def editadvroute(id):
s = request.environ.get('beaker.session')
sql = " SELECT ifacename FROM netiface where status='UP' UNION select value as ifacename FROM sysattr where status='1' and servattr='vpnrelay'"
ifacelist_result = readDb(sql,)
sql2 = """ SELECT rulename,srcaddr,destaddr,pronum,iface FROM sysrouteadv WHERE id=%s """
result = readDb(sql2,(id,))
return template('addadvroute',session=s,info=result[0],ifacelist_result=ifacelist_result)
def addinterface():
s = request.environ.get('beaker.session')
# 初始化网卡添加状态,已经被配置的网卡,无法再次配置
sqla = " select attr from sysattr where status='1' and servattr='netiface' and attr not in (select ifacename from netiface) "
erriface = readDb(sqla, )
if len(erriface) > 0:
for x in erriface:
sqlb = "update sysattr set status='1' where attr=%s and servattr='netiface'"
writeDb(sqlb, (x.get('attr'), ))
sqlc = " select attr from sysattr where status='1' and servattr='netiface' and attr in (select ifacename from netiface) "
erriface2 = readDb(sqlc, )
if len(erriface2) > 0:
for y in erriface2:
sqld = "update sysattr set status='0' where attr=%s and servattr='netiface'"
writeDb(sqld, (y.get('attr'), ))
# 判断接口是否被锁定或已配置
sqld = " SELECT attr as ifacename,concat(attr,'|',value) as value FROM sysattr where servattr='netiface' and status='1' order by attr desc"
ifacelist_result = readDb(sqld, )
if len(ifacelist_result) == 0:
msg = {'color': 'red', 'message': u'无可用物理接口,添加失败'}
return (template('networkconf', session=s, msg=msg))
return template('addinterface',
session=s,
info={},
ifacelist_result=ifacelist_result)
def editutmrule(id):
"""UTM配置 添加页"""
s = request.environ.get('beaker.session')
netmod.InitNIinfo()
sql = " SELECT ifacename FROM netiface where status='UP' UNION select value as ifacename FROM sysattr where status='1' and servattr='vpnrelay'"
ifacelist_result = readDb(sql,)
sql2 = " SELECT rulename,srcaddr,dstmatch,dstaddr,runaction,runobject,runobject as runobject2 from ruleconfnat where status='1' and id=%s"
result = readDb(sql2,(id,))
return template('addnatrule',session=s,msg={},info=result[0],ifacelist_result=ifacelist_result)
def do_adddnsservconf():
"""新增服务配置项"""
s = request.environ.get('beaker.session')
dns_domain = request.forms.get("dns_domain").strip('.')
primary_dns = request.forms.get("primary_dns").strip('.')
second_dns = request.forms.get("second_dns").strip('.')
dns_ttl = request.forms.get("dns_ttl")
dns_min_ttl = request.forms.get("dns_min_ttl")
relay_dns = request.forms.get("relay_dns")
resp_person = request.forms.get("resp_person").strip('.')
retry = request.forms.get("retry")
refresh = request.forms.get("refresh")
expire = request.forms.get("expire")
minimum = request.forms.get("minimum")
dns_dis_nn = request.forms.get("dns_dis_nn")
force_domain_dns = request.forms.get("force_domain_dns").replace('\r\n','\n').strip()
query_sql = " select dns_domain,primary_dns,second_dns,dns_ttl,dns_min_ttl,relay_dns,resp_person,retry,refresh,expire,minimum,dns_dis_nn,force_domain_dns from dns_conf "
for ips in relay_dns.split(',') :
if netmod.checkip(ips) == False:
msg = {'color':'red','message':u'转发地址填写不合法,保存失败'}
result = readDb(query_sql,)
info=result[0]
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg=msg,info=info)
if netmod.is_domain(dns_domain) == False or netmod.is_domain(primary_dns) == False or netmod.is_domain(second_dns) == False or netmod.is_domain(resp_person) == False :
msg = {'color':'red','message':u'地址填写不合法,保存失败'}
result = readDb(query_sql,)
info=result[0]
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg=msg,info=info)
if force_domain_dns:
for obj in force_domain_dns.split('\n') :
if netmod.is_domain(obj.split('|')[0]) == False or netmod.checkip(obj.split('|')[1].split(',')[0]) == False :
msg = {'color':'red','message':u'域名指定DNS转发解析语法错误,保存失败'}
result = readDb(query_sql,)
info=result[0]
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg=msg,info=info)
sql = " UPDATE dns_conf set dns_domain=%s,primary_dns=%s,second_dns=%s,dns_ttl=%s,dns_min_ttl=%s,relay_dns=%s,resp_person=%s,retry=%s,refresh=%s,expire=%s,minimum=%s,dns_dis_nn=%s,force_domain_dns=%s "
data = (Formatdata(dns_domain),Formatdata(primary_dns),Formatdata(second_dns),dns_ttl,dns_min_ttl,relay_dns,Formatdata(resp_person),retry,refresh,expire,minimum,dns_dis_nn,force_domain_dns)
result = writeDb(sql,data)
if result == True :
writeDNSconf(action='uptconf')
msg = {'color':'green','message':u'配置保存成功'}
result = readDb(query_sql,)
info=result[0]
time.sleep(1) #防止检测FTP服务状态时异常
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg=msg,info=info)
else :
msg = {'color':'red','message':u'配置保存失败'}
result = readDb(query_sql,)
info=result[0]
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg=msg,info=info)
def editiface(id):
s = request.environ.get('beaker.session')
sql = " SELECT ifacename,ifacetype,ifacezone,ipaddr,netmask,gateway,defaultgw,extip,username,password,mtu,osize FROM netiface WHERE id = %s "
sql2 = "select attr as ifacename,concat(attr,'|',value) as value from sysattr where attr=(select ifacename from netiface where id=%s);"
info = readDb(sql,(id,))
ifacelist_result = readDb(sql2,(id,))
if not ifacelist_result:
abort(404)
if ifacelist_result[0].get('userid') != s.get('userid',None) and s.get('access',None) == 0:
abort(404)
return template('addinterface',session=s,info=info[0],ifacelist_result=ifacelist_result)
def editiface(id):
s = request.environ.get('beaker.session')
sql = " SELECT ifacename,ifacetype,ipaddr,netmask,gateway,defaultgw,extip FROM netiface WHERE id = %s "
sql2 = "select attr as ifacename,concat(attr,'|',value) as value from sysattr where attr=(select ifacename from netiface where id=%s);"
info = readDb(sql,(id,))
ifacelist_result = readDb(sql2,(id,))
if not ifacelist_result:
abort(404)
if ifacelist_result[0].get('userid') != s.get('userid',None) and s.get('access',None) == 0:
abort(404)
return template('addinterface',session=s,info=info[0],ifacelist_result=ifacelist_result)
