def admin_sync_domain_waf_conf(request):
"""管理员同步域名waf配置信息"""
msg = ''
status = False
provider = 'QINGSONG'
res = {
'status': status,
'msg': msg
}
domain_id = request.POST.get('domain_id', '')
# domain_id = 8
try:
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
channel = '%s://%s' % (domain_obj.protocol, domain_obj.domain)
body = {
'channel': channel,
}
api_res = APIUrl.post_link('sync_domain_waf_conf', body)
message = api_res[provider].get('message', 'success')
msg = '' if message == 'success' else message
if api_res[provider]['return_code'] == 0:
"""
{
'domain': 'itest.chinacache.com',
'access_type': '2',
'access_point': '广州',
'access_point_cname': 'cc-waf-gz.ccgslb.com.cn',
'confirm_cdn_preload': True,
'confirm_cdn_http_layered': True,
'confirm_cdn_https_layered': True,
'status': 4,
'source_is_ip': True,
'source_addr': '223.202.202.15',
'port': '80',
'ssl_status': 1,
'cert_id': '333330',
'return_code': 0,
'cert_name': 'mzr_delete_final_1_2211',
'default_waf_mode': 2,
'self_waf_mode': 1
}
"""
waf_conf = api_res[provider]
provider_obj = Provider.objects.filter(code=provider).first()
waf_conf['provider_name'] = provider_obj.name
waf_conf['provider_name'] = provider_obj.name
res['waf_conf'] = waf_conf
status = True
except Exception as e:
print(traceback.format_exc())
res['msg'] = _(msg)
res['msg'] = msg
res['status'] = status
return json_response(res)
def admin_set_domain_waf_conf(request):
"""管理员设置waf 基本配置
update = {
'domain': '域名',
'access_point': '接入点',
'access_point_cname': '接入点对应cname',
'access_type': 'waf接入方式 目前是 2',
'src_type': '1 ip回源 & 2 域名回源',
'src_address': '回源值 域名回源就是域名,ip回源就是ip',
'src_port': '回源端口',
'src_host': '回源host',
'ssl_status': '是否启用https',
'cert_name': '证书名称',
'default_waf_mode': '默认规则防御模式',
'self_waf_mode': '自定义规则防御模式',
}
"""
msg = ''
status = False
provider = 'QINGSONG'
res = {
'status': status,
'msg': msg
}
domain_id = request.POST.get('domain_id', '')
short_name = request.POST.get('short_name', '')
access_type = request.POST.get('access_type', '2')
src_type = request.POST.get('src_type', '2')
src_address = request.POST.get('src_address', '')
src_port = request.POST.get('src_port', '')
src_host = request.POST.get('src_host', '')
ssl_status = request.POST.get('ssl_status', False)
cert_id = request.POST.get('cert_id', '')
default_waf_mode = request.POST.get('default_waf_mode', '')
self_waf_mode = request.POST.get('self_waf_mode', '')
# domain_id = 8
# short_name = 'GZ'
# default_waf_mode = 3
# self_waf_mode = 0
try:
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
domain = domain_obj.domain
channel = '%s://%s' % (domain_obj.protocol, domain)
body = {
'channel': channel,
'access_type': access_type,
}
if short_name:
access_point = sf.ACCESS_POINT_CONF[short_name]['name']
access_point_cname = sf.ACCESS_POINT_CONF[short_name]['cname']
body['access_point'] = access_point
body['access_point_cname'] = access_point_cname
if src_address and src_type:
src_type = int_check(src_type)
if src_type is None:
msg = af.PARAME_ERROR
assert False
if src_type == sf.SRC_TYPE_IP:
if not is_ip(src_address):
msg = af.PARAME_ERROR
assert False
elif src_type == sf.SRC_TYPE_DOMAIN:
if not is_domain(src_address):
msg = af.PARAME_ERROR
body['src_type'] = src_type
body['src_address'] = src_address
if src_port:
body['src_port'] = src_port
if src_host:
body['src_host'] = src_host
if default_waf_mode:
body['default_waf_mode'] = default_waf_mode
if self_waf_mode:
body['self_waf_mode'] = self_waf_mode
if ssl_status:
body['ssl_status'] = ssl_status
if cert_id:
body['cert_id'] = cert_id
api_res = APIUrl.post_link('set_domain_waf_conf', body)
if api_res[provider]['return_code'] == 0:
status = True
log_msg = om.EDIT_WAF_CONF % (request.user.username, domain)
OperateLog.write_operate_log(
request, om.SECURITY, log_msg)
except Exception as e:
print(e)
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_edit_parent_user(request):
"""修改父账号用户"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
company = request.POST.get('company', '')
user_type = request.POST.get('user_type', '')
linkman = request.POST.get('linkman', '')
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
is_active = request.POST.get('is_active', '')
password = request.POST.get('password', '')
reset_password = request.POST.get('reset_password', '0')
perm_list = request.POST.getlist('perm[]', [])
try:
check_user = UserProfile.objects.filter(username=username).first()
if not check_user:
msg = af.USER_NOT_EXIST
assert False
if is_active:
is_active = int_check(is_active)
if is_active is None:
msg = af.PARAME_ERROR
assert False
check_user.is_active = True if is_active else False
if password:
check_user.set_password(password)
if reset_password:
reset_password = int_check(reset_password)
check_user.reset_password = True if reset_password else False
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
creator_username = request.user.username
if company:
check_user.company = company
if user_type == 'is_parent':
check_user.is_parent = True
check_user.is_agent = False
if user_type == 'is_agent':
check_user.is_parent = False
check_user.is_agent = True
if linkman:
check_user.linkman = linkman
if email:
check_user.email = email
if mobile:
check_user.mobile = mobile
user_perm, is_new = PermUser.objects.get_or_create(user=check_user)
if is_new:
user_perm.save()
user_perm.perm.clear()
# check_user.product_list.clear()
# check_user.strategy_list.clear()
for perm_code in perm_list:
PermUser.assign_perm(perm_code, check_user)
if perm_code == 'client_cdn_menu':
cdn_product = Product.objects.filter(code='CDN').first()
cdn_strategy = Strategy.get_obj_from_property('CC', 'CDN', 'CDN')
check_user.product_list.add(cdn_product)
check_user.strategy_list.add(cdn_strategy)
check_user.save()
