Exemple #1
0
 def get(self,id):
     if not self.current_user:
         self.redirect('/Signin')
         return
     username = self.get_secure_cookie('username')
     permission = permissiondict[username]['permission']
     PAGE = ''.join([id,'.html'])
     logger.debug('Request %s',PAGE)
     self.render(PAGE,ECOUNT=ecount,SALTRESULT=SALTRET)
Exemple #2
0
 def get(self, id):
     if not self.current_user:
         self.redirect('/Signin')
         return
     username = self.get_secure_cookie('username')
     permission = permissiondict[username]['permission']
     PAGE = ''.join([id, '.html'])
     logger.debug('Request %s', PAGE)
     self.render(PAGE, ECOUNT=ecount, SALTRESULT=SALTRET)
Exemple #3
0
    def post(self): #HTTP的POST方法,是GET渲染的form中的post method所对应
        username = self.get_argument('username')	#获取form中username的值
        password = self.get_argument('password')	#获取form中password的值
        ip = self.request.remote_ip #获取来访者IP
        userdict = Readyaml('db/user.db')
	try: 
            wdsalt = userdict[username]['salt']
        except:
            HINT = '用户名不存在,请重新输入'
            logger.debug('User %s login failed, wrong username',username)            
            self.render('login_form.html',HINT=HINT)
            return

        wdpass = userdict[username]['password']
        wdforcereset = userdict[username]['forcereset']
        wdret = VerifyPassword(wdsalt,wdpass,password)
	if wdret == 0:
	    permission = permissiondict[username]['permission']
            self.set_secure_cookie('username', username.encode('unicode_escape'),  expires_days=None) #same
            self.set_secure_cookie('role', password.encode('unicode_escape'),  expires_days=None) #same
            ip = self.request.remote_ip #获取来访者IP
   	    logger.debug('User %s auth success',username)

            if wdforcereset == 1:
	        logger.debug('User %s is forced to change password',username)
                self.redirect('/ChangePW')
            else:
                self.redirect('/') 
                return #返回,按照官方文档的要求,在redirect之后需要写空的return,否则可能会有问题,实测确实会有问题
	else:
            HINT = '密码错误,请重新输入'
            logger.debug('User %s login failed, wrong password',username)
            self.render('login_form.html',HINT=HINT)
            return
Exemple #4
0
    def post(self):
        if not self.current_user:
            self.redirect('/Signin')
            return
	userdict = Readyaml('db/user.db')
        username = self.get_secure_cookie('username')
	password0 = self.get_argument('password0')
	password1 = self.get_argument('password1')
  	if password0 == password1:
	    salt = RandomString(64)
 	    password = GenDigest(salt,password0)
            userdict[username]['salt'] = salt
            userdict[username]['password'] = password
            userdict[username]['forcereset'] = 0
	    #logger.debug('Modify userdict: %s',userdict)
	    logger.debug('User %s change password success',username)
            Writeyaml(userdict,'db/user.db')
 	    self.redirect("/Redirect")
Exemple #5
0
 def post(self):
     if not self.current_user:
         self.redirect('/Signin')
         return
     userdict = Readyaml('db/user.db')
     username = self.get_secure_cookie('username')
     password0 = self.get_argument('password0')
     password1 = self.get_argument('password1')
     if password0 == password1:
         salt = RandomString(64)
         password = GenDigest(salt, password0)
         userdict[username]['salt'] = salt
         userdict[username]['password'] = password
         userdict[username]['forcereset'] = 0
         #logger.debug('Modify userdict: %s',userdict)
         logger.debug('User %s change password success', username)
         Writeyaml(userdict, 'db/user.db')
         self.redirect("/Redirect")
Exemple #6
0
    def post(self, id):
        username = self.get_secure_cookie('username')
        permission = permissiondict[username]['permission']
        global SALTRET
        SALTRET = 'Just init value'

