def Qrcode(User=None, Grade=None):
try:
if User and Grade:
if User and int(Grade) >= 2:
verify_key = "{0}_{1}".format(User, Grade)
code = produce.Produce(length=6, chars=string.digits)
Redis.set(verify_key, code)
Redis.expire(verify_key, 900)
# send sms
result = produce.send_sms(
content='上线码:{0} 申请人:{1} 15分钟内有效!'.format(code, User),
mobile=Mobile)
if isinstance(result, dict):
if result['code'] == 200:
INFO = '上线码已成功发送给领导!'
else:
INFO = '上线码发送失败!'
else:
INFO = '上线码发送失败!'
else:
INFO = "无需申请上线码!"
else:
INFO = "非法请求信息!"
except Exception as e:
INFO = str(e)
return render_template('qrcode.html', INFO=INFO)
def login():
form = MyForm.MyForm_login()
form.name.label = '用户名:'
form.password.label = '密码:'
user = request.cookies.get('user')
if user:
Incr = Redis.incr('%s_Incr' % user)
else:
Incr = 0
if form.submit.data:
if form.name.data and form.password.data:
user = form.name.data
pw = form.password.data
Key_Incr = '%s_Incr' % user
Key_Lock = '%s_lock' % user
try:
if Incr >= 30:
raise flash('该帐号异常登陆,已被锁定3分钟!')
if Incr >= 5:
if form.code.data:
if str(form.code.data) != str(session['verify_code']):
raise flash('输入验证码错误!')
else:
raise flash('请输入验证码,看不清点击验证码刷新!')
va_p = db_op.idc_users.query.filter(
and_(db_op.idc_users.name == user,
db_op.idc_users.passwd == Md5.Md5_make(pw))).first()
produce.Async_log(user, request.url)
if va_p:
URL = url_for('index.index')
if pw == app.config.get('INIT_OP_PASSWORD'):
URL = url_for('pw.pw')
flash('请修改初始密码!')
timestamp = None
if form.remember_me.data:
timestamp = check.timestamp(7)
ID = produce.Produce(length=24, chars=string.hexdigits)
app_resp = make_response(redirect(URL))
app_resp.set_cookie('user', user, expires=timestamp)
app_resp.set_cookie('ID', ID, expires=timestamp)
Redis.set('OP_ID_%s' % user, ID)
Redis.delete(Key_Lock)
Redis.delete(Key_Incr)
return app_resp
else:
Redis.incr(Key_Incr)
if Incr >= 30:
Redis.set(Key_Lock, 'True')
Redis.expire(Key_Incr, 60)
Redis.expire(Key_Lock, 180)
flash('用户名或者密码错误!')
URL = url_for('login.login')
app_resp = make_response(redirect(URL))
app_resp.set_cookie('user', user)
return app_resp
except Exception as e:
if 'old' not in str(e):
flash(str(e))
return render_template('login.html', form=form, verify_incr=Incr)
def vpn_admin():
form = MyForm.MyForm_vpn()
if form.submit.data:
users = form.text.data.strip().splitlines()
users = set(users)
for i, name in enumerate(users):
if not re.search('.*@baihe.com$', name):
flash('%s格式错误,用户名应为百合个人邮箱账号!' % name)
i = -1
if i < 0:
return render_template('Message.html')
action = form.select_action.data
key = 'vpn2_list'
sender = "*****@*****.**"
if action == 'query':
List = []
user_list = Redis.hgetall(key)
for user in users:
try:
if user_list[user]:
List.append((user, user_list[user]))
except:
continue
if List:
return render_template('vpn_admin_show.html', user_list=List)
else:
flash('%s 账号不存在!' % user)
elif action == 'add':
for user in users:
pw = produce.Produce(13)
val = [K for K in Redis.hgetall(key)]
if user in val:
flash('%s 账号已存在' % user)
continue
msg = Message("VPN账号信息", sender=sender, recipients=[user])
msg.html = '<p>用户名:%s</p><p> 密码:%s</p><p><font color="red">账号5分钟后开通,请妥善保管此封邮件,勿邮件回复!</font></p>' % (
user, pw)
with app.open_resource("%s/../doc/vpn_conf.docx" %
page_vpn_admin.root_path) as f:
msg.attach("vpn_conf.docx", "text/docx", f.read())
try:
with app.app_context():
mail.send(msg)
Redis.hset(key, user, pw)
except Exception as e:
flash(e)
else:
flash('%s 账号开通完毕,通知邮件已发送.' % user)
elif action == 'del':
for user in users:
Redis.hdel(key, user)
Redis.hdel('vpn_list', user)
flash('%s 账号已关闭!' % user)
return render_template('Message.html')
return render_template('vpn_admin.html', form=form)
def login():
form = MyForm.MyForm_login()
form.name.label = '用户名:'
form.password.label = '密码:'
ym = time.strftime('%Y', time.localtime())
if form.submit.data:
if form.name.data and form.password.data:
user = form.name.data
pw = form.password.data
try:
Key_Incr = '%s_Incr' % user
Key_Lock = 'Lock_login_%s' % user
if Redis.exists(Key_Incr):
Incr = int(Redis.get(Key_Incr))
else:
Incr = 1
if Redis.exists(Key_Lock):
raise flash('该帐号异常登陆,已被锁定1分钟!')
