def post(self, request, *args, **kwargs): values = request.data.get("oauth_services") eid = request.user.enterprise_id try: services = oauth_repo.create_or_update_console_oauth_services( values, eid) except Exception as e: logger.exception(e) return Response({"msg": e.message}, status=status.HTTP_400_BAD_REQUEST) service = oauth_repo.get_conosle_oauth_service(eid) api = get_oauth_instance(service.oauth_type, service, None) authorize_url = api.get_authorize_url() data = [] for service in services: data.append({ "service_id": service.ID, "name": service.name, "oauth_type": service.oauth_type, "client_id": service.client_id, "client_secret": service.client_secret, "enable": service.enable, "eid": service.eid, "redirect_uri": service.redirect_uri, "home_url": service.home_url, "auth_url": service.auth_url, "access_token_url": service.access_token_url, "api_url": service.api_url, "is_auto_login": service.is_auto_login, "is_git": service.is_git, "authorize_url": authorize_url, }) rst = {"data": {"bean": {"oauth_services": data}}} return Response(rst, status=status.HTTP_200_OK)
def get_oauth_services(self): rst = [] enterprise = enterprise_services.get_enterprise_by_enterprise_id( self.enterprise_id) if enterprise.ID != 1: oauth_services = OAuthServices.objects.filter( ~Q(oauth_type="enterprisecenter"), eid=enterprise.enterprise_id, is_deleted=False, enable=True) else: oauth_services = OAuthServices.objects.filter( eid=enterprise.enterprise_id, is_deleted=False, enable=True) if oauth_services: for oauth_service in oauth_services: try: api = get_oauth_instance(oauth_service.oauth_type, oauth_service, None) authorize_url = api.get_authorize_url() rst.append({ "service_id": oauth_service.ID, "enable": oauth_service.enable, "name": oauth_service.name, "oauth_type": oauth_service.oauth_type, "is_console": oauth_service.is_console, "home_url": oauth_service.home_url, "eid": oauth_service.eid, "is_auto_login": oauth_service.is_auto_login, "is_git": oauth_service.is_git, "authorize_url": authorize_url, }) except NoSupportOAuthType: continue return rst
def get_enterprise_center_oauth(self): try: oauth_service = OAuthServices.objects.get( is_deleted=False, enable=True, oauth_type="enterprisecenter", ID=1) pre_enterprise_center = os.getenv("PRE_ENTERPRISE_CENTER", None) if pre_enterprise_center: oauth_service = OAuthServices.objects.get( name=pre_enterprise_center, oauth_type="enterprisecenter") except OAuthServices.DoesNotExist: return None try: api = get_oauth_instance(oauth_service.oauth_type, oauth_service, None) authorize_url = api.get_authorize_url() return { "service_id": oauth_service.ID, "enable": oauth_service.enable, "name": oauth_service.name, "oauth_type": oauth_service.oauth_type, "is_console": oauth_service.is_console, "home_url": oauth_service.home_url, "eid": oauth_service.eid, "is_auto_login": oauth_service.is_auto_login, "is_git": oauth_service.is_git, "authorize_url": authorize_url, } except NoSupportOAuthType: return None
def post(self, request, enterprise_id, *args, **kwargs): values = request.data.get("oauth_services") services = oauth_repo.create_or_update_oauth_services( values, enterprise_id) data = [] for service in services: api = get_oauth_instance(service.oauth_type, service, None) authorize_url = api.get_authorize_url() data.append({ "service_id": service.ID, "name": service.name, "oauth_type": service.oauth_type, "client_id": service.client_id, "client_secret": service.client_secret, "enable": service.enable, "eid": service.eid, "redirect_uri": service.redirect_uri, "home_url": service.home_url, "auth_url": service.auth_url, "access_token_url": service.access_token_url, "api_url": service.api_url, "is_auto_login": service.is_auto_login, "is_git": service.is_git, "authorize_url": authorize_url, }) rst = {"data": {"bean": {"oauth_services": data}}} return Response(rst, status=status.HTTP_200_OK)
def initial(self, request, *args, **kwargs): super(EnterpriseServiceOauthView, self).initial(request, *args, **kwargs) try: oauth_service = OAuthServices.objects.get( oauth_type="enterprisecenter", ID=1) pre_enterprise_center = os.getenv("PRE_ENTERPRISE_CENTER", None) if pre_enterprise_center: oauth_service = OAuthServices.objects.get( name=pre_enterprise_center, oauth_type="enterprisecenter") oauth_user = UserOAuthServices.objects.get( service_id=oauth_service.ID, user_id=request.user.user_id) except OAuthServices.DoesNotExist: raise ServiceHandleException( msg="not found enterprise center oauth server config", msg_show=u"未找到企业中心OAuth配置", status_code=404) except UserOAuthServices.DoesNotExist: raise ServiceHandleException( msg="user not authorize in enterprise center oauth", msg_show=u"用户身份未在企业中心认证") self.oauth_instance = get_oauth_instance(oauth_service.oauth_type, oauth_service, oauth_user) if not self.oauth_instance: raise ServiceHandleException( msg="no found enterprise service OAuth", msg_show=u"未找到企业中心OAuth服务类型", status_code=404)
