def put(self, request, enterprise_id, *args, **kwargs):
"""
更新企业信息
---
parameters:
- name: enterprise_id
description: 企业ID
required: true
type: string
paramType: path
- name: market_client_id
description: 云市客户端id
required: true
type: string
paramType: form
- name: market_client_token
description: 云市客户端token
required: true
type: string
paramType: form
"""
try:
market_client_id = request.data.get("market_client_id")
market_client_token = request.data.get("market_client_token")
domain = os.getenv('GOODRAIN_APP_API', settings.APP_SERVICE_API["url"])
is_success = client_auth_service.save_market_access_token(enterprise_id, domain, market_client_id,
market_client_token)
if is_success:
result = generate_result("0000", "success", "企业{0}信息更新成功".format(enterprise_id))
else:
result = generate_result("7878", "enterprise not exist", "企业{0} 信息不存在".format(enterprise_id))
except Exception as e:
logger.exception(e)
result = generate_error_result()
return Response(result)
def post(self, request):
"""
添加或修改企业访问云市的认证信息接口
---
parameters:
- name: enterprise_id
description: 云帮本地企业id
required: true
type: string
paramType: form
- name: market_client_id
description: 云市授予的企业身份id
required: true
type: string
paramType: form
- name: market_client_token
description: 云市授予的企业访问的token
required: true
type: string
paramType: form
"""
enterprise_id = request.POST.get('enterprise_id')
market_client_id = request.POST.get('market_client_id')
market_client_token = request.POST.get('market_client_token')
if not enterprise_id or not market_client_id or not market_client_token:
return JsonResponse({'ok': False, 'message': 'missing post parameter!'}, status=400)
enter = client_auth_service.get_enterprise_by_id(enterprise_id)
if not enter:
return JsonResponse({'ok': False, 'message': 'specify enterprise does not existed!'}, status=500)
try:
market_api = MarketOpenAPI()
domain = os.getenv('GOODRAIN_APP_API', settings.APP_SERVICE_API["url"])
market_api.confirm_access_token(domain, market_client_id, market_client_token)
except Exception:
return JsonResponse({'ok': False, 'message': '认证企业信息失败'})
token_info = client_auth_service.get_market_access_token_by_access_token(market_client_id, market_client_token)
if token_info and token_info.enterprise_id != enter.ID:
return JsonResponse({'ok': False, 'message': '非法绑定操作!'})
client_auth_service.save_market_access_token(enterprise_id, domain, market_client_id, market_client_token)
return JsonResponse({'ok': True, 'message': 'ok'})
def active_market_enterprise(self, sso_user, enterprise_id,
market_client_id, market_client_token):
"""
将sso_user 绑定到指定的enterprise上,并绑定访问云市的认证信息
:param sso_user:
:param enterprise_id:
:param market_client_id:
:param market_client_token:
:return:
"""
enterprise = enterprise_svc.get_enterprise_by_id(enterprise_id)
# 如果要绑定的企业在本地云帮不存在, 且eid与云市eid一致,则创建一个与公有云一致的企业信息
if not enterprise and enterprise_id == sso_user.eid:
# 注册一个用户信息
user = user_svc.register_user_from_sso(sso_user)
# 创建一个企业信息
enterprise = enterprise_svc.create_enterprise(
enterprise_id=sso_user.eid, enterprise_alias=sso_user.company)
logger.info('create enterprise[{0}] with name {1}[{2}]'.format(
enterprise.enterprise_id, enterprise.enterprise_alias,
enterprise.enterprise_name))
# 绑定用户与企业关系
user.enterprise_id = enterprise.enterprise_id
user.save()
logger.info(
'create user[{0}] with name [{1}] from [{2}] use sso_id [{3}]'.
