Merge branch 'dev'

Ansjer/urls.py

@@ -13,10 +13,11 @@ from Controller import FeedBack, EquipmentOTA, EquipmentInfo, AdminManage, AppIn
     ApplicationController, UserExController, CloudStorage, TestApi, UserBrandControllerV2, \
     StatisticsController, Alexa, FAQController, AppLogController, EquipmentVersionLimit, VoicePromptController, \
     CDKController, \
-    DeviceTypeController, CloudTransfer, Cloudsum, IotCoreController, OperatingLogs, ProcessInfo, RegionCountryController, \
+    DeviceTypeController, CloudTransfer, Cloudsum, IotCoreController, OperatingLogs, ProcessInfo, \
+    RegionCountryController, \
     VerifyCodeController, FileController, UIDController, LogController, SalesController, \
     OrderTaskController, HistoryUIDController, UIDManageUserController, SerialNumberController, CompanyController, \
-    RegionController, VPGController, LanguageController, TestController, DeviceConfirmRegion
+    RegionController, VPGController, LanguageController, TestController, DeviceConfirmRegion, S3GetStsController
 
 urlpatterns = [
     url(r'^testApi/(?P<operation>.*)$', TestApi.testView.as_view()),
@@ -276,6 +277,9 @@ urlpatterns = [
     #Iot Core
     url(r'iot/(?P<operation>.*)$', IotCoreController.IotCoreView.as_view()),
 
+    #S3预签名
+    url(r's3_getsts/(?P<operation>.*)$', S3GetStsController.S3GetStsView.as_view()),
+
     # 云分配UID
     path('admin/', admin.site.urls),
     re_path('user/(?P<operation>.*)', UIDManageUserController.UserView.as_view()),

Controller/CloudStorage.py

@@ -432,7 +432,7 @@ class CloudStorageView(View):
                 format(server_domain=SERVER_DOMAIN_SSL, uid=TokenObject().encryption(data={'uid': uid}), channel=channel, time=vod['time'])
             ts_num = int(vod['fg']) & 0xf
             vod_play_list.append({
-                'name': vod['time'],
+                'start_time': vod['time'],
                 'sign_url': vod_url,
                 'thumb': response_url,
                 'sec': vod['sec'],

Controller/EquipmentManager.py

@@ -162,6 +162,7 @@ def delUserEquipmentInterface(request):
         dv_qs = Device_Info.objects.filter(userID_id=userID, id=id)
         # redisObj = RedisObject(db=8)
         # redisObj.del_data(key='uid_qs_' + userID)
+
         if dv_qs.exists():
             uid = dv_qs[0].UID
             asy = threading.Thread(target=ModelService.add_log, args=(CommonService.get_ip_address(request), userID, 'deleteV1'))
@@ -170,6 +171,7 @@ def delUserEquipmentInterface(request):
             print('删除')
             UID_Preview.objects.filter(uid=uid).delete()
             dv_qs.delete()
+            Device_Info.objects.filter(UID=uid).update(vodPrimaryUserID='', vodPrimaryMaster='')
             asy = threading.Thread(target=ModelService.del_eq_info, args=(userID, uid))
             asy.start()
 

Controller/S3GetStsController.py

@@ -0,0 +1,98 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+import hashlib
+import json
+import time
+import uuid
+
+import boto3
+from django.http import HttpResponse, JsonResponse
+from django.views import View
+
+from Ansjer.config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_ARN
+from Controller.DeviceConfirmRegion import Device_Region
+from Model.models import Device_User, Device_Info, iotdeviceInfoModel, UIDCompanySerialModel, \
+    SerialNumberModel
+from Object.IOTCore.IotObject import IOTClient
+from Object.ResponseObject import ResponseObject
+from Service.CommonService import CommonService
+
+
+class S3GetStsView(View):
+
+    def get(self, request, *args, **kwargs):
+        request.encoding = 'utf-8'
+        request_dict = request.GET
+        operation = kwargs.get('operation', None)
+        return self.validate(operation, request_dict, request)
+
+    def post(self, request, *args, **kwargs):
+        request.encoding = 'utf-8'
+        request_dict = request.POST
+        operation = kwargs.get('operation', None)
+        return self.validate(operation, request_dict, request)
+
+    def validate(self, operation, request_dict, request):
+
+        response = ResponseObject()
+
+        if operation == 'ota':
+            return self.ota(request_dict, response, request)
+        else:
+            return response.json(404)
+
+
+    # 授权ota升级s3预签名
+    def ota(self, request_dict, response, request):
+        mold = request_dict.get('mold', None)  #0国内， 1国外
+        region_name = request_dict.get('region_name', None)
+        bucket_name = request_dict.get('bucket_name', None)
+        endpoint = request_dict.get('endpoint', None)
+        filepath = request_dict.get('filepath', None)
+        role_name = request_dict.get('jobname', None)
+        mold = int(mold)
+        try:
+            aws_access_key_id = AWS_ACCESS_KEY_ID[mold]
+            aws_secret_access_key = AWS_SECRET_ACCESS_KEY[mold]
+            aws_arn = AWS_ARN[mold]
+        except:
+            res = {'code': 404, 'msg': 'mold not exists!'}
+            return HttpResponse(json.dumps(res, ensure_ascii=False), content_type="application/json,charset=utf-8")
+
+        ###############
+        boto3_sts = boto3.client(
+            'sts',
+            aws_access_key_id=aws_access_key_id,
+            aws_secret_access_key=aws_secret_access_key,
+            region_name=region_name
+        )
+        Policy = {
+            "Version": "2012-10-17",
+            "Statement": [
+                {
+                    "Effect": "Allow",
+                    "Action": "s3:*",
+                    "Resource": ["{aws_arn}:::{bucket_name}/{filepath}*".
+                                     format(aws_arn=aws_arn, bucket_name=bucket_name, filepath=filepath)]
+                }
+            ]
+        }
+        response = boto3_sts.get_federation_token(
+            Name='{role_name}'.format(role_name=role_name),
+            Policy=json.dumps(Policy),
+            DurationSeconds=7200
+        )
+        ##############
+        res = {
+            'AccessKeyId': response['Credentials']['AccessKeyId'],
+            'AccessKeySecret': response['Credentials']['SecretAccessKey'],
+            'SessionToken': response['Credentials']['SessionToken'],
+            'Expiration': response['Credentials']['Expiration'],
+            'expire': 900,
+            'endpoint': endpoint,
+            'bucket_name': bucket_name,
+            'arn': response['FederatedUser']['Arn'],
+            'region': region_name,
+            'bucket_mold': mold
+        }
+        return JsonResponse(status=200, data=res)