def post(self, request, *args, **kwargs):
enterprise_id = request.data.get("enterprise_id")
tenant_id = request.data.get("tenant_id")
if tenant_id and enterprise_id:
teams = Tenants.objects.filter(tenant_id=tenant_id, enterprise_id=enterprise_id)
elif tenant_id and not enterprise_id:
teams = Tenants.objects.filter(tenant_id=tenant_id)
elif not tenant_id and enterprise_id:
teams = Tenants.objects.filter(enterprise_id=enterprise_id)
else:
teams = Tenants.objects.all()
if not teams:
print(u"未发现团队, 初始化结束")
return
for team in teams:
role_kind_services.init_default_roles(kind="team", kind_id=team.tenant_id)
users = team_repo.get_tenant_users_by_tenant_ID(team.ID)
admin = role_kind_services.get_role_by_name(kind="team", kind_id=team.tenant_id, name=u"管理员")
developer = role_kind_services.get_role_by_name(kind="team", kind_id=team.tenant_id, name=u"开发者")
if not admin or not developer:
raise ServiceHandleException(msg="init failed", msg_show=u"初始化失败")
if users:
for user in users:
if user.user_id == team.creater:
user_kind_role_service.update_user_roles(
kind="team", kind_id=team.tenant_id, user=user, role_ids=[admin.ID])
else:
user_kind_role_service.update_user_roles(
kind="team", kind_id=team.tenant_id, user=user, role_ids=[developer.ID])
result = general_message(msg="success", msg_show=u"初始化权限分配成功", code=200)
return Response(result, status=200)
def put(self, request, team_name, user_id, *args, **kwargs):
roles = request.data.get("roles")
team_users = team_services.get_team_users(self.tenant)
user = team_users.filter(user_id=user_id).first()
user_kind_role_service.update_user_roles(kind="team", kind_id=self.tenant.tenant_id, user=user, role_ids=roles)
data = user_kind_role_service.get_user_roles(kind="team", kind_id=self.tenant.tenant_id, user=user)
result = general_message(200, "success", None, bean=data)
return Response(result, status=200)
def add_user_role_to_team(self, tenant, user_ids, role_ids):
"""在团队中添加一个用户并给用户分配一个角色"""
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
if enterprise:
for user_id in user_ids:
# for role_id in role_ids:
PermRelTenant.objects.update_or_create(user_id=user_id, tenant_id=tenant.pk, enterprise_id=enterprise.pk)
user = user_repo.get_by_user_id(user_id)
user_kind_role_service.update_user_roles(kind="team", kind_id=tenant.tenant_id, user=user, role_ids=role_ids)
def post(self, request, enterprise_id, *args, **kwargs):
tenant_name = request.data.get("tenant_name", None)
user_name = request.data.get("user_name", None)
email = request.data.get("email", None)
password = request.data.get("password", None)
re_password = request.data.get("re_password", None)
role_ids = request.data.get("role_ids", None)
phone = request.data.get("phone", None)
real_name = request.data.get("real_name", None)
tenant = team_services.get_tenant_by_tenant_name(tenant_name)
if len(password) < 8:
result = general_message(400, "len error", "密码长度最少为8位")
return Response(result)
# check user info
is_pass, msg = user_services.check_params(user_name, email, password,
re_password,
request.user.enterprise_id)
if not is_pass:
result = general_message(403, "user information is not passed",
msg)
return Response(result)
client_ip = user_services.get_client_ip(request)
enterprise = enterprise_services.get_enterprise_by_enterprise_id(
enterprise_id)
# create user
oauth_instance, _ = user_services.check_user_is_enterprise_center_user(
request.user.user_id)
if oauth_instance:
user = user_services.create_enterprise_center_user_set_password(
user_name, email, password, "admin add", enterprise, client_ip,
phone, real_name, oauth_instance)
else:
user = user_services.create_user_set_password(
user_name, email, password, "admin add", enterprise, client_ip,
phone, real_name)
result = general_message(200, "success", "添加用户成功")
if tenant:
create_perm_param = {
"user_id": user.user_id,
"tenant_id": tenant.ID,
"identity": "",
"enterprise_id": enterprise.ID,
}
team_repo.create_team_perms(**create_perm_param)
if role_ids:
user_kind_role_service.update_user_roles(
kind="team",
kind_id=tenant.tenant_id,
