def get_ns_list_by_user_perm(self, request, project_id): """获取用户所有有使用权限的命名空间""" access_token = request.user.token.access_token # 获取全部namespace,前台分页 result = paas_cc.get_namespace_list(access_token, project_id, with_lb=0, limit=LIMIT_FOR_ALL_DATA) if result.get('code') != 0: raise error_codes.APIError.f(result.get('message', '')) ns_list = result['data']['results'] or [] if not ns_list: return [] # 补充cluster_name字段 cluster_ids = [i['cluster_id'] for i in ns_list] cluster_list = paas_cc.get_cluster_list(access_token, project_id, cluster_ids).get('data') or [] cluster_dict = {i['cluster_id']: i for i in cluster_list} # 命名空间列表补充集群信息,过来权限时需要 for i in ns_list: i['namespace_id'] = i['id'] if i['cluster_id'] in cluster_dict: i['cluster_name'] = cluster_dict[i['cluster_id']]['name'] i['environment'] = cluster_dict[i['cluster_id']]['environment'] else: i['cluster_name'] = i['cluster_id'] i['environment'] = None perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES) # 只过滤有编辑权限 filter_parms = {'is_filter': True, 'filter_type': 'edit'} ns_list = perm.hook_base_perms(ns_list, **filter_parms) return ns_list
def filter_namespaces(self, filter_use_perm): result = paas_cc.get_namespace_list(self.access_token, self.project_id, desire_all_data=True) results = result["data"]["results"] if not results: return [] # 补充cluster_name字段 cluster_ids = [i['cluster_id'] for i in results] cluster_list = paas_cc.get_cluster_list( self.access_token, self.project_id, cluster_ids).get('data') or [] # cluster_list = bcs_perm.Cluster.hook_perms(request, project_id, cluster_list) cluster_dict = {i['cluster_id']: i for i in cluster_list} filter_ns_list = [] for i in results: # 过滤掉k8s系统和bcs平台使用的命名空间 if i["name"] in K8S_PLAT_NAMESPACE: continue # ns_vars = NameSpaceVariable.get_ns_vars(i['id'], project_id) i['ns_vars'] = [] if i['cluster_id'] in cluster_dict: i['cluster_name'] = cluster_dict[i['cluster_id']]['name'] i['environment'] = cluster_dict[i['cluster_id']]['environment'] else: i['cluster_name'] = i['cluster_id'] i['environment'] = None filter_ns_list.append(i) return filter_ns_list
def get_queryset(self): result = paas_cc.get_namespace_list(self.access_token, self.project_id, desire_all_data=True) results = result["data"]["results"] if not results: return [] # 补充cluster_name字段 cluster_ids = [i['cluster_id'] for i in results] cluster_list = paas_cc.get_cluster_list( self.access_token, self.project_id, cluster_ids).get('data') or [] # cluster_list = bcs_perm.Cluster.hook_perms(request, project_id, cluster_list) cluster_dict = {i['cluster_id']: i for i in cluster_list} for i in results: # ns_vars = NameSpaceVariable.get_ns_vars(i['id'], project_id) i['ns_vars'] = [] if i['cluster_id'] in cluster_dict: i['cluster_name'] = cluster_dict[i['cluster_id']]['name'] i['environment'] = cluster_dict[i['cluster_id']]['environment'] else: i['cluster_name'] = i['cluster_id'] i['environment'] = None perm = bcs_perm.Namespace(self.request, self.project_id, bcs_perm.NO_RES) results = perm.hook_perms(results, True) return results
def get_cluster_list(self, request, project_id, cluster_ids): """根据cluster_id获取集群信息""" resp = paas_cc.get_cluster_list(request.user.token.access_token, project_id, cluster_ids) if resp.get("code") != ErrorCode.NoError: raise error_codes.APIError.f(resp.get("message")) data = resp.get("data") or [] # if not data: # raise error_codes.APIError.f("查询集群信息为空") return data
def list(self, request, project_id): """命名空间列表 权限控制: 必须有对应集群的使用权限 """ access_token = request.user.token.access_token valid_group_by = ['env_type', 'cluster_id', 'cluster_name'] group_by = request.GET.get('group_by') cluster_id = request.GET.get('cluster_id') with_lb = request.GET.get('with_lb', 0) # 过滤有使用权限的命名空间 perm_can_use = request.GET.get('perm_can_use') if perm_can_use == '1': perm_can_use = True else: perm_can_use = False # 获取全部namespace,前台分页 result = paas_cc.get_namespace_list(access_token, project_id, with_lb=with_lb, limit=constants.ALL_LIMIT) if result.get('code') != 0: raise error_codes.APIError.f(result.get('message', '')) results = result['data']['results'] or [] # 是否有创建权限 perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES) can_create = perm.can_create(raise_exception=False) # 补充cluster_name字段 cluster_ids = [i['cluster_id'] for i in results] cluster_list = paas_cc.get_cluster_list(access_token, project_id, cluster_ids).get('data') or [] # cluster_list = bcs_perm.Cluster.hook_perms(request, project_id, cluster_list) cluster_dict = {i['cluster_id']: i for i in cluster_list} # no_vars=1 不显示变量 no_vars = request.GET.get('no_vars') if no_vars == '1': project_var = [] else: project_var = NameSpaceVariable.get_project_ns_vars(project_id) for i in results: # ns_vars = NameSpaceVariable.get_ns_vars(i['id'], project_id) ns_id = i['id'] ns_vars = [] for _var in project_var: _ns_values = _var['ns_values'] _ns_value_ids = _ns_values.keys() ns_vars.append({ 'id': _var['id'], 'key': _var['key'], 'name': _var['name'], 'value': _ns_values.get(ns_id) if ns_id in _ns_value_ids else _var['default_value'], }) i['ns_vars'] = ns_vars if i['cluster_id'] in cluster_dict: i['cluster_name'] = cluster_dict[i['cluster_id']]['name'] i['environment'] = cluster_dict[i['cluster_id']]['environment'] else: i['cluster_name'] = i['cluster_id'] i['environment'] = None # 添加permissions到数据中 results = perm.hook_perms(results, perm_can_use) if cluster_id: results = filter(lambda x: x['cluster_id'] == cluster_id, results) if group_by and group_by in valid_group_by: # 分组, 排序 results = [{ 'name': k, 'results': sorted(list(v), key=lambda x: x['id'], reverse=True) } for k, v in groupby(sorted(results, key=lambda x: x[group_by]), key=lambda x: x[group_by])] if group_by == 'env_type': ordering = [i.value for i in constants.EnvType] results = sorted(results, key=lambda x: ordering.index(x['name'])) else: results = sorted(results, key=lambda x: x['name'], reverse=True) # 按集群分组时,添加集群环境信息 for r in results: r_ns_list = r.get('results') or [] r_ns = r_ns_list[0] if r_ns_list else {} r['environment'] = r_ns.get('environment', '') r['environment_name'] = "正式" if r[ 'environment'] == 'prod' else "测试" else: results = sorted(results, key=lambda x: x['id'], reverse=True) return APIResult(results, '取Namespace成功', permissions={'create': can_create})