def _register_core(self, param): # 因为core服务启动了(之前可能非正常终止了),做一下数据库中会话状态的修复操作 record.session_fix() if 'rpc' not in param: return self.write_json(TPE_PARAM, 'invalid param.') tp_cfg().common.core_server_rpc = param['rpc'] # 获取core服务的配置信息 req = {'method': 'get_config', 'param': []} _yr = core_service_async_post_http(req) code, ret_data = yield _yr if code != TPE_OK: return self.write_json(code, 'get config from core-service failed.') log.d('update base server config info.\n') tp_cfg().update_core(ret_data) # 将运行时配置发送给核心服务 req = {'method': 'set_config', 'param': {'noop_timeout': tp_cfg().sys.session.noop_timeout}} _yr = core_service_async_post_http(req) code, ret_data = yield _yr if code != TPE_OK: return self.write_json(code, 'set runtime-config to core-service failed.') return self.write_json(TPE_OK)
def get(self): ret = self.check_privilege(TP_PRIVILEGE_SYS_CONFIG) if ret != TPE_OK: return cfg = tp_cfg() # core_detected = False req = {'method': 'get_config', 'param': []} _yr = core_service_async_post_http(req) code, ret_data = yield _yr if code != TPE_OK: cfg.update_core(None) else: cfg.update_core(ret_data) if not tp_cfg().core.detected: total_size = 0 free_size = 0 else: total_size, _, free_size = shutil.disk_usage( tp_cfg().core.replay_path) _db = get_db() db = {'type': _db.db_type} if _db.db_type == _db.DB_TYPE_SQLITE: db['sqlite_file'] = _db.sqlite_file elif _db.db_type == _db.DB_TYPE_MYSQL: db['mysql_host'] = _db.mysql_host db['mysql_port'] = _db.mysql_port db['mysql_db'] = _db.mysql_db db['mysql_user'] = _db.mysql_user param = { 'total_size': total_size, 'free_size': free_size, 'core_cfg': tp_cfg().core, 'sys_cfg': tp_cfg().sys, 'web_cfg': { 'version': TP_SERVER_VER, 'core_server_rpc': tp_cfg().common.core_server_rpc, 'db': db } } self.render('system/config.mako', page_param=json.dumps(param))
def get(self): ret = self.check_privilege(TP_PRIVILEGE_SYS_CONFIG) if ret != TPE_OK: return cfg = tp_cfg() # core_detected = False req = {'method': 'get_config', 'param': []} _yr = core_service_async_post_http(req) code, ret_data = yield _yr if code != TPE_OK: cfg.update_core(None) else: cfg.update_core(ret_data) if not tp_cfg().core.detected: total_size = 0 free_size = 0 else: total_size, _, free_size = shutil.disk_usage(tp_cfg().core.replay_path) _db = get_db() db = {'type': _db.db_type} if _db.db_type == _db.DB_TYPE_SQLITE: db['sqlite_file'] = _db.sqlite_file elif _db.db_type == _db.DB_TYPE_MYSQL: db['mysql_host'] = _db.mysql_host db['mysql_port'] = _db.mysql_port db['mysql_db'] = _db.mysql_db db['mysql_user'] = _db.mysql_user param = { 'total_size': total_size, 'free_size': free_size, 'core_cfg': tp_cfg().core, 'sys_cfg': tp_cfg().sys, 'web_cfg': { 'version': TP_SERVER_VER, 'core_server_rpc': tp_cfg().common.core_server_rpc, 'db': db } } self.render('system/config.mako', page_param=json.dumps(param))
def post(self): ret = self.check_privilege(TP_PRIVILEGE_SYS_CONFIG) if ret != TPE_OK: return args = self.get_argument('args', None) if args is None: return self.write_json(TPE_PARAM) try: args = json.loads(args) except: return self.write_json(TPE_JSON_FORMAT) try: processed = False if 'smtp' in args: processed = True _cfg = args['smtp'] _server = _cfg['server'] _port = _cfg['port'] _ssl = _cfg['ssl'] _sender = _cfg['sender'] _password = _cfg['password'] # TODO: encrypt the password before save by core-service. # TODO: if not send password, use pre-saved password. err = system_model.save_config(self, '更新SMTP设置', 'smtp', _cfg) if err == TPE_OK: # 同时更新内存缓存 tp_cfg().sys.smtp.server = _server tp_cfg().sys.smtp.port = _port tp_cfg().sys.smtp.ssl = _ssl tp_cfg().sys.smtp.sender = _sender # 特殊处理,防止前端拿到密码 tp_cfg().sys_smtp_password = _password else: return self.write_json(err) #增加urlprotocol的配置 if 'global' in args: processed = True _cfg = args['global'] _url_proto = _cfg['url_proto'] err = system_model.save_config(self, '更新全局设置', 'global', _cfg) if err == TPE_OK: tp_cfg().sys.glob.url_proto = _url_proto else: return self.write_json(err) if 'password' in args: processed = True _cfg = args['password'] _allow_reset = _cfg['allow_reset'] _force_strong = _cfg['force_strong'] _timeout = _cfg['timeout'] err = system_model.save_config(self, '更新密码策略设置', 'password', _cfg) if err == TPE_OK: tp_cfg().sys.password.allow_reset = _allow_reset tp_cfg().sys.password.force_strong = _force_strong tp_cfg().sys.password.timeout = _timeout else: return self.write_json(err) if 'login' in args: processed = True _cfg = args['login'] _session_timeout = _cfg['session_timeout'] _retry = _cfg['retry'] _lock_timeout = _cfg['lock_timeout'] _auth = _cfg['auth'] err = system_model.save_config(self, '更新登录策略设置', 'login', _cfg) if err == TPE_OK: tp_cfg().sys.login.session_timeout = _session_timeout tp_cfg().sys.login.retry = _retry tp_cfg().sys.login.lock_timeout = _lock_timeout tp_cfg().sys.login.auth = _auth tp_session().update_default_expire() else: return self.write_json(err) if 'session' in args: processed = True _cfg = args['session'] _noop_timeout = _cfg['noop_timeout'] _flag_record = _cfg['flag_record'] _flag_rdp = _cfg['flag_rdp'] _flag_ssh = _cfg['flag_ssh'] err = system_model.save_config(self, '更新连接控制设置', 'session', _cfg) if err == TPE_OK: try: req = {'method': 'set_config', 'param': {'noop_timeout': _noop_timeout}} _yr = core_service_async_post_http(req) code, ret_data = yield _yr if code != TPE_OK: log.e('can not set runtime-config to core-server.\n') return self.write_json(code) except: pass tp_cfg().sys.session.noop_timeout = _noop_timeout tp_cfg().sys.session.flag_record = _flag_record tp_cfg().sys.session.flag_rdp = _flag_rdp tp_cfg().sys.session.flag_ssh = _flag_ssh else: return self.write_json(err) if 'storage' in args: processed = True _cfg = args['storage'] _keep_log = _cfg['keep_log'] _keep_record = _cfg['keep_record'] _cleanup_hour = _cfg['cleanup_hour'] _cleanup_minute = _cfg['cleanup_minute'] if not ((30 <= _keep_log <= 365) or _keep_log == 0): return self.write_json(TPE_PARAM, '系统日志保留时间超出范围!') if not ((30 <= _keep_record <= 365) or _keep_record == 0): return self.write_json(TPE_PARAM, '会话录像保留时间超出范围!') err = system_model.save_config(self, '更新存储策略设置', 'storage', _cfg) if err == TPE_OK: tp_cfg().sys.storage.keep_log = _keep_log tp_cfg().sys.storage.keep_record = _keep_record tp_cfg().sys.storage.cleanup_hour = _cleanup_hour tp_cfg().sys.storage.cleanup_minute = _cleanup_minute else: return self.write_json(err) if 'ldap' in args: processed = True _cfg = args['ldap'] # _password = _cfg['password'] _server = _cfg['server'] _port = _cfg['port'] _domain = _cfg['domain'] _admin = _cfg['admin'] _base_dn = _cfg['base_dn'] _filter = _cfg['filter'] _attr_username = _cfg['attr_username'] _attr_surname = _cfg['attr_surname'] _attr_email = _cfg['attr_email'] if len(_cfg['password']) == 0: _cfg['password'] = tp_cfg().sys_ldap_password if len(_cfg['password']) == 0: return self.write_json(TPE_PARAM, '请设置LDAP管理员密码') # TODO: encrypt the password before save by core-service. err = system_model.save_config(self, '更新LDAP设置', 'ldap', _cfg) if err == TPE_OK: tp_cfg().sys.ldap.server = _server tp_cfg().sys.ldap.port = _port tp_cfg().sys.ldap.domain = _domain tp_cfg().sys.ldap.admin = _admin tp_cfg().sys.ldap.base_dn = _base_dn tp_cfg().sys.ldap.filter = _filter tp_cfg().sys.ldap.attr_username = _attr_username tp_cfg().sys.ldap.attr_surname = _attr_surname tp_cfg().sys.ldap.attr_email = _attr_email # 特殊处理,防止前端拿到密码 tp_cfg().sys_ldap_password = _cfg['password'] else: return self.write_json(err) if not processed: return self.write_json(TPE_PARAM) return self.write_json(TPE_OK) except: log.e('\n') self.write_json(TPE_FAILED)