def get_all_oauth_service(self): rst = [] oauth_services = OAuthServices.objects.filter(is_deleted=False, enable=True) if oauth_services: for oauth_service in oauth_services: try: api = get_oauth_instance(oauth_service.oauth_type, oauth_service, None) authorize_url = api.get_authorize_url() rst.append({ "service_id": oauth_service.ID, "enable": oauth_service.enable, "name": oauth_service.name, "oauth_type": oauth_service.oauth_type, "is_console": oauth_service.is_console, "home_url": oauth_service.home_url, "eid": oauth_service.eid, "is_auto_login": oauth_service.is_auto_login, "is_git": oauth_service.is_git, "authorize_url": authorize_url, }) except NoSupportOAuthType: continue return rst
def create_or_update_oauth_services(self, values, eid=None): querysetlist = [] for value in values: instance = get_oauth_instance(value["oauth_type"]) value["home_url"] = value["home_url"].strip().strip("/") auth_url = instance.get_auth_url(home_url=value["home_url"]) access_token_url = instance.get_access_token_url( home_url=value["home_url"]) api_url = instance.get_user_url(home_url=value["home_url"]) is_git = instance.is_git_oauth() if value.get("service_id") is None: # check if the name exists try: self.get_by_name(value["name"]) raise ErrOauthServiceExists except OAuthServices.DoesNotExist: pass querysetlist.append( OAuthServices(name=value["name"], client_id=value["client_id"], eid=value["eid"], client_secret=value["client_secret"], redirect_uri=value["redirect_uri"], oauth_type=value["oauth_type"], home_url=value["home_url"], auth_url=auth_url, access_token_url=access_token_url, api_url=api_url, is_auto_login=value["is_auto_login"], is_console=value["is_console"], is_deleted=value.get("is_deleted", False), is_git=is_git)) else: if value.get("is_deleted"): self.delete_oauth_service( service_id=value.get("service_id")) else: old_service = self.open_get_oauth_services_by_service_id( service_id=value.get("service_id")) if old_service.home_url != value["home_url"]: UserOAuthServices.objects.filter( service_id=value.get("service_id")).delete() OAuthServices.objects.filter( ID=value["service_id"]).update( name=value["name"], eid=value["eid"], redirect_uri=value["redirect_uri"], home_url=value["home_url"], auth_url=auth_url, access_token_url=auth_url, api_url=auth_url, enable=value["enable"], is_auto_login=value["is_auto_login"], is_console=value["is_console"]) if eid is None: eid = value["eid"] OAuthServices.objects.bulk_create(querysetlist) rst = OAuthServices.objects.filter(eid=eid) return rst
def check_user_is_enterprise_center_user(self, user_id): oauth_user, oauth_service = oauth_user_repo.get_enterprise_center_user_by_user_id( user_id) if oauth_user and oauth_service: return get_oauth_instance(oauth_service.oauth_type, oauth_service, oauth_user), oauth_user return None, None
def get(self, request, *args, **kwargs): eid = request.user.enterprise_id service = oauth_repo.get_conosle_oauth_service(eid) if service is not None: api = get_oauth_instance(service.oauth_type, service, None) authorize_url = api.get_authorize_url() data = { "service_id": service.ID, "enable": service.enable, "name": service.name, "client_id": service.client_id, "auth_url": service.auth_url, "redirect_uri": service.redirect_uri, "oauth_type": service.oauth_type, "home_url": service.home_url, "eid": service.eid, "access_token_url": service.access_token_url, "api_url": service.api_url, "client_secret": service.client_secret, "is_auto_login": service.is_auto_login, "is_git": service.is_git, "authorize_url": authorize_url, } rst = {"data": {"bean": {"oauth_services": data}}} return Response(rst, status=status.HTTP_200_OK) else: rst = {"data": {"bean": {"oauth_services": None}}} return Response(rst, status=status.HTTP_200_OK)
def get(self, request, *args, **kwargs): all_services_list = [] eid = request.user.enterprise_id service = oauth_repo.get_conosle_oauth_service(eid) all_services = oauth_repo.get_all_oauth_services(eid) if all_services is not None: for l_service in all_services: api = get_oauth_instance(l_service.oauth_type, service, None) authorize_url = api.get_authorize_url() all_services_list.append({ "service_id": l_service.ID, "enable": l_service.enable, "name": l_service.name, "client_id": l_service.client_id, "auth_url": l_service.auth_url, "redirect_uri": l_service.redirect_uri, "oauth_type": l_service.oauth_type, "home_url": l_service.home_url, "eid": l_service.eid, "access_token_url": l_service.access_token_url, "api_url": l_service.api_url, "client_secret": l_service.client_secret, "is_auto_login": l_service.is_auto_login, "is_git": l_service.is_git, "authorize_url": authorize_url, "enterprise_id": l_service.eid, }) rst = {"data": {"list": all_services_list}} return Response(rst, status=status.HTTP_200_OK)