def user():
s = request.environ.get('beaker.session')
policylist_sql = " select id,name from vpnpolicy "
plylist_result = readDb(policylist_sql, )
UUUapi_sql = " select value from sysattr where servattr='3Uapi' and status=1 "
UUUresult = readDb(UUUapi_sql, )
try:
UUUinfo = json.loads(UUUresult[0].get('value'))
except:
UUUinfo = {}
return template('user',
session=s,
msg={},
plylist_result=plylist_result,
UUUinfo=UUUinfo)
def do_editdnsserv():
s = request.environ.get('beaker.session')
dnsrelay = request.forms.get("dnsrelay")
dnsproxy = request.forms.get("dnsproxy")
dnsrule = request.forms.get("dnsrule")
dnslist = request.forms.get("dnslist").replace('\r\n','\n').strip()
idata = dict()
idata['dnsrelay']=dnsrelay
idata['dnsproxy']=dnsproxy
idata['dnsrule']=dnsrule
idata['dnslist']=dnslist
idata['dnsport']=53
dnsstatus=cmds.servchk(idata.get('dnsport'))
idata['dnsstatus']=dnsstatus
sql = " update sysattr set value=%s where attr='dnsconf' "
iidata=json.dumps(idata)
result = writeDb(sql,(iidata,))
if result == True :
writeDNSconf(action='uptconf')
writeROUTEconf(action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':'配置保存成功'}
return(template('editdnsserv',session=s,msg=msg,info=idata))
else :
msg = {'color':'red','message':'配置保存失败'}
sql = " select value from sysattr where attr='dnsconf' "
idata = readDb(sql,)
return(template('editdnsserv',session=s,msg=msg,info=idata))
def showservlog():
"""添加域名"""
s = request.environ.get('beaker.session')
domain = request.forms.get("domain")
domaintype = request.forms.get("domaintype")
comment = request.forms.get("comment")
etime = time.strftime('%Y-%m-%d',time.localtime(time.time()))
serial = time.strftime('%s',time.localtime(time.time()))
if netmod.is_domain(domain) == False:
msg = {'color':'red','message':u'域名格式错误,添加失败'}
return '255'
sql_1 = """ INSERT INTO dns_domain (domain,domaintype,comment,etime,status) VALUES (%s,%s,%s,%s,1)"""
result = writeDb(sql_1,(domain,domaintype,comment,etime))
if result == True:
sql_x = """ select dns_domain,primary_dns,second_dns from dns_conf """
result = readDb(sql_x,)
sql_2 = """ INSERT INTO dns_records (zone,host,type,view,data,serial) VALUE (%s,'@','SOA','any',%s,%s) """
sql_3 = """ INSERT INTO dns_records (zone,host,type,view,data,serial) VALUE (%s,'@','NS','any',%s,%s) """
writeDb(sql_2,(domain,result[0].get('dns_domain'),serial))
writeDb(sql_3,(domain,result[0].get('primary_dns'),serial))
writeDb(sql_3,(domain,result[0].get('second_dns'),serial))
msg = {'color':'green','message':u'添加成功'}
return '0'
else:
msg = {'color':'red','message':u'添加失败'}
return '255'
def user():
s = request.environ.get('beaker.session')
username = s.get('username')
oldpwd = request.forms.get("oldpwd")
newpwd = request.forms.get("newpwd")
newpwds = request.forms.get("newpwds")
sql = " select passwd from user where username=%s "
result = readDb(sql, (username, ))
if result[0].get('passwd') != LoginCls().encode(keys, oldpwd):
msg = {'color': 'red', 'message': u'旧密码验证失败,请重新输入'}
return template('changepasswd', session=s, msg=msg, info={})
if newpwd != newpwds:
msg = {'color': 'red', 'message': u'密码两次输入不一致,请重新输入'}
return template('changepasswd', session=s, msg=msg, info={})
m_encrypt = LoginCls().encode(keys, newpwd)
sql2 = " update user set passwd=%s where username=%s "
result = writeDb(sql2, (m_encrypt, username))
if result == True:
wrtlog('User', '更改密码成功', username, s.get('clientip'))
msg = {'color': 'green', 'message': u'密码更新成功,后续请以新密码登录系统'}
return template('changepasswd', session=s, msg=msg, info={})
else:
wrtlog('User', '更改密码失败', username, s.get('clientip'))
msg = {'color': 'red', 'message': u'密码更新失败,请核对错误'}
return template('changepasswd', session=s, msg=msg, info={})
def user():
s = request.environ.get('beaker.session')
username = s.get('username')
oldpwd = request.forms.get("oldpwd")
newpwd = request.forms.get("newpwd")
newpwds = request.forms.get("newpwds")
sql = " select passwd from user where username=%s "
result = readDb(sql,(username,))
if result[0].get('passwd') != LoginCls().encode(keys,oldpwd) :
msg = {'color':'red','message':u'旧密码验证失败,请重新输入'}
return template('changepasswd',session=s,msg=msg,info={})
if newpwd != newpwds :
msg = {'color':'red','message':u'密码两次输入不一致,请重新输入'}
return template('changepasswd',session=s,msg=msg,info={})
m_encrypt = LoginCls().encode(keys,newpwd)
sql2 = " update user set passwd=%s where username=%s "
result = writeDb(sql2,(m_encrypt,username))
if result == True :
wrtlog('User','更改密码成功',username,s.get('clientip'))
msg = {'color':'green','message':u'密码更新成功,后续请以新密码登录系统'}
return template('changepasswd',session=s,msg=msg,info={})
else:
wrtlog('User','更改密码失败',username,s.get('clientip'))
msg = {'color':'red','message':u'密码更新失败,请核对错误'}
return template('changepasswd',session=s,msg=msg,info={})
def deliface(id):
s = request.environ.get('beaker.session')
sql = " DELETE FROM netiface WHERE id=%s "
sql2 = " select ifacename FROM netiface WHERE id=%s "
ifacename = readDb(sql2, (id, ))
result = writeDb(sql, (id, ))
if result == True:
writeNIconf(action='uptconf')
cmds.servboot('networks', action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color': 'green', 'message': u'删除成功'}
cmds.gettuplerst('ip addr flush dev %s' %
ifacename[0].get('ifacename'))
#如果是PPP类型接口,停用ADSL
cmds.gettuplerst('ip link set %s down' % ifacename[0].get('ifacename'))
cmds.gettuplerst(
'ps aux|grep -e \'xdsl.*%s\'|grep -v grep|awk \'{print $2}\' |xargs -i kill -9 {}'
% id)
#恢复绑定
sql2 = "update sysattr set status='1' where attr=%s"
writeDb(sql2, (ifacename[0].get('ifacename'), ))
return template('networkconf', session=s, msg=msg)
else:
msg = {'color': 'red', 'message': u'删除失败'}
return template('networkconf', session=s, msg=msg)
def editpolicy(id):
"""修改策略"""
s = request.environ.get('beaker.session')
sql = "select name,pushdns,pushroute,pushnoroute from vpnpolicy WHERE id=%s"
result = readDb(sql,(id,))
if result :
return(template('addpolicyconf',session=s,info=result[0]))
