def setUp(self): Organization.objects.bulk_create([ Organization(name='org-01'), Organization(name='org-02'), Organization(name='org-03'), ]) org_01, org_02, org_03 = Organization.objects.all() self.org_01, self.org_02, self.org_03 = org_01, org_02, org_03 set_current_org(org_01) AdminUser.objects.bulk_create([ AdminUser(name='au-01', username='******'), AdminUser(name='au-02', username='******'), AdminUser(name='au-03', username='******'), ]) SystemUser.objects.bulk_create([ SystemUser(name='su-01', username='******'), SystemUser(name='su-02', username='******'), SystemUser(name='su-03', username='******'), ]) admin_users = AdminUser.objects.all() Asset.objects.bulk_create([ Asset(hostname='asset-01', ip='192.168.1.1', public_ip='192.168.1.1', admin_user=admin_users[0]), Asset(hostname='asset-02', ip='192.168.1.2', public_ip='192.168.1.2', admin_user=admin_users[0]), Asset(hostname='asset-03', ip='192.168.1.3', public_ip='192.168.1.3', admin_user=admin_users[0]), ]) new_user = User.objects.create new_org_memeber = OrganizationMember.objects.create u = new_user(name='user-01', username='******', email='*****@*****.**') new_org_memeber(org=org_01, user=u, role=ORG_ROLE.USER) new_org_memeber(org=org_02, user=u, role=ORG_ROLE.USER) self.user_01 = u u = new_user(name='org-admin-01', username='******', email='*****@*****.**') new_org_memeber(org=org_01, user=u, role=ORG_ROLE.ADMIN) self.org_admin_01 = u u = new_user(name='org-admin-02', username='******', email='*****@*****.**') new_org_memeber(org=org_02, user=u, role=ORG_ROLE.ADMIN) self.org_admin_02 = u
def on_system_user_update(instance: SystemUser, created, **kwargs): """ 当系统用户更新时,可能更新了密钥,用户名等,这时要自动推送系统用户到资产上, 其实应该当 用户名,密码,密钥 sudo等更新时再推送,这里偷个懒, 这里直接取了 instance.assets 因为nodes和系统用户发生变化时,会自动将nodes下的资产 关联到上面 """ if instance and not created: logger.info("System user update signal recv: {}".format(instance)) assets = instance.assets.all().valid() push_system_user_to_assets.delay(instance.id, [_asset.id for _asset in assets]) # add assets to su_from instance.add_related_assets_to_su_from_if_need(assets)
def validate_approve_system_users(self, approve_system_users): if not isinstance(self.root.instance, Ticket): return [] with tmp_to_org(self.root.instance.org_id): apply_type = self.root.instance.meta.get('apply_type') protocol = SystemUser.get_protocol_by_application_type(apply_type) queries = Q(protocol=protocol) queries &= Q(id__in=approve_system_users) system_users_id = SystemUser.objects.filter(queries).values_list('id', flat=True) system_users_id = [str(system_user_id) for system_user_id in system_users_id] if system_users_id: return system_users_id raise serializers.ValidationError(_( 'No `SystemUser` are found under Organization `{}`'.format(self.root.instance.org_name) ))
def connect(self): # 接受连接 self.accept() # 获取参数 进行验证 qs = self.scope['query_string'] argv = QueryDict(query_string=qs, encoding='utf-8') # 获取服务器id 及 用户id,记录id asset_id = argv.get('sid', None) uid = argv.get("uid", None) session_id = argv.get("key", None) user_key = argv.get("key2", None) # 查询值 asset = Assets.get_by_id(asset_id) self.connection = SessionLog.get_by_id(session_id) if not self.connection or self.connection.used: self.send("连接拒绝") self.close() # 先判断是否是管理员,不是管理员一律使用uuser_key 判断用户是用user_key 还是密码 print(1) # 建立ssh连接 if uid == '0': # 0 用root默认用户登录 self.ssh = SSHTty(asset, self, is_user=False, connection_obj=self.connection) else: login_user = SystemUser.get_by_id(uid) if login_user is None: self.close() # 传入用户名密码 self.ssh = SSHTty(asset, self, is_user=True, user=login_user.username, pwd=login_user.password, connection_obj=self.connection) print(2) # 开始 print(self.ssh.connection) self.ssh.connect() print(3) # 开启线程,监控服务器,每当服务器有消息是发送给ws Thread(target=self.ssh.server_to_ws).start() print(4)
def get_recommend_system_users(self, value): if not isinstance(self.root.instance, Ticket): return [] apply_system_user_group = value.get('apply_system_user_group', []) if not apply_system_user_group: return [] apply_type = value.get('apply_type') protocol = SystemUser.get_protocol_by_application_type(apply_type) queries = Q() for system_user in apply_system_user_group: queries |= Q(username__icontains=system_user) queries |= Q(name__icontains=system_user) queries &= Q(protocol=protocol) with tmp_to_org(self.root.instance.org_id): system_users_id = SystemUser.objects.filter(queries).values_list('id', flat=True)[:5] system_users_id = [str(system_user_id) for system_user_id in system_users_id] return system_users_id