def import_remoteusers(argvs):
'''
导入远端用户方法
:param argvs: 命令行参数
:return:
'''
import os
import json
if '-f' in argvs:
remotusers_file = argvs[argvs.index("-f") + 1]
else:
mylib.print_err(conf.ERRORNO['3001'] %"import_remoteuser -f [/path/to/file]", quit = True)
if os.path.isfile(remotusers_file):
f = open(remotusers_file, 'r')
user_list = json.load(f)
for user in user_list: # 便利远端主机用户
hostname = user.get('hostname')
# 获取主机
host_obj = dbconn.session.query(dbmodels.Host).filter(dbmodels.Host.hostname == hostname).first()
# 创建用户对象
user_obj = dbmodels.HostUser(username = user.get('username'), password = user.get('password'), auth_type = user.get('auth_type'), host = host_obj)
# 插入数据
dbconn.session.add(user_obj)
dbconn.session.commit()
f.close()
else:
mylib.print_err(conf.ERRORNO['4001'] %hosts_file, quit = True)
def import_groups(argvs):
'''
导入分组函数(注意这里的分组指的是远端主机用户的分组)
:param argvs: 命令行参数
:return: 无
'''
import os
import json
if '-f' in argvs:
groups_file = argvs[argvs.index("-f") + 1]
else:
mylib.print_err(conf.ERRORNO['3001'] %"import_remoteuser -f [/path/to/file]", quit = True)
if os.path.isfile(groups_file):
f = open(groups_file, 'r')
group_list = json.load(f)
for group in group_list: # 遍历组列表
groupname = group.get('name')
hostusers = group.get('hostusers')
group = dbmodels.Group(name = groupname) # 创建组对象
for hostuser in hostusers: # 遍历远端主机列表
# 获取主机
host = dbconn.session.query(dbmodels.Host).filter(dbmodels.Host.hostname == hostuser.get('hostname')).first()
# 获取远端主机对象
hostuser_obj = dbconn.session.query(dbmodels.HostUser).filter(dbmodels.HostUser.username == hostuser.get('username'), dbmodels.HostUser.host == host).first()
# 添加主机用户到组
group.host_users.append(hostuser_obj)
# 插入数据
dbconn.session.add(group)
dbconn.session.commit()
f.close()
else:
mylib.print_err(conf.ERRORNO['4001'] %groups_file, quit = True)
def import_remoteusers(argvs):
'''
导入远端用户方法
:param argvs: 命令行参数
:return:
'''
import os
import json
if '-f' in argvs:
remotusers_file = argvs[argvs.index("-f") + 1]
else:
mylib.print_err(conf.ERRORNO['3001'] %
"import_remoteuser -f [/path/to/file]",
quit=True)
if os.path.isfile(remotusers_file):
f = open(remotusers_file, 'r')
user_list = json.load(f)
for user in user_list: # 便利远端主机用户
hostname = user.get('hostname')
# 获取主机
host_obj = dbconn.session.query(dbmodels.Host).filter(
dbmodels.Host.hostname == hostname).first()
# 创建用户对象
user_obj = dbmodels.HostUser(username=user.get('username'),
password=user.get('password'),
auth_type=user.get('auth_type'),
host=host_obj)
# 插入数据
dbconn.session.add(user_obj)
dbconn.session.commit()
f.close()
else:
mylib.print_err(conf.ERRORNO['4001'] % hosts_file, quit=True)
def import_hosts(argvs):
'''
导入主机列表函数
:param argvs: 命令行参数列表
:return: 无
'''
import os
import json
if '-f' in argvs: # 判断参数列表是否合法
hosts_file = argvs[argvs.index("-f") + 1] # 获取主机列表文件
else:
mylib.print_err(conf.ERRORNO['3001'] %
"import_host -f [/path/to/file]",
quit=True)
if os.path.isfile(hosts_file): # 判断文件是否存在
f = open(hosts_file, 'r')
host_list = json.load(f) # 解析文件
# print(host_list)
for host in host_list: # 遍历列表
# 插入数据
host_obj = dbmodels.Host(hostname=host.get('hostname'),
ip_addr=host.get('ip_addr'),
port=host.get('port') or 22)
dbconn.session.add(host_obj)
dbconn.session.commit()
f.close()
else:
mylib.print_err(conf.ERRORNO['4001'] % hosts_file, quit=True)
def start(argvs):
'''
堡垒机主函数
:param argvs: 命令行参数,本函数用不到
:return: 无
'''
user = auth() # 调用认证函数,认证
