def _deco2(request, *args, **kwargs):
if request.get_cookie('sessionid'):
session_key = request.get_cookie('sessionid')
else:
session_key = request.get_argument('sessionid', '')
logger.debug('Websocket: session_key: %s' % session_key)
if session_key:
session = get_object(Session, session_key=session_key)
logger.debug('Websocket: session: %s' % session)
if session and datetime.datetime.now() < session.expire_date:
user_id = session.get_decoded().get('_auth_user_id')
request.user_id = user_id
user = get_object(User, id=user_id)
if user:
logger.debug('Websocket: user [ %s ] request websocket' % user.username)
request.user = user
if role == 'admin':
if user.role in ['SU', 'GA']:
return func(request, *args, **kwargs)
logger.debug('Websocket: user [ %s ] is not admin.' % user.username)
else:
return func(request, *args, **kwargs)
else:
logger.debug('Websocket: session expired: %s' % session_key)
try:
request.close()
except AttributeError:
pass
logger.warning('Websocket: Request auth failed.')
def _deco2(request, *args, **kwargs):
if request.get_cookie('sessionid'):
session_key = request.get_cookie('sessionid')
else:
session_key = request.get_argument('sessionid', '')
logger.debug('Websocket: session_key: %s' % session_key)
if session_key:
session = get_object(Session, session_key=session_key)
logger.debug('Websocket: session: %s' % session)
if session and datetime.datetime.now() < session.expire_date:
user_id = session.get_decoded().get('_auth_user_id')
request.user_id = user_id
user = get_object(User, id=user_id)
if user:
logger.debug(
'Websocket: user [ %s ] request websocket' %
user.username)
request.user = user
if role == 'admin':
if user.role in ['SU', 'GA']:
return func(request, *args, **kwargs)
logger.debug(
'Websocket: user [ %s ] is not admin.' %
user.username)
else:
return func(request, *args, **kwargs)
else:
logger.debug('Websocket: session expired: %s' %
session_key)
try:
request.close()
except AttributeError:
pass
logger.warning('Websocket: Request auth failed.')
def _deco2(request, *args, **kwargs):
if request.get_cookie("sessionid"):
session_key = request.get_cookie("sessionid")
else:
session_key = request.get_argument("sessionid", "")
logger.debug("Websocket: session_key: %s" % session_key)
if session_key:
session = get_object(Session, session_key=session_key)
logger.debug("Websocket: session: %s" % session)
if session and datetime.datetime.now() < session.expire_date:
user_id = session.get_decoded().get("_auth_user_id")
request.user_id = user_id
user = get_object(User, id=user_id)
if user:
logger.debug("Websocket: user [ %s ] request websocket" % user.username)
request.user = user
if role == "admin":
if user.role in ["SU", "GA"]:
return func(request, *args, **kwargs)
logger.debug("Websocket: user [ %s ] is not admin." % user.username)
else:
return func(request, *args, **kwargs)
else:
logger.debug("Websocket: session expired: %s" % session_key)
try:
request.close()
except AttributeError:
pass
logger.warning("Websocket: Request auth failed.")
def open(self):
logger.debug('Websocket: Open request')
role_name = self.get_argument('role', 'sb')
asset_id = self.get_argument('id', 9999)
asset = get_object(Asset, id=asset_id)
self.termlog = TermLogRecorder(User.objects.get(id=self.user_id))
if asset:
roles = user_have_perm(self.user, asset)
logger.debug(roles)
logger.debug('系统用户: %s' % role_name)
login_role = ''
for role in roles:
if role.name == role_name:
login_role = role
break
if not login_role:
logger.warning(
'Websocket: Not that Role %s for Host: %s User: %s ' %
(role_name, asset.hostname, self.user.username))
self.close()
return
else:
logger.warning('Websocket: No that Host: %s User: %s ' %
(asset_id, self.user.username))
self.close()
return
logger.debug(
'Websocket: request web terminal Host: %s User: %s Role: %s' %
(asset.hostname, self.user.username, login_role.name))
self.term = WebTty(self.user, asset, login_role, login_type='web')
# self.term.remote_ip = self.request.remote_ip
self.term.remote_ip = self.request.headers.get("X-Real-IP")
if not self.term.remote_ip:
self.term.remote_ip = self.request.remote_ip
