def list_users():
"""
获取系统中的用户列表
:return:
"""
user_list = []
try:
users = UserService.get_fields_by_where()
user_list.reverse()
response_data = jsonify(status=200,
message="查询成功",
data={
'users': user_list,
'num': len(users)
})
except UsersDataNotExistException:
logger.exception("list_users raise error")
response_data = jsonify(status=200,
message="查询成功",
data={
'users': user_list,
'num': 0
})
return response_data
def check_initialization_success():
"""
检测初始化是否成功
:return:
"""
user = UserService.get_fields_by_where()[0]
print("username:{},passwor:{},token:{}".format(user.username,
user.password, user.token))
"""
def get_tokens(refresh=False):
"""
从数据库中获取token,单例模式
:param refresh:
:return:
"""
global TOKENS
if not TOKENS or refresh:
TOKENS = list()
users = UserService.get_fields_by_where(fields=(User.token))
for user in users:
TOKENS.append(user.token)
return TOKENS
def testGetAllUser(self):
"""
列出所有用户
:return:
"""
from model.user import UserService, User
import logging
logger = logging.getLogger('peewee')
logger.addHandler(logging.StreamHandler())
logger.setLevel(logging.DEBUG)
user = UserService.get_fields_by_where()
logger.info("1121")
User.select().execute()
logger.info(user)
def addUser2dbAndRedis(self):
"""
同步一个账号到数据库和redis
:return:
"""
from api.service.redis_service import RedisService
from model.default_value import Role
from model.user import User, UserService
user_name = "b5mali4"
full_name = "小明"
email = "*****@*****.**"
dept_name = "信息安全部"
role = Role.USER
mobile_phone = "131xxxx9871"
if UserService.count(where=(User.user_name == user_name)) <= 0:
UserService.save(user_name=user_name,
full_name=full_name,
email=email,
dept_name=dept_name,
role=role,
mobile_phone=mobile_phone)
else:
UserService.update(fields=({
User.user_name: user_name,
User.full_name: full_name,
User.email: email,
User.dept_name: dept_name,
User.role: role,
User.mobile_phone: mobile_phone
}))
user = UserService.get_fields_by_where(
where=(User.user_name == user_name))[0]
user_info = {
"user_name": "b5mali4",
"full_name": "小明",
"email": "*****@*****.**",
"dept_name": "信息安全部",
"role": Role.USER,
"mobile_phone": "131xxxx9871",
"id": user.id
}
RedisService.update_user(user_name="b5mali4", user_info=user_info)
def testGetFieldsByWhere(self):
"""
:return:
"""
import logging
from model.user import UserService
from model.user import User
from model.user_task import UserTask
from model.hunter_model import OrmModelJsonSerializer
logger = logging.getLogger('peewee')
logger.addHandler(logging.StreamHandler())
logger.setLevel(logging.DEBUG)
user_services = UserService.get_fields_by_where(fields=(
UserTask.select(fn.COUNT(UserTask.id)).alias('scan_count').where(
UserTask.user_id == User.id), User.full_name))
def modify_user(user_id):
"""
更新用户资料,主要包含权限,部门等等
data: {department: "信息安全部", emails: "", mobilephone: "18324742048", role: "管理员"}
:return:
"""
try:
put_data = request.get_json(force=True)
param_list = ["email", "mobile_phone", "role", "depart_ment"]
if has_dict_value_blank(put_data, param_list):
return jsonify(
status=400,
message="更新失败",
data={"extra_info": "请保证%s任一参数值不为空" % ','.join(param_list)})
email = put_data.get("email")
mobile_phone = put_data.get("mobile_phone")
role = put_data.get("role")
depart_ment = put_data.get("depart_ment")
UserService.update(fields=({
User.email: email,
User.mobile_phone: mobile_phone,
User.role: role,
User.dept_name: depart_ment
}),
where=(User.id == user_id))
user = UserService.get_fields_by_where(where=(User.id == user_id))[0]
RedisService.update_user(
user.user_name, {
"dept_name": depart_ment,
"role": role,
"mobile_phone": mobile_phone,
"email": email
})
return jsonify(status=200, message="更新用户成功", data={})
except Exception as e:
logger.exception("update_user error")
return jsonify(status=500,
message="未知异常",
data={"extra_info": "发生未知异常,请联系管理员查看异常日志"})
def authorize_route():
"""
基础账号密码认证体系
:return:
"""
try:
post_data = request.get_json(force=True)
post_user_name = post_data.get("user_name")
post_pass_word = post_data.get("pass_word")
if UserService.count(
where=(User.user_name == post_user_name,
User.pass_word == post_pass_word)) <= 0:
return jsonify(status=403,
message="认证出错",
data={
"extra_info": "账号密码登录出错",
"site": "/login"
})
db_user = UserService.get_fields_by_where(
where=(User.user_name == post_user_name,
User.pass_word == post_pass_word))[0]
BaseAuthModule.modify_user_info_cache_session(
user_name=db_user.user_name, db_user=db_user)
return jsonify(status=200,
message="认证成功",
data={
"extra_info": "稍后自动跳转首页,请耐心等待",
"site":
get_system_config()['front_end']['index']
})
except Exception as e:
logger.exception("auth_account raise error")
return jsonify(status=500,
message="未知异常",
data={"extra_info": "发生未知异常,请联系管理员查看异常日志"})
def authorize_route():
"""
ldap认证账号体系
:return:
"""
try:
post_data = request.get_json(force=True)
post_user_name = post_data.get("user_name")
post_pass_word = post_data.get("pass_word")
ldap_config = LdapConfigService.get_single_instance()
if ldap_config.ldap_switch is False:
return jsonify(status=500,
message="登录失败",
data={"extra_info": "不支持ldap认证,请后台配置并开启ldap模块"})
status, result_dict = ldap_auth(post_user_name, post_pass_word)
if status:
user_name = result_dict["user_name"]
# 保存更新数据库和Redis
if UserService.count(where=(User.user_name == user_name)) <= 0:
UserService.save(user_name=result_dict["user_name"],
full_name=result_dict["full_name"],
dept_name=result_dict["dept_name"],
email=result_dict["email"],
mobile_phone=result_dict["mobile"])
else:
UserService.update(fields=({
User.full_name:
result_dict["full_name"],
User.dept_name:
result_dict["dept_name"],
User.email:
result_dict["email"],
User.mobile_phone:
result_dict["mobile"]
}),
where=(User.user_name == user_name))
db_user = UserService.get_fields_by_where(
where=(User.user_name == user_name))[0]
BaseAuthModule.modify_user_info_cache_session(
user_name=db_user.user_name, db_user=db_user)
return jsonify(status=200,
message="认证成功",
data={
"extra_info":
"稍后自动跳转首页,请耐心等待",
"site":
get_system_config()['front_end']['index']
})
return jsonify(status=403,
message="认证出错",
data={
"extra_info": "账号密码登录出错",
"site": "/login"
})
except Exception as e:
logger.exception("auth_account raise error")
return jsonify(status=500,
message="未知异常",
data={"extra_info": "发生未知异常,请联系管理员查看异常日志"})