va_p = db_op.idc_users.query.filter(
and_(db_op.idc_users.name == user,
db_op.idc_users.passwd == Md5.Md5_make(pw))).first()
produce.Async_log(user, request.url)
if va_p:
URL = url_for('index.index')
if pw == app.config.get('INIT_OP_PASSWORD'):
URL = url_for('pw.pw')
flash('请修改初始密码!')
timestamp = None
if form.remember_me.data:
timestamp = check.timestamp(7)
ID = produce.Produce(length=24, chars=string.hexdigits)
app_resp = make_response(redirect(URL))
app_resp.set_cookie('user', user, expires=timestamp)
app_resp.set_cookie('ID', ID, expires=timestamp)
Redis.set('OP_ID_%s' % user, ID)
return app_resp
else:
Redis.set(Key_Incr, Incr + 1)
if Incr >= 11:
Redis.incr(Key_Lock, 'True')
Redis.expire(Key_Lock, 60)
flash('用户名或者密码错误,还有%s次机会重试!' % (10 - int(Incr)))
URL = url_for('login.login')
app_resp = make_response(redirect(URL))
app_resp.set_cookie('user', user)
return app_resp
except Exception as e:
if 'old' not in str(e):
flash(str(e))
return render_template('login.html', form=form, ym=ym)
def Qrcode(User = None,Grade = None,project=None,project_level = None):
try:
tw = int(time.strftime('%w', time.localtime()))
publish_time = int(time.strftime("%H", time.localtime()))
crypto = Md5.crypto(crypto_key)
if User and Grade:
db = db_op.idc_users
User = crypto.decrypt(User)
project = crypto.decrypt(project)
if db.query.filter(db.name == User).all() and int(Grade) >= 2:
if tw in (0,6) or publish_time >= 17 or publish_time < 9:
verify_key = "{0}_{1}".format(User,project)
code = str(produce.Produce(length=6, chars=string.digits))
if '0' in code:
code.replace('0','1')
myRedis.set(verify_key,code)
myRedis.expire(verify_key, 900)
# send sms
mobile = JAVA_Mobile
if int(project_level) >= 7:
mobile = Mobile
result = produce.send_sms(content='上线码:{0} 上线项目:{1} 申请人:{2} 15分钟内有效!'.format(code,project,User), mobile=mobile)
if isinstance(result, dict):
if result['code'] == 200:
INFO = '上线码已成功发送给JAVA领导!'
if int(project_level) >= 7:
INFO = '上线码已成功发送给曾总!'
else:
INFO = '上线码发送失败!'
else:
INFO = '上线码发送失败!'
else:
INFO = "只允许在工作日17点之后或者周末全天申请!"
else:
INFO = "该账号无权申请上线码!"
else:
INFO = '非法请求信息!'