def addutmrule():
"""UTM配置 添加页"""
s = request.environ.get('beaker.session')
netmod.InitNIinfo()
sql = " SELECT ifacename FROM netiface where status='UP' UNION select value as ifacename FROM sysattr where status='1' and servattr='vpnrelay'"
ifacelist_result = readDb(sql,)
return template('addnatrule',session=s,msg={},info={},ifacelist_result=ifacelist_result)
def do_editdnsserv():
s = request.environ.get('beaker.session')
dnsrelay = request.forms.get("dnsrelay")
dnsproxy = request.forms.get("dnsproxy")
dnsrule = request.forms.get("dnsrule")
dnslist = request.forms.get("dnslist").replace('\r\n', '\n').strip()
idata = dict()
idata['dnsrelay'] = dnsrelay
idata['dnsproxy'] = dnsproxy
idata['dnsrule'] = dnsrule
idata['dnslist'] = dnslist
idata['dnsport'] = 53
dnsstatus = cmds.servchk(idata.get('dnsport'))
idata['dnsstatus'] = dnsstatus
sql = " update sysattr set value=%s where attr='dnsconf' "
iidata = json.dumps(idata)
result = writeDb(sql, (iidata, ))
if result == True:
writeDNSconf(action='uptconf')
writeROUTEconf(action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color': 'green', 'message': '配置保存成功'}
return (template('editdnsserv', session=s, msg=msg, info=idata))
else:
msg = {'color': 'red', 'message': '配置保存失败'}
sql = " select value from sysattr where attr='dnsconf' "
idata = readDb(sql, )
return (template('editdnsserv', session=s, msg=msg, info=idata))
def user():
s = request.environ.get('beaker.session')
username = s.get('username')
oldpwd = request.forms.get("oldpwd")
newpwd = request.forms.get("newpwd")
newpwds = request.forms.get("newpwds")
sql = " select password from user where username=%s "
result = readDb(sql,(username,))
#处理老密码
m = hashlib.md5()
m.update(oldpwd)
password = m.hexdigest()
if result[0].get('password') != password :
msg = {'color':'red','message':u'旧密码验证失败,请重新输入'}
return template('changepasswd',session=s,msg=msg,info={})
if newpwd != newpwds :
msg = {'color':'red','message':u'密码两次输入不一致,请重新输入'}
return template('changepasswd',session=s,msg=msg,info={})
#生成新密码md5
n = hashlib.md5()
n.update(newpwd)
password = n.hexdigest()
sql2 = " update user set password=%s where username=%s "
result = writeDb(sql2,(password,username))
if result == True :
wrtlog('User','更改密码成功',username,s.get('clientip'))
msg = {'color':'green','message':u'密码更新成功,后续请以新密码登录系统'}
return template('changepasswd',session=s,msg=msg,info={})
else:
wrtlog('User','更改密码失败',username,s.get('clientip'))
msg = {'color':'red','message':u'密码更新失败,请核对错误'}
return template('changepasswd',session=s,msg=msg,info={})
def addservconf():
"""新增服务配置项"""
s = request.environ.get('beaker.session')
sql = "select dns_domain,primary_dns,second_dns,dns_ttl,dns_min_ttl,relay_dns,resp_person,retry,refresh,expire,minimum,dns_dis_nn,force_domain_dns from dns_conf "
result = readDb(sql,)
info=result[0]
info['servstatus']=servchk('53')
return template('dnsservconf',session=s,msg={},info=info)
def addservconf():
"""新增服务配置项"""
s = request.environ.get('beaker.session')
sql = " select id,authtype,listenaddr,listenport,maxuser,sameipmax,vdir,owninfo,umask,passiveenable,passiveport,passiveaddr from ftpserv where id='1'"
result = readDb(sql,)
info=result[0]
info['ftpstatus']=servchk(result[0].get('listenport'))
return template('ftpservconf',session=s,msg={},info=info)
def getuser():
sql = """ SELECT id,username,ustatus,comment,
date_format(adddate,'%%Y-%%m-%%d') as adddate
FROM user WHERE access = '1'
order by username
"""
userlist = readDb(sql,)
return json.dumps(userlist)
def getcertinfo():
sql = """ SELECT U.id,U.commonname,U.certtype,U.expiration,D.name as organization,U.createdate
FROM certmgr as U
LEFT OUTER JOIN vpnpolicy as D on U.organization=D.id WHERE certtype = 'Client' UNION
SELECT id,commonname,certtype,organization,expiration,createdate FROM certmgr WHERE certtype='caserver'
order by id
"""
certinfo_list = readDb(sql,)
return json.dumps(certinfo_list)
def editrecord(id):
s = request.environ.get('beaker.session')
sql = " select dnstype,domain,data as record,pronum from dnsrecord where id=%s "
result = readDb(sql, (id, ))
msg = {'action': 'accept'}
if result[0].get('dnstype') == "SET":
#当类型为ipset时,禁止编辑记录数据,仅支持删除或更新域名列表
msg = {'action': 'reject'}
return (template('adddnsconf', session=s, msg=msg, info=result[0]))
def do_editdhcpserv():
s = request.environ.get('beaker.session')
dhcpenable = request.forms.get("dhcpenable")
getgw = request.forms.get("getgw")
getdns1 = request.forms.get("getdns1")
getdns2 = request.forms.get("getdns2")
startip = request.forms.get("startip")
stopip = request.forms.get("stopip")
otime = request.forms.get("otime")
dhcplist = request.forms.get("dhcplist").replace('\r\n', '\n').strip()
idata = dict()
idata['dhcpenable'] = dhcpenable
idata['getgw'] = getgw
idata['getdns1'] = getdns1
idata['getdns2'] = getdns2
idata['startip'] = startip
idata['stopip'] = stopip
idata['otime'] = otime
if netmod.checkip(startip) == False or netmod.checkip(
stopip) == False or netmod.checkip(
getgw) == False or netmod.checkip(getdns1) == False:
msg = {'color': 'red', 'message': '参数配置异常,保存失败'}
return (template('editdhcpserv', session=s, msg=msg, info=idata))
#判断dhcp固定分配是否为空
if dhcplist != "":
for i in dhcplist.split('\n'):
try:
xmac = i.split(',')[0]
xip = i.split(',')[1]
if (netmod.is_ValidMac(xmac) == False
or netmod.checkip(xip) == False) and xmac != "":
msg = {'color': 'red', 'message': '配置保存失败,固定分配记录异常'}
return (template('editdhcpserv',
session=s,
msg=msg,
info=idata))
else:
idata['dhcplist'] = dhcplist
except:
msg = {'color': 'red', 'message': '配置保存失败,固定分配记录异常'}
return (template('editdhcpserv',
session=s,
msg=msg,
info=idata))
sql = " update sysattr set value=%s where attr='dhcpconf' "
iidata = json.dumps(idata)
result = writeDb(sql, (iidata, ))
if result == True:
writeDNSconf(action='uptconf')
msg = {'color': 'green', 'message': '配置保存成功'}
return (template('editdhcpserv', session=s, msg=msg, info=idata))
else:
msg = {'color': 'red', 'message': '配置保存失败'}
sql = " select value from sysattr where attr='dhcpconf' "
idata = readDb(sql, )
return (template('editdhcpserv', session=s, msg=msg, info=idata))
def servtools():
"""资源配置"""
s = request.environ.get('beaker.session')
sql = " select value from sysattr where attr='resData' and servattr='sys' "
result = readDb(sql,)
try:
info = json.loads(result[0].get('value'))
except:
return(template('resconfig',session=s,msg={},info={}))
return template('resconfig',session=s,msg={},info=info)
def addclientconf():
"""新增服务配置项"""
s = request.environ.get('beaker.session')
sql = " select value from sysattr where attr='vpnclient' "
idata = readDb(sql,)
try:
info = json.loads(idata[0].get('value'))
except:
return template('addvpncltconfig',session=s,msg={},info={})
return template('addvpncltconfig',session=s,msg={},info=info)
def do_addftpservconf():
"""新增服务配置项"""
s = request.environ.get('beaker.session')
authtype = request.forms.get("authtype")
listenaddr = request.forms.get("listenaddr")
listenport = request.forms.get("listenport")
maxclient = request.forms.get("maxclient")
sameipmax = request.forms.get("sameipmax")
vdir = request.forms.get("vdir")
vid = request.forms.get("vid")
umask = request.forms.get("umask")
passiveenable = request.forms.get("passiveenable")
passiveport = request.forms.get("passiveport")
passiveaddr = request.forms.get("passiveaddr")
if (listenaddr != "*" and netmod.checkmask(listenaddr) == False) or (
passiveaddr != "*" and netmod.checkip(passiveaddr) == False):
msg = {'color': 'red', 'message': u'地址填写不合法,保存失败'}
sql = " select id,authtype,listenaddr,listenport,maxuser,sameipmax,vdir,owninfo,umask,passiveenable,passiveport,passiveaddr from ftpserv where id='1'"
result = readDb(sql, )
return template('ftpservconf', session=s, msg=msg, info=result[0])
#ftp根路径处理判断
if vdir.endswith('/'):
vdir = re.sub('/$', '', vdir)
if not vdir.startswith('/'):
msg = {'color': 'red', 'message': u'根路径必须绝对路径,保存失败'}
sql = " select id,authtype,listenaddr,listenport,maxuser,sameipmax,vdir,owninfo,umask,passiveenable,passiveport,passiveaddr from ftpserv where id='1'"
result = readDb(sql, )
return template('ftpservconf', session=s, msg=msg, info=result[0])
sql = " UPDATE ftpserv set authtype=%s,listenaddr=%s,listenport=%s,maxuser=%s,sameipmax=%s,vdir=%s,owninfo=%s,umask=%s,passiveenable=%s,passiveport=%s,passiveaddr=%s where id='1'"
data = (authtype, listenaddr, listenport, maxclient, sameipmax, vdir, vid,
umask, passiveenable, passiveport, passiveaddr)
result = writeDb(sql, data)
if result == True:
msg = {'color': 'green', 'message': u'配置保存成功'}
sql = " select id,authtype,listenaddr,listenport,maxuser,sameipmax,vdir,owninfo,umask,passiveenable,passiveport,passiveaddr from ftpserv where id='1'"
result = readDb(sql, )
writeFTPconf(action='uptconf')
return template('ftpservconf', session=s, msg=msg, info=result[0])
else:
msg = {'color': 'red', 'message': u'配置保存失败'}
sql = " select id,authtype,listenaddr,listenport,maxuser,sameipmax,dir,owninfo,umask,passiveenable,passiveport,passiveaddr from ftpserv where id='1'"
result = readDb(sql, )
return template('ftpservconf', session=s, msg=msg, info=result[0])
def servtools():
"""资源配置"""
s = request.environ.get('beaker.session')
sql = " select value from sysattr where attr='resData' and servattr='sys' "
result = readDb(sql,)
try:
info = json.loads(result[0].get('value'))
except:
return(template('resconfig',session=s,msg={},info={}))
return template('resconfig',session=s,msg={},info=info)
def do_ifdatashow():
s = request.environ.get('beaker.session')
sel = {}
sel['ifname'] = request.forms.get("ifname")
sel['shownum'] = request.forms.get("shownum")
sel['rftime'] = request.forms.get("rftime")
x,runresult = cmds.gettuplerst('iftop -i %s -n -N -P -t -L %s -s %s' % (sel['ifname'],sel['shownum'],sel['rftime']))
sql = " SELECT ifacename FROM netiface where status='UP' UNION select concat('tun',tunid) as ifacename FROM vnodemgr where status='1' "
ifacelist_result = readDb(sql,)
return(template('ifdatashow',session=s,msg={},iflist=ifacelist_result,sel=sel,runresult=runresult))
def ifdatashow():
s = request.environ.get('beaker.session')
sql = " SELECT ifacename FROM netiface where status='UP' UNION select value as ifacename FROM sysattr where status='1' and servattr='vpnrelay'"
ifacelist_result = readDb(sql, )
return (template('ifdatashow',
session=s,
msg={},
iflist=ifacelist_result,
sel=dict(),
runresult=''))
def do_changeuser(id):
s = request.environ.get('beaker.session')
username = request.forms.get("username")
password = request.forms.get("password")
ustatus = request.forms.get("ustatus")
ulbandwidth = request.forms.get("ulbandwidth")
dlbandwidth = request.forms.get("dlbandwidth")
ipaccess = request.forms.get("ipaccess")
quotasize = request.forms.get("quotasize")
vdir = request.forms.get("vdir")
comment = request.forms.get("comment")
access = request.forms.get("access")
#把密码进行加密处理后再保存到数据库中
if not password:
sql = "select password from user where id = %s"
password = readDb(sql, (id, ))[0].get('password')
else:
m = hashlib.md5()
m.update(password)
md5password = m.hexdigest()
#处理vdir规范
if vdir.endswith('/') or vdir.startswith('/'):
vdir = re.sub('^/', '', vdir)
vdir = re.sub('/$', '', vdir)
logging.error(vdir)
#检查表单长度
if len(username) < 4 or (len(password) < 8 or len(password) > 16):
msg = {'color': 'red', 'message': '用户名或密码长度错误,提交失败!'}
return '-2'
if not username:
msg = {'color': 'red', 'message': '必填字段为空,提交失败!'}
return '-2'
sql = """
UPDATE user SET
username=%s,password=%s,ustatus=%s,ulbandwidth=%s,dlbandwidth=%s,ipaccess=%s,quotasize=%s,vdir=%s,comment=%s,access=%s
WHERE id=%s
"""
data = (username, md5password, ustatus, ulbandwidth, dlbandwidth, ipaccess,
quotasize, vdir, comment, access, id)
result = writeDb(sql, data)
if result == True:
wrtlog('User', '更新用户成功:%s' % username, s['username'],
s.get('clientip'))
msg = {'color': 'green', 'message': '更新成功!'}
return '0'
else:
wrtlog('User', '更新用户失败:%s' % username, s['username'],
s.get('clientip'))
msg = {'color': 'red', 'message': '更新失败!'}
return '-1'
def editdnsserv():
s = request.environ.get('beaker.session')
sql = " select value from sysattr where attr='dnsconf' "
idata = readDb(sql, )
try:
info = json.loads(idata[0].get('value'))
except:
return (template('editdnsserv', session=s, msg={}, info={}))
info['dnsport'] = 53
info['dnsstatus'] = cmds.servchk(info.get('dnsport'))
return (template('editdnsserv', session=s, msg={}, info=info))
def editdnsserv():
s = request.environ.get('beaker.session')
sql = " select value from sysattr where attr='dnsconf' "
idata = readDb(sql,)
try:
info = json.loads(idata[0].get('value'))
except:
return(template('editdnsserv',session=s,msg={},info={}))
info['dnsport']=53
info['dnsstatus']=cmds.servchk(info.get('dnsport'))
return(template('editdnsserv',session=s,msg={},info=info))
def do_chgstatus(id):
s = request.environ.get('beaker.session')
sql = """ select ifacename,ifacetype from netiface where id=%s """
msg = {'color':'green','message':u'接口已成功重启'}
itfinfo=readDb(sql,(id,))
if itfinfo[0].get('ifacetype') == 'ADSL':
cmds.gettuplerst('ps aux|grep -e \'xdsl.*%s\'|grep -v grep|awk \'{print $2}\' |xargs -i kill -9 {}' % id)
cmds.gettuplerst('ip link set ppp%s down' % itfinfo[0].get('id'))
cmds.gettuplerst('ip link set %s down' % itfinfo[0].get('ifacename'))
cmds.servboot('networks',action='uptconf')
return template('networkconf',session=s,msg=msg)
def getuser():
sql = """ SELECT U.id,U.username,U.ustatus,U.ulbandwidth,U.dlbandwidth,U.ipaccess,U.quotasize,U.comment,
concat(D.vdir,'/',U.vdir) as vdir,
U.vdir as vdirs,
date_format(adddate,'%%Y-%%m-%%d') as adddate
FROM user as U
LEFT OUTER JOIN ftpserv as D ON D.id='1' WHERE U.access = '1'
order by username
"""
userlist = readDb(sql, )
return json.dumps(userlist)
def filesharesign(signdata):
sql = " SELECT filepath from fileshare where signdata=%s "
if signdata == "":
return abort(404)
download_path = readDb(sql, (signdata, ))[0].get('filepath')
filename = os.path.basename(download_path)
if is_chinese(filename) == True:
filename = filename.encode('GB2312')
filedir = os.path.dirname(download_path).encode('GB2312')
else:
filedir = os.path.dirname(download_path)
return static_file(filename, root=filedir, download=filename)
def getfileshareinfo(path):
import chardet
from MySQL import readDb
s = request.environ.get('beaker.session')
ftpuser = s['username']
ftppass = LoginCls().decode(AppServer().getConfValue('keys', 'pkey'),
s['skeyid'])
sql = """ select listenaddr,listenport,passiveenable,passiveaddr from ftpserv """
result = readDb(sql, )
if int(result[0].get('passiveenable')) == 0:
if result[0].get('listenaddr') == "*":
servaddr = "127.0.0.1"
else:
servaddr = result[0].get('listenaddr')
else:
if result[0].get('passiveaddr') == "*":
servaddr = "127.0.0.1"
else:
servaddr = result[0].get('passiveaddr')
try:
ftp = FTPHandle(servaddr, int(result[0].get('listenport')), '0', '1')
except:
newflist = []
return json.dumps(newflist)
try:
ftp.Login(ftpuser, ftppass)
except:
newflist = []
return json.dumps(newflist)
if path == 'root':
flistdict = ftp.getdirs()
else:
charstr = chardet.detect(path).get('encoding')
if str(charstr).lower() != "gbk":
try:
path = path.decode('utf-8').encode('gbk')
except:
path = path
flistdict = ftp.getdirs(path)
ftp.close()
newflist = []
for i in flistdict.get('files'):
charstr = chardet.detect(i.get('name')).get('encoding')
if str(charstr).lower() != "utf-8":
try:
i['name'] = i.get('name').decode('gbk').encode('utf-8')
newflist.append(i)
except:
continue
else:
newflist.append(i)
return json.dumps(newflist)
def servconf():
"""VPN服务配置项"""
s = request.environ.get('beaker.session')
sql = " select id,servport from vpnservconf "
result = readDb(sql,)
for data in result :
if cmds.servchk(data.get('servport')) == 0 :
sql = "update vpnservconf set workstatus='1' where id=%s"
writeDb(sql,(data.get('id'),))
else :
sql = "update vpnservconf set workstatus='0' where id=%s"
writeDb(sql,(data.get('id'),))
return template('vpnservconf',session=s,msg={})
def addinterface():
s = request.environ.get('beaker.session')
# 初始化网卡添加状态,已经被配置的网卡,无法再次配置
sqla = " select attr from sysattr where status='1' and servattr='netiface' and attr not in (select ifacename from netiface) "
erriface = readDb(sqla,)
if len(erriface) > 0 :
for x in erriface:
sqlb = "update sysattr set status='1' where attr=%s and servattr='netiface'"
writeDb(sqlb,(x.get('attr'),))
sqlc = " select attr from sysattr where status='1' and servattr='netiface' and attr in (select ifacename from netiface) "
erriface2 = readDb(sqlc,)
if len(erriface2) > 0 :
for y in erriface2:
sqld = "update sysattr set status='0' where attr=%s and servattr='netiface'"
writeDb(sqld,(y.get('attr'),))
# 判断接口是否被锁定或已配置
sqld = " SELECT attr as ifacename,concat(attr,'|',value) as value FROM sysattr where servattr='netiface' and status='1' order by attr desc"
ifacelist_result = readDb(sqld,)
if len(ifacelist_result) == 0 :
msg = {'color':'red','message':u'无可用物理接口,添加失败'}
return(template('networkconf',session=s,msg=msg))
return template('addinterface',session=s,info={},ifacelist_result=ifacelist_result)
def do_upload():
import chardet
s = request.environ.get('beaker.session')
dstdir = request.forms.get('dstdir')
charstr = chardet.detect(dstdir).get('encoding')
if str(charstr).lower() != "gbk":
try:
dstdir = dstdir.decode('utf-8').encode('gbk')
except:
dstdir = dstdir
ftpuser = s['username']
ftppass = LoginCls().decode(AppServer().getConfValue('keys', 'pkey'),
s['skeyid'])
sql = """ select listenaddr,listenport,passiveenable,passiveaddr from ftpserv """
result = readDb(sql, )
if int(result[0].get('passiveenable')) == 0:
if result[0].get('listenaddr') == "*":
servaddr = "127.0.0.1"
else:
servaddr = result[0].get('listenaddr')
else:
if result[0].get('passiveaddr') == "*":
servaddr = "127.0.0.1"
else:
servaddr = result[0].get('passiveaddr')
try:
ftp = FTPHandle(servaddr, int(result[0].get('listenport')), '0', '1')
except:
return -1
fname = request.forms.get('fname')
if fname:
charstr = chardet.detect(fname).get('encoding')
if str(charstr).lower() != "gbk":
try:
fname = fname.decode('utf-8').encode('gbk')
except:
pass
os.system('rm -f /tmp/%s_ftpfile' % ftpuser)
softfile = request.POST.get('fdesc')
softfile.save('/tmp/%s_ftpfile' % ftpuser, overwrite=True)
try:
ftp.Login(ftpuser, ftppass)
ftp.UpLoadFile("/tmp/%s_ftpfile" % ftpuser, fname, dstdir)
ftp.close()
except:
return -1
os.system('rm -f /tmp/%s_ftpfile' % ftpuser)
return 0
else:
return -1
def addprofile():
s = request.environ.get('beaker.session')
xmltext = request.forms.get("xmltext")
if xmltext == '' :
msg = {'color':'red','message':u'信息为空,保存失败'}
return(template('addprofile',session=s,msg=msg,info={}))
sql = " update sysattr set value=%s where attr='vpnprofile' "
result = writeDb(sql,(xmltext,))
if result == True:
writeVPNconf(action='uptprofile')
msg = {'color':'green','message':u'Profile.xml保存成功'}
sql = " select value from sysattr where attr='vpnprofile' "
result = readDb(sql,)
return(template('addprofile',session=s,msg=msg,info=result[0]))
def getfileshareinfo():
import chardet
s = request.environ.get('beaker.session')
username = s['username']
sql = " SELECT concat(D.vdir,'/',U.vdir) as vdir FROM user as U LEFT OUTER JOIN ftpserv as D ON D.id='1' WHERE U.username=%s "
ownftpdir = readDb(sql, (username, ))[0].get('vdir')
info = []
status, result = cmds.gettuplerst(
'find %s -name \'*.*\' -exec basename {} \;|sort -u' % ownftpdir)
for i in result.split():
if str(i) != "":
infos = {}
charstr = chardet.detect(str(i)).get('encoding')
if str(charstr).lower() != "utf-8":
#print str(charstr).lower()
try:
infos['filename'] = i.decode(str(charstr)).encode('utf-8')
except:
continue
ownftpdir = ownftpdir.encode(str(charstr)).encode('utf-8')
filepath = '%s/%s' % (ownftpdir.encode(charstr), i)
nfilepath = filepath.decode(charstr).encode('utf-8')
else:
infos['filename'] = i
filepath = '%s/%s' % (ownftpdir, i)
nfilepath = filepath
#if chardet.detect(i).get('encoding')=="GB2312":
# infos['filename']=i.decode('GB2312')
# ownftpdir = ownftpdir.encode('GB2312')
# filepath = '%s/%s' % (ownftpdir.encode('GB2312'),i)
# nfilepath = filepath.decode('gb2312').encode('utf-8')
#else:
# infos['filename']=i
# filepath = '%s/%s' % (ownftpdir,i)
# nfilepath = filepath
if os.path.isfile(filepath) == False:
continue
infos['filesize'] = os.path.getsize(filepath)
cctime = os.path.getctime(filepath)
infos['filetime'] = time.strftime('%Y%m%d%H%M%S',
time.localtime(cctime))
infos['signdata'] = GetFileMd5(filepath)
sql = " INSERT INTO fileshare (filepath, signdata) VALUES (%s , %s) ON DUPLICATE KEY UPDATE filepath=%s,signdata=%s "
data = (nfilepath, infos['signdata'], nfilepath, infos['signdata'])
try:
writeDb(sql, data)
except:
True
info.append(infos)
return json.dumps(info)
def getuser():
sql = """
SELECT
U.id,
U.username,
U.access,
U.comment,
date_format(U.adddate,'%%Y-%%m-%%d') as adddate
FROM
user as U
WHERE access = 1
order by username
"""
userlist = readDb(sql,)
return json.dumps(userlist)
def do_delaidns(id):
s = request.environ.get('beaker.session')
sql = """ select count(*) as count from dns_records where view=(select setname from dns_ipset where id=%s) """
resultx = readDb(sql,(id,))
if resultx[0].get('count') > 0 :
msg = {'color':'red','message':u'无法删除,该地址库已被关联使用'}
return template('aidns',session=s,msg=msg)
sql_1 = """ delete from dns_ipset where id=%s """
result = writeDb(sql_1,(id,))
if result == True:
writeDNSconf(action='uptconf')
msg = {'color':'green','message':u'删除成功'}
return template('aidns',session=s,msg=msg)
else :
msg = {'color':'red','message':u'删除失败'}
return template('aidns',session=s,msg=msg)
def do_editdhcpserv():
s = request.environ.get('beaker.session')
dhcpenable = request.forms.get("dhcpenable")
getgw = request.forms.get("getgw")
getdns1 = request.forms.get("getdns1")
getdns2 = request.forms.get("getdns2")
startip = request.forms.get("startip")
stopip = request.forms.get("stopip")
otime = request.forms.get("otime")
dhcplist = request.forms.get("dhcplist").replace('\r\n','\n').strip()
idata = dict()
idata['dhcpenable']=dhcpenable
idata['getgw']=getgw
idata['getdns1']=getdns1
idata['getdns2']=getdns2
idata['startip']=startip
idata['stopip']=stopip
idata['otime']=otime
if netmod.checkip(startip) == False or netmod.checkip(stopip) == False or netmod.checkip(getgw) == False or netmod.checkip(getdns1) == False:
msg = {'color':'red','message':'参数配置异常,保存失败'}
return(template('editdhcpserv',session=s,msg=msg,info=idata))
#判断dhcp固定分配是否为空
if dhcplist != "":
for i in dhcplist.split('\n'):
try:
xmac = i.split(',')[0]
xip = i.split(',')[1]
if (netmod.is_ValidMac(xmac) == False or netmod.checkip(xip) == False) and xmac != "":
msg = {'color':'red','message':'配置保存失败,固定分配记录异常'}
return(template('editdhcpserv',session=s,msg=msg,info=idata))
else:
idata['dhcplist']=dhcplist
except:
msg = {'color':'red','message':'配置保存失败,固定分配记录异常'}
return(template('editdhcpserv',session=s,msg=msg,info=idata))
sql = " update sysattr set value=%s where attr='dhcpconf' "
iidata=json.dumps(idata)
result = writeDb(sql,(iidata,))
if result == True :
writeDNSconf(action='uptconf')
msg = {'color':'green','message':'配置保存成功'}
return(template('editdhcpserv',session=s,msg=msg,info=idata))
else :
msg = {'color':'red','message':'配置保存失败'}
sql = " select value from sysattr where attr='dhcpconf' "
idata = readDb(sql,)
return(template('editdhcpserv',session=s,msg=msg,info=idata))
def getuser():
sql = """
SELECT
U.id,
U.username,
D.name as policy,
U.access,
U.comment,
date_format(U.adddate,'%%Y-%%m-%%d') as adddate
FROM
user as U
LEFT OUTER JOIN vpnpolicy as D on U.policy=D.id
WHERE access = 0
order by username
"""
userlist = readDb(sql,)
return json.dumps(userlist)
def do_systeminfo():
s = request.environ.get('beaker.session')
sql = " select value from sysattr where attr='resData' "
