def get(self,id): if not self.current_user: self.redirect('/Signin') return username = self.get_secure_cookie('username') permission = permissiondict[username]['permission'] PAGE = ''.join([id,'.html']) logger.debug('Request %s',PAGE) self.render(PAGE,ECOUNT=ecount,SALTRESULT=SALTRET)
def get(self, id): if not self.current_user: self.redirect('/Signin') return username = self.get_secure_cookie('username') permission = permissiondict[username]['permission'] PAGE = ''.join([id, '.html']) logger.debug('Request %s', PAGE) self.render(PAGE, ECOUNT=ecount, SALTRESULT=SALTRET)
def post(self): #HTTP的POST方法,是GET渲染的form中的post method所对应 username = self.get_argument('username') #获取form中username的值 password = self.get_argument('password') #获取form中password的值 ip = self.request.remote_ip #获取来访者IP userdict = Readyaml('db/user.db') try: wdsalt = userdict[username]['salt'] except: HINT = '用户名不存在,请重新输入' logger.debug('User %s login failed, wrong username',username) self.render('login_form.html',HINT=HINT) return wdpass = userdict[username]['password'] wdforcereset = userdict[username]['forcereset'] wdret = VerifyPassword(wdsalt,wdpass,password) if wdret == 0: permission = permissiondict[username]['permission'] self.set_secure_cookie('username', username.encode('unicode_escape'), expires_days=None) #same self.set_secure_cookie('role', password.encode('unicode_escape'), expires_days=None) #same ip = self.request.remote_ip #获取来访者IP logger.debug('User %s auth success',username) if wdforcereset == 1: logger.debug('User %s is forced to change password',username) self.redirect('/ChangePW') else: self.redirect('/') return #返回,按照官方文档的要求,在redirect之后需要写空的return,否则可能会有问题,实测确实会有问题 else: HINT = '密码错误,请重新输入' logger.debug('User %s login failed, wrong password',username) self.render('login_form.html',HINT=HINT) return
def post(self): if not self.current_user: self.redirect('/Signin') return userdict = Readyaml('db/user.db') username = self.get_secure_cookie('username') password0 = self.get_argument('password0') password1 = self.get_argument('password1') if password0 == password1: salt = RandomString(64) password = GenDigest(salt,password0) userdict[username]['salt'] = salt userdict[username]['password'] = password userdict[username]['forcereset'] = 0 #logger.debug('Modify userdict: %s',userdict) logger.debug('User %s change password success',username) Writeyaml(userdict,'db/user.db') self.redirect("/Redirect")
def post(self): if not self.current_user: self.redirect('/Signin') return userdict = Readyaml('db/user.db') username = self.get_secure_cookie('username') password0 = self.get_argument('password0') password1 = self.get_argument('password1') if password0 == password1: salt = RandomString(64) password = GenDigest(salt, password0) userdict[username]['salt'] = salt userdict[username]['password'] = password userdict[username]['forcereset'] = 0 #logger.debug('Modify userdict: %s',userdict) logger.debug('User %s change password success', username) Writeyaml(userdict, 'db/user.db') self.redirect("/Redirect")
def post(self, id): username = self.get_secure_cookie('username') permission = permissiondict[username]['permission'] global SALTRET SALTRET = 'Just init value' TARGET = self.get_argument('tgt') FUN = gamedict[id]['cmdtype'] EXPR_FORM = gamedict[id]['targettype'] RUNAS = gamedict[id]['runas'] if RUNAS == 'na': KWARG = {} else: KWARG = {'runas': RUNAS} CMD0 = self.get_argument('cmd0') CMD1 = self.get_argument('cmd1') try: CMD2 = self.get_argument('cmd2') except: CMD2 = '' if FUN == 'cmd.run': COMMAND = ' '.join([CMD0, CMD1, CMD2]) elif FUN == 'state.sls': COMMAND = CMD0 + '.' + CMD1 + CMD2 if EXPR_FORM == 'list': SALTCMD = "salt %s %s %s" % (TARGET, FUN, COMMAND) elif EXPR_FORM == 'nodegroup': SALTCMD = "salt -N %s %s %s" % (TARGET, FUN, COMMAND) local = salt.client.LocalClient() self.render('result.html', SALTCOMMAND=SALTCMD, SALTRESULT=SALTRET, FLAGID=id, MENUDICT=menudict, SALTFUNCTION=FUN, PERMISSION=permission) logger.debug( '%s, salt.client.local.cmd: tgt=%s,fun=%s,arg=[%s],expr_form=%s,kwarg=%s', username, TARGET, FUN, COMMAND, EXPR_FORM, KWARG) SALTRET = local.cmd(tgt=TARGET, fun=FUN, arg=[COMMAND], expr_form=EXPR_FORM, kwarg=KWARG) logger.debug('%s, SALTRET0: %s', username, SALTRET) if FUN == 'state.sls': SALTRET = ret_process(SALTRET) logger.debug('%s, SALTRET: %s', username, SALTRET)
def post(self): #HTTP的POST方法,是GET渲染的form中的post method所对应 username = self.get_argument('username') #获取form中username的值 password = self.get_argument('password') #获取form中password的值 ip = self.request.remote_ip #获取来访者IP userdict = Readyaml('db/user.db') try: wdsalt = userdict[username]['salt'] except: HINT = '用户名不存在,请重新输入' logger.debug('User %s login failed, wrong username', username) self.render('login_form.html', HINT=HINT) return wdpass = userdict[username]['password'] wdforcereset = userdict[username]['forcereset'] wdret = VerifyPassword(wdsalt, wdpass, password) if wdret == 0: permission = permissiondict[username]['permission'] self.set_secure_cookie('username', username.encode('unicode_escape'), expires_days=None) #same self.set_secure_cookie('role', password.encode('unicode_escape'), expires_days=None) #same ip = self.request.remote_ip #获取来访者IP logger.debug('User %s auth success', username) if wdforcereset == 1: logger.debug('User %s is forced to change password', username) self.redirect('/ChangePW') else: self.redirect('/') return #返回,按照官方文档的要求,在redirect之后需要写空的return,否则可能会有问题,实测确实会有问题 else: HINT = '密码错误,请重新输入' logger.debug('User %s login failed, wrong password', username) self.render('login_form.html', HINT=HINT) return
def post(self,id): username = self.get_secure_cookie('username') permission = permissiondict[username]['permission'] global SALTRET SALTRET = 'Just init value' TARGET = self.get_argument('tgt') FUN = gamedict[id]['cmdtype'] EXPR_FORM = gamedict[id]['targettype'] RUNAS = gamedict[id]['runas'] if RUNAS == 'na': KWARG = {} else: KWARG = {'runas':RUNAS} CMD0 = self.get_argument('cmd0') CMD1 = self.get_argument('cmd1') try: CMD2 = self.get_argument('cmd2') except: CMD2 = '' if FUN == 'cmd.run': COMMAND = ' '.join([CMD0,CMD1,CMD2]) elif FUN == 'state.sls': COMMAND = CMD0 + '.' + CMD1 + CMD2 if EXPR_FORM == 'list': SALTCMD = "salt %s %s %s" % (TARGET,FUN,COMMAND) elif EXPR_FORM == 'nodegroup': SALTCMD = "salt -N %s %s %s" % (TARGET,FUN,COMMAND) local = salt.client.LocalClient() self.render('result.html',SALTCOMMAND=SALTCMD,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=FUN,PERMISSION=permission) logger.debug('%s, salt.client.local.cmd: tgt=%s,fun=%s,arg=[%s],expr_form=%s,kwarg=%s',username,TARGET,FUN,COMMAND,EXPR_FORM,KWARG) SALTRET = local.cmd(tgt=TARGET,fun=FUN,arg=[COMMAND],expr_form=EXPR_FORM,kwarg=KWARG) logger.debug('%s, SALTRET0: %s',username,SALTRET) if FUN == 'state.sls': SALTRET = ret_process(SALTRET) logger.debug('%s, SALTRET: %s',username,SALTRET)
def post(self, id): username = self.get_secure_cookie('username') permission = permissiondict[username]['permission'] global SALTRET global ecount SALTRET = 'Just init value' if id == 'server_initialization': PACKAGE = self.get_argument('package') PACKAGE_LINE = [ i.split() for i in PACKAGE.encode('utf-8').split('\r\n') ] logger.debug('%s, PACKAGE_LINE: %s', username, PACKAGE_LINE) SALTCMD = 'Host Initialization' SALT_FUN = 'host.init' ecount = 0 SALTRET = [] SALTRET.append('') ## 需要加入主机名和IP地址不重复验证 ## 日后再加 for ELMENT in PACKAGE_LINE: j = ' '.join(ELMENT) if len(ELMENT) < 2: ecount += 1 SALTRET.append({j: 1}) else: SALTRET.append({j: 0}) logger.debug('%s, ecount: %s