format(user.user_id, user.nick_name, user.rf,
user.sso_user_id))
# 初始化用户工作环境
tenant = enterprise_svc.create_and_init_tenant(
user_id=user.user_id, enterprise_id=user.enterprise_id)
domain = os.getenv('GOODRAIN_APP_API', settings.APP_SERVICE_API["url"])
return client_auth_service.save_market_access_token(
enterprise_id, domain, market_client_id, market_client_token)
def post(self, request, *args, **kwargs):
"""
优化云市绑定企业账号
---
parameters:
- name: tenantName
description: 团队名称
required: true
type: string
paramType: path
- name: enterprise_id
description: 云帮本地企业id
required: true
type: string
paramType: form
- name: market_info
description: 云市授予的认证信息
required: true
type: string
paramType: form
"""
try:
logger.debug("bind market access token")
enterprise_id = request.data.get('enterprise_id')
ret = request.data.get('market_info')
market_info = eval(base64.decodestring(ret))
market_client_id = market_info.get('eid')
market_client_token = market_info.get('token')
if not enterprise_id or not market_client_id or not market_client_token:
return Response(general_message(400, "param error", "请填写相关信息"),
status=400)
enter = enterprise_services.get_enterprise_by_enterprise_id(
enterprise_id)
if not enter:
return Response(general_message(404, "enterprise not found",
"指定的企业未找到"),
status=404)
try:
market_api = MarketOpenAPI()
domain = os.getenv('GOODRAIN_APP_API',
settings.APP_SERVICE_API["url"])
market_api.confirm_access_token(domain, market_client_id,
market_client_token)
except Exception as e:
logger.exception(e)
logger.debug(
"joint cloud id:{0} token: {1} check token failure".format(
market_client_id, market_client_token))
return Response(general_message(500, "bind access token fail",
"企业认证失败"),
status=500)
token_info = client_auth_service.get_market_access_token_by_access_token(
market_client_id, market_client_token)
if token_info and token_info.enterprise_id != enter.ID:
return Response(general_message(409, "illegal operation",
"非法绑定操作"),
status=409)
client_auth_service.save_market_access_token(
enterprise_id, domain, market_client_id, market_client_token)
result = general_message(200, "success", "绑定成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def post(self, request, *args, **kwargs):
try:
# 获取sso的user_id
sso_user_id = request.data.get('uid')
sso_user_token = request.data.get('token')
sso_enterprise_id = request.data.get('eid')
rf = request.data.get('rf') or 'sso'
market_client_id = request.data.get('eid')
market_client_token = request.data.get('etoken')
if not market_client_id or not market_client_token:
msg = "no market_client_id or market_client_token"
logger.debug('account.login', msg)
return Response({'success': False, 'msg': msg})
rf_username = request.data.get('rf_username') or ''
logger.debug(
'account.login',
'request.sso_user_id:{0} request.sso_user_token:{1} request.sso_enterprise_id:{2}'
.format(sso_user_id, sso_user_token, sso_enterprise_id))
is_pass, msg = self.__check_params(sso_user_id, sso_user_token,
sso_enterprise_id)
if not is_pass:
return Response({'success': False, 'msg': msg})
is_pass, msg, sso_user = self.__get_auth_user_token(
sso_user_id, sso_user_token)
if not is_pass:
return Response({'success': False, 'msg': msg})
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
sso_user.get('eid'))
if not enterprise:
sso_company = sso_user.get('company')
enterprise = enterprise_services.create_tenant_enterprise(
sso_user.get('eid'), sso_company, sso_company, True)
user = self.__update_user_info(sso_user, sso_user_id,
sso_user_token, rf)
# 保存访问云市的token
domain = os.getenv('GOODRAIN_APP_API',
settings.APP_SERVICE_API["url"])
client_auth_service.save_market_access_token(
enterprise.enterprise_id, domain, market_client_id,
market_client_token)
key = request.data.get('key')
logger.debug('invite key: {0}'.format(key))
if key:
logger.debug('account.login',
'invite register: {}'.format(key))
data = AuthCode.decode(str(key), 'goodrain').split(',')
logger.debug(data)
action = data[0]
if action == 'invite_tenant':
self.__process_invite_tenant(user, data)
elif action == 'invite_service':
self.__process_invite_service(user, data)
user.is_active = True
user.save()
logger.debug('account.login',
'user invite register successful')
else:
logger.debug(
'account.login',
'register/login user.is_active:{}'.format(user.is_active))
if not user.is_active:
# 如果注册用户是通过云市私有交付创建的企业客户, 则将厂商账户加入到其客户企业的管理员列表
agent_sso_user_id = request.data.get('agent_sid')
logger.debug('account.login',
'agent_sid: {}'.format(agent_sso_user_id))
if agent_sso_user_id:
code, msg, team = self.__init_and_create_user_tenant(
user, enterprise)
if code != 200:
return Response({
'success': False,
'msg': msg
},
status=500)
agent_user = user_services.get_user_by_sso_user_id(
agent_sso_user_id)
if agent_user:
# 创建用户在团队的权限
perm_info = {
"user_id": agent_user.user_id,
"tenant_id": team.ID,
"identity": "admin",
"enterprise_id": enterprise.pk
}
perm_services.add_user_tenant_perm(perm_info)
logger.debug(
'account.login',
'agent manage team success: {}'.format(
perm_info))
else:
user_services.make_user_as_admin_for_enterprise(
user.user_id, enterprise.enterprise_id)
user.is_active = True
user.save()
logger.debug('account.login',
"enterprise id {0}".format(enterprise.enterprise_id))
teams = team_services.get_enterprise_teams(
enterprise.enterprise_id)
data_list = [{
'uid': user.sso_user_id,
'tenant_id': t.tenant_id,
'tenant_name': t.tenant_name,
'tenant_alias': t.tenant_alias,
'eid': t.enterprise_id
} for t in teams]
return Response({'success': True, 'list': data_list}, status=200)
except Exception as e:
logger.exception(e)
return Response({'success': False, 'msg': e.message}, status=500)