info = readDb(sql,)
try:
ninfo=json.loads(info[0].get('value'))
except:
return False
visitDay = ninfo.get('visitDay')
try:
date = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()-(int(visitDay) * 86400)))
sql = " select info,tim from sysinfo where tim > (%s) order by id"
resultData = readDb2(sql,(date,))
result = [True,resultData]
except Exception as e:
result = [False,str(e)]
return json.dumps({'resultCode':0,'result':result},cls=DateEncoder)
def do_systeminfo():
s = request.environ.get('beaker.session')
sql = " select value from sysattr where attr='resData' "
info = readDb(sql,)
try:
ninfo=json.loads(info[0].get('value'))
except:
return False
visitDay = ninfo.get('visitDay')
try:
date = time.strftime('%Y-%m-%d %H:%M:%S',time.localtime(time.time()-(int(visitDay) * 86400)))
sql = " select info,tim from sysinfo where tim > (%s) order by id"
resultData = readDb2(sql,(date,))
result = [True,resultData]
except Exception as e:
result = [False,str(e)]
return json.dumps({'resultCode':0,'result':result},cls=DateEncoder)
def systeminfo():
"""系统信息项"""
s = request.environ.get('beaker.session')
info=dict()
info['hostname'] = platform.node()
info['kernel'] = platform.platform()
info['systime'] = cmds.getdictrst('date +"%Y%m%d %H:%M:%S"').get('result')
cmdRun='cat /proc/uptime|awk -F. \'{run_days=$1/86400;run_hour=($1%86400)/3600;run_minute=($1%3600)/60;run_second=$1%60;printf("%d天%d时%d分%d秒",run_days,run_hour,run_minute,run_second)}\''
info['runtime'] = cmds.getdictrst(cmdRun).get('result')
info['pyversion'] = platform.python_version()
info['memsize'] = cmds.getdictrst('cat /proc/meminfo |grep \'MemTotal\' |awk -F: \'{printf ("%.0fM",$2/1024)}\'|sed \'s/^[ \t]*//g\'').get('result')
info['cpumode'] = cmds.getdictrst('grep \'model name\' /proc/cpuinfo |uniq |awk -F : \'{print $2}\' |sed \'s/^[ \t]*//g\' |sed \'s/ \+/ /g\'').get('result')
info['v4addr'] = 'Lan: '+netmod.NatIP()+'\tWan: '+netmod.NetIP()
info['appversion'] = AppServer().getVersion()
"""管理日志"""
sql = " SELECT id,objtext,objact,objhost,objtime FROM logrecord order by id DESC limit 7 "
logdict = readDb(sql,)
return template('systeminfo',session=s,info=info,logdict=logdict)
def delpolicy(id):
"""删除策略"""
s = request.environ.get('beaker.session')
sql = "select username from user where policy=%s "
chkdata = readDb(sql,(id,))
if len(chkdata) > 0 :
msg = {'color':'red','message':u'删除失败,该策略已被关联无法删除'}
return(template('policyconf',session=s,msg=msg,info={}))
sql = "delete from vpnpolicy where id in (%s) "
result = writeDb(sql,(id,))
if result:
writeVPNconf(action='uptgroup')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'删除成功'}
return(template('policyconf',session=s,msg=msg,info={}))
else:
msg = {'color':'red','message':u'删除失败'}
return(template('policyconf',session=s,msg=msg,info={}))
def getuser():
sql = """
SELECT
U.id,
U.username,
U.policy,
D.name as policyname,
U.access,
U.comment,
date_format(U.adddate,'%%Y-%%m-%%d') as adddate
FROM
user as U
LEFT OUTER JOIN vpnpolicy as D on U.policy=D.id
WHERE access = 1
order by username
"""
userlist = readDb(sql,)
return json.dumps(userlist)
def deliface(id):
s = request.environ.get('beaker.session')
sql = " DELETE FROM netiface WHERE id=%s "
sql2 = " select ifacename FROM netiface WHERE id=%s "
ifacename = readDb(sql2,(id,))
result = writeDb(sql,(id,))
if result == True :
writeNIconf(action='uptconf')
cmds.servboot('networks',action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'删除成功'}
cmds.gettuplerst('ip addr flush dev %s' % ifacename[0].get('ifacename'))
#恢复绑定
sql2 = "update sysattr set status='1' where attr=%s"
writeDb(sql2,(ifacename[0].get('ifacename'),))
return template('networkconf',session=s,msg=msg)
else:
msg = {'color':'red','message':u'删除失败'}
return template('networkconf',session=s,msg=msg)
def deliface(stype,id):
s = request.environ.get('beaker.session')
if stype == 'sys' or stype == 'static' :
sqlquery = " select dest,netmask,gateway FROM sysroute WHERE id=%s "
sql = " DELETE FROM sysroute WHERE id=%s "
else:
sqlquery = " select srcaddr,destaddr,pronum,iface as outdev FROM sysrouteadv WHERE id=%s "
sql = " DELETE FROM sysrouteadv WHERE id=%s "
resultA = readDb(sqlquery,(id,))
# 判断删除入口并返回到指定界面
if stype == 'sys':
tpl = 'routeconf'
elif stype == 'static':
tpl = 'staticroute'
elif stype == 'adv':
tpl = 'advroute'
# 判断提交的指令
result = writeDb(sql,(id,))
if result == True:
if stype == 'adv':
try:
if resultA[0].get('srcaddr') == '' and resultA[0].get('destaddr') != '':
cmds.getdictrst('ip rule del prio %s to %s' % (resultA[0].get('pronum'),resultA[0].get('destaddr')))
elif resultA[0].get('destaddr') == '' and resultA[0].get('srcaddr') != '':
cmds.getdictrst('ip rule del prio %s from %s dev %s' % (resultA[0].get('pronum'),resultA[0].get('srcaddr')))
elif resultA[0].get('destaddr') == '' and resultA[0].get('srcaddr') == '':
cmds.getdictrst('ip rule del prio %s dev %s' % (resultA[0].get('pronum'),resultA[0].get('outdev')))
else:
cmds.getdictrst('ip rule del prio %s from %s to %s' % (resultA[0].get('pronum'),resultA[0].get('srcaddr'),resultA[0].get('destaddr')))
msg = {'color':'green','message':u'删除成功'}
return template(tpl,session=s,msg=msg)
except:
msg = {'color':'green','message':u'删除成功'}
return template(tpl,session=s,msg=msg)
else:
cmds.getdictrst('route del -net %s netmask %s gw %s' % (resultA[0].get('dest'),resultA[0].get('netmask'),resultA[0].get('gateway')))
writeROUTEconf(action='uptconf')
writeUTMconf(action='uptconf')
msg = {'color':'green','message':u'删除成功'}
return template(tpl,session=s,msg=msg)
else:
msg = {'color':'red','message':u'删除失败'}
return template(tpl,session=s,msg=msg)
def do_login():
s = request.environ.get('beaker.session')
s['sitename'] = AppServer().getConfValue('site','sitename')
"""用户登陆过程,判断用户帐号密码,保存SESSION"""
username = request.forms.get('username').strip()
passwd = request.forms.get('passwd').strip()
if not username or not passwd:
message = u'帐号或密码不能为空!'
