def put(self, user_id):
args = parser.parse_args()
user = g.user_info["username"]
if not args["mail"]:
return {
"status": False,
"message": "The specified mail parameter does not exist"
}, 200
db = DB()
select_status, select_result = db.select(
"user", "where data -> '$.username'='%s'" % args["username"])
if select_status is True and select_result:
if select_result[0]["id"] != user_id:
db.close_mysql()
return {
"status": False,
"message": "The user name already exists"
}, 200
status, result = db.select_by_id("user", user_id)
if status is True and result:
result["username"] = args["username"]
result["mail"] = args["mail"]
update_status, update_result = db.update_by_id(
"user", json.dumps(result, ensure_ascii=False), user_id)
db.close_mysql()
if update_status is not True:
logger.error("Change %s user info error: %s" %
(user_id, update_result))
return {"status": False, "message": update_result}, 500
audit_log(user, user_id, "", "user", "change user info")
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
logger.error("Select user error: %s" % result)
return {"status": False, "message": result}, 500
def post(self):
args = parser.parse_args()
args["id"] = uuid_prefix("p")
user = g.user_info["username"]
product = args
db = DB()
status, result = db.select(
"product", "where data -> '$.name'='%s'" % args["name"])
if status is True:
if len(result) == 0:
insert_status, insert_result = db.insert(
"product", json.dumps(product, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add product error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
audit_log(user, args["id"], "", "product", "add")
return {"status": True, "message": ""}, 201
else:
return {
"status": False,
"message": "The product name already exists"
}, 200
else:
logger.error("Select product name error: %s" % result)
return {"status": False, "message": result}, 500
def post(self):
args = parser.parse_args()
salt_api = salt_api_for_product(args["product_id"])
user = g.user_info["username"]
if isinstance(salt_api, dict):
return salt_api, 500
else:
if args["action"] == "kill" and args["jid"] and args["minion"]:
for minion in args["minion"]:
for minion_id, ppid in minion.items():
# 获取pgid 并杀掉
kill_ppid_pid = r'''ps -eo pid,pgid,ppid,comm |grep %s |grep salt-minion |
awk '{print "kill -- -"$2}'|sh''' % ppid
try:
# kill_job = "salt %s saltutil.kill_job %s" % (minion_id, args["jid"])
# result = salt_api.shell_remote_execution(product.get("salt_master_id"), kill_job)
# audit_log(user, args["jid"], args["product_id"], "job id", "kill")
# logger.info("kill %s %s return: %s" % (minion, args["jid"], result))
audit_log(user, args["jid"], args["product_id"], "job id", "kill")
# 通过kill -- -pgid 删除salt 相关的父进程及子进程
pid_result = salt_api.shell_remote_execution(minion_id, kill_ppid_pid)
logger.info("kill %s %s return: %s" % (minion, kill_ppid_pid, pid_result))
except Exception as e:
logger.info("kill %s %s error: %s" % (minion, args["jid"], e))
return {"status": True, "message": ""}, 200
else:
return {"status": False, "message": "The specified jid or action or minion_id "
"parameter does not exist"}, 400
def post(self):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = uuid_prefix("u")
db = DB()
status, result = db.select(
"user", "where data -> '$.username'='%s'" % args["username"])
if status is True:
if len(result) == 0:
# 默认新添加的用户都是默认用户
role_id = get_common_user()
if isinstance(role_id, dict):
return role_id
args["role"].append(role_id)
insert_status, insert_result = db.insert(
"user", json.dumps(args, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add user error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
audit_log(user, args["id"], "", "user", "add")
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
return {
"status": False,
"message": "The user name already exists"
}, 200
else:
db.close_mysql()
logger.error("Select user error: %s" % result)
return {"status": False, "message": result}, 500
def post(self):
args = parser.parse_args()
