def perm_role_add(request):
"""
add role page
"""
# 渲染数据
header_title, path1, path2 = "系统用户", "系统用户管理", "添加系统用户"
login_user_id = request.user.id
if not login_user_id:
return HttpResponseRedirect(reverse('index'))
login_user = User.objects.get(id=login_user_id)
productlines = ProductLine.objects.all()
sudos = PermSudo.objects.all().filter(productLine=login_user.productLine)
if request.method == "POST":
# 获取参数: name, comment
name = request.POST.get("role_name", "").strip()
comment = request.POST.get("role_comment", "")
password = request.POST.get("role_password", "")
key_content = request.POST.get("role_key", "")
sudo_ids = request.POST.getlist('sudo_name')
productline_name = request.POST.get('productline_name', '')
productLine = get_object_or_404(ProductLine, name=productline_name)
try:
if get_object(PermRole, name=name, productLine=productLine):
raise ServerError(u'已经存在该用户 %s' % name)
if name == "root":
raise ServerError(u'禁止使用root用户作为系统用户,这样非常危险!')
default = get_object(Setting, name='default')
if len(password) > 64:
raise ServerError(u'密码长度不能超过64位!')
if password:
encrypt_pass = CRYPTOR.encrypt(password)
else:
encrypt_pass = CRYPTOR.encrypt(CRYPTOR.gen_rand_pass(20))
# 生成随机密码,生成秘钥对
sudos_obj = [
get_object(PermSudo, id=sudo_id) for sudo_id in sudo_ids
]
if key_content:
try:
key_path = gen_keys(key=key_content)
except SSHException, e:
raise ServerError(e)
else:
key_path = gen_keys()
logger.debug('generate role key: %s' % key_path)
role = PermRole(name=name,
productLine=productLine,
comment=comment,
password=encrypt_pass,
key_path=key_path)
role.save()
role.sudo = sudos_obj
msg = u"添加系统用户: %s" % name
return HttpResponseRedirect(reverse('role_list'))
def perm_role_add(request):
"""
add role page
"""
# 渲染数据
header_title, path1, path2 = "系统用户", "系统用户管理", "添加系统用户"
sudos = PermSudo.objects.all()
if request.method == "POST":
# 获取参数: name, comment
name = request.POST.get("role_name", "").strip()
comment = request.POST.get("role_comment", "")
password = request.POST.get("role_password", "")
key_content = request.POST.get("role_key", "")
sudo_ids = request.POST.getlist('sudo_name')
try:
if get_object(PermRole, name=name):
raise ServerError('已经存在该用户 %s' % name)
if name == "root":
raise ServerError('禁止使用root用户作为系统用户,这样非常危险!')
default = get_object(Setting, name='default')
if len(password) > 64:
raise ServerError('密码长度不能超过64位!')
if password:
encrypt_pass = CRYPTOR.encrypt(password)
else:
encrypt_pass = CRYPTOR.encrypt(CRYPTOR.gen_rand_pass(20))
# 生成随机密码,生成秘钥对
sudos_obj = [
get_object(PermSudo, id=sudo_id) for sudo_id in sudo_ids
]
if key_content:
try:
key_path = gen_keys(key=key_content)
except SSHException as e:
raise ServerError(e)
else:
key_path = gen_keys()
logger.debug('generate role key: %s' % key_path)
role = PermRole(name=name,
comment=comment,
password=encrypt_pass,
key_path=key_path)
role.save()
role.sudo = sudos_obj
msg = "添加系统用户: %s" % name
return HttpResponseRedirect(reverse('role_list'))
except ServerError as e:
error = e
return my_render('jperm/perm_role_add.html', locals(), request)
def perm_role_edit(request):
"""
edit role page
"""
# 渲染数据
header_title, path1, path2 = "系统用户", "系统用户管理", "系统用户编辑"
# 渲染数据
role_id = request.GET.get("id")
role = PermRole.objects.get(id=role_id)
ori_name = role.name
if request.method == "GET":
# role_pass = CRYPTOR.decrypt(role.password)
sudo_all = PermSudo.objects.all()
role_sudos = role.sudo.all()
sudo_all = PermSudo.objects.all()
return my_render('jperm/perm_role_edit.html', locals(), request)
if request.method == "POST":
# 获取 POST 数据
role_name = request.POST.get("role_name")
role_password = request.POST.get("role_password")
role_comment = request.POST.get("role_comment")
role_sudo_names = request.POST.getlist("sudo_name")
role_sudos = [
PermSudo.objects.get(id=sudo_id) for sudo_id in role_sudo_names
]
key_content = request.POST.get("role_key", "")
if len(role_password) > 64:
raise ServerError(u'密码长度不能超过64位!')
try:
# if not role:
# raise ServerError('该系统用户不能存在')
if role_name == "root":
raise ServerError(u'禁止使用root用户作为系统用户,这样非常危险!')
if PermRole.objects.get(
name=role_name) and (role_name != ori_name):
raise ServerError(u'role %s is already exists.' % role_name)
if role_password:
encrypt_pass = CRYPTOR.encrypt(role_password)
role.password = encrypt_pass
# 生成随机密码,生成秘钥对
if key_content:
try:
key_path = gen_keys(key=key_content,
key_path_dir=role.key_path)
except SSHException:
raise ServerError('输入的密钥不合法')
logger.debug('Recreate role key: %s' % role.key_path)
# 写入数据库
role.name = role_name
role.comment = role_comment
role.sudo = role_sudos
role.save()
msg = u"更新系统用户: %s" % role.name
return HttpResponseRedirect(reverse('role_list'))
except ServerError, e:
error = e
def perm_role_add(request):
"""
add role page
"""
# 渲染数据
header_title, path1, path2 = "系统用户", "系统用户管理", "添加系统用户"
sudos = PermSudo.objects.all()
if request.method == "POST":
# 获取参数: name, comment
name = request.POST.get("role_name", "").strip()
comment = request.POST.get("role_comment", "")
password = request.POST.get("role_password", "")
key_content = request.POST.get("role_key", "")
sudo_ids = request.POST.getlist('sudo_name')
try:
if get_object(PermRole, name=name):
raise ServerError(u'已经存在该用户 %s' % name)
if name == "root":
raise ServerError(u'禁止使用root用户作为系统用户,这样非常危险!')
