def post(self):
args = parser.parse_args()
args["id"] = uuid_prefix("p")
user = g.user_info["username"]
product = args
db = DB()
status, result = db.select(
"product", "where data -> '$.name'='%s'" % args["name"])
if status is True:
if len(result) == 0:
insert_status, insert_result = db.insert(
"product", json.dumps(product, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add product error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
audit_log(user, args["id"], "", "product", "add")
return {"status": True, "message": ""}, 201
else:
return {
"status": False,
"message": "The product name already exists"
}, 200
else:
logger.error("Select product name error: %s" % result)
return {"status": False, "message": result}, 500
def post(self):
logger.info("HOSTLIST")
args = parser.parse_args()
args["id"] = uuid_prefix("h")
user = g.user_info["username"]
host = args
db = DB()
status, result = db.select(
"host", "where data -> '$.minion_id'='%s'" % args["minion_id"])
if status is True:
if len(result) == 0:
insert_status, insert_result = db.insert(
"host", json.dumps(host, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add host error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
audit_log(user, args["id"], args["product_id"], "host", "add")
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
return {
"status": False,
"message": "The host name already exists"
}, 200
else:
db.close_mysql()
logger.error("Select host name error: %s" % result)
return {"status": False, "message": result}, 500
def add_host(minion_list, product_id, user):
db = DB()
for minion_id in minion_list:
select_status, select_result = db.select(
"host", "where data -> '$.minion_id'='%s' "
"and data -> '$.product_id'='%s'" % (minion_id, product_id))
if select_status is False:
logger.error("Add %s host error: %s" %
(minion_id, select_result))
continue
if not select_result:
id = uuid_prefix("h")
host = {
"id": id,
"minion_id": minion_id,
"product_id": product_id,
"groups": [],
"tag": [],
}
insert_status, insert_result = db.insert(
"host", json.dumps(host, ensure_ascii=False))
if insert_status is False:
logger.error("Add %s host error: %s" %
(minion_id, insert_result))
else:
audit_log(user, id, product_id, "host", "add")
db.close_mysql()
def post(self):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = uuid_prefix("u")
db = DB()
status, result = db.select(
"user", "where data -> '$.username'='%s'" % args["username"])
if status is True:
if len(result) == 0:
# 默认新添加的用户都是默认用户
role_id = get_common_user()
if isinstance(role_id, dict):
return role_id
args["role"].append(role_id)
insert_status, insert_result = db.insert(
"user", json.dumps(args, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add user error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
audit_log(user, args["id"], "", "user", "add")
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
return {
"status": False,
"message": "The user name already exists"
}, 200
else:
db.close_mysql()
logger.error("Select user error: %s" % result)
return {"status": False, "message": result}, 500
def post(self):
args = parser.parse_args()
args["id"] = uuid_prefix("project")
db = DB()
project = transfer_args_to_project(args)
# 如果是创建,group们必然是增加此项目名
status, result = db.select(
"projects",
"where data -> '$.name'='%s' and data -> '$.product_id'='%s'" %
(args["name"], args["product_id"]))
if status is True:
if len(result) == 0:
try:
create_git_project(args['product_id'], args['gitlab_name'])
git_clone(args['product_id'], args['gitlab_name'])
except Exception as e:
return {"status": False, "message": str(e)}, 500
insert_status, insert_result = db.insert(
"projects", json.dumps(project, ensure_ascii=False))
update_group_for_create_project(project['name'],
project['groups'])
db.close_mysql()
if insert_status is not True:
return {"status": False, "message": insert_result}, 500
return {"status": True, "message": ""}, 200
else:
db.close_mysql()
return {
"status": False,
"message": "The projects name already exists"
}, 500
else:
db.close_mysql()
return {"status": False, "message": result}, 500
def post(self):
logger.info("UploadTarget")
args = parser.parse_args()
host_id = args['host_id']
file = request.files['file']
file.save(os.path.join('/tmp', file.filename))
db = DB()
try:
xlsx_file = Xlsx(os.path.join('/tmp', file.filename))
xlsx_file.read()
config_db_result = xlsx_file.export_db()
targets = config_db_result.split(';')
status, set_repeat = self.get_repeat_target(targets)
if not status:
logger.info('存在重复IP')
return {
"status": True,
"message": "存在重复IP!为:" + str(set_repeat)
}, 200
exist_ip_list = []
for i in range(0, len(targets) - 1):
target_dic = eval(targets[i])
target_dic['host_id'] = host_id
target_dic['id'] = uuid_prefix('t')
logger.info(str(target_dic))
status, message = judge_target_IP_exist(
target_dic['IP'], host_id)
if status:
insert_status, insert_result = db.insert(
"target", json.dumps(target_dic, ensure_ascii=False))
if insert_status is not True:
logger.error("error:" + insert_result)
return {
"status": False,
"message": str(insert_result)
}, 200
else:
exist_ip_list.append(target_dic['IP'])
