def admin_set_parent_api_remove(request):
"""管理员开启用户api功能"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
creator = request.user
try:
user = handle_request_user(request)
if not user:
msg = af.USER_NOT_EXIST
assert False
msg = set_user_api_remove(user)
if not msg:
log_msg = om.REMOVE_API % (creator.username, user.username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
print(res)
return json_response(res)
def client_set_parent_api_remove(request):
"""客户端开启用户api功能"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
user = request.user
try:
msg = set_user_api_remove(user)
if not msg:
log_msg = om.REMOVE_API % (user.username, user.username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
print(res)
return json_response(res)
def client_set_parent_api_status(request):
"""客户端设置api状态"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
user = request.user
try:
msg = set_user_api_status(request, user)
if msg:
assert False
log_msg = om.OPEN_SET_API_STATUS % (user.username, user.username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_group_delete(request):
"""管理员删除角色"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
obj_id = request.POST.get('obj_id', '')
try:
group_profile = GroupProfile.objects.filter(id=obj_id).first()
if not group_profile:
msg = af.GROUP_EMPTY
assert False
group = group_profile.group
group_user = group.user_set.all()
if group_user:
msg = af.GROUP_HAS_USER
assert False
group_profile.group.delete()
log_msg = om.DELETE_GROUP % (request.user.username, group.name)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_set_parent_api_status(request):
"""管理员设置父账号api状态"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
creator = request.user
try:
user = handle_request_user(request)
if not user:
msg = af.USER_NOT_EXIST
assert False
msg = set_user_api_status(request, user)
if msg:
assert False
log_msg = om.OPEN_SET_API_STATUS % (creator.username, user.username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def parent_set_defense_mode(request):
"""父账号自己设置规则防御模式"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
provider = 'QINGSONG'
domain_id = request.POST.get('domain_id', '')
default_waf_mode = request.POST.get('default_waf_mode', '')
self_waf_mode = request.POST.get('self_waf_mode', '')
try:
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
body = {
'channel': '%s://%s' % (domain_obj.protocol, domain_obj.domain),
}
if default_waf_mode:
default_waf_mode = int_check(default_waf_mode)
if default_waf_mode is None:
msg = af.PARAME_ERROR
assert False
body['default'] = 1
body['switch'] = default_waf_mode
log_msg = om.SET_DEFAULT_RULE_MODE % (
request.user.username, domain_obj.domain, default_waf_mode)
elif self_waf_mode:
self_waf_mode = int_check(self_waf_mode)
if self_waf_mode is None:
msg = af.PARAME_ERROR
assert False
body['default'] = 0
body['switch'] = self_waf_mode
log_msg = om.SET_SELF_RULE_MODE % (
request.user.username, domain_obj.domain, self_waf_mode)
api_res = APIUrl.post_link('set_defense_mode', body)
if api_res[provider]['return_code'] == 0:
status = True
OperateLog.write_operate_log(request, om.SECURITY, log_msg)
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_binding_user_contract(request):
"""管理员绑定合同"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
contract_name = request.POST.get('contract_name', '')
start_time = request.POST.get('start_time', '')
end_time = request.POST.get('end_time', '')
product_list = request.POST.getlist('product_list[]', [])
username = request.POST.get('username', '')
# contract_name = 'Microsoft-azure-1510(重录)-2'
# contract_name = 'jwcm-CC-201907'
# username = '******'
# start_time = "2019-08-09"
# end_time = "2019-10-08"
# product_list = [{
# "product_name" : "http视频点播加速服务",
# "product_code" : "9010300000432"
# }]
try:
user = UserProfile.objects.filter(username=username).first()
if not user:
msg = af.USER_NOT_EXIST
assert False
body = {
'username': user.username,
'contract': {
contract_name: {
'start_time': start_time,
'end_time': end_time,
'product': product_list,
}
}
}
res = APIUrl.post_link('binding_user_contract', body)
if res.get('return_code', 0) == 0:
status = True
log_msg = om.BINDING_USER_CONTRACT % (request.user.username,
username, contract_name)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def user_enable_self_rule(request):
