def add_user_to_team():
payload = request.get_json()
if not payload:
return jsonify({'message': 'invalid params', 'code': 104000}), 400
user_id = payload.get('user_id')
team_id = payload.get('team_id')
is_owner = payload.get('is_owner')
team = Team().find_by_id(user_id)
if not team:
return jsonify({'message': 'invalid team', 'code': 104031}), 400
where = {
'team_id': team_id,
'user_id': user_id,
'is_owner': is_owner,
}
data = where.copy()
data['created_at'] = time.time()
data['add_by'] = login_user.get('username')
db.collection('team_members').update_one(where, {'$set': data},
upsert=True)
role = db.collection('roles').find_one({
'name': team.get('name'),
'type': 'team',
})
return jsonify({
'message': 'ok',
'code': 0,
})
def get_permissions(user_id):
user = db.collection('users').find_one({'_id': ObjectId(user_id)})
if not user:
return jsonify({'message': 'user not found', 'code': 104040}), 404
team = Team()
relate_team = db.collection('team_users').find({'user_id': user_id})
team_ids = list(map(lambda i: i['_id'], relate_team))
role_ids = []
permissions = []
if team_ids:
team_records = team.find_by_ids(team_ids)
for record in team_records:
team_role = db.collection('roles').find_one({
'name':
record.get('name'),
'type':
'team',
})
if not team_role:
continue
role_ids.append(team_role.get('_id'))
roles = db.collection('user_roles').find({'user_id': user_id})
roles = list(roles)
if roles:
ids = map(lambda i: i['_id'], roles)
role_ids.extend(list(ids))
if role_ids:
where = {'role_id': {'$in': role_ids}}
permissions = db.collection('role_menus').find(where)
permissions = list(permissions)
return jsonify({'message': 'ok', 'code': 0, 'data': permissions})
def get_user_info(_id):
user = User()
record = user.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040
}), 404
relation = TeamUser().collection.find_one({'user_id': _id})
team = Team().find_by_id(relation.get('team_id'))
record['team'] = team
record.pop('password')
permissions, roles = user.get_permissions(_id)
hosts = user.get_hosts(_id)
return jsonify({
'message': 'ok',
'code': 0,
'data': {
'user': record,
'roles': roles,
'permissions': permissions,
'hosts': hosts,
}
})
def get_profile(_id):
user = User()
record = user.find_by_id(_id)
if not record:
return jsonify({'message': 'record not found', 'code': 104040}), 404
relation = TeamUser().collection.find_one({'user_id': _id})
team = Team().find_by_id(relation.get('team_id'))
record['team'] = team
record.pop('password')
record['team'] = team
setting = db.collection('setting').find_one({})
options = {
'slack': True,
'sms': True,
'wechat': True,
'smtp': True,
}
if setting:
slack = setting.get('slack') or {}
sms = setting.get('nexmo') or {}
wechat = setting.get('wechat') or {}
smtp = setting.get('smtp') or {}
options['slack'] = bool(slack.get('enable'))
options['sms'] = bool(sms.get('enable'))
options['wechat'] = bool(wechat.get('enable'))
options['smtp'] = bool(smtp.get('enable'))
record['setting'] = options
return jsonify({
'message': 'ok',
'code': 0,
'data': record,
})
def delete_team(_id):
is_admin = login_user.get('is_admin')
if not is_admin:
return jsonify({
'message': 'admin required',
'code': 104033,
}), 403
record = Team.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040,
}), 404
update = {
'$set': {
'status': -1,
'delete_at': time.time(),
}
}
condition = {'_id': record['_id']}
Team.update_one(condition, update=update)
members = TeamMember.find({'team_id': _id})
for member in members:
where = {'_id': member['_id']}
TeamMember.delete_one(where)
team_roles = TeamRole.find(condition)
for item in team_roles:
where = {'_id': item['_id']}
TeamRole.delete_one(where)
return jsonify({
'message': 'ok',
'code': 0,
})
def get_team_info(_id):
record = Team.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040,
}), 404
roles = Team().get_roles(_id)
roles = list(roles)
permissions = []
if roles:
role_ids = map(lambda i: str(i['_id']), roles)
where = {