self.ssh = self.term.get_connection()
self.channel = self.ssh.invoke_shell(term='xterm')
logger.debug(self.channel)
WebTerminalHandler.tasks.append(MyThread(target=self.forward_outbound))
WebTerminalHandler.clients.append(self)
for t in WebTerminalHandler.tasks:
logger.debug(WebTerminalHandler.tasks)
if t.is_alive():
logger.debug('is_alive')
continue
try:
t.setDaemon(False)
t.start()
except RuntimeError:
pass
def open(self):
logger.debug("Websocket: Open request")
role_name = self.get_argument("role", "sb")
asset_id = self.get_argument("id", 9999)
asset = get_object(Asset, id=asset_id)
self.termlog = TermLogRecorder(User.objects.get(id=self.user_id))
if asset:
roles = user_have_perm(self.user, asset)
logger.debug(roles)
logger.debug("系统用户: %s" % role_name)
login_role = ""
for role in roles:
if role.name == role_name:
login_role = role
break
if not login_role:
logger.warning(
"Websocket: Not that Role %s for Host: %s User: %s "
% (role_name, asset.hostname, self.user.username)
)
self.close()
return
else:
logger.warning("Websocket: No that Host: %s User: %s " % (asset_id, self.user.username))
self.close()
return
logger.debug(
"Websocket: request web terminal Host: %s User: %s Role: %s"
% (asset.hostname, self.user.username, login_role.name)
)
self.term = WebTty(self.user, asset, login_role, login_type="web")
# self.term.remote_ip = self.request.remote_ip
self.term.remote_ip = self.request.headers.get("X-Real-IP")
if not self.term.remote_ip:
self.term.remote_ip = self.request.remote_ip
self.ssh = self.term.get_connection()
self.channel = self.ssh.invoke_shell(term="xterm")
WebTerminalHandler.tasks.append(MyThread(target=self.forward_outbound))
WebTerminalHandler.clients.append(self)
for t in WebTerminalHandler.tasks:
if t.is_alive():
continue
try:
t.setDaemon(True)
t.start()
except RuntimeError:
pass
def open(self):
logger.debug('Websocket: Open request')
role_name = self.get_argument('role', 'sb')
asset_id = self.get_argument('id', 9999)
asset = get_object(Asset, id=asset_id)
if asset:
roles = user_have_perm(self.user, asset)
logger.debug(roles)
logger.debug('系统用户: %s' % role_name)
login_role = ''
for role in roles:
if role.name == role_name:
login_role = role
break
if not login_role:
logger.warning('Websocket: Not that Role %s for Host: %s User: %s ' % (role_name, asset.hostname,
self.user.username))
self.close()
return
else:
logger.warning('Websocket: No that Host: %s User: %s ' % (asset_id, self.user.username))
self.close()
return
logger.debug('Websocket: request web terminal Host: %s User: %s Role: %s' % (asset.hostname, self.user.username,
login_role.name))
self.term = WebTty(self.user, asset, login_role, login_type='web')
self.term.remote_ip = self.request.remote_ip
self.ssh = self.term.get_connection()
self.channel = self.ssh.invoke_shell(term='xterm')
WebTerminalHandler.tasks.append(MyThread(target=self.forward_outbound))
WebTerminalHandler.clients.append(self)
for t in WebTerminalHandler.tasks:
if t.is_alive():
continue
try:
t.setDaemon(True)
t.start()
except RuntimeError:
pass
def open(self):
logger.debug('Websocket: Open windows desktop request')
role_name = self.get_argument('role', 'sb')
asset_id = self.get_argument('id', 9999)
asset = get_object(Asset, id=asset_id)
if asset:
roles = user_have_perm(self.user, asset)
logger.debug(roles)
logger.debug('系统用户: %s' % role_name)
login_role = ''
for role in roles:
if role.name == role_name:
login_role = role
break
if not login_role:
logger.warning(
'Websocket: Not that Role %s for Host: %s User: %s ' %
(role_name, asset.hostname, self.user.username))
self.close()
return
else:
logger.warning('Websocket: No that Host: %s User: %s ' %
(asset_id, self.user.username))
self.close()
return
remote_ip = self.request.headers.get("X-Real-IP")
if not remote_ip:
remote_ip = self.request.remote_ip
date_today = timezone.now()
pid = 0
self.log = Log(user=self.user.username,
host=asset.hostname,
remote_ip=remote_ip,
login_type='rdp',
log_path='',
start_time=date_today,
pid=pid)
logger.debug(
'Websocket: request web terminal Host: %s User: %s Role: %s' %
(asset.hostname, self.user.username, login_role.name))
