Exemple #1
0
    def post(self):
        ok, info = check.check_content_type(self.request)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        user_info = json.loads(self.request.body)
        user_id = user_info['user_id']
        ok, info = check.check_user_id(user_id)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        access_token = encrypt.make_cookie_secret()
        action_time = utils.cur_timestamp()
        session_data = {
            'access_token': access_token,
            'user_id': user_id,
            'action_time': action_time,
            'expire_time': action_time + config.expire_second
        }

        if db_session.update(session_data):
            self.set_secure_cookie("access_token", access_token)
            self.set_cookie("user_id", user_id)
            ok = True
            info = {}
        else:
            ok = False
            info = u"登陆失败,请联系管理员!"
        self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
Exemple #2
0
    def post(self):
        ok, info = check.check_content_type(self.request)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        user_info = json.loads(self.request.body)
        username, password = user_info['username'], user_info['passwd']
        ok, info = check.check_password(username, password)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        access_token = encrypt.make_cookie_secret()
        action_time = utils.cur_timestamp()
        session_data = {
            'access_token': access_token,
            'username': username,
            'action_time': action_time,
            'expire_time': action_time + config.expire_second
        }

        if db_session.update(session_data):
            self.set_secure_cookie("access_token", access_token)
            self.set_cookie("username", username)
            ok = True
            info = {}
        else:
            ok = False
            info = "Login error, please contact with the system administrator"
        self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def update_expire_time(access_token):
    action_time = utils.cur_timestamp()
    data = {
        'access_token': access_token,
        'action_time': action_time,
        'expire_time': action_time + config.expire_second
    }
    db_session.update(data)
Exemple #4
0
def is_expired(access_token):
    """
        verify if user has action time
        @param access_token:  user's access_token, get form cookie
        @return  Boolean, expired or not

    """
    info = db_utils.get_info_by_token(access_token)
    expire_time = info['expire_time']
    if utils.cur_timestamp() > expire_time:
        return True
    else:
        action_time = utils.cur_timestamp()
        session_data = {
            'username': info['username'],
            'action_time': action_time,
            'expire_time': action_time + config.expire_second
        }
        db_session.update(session_data)
        return False
Exemple #5
0
    def post(self):
        post_add_permission = '1.2.1'

        ok, info = check.check_login(self.token)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        ok, info = check.check_content_type(self.request)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        body = json.loads(self.request.body)
        action, task_data, mailto = body['action'], body['data'], body[
            'mailto']
        if action == 'add':
            local_permission_list = [
                self.handler_permission, self.post_permission,
                post_add_permission
            ]
            ok, info, _ = verify.has_permission(self.token,
                                                local_permission_list)
            if not ok:
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            task_data['task_id'] = uuid.uuid1().hex
            task_data['create_time'] = utils.cur_timestamp()
            if db_task.add(task_data):
                if list(mailto):
                    message = task_data['creator'] + " create a new task, see in " \
                                                     "http://oms.example.com/task?task_id=" + task_data['task_id']
                    tornado.ioloop.IOLoop.instance().add_callback(
                        self.sending_mail(list(mailto), message))
                ok = True
                info = {'task_id': task_data['task_id']}
            else:
                ok = False
                info = 'Add task failed'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        ok = False
        info = 'Unsupported task action'
        self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
Exemple #6
0
def check_user_id(user_id):
    user_info = db_user.get(user_id)
    if user_info is not False:
        cur_time = utils.cur_timestamp()
        if cur_time <= user_info['expire_time']:
            ok = False
            info = "Account expired"
        else:
            ok = True
            info = ''
    else:
        ok = False
        info = "No such a user"

    return ok, info
Exemple #7
0
    def post(self):
        post_update_file_permission = '5.2.1'
        post_update_db_permission = '5.2.2'

        ok, info = check.check_login(self.token)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        ok, info = check.check_content_type(self.request)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        body = json.loads(self.request.body)
        action, data = body['action'], body['data']
        excutor = self.get_cookie("username")

        if action == 'update':
            task = db_task.get(data['task_id'])
            update_type = task['type']
            local_permission_list = [
                self.handler_permission, self.post_permission
            ]
            if update_type == 'update_file':
                local_permission_list = [
                    self.handler_permission, self.post_permission,
                    post_update_file_permission
                ]
            if update_type == 'update_db':
                local_permission_list = [
                    self.handler_permission, self.post_permission,
                    post_update_db_permission
                ]

            ok, info, _ = verify.has_permission(self.token,
                                                local_permission_list)
            if not ok:
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            if task['status'] is True:
                ok = False
                info = 'Task has been executed'
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            task_status = {
                'task_id': task['task_id'],
                'status': 1,
                'start_time': utils.cur_timestamp(),
                'executor': excutor
            }
            if not db_task.update(task_status):
                ok = False
                info = 'update task status failed'
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            tornado.ioloop.IOLoop.instance().add_callback(
                self.salt_run_update(task))
            ok = True
            info = 'Execute update script successful'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        if action == 'revert':
            task = db_task.get(data['task_id'])
            update_type = task['type']
            local_permission_list = [
                self.handler_permission, self.post_permission
            ]
            if update_type == 'update_file':
                local_permission_list = [
                    self.handler_permission, self.post_permission,
                    post_update_file_permission
                ]
            if update_type == 'update_db':
                local_permission_list = [
                    self.handler_permission, self.post_permission,
                    post_update_db_permission
                ]

