def prepare_business(request, cc_id, use_cache=True):
# first, get the business object
user = request.user
if user.is_superuser or is_user_functor(request) or is_user_auditor(request):
try:
obj, created, extras = get_business_obj(request, cc_id, use_cache)
except Exception:
objs = Business.objects.filter(cc_id=cc_id)
if not objs.exists():
raise exceptions.Forbidden()
obj = objs[0]
extras = {}
else:
obj, created, extras = get_business_obj(request, cc_id, use_cache)
# access archived business is not allowed
if not obj.available():
raise exceptions.Forbidden()
# then, update business object relationships
if extras:
update_relationships(request, obj, extras)
# update user info (uin and nick name)
update_user_info(request, cc_id)
return obj
def _get_user_info(request, use_cache=True):
"""
获取用户基本信息
@param request:
@param use_cache:
@return:
"""
user = request.user
cache_key = "%s_get_user_info_%s" % (CACHE_PREFIX, user.username)
data = cache.get(cache_key)
if not (use_cache and data):
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
auth = getattr(client, settings.ESB_AUTH_COMPONENT_SYSTEM)
get_user_info = getattr(auth, settings.ESB_AUTH_GET_USER_INFO)
userinfo = get_user_info({})
userinfo.setdefault('code', -1)
if userinfo['result']:
data = userinfo['data']
if data:
cache.set(cache_key, data, DEFAULT_CACHE_TIME_FOR_CC)
elif userinfo['code'] in ('20101', 20101):
raise exceptions.Unauthorized(userinfo['message'])
elif userinfo['code'] in ('20103', 20103, '20201', 20201, '20202',
20202):
raise exceptions.Forbidden(userinfo['message'])
else:
raise exceptions.APIError(
settings.ESB_AUTH_COMPONENT_SYSTEM, 'get_user',
userinfo.get('detail_message', userinfo['message']))
return data
def _get_user_info(request, use_cache=True):
"""
获取用户基本信息
@param request:
@param use_cache:
@return:
"""
user = request.user
cache_key = "%s_get_user_info_%s" % (CACHE_PREFIX, user.username)
data = cache.get(cache_key)
if not (use_cache and data):
userinfo = get_user_info(request)
userinfo.setdefault('code', -1)
if userinfo['result']:
data = userinfo['data']
if data:
cache.set(cache_key, data, DEFAULT_CACHE_TIME_FOR_CC)
elif userinfo.get('code') in ('20101', 20101):
raise exceptions.Unauthorized(userinfo['message'])
elif userinfo.get('code') in ('20103', 20103, '20201', 20201, '20202',
20202):
raise exceptions.Forbidden(userinfo['message'])
else:
raise exceptions.APIError(
'bk_api', 'get_user_info',
userinfo.get('detail_message', userinfo['message']))
return data
def _get_user_business_list(request, use_cache=True):
"""Get authorized business list for a exact username.
:param object request: django request object.
:param bool use_cache: (Optional)
"""
user = request.user
cache_key = "%s_get_user_business_list_%s" % (CACHE_PREFIX, user.username)
data = cache.get(cache_key)
if not (use_cache and data):
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
result = client.cc.get_app_by_user_role({
'user_role':
','.join(roles.CC_ROLES),
# 'user_role': roles.MAINTAINERS,
})
if result['result']:
data = result['data']
# 获取用户所属开发商信息
user_info = _get_user_info(request)
# 兼容多开发商和单开发商模式
if user_info.get('company_list', []):
owner_list = [
owner['company_code']
for owner in user_info['company_list']
]
elif user_info.get('company_code'):
owner_list = [user_info.get('company_code')]
else:
owner_list = []
# 按照开发商过滤
for role, biz_list in data.iteritems():
temp_list = []
for item in biz_list:
if item.get('LifeCycle') not in ['3', _(u"停运")]:
if owner_list:
if item['Owner'] in owner_list:
temp_list.append(item)
else:
temp_list.append(item)
data.update({role: temp_list})
cache.set(cache_key, data, DEFAULT_CACHE_TIME_FOR_CC)
elif result['code'] in ('20101', 20101):
raise exceptions.Unauthorized(result['message'])
elif result['code'] in ('20103', 20103, '20201', 20201, '20202',
20202):
raise exceptions.Forbidden(result['message'])
else:
raise exceptions.APIError(
'cc', 'get_app_by_user_role',
result.get('detail_message', result['message']))
return data
def _get_business_info(request, app_id, use_cache=True, use_maintainer=False):
"""Get detail infomations for a exact app_id.