SALTRET: %s', username, ecount, SALTRET) if ecount > 0: SALTRET[0] = '下列标红的行所提供之信息不完整,请修正后重新提交: ' self.render('result.html', SALTCOMMAND=SALTCMD, ECOUNT=ecount, SALTRESULT=SALTRET, FLAGID=id, MENUDICT=menudict, SALTFUNCTION=SALT_FUN, PERMISSION=permission) else: ret_usertype = 0 PACKAGE_DICT = {} HOSTNAME_DICT = {} ROSTER_CONF = '.roster_' + str(time.time()) for USER in ['root', 'ubuntu']: if USER == 'root': for ELMENT in PACKAGE_LINE: if len(ELMENT) == 3: PASS = ELMENT[-1] else: PASS = '******' PACKAGE_DICT[ELMENT[1]] = { 'host': ELMENT[0], 'user': USER, 'passwd': PASS, 'port': 22 } HOSTNAME_DICT[ELMENT[0]] = ELMENT[1] PACKAGE_YAML = yaml.dump(PACKAGE_DICT) logger.debug('%s, PACKAGE_YAML: %s', username, PACKAGE_YAML) ROSTER_FD = open(ROSTER_CONF, 'w') ROSTER_FD.write(PACKAGE_YAML) ROSTER_FD.close() elif USER == 'ubuntu': for hosty in retb: if retb[hosty] == 0: PACKAGE_DICT.pop(hosty) elif retb[hosty] == 1: PACKAGE_DICT[hosty]['user'] = '******' logger.debug('%s, PACKAGE_DICT: %s', username, PACKAGE_DICT) TARGET = ','.join([i for i in HOSTNAME_DICT.values()]) ## 验证ssh的用户密码是否正确 SALTSSH_RETFILE = '.saltsshret_' + str(time.time()) retb = LoginVirifi(PACKAGE_DICT) logger.debug('%s, The result of LoginVirifi: %s', username, retb) retc = sum(retb.values()) if retc == 0: ret_usertype = ret_usertype - 1 logger.debug( '%s, All host LoginVirifi success,ret_usertype: %s', username, ret_usertype) break else: ret_usertype = 1 logger.debug( '%s, All or part of host LoginVirifi fail,ret_usertype: %s', username, ret_usertype) continue ## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同 ## ubuntu 用户修改root 密码失败暂未做处理 if ret_usertype == 1: ecount = -1 SALTRET = [] SALTRET.append('下列标红的服务器ssh登录失败,请修正后重新提交:') for j in PACKAGE_LINE: k = ' '.join(j) if j[1] in retb.keys(): SALTRET.append({k: 1}) else: SALTRET.append({k: 0}) logger.info('%s, ecount: %s SALTRET: %s', username, ecount, SALTRET) self.render('result.html', SALTCOMMAND=SALTCMD, ECOUNT=ecount, SALTRESULT=SALTRET, FLAGID=id, MENUDICT=menudict, SALTFUNCTION=SALT_FUN, PERMISSION=permission) else: #SALT_FUN = 'state.sls' self.render('result.html', SALTCOMMAND=SALTCMD, ECOUNT=ecount, SALTRESULT=SALTRET, FLAGID=id, MENUDICT=menudict, SALTFUNCTION=SALT_FUN, PERMISSION=permission) ## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同 ## ubuntu 用户修改root 密码失败暂未做处理 if ret_usertype == 0: retd = ChangePasswd(PACKAGE_DICT) logger.debug('%s, The result of ChangePasswd: %s', username, retd) rete = sum(retd.values()) ## host init client = SSHClient() logger.debug( "%s, client.cmd\(tgt=%s,fun='state.sls', arg=['inithost'],roster_file=%s,expr_form=\'list\',kwarg={'pillar':%s,}\)", username, TARGET, ROSTER_CONF, HOSTNAME_DICT) # rand_thin_dir=True or -W is for fixing the salt-ssh problem when minion is python2.7 and master is python2.6 can cause error below: # 'AttributeError: 'module' object has no attribute 'fromstringlist # refer https://github.com/saltstack/salt/issues/26584 RET = client.cmd(tgt=TARGET, fun='state.sls', arg=['inithost'], roster_file=ROSTER_CONF, expr_form='list', ignore_host_keys=True, rand_thin_dir=True, kwarg={'pillar': HOSTNAME_DICT}) logger.debug('%s, ecount: %d RET: %s', username, ecount, RET) SALTRET = ret_process(RET, dtype='init') logger.info('%s, SALTRET: %s', username, SALTRET)
def get(self): username = self.get_secure_cookie('username') if (self.get_argument("signout", None)): self.clear_cookie("username") logger.debug('User %s logout',username) self.redirect("/")
