def get_period(period_id, product_id):
db = DB()
status, period_result = db.select_by_id("period_task", period_id)
if status is True and period_result:
minions = []
for group in period_result.get("target"):
status, result = db.select_by_id("groups", group)
if status is True and result:
minions.extend(result.get("minion"))
minion_list = list(set(minions))
salt_api = salt_api_for_product(product_id)
if isinstance(salt_api, dict):
period_result["status"] = {
"id": 4,
"name": period_status.get(4)
}
db.update_by_id("period_task", json.dumps(period_result, ensure_ascii=False), period_id)
return salt_api, 500
return period_result, minion_list, salt_api
else:
logger.error("Get period and minion error: %s" % period_result)
raise
def update_group_for_create_project(project_name, groups_id_list):
db = DB()
logger.info('UPDATEGROUP')
logger.info('project_name:' + project_name + 'groups_id_list:' +
str(groups_id_list))
for group_id in groups_id_list:
status, group = db.select_by_id('groups', group_id)
project_name_list = list(group['projects'])
project_name_list.append(project_name)
group['projects'] = project_name_list
status, result = db.update_by_id('groups',
json.dumps(group, ensure_ascii=False),
group_id)
db.close_mysql()
def get(self, product_id):
db = DB()
status, result = db.select_by_id("product", product_id)
db.close_mysql()
if status is True:
if result:
return {"data": result, "status": True, "message": ""}, 200
else:
return {
"status": False,
"message": "%s does not exist" % product_id
}, 404
else:
return {"status": False, "message": result}, 500
def get(self, groups_id):
db = DB()
status, result = db.select_by_id("groups", groups_id)
db.close_mysql()
if status is True:
if result:
try:
groups = eval(result[0][0])
except Exception as e:
return {"status": False, "message": str(e)}, 500
else:
return {"status": False, "message": "%s does not exist" % groups_id}, 404
else:
return {"status": False, "message": result}, 500
return {"groups": groups}, 200
def group_to_user(gid, uid):
db = DB()
select_status, select_result = db.select_by_id("user", uid)
if select_status is True and select_result:
select_result["groups"].append(gid)
else:
return {"status": False, "message": select_result}
status, result = db.update_by_id(
"user", json.dumps(select_result, ensure_ascii=False), uid)
db.close_mysql()
if status is True:
return {"status": True, "message": ""}
else:
logger.error("Group to user error: %s" % result)
return {"status": False, "message": result}
def get(self, host_id):
db = DB()
status, result = db.select_by_id("host", host_id)
db.close_mysql()
if status is True:
if result:
try:
host = eval(result[0][0])
except Exception as e:
return {"status": False, "message": str(e)}, 500
else:
return {"status": False, "message": "%s does not exist" % host_id}, 404
else:
return {"status": False, "message": result}, 500
return {"host": host, "status": True, "message": ""}, 200
def get(self):
args = parser.parse_args()
db = DB()
status, result = db.select_by_id("audit_log", args["product_id"])
db.close_mysql()
log_list = []
if status is True:
if result:
for i in result:
log_list.append(eval(i[0]))
else:
return {"status": False, "message": "Log does not exist"}, 500
else:
return {"status": False, "message": result}, 500
return {"audit_logs": {"audit_log": log_list}, "status": True, "message": ""}, 200
def verify_role(user_info, tag):
for role in user_info["role"]:
db = DB()
status, result = db.select_by_id("role", role)
db.close_mysql()
if status is True and result:
try:
if result["tag"] == role_dict["superuser"] or result[
"tag"] == tag:
return True
except KeyError as _:
return False
else:
return False
return False
def transfer_projectGroupID_to_projectGroupNAME(projects_with_groupid):
db = DB()
if not isinstance(projects_with_groupid, list):
projects_with_groupid = [projects_with_groupid]
projects_with_group_name = []
for project in projects_with_groupid:
group_name_list = []
for group_id in list(project['groups']):
status, group = db.select_by_id('groups', group_id)
logger.info('group:' + str(group))
group_name = group['name']
group_name_list.append(group_name)
project['groups'] = group_name_list