        TARGET = self.get_argument('tgt')
        FUN = gamedict[id]['cmdtype']
        EXPR_FORM = gamedict[id]['targettype']
        RUNAS = gamedict[id]['runas']
        if RUNAS == 'na':
            KWARG = {}
        else:
            KWARG = {'runas': RUNAS}
        CMD0 = self.get_argument('cmd0')
        CMD1 = self.get_argument('cmd1')
        try:
            CMD2 = self.get_argument('cmd2')
        except:
            CMD2 = ''
        if FUN == 'cmd.run':
            COMMAND = ' '.join([CMD0, CMD1, CMD2])
        elif FUN == 'state.sls':
            COMMAND = CMD0 + '.' + CMD1 + CMD2
        if EXPR_FORM == 'list':
            SALTCMD = "salt %s %s %s" % (TARGET, FUN, COMMAND)
        elif EXPR_FORM == 'nodegroup':
            SALTCMD = "salt -N %s %s %s" % (TARGET, FUN, COMMAND)

        local = salt.client.LocalClient()
        self.render('result.html',
                    SALTCOMMAND=SALTCMD,
                    SALTRESULT=SALTRET,
                    FLAGID=id,
                    MENUDICT=menudict,
                    SALTFUNCTION=FUN,
                    PERMISSION=permission)
        logger.debug(
            '%s, salt.client.local.cmd: tgt=%s,fun=%s,arg=[%s],expr_form=%s,kwarg=%s',
            username, TARGET, FUN, COMMAND, EXPR_FORM, KWARG)
        SALTRET = local.cmd(tgt=TARGET,
                            fun=FUN,
                            arg=[COMMAND],
                            expr_form=EXPR_FORM,
                            kwarg=KWARG)
        logger.debug('%s, SALTRET0: %s', username, SALTRET)
        if FUN == 'state.sls':
            SALTRET = ret_process(SALTRET)
        logger.debug('%s, SALTRET: %s', username, SALTRET)
Exemple #7
0
    def post(self):  #HTTP的POST方法,是GET渲染的form中的post method所对应
        username = self.get_argument('username')  #获取form中username的值
        password = self.get_argument('password')  #获取form中password的值
        ip = self.request.remote_ip  #获取来访者IP
        userdict = Readyaml('db/user.db')
        try:
            wdsalt = userdict[username]['salt']
        except:
            HINT = '用户名不存在,请重新输入'
            logger.debug('User %s login failed, wrong username', username)
            self.render('login_form.html', HINT=HINT)
            return

        wdpass = userdict[username]['password']
        wdforcereset = userdict[username]['forcereset']
        wdret = VerifyPassword(wdsalt, wdpass, password)
        if wdret == 0:
            permission = permissiondict[username]['permission']
            self.set_secure_cookie('username',
                                   username.encode('unicode_escape'),
                                   expires_days=None)  #same
            self.set_secure_cookie('role',
                                   password.encode('unicode_escape'),
                                   expires_days=None)  #same
            ip = self.request.remote_ip  #获取来访者IP
            logger.debug('User %s auth success', username)

            if wdforcereset == 1:
                logger.debug('User %s is forced to change password', username)
                self.redirect('/ChangePW')
            else:
                self.redirect('/')
                return  #返回,按照官方文档的要求,在redirect之后需要写空的return,否则可能会有问题,实测确实会有问题
        else:
            HINT = '密码错误,请重新输入'
            logger.debug('User %s login failed, wrong password', username)
            self.render('login_form.html', HINT=HINT)
            return
Exemple #8
0
    def post(self,id):
        username = self.get_secure_cookie('username')
        permission = permissiondict[username]['permission']
	global SALTRET
	SALTRET = 'Just init value'

        TARGET = self.get_argument('tgt')     
        FUN = gamedict[id]['cmdtype']
        EXPR_FORM = gamedict[id]['targettype']
        RUNAS = gamedict[id]['runas']
        if RUNAS == 'na':
          KWARG = {}
        else:
          KWARG = {'runas':RUNAS}
        CMD0 = self.get_argument('cmd0')
        CMD1 = self.get_argument('cmd1')
        try:
          CMD2 = self.get_argument('cmd2')
        except:
          CMD2 = ''
        if FUN == 'cmd.run':
          COMMAND = ' '.join([CMD0,CMD1,CMD2])
        elif FUN == 'state.sls':
          COMMAND = CMD0 + '.' + CMD1 + CMD2
        if EXPR_FORM == 'list':
          SALTCMD = "salt %s %s %s" % (TARGET,FUN,COMMAND)
        elif EXPR_FORM == 'nodegroup':
          SALTCMD = "salt -N %s %s %s" % (TARGET,FUN,COMMAND)