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
provider = 'QINGSONG'
domain_id = request.POST.get('domain_id', '')
rule_id = request.POST.get('rule_id', 0)
enable = request.POST.get('enable', 0)
try:
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
enable = int_check(enable)
if enable is None:
msg = af.PARAME_ERROR
assert False
rule_id = int(rule_id)
if rule_id is None:
msg = af.PARAME_ERROR
assert False
body = {
'channel': '%s://%s' % (domain_obj.protocol, domain_obj.domain),
'enable': enable,
'rule_id': rule_id
}
api_res = APIUrl.post_link('enable_self_rule', body)
print(api_res)
if api_res[provider]['return_code'] == 0:
status = True
opt_msg = '开启' if enable else '关闭'
log_msg = om.ENABLE_SELF_RULE % (
request.user.username, rule_id, opt_msg)
OperateLog.write_operate_log(request, om.SECURITY, log_msg)
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def edit_admin_user(request):
"""修改管理员账号用户"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
group_id = request.POST.get('group_id', '')
is_active = request.POST.get('is_active', '')
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username).first()
if not check_user:
msg = af.USER_NOT_EXIST
assert False
if is_active:
is_active = int_check(is_active)
if is_active is None:
msg = af.PARAME_ERROR
assert False
check_user.is_active = True if is_active else False
if group_id:
group = Group.objects.filter(id=group_id).first()
if not group:
msg = af.GROUP_EMPTY
assert False
check_user.groups.clear()
check_user.groups.add(group)
check_user.save()
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
creator_username = request.user.username
log_msg = om.EDIT_USER % (creator_username, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def create_perm_strategy(request):
"""父账号创建权限策略"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
name = request.POST.get('name', '')
remark = request.POST.get('remark', '')
creator_username = request.user.username
perm_list = request.POST.getlist('perm[]', '')
try:
if not name:
msg = af.PERM_STRATEGY_NAME_EMPTY
assert False
if not perm_list:
msg = af.PERM_LIST_EMPTY
assert False
parameter = {
'name': name,
'remark': remark,
'creator_username': creator_username,
'strategy_type': PermStrategy.PARENT_NUM
}
perm_strategy = PermStrategy(**parameter)
perm_strategy.save()
perm_list = Perm.objects.filter(code__in=perm_list)
for perm in perm_list:
perm_strategy.perm.add(perm)
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
log_msg = om.CREATE_PERM_STRATEGY % (
creator_username, name, perm_strategy.id)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def create_admin_user(request):
"""创建管理员"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
group_id = request.POST.get('group_id', '')
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username)
if check_user:
msg = af.USER_EXIST
assert False
group = Group.objects.filter(id=group_id).first()
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
password = '' # ldap 密码使用云密码
identity = 'is_admin'
creator_username = request.user.username
param = {
'username': username,
'password': password,
'group': group,
'identity': identity,
'creator_username': creator_username
}
user = create_user(**param)
if not user:
res['msg'] = _(af.PARAM_ERROR)
return json_response(res)
log_msg = om.CREATE_USER % (creator_username, identity, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def admin_domain_set_waf(request):
"""管理员启用waf"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
provider = 'QINGSONG'
domain_id = request.POST.get('domain_id', '')
switch = request.POST.get('switch', '')
try:
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
domain = domain_obj.domain
switch = int_check(switch)
if switch is None:
msg = af.PARAME_ERROR
assert False
body = {
'channel': '%s://%s' % (domain_obj.protocol, domain),
"switch": switch
}
api_res = APIUrl.post_link('domain_waf_opt_waf', body)
message = api_res[provider].get('message', 'success')
msg = '' if message == 'success' else message
if api_res[provider]['return_code'] == 0:
status = True
switch_name = '开启' if switch else '关闭'
log_msg = om.SET_WAF_STATUS % (
request.user.username, domain, switch_name)
OperateLog.write_operate_log(
request, om.SECURITY, log_msg)
except Exception as e:
print(traceback.format_exc())
res['msg'] = _(msg)
