Skip to content

Commit

Permalink
Merge pull request #869 from longguikeji/feature-fix-local-arkstore
Browse files Browse the repository at this point in the history
fix: 🐛 fix local arkstore api
  • Loading branch information
luolu-lg authored May 26, 2022
2 parents 8f3653f + d06f691 commit cd3c313
Show file tree
Hide file tree
Showing 3 changed files with 59 additions and 77 deletions.
12 changes: 6 additions & 6 deletions api/v1/views/bind_saas.py
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,11 @@ class BindSaasSlugSchemaOut(Schema):
saas_tenant_slug: Optional[str]


class BindSaasInfoSchemaOut(Schema):
company_name: str
contact_person: str
class BindSaasInfoSchema(Schema):
company_name: Optional[str]
contact_person: Optional[str]
email: Optional[str]
mobile: str
mobile: Optional[str]


@api.get("/tenant/{tenant_id}/bind_saas/", tags=['bind_saas'], response=BindSaasSchemaOut)
Expand Down Expand Up @@ -69,7 +69,7 @@ def set_bind_saas_slug(request, tenant_id: str, data: BindSaasSlugSchemaOut):
return bind_info


@api.get("/tenant/{tenant_id}/bind_saas/info/", tags=['bind_saas'], response=BindSaasInfoSchemaOut)
@api.get("/tenant/{tenant_id}/bind_saas/info/", tags=['bind_saas'], response=BindSaasInfoSchema)
def get_bind_saas_info(request, tenant_id: str):
"""
查询 saas info 绑定信息
Expand All @@ -79,7 +79,7 @@ def get_bind_saas_info(request, tenant_id: str):


@api.post("/tenant/{tenant_id}/bind_saas/info/", tags=['bind_saas'])
def update_bind_saas_info(request, tenant_id: str, data: BindSaasInfoSchemaOut):
def update_bind_saas_info(request, tenant_id: str, data: BindSaasInfoSchema):
"""
更新 saas info 绑定信息
"""
Expand Down
50 changes: 19 additions & 31 deletions arkid/common/arkstore.py
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ def get_saas_token(tenant, token):
获取saas平台token
"""
# 缓存 saas_token
key = (tenant.id, token)
key = (str(tenant.id), token)
if key in arkid_saas_token_cache:
return arkid_saas_token_cache[key]
app = Application.objects.filter(name='arkid_saas').first()
Expand All @@ -45,25 +45,33 @@ def get_saas_token(tenant, token):
return arkid_saas_token_cache[key]


arkstore_access_token_cache = {}

def get_arkstore_access_token(tenant, token):
"""
获取插件商店access_token
"""
# 缓存 idtoken
key = (tenant.id, token)
if key in arkstore_access_token_cache:
return arkstore_access_token_cache[key]
saas_token, saas_tenant_id, saas_tenant_slug = get_saas_token(tenant, token)
params = {'state': 'client', 'tenant_slug': saas_tenant_slug, 'tenant_uuid': saas_tenant_id,'token': saas_token}
get_arkstore_access_token_with_saas_token(saas_tenant_slug, saas_tenant_id, saas_token)


arkstore_access_token_saas_cache = {}

def get_arkstore_access_token_with_saas_token(saas_tenant_slug, saas_tenant_id, token):
"""
获取插件商店access_token
"""
# 缓存 idtoken
key = (str(saas_tenant_id), token)
if key in arkstore_access_token_saas_cache:
return arkstore_access_token_saas_cache[key]
params = {'state': 'client', 'tenant_slug': saas_tenant_slug, 'tenant_uuid': str(saas_tenant_id), 'token': token}
app_login_url = settings.ARKSTOER_URL + '/api/v1/login'
resp = requests.get(app_login_url, params=params)
if resp.status_code != 200:
arkstore_access_token_saas_cache.pop(key, None)
raise Exception(f'Error get_arkstore_access_token: {resp.status_code}')
resp = resp.json()
arkstore_access_token_cache[key] = resp['access_token']
return arkstore_access_token_cache[key]
arkstore_access_token_saas_cache[key] = resp['access_token']
return arkstore_access_token_saas_cache[key]


