def send_verify_mail():
user_id = login_user.get('user_id')
record = User().find_by_id(user_id)
if not record:
return jsonify({
'message': 'invalid user',
'code': 104033
}), 403
email = record.get('email')
token = md5(str(current_request_id))
url = config.dommain + '/users/email/verify?token=' + token
message = '[Eclogue]Please click url to verify your email:<a href="{}">{}</a>'.format(url, url)
smtp = SMTP()
smtp.send(message, email, subtype='html')
data = {
'user_id': user_id,
'token': token,
'created_at': time.time(),
'email': email,
'content': message,
}
db.collection('mail_verify').insert_one(data)
return jsonify({
'message': 'ok',
'code': 0
})
def delete_user(_id):
is_admin = login_user.get('is_admin')
if not is_admin:
return jsonify({
'message': 'admin required',
'code': 104033,
}), 403
record = User.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040,
}), 404
update = {
'$set': {
'status': -1,
'delete_at': time.time(),
}
}
condition = {'_id': record['_id']}
User.update_one(condition, update=update)
TeamMember.delete_one({'user_id': _id})
user_roles = UserRole.find(condition)
for item in user_roles:
where = {'_id': item['_id']}
UserRole.delete_one(where)
return jsonify({
'message': 'ok',
'code': 0,
})
def bind_role(user_id):
payload = request.get_json()
if not payload:
return jsonify({'message': 'invalid params', 'code': 104030}), 400
role_ids = payload.get('role_ids')
if not role_ids or type(role_ids) != list:
return jsonify({'message': 'invalid params', 'code': 104031}), 400
user = User()
user_info = user.find_by_id(user_id)
if not user_info:
return jsonify({'message': 'record not found', 'code': 104040}), 404
roles = Role().find_by_ids(role_ids)
if not roles:
return jsonify({'message': 'invalid param', 'code': 104031}), 400
for role in roles:
data = {
'user_id': user_id,
'role_id': str(role['_id']),
}
where = data.copy()
data['created_at'] = time.time()
data['add_by'] = login_user.get('username')
db.collection('user_roles').update_one(where, {'$set': data},
upsert=True)
return jsonify({
'message': 'ok',
'code': 0,
})
def get_profile(_id):
user = User()
record = user.find_by_id(_id)
if not record:
return jsonify({'message': 'record not found', 'code': 104040}), 404
relation = TeamUser().collection.find_one({'user_id': _id})
team = Team().find_by_id(relation.get('team_id'))
record['team'] = team
record.pop('password')
record['team'] = team
setting = db.collection('setting').find_one({})
options = {
'slack': True,
'sms': True,
'wechat': True,
'smtp': True,
}
if setting:
slack = setting.get('slack') or {}
sms = setting.get('nexmo') or {}
wechat = setting.get('wechat') or {}
smtp = setting.get('smtp') or {}
options['slack'] = bool(slack.get('enable'))
options['sms'] = bool(sms.get('enable'))
options['wechat'] = bool(wechat.get('enable'))
options['smtp'] = bool(smtp.get('enable'))
record['setting'] = options
return jsonify({
'message': 'ok',
'code': 0,
'data': record,
})
def get_user_info(_id):
user = User()
record = user.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040
}), 404
relation = TeamUser().collection.find_one({'user_id': _id})
team = Team().find_by_id(relation.get('team_id'))
record['team'] = team
record.pop('password')
permissions, roles = user.get_permissions(_id)
hosts = user.get_hosts(_id)
return jsonify({
'message': 'ok',
'code': 0,
'data': {
'user': record,
'roles': roles,
'permissions': permissions,
'hosts': hosts,
}
})
def get_claims():
try:
authorization = request.headers.get('Authorization', None)
if not authorization:
return 0
parts = authorization.split()
if len(parts) < 2 or parts[0] != 'Bearer':
return 0
token = parts[1]
claims = jws.verify(token)
url_rule = str(request.url_rule)
if config.api.get('force_check_binding'):
found = _force_check_menu_apis(url_rule)
if not found:
return -1
if claims is False:
return 0
if claims.get('is_admin'):
return claims
method = request.method.lower()
if url_rule in routes.get('Default'):
return claims
username = claims.get('username')
user_id = claims.get('user_id')
user = User()
if not user_id:
user_info = User.find_one({'username': username})
user_id = str(user_info['_id'])
menus, roles = user.get_permissions(user_id)
if not menus:
return -1
is_allow = -1
for menu in menus:
apis = menu.get('apis')
