def create_tenant_on_region(self, team_name, region_name):
tenant = team_repo.get_team_by_team_name(team_name)
if not tenant:
return 404, u"需要开通的团队{0}不存在".format(team_name), None
region_config = region_repo.get_region_by_region_name(region_name)
if not region_config:
return 404, u"需要开通的数据中心{0}不存在".format(region_name), None
tenant_region = region_repo.get_team_region_by_tenant_and_region(tenant.tenant_id, region_name)
if not tenant_region:
tenant_region_info = {"tenant_id": tenant.tenant_id, "region_name": region_name, "is_active": False}
tenant_region = region_repo.create_tenant_region(**tenant_region_info)
if not tenant_region.is_init:
res, body = region_api.create_tenant(region_name, tenant.tenant_name,
tenant.tenant_id, tenant.enterprise_id)
if res["status"] != 200:
return res["status"], u"数据中心创建租户失败", None
tenant_region.is_active = True
tenant_region.is_init = True
# TODO 将从数据中心获取的租户信息记录到tenant_region, 当前只是用tenant的数据填充
tenant_region.region_tenant_id = tenant.tenant_id
tenant_region.region_tenant_name = tenant.tenant_name
tenant_region.region_scope = region_config.scope
tenant_region.enterprise_id = tenant.enterprise_id
tenant_region.save()
else:
if (not tenant_region.region_tenant_id) or \
(not tenant_region.region_tenant_name) or \
(not tenant_region.enterprise_id):
tenant_region.region_tenant_id = tenant.tenant_id
tenant_region.region_tenant_name = tenant.tenant_name
tenant_region.region_scope = region_config.scope
tenant_region.enterprise_id = tenant.enterprise_id
tenant_region.save()
group_repo.get_or_create_default_group(tenant.tenant_id, region_name)
return 200, u"success", tenant_region
def put(self, request, team_name, *args, **kwargs):
"""管理员审核用户"""
try:
# 判断角色
identity_list = team_services.get_user_perm_identitys_in_permtenant(
user_id=request.user.user_id, tenant_name=team_name)
if "owner" or "admin" in identity_list:
user_id = request.data.get("user_id")
action = request.data.get("action")
join = apply_repo.get_applicants_by_id_team_name(
user_id=user_id, team_name=team_name)
if action is True:
join.update(is_pass=1)
team = team_repo.get_team_by_team_name(team_name=team_name)
team_services.add_user_to_team_by_viewer(tenant=team,
user_id=user_id)
return Response(general_message(200, "join success",
"加入成功"),
status=200)
else:
join.update(is_pass=2)
return Response(general_message(200, "join rejected",
"拒绝成功"),
status=200)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def get_image_connection_info(self, scope, team_name):
"""
:param scope: enterprise(企业) team(团队) goodrain(好雨云市)
:param service: 应用模型
:return: image_info
hub.goodrain.com/goodrain/xxx:lasted
"""
try:
team = team_repo.get_team_by_team_name(team_name)
if not team:
return {}
if scope == "goodrain":
info = market_api.get_share_hub_info(team.tenant_id, "image")
return info["image_repo"]
else:
image_config = ConsoleSysConfig.objects.filter(
key='APPSTORE_IMAGE_HUB')
if not image_config:
return {"hub_url": 'goodrain.me', "namespace": team_name}
image_config_dict = json_load(image_config[0].value)
hub_url = image_config_dict.get("hub_url", None)
hub_user = image_config_dict.get("hub_user", None)
hub_password = image_config_dict.get("hub_password", None)
namespace = image_config_dict.get("namespace", team_name)
image_info = {
"hub_url": hub_url,
"hub_user": hub_user,
"hub_password": hub_password,
"namespace": namespace
}
return image_info
except Exception as e:
logger.exception(e)
return {}
def create_applicants(self, user_id, team_name):
applicant = apply_repo.get_applicants_by_id_team_name(user_id=user_id, team_name=team_name)
if not applicant:
team = team_repo.get_team_by_team_name(team_name=team_name)
user = user_repo.get_by_user_id(user_id=user_id)
info = {
"user_id": user_id,
"user_name": user.get_username(),
"team_id": team.tenant_id,
"team_name": team_name,
"team_alias": team.tenant_alias,
"apply_time": datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
}
return apply_repo.create_apply_info(**info)
if applicant[0].is_pass == 0:
raise ServiceHandleException(msg="already applied for it", msg_show="该团队已经申请过")