def get_arkstore_extensions(access_token, purchased=None, type=None, offset=0, limit=10):
Expand Down Expand Up @@ -311,28 +319,8 @@ def get_arkid_saas_app_detail(tenant, token, extension_id):
return resp


arkstore_access_token_saas_cache = {}

def get_arkstore_access_token_with_saas_token(tenant, token):
"""
获取插件商店access_token
"""
# 缓存 idtoken
key = (tenant.id, token)
if key in arkstore_access_token_saas_cache:
return arkstore_access_token_saas_cache[key]
params = {'state': 'client', 'tenant_slug': tenant.slug, 'tenant_uuid': tenant.id.hex, 'token': token}
app_login_url = settings.ARKSTOER_URL + '/api/v1/login'
resp = requests.get(app_login_url, params=params)
if resp.status_code != 200:
raise Exception(f'Error get_arkstore_access_token: {resp.status_code}')
resp = resp.json()
arkstore_access_token_saas_cache[key] = resp['access_token']
return arkstore_access_token_saas_cache[key]


def check_arkstore_purchased(tenant, token, app):
access_token = get_arkstore_access_token_with_saas_token(tenant, token)
access_token = get_arkstore_access_token_with_saas_token(tenant.slug, tenant.id, token)
order_url = settings.ARKSTOER_URL + f'/api/v1/arkstore/apps/saas_app_order/{app.id.hex}'
headers = {'Authorization': f'Token {access_token}'}
params = {}
Expand Down
74 changes: 34 additions & 40 deletions arkid/core/perm/permission_data.py
Original file line number Diff line number Diff line change
Expand Up @@ -1122,53 +1122,47 @@ def check_app_entry_permission(self, request, type, kwargs):
检查应用入口权限
'''
token = request.GET.get('token', '')
tenant_id = None
if 'tenant_id' in kwargs:
tenant_id = kwargs.get('tenant_id')
else:
path = request.path
id_re = r"[0-9a-f]{8}\-[0-9a-f]{4}\-[0-9a-f]{4}\-[0-9a-f]{4}\-[0-9a-f]{12}"
res = re.search(id_re, path)
if res:
tenant_id = res.group(0)
if tenant_id:
client_id = request.GET.get('client_id', '')
apps = App.valid_objects.filter(
tenant = request.tenant
if not tenant:
return False
tenant_id = tenant.id.hex

client_id = request.GET.get('client_id', '')
apps = App.valid_objects.filter(
tenant_id=tenant_id,
type__in=type
)
app = None
if client_id:
# oauth有这个参数
for app_temp in apps:
config_data = app_temp.config.config
data_client = config_data.get('client_id', '')
if data_client == client_id:
app = app_temp
break
if app is None:
apps = apps.order_by('-created')
app = apps.first()
if app:
permission = Permission.valid_objects.filter(
app=app,
tenant_id=tenant_id,
type__in=type
)
app = None
if client_id:
# oauth有这个参数
for app_temp in apps:
config_data = app_temp.config.config
data_client = config_data.get('client_id', '')
if data_client == client_id:
app = app_temp
break
if app is None:
apps = apps.order_by('-created')
app = apps.first()
if app:
permission = Permission.valid_objects.filter(
app=app,
tenant_id=tenant_id,
category='entry',
is_system=True,
).first()
if permission:
user = self.token_check(tenant_id, token, request)
result = self.permission_check_by_sortid(permission, user, app, tenant_id)
if result:
return True
else:
return False
category='entry',
is_system=True,
).first()
if permission:
user = self.token_check(tenant_id, token, request)
result = self.permission_check_by_sortid(permission, user, app, tenant_id)
if result:
return True
else:
return False
else:
return False
else:
return False


def permission_check_by_sortid(self, permission, user, app, tenant_id):
'''
Expand Down

0 comments on commit cd3c313

Please sign in to comment.