projects_with_group_name.append(project)
return projects_with_group_name
def get(self, user_id):
db = DB()
status, result = db.select_by_id("user", user_id)
db.close_mysql()
if status is True:
if result:
result.pop("password")
return {"data": result, "status": True, "message": ""}, 200
else:
return {
"status": False,
"message": "%s does not exist" % user_id
}, 404
else:
return {"status": False, "message": result}, 500
def get(self, user_id):
db = DB()
status, result = db.select_by_id("user", user_id)
db.close_mysql()
if status is True:
if result:
try:
user = eval(result[0][0])
user.pop("password")
except Exception as e:
return {"status": False, "message": str(e)}, 500
else:
return {"status": False, "message": "%s does not exist" % user_id}, 404
else:
return {"status": False, "message": result}, 500
return {"user": user, "status": True, "message": ""}, 200
def git_clone(product_id, project_name):
db = DB()
status, product = db.select_by_id('product', product_id)
gitlab_url = product['gitlab_url']
master = product['salt_master_id']
gitlab_url = gitlab_url.replace('http://', 'git@')
gitlab_project_url = re.split(
':', gitlab_url)[0] + ':root/' + project_name + '.git'
#gitlab_project_url = gitlab_url.replace(':80', '/root/') + project_name + '.git'
command_list = []
command_list.append('cd /tmp/' + ' \n ')
command_list.append('git clone ' + gitlab_project_url + ' \n ')
command_final = ''.join(command_list)
logger.info('command' + command_final)
salt_api = salt_api_for_product(product_id)
exec_result = salt_api.shell_remote_execution([master], command_final)
def gitlab_project(product_id, project_type):
db = DB()
status, result = db.select_by_id("product", product_id)
db.close_mysql()
if status is True:
if result:
product = result
else:
return {
"status": False,
"message": "%s does not exist" % product_id
}
else:
return {"status": False, "message": result}
try:
if product.get("file_server") == "gitfs":
gl = gitlab.Gitlab(
url=product.get("gitlab_url"),
private_token=None if product.get("private_token") is "" else
product.get("private_token"),
oauth_token=None if product.get("oauth_token") is "" else
product.get("oauth_token"),
email=None
if product.get("email") is "" else product.get("email"),
password=None
if product.get("password") is "" else product.get("password"),
ssl_verify=True,
http_username=None if product.get("http_username") is "" else
product.get("http_username"),
http_password=None if product.get("http_password") is "" else
product.get("http_password"),
timeout=120,
api_version=None if product.get("api_version") is "" else
product.get("api_version"))
project = gl.projects.get(product.get(project_type))
return project, product.get(project_type)
# 項目过多会慢
# projects = gl.projects.list(all=True)
# for pr in projects:
# if pr.__dict__.get('_attrs').get('path_with_namespace') == product.get(project_type):
# project = gl.projects.get(pr.__dict__.get('_attrs').get('id'))
# return project, product.get(project_type)
# return {"status": False, "message": "Project not found"}, ""
else:
return {"status": False, "message": "File server is not gitfs"}, ""
except Exception as e:
return {"status": False, "message": str(e)}
def update_user_product(user_id, product_id):
db = DB()
status, result = db.select_by_id("user", user_id)
if status is True:
if result:
result["product"].append(product_id)
db.update_by_id("user", json.dumps(result, ensure_ascii=False),
user_id)
db.close_mysql()
return {"status": True, "message": ""}
else:
db.close_mysql()
return {"status": False, "message": "User does not exist"}
else:
db.close_mysql()
logger.error("Update user product error: %s" % result)
return {"status": False, "message": result}
def put(self, project_id):
args = parser.parse_args()
args["id"] = project_id
projects = transfer_args_to_project(args)
db = DB()
# 判断是否存在
select_status, select_result = db.select_by_id("projects", project_id)
if select_status is not True:
db.close_mysql()
logger.error("Modify projects error: %s" % select_result)
return {"status": False, "message": select_result}, 500
if not select_result:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % project_id
}, 404
gitlab_name_origion = select_result['gitlab_name']