if len(exist_ip_list) == 0:
return {"status": True, "message": ""}, 200
else:
return {
"status": False,
"message":
"表格中有已经存在的IP:" + str(exist_ip_list) + ',其余IP已经添加完成'
}, 200
except Exception as e:
logger.info('error:' + str(e))
return {"status": False, "message": str(e)}, 200
finally:
logger.info("close db")
db.close_mysql()
def post(self):
args = parser.parse_args()
args["id"] = uuid_prefix("t")
del args['path'], args['key_word'], args['file_name'], args[
'target_id'], args['cipher']
target = args
db = DB()
status, message = judge_target_IP_exist(args['IP'], args['host_id'])
if status is True:
insert_status, insert_result = db.insert(
"target", json.dumps(target, ensure_ascii=False))
if insert_status is not True:
db.close_mysql()
return {"status": False, "message": str(insert_result)}, 500
else:
db.close_mysql()
return {"status": False, "message": message}, 500
db.close_mysql()
return {"status": True, "message": message}, 200
def post(self):
args = parser.parse_args()
args["id"] = uuid_prefix("g")
user = g.user_info["username"]
groups = args
db = DB()
status, result = db.select_by_id("product", args["product_id"])
if status is True:
if not result:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % args["product_id"]
}, 404
else:
return {"status": False, "message": result}, 500
status, result = db.select(
"groups",
"where data -> '$.name'='%s' and data -> '$.product_id'='%s'" %
(args["name"], args["product_id"]))
if status is True:
if len(result) == 0:
insert_status, insert_result = db.insert(
"groups", json.dumps(groups, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add groups error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
audit_log(user, args["id"], "", "groups", "add")
group_to_user(args["id"], g.user_info["id"])
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
return {
"status": False,
"message": "The groups name already exists"
}, 200
else:
db.close_mysql()
logger.error("Select groups name error: %s" % result)
return {"status": False, "message": result}, 500
def post(self):
args = parser.parse_args()
args["id"] = uuid_prefix("u")
db = DB()
status, result = db.select(
"user", "where data -> '$.username'='%s'" % args["username"])
if status is True:
if len(result) == 0:
# 基于RSA加密算法获取密码
password = rsa_decrypt(args["password"])
if password is False:
return {
"status": False,
"message": "Decrypt is failure "
}, 500
password_hash = custom_app_context.encrypt(password)
args["password"] = password_hash
users = args
# 默认新添加的用户都是默认用户
role_id = get_common_user()
if isinstance(role_id, dict):
return role_id
users["role"].append(role_id)
insert_status, insert_result = db.insert(
"user", json.dumps(users, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add user error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
return {
"status": False,
"message": "The user name already exists"
}, 200
else:
db.close_mysql()
logger.error("Select user error: %s" % result)
return {"status": False, "message": result}, 500
def initialize(username, password):
# 创建日志路径
log_path = "/var/log/saltshaker_plus"
if not os.path.exists(log_path):
os.mkdir(log_path)
click.echo("Create [%s] log path is successful" % log_path)
db = DB()
# 创建数据库表
tables = [
"user", "role", "acl", "groups", "product", "audit_log", "event",
"cmd_history", "host"
]
for t in tables:
status, result = db.create_table(t)
if status is True:
click.echo("Create %s table is successful" % t)
else:
click.echo("Create %s table is false: %s" % (t, result))
# 添加角色
role = [
{
"id": uuid_prefix("r"),
"name": "超级管理员",
"description": "所有权限",
"tag": role_dict["superuser"]
},
{
"id": uuid_prefix("r"),
"name": "普通用户",
"description": "默认普通用户",
"tag": role_dict["common_user"]
},
{
"id": uuid_prefix("r"),
"name": "产品管理员",
"description": "管理产品权限",
"tag": role_dict["product"]
},
{
"id": uuid_prefix("r"),
"name": "用户管理员",
"description": "管理用户权限",
"tag": role_dict["user"]
},
{
"id": uuid_prefix("r"),
"name": "访问控制管理员",
"description": "管理访问控制列权限",
"tag": role_dict["acl"]
},
]
for i in range(5):
# 避免生成的uuid过于相似
time.sleep(1)
status, result = db.select("role", "where data -> '$.tag'=%s" % i)
if status is True:
if len(result) == 0:
insert_status, insert_result = db.insert(
"role", json.dumps(role[i], ensure_ascii=False))
if insert_status is not True:
click.echo("Init role error: %s" % insert_result)
return
click.echo("Init %s role successful" % role[i]["name"])
else:
if i == role_dict["superuser"]:
role_id = eval(result[0][0])["id"]
click.echo("%s role already exists" % role[i]["name"])
else:
click.echo("Init role error: %s" % result)
return
# 添加用户
status, result = db.select("user",
"where data -> '$.username'='%s'" % username)
if status is True:
if len(result) == 0:
password_hash = custom_app_context.encrypt(password)
users = {
"id": uuid_prefix("u"),
"username": username,
"password": password_hash,
"role": [role_id],
"acl": [],
"groups": [],
"product": [],
}
insert_status, insert_result = db.insert(
"user", json.dumps(users, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
click.echo("Init user error: %s" % insert_result)
return
click.echo("Init user successful")
