def get_app_list(self, tenant_pk, user, tenant_id, region):
user_pk = user.pk
services = []
if user.is_sys_admin:
services = TenantServiceInfo.objects.filter(tenant_id=tenant_id, service_region=region)
else:
perm = perms_repo.get_user_tenant_perm(tenant_pk, user_pk)
if not perm:
if tenant_pk == 5073:
services = TenantServiceInfo.objects.filter(tenant_id=tenant_id, service_region=region).order_by(
'service_alias')
else:
role_name = role_repo.get_role_name_by_role_id(perm.role_id)
if role_name in ('admin', 'developer', 'viewer', 'gray', 'owner'):
services = TenantServiceInfo.objects.filter(tenant_id=tenant_id, service_region=region).order_by(
'service_alias')
else:
dsn = BaseConnection()
add_sql = ''
query_sql = '''
select s.* from tenant_service s, service_perms sp where s.tenant_id = "{tenant_id}"
and sp.user_id = {user_id} and sp.service_id = s.ID and s.service_region = "{region}" {add_sql} order by s.service_alias
'''.format(tenant_id=tenant_id, user_id=user_pk, region=region,
add_sql=add_sql)
services = dsn.query(query_sql)
return services
def list_teams_by_user_id(self,
eid,
user_id,
query=None,
page=None,
page_size=None):
tenants = team_repo.list_by_user_id(eid, user_id, query, page,
page_size)
total = team_repo.count_by_user_id(eid, user_id, query)
for tenant in tenants:
# 获取一个用户在一个团队中的身份列表
perms_identitys = team_services.get_user_perm_identitys_in_permtenant(
user_id=user_id, tenant_name=tenant["tenant_id"])
# 获取一个用户在一个团队中的角色ID列表
perms_role_list = team_services.get_user_perm_role_id_in_permtenant(
user_id=user_id, tenant_name=tenant["tenant_id"])
role_infos = []
for identity in perms_identitys:
if identity == "access":
role_infos.append({"role_name": identity, "role_id": None})
else:
role_id = role_repo.get_role_id_by_role_name(identity)
role_infos.append({
"role_name": identity,
"role_id": role_id
})
for role in perms_role_list:
role_name = role_repo.get_role_name_by_role_id(role)
role_infos.append({"role_name": role_name, "role_id": role})
tenant["role_infos"] = role_infos
return tenants, total
def list_users_by_tenant_id(self, tenant_id, page=None, size=None, query=""):
result = user_repo.list_users_by_tenant_id(tenant_id, query=query, page=page, size=size)
users = []
for item in result:
# 获取一个用户在一个团队中的身份列表
perms_identitys = team_services.get_user_perm_identitys_in_permtenant(
user_id=item.get("user_id"), tenant_name=tenant_id)
# 获取一个用户在一个团队中的角色ID列表
perms_role_list = team_services.get_user_perm_role_id_in_permtenant(
user_id=item.get("user_id"), tenant_name=tenant_id)
role_infos = []
for identity in perms_identitys:
if identity == "access":
role_infos.append({"role_name": identity, "role_id": None})
else:
role_id = role_repo.get_role_id_by_role_name(identity)
role_infos.append({"role_name": identity, "role_id": role_id})
for role in perms_role_list:
role_name = role_repo.get_role_name_by_role_id(role)
role_infos.append({"role_name": role_name, "role_id": role})
users.append({
"user_id": item.get("user_id"),
"nick_name": item.get("nick_name"),
"email": item.get("email"),
"phone": item.get("phone"),
"is_active": item.get("is_active"),
"enterprise_id": item.get("enterprise_id"),
"role_infos": role_infos,
})
total = user_repo.count_users_by_tenant_id(tenant_id, query=query)
return users, total
def get_user_perm_role_in_permtenant(self, user_id, tenant_name):
"""获取一个用户在一个团队的角色名称列表"""
tenant = self.get_tenant_by_tenant_name(tenant_name=tenant_name)
user_perms = team_repo.get_user_perms_in_permtenant(user_id=user_id, tenant_id=tenant.ID)
if not user_perms:
return []
role_id_list = []
for role_id in [perm.role_id for perm in user_perms]:
if not role_id:
continue
role_id_list.append(role_id)
return [role_repo.get_role_name_by_role_id(role_id=i) for i in role_id_list]
def get_app_list(self, tenant_pk, user, tenant_id, region, query=""):
user_pk = user.pk
services = []
def list_services():
q = Q(tenant_id=tenant_id, service_region=region)
if query:
q &= Q(service_cname__contains=query)
return TenantServiceInfo.objects.filter(q)
if user.is_sys_admin:
services = list_services()
else:
perm = perms_repo.get_user_tenant_perm(tenant_pk, user_pk)
if not perm:
if tenant_pk == 5073:
services = list_services().order_by('service_alias')
else:
role_name = role_repo.get_role_name_by_role_id(perm.role_id)
if role_name in ('admin', 'developer', 'viewer', 'gray',
'owner'):
services = list_services().order_by('service_alias')
else:
dsn = BaseConnection()
add_sql = ''
where = """
WHERE
s.tenant_id = "{tenant_id}"
AND sp.user_id = { user_id }
AND sp.service_id = s.ID
AND s.service_cname LIKE "%{query}%"
AND s.service_region = "{region}" { add_sql }""".format(
tenant_id=tenant_id,
user_id=user_pk,
region=region,
query=query,
add_sql=add_sql)
query_sql = '''
SELECT
s.*
FROM