# elif perm_code == 'client_security_menu':
# sec_product = Product.objects.filter(code='SECURITY').first()
# sec_strategy = Strategy.get_obj_from_property(
# 'QINGSONG', 'SECURITY', 'WAF')
# check_user.product_list.add(sec_product)
# check_user.strategy_list.add(sec_strategy)
# check_user.save()
check_user.save()
log_msg = om.EDIT_USER % (creator_username, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def edit_parent_user(request):
"""修改父账号用户"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
company = request.POST.get('company', '')
user_type = request.POST.get('user_type', '')
linkman = request.POST.get('linkman', '')
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
is_active = request.POST.get('is_active', '0')
perm_list = request.POST.getlist('perm[]', '')
try:
check_user = UserProfile.objects.filter(username=username)
if not check_user:
msg = af.USER_NOT_EXIST
assert False
is_active = int_check(is_active)
if is_active is None:
msg = af.PARAME_ERROR
assert False
check_user.is_active = True if is_active else False
except AssertionError:
res['msg'] = msg
return json_response(res)
creator_username = request.user.username
if company:
check_user.company = company
if user_type == 'is_parent':
check_user.is_parent = True
check_user.is_agent = False
if user_type == 'is_agent':
check_user.is_parent = False
check_user.is_agent = True
if linkman:
check_user.linkman = linkman
if email:
check_user.email = email
if mobile:
check_user.mobile = mobile
if perm_list:
user_perm = PermUser.objects.filter(user=check_user)
user_perm.delete()
for perm_id in perm_list:
PermUser.assign_perm(perm_id, check_user)
check_user.save()
log_msg = om.EDIT_USER % (creator_username, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def admin_cert_list(request):
"""管理员证书列表"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
cert_name = request.POST.get('cert_name', '')
status = request.POST.get('status', '[]')
user_id = request.POST.get('user_id', '')
# cert_name = 'xz_test_0009'
# status = 1
try:
status_list = handle_list(status)
if not status_list:
status_list = [
CertConf.CERT_CONDUCT, CertConf.CERT_SUCCESS,
CertConf.CERT_FAIL, CertConf.CERT_TIMEOUT, CertConf.CERT_UPDATE
]
body = {
'status': status_list,
}
if user_id:
user_id = int_check(user_id)
if user_id is None:
msg = af.PARAME_ERROR
assert False
body['user_id'] = user_id
if cert_name:
body['cert_name'] = cert_name
api_res = APIUrl.post_link('ssl_cert_query', body)
return_code = api_res.get('return_code', 0)
if return_code != 0:
assert False
result_list = api_res.get('cert_list', [])
cert_list = []
for cert_info in result_list:
# cert_info['cert_from'] = CertConf.cert_from_name(
# cert_info['cert_from'])
#
# cert_info['status'] = CertConf.cert_status_name(
# cert_info['status'])
cert_list.append(cert_info)
result_list = sorted(cert_list,
key=lambda x: x['create_time'],
reverse=True)
check_msg, result_list, pagination = data_pagination(
request, result_list)
if check_msg:
res['msg'] = check_msg
return json_response(res)
res['cert_list'] = result_list
res['page_info'] = pagination
status = True
except Exception as e:
print(e)
res['msg'] = _(msg)
res['status'] = status
print(res)
return json_response(res)
def client_cdn_edit_domain(request):
"""
客户端修改cdn域名
"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
user = request.user
domain = request.POST.get('domain', '')
cert_name = request.POST.get('cert_name', '')
src_type = request.POST.get('src_type', '')
src_value = request.POST.get('src_value', '')
src_host = request.POST.get('src_host', '')
src_back_type = request.POST.get('src_back_type', '')
src_back_value = request.POST.get('src_back_value', '')
ignore_cache_control = request.POST.get('ignore_cache_control', '0')
ignore_query_string = request.POST.get('ignore_query_string', '0')
cache_rule = request.POST.get('cache_rule', '[]')
try:
cache_rule = json.loads(cache_rule)
if src_back_value and not src_back_type:
msg = af.SRC_BACK_TYPE_EMPTY
assert False
check_domain = Domain.objects.filter(domain=domain).first()
if not check_domain:
assert False
msg = af.DOMAIN_NOT_EXIST
src_ips = []
src_domain = ''
if src_type == CDNConf.SRC_IP:
src_ips = src_value.split('\n')
elif src_type == CDNConf.SRC_DOMAIN:
src_domain = src_value
if not src_host:
src_host = domain
src_back_ips = []
src_back_domain = ''
if src_back_type == CDNConf.SRC_BACK_IP:
src_back_ips = src_back_value.split('\n')
elif src_back_type == CDNConf.SRC_BACK_DOMAIN:
src_back_domain = src_back_value
body = {
'user_id': user.id,
'domain': domain,
'cert_name': cert_name,
'src_type': src_type,
'src_ips': src_ips,
'src_domain': src_domain,
'src_host': src_host,
'src_back_type': src_back_type,
'src_back_ips': src_back_ips,
'src_back_domain': src_back_domain,
'ignore_cache_control': ignore_cache_control,
'ignore_query_string': ignore_query_string,
'cache_rule': cache_rule,
}
print(body)
api_res = APIUrl.post_link('cdn_domain_edit', body)
print(api_res)
return_code = api_res.get('return_code', 0)
if return_code != 0:
assert False
status = True
log_msg = om.EDIT_CDN_DOMAIN % (user.username, user.username, domain)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
except Exception as e:
print(e)
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_create_sec_domain(request):
"""管理员添加安全域名"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
channel_info_list = request.POST.getlist('channel_info_list', [])
user_id = request.POST.get('user_id', '')
channel_info_list = json.loads(channel_info_list[0])
try:
user_id = int_check(user_id)
if user_id is None:
msg = af.USER_NOT_EXIST
assert False
user = UserProfile.objects.filter(id=user_id).first()
domain_info_list = []
for channel_info in channel_info_list:
channel_name = channel_info.get('channel_name', '')
