7x31
/
cmdb
mirror of https://github.com/veops/cmdb.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat(api): add commands cmdb-agent-init

This commit is contained in:
pycook 2023-11-09 11:32:01 +08:00
parent 7986e8c8b8
commit ce9830eb42
2 changed files with 40 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
cmdb-api/api/commands/click_cmdb.py
View File

@ -127,10 +127,10 @@ def cmdb_init_acl():
# 3. add resource and grant # 3. add resource and grant
ci_types = CIType.get_by(to_dict=False) ci_types = CIType.get_by(to_dict=False)
type_id = ResourceType.get_by(name=ResourceTypeEnum.CI, first=True, to_dict=False).id resource_type_id = ResourceType.get_by(name=ResourceTypeEnum.CI, first=True, to_dict=False).id
for ci_type in ci_types: for ci_type in ci_types:
try: try:
ResourceCRUD.add(ci_type.name, type_id, app_id) ResourceCRUD.add(ci_type.name, resource_type_id, app_id)
except AbortException: except AbortException:
pass pass
@ -140,10 +140,10 @@ def cmdb_init_acl():
[PermEnum.READ]) [PermEnum.READ])
relation_views = PreferenceRelationView.get_by(to_dict=False) relation_views = PreferenceRelationView.get_by(to_dict=False)
type_id = ResourceType.get_by(name=ResourceTypeEnum.RELATION_VIEW, first=True, to_dict=False).id resource_type_id = ResourceType.get_by(name=ResourceTypeEnum.RELATION_VIEW, first=True, to_dict=False).id
for view in relation_views: for view in relation_views:
try: try:
ResourceCRUD.add(view.name, type_id, app_id) ResourceCRUD.add(view.name, resource_type_id, app_id)
except AbortException: except AbortException:
pass pass
@ -422,3 +422,39 @@ def cmdb_password_data_migrate():
if not failed and attr.is_index: if not failed and attr.is_index:
attr.update(is_index=False) attr.update(is_index=False)
@click.command()
@with_appcontext
def cmdb_agent_init():
"""
Initialize the agent's permissions and obtain the key and secret
"""
from api.models.acl import User
user = User.get_by(username="cmdb_agent", first=True, to_dict=False)
if user is None:
click.echo(
click.style('user cmdb_agent does not exist, please use flask add-user to create it first', fg='red'))
return
# grant
_app = AppCache.get('cmdb') or App.create(name='cmdb')
app_id = _app.id
ci_types = CIType.get_by(to_dict=False)
resource_type_id = ResourceType.get_by(name=ResourceTypeEnum.CI, first=True, to_dict=False).id
for ci_type in ci_types:
try:
ResourceCRUD.add(ci_type.name, resource_type_id, app_id)
except AbortException:
pass
ACLManager().grant_resource_to_role(ci_type.name,
"cmdb_agent",
ResourceTypeEnum.CI,
[PermEnum.READ, PermEnum.UPDATE, PermEnum.ADD, PermEnum.DELETE])
click.echo("Key : {}".format(click.style(user.key, bg='red')))
click.echo("Secret: {}".format(click.style(user.secret, bg='red')))

1
cmdb-api/api/lib/perm/acl/resource.py
View File

@ -276,7 +276,6 @@ class ResourceCRUD(object):
from api.tasks.acl import apply_trigger from api.tasks.acl import apply_trigger
triggers = TriggerCRUD.match_triggers(app_id, r.name, r.resource_type_id, uid) triggers = TriggerCRUD.match_triggers(app_id, r.name, r.resource_type_id, uid)
current_app.logger.info(triggers)
for trigger in triggers: for trigger in triggers:
# auto trigger should be no uid # auto trigger should be no uid
apply_trigger.apply_async(args=(trigger.id,), apply_trigger.apply_async(args=(trigger.id,),