@param object request: django request object.
@param int app_id: cc_id of core.business model.
@param use_maintainer: 使用运维身份请求
"""
username = request.user.username
business = Business.objects.get(cc_id=app_id)
cache_key = "%s_get_business_info_%s_%s" % (CACHE_PREFIX, app_id, username)
data = cache.get(cache_key)
if not (use_cache and data):
if use_maintainer:
client = get_client_by_user_and_biz_id(username, app_id)
else:
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
result = client.cc.search_business({
'bk_supplier_account': business.cc_owner,
'condition': {
'bk_biz_id': int(app_id)
}
})
if result['result']:
if not result['data']['info']:
raise exceptions.Forbidden()
data = result['data']['info'][0]
elif result.get('code') in ('20101', 20101):
raise exceptions.Unauthorized(result['message'])
elif result.get('code') in ('20103', 20103, '20201', 20201,
'20202', 20202):
raise exceptions.Forbidden(result['message'])
else:
raise exceptions.APIError(
'cc',
'get_app_by_id',
result.get('detail_message', result['message'])
)
cache.set(cache_key, data, DEFAULT_CACHE_TIME_FOR_CC)
return data
def _get_user_business_list(request, use_cache=True):
"""Get authorized business list for a exact username.
:param object request: django request object.
:param bool use_cache: (Optional)
"""
user = request.user
cache_key = "%s_get_user_business_list_%s" % (CACHE_PREFIX, user.username)
data = cache.get(cache_key)
if not (use_cache and data):
user_info = _get_user_info(request)
client = settings.ESB_GET_CLIENT_BY_USER(request.user.username)
result = client.cc.search_business({
'bk_supplier_account':
user_info['bk_supplier_account'],
'condition': {
'bk_data_status': {
'$in': ['enable', 'disabled', None]
},
'$or': [{
'bk_biz_developer': {
"$regex": user.username
}
}, {
'bk_biz_productor': {
"$regex": user.username
}
}, {
'bk_biz_maintainer': {
"$regex": user.username
}
}, {
'bk_biz_tester': {
"$regex": user.username
}
}]
}
})
if result['result']:
data = result['data']['info']
cache.set(cache_key, data, DEFAULT_CACHE_TIME_FOR_CC)
elif result.get('code') in ('20101', 20101):
raise exceptions.Unauthorized(result['message'])
elif result.get('code') in ('20103', 20103, '20201', 20201, '20202',
20202):
raise exceptions.Forbidden(result['message'])
else:
raise exceptions.APIError(
'cc', 'search_business',
result.get('detail_message', result['message']))
return data
def update_user_info(request, cc_id, use_cache=True):
cache_key = "%s_update_user_info_%s" % (CACHE_PREFIX, cc_id)
data = cache.get(cache_key)
if not (use_cache and data):
result = get_user_info(request)
if result['result']:
_update_user_info(result['data'])
elif result['code'] in ('20101', 20101):
raise exceptions.Unauthorized(result['message'])
elif result['code'] in ('20103', 20103):
raise exceptions.Forbidden(result['message'])
else:
raise exceptions.APIError(
settings.ESB_AUTH_COMPONENT_SYSTEM, 'get_user',
result.get('detail_message', result['message']))
cache.set(cache_key, True, DEFAULT_CACHE_TIME_FOR_CC)
def _get_business_info(request, app_id, use_cache=True, use_maintainer=False):
"""Get detail infomations for a exact app_id.
@param object request: django request object.
@param int app_id: cc_id of core.business model.
@param use_maintainer: 使用运维身份请求
"""
username = request.user.username
cache_key = "%s_get_business_info_%s_%s" % (CACHE_PREFIX, app_id, username)
data = cache.get(cache_key)
if not (use_cache and data):
if use_maintainer:
client = get_client_by_user_and_biz_id(username, app_id)
else:
client = settings.ESB_GET_CLIENT_BY_REQUEST(request)
result = client.cc.get_app_by_id({
'app_id':
app_id,
'uin_to_openid_column':
','.join(roles.CC_ROLES),
})
if result['result']:
data = result['data'][0]
elif result['code'] in ('20101', 20101):
raise exceptions.Unauthorized(result['message'])
elif result['code'] in ('20103', 20103, '20201', 20201, '20202',
20202):
raise exceptions.Forbidden(result['message'])
else:
raise exceptions.APIError(
'cc', 'get_app_by_id',
result.get('detail_message', result['message']))
cache.set(cache_key, data, DEFAULT_CACHE_TIME_FOR_CC)
return data