res['msg'] = msg
res['status'] = status
return json_response(res)
def admin_cdn_domain_active(request):
"""管理员域名激活"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
user = request.user
user_id = request.POST.get('user_id', '')
domain_list = request.POST.get('domain', '[]')
# user_id = 93
# domain = '[itestxz0018.chinacache.com]'
domain_list = json.loads(domain_list)
try:
user_id = int_check(user_id)
if user_id is None:
msg = af.PARAME_ERROR
assert False
edit_user = UserProfile.objects.filter(id=user_id).first()
body = {
'domain': domain_list,
'user_id': user_id,
}
api_res = APIUrl.post_link('cdn_domain_active', body)
assert api_res
return_code = api_res.get('return_code', 0)
if return_code != 0:
assert False
status = True
domain_str = ','.join(domain_list)
log_msg = om.ACTIVE_CDN_DOMAIN % (user.username, edit_user.username,
domain_str)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
except Exception as e:
print(e)
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_group_edit(request):
"""管理员修改角色"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
group_id = request.POST.get('group_id', '')
desc = request.POST.get('desc', '')
remark = request.POST.get('remark', '')
perm_list = request.POST.getlist('perm_list', [])
try:
group_profile = GroupProfile.objects.filter(id=group_id)
if not group_profile:
msg = af.GROUP_EMPTY
assert False
group = group_profile.group
creator_username = request.user.username
group_profile.desc = desc
group_profile.remark = remark
group_profile.save()
if perm_list:
group_perm = PermGroup.objects.filter(group=group)
group_perm.delete()
for perm_id in perm_list:
PermGroup.assign_perm(perm_id, group)
log_msg = om.EDIT_GROUP % (creator_username, group.name)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
except AssertionError:
res['msg'] = msg
res['status'] = status
return json_response(res)
def admin_group_create(request):
"""管理员创建角色"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
name = request.POST.get('name', '')
desc = request.POST.get('desc', '')
remark = request.POST.get('remark', '')
perm_list = request.POST.getlist('perm_list', [])
try:
if not name:
msg = af.GROUP_NAME_EMPTYf
assert False
group, is_new = Group.objects.get_or_create(name=name)
if not is_new:
msg = af.GROUP_ALREADY_EXIST
assert False
creator_username = request.user.username
group_profile, _ = GroupProfile.objects.get_or_create(group=group)
group_profile.creator_name = creator_username
group_profile.desc = desc
group_profile.remark = remark
group_profile.save()
if perm_list:
for perm_id in perm_list:
PermGroup.assign_perm(perm_id, group)
log_msg = om.CREATE_GROUP % (creator_username, name)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
except AssertionError:
res['msg'] = msg
res['status'] = status
return json_response(res)
def user_reset_default_rule(request):
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
provider = 'QINGSONG'
domain_id = request.POST.get('domain_id', '')
enable = request.POST.get('enable', 0)
try:
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
body = {
'channel': '%s://%s' % (domain_obj.protocol, domain_obj.domain),
}
enable = int_check(enable)
if enable is None:
msg = af.PARAME_ERROR
assert False
body['enable'] = enable
api_res = APIUrl.post_link('reset_default_rule', body)
if api_res[provider]['return_code'] == 0:
status = True
opt_msg = '全部开启' if enable else '全部关闭'
log_msg = om.RESET_DEFAULT_RULE % (
request.user.username, domain_obj.domain, opt_msg)
OperateLog.write_operate_log(request, om.SECURITY, log_msg)
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_open_parent_api(request):
"""管理员开启用户api功能"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
creator = request.user
try:
user = handle_request_user(request)
# user = UserProfile.objects.get(id=93)
if not user:
msg = af.USER_NOT_EXIST
assert False
msg, api_res = user_open_parent_api(user)
if not msg:
api_info = list()
api_info_dict = {
'secret_id': api_res.get('secret_id', ''),
'secret_key': api_res.get('secret_key', ''),
'create_time': api_res.get('create_time', ''),
'status': api_res.get('api_open', ''),
'type': _(af.COMMON)
}
api_info.append(api_info_dict)
res['api_info'] = api_info
log_msg = om.OPEN_API % (creator.username, user.username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