user=user,
role_ids=role_ids)
user.is_active = True
user.save()
result = general_message(200, "success", "添加用户成功")
return Response(result)
def add_user_to_team(self, tenant, user_id, role_ids=None):
user = user_repo.get_by_user_id(user_id)
if not user:
raise ServiceHandleException(msg="user not found", msg_show="用户不存在", status_code=404)
exist_team_user = PermRelTenant.objects.filter(tenant_id=tenant.ID, user_id=user.user_id)
enterprise = enterprise_services.get_enterprise_by_enterprise_id(enterprise_id=tenant.enterprise_id)
if exist_team_user:
raise ServiceHandleException(msg="user exist", msg_show="用户已经加入此团队")
PermRelTenant.objects.create(tenant_id=tenant.ID, user_id=user.user_id, identity="", enterprise_id=enterprise.ID)
if role_ids:
user_kind_role_service.update_user_roles(kind="team", kind_id=tenant.tenant_id, user=user, role_ids=role_ids)
def put(self, req, team_id, user_id):
if req.user.user_id == user_id:
raise serializers.ValidationError("您不能修改自己的权限!", status.HTTP_400_BAD_REQUEST)
serializer = CreateTeamUserReqSerializer(data=req.data)
serializer.is_valid(raise_exception=True)
role_ids = req.data["role_ids"].replace(" ", "").split(",")
user = user_repo.get_by_user_id(user_id)
user_kind_role_service.update_user_roles(kind="team", kind_id=self.team.tenant_id, user=user, role_ids=role_ids)
return Response(None, status.HTTP_200_OK)
def create_team(self, user, enterprise, region_list=None, team_alias=None):
team_name = self.random_tenant_name(enterprise=user.enterprise_id,
length=8)
is_public = settings.MODULES.get('SSO_LOGIN')
if not is_public:
pay_type = 'payed'
pay_level = 'company'
else:
pay_type = 'free'
pay_level = 'company'
expired_day = 7
if hasattr(settings, "TENANT_VALID_TIME"):
expired_day = int(settings.TENANT_VALID_TIME)
expire_time = datetime.datetime.now() + datetime.timedelta(
days=expired_day)
default_region = ""
if region_list and len(region_list) > 0:
default_region = region_list[0]
if not team_alias:
team_alias = "{0}的团队".format(user.nick_name)
params = {
"tenant_name": team_name,
"pay_type": pay_type,
"pay_level": pay_level,
"creater": user.user_id,
"region": default_region,
"expired_time": expire_time,
"tenant_alias": team_alias,
"enterprise_id": enterprise.enterprise_id,
"limit_memory": 0,
}
team = team_repo.create_tenant(**params)
create_perm_param = {
"user_id": user.user_id,
"tenant_id": team.ID,
"identity": "owner",
"enterprise_id": enterprise.ID,
}
team_repo.create_team_perms(**create_perm_param)
# init default roles
role_kind_services.init_default_roles(kind="team",
kind_id=team.tenant_id)
admin_role = role_kind_services.get_role_by_name(
kind="team", kind_id=team.tenant_id, name=u"管理员")
user_kind_role_service.update_user_roles(kind="team",
kind_id=team.tenant_id,
user=user,
role_ids=[admin_role.ID])
return team
def handle(self, *args, **options):
tenant_id = options['tenant_id']
enterprise_id = options['enterprise_id']
if tenant_id and enterprise_id:
teams = Tenants.objects.filter(tenant_id=tenant_id,
enterprise_id=enterprise_id)
elif tenant_id and not enterprise_id:
teams = Tenants.objects.filter(tenant_id=tenant_id)
elif not tenant_id and enterprise_id:
teams = Tenants.objects.filter(enterprise_id=enterprise_id)
else:
teams = Tenants.objects.all()
if not teams:
print(u"未发现团队, 初始化结束")
return
for team in teams:
role_kind_services.init_default_roles(kind="team",
kind_id=team.tenant_id)
users = team_repo.get_tenant_users_by_tenant_ID(team.ID)
admin = role_kind_services.get_role_by_name(kind="team",
kind_id=team.tenant_id,
name=u"管理员")
developer = role_kind_services.get_role_by_name(
kind="team", kind_id=team.tenant_id, name=u"开发者")
if not admin or not developer:
raise ServiceHandleException(msg="init failed",
msg_show=u"初始化失败")
if users:
for user in users:
if user.user_id == team.creater:
user_kind_role_service.update_user_roles(
kind="team",
kind_id=team.tenant_id,
user=user,
role_ids=[admin.ID])
else:
user_kind_role_service.update_user_roles(
kind="team",
kind_id=team.tenant_id,
user=user,
role_ids=[developer.ID])