actions = menu.get('actions')
if not apis:
continue
if url_rule in apis and method in actions:
is_allow = 1
break
return claims if is_allow == 1 else is_allow
except JWTError:
return False
def get_user_token(self):
user = self.get_data('user')
User().collection.delete_one({'username': user['username']})
User().add_user(user)
user_info = {
'user_id': str(user['_id']),
'username': user['username'],
'status': 1,
'is_admin': False,
}
token = jws.encode(user_info)
return token.decode('utf-8')
def get_current_roles():
username = login_user.get('username')
is_admin = login_user.get('is_admin')
role = Role()
if is_admin:
roles = role.collection.find({})
return jsonify({
'message': 'ok',
'code': 0,
'data': list(roles),
})
user = User()
user_info = user.collection.find_one({'username': username})
where = {
'user_id': str(user_info['_id']),
}
roles = db.collection('user_roles').find(where)
roles = list(roles)
data = []
if roles:
role_ids = map(lambda i: i['role_id'], roles)
data = role.find_by_ids(list(role_ids))
return jsonify({
'message': 'ok',
'code': 0,
'data': data,
})
def verify_mail():
query = request.args
token = query.get('token')
if not query.get('token'):
return jsonify({
'message': 'invalid token',
'code': 104030
}), 403
record = db.collection('mail_verify').find_one({'token': token})
if not record:
return jsonify({
'message': 'record not found',
'code': 104040
}), 404
update = {
'$set': {
'email_status': 1
}
}
User().collection.update_one({'_id': ObjectId(record.get('user_id'))}, update=update)
return jsonify({
'message': 'ok',
'code': 0,
})
def save_alert():
payload = request.get_json()
if not payload:
return jsonify({
'message': 'invalid params',
'code': 104000
}), 400
alerts = payload.get('alerts')
alert_type = payload.get('type')
if not alerts or type(alerts) != list:
return jsonify({
'message': 'invalid param alerts',
'code': 104001
}), 400
where = {
'_id': ObjectId(login_user.get('user_id'))
}
field = 'alerts.' + alert_type
update = {
'$set': {
field: alerts
}
}
user = User()
record = user.collection.find_one(where)
user.collection.update_one(where, update=update)
logger.info('add alerts', extra={'change': update, 'record': record})
return jsonify({
'message': 'ok',
'code': 0
})
def reset_pwd():
payload = request.get_json()
if not payload:
return jsonify({
'message': 'illegal params',
'code': 104000,
}), 400
old_password = payload.get('old_pwd')
new_password = payload.get('new_pwd')
confirm = payload.get('confirm')
if not old_password or not new_password or not confirm:
return jsonify({
'message': 'miss required params',
'code': 104001
}), 400
if new_password != confirm:
return jsonify({
'message': 'inconsistent confirm password',
'code': 104002
}), 400
user = User().find_by_id(login_user.get('user_id'))
checked = check_password_hash(user.get('password'), old_password)
if not checked:
return jsonify({
'message': 'password incorrect',
'code': 104003,
}), 400
pwd = generate_password_hash(new_password)
update = {
'$set': {
'password': pwd,
}
}
User().collection.update_one({'_id': user['_id']}, update=update)
return jsonify({
'message': 'ok',
'code': 0,
})
def save_profile(_id):
payload = request.get_json()
user = User()
record = user.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040
}), 404
nickname = payload.get('nickname')
phone = payload.get('phone')
email = payload.get('email')
address = payload.get('address')
wechat = payload.get('wechat')
update = {}
if nickname:
update['nickname'] = nickname
if phone:
update['phone'] = phone
if email:
update['email'] = email
if address:
update['address'] = address
if wechat:
update['wechat'] = wechat
if update:
user.collection.update_one({'_id': record['_id']}, update={'$set': update})
return jsonify({
'message': 'ok',
'code': 0,
})
def setUp(self):
super().setUp()
base_dir = os.path.dirname(__file__)
filename = os.path.join(base_dir, 'data/dataset.yaml')
data = yaml.load(self.read_file(filename))
self.dataSet = data
admin = data['admin']
User().collection.delete_one({'username': admin['username']})
is_inserted, user_id = User().add_user(admin.copy())
admin['_id'] = user_id
self.user = admin
user_info = {
'user_id': str(admin['_id']),
'username': admin['username'],
'status': 1,
'is_admin': admin.get('is_admin', True),