def get(self, request, service_id, *args, **kwargs): user_id = request.user.user_id page = request.GET.get("page", 1) search = request.GET.get("search", '') oauth_service = oauth_repo.get_oauth_services_by_service_id( service_id=service_id) oauth_user = oauth_user_repo.get_user_oauth_by_user_id( service_id=service_id, user_id=user_id) if oauth_user is None: rst = { "data": { "bean": None }, "status": 400, "msg_show": u"未成功获取第三方用户信息" } return Response(rst, status=status.HTTP_200_OK) service = get_oauth_instance(oauth_service.oauth_type, oauth_service, oauth_user) if not service.is_git_oauth(): rst = { "data": { "bean": None }, "status": 400, "msg_show": u"该OAuth服务不是代码仓库类型" } return Response(rst, status=status.HTTP_200_OK) try: if len(search) > 0 and search is not None: true_search = oauth_user.oauth_user_name + '/' + search.split( "/")[-1] data = service.search_repos(true_search, page=page) else: data = service.get_repos(page=page) rst = { "data": { "bean": { "repositories": data, "user_id": user_id, "service_id": service_id, "service_type": oauth_service.oauth_type, "service_name": oauth_service.name, "total": 10 } } } return Response(rst, status=status.HTTP_200_OK) except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 400, "msg_show": u"Access Token 已过期" } return Response(rst, status=status.HTTP_200_OK)
def get(self, request, service_id, *args, **kwargs): user_id = request.user.user_id type = request.GET.get("type") full_name = request.GET.get("full_name") oauth_service = oauth_repo.get_oauth_services_by_service_id(service_id) oauth_user = oauth_user_repo.get_user_oauth_by_user_id( service_id=service_id, user_id=user_id) if oauth_user is None: rst = { "data": { "bean": None }, "status": 400, "msg_show": u"未成功获取第三方用户信息" } return Response(rst, status=status.HTTP_200_OK) try: service = get_oauth_instance(oauth_service.oauth_type, oauth_service, oauth_user) except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 400, "msg_show": u"未找到OAuth服务" } return Response(rst, status=status.HTTP_200_OK) if not service.is_git_oauth(): rst = { "data": { "bean": None }, "status": 400, "msg_show": u"该OAuth服务不是代码仓库类型" } return Response(rst, status=status.HTTP_200_OK) try: data = service.get_branches_or_tags(type, full_name) rst = {"data": {"bean": {type: data, "total": len(data)}}} return Response(rst, status=status.HTTP_200_OK) except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 400, "msg_show": u"Access Token 已过期" } return Response(rst, status=status.HTTP_200_OK)
def get_user_oauth_services_info(self, eid, user_id): oauth_services = [] services = OAuthServices.objects.filter(eid=eid, is_deleted=False, enable=True) for service in services: user_service = self.get_user_oauth_by_user_id( service_id=service.ID, user_id=user_id) api = get_oauth_instance(service.oauth_type, service, None) authorize_url = api.get_authorize_url() if user_service: oauth_services.append({ "service_id": service.ID, "service_name": service.name, "oauth_type": service.oauth_type, "is_authenticated": user_service.is_authenticated, "is_expired": user_service.is_expired, "auth_url": service.auth_url, "client_id": service.client_id, "redirect_uri": service.redirect_uri, "is_git": service.is_git, "authorize_url": authorize_url, "oauth_user_name": user_service.oauth_user_name, }) else: oauth_services.append({ "service_id": service.ID, "service_name": service.name, "oauth_type": service.oauth_type, "is_authenticated": False, "is_expired": False, "auth_url": service.auth_url, "client_id": service.client_id, "redirect_uri": service.redirect_uri, "is_git": service.is_git, "authorize_url": authorize_url, "oauth_user_name": "", }) return oauth_services
def get(self, request, service_id, path, name, *args, **kwargs): full_name = '/'.join([path, name]) user_id = request.user.user_id try: oauth_service = oauth_repo.get_oauth_services_by_service_id(service_id=service_id) oauth_user = oauth_user_repo.get_user_oauth_by_user_id(service_id=service_id, user_id=user_id) except Exception as e: logger.debug(e) rst = {"data": {"bean": None}, "status": 404, "msg_show": u"未找到oauth服务, 请检查该服务是否存在且属于开启状态"} return Response(rst, status=status.HTTP_200_OK) if oauth_user is None: rst = {"data": {"bean": None}, "status": 400, "msg_show": u"未成功获取第三方用户信息" } return Response(rst, status=status.HTTP_200_OK) try: service = get_oauth_instance(oauth_service.oauth_type, oauth_service, oauth_user) except Exception as e: logger.debug(e) rst = {"data": {"bean": None}, "status": 400, "msg_show": u"未找到OAuth服务" } return Response(rst, status=status.HTTP_200_OK) if not service.is_git_oauth(): rst = {"data": {"bean": None}, "status": 400, "msg_show": u"该OAuth服务不是代码仓库类型" } return Response(rst, status=status.HTTP_200_OK) repo_list = [] try: for data in service.get_repo_detail(full_name): repo_list.append(data) rst = {"data": {"bean": { "repositories": repo_list, "user_id": user_id, "service_id": service_id, "service_type": oauth_service.oauth_type, "service_name": oauth_service.name, "total": 10}}} return Response(rst, status=status.HTTP_200_OK) except Exception as e: logger.debug(e) rst = {"data": {"bean": None}, "status": 400, "msg_show": u"Access Token 已过期"} return Response(rst, status=status.HTTP_200_OK)