command = args["command"]
if not command:
return {
"status":
False,
"message":
"Missing required parameter in the JSON body or "
"the post body or the query string"
}, 400
minion_id = args["minion_id"]
salt_api = salt_api_for_product(args["product_id"])
user_info = g.user_info
if isinstance(salt_api, dict):
return salt_api, 500
acl_list = user_info["acl"]
# 验证 acl
status = verify_acl(acl_list, command)
# acl deny 验证完成后执行命令
if status["status"]:
host = ",".join(minion_id)
result = salt_api.shell_remote_execution(host, command)
# 记录历史命令
db = DB()
cmd_history = {
"user_id": user_info["id"],
"command": command,
"minion_id": minion_id,
"result": result,
"time": time.strftime('%Y-%m-%d %H:%M:%S', time.localtime())
}
db.insert("cmd_history", json.dumps(cmd_history,
ensure_ascii=False))
db.close_mysql()
audit_log(user_info["username"], minion_id, args["product_id"],
"minion", "shell")
minion_count = 'Total: ' + str(len(minion_id))
cmd_succeed = 'Succeed: ' + str(len(result))
cmd_failure = 'Failure: ' + str(len(minion_id) - len(result))
command = 'Command: ' + command
succeed_minion = []
for i in result:
succeed_minion.append(i)
failure_minion = 'Failure_Minion: ' + ','.join(
list(set(minion_id).difference(set(succeed_minion))))
return {
'result': result,
'command': command,
'line': "#" * 50,
'minion_count': minion_count,
'cmd_succeed': cmd_succeed,
'cmd_failure': cmd_failure,
'failure_minion': failure_minion,
"status": True,
"message": ""
}, 200
else:
return status, 500
def put(self, period_id):
product_id = request.args.get("product_id")
user = g.user_info["username"]
db = DB()
status, result = db.select_by_id("period_task", period_id)
if status is True:
result["action"] = "concurrent_play"
audit = {
"timestamp": int(time.time()),
"user": user,
"option": period_audit.get(2)
}
insert_period_audit(period_id, audit)
update_status, update_result = db.update_by_id(
"period_task", json.dumps(result, ensure_ascii=False),
period_id)
if update_status is not True:
logger.error("Pause period_task error: %s" % update_result)
db.close_mysql()
return {"status": False, "message": update_result}, 500
if result["scheduler"] == "once" and result["once"][
"type"] == "now":
job.delay(period_id, product_id, user)
audit_log(user, period_id, product_id, "period_task", "pause")
return {"status": True, "message": ""}, 200
else:
db.close_mysql()
return {"status": False, "message": result}, 500
def put(self, host_id):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = host_id
host = args
db = DB()
# 判断是否存在
select_status, select_result = db.select_by_id("host", host_id)
if select_status is False:
db.close_mysql()
logger.error("Modify host error: %s" % select_result)
return {"status": False, "message": select_result}, 500
if select_result:
for i in select_result:
try:
host = eval(i[0])
host["group_id"] = args["group_id"]
host["tag"] = args["tag"]
except Exception as e:
db.close_mysql()
logger.error("Modify %s host error: %s" % (host_id, e))
return {"status": False, "message": str(e)}, 500
status, result = db.update_by_id("host", json.dumps(host, ensure_ascii=False), host_id)
db.close_mysql()
if status is not True:
logger.error("Modify host error: %s" % result)
return {"status": False, "message": result}, 500
audit_log(user, args["id"], args["product_id"], "host", "edit")
return {"status": True, "message": ""}, 200
def put(self, period_id):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = period_id
period_task = args
db = DB()
# 判断是否存在
select_status, select_result = db.select_by_id("period_task",
period_id)
if select_status is not True:
db.close_mysql()
logger.error("Modify period_task error: %s" % select_result)
return {"status": False, "message": select_result}, 500
if not select_result:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % period_id
}, 404
# 判断名字否已经存在
status, result = db.select(
"period_task",
"where data -> '$.name'='%s' and data -> '$.product_id'='%s'" %
(args["name"], args["product_id"]))