except Exception as e:
INFO = str(e)
return render_template('qrcode.html',INFO=INFO)
def vpn_admin():
form = MyForm.MyForm_vpn()
db = db_op.vpn_users
if form.submit.data:
users = form.text.data.strip().splitlines()
vpn_type = form.select_type.data
users = set(users)
crypto = Md5.crypto(crypto_key)
try:
for user in users:
if '@' not in user:
raise flash('%s格式错误,用户名应为百合个人邮箱账号!' % user)
action = form.select_action.data
sender = app.config.get('MAIL_DEFAULT_SENDER')
if vpn_type == 'intranet':
vpn_servers = app.config.get('VPN_INTRA')
if vpn_type == 'internet':
vpn_servers = app.config.get('VPN_INTER')
if action == 'query':
List = []
for user in users:
user = user.strip()
val = db.query.with_entities(
db.user, db.password).filter(db.user == user).all()
if val:
List.append([va for va in val[0]])
else:
flash('%s 账号不存在!' % user)
if List:
List = [(list[0], list[1]) for list in List]
return render_template('vpn_admin_show.html',
Main_Infos=g.main_infos,
user_list=List)
elif action == 'add':
for user in users:
user = user.strip()
pw = produce.Produce(13)
if db.query.filter(db.user == user).all():
flash('%s 账号已存在' % user)
continue
msg = Message("VPN账号信息", sender=sender, recipients=[user])
msg.html = '<p>用户名:%s</p><p> 密码:%s</p><p> VPN地址:%s</p><p><font color="red">账号5分钟后开通,请妥善保管此封邮件,勿邮件回复!</font></p>' % (
user, pw, vpn_servers)
with app.open_resource("%s/../doc/vpn_conf.docx" %
page_vpn_admin.root_path) as f:
msg.attach("vpn_conf.docx", "text/docx", f.read())
try:
with app.app_context():
mail.send(msg)
db_op.DB.session.add(
db(user=user,
password=crypto.encrypt(pw),
status=1,
vpn_type=vpn_type))
db_op.DB.session.commit()
except Exception as e:
flash(e)
else:
flash('%s 账号开通完毕,通知邮件已发送.' % user)
elif action == 'del':
for user in users:
user = user.strip()
db.query.filter(db.user == user).update({db.status: 2})
db_op.DB.session.commit()
flash('%s 账号已关闭!' % user)
elif action == 'change':
for user in users:
user = user.strip()
db.query.filter(db.user == user).update({
db.status:
1,
db.vpn_type:
vpn_type
})
db_op.DB.session.commit()
flash(('%s vpn类型已变更!' % user))
except Exception as e:
flash(e)
return render_template('Message_static.html', Main_Infos=g.main_infos)
return render_template('vpn_admin.html',
Main_Infos=g.main_infos,
form=form)
def op_user():
form = MyForm.Myform_op_user()
db = db_op.idc_users
sender = "*****@*****.**"
if form.submit.data:
users = form.text.data.splitlines()
action = form.select.data
for user in users:
if '@baihe.com' in user:
if action == 'unlock':
Redis.delete('%s_lock' % user)
flash('{0}账号已解锁!'.format(user))
val = db.query.with_entities(db.name).filter(
and_(db.name == user, db.grade == 2)).all()
if action == 'query':
if val:
flash('{0}账号已存在!'.format(user))
else:
flash('{0}账号不存在!'.format(user))
if action == 'add':
if val:
flash('{0}账号已存在!'.format(user))
else:
PW = Md5.Md5_make(produce.Produce())
pw = Md5.Md5_make(PW)
# 开通成功后再发送邮件
msg = Message("OP账号信息",
sender=sender,
recipients=[user])
msg.html = '<p>用户名:%s</p><p> 密码:%s</p><p>访问地址:http://xxx.baihe.com/</p><p><font color="red">勿邮件回复!</font></p>' % (
user, PW)
with app.app_context():
try:
mail.send(msg)
except Exception as e:
flash(e)
flash('%s 邮件发送失败!' % user)
else:
db_op.DB.session.add(
db(name=user, passwd=pw, grade=2))
db_op.DB.session.commit()
flash('%s 账号开通成功,通知邮件已发送.' % user)
if action == 'del':