return template('login',message=message)
m_encrypt = LoginCls().encode(keys,passwd)
auth_sql = '''
SELECT
id,username,access
FROM
user
WHERE
username=%s and passwd=%s
'''
auth_user = readDb(auth_sql,(username,m_encrypt))
if auth_user:
s['webhost'] = request.environ.get('HTTP_HOST')
s['clientip'] = request.environ.get('REMOTE_ADDR')
s['username'] = username
s['userid'] = auth_user[0]['id']
s['access'] = auth_user[0]['access']
# session中添加系统环境检测警报
s['admemail'] = '*****@*****.**'
s['errnum'] = errnum
s['PayInfo'] = AppServer().getPayinfo()
s.save()
wrtlog('Login','登录成功',username,s['clientip'])
else:
clientip = request.environ.get('REMOTE_ADDR')
wrtlog('Login','登录失败',username,clientip)
message = u'帐号或密码错误!'
return template('login',message=message,session=s)
if auth_user[0]['access'] == 0 :
return redirect('/project')
return redirect('/')
def delcert():
id = request.forms.get('str').rstrip(',')
if not id:
return '-1'
sql2 = " select commonname from certmgr where id=%s "
result = readDb(sql2,(id,))
if result[0].get('commonname') == 'CA' or result[0].get('commonname') == 'Server':
cmds.gettuplerst('rm -rf %s/*.crt %s/*.pem %s/*.txt %s/*.p12' % (gl.get_value('certdir'),gl.get_value('certdir'),gl.get_value('certdir'),gl.get_value('certdir')))
writeDb('TRUNCATE TABLE certmgr')
else:
commonname = result[0].get('commonname')
# 吊销证书
cmds.gettuplerst('cat %s/%s.crt >> %s/revoke.pem' % (gl.get_value('certdir'),commonname,gl.get_value('certdir')))
cmds.gettuplerst('certtool --generate-crl --load-ca-privkey %s/ca-key.pem --load-ca-certificate %s/ca.crt --load-certificate %s/revoke.pem --template %s/crl.txt --outfile %s/crl.pem' % (gl.get_value('certdir'),gl.get_value('certdir'),gl.get_value('certdir'),gl.get_value('certdir'),gl.get_value('certdir')))
# 删除用户证书文件
cmds.gettuplerst('/bin/rm -rf %s/%s.crt %s/%s.pem %s/%s.p12' % (gl.get_value('certdir'),commonname,gl.get_value('certdir'),commonname,gl.get_value('certdir'),commonname))
sql = "delete from certmgr where id in (%s)"
result = writeDb(sql % id)
if result:
return '0'
else:
return '-1'
def do_changeuser(id):
s = request.environ.get('beaker.session')
username = request.forms.get("username")
passwd = request.forms.get("passwd")
policy = request.forms.get("policy")
access = request.forms.get("access")
comment = request.forms.get("comment")
#把密码进行加密处理后再保存到数据库中
if not passwd :
sql = "select passwd from user where id = %s"
m_encrypt = readDb(sql,(id,))[0].get('passwd')
else:
m_encrypt = LoginCls().encode(keys,passwd)
# 判断用户表单跳转[弃用]
#if int(access) == 0:
# formaddr='user'
#else :
# formaddr='admin'
#检查表单长度
if len(username) < 4 or (len(passwd) > 0 and len(passwd) < 8) :
return -1
if not (username and policy):
return -2
sql = """
UPDATE user SET
username=%s,passwd=%s,policy=%s,access=%s,comment=%s
WHERE id=%s
"""
data = (username,m_encrypt,int(policy),access,comment,id)
result = writeDb(sql,data)
if result == True:
wrtlog('User','更新用户成功:%s' % username,s['username'],s.get('clientip'))
writeVPNconf(action='uptuser')
return 0
else:
wrtlog('User','更新用户失败:%s' % username,s['username'],s.get('clientip'))
return -1
def addusercerts():
s = request.environ.get('beaker.session')
policylist_sql = "select id,name from vpnpolicy "
plylist_result = readDb(policylist_sql,)
return template('addusercerts',message='',info={},session=s,plylist_result=plylist_result)
def editrecord(id):
s = request.environ.get('beaker.session')
sql = " select dnstype,domain,data as record,pronum from dnsrecord where id=%s "
result = readDb(sql,(id,))
return(template('adddnsconf',session=s,msg={},info=result[0]))
def getifaceinfo():
sql = " SELECT id,ifacename,ifacetype,ipaddr,netmask,gateway,rxdata,txdata,status FROM netiface "
iface_list = readDb(sql,)
return json.dumps(iface_list)
def getifaceinfo():
sql = " SELECT id,domain,dnstype,data,pronum FROM dnsrecord order by dnstype"
info = readDb(sql,)
return json.dumps(info)
#coding=utf-8
import os,sys,json,re,logging,ConfigParser
from bottle import request,route,error,run,default_app
from bottle import template,static_file,redirect,abort
import bottle,hashlib
from MySQL import writeDb,readDb
from Functions import AppServer,LoginCls,writeVPNconf,wrtlog
from Login import checkLogin,checkAccess
import Login
keys = AppServer().getConfValue('keys','passkey')
policylist_sql = " select id,name from vpnpolicy "
plylist_result = readDb(policylist_sql,)
@route('/changepasswd')
@checkLogin
def user():
s = request.environ.get('beaker.session')
return template('changepasswd',session=s,msg={},info={})
@route('/changepasswd',method="POST")
@checkLogin
def user():
s = request.environ.get('beaker.session')
username = s.get('username')
oldpwd = request.forms.get("oldpwd")
newpwd = request.forms.get("newpwd")
newpwds = request.forms.get("newpwds")
def editvpnservconf(id):
s = request.environ.get('beaker.session')
sql = " SELECT authtype,ipaddr,servport,virip,virmask,maxclient,maxuser,authtimeout,authnum,locktime,comp,cisco,workstatus FROM vpnservconf WHERE id = %s "
result = readDb(sql,(id,))
return template('addvpnconfig',session=s,info=result[0])