args['gitlab_name'] = gitlab_name_origion
# 判断名字否已经存在
status, result = db.select(
"projects",
"where data -> '$.name'='%s' and data -> '$.product_id'='%s'" %
(args["name"], args["product_id"]))
if status is True and result:
if project_id != result[0].get("id"):
db.close_mysql()
return {
"status": False,
"message": "The projects name already exists"
}, 200
try:
status, message = update_group_for_update_project(
project_id, args['groups'], args['name'])
if status is not True:
return {"status": False, "message": message}, 500
except Exception as e:
return {"status": False, "message": str(e)}, 500
status, result = db.update_by_id(
"projects", json.dumps(projects, ensure_ascii=False), project_id)
db.close_mysql()
if status is not True:
logger.error("Modify projects error: %s" % result)
return {"status": False, "message": result}, 500
return {"status": True, "message": ""}, 200
def salt_api_for_product(product_id):
db = DB()
status, result = db.select_by_id("product", product_id)
db.close_mysql()
if status is True:
if result:
product = result
else:
return {
"status": False,
"message": "product %s does not exist" % product_id
}
else:
return {"status": False, "message": result}
salt_api = SaltAPI(url=product.get("salt_master_url"),
user=product.get("salt_master_user"),
passwd=product.get("salt_master_password"))
return salt_api
def post(self, user_id):
args = parser.parse_args()
user = g.user_info["username"]
if not args["old_password"]:
return {
"status": False,
"message":
"The specified old_password parameter does not exist"
}, 200
if not args["new_password"]:
return {
"status": False,
"message":
"The specified now_password parameter does not exist"
}, 200
db = DB()
status, result = db.select_by_id("user", user_id)
if status is True and result:
if not verify_password(result["username"], args["old_password"]):
return {"status": False, "message": "Old password error"}, 200
else:
# 基于RSA加密算法获取密码
password = rsa_decrypt(args["new_password"])
if password is False:
return {
"status": False,
"message": "Decrypt is failure"
}, 500
# 加密新密码
password_hash = custom_app_context.encrypt(password)
result["password"] = password_hash
update_status, update_result = db.update_by_id(
"user", json.dumps(result, ensure_ascii=False), user_id)
db.close_mysql()
if update_status is not True:
logger.error("Reset %s password error: %s" %
(user_id, update_result))
return {"status": False, "message": update_result}, 500
audit_log(user, user_id, "", "user", "reset by owner")
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
logger.error("Select user error: %s" % result)
return {"status": False, "message": result}, 500
def put(self, user_id):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = user_id
db = DB()
# 判断用户名是否已经存在
status, result = db.select(
"user", "where data -> '$.username'='%s'" % args["username"])
if status is True:
if len(result) != 0:
info = eval(result[0][0])
if user_id != info.get("id"):
return {
"status": False,
"message": "The user name already exists"
}, 200
# 获取之前的加密密码
status, result = db.select_by_id("user", user_id)
if status is True:
if result:
try:
user_info = eval(result[0][0])
args["password"] = user_info.get("password")
except Exception as e:
return {"status": False, "message": str(e)}, 500
else:
return {
"status": False,
"message": "%s does not exist" % user_id
}, 404
else:
return {"status": False, "message": result}, 500
# 更新用户信息
users = args
status, result = db.update_by_id("user",
json.dumps(users, ensure_ascii=False),
user_id)
db.close_mysql()
if status is not True:
logger.error("Modify user error: %s" % result)
return {"status": False, "message": result}, 500
audit_log(user, user_id, "", "user", "edit")
return {"status": True, "message": ""}, 200
def delete(self, period_id):
user = g.user_info["username"]
db = DB()
select_status, select_result = db.select_by_id("period_task",
period_id)
if select_status is not True:
db.close_mysql()
logger.error("Modify period_task error: %s" % select_result)
return {"status": False, "message": select_result}, 500
# 删除定期任务的时候删除对应的调度
if select_result["scheduler"] == "period":
scheduler_result = scheduler_delete(period_id)