try:
val = db.query.filter(
and_(db.name == user, db.grade == 2)).all()
if val:
for c in val:
db_op.DB.session.delete(c)
db_op.DB.session.commit()
flash('{0}账号删除成功!'.format(user))
else:
flash('{0}账号不存在!'.format(user))
except Exception as e:
flash(e)
if action == 'init':
if val:
pw = Md5.Md5_make('123456')
db.query.filter(and_(db.name == user,
db.grade == 2)).update(
{db.passwd: pw})
db_op.DB.session.commit()
flash('{0}账号初始化成功,初始化密码:123456'.format(user))
else:
flash('{0}账号不存在!'.format(user))
else:
flash('{0}账号格式不正确,账号应为个人邮箱!'.format(user))
return render_template('Message_static.html')
return render_template('op_user.html', form=form)
def svn_admin():
reload(MyForm)
form = MyForm.MyForm_svn_admin()
if form.submit.data:
sender = "*****@*****.**"
db = db_op.svn_users
db_groups = db_op.svn_groups
ts = form.text.data.strip().splitlines()
ts = set(ts)
for i, name in enumerate(ts):
if not re.search('.*@.*\.com$', name):
flash('%s格式错误,用户名应为个人邮箱账号!' % name)
i = -1
if i < 0:
return render_template('Message.html')
Action = form.select_action.data
def Query(db, *ts):
#生成用户列表
user_list = []
for name in ts[0]:
try:
val = db.query.with_entities(
db.user, db.password).filter(db.user == name).all()
if val:
val = [v for v in val[0]]
groups = [
group[0]
for group in db_groups.query.with_entities(
distinct(db_groups.groups)).filter(
db_groups.users == name).all()
]
for group in groups:
val.append(group)
user_list.append(val)
except Exception as e:
loging.write(e)
return render_template_string('获取数据错误!')
return user_list
if Action == 'query':
user_list = Query(db, ts)
if user_list:
return render_template('svn_admin_show.html',
user_list=user_list)
else:
flash('账号不存在!')
elif Action == 'add':
groups_list = form.select_groups.data
if groups_list:
for name in ts:
if Query(db, (name, )):
flash('%s 账号已存在!' % name)
continue
else:
try:
#数据库插入账户
pw = produce.Produce(13)
db_op.DB.session.add(
db(user=name, password=pw, status=1))
db_op.DB.session.commit()
#数据库插入用户组
for group in groups_list:
db_op.DB.session.add(
db_groups(groups=group, users=name))
db_op.DB.session.commit()
except Exception as e:
flash(e)
flash('%s 账号开通失败!' % name)
else:
#开通成功后再发送邮件
msg = Message("SVN账号信息",
sender=sender,
recipients=[name])
msg.html = '<p>用户名:%s</p><p> 密码:%s</p><p>SVN根路径http://svn.ibaihe.com:1722/svn/,具体项目路径请咨询各自组内同事.</p><p><font color="red">账号5分钟后开通,请妥善保管此封邮件,勿邮件回复!</font></p>' % (
name, pw)
with app.app_context():
try:
mail.send(msg)
except Exception as e:
flash(e)
flash('%s 邮件发送失败!' % name)
else:
flash('%s 账号开通成功,通知邮件已发送.' % name)
else:
flash('开通账户需选择账号对应的用户组')
elif Action == 'add_group' or Action == 'del_group':
svn_users = db.query.filter(db.user == name)
groups_list = form.select_groups.data
if groups_list:
for name in ts:
if Query(db, (name, )):
try:
#修改用户组列表
for group in groups_list:
if 'add' in Action:
db_op.DB.session.add(
db_groups(groups=group, users=name))
db_op.DB.session.commit()
flash('%s 账号已添加到用户组%s' % (name, group))
if 'del' in Action:
Info = db_groups.query.filter(
and_(db_groups.groups == group,
db_groups.users == name)).all()
for c in Info:
db_op.DB.session.delete(c)
db_op.DB.session.commit()
flash('%s 账号已从用户组%s移除.' % (name, group))
#修改用户状态
svn_users.update({db.status: 4})
db_op.DB.session.commit()
except Exception as e:
loging.write(e)
return render_template_string('获取数据错误!')