print(res)
return json_response(res)
def client_cdn_domain_disable(request):
"""客户端域名报停"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
user = request.user
domain_list = request.POST.get('domain', '[]')
# domain = '[itestxz0018.chinacache.com]'
try:
domain_list = json.loads(domain_list)
body = {
'domain': domain_list,
'user_id': user.id,
}
api_res = APIUrl.post_link('cdn_domain_disable', body)
assert api_res
return_code = api_res.get('return_code', 0)
if return_code != 0:
assert False
status = True
domain_str = ','.join(domain_list)
log_msg = om.DISABLE_CDN_DOMAIN % (user.username, user.username,
domain_str)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
except Exception as e:
print(e)
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_create_sec_user(request):
"""创建安全用户"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
sec_product = Product.objects.filter(code='SECURITY').first()
strategy = Strategy.get_obj_from_property('QINGSONG', 'SECURITY', 'WAF')
user_ids = request.POST.getlist('user_ids[]', '')
try:
user_list = UserProfile.objects.filter(id__in=user_ids)
if not user_list:
msg = af.USER_NOT_EXIST
assert False
for user in user_list:
user.product_list.add(sec_product)
user.strategy_list.add(strategy)
user.save()
log_msg = om.CREATE_SECURITY_USER % (
request.user.username, user.username)
OperateLog.write_operate_log(
request, om.SECURITY, log_msg)
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def client_open_parent_api(request):
"""客户端开启用户api功能"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
user = request.user
try:
msg, api_res = user_open_parent_api(user)
if not msg:
api_info = list()
api_info_dict = {
'secret_id': api_res.get('secret_id', ''),
'secret_key': api_res.get('secret_key', ''),
'create_time': api_res.get('create_time', ''),
'status': api_res.get('api_open', ''),
'type': _(af.COMMON)
}
api_info.append(api_info_dict)
res['api_info'] = api_info
log_msg = om.OPEN_API % (user.username, user.username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
print(res)
return json_response(res)
def admin_user_relieve_contract(request):
"""解除绑定合同"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
contract_name = request.POST.get('contract_name', '')
username = request.POST.get('username', '')
# contract_name = '20190808_TEST'
# username = '******'
try:
user = UserProfile.objects.filter(username=username).first()
if not user:
msg = af.USER_NOT_EXIST
assert False
body = {'username': user.username, 'contract': contract_name}
print(body)
res = APIUrl.post_link('relieve_user_contract', body)
if res.get('return_code', 0) == 0:
status = True
log_msg = om.BINDING_USER_CONTRACT % (request.user.username,
username, contract_name)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def delete_perm_strategy(request):
"""父账号删除权限策略"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
obj_id = request.POST.get('obj_id', '')
creator_username = request.user.username
try:
perm_strategy = PermStrategy.objects.filter(
id=obj_id, creator_username=creator_username).first()
if not perm_strategy:
msg = af.PERM_STRATEGY_NOT_EXIST
assert False
perm_strategy.delete()
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
log_msg = om.DELETE_PERM_STRATEGY % (
creator_username, perm_strategy.name, perm_strategy.id)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def _get_opt_log_list(request, user_type):
start_time = request.POST.get('start_time', 0)
end_time = request.POST.get('end_time', 0)
username = request.POST.get('username', '')
size = request.POST.get('size', PAGE_SIZE)
page = request.POST.get('page', '1')
msg = ''
pagination = None
try:
msg, start_time, end_time = handle_req_time(start_time, end_time)
if msg:
assert False
if start_time and end_time:
try:
start_time = timestamp_to_datetime(start_time)
end_time = timestamp_to_datetime(end_time)
except TypeError:
msg = af.PARAME_ERROR
assert False
log_list = OperateLog.get_operator_logs(user_type=user_type,
username=username,
start_time=start_time,
end_time=end_time)
size = int_check(size)
page = int_check(page)
if size is None or page is None or page == 0:
msg = af.PARAME_ERROR
assert False
start = (page - 1) * size
end = page * size
total = len(log_list)
pagination = get_pagination(page, total, size)
result_list = log_list[start:end]
except AssertionError:
result_list = []
return msg, result_list, pagination
def edit_perm_strategy(request):
"""修改权限策略"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
obj_id = request.POST.get('obj_id', '')
name = request.POST.get('name', '')
remark = request.POST.get('remark', '')
creator_username = request.user.username
perm_list = request.POST.getlist('perm[]', '')
try:
if not name:
msg = af.PERM_STRATEGY_NAME_EMPTY
assert False
if not perm_list:
msg = af.PERM_LIST_EMPTY
assert False
perm_strategy = PermStrategy.objects.filter(id=obj_id).first()
if not perm_strategy:
msg = af.PERM_STRATEGY_NOT_EXIST
assert False
if name:
perm_strategy.name = name
if remark:
perm_strategy.remark = remark
if perm_list:
perm_strategy.perm.clear()
perm_list = Perm.objects.filter(code__in=perm_list)
for perm in perm_list:
perm_strategy.perm.add(perm)
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
log_msg = om.EDIT_PERM_STRATEGY % (creator_username, name, perm_strategy.id)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def user_domain_create(request, user, opt_user):
"""用户创建域名"""
domain = request.POST.get('domain', '')
contract_name = request.POST.get('contract_name', '')
cdn_type = request.POST.get('cdn_type', '')
protocol = request.POST.get('protocol', '[]')
cert_name = request.POST.get('cert_name', '')
src_type = request.POST.get('src_type', '')
src_value = request.POST.get('src_value', '')
src_host = request.POST.get('src_host', '')
src_back_type = request.POST.get('src_back_type', '')
src_back_value = request.POST.get('src_back_value', '')
ignore_cache_control = request.POST.get('ignore_cache_control', '0')
ignore_query_string = request.POST.get('ignore_query_string', '0')
cache_rule = request.POST.get('cache_rule', '[]')
msg = ''
status = False
try:
protocol = handle_list(protocol)
if not protocol:
msg = af.PROTOCOL_EMPTY
assert False
cache_rule = handle_list(cache_rule)
if CDNConf.HTTPS_TYPE in protocol and not cert_name:
msg = af.CERT_NAME_EMPTY
assert False
check_domain = Domain.objects.filter(domain=domain,
protocol__in=protocol).first()
if check_domain:
msg = af.DOMAIN_EXIST
assert False
src_ips = []
src_domain = ''
if src_type == CDNConf.SRC_IP:
src_ips = src_value.split('\n')
elif src_type == CDNConf.SRC_DOMAIN:
src_domain = src_value
if not src_host:
src_host = domain
src_back_ips = []
src_back_domain = ''
if src_back_type == CDNConf.SRC_BACK_IP:
src_back_ips = src_back_value.split('\n')
elif src_back_type == CDNConf.SRC_BACK_DOMAIN:
src_back_domain = src_back_value
body = {
'base_template_id': CDNConf.BASE_CC_CMS_TEMPLATE_ID,
'user_id': user.id,
'domain': domain,
'cdn_type': cdn_type,
'contract_name': contract_name,
'protocol': protocol,
'cert_name': cert_name,
'src_type': src_type,
'src_ips': src_ips,
'src_domain': src_domain,
'src_host': src_host,
'src_back_type': src_back_type,
'src_back_ips': src_back_ips,
'src_back_domain': src_back_domain,
'ignore_cache_control': ignore_cache_control,
'ignore_query_string': ignore_query_string,
'cache_rule': cache_rule,
}
print(body)
res = APIUrl.post_link('cdn_domain_create', body)
print(res)
return_code = res.get('return_code', 0)
if return_code != 0:
assert False
for p in protocol:
domain_obj = Domain(domain=domain, protocol=p, user=user)
domain_obj.save()
log_msg = om.CREATE_CDN_DOMAIN % (opt_user.username, user.username,
domain)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
except AssertionError:
pass
return msg, status
def edit_child_user(request):
"""修改子账号"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
obj_id = request.POST.get('obj_id', 0)
password = request.POST.get('password', '')
is_api = request.POST.get('is_api', '')
reset_password = request.POST.get('reset_password', '')
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
remark = request.POST.get('remark', '')
is_active = request.POST.get('is_active', '')
perm_strategy_ids = request.POST.getlist('perm_strategy[]', '')
try:
check_user = UserProfile.objects.filter(id=obj_id).first()
if not check_user:
msg = af.USER_NOT_EXIST
assert False
if is_api:
is_api = int_check(is_api)
if is_api is None:
msg = af.PARAM_ERROR
assert False
# TODO 通信api 实现key的删除
if reset_password:
reset_password = int_check(reset_password)
if reset_password is None:
msg = af.PARAM_ERROR
assert False
check_user.reset_password = True if reset_password else False