if applicant[0].is_pass == 1:
teams = team_repo.get_tenants_by_user_id(user_id)
tnames = [team.tenant_name for team in teams]
if team_name in tnames:
raise ServiceHandleException(msg="already join for it", msg_show="您已加入该团队")
applicant[0].apply_time = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
applicant[0].is_pass = 0
applicant[0].save()
return applicant
def put(self, request, team_name, *args, **kwargs):
"""管理员审核用户"""
user_id = request.data.get("user_id")
action = request.data.get("action")
role_ids = request.data.get("role_ids")
join = apply_repo.get_applicants_by_id_team_name(user_id=user_id,
team_name=team_name)
if action is True:
join.update(is_pass=1)
team = team_repo.get_team_by_team_name(team_name=team_name)
team_services.add_user_to_team(tenant=team,
user_id=user_id,
role_ids=role_ids)
# 发送通知
info = "同意"
self.send_user_message_for_apply_info(user_id=user_id,
team_name=team.tenant_name,
info=info)
return Response(general_message(200, "join success", "加入成功"),
status=200)
else:
join.update(is_pass=2)
info = "拒绝"
self.send_user_message_for_apply_info(user_id=user_id,
team_name=team_name,
info=info)
return Response(general_message(200, "join rejected", "拒绝成功"),
status=200)
def get(self, request, *args, **kwargs):
self.tenantName = kwargs.get('tenantName', None)
self.serviceAlias = kwargs.get('serviceAlias', None)
tenant = team_repo.get_team_by_team_name(self.tenantName)
if tenant:
self.tenant = tenant
else:
raise http.Http404
service = service_repo.get_service_by_tenant_and_alias(
self.tenant.tenant_id, self.serviceAlias)
if service:
self.service = service
else:
raise http.Http404
context = dict()
response = redirect(
get_redirect_url(
"/#/app/{0}/overview".format(self.service.service_alias),
request))
try:
docker_c_id = request.COOKIES.get('docker_c_id', '')
docker_h_id = request.COOKIES.get('docker_h_id', '')
docker_s_id = request.COOKIES.get('docker_s_id', '')
if docker_c_id != "" and docker_h_id != "" and docker_s_id != "" and docker_s_id == self.service.service_id:
t_docker_h_id = docker_h_id.lower()
context["tenant_id"] = self.service.tenant_id
context["service_id"] = docker_s_id
context["ctn_id"] = docker_c_id
context["md5"] = md5fun(self.service.tenant_id + "_" +
docker_s_id + "_" + docker_c_id)
main_url = region_services.get_region_wsurl(
self.service.service_region)
if main_url == "auto":
context[
"ws_uri"] = '{}://{}:6060/docker_console?nodename={}'.format(
settings.DOCKER_WSS_URL["type"],
settings.DOCKER_WSS_URL[
self.service.service_region], t_docker_h_id)
else:
context[
"ws_uri"] = "{0}/docker_console?nodename={1}".format(
main_url, t_docker_h_id)
response = TemplateResponse(self.request, "www/console.html",
context)
response.delete_cookie('docker_c_id')
response.delete_cookie('docker_h_id')
response.delete_cookie('docker_s_id')
except Exception as e:
logger.exception(e)
return response
def create_tenant_on_region(self, team_name, region_name):
tenant = team_repo.get_team_by_team_name(team_name)
if not tenant:
return 404, u"需要开通的团队{0}不存在".format(team_name), None
region_config = region_repo.get_region_by_region_name(region_name)
if not region_config:
return 404, u"需要开通的数据中心{0}不存在".format(region_name), None
if region_config.scope == "public":
logger.debug("open public region {0} ".format(region_name))
is_pass = self.get_enterprise_region_token_from_market(
tenant.tenant_id, tenant.enterprise_id, region_name,
region_config.url)
if not is_pass:
return 500, u"数据中心访问token获取异常", None
tenant_region = region_repo.get_team_region_by_tenant_and_region(
tenant.tenant_id, region_name)
if not tenant_region:
tenant_region_info = {
"tenant_id": tenant.tenant_id,
"region_name": region_name,
"is_active": False
}
tenant_region = region_repo.create_tenant_region(
**tenant_region_info)
if not tenant_region.is_init:
res, body = region_api.create_tenant(region_name,
tenant.tenant_name,
tenant.tenant_id,
tenant.enterprise_id)
logger.debug("create region tenant : res, {0}, body {1}".format(
res, body))
tenant_region.is_active = True
tenant_region.is_init = True
