def get(self,id):
if not self.current_user:
self.redirect('/Signin')
return
username = self.get_secure_cookie('username')
permission = permissiondict[username]['permission']
PAGE = ''.join([id,'.html'])
logger.debug('Request %s',PAGE)
self.render(PAGE,ECOUNT=ecount,SALTRESULT=SALTRET)
def get(self, id):
if not self.current_user:
self.redirect('/Signin')
return
username = self.get_secure_cookie('username')
permission = permissiondict[username]['permission']
PAGE = ''.join([id, '.html'])
logger.debug('Request %s', PAGE)
self.render(PAGE, ECOUNT=ecount, SALTRESULT=SALTRET)
def post(self): #HTTP的POST方法,是GET渲染的form中的post method所对应
username = self.get_argument('username') #获取form中username的值
password = self.get_argument('password') #获取form中password的值
ip = self.request.remote_ip #获取来访者IP
userdict = Readyaml('db/user.db')
try:
wdsalt = userdict[username]['salt']
except:
HINT = '用户名不存在,请重新输入'
logger.debug('User %s login failed, wrong username',username)
self.render('login_form.html',HINT=HINT)
return
wdpass = userdict[username]['password']
wdforcereset = userdict[username]['forcereset']
wdret = VerifyPassword(wdsalt,wdpass,password)
if wdret == 0:
permission = permissiondict[username]['permission']
self.set_secure_cookie('username', username.encode('unicode_escape'), expires_days=None) #same
self.set_secure_cookie('role', password.encode('unicode_escape'), expires_days=None) #same
ip = self.request.remote_ip #获取来访者IP
logger.debug('User %s auth success',username)
if wdforcereset == 1:
logger.debug('User %s is forced to change password',username)
self.redirect('/ChangePW')
else:
self.redirect('/')
return #返回,按照官方文档的要求,在redirect之后需要写空的return,否则可能会有问题,实测确实会有问题
else:
HINT = '密码错误,请重新输入'
logger.debug('User %s login failed, wrong password',username)
self.render('login_form.html',HINT=HINT)
return
def post(self):
if not self.current_user:
self.redirect('/Signin')
return
userdict = Readyaml('db/user.db')
username = self.get_secure_cookie('username')
password0 = self.get_argument('password0')
password1 = self.get_argument('password1')
if password0 == password1:
salt = RandomString(64)
password = GenDigest(salt,password0)
userdict[username]['salt'] = salt
userdict[username]['password'] = password
userdict[username]['forcereset'] = 0
#logger.debug('Modify userdict: %s',userdict)
logger.debug('User %s change password success',username)
Writeyaml(userdict,'db/user.db')
self.redirect("/Redirect")
def post(self):
if not self.current_user:
self.redirect('/Signin')
return
userdict = Readyaml('db/user.db')
username = self.get_secure_cookie('username')
password0 = self.get_argument('password0')
password1 = self.get_argument('password1')
if password0 == password1:
salt = RandomString(64)
password = GenDigest(salt, password0)
userdict[username]['salt'] = salt
userdict[username]['password'] = password
userdict[username]['forcereset'] = 0
#logger.debug('Modify userdict: %s',userdict)
logger.debug('User %s change password success', username)
Writeyaml(userdict, 'db/user.db')
self.redirect("/Redirect")