if scheduler_result.get("status") is not True:
# 假如不是job不存在,才返回
if "'No job" not in scheduler_result.get("message"):
return {
"status": False,
"message": scheduler_result.get("message")
}, 500
status, result = db.delete_by_id("period_task", period_id)
if status is not True:
logger.error("Delete period_task error: %s" % result)
return {"status": False, "message": result}, 500
if result is 0:
return {
"status": False,
"message": "%s does not exist" % period_id
}, 404
period_result_status, period_result_result = db.delete_by_id(
"period_result", period_id)
if period_result_status is not True:
logger.error("Delete period_result error: %s" %
period_result_result)
return {"status": False, "message": result}, 500
period_audit_status, period_audit_result = db.delete_by_id(
"period_audit", period_id)
if period_audit_status is not True:
logger.error("Delete period_result error: %s" %
period_audit_result)
return {"status": False, "message": result}, 500
db.close_mysql()
audit_log(user, period_id, "", "period_task", "delete")
return {"status": True, "message": ""}, 200
def put(self, period_id):
product_id = request.args.get("product_id")
user = g.user_info["username"]
db = DB()
status, result = db.select_by_id("period_task", period_id)
if status is True:
if result:
if result["scheduler"] == "once" and result["once"][
"type"] == "now":
# 重开之前清空已经执行过的minion
result["count"] = 0
result["step"] = 0
audit = {
"timestamp": int(time.time()),
"user": user,
"option": period_audit.get(1)
}
insert_period_audit(period_id, audit)
update_status, update_result = db.update_by_id(
"period_task", json.dumps(result, ensure_ascii=False),
period_id)
if update_status is not True:
logger.error("Reopen period_task error: %s" %
update_result)
db.close_mysql()
return {"status": False, "message": update_result}, 500
audit_log(user, period_id, product_id, "period_task",
"reopen")
job.delay(period_id, product_id, user)
db.close_mysql()
return {"status": True, "message": ""}, 200
else:
db.close_mysql()
return {
"status": False,
"message": "The period_task does not exist"
}, 404
else:
db.close_mysql()
return {"status": False, "message": result}, 500
def post(self):
args = parser.parse_args()
args["id"] = uuid_prefix("g")
user = g.user_info["username"]
groups = args
db = DB()
status, result = db.select_by_id("product", args["product_id"])
if status is True:
if not result:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % args["product_id"]
}, 404
else:
return {"status": False, "message": result}, 500
status, result = db.select(
"groups",
"where data -> '$.name'='%s' and data -> '$.product_id'='%s'" %
(args["name"], args["product_id"]))
if status is True:
if len(result) == 0:
insert_status, insert_result = db.insert(
"groups", json.dumps(groups, ensure_ascii=False))
db.close_mysql()
if insert_status is not True:
logger.error("Add groups error: %s" % insert_result)
return {"status": False, "message": insert_result}, 500
audit_log(user, args["id"], "", "groups", "add")
group_to_user(args["id"], g.user_info["id"])
return {"status": True, "message": ""}, 201
else:
db.close_mysql()
return {
"status": False,
"message": "The groups name already exists"
}, 200
else:
db.close_mysql()
logger.error("Select groups name error: %s" % result)
return {"status": False, "message": result}, 500
def put(self, product_id):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = product_id
product = args
db = DB()
# 判断是否存在
select_status, select_result = db.select_by_id("product", product_id)
if select_status is not True:
db.close_mysql()
logger.error("Modify product error: %s" % select_result)
return {"status": False, "message": select_result}, 500
if not select_result:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % product_id
}, 404
# 判断名字是否重复
status, result = db.select(
"product", "where data -> '$.name'='%s'" % args["name"])
if status is True:
if result:
if product_id != result[0].get("id"):
db.close_mysql()
return {
"status": False,
"message": "The product name already exists"
}, 200
status, result = db.update_by_id(
"product", json.dumps(product, ensure_ascii=False), product_id)
db.close_mysql()
if status is not True:
logger.error("Modify product error: %s" % result)