if is_active:
is_active = int_check(is_active)
if is_api is None:
msg = af.PARAM_ERROR
assert False
check_user.is_active = True if is_active else False
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
if email:
check_user.email = email
if mobile:
check_user.mobile = mobile
if remark:
check_user.remark = remark
if password:
check_user.set_password(password)
check_user.save()
if perm_strategy_ids:
user_perm = UserPermStrategy.objects.filter(user=check_user).first()
user_perm.perm_strategy.clear()
UserPermStrategy.assign_perm(perm_strategy_ids, check_user)
log_msg = om.EDIT_USER % (request.user.username, check_user.username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def create_child_user(request):
"""创建子账号号用户"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
username = request.POST.get('username', '')
password = request.POST.get('password', '')
is_api = request.POST.get('is_api', 0)
reset_password = request.POST.get('reset_password', 0)
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
remark = request.POST.get('remark', '')
perm_strategy_ids = request.POST.getlist('perm_strategy[]', '')
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username)
if check_user:
msg = af.USER_EXIST
assert False
if not password:
msg = af.PASSWORD_EMPTY
assert False
is_api = int_check(is_api)
if is_api is None:
msg = af.PARAM_ERROR
assert False
reset_password = int_check(reset_password)
if reset_password is None:
msg = af.PARAM_ERROR
assert False
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
if is_api:
print('给api通信')
identity = 'is_child'
group = Group.objects.filter(id=GroupProfile.CUSTOMER_CHILD_ID).first()
creator_username = request.user.username
param = {
'username': username,
'password': password,
'group': group,
'identity': identity,
'email': email,
'mobile': mobile,
'remark': remark,
'reset_password': True if reset_password else False,
'creator_username': creator_username
}
user = create_user(**param)
if not user:
res['msg'] = _(af.PARAM_ERROR)
return json_response(res)
UserPermStrategy.assign_perm(perm_strategy_ids, user)
log_msg = om.CREATE_USER % (creator_username, identity, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def admin_edit_parent_user(request):
"""修改父账号用户"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
company = request.POST.get('company', '')
user_type = request.POST.get('user_type', '')
linkman = request.POST.get('linkman', '')
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
is_active = request.POST.get('is_active', '')
password = request.POST.get('password', '')
reset_password = request.POST.get('reset_password', '0')
perm_list = request.POST.getlist('perm[]', [])
try:
check_user = UserProfile.objects.filter(username=username).first()
if not check_user:
msg = af.USER_NOT_EXIST
assert False
if is_active:
is_active = int_check(is_active)
if is_active is None:
msg = af.PARAME_ERROR
assert False
check_user.is_active = True if is_active else False
if password:
check_user.set_password(password)
if reset_password:
reset_password = int_check(reset_password)
check_user.reset_password = True if reset_password else False
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
creator_username = request.user.username
if company:
check_user.company = company
if user_type == 'is_parent':
check_user.is_parent = True
check_user.is_agent = False
if user_type == 'is_agent':
check_user.is_parent = False
check_user.is_agent = True
if linkman:
check_user.linkman = linkman
if email:
check_user.email = email
if mobile:
check_user.mobile = mobile
user_perm, is_new = PermUser.objects.get_or_create(user=check_user)
if is_new:
user_perm.save()
user_perm.perm.clear()
# check_user.product_list.clear()
# check_user.strategy_list.clear()
for perm_code in perm_list:
PermUser.assign_perm(perm_code, check_user)
if perm_code == 'client_cdn_menu':
cdn_product = Product.objects.filter(code='CDN').first()
cdn_strategy = Strategy.get_obj_from_property('CC', 'CDN', 'CDN')
check_user.product_list.add(cdn_product)
check_user.strategy_list.add(cdn_strategy)
check_user.save()
# elif perm_code == 'client_security_menu':
# sec_product = Product.objects.filter(code='SECURITY').first()
# sec_strategy = Strategy.get_obj_from_property(
# 'QINGSONG', 'SECURITY', 'WAF')
# check_user.product_list.add(sec_product)
# check_user.strategy_list.add(sec_strategy)
# check_user.save()
check_user.save()