# TODO 将从数据中心获取的租户信息记录到tenant_region, 当前只是用tenant的数据填充
tenant_region.region_tenant_id = tenant.tenant_id
tenant_region.region_tenant_name = tenant.tenant_name
tenant_region.region_scope = region_config.scope
tenant_region.enterprise_id = tenant.enterprise_id
tenant_region.save()
else:
if (not tenant_region.region_tenant_id) or \
(not tenant_region.region_tenant_name) or \
(not tenant_region.enterprise_id):
tenant_region.region_tenant_id = tenant.tenant_id
tenant_region.region_tenant_name = tenant.tenant_name
tenant_region.region_scope = region_config.scope
tenant_region.enterprise_id = tenant.enterprise_id
tenant_region.save()
group_repo.get_or_create_default_group(tenant.tenant_id, region_name)
return 200, u"success", tenant_region
def get_image_connection_info(self, scope, eid, team_name):
"""
:param scope: enterprise(企业) team(团队) goodrain(好雨云市)
:param team_name: 租户名称
:return: image_info
hub.goodrain.com/goodrain/xxx:lasted
"""
try:
team = team_repo.get_team_by_team_name(team_name)
if not team and scope == "team":
return {}
if scope.startswith("goodrain"):
info = market_api.get_enterprise_share_hub_info(eid, "image")
return info["image_repo"]
else:
image_config = ConsoleSysConfig.objects.filter(
key='APPSTORE_IMAGE_HUB', enterprise_id=eid)
namespace = eid if scope == "enterprise" else team_name
if not image_config or not image_config[0].enable:
return {
"hub_url": settings.IMAGE_REPO,
"namespace": namespace
}
image_config_dict = eval(image_config[0].value)
hub_url = image_config_dict.get("hub_url", None)
hub_user = image_config_dict.get("hub_user", None)
hub_password = image_config_dict.get("hub_password", None)
namespace = (image_config_dict.get("namespace") if
image_config_dict.get("namespace") else namespace)
is_trust = hub_url == 'hub.goodrain.com'
image_info = {
"hub_url": hub_url,
"hub_user": hub_user,
"hub_password": hub_password,
"namespace": namespace,
"is_trust": is_trust
}
return image_info
except HttpClient.CallApiError as e:
logger.exception(e)
if e.status == 403:
raise ServiceHandleException("no cloud permission",
msg_show="云市授权不通过",
status_code=403,
error_code=10407)
else:
raise ServiceHandleException("call cloud api failure",
msg_show="云市请求错误",
status_code=500,
error_code=500)
except Exception as e:
logger.exception(e)
return {}
def get_slug_connection_info(self, scope, team_name):
"""
:param scope: enterprise(企业) team(团队) goodrain(好雨云市)
:return: slug_info
/grdata/build/tenant/
"""
try:
team = team_repo.get_team_by_team_name(team_name)
if not team:
return {}
if scope == "goodrain":
info = market_api.get_share_hub_info(team.tenant_id, "slug")
return info["slug_repo"]
else:
slug_config = ConsoleSysConfig.objects.filter(
key='APPSTORE_SLUG_PATH')
if not slug_config:
return {"namespace": team_name}
slug_config_dict = json_load(slug_config[0].value)
ftp_host = slug_config_dict.get("ftp_host", None)
ftp_port = slug_config_dict.get("ftp_port", None)
ftp_namespace = slug_config_dict.get("namespace", None)
ftp_username = slug_config_dict.get("ftp_username", None)
ftp_password = slug_config_dict.get("ftp_password", None)
slug_info = {
"ftp_host": ftp_host,
"ftp_port": ftp_port,
"namespace": ftp_namespace + "/" + team_name,
"ftp_username": ftp_username,
"ftp_password": ftp_password
}
return slug_info
except HttpClient.CallApiError as e:
logger.exception(e)
if e.status == 403:
raise ServiceHandleException("no cloud permission",
msg_show="云市授权不通过",
status_code=403,
error_code=10407)
else:
raise ServiceHandleException("call cloud api failure",
msg_show="云市请求错误",
status_code=500,
error_code=500)
except Exception as e:
logger.exception(e)
return {}
def create_applicants(self, user_id, team_name):
applicant = apply_repo.get_applicants_by_id_team_name(user_id=user_id, team_name=team_name)
if not applicant:
team = team_repo.get_team_by_team_name(team_name=team_name)
user = user_repo.get_by_user_id(user_id=user_id)
info = {
"user_id": user_id,
"user_name": user.get_username(),
"team_id": team.tenant_id,
"team_name": team_name,
"team_alias": team.tenant_alias,