# user = dbconn.session.query(dbmodels.UserProfile).filter(dbmodels.UserProfile.username == 'zhangxiaoyu', dbmodels.UserProfile.password == '123.com').first()
if user: # 认证成功执行
flag = True
hostusers = user.hostusers # 获取为分组的远端主机用户
groups = user.groups # 获取组列表
while flag:
try:
print_welcome(user)
print(mylib.color('Ungrouped hosts: (%s)', 35) %len(hostusers))
for index, hostuser in enumerate(hostusers, 1): # 遍历打印未分组远端主机用户信息
print(' %s.\t %s@%s(%s)' %(index, hostuser.username, hostuser.host.hostname, hostuser.host.ip_addr))
print(mylib.color('Groups: (%s)', 35) %len(groups))
for index, group in enumerate(groups, len(hostusers) + 1): # 遍历打印组列表
print(' %s.\t %s' %(index, group.name))
chose = input('%s (q)quit>> ' %user.username) # 获取用户输入
if chose == 'q':
flag = False
elif chose.isdigit():
chose = int(chose)
if 0 < chose < len(hostusers) + 1: # 判断是否在未分组主机列表中
hostuser = hostusers[chose - 1] # 获取远端主机信息
open_session(user, hostuser) # 打开会话
elif len(hostusers) < chose < (len(hostusers) + len(groups) + 1): # 否则选择的就是组
group = groups[chose - len(hostusers) -1] # 获取组
group_flag = True
while group_flag:
for index, hostuser in enumerate(group.host_users, 1): # 遍历打印当前组内的远端主机列表
print(' %s.\t %s@%s(%s)' %(index, hostuser.username, hostuser.host.hostname, hostuser.host.ip_addr))
chose2 = input('zhangxiaoyu (q)quit, (b)break>> ').strip()
if chose2.isdigit():
chose2 = int(chose2)
if 0 < chose2 < (len(group.host_users) + 1): # 判断是否在远端主机用户列表中
hostuser = group.host_users[chose2 - 1]
open_session(user, hostuser) # 打开会话
group_flag = False
else:
mylib.print_err(conf.ERRORNO['2002'])
elif chose2 == 'q':
group_flag = False
flag = False
elif chose2 == 'b':
group_flag = False
else:
mylib.print_err(conf.ERRORNO['2002'])
else:
mylib.print_err(conf.ERRORNO['2002'])
else:
mylib.print_err(conf.ERRORNO['2002'])
except (EOFError,BlockingIOError) as e:
continue
exit(1)
def import_users(argvs):
'''
导入用户列表(这里的用户指的是堡垒机的用户)
:param argvs: 命令行参数
:return:
'''
import os
import json
if '-f' in argvs:
users_file = argvs[argvs.index("-f") + 1]
else:
mylib.print_err(conf.ERRORNO['3001'] %
"import_users -f [/path/to/file]",
quit=True)
if os.path.isfile(users_file):
f = open(users_file, 'r')
user_list = json.load(f)
for user in user_list: # 遍历用户列表
username = user.get('username')
password = user.get('password')
hostusers = user.get('hostusers')
user_obj = dbmodels.UserProfile(username=username,
password=password) # 创建用户对象
for hostuser in hostusers: # 遍历未分组远端主机用户
# 获取主机对象
host = dbconn.session.query(
dbmodels.Host).filter(dbmodels.Host.hostname ==
hostuser.get('hostname')).first()
# 获取远端用户对象
hostuser_obj = dbconn.session.query(dbmodels.HostUser).filter(
dbmodels.HostUser.username == hostuser.get('username'),
dbmodels.HostUser.host == host).first()
# 追加未分组远端主机用户
user_obj.hostusers.append(hostuser_obj)
# 获取组列表
groups = dbconn.session.query(dbmodels.Group).filter(
dbmodels.Group.name.in_(user.get('groups'))).all()
user_obj.groups = groups # 组列表等于获取的列表
# 插入数据
dbconn.session.add(user_obj)
dbconn.session.commit()
f.close()
else:
mylib.print_err(conf.ERRORNO['4001'] % users_file, quit=True)
def run(self):
'''
类的入口方法
:return:
'''
print('Connect remote host [%s] as user [%s]...' %(self.ip, self.username))
client = self.get_ssh(self.ip, self.port, self.username, self.password) # 获取ssh对象
if client:
chan = client.invoke_shell()
print("Connect success let's go [%s]" %self.user.username)