def create_or_update_console_oauth_services(self, values, eid): old_oauth_service = OAuthServices.objects.filter( eid=eid, is_console=True).first() for value in values[:1]: if value["oauth_type"] in support_oauth_type.keys(): instance = get_oauth_instance(value["oauth_type"]) auth_url = instance.get_auth_url(home_url=value["home_url"]) access_token_url = instance.get_access_token_url( home_url=value["home_url"]) api_url = instance.get_user_url(home_url=value["home_url"]) is_git = instance.is_git_oauth() if value.get( "service_id") is None and old_oauth_service is None: OAuthServices.objects.create( name=value["name"], client_id=value["client_id"], eid=value["eid"], client_secret=value["client_secret"], redirect_uri=value["redirect_uri"], oauth_type=value["oauth_type"], home_url=value["home_url"], auth_url=auth_url, access_token_url=access_token_url, api_url=api_url, enable=value["enable"], is_auto_login=value["is_auto_login"], is_console=value["is_console"], is_git=is_git) elif old_oauth_service is not None and value.get( "service_id") == old_oauth_service.ID: OAuthServices.objects.filter( ID=value["service_id"]).update( name=value["name"], eid=value["eid"], redirect_uri=value["redirect_uri"], home_url=value["home_url"], auth_url=auth_url, access_token_url=access_token_url, api_url=api_url, enable=value["enable"], is_auto_login=value["is_auto_login"], is_console=value["is_console"]) else: raise Exception(u"未找到该OAuth类型") rst = OAuthServices.objects.filter(eid=eid, is_console=True) return rst
def initial(self, request, *args, **kwargs): super(CloudEnterpriseCenterView, self).initial(request, *args, **kwargs) if not os.getenv("IS_PUBLIC", False): return try: oauth_service = OAuthServices.objects.get(oauth_type="enterprisecenter", ID=1) pre_enterprise_center = os.getenv("PRE_ENTERPRISE_CENTER", None) if pre_enterprise_center: oauth_service = OAuthServices.objects.get(name=pre_enterprise_center, oauth_type="enterprisecenter") oauth_user = UserOAuthServices.objects.get(service_id=oauth_service.ID, user_id=self.user.user_id) except OAuthServices.DoesNotExist: raise NotFound("enterprise center oauth server not found") except UserOAuthServices.DoesNotExist: msg = _('用户身份未在企业中心认证') raise AuthenticationInfoHasExpiredError(msg) self.oauth_instance = get_oauth_instance(oauth_service.oauth_type, oauth_service, oauth_user) if not self.oauth_instance: msg = _('未找到企业中心OAuth服务类型') raise AuthenticationInfoHasExpiredError(msg)
def post(self, request, *args, **kwargs): client_id = parse_item(request, "client_id", required=True) client_secret = parse_item(request, "client_secret", required=True) user_id = parse_item(request, "user_id", required=True) oauth_service = oauth_repo.get_by_client_id(client_id) if oauth_service.oauth_type != "dbox": raise AbortRequest( "unsupported oauth type {} for oauth user logout".format( oauth_service.oauth_type)) if oauth_service.client_secret != client_secret: raise AbortRequest("the requested client key does not match") oauth_user = oauth_user_repo.get_by_oauth_user_id( oauth_service.ID, user_id) # Go to Oauth2 Server to check if the user has logged out api = get_oauth_instance(oauth_service.oauth_type, oauth_service, oauth_user) api.is_logout() # logout JwtManager().delete_user_id(oauth_user.user_id) return Response(status=status.HTTP_200_OK)
def put(self, request, *args, **kwargs): """ 修改构建源 --- """ s_id = transaction.savepoint() try: image = request.data.get("image", None) cmd = request.data.get("cmd", None) service_source = request.data.get("service_source") git_url = request.data.get("git_url", None) code_version = request.data.get("code_version", None) user_name = request.data.get("user_name", None) password = request.data.get("password", None) is_oauth = request.data.get("is_oauth", False) user_id = request.user.user_id oauth_service_id = request.data.get("service_id") git_full_name = request.data.get("full_name") if not service_source: return Response(general_message(400, "param error", "参数错误"), status=400) service_source_user = service_source_repo.get_service_source( team_id=self.service.tenant_id, service_id=self.service.service_id) if not service_source_user: service_source_info = { "service_id": self.service.service_id, "team_id": self.service.tenant_id, "user_name": user_name, "password": password, "create_time": datetime.datetime.now().strftime('%Y%m%d%H%M%S') } service_source_repo.create_service_source( **service_source_info) else: service_source_user.user_name = user_name service_source_user.password = password service_source_user.save() if service_source == "source_code": if code_version: self.service.code_version = code_version else: self.service.code_version = "master" if git_url: if is_oauth: oauth_service = oauth_repo.get_oauth_services_by_service_id( service_id=oauth_service_id) oauth_user = oauth_user_repo.get_user_oauth_by_user_id( service_id=oauth_service_id, user_id=user_id) try: instance = get_oauth_instance( oauth_service.oauth_type, oauth_service, oauth_user) except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 