url_info = urlparse(channel_name)
domain = url_info.netloc
protocol = url_info.scheme
domain_info = {
'domain': domain,
'protocol': protocol,
'user_id': user_id,
}
domain_info_list.append(domain_info)
body = {
'domain_info_list': domain_info_list
}
api_res = APIUrl.post_link('domain_create', body)
api_res = api_res.get('result_list', False)
if api_res:
for i in api_res:
domain = i.get('domain', '')
protocol = i.get('protocol', '')
insert_flag = i.get('insert_flag', '')
if insert_flag:
domain_obj, _ = Domain.objects.get_or_create(
domain=domain, protocol=protocol, user=user)
domain_obj.save()
url = '%s://%s' % (protocol, domain)
log_msg = om.CREATE_SECURITY_DOMAIN % (user.username, url)
OperateLog.write_operate_log(
request, om.SECURITY, log_msg)
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def login(request):
"""用户登录"""
res = {
'status': False,
'msg': '',
'menus': []
}
username = request.POST.get('username', '')
password = request.POST.get('password', '')
pl = request.POST.get('pl', '0')
pl = int(pl)
key = request.POST.get('csrfmiddlewaretoken', '')[:16]
vi = request.POST.get('csrfmiddlewaretoken', '')[-16:]
error_msg = ''
status = False
url = ''
try:
if not username:
error_msg = af.USERNAME_EMPTY
assert False
if not password:
error_msg = af.PASSWORD_EMPTY
assert False
dec_password = decrypt_to(password, key, vi)
password = dec_password[:pl]
user = UserProfile.objects.filter(username=username).first()
if user:
user = authenticate(username=username, password=password)
if not user:
error_msg = af.USER_ERROR
assert False
if not user.is_active:
error_msg = af.USER_NOT_ACTIVE
assert False
if user.reset_password:
redirect_url = '/base/reset_password/page/'
return HttpResponseRedirect(redirect_url)
auth_login(request, user)
OperateLog.write_operate_log(
request, om.ACCOUNTS, om.LOGIN_SYSTEM)
menus, perm_user = get_menu_tree(user)
res['menus'] = menus
res['perm_user'] = perm_user
status = True
else:
assert False
error_msg = af.USER_ERROR
except AssertionError:
res['msg'] = _(error_msg)
res['status'] = status
res['url'] = url
print(res)
return json_response(res)
def admin_cdn_user_list(request):
"""cdn用户列表"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
id_or_username = request.POST.get('id_or_username', '')
cms_username = request.POST.get('cms_username', '')
cdn_product = Product.objects.filter(code='CDN').first()
try:
body = {
'username_list': [],
'cms_username': '',
'return_type': 'is_list',
}
user_query = cdn_product.user_product.all()
if id_or_username:
check_res = int_check(id_or_username)
if check_res is None:
user_query = user_query.filter(username=id_or_username)
else:
user_query = user_query.filter(id=check_res)
cms_user_list = []
if user_query:
body['username_list'] = [user.username for user in user_query]
if cms_username:
body['cms_username'] = cms_username
api_res = APIUrl.post_link('user_query', body)
api_user_query = api_res.get('user_query', {})
print(1111111, api_user_query)
for i in api_user_query:
username = i.get('username', '')
user_id = i.get('user_id', 0)
cms_username = i.get('cms_username', '')
cdn_opt = i.get('cdn_opt', [])
user_info = {
'user_id': user_id,
'username': username,
'cms_username': cms_username,
'cdn_opt': cdn_opt
}
cms_user_list.append(user_info)
cms_user_list = sorted(cms_user_list,
key=lambda x: x['user_id'],
reverse=True)
check_msg, cdn_user_list, pagination = data_pagination(
request, cms_user_list)
if check_msg:
res['msg'] = check_msg
return json_response(res)
res['cdn_user_list'] = cdn_user_list
res['page_info'] = pagination
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_cdn_status_code_data(request):
"""管理员查看状态码统计数据"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
start_time = request.POST.get('start_time', 0)
end_time = request.POST.get('end_time', 0)
user_id = request.POST.get('user_id', '')
domain_ids = request.POST.get('domain_list', '[]')
opts = request.POST.get('opts', '[]')
all_status_code = [] # 全部状态码数据
all_trend_result = []
status_code_table = []
trend_table = []
try:
user_id = int_check(user_id)
if user_id is None:
msg = af.PARAME_ERROR
assert False
msg, start_time, end_time = handle_req_time(start_time, end_time)
if msg:
assert False
domain_ids = handle_list(domain_ids, dec_int=True)
if domain_ids:
opts = handle_list(opts)
domain_query = Domain.objects.filter(id__in=domain_ids)
domain_list = [i.domain for i in domain_query]
(all_status_code, opt_status_code, all_trend_result,
all_trend_data,
opt_trend_data) = get_domain_status_code(user_id, domain_list,
start_time, end_time,
opts)
all_opt_status_code = copy.deepcopy(all_status_code)
all_opt_status_code['opt'] = 'all'
status_code_table.append(all_opt_status_code)
for opt in opt_status_code:
opt_data = copy.deepcopy(opt_status_code[opt])
opt_data['opt'] = opt
status_code_table.append(opt_data)
opt_ratio_data = {}
for code in opt_status_code[opt]:
opt_num = opt_status_code[opt][code]
base_num = all_status_code.get(code, 0)
opt_ratio = '%.4f' % (opt_num / base_num *
100 if base_num else 0)
opt_ratio_data[code] = opt_ratio
opt_ratio_data['opt'] = opt
status_code_table.append(opt_ratio_data)
trend_table = []
all_opt_trend_data = copy.deepcopy(all_trend_data)
all_opt_trend_data['opt'] = 'all'
trend_table.append(all_opt_trend_data)
for opt in opt_trend_data:
opt_data = copy.deepcopy(opt_trend_data[opt])
opt_data['opt'] = opt
trend_table.append(opt_data)
opt_ratio_data = {}
for code in opt_trend_data[opt]:
opt_num = opt_trend_data[opt][code]
base_num = all_trend_data.get(code, 0)
opt_ratio = '%.4f' % (opt_num / base_num *
100 if base_num else 0)
opt_ratio_data[code] = opt_ratio
opt_ratio_data['opt'] = opt
trend_table.append(opt_ratio_data)
status = True
except Exception as e:
print(e)
res['msg'] = _(msg)
res['all_status_code'] = all_status_code