if status is True and result:
if period_id != result[0].get("id"):
db.close_mysql()
return {
"status": False,
"message": "The period_task name already exists"
}, 200
period_task["result"] = select_result["result"]
period_task["timestamp"] = select_result["timestamp"]
period_task["status"] = select_result["status"]
period_task["action"] = select_result["action"]
period_task["executed_minion"] = select_result["executed_minion"]
period_task["count"] = select_result["count"]
period_task["step"] = select_result["step"]
period_task["audit"] = select_result["audit"]
if args["once"]["date"]:
args["once"]["date"] = utc_to_local(args["once"]["date"])
status, result = db.update_by_id(
"period_task", json.dumps(period_task, ensure_ascii=False),
period_id)
db.close_mysql()
# 修改调度任务
if args["scheduler"] == "once" and args["once"]["type"] == "timing":
run_date = args["once"]["date"].split(
" ")[0] + " " + args["once"]["time"]
scheduler_timing_modify(args["id"], args["product_id"], user,
run_date)
if args["scheduler"] == "period":
scheduler_interval_modify(args["id"], args["product_id"], user,
args["period"]["interval"],
args["period"]["type"])
if status is not True:
logger.error("Modify period_task error: %s" % result)
return {"status": False, "message": result}, 500
audit_log(user, period_id, "", "period_task", "edit")
return {"status": True, "message": ""}, 200
def add_host(minion_list, product_id, user):
db = DB()
for minion_id in minion_list:
select_status, select_result = db.select(
"host", "where data -> '$.minion_id'='%s' "
"and data -> '$.product_id'='%s'" % (minion_id, product_id))
if select_status is False:
logger.error("Add %s host error: %s" %
(minion_id, select_result))
continue
if not select_result:
id = uuid_prefix("h")
host = {
"id": id,
"minion_id": minion_id,
"product_id": product_id,
"groups": [],
"tag": [],
}
insert_status, insert_result = db.insert(
"host", json.dumps(host, ensure_ascii=False))
if insert_status is False:
logger.error("Add %s host error: %s" %
(minion_id, insert_result))
else:
audit_log(user, id, product_id, "host", "add")
db.close_mysql()
def post(self):
args = parser.parse_args()
user = g.user_info["username"]
project, _ = gitlab_project(args["product_id"], args["project_type"])
# 支持的action create, delete, move, update
data = {
'branch_name':
args["branch"],
'commit_message':
args["action"] + " " + args["path"],
'actions': [{
'action': args["action"],
'file_path': args["path"],
'content': args["content"]
}]
}
if isinstance(project, dict):
return project, 500
else:
try:
project.commits.create(data)
# 假如删除,删除数据库中封装的SLS信息
if args["action"] == "delete":
delete_sls(args["path"])
audit_log(user, args["path"], args["product_id"], "sls",
args["action"])
except Exception as e:
logger.error("Commit file: %s" % e)
return {"status": False, "message": str(e)}, 500
return {"status": True, "message": ""}, 200
def post(self):
logger.info("HOSTLIST")
args = parser.parse_args()
args["id"] = uuid_prefix("h")
user = g.user_info["username"]
host = args
db = DB()
status, result = db.select(
"host", "where data -> '$.minion_id'='%s'" % args["minion_id"])
if status is True:
if len(result) == 0:
insert_status, insert_result = db.insert(
"host", json.dumps(host, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add host error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
audit_log(user, args["id"], args["product_id"], "host", "add")
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
return {
"status": False,
"message": "The host name already exists"
}, 200
else:
db.close_mysql()
logger.error("Select host name error: %s" % result)
return {"status": False, "message": result}, 500
def delete(self):
args = parser.parse_args()
db = DB()
status, result = db.select_by_id("product", args["product_id"])
db.close_mysql()
if status is True:
if result:
product = eval(result[0][0])
else:
return {"status": False, "message": "%s does not exist" % args["product_id"]}
else:
return {"status": False, "message": result}
salt_api = salt_api_for_product(args["product_id"])
user = g.user_info["username"]
if isinstance(salt_api, dict):
return salt_api, 500
else:
if args["action"] == "kill" and args["jid"]:
kill = "salt %s saltutil.kill_job %s" % (product.get("salt_master_id"), args["jid"])
try:
result = salt_api.shell_remote_execution(product.get("salt_master_id"), kill)
audit_log(user, args["jid"], args["product_id"], "job id", "kill")
return {"status": True, "message": result}, 200
except Exception as e:
return {"status": False, "message": str(e)}, 500
else:
return {"status": False, "message": "The specified job id does not exist or arguments error"}, 400
def reject_host(minion_list, product_id, user):
db = DB()
for minion_id in minion_list:
select_status, select_result = db.select(
"host", "where data -> '$.minion_id'='%s' "
"and data -> '$.product_id'='%s'" % (minion_id, product_id))
if select_status is False:
logger.error("Reject %s host error: %s" %
(minion_id, select_result))
if select_result:
for host in select_result:
try:
# 拒绝后添加拒绝标签
host["tag"].append({"name": "reject", "color": "red"})
status, result = db.update_by_id(
"host", json.dumps(host, ensure_ascii=False),
host["id"])
if status is False:
logger.error("Reject %s host error: %s" %
(minion_id, result))
else:
audit_log(user, host["id"], product_id, "host",
"reject")
except Exception as e:
logger.error("Reject %s host error: %s" %
(minion_id, e))
else:
logger.error("Select %s host does not exist" % minion_id)
db.close_mysql()
def put(self, role_id):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = role_id
role = args
db = DB()
status, result = db.select(
"role", "where data -> '$.name'='%s'" % args["name"])
if status is True:
if len(result) != 0:
info = eval(result[0][0])
if role_id != info.get("id"):
return {
"status": False,
"message": "The role name already exists"
}, 200
status, result = db.update_by_id("role",
json.dumps(role, ensure_ascii=False),
role_id)
db.close_mysql()
if status is not True:
logger.error("Modify role error: %s" % result)
return {"status": False, "message": result}, 500
audit_log(user, role_id, "", "role", "edit")
return {"status": True, "message": ""}, 200
def put(self, host_id):
logger.info("HOSTPUT")
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = host_id
db = DB()
# 判断是否存在
select_status, select_result = db.select_by_id("host", host_id)
if select_status is False:
db.close_mysql()
logger.error("Modify host error: %s" % select_result)
return {"status": False, "message": select_result}, 500
if select_result:
try:
host = select_result
if args['tag'] != []:
host["tag"] = args["tag"]
if args['rename'] != '':
host["rename"] = args["rename"]
status, result = db.update_by_id(
"host", json.dumps(host, ensure_ascii=False), host_id)
db.close_mysql()
if status is not True:
logger.error("Modify host error: %s" % result)
return {"status": False, "message": result}, 500
except Exception as e:
db.close_mysql()
logger.error("Modify %s host error: %s" % (host_id, e))
return {"status": False, "message": str(e)}, 500
audit_log(user, args["id"], args["product_id"], "host", "edit")
return {"status": True, "message": ""}, 200
def put(self, period_id):
product_id = request.args.get("product_id")
user = g.user_info["username"]
db = DB()
status, result = db.select_by_id("period_task", period_id)
if status is True:
result["action"] = "scheduler_resume"
result["status"] = {"id": 9, "name": period_status.get(9)}
audit = {
"timestamp": int(time.time()),
"user": user,
"option": period_audit.get(10)
}
insert_period_audit(period_id, audit)
update_status, update_result = db.update_by_id(
"period_task", json.dumps(result, ensure_ascii=False),
period_id)
if update_status is not True:
logger.error("Pause period_task error: %s" % update_result)
db.close_mysql()
return {"status": False, "message": update_result}, 500
scheduler_result = scheduler_resume(period_id)
if scheduler_result.get("status") is not True:
return {
