_id = wecom_userid user.save() msg = _('Binding WeCom successfully') response = self.get_success_reponse(redirect_url, msg, msg) return response
def get(self, request: HttpRequest, user_id): code = request.GET.get('code') redirect_url = request.GET.get('redirect_url') if not self.verify_state(): return self.get_verify_state_failed_response(redirect_url) user = get_object_or_none(User, id=user_id) if user is None: logger.error(f'DingTalkQR bind callback error, user_id invalid: user_id={user_id}') msg = _('Invalid user_id') response = self.get_failed_response(redirect_url, msg, msg) return response if user.dingtalk_id: response = self.get_already_bound_response(redirect_url) return response dingtalk = DingTalk( appid=settings.DINGTALK_APPKEY, appsecret=settings.DINGTALK_APPSECRET, agentid=settings.DINGTALK_AGENTID ) userid = dingtalk.get_userid_by_code(code) if not userid: msg = _('DingTalk query user failed') response = self.get_failed_response(redirect_url, msg, msg) return response try: user.dingtalk_id = userid user.save() except IntegrityError as e: if e.args[0] == 1062: msg = _('The DingTalk is already bound to another user') response = self.get_failed_response(redirect_url, msg, msg) return response raise e ip = get_request_ip(request) OAuthBindMessage(user, ip, _('DingTalk'), user_id).publish_async() msg = _('Binding DingTalk successfully') response = self.get_success_response(redirect_url, msg, msg) return response
def get(self, request: HttpRequest, user_id): code = request.GET.get('code') redirect_url = request.GET.get('redirect_url') if not self.verify_state(): return self.get_verify_state_failed_response(redirect_url) user = get_object_or_none(User, id=user_id) if user is None: logger.error( f'WeComQR bind callback error, user_id invalid: user_id={user_id}' ) msg = _('Invalid user_id') response = self.get_failed_response(redirect_url, msg, msg) return response if user.wecom_id: response = self.get_already_bound_response(redirect_url) return response wecom = WeCom(corpid=settings.WECOM_CORPID, corpsecret=settings.WECOM_SECRET, agentid=settings.WECOM_AGENTID) wecom_userid, __ = wecom.get_user_id_by_code(code) if not wecom_userid: msg = _('WeCom query user failed') response = self.get_failed_response(redirect_url, msg, msg) return response try: user.wecom_id = wecom_userid user.save() except IntegrityError as e: if e.args[0] == 1062: msg = _('The WeCom is already bound to another user') response = self.get_failed_response(redirect_url, msg, msg) return response raise e ip = get_request_ip(request) OAuthBindMessage(user, ip, _('WeCom'), wecom_userid).publish_async() msg = _('Binding WeCom successfully') response = self.get_success_response(redirect_url, msg, msg) return response
def get(self, request: HttpRequest, user_id): code = request.GET.get('code') redirect_url = request.GET.get('redirect_url') if not self.verify_state(): return self.get_verify_state_failed_response(redirect_url) user = get_object_or_none(User, id=user_id) if user is None: logger.error( f'DingTalkQR bind callback error, user_id invalid: user_id={user_id}' ) msg = _('Invalid user_id') response = self.get_failed_reponse(redirect_url, msg, msg) return response if user.dingtalk_id: response = self.get_already_bound_response(redirect_url) return response dingtalk = DingTalk(appid=settings.DINGTALK_APPKEY, appsecret=settings.DINGTALK_APPSECRET, agentid=settings.DINGTALK_AGENTID) userid = dingtalk.get_userid_by_code(code) if not userid: msg = _('DingTalk query user failed') response = self.get_failed_reponse(redirect_url, msg, msg) return response user.dingtalk_id = userid user.save() msg = _('Binding DingTalk successfully') response = self.get_success_reponse(redirect_url, msg, msg) return response