res['status_code_table'] = status_code_table
res['all_trend_result'] = all_trend_result
res['trend_table'] = trend_table
res['status'] = status
return json_response(res)
def admin_cdn_user_set_conf(request):
"""管理员设置cdn用户基本配置"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
user = request.user
user_id = request.POST.get('user_id', '')
opt = request.POST.get('opt', '["CC"]')
cc_cms_template_type = request.POST.get('cc_cms_template', '')
cc_icp_check = request.POST.get('cc_icp_check', "0")
base_cname = request.POST.get('base_cname', CDNConf.BASE_CNAME)
# user_id = 93
# cc_cms_template_type = 2
# cc_icp_check = True
# opt = ['CC']
# base_cname = '.ns.xgslb.com'
try:
opt = json.loads(opt)
user_id = int_check(user_id)
if user_id is None:
assert False
msg = af.PARAME_ERROR
cc_icp_check = int_check(cc_icp_check)
if cc_icp_check is None:
assert False
msg = af.PARAME_ERROR
cc_cms_template_type = int_check(cc_cms_template_type)
if cc_cms_template_type is None:
assert False
msg = af.PARAME_ERROR
edit_user = UserProfile.objects.filter(id=user_id).first()
if not edit_user:
assert False
msg = af.USER_NOT_EXIST
fields = {
'cc_cms_template_type': cc_cms_template_type,
'cc_icp_check': cc_icp_check,
'cdn_opt': opt,
'base_cname': base_cname
}
body = {
'user_id': edit_user.id,
'username': edit_user.username,
'fields': fields,
}
res = APIUrl.post_link('update_user', body)
return_code = res.get('return_code', 0)
if return_code != 0:
assert False
status = True
log_msg = om.SET_CDN_BASE_CONF % (user.username, edit_user.username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
except Exception as e:
print(e)
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def create_child_user(request):
"""创建子账号号用户"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
password = request.POST.get('password', '')
is_api = request.POST.get('is_api', 0)
reset_password = request.POST.get('reset_password', 0)
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
remark = request.POST.get('remark', '')
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username)
if check_user:
msg = af.USER_EXIST
assert False
if not password:
msg = af.PASSWORD_EMPTY
assert False
is_api = int_check(is_api)
if is_api is None:
msg = af.PARAM_ERROR
assert False
reset_password = int_check(reset_password)
if reset_password is None:
msg = af.PARAM_ERROR
assert False
except AssertionError:
res['msg'] = msg
return json_response(res)
if is_api:
print('给api通信')
identity = 'is_child'
group = Group.objects.filter(id=GroupProfile.CUSTOMER_CHILD_ID)
creator_username = request.user.username
param = {
'username': username,
'password': password,
'group': group,
'identity': identity,
'email': email,
'mobile': mobile,
'remark': remark,
'reset_password': True if reset_password else False,
'creator_username': creator_username
}
user = create_user(**param)
if not user:
res['msg'] = af.PARAM_ERROR
return json_response(res)
log_msg = om.CREATE_USER % (creator_username, identity, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def login(request):
"""用户登录`
优先校验本地mysql
本地没有用户校验ldap系统
"""
res = {'status': False, 'msg': '', 'menus': []}
username = request.POST.get('username', '')
password = request.POST.get('password', '')
pl = request.POST.get('pl', '0')
pl = int(pl)
key = request.POST.get('csrfmiddlewaretoken', '')[:16]
vi = request.POST.get('csrfmiddlewaretoken', '')[-16:]
error_msg = ''
status = False
try:
if not username:
error_msg = af.USERNAME_EMPTY
assert False
if not password:
error_msg = af.PASSWORD_EMPTY
assert False
dec_password = decrypt_to(password, key, vi)
password = dec_password[:pl]
user = UserProfile.objects.filter(username=username).first()
if user:
# cc 用户ldap登录
if user.is_staff:
login_flag, msg = authorize(username, password)
if not login_flag:
error_msg = af.USER_ERROR
assert False
user.set_password(password)
user.save()
user = authenticate(username=username, password=password)
auth_login(request, user)
OperateLog.write_operate_log(request, om.ACCOUNTS,
om.LOGIN_LDAP_SYSTEM)
# 系统内置账号登录
else:
user = authenticate(username=username, password=password)
if user:
if not user.is_active:
error_msg = af.USER_NOT_ACTIVE
assert False
auth_login(request, user)
OperateLog.write_operate_log(request, om.ACCOUNTS,
om.LOGIN_SYSTEM)
menus = get_menu_tree(user)
res['menus'] = menus
status = True
else:
assert False
error_msg = af.USER_ERROR
except AssertionError:
res['msg'] = error_msg
res['status'] = status
return json_response(res)
def admin_upload_waf_cert(request):
"""管理员上传证书"""
msg = ''
status = False
provider = 'QINGSONG'
res = {
'status': status,
'msg': msg
}
domain_id = request.POST.get('domain_id', '')
name = request.POST.get('name', '')
key = request.POST.get('csrfmiddlewaretoken', '')[:16]
vi = request.POST.get('csrfmiddlewaretoken', '')[-16:]
cert_value = request.POST.get('cert_value', '')
dec_cert_value = decrypt_to(cert_value, key, vi)
cert_pl = request.POST.get('cert_pl', '0')
key_value = request.POST.get('key_value', '')
dec_key_value = decrypt_to(key_value, key, vi)
key_pl = request.POST.get('key_pl', '0')
try:
if not name:
msg = af.CERT_NAME_EMPTY
assert False
cert_pl = int_check(cert_pl)
if cert_pl is None:
msg = af.PARAME_ERROR
assert False
key_pl = int_check(key_pl)
if key_pl is None:
msg = af.PARAME_ERROR
assert False
cert_value = dec_cert_value[:cert_pl]
key_value = dec_key_value[:key_pl]
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
domain = domain_obj.domain
channel = '%s://%s' % (domain_obj.protocol, domain)
body = {
'channel': channel,
'name': name,
'cert': cert_value,
'key': key_value
}
api_res = APIUrl.post_link('waf_cert_upload', body)
msg = api_res[provider]['message']
if api_res[provider]['return_code'] == 0:
status = True
cert_id = api_res[provider].get('data', {}).get('cert_id', '')
