def create_groups(argv): ''' create groups :param argv: :return: ''' if '-f' in argv: group_file = argv[argv.index('-f') + 1] else: print_err( "Invalid usage, should be:\ncreate group -f <the new group file>", quit=True) source = yaml_parser(group_file) if source: print(source) for key, val in source.items(): print(key, val) obj = models.HostGroup(name=key) if val.get('bind_host'): bind_hosts = common_filters.bind_hosts_filter() obj.bind_hosts = bind_hosts if val.get('user_profiles'): user_profiles = common_filters obj.user_profiles = user_profiles session.add(obj) session.commit()
def create_bindhosts(argvs): msg = 'the new bind_hosts file' bindhost_file = parse_argvs(argvs, msg) source = yaml_parser(bindhost_file) if source: for key,val in source.items(): host_obj = session.query(models.Host).filter(models.Host.hostname==val.get('hostname')).first() assert host_obj for item in val['remote_users']: assert item.get('auth_type') if item.get('auth_type') == 'ssh-passwd': remoteuser_obj = session.query(models.RemoteUser).filter(models.RemoteUser.username==item.get('username'), models.RemoteUser.password==item.get('password')).first() else: remoteuser_obj = session.query(models.RemoteUser).filter(models.RemoteUser.username==item.get('username'), models.RemoteUser.auth_type==item.get('auth_type')).first() # print('>>>>',host_obj,remoteuser_obj) bindhost_obj = models.BindHost(host_id=host_obj.id,remote_user_id=remoteuser_obj.id) session.add(bindhost_obj) if source[key].get('groups'): groups = common_filters.groups_filter(source[key]) bindhost_obj.groups = groups if source[key].get('user_profiles'): user_profiles = common_filters.user_profiles_filter(source[key]) bindhost_obj.user_profiles = user_profiles session.commit()
def create_hosts(argvs): ''' create 主机 :param argvs: :return: ''' if '-f' in argvs: # 指定一个文件名否则报错 hosts_file = argvs[argvs.index("-f") + 1] host_path = os.path.join(setting.BASE_DESC, hosts_file) #print('hosts_path:',host_path) else: print_err( "invalid usage, should be:\ncreate_hosts -f <the new hosts file>", quit=True) source = yaml_parser(host_path) # 传文件回来 if source: # 循环字典 print(source) for key, val in source.items(): print(key, val) obj = create_table.Host(host_name=key, IP=val.get('ip'), port=val.get('port') or 22) # 添加到表 try: session.add(obj) except IntegrityError as e: print('主机名和主机IP是唯一值已在数据库创建:', e) else: session.commit()
def create_users(argvs): if '-f' in argvs: '''首先判断输入是否存在-f选项,将-f后的文件赋予user_file''' user_file = argvs[argvs.index("-f") + 1] else: print_err( "invalid usage, should be:\ncreateusers -f <the new users file>", quit=True) source = yaml_parser(user_file) if source: for key, val in source.items(): print(key, val) obj = models.UserProfile(username=key, password=val.get('password')) if val.get('groups'): '''如果val中含有group,且该group存在,则同时讲该用户加入对应group''' groups = session.query(models.Group).filter( models.Group.name.in_(val.get('groups'))).all() if not groups: print_err("none of [%s] exist in group table." % val.get('groups'), quit=True) obj.groups = groups if val.get('bind_hosts'): '''如果val有bind_hosts,则同时绑定hosts''' bind_hosts = common_filters.bind_hosts_filter(val) obj.bind_hosts = bind_hosts #print(obj) session.add(obj) session.commit()
