def AddUser(request): if request.method == 'POST': user = User() if 'username' in request.POST and request.POST.get('username') != '': data = User.objects.all() for num in range(len(data)): if getattr(data[num], 'username') != request.POST.get('username'): user.username = request.POST.get('username') else: return JsonResponse({ 'errorCode': '0x0010', 'errorString': '用户名重复' }) else: return JsonResponse({ 'errorCode': '0x0003', 'errorString': '必须输入用户名' }) if 'password' in request.POST and request.POST.get('password') == '': return JsonResponse({ 'errorCode': '0x0004', 'errorString': '必须输入密码' }) elif len(request.POST.get('password')) < 8: return JsonResponse({ 'errorCode': '0x0005', 'errorString': '密码必须大于8位' }) else: user.set_password(request.POST.get('password')) user.telephone = request.POST.get('telephone') user.email = request.POST.get('email') user.department = request.POST.get('department') if 'group' in request.POST and request.POST.get('group') == '': return JsonResponse({ 'errorCode': '0x0006', 'errorString': '必须选择用户组' }) else: user.group = GroupList.objects.get(id=request.POST.get('group')) user.is_active = request.POST.getlist('is_active') user.save() return JsonResponse({'errorCode': '0x0000', 'errorString': ''})
def addUser(request): """添加用户""" msg = '' form = UserAddForm() jm = PyCrypt(key) if request.method == 'POST': form = UserAddForm(request.POST) if form.is_valid(): user = form.cleaned_data username = user['username'] password = user['password'] key_pass = user['key_pass'] name = user['name'] is_admin = user['is_admin'] is_superuser = user['is_superuser'] ldap_password = keygen(16) group_post = user['group'] groups = [] # 如果用户是admin,那么不能委任其他admin或者超级用户 if is_admin_user(request): is_admin = False is_superuser = False # 组 for group_name in group_post: groups.append(Group.objects.get(name=group_name)) # 数据中保存用户,如果失败就返回 u = User(username=username, password=md5_crypt(password), key_pass=jm.encrypt(key_pass), name=name, is_admin=is_admin, is_superuser=is_superuser, ldap_password=jm.encrypt(ldap_password)) try: u.save() u.group = groups u.save() except Exception, e: error = u'数据库插入用户错误' + unicode(e) return render_to_response( 'addUser.html', { 'user_menu': 'active', 'form': form, 'error': error }, context_instance=RequestContext(request)) # 系统中添加用户 ret_add = bash('useradd %s' % username) ret_passwd = bash('echo %s | passwd --stdin %s' % (password, username)) ret_rsa = rsa_gen(username, key_pass) if [ret_add, ret_passwd, ret_rsa].count(0) < 3: error = u'跳板机添加用户失败' bash('userdel -r %s' % username) u.delete() return render_to_response( 'addUser.html', { 'user_menu': 'active', 'form': form, 'error': error }, context_instance=RequestContext(request)) # 添加到ldap中 user_dn = "uid=%s,ou=People,%s" % (username, ldap_base_dn) password_sha512 = gen_sha512(keygen(6), ldap_password) user_attr = { 'uid': [str(username)], 'cn': [str(username)], 'objectClass': ['account', 'posixAccount', 'top', 'shadowAccount'], 'userPassword': ['{crypt}%s' % password_sha512], 'shadowLastChange': ['16328'], 'shadowMin': ['0'], 'shadowMax': ['99999'], 'shadowWarning': ['7'], 'loginShell': ['/bin/bash'], 'uidNumber': [str(u.id)], 'gidNumber': [str(u.id)], 'homeDirectory': [str('/home/%s' % username)] } group_dn = "cn=%s,ou=Group,%s" % (username, ldap_base_dn) group_attr = { 'objectClass': ['posixGroup', 'top'], 'cn': [str(username)], 'userPassword': ['{crypt}x'], 'gidNumber': [str(u.id)] } sudo_dn = 'cn=%s,ou=Sudoers,%s' % (username, ldap_base_dn) sudo_attr = { 'objectClass': ['top'], 'objectClass': ['sudoRole'], 'cn': ['%s' % str(username)], 'sudoCommand': ['/bin/pwd'], 