feature:增加用户获取sts上传图片的，图片为设备预览图

Ansjer/test/osssigput.py

@@ -26,7 +26,18 @@ http://test.dvema.com/cloudVod/getSts?uidToken=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1N
 '''
 
 # tokenss ={"arn": "acs:ram::1901342792446414:role/stsoss/P2WNGJRD2EHA5EU9111A", "expire": "3600", "Expiration": "2019-02-25T07:03:40Z", "endpoint": "oss-cn-shenzhen.aliyuncs.com", "ip": "120.237.157.181", "storage": "P2WNGJRD2EHA5EU9111A/vod1/", "AccessKeySecret": "ErbGnFyPWPcfNBPRkcpZBJNBVpsX73q2u5vgJYownBQd", "SecurityToken": "CAIS9AJ1q6Ft5B2yfSjIr4vWBsLMjLBI0q2haFD/pTUgb8RvqL3pqDz2IHFIf3NhAe0bv/kzm2lX7/YYlr1LEaBjam7+QZFdzr0K3D7wOtOYkpRIRwn3ctj3d1KIAjvXgeV+CoeQFaELE5XAQlTAkTAJkNmeXD6+XlujHISUgJp8FLo+VRW5ajw0TbUzIRB5+vcHKVzbN/umLnyShXHLXmZlvgdghER166m03re4iHzkgUb91/UeqqnoP5GgdLMMBppkVMqv1+EELsiH2SVLuR9R7/U03u4W8jHZud3ERGEL3DOpEdD4qPBPBVJUW/ljQvdt6+b7maQ/+JaX9eXW0z9BMftYSD+lIImr25n/H/6zPdsYbcSCWROUiIjJbMKq9Vp5PjRCZFpoA4NwciYrVUZzG2uGdvH7oQzwD139G/Tf4sYfyoFoyljkx92OKmWUTq+RuSRiYc5gNBl5b0NLjDG9LfZZKlwWaT18G62SVp5jypvDLGYoZWYagAGOO+MMAjzgPaDMySC/exBy3d1Lp0iCGLeY6HYgMhel1YjuC2+vaPxvIaTgp4n9+QmQi+i1wtRhCVk8bwY0YCgNO5nZds4E0J5g7xTfnMfm30FaRs5s3rJohwEwp4cnsxgqsDGwwvqpOAefRd/hscpw3frgyPEVG6b6XRY4na+xpA==", "AccessKeyId": "STS.NHcMxxaoieoJjvNA5ucKCGxBJ", "bucket_name": "cnvod1", "code": 0}
-tokenss = {"arn": "acs:ram::1901342792446414:role/stsoss/P2WNGJRD2EHA5EU9111A", "expire": "3600", "endpoint": "oss-cn-shenzhen.aliyuncs.com", "AccessKeySecret": "ErbGnFyPWPcfNBPRkcpZBJNBVpsX73q2u5vgJYownBQd", "ip": "120.237.157.181", "storage": "P2WNGJRD2EHA5EU9111A/vod1/", "Expiration": "2019-02-25T07:03:40Z", "SecurityToken": "CAIS9AJ1q6Ft5B2yfSjIr4vWBsLMjLBI0q2haFD/pTUgb8RvqL3pqDz2IHFIf3NhAe0bv/kzm2lX7/YYlr1LEaBjam7+QZFdzr0K3D7wOtOYkpRIRwn3ctj3d1KIAjvXgeV+CoeQFaELE5XAQlTAkTAJkNmeXD6+XlujHISUgJp8FLo+VRW5ajw0TbUzIRB5+vcHKVzbN/umLnyShXHLXmZlvgdghER166m03re4iHzkgUb91/UeqqnoP5GgdLMMBppkVMqv1+EELsiH2SVLuR9R7/U03u4W8jHZud3ERGEL3DOpEdD4qPBPBVJUW/ljQvdt6+b7maQ/+JaX9eXW0z9BMftYSD+lIImr25n/H/6zPdsYbcSCWROUiIjJbMKq9Vp5PjRCZFpoA4NwciYrVUZzG2uGdvH7oQzwD139G/Tf4sYfyoFoyljkx92OKmWUTq+RuSRiYc5gNBl5b0NLjDG9LfZZKlwWaT18G62SVp5jypvDLGYoZWYagAGOO+MMAjzgPaDMySC/exBy3d1Lp0iCGLeY6HYgMhel1YjuC2+vaPxvIaTgp4n9+QmQi+i1wtRhCVk8bwY0YCgNO5nZds4E0J5g7xTfnMfm30FaRs5s3rJohwEwp4cnsxgqsDGwwvqpOAefRd/hscpw3frgyPEVG6b6XRY4na+xpA==", "AccessKeyId": "STS.NHcMxxaoieoJjvNA5ucKCGxBJ", "bucket_name": "cnvod1", "code": 0}
+tokenss ={
+    "AccessKeyId": "STS.NJ4VCFAz9oBgrJReTZY6XvH7Y",
+    "AccessKeySecret": "D4qAk17C86LK2iCMCAE9tutqCaYgq2C3qSqSrBtmchC6",
+    "SecurityToken": "CAISxQJ1q6Ft5B2yfSjIr4mBHfnyrKUY2ICMcGzjgVQPVbl0mY2cuzz2IHFIf3NhAe0bv/kzm2lX7/YYlrEqFsMeFBSVNZYoss0MqFjxO9KY4JztteRcTFEt9arWWXDBx8b3T7jTtbq/E67fiDmm+wZ3xbzlD2TAO3WuLZyOj7N+c90TRXPWRDFaBdBQVEIAzcgBLinpKOqKOBzniXaydE1zoVhQhGdy9amYyM+R4Qakoz+c8OIOoJnrKZWJdtRlOIwFM+24x+trbKHMom0yqhFB7/Vxl7cWu2WF7NiFDB4IvkndYrKFqoA3cFYiP/NqQ/Yd96ikzaU6mJSKxtyukEoXYrAPD3iBGNn8+qaeRrP1bOReXK3gJnHA3uqIMpTIqA4+aRoZTlgbJ4F7eyctVE1xFm6Ddfb3okqkeRu4TLOewAe9TB+wD42DGoABjQpaMZGUvae/bvy0EmQlSQ8L6Gr/YCAO/9YWpshdRfWlEGQJefim4Bt4XqGvcjGytN393toRKhIghRu9ja2lhy5km09Su/zVPwNp+Yqh8/aDfuhtnZdLnn7MrRPhpqnLP9ITTFsRbG793YAeqROl4iePN75xrd3SX0xd0W4EuQQ=",
+    "Expiration": "2019-05-10T07:14:41Z",
+    "expire": 3600,
+    "endpoint": "oss-cn-shenzhen.aliyuncs.com",
+    "bucket_name": "apg",
+    "arn": "acs:ram::1901342792446414:role/stsoss/154390905041313800138000",
+    "code": 0,
+    "storage": "154390905041313800138000/uid_preview/"
+  }
 # 使用RAM账号的AccessKeyId和AccessKeySecret向STS申请临时token。
 
