def _deco2(request, *args, **kwargs): if request.get_cookie('sessionid'): session_key = request.get_cookie('sessionid') else: session_key = request.get_argument('sessionid', '') logger.debug('Websocket: session_key: %s' % session_key) if session_key: session = get_object(Session, session_key=session_key) logger.debug('Websocket: session: %s' % session) if session and datetime.datetime.now() < session.expire_date: user_id = session.get_decoded().get('_auth_user_id') request.user_id = user_id user = get_object(User, id=user_id) if user: logger.debug( 'Websocket: user [ %s ] request websocket' % user.username) request.user = user if role == 'admin': if user.role in ['SU', 'GA']: return func(request, *args, **kwargs) logger.debug( 'Websocket: user [ %s ] is not admin.' % user.username) else: return func(request, *args, **kwargs) else: logger.debug('Websocket: session expired: %s' % session_key) try: request.close() except AttributeError: pass logger.warning('Websocket: Request auth failed.')
def _deco2(request, *args, **kwargs): if request.get_cookie('sessionid'): session_key = request.get_cookie('sessionid') else: session_key = request.get_argument('sessionid', '') logger.debug('Websocket: session_key: %s' % session_key) if session_key: session = get_object(Session, session_key=session_key) logger.debug('Websocket: session: %s' % session) if session and datetime.datetime.now() < session.expire_date: user_id = session.get_decoded().get('_auth_user_id') request.user_id = user_id user = get_object(User, id=user_id) if user: logger.debug('Websocket: user [ %s ] request websocket' % user.username) request.user = user if role == 'admin': if user.role in ['SU', 'GA']: return func(request, *args, **kwargs) logger.debug('Websocket: user [ %s ] is not admin.' % user.username) else: return func(request, *args, **kwargs) else: logger.debug('Websocket: session expired: %s' % session_key) try: request.close() except AttributeError: pass logger.warning('Websocket: Request auth failed.')
def on_message(self, message): role_name = self.get_argument('role', 'sb') asset_id = self.get_argument('id', 9999) asset = get_object(Asset, id=asset_id) self.role = get_object(PermRole, name=role_name) self.perm = get_group_user_perm(self.user) roles = self.perm.get('role').keys() if self.role not in roles: self.write_message('No perm that role %s' % role_name) self.close() self.assets = self.perm.get('role').get(self.role).get('asset') res = gen_resource({ 'user': self.user, 'asset': self.assets, 'role': self.role }) self.runner = MyRunner(res) pattern = asset.ip.encode("utf-8") import time from collections import deque while True: self.runner.run('shell', 'cat /home/admin/log', pattern=pattern) result = self.runner.results['ok'] # print result,99999999 self.write_message(result) if result: time.sleep(0.5) continue
def _deco2(request, *args, **kwargs): if request.get_cookie("sessionid"): session_key = request.get_cookie("sessionid") else: session_key = request.get_argument("sessionid", "") logger.debug("Websocket: session_key: %s" % session_key) if session_key: session = get_object(Session, session_key=session_key) logger.debug("Websocket: session: %s" % session) if session and datetime.datetime.now() < session.expire_date: user_id = session.get_decoded().get("_auth_user_id") request.user_id = user_id user = get_object(User, id=user_id) if user: logger.debug("Websocket: user [ %s ] request websocket" % user.username) request.user = user if role == "admin": if user.role in ["SU", "GA"]: return func(request, *args, **kwargs) logger.debug("Websocket: user [ %s ] is not admin." % user.username) else: return func(request, *args, **kwargs) else: logger.debug("Websocket: session expired: %s" % session_key) try: request.close() except AttributeError: pass logger.warning("Websocket: Request auth failed.")