            ok, info, is_admin = verify.has_permission(self.token,
                                                       local_permission_list)
            if not is_admin:
                info = "Only admin can revert."
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            task_status = {
                'task_id': task['task_id'],
                'revert': 1,
                'revert_time': utils.cur_timestamp()
            }
            if not db_task.update(task_status):
                ok = False
                info = 'update task status failed'
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            tornado.ioloop.IOLoop.instance().add_callback(
                self.salt_run_revert(task))
            ok = True
            info = 'Execute revert script successful'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        if action == 'get_current_version':
            target = data['target']
            ip = '127.0.0.1'
            result = sapi.run_script([ip],
                                     'salt://scripts/get_current_version.sh',
                                     target)
            retcode, cur_version = result[ip]['retcode'], result[ip]['stdout']

            if retcode == 0:
                ok = True
                info = cur_version
            else:
                ok = False
                info = u'Get version info failed'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        ok = False
        info = 'Unsupported update action'
        self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
Exemple #8
0
    def post(self):
        ok, info = check.check_login(self.token)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        ok, info = check.check_content_type(self.request)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        body = json.loads(self.request.body)
        action, user_data = body['action'], body['data']
        if action == 'add':
            user_type, expiry_mouth = user_data['user_type'], user_data[
                'expiry_mouth']
            if 'remarks' in user_data:
                remarks = user_data['remarks']
            else:
                remarks = ''
            cur_timestamp = utils.cur_timestamp()
            expiry_timestamp = int(
                expiry_mouth) * 31 * 60 * 60 * 24 + cur_timestamp
            if user_type == "vip":
                # todo
                user_id = encrypt.make_user_id()
                port = db_user.get_largest_port(is_share=False) + 1
                user_data = {
                    'user_id': user_id,
                    'create_time': cur_timestamp,
                    'expire_time': expiry_timestamp,
                    'port': port,
                    'type': user_type,
                    'enabled': 1,
                    'remarks': remarks
                }
                if db_user.add(user_data):
                    ok = True
                    info = u'新增用户信息成功'
                else:
                    ok = False
                    info = u'新增用户信息失败'
            elif user_type == "normal":
                user_id = encrypt.make_user_id()
                port = db_user.get_largest_port(is_share=False) + 1
                user_data = {
                    'user_id': user_id,
                    'create_time': cur_timestamp,
                    'expire_time': expiry_timestamp,
                    'port': port,
                    'type': user_type,
                    'enabled': 1,
                    'remarks': remarks
                }
                if db_user.add(user_data):
                    count = 0
                    for i in range(1, 6):
                        sub_user_id = encrypt.make_user_id()
                        port = db_user.get_largest_port(is_share=True) + 1
                        sub_user_data = {
                            'user_id': sub_user_id,
                            'parent_id': user_id,
                            'create_time': cur_timestamp,
                            'expire_time': expiry_timestamp,
                            'port': port,
                            'type': 'share',
                            'enabled': 0,
                            'remarks': ''
                        }
                        if not db_user.add(sub_user_data):
                            count += 1
                    if count == 0:
                        ok = True
                        info = u"新增账户及子账号成功"
                    else:
                        ok = False
                        info = u"新增子账户失败,请检查"
                else:
                    ok = False
                    info = u'新增用户信息失败'
            else:
                ok = False
                info = "不支持的用户类型"
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        if action == 'update_time':
            user_id, add_mouth = user_data['user_id'], user_data['add_mouth']
            user_info = db_user.get(user_id)
            if user_info is not False:
                cur_expire_time = user_info['expire_time']
                cur_time = utils.cur_timestamp()
                if cur_expire_time >= cur_time:
                    new_expire_time = cur_expire_time + int(
                        add_mouth) * 31 * 24 * 60 * 60
                else:
                    new_expire_time = cur_time + int(
                        add_mouth) * 31 * 24 * 60 * 60
                user_data = {
                    'user_id': user_id,
                    'expire_time': new_expire_time
                }
                if db_user.update(user_data):
                    sub_id_list = db_user.get_sub_id_list(user_id)
                    if sub_id_list:
                        count = 0
                        for sub_user_id in sub_id_list:
                            sub_user_data = {
                                'user_id': sub_user_id,
                                'expire_time': new_expire_time
                            }
                            if not db_user.update(sub_user_data):
                                count += 1
                        if count == 0:
                            ok = True
                            info = u"更新账户及子账号过期时间成功"
                        else:
                            ok = False
                            info = u"更新子账户过期时间失败,请检查"
                    else:
                        ok = True
                        info = u'更新用户过期时间成功'
                else:
                    ok = False
                    info = u'更新用户过期时间失败'
            else:
                ok = False
                info = u'获取用户信息失败'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        ok = False
        info = u'不支持的操作类型'
        self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))