return {"status": False, "message": result}, 500
audit_log(user, args["id"], product_id, "product", "edit")
# 更新Rsync配置
if args["file_server"] == "rsync":
rsync_config()
return {"status": True, "message": ""}, 200
def put(self, acl_id):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = acl_id
acl = args
db = DB()
# 判断是否存在
select_status, select_result = db.select_by_id("acl", acl_id)
if select_status is not True:
db.close_mysql()
logger.error("Modify acl error: %s" % select_result)
return {"status": False, "message": select_result}, 500
if not select_result:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % acl_id
}, 404
# 判断名字否已经存在
status, result = db.select(
"acl", "where data -> '$.name'='%s'" % args["name"])
if status is True:
if len(result) != 0:
info = eval(result[0][0])
if acl_id != info.get("id"):
db.close_mysql()
return {
"status": False,
"message": "The acl name already exists"
}, 200
status, result = db.update_by_id("acl",
json.dumps(acl, ensure_ascii=False),
acl_id)
db.close_mysql()
if status is not True:
logger.error("Modify acl error: %s" % result)
return {"status": False, "message": result}, 500
audit_log(user, acl_id, "", "acl", "edit")
return {"status": True, "message": ""}, 200
def put(self, role_id):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = role_id
role = args
db = DB()
# 判断是否存在
select_status, select_result = db.select_by_id("role", role_id)
if select_status is not True:
db.close_mysql()
logger.error("Modify role error: %s" % select_result)
return {"status": False, "message": select_result}, 500
if not select_result:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % role_id
}, 404
# 判断名字是否重复
status, result = db.select(
"role", "where data -> '$.name'='%s'" % args["name"])
if status is True:
if result:
if role_id != result[0].get("id"):
db.close_mysql()
return {
"status": False,
"message": "The role name already exists"
}, 200
status, result = db.update_by_id("role",
json.dumps(role, ensure_ascii=False),
role_id)
db.close_mysql()
if status is not True:
logger.error("Modify role error: %s" % result)
return {"status": False, "message": result}, 500
audit_log(user, role_id, "", "role", "edit")
return {"status": True, "message": ""}, 200
def get(self, project_id):
db = DB()
status, result = db.select_by_id("projects", project_id)
try:
project_with_group_name = list(
transfer_projectGroupID_to_projectGroupNAME(result))[0]
except Exception as e:
return {"status": False, "message": str(e)}, 500
db.close_mysql()
if status is True:
if result:
return {
"data": project_with_group_name,
"status": True,
"message": ""
}, 200
else:
return {
"status": False,
"message": "%s does not exist" % project_id
}, 404
else:
return {"status": False, "message": result}, 500
def gitlab_project(product_id):
db = DB()
status, result = db.select_by_id("product", product_id)
db.close_mysql()
if status is True:
if result:
product = eval(result[0][0])
else:
return {
"status": False,
"message": "%s does not exist" % product_id
}
else:
return {"status": False, "message": result}
try:
gl = gitlab.Gitlab(
url=product.get("gitlab_url"),
private_token=None if product.get("private_token") is "" else
product.get("private_token"),
oauth_token=None if product.get("oauth_token") is "" else
product.get("oauth_token"),
email=None if product.get("email") is "" else product.get("email"),
password=None
if product.get("password") is "" else product.get("password"),
ssl_verify=True,
http_username=None if product.get("http_username") is "" else
product.get("http_username"),
http_password=None if product.get("http_password") is "" else
product.get("http_password"),
timeout=120,
api_version=None if product.get("api_version") is "" else
product.get("api_version"))
project = gl.projects.get(product.get("project"))
return project
except Exception as e:
return {"status": False, "message": str(e)}
def get(self, period_id):
db = DB()
status, result = db.select_by_id("period_task", period_id)
if status is True:
if result:
targets = result.get("target")
result["target"] = []
for target in targets:
group_status, group_result = db.select_by_id(
"groups", target)
if group_status is True and group_result:
result["target"].append({
"name":
group_result.get("name"),
"id":
target
})
else:
db.close_mysql()
return {"status": False, "message": group_result}, 500
product_status, product_result = db.select_by_id(
"product", result.get("product_id"))
if product_status is True and product_result:
result["product_id"] = product_result.get("name")
count_status, count_result = db.select_count_by_id(
"period_result", result["id"])
if count_result is False:
return {"status": False, "message": count_result}, 500
# 数量小于15的时候避免等于负数
if int(count_result) < 15:
count_result = 15
# 获取最后15条数据
period_result_status, period_result_result = db.select(
"period_result", "where data -> '$.id'='%s' limit %s,%s" %
(result["id"], int(count_result) - 15, 15))
if period_result_status is True:
for r in period_result_result:
result["result"].append(r.get("result"))
period_audit_status, period_audit_result = db.select(
"period_audit", "where data -> '$.id'='%s'" % result["id"])
if period_audit_status is True:
for a in period_audit_result:
result["audit"].append(a.get("result"))
db.close_mysql()
# 周期性Job审计信息超过10条后显示前10条及最后两条
if result["scheduler"] != "once":
if len(result["audit"]) > 10:
result_limit = result["audit"][0:10]
result_limit.append({
'user': '',
'option': '',
'timestamp': ''
})
result_limit.extend(result["audit"][-2:])
result["audit"] = result_limit
return {"data": result, "status": True, "message": ""}, 200
else:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % period_id
}, 404
else:
db.close_mysql()
return {"status": False, "message": result}, 500
def put(self, user_id):
user = g.user_info["username"]
args = parser.parse_args()
args["id"] = user_id
db = DB()
# 判断是否存在
select_status, select_result = db.select_by_id("user", user_id)
if select_status is not True:
db.close_mysql()
logger.error("Modify user error: %s" % select_result)
return {"status": False, "message": select_result}, 500
if not select_result:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % user_id
}, 404
# 判断名字否已经存在
status, result = db.select(
"user", "where data -> '$.username'='%s'" % args["username"])
if status is True:
if result:
if user_id != result[0].get("id"):
db.close_mysql()
return {
"status": False,
"message": "The user name already exists"
}, 200
# 获取之前的加密密码
if args["password"]:
# 基于RSA加密算法获取密码
password = rsa_decrypt(args["password"])
if password is False:
return {"status": False, "message": "Decrypt is failure "}, 500
password_hash = custom_app_context.encrypt(password)
args["password"] = password_hash
else:
status, result = db.select_by_id("user", user_id)
if status is True:
if result:
args["password"] = result.get("password")
else:
db.close_mysql()
return {
"status": False,
"message": "%s does not exist" % user_id
}, 404
else:
db.close_mysql()
return {"status": False, "message": result}, 500
# 更新用户信息
users = args
status, result = db.update_by_id("user",
json.dumps(users, ensure_ascii=False),
user_id)
db.close_mysql()
if status is not True:
logger.error("Modify user error: %s" % result)
return {"status": False, "message": result}, 500
audit_log(user, user_id, "", "user", "edit")
return {"status": True, "message": ""}, 200
def grouping(concurrent, period_result, period_id, minion_list, salt_api, user,
product_id):
# 假如并行数大于minion的总数,range步长为minion长度,即一次全部运行
# for m in period_result["executed_minion"]:
# minion_list.remove(m)
if concurrent > len(minion_list):
concurrent = len(minion_list)
count = period_result["count"] if period_result["count"] != 0 else 1
step = period_result["step"] if period_result["step"] != 0 else 0
for i in range(step, len(minion_list), concurrent):
db = DB()
p_status, p_result = db.select_by_id("period_task", period_id)
if p_status is True and p_result:
if p_result.get("action") == "concurrent_play" or p_result.get(
"action") == "scheduler_resume":
# 记录状态为第N组运行中
p_result["status"] = {
"id": 7,
"name": period_status.get(7) % count
}
audits = {
"timestamp": int(time.time()),
"user": "******",
"option": period_audit.get(7) % count
}
insert_period_audit(period_id, audits)
db.update_by_id("period_task",
json.dumps(p_result, ensure_ascii=False),
period_id)
# 根据并行数,对minion进行切分
minion = minion_list[i:i + concurrent]
