Skip to content

Commit

Permalink
Merge pull request cookieY#45 from sultan8252/1.3.1
Browse files Browse the repository at this point in the history 
1.3.1
  • Loading branch information
cookieY authored Aug 9, 2018
2 parents 3993b43 + de16bfc commit 52b31ab
Show file tree
Hide file tree
Showing 10 changed files with 333 additions and 28 deletions.
2 changes: 1 addition & 1 deletion install/yearning-docker-compose/init-sql/install.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -310,7 +310,7 @@ CREATE TABLE `django_migrations` (


BEGIN;
INSERT INTO `core_grained` VALUES (29, 'admin', '{\'ddl\': \'0\', \'ddlcon\': [], \'dml\': \'0\', \'dmlcon\': [], \'dic\': \'0\', \'diccon\': [], \'dicedit\': \'0\', \'user\': \'1\', \'base\': \'1\', \'dicexport\': \'0\', \'person\': [], \'query\': \'0\', \'querycon\': []}');
INSERT INTO `core_grained` VALUES (1, 'admin', '{\'ddl\': \'0\', \'ddlcon\': [], \'dml\': \'0\', \'dmlcon\': [], \'dic\': \'0\', \'diccon\': [], \'dicedit\': \'0\', \'user\': \'1\', \'base\': \'1\', \'dicexport\': \'0\', \'person\': [], \'query\': \'0\', \'querycon\': []}');
INSERT INTO `core_globalpermissions` VALUES (1, 'global', '{\'host\': \'\', \'port\': \'\', \'user\': \'\', \'password\': \'\', \'back_host\': \'\', \'back_port\': \'\', \'back_user\': \'\', \'back_password\': \'\'}', '{\'type\': \'\', \'host\': \'\', \'sc\': \'\', \'domain\': \'\', \'user\': \'\', \'password\': \'\'}', '{\'webhook\': \'\', \'smtp_host\': \'\', \'smtp_port\': \'\', \'user\': \'\', \'password\': \'\', \'to_user\': \'\', \'mail\': False, \'ding\': False}', '{\'limit\': \'\', \'con_room\': [\'AWS\', \'Aliyun\', \'Own\', \'Other\'], \'foce\': \'\', \'multi\': False, \'query\': False, \'sensitive_list\': [], \'sensitive\': \'\'}');
INSERT INTO `core_account` VALUES (1, 'pbkdf2_sha256$100000$Dy6mFniGxTZa$YBQ9cX0iPQvTYp06C5ZiVgXICTHNTiwWhWYnRmcqjHY=', NULL, 0, 'admin', '', '', '', 1, 1, '2018-07-26 07:15:33.931971', 'admin', '', 'admin');
COMMIT;
Expand Down
18 changes: 13 additions & 5 deletions src/core/api/serachsql.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,15 @@
from libs import con_database
from core.models import DatabaseList, Account, querypermissions, query_order, globalpermissions

try:
from core.models import globalpermissions

setting = globalpermissions.objects.filter(authorization='global').first()
exclued_database_name = setting.other.get('exclued_db_list', [])
except Exception:
logging.error("exclued_database_name配置错误.")
exclued_database_name = []

CUSTOM_ERROR = logging.getLogger('Yearning.core.views')


Expand Down Expand Up @@ -56,7 +65,7 @@ def post(self, request, args=None):
db=address['basename']
) as f:
try:
query_sql = replace_limit(check[-1].strip(), limit['limit'])
query_sql = replace_limit(check[-1].strip(), limit.get('limit', '1024'))
data_set = f.search(sql=query_sql)
except Exception as e:
CUSTOM_ERROR.error(f'{e.__class__.__name__}: {e}')
Expand Down Expand Up @@ -167,7 +176,7 @@ def put(self, request, args: str = None):
query_per = 2
work_id = util.workId()
if not query_switch['query']:
query_per = 1
query_per = 2
else:
userinfo = Account.objects.filter(username=audit, group='admin').first()
try:
Expand Down Expand Up @@ -252,12 +261,11 @@ def put(self, request, args: str = None):
port=_connection.port) as f:
dataname = f.query_info(sql='show databases')
children = []
ignore = ['information_schema', 'sys', 'performance_schema', 'mysql']
for index, uc in enumerate(dataname):
ignore = exclued_database_name
for index, uc in sorted(enumerate(dataname), reverse=True):
for cc in ignore:
if uc['Database'] == cc:
del dataname[index]
index = index - 1
for i in dataname:
with con_database.SQLgo(ip=_connection.ip,
user=_connection.username,
Expand Down
69 changes: 65 additions & 4 deletions src/core/api/user.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
from libs import baseview, util
from core.task import grained_permissions,set_auth_group
from libs.serializers import UserINFO
from libs.send_email import send_email
from rest_framework.response import Response
from django.http import HttpResponse
from django.contrib.auth import authenticate
Expand All @@ -20,6 +21,52 @@
jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER

def __adduser__(request, args=None):
try:
username = request.data['username']
password = request.data['password']
group = request.data.get('group', 'guest')
email = request.data['email']
realname = request.data.get('realname', '')
department = request.data.get('department', 'Unkonw')
auth_group = ','.join(json.loads(request.data.get('auth_group','[]')))
_send_mail = send_email(to_addr=email)
_status, _message = _send_mail.email_check()
if _status != 200:
return Response(data=_message)
except KeyError as e:
CUSTOM_ERROR.error(f'{e.__class__.__name__}: {e}')
return HttpResponse(status=500)
else:
try:
if group == 'admin' or group == 'perform':
user = Account.objects.create_user(
username=username,
password=password,
department=department,
group=group,
is_staff=1,
email=email,
realname=realname,
auth_group=auth_group)
user.save()
return Response('%s 用户注册成功!' % username)
elif group == 'guest':
user = Account.objects.create_user(
username=username,
password=password,
department=department,
group=group,
email=email,
realname=realname,
auth_group=auth_group
)
user.save()
return Response('%s 用户注册成功!' % username)
except Exception as e:
CUSTOM_ERROR.error(f'{e.__class__.__name__}: {e}')
return HttpResponse(e)


class userinfo(baseview.BaseView):
'''
Expand Down Expand Up @@ -92,13 +139,14 @@ def put(self, request, args=None):
try:
username = request.data['username']
mail = request.data['mail']
realname = request.data['realname']
except KeyError as e:
CUSTOM_ERROR.error(f'{e.__class__.__name__}: {e}')
return HttpResponse(status=500)
else:
try:
Account.objects.filter(username=username).update(email=mail)
return Response('%s--E-mail修改成功!' % username)
Account.objects.filter(username=username).update(email=mail, realname=realname)
return Response('%s--实名 & E-mail修改成功!' % username)
except Exception as e:
CUSTOM_ERROR.error(f'{e.__class__.__name__}: {e}')
return HttpResponse(status=500)
Expand All @@ -107,10 +155,15 @@ def post(self, request, args=None):
try:
username = request.data['username']
password = request.data['password']
group = request.data['group']
department = request.data['department']
group = request.data.get('group', 'guest')
email = request.data['email']
realname = request.data.get('realname', '')
department = request.data.get('department', 'Unkonw')
auth_group = ','.join(json.loads(request.data['auth_group']))
_send_mail = send_email(to_addr=email)
_status, _message = _send_mail.email_check()
if _status != 200:
return Response(data=_message)
except KeyError as e:
CUSTOM_ERROR.error(f'{e.__class__.__name__}: {e}')
return HttpResponse(status=500)
Expand All @@ -124,6 +177,7 @@ def post(self, request, args=None):
group=group,
is_staff=1,
email=email,
realname=realname,
auth_group=auth_group)
user.save()
return Response('%s 用户注册成功!' % username)
Expand All @@ -134,6 +188,7 @@ def post(self, request, args=None):
department=department,
group=group,
email=email,
realname=realname,
auth_group=auth_group
)
user.save()
Expand Down Expand Up @@ -261,6 +316,12 @@ def post(self, request, args: str = None):
return Response({'token': 'null', 'res': 'ldap账号认证失败,请检查ldap账号或ldap配置!'})


class login_register(baseview.AnyLogin):

def post(self, request, args=None):
return __adduser__(request, args)