400, "msg_show": u"未找到OAuth服务" } return Response(rst, status=200) if not instance.is_git_oauth(): rst = { "data": { "bean": None }, "status": 400, "msg_show": u"该OAuth服务不是代码仓库类型" } return Response(rst, status=200) service_code_from = "oauth_" + oauth_service.oauth_type self.service.code_from = service_code_from self.service.git_url = git_url self.service.git_full_name = git_full_name self.service.oauth_service_id = oauth_service_id else: self.service.git_url = git_url self.service.save() transaction.savepoint_commit(s_id) elif service_source == "docker_run": if image: version = image.split(':')[-1] if not version: version = "latest" image = image + ":" + version self.service.image = image self.service.version = version self.service.cmd = cmd self.service.save() transaction.savepoint_commit(s_id) result = general_message(200, "success", "修改成功") except Exception as e: logger.exception(e) result = error_message(e.message) transaction.savepoint_rollback(s_id) return Response(result, status=result["code"])
def get(self, request, *args, **kwargs): try: code = 200 status = role_perm_repo.initialize_permission_settings() data = config_service.initialization_or_get_config() base_data = config_service.initialization_or_get_base_config() data.update(base_data) logo = config_service.get_image() data["logo"] = "{0}".format(str(logo)) title = config_service.get_config_by_key("TITLE") if not title: config = config_service.add_config("TITLE", "Rainbond-企业云应用操作系统,开发、交付云解决方案", "string", desc="云帮title") title = config.value else: title = title.value data["title"] = title data["version"] = os.getenv("RELEASE_DESC", "public-cloud") result = general_message(code, "query success", u"Logo获取成功", bean=data, initialize_info=status) data["eid"] = None enterprise = enterprise_repo.get_enterprise_first() if enterprise: data["eid"] = enterprise.enterprise_id data["enterprise_name"] = enterprise.enterprise_alias build_absolute_uri = request.build_absolute_uri() scheme = "http" if build_absolute_uri.startswith("https"): scheme = "https" if settings.MODULES.get('SSO_LOGIN'): data["url"] = os.getenv("SSO_BASE_URL", "https://sso.goodrain.com") + "/#/login/" data["is_public"] = True else: data["url"] = "{0}://{1}/index#/user/login".format(scheme, request.get_host()) data["is_public"] = False if settings.MODULES.get('SSO_LOGIN'): data["is_user_register"] = True else: users = user_repo.get_all_users() if users: data["is_user_register"] = True else: data["is_user_register"] = False data["eid"] = None enterprise = enterprise_repo.get_enterprise_first() if enterprise: data["eid"] = enterprise.enterprise_id data["enterprise_name"] = enterprise.enterprise_alias market_token = market_sycn_service.get_enterprise_access_token(enterprise.enterprise_id, "market") if market_token: data["market_url"] = market_token.access_url else: data["market_url"] = os.getenv('GOODRAIN_APP_API', settings.APP_SERVICE_API["url"]) data["oauth_services_is_sonsole"] = {"enable": True, "value": None} oauth_services = [] services = oauth_repo.get_oauth_services(str(enterprise.enterprise_id)) for service in services: api = get_oauth_instance(service.oauth_type, service, None) authorize_url = api.get_authorize_url() if not service.is_console: data["oauth_services_is_sonsole"]["enable"] = False oauth_services.append( { "service_id": service.ID, "enable": service.enable, "name": service.name, "oauth_type": service.oauth_type, "is_console": service.is_console, "home_url": service.home_url, "eid": service.eid, "is_auto_login": service.is_auto_login, "is_git": service.is_git, "authorize_url": authorize_url, } ) data["oauth_services"]["value"] = oauth_services data["version"] = os.getenv("RELEASE_DESC", "public-cloud") return Response(result, status=code) except Exception as e: logger.exception(e) result = error_message(e.message) return Response(result)
def get(self, request, *args, **kwargs): code = request.GET.get("code") service_id = request.GET.get("service_id") try: oauth_service = oauth_repo.get_oauth_services_by_service_id( service_id) except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": u"未找到oauth服务, 请检查该服务是否存在且属于开启状态" } return Response(rst, status=status.HTTP_200_OK) try: api = get_oauth_instance(oauth_service.oauth_type, oauth_service, None) except NoSupportOAuthType as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": u"未找到oauth服务" } return Response(rst, status=status.HTTP_200_OK) try: user, access_token, refresh_token = api.get_user_info(code=code) except Exception as e: logger.debug(e.message) rst = { "data": { "bean": None }, "status": 404, "msg_show": e.message } return Response(rst, status=status.HTTP_200_OK) user_name = user.name user_id = str(user.id) user_email = user.email authenticated_user = oauth_user_repo.user_oauth_exists( service_id=service_id, oauth_user_id=user_id) if authenticated_user is not None: authenticated_user.oauth_user_id = user_id authenticated_user.oauth_user_name = user_name authenticated_user.oauth_user_email = user_email authenticated_user.access_token = access_token authenticated_user.refresh_token = refresh_token authenticated_user.code = code authenticated_user.save() if authenticated_user.user_id is not None: login_user = user_repo.get_by_user_id( authenticated_user.user_id) payload = jwt_payload_handler(login_user) token = jwt_encode_handler(payload) response = Response({"data": { "bean": { "token": token } }}, status=status.HTTP_200_OK) if api_settings.JWT_AUTH_COOKIE: expiration = (datetime.datetime.now() + api_settings.JWT_EXPIRATION_DELTA) response.set_cookie(api_settings.JWT_AUTH_COOKIE, token, expires=expiration, httponly=True) return response else: rst = { "oauth_user_name": user_name, "oauth_user_id": user_id, "oauth_user_email": user_email, "service_id": authenticated_user.service_id, "oauth_type": oauth_service.oauth_type, "is_authenticated": authenticated_user.is_authenticated, "code": code, } msg = "user is not authenticated" return Response( {"data": { "bean": { "result": rst, "msg": msg } }}, status=status.HTTP_200_OK) else: usr = oauth_user_repo.save_oauth( oauth_user_id=user_id, oauth_user_name=user_name, oauth_user_email=user_email, code=code, service_id=service_id, access_token=access_token, refresh_token=refresh_token, is_authenticated=True, is_expired=False, ) rst = { "oauth_user_name": usr.oauth_user_name, "oauth_user_id": usr.oauth_user_id, "oauth_user_email": usr.oauth_user_email, "service_id": usr.service_id, "oauth_type": oauth_service.oauth_type, "is_authenticated": usr.is_authenticated, "code": code, } msg = "user is not authenticated" return Response({"data": { "bean": { "result": rst, "msg": msg } }}, status=status.HTTP_200_OK)
def get(self, request, *args, **kwargs): code = request.GET.get("code") service_id = request.GET.get("service_id") domain = request.GET.get("domain") home_split_url = None try: oauth_service = oauth_repo.get_oauth_services_by_service_id( service_id) if oauth_service.oauth_type == "enterprisecenter" and domain: home_split_url = urlsplit(oauth_service.home_url) oauth_service.proxy_home_url = home_split_url.scheme + "://" + domain + home_split_url.path except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": "未找到oauth服务, 请检查该服务是否存在且属于开启状态" } return Response(rst, status=status.HTTP_200_OK) try: api = get_oauth_instance(oauth_service.oauth_type, oauth_service, None) except NoSupportOAuthType as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": "未找到oauth服务" } return Response(rst, status=status.HTTP_200_OK) try: oauth_user, access_token, refresh_token = api.get_user_info( code=code) except Exception as e: logger.exception(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": e.message } return Response(rst, status=status.HTTP_200_OK) if api.is_communication_oauth(): logger.debug(oauth_user.enterprise_domain) logger.debug(domain.split(".")[0]) logger.debug(home_split_url.netloc.split(".")) if oauth_user.enterprise_domain != domain.split(".")[0] and \ domain.split(".")[0] != home_split_url.netloc.split(".")[0]: raise ServiceHandleException(msg="Domain Inconsistent", msg_show="登录失败", status_code=401, error_code=10405) client_ip = request.META.get("REMOTE_ADDR", None) oauth_user.client_ip = client_ip oauth_sev_user_service.get_or_create_user_and_enterprise( oauth_user) return oauth_sev_user_service.set_oauth_user_relation( api, oauth_service, oauth_user, access_token, refresh_token, code)
def post(self, request, *args, **kwargs): """ 源码创建组件 --- parameters: - name: tenantName description: 租户名 required: true type: string paramType: path - name: group_id description: 组id required: true type: string paramType: form - name: code_from description: 组件代码来源 required: true type: string paramType: form - name: service_cname description: 组件名称 required: true type: string paramType: form - name: git_url description: git地址 required: false type: string paramType: form - name: git_project_id description: 代码ID required: false type: string paramType: form - name: code_version description: 代码版本 required: false type: string paramType: form - name: username description: 私有云用户名称 required: false type: string paramType: form - name: password description: 私有云账户密码 required: false type: string paramType: form - name: server_type description: 仓库类型git或svn required: false type: string paramType: form """ group_id = request.data.get("group_id", -1) service_code_from = request.data.get("code_from", None) service_cname = request.data.get("service_cname", None) service_code_clone_url = request.data.get("git_url", None) git_password = request.data.get("password", None) git_user_name = request.data.get("username", None) service_code_id = request.data.get("git_project_id", None) service_code_version = request.data.get("code_version", "master") is_oauth = request.data.get("is_oauth", False) check_uuid = request.data.get("check_uuid") event_id = request.data.get("event_id") server_type = request.data.get("server_type", "git") user_id = request.user.user_id oauth_service_id = request.data.get("service_id") git_full_name = request.data.get("full_name") git_service = None open_webhook = False host = os.environ.get('DEFAULT_DOMAIN', "http://" + request.get_host()) result = {} if is_oauth: open_webhook = request.data.get("open_webhook", False) try: oauth_service = oauth_repo.get_oauth_services_by_service_id(service_id=oauth_service_id) oauth_user = oauth_user_repo.get_user_oauth_by_user_id(service_id=oauth_service_id, user_id=user_id) except Exception as e: logger.debug(e) rst = {"data": {"bean": None}, "status": 400, "msg_show": "未找到OAuth服务, 请检查该服务是否存在且属于开启状态"} return Response(rst, status=200) try: git_service = get_oauth_instance(oauth_service.oauth_type, oauth_service, oauth_user) except Exception as e: logger.debug(e) rst = {"data": {"bean": None}, "status": 400, "msg_show": "未找到OAuth服务"} return Response(rst, status=200) if not git_service.is_git_oauth(): rst = {"data": {"bean": None}, "status": 400, "msg_show": "该OAuth服务不是代码仓库类型"} return Response(rst, status=200) service_code_from = "oauth_" + oauth_service.oauth_type try: if not service_code_clone_url: return Response(general_message(400, "code url is null", "仓库地址未指明"), status=400) if not service_code_from: return Response(general_message(400, "params error", "参数service_code_from未指明"), status=400) if not server_type: return Response(general_message(400, "params error", "仓库类型未指明"), status=400) # 创建源码组件 if service_code_clone_url: service_code_clone_url = service_code_clone_url.strip() code, msg_show, new_service = app_service.create_source_code_app( self.response_region, self.tenant, self.user, service_code_from, service_cname, service_code_clone_url, service_code_id, service_code_version, server_type, check_uuid, event_id, oauth_service_id, git_full_name) if code != 200: return Response(general_message(code, "service create fail", msg_show), status=code) # 添加username,password信息 if git_password or git_user_name: app_service.create_service_source_info(self.tenant, new_service, git_user_name, git_password) # 自动添加hook if open_webhook and is_oauth and not new_service.open_webhooks: service_webhook = service_webhooks_repo.create_service_webhooks(new_service.service_id, "code_webhooks") service_webhook.state = True service_webhook.deploy_keyword = "deploy" service_webhook.save() try: git_service.create_hook(host, git_full_name, endpoint='console/webhooks/' + new_service.service_id) new_service.open_webhooks = True except Exception as e: logger.exception(e) new_service.open_webhooks = False new_service.save() # 添加组件所在组 code, msg_show = group_service.add_service_to_group(self.tenant, self.response_region, group_id, new_service.service_id) if code != 200: logger.debug("service.create", msg_show) bean = new_service.to_dict() result = general_message(200, "success", "创建成功", bean=bean) except ResourceNotEnoughException as re: raise re except AccountOverdueException as re: logger.exception(re) return Response(general_message(10410, "resource is not enough", re.message), status=412) return Response(result, status=result["code"])
def check_service(self, tenant, service, is_again, user=None): body = dict() body["tenant_id"] = tenant.tenant_id body["source_type"] = self.__get_service_region_type( service.service_source) source_body = "" service_source = service_source_repo.get_service_source( tenant.tenant_id, service.service_id) user_name = "" password = "" service.service_source = self.__get_service_source(service) if service_source: user_name = service_source.user_name password = service_source.password if service.service_source == AppConstants.SOURCE_CODE: if service.oauth_service_id: try: oauth_service = oauth_repo.get_oauth_services_by_service_id( service.oauth_service_id) oauth_user = oauth_user_repo.get_user_oauth_by_user_id( service_id=service.oauth_service_id, user_id=user.user_id) except Exception as e: logger.debug(e) return 400, "未找到oauth服务, 请检查该服务是否存在且属于开启状态", None if oauth_user is None: return 400, "未成功获取第三方用户信息", None try: instance = get_oauth_instance(oauth_service.oauth_type, oauth_service, oauth_user) except Exception as e: logger.debug(e) return 400, "未找到OAuth服务", None if not instance.is_git_oauth(): return 400, "该OAuth服务不是代码仓库类型", None tenant = Tenants.objects.get(tenant_name=tenant.tenant_name) try: service_code_clone_url = instance.get_clone_url( service.git_url) except Exception as e: logger.debug(e) return 400, "Access Token 已过期", None else: service_code_clone_url = service.git_url sb = { "server_type": service.server_type, "repository_url": service_code_clone_url, "branch": service.code_version, "user": user_name, "password": password, "tenant_id": tenant.tenant_id } source_body = json.dumps(sb) elif service.service_source == AppConstants.DOCKER_RUN or service.service_source == AppConstants.DOCKER_IMAGE: source_body = service.docker_cmd elif service.service_source == AppConstants.THIRD_PARTY: # endpoints信息 service_endpoints = service_endpoints_repo.get_service_endpoints_by_service_id( service.service_id).first() if service_endpoints and service_endpoints.endpoints_type == "discovery": source_body = service_endpoints.endpoints_info body["username"] = user_name body["password"] = password body["source_body"] = source_body res, body = region_api.service_source_check(service.service_region, tenant.tenant_name, body) bean = body["bean"] service.check_uuid = bean["check_uuid"] service.check_event_id = bean["event_id"] # 更新创建状态 if not is_again: service.create_status = "checking" service.save() bean = dict() bean.update(service.to_dict()) bean.update({"user_name": user_name, "password": password}) bean.update(self.__wrap_check_service(service)) return 200, "success", bean