'role_id': {
'$in': list(role_ids),
}
}
records = db.collection('role_menus').find(where)
records = list(records)
ids = list(map(lambda i: i['m_id'], records))
permissions = Menu.find_by_ids(ids)
members = db.collection('team_members').find({'team_id': _id},
projection=['user_id'])
record['members'] = list(map(lambda i: i['user_id'], members))
return jsonify({
'message': 'ok',
'code': 0,
'data': {
'team': record,
'roles': list(roles),
# 'permissions': permissions,
}
})
def update_team(_id):
payload = request.get_json()
if not payload:
return jsonify({'message': 'invalid params', 'code': 104000}), 400
is_admin = login_user.get('is_admin')
owner_id = login_user.get('user_id')
record = Team.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040,
}), 404
if not is_admin and owner_id not in record.get('master'):
return jsonify({'message': 'bad permission', 'code': 104038}), 403
name = payload.get('name')
description = payload.get('description')
parent = payload.get('parent')
role_ids = payload.get('role') or []
members = payload.get('members') or []
master = payload.get('master') or [login_user.get('username')]
if name and name != record.get('name'):
check = Team.find_one({'name': name})
if check:
return jsonify({'message': 'name existed', 'code': 104001}), 400
update = {
'$set': {
'name': name,
'description': description,
'master': master,
'parent': parent,
'updated_at': time.time(),
},
}
where = {'_id': record['_id']}
team = Team()
team.update_one(where, update=update)
team.add_member(_id, members, owner_id=owner_id)
for role_id in role_ids:
team_role = {
'$set': {
'team_id': _id,
'role_id': role_id,
'created_at': time.time()
}
}
where = {
'team_id': _id,
'role_id': role_id,
}
db.collection('team_roles').update_one(where, team_role, upsert=True)
return jsonify({
'message': 'ok',
'code': 0,
})
def add_team():
payload = request.get_json()
if not payload:
return jsonify({'message': 'invalid params', 'code': 104000}), 400
is_admin = login_user.get('is_admin')
if not is_admin:
return jsonify({'message': 'admin required', 'code': 104039}), 403
name = payload.get('name')
description = payload.get('description')
parent = payload.get('parent')
role_ids = payload.get('role_ids')
members = payload.get('members') or []
master = payload.get('master') or [login_user.get('username')]
record = Team.find_one({'name': name})
if record:
return jsonify({'message': 'name existed', 'code': 104001}), 400
if role_ids:
role_record = Role.find_by_ids(role_ids)
if not role_record:
return jsonify({'message': 'role not found', 'code': 104041}), 404
data = {
'name': name,
'description': description,
'master': master,
'parent': parent,
'add_by': login_user.get('username'),
'created_at': time.time(),
}
result = Team.insert_one(data)
team_id = str(result.inserted_id)
data['_id'] = team_id
logger.info('add team', extra={'record': data})
if not role_ids:
role = {
'name': name,
'type': 'team',
'role': 'owner',
'add_by': login_user.get('username'),
'created_at': time.time(),
}
result = Role.insert_one(role)
role['_id'] = result.inserted_id
role['team_id'] = data['_id']
role_ids = [str(role['_id'])]
# team_role = {
# 'role_id': result.inserted_id,
# 'team_id': role['team_id'],
# 'add_by': login_user.get('username'),
# 'created_at': time.time(),
# }
# Model.build_model('team_roles').insert_one(team_role)
for role_id in role_ids:
team_role = {
'$set': {
'team_id': team_id,
'role_id': role_id,
'created_at': time.time()
}
}
where = {
'team_id': team_id,
'role_id': role_id,
}
db.collection('team_roles').update_one(where, team_role, upsert=True)
Team().add_member(team_id, members, owner_id=login_user.get('user_id'))
return jsonify({
'message': 'ok',
'code': 0,
})
def add_user():
payload = request.get_json()
if not payload:
return jsonify({
'message': 'invalid params',
'code': 104000
}), 400
current_user = login_user.get('username')
is_admin = login_user.get('is_admin')
username = payload.get('username')