}
token = jws.encode(user_info)
self.token = token.decode('utf-8')
self.jwt_headers = {
'Content-Type': 'application/json',
'Authorization': ' '.join(['Bearer', self.token])
}
def dispatch(self, user_id, msg_type, content, channel=None):
user = User().find_by_id(user_id)
if not user:
return False
alerts = user.get('alerts')
if not alerts or not alerts.get(msg_type):
return False
items = alerts.get(msg_type)
if not items:
return False
if channel and isinstance(channel, Iterable):
items = [i for i in channel if i in items]
if not items:
self.web(user_id, msg_type, content)
return True
if 'slack' in items:
self.slack(content)
if 'wechat' in items:
self.wechat(content)
if 'smtp' in items:
self.smtp(user, content)
if 'sms' in items:
self.sms(user, content)
if 'web' in items:
self.web(user_id, msg_type, content)
return True
def get_menus():
query = request.args
user_id = login_user.get('user_id')
is_admin = login_user.get('is_admin')
name = query.get('name')
route = query.get('route')
status = query.get('status')
where = {'status': {'$ne': -1}}
if name:
where['name'] = name
if route:
where['route'] = route
if status is not None and int(status) >= 0:
where['status'] = int(status)
# is_admin = False
if not is_admin:
user = User()
permissions = user.get_permissions(user_id, filter=where)
menus = permissions[0]
else:
def add_actions(item):
item['actions'] = ['get', 'post', 'delete', 'put', 'patch']
return item
if query and int(query.get('all')):
where = {'status': {'$ne': -1}}
menus = db.collection('menus').find(where).sort('id', 1)
menus = map(add_actions, menus)
return jsonify({'message': 'ok', 'code': 0, 'data': list(menus)})
def bind_user():
payload = request.get_json()
if not payload:
return jsonify({
'message': 'invalid params',
'code': 104000,
}), 400
user_id = payload.get('user_id')
roles = payload.get('roles')
if not user_id or not roles:
return jsonify({
'message': 'invalid params',
'code': 104000,
}), 400
user = User().find_by_id(user_id)
if not user:
return jsonify({
'message': 'invalid user',
'code': 104001,
}), 400
where = {'_id': {'$in': roles}}
role_records = db.collection('roles').find(where)
roles = map(lambda i: str(i['_id']), role_records)
roles = list(roles)
if not roles:
return jsonify({
'message': 'invalid roles',
'code': 104003,
}), 400
data = {
'user_id': user['_id'],
'roles': roles,
'add_by': login_user.get('username'),
'created_at': time.time()
}
db.collection('user_roles').insert_one(data)
return jsonify({
'message': 'ok',
'code': 0,
})
def get_team_tree():
is_admin = login_user.get('is_admin')
username = login_user.get('username')
where = {}
if not is_admin:
where = {'master': {'$in': [username]}}
teams = db.collection('teams').find(where)
teams = list(teams)
tree = []
for team in teams:
item = {
'title': team['name'],
'key': team['_id'],
'team': team.get('name'),
}
relations = db.collection('team_members').find(
{'team_id': str(team['_id'])})
relations = list(relations)
if not relations:
tree.append(item)
continue
user_ids = map(lambda i: i['user_id'], relations)
user_ids = list(user_ids)
users = User.find_by_ids(user_ids)
children = []
for user in users:
children.append({
'title': user.get('nickname'),
'key': user.get('_id'),
'team': None,
})
item['children'] = children
tree.append(item)
return jsonify({
'message': 'ok',
'code': 0,
'data': tree,
})
def bind_hosts(user_id):
payload = request.get_json()
if not payload:
return jsonify({
'message': 'invalid params',
'code': 104030
}), 400
user_info = User().find_by_id(user_id)
if not user_info:
return jsonify({
'message': 'invalid user',
'code': 104043
}), 400
hosts = payload.get('hosts')
if not hosts or len(hosts) > 2:
return jsonify({
'message': 'invalid params',
'code': 104041
}), 400
if len(hosts) == 2:
group_id, host_id = hosts
check = db.collection('user_hosts').find_one({
'$or': [
{
'user_id': user_id,
'group_id': group_id,
'host_id': host_id,
'type': 'node'
},
{
'user_id': user_id,
'group_id': group_id,
'type': 'group'
}
]
})
if check:
return jsonify({
'message': 'record exist',
'code': 104005
}), 400
data = {
'user_id': user_id,
'host_id': host_id,
'group_id': group_id,
'type': 'node',
'add_by': login_user.get('username'),
'created_at': time.time(),
}
db.collection('user_hosts').insert_one(data)
