def allowtobeIntrenet(id,message): try: if id and message: message_dict=ast.literal_eval(message) old_internet_now = message_dict.get("old_internet_now",'') new_internet = message_dict.get("new_internet", '') message_username = message_dict.get("username", '') if new_internet: if old_internet_now: for old_internet_dict in ast.literal_eval(old_internet_now.replace("true","'true'").replace("false","'false'").replace("null","'null'")): if old_internet_dict.get("name",''): RemoveUserFromGroups = adapi().Initialapi("RemoveUserFromGroup", sAMAccountName=message_username, groupname=old_internet_dict.get("name",'')) AddUserToGroups = adapi().Initialapi("AddUserToGroup", sAMAccountName=message_username, groupname=new_internet) if AddUserToGroups['isSuccess'] or ("对象已存在" in AddUserToGroups['message']): updatepumailuser(id, 1) result = {'isSuccess': True, "message": "主管审批同意网络权限"} else: updatepumailuser(id, 2) result = {'isSuccess': False, "message": "主管审批同意网络权限,加组失败"} else: updatepumailuser(id, 2) result = {'isSuccess': False, "message": "主管审批同意网络权限,传入空值"} else: result = {'isSuccess': False, "message": "主管审批同意网络权限,传入空值"} if not result['isSuccess']: logmanager().log(returnid=2, username='******', ip='172.0.0.0', message="allowtobeIntrenet,主管审批同意网络权限:", issuccess=0, methodname=id, returnparameters=str(message), types="internet") except Exception as e: result = {'isSuccess': False, "message": str(e)} logmanager().log(returnid=0, username='******', ip='172.0.0.0', message="allowtobeIntrenet,主管审批同意网络权限:" + str(e), issuccess=0, methodname=id, returnparameters=str(message), types="internet") return result
def sendmailtouser(emaillistsvalue,applydetail,useraccount): subject = u'申请单有了新进度!' emaillists = "你的申请单"+str(emaillistsvalue)+applydetail+'有了新的审批进度,请登录平台查看! ' email_data = {'emaillists': emaillists} template = "mailmould/sendmailpassword.html" adapi().Initialapi("GetobjectProperty",objects=useraccount,objectClass="user") to_list = [adapi().Initialapi("GetobjectProperty",objects=useraccount,objectClass="user")['message'][0]['mail']] send_email_by_template(subject, template, email_data, to_list)
def showmailpumangaer(request): log = logmanager() username = request.session.get('username') try: pubmes = get_management_configuration() mess = adapi().postapi( 'GetUserFromLdap', ldaps='(&(objectCategory=person)(objectClass=user)(mail=*) (' + pubmes['pubmailfence'] + '=' + username + '))', path=pubmes['pubmailou']) temptable = [] if mess['isSuccess']: for i in mess['message']: if i.get('useraccountcontrol', ['None'])[0] == 514 or i.get( 'useraccountcontrol', ['None'])[0] == 546 or i.get( 'useraccountcontrol', ['None'])[0] == 4130 or i.get( 'useraccountcontrol', ['None'])[0] == 4198: pass else: mangefenc = pubmes['pubmailfence'].lower() lastpwd = adapi().Initialapi( 'GetobjectProperty', objects=i['samaccountname'][0], objectClass='user') temptable.append({ 'samaccountname': i.get('samaccountname', ['None'])[0], 'physicaldeliveryofficename': i.get(mangefenc, ['None'])[0], 'displayname': i.get('displayname', ['None'])[0], 'mail': i.get('mail', ['None'])[0], 'PasswordExpirationDate': lastpwd['message'][0].get('PasswordExpirationDate', 'None') }) except Exception as e: log.log(returnid=1, username=username, message=username + "登录获取公共邮箱管理者账号信息", returnparameters=str(e), issuccess=1, methodname="showmailpumangaer", types="exchange") print(e) result = {'status': temptable} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def adlinktest(request): post = request.POST adinputip = post.get("adinputip") adinputaccount = post.get("adinputaccount") adinputpassword = post.get("adinputpassword") adinputdomain = post.get("adinputdomain") adinputpath = post.get("adinputpath") password = encrypt_and_decode().encrypted_text(adinputpassword) adapitestvalue = adapi().testapi('adlinktest', adip=adinputip, account=adinputaccount, password=adinputpassword, domain=adinputdomain, adpath=adinputpath) if adapitestvalue and ('isSuccess' in adapitestvalue): if adapitestvalue['isSuccess']: serverviistestvalue = 1 dbinfo_insert_advalue(adinputip, adinputaccount, password, adinputdomain, adinputpath) else: serverviistestvalue = 0 else: serverviistestvalue = 0 result = {'serverviistestvalue': serverviistestvalue} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def showitgroupmembers(request): try: post = request.POST itgroupname = post.get("groupname") username = request.session.get('username') if username.lower() == "administrator": groupmanager = adapi().Initialapi('Showgroupname', groupname=itgroupname) rows = list() # aa = MyThread(groupmanager['message']['member']) li = [] groupmanagerlist = list() if type(groupmanager['message']['member']) != type( groupmanagerlist): groupmanagerlist.append(groupmanager['message']['member']) else: groupmanagerlist = groupmanager['message']['member'] if groupmanagerlist != [None]: for i in groupmanagerlist: t = MyThread(i) li.append(t) t.start() for t in li: t.join() rows.append(t.get_result()) # rows.append(adapi().Initialapi('GetPropertyFordistinguishedName', distinguishedName=i)['message'][0]) a = {"total": len(rows), "rows": rows} return HttpResponse(json.dumps(a)) else: return HttpResponseRedirect('/', request) except Exception as e: return HttpResponseRedirect('/adminconfig/', request)
def run(self): now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') approvalresult = directorapproval('1', now, '1', self.id) relationapprovalresult = relationapprovaldb('1', now, '2', self.id) if relationapprovalresult == 1 and approvalresult == 1: # 添加权限组 sel_folder_dfs_flow_ids = sel_folder_dfs_flow_id(self.id) if sel_folder_dfs_flow_ids: AddUserToGroups = adapi().Initialapi( "AddUserToGroup", sAMAccountName=sel_folder_dfs_flow_ids.get('username', ''), groupname=sel_folder_dfs_flow_ids.get('group_name', '')) if AddUserToGroups['isSuccess'] or "对象已存在" in AddUserToGroups[ 'message']: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') opresult = operate(now, '3', self.id) else: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') opresults = operate(now, '6', self.id) else: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') opresults = operate(now, '6', self.id) else: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') opresults = operate(now, '6', self.id) return True
def exlinktest(request): post = request.POST exinputip = post.get("exinputip") exinputaccount = post.get("exinputaccount") exinputpassword = post.get("exinputpassword") exinputdomain = post.get("exinputdomain") password = encrypt_and_decode().encrypted_text(exinputpassword) exapitestvalue = adapi().testapi('testexlink', exip=exinputip, exaccount=exinputaccount, expassword=exinputpassword, domain=exinputdomain) # exapitestvalue = adapi().testapi('GetActiveSyncDevice',mailname='administrator',parametername='11',domain=exinputdomain) if exapitestvalue and ('isSuccess' in exapitestvalue): if exapitestvalue['isSuccess']: serverviistestvalue = 1 dbinfo_insert_exvalue(exinputip, exinputaccount, password, exinputdomain) else: serverviistestvalue = 0 else: serverviistestvalue = 0 result = {'serverviistestvalue': serverviistestvalue} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def removeallgroupmemberfromadmin(request): try: log = logmanager() post = request.POST itgroupname = post.get("groupname") username = request.session.get('username') ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) if username.lower() == "administrator": removeallgroupmembervalue = adapi().Initialapi( "RemoveAllUserFromGroup", groupname=itgroupname) result = { "isSuccess": removeallgroupmembervalue['isSuccess'], "message": removeallgroupmembervalue['message'] } log.log(returnid=1, username=username, ip=ip, message="清空" + itgroupname + "群组成员", returnparameters=str(removeallgroupmembervalue), issuccess=1, methodname="removeallgroupmemberfromadmin", types="other") response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response else: return HttpResponseRedirect('/', request) except Exception as e: return HttpResponseRedirect('/adminconfig/', request)
def delmailmemberfromadmin(request): try: log = logmanager() post = request.POST itgroupname = post.get("groupname") username = request.session.get('username') ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) groupmembersvalue = request.POST.get('groupmembersvalue') if username.lower() == "administrator": removevalue = adapi().Initialapi("RemoveUserFromGroup", sAMAccountName=groupmembersvalue, groupname=itgroupname) if removevalue['isSuccess']: lastvalue = True message = "" log.log(returnid=1, username=username, ip=ip, message="删除" + itgroupname + "群组信息成员" + str(groupmembersvalue), returnparameters=str(removevalue), issuccess=1, methodname="delmailmember", types="exchange") else: lastvalue = False message = removevalue['message'] log.log(returnid=0, username=username, ip=ip, message="删除" + itgroupname + "群组信息成员" + str(groupmembersvalue), returnparameters=str(removevalue), issuccess=0, methodname="delmailmember", types="exchange") result = {"lastvalue": lastvalue, "message": message} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response else: return HttpResponseRedirect('/', request) except Exception as e: return HttpResponseRedirect('/adminconfig/', request)