def create_bindhosts(argvs): ''' create bind hosts :param argvs: :return: ''' if '-f' in argvs: bindhosts_file = argvs[argvs.index("-f") + 1] else: print_err( "invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>", quit=True) source = yaml_parser(bindhosts_file) if source: for key, val in source.items(): print(key, val) # 获取到了主机 host_obj = session.query(models.Host).filter( models.Host.hostname == val.get('hostname')).first() # 取hostname assert host_obj # 断言,必须存在 for item in val['remote_users']: # 判断 print(item) assert item.get('auth_type') if item.get('auth_type') == 'ssh-password': # 判断认证password remoteuser_obj = session.query(models.RemoteUser).filter( models.RemoteUser.username == item.get('username'), models.RemoteUser.password == item.get( 'password')).first() else: # 获取远程用户 remoteuser_obj = session.query(models.RemoteUser).filter( models.RemoteUser.username == item.get('username'), models.RemoteUser.auth_type == item.get('auth_type'), ).first() if not remoteuser_obj: # 没取到,程序退出 print_err("RemoteUser obj %s does not exist." % item, quit=True) bindhost_obj = models.BindHost(host_id=host_obj.id, remoteuser_id=remoteuser_obj.id) session.add(bindhost_obj) # 获取到关系后添加session # for groups this host binds to if source[key].get('groups'): # 获取组 group_objs = session.query(models.HostGroup).filter( models.HostGroup.name.in_( source[key].get('groups'))).all() assert group_objs print('groups:', group_objs) bindhost_obj.host_groups = group_objs # for user_profiles this host binds to if source[key].get('user_profiles'): # 判断是否直接属于哪一台机器 userprofile_objs = session.query( models.Userprofile).filter( models.Userprofile.username.in_( source[key].get('user_profiles'))).all() assert userprofile_objs print("userprofiles:", userprofile_objs) bindhost_obj.user_profiles = userprofile_objs # print(bindhost_obj) session.commit()
def create_groups(argvs): ''' create 组数据 create groups :param argvs: :return: ''' if '-f' in argvs: group_file = argvs[argvs.index("-f") + 1] host_path = os.path.join(setting.BASE_DESC, group_file) else: print_err( "invalid usage, should be:\ncreategroups -f <the new groups file>", quit=True) source = yaml_parser(host_path) if source: for key, val in source.items(): print(key, val) obj = create_table.Group(group_name=key) if val.get('bind_hosts'): bind_hosts = common_filters.bind_hosts_filter(val) obj.bind_hosts = bind_hosts if val.get('user_profiles'): user_profiles = common_filters.user_profiles_filter(val) obj.user_profiles = user_profiles session.add(obj) session.commit()
def create_hosts(argvs): ''' create hosts :param argvs: :return: ''' if '-f' in argvs: hosts_file = argvs[argvs.index("-f") + 1] else: print_err( "invalid usage, should be:\ncreate_hosts -f <the new hosts file>", quit=True) source = yaml_parser(hosts_file) if source: for key, val in source.items(): print(key, val) #models.Host 是导入进来的。是from models import models #把参数给models.py中的Host类中的形参 obj = models.Host(hostname=key, ip=val.get('ip'), port=val.get('port') or 22) session.add(obj) #一定要提交才能真的插入进去 session.commit()
def create_groups(argvs): ''' create groups :param argvs: :return: ''' if '-f' in argvs: group_file = argvs[argvs.index("-f") + 1] else: print_err( "invalid usage, should be:\ncreategroups -f <the new groups file>", quit=True) source = yaml_parser(group_file) if source: for key, val in source.items(): print(key, val) obj = models.HostGroup(name=key) # if val.get('bind_hosts'): # bind_hosts = common_filters.bind_hosts_filter(val) # obj.bind_hosts = bind_hosts # # if val.get('user_profiles'): # user_profiles = common_filters.user_profiles_filter(val) # obj.user_profiles = user_profiles session.add(obj) session.commit()
def create_users(argvs): ''' create little_finger access user :param argvs: :return: ''' # 输入的命令行参数是否含有'-f'字符串 if '-f' in argvs: # 取出文件名 user_file = argvs[argvs.index("-f") + 1] else: # 文件不存在时,输出错误信息 print_err( "invalid usage, should be:\ncreateusers -f <the new users file>", quit=True) # 得到包含用户信息的字典. source = yaml_parser(user_file) if source: # 一个一个的将用户存入数据库中. for key, val in source.items(): print(key, val) obj = models.UserProfile(username=key, password=val.get('password')) # if val.get('groups'): # groups = session.query(models.Group).filter(models.Group.name.in_(val.get('groups'))).all() # if not groups: # print_err("none of [%s] exist in group table." % val.get('groups'),quit=True) # obj.groups = groups # if val.get('bind_hosts'): # bind_hosts = common_filters.bind_hosts_filter(val) # obj.bind_hosts = bind_hosts #print(obj) session.add(obj) session.commit()