def open(self): logger.debug('Websocket: Open exec request') role_name = self.get_argument('role', 'sb') self.remote_ip = self.request.headers.get("X-Real-IP") if not self.remote_ip: self.remote_ip = self.request.remote_ip logger.debug('Web执行命令: 请求系统用户 %s' % role_name) self.role = get_object(PermRole, name=role_name) self.perm = get_group_user_perm(self.user) roles = self.perm.get('role').keys() if self.role not in roles: self.write_message('No perm that role %s' % role_name) self.close() self.assets = self.perm.get('role').get(self.role).get('asset') res = gen_resource({ 'user': self.user, 'asset': self.assets, 'role': self.role }) self.runner = MyRunner(res) message = '有权限的主机: ' + ', '.join( [asset.hostname for asset in self.assets]) self.__class__.clients.append(self) self.write_message(message)
def open(self): logger.debug('Websocket: Open request') role_name = self.get_argument('role', 'sb') asset_id = self.get_argument('id', 9999) asset = get_object(Asset, id=asset_id) self.termlog = TermLogRecorder(User.objects.get(id=self.user_id)) if asset: roles = user_have_perm(self.user, asset) logger.debug(roles) logger.debug('系统用户: %s' % role_name) login_role = '' for role in roles: if role.name == role_name: login_role = role break if not login_role: logger.warning( 'Websocket: Not that Role %s for Host: %s User: %s ' % (role_name, asset.hostname, self.user.username)) self.close() return else: logger.warning('Websocket: No that Host: %s User: %s ' % (asset_id, self.user.username)) self.close() return logger.debug( 'Websocket: request web terminal Host: %s User: %s Role: %s' % (asset.hostname, self.user.username, login_role.name)) self.term = WebTty(self.user, asset, login_role, login_type='web') # self.term.remote_ip = self.request.remote_ip self.term.remote_ip = self.request.headers.get("X-Real-IP") if not self.term.remote_ip: self.term.remote_ip = self.request.remote_ip self.ssh = self.term.get_connection() self.channel = self.ssh.invoke_shell(term='xterm') logger.debug(self.channel) WebTerminalHandler.tasks.append(MyThread(target=self.forward_outbound)) WebTerminalHandler.clients.append(self) for t in WebTerminalHandler.tasks: logger.debug(WebTerminalHandler.tasks) if t.is_alive(): logger.debug('is_alive') continue try: t.setDaemon(False) t.start() except RuntimeError: pass
def open(self): logger.debug("Websocket: Open request") role_name = self.get_argument("role", "sb") asset_id = self.get_argument("id", 9999) asset = get_object(Asset, id=asset_id) self.termlog = TermLogRecorder(User.objects.get(id=self.user_id)) if asset: roles = user_have_perm(self.user, asset) logger.debug(roles) logger.debug("系统用户: %s" % role_name) login_role = "" for role in roles: if role.name == role_name: login_role = role break if not login_role: logger.warning( "Websocket: Not that Role %s for Host: %s User: %s " % (role_name, asset.hostname, self.user.username) ) self.close() return else: logger.warning("Websocket: No that Host: %s User: %s " % (asset_id, self.user.username)) self.close() return logger.debug( "Websocket: request web terminal Host: %s User: %s Role: %s" % (asset.hostname, self.user.username, login_role.name) ) self.term = WebTty(self.user, asset, login_role, login_type="web") # self.term.remote_ip = self.request.remote_ip self.term.remote_ip = self.request.headers.get("X-Real-IP") if not self.term.remote_ip: self.term.remote_ip = self.request.remote_ip self.ssh = self.term.get_connection() self.channel = self.ssh.invoke_shell(term="xterm") WebTerminalHandler.tasks.append(MyThread(target=self.forward_outbound)) WebTerminalHandler.clients.append(self) for t in WebTerminalHandler.tasks: if t.is_alive(): continue try: t.setDaemon(True) t.start() except RuntimeError: pass