        local = salt.client.LocalClient()
        self.render('result.html',SALTCOMMAND=SALTCMD,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=FUN,PERMISSION=permission)
        logger.debug('%s, salt.client.local.cmd: tgt=%s,fun=%s,arg=[%s],expr_form=%s,kwarg=%s',username,TARGET,FUN,COMMAND,EXPR_FORM,KWARG)
        SALTRET = local.cmd(tgt=TARGET,fun=FUN,arg=[COMMAND],expr_form=EXPR_FORM,kwarg=KWARG)
        logger.debug('%s, SALTRET0: %s',username,SALTRET)
        if FUN == 'state.sls':
          SALTRET = ret_process(SALTRET)
        logger.debug('%s, SALTRET: %s',username,SALTRET)
Exemple #9
0
    def post(self, id):
        username = self.get_secure_cookie('username')
        permission = permissiondict[username]['permission']
        global SALTRET
        global ecount
        SALTRET = 'Just init value'

        if id == 'server_initialization':
            PACKAGE = self.get_argument('package')
            PACKAGE_LINE = [
                i.split() for i in PACKAGE.encode('utf-8').split('\r\n')
            ]
            logger.debug('%s, PACKAGE_LINE: %s', username, PACKAGE_LINE)
            SALTCMD = 'Host Initialization'
            SALT_FUN = 'host.init'

            ecount = 0
            SALTRET = []
            SALTRET.append('')
            ## 需要加入主机名和IP地址不重复验证
            ## 日后再加
            for ELMENT in PACKAGE_LINE:
                j = ' '.join(ELMENT)
                if len(ELMENT) < 2:
                    ecount += 1
                    SALTRET.append({j: 1})
                else:
                    SALTRET.append({j: 0})
            logger.debug('%s, ecount: %s SALTRET: %s', username, ecount,
                         SALTRET)
            if ecount > 0:
                SALTRET[0] = '下列标红的行所提供之信息不完整,请修正后重新提交: '
                self.render('result.html',
                            SALTCOMMAND=SALTCMD,
                            ECOUNT=ecount,
                            SALTRESULT=SALTRET,
                            FLAGID=id,
                            MENUDICT=menudict,
                            SALTFUNCTION=SALT_FUN,
                            PERMISSION=permission)

            else:
                ret_usertype = 0
                PACKAGE_DICT = {}
                HOSTNAME_DICT = {}
                ROSTER_CONF = '.roster_' + str(time.time())
                for USER in ['root', 'ubuntu']:
                    if USER == 'root':
                        for ELMENT in PACKAGE_LINE:
                            if len(ELMENT) == 3:
                                PASS = ELMENT[-1]
                            else:
                                PASS = '******'
                            PACKAGE_DICT[ELMENT[1]] = {
                                'host': ELMENT[0],
                                'user': USER,
                                'passwd': PASS,
                                'port': 22
                            }
                            HOSTNAME_DICT[ELMENT[0]] = ELMENT[1]
                            PACKAGE_YAML = yaml.dump(PACKAGE_DICT)
                            logger.debug('%s, PACKAGE_YAML: %s', username,
                                         PACKAGE_YAML)
                            ROSTER_FD = open(ROSTER_CONF, 'w')
                            ROSTER_FD.write(PACKAGE_YAML)
                            ROSTER_FD.close()
                    elif USER == 'ubuntu':
                        for hosty in retb:
                            if retb[hosty] == 0:
                                PACKAGE_DICT.pop(hosty)
                            elif retb[hosty] == 1:
                                PACKAGE_DICT[hosty]['user'] = '******'

                    logger.debug('%s, PACKAGE_DICT: %s', username,
                                 PACKAGE_DICT)
                    TARGET = ','.join([i for i in HOSTNAME_DICT.values()])

                    ## 验证ssh的用户密码是否正确
                    SALTSSH_RETFILE = '.saltsshret_' + str(time.time())

                    retb = LoginVirifi(PACKAGE_DICT)
                    logger.debug('%s, The result of LoginVirifi: %s', username,
                                 retb)
                    retc = sum(retb.values())
                    if retc == 0:
                        ret_usertype = ret_usertype - 1
                        logger.debug(
                            '%s, All host LoginVirifi success,ret_usertype: %s',
                            username, ret_usertype)
                        break
                    else:
                        ret_usertype = 1
                        logger.debug(
                            '%s, All or part of host LoginVirifi fail,ret_usertype: %s',
                            username, ret_usertype)
                        continue

                ## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同
                ## ubuntu 用户修改root 密码失败暂未做处理
                if ret_usertype == 1:
                    ecount = -1
                    SALTRET = []
                    SALTRET.append('下列标红的服务器ssh登录失败,请修正后重新提交:')
                    for j in PACKAGE_LINE:
                        k = ' '.join(j)
                        if j[1] in retb.keys():
                            SALTRET.append({k: 1})
                        else:
                            SALTRET.append({k: 0})
                    logger.info('%s, ecount: %s SALTRET: %s', username, ecount,
                                SALTRET)
                    self.render('result.html',
                                SALTCOMMAND=SALTCMD,
                                ECOUNT=ecount,
                                SALTRESULT=SALTRET,
                                FLAGID=id,
                                MENUDICT=menudict,
                                SALTFUNCTION=SALT_FUN,
                                PERMISSION=permission)
                else:
                    #SALT_FUN = 'state.sls'
                    self.render('result.html',
                                SALTCOMMAND=SALTCMD,
                                ECOUNT=ecount,
                                SALTRESULT=SALTRET,
                                FLAGID=id,
                                MENUDICT=menudict,
                                SALTFUNCTION=SALT_FUN,
                                PERMISSION=permission)

                    ## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同
                    ## ubuntu 用户修改root 密码失败暂未做处理
                    if ret_usertype == 0:
                        retd = ChangePasswd(PACKAGE_DICT)
                        logger.debug('%s, The result of ChangePasswd: %s',
                                     username, retd)
                        rete = sum(retd.values())

    ## host init
                    client = SSHClient()
                    logger.debug(
                        "%s, client.cmd\(tgt=%s,fun='state.sls', arg=['inithost'],roster_file=%s,expr_form=\'list\',kwarg={'pillar':%s,}\)",
                        username, TARGET, ROSTER_CONF, HOSTNAME_DICT)
                    # rand_thin_dir=True or -W is for fixing the salt-ssh problem when minion is python2.7 and master is python2.6 can cause error below:
                    # 'AttributeError: 'module' object has no attribute 'fromstringlist
                    # refer https://github.com/saltstack/salt/issues/26584
                    RET = client.cmd(tgt=TARGET,
                                     fun='state.sls',
                                     arg=['inithost'],
                                     roster_file=ROSTER_CONF,
                                     expr_form='list',
                                     ignore_host_keys=True,
                                     rand_thin_dir=True,
                                     kwarg={'pillar': HOSTNAME_DICT})
                    logger.debug('%s, ecount: %d RET: %s', username, ecount,
                                 RET)
                    SALTRET = ret_process(RET, dtype='init')
                    logger.info('%s, SALTRET: %s', username, SALTRET)
Exemple #10
0
    def get(self):  
	username = self.get_secure_cookie('username')
        if (self.get_argument("signout", None)):  
            self.clear_cookie("username")  
	logger.debug('User %s logout',username)
        self.redirect("/") 
Exemple #11
0
    def post(self,id):
        username = self.get_secure_cookie('username')
        permission = permissiondict[username]['permission']
	global SALTRET
	global ecount
	SALTRET = 'Just init value'

        if id == 'server_initialization':
          PACKAGE = self.get_argument('package')
	  PACKAGE_LINE = [i.split() for i in PACKAGE.encode('utf-8').split('\r\n')]
	  logger.debug('%s, PACKAGE_LINE: %s',username,PACKAGE_LINE)
    	  SALTCMD = 'Host Initialization'
	  SALT_FUN = 'host.init'

	  ecount = 0
	  SALTRET = []
	  SALTRET.append('')
	  ## 需要加入主机名和IP地址不重复验证
	  ## 日后再加
	  for ELMENT in PACKAGE_LINE:
	    j = ' '.join(ELMENT)
	    if len(ELMENT) < 2:
	      ecount += 1
	      SALTRET.append({j:1})
	    else:
	      SALTRET.append({j:0})
	  logger.debug('%s, ecount: %s SALTRET: %s',username,ecount,SALTRET)
	  if ecount > 0:
	     SALTRET[0] = '下列标红的行所提供之信息不完整,请修正后重新提交: '
	     self.render('result.html',SALTCOMMAND=SALTCMD,ECOUNT=ecount,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=SALT_FUN,PERMISSION=permission)