def create_remoteusers(argvs): ''' create remoteusers :param argvs: :return: ''' # 里面加了判断是否是文件 if '-f' in argvs: remoteusers_file = argvs[argvs.index("-f") + 1] else: print_err( "invalid usage, should be:\ncreate_remoteusers -f <the new remoteusers file>", quit=True) #从yaml中 load 出来 source = yaml_parser(remoteusers_file) if source: for key, val in source.items(): print(key, val) #把 yaml中load出来的值获取到,赋值给对应的 sql中表的字段 obj = models.RemoteUser(username=val.get('username'), auth_type=val.get('auth_type'), password=val.get('password')) session.add(obj) #再提交,真正的插入数据到表中 session.commit()
def create_groups(argvs): """ create groups :param argvs: :return: """ if '-f' in argvs: group_file = argvs[argvs.index("-f") + 1] else: print_err("invalid usage, should be:\ncreategroups -f <the new groups file>", logout=True) return source = yaml_parser(group_file) if source: logger.debug("source:\n%s" % source) for key, val in source.items(): logger.debug("%s:%s" % (key, val)) obj = models.HostGroup(name=key) logger.info(obj) # if val.get('bind_hosts'): # bind_hosts = common_filters.bind_hosts_filter(val) # obj.bind_hosts = bind_hosts # if val.get('user_profiles'): # 用户与主机分组关系 user_profiles = common_filters.user_profiles_filter(val) obj.user_profiles = user_profiles session.add(obj) session.commit() logger.info("create groups sucess!")
def create_users(argvs): """ create user :param argvs: :return: """ if '-f' in argvs: user_file = argvs[argvs.index("-f") + 1] else: print_err("invalid usage, should be:\ncreateusers -f <the new users file>", logout=True) return source = yaml_parser(user_file) if source: logger.debug("source:\n%s" % source) for key, val in source.items(): logger.debug("%s:%s" % (key, val)) obj = models.UserProfile(username=key, password=val.get('password')) logger.info(obj) # if val.get('groups'): # groups = session.query(models.Group).filter(models.Group.name.in_(val.get('groups'))).all() # if not groups: # print_err("none of [%s] exist in group table." % val.get('groups'),quit=True) # obj.groups = groups # if val.get('bind_hosts'): # bind_hosts = common_filters.bind_hosts_filter(val) # obj.bind_hosts = bind_hosts # print(obj) session.add(obj) session.commit() logger.info("create user sucess!")
def create_users(argvs): ''' create little_finger access user :param argvs: :return: ''' if '-f' in argvs: user_file = argvs[argvs.index("-f") +1 ] else: print_err("invalid usage, should be:\ncreateusers -f <the new users file>",quit=True) source = yaml_parser(user_file) if source: for key,val in source.items(): print(key,val) obj = models.UserProfile(username=key,password=val.get('password')) if val.get('groups'): groups = session.query(models.Group).filter(models.Group.name.in_(val.get('groups'))).all() if not groups: print_err("none of [%s] exist in group table." % val.get('groups'),quit=True) obj.groups = groups if val.get('bind_hosts'): bind_hosts = common_filters.bind_hosts_filter(val) obj.bind_hosts = bind_hosts #print(obj) session.add(obj) session.commit()