"apply_time": datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
}
apply_repo.create_apply_info(**info)
return info
else:
return None
def get(self, request, *args, **kwargs):
"""指定用户可以加入哪些团队"""
try:
tenants = team_repo.get_tenants_by_user_id(
user_id=self.user.user_id)
team_names = tenants.values("tenant_name")
team_name_list = [
t_name.get("tenant_name") for t_name in team_names
]
user_id = request.GET.get("user_id", None)
if user_id:
enterprise_id = user_repo.get_by_user_id(
user_id=user_id).enterprise_id
team_list = team_repo.get_teams_by_enterprise_id(enterprise_id)
apply_team = apply_repo.get_applicants_team(user_id=user_id)
else:
enterprise_id = user_repo.get_by_user_id(
user_id=self.user.user_id).enterprise_id
team_list = team_repo.get_teams_by_enterprise_id(enterprise_id)
apply_team = apply_repo.get_applicants_team(
user_id=self.user.user_id)
applied_team = [
team_repo.get_team_by_team_name(team_name=team_name) for
team_name in [team_name.team_name for team_name in apply_team]
]
join_list = []
for join_team in team_list:
if join_team not in applied_team and join_team.tenant_name not in team_name_list:
join_list.append(join_team)
join_list = [{
"team_name": j_team.tenant_name,
"team_alias": j_team.tenant_alias,
"team_id": j_team.tenant_id
} for j_team in join_list]
result = general_message(200, "success", "查询成功", list=join_list)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def open_team_region(self, team_name, region_name):
tenant = team_repo.get_team_by_team_name(team_name)
if not tenant:
return 404, u"需要开通的团队{0}不存在".format(team_name), None
region_config = region_repo.get_region_by_region_name_and_region_id(
region_name)
if not region_config:
return 404, u"需要开通的数据中心{0}不存在".format(region_name), None
tenant_region = region_repo.get_team_region_by_teannt_and_region(
tenant.tenant_id, region_name)
if not tenant_region:
tenant_region = self.create_new_tenant_region(tenant, region_name)
else:
if not tenant_region.is_init:
res, body = region_api.create_tenant(region_name,
tenant.tenant_name,
tenant.tenant_id,
tenant.enterprise_id)
logger.debug(
"create region tenant : res, {0}, body {1}".format(
res, body))
tenant_region.is_active = True
tenant_region.is_init = True
# TODO 将从数据中心获取的租户信息记录到tenant_region, 当前只是用tenant的数据填充
tenant_region.region_tenant_id = tenant.tenant_id
tenant_region.region_tenant_name = tenant.tenant_name
tenant_region.region_scope = 'public'
tenant_region.enterprise_id = tenant.enterprise_id
tenant_region.save()
else:
if (not tenant_region.region_tenant_id) or \
(not tenant_region.region_tenant_name) or \
(not tenant_region.enterprise_id):
tenant_region.region_tenant_id = tenant.tenant_id
tenant_region.region_tenant_name = tenant.tenant_name
tenant_region.region_scope = 'public'
tenant_region.enterprise_id = tenant.enterprise_id
tenant_region.save()
return 200, u"success", tenant_region
def get_slug_connection_info(self, scope, team_name):
"""
:param scope: enterprise(企业) team(团队) goodrain(好雨云市)
:return: slug_info
/grdata/build/tenant/
"""
try:
team = team_repo.get_team_by_team_name(team_name)
if not team:
return {}
if scope == "goodrain":
info = market_api.get_share_hub_info(team.tenant_id, "slug")
return info["slug_repo"]
else:
slug_config = ConsoleSysConfig.objects.filter(
key='APPSTORE_SLUG_PATH')
if not slug_config:
return {"namespace": team_name}
slug_config_dict = json_load(slug_config[0].value)
ftp_host = slug_config_dict.get("ftp_host", None)
ftp_port = slug_config_dict.get("ftp_port", None)
ftp_namespace = slug_config_dict.get("namespace", None)
ftp_username = slug_config_dict.get("ftp_username", None)
ftp_password = slug_config_dict.get("ftp_password", None)
slug_info = {
"ftp_host": ftp_host,
"ftp_port": ftp_port,
"namespace": ftp_namespace + "/" + team_name,
"ftp_username": ftp_username,
"ftp_password": ftp_password
}
return slug_info
except Exception as e:
logger.exception(e)
return {}
def get_team_opened_region(self, team_name):
"""获取团队已开通的数据中心"""
tenant = team_repo.get_team_by_team_name(team_name)
return TenantRegionInfo.objects.filter(tenant_id=tenant.tenant_id)