nickname = payload.get('nickname')
email = payload.get('email')
phone = payload.get('phone')
role_ids = payload.get('role_ids')
team_id = payload.get('team_id')
address = payload.get('address')
password = payload.get('password')
if not username or not email:
return jsonify({
'message': 'miss required params',
'code': 104001,
}), 400
if not is_admin:
if team_id:
team = Team.find_by_id(team_id)
if not team or current_user not in team.get('master'):
return jsonify({
'message': 'permission deny',
'code': 104031
}), 403
else:
return jsonify({
'message': 'permission deny',
'code': 104032,
}), 403
where = {
'$or': [
{'username': username},
{'email': email},
]
}
existed = User.find_one(where)
if existed:
return jsonify({
'message': 'username or email existed',
'code': 104030
}), 400
password = password or gen_password()
encrypt_pwd = generate_password_hash(password)
user_info = {
'username': username,
'nickname': nickname,
'password': encrypt_pwd,
'email': email,
'phone': phone,
'active': 0,
'address': address,
'created_at': time.time(),
'add_by': login_user.get('username'),
}
result = User.insert_one(user_info)
user_id = str(result.inserted_id)
if role_ids:
role_ids = role_ids if type(role_ids) == list else [role_ids]
roles = Role.find_by_ids(role_ids)
if roles:
for item in roles:
data = {
'role_id': str(item['_id']),
'user_id': user_id,
'add_by': login_user.get('username'),
'created_at': time.time(),
}
db.collection('user_roles').insert_one(data)
if team_id:
Team().add_member(team_id=team_id, members=[user_id], owner_id=login_user.get('user_id'))
notify = SMTP()
text = '''
<p>Dear user:</p>
<p>Your eclogue account is active~!</p>
<p>username: {}</p>
<p>password: {} </p>
'''
text = text.format(username, password)
notify.send(text, to=email, subject='', subtype='html')
return jsonify({
'message': 'ok',
'code': 0,
'data': password
})
def add_role():
payload = request.get_json()
if not payload:
return jsonify({'message': 'invalid params', 'code': 104000}), 400
name = payload.get('name')
description = payload.get('description')
tags = payload.get('tags')
role_type = payload.get('type')
parent = payload.get('parent', None)
alias = payload.get('alias')
menus = payload.get('permissions')
if not name:
return jsonify({
'message': 'invalid params',
'code': 104000,
}), 400
role = Role()
record = role.collection.find_one({'name': name})
if record:
return jsonify({'message': 'name existed', 'code': 104001}), 400
data = {
'name': name,
'alias': alias,
'type': role_type,
'tags': tags,
'description': description,
'parent': parent,
'created_at': time.time()
}
if parent:
check = role.find_by_id(parent)
if not check:
return jsonify({'message': 'invalid param', 'code': 104001}), 400
result = role.collection.insert_one(data)
role_id = result.inserted_id
if role_type == 'team':
team_existed = Team.find_one({'name': name})
if team_existed:
return jsonify({'message': 'team existed', 'code': 104005}), 400
team = {
'name': name,
'description': 'team of role {}'.format(name),
'add_by': login_user.get('username'),
'master': [login_user.get('username')],
'created_at': time.time()
}
result = Team.insert_one(team)
team_role = {
'team_id': str(result.inserted_id),
'role_id': str(role_id),
'add_by': login_user.get('username'),
'created_at': time.time()
}
Team.build_model('team_roles').insert_one(team_role)
if menus and type(menus) == dict:
model = Menu()
data = []
methods = {
'read': ['option', 'get'],
'edit': ['post', 'put', 'patch'],
'delete': ['delete']
}
for _id, actions in menus.items():
record = model.find_by_id(_id)
if not record:
continue
action_list = []
for action in actions:
if not methods.get(action):
continue
action_list.extend(methods.get(action))
data.append({
'role_id': str(role_id),
'm_id': _id,
'actions': action_list,
'created_at': time.time(),
'add_by': login_user.get('username'),
})
db.collection('role_menus').insert_many(data)
return jsonify({
'message': 'ok',
'code': 0,
})