def create_bindhosts(argvs): if '-f' in argvs: bindhosts_file = argvs[argvs.index("-f") + 1] else: print_err( "invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>", quit=True) source = yaml_parser(bindhosts_file) if source: for key, val in source.items(): print(key, val) host_obj = session.query(models.Host).filter( models.Host.hostname == val.get('hostname')).first() assert host_obj print(host_obj) '''注意下面的for语句,实际上val['remote_users']返回的是一个列表(yaml中如果有-,则变成列表),然后列表里面嵌套了字典, 所以for其实是对列表进行了循环,而列表里面的元素则是一个个字典''' for item in val['remote_users']: print('remote_users is', item) '''assert断言,表示如果没有auth_type这个key,或取不到auth_type这个的值,则下面语句不执行。''' assert item.get('auth_type') if item.get('auth_type') == 'ssh-password': remoteuser_obj = session.query(models.RemoteUser).filter( models.RemoteUser.username == item.get('username'), models.RemoteUser.password == item.get('password'), #models.RemoteUser.auth_type==item.get('auth_type'), ).first() else: remoteuser_obj = session.query(models.RemoteUser).filter( models.RemoteUser.username == item.get('username'), models.RemoteUser.auth_type == item.get('auth_type'), ).first() if not remoteuser_obj: print_err('user [%s] is not exist' % (item), quit=True) bindhost_obj = models.BindHost(host_id=host_obj.id, remoteuser_id=remoteuser_obj.id) session.add(bindhost_obj) '''判断是否有groups这个字段,如果有则执行下面语句''' if source[key].get('groups'): print(source[key].get('groups')) group_objs = session.query(models.HostGroup).filter( models.HostGroup.name.in_( source[key].get('groups'))).all() assert group_objs '''通过下面语句将bind_host和host_group两个表的关联表bindhost_m2m_hostgroup建立起来, 将两个表相对应的主机和组的id相对应起来,实现主机和组的关联。 注意下面的语句将对关联表插入相关联的ID值''' bindhost_obj.host_groups = group_objs if source[key].get('user_profiles'): user_objs = session.query(models.UserProfile).filter( models.UserProfile.username.in_( source[key].get('user_profiles'))).all() assert user_objs '''通过下面的语句,将堡垒机用户表和bind_host表相关联起来,对两者的关联表user_m2m_bindhost 插入对应的两方id,通过该表的外键实现两表关联,最终实现用户和主机关联''' bindhost_obj.user_profiles = user_objs session.commit()
def syncdb(): print("Syncing DB....") models.Base.metadata.create_all(engine) source = yaml_parser(wisdom_file) if source: for key, val in source.items(): obj = models.Wisdom(sentence=key) session.add(obj) session.commit()
def create_bindhosts(argvs): ''' create bind hosts :param argvs: :return: ''' if '-f' in argvs: bindhosts_file = argvs[argvs.index("-f") + 1] else: print_err( "invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>", quit=True) source = yaml_parser(bindhosts_file) if source: for key, val in source.items(): #print(key,val) host_obj = session.query(models_db.Host).filter( models_db.Host.hostname == val.get('hostname')).first() assert host_obj for item in val['ssh_users']: # print("******",item ) assert item.get('auth_type') if item.get('auth_type') == 'ssh-password': sshuser_obj = session.query(models_db.Ssh_User).filter( models_db.Ssh_User.username == item.get('username'), models_db.Ssh_User.password == item.get( 'password')).first() else: sshuser_obj = session.query(models_db.Ssh_User).filter( models_db.Ssh_User.username == item.get('username'), models_db.Ssh_User.auth_type == item.get('auth_type'), ).first() if not sshuser_obj: print_err("RemoteUser obj %s does not exist." % item, quit=True) bindhost_obj = models_db.Bind_Host(host_id=host_obj.id, sshuser_id=sshuser_obj.id) session.add(bindhost_obj) #for groups this host binds to if source[key].get('groups'): group_objs = session.query(models_db.Host_Group).filter( models_db.Host_Group.name.in_( source[key].get('groups'))).all() assert group_objs print('groups:', group_objs) bindhost_obj.hostgroups = group_objs #for jump_users this host binds to if source[key].get('jump_users'): jumpuser_objs = session.query(models_db.Jump_User).filter( models_db.Jump_User.username.in_( source[key].get('jump_users'))).all() assert jumpuser_objs print("jump_users:", jumpuser_objs) bindhost_obj.jumpusers = jumpuser_objs #print(bindhost_obj) session.commit()