log_msg = om.EDIT_USER % (creator_username, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def client_cdn_edit_domain(request):
"""
客户端修改cdn域名
"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
user = request.user
domain = request.POST.get('domain', '')
cert_name = request.POST.get('cert_name', '')
src_type = request.POST.get('src_type', '')
src_value = request.POST.get('src_value', '')
src_host = request.POST.get('src_host', '')
src_back_type = request.POST.get('src_back_type', '')
src_back_value = request.POST.get('src_back_value', '')
ignore_cache_control = request.POST.get('ignore_cache_control', '0')
ignore_query_string = request.POST.get('ignore_query_string', '0')
cache_rule = request.POST.get('cache_rule', '[]')
try:
cache_rule = json.loads(cache_rule)
if src_back_value and not src_back_type:
msg = af.SRC_BACK_TYPE_EMPTY
assert False
check_domain = Domain.objects.filter(domain=domain).first()
if not check_domain:
assert False
msg = af.DOMAIN_NOT_EXIST
src_ips = []
src_domain = ''
if src_type == CDNConf.SRC_IP:
src_ips = src_value.split('\n')
elif src_type == CDNConf.SRC_DOMAIN:
src_domain = src_value
if not src_host:
src_host = domain
src_back_ips = []
src_back_domain = ''
if src_back_type == CDNConf.SRC_BACK_IP:
src_back_ips = src_back_value.split('\n')
elif src_back_type == CDNConf.SRC_BACK_DOMAIN:
src_back_domain = src_back_value
body = {
'user_id': user.id,
'domain': domain,
'cert_name': cert_name,
'src_type': src_type,
'src_ips': src_ips,
'src_domain': src_domain,
'src_host': src_host,
'src_back_type': src_back_type,
'src_back_ips': src_back_ips,
'src_back_domain': src_back_domain,
'ignore_cache_control': ignore_cache_control,
'ignore_query_string': ignore_query_string,
'cache_rule': cache_rule,
}
print(body)
api_res = APIUrl.post_link('cdn_domain_edit', body)
print(api_res)
return_code = api_res.get('return_code', 0)
if return_code != 0:
assert False
status = True
log_msg = om.EDIT_CDN_DOMAIN % (user.username, user.username, domain)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
except Exception as e:
print(e)
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_create_parent_user(request):
"""创建父账号用户"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
password = request.POST.get('password', '')
company = request.POST.get('company', '')
linkman = request.POST.get('linkman', '')
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
is_api = request.POST.get('is_api', '')
is_active = request.POST.get('is_active', '1')
perm_list = request.POST.getlist('perm[]', [])
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username)
if check_user:
msg = af.USER_EXIST
assert False
if not password:
msg = af.PASSWORD_EMPTY
assert False
if not company:
msg = af.COMPANY_EMPTY
assert False
is_api = int(is_api)
if is_api is None:
msg = af.PARAM_ERROR
assert False
is_active = int_check(is_active)
if is_active is None:
msg = af.PARAM_ERROR
assert False
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
identity = 'is_parent'
group = Group.objects.filter(id=GroupProfile.CUSTOMER_ID).first()
creator_username = request.user.username
param = {
'username': username,
'password': password,
'group': group,
'identity': identity,
'company': company,
'linkman': linkman,
'email': email,
'mobile': mobile,
'creator_username': creator_username,
'is_api': True if is_api else False
}
user = create_user(**param)
if not user:
res['msg'] = _(af.PARAM_ERROR)
return json_response(res)
if not is_active:
user.is_active = False
user.save()
for perm_code in perm_list:
PermUser.assign_perm(perm_code, user)
if perm_code == 'client_cdn_menu':
cdn_product = Product.objects.filter(code='CDN').first()
cdn_strategy = Strategy.get_obj_from_property('CC', 'CDN', 'CDN')
user.product_list.add(cdn_product)
user.strategy_list.add(cdn_strategy)
user.save()
# elif perm_code == 'client_security_menu':
# sec_product = Product.objects.filter(code='SECURITY').first()
# sec_strategy = Strategy.get_obj_from_property(
# 'QINGSONG', 'SECURITY', 'WAF')
# user.product_list.add(sec_product)
# user.strategy_list.add(sec_strategy)
# user.save()
log_msg = om.CREATE_USER % (creator_username, identity, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