	  else:
	    ret_usertype = 0
	    PACKAGE_DICT = {}
	    HOSTNAME_DICT = {}
	    ROSTER_CONF = '.roster_' + str(time.time())
	    for USER in ['root','ubuntu']:
	      if USER == 'root':
	          for ELMENT in PACKAGE_LINE:
	            if len(ELMENT) == 3:
	              PASS = ELMENT[-1]
	            else:
	              PASS = '******'
	            PACKAGE_DICT[ELMENT[1]] = {'host': ELMENT[0],'user':USER,'passwd':PASS,'port':22}
	            HOSTNAME_DICT[ELMENT[0]] = ELMENT[1]
	            PACKAGE_YAML = yaml.dump(PACKAGE_DICT)
                    logger.debug('%s, PACKAGE_YAML: %s',username,PACKAGE_YAML)
	            ROSTER_FD = open(ROSTER_CONF,'w')
	            ROSTER_FD.write(PACKAGE_YAML)
	            ROSTER_FD.close()
	      elif USER == 'ubuntu':
	          for hosty in retb:
	            if retb[hosty] == 0:
		      PACKAGE_DICT.pop(hosty) 
	            elif retb[hosty] == 1:
		      PACKAGE_DICT[hosty]['user'] = '******'
	        
	
              logger.debug('%s, PACKAGE_DICT: %s',username,PACKAGE_DICT)
	      TARGET = ','.join([i for i in HOSTNAME_DICT.values()])

	      ## 验证ssh的用户密码是否正确
	      SALTSSH_RETFILE = '.saltsshret_' + str(time.time())

	      retb = LoginVirifi(PACKAGE_DICT) 
	      logger.debug('%s, The result of LoginVirifi: %s',username,retb)
	      retc = sum(retb.values())
	      if retc == 0:
	          ret_usertype = ret_usertype - 1
	          logger.debug('%s, All host LoginVirifi success,ret_usertype: %s',username,ret_usertype)
	          break 
	      else:
	          ret_usertype = 1
	          logger.debug('%s, All or part of host LoginVirifi fail,ret_usertype: %s',username,ret_usertype)
	          continue

	    ## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同
	    ## ubuntu 用户修改root 密码失败暂未做处理   
	    if ret_usertype == 1:
              ecount = -1
	      SALTRET = []
	      SALTRET.append('下列标红的服务器ssh登录失败,请修正后重新提交:')
	      for j in  PACKAGE_LINE:
	         k = ' '.join(j)
	         if j[1] in retb.keys():
	            SALTRET.append({k:1})
	         else:
		    SALTRET.append({k:0})
              logger.info('%s, ecount: %s SALTRET: %s',username,ecount,SALTRET)
	      self.render('result.html',SALTCOMMAND=SALTCMD,ECOUNT=ecount,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=SALT_FUN,PERMISSION=permission)
	    else:
	      #SALT_FUN = 'state.sls'
              self.render('result.html',SALTCOMMAND=SALTCMD,ECOUNT=ecount,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=SALT_FUN,PERMISSION=permission)

	      ## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同
	      ## ubuntu 用户修改root 密码失败暂未做处理   
	      if ret_usertype == 0:
	        retd = ChangePasswd(PACKAGE_DICT)
	        logger.debug('%s, The result of ChangePasswd: %s',username,retd)
	        rete = sum(retd.values())

    	      ## host init
    	      client = SSHClient()
              logger.debug("%s, client.cmd\(tgt=%s,fun='state.sls', arg=['inithost'],roster_file=%s,expr_form=\'list\',kwarg={'pillar':%s,}\)",username,TARGET,ROSTER_CONF,HOSTNAME_DICT)
              # rand_thin_dir=True or -W is for fixing the salt-ssh problem when minion is python2.7 and master is python2.6 can cause error below:
              # 'AttributeError: 'module' object has no attribute 'fromstringlist
              # refer https://github.com/saltstack/salt/issues/26584
    	      RET = client.cmd(tgt=TARGET,fun='state.sls', arg=['inithost'],roster_file=ROSTER_CONF,expr_form='list',ignore_host_keys=True,rand_thin_dir=True,kwarg={'pillar':HOSTNAME_DICT})
	      logger.debug('%s, ecount: %d RET: %s',username,ecount,RET)
              SALTRET = ret_process(RET,dtype='init')
              logger.info('%s, SALTRET: %s',username,SALTRET)
Exemple #12
0
 def get(self):
     username = self.get_secure_cookie('username')
     if (self.get_argument("signout", None)):
         self.clear_cookie("username")
     logger.debug('User %s logout', username)
     self.redirect("/")