 # 使用临时token中的认证信息初始化StsAuth实例。

Ansjer/urls.py

@@ -5,7 +5,7 @@ from Controller import FeedBackInfo, EquipmentOTA, EquipmentInfo, EquipmentSenso
     AccessLog, Test, MealManage, DeviceManage, EquipmentStatus, SysManage, DeviceLog, LogAccess, AppColophon,\
     EquipmentManager, LogManager, PermissionManager, OTAEquipment, UidappController, shareUserPermission, \
     UserManger, CheckUserData, \
-    UserController, CloudVod, OrderContrller, VodBucket, DetectController,DeviceShare,UserBrandController
+    UserController, CloudVod, OrderContrller, VodBucket, DetectController,DeviceShare,UserBrandController,StsOssController
 
 urlpatterns = [
     url(r'^account/authcode$', UserController.authCodeView.as_view()),
@@ -129,6 +129,8 @@ urlpatterns = [
     url(r'^user/init$', UserController.InitInfoView.as_view()),
     url(r'^getTZ$', EquipmentStatus.getTZ),
 
+    url(r'^stsOss/(?P<operation>.*)$',StsOssController.StsOssView.as_view()),
+
     # 新的设备接口
     path('Test', Test.Test.as_view()),
     # 路由加参数参考

Controller/StsOssController.py

@@ -12,41 +12,91 @@
 @Contact: chanjunkai@163.com
 """
 