def post(self, id):
username = self.get_secure_cookie('username')
permission = permissiondict[username]['permission']
global SALTRET
SALTRET = 'Just init value'
TARGET = self.get_argument('tgt')
FUN = gamedict[id]['cmdtype']
EXPR_FORM = gamedict[id]['targettype']
RUNAS = gamedict[id]['runas']
if RUNAS == 'na':
KWARG = {}
else:
KWARG = {'runas': RUNAS}
CMD0 = self.get_argument('cmd0')
CMD1 = self.get_argument('cmd1')
try:
CMD2 = self.get_argument('cmd2')
except:
CMD2 = ''
if FUN == 'cmd.run':
COMMAND = ' '.join([CMD0, CMD1, CMD2])
elif FUN == 'state.sls':
COMMAND = CMD0 + '.' + CMD1 + CMD2
if EXPR_FORM == 'list':
SALTCMD = "salt %s %s %s" % (TARGET, FUN, COMMAND)
elif EXPR_FORM == 'nodegroup':
SALTCMD = "salt -N %s %s %s" % (TARGET, FUN, COMMAND)
local = salt.client.LocalClient()
self.render('result.html',
SALTCOMMAND=SALTCMD,
SALTRESULT=SALTRET,
FLAGID=id,
MENUDICT=menudict,
SALTFUNCTION=FUN,
PERMISSION=permission)
logger.debug(
'%s, salt.client.local.cmd: tgt=%s,fun=%s,arg=[%s],expr_form=%s,kwarg=%s',
username, TARGET, FUN, COMMAND, EXPR_FORM, KWARG)
SALTRET = local.cmd(tgt=TARGET,
fun=FUN,
arg=[COMMAND],
expr_form=EXPR_FORM,
kwarg=KWARG)
logger.debug('%s, SALTRET0: %s', username, SALTRET)
if FUN == 'state.sls':
SALTRET = ret_process(SALTRET)
logger.debug('%s, SALTRET: %s', username, SALTRET)
def post(self): #HTTP的POST方法,是GET渲染的form中的post method所对应
username = self.get_argument('username') #获取form中username的值
password = self.get_argument('password') #获取form中password的值
ip = self.request.remote_ip #获取来访者IP
userdict = Readyaml('db/user.db')
try:
wdsalt = userdict[username]['salt']
except:
HINT = '用户名不存在,请重新输入'
logger.debug('User %s login failed, wrong username', username)
self.render('login_form.html', HINT=HINT)
return
wdpass = userdict[username]['password']
wdforcereset = userdict[username]['forcereset']
wdret = VerifyPassword(wdsalt, wdpass, password)
if wdret == 0:
permission = permissiondict[username]['permission']
self.set_secure_cookie('username',
username.encode('unicode_escape'),
expires_days=None) #same
self.set_secure_cookie('role',
password.encode('unicode_escape'),
expires_days=None) #same
ip = self.request.remote_ip #获取来访者IP
logger.debug('User %s auth success', username)
if wdforcereset == 1:
logger.debug('User %s is forced to change password', username)
self.redirect('/ChangePW')
else:
self.redirect('/')
return #返回,按照官方文档的要求,在redirect之后需要写空的return,否则可能会有问题,实测确实会有问题
else:
HINT = '密码错误,请重新输入'
logger.debug('User %s login failed, wrong password', username)
self.render('login_form.html', HINT=HINT)
return
def post(self,id):
username = self.get_secure_cookie('username')
permission = permissiondict[username]['permission']
global SALTRET
SALTRET = 'Just init value'
TARGET = self.get_argument('tgt')
FUN = gamedict[id]['cmdtype']
EXPR_FORM = gamedict[id]['targettype']
RUNAS = gamedict[id]['runas']
if RUNAS == 'na':
KWARG = {}
else:
KWARG = {'runas':RUNAS}
CMD0 = self.get_argument('cmd0')
CMD1 = self.get_argument('cmd1')
try:
CMD2 = self.get_argument('cmd2')