else:
group_id = hosts[0]
check = db.collection('user_hosts').find_one({
'user_id': user_id,
'group_id': group_id,
'type': 'group'
})
if check:
return jsonify({
'message': 'record exist',
'code': 104005
}), 400
data = {
'user_id': user_id,
'group_id': group_id,
'type': 'group',
'add_by': login_user.get('username'),
'created_at': time.time(),
}
db.collection('user_hosts').insert_one(data)
return jsonify({
'message': 'ok',
'code': 0,
})
def update_user(_id):
payload = request.get_json()
record = User.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040
}), 404
if not payload:
return jsonify({
'message': 'illegal params',
'code': 104000
}), 400
current_user_id = login_user.get('user_id')
is_admin = login_user.get('is_admin')
username = payload.get('username')
nickname = payload.get('nickname')
email = payload.get('email')
phone = payload.get('phone')
role_ids = payload.get('role')
team_id = payload.get('team_id')
address = payload.get('address')
# current_team_id = payload.get('currentTeamId')
# current_role_ids = payload.get('currentRoleIds')
if not is_admin:
return jsonify({
'message': 'bad permission',
'code': 104130
}), 403
update = {}
if username and record['username'] != username:
update['username'] = username
check = User.find_one({'username': username})
if check:
return jsonify({
'message': 'username existed',
'code': 104001
}), 400
if email and record.get('email') != email:
update['email'] = email
check = User.find_one({'email': email})
if check:
return jsonify({
'message': 'email existed',
'code': 104001
}), 400
if phone and record.get('phone') != phone:
update['phone'] = phone
check = User.find_one({'phone': phone})
if check:
return jsonify({
'message': 'phone existed',
'code': 104001
}), 400
if nickname:
update['nickname'] = nickname
if address:
update['address'] = address
if team_id:
change = {
'$set': {
'team_id': team_id,
'user_id': _id,
'updated_at': time.time(),
}
}
condition = {
'user_id': _id,
}
db.collection('team_members').update_one(condition, update=change, upsert=True)
if role_ids:
result = User().bind_roles(_id, role_ids, add_by=login_user.get('username'))
User.update_one({'_id': record['_id']}, {'$set': update})
return jsonify({
'message': 'ok',
'code': 0,
})
def get_roles():
query = request.args
page = int(query.get('page', 1))
size = int(query.get('size', 50))
offset = (page - 1) * size
name = query.get('name')
role_type = query.get('type')
start = query.get('start')
end = query.get('end')
user = User()
username = login_user.get('username')
is_admin = login_user.get('is_admin')
data = []
total = 0
role = Role()
where = {'status': {'$ne': -1}}
if name:
where['name'] = {'$regex': name}
if role_type:
where['type'] = role_type
date = []
if start:
date.append({
'created_at': {
'$gte': int(time.mktime(time.strptime(start, '%Y-%m-%d')))
}
})
if end:
date.append({
'created_at': {
'$lte': int(time.mktime(time.strptime(end, '%Y-%m-%d')))
}
})
if not is_admin:
user_info = user.collection.find_one({'username': username})
where = {
'user_id': str(user_info['_id']),
}
roles = db.collection('user_roles').find(where)
roles = list(roles)
if roles:
role_ids = map(lambda i: ObjectId(i['role_id']), roles)
where['_id'] = {
'$in': list(role_ids),
}
cursor = role.collection.find(where, skip=offset, limit=size)
total = cursor.count()
data = list(cursor)
else:
cursor = role.collection.find(where, skip=offset, limit=size)
total = cursor.count()
data = list(cursor)
return jsonify({
'message': 'ok',
'code': 0,
'data': {
'page': page,
'pageSize': size,
'total': total,
'list': data,
},
})
def add_adhoc():
payload = request.get_json()
if not payload:
return jsonify({
'message': 'invalid params',
'code': 104001,
}), 400
module = payload.get('module')
args = payload.get('args')
inventory = payload.get('inventory')
private_key = payload.get('private_key')
verbosity = payload.get('verbosity', 0)
name = payload.get('name')
schedule = payload.get('schedule')
check = payload.get('check')
job_id = payload.get('job_id')
extra_options = payload.get('extraOptions')
status = int(payload.get('status', 0))
notification = payload.get('notification')
maintainer = payload.get('maintainer') or []
if maintainer and isinstance(maintainer, list):
users = User.find({'username': {'$in': maintainer}})