if period_result.get("execute") == "shell":
result = salt_api.shell_remote_execution(
minion, period_result.get("shell"))
elif period_result.get("execute") == "sls":
result = salt_api.target_deploy(
minion,
period_result.get("sls").replace(".sls", ""))
# 执行结果写入到period_result表
results = {
"time": int(time.time()),
"result": result,
"option": period_audit.get(7) % count
}
insert_period_result(period_id, results)
# 执行完命令更新状态
p_result["status"] = {
"id": 8,
"name": period_status.get(8) % count
}
# 执行审计写入到period_audit表
audits = {
"timestamp": int(time.time()),
"user": "******",
"option": period_audit.get(8) % count
}
insert_period_audit(period_id, audits)
p_result["count"] = count + 1
p_result["step"] = step + concurrent
# 并行间隔时间,最后一次不等待
if concurrent < len(minion_list):
if i != list(range(0, len(minion_list), concurrent))[-1]:
time.sleep(int(p_result["interval"]))
count += 1
elif i == list(range(0, len(minion_list), concurrent))[-1]:
# 正常循环最后一次对计数几步长初始化
p_result["count"] = 0
p_result["step"] = 0
db.update_by_id("period_task",
json.dumps(p_result, ensure_ascii=False),
period_id)
db.close_mysql()
# audit_log(user, minion, product_id, "minion", "shell")
# 不同调度方式使用不同的状态显示
if p_result["scheduler"] == "period":
p_result["status"] = {"id": 9, "name": period_status.get(9)}
elif p_result["scheduler"] == "crontab":
p_result["status"] = {"id": 10, "name": period_status.get(10)}
elif p_result.get("action") != "concurrent_pause":
p_result["status"] = {"id": 3, "name": period_status.get(3)}
if p_result.get("action") != "concurrent_pause":
audits = {
"timestamp": int(time.time()),
"user": "******",
"option": period_audit.get(3)
}
insert_period_audit(period_id, audits)
db = DB()
db.update_by_id("period_task", json.dumps(p_result, ensure_ascii=False),
period_id)
db.close_mysql()
def verify_token(*args, **kwargs):
# 通过 Cookie Token 进行认证
token = request.cookies.get(cookie_key)
if token:
try:
uid = RedisTool.get(token)
db = DB()
status, result = db.select_by_id("user", uid)
if status is True and result:
db.close_mysql()
# 验证是否有权限访问
if not verify_role(result, tag):
return {
"status": False,
"message": "Access forbidden"
}, 403
g.user_info = result
else:
logger.error("Select uid by token error: %s" % result)
return {
"status": False,
"message": "Unauthorized access"
}, 401
except Exception as e:
logger.error("Verify token error: %s" % e)
return {
"status": False,
"message": "Unauthorized access"
}, 401
if RedisTool.get(token):
RedisTool.expire(token, expires_in)
return func(*args, **kwargs)
# 通过 Bearer Token 进行认证
elif 'Authorization' in request.headers:
try:
scheme, cred = request.headers['Authorization'].split(
None, 1)
uid = RedisTool.get(cred)
db = DB()
status, result = db.select_by_id("user", uid)
if status is True and result:
db.close_mysql()
# 验证是否有权限访问
if not verify_role(result, tag):
return {
"status": False,
"message": "Access forbidden"
}, 403
g.user_info = result
else:
logger.error("Select uid by token error: %s" % result)
return {
"status": False,
"message": "Unauthorized access"
}, 401
except Exception as e:
logger.error("Verify token error: %s" % e)
return {
"status": False,
"message": "Unauthorized access"
}, 401
else:
if scheme == 'Bearer' and RedisTool.get(cred):
RedisTool.expire(token, expires_in)
return func(*args, **kwargs)
else:
return {
"status": False,
"message": "Unauthorized access"
}, 401
# 通过 X-Gitlab-Token 进行认证
elif 'X-Gitlab-Token' in request.headers:
gitlab_token = request.headers['X-Gitlab-Token']
try:
uid = RedisTool.get(gitlab_token)
db = DB()
status, result = db.select_by_id("user", uid)
if status is True and result:
db.close_mysql()
# 验证是否有权限访问
if not verify_role(result, tag):
return {
"status": False,
"message": "Access forbidden"
}, 403
g.user_info = result
else:
logger.error("Select uid by token error: %s" % result)
return {
"status": False,
"message": "Unauthorized access"
}, 401
except Exception as e:
logger.error("Verify token error: %s" % e)
return {
"status": False,
"message": "Unauthorized access"
}, 401
if RedisTool.get(gitlab_token):
RedisTool.expire(gitlab_token, expires_in)
return func(*args, **kwargs)
else:
return {"status": False, "message": "Unauthorized access"}, 401