except:
CMD2 = ''
if FUN == 'cmd.run':
COMMAND = ' '.join([CMD0,CMD1,CMD2])
elif FUN == 'state.sls':
COMMAND = CMD0 + '.' + CMD1 + CMD2
if EXPR_FORM == 'list':
SALTCMD = "salt %s %s %s" % (TARGET,FUN,COMMAND)
elif EXPR_FORM == 'nodegroup':
SALTCMD = "salt -N %s %s %s" % (TARGET,FUN,COMMAND)
local = salt.client.LocalClient()
self.render('result.html',SALTCOMMAND=SALTCMD,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=FUN,PERMISSION=permission)
logger.debug('%s, salt.client.local.cmd: tgt=%s,fun=%s,arg=[%s],expr_form=%s,kwarg=%s',username,TARGET,FUN,COMMAND,EXPR_FORM,KWARG)
SALTRET = local.cmd(tgt=TARGET,fun=FUN,arg=[COMMAND],expr_form=EXPR_FORM,kwarg=KWARG)
logger.debug('%s, SALTRET0: %s',username,SALTRET)
if FUN == 'state.sls':
SALTRET = ret_process(SALTRET)
logger.debug('%s, SALTRET: %s',username,SALTRET)
def post(self, id):
username = self.get_secure_cookie('username')
permission = permissiondict[username]['permission']
global SALTRET
global ecount
SALTRET = 'Just init value'
if id == 'server_initialization':
PACKAGE = self.get_argument('package')
PACKAGE_LINE = [
i.split() for i in PACKAGE.encode('utf-8').split('\r\n')
]
logger.debug('%s, PACKAGE_LINE: %s', username, PACKAGE_LINE)
SALTCMD = 'Host Initialization'
SALT_FUN = 'host.init'
ecount = 0
SALTRET = []
SALTRET.append('')
## 需要加入主机名和IP地址不重复验证
## 日后再加
for ELMENT in PACKAGE_LINE:
j = ' '.join(ELMENT)
if len(ELMENT) < 2:
ecount += 1
SALTRET.append({j: 1})
else:
SALTRET.append({j: 0})
logger.debug('%s, ecount: %s SALTRET: %s', username, ecount,
SALTRET)
if ecount > 0:
SALTRET[0] = '下列标红的行所提供之信息不完整,请修正后重新提交: '
self.render('result.html',
SALTCOMMAND=SALTCMD,
ECOUNT=ecount,
SALTRESULT=SALTRET,
FLAGID=id,
MENUDICT=menudict,
SALTFUNCTION=SALT_FUN,
PERMISSION=permission)
else:
ret_usertype = 0
PACKAGE_DICT = {}
HOSTNAME_DICT = {}
ROSTER_CONF = '.roster_' + str(time.time())
for USER in ['root', 'ubuntu']:
if USER == 'root':
for ELMENT in PACKAGE_LINE:
if len(ELMENT) == 3:
PASS = ELMENT[-1]
else:
PASS = '******'
PACKAGE_DICT[ELMENT[1]] = {
'host': ELMENT[0],
'user': USER,
'passwd': PASS,
'port': 22
}
HOSTNAME_DICT[ELMENT[0]] = ELMENT[1]
PACKAGE_YAML = yaml.dump(PACKAGE_DICT)
logger.debug('%s, PACKAGE_YAML: %s', username,
PACKAGE_YAML)
ROSTER_FD = open(ROSTER_CONF, 'w')
ROSTER_FD.write(PACKAGE_YAML)
ROSTER_FD.close()
elif USER == 'ubuntu':
for hosty in retb:
if retb[hosty] == 0:
PACKAGE_DICT.pop(hosty)
elif retb[hosty] == 1:
PACKAGE_DICT[hosty]['user'] = '******'
logger.debug('%s, PACKAGE_DICT: %s', username,
PACKAGE_DICT)
TARGET = ','.join([i for i in HOSTNAME_DICT.values()])
## 验证ssh的用户密码是否正确
SALTSSH_RETFILE = '.saltsshret_' + str(time.time())
retb = LoginVirifi(PACKAGE_DICT)
logger.debug('%s, The result of LoginVirifi: %s', username,
retb)
retc = sum(retb.values())
if retc == 0:
ret_usertype = ret_usertype - 1
logger.debug(
'%s, All host LoginVirifi success,ret_usertype: %s',
username, ret_usertype)
break
else:
ret_usertype = 1
logger.debug(
'%s, All or part of host LoginVirifi fail,ret_usertype: %s',