names = list(map(lambda i: i['username'], users))
maintainer.extend(names)
if login_user.get('username'):
maintainer.append(login_user.get('username'))
if not job_id:
existed = Job.find_one({'name': name})
if existed and existed.get('status') != -1:
return jsonify({'message': 'name exist', 'code': 104007}), 400
if not module or not inventory or not name:
return jsonify({
'message': 'miss required params',
'code': 104002,
}), 400
# check_module = db.collection('ansible_modules').find_one({
# 'name': module
# })
#
# if not check_module:
# return jsonify({
# 'message': 'invalid module',
# 'code': 104003,
# }), 400
inventory_content = parse_cmdb_inventory(inventory)
if not inventory_content:
return jsonify({
'message': 'invalid inventory',
'code': 104004,
}), 400
options = {}
if extra_options:
options.update(extra_options)
if verbosity:
options['verbosity'] = verbosity
if check:
with NamedTemporaryFile('w+t', delete=True) as fd:
if private_key:
key_text = get_credential_content_by_id(
private_key, 'private_key')
if not key_text:
return jsonify({
'message': 'invalid private key',
'code': 104004,
}), 400
fd.write(key_text)
fd.seek(0)
options['private_key'] = fd.name
tasks = [{'action': {'module': module, 'args': args}}]
hosts = inventory_content
runner = AdHocRunner(hosts, options=options)
runner.run('all', tasks)
result = runner.get_result()
return jsonify({'message': 'ok', 'code': 0, 'data': result})
else:
token = str(base64.b64encode(bytes(current_request_id(), 'utf8')),
'utf8')
data = {
'name': name,
'template': {
'inventory': inventory,
'private_key': private_key,
'verbosity': verbosity,
'module': module,
'args': args,
'extraOptions': extra_options,
},
'extra': {
'schedule': schedule,
'notification': notification,
},
'token': token,
'maintainer': maintainer,
'type': 'adhoc',
'created_at': time.time(),
'status': status,
'add_by': login_user.get('username')
}
if job_id:
record = Job.find_one({'_id': ObjectId(job_id)})
if not record:
return jsonify({
'message': 'record not found',
'code': 104040
}), 404
update = {
'$set': data,
}
Job.update_one({'_id': ObjectId(job_id)}, update=update)
else:
Job.insert_one(data)
return jsonify({
'message': 'ok',
'code': 0,
})
def run_playbook_task(_id, request_id, username, history_id, **kwargs):
db = Mongo()
record = Job.find_by_id(ObjectId(_id))
task_record = TaskModel.find_one({'request_id': request_id})
if not task_record:
return False
start_at = time()
state = 'progressing'
result = ''
task_id = task_record.get('_id')
job_id = task_record.get('job_id')
old_stdout = sys.stdout
old_stderr = sys.stderr
sys.stderr = sys.stdout = temp_stdout = Reporter(str(task_id))
try:
if history_id:
history = db.collection('build_history').find_one(
{'_id': ObjectId(history_id)})
record = history['job_info']
kwargs = task_record.get('kwargs')
template = record.get('template')
body = {
'template': record.get('template'),
'extra': record.get('extra')
}
payload = load_ansible_playbook(body)
if payload.get('message') is not 'ok':
raise Exception('load ansible options error: ' +
payload.get('message'))
app_id = template.get('app')
if app_id:
app_info = Application.find_by_id(ObjectId(app_id))
if not app_info:
raise Exception('app not found: {}'.format(app_id))
app_type = app_info.get('type')
app_params = app_info.get('params')
if kwargs:
app_params.update(kwargs)
integration = Integration(app_type, app_params)
integration.install()
data = payload.get('data')
options = data.get('options')
private_key = data.get('private_key')
wk = Workspace()
roles = data.get('roles')
if history_id:
bookspace = wk.build_book(history_id)
else:
bookname = data.get('book_name')
bookspace = wk.load_book_from_db(name=bookname,
roles=roles,
build_id=task_id)
if not bookspace or not os.path.isdir(bookspace):
raise Exception('install playbook failed, book name: {}'.format(
data.get('book_name')))
entry = os.path.join(bookspace, data.get('entry'))
with NamedTemporaryFile('w+t', delete=False) as fd:
if private_key:
key_text = get_credential_content_by_id(
private_key, 'private_key')
if not key_text:
raise Exception('invalid private_key')
fd.write(key_text)
fd.seek(0)
options['private-key'] = fd.name
options['tags'] = ['uptime']
options['verbosity'] = 2
inventory = data.get('inventory')