else:
flash('%s 账号不存在!' % name)
else:
flash('变更账户所属用户组,需先选择要变更的用户组')
else:
if Query(db, ts):
for name in ts:
try:
#数据库删除账号
svn_users = db.query.filter(db.user == name)
if Action == 'del':
Str = '关闭'
#用户组内删除账号
Info = db_groups.query.filter(
db_groups.users == name).all()
for c in Info:
db_op.DB.session.delete(c)
db_op.DB.session.commit()
svn_users.update({db.status: 2})
elif Action == 'lock':
Str = '锁定'
svn_users.update({db.status: 3})
elif Action == 'unlock':
Str = '解锁'
svn_users.update({db.status: 4})
db_op.DB.session.commit()
except Exception as e:
loging.write(e)
return render_template_string('获取数据错误!')
else:
flash('%s 账号%s成功!' % (name, Str))
else:
flash('账号不存在!')
return render_template('Message.html')
return render_template('svn_admin.html', form=form)
def index():
DB = db_op.rota
date = time.strftime('%Y-%m-%d', time.localtime())
new_date = datetime.date.today() + datetime.timedelta(1)
ym = time.strftime('%Y.%m', time.localtime())
if '@' in g.user:
g.user = g.user.split('@')[0]
data = [g.user]
try:
# 生成今日和明日的运维排班
users = []
duty = u'报警值班'
pools = [u'李晓辉', u'周福成']
for t in (date, new_date):
VAL = DB.query.with_entities(DB.name).filter(
and_(DB.date == t, DB.duty == duty)).all()
if VAL:
user = VAL[0][0]
else:
user = random.choice(pools)
c = DB(name=user, duty=duty, date=t)
db_op.DB.session.add(c)
db_op.DB.session.commit()
pools.remove(user)
users.append(user)
data.extend(users)
ip = request.headers.get('X-Forwarded-For')
if not ip:
ip = request.remote_addr
#获取页面菜单
DB = db_op.op_menu
nav_val = {}
sub_val = {}
Menu_val = DB.query.with_entities(
DB.Menu_name, DB.id_name, DB.module_name,
DB.action_name).filter(DB.grade >= g.grade).all()
navMenu = DB.query.with_entities(distinct(DB.Menu_name)).filter(
and_(DB.Menu == 'navMenu',
DB.grade >= g.grade)).order_by(DB.Menu_id).all()
navMenu = [Menu[0] for Menu in navMenu]
for Menu in navMenu:
val = [val[1:] for val in Menu_val if Menu in val]
if val:
nav_val[Menu] = val
submenu = DB.query.with_entities(distinct(DB.Menu_name)).filter(
and_(DB.Menu == 'submenu',
DB.grade >= g.grade)).order_by(DB.Menu_id).all()
submenu = [menu[0] for menu in submenu]
for menu in submenu:
val = [val[2:] for val in Menu_val if menu in val]
if val:
sub_val[menu] = val
app_resp = make_response(
render_template('index.html',
datas=data,
Year=ym,
navMenu=navMenu,
nav_val=nav_val,
submenu=submenu,
sub_val=sub_val,
ip=ip))
app_resp.set_cookie('secret_key',
produce.Produce(length=6, chars=string.digits))
return app_resp
except Exception as e:
loging.write(str(e))
return render_template_string('获取数据异常!')
def git_admin():
params = {'private_token':'g-1h1deDz-ghC_xU4DjM'}
URL = "http://git.baihe.com/api/v3/users?"