class login_auth(baseview.AnyLogin):

def post(self, request, args: str = None):
Expand Down
1 change: 1 addition & 0 deletions src/core/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ class Account(AbstractUser):
'''
User table
'''
realname= models.CharField(max_length=64,default="") # 实名
group = models.CharField(max_length=40) # 权限组 guest/admin
department = models.CharField(max_length=40) # 部门
auth_group = models.CharField(max_length=100, null=True) #细粒化权限组
Expand Down
24 changes: 24 additions & 0 deletions src/libs/send_email.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@
from email.utils import parseaddr, formataddr
import smtplib
import ast
import logging

CUSTOM_ERROR = logging.getLogger('Yearning.core.views')


class send_email(object):
Expand All @@ -12,6 +15,7 @@ def __init__(self, to_addr=None):
self.to_addr = to_addr
un_init = util.init_conf()
self.email = ast.literal_eval(un_init['message'])
self.email_suffix_list = ast.literal_eval(util.init_conf().get('other', '')).get('email_suffix_list',[]) # 获取可以注册邮箱后缀

def _format_addr(self, s):
name, addr = parseaddr(s)
Expand Down Expand Up @@ -128,3 +132,23 @@ def send_mail(self, mail_data=None, type=None):
server.login(self.email['user'], self.email['password'])
server.sendmail(self.email['user'], [self.to_addr], msg.as_string())
server.quit()

def email_check(self):
try:
if self.to_addr.split('@')[1] not in self.email_suffix_list:
CUSTOM_ERROR.warning("邮箱地址[%s]不在允许注册邮箱范围内%s,请更换邮箱地址进行注册" % (self.to_addr, self.email_suffix_list))
return 300, "邮箱地址[%s]不在允许注册邮箱范围内%s,请更换邮箱地址进行注册" % (self.to_addr, self.email_suffix_list)
server = smtplib.SMTP(self.email['smtp_host'], int(self.email['smtp_port']))
server.login(self.email['user'], self.email['password'])
server.mail(sender=self.email['user'])
_code, _msg = server.rcpt(self.to_addr)
if _code in (250, 251, 452):
CUSTOM_ERROR.info("SMTP检查邮箱地址[%s]存在,检查通过" % (self.to_addr))
return 200, "SMTP检查邮箱地址[%s]存在,检查通过" % (self.to_addr)
else:
CUSTOM_ERROR.warning(
"SMTP检查邮箱地址[%s]异常,请更换邮箱地址进行注册.SMTP RCPT CODE:%s MSG:%s" % (self.to_addr, _code, _msg))
return 300, "SMTP检查邮箱地址[%s]异常,请更换邮箱地址进行注册" % (self.to_addr)
except Exception as e:
CUSTOM_ERROR.error(f'{e.__class__.__name__}: {e}')
return 500, "邮箱检查失败"
2 changes: 1 addition & 1 deletion src/libs/serializers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ class UserINFO(serializers.HyperlinkedModelSerializer):

class Meta:
model = Account
fields = ('id', 'username', 'group', 'department', 'email', 'auth_group')
fields = ('id', 'username', 'group', 'department', 'email', 'realname', 'auth_group')


class SQLGeneratDic(serializers.HyperlinkedModelSerializer):
Expand Down
4 changes: 3 additions & 1 deletion src/settingConf/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,8 @@
generaluser,
authgroup,
ldapauth,
login_auth
login_auth,
login_register
)
from core.api.dashboard import (
dashboard,
Expand Down Expand Up @@ -51,6 +52,7 @@
url(r'^api/v1/query_order', Query_order.as_view()),
url(r'^api/v1/query_worklf', query_worklf.as_view()),
url(r'^api/v1/userinfo/(.*)', userinfo.as_view()),
url(r'^api/v1/loginregister/(.*)', login_register.as_view()),
url(r'^api/v1/audit_grained/(.*)', audit_grained.as_view()),
url(r'^api/v1/apply_grained', apply_grained.as_view()),
url(r'^api/v1/workorder/(.*)', addressing.as_view()),
Expand Down
Loading

0 comments on commit 52b31ab

Please sign in to comment.