def open(self): logger.debug('Websocket: Open exec request') role_name = self.get_argument('role', 'sb') self.remote_ip = self.request.remote_ip logger.debug('Web执行命令: 请求系统用户 %s' % role_name) self.role = get_object(PermRole, name=role_name) self.perm = get_group_user_perm(self.user) roles = self.perm.get('role').keys() if self.role not in roles: self.write_message('No perm that role %s' % role_name) self.close() self.assets = self.perm.get('role').get(self.role).get('asset') res = gen_resource({'user': self.user, 'asset': self.assets, 'role': self.role}) self.runner = MyRunner(res) message = '有权限的主机: ' + ', '.join([asset.hostname for asset in self.assets]) self.__class__.clients.append(self) self.write_message(message)
def open(self): logger.debug("Websocket: Open exec request") role_name = self.get_argument("role", "sb") self.remote_ip = self.request.headers.get("X-Real-IP") if not self.remote_ip: self.remote_ip = self.request.remote_ip logger.debug("Web执行命令: 请求系统用户 %s" % role_name) self.role = get_object(PermRole, name=role_name) self.perm = get_group_user_perm(self.user) roles = self.perm.get("role").keys() if self.role not in roles: self.write_message("No perm that role %s" % role_name) self.close() self.assets = self.perm.get("role").get(self.role).get("asset") res = gen_resource({"user": self.user, "asset": self.assets, "role": self.role}) self.runner = MyRunner(res) message = "有权限的主机: " + ", ".join([asset.hostname for asset in self.assets]) self.__class__.clients.append(self) self.write_message(message)
def open(self): logger.debug('Websocket: Open request') role_name = self.get_argument('role', 'sb') asset_id = self.get_argument('id', 9999) asset = get_object(Asset, id=asset_id) if asset: roles = user_have_perm(self.user, asset) logger.debug(roles) logger.debug('系统用户: %s' % role_name) login_role = '' for role in roles: if role.name == role_name: login_role = role break if not login_role: logger.warning('Websocket: Not that Role %s for Host: %s User: %s ' % (role_name, asset.hostname, self.user.username)) self.close() return else: logger.warning('Websocket: No that Host: %s User: %s ' % (asset_id, self.user.username)) self.close() return logger.debug('Websocket: request web terminal Host: %s User: %s Role: %s' % (asset.hostname, self.user.username, login_role.name)) self.term = WebTty(self.user, asset, login_role, login_type='web') self.term.remote_ip = self.request.remote_ip self.ssh = self.term.get_connection() self.channel = self.ssh.invoke_shell(term='xterm') WebTerminalHandler.tasks.append(MyThread(target=self.forward_outbound)) WebTerminalHandler.clients.append(self) for t in WebTerminalHandler.tasks: if t.is_alive(): continue try: t.setDaemon(True) t.start() except RuntimeError: pass
def open(self): logger.debug('Websocket: Open windows desktop request') role_name = self.get_argument('role', 'sb') asset_id = self.get_argument('id', 9999) asset = get_object(Asset, id=asset_id) if asset: roles = user_have_perm(self.user, asset) logger.debug(roles) logger.debug('系统用户: %s' % role_name) login_role = '' for role in roles: if role.name == role_name: login_role = role break if not login_role: logger.warning( 'Websocket: Not that Role %s for Host: %s User: %s ' % (role_name, asset.hostname, self.user.username)) self.close() return else: logger.warning('Websocket: No that Host: %s User: %s ' % (asset_id, self.user.username)) self.close() return remote_ip = self.request.headers.get("X-Real-IP") if not remote_ip: remote_ip = self.request.remote_ip date_today = timezone.now() pid = 0 self.log = Log(user=self.user.username, host=asset.hostname, remote_ip=remote_ip, login_type='rdp', log_path='', start_time=date_today, pid=pid) logger.debug( 'Websocket: request web terminal Host: %s User: %s Role: %s' % (asset.hostname, self.user.username, login_role.name))
def open(self, *args): # logger.debug('Websocket: Open exec request') role_name = self.get_argument('role', 'sb') # logger.debug('Web执行命令: 请求系统用户 %s' % role_name) self.role = get_object(PermRole, name=role_name)