res['cert_id'] = cert_id
log_msg = om.UPLOAD_WAF_CERT % (request.user.username, name)
OperateLog.write_operate_log(
request, om.SECURITY, log_msg)
res['msg'] = _(msg)
except Exception as e:
print(traceback.format_exc())
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_get_sec_domain_list(request):
"""管理员查看安全域名"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
id_or_username = request.POST.get('id_or_username', '')
cms_username = request.POST.get('cms_username', '')
domain = request.POST.get('domain', '')
try:
body = {
'username_list': [],
'cms_username': '',
'return_type': 'is_dict'
}
sec_product = Product.objects.filter(code='SECURITY').first()
user_query = sec_product.user_product.all()
if id_or_username:
check_res = int_check(id_or_username)
if check_res is None:
user_query = user_query.filter(username=id_or_username)
else:
user_query = user_query.filter(id=check_res)
if user_query:
body['username_list'] = [user.username for user in user_query]
if cms_username:
body['cms_username'] = cms_username
user_ids = []
api_res = APIUrl.post_link('user_query', body)
user_info_list = api_res.get('user_query', {})
if user_info_list:
user_ids = [
user_info_list[i]['user_id'] for i in user_info_list]
domain_query = Domain.objects.filter(user_id__in=user_ids)
if domain:
if domain.startswith('http'):
protocol, record, domain = parseProtocolRecordDomain(domain)
domain = f'{record}.{domain}'
domain_query = Domain.objects.filter(domain__contains=domain)
domain_query = domain_query.order_by('-id')
domain_name_list = []
if domain_query:
domain_name_list = [i.domain for i in domain_query]
body = {
'domain_list': domain_name_list
}
api_res = APIUrl.post_link('domain_query', body)
api_domain_query = api_res.get('domain_query', [])
domain_dict_list = []
for domain_obj in domain_query:
url = '%s://%s' % (domain_obj.protocol, domain_obj.domain)
if url not in api_domain_query:
continue
domain_info = api_domain_query.get(url, {})
user_id = domain_info.get('user_id')
user = UserProfile.objects.filter(id=user_id).first()
username = user.username
cms_username = ''
if username in user_info_list:
cms_username = user_info_list.get(
username, {}).get('cms_username', '')
# waf 服务判断
is_waf = 0
strategy_waf = domain_info.get('waf', [])
if strategy_waf:
is_waf = 1
domain_dict = {
'user_id': user_id,
'username': username,
'WAF': is_waf,
'domain_id': domain_obj.id,
'channel_name': url,
'cms_username': cms_username
}
if is_waf:
#---get domain status info.
'''
0:显示“开通waf”
1:显示“待审核”
2:显示“审核不通过”
3:显示“配置”+“统计”
'''
status_from_api = APIUrl.post_link('get_domain_status', {'channel': url})
if status_from_api['return_code'] == 0:
channel_status = status_from_api['data'].get('status', 0)
domain_dict['WAF'] = channel_status
else:
print(f'admin_get_sec_domain_list[get_domain_status api error.] channel: {url}')
domain_dict_list.append(domain_dict)
check_msg, domain_dict_list, pagination = data_pagination(
request, domain_dict_list)
if check_msg:
res['msg'] = _(check_msg)
return json_response(res)
res['domain_list'] = domain_dict_list
res['page_info'] = pagination
status = True
except Exception:
print(traceback.format_exc())
res['status'] = status
return json_response(res)
def admin_domain_waf_set_cdn(request):
"""管理员设置cdn"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
domain_id = request.POST.get('domain_id', '')
switch = request.POST.get('switch', '')
confirm_cdn_preload = request.POST.get('confirm_cdn_preload', 0)
confirm_cdn_http_layered = request.POST.get('confirm_cdn_http_layered', 0)
confirm_cdn_https_layered = request.POST.get('confirm_cdn_https_layered', 0)
# domain_id = 8
# switch = 0
# confirm_cdn_preload = 1
# confirm_cdn_http_layered = 1
# confirm_cdn_https_layered = 1
try:
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
domain = domain_obj.domain
switch = int_check(switch)
if switch is None:
msg = af.PARAME_ERROR
assert False
confirm_cdn_preload = int_check(confirm_cdn_preload)
if confirm_cdn_preload is None:
msg = af.PARAME_ERROR
assert False
confirm_cdn_http_layered = int_check(confirm_cdn_http_layered)
if confirm_cdn_http_layered is None:
msg = af.PARAME_ERROR
assert False
confirm_cdn_https_layered = int_check(confirm_cdn_https_layered)
if confirm_cdn_https_layered is None:
msg = af.PARAME_ERROR
assert False
body = {
'domain': domain,
'switch': switch,
'confirm_cdn_preload': True if confirm_cdn_preload else False,
'confirm_cdn_http_layered': True if confirm_cdn_http_layered
else False,
'confirm_cdn_https_layered': True if confirm_cdn_https_layered
else False,
}
api_res = APIUrl.post_link('domain_waf_set_cdn', body)
if api_res['return_code'] == 0:
status = True
switch_name = '开启' if switch else '关闭'
log_msg = om.SET_WAF_CDN_STATUS % (
request.user.username, domain, switch_name)
OperateLog.write_operate_log(
request, om.SECURITY, log_msg)
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_sec_user_list(request):
"""安全用户列表"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
id_or_username = request.POST.get('id_or_username', '')
cms_username = request.POST.get('cms_username', '')
sec_product = Product.objects.filter(code='SECURITY').first()
try:
body = {
'username_list': [],
'cms_username': '',
'return_type': 'is_list',
}
user_query = sec_product.user_product.all()
if id_or_username:
check_res = int_check(id_or_username)
if check_res is None:
user_query = user_query.filter(username=id_or_username)
else:
user_query = user_query.filter(id=check_res)
body['username_list'] = [user.username for user in user_query]
if cms_username:
body['cms_username'] = cms_username
api_res = APIUrl.post_link('user_query', body)
api_user_query = api_res.get('user_query', {})
cms_user_list = []
for i in api_user_query:
username = i.get('username', '')