logger.info('ansible-playbook run load inventory: \n{}'.format(
yaml.safe_dump(inventory)))
play = PlayBookRunner(data.get('inventory'),
options,
job_id=job_id)
play.run(entry)
result = play.get_result()
builds = db.collection('build_history').count({'job_id': _id})
state = 'finish'
# @todo
if builds > cache_result_numer:
last_one = db.collection('build_history').find_one(
{'job_id': _id}, sort=[('_id', 1)])
if last_one:
db.fs().delete(last_one.get('file_id'))
db.collection('build_history').delete_one(
{'_id': last_one['_id']})
with TemporaryDirectory() as dir_name:
bookname = data.get('book_name')
zip_file = os.path.join(dir_name, bookname)
zip_file = make_zip(bookspace, zip_file)
with open(zip_file, mode='rb') as stream:
filename = bookname + '.zip'
file_id = db.save_file(filename=filename, fileobj=stream)
store_info = {
'task_id': str(task_id),
'file_id': str(file_id),
'job_id': str(_id),
'job_info': record,
'filename': filename,
'created_at': time(),
'kwargs': kwargs,
}
db.collection('build_history').insert_one(store_info)
shutil.rmtree(bookspace)
except Exception as e:
result = str(e)
extra = {'task_id': task_id}
logger.error('run task with exception: {}'.format(str(e)), extra=extra)
state = 'error'
extra_options = record.get('extra')
user = User.find_one({'username': username})
if user:
user_id = str(user['_id'])
notification = extra_options.get('notification')
message = '[error]run job: {}, message: {}'.format(
record.get('name'), str(e))
sys.stdout.write(message)
if notification and type(notification) == list:
Notify().dispatch(user_id=user_id,
msg_type='task',
content=message,
channel=notification)
finally:
content = temp_stdout.getvalue()
temp_stdout.close(True)
sys.stdout = old_stdout
sys.stderr = old_stderr
finish_at = time()
update = {
'$set': {
'start_at': start_at,
'finish_at': finish_at,
'state': state,
'duration': finish_at - start_at,
'result': result,
}
}
TaskModel.update_one({'_id': task_id}, update=update)
trace = {
'task_id': str(task_id),
'request_id': request_id,
'username': username,
'content': str(content),
'created_at': time(),
}
db.collection('task_logs').insert_one(trace)
def add_user():
payload = request.get_json()
if not payload:
return jsonify({
'message': 'invalid params',
'code': 104000
}), 400
current_user = login_user.get('username')
is_admin = login_user.get('is_admin')
username = payload.get('username')
nickname = payload.get('nickname')
email = payload.get('email')
phone = payload.get('phone')
role_ids = payload.get('role_ids')
team_id = payload.get('team_id')
address = payload.get('address')
password = payload.get('password')
if not username or not email:
return jsonify({
'message': 'miss required params',
'code': 104001,
}), 400
if not is_admin:
if team_id:
team = Team.find_by_id(team_id)
if not team or current_user not in team.get('master'):
return jsonify({
'message': 'permission deny',
'code': 104031
}), 403
else:
return jsonify({
'message': 'permission deny',
'code': 104032,
}), 403
where = {
'$or': [
{'username': username},
{'email': email},
]
}
existed = User.find_one(where)
if existed:
return jsonify({
'message': 'username or email existed',
'code': 104030
}), 400
password = password or gen_password()
encrypt_pwd = generate_password_hash(password)
user_info = {
'username': username,
'nickname': nickname,
'password': encrypt_pwd,
'email': email,
'phone': phone,
'active': 0,
'address': address,
'created_at': time.time(),
'add_by': login_user.get('username'),
}
result = User.insert_one(user_info)
user_id = str(result.inserted_id)
if role_ids:
role_ids = role_ids if type(role_ids) == list else [role_ids]
roles = Role.find_by_ids(role_ids)
if roles:
for item in roles:
data = {
'role_id': str(item['_id']),
'user_id': user_id,
'add_by': login_user.get('username'),
'created_at': time.time(),
}
db.collection('user_roles').insert_one(data)
if team_id:
Team().add_member(team_id=team_id, members=[user_id], owner_id=login_user.get('user_id'))
notify = SMTP()
text = '''
<p>Dear user:</p>
<p>Your eclogue account is active~!</p>
<p>username: {}</p>
<p>password: {} </p>
'''
text = text.format(username, password)
notify.send(text, to=email, subject='', subtype='html')
return jsonify({
'message': 'ok',
'code': 0,
'data': password
})