def create_bindhosts(argvs): ''' create bind hosts :param argvs: :return: ''' if '-f' in argvs: bindhosts_file = argvs[argvs.index("-f") + 1] else: print_err( "invalid usage, should be:\ncreate_bindhosts -f <the new bindhosts file>", quit=True) source = yaml_parser(bindhosts_file) if source: for key, val in source.items(): # print(key,val) host_obj = session.query(model_v2.Host).filter( model_v2.Host.hostname == val.get('hostname')).first() assert host_obj for item in val['remote_users']: print(item) assert item.get('auth_type') if item.get('auth_type') == 'ssh-password': remoteuser_obj = session.query(model_v2.RemoteUser).filter( model_v2.RemoteUser.username == item.get('username'), model_v2.RemoteUser.password == item.get( 'password')).first() else: remoteuser_obj = session.query(model_v2.RemoteUser).filter( model_v2.RemoteUser.username == item.get('username'), model_v2.RemoteUser.auth_type == item.get('auth_type'), ).first() if not remoteuser_obj: print_err("RemoteUser obj %s does not exist." % item, quit=True) bindhost_obj = model_v2.BindHost( host_id=host_obj.id, remoteuser_id=remoteuser_obj.id) session.add(bindhost_obj) # for groups this host binds to if source[key].get('groups'): group_objs = session.query(model_v2.HostGroup).filter( model_v2.HostGroup.name.in_( source[key].get('groups'))).all() assert group_objs print('groups:', group_objs) bindhost_obj.hostgroups = group_objs # for user_profiles this host binds to if source[key].get('fortress_user'): fortressuser_objs = session.query( model_v2.FortressUser).filter( model_v2.FortressUser.username.in_( source[key].get('fortress_user'))).all() assert fortressuser_objs print("fortressuser:", fortressuser_objs) bindhost_obj.fortress_users = fortressuser_objs # print(bindhost_obj) session.commit()
def create_bindhosts(argvs): """ create bind hosts 主机及该主机上的账户信息 :param argvs: :return: """ if '-f' in argvs: bindhosts_file = argvs[argvs.index("-f") + 1] else: print_err("invalid usage, should be:\ncreate_bindhosts -f <the new bindhosts file>", logout=True) return source = yaml_parser(bindhosts_file) if source: logger.debug("source:\n%s" % source) for key, val in source.items(): logger.debug("%s:%s" % (key, val)) # 要Bind的主机信息 host_obj = session.query(models.Host).filter(models.Host.hostname == val.get('hostname')).first() logger.debug("host_obj---\n%s" % host_obj) assert host_obj for item in val['remote_users']: # 要bind到该主机上的账户信息 logger.debug(item) assert item.get('auth_type') if item.get('auth_type') == 'ssh-password': remoteuser_obj = session.query(models.RemoteUser).filter( models.RemoteUser.username == item.get('username'), models.RemoteUser.password == item.get('password') ).first() else: remoteuser_obj = session.query(models.RemoteUser).filter( models.RemoteUser.username == item.get('username'), models.RemoteUser.auth_type == item.get('auth_type'), ).first() if not remoteuser_obj: print_err("RemoteUser obj %s does not exist." % item, logout=True) bindhost_obj = models.BindHost(host_id=host_obj.id, remoteuser_id=remoteuser_obj.id) # 设定bind关系 session.add(bindhost_obj) # for groups this host binds to 该主机bind到主机组 if source[key].get('groups'): group_objs = session.query(models.HostGroup).filter( models.HostGroup.name.in_(source[key].get('groups'))).all() assert group_objs logger.info('groups:%s' % group_objs) bindhost_obj.host_groups = group_objs # for user_profiles this host binds to 该主机bind到的用户 if source[key].get('user_profiles'): userprofile_objs = session.query(models.UserProfile).filter(models.UserProfile.username.in_( source[key].get('user_profiles') )).all() logger.debug(userprofile_objs) assert userprofile_objs logger.info("userprofiles:%s" % userprofile_objs) bindhost_obj.user_profiles = userprofile_objs # print(bindhost_obj) session.commit() logger.info("create bindhosts sucess!")