def post(self,id): username = self.get_secure_cookie('username') permission = permissiondict[username]['permission'] global SALTRET global ecount SALTRET = 'Just init value' if id == 'server_initialization': PACKAGE = self.get_argument('package') PACKAGE_LINE = [i.split() for i in PACKAGE.encode('utf-8').split('\r\n')] logger.debug('%s, PACKAGE_LINE: %s',username,PACKAGE_LINE) SALTCMD = 'Host Initialization' SALT_FUN = 'host.init' ecount = 0 SALTRET = [] SALTRET.append('') ## 需要加入主机名和IP地址不重复验证 ## 日后再加 for ELMENT in PACKAGE_LINE: j = ' '.join(ELMENT) if len(ELMENT) < 2: ecount += 1 SALTRET.append({j:1}) else: SALTRET.append({j:0}) logger.debug('%s, ecount: %s SALTRET: %s',username,ecount,SALTRET) if ecount > 0: SALTRET[0] = '下列标红的行所提供之信息不完整,请修正后重新提交: ' self.render('result.html',SALTCOMMAND=SALTCMD,ECOUNT=ecount,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=SALT_FUN,PERMISSION=permission) else: ret_usertype = 0 PACKAGE_DICT = {} HOSTNAME_DICT = {} ROSTER_CONF = '.roster_' + str(time.time()) for USER in ['root','ubuntu']: if USER == 'root': for ELMENT in PACKAGE_LINE: if len(ELMENT) == 3: PASS = ELMENT[-1] else: PASS = '******' PACKAGE_DICT[ELMENT[1]] = {'host': ELMENT[0],'user':USER,'passwd':PASS,'port':22} HOSTNAME_DICT[ELMENT[0]] = ELMENT[1] PACKAGE_YAML = yaml.dump(PACKAGE_DICT) logger.debug('%s, PACKAGE_YAML: %s',username,PACKAGE_YAML) ROSTER_FD = open(ROSTER_CONF,'w') ROSTER_FD.write(PACKAGE_YAML) ROSTER_FD.close() elif USER == 'ubuntu': for hosty in retb: if retb[hosty] == 0: PACKAGE_DICT.pop(hosty) elif retb[hosty] == 1: PACKAGE_DICT[hosty]['user'] = '******' logger.debug('%s, PACKAGE_DICT: %s',username,PACKAGE_DICT) TARGET = ','.join([i for i in HOSTNAME_DICT.values()]) ## 验证ssh的用户密码是否正确 SALTSSH_RETFILE = '.saltsshret_' + str(time.time()) retb = LoginVirifi(PACKAGE_DICT) logger.debug('%s, The result of LoginVirifi: %s',username,retb) retc = sum(retb.values()) if retc == 0: ret_usertype = ret_usertype - 1 logger.debug('%s, All host LoginVirifi success,ret_usertype: %s',username,ret_usertype) break else: ret_usertype = 1 logger.debug('%s, All or part of host LoginVirifi fail,ret_usertype: %s',username,ret_usertype) continue ## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同 ## ubuntu 用户修改root 密码失败暂未做处理 if ret_usertype == 1: ecount = -1 SALTRET = [] SALTRET.append('下列标红的服务器ssh登录失败,请修正后重新提交:') for j in PACKAGE_LINE: k = ' '.join(j) if j[1] in retb.keys(): SALTRET.append({k:1}) else: SALTRET.append({k:0}) logger.info('%s, ecount: %s SALTRET: %s',username,ecount,SALTRET) self.render('result.html',SALTCOMMAND=SALTCMD,ECOUNT=ecount,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=SALT_FUN,PERMISSION=permission) else: #SALT_FUN = 'state.sls' self.render('result.html',SALTCOMMAND=SALTCMD,ECOUNT=ecount,SALTRESULT=SALTRET,FLAGID=id,MENUDICT=menudict,SALTFUNCTION=SALT_FUN,PERMISSION=permission) ## 验证用户为ubuntu时,修改root密码与ubuntu用户密码相同 ## ubuntu 用户修改root 密码失败暂未做处理 if ret_usertype == 0: retd = ChangePasswd(PACKAGE_DICT) logger.debug('%s, The result of ChangePasswd: %s',username,retd) rete = sum(retd.values()) ## host init client = SSHClient() logger.debug("%s, client.cmd\(tgt=%s,fun='state.sls', arg=['inithost'],roster_file=%s,expr_form=\'list\',kwarg={'pillar':%s,}\)",username,TARGET,ROSTER_CONF,HOSTNAME_DICT) # rand_thin_dir=True or -W is for fixing the salt-ssh problem when minion is python2.7 and master is python2.6 can cause error below: # 'AttributeError: 'module' object has no attribute 'fromstringlist # refer https://github.com/saltstack/salt/issues/26584 RET = client.cmd(tgt=TARGET,fun='state.sls', arg=['inithost'],roster_file=ROSTER_CONF,expr_form='list',ignore_host_keys=True,rand_thin_dir=True,kwarg={'pillar':HOSTNAME_DICT}) logger.debug('%s, ecount: %d RET: %s',username,ecount,RET) SALTRET = ret_process(RET,dtype='init') logger.info('%s, SALTRET: %s',username,SALTRET)
def get(self): username = self.get_secure_cookie('username') if (self.get_argument("signout", None)): self.clear_cookie("username") logger.debug('User %s logout', username) self.redirect("/")