def user_perm_save(request):
_id = request.POST.get('id')
username = request.POST.get('username')
name = request.POST.get('name')
web_perm = request.POST.get('web_perm')
# server_password = request.POST.get('server_password')
server_groups = request.POST.get('server_groups')
three_months_later = datetime.datetime.now()+datetime.timedelta(91)
aes = crypt.crypt_aes(SECRET_KEY[:32])
# server_password = aes.encrypt_aes(server_password)
try:
if _id =='':
# if server_password:
# perm.objects.create(username=username,name=name,web_perm=web_perm,server_password=server_password,server_groups=server_groups,\
# server_password_expire=three_months_later.strftime('%Y-%m-%d'))
# else:
# perm.objects.create(username=username,name=name,web_perm=web_perm,server_password=server_password,server_groups=server_groups)
perm.objects.create(username=username,name=name,web_perm=web_perm,server_groups=server_groups)
else:
orm = perm.objects.get(id=_id)
orm.username = username
orm.name = name
orm.web_perm = web_perm
# if server_password:
# orm.server_password = server_password
orm.server_groups = server_groups
orm.save()
return HttpResponse(json.dumps({'code':0,'msg':u'保存成功'}),content_type="application/json")
except Exception,e:
logger.error(e)
return HttpResponse(json.dumps({'code':1,'msg':str(e)}),content_type="application/json")
def post_server_chpasswd(request):
server_password_current = request.POST.get('server_password_current')
server_password_new = request.POST.get('server_password_new')
server_password_new_again = request.POST.get('server_password_new_again')
orm = perm.objects.get(username=request.user.username)
three_months_later = datetime.datetime.now()+datetime.timedelta(91)
aes = crypt.crypt_aes(SECRET_KEY[:32])
orm_server_password = aes.decrypt_aes(orm.server_password)
if server_password_current != orm_server_password:
code = 1
msg = u'当前密码错误'
elif server_password_new == '' or server_password_new_again == '':
code = 2
msg = u'新密码不能为空'
elif not server_password_new == server_password_new_again:
code = 3
msg = u'新密码不一致'
elif server_password_current == server_password_new:
code = 4
msg = u'新密码不能与当前相同'
else:
server_password_new = aes.encrypt_aes(server_password_new)
try:
if os.system('id %s' % request.user.username):
code = os.system('useradd -e $(date "+%D" -d "+3 months") ' + request.user.username + ' && echo ' + server_password_new_again + '|passwd --stdin ' + request.user.username)
p = pexpect.spawn('su %s -c ssh-keygen' % request.user.username)
p.expect('Enter file in which to save the key.*')
p.sendline()
p.sendline()
p.sendline()
time.sleep(3)
if code:
return HttpResponse(json.dumps({'code':code,'msg':'密码修改失败'}),content_type="application/json")
else:
code = os.system('usermod -e $(date "+%D" -d "+3 months") ' + request.user.username + ' && echo ' + server_password_new_again + '|passwd --stdin ' + request.user.username)
if code:
return HttpResponse(json.dumps({'code':code,'msg':'密码修改失败'}),content_type="application/json")
# with open('/home/%s/.ssh/id_rsa.pub' % request.user.username) as f:
# public_key = f.readline()
public_key = commands.getoutput('cat /home/%s/.ssh/id_rsa.pub' % request.user.username)
cmd = 'mkdir -p /root/.ssh;if ! grep %s /root/.ssh/authorized_keys;then echo "%s" >> /root/.ssh/authorized_keys;fi' % (request.user.username,public_key)
server_groups = server_group_list.objects.all()
def gevent_run_all(server_groups,p,client_send_data,cmd,CENTER_SERVER):
for i in server_groups:
for j in i.members_server.split(','):
orm_server = server_list.objects.get(server_name=j)
p.spawn(gevent_run,client_send_data,orm_server.belong_to,j,cmd,CENTER_SERVER)
def gevent_run(client_send_data,belong_to,j,cmd,CENTER_SERVER):
client_send_data(json.dumps({'salt':1,'act':'cmd.run','hosts':j,'argv':cmd.split(',,')}),CENTER_SERVER[belong_to][0],CENTER_SERVER[belong_to][1])
# os.system('ssh-copy-id -i /home/%s/.ssh/id_rsa.pub root@%s' % (request.user.username,j))
p = Pool()
p.spawn(gevent_run_all,server_groups,p,client_send_data,cmd,CENTER_SERVER)
p.join()
if os.system('grep logout /home/%s/.bashrc'% request.user.username):
os.system('echo "python %s %s" >> /home/%s/.bashrc && echo "logout" >> /home/%s/.bashrc' % (BASE_DIR + '/fortress_server.py',request.user.username,request.user.username,request.user.username))
orm.server_password = server_password_new
orm.server_password_expire = three_months_later.strftime('%Y-%m-%d')
orm.save()
code = 0
msg = u'密码修改成功'
except Exception,e:
code = 5
msg = u'密码修改失败'