def create_remoteusers(argvs): msg = 'the new remote users file' remoteuser_file = parse_argvs(argvs, msg) source = yaml_parser(remoteuser_file) if source: for key,val in source.items(): obj = models.RemoteUser(username=val.get('username'),auth_type=val.get('auth_type'),password=val.get('password')) session.add(obj) session.commit()
def create_hosts(host_file): source = yaml_parser(host_file) if source: for key, val in source.items(): print(key, val) obj = models.Host(hostname=key, ip_addr=val['ip_addr'], port=val.get('port') or 22) session.add(obj) session.commit()
def create_hosts(argvs): msg = 'the new hosts file' host_file = parse_argvs(argvs, msg) #print(host_file) source = yaml_parser(host_file) if source: for key,val in source.items(): obj = models.Host(hostname=key,ip_addr=val.get('ip_addr'),port=val.get('port') or 22) session.add(obj) session.commit()
def create_remoteusers(remoteuser_file): source = yaml_parser(remoteuser_file) if source: for key, val in source.items(): print(key, val) obj = models.RemoteUser(username=val['username'], auth_type=val['auth_type'], password=val.get('password')) session.add(obj) session.commit()
def create_remoteusers(argvs): """根据yml文件创建remote_user表中的数据""" if '-f' in argvs: remoteusers_file = argvs[argvs.index("-f") + 1] else: print_err("invalid usage, should be:\ncreate_remoteusers -f <the new remoteusers file>", quit=True) source = yaml_parser(remoteusers_file) if source: for key, val in source.items(): print(key, val) obj = models_v2.RemoteUser(username=val.get('username'), auth_type=val.get('auth_type'), password=val.get('password')) session.add(obj) session.commit()
def create_bindhosts(argv): ''' create bind hosts :param argv: :return: ''' if '-f' in argv: bindhost_file = argv[argv.index('-f') + 1] else: print_err( "invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>", quit=True) source = yaml_parser(bindhost_file) if source: print(source) for key, val in source: host_obj = session.query(models.Host).filter( models.Host.hostname == val.get('hostname')) assert host_obj for item in val['remote_users']: assert item.get('auth_type') if item.get('auth_type') == 'ssh-passwd': remoteuser_obj = session.query(models.RemoteUser).filter( models.RemoteUser.username == item.get('username'), models.RemoteUser.password == item.get('password'), ).first() else: remoteuser_obj = session.query(models.RemoteUser).filter( models.RemoteUser.username == item.get('username'), models.RemoteUser.auth_type == item.get('auth_type'), ).first() if not remoteuser_obj: print_err("RemoteUser obj %s does not exist." % item, quit=True) bindhost_obj = models.BindHost(host_id=host_obj.id, remoteuser_id=remoteuser_obj.id) session.add(bindhost_obj) if source[key].get('groups'): group_obj = session.query(models.HostGroup).filter( models.HostGroup.name.in_( source[key].get('groups'))).all() assert group_obj bindhost_obj.host_groups = group_obj if source[key].get('user_profiles'): userprofile_obj = session.query(models.UserProfile).filter( models.UserProfile.username.in_( source[key].get('user_profiles'))).all() assert userprofile_obj bindhost_obj.user_profiles = userprofile_obj session.commit()
def create_groups(group_file): source = yaml_parser(group_file) if source: for key, val in source.items(): print(key, val) obj = models.Group(name=key) if val.get('user_profiles'): user_profiles = common.user_profiles_filter(val) obj.user_profiles = user_profiles if val.get('bind_hosts'): bind_hosts = common.bind_hosts_filter(val) obj.bind_hosts = bind_hosts session.add(obj) session.commit()
def create_hosts(argvs): """根据yml文件创建host表中的数据""" if '-f' in argvs: hosts_file = argvs[argvs.index("-f") + 1] else: print_err("invalid usage, should be:\ncreate_hosts -f <the new hosts file>", quit=True) source = yaml_parser(hosts_file) # 解析yml文件为对象 if source: # print(source) for key, val in source.items(): print(key, val) obj = models_v2.Host(hostname=key, ip=val.get('ip'), port=val.get('port') or 22) # 创建一行host数据 session.add(obj) session.commit()