auditlog.insert_log(self.user, self.hostuser, u'login', 'login') # 记录登录日志
interactive.interactive_shell(self.user, self.hostuser, chan, client)
auditlog.insert_log(self.user, self.hostuser, u'logout', 'logout') # 记录退出日志
chan.close() # 关闭shell
client.close() # 关闭ssh通道
return True
else:
mylib.print_err(conf.ERRORNO['5001'])
return False
def auth():
'''
身份认证函数
:return: 成功返回True,否则返回False
'''
import getpass
count = 0
while count < 3:
username = input('Username: '******'Password: '******'Password: '******'1001'])
count += 1
else:
mylib.print_err(conf.ERRORNO['1002'])
def auth():
'''
身份认证函数
:return: 成功返回True,否则返回False
'''
import getpass
count = 0
while count < 3:
username = input('Username: '******'Password: '******'Password: '******'1001'])
count += 1
else:
mylib.print_err(conf.ERRORNO['1002'])
def import_groups(argvs):
'''
导入分组函数(注意这里的分组指的是远端主机用户的分组)
:param argvs: 命令行参数
:return: 无
'''
import os
import json
if '-f' in argvs:
groups_file = argvs[argvs.index("-f") + 1]
else:
mylib.print_err(conf.ERRORNO['3001'] %
"import_remoteuser -f [/path/to/file]",
quit=True)
if os.path.isfile(groups_file):
f = open(groups_file, 'r')
group_list = json.load(f)
for group in group_list: # 遍历组列表
groupname = group.get('name')
hostusers = group.get('hostusers')
group = dbmodels.Group(name=groupname) # 创建组对象
for hostuser in hostusers: # 遍历远端主机列表
# 获取主机
host = dbconn.session.query(
dbmodels.Host).filter(dbmodels.Host.hostname ==
hostuser.get('hostname')).first()
# 获取远端主机对象
hostuser_obj = dbconn.session.query(dbmodels.HostUser).filter(
dbmodels.HostUser.username == hostuser.get('username'),
dbmodels.HostUser.host == host).first()
# 添加主机用户到组
group.host_users.append(hostuser_obj)
# 插入数据
dbconn.session.add(group)
dbconn.session.commit()
f.close()
else:
mylib.print_err(conf.ERRORNO['4001'] % groups_file, quit=True)
def import_users(argvs):
'''
导入用户列表(这里的用户指的是堡垒机的用户)
:param argvs: 命令行参数
:return:
'''
import os
import json
if '-f' in argvs:
users_file = argvs[argvs.index("-f") + 1]
else:
mylib.print_err(conf.ERRORNO['3001'] %"import_users -f [/path/to/file]", quit = True)
if os.path.isfile(users_file):
f = open(users_file, 'r')
user_list = json.load(f)
for user in user_list: # 遍历用户列表
username = user.get('username')
password = user.get('password')
hostusers = user.get('hostusers')
user_obj = dbmodels.UserProfile(username = username, password = password) # 创建用户对象
for hostuser in hostusers: # 遍历未分组远端主机用户
# 获取主机对象
host = dbconn.session.query(dbmodels.Host).filter(dbmodels.Host.hostname == hostuser.get('hostname')).first()
# 获取远端用户对象
hostuser_obj = dbconn.session.query(dbmodels.HostUser).filter(dbmodels.HostUser.username == hostuser.get('username'), dbmodels.HostUser.host == host).first()
# 追加未分组远端主机用户
user_obj.hostusers.append(hostuser_obj)
# 获取组列表
groups = dbconn.session.query(dbmodels.Group).filter(dbmodels.Group.name.in_(user.get('groups'))).all()
user_obj.groups = groups # 组列表等于获取的列表
# 插入数据
dbconn.session.add(user_obj)
dbconn.session.commit()
f.close()
else:
mylib.print_err(conf.ERRORNO['4001'] %users_file, quit = True)
def import_hosts(argvs):
'''
导入主机列表函数
:param argvs: 命令行参数列表
:return: 无
'''
import os
import json
if '-f' in argvs: # 判断参数列表是否合法
hosts_file = argvs[argvs.index("-f") + 1] # 获取主机列表文件
else:
mylib.print_err(conf.ERRORNO['3001'] %"import_host -f [/path/to/file]", quit = True)
if os.path.isfile(hosts_file): # 判断文件是否存在
f = open(hosts_file, 'r')
host_list = json.load(f) # 解析文件