user_id = i.get('user_id', 0)
cms_username = i.get('cms_username', '')
if not cms_username:
continue
user = user_query.filter(id=user_id).first()
if not user:
continue
domain_num = Domain.objects.filter(user=user).count()
user_info = {
'user_id': user_id,
'username': username,
'cms_username': cms_username,
'domain_num': domain_num
}
cms_user_list.append(user_info)
cms_user_list = sorted(
cms_user_list, key=lambda x: x['user_id'], reverse=True)
check_msg, sec_user_list, pagination = data_pagination(
request, cms_user_list)
if check_msg:
res['msg'] = check_msg
return json_response(res)
res['sec_user_list'] = sec_user_list
res['page_info'] = pagination
status = True
except AssertionError:
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_cert_create_or_edit(request):
"""管理员证书上传与修改"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
cert_name = request.POST.get('cert_name', '')
username = request.POST.get('username', '')
remark = request.POST.get('remark', '')
email = request.POST.get('email', '')
cert_from = request.POST.get('cert_from', 0)
period = request.POST.get('period', 0)
is_update = request.POST.get('is_update', 0)
key = request.POST.get('csrfmiddlewaretoken', '')[:16]
vi = request.POST.get('csrfmiddlewaretoken', '')[-16:]
cert_value = request.POST.get('cert_value', '')
dec_cert_value = decrypt_to(cert_value, key, vi)
cert_pl = request.POST.get('cert_pl', '0')
key_value = request.POST.get('key_value', '')
dec_key_value = decrypt_to(key_value, key, vi)
key_pl = request.POST.get('key_pl', '0')
# cert_name = 'xz_test_0009'
# username = '******'
# remark = '备注备注'
# email = '*****@*****.**'
# cert_value = '--------字符串省略'
# key_value = '--------字符串省略'
# cert_from = 0
# period = 0
# is_update = 0
try:
if not cert_name:
msg = af.CERT_NAME_EMPTY
assert False
if not username:
msg = af.USER_NOT_EXIST
assert False
if not email:
msg = af.CERT_EMAIL_EMPTY
assert False
if period:
period = int_check(period)
if period is None:
msg = af.PARAME_ERROR
assert False
if cert_from:
cert_from = int_check(cert_from)
if cert_from is None:
msg = af.PARAME_ERROR
assert False
if is_update:
is_update = int_check(is_update)
if is_update is None:
msg = af.PARAME_ERROR
assert False
if not cert_value or not cert_value:
msg = af.CERT_VALUE_OR_KEY_EMPTY
assert False
cert_pl = int_check(cert_pl)
if cert_pl is None:
msg = af.PARAME_ERROR
assert False
key_pl = int_check(key_pl)
if key_pl is None:
msg = af.PARAME_ERROR
assert False
cert_value = dec_cert_value[:cert_pl]
key_value = dec_key_value[:key_pl]
body = {
'cert_name': cert_name,
'username': username,
'remark': remark,
'email': email,
'cert_value': cert_value,
'key_value': key_value,
'cert_from': cert_from,
'period': period,
'is_update': is_update,
'opt_username': request.user.username
}
api_res = APIUrl.post_link('ssl_cert_create_or_edit', body)
print(111111111111, api_res)
return_code = api_res.get('return_code', 0)
if return_code != 0:
res['msg'] = api_res.get('err_msg', '')
assert False
status = True
except Exception as e:
print(e)
res['msg'] = _(msg)
res['status'] = status
return json_response(res)
def admin_check_domain_waf_status(request):
"""管理员检查安全域名在青松状态"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
provider = 'QINGSONG'
domain_id = request.POST.get('domain_id', '')
try:
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
body = {
'channel': '%s://%s' % (domain_obj.protocol, domain_obj.domain),
'provider': provider
}
api_res = APIUrl.post_link('check_waf_status', body)
message = api_res[provider].get('message', 'success')
msg = '' if message == 'success' else message
print(api_res)
if api_res[provider].get('return_code', 1) == 0:
check_status = api_res[provider]['status']
waf_switch = 0
check_result = ''
status_msg = ''
if check_status == 0:
check_result = 'is_binding'
waf_switch = 1
elif check_status == 1:
check_result = 'is_binding'
elif check_status == 2:
check_result = 'is_create'
elif check_status == 3:
status_msg = _(sf.DOMAIN_WAIT_AUDIT)
check_result = 'is_auditing'
msg = status_msg
elif check_status == 4:
status_msg = _(sf.DOMAIN_AUDIT_FAILED)
check_result = 'is_audit_failed'
msg = status_msg
else:
status_msg = _(sf.DOMAIN_CHECK_FAILED)
check_result = 'is_check_failed'
msg = status_msg
res['check_result'] = check_result
res['waf_switch'] = waf_switch
res['status_msg'] = status_msg
res['msg'] = msg
status = True
elif api_res[provider].get('return_code', 1) == -1:
msg = sf.WAF_TOKEN_EMPTY
assert False
except Exception as e:
print(e)
res['msg'] = _(msg)
res['msg'] = msg
res['status'] = status
print(res)
return json_response(res)
def parent_get_sec_domain_list(request):
msg = ''
status = False
res = {'status': status, 'msg': msg}
url = request.POST.get('domain', '')
url_info = urlparse(url)
protocol = url_info.scheme
netloc = url_info.netloc
path = url_info.path
try:
user = request.user
domain_query = Domain.objects.filter(user=user)
if url:
if protocol and netloc:
domain_query = domain_query.filter(protocol=protocol,
domain=netloc)
else:
domain_query = domain_query.filter(domain__contains=path)
domain_name_list = [i.domain for i in domain_query]
body = {'domain_list': domain_name_list}
api_res = APIUrl.post_link('domain_query', body)
api_domain_query = api_res.get('domain_query', [])
domain_dict_list = []
for domain_obj in domain_query:
url = '%s://%s' % (domain_obj.protocol, domain_obj.domain)
if url not in api_domain_query:
continue
domain_info = api_domain_query.get(url, {})
user_id = domain_info.get('user_id')
user = UserProfile.objects.filter(id=user_id).first()
# waf标记
is_waf = 0
waf_info = domain_info.get('waf', [])
if waf_info:
is_waf = 1
domain_dict = {
'username': user.username,
'WAF': is_waf,
'domain_id': domain_obj.id,
'channel_name': url
}
if is_waf:
#---get domain status info.