'sudoHost': ['192.168.1.1'], 'sudoOption': ['!authenticate'], 'sudoRunAsUser': ['root'], 'sudoUser': ['%s' % str(username)] } ldap_conn = LDAPMgmt() try: ldap_conn.add(user_dn, user_attr) ldap_conn.add(group_dn, group_attr) ldap_conn.add(sudo_dn, sudo_attr) except Exception, e: error = u'添加ladp用户失败' + unicode(e) try: bash('userdel -r %s' % username) u.delete() ldap_conn.delete(user_dn) ldap_conn.delete(group_dn) ldap_conn.delete(sudo_dn) except Exception: pass return render_to_response( 'addUser.html', { 'user_menu': 'active', 'form': form, 'error': error }, context_instance=RequestContext(request)) msg = u'添加用户成功'
def addUser(request): """添加用户""" msg = '' form = UserAddForm() jm = PyCrypt(key) if request.method == 'POST': form = UserAddForm(request.POST) if form.is_valid(): user = form.cleaned_data username = user['username'] password = user['password'] key_pass = user['key_pass'] name = user['name'] is_admin = user['is_admin'] is_superuser = user['is_superuser'] ldap_password = keygen(16) group_post = user['group'] groups = [] # 如果用户是admin,那么不能委任其他admin或者超级用户 if is_admin_user(request): is_admin = False is_superuser = False # 组 for group_name in group_post: groups.append(Group.objects.get(name=group_name)) # 数据中保存用户,如果失败就返回 u = User( username=username, password=md5_crypt(password), key_pass=jm.encrypt(key_pass), name=name, is_admin=is_admin, is_superuser=is_superuser, ldap_password=jm.encrypt(ldap_password)) try: u.save() u.group = groups u.save() except Exception, e: error = u'数据库插入用户错误' + unicode(e) return render_to_response('addUser.html', {'user_menu': 'active', 'form': form, 'error': error}, context_instance=RequestContext(request)) # 系统中添加用户 ret_add = bash('useradd %s' % username) ret_passwd = bash('echo %s | passwd --stdin %s' % (password, username)) ret_rsa = rsa_gen(username, key_pass) if [ret_add, ret_passwd, ret_rsa].count(0) < 3: error = u'跳板机添加用户失败' bash('userdel -r %s' % username) u.delete() return render_to_response('addUser.html', {'user_menu': 'active', 'form': form, 'error': error}, context_instance=RequestContext(request)) # 添加到ldap中 user_dn = "uid=%s,ou=People,%s" % (username, ldap_base_dn) password_sha512 = gen_sha512(keygen(6), ldap_password) user_attr = { 'uid': [str(username)], 'cn': [str(username)], 'objectClass': ['account', 'posixAccount', 'top', 'shadowAccount'], 'userPassword': ['{crypt}%s' % password_sha512], 'shadowLastChange': ['16328'], 'shadowMin': ['0'], 'shadowMax': ['99999'], 'shadowWarning': ['7'], 'loginShell': ['/bin/bash'], 'uidNumber': [str(u.id)], 'gidNumber': [str(u.id)], 'homeDirectory': [str('/home/%s' % username)]} group_dn = "cn=%s,ou=Group,%s" % (username, ldap_base_dn) group_attr = { 'objectClass': ['posixGroup', 'top'], 'cn': [str(username)], 'userPassword': ['{crypt}x'], 'gidNumber': [str(u.id)] } sudo_dn = 'cn=%s,ou=Sudoers,%s' % (username, ldap_base_dn) sudo_attr = { 'objectClass': ['top'], 'objectClass': ['sudoRole'], 'cn': ['%s' % str(username)], 'sudoCommand': ['/bin/pwd'], 'sudoHost': ['192.168.1.1'], 'sudoOption': ['!authenticate'], 'sudoRunAsUser': ['root'], 'sudoUser': ['%s' % str(username)] } ldap_conn = LDAPMgmt() try: ldap_conn.add(user_dn, user_attr) ldap_conn.add(group_dn, group_attr) ldap_conn.add(sudo_dn, sudo_attr) except Exception, e: error = u'添加ladp用户失败' + unicode(e) try: bash('userdel -r %s' % username) u.delete() ldap_conn.delete(user_dn) ldap_conn.delete(group_dn) ldap_conn.delete(sudo_dn) except Exception: pass return render_to_response('addUser.html', {'user_menu': 'active', 'form': form, 'error': error}, context_instance=RequestContext(request)) msg = u'添加用户成功'