-from django.views.generic.base import View
-from django.utils.decorators import method_decorator
-from django.views.decorators.csrf import csrf_exempt
-from Service.ModelService import ModelService
-from Model.models import User_Brand, Device_User
-from django.utils import timezone
-import traceback, time
+from django.views.generic import View
+
 from Object.ResponseObject import ResponseObject
 from Object.TokenObject import TokenObject
-from Service.CommonService import CommonService
+from Ansjer.config import OSS_STS_ACCESS_SECRET, OSS_STS_ACCESS_KEY, OSS_ROLE_ARN
+from aliyunsdkcore import client
+from aliyunsdksts.request.v20150401 import AssumeRoleRequest
+import json
+from var_dump import var_dump
 
 
 class StsOssView(View):
 
     def get(self, request, *args, **kwargs):
         request.encoding = 'utf-8'
-        return self.validation(request_dict=request.GET)
+        operation = kwargs.get('operation')
+
+        return self.validation(request.GET,operation)
 
     def post(self, request, *args, **kwargs):
         request.encoding = 'utf-8'
-        return self.validation(request_dict=request.POST)
+        operation = kwargs.get('operation')
+
+        return self.validation(request.POST,operation)
 
-    def validation(self, request_dict, *args, **kwargs):
+    def validation(self, request_dict, operation):
         response = ResponseObject()
+        from var_dump import var_dump
+        # var_dump(request_dict)
         token = request_dict.get('token', None)
-        tko = TokenObject(token)
-        if tko.code == 0:
-            userID = tko.userID
-            return self.uid_preview(userID)
+        if operation == 'uidPreview':
+            tko = TokenObject(token)
+            if tko.code == 0:
+                userID = tko.userID
+                return self.uid_preview(userID,response)
+            else:
+                return response.json(tko.code)
         else:
-            return response.json(tko.code)
+            return response.json(444)
 
-    #
-    def uid_preview(self,userID):
-        storage = '{userID}/uid_preview/'
-        bucket_name = 'apge'
 
-        return
+    def uid_preview(self, userID,response):
+        storage = '{userID}/uid_preview/'.format(userID=userID)
+        bucket_name = 'apg'
+        endpoint = 'oss-cn-shenzhen.aliyuncs.com'
+        region_id = 'cn-shenzhen'
+        clt = client.AcsClient(OSS_STS_ACCESS_KEY,OSS_STS_ACCESS_SECRET,region_id)
+        req = AssumeRoleRequest.AssumeRoleRequest()
+        req.set_accept_format('json')
+        req.set_RoleArn(OSS_ROLE_ARN)
+        req.set_RoleSessionName(userID)
+        req.set_DurationSeconds(3600)
+        Resource_access = "acs:oss:*:*:{bucket_name}/{userID}*".format(bucket_name=bucket_name,
+                                                                            userID=userID)
+        print(Resource_access)
+        policys = {
+            "Version": "1",
+            "Statement": [
+                {
+                    "Action": ["oss:PutObject", "oss:DeleteObject", ],
+                    "Resource": [Resource_access],
+                    "Effect": "Allow",
+                    "Condition": {
+                        # "IpAddress": {"acs:SourceIp": ip}
+                        # "IpAddress": {"acs:SourceIp": "120.237.157.184"}
+                        # "IpAddress": {"acs:SourceIp": "*"}
+                    }
+                }
+            ]
+        }
+        req.set_Policy(Policy=json.dumps(policys))
+        body = clt.do_action(req)
+        # 使用RAM账号的AccessKeyId和AccessKeySecret向STS申请临时token。
+        token = json.loads(body.decode('utf-8'))
+        print(token)
+        res = {
+            'AccessKeyId': token['Credentials']['AccessKeyId'],
+            'AccessKeySecret': token['Credentials']['AccessKeySecret'],
+            'SecurityToken': token['Credentials']['SecurityToken'],
+            'Expiration': token['Credentials']['Expiration'],
+            'expire': 3600,
+            'endpoint': endpoint,
+            'bucket_name': bucket_name,
+            'arn': token['AssumedRoleUser']['Arn'],
+            'code': 0,
+            'storage': storage,
+        }
+        return response.json(0,res)