def update_certificate(self, tenant, certificate_id, alias, certificate,
private_key, certificate_type):
cert_is_effective(certificate, private_key)
cert = domain_repo.get_certificate_by_pk(certificate_id)
if cert is None:
raise err_cert_not_found
if cert.alias != alias:
self.__check_certificate_alias(tenant, alias)
cert.alias = alias
if certificate:
cert.certificate = base64.b64encode(bytes(certificate, 'utf-8'))
if certificate_type:
cert.certificate_type = certificate_type
if private_key:
cert.private_key = private_key
cert.save()
# update all ingress related to the certificate
body = {
"certificate_id": cert.certificate_id,
"certificate_name": "foobar",
"certificate": base64.b64decode(cert.certificate).decode(),
"private_key": cert.private_key,
}
team_regions = region_services.get_team_usable_regions(
tenant.tenant_name, tenant.enterprise_id)
for team_region in team_regions:
try:
region_api.update_ingresses_by_certificate(
team_region.region_name, tenant.tenant_name, body)
except Exception as e:
logger.debug(e)
continue
return cert
def post(self, request, *args, **kwargs):
"""
应用迁移
---
parameters:
- name: tenantName
description: 团队名称
required: true
type: string
paramType: path
- name: region
description: 需要备份的数据中心
required: true
type: string
paramType: form
- name: team
description: 需要迁移到的团队
required: true
type: string
paramType: form
- name: backup_id
description: 备份ID
required: true
type: string
paramType: form
"""
try:
migrate_region = request.data.get("region", None)
team = request.data.get("team", None)
backup_id = request.data.get("backup_id", None)
if not team:
return Response(general_message(400, "team is null",
"请指明要迁移的团队"),
status=400)
migrate_team = team_services.get_tenant_by_tenant_name(team)
if not migrate_team:
return Response(general_message(404, "team is not found",
"需要迁移的团队{0}不存在".format(team)),
status=404)
regions = region_services.get_team_usable_regions(migrate_team)
if migrate_region not in [r.region_name for r in regions]:
return Response(general_message(
412, "region is not usable",
"无法迁移至数据中心{0},请确保该数据中心可用且您已开通该数据中心权限".format(
migrate_region)),
status=412)
code, msg = migrate_service.start_migrate(
self.user, self.tenant.tenant_name, self.response_region,
migrate_team, migrate_region, backup_id)
if code != 200:
return Response(general_message(code, "migrate failed", msg),
status=code)
result = general_message(200, "success", "操作成功,开始迁移应用")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def initial(self, request, *args, **kwargs):
request.user.is_administrator = False
if hasattr(request.user, "enterprise_id"):
self.enterprise = enterprise_services.get_enterprise_by_id(request.user.enterprise_id)
if not self.enterprise:
raise ErrEnterpriseNotFound
if self.enterprise.ID == 1:
request.user.is_administrator = True
self.user = request.user
self.is_team_owner = False
team_id = kwargs.get("team_id")
if team_id:
self.team = team_services.get_team_by_team_id_and_eid(team_id, self.enterprise.enterprise_id)
if not self.team:
self.team = team_services.get_enterprise_tenant_by_tenant_name(self.enterprise.enterprise_id, team_id)
if not self.team:
raise ServiceHandleException(msg_show="团队不存在", msg="no found team", status_code=404)
self.team_regions = region_services.get_team_usable_regions(self.team.tenant_name, self.enterprise.enterprise_id)
if self.user.user_id == self.team.creater:
self.is_team_owner = True
self.enterprise = TenantEnterprise.objects.filter(enterprise_id=self.team.enterprise_id).first()
self.is_enterprise_admin = False
enterprise_user_perms = EnterpriseUserPerm.objects.filter(
enterprise_id=self.team.enterprise_id, user_id=self.user.user_id).first()
if enterprise_user_perms:
self.is_enterprise_admin = True
self.get_perms()
self.check_perms(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
"""
应用迁移
---
parameters:
- name: tenantName
description: 团队名称
required: true
type: string
paramType: path
- name: group_id
description: 组ID
required: true
type: string
paramType: path
- name: region
description: 需要备份的数据中心
required: true
type: string
paramType: form
- name: team
description: 需要迁移到的团队
required: true
type: string
paramType: form
- name: backup_id
description: 备份ID
required: true
type: string
paramType: form
- name: migrate_type
description: 操作类型
required: true
type: string
paramType: form
"""
migrate_region = request.data.get("region", None)
team = request.data.get("team", None)
backup_id = request.data.get("backup_id", None)
migrate_type = request.data.get("migrate_type", "migrate")
event_id = request.data.get("event_id", None)
restore_id = request.data.get("restore_id", None)
if not team:
return Response(general_message(400, "team is null", "请指明要迁移的团队"), status=400)
migrate_team = team_services.get_tenant_by_tenant_name(team)
if not migrate_team:
return Response(general_message(404, "team is not found", "需要迁移的团队{0}不存在".format(team)), status=404)
regions = region_services.get_team_usable_regions(migrate_team)
if migrate_region not in [r.region_name for r in regions]:
msg_cn = "无法迁移至数据中心{0},请确保该数据中心可用且团队{1}已开通该数据中心权限".format(
migrate_region, migrate_team.tenant_name)
return Response(general_message(412, "region is not usable", msg_cn), status=412)
migrate_record = migrate_service.start_migrate(
self.user, self.tenant, self.region_name, migrate_team, migrate_region,
backup_id, migrate_type, event_id, restore_id)
result = general_message(200, "success", "操作成功,开始迁移应用", bean=migrate_record.to_dict())
return Response(result, status=result["code"])
def initial(self, request, *args, **kwargs):
super(TeamAPIView, self).initial(request, *args, **kwargs)
team_id = kwargs.get("team_id")
region_name = kwargs.get("region_name")
if team_id:
self.team = team_services.get_team_by_team_id(team_id)
self.region_name = region_name
self.team_regions = region_services.get_team_usable_regions(
self.team.tenant_name)