def perm_role_recycle(request):
role_id = request.GET.get('role_id')
asset_ids = request.GET.get('asset_id').split(',')
# 仅有推送的角色才回收
assets = [get_object(Asset, id=asset_id) for asset_id in asset_ids]
recycle_assets = []
for asset in assets:
if True in [push.success for push in asset.perm_push.all()]:
recycle_assets.append(asset)
recycle_resource = gen_resource(recycle_assets)
task = MyTask(recycle_resource)
try:
msg_del_user = task.del_user(get_object(PermRole, id=role_id).name)
msg_del_sudo = task.del_user_sudo(get_object(PermRole, id=role_id).name)
logger.info("recycle user msg: %s" % msg_del_user)
logger.info("recycle sudo msg: %s" % msg_del_sudo)
except Exception, e:
logger.warning("Recycle Role failed: %s" % e)
raise ServerError(u"回收已推送的系统用户失败: %s" % e)
def perm_role_recycle(request):
role_id = request.GET.get('role_id')
asset_ids = request.GET.get('asset_id').split(',')
# 仅有推送的角色才回收
assets = [get_object(Asset, id=asset_id) for asset_id in asset_ids]
recycle_assets = []
for asset in assets:
if True in [push.success for push in asset.perm_push.all()]:
recycle_assets.append(asset)
recycle_resource = gen_resource(recycle_assets)
task = MyTask(recycle_resource)
try:
msg_del_user = task.del_user(get_object(PermRole, id=role_id).name)
msg_del_sudo = task.del_user_sudo(
get_object(PermRole, id=role_id).name)
logger.info("recycle user msg: %s" % msg_del_user)
logger.info("recycle sudo msg: %s" % msg_del_sudo)
except Exception, e:
logger.warning("Recycle Role failed: %s" % e)
raise ServerError(u"回收已推送的系统用户失败: %s" % e)
]
logger.debug(u"delete role %s - delete_assets: %s" %
(role.name, recycle_assets))
if recycle_assets:
asset_proxys = gen_asset_proxy(recycle_assets)
for key, value in asset_proxys.items():
proxy = Proxy.objects.filter(proxy_name=key)[0]
recycle_resource = gen_resource(value)
host_list = [
asset.networking.all()[0].ip_address for asset in value
]
task = MyTask(recycle_resource, host_list)
try:
msg_del_user = task.del_user(role.name, proxy,
request.user.username)
msg_del_sudo = task.del_user_sudo(
role.uuid_id, proxy, request.user.username)
except Exception, e:
logger.warning(u"Recycle Role failed: %s" % e)
raise ServerError(u"回收已推送的系统用户失败: %s" % e)
logger.info(u"删除用户 %s - execute delete user: %s" %
(role.name, msg_del_user))
logger.info(u"删除用户 %s - execute delete sudo: %s" %
(role.name, msg_del_sudo))
# TODO: 判断返回结果,处理异常
# 删除proxy上的role, proxy上的role删除成功后再删除magicstack上的role
proxy_list = Proxy.objects.all()
data = {
'name': role.name,
}
data = json.dumps(data)
if request.method == "POST":
try:
role_id = request.POST.get("id")
role = get_object(PermRole, id=role_id)
if not role:
logger.warning(u"Delete Role: role_id %s not exist" % role_id)
raise ServerError(u"role_id %s 无数据记录" % role_id)
role_key = role.key_path
recycle_assets = [push.asset for push in role.perm_push.all() if push.success]
logger.debug(u"delete role %s - delete_assets: %s" % (role.name, recycle_assets))
if recycle_assets:
recycle_resource = gen_resource(recycle_assets)
task = MyTask(recycle_resource)
try:
msg_del_user = task.del_user(get_object(PermRole, id=role_id).name)
msg_del_sudo = task.del_user_sudo(get_object(PermRole, id=role_id).name)
except Exception, e:
logger.warning(u"Recycle Role failed: %s" % e)
raise ServerError(u"回收已推送的系统用户失败: %s" % e)
logger.info(u"delete role %s - execute delete user: %s" % (role.name, msg_del_user))
logger.info(u"delete role %s - execute delete sudo: %s" % (role.name, msg_del_sudo))
# TODO: 判断返回结果,处理异常
# 删除存储的秘钥,以及目录
try:
key_files = os.listdir(role_key)
for key_file in key_files:
os.remove(os.path.join(role_key, key_file))
os.rmdir(role_key)
except OSError, e:
logger.warning(u"Delete Role: delete key error, %s" % e)
raise ServerError(u"删除系统用户key失败: %s" % e)
role = get_object(PermRole, id=int(role_id))
if not role:
logger.warning(u"Delete Role: role_id %s not exist" % role_id)
raise ServerError(u"role_id %s 无数据记录" % role_id)
recycle_assets = [push.asset for push in role.perm_push.all() if push.success]
logger.debug(u"delete role %s - delete_assets: %s" % (role.name, recycle_assets))
if recycle_assets:
asset_proxys = gen_asset_proxy(recycle_assets)
for key, value in asset_proxys.items():
proxy = Proxy.objects.filter(proxy_name=key)[0]
recycle_resource = gen_resource(value)
host_list = [asset.networking.all()[0].ip_address for asset in value]
task = MyTask(recycle_resource, host_list)
try:
msg_del_user = task.del_user(role.name, proxy, request.user.username)
msg_del_sudo = task.del_user_sudo(role.uuid_id, proxy, request.user.username)
except Exception, e:
logger.warning(u"Recycle Role failed: %s" % e)
raise ServerError(u"回收已推送的系统用户失败: %s" % e)
logger.info(u"删除用户 %s - execute delete user: %s" % (role.name, msg_del_user))
logger.info(u"删除用户 %s - execute delete sudo: %s" % (role.name, msg_del_sudo))
# TODO: 判断返回结果,处理异常
# 删除proxy上的role, proxy上的role删除成功后再删除magicstack上的role
proxy_list = Proxy.objects.all()
data = {
'name': role.name,
}
data = json.dumps(data)
execute_thread_tasks(proxy_list, THREAD_NUMBERS,role_proxy_operator, request.user.username, 'PermRole', data, obj_uuid=role.uuid_id, action='delete')
msg = u"删除系统用户[%s]成功" % role.name