def post(self): ret = self.check_privilege(TP_PRIVILEGE_SYS_CONFIG) if ret != TPE_OK: return args = self.get_argument('args', None) if args is None: return self.write_json(TPE_PARAM) try: args = json.loads(args) except: return self.write_json(TPE_JSON_FORMAT) try: processed = False if 'smtp' in args: processed = True _cfg = args['smtp'] _server = _cfg['server'] _port = _cfg['port'] _ssl = _cfg['ssl'] _sender = _cfg['sender'] _password = _cfg['password'] err = system_model.save_config(self, '更新SMTP设置', 'smtp', _cfg) if err == TPE_OK: # 同时更新内存缓存 tp_cfg().sys.smtp.server = _server tp_cfg().sys.smtp.port = _port tp_cfg().sys.smtp.ssl = _ssl tp_cfg().sys.smtp.sender = _sender # 特殊处理,防止前端拿到密码 tp_cfg().sys_smtp_password = _password else: return self.write_json(err) if 'password' in args: processed = True _cfg = args['password'] _allow_reset = _cfg['allow_reset'] _force_strong = _cfg['force_strong'] _timeout = _cfg['timeout'] err = system_model.save_config(self, '更新密码策略设置', 'password', _cfg) if err == TPE_OK: tp_cfg().sys.password.allow_reset = _allow_reset tp_cfg().sys.password.force_strong = _force_strong tp_cfg().sys.password.timeout = _timeout else: return self.write_json(err) if 'login' in args: processed = True _cfg = args['login'] _session_timeout = _cfg['session_timeout'] _retry = _cfg['retry'] _lock_timeout = _cfg['lock_timeout'] _auth = _cfg['auth'] err = system_model.save_config(self, '更新登录策略设置', 'login', _cfg) if err == TPE_OK: tp_cfg().sys.login.session_timeout = _session_timeout tp_cfg().sys.login.retry = _retry tp_cfg().sys.login.lock_timeout = _lock_timeout tp_cfg().sys.login.auth = _auth tp_session().update_default_expire() else: return self.write_json(err) if 'session' in args: processed = True _cfg = args['session'] _noop_timeout = _cfg['noop_timeout'] _flag_record = _cfg['flag_record'] _flag_rdp = _cfg['flag_rdp'] _flag_ssh = _cfg['flag_ssh'] err = system_model.save_config(self, '更新连接控制设置', 'session', _cfg) if err == TPE_OK: try: req = { 'method': 'set_config', 'param': { 'noop_timeout': _noop_timeout } } _yr = core_service_async_post_http(req) code, ret_data = yield _yr if code != TPE_OK: log.e( 'can not set runtime-config to core-server.\n') return self.write_json(code) except: pass tp_cfg().sys.session.noop_timeout = _noop_timeout tp_cfg().sys.session.flag_record = _flag_record tp_cfg().sys.session.flag_rdp = _flag_rdp tp_cfg().sys.session.flag_ssh = _flag_ssh else: return self.write_json(err) if 'storage' in args: processed = True _cfg = args['storage'] _keep_log = _cfg['keep_log'] _keep_record = _cfg['keep_record'] _cleanup_hour = _cfg['cleanup_hour'] _cleanup_minute = _cfg['cleanup_minute'] if not ((30 <= _keep_log <= 365) or _keep_log == 0): return self.write_json(TPE_PARAM, '系统日志保留时间超出范围!') if not ((30 <= _keep_record <= 365) or _keep_record == 0): return self.write_json(TPE_PARAM, '会话录像保留时间超出范围!') err = system_model.save_config(self, '更新存储策略设置', 'storage', _cfg) if err == TPE_OK: tp_cfg().sys.storage.keep_log = _keep_log tp_cfg().sys.storage.keep_record = _keep_record tp_cfg().sys.storage.cleanup_hour = _cleanup_hour tp_cfg().sys.storage.cleanup_minute = _cleanup_minute else: return self.write_json(err) if not processed: return self.write_json(TPE_PARAM) return self.write_json(TPE_OK) except: log.e('\n') self.write_json(TPE_FAILED)