default = get_object(Setting, name='default')
if len(password) > 64:
raise ServerError(u'密码长度不能超过64位!')
if password:
encrypt_pass = CRYPTOR.encrypt(password)
else:
encrypt_pass = CRYPTOR.encrypt(CRYPTOR.gen_rand_pass(20))
# 生成随机密码,生成秘钥对
sudos_obj = [get_object(PermSudo, id=sudo_id) for sudo_id in sudo_ids]
if key_content:
try:
key_path = gen_keys(key=key_content)
except SSHException, e:
raise ServerError(e)
else:
key_path = gen_keys()
logger.debug('generate role key: %s' % key_path)
role = PermRole(name=name, comment=comment, password=encrypt_pass, key_path=key_path)
role.save()
role.sudo = sudos_obj
msg = u"添加系统用户: %s" % name
return HttpResponseRedirect(reverse('role_list'))
def perm_role_edit(request):
"""
edit role page
"""
# 渲染数据
header_title, path1, path2 = "系统用户", "系统用户管理", "系统用户编辑"
# 渲染数据
role_id = request.GET.get("id")
role = PermRole.objects.get(id=role_id)
role_pass = CRYPTOR.decrypt(role.password)
sudo_all = PermSudo.objects.all()
role_sudos = role.sudo.all()
sudo_all = PermSudo.objects.all()
if request.method == "GET":
return my_render('jperm/perm_role_edit.html', locals(), request)
if request.method == "POST":
# 获取 POST 数据
role_name = request.POST.get("role_name")
role_password = request.POST.get("role_password")
role_comment = request.POST.get("role_comment")
role_sudo_names = request.POST.getlist("sudo_name")
role_sudos = [PermSudo.objects.get(id=sudo_id) for sudo_id in role_sudo_names]
key_content = request.POST.get("role_key", "")
if len(role_password) > 64:
raise ServerError(u'密码长度不能超过64位!')
try:
if not role:
raise ServerError('该系统用户不能存在')
if role_name == "root":
raise ServerError(u'禁止使用root用户作为系统用户,这样非常危险!')
if role_password:
encrypt_pass = CRYPTOR.encrypt(role_password)
role.password = encrypt_pass
# 生成随机密码,生成秘钥对
if key_content:
try:
key_path = gen_keys(key=key_content, key_path_dir=role.key_path)
except SSHException:
raise ServerError('输入的密钥不合法')
logger.debug('Recreate role key: %s' % role.key_path)
# 写入数据库
role.name = role_name
role.comment = role_comment
role.sudo = role_sudos
role.save()
msg = u"更新系统用户: %s" % role.name
return HttpResponseRedirect(reverse('role_list'))
except ServerError, e:
error = e
def perm_role_edit(request):
"""
edit role page
"""
# 渲染数据
header_title, path1, path2 = "系统用户", "系统用户管理", "系统用户编辑"
# 渲染数据
role_id = request.GET.get("id")
role = PermRole.objects.get(id=role_id)
role_pass = CRYPTOR.decrypt(role.password)
role_sudos = role.sudo.all()
productlines = ProductLine.objects.all()
username = request.user.username
user_perm = request.session['role_id']
if user_perm == 2:
sudo_all = PermSudo.objects.all()
elif user_perm == 1:
login_user = get_object(User, username=username)
sudo_all = PermSudo.objects.all().filter(
productLine=login_user.productLine)
if request.method == "GET":
return my_render('jperm/perm_role_edit.html', locals(), request)
if request.method == "POST":
# 获取 POST 数据
role_name = request.POST.get("role_name")
role_password = request.POST.get("role_password")
role_comment = request.POST.get("role_comment")
role_sudo_names = request.POST.getlist("sudo_name")
role_sudos = [
PermSudo.objects.get(id=sudo_id) for sudo_id in role_sudo_names
]
key_content = request.POST.get("role_key", "")
productline_name = request.POST.get('productline_name', '')
productLine = get_object_or_404(ProductLine, name=productline_name)
if len(role_password) > 64:
raise ServerError(u'密码长度不能超过64位!')
try:
if not role:
raise ServerError('该系统用户不能存在')
if role_name == "root":
raise ServerError(u'禁止使用root用户作为系统用户,这样非常危险!')
if role_password:
encrypt_pass = CRYPTOR.encrypt(role_password)
role.password = encrypt_pass
# 生成随机密码,生成秘钥对
if key_content:
try:
key_path = gen_keys(key=key_content,
key_path_dir=role.key_path)
except SSHException:
raise ServerError('输入的密钥不合法')
logger.debug('Recreate role key: %s' % role.key_path)
# 写入数据库
role.name = role_name
role.comment = role_comment
role.sudo = role_sudos
role.productLine = productLine
role.save()
msg = u"更新系统用户: %s" % role.name
return HttpResponseRedirect(reverse('role_list'))
except ServerError, e:
error = e