def run(self): try: Level3Folder = dfs_api().postapi("Level3Folder", path=self.level3_path) if Level3Folder['isSuccess']: get_manager_dfs_group_froms = get_manager_dfs_group_from( self.level3_path) if get_manager_dfs_group_froms: for manager_dfs_group in get_manager_dfs_group_froms: group_name = manager_dfs_group.get("group_name", '') AddUserToGroups = adapi().Initialapi( "AddUserToGroup", sAMAccountName=self.username, groupname=group_name) # if AddUserToGroups['isSuccess'] or "对象已存在" in AddUserToGroups['message']: except Exception as e: print(e)
def itgroupsearch(request): try: post = request.POST itgroupname = post.get("itgroupname") searchgroupvalue = adapi().Initialapi("Showgroupname", groupname=itgroupname) if searchgroupvalue['isSuccess']: searchvalue = 1 dbinfo_insert_itgroupvalue(itgroupname) else: searchvalue = 0 except Exception as e: searchvalue = 0 result = {'serverviistestvalue': searchvalue} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def run(self): self.returnvalue = False try: start_date = datetime.strptime(self.passwordexpirationdate, "%Y/%m/%d %H:%M:%S") today = datetime.now() differencedays = (start_date - today).days if differencedays == 14 or differencedays == 7 or differencedays == 3 or differencedays == 2 or differencedays == 0: usrenamevalue = adapi().Initialapi("GetobjectProperty", objects=self.samaccountname, objectClass="user") if usrenamevalue['isSuccess']: if usrenamevalue['message'][0]['mail'] != None: self.returnvalue = { "name": self.samaccountname, "differencedays": differencedays, "mail": usrenamevalue['message'][0]['mail'] } except Exception as e: self.returnvalue = False
def saveInternet(request): username = request.session.get('username') displayname = request.session.get('displayname') ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) old_internet_now = request.POST.get('old_internet_now',"") #旧权限组可为空 new_internet = request.POST.get('new_internet',"") #新权限组,不可为空 type_internet = request.POST.get('type_internet', "") # 权限类型,不可为空 if username: try: if new_internet and type_internet: types = 'internet' if type_internet =="access": manger = getmanger(username, "networkmanger") applytype = "申请上网权限组权限" elif type_internet =="wifi": manger = getmanger(username, "networkmanger") applytype = "申请无线权限组权限" elif type_internet =="vpn": manger = getmanger(username, "vnpmanger") applytype = "申请VPN权限组权限" else: manger = getmanger(username, "networkmanger") applytype = "申请权限组权限" process = get_api("process") message = str({'old_internet_now': old_internet_now, "new_internet": new_internet, "type_internet": type_internet, "username": username}) if process: insert_pubmailflow_processs = insert_pubmailflow_process(ip, username, displayname, types, applytype, new_internet, director='系统', message=message) if insert_pubmailflow_processs: value = {"status": 0, "message": {"id": insert_pubmailflow_processs['id'], "username": username, "displayname": displayname, "types": types, "applytype": applytype, "applydetail": new_internet}} process_outgoings = process_outgoing(value) if process_outgoings['status']==0: result = {'isSuccess': True, "message": "权限申请成功"} else: result = {'isSuccess': False, "message": "插入数据库,调用流程接口失败"} else: result = {'isSuccess': False, "message": "未能插入数据库"} elif manger: insert_pubmailflowds = insert_pubmailflow(ip, username, displayname, types, applytype, new_internet, director=manger, message=message) if insert_pubmailflowds==():#申请权限插入数据库成功 mangervalue = adapi().Initialapi("GetobjectProperty", objects=manger, objectClass="user") if mangervalue['isSuccess']: subject = u'您有一个新申请单待审批' submit_time = datetime.now() emaillists = [{"username":username,"displayname":displayname,"applytype":applytype,"new_internet":new_internet,"submit_time":submit_time}] email_data = {'emaillists': emaillists,"username":username} template = "internetweb/interdirectoremail.html" to_list = [mangervalue['message'][0]['mail']] send_email_by_template(subject, template, email_data, to_list) result = {'isSuccess': True, "message": "权限申请成功"} else: result = {'isSuccess': False, "message": "未能插入数据库"} else: result = {'isSuccess': False, "message": "没有获取到主管"} else: result = {'isSuccess': False, "message": "传入空值"} if not result['isSuccess']: logmanager().log(returnid=2, username=username, ip=ip, message="saveInternet,申请网络权限:", issuccess=0, methodname="saveInternet", returnparameters=str(request.POST), types="internet") except Exception as e: result = {'isSuccess': False, "message": str(e)} logmanager().log(returnid=0, username=username, ip=ip, message="saveInternet,申请网络权限:" + str(e), issuccess=0, methodname="saveInternet", returnparameters=str(request.POST), types="internet") response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response else: return HttpResponseRedirect('/', request)
def run(self): for i in range(len(self.firstcelllist)): sameadaccount = checkdiretorissamerelation(self.firstcelllist[i]) sameadaccount_username = sameadaccount.get('username', '') # 使用人的AD账号 sameadaccount_group_name = sameadaccount.get('group_name', '') # 组名 now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') relationapprovalresult = relationapprovaldb( '1', now, '2', self.firstcelllist[i]) if relationapprovalresult == 1: #添加权限组 AddUserToGroups = adapi().Initialapi( "AddUserToGroup", sAMAccountName=sameadaccount_username, groupname=sameadaccount_group_name) if AddUserToGroups['isSuccess'] or "对象已存在" in AddUserToGroups[ 'message']: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') opresult = operate(now, '3', self.firstcelllist[i]) else: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') opresults = operate(now, '6', self.firstcelllist[i]) else: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') opresults = operate(now, '6', self.firstcelllist[i]) if len(self.firstcelllist) == 1: threeusername = showrelationemail(self.firstcelllist[0], 3) #权限已开通,发送给用户 subject = u'文件夹权限_权限已开通' email_data = {'emaillists': threeusername} template = "dfsweb/common/successmail.html" GetobjectPropertys = adapi().Initialapi( "GetobjectProperty", objects=threeusername[0]['username'], objectClass='user') if GetobjectPropertys['isSuccess']: to_list = [ GetobjectPropertys['message'][0]['mail'], ] send_email_by_template(subject, template, email_data, to_list) else: threeusername = checkusernameissamerelation( tuple(self.firstcelllist), 3) # #权限已开通,发送给用户 sucapproval_usernames = list() for i in range(len(threeusername)): sucapproval_usernames.append(threeusername[i]['username']) for x in sucapproval_usernames: while sucapproval_usernames.count(x) > 1: del sucapproval_usernames[sucapproval_usernames.index( x)] # 去除文件夹管理员AD 的重复项 for sucapproval_username in sucapproval_usernames: emaillists = showidemail(tuple(self.firstcelllist), sucapproval_username) subject = u'文件夹权限_权限已开通' email_data = {'emaillists': emaillists} template = "dfsweb/common/successmail.html" GetobjectPropertys = adapi().Initialapi( "GetobjectProperty", objects=sucapproval_username, objectClass='user') if GetobjectPropertys['isSuccess']: mail = GetobjectPropertys['message'][0].get("mail", "") if mail: to_list = [mail] send_email_by_template(subject, template, email_data, to_list)
def userlogin(request): post = request.POST username = post.get("Username") password = post.get("Password") returnbackurl = request.session.get("returnbackurl") try: if not returnbackurl: returnbackurl = r'/' if username: if password: if username.lower() == 'administrator': # adminpassword = make_password('ITPortal...123') if not dbinfo_select_global_configuration(): adminoldassword = administratorpassword else: adminsqlpassword = dbinfo_select_global_configuration( )[0]['adminpwd'] if adminsqlpassword == '' or adminsqlpassword == None or adminsqlpassword == "None": adminoldassword = administratorpassword else: adminoldassword = adminsqlpassword if check_password(password, adminoldassword): request.session['username'] = '******' request.session['displayname'] = '超级管理员' request.session['titleshow'] = 'IT开放平台' status = { 'backurl': '/adminconfig/', 'status': 'success' } else: status = {'backurl': '', 'status': 'errorpasswd'} else: loginvalue = adapi().Initialapi('VerifyUserLogin', username=username, password=password) if loginvalue['isSuccess']: request.session['username'] = username.lower() request.session['displayname'] = loginvalue['message'][ 'name'] # tltile = shwotitle() # if tltile == None or tltile ==False : # request.session['titleshow']='IT开放平台' # else: # request.session['titleshow'] = shwotitle()['title'] request.session['jobnumber'] = loginvalue['message'][ 'jobnumber'] request.session['givenName'] = loginvalue['message'][ 'givenName'] request.session['DN'] = loginvalue['message']['DN'] request.session['description'] = loginvalue['message'][ 'description'] request.session['guid'] = loginvalue['message']['guid'] request.session['mail'] = loginvalue['message']['mail'] request.session['sn'] = loginvalue['message']['sn'] request.session['returnbackurl'] = '' status = { 'backurl': returnbackurl, 'status': 'success' } else: status = {'backurl': '', 'status': 'errorpasswd'} else: status = {'backurl': '', 'status': 'nopassword'} else: status = {'backurl': '', 'status': 'nouser'} except Exception as e: status = {'backurl': '', 'status': 'error'} result = status response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def updatepubmess(request): log = logmanager() username = request.session.get('username') ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) pubmailadd = request.POST.get('pubmailadd') samcoun = request.POST.get('sancount') displaypub = request.POST.get('displaypub') pbmanger = request.POST.get('pbmanger') oldmanger = request.POST.get('oldmanger') try: configsql = getmailou_new() publicmailconfig = configsql[0]['pubmailou'] pubmailfence = configsql[0]['pubmailfence'] if pubmailfence != "" and pubmailfence != None: pubmailfencelastvalue = pubmailfence else: pubmailfencelastvalue = "physicalDeliveryOfficeName" if publicmailconfig != "" and publicmailconfig != None: ad_path = publicmailconfig else: ad_path = dbinfo_select_global_configuration()[0]['ad_path'] publicmailvalue = adapi().postapi( 'GetUserFromLdap', ldaps= '(&(objectCategory=person)(objectClass=user)(mail=*) (sAMAccountName=' + samcoun + '))', path=ad_path) if publicmailvalue['isSuccess'] and publicmailvalue['Count'] != 0: publicmailvaluemessage = publicmailvalue['message'][0] managervalue = publicmailvaluemessage.get( pubmailfencelastvalue.lower(), [None])[0] if managervalue.lower() == username.lower(): if oldmanger.lower() != pbmanger.lower(): usermail = adapi().Initialapi('GetobjectProperty', objects=pbmanger.lower(), objectClass='user') pnmangermail = usermail['message'][0]['mail'] setdisname = adapi().Initialapi('SetuserProperty', username=samcoun, PropertyName='displayName', PropertyValue=displaypub) setmanger = adapi().Initialapi( 'SetuserProperty', username=samcoun, PropertyName='physicalDeliveryOfficeName', PropertyValue=pbmanger) if setdisname['isSuccess'] and setmanger['isSuccess']: log.log(returnid=1, ip=ip, message=username + "修改公共邮箱属性,修改管理者为" + pbmanger + '修改显示名称' + displaypub, issuccess=1, inparameters=str(setdisname) + str(setmanger), methodname="updatepubmess", types="exchange") subject = u'公共邮箱更改' emaillists = '您已经拥有公共邮箱:' + pubmailadd + '的权限,如果想要重置密码,请登录平台重置该公共邮箱的密码! ' email_data = {'emaillists': emaillists} template = "mailmould/sendmailpassword.html" to_list = [pnmangermail] send_email_by_template(subject, template, email_data, to_list) status = 1 else: log.log(returnid=0, ip=ip, message=username + "修改公共邮箱属性,修改管理者为" + pbmanger + '修改显示名称' + displaypub, issuccess=0, inparameters=str(setdisname) + str(setmanger), methodname="updatepubmess", types="exchange") status = 2 else: setdisname = adapi().Initialapi('SetuserProperty', username=samcoun, PropertyName='displayName', PropertyValue=displaypub) if setdisname['isSuccess']: log.log(returnid=1, ip=ip, message=username + "修改公共邮箱属性,修改显示名称" + displaypub, issuccess=1, inparameters=str(setdisname), methodname="updatepubmess", types="exchange") status = 1 else: log.log(returnid=0, ip=ip, message=username + "修改公共邮箱属性,修改显示名称" + displaypub, issuccess=0, inparameters=str(setdisname), methodname="updatepubmess", types="exchange") status = 2 else: status = 2 except Exception as e: log.log(returnid=0, ip=ip, message=username + "修改公共邮箱属性,修改显示名称" + displaypub, issuccess=0, inparameters=str(e), methodname="updatepubmess", types="exchange") print(e) result = {'status': status} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def psdpubmailset(request): log = logmanager() ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) username = request.session.get('username') samcoun = request.POST.get('samcoun') mailaddress = request.session.get('mail') try: configsql = getmailou