"status": False,
"message": scheduler_result.get("message")
}, 500
audit_log(user, period_id, product_id, "period_task",
"scheduler resume")
return {"status": True, "message": ""}, 200
else:
db.close_mysql()
return {"status": False, "message": result}, 500
def get(self, user_id):
user = g.user_info["username"]
db = DB()
status, result = db.select_by_id("user", user_id)
if status is True and result:
# 生成12位随机密码
password = ''.join(
random.sample(string.ascii_letters + string.digits, 12))
send_mail(result["mail"], "Saltshaker 重置密码", "新密码:" + password)
# 离散hash
password_hash = custom_app_context.encrypt(password)
result["password"] = password_hash
insert_status, insert_result = db.update_by_id(
"user", json.dumps(result, ensure_ascii=False), user_id)
db.close_mysql()
if insert_status is not True:
logger.error("Reset %s password error: %s" %
(user_id, insert_result))
return {"status": False, "message": insert_result}, 500
audit_log(user, user_id, "", "user", "reset")
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
logger.error("Select user error: %s" % result)
return {"status": False, "message": result}, 500
def post(self):
args = parser.parse_args()
sls = args["sls"]
if not sls:
return {
"status": False,
"message": "The specified sls parameter does not exist"
}, 400
# 去掉后缀
sls = sls.replace(".sls", "")
minion_id = args["minion_id"]
salt_api = salt_api_for_product(args["product_id"])
user_info = g.user_info
audit_log(user_info["username"], minion_id, args["product_id"],
"minion", "sls")
if isinstance(salt_api, dict):
return salt_api, 500
result = salt_api.target_deploy(minion_id, sls)
db = DB()
cmd_history = {
"user_id": user_info["id"],
"product_id": args["product_id"],
"command": args["sls"],
"type": "sls",
"minion_id": minion_id,
"result": result,
"time": time.strftime('%Y-%m-%d %H:%M:%S', time.localtime())
}
db.insert("cmd_history", json.dumps(cmd_history, ensure_ascii=False))
db.close_mysql()
audit_log(user_info["username"], minion_id, args["product_id"],
"minion", "sls")
minion_count = str(len(minion_id))
cmd_succeed = str(len(result))
cmd_failure = str(len(minion_id) - len(result))
succeed_minion = []
for i in result:
succeed_minion.append(i)
failure_minion = ','.join(
list(set(minion_id).difference(set(succeed_minion))))
if result.get("status") is False:
status = False
message = result.get("message")
else:
status = True
message = ""
return {
"data": {
"result": result,
"command": args["sls"],
"total": minion_count,
"succeed": cmd_succeed,
"failure": cmd_failure,
"failure_minion": failure_minion
},
"status": status,
"message": message
}, 200
def post(self):
args = parser.parse_args()
command = args["command"]
if not command:
return {"status": False,
"message": "The specified command parameter does not exist"}, 400
minion_id = args["minion_id"]
salt_api = salt_api_for_product(args["product_id"])
user_info = g.user_info
if isinstance(salt_api, dict):
return salt_api, 500
acl_list = user_info["acl"]
# 验证 acl
status = verify_acl(acl_list, command)
# acl deny 验证完成后执行命令
if status["status"]:
result = salt_api.shell_remote_execution(minion_id, command)
# 记录历史命令
db = DB()
cmd_history = {
"user_id": user_info["id"],
"product_id": args["product_id"],
"command": command,
"type": "shell",
"minion_id": minion_id,
"result": result,
"time": time.strftime('%Y-%m-%d %H:%M:%S', time.localtime())
}
db.insert("cmd_history", json.dumps(cmd_history, ensure_ascii=False))
db.close_mysql()
audit_log(user_info["username"], minion_id, args["product_id"], "minion", "shell")
minion_count = str(len(minion_id))
result_len = len(result)
for k, v in result.items():
if not v:
result_len -= 1
cmd_succeed = str(result_len)
cmd_failure = str(len(minion_id) - result_len)
succeed_minion = []
for i in result:
succeed_minion.append(i)
failure_minion = ','.join(
list(set(minion_id).difference(set(succeed_minion))))
if result.get("status") is False:
status = False
message = result.get("message")
else:
status = True
message = ""