def create_bindhosts(argvs): ''' create bind hosts :param argvs: :return: ''' if '-f' in argvs: bindhosts_file = argvs[argvs.index("-f") +1 ] else: print_err("invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>",quit=True) source = yaml_parser(bindhosts_file) if source: for key,val in source.items(): #print(key,val) host_obj = session.query(models.Host).filter(models.Host.hostname==val.get('hostname')).first() assert host_obj for item in val['remote_users']: print(item ) assert item.get('auth_type') if item.get('auth_type') == 'ssh-passwd': remoteuser_obj = session.query(models.RemoteUser).filter( models.RemoteUser.username==item.get('username'), models.RemoteUser.password==item.get('password') ).first() else: remoteuser_obj = session.query(models.RemoteUser).filter( models.RemoteUser.username==item.get('username'), models.RemoteUser.auth_type==item.get('auth_type'), ).first() if not remoteuser_obj: print_err("RemoteUser obj %s does not exist." % item,quit=True ) bindhost_obj = models.BindHost(host_id=host_obj.id,remoteuser_id=remoteuser_obj.id) session.add(bindhost_obj) #for groups this host binds to if source[key].get('groups'): group_objs = session.query(models.Group).filter(models.Group.name.in_(source[key].get('groups') )).all() assert group_objs print('groups:', group_objs) bindhost_obj.groups = group_objs #for user_profiles this host binds to if source[key].get('user_profiles'): userprofile_objs = session.query(models.UserProfile).filter(models.UserProfile.username.in_( source[key].get('user_profiles') )).all() assert userprofile_objs print("userprofiles:",userprofile_objs) bindhost_obj.user_profiles = userprofile_objs #print(bindhost_obj) session.commit()
def create_groups(argvs): msg = 'the new groups file' group_file = parse_argvs(argvs, msg) source = yaml_parser(group_file) if source: for key,val in source.items(): obj = models.Group(name=key) if val.get('bind_hosts'):#多对多关系 bind_hosts = common_filters.bind_hosts_filter(val) obj.bind_hosts = bind_hosts if val.get('user_profiles'):#多对多关系 user_profiles = common_filters.user_profiles_filter(val) obj.user_profiles = user_profiles session.add(obj) session.commit()
def create_hosts(argvs): if '-f' in argvs: hosts_file = argvs[argvs.index("-f") + 1] else: print_err( "invalid usage, should be:\ncreate_hosts -f <the new hosts file>", quit=True) source = yaml_parser(hosts_file) if source: for key, val in source.items(): print(key, val) obj = models.Host(hostname=key, ip_addr=val.get('ip_addr'), port=val.get('port') or 22) session.add(obj) session.commit()
def create_remoteusers(argvs): if '-f' in argvs: remoteusers_file = argvs[argvs.index("-f") + 1] else: print_err( "invalid usage, should be:\ncreate_remoteusers -f <the new remoteusers file>", quit=True) source = yaml_parser(remoteusers_file) if source: for key, val in source.items(): print(key, val) obj = models.RemoteUser(username=val.get('username'), auth_type=val.get('auth_type'), password=val.get('password')) session.add(obj) session.commit()
def create_users(argvs): msg = 'the new users file' user_file = parse_argvs(argvs, msg) source = yaml_parser(user_file) if source: for key,val in source.items(): obj = models.UserProfile(username=key,password=val.get('password')) if val.get('groups'):#多对多关系 groups = common_filters.groups_filter(val) obj.groups = groups if val.get('bind_hosts'):#多对多关系 bind_hosts = common_filters.bind_hosts_filter(val) obj.bind_hosts = bind_hosts session.add(obj) session.commit()
def create_bindhosts(argvs): """根据yml文件创建BindHost表中的数据""" if '-f' in argvs: bindhosts_file = argvs[argvs.index("-f") + 1] else: print_err("invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>", quit=True) source = yaml_parser(bindhosts_file) if source: for key, val in source.items(): # print(key,val) host_obj = session.query(models_v2.Host).filter(models_v2.Host.hostname == val.get('hostname')).first() assert host_obj # 断言是否存在这个主机, 如果没有抛出异常不向下执行 for item in val['remote_users']: print(item) assert item.get('auth_type') if item.get('auth_type') == 'ssh-passwd': remoteuser_obj = session.query(models_v2.RemoteUser).filter( models_v2.RemoteUser.username == item.get('username'), models_v2.RemoteUser.password == item.get('password') ).first() else: remoteuser_obj = session.query(models_v2.RemoteUser).filter( models_v2.RemoteUser.username == item.get('username'), models_v2.RemoteUser.auth_type == item.get('auth_type'), ).first() if not remoteuser_obj: # 