def user_perm_save(request): _id = request.POST.get('id') username = request.POST.get('username') name = request.POST.get('name') web_perm = request.POST.get('web_perm') # server_password = request.POST.get('server_password') server_groups = request.POST.get('server_groups') three_months_later = datetime.datetime.now()+datetime.timedelta(91) aes = crypt.crypt_aes(SECRET_KEY[:32]) # server_password = aes.encrypt_aes(server_password) try: if _id =='': # if server_password: # perm.objects.create(username=username,name=name,web_perm=web_perm,server_password=server_password,server_groups=server_groups,\ # server_password_expire=three_months_later.strftime('%Y-%m-%d')) # else: # perm.objects.create(username=username,name=name,web_perm=web_perm,server_password=server_password,server_groups=server_groups) perm.objects.create(username=username,name=name,web_perm=web_perm,server_groups=server_groups) else: orm = perm.objects.get(id=_id) orm.username = username orm.name = name orm.web_perm = web_perm # if server_password: # orm.server_password = server_password orm.server_groups = server_groups orm.save() return HttpResponse(json.dumps({'code':0,'msg':u'保存成功'}),content_type="application/json") except Exception,e: logger.error(e) return HttpResponse(json.dumps({'code':1,'msg':str(e)}),content_type="application/json")
def post_server_chpasswd(request): server_password_current = request.POST.get('server_password_current') server_password_new = request.POST.get('server_password_new') server_password_new_again = request.POST.get('server_password_new_again') orm = perm.objects.get(username=request.user.username) three_months_later = datetime.datetime.now()+datetime.timedelta(91) aes = crypt.crypt_aes(SECRET_KEY[:32]) orm_server_password = aes.decrypt_aes(orm.server_password) if server_password_current != orm_server_password: code = 1 msg = u'当前密码错误' elif server_password_new == '' or server_password_new_again == '': code = 2 msg = u'新密码不能为空' elif not server_password_new == server_password_new_again: code = 3 msg = u'新密码不一致' elif server_password_current == server_password_new: code = 4 msg = u'新密码不能与当前相同' else: server_password_new = aes.encrypt_aes(server_password_new) try: if os.system('id %s' % request.user.username): code = os.system('useradd -e $(date "+%D" -d "+3 months") ' + request.user.username + ' && echo ' + server_password_new_again + '|passwd --stdin ' + request.user.username) p = pexpect.spawn('su %s -c ssh-keygen' % request.user.username) p.expect('Enter file in which to save the key.*') p.sendline() p.sendline() p.sendline() time.sleep(3) if code: return HttpResponse(json.dumps({'code':code,'msg':'密码修改失败'}),content_type="application/json") else: code = os.system('usermod -e $(date "+%D" -d "+3 months") ' + request.user.username + ' && echo ' + server_password_new_again + '|passwd --stdin ' + request.user.username) if code: return HttpResponse(json.dumps({'code':code,'msg':'密码修改失败'}),content_type="application/json") # with open('/home/%s/.ssh/id_rsa.pub' % request.user.username) as f: # public_key = f.readline() public_key = commands.getoutput('cat /home/%s/.ssh/id_rsa.pub' % request.user.username) cmd = 'mkdir -p /root/.ssh;if ! grep %s /root/.ssh/authorized_keys;then echo "%s" >> /root/.ssh/authorized_keys;fi' % (request.user.username,public_key) server_groups = server_group_list.objects.all() def gevent_run_all(server_groups,p,client_send_data,cmd,CENTER_SERVER): for i in server_groups: for j in i.members_server.split(','): orm_server = server_list.objects.get(server_name=j) p.spawn(gevent_run,client_send_data,orm_server.belong_to,j,cmd,CENTER_SERVER) def gevent_run(client_send_data,belong_to,j,cmd,CENTER_SERVER): client_send_data(json.dumps({'salt':1,'act':'cmd.run','hosts':j,'argv':cmd.split(',,')}),CENTER_SERVER[belong_to][0],CENTER_SERVER[belong_to][1]) # os.system('ssh-copy-id -i /home/%s/.ssh/id_rsa.pub root@%s' % (request.user.username,j)) p = Pool() p.spawn(gevent_run_all,server_groups,p,client_send_data,cmd,CENTER_SERVER) p.join() if os.system('grep logout /home/%s/.bashrc'% request.user.username): os.system('echo "python %s %s" >> /home/%s/.bashrc && echo "logout" >> /home/%s/.bashrc' % (BASE_DIR + '/fortress_server.py',request.user.username,request.user.username,request.user.username)) orm.server_password = server_password_new orm.server_password_expire = three_months_later.strftime('%Y-%m-%d') orm.save() code = 0 msg = u'密码修改成功' except Exception,e: code = 5 msg = u'密码修改失败'