return {"data": {"result": result,
"command": command,
"total": minion_count,
"succeed": cmd_succeed,
"failure": cmd_failure,
"failure_minion": failure_minion}, "status": status, "message": message}, 200
else:
return status, 500
def delete(self, host_id):
user = g.user_info["username"]
db = DB()
status, result = db.delete_by_id("host", host_id)
db.close_mysql()
if status is not True:
logger.error("Delete host error: %s" % result)
return {"status": False, "message": result}, 500
if result is 0:
return {"status": False, "message": "%s does not exist" % host_id}, 404
audit_log(user, host_id, "", "host", "delete")
return {"status": True, "message": ""}, 200
def put(self, groups_id):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = groups_id
groups = args
db = DB()
# 判断产品线是否存在
status, result = db.select_by_id("product", args["product_id"])
if status is True:
if not result:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % args["product_id"]
}, 404
else:
return {"status": False, "message": result}, 500
# 判断是否存在
select_status, select_result = db.select_by_id("groups", groups_id)
projects = select_result['projects']
groups['projects'] = projects
if select_status is not True:
db.close_mysql()
logger.error("Modify groups error: %s" % select_result)
return {"status": False, "message": select_result}, 500
if not select_result:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % groups_id
}, 404
# 判断名字否已经存在
status, result = db.select(
"groups",
"where data -> '$.name'='%s' and data -> '$.product_id'='%s'" %
(args["name"], args["product_id"]))
if status is True and result:
if groups_id != result[0].get("id"):
db.close_mysql()
return {
"status": False,
"message": "The groups name already exists"
}, 200
status, result = db.update_by_id(
"groups", json.dumps(groups, ensure_ascii=False), groups_id)
db.close_mysql()
if status is not True:
logger.error("Modify groups error: %s" % result)
return {"status": False, "message": result}, 500
audit_log(user, groups_id, "", "groups", "edit")
return {"status": True, "message": ""}, 200
def delete(self, groups_id):
user = g.user_info["username"]
db = DB()
status, result = db.delete_by_id("groups", groups_id)
db.close_mysql()
if status is not True:
logger.error("Delete groups error: %s" % result)
return {"status": False, "message": result}, 500
if result is 0:
return {"status": False, "message": "%s does not exist" % groups_id}, 404
audit_log(user, groups_id, "", "groups", "delete")
info = update_user_privilege("groups", groups_id)
if info["status"] is False:
return {"status": False, "message": info["message"]}, 500
return {"status": True, "message": ""}, 204
def put(self, user_id):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = user_id
db = DB()
# 判断是否存在
select_status, select_result = db.select_by_id("user", user_id)
if select_status is not True:
db.close_mysql()
logger.error("Modify user error: %s" % select_result)
return {"status": False, "message": select_result}, 500
if not select_result:
db.close_mysql()
return {"status": False, "message": "%s does not exist" % user_id}, 404
# 判断名字否已经存在
status, result = db.select("user", "where data -> '$.username'='%s'" % args["username"])
if status is True:
if len(result) != 0:
info = eval(result[0][0])
if user_id != info.get("id"):
db.close_mysql()
return {"status": False, "message": "The user name already exists"}, 200
# 获取之前的加密密码
status, result = db.select_by_id("user", user_id)
if status is True:
if result:
try:
user_info = eval(result[0][0])
args["password"] = user_info.get("password")
except Exception as e:
db.close_mysql()
return {"status": False, "message": str(e)}, 500
else:
db.close_mysql()
return {"status": False, "message": "%s does not exist" % user_id}, 404
else:
db.close_mysql()
return {"status": False, "message": result}, 500
# 更新用户信息
users = args
status, result = db.update_by_id("user", json.dumps(users, ensure_ascii=False), user_id)
db.close_mysql()
if status is not True:
logger.error("Modify user error: %s" % result)
return {"status": False, "message": result}, 500
audit_log(user, user_id, "", "user", "edit")
return {"status": True, "message": ""}, 200
def delete(self):
args = parser.parse_args()
salt_api = salt_api_for_product(args["product_id"])
user = g.user_info["username"]
if isinstance(salt_api, dict):
return salt_api, 500
else:
if args["action"] == "kill" and args["jid"]:
kill = "salt '*' saltutil.kill_job" + " " + args["jid"]
try:
result = os.popen(kill).read()
audit_log(user, args["jid"], args["product_id"], "job id", "kill")
return {"status": True, "message": result}, 200
except Exception as e:
return {"status": False, "message": str(e)}, 500
else:
return {"status": False, "message": "The specified job id does not exist or arguments error"}, 400
def post(self):
args = parser.parse_args()
user = g.user_info["username"]
project, _ = gitlab_project(args["product_id"], args["project_type"])
file = request.files['file']
if args["path"]:
file_path = args["path"] + "/" + file.filename
content = file.read()
try:
content_decode = content.decode()
actions = [
{
'action': 'create',
'file_path': file_path,
'content': content_decode
}
]
except Exception as e:
return {"status": False, "message": str(e)}, 500
# try:
# content_decode = content.decode()
# actions = [
# {
# 'action': args["action"],
# 'file_path': file_path,
# 'content': base64.b64encode(content_decode),
# 'encoding': 'base64',
# }
# ]
# except Exception as e:
# print(e)
data = {
'branch': args["branch"],
'commit_message': args["action"] + " " + args["path"],
'actions': actions
}
if isinstance(project, dict):
return project, 500
else:
try:
project.commits.create(data)
audit_log(user, file_path, args["product_id"], "sls", "upload")
except Exception as e:
logger.error("Upload file: %s" % e)
return {"status": False, "message": str(e)}, 500
return {"status": True, "message": ""}, 200
def no_concurrent(period_result, period_id, minion_list, salt_api, user, product_id):
db = DB()
period_result["status"] = {
"id": 2,
"name": period_status.get(2)
}
db.update_by_id("period_task", json.dumps(period_result, ensure_ascii=False), period_id)
if period_result.get("execute") == "shell":
result = salt_api.shell_remote_execution(minion_list, period_result.get("shell"))
elif period_result.get("execute") == "sls":
# 去掉后缀
sls = period_result.get("sls").replace(".sls", "")
result = salt_api.target_deploy(minion_list, sls)
results = {
"time": int(time.time()),
"result": result,
"option": period_audit.get(9)
}
insert_period_result(period_id, results)
# 不同调度方式使用不同的状态显示
if period_result["scheduler"] == "period":
period_result["status"] = {
"id": 9,
"name": period_status.get(9)
}
elif period_result["scheduler"] == "crontab":
period_result["status"] = {
"id": 10,
"name": period_status.get(10)
}
else:
period_result["status"] = {
"id": 3,
"name": period_status.get(3)
}
# 执行审计写入到period_audit表
audits = {
"timestamp": int(time.time()),
"user": "******",
"option": period_audit.get(3)
}
insert_period_audit(period_id, audits)
db.update_by_id("period_task", json.dumps(period_result, ensure_ascii=False), period_id)
db.close_mysql()
audit_log(user, minion_list, product_id, "minion", "shell")
def delete_host(minion_list, product_id, user):
db = DB()
group_status, group_result = db.select(
"groups", "where data -> '$.product_id'='%s'" % product_id)
if group_status is False:
logger.error("Delete %s host error: %s" %
(minion_list, group_status))
for minion_id in minion_list:
try:
# 组里面删除主机
for group in group_result:
for minion in group.get("minion"):
if minion == minion_id:
group.get("minion").remove(minion_id)
status, result = db.update_by_id(
"groups", json.dumps(group, ensure_ascii=False),
group.get("id"))
if status is not True:
logger.error("Modify group error: %s" % result)
except Exception as e:
logger.error("Delete %s host error: %s" % (minion_id, e))
select_status, select_result = db.select(
"host", "where data -> '$.minion_id'='%s' "