def post(self, request, *args, **kwargs): login_user = request.user code = request.data.get("code") service_id = request.data.get("service_id") try: oauth_service = oauth_repo.get_oauth_services_by_service_id( service_id) except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": "未找到oauth服务, 请检查该服务是否存在且属于开启状态" } return Response(rst, status=status.HTTP_200_OK) try: api = get_oauth_instance(oauth_service.oauth_type, oauth_service, None) except NoSupportOAuthType as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": "未找到oauth服务" } return Response(rst, status=status.HTTP_200_OK) try: user, access_token, refresh_token = api.get_user_info(code=code) except Exception as e: logger.exception(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": e.message } return Response(rst, status=status.HTTP_200_OK) user_name = user.name user_id = str(user.id) user_email = user.email authenticated_user = oauth_user_repo.user_oauth_exists( service_id=service_id, oauth_user_id=user_id) link_user = oauth_user_repo.get_user_oauth_by_user_id( service_id=service_id, user_id=login_user.user_id) if link_user is not None and link_user.oauth_user_id != user_id: rst = { "data": { "bean": None }, "status": 400, "msg_show": "该用户已绑定其他账号" } return Response(rst, status=status.HTTP_200_OK) if authenticated_user is not None and authenticated_user.user_id is None: authenticated_user.oauth_user_id = user_id authenticated_user.oauth_user_name = user_name authenticated_user.oauth_user_email = user_email authenticated_user.access_token = access_token authenticated_user.refresh_token = refresh_token authenticated_user.code = code authenticated_user.is_authenticated = True authenticated_user.is_expired = True authenticated_user.user_id = login_user.user_id authenticated_user.save() return Response(None, status=status.HTTP_200_OK) else: oauth_user_repo.save_oauth( oauth_user_id=user_id, oauth_user_name=user_name, oauth_user_email=user_email, user_id=login_user.user_id, code=code, service_id=service_id, access_token=access_token, refresh_token=refresh_token, is_authenticated=True, is_expired=False, ) rst = {"data": {"bean": None}, "status": 200, "msg_show": "绑定成功"} return Response(rst, status=status.HTTP_200_OK)
def post(self, request, service_id, *args, **kwargs): region = request.data.get("region_name") tenant_name = request.data.get("tenant_name", None) git_url = request.data.get("project_url") version = request.data.get("version") user_id = request.user.user_id try: oauth_service = oauth_repo.get_oauth_services_by_service_id( service_id) oauth_user = oauth_user_repo.get_user_oauth_by_user_id( service_id=service_id, user_id=user_id) except Exception as e: logger.exception(e) rst = { "data": { "bean": None }, "status": 404, "msg_show": "未找到oauth服务, 请检查该服务是否存在且属于开启状态" } return Response(rst, status=status.HTTP_200_OK) if oauth_user is None: rst = { "data": { "bean": None }, "status": 400, "msg_show": "未成功获取第三方用户信息" } return Response(rst, status=status.HTTP_200_OK) try: service = get_oauth_instance(oauth_service.oauth_type, oauth_service, oauth_user) except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 400, "msg_show": "未找到OAuth服务" } return Response(rst, status=status.HTTP_200_OK) if not service.is_git_oauth(): rst = { "data": { "bean": None }, "status": 400, "msg_show": "该OAuth服务不是代码仓库类型" } return Response(rst, status=status.HTTP_200_OK) tenant = Tenants.objects.get(tenant_name=tenant_name) service_code_version = version try: service_code_clone_url = service.get_clone_url(git_url) except Exception as e: logger.debug(e) rst = { "data": { "bean": None }, "status": 400, "msg_show": "Access Token 已过期" } return Response(rst, status=status.HTTP_200_OK) sb = { "server_type": 'git', "repository_url": service_code_clone_url, "branch": service_code_version, "tenant_id": tenant.tenant_id } source_body = json.dumps(sb) body = dict() body["tenant_id"] = tenant.tenant_id body["source_type"] = "sourcecode" body["username"] = None body["password"] = None body["source_body"] = source_body try: res, body = region_api.service_source_check( region, tenant.tenant_name, body) return Response({"data": { "data": body }}, status=status.HTTP_200_OK) except (region_api.CallApiError, ServiceHandleException) as e: logger.debug(e) raise ServiceHandleException(msg="region error", msg_show="访问数据中心失败")