如果RemoteUser表不存在bindhost.yml文件中的remoteUser, 抛出异常 print_err("RemoteUser obj %s does not exist." % item, quit=True) bindhost_obj = models_v2.BindHost(host_id=host_obj.id, remoteuser_id=remoteuser_obj.id) session.add(bindhost_obj) # for groups this host binds to if source[key].get('groups'): # select * from HostGroup where name in (bjgroup, shgroup); group_objs = session.query(models_v2.HostGroup).filter( models_v2.HostGroup.name.in_(source[key].get('groups'))).all() assert group_objs # 断言 bindhost_obj.host_groups = group_objs # for user_profiles this host binds to if source[key].get('user_profiles'): userprofile_objs = session.query(models_v2.UserProfile).filter(models_v2.UserProfile.username.in_( source[key].get('user_profiles') )).all() assert userprofile_objs # 断言 print("userprofiles:", userprofile_objs) bindhost_obj.user_profiles = userprofile_objs # print(bindhost_obj) session.commit()
def create_hosts(argvs): ''' create hosts :param argvs: :return: ''' if '-f' in argvs: hosts_file = argvs[argvs.index("-f") +1 ] else: print_err("invalid usage, should be:\ncreate_hosts -f <the new hosts file>",quit=True) source = yaml_parser(hosts_file) if source: for key,val in source.items(): print(key,val) obj = models.Host(hostname=key,ip_addr=val.get('ip_addr'), port=val.get('port') or 22) session.add(obj) session.commit()
def create_users(user_file): source = yaml_parser(user_file) if source: for key, val in source.items(): print(key, val) obj = models.UserProfile(username=key, password=val['password']) if val.get('groups'): '''如果val中含有group,且该group存在,则同时讲该用户加入对应group''' groups = common.bind_group_filter(val) obj.groups = groups if val.get('bind_hosts'): '''如果val有bind_hosts,则同时绑定hosts''' bind_hosts = common.bind_hosts_filter(val) obj.bind_hosts = bind_hosts session.add(obj) session.commit()
def create_remoteusers(argvs): '''创建远程主机用户''' if '-f' in argvs: remoteusers_file = argvs[argvs.index('-f') + 1] else: print_err('create_remoteusers -f <the remote user file>', quit=True) source = yaml_parser(remoteusers_file) if source: for key, val in source.items(): print(val) obj = models.RemoteUser( auth_type=val.get('auth_type'), username=val.get('username'), password=val.get('password'), ) session.add(obj) session.commit()
def create_groups(argvs): """根据yml文件创建Group表中的数据""" if '-f' in argvs: group_file = argvs[argvs.index("-f") + 1] else: print_err("invalid usage, should be:\ncreategroups -f <the new groups file>", quit=True) source = yaml_parser(group_file) if source: for key, val in source.items(): print(key, val) obj = models_v2.HostGroup(name=key) # if val.get('bind_hosts'): # bind_hosts = common_filters.bind_hosts_filter(val) # obj.bind_hosts = bind_hosts # # if val.get('user_profiles'): # user_profiles = common_filters.user_profiles_filter(val) # obj.user_profiles = user_profiles session.add(obj) session.commit()
def create_users(argvs): """根据yml文件创建堡垒机user表中的数据""" if '-f' in argvs: user_file = argvs[argvs.index("-f") + 1] else: print_err("invalid usage, should be:\ncreateusers -f <the new users file>", quit=True) source = yaml_parser(user_file) if source: for key, val in source.items(): print(key, val) obj = models_v2.UserProfile(username=key, password=val.get('password')) # if val.get('groups'): # groups = session.query(models_v2.Group).filter(models_v2.Group.name.in_(val.get('groups'))).all() # if not groups: # print_err("none of [%s] exist in group table." % val.get('groups'), quit=True) # obj.groups = groups # if val.get('bind_hosts'): # bind_hosts = common_filters.bind_hosts_filter(val) # obj.bind_hosts = bind_hosts # # print(obj) session.add(obj) session.commit()
def create_groups(argvs): ''' create groups :param argvs: :return: ''' if '-f' in argvs: group_file = argvs[argvs.index("-f") +1 ] else: print_err("invalid usage, should be:\ncreategroups -f <the new groups file>",quit=True) source = yaml_parser(group_file) if source: for key,val in source.items(): print(key,val) obj = models.Group(name=key) if val.get('bind_hosts'): bind_hosts = common_filters.bind_hosts_filter(val) obj.bind_hosts = bind_hosts if val.get('user_profiles'): user_profiles = common_filters.user_profiles_filter(val) obj.user_profiles = user_profiles session.add(obj) session.commit()