"and data -> '$.product_id'='%s'" % (minion_id, product_id))
if select_status is False:
logger.error("Delete % host error: %s" %
(minion_id, select_result))
if select_result:
for host in select_result:
try:
status, result = db.delete_by_id("host", host["id"])
if status is False:
logger.error("Delete %s host error: %s" %
(minion_id, result))
else:
audit_log(user, host["id"], product_id, "host",
"delete")
except Exception as e:
logger.error("Delete %s host error: %s" %
(minion_id, e))
else:
logger.error("Select %s host does not exist" % minion_id)
db.close_mysql()
def post(self, user_id):
args = parser.parse_args()
user = g.user_info["username"]
if not args["old_password"]:
return {
"status": False,
"message":
"The specified old_password parameter does not exist"
}, 200
if not args["new_password"]:
return {
"status": False,
"message":
"The specified now_password parameter does not exist"
}, 200
db = DB()
status, result = db.select_by_id("user", user_id)
if status is True and result:
if not verify_password(result["username"], args["old_password"]):
return {"status": False, "message": "Old password error"}, 200
else:
# 基于RSA加密算法获取密码
password = rsa_decrypt(args["new_password"])
if password is False:
return {
"status": False,
"message": "Decrypt is failure"
}, 500
# 加密新密码
password_hash = custom_app_context.encrypt(password)
result["password"] = password_hash
update_status, update_result = db.update_by_id(
"user", json.dumps(result, ensure_ascii=False), user_id)
db.close_mysql()
if update_status is not True:
logger.error("Reset %s password error: %s" %
(user_id, update_result))
return {"status": False, "message": update_result}, 500
audit_log(user, user_id, "", "user", "reset by owner")
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
logger.error("Select user error: %s" % result)
return {"status": False, "message": result}, 500
def delete(self, period_id):
user = g.user_info["username"]
db = DB()
select_status, select_result = db.select_by_id("period_task",
period_id)
if select_status is not True:
db.close_mysql()
logger.error("Modify period_task error: %s" % select_result)
return {"status": False, "message": select_result}, 500
# 删除定期任务的时候删除对应的调度
if select_result["scheduler"] == "period":
scheduler_result = scheduler_delete(period_id)
if scheduler_result.get("status") is not True:
# 假如不是job不存在,才返回
if "'No job" not in scheduler_result.get("message"):
return {
"status": False,
"message": scheduler_result.get("message")
}, 500
status, result = db.delete_by_id("period_task", period_id)
if status is not True:
logger.error("Delete period_task error: %s" % result)
return {"status": False, "message": result}, 500
if result is 0:
return {
"status": False,
"message": "%s does not exist" % period_id
}, 404
period_result_status, period_result_result = db.delete_by_id(
"period_result", period_id)
if period_result_status is not True:
logger.error("Delete period_result error: %s" %
period_result_result)
return {"status": False, "message": result}, 500
period_audit_status, period_audit_result = db.delete_by_id(
"period_audit", period_id)
if period_audit_status is not True:
logger.error("Delete period_result error: %s" %
period_audit_result)
return {"status": False, "message": result}, 500
db.close_mysql()
audit_log(user, period_id, "", "period_task", "delete")
return {"status": True, "message": ""}, 200
def delete(self, product_id):
user = g.user_info["username"]
db = DB()
status, result = db.delete_by_id("product", product_id)
db.close_mysql()
if status is not True:
logger.error("Delete product error: %s" % result)
return {"status": False, "message": result}, 500
if result is 0:
return {
"status": False,
"message": "%s does not exist" % product_id
}, 404
audit_log(user, product_id, product_id, "product", "delete")
info = update_user_privilege("product", product_id)
if info["status"] is False:
return {"status": False, "message": info["message"]}, 500
# 更新Rsync配置
rsync_config()
return {"status": True, "message": ""}, 200