username, ret_usertype)
continue
## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同
## ubuntu 用户修改root 密码失败暂未做处理
if ret_usertype == 1:
ecount = -1
SALTRET = []
SALTRET.append('下列标红的服务器ssh登录失败,请修正后重新提交:')
for j in PACKAGE_LINE:
k = ' '.join(j)
if j[1] in retb.keys():
SALTRET.append({k: 1})
else:
SALTRET.append({k: 0})
logger.info('%s, ecount: %s SALTRET: %s', username, ecount,
SALTRET)
self.render('result.html',
SALTCOMMAND=SALTCMD,
ECOUNT=ecount,
SALTRESULT=SALTRET,
FLAGID=id,
MENUDICT=menudict,
SALTFUNCTION=SALT_FUN,
PERMISSION=permission)
else:
#SALT_FUN = 'state.sls'
self.render('result.html',
SALTCOMMAND=SALTCMD,
ECOUNT=ecount,
SALTRESULT=SALTRET,
FLAGID=id,
MENUDICT=menudict,
SALTFUNCTION=SALT_FUN,
PERMISSION=permission)
## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同
## ubuntu 用户修改root 密码失败暂未做处理
if ret_usertype == 0:
retd = ChangePasswd(PACKAGE_DICT)
logger.debug('%s, The result of ChangePasswd: %s',
username, retd)
rete = sum(retd.values())
## host init
client = SSHClient()
logger.debug(
"%s, client.cmd\(tgt=%s,fun='state.sls', arg=['inithost'],roster_file=%s,expr_form=\'list\',kwarg={'pillar':%s,}\)",
username, TARGET, ROSTER_CONF, HOSTNAME_DICT)
# rand_thin_dir=True or -W is for fixing the salt-ssh problem when minion is python2.7 and master is python2.6 can cause error below:
# 'AttributeError: 'module' object has no attribute 'fromstringlist
# refer https://github.com/saltstack/salt/issues/26584
RET = client.cmd(tgt=TARGET,
fun='state.sls',
arg=['inithost'],
roster_file=ROSTER_CONF,
expr_form='list',
ignore_host_keys=True,
rand_thin_dir=True,
kwarg={'pillar': HOSTNAME_DICT})
logger.debug('%s, ecount: %d RET: %s', username, ecount,
RET)
SALTRET = ret_process(RET, dtype='init')
logger.info('%s, SALTRET: %s', username, SALTRET)
def get(self):
username = self.get_secure_cookie('username')
if (self.get_argument("signout", None)):
self.clear_cookie("username")
logger.debug('User %s logout',username)
self.redirect("/")
def post(self,id):
username = self.get_secure_cookie('username')
permission = permissiondict[username]['permission']
global SALTRET
global ecount
SALTRET = 'Just init value'
if id == 'server_initialization':
PACKAGE = self.get_argument('package')
PACKAGE_LINE = [i.split() for i in PACKAGE.encode('utf-8').split('\r\n')]
logger.debug('%s, PACKAGE_LINE: %s',username,PACKAGE_LINE)
SALTCMD = 'Host Initialization'
SALT_FUN = 'host.init'
ecount = 0
SALTRET = []
SALTRET.append('')
## 需要加入主机名和IP地址不重复验证
## 日后再加
for ELMENT in PACKAGE_LINE:
j = ' '.join(ELMENT)
if len(ELMENT) < 2:
ecount += 1
SALTRET.append({j:1})
else:
SALTRET.append({j:0})
logger.debug('%s, ecount: %s SALTRET: %s',username,ecount,SALTRET)
if ecount > 0:
SALTRET[0] = '下列标红的行所提供之信息不完整,请修正后重新提交: '
self.render('result.html',SALTCOMMAND=SALTCMD,ECOUNT=ecount,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=SALT_FUN,PERMISSION=permission)
else:
ret_usertype = 0
PACKAGE_DICT = {}
HOSTNAME_DICT = {}
ROSTER_CONF = '.roster_' + str(time.time())
for USER in ['root','ubuntu']:
if USER == 'root':
for ELMENT in PACKAGE_LINE:
if len(ELMENT) == 3:
PASS = ELMENT[-1]
else:
PASS = '******'
PACKAGE_DICT[ELMENT[1]] = {'host': ELMENT[0],'user':USER,'passwd':PASS,'port':22}
HOSTNAME_DICT[ELMENT[0]] = ELMENT[1]
PACKAGE_YAML = yaml.dump(PACKAGE_DICT)
logger.debug('%s, PACKAGE_YAML: %s',username,PACKAGE_YAML)
ROSTER_FD = open(ROSTER_CONF,'w')
ROSTER_FD.write(PACKAGE_YAML)
ROSTER_FD.close()
elif USER == 'ubuntu':
for hosty in retb:
if retb[hosty] == 0:
PACKAGE_DICT.pop(hosty)
elif retb[hosty] == 1:
PACKAGE_DICT[hosty]['user'] = '******'
logger.debug('%s, PACKAGE_DICT: %s',username,PACKAGE_DICT)
TARGET = ','.join([i for i in HOSTNAME_DICT.values()])
## 验证ssh的用户密码是否正确
SALTSSH_RETFILE = '.saltsshret_' + str(time.time())
retb = LoginVirifi(PACKAGE_DICT)
logger.debug('%s, The result of LoginVirifi: %s',username,retb)
retc = sum(retb.values())
if retc == 0:
ret_usertype = ret_usertype - 1
logger.debug('%s, All host LoginVirifi success,ret_usertype: %s',username,ret_usertype)
break
else:
ret_usertype = 1
logger.debug('%s, All or part of host LoginVirifi fail,ret_usertype: %s',username,ret_usertype)
continue
## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同
## ubuntu 用户修改root 密码失败暂未做处理
if ret_usertype == 1:
ecount = -1
SALTRET = []
SALTRET.append('下列标红的服务器ssh登录失败,请修正后重新提交:')
for j in PACKAGE_LINE:
k = ' '.join(j)
if j[1] in retb.keys():
SALTRET.append({k:1})
else:
SALTRET.append({k:0})
logger.info('%s, ecount: %s SALTRET: %s',username,ecount,SALTRET)
self.render('result.html',SALTCOMMAND=SALTCMD,ECOUNT=ecount,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=SALT_FUN,PERMISSION=permission)
else:
#SALT_FUN = 'state.sls'
self.render('result.html',SALTCOMMAND=SALTCMD,ECOUNT=ecount,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=SALT_FUN,PERMISSION=permission)
## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同
## ubuntu 用户修改root 密码失败暂未做处理
if ret_usertype == 0:
retd = ChangePasswd(PACKAGE_DICT)
logger.debug('%s, The result of ChangePasswd: %s',username,retd)
rete = sum(retd.values())
## host init
client = SSHClient()
logger.debug("%s, client.cmd\(tgt=%s,fun='state.sls', arg=['inithost'],roster_file=%s,expr_form=\'list\',kwarg={'pillar':%s,}\)",username,TARGET,ROSTER_CONF,HOSTNAME_DICT)
# rand_thin_dir=True or -W is for fixing the salt-ssh problem when minion is python2.7 and master is python2.6 can cause error below:
# 'AttributeError: 'module' object has no attribute 'fromstringlist
# refer https://github.com/saltstack/salt/issues/26584
RET = client.cmd(tgt=TARGET,fun='state.sls', arg=['inithost'],roster_file=ROSTER_CONF,expr_form='list',ignore_host_keys=True,rand_thin_dir=True,kwarg={'pillar':HOSTNAME_DICT})
logger.debug('%s, ecount: %d RET: %s',username,ecount,RET)
SALTRET = ret_process(RET,dtype='init')
logger.info('%s, SALTRET: %s',username,SALTRET)
def get(self):
username = self.get_secure_cookie('username')
if (self.get_argument("signout", None)):
self.clear_cookie("username")
logger.debug('User %s logout', username)
self.redirect("/")