'''
0:显示“开通waf”
1:显示“待审核”
2:显示“审核不通过”
3:显示“配置”+“统计”
'''
status_from_api = APIUrl.post_link('get_domain_status',
{'channel': url})
if status_from_api['return_code'] == 0:
channel_status = status_from_api['data'].get('status', 0)
domain_dict['WAF'] = channel_status
else:
print(
f'parent_get_sec_domain_list[get_domain_status api error.] channel: {url}'
)
domain_dict_list.append(domain_dict)
check_msg, domain_dict_list, pagination = data_pagination(
request, domain_dict_list)
if check_msg:
res['msg'] = _(check_msg)
return json_response(res)
res['domain_list'] = domain_dict_list
res['page_info'] = pagination
status = True
except Exception as e:
res['msg'] = e
res['status'] = status
return json_response(res)
def admin_domain_waf_binding(request):
"""管理员绑定waf域名"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
provider = 'QINGSONG'
domain_id = request.POST.get('domain_id', '')
access_type = request.POST.get('access_type', '2')
short_name = request.POST.get('short_name', '')
# domain_id = 8
# short_name = 'GZ'
try:
if short_name not in sf.ACCESS_POINT_CONF:
msg = af.PARAME_ERROR
assert False
access_point = sf.ACCESS_POINT_CONF[short_name]['name']
access_point_cname = sf.ACCESS_POINT_CONF[short_name]['cname']
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
domain = domain_obj.domain
body = {
'provider': provider,
'domain': domain,
'access_type': access_type,
'access_point': access_point,
'access_point_cname': access_point_cname,
'confirm_cdn_preload': True,
'confirm_cdn_http_layered': True,
'confirm_cdn_https_layered': True,
'short_name': short_name
}
api_res = APIUrl.post_link('waf_binding', body)
message = api_res.get('message', 'success')
msg = '' if message == 'success' else message
if api_res['return_code'] == 0:
res['status'] = ''
status = True
log_msg = om.BINDING_WAF_DOMAIN % (request.user.username, domain)
OperateLog.write_operate_log(
request, om.SECURITY, log_msg)
except AssertionError:
res['msg'] = _(msg)
res['msg'] = msg
res['status'] = status
return json_response(res)
def client_cdn_status_code_data(request):
"""客户端查看状态码统计数据"""
import time
start = time.time()
msg = ''
status = False
res = {'status': status, 'msg': msg}
user = request.user
start_time = request.POST.get('start_time', 0)
end_time = request.POST.get('end_time', 0)
domain_ids = request.POST.get('domain_list', '[]')
base_code = CDNConf.STATUS_CODE
all_status_code = [] # 全部状态码数据
status_code_table = [] # 状态码表格数据
all_trend_result = []
trend_table_data = []
try:
msg, start_time, end_time = handle_req_time(start_time, end_time)
if msg:
assert False
domain_ids = handle_list(domain_ids, dec_int=True)
if domain_ids:
domain_query = Domain.objects.filter(id__in=domain_ids)
else:
domain_query = Domain.objects.filter(user=user)
domain_list = [i.domain for i in domain_query]
if domain_list:
(all_status_code, __, all_trend_result, all_trend_data,
__) = get_domain_status_code(user.id, domain_list, start_time,
end_time, [])
sum_req = 0
for code in all_status_code:
sum_req += all_status_code[code]
for code in base_code:
num = all_status_code[code]
ratio = (num / sum_req) * 100 if sum_req else 0
code_dict = {'code': code, 'num': num, 'ratio': '%.4f' % ratio}
status_code_table.append(code_dict)
trend_key = list(all_trend_data.keys())
trend_key.sort()
sum_cnt = 0
for i in all_trend_data:
sum_cnt += all_trend_data[i]
for key in trend_key:
code_cnt = all_trend_data[key]
ratio = code_cnt / sum_cnt * 100 if sum_cnt else 0
temp_dict = {
'code': key,
'count': code_cnt,
'ratio': '%.4f' % ratio
}
trend_table_data.append(temp_dict)
status = True
except Exception as e:
print(e)
res['msg'] = _(msg)
print(444444444, time.time() - start)
res['all_status_code'] = all_status_code
res['status_code_table'] = status_code_table
res['all_trend_result'] = all_trend_result
res['all_trend_data'] = trend_table_data
res['status'] = status
return json_response(res)
def admin_domain_waf_create(request):
"""管理员创建waf域名"""
msg = ''
status = False
res = {
'status': status,
'msg': msg
}
provider = 'QINGSONG'
domain_id = request.POST.get('domain_id', '')
access_type = request.POST.get('access_type', '2')
short_name = request.POST.get('short_name', '')
src_type = request.POST.get('src_type', '2')
src_address = request.POST.get('src_address', '')
src_port = request.POST.get('src_port', '')
src_host = request.POST.get('src_host', '')
ssl_status = request.POST.get('ssl_status', False)
cert_id = request.POST.get('cert_id', '')
default_waf_mode = request.POST.get('default_waf_mode', '')
self_waf_mode = request.POST.get('self_waf_mode', '')
# domain_id = 8
# short_name = 'GZ'
print(f'admin_domain_waf_create request.POST: {request.POST}')
try:
if short_name not in sf.ACCESS_POINT_CONF:
msg = af.PARAME_ERROR
assert False
access_point = sf.ACCESS_POINT_CONF[short_name]['name']