def Get_user(user):
username = user.split('@')[0]
params['search'] = username
r = requests.request('get',URL,timeout=3,params=params)
return r.json()
def Add_user(user,pw):
username = user.split('@')[0]
params['username'] = username
params['name'] = username
params['email'] = user
params['password'] = pw
params['projects_limit'] = 50
params['can_create_group'] = 'true'
params['confirm'] = 'false'
r = requests.request('post',URL,timeout=3,params=params)
return r.json()
def Del_user(id):
URL = "http://git.baihe.com/api/v3/users/%s/block" %id
requests.request('put', URL, timeout=3, params=params)
URL = "http://git.baihe.com/api/v3/users/%s" % id
r = requests.request('delete',URL,timeout=3,params=params)
return r.json()
form = MyForm.MyForm_git_admin()
if form.submit.data:
sender = "*****@*****.**"
names = form.text.data.strip().splitlines()
action = form.select_action.data
for name in names:
name = name.strip()
if '@' in name:
if action == 'query':
INFOS = ('id','username','name','email','state','projects_limit','can_create_group','web_url','current_sign_in_at','created_at')
user_info =Get_user(name)
if user_info:
user_info = user_info[0]
flash('账号:%s信息如下:' %name)
for info in INFOS:
flash('%s: %s' %(info,user_info[info]))
flash('--- '*16)
else:
flash('%s 不存在!' %name)
elif action == 'add':
if Get_user(name):
flash('%s 账号已存在!' %name)
else:
pw = produce.Produce(13)
if Add_user(name,pw):
#开通成功后再发送邮件
msg = Message("GIT账号信息",sender=sender,recipients=[name])
msg.html = '<p>用户名:%s</p><p> 密码:%s</p><p>GIT访问地址:http://git.baihe.com/</p><p><font color="red">勿邮件回复!</font></p>' %(name,pw)
with app.app_context():
try:
mail.send(msg)
except Exception as e:
flash(e)
flash('%s 邮件发送失败!' %name)
else:
flash('%s 账号开通成功,通知邮件已发送.' %name)
else:
flash('%s 账号开通失败!' %name)
elif action == 'del':
user = Get_user(name)
if user:
id = user[0]['id']
if Del_user(id):
flash('%s 账号已删除!' %name)
else:
flash('%s 账号不存在!' %name)
else:
flash('%s 账号格式错误,应该为邮箱地址!' %name)
return render_template('Message_static.html')
return render_template('git_admin.html',form=form)
def index():
try:
tm = datetime.datetime.now() - datetime.timedelta(minutes=1)
tm = tm.strftime('%Y%m%d%H%M')
td = time.strftime("%Y-%m-%d", time.localtime())
Tra_ser_minute_Key = 'traffic.ser.%s' % tm
Tra_cli_minute_Key = 'traffic.cli.%s' % tm
tt = time.strftime('%Y%m%d', time.localtime())
th = time.strftime('%Y%m%d%H', time.localtime())
TM = time.strftime('%M', time.localtime())
ip_key = 'top_ip_%s' % tt
ip_key_hour = 'top_ip_%s' % th
IP_DATA = [[str(ip), int(RC.zscore(ip_key, ip))]
for ip in RC.zrevrange(ip_key, 0, 20)]
IP_DATA_HOUR = [[str(ip), int(RC.zscore(ip_key_hour, ip))]
for ip in RC.zrevrange(ip_key_hour, 0, 20)]
val_cli = [
[
str(url),
int(RC.zscore(Tra_cli_minute_Key, url)) * 8 / 1024 / 1024
] for url in RC.zrevrange(Tra_cli_minute_Key, 0, 10)
if int(RC.zscore(Tra_cli_minute_Key, url)) * 8 / 1024 / 1024 > 1
]
val_ser = [
[
str(url),
int(RC.zscore(Tra_ser_minute_Key, url)) * 8 / 1024 / 1024
] for url in RC.zrevrange(Tra_ser_minute_Key, 0, 10)
if int(RC.zscore(Tra_ser_minute_Key, url)) * 8 / 1024 / 1024 > 1
]
INTERNET_DATA = [
eval(v) for v in RC.lrange('internet_access_%s' % td, 0, -1)
]
INTERNET_DATA = [
INTERNET_DATA[i] for i in range(0, len(INTERNET_DATA), 2)
]
INTRANET_DATA = [
eval(v) for v in RC.lrange('intranet_access_%s' % td, 0, -1)
]
INTRANET_DATA = [
INTRANET_DATA[i] for i in range(0, len(INTRANET_DATA), 2)
]
WEB_ACCESS = [{
'data': INTERNET_DATA,
'name': 'internet'
}, {
'data': INTRANET_DATA,
'name': 'intranet'
}]
app_resp = make_response(
render_template('index.html',
Main_Infos=g.main_infos,
val_cli=val_cli,
val_ser=val_ser,
WEB_ACCESS=WEB_ACCESS,
IP_DATA=IP_DATA,
IP_DATA_HOUR=IP_DATA_HOUR,
tm=TM))
app_resp.set_cookie('secret_key',
produce.Produce(length=6, chars=string.digits))
return app_resp
except Exception as e:
logging.error(e)
flash('获取数据错误!')
return render_template('Message_static.html', Main_Infos=g.main_infos)