else:
click.echo("The user name already exists")
return
else:
click.echo("Init user error: %s" % result)
return
click.echo("Successful")
def post(self):
args = parser.parse_args()
args["id"] = uuid_prefix("t")
user = g.user_info["username"]
period_task = args
period_task["timestamp"] = int(time.time())
period_task["result"] = []
period_task["audit"] = []
period_task["status"] = {"id": 1, "name": period_status.get(1)}
period_task["count"] = 0
period_task["step"] = 0
audit = {
"timestamp": int(time.time()),
"user": user,
"option": period_audit.get(0)
}
insert_period_audit(args["id"], audit)
if args["once"]["date"]:
args["once"]["date"] = utc_to_local(args["once"]["date"])
db = DB()
status, result = db.select(
"period_task",
"where data -> '$.name'='%s' and data -> '$.product_id'='%s'" %
(args["name"], args["product_id"]))
if status is True:
if len(result) == 0:
audit_log(user, args["id"], "", "period_task", "add")
# 一次立即执行的直接扔给celery
if args["scheduler"] == "once" and args["once"][
"type"] == "now":
period_task["action"] = "concurrent_play"
job.delay(args["id"], args["product_id"], user)
# 一次定时执行的扔给APScheduler,进行定时处理
if args["scheduler"] == "once" and args["once"][
"type"] == "timing":
period_task["action"] = "scheduler_resume"
run_date = args["once"]["date"].split(
" ")[0] + " " + args["once"]["time"]
scheduler_result = scheduler_timing_add(
args["id"], args["product_id"], user, run_date)
if scheduler_result.get("status") is not True:
return {
"status": False,
"message": scheduler_result.get("message")
}, 500
# 周期性的扔给APScheduler,进行定时处理
if args["scheduler"] == "period":
period_task["action"] = "scheduler_resume"
scheduler_result = scheduler_interval_add(
args["id"], args["product_id"], user,
args["period"]["interval"], args["period"]["type"])
if scheduler_result.get("status") is not True:
return {
"status": False,
"message": scheduler_result.get("message")
}, 500
insert_status, insert_result = db.insert(
"period_task", json.dumps(period_task, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add period_task error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
return {
"status": False,
"message": "The period_task name already exists"
}, 200
else:
db.close_mysql()
logger.error("Select period_task name error: %s" % result)
return {"status": False, "message": result}, 500
def post(self):
args = parser.parse_args()
args["id"] = uuid_prefix("s")
user = g.user_info["username"]
db = DB()
yaml = ""
status, result = db.select("sls", "where data -> '$.path'='%s'" % args["path"])
if status is True:
if len(result) == 0:
insert_status, insert_result = db.insert("sls", json.dumps(args, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add sls error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
# 根据步骤循环
for step in args['steps']:
# 文件管理
if step.get("state_name") == "file_managed" and args.get("file_managed"):
for file_managed in args.get("file_managed"):
# 在文件管理找到对应的ID
if step["id"] == file_managed.get("name"):
# 获取YAML文件格式
file = ParseYaml.file_managed(name=file_managed.get("name"),
destination=file_managed.get("destination"),
source=file_managed.get("source"),
user=file_managed.get("user"),
group=file_managed.get("group"),
template=file_managed.get("template"),
mode=file_managed.get("mode"))
yaml += file
if step.get("state_name") == "cmd_run" and args.get("cmd_run"):
for cmd_run in args.get("cmd_run"):
if step["id"] == cmd_run.get("name"):
# 获取YAML文件格式
file = ParseYaml.cmd_run(name=cmd_run.get("name"),
cmd=cmd_run.get("cmd"),
env=cmd_run.get("env"),
unless=cmd_run.get("unless"),
require=cmd_run.get("require"))
yaml += file
if step.get("state_name") == "pkg_installed" and args.get("pkg_installed"):
for pkg_installed in args.get("pkg_installed"):
if step["id"] == pkg_installed.get("name"):
# 获取YAML文件格式
file = ParseYaml.pkg_installed(name=pkg_installed.get("name"),
pkgs=pkg_installed.get("pkgs"))
yaml += file
if step.get("state_name") == "file_directory" and args.get("file_directory"):
for file_directory in args.get("file_directory"):
if step["id"] == file_directory.get("name"):
# 获取YAML文件格式
file = ParseYaml.file_directory(name=file_directory.get("name"),
destination=file_directory.get("destination"),
user=file_directory.get("user"),
group=file_directory.get("group"),
mode=file_directory.get("mode"),
makedirs=file_directory.get("makedirs"))
yaml += file
project, _ = gitlab_project(args["product_id"], args["project_type"])
data = {
'branch_name': args["branch"],
'commit_message': args["action"] + " " + args["path"],
'actions': [
{
'action': args["action"],
'file_path': args["path"],
'content': yaml
}
]
}
if isinstance(project, dict):
return project, 500
else:
try:
project.commits.create(data)
except Exception as e:
logger.error("Commit file: %s" % e)
return {"status": False, "message": str(e)}, 500
audit_log(user, args["id"], args["product_id"], "sls", "add")
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
return {"status": False, "message": "The sls name already exists"}, 200
else:
db.close_mysql()
logger.error("Select sls name error: %s" % result)
return {"status": False, "message": result}, 500