tenant_service s,
service_perms sp
{where}
ORDER BY
s.service_alias'''.format(where=where)
services = dsn.query(query_sql)
return services
def get(self, request, team_name, *args, **kwargs):
"""
获取某团队下的所有用户(每页展示八个用户)
---
parameters:
- name: team_name
description: 团队名称
required: true
type: string
paramType: path
- name: page
description: 页数
required: true
type: string
paramType: query
"""
try:
code = 200
page = request.GET.get("page", 1)
# 获得租户/团队 对象
user_list = team_services.get_tenant_users_by_tenant_name(tenant_name=team_name)
users_list = list()
for user in user_list:
# 获取一个用户在一个团队中的身份列表
perms_identitys_list = team_services.get_user_perm_identitys_in_permtenant(user_id=user.user_id,
tenant_name=team_name)
# 获取一个用户在一个团队中的角色ID列表
perms_role_list = team_services.get_user_perm_role_id_in_permtenant(user_id=user.user_id,
tenant_name=team_name)
role_info_list = []
for identity in perms_identitys_list:
if identity == "access":
role_info_list.append({"role_name": identity, "role_id": None})
else:
role_id = role_repo.get_role_id_by_role_name(identity)
role_info_list.append({"role_name": identity, "role_id": role_id})
for role in perms_role_list:
role_name = role_repo.get_role_name_by_role_id(role)
role_info_list.append({"role_name": role_name, "role_id": role})
users_list.append(
{
"user_id": user.user_id,
"user_name": user.nick_name,
"email": user.email,
"role_info": role_info_list
}
)
paginator = Paginator(users_list, 8)
try:
users = paginator.page(page).object_list
except PageNotAnInteger:
users = paginator.page(1).object_list
except EmptyPage:
users = paginator.page(paginator.num_pages).object_list
result = general_message(code, "team members query success", "查询成功", list=users, total=paginator.count)
except UserNotExistError as e:
code = 400
logger.exception(e)
result = general_message(code, "user not exist", e.message)
except TenantNotExistError as e:
code = 400
logger.exception(e)
result = general_message(code, "tenant not exist", "{}团队不存在".format(team_name))
except Exception as e:
code = 500
logger.exception(e)
result = general_message(code, "system error", "系统异常")
return Response(data=result, status=code)
def get(self, request, *args, **kwargs):
"""
查询我的详情
---
"""
try:
p = PermActions()
code = 200
user = self.user
user.actions = UserActions()
tenants = team_services.get_current_user_tenants(
user_id=user.user_id)
user_detail = dict()
user_detail["user_id"] = user.user_id
user_detail["user_name"] = user.nick_name
user_detail["email"] = user.email
user_detail["enterprise_id"] = user.enterprise_id
user_detail["phone"] = user.phone
user_detail["git_user_id"] = user.git_user_id
user_detail["is_sys_admin"] = user.is_sys_admin
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
user.enterprise_id)
user_detail["is_enterprise_active"] = enterprise.is_active
is_user_enter_amdin = user_services.is_user_admin_in_current_enterprise(
self.user, user.enterprise_id)
user_detail["is_user_enter_amdin"] = is_user_enter_amdin
tenant_list = list()
for tenant in tenants:
tenant_info = dict()
team_region_list = region_services.get_region_list_by_team_name(
request=request, team_name=tenant.tenant_name)
tenant_info["team_id"] = tenant.ID
tenant_info["team_name"] = tenant.tenant_name
tenant_info["team_alias"] = tenant.tenant_alias
tenant_info["limit_memory"] = tenant.limit_memory
tenant_info["pay_level"] = tenant.pay_level
tenant_info["region"] = team_region_list
tenant_info["creater"] = tenant.creater
tenant_info["create_time"] = tenant.create_time
perms_list = team_services.get_user_perm_identitys_in_permtenant(
user_id=user.user_id, tenant_name=tenant.tenant_name)
perms_role_id_list = team_services.get_user_perm_role_id_in_permtenant(
user_id=user.user_id, tenant_name=tenant.tenant_name)
perms_tuple = ()
if perms_list:
final_identity = perms.get_highest_identity(perms_list)
tenant_actions = p.keys(
'tenant_{0}_actions'.format(final_identity))
perms_tuple += tenant_actions
else:
final_identity = []
role_name_list = [
role_repo.get_role_name_by_role_id(role_id=role_id)
for role_id in perms_role_id_list
]
for role_id in perms_role_id_list:
tenant_actions = role_perm_repo.get_perm_by_role_id(
role_id=role_id)
perms_tuple += tenant_actions
if final_identity:
tenant_info["role_name_list"] = [final_identity
] + role_name_list
else:
tenant_info["role_name_list"] = role_name_list
user.actions.set_actions('tenant', tuple(set(perms_tuple)))
tenant_info["tenant_actions"] = user.actions.tenant_actions
tenant_list.append(tenant_info)
user_detail["teams"] = tenant_list
result = general_message(code,
"Obtain my details to be successful.",
"获取我的详情成功",
bean=user_detail)
except Exception as e:
code = 500
logger.exception(e)
result = error_message(e.message)
return Response(result, status=code)