# print(host_list)
for host in host_list: # 遍历列表
# 插入数据
host_obj = dbmodels.Host(hostname = host.get('hostname'), ip_addr = host.get('ip_addr'), port = host.get('port') or 22)
dbconn.session.add(host_obj)
dbconn.session.commit()
f.close()
else:
mylib.print_err(conf.ERRORNO['4001'] %hosts_file, quit = True)
from conf import action_registers, conf
from libs import mylib
import sys
import os
# print(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
sys.path.append(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
def help_msg():
'''
打印帮助信息
:return:
'''
print(mylib.color('Available commands:', 32))
for key in action_registers.actions:
print(' ', key)
if __name__ == '__main__':
# tty = supertty.myTty('localhost', 'zhangxiaoyu', 22, '123.com')
# tty.run()
argv = sys.argv # 获取命令行参数列表
# print(sys.argv)
# argv = ['superjumpser.py', 'import_hosts','-f', 'share/examples/hosts.json']
# argv = ['superjumpser.py', 'init_database']
# argv = ['superjumpser.py', 'import_remoteusers','-f', 'share/examples/hostusers.json']
# argv = ['superjumpser.py', 'import_groups','-f', 'share/examples/groups.json']
# argv = ['superjumpser.py', 'import_users','-f', 'share/examples/users.json']
# argv = ['superjumpser.py', 'start']
if len(argv) < 2: # 判断命令行参数数量是否合法
help_msg()
exit(1)
if argv[1] not in action_registers.actions: # 判断命令行名命令是否在注册列表中
mylib.print_err(conf.ERRORNO['2001'] %argv[1], quit = True)
action_registers.actions[argv[1]](argv[1:]) # 调用注册的对应方法
def start(argvs):
'''
堡垒机主函数
:param argvs: 命令行参数,本函数用不到
:return: 无
'''
user = auth() # 调用认证函数,认证
# user = dbconn.session.query(dbmodels.UserProfile).filter(dbmodels.UserProfile.username == 'zhangxiaoyu', dbmodels.UserProfile.password == '123.com').first()
if user: # 认证成功执行
flag = True
hostusers = user.hostusers # 获取为分组的远端主机用户
groups = user.groups # 获取组列表
while flag:
try:
print_welcome(user)
print(
mylib.color('Ungrouped hosts: (%s)', 35) % len(hostusers))
for index, hostuser in enumerate(hostusers,
1): # 遍历打印未分组远端主机用户信息
print(' %s.\t %s@%s(%s)' %
(index, hostuser.username, hostuser.host.hostname,
hostuser.host.ip_addr))
print(mylib.color('Groups: (%s)', 35) % len(groups))
for index, group in enumerate(groups,
len(hostusers) + 1): # 遍历打印组列表
print(' %s.\t %s' % (index, group.name))
chose = input('%s (q)quit>> ' % user.username) # 获取用户输入
if chose == 'q':
flag = False
elif chose.isdigit():
chose = int(chose)
if 0 < chose < len(hostusers) + 1: # 判断是否在未分组主机列表中
hostuser = hostusers[chose - 1] # 获取远端主机信息
open_session(user, hostuser) # 打开会话
elif len(hostusers) < chose < (
len(hostusers) + len(groups) + 1): # 否则选择的就是组
group = groups[chose - len(hostusers) - 1] # 获取组
group_flag = True
while group_flag:
for index, hostuser in enumerate(
group.host_users, 1): # 遍历打印当前组内的远端主机列表
print(' %s.\t %s@%s(%s)' %
(index, hostuser.username,
hostuser.host.hostname,
hostuser.host.ip_addr))
chose2 = input(
'zhangxiaoyu (q)quit, (b)break>> ').strip()
if chose2.isdigit():
chose2 = int(chose2)
if 0 < chose2 < (len(group.host_users) +
1): # 判断是否在远端主机用户列表中
hostuser = group.host_users[chose2 - 1]
open_session(user, hostuser) # 打开会话
group_flag = False
else:
mylib.print_err(conf.ERRORNO['2002'])
elif chose2 == 'q':
group_flag = False
flag = False
elif chose2 == 'b':
group_flag = False
else:
mylib.print_err(conf.ERRORNO['2002'])
else:
mylib.print_err(conf.ERRORNO['2002'])
else:
mylib.print_err(conf.ERRORNO['2002'])
except (EOFError, BlockingIOError) as e:
continue
exit(1)