access_point_cname = sf.ACCESS_POINT_CONF[short_name]['cname']
domain_obj = Domain.objects.filter(id=domain_id).first()
if not domain_obj:
msg = af.DOMAIN_NOT_EXIST
assert False
domain = domain_obj.domain
body = {
'channel': f'{domain_obj.protocol}://{domain}',
'provider': provider,
'domain': domain,
'short_name': short_name,
'access_type': access_type,
'access_point': access_point,
'access_point_cname': access_point_cname,
'src_type': src_type,
'src_address': src_address,
'src_port': src_port,
'ssl_status': ssl_status,
'cert_id': cert_id,
'default_waf_mode': default_waf_mode,
'self_waf_mode': self_waf_mode,
# 'confirm_cdn_preload': True,
# 'confirm_cdn_http_layered': True,
# 'confirm_cdn_https_layered': True,
}
api_res = APIUrl.post_link('waf_create', body)
message = api_res['message']
msg = '' if message == 'success' else message
if api_res['return_code'] == 0:
res['status'] = ''
status = api_res['status']
log_msg = om.CREATE_WAF_DOMAIN % (request.user.username, domain)
OperateLog.write_operate_log(
request, om.SECURITY, log_msg)
except AssertionError:
res['msg'] = _(msg)
res['msg'] = msg
res['status'] = status
print(f'\n---res---\n{res}')
return json_response(res)
def admin_create_parent_user(request):
"""创建父账号用户"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
password = request.POST.get('password', '')
company = request.POST.get('company', '')
linkman = request.POST.get('linkman', '')
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
is_api = request.POST.get('is_api', '')
is_active = request.POST.get('is_active', '1')
perm_list = request.POST.getlist('perm[]', [])
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username)
if check_user:
msg = af.USER_EXIST
assert False
if not password:
msg = af.PASSWORD_EMPTY
assert False
if not company:
msg = af.COMPANY_EMPTY
assert False
is_api = int(is_api)
if is_api is None:
msg = af.PARAM_ERROR
assert False
is_active = int_check(is_active)
if is_active is None:
msg = af.PARAM_ERROR
assert False
except AssertionError:
res['msg'] = _(msg)
return json_response(res)
identity = 'is_parent'
group = Group.objects.filter(id=GroupProfile.CUSTOMER_ID).first()
creator_username = request.user.username
param = {
'username': username,
'password': password,
'group': group,
'identity': identity,
'company': company,
'linkman': linkman,
'email': email,
'mobile': mobile,
'creator_username': creator_username,
'is_api': True if is_api else False
}
user = create_user(**param)
if not user:
res['msg'] = _(af.PARAM_ERROR)
return json_response(res)
if not is_active:
user.is_active = False
user.save()
for perm_code in perm_list:
PermUser.assign_perm(perm_code, user)
if perm_code == 'client_cdn_menu':
cdn_product = Product.objects.filter(code='CDN').first()
cdn_strategy = Strategy.get_obj_from_property('CC', 'CDN', 'CDN')
user.product_list.add(cdn_product)
user.strategy_list.add(cdn_strategy)
user.save()
# elif perm_code == 'client_security_menu':
# sec_product = Product.objects.filter(code='SECURITY').first()
# sec_strategy = Strategy.get_obj_from_property(
# 'QINGSONG', 'SECURITY', 'WAF')
# user.product_list.add(sec_product)
# user.strategy_list.add(sec_strategy)
# user.save()
log_msg = om.CREATE_USER % (creator_username, identity, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
def create_parent_user(request):
"""创建父账号用户"""
msg = ''
status = False
res = {'status': status, 'msg': msg}
username = request.POST.get('username', '')
password = request.POST.get('password', '')
company = request.POST.get('company', '')
user_type = request.POST.get('user_type', '')
linkman = request.POST.get('linkman', '')
email = request.POST.get('email', '')
mobile = request.POST.get('mobile', '')
perm_list = request.POST.getlist('perm[]', '')
try:
if not username:
msg = af.USERNAME_EMPTY
assert False
check_user = UserProfile.objects.filter(username=username)
if check_user:
msg = af.USER_EXIST
assert False
if not password:
msg = af.PASSWORD_EMPTY
assert False
if not company:
msg = af.COMPANY_EMPTY
assert False
except AssertionError:
res['msg'] = msg
return json_response(res)
identity = user_type
group = Group.objects.filter(id=GroupProfile.CUSTOMER_ID)
creator_username = request.user.username
param = {
'username': username,
'password': password,
'group': group,
'identity': identity,
'company': company,
'linkman': linkman,
'email': email,
'mobile': mobile,
'creator_username': creator_username
}
user = create_user(**param)
if not user:
res['msg'] = af.PARAM_ERROR
return json_response(res)
if perm_list:
for perm_id in perm_list:
PermUser.assign_perm(perm_id, user)
log_msg = om.CREATE_USER % (creator_username, identity, username)
OperateLog.write_operate_log(request, om.ACCOUNTS, log_msg)
status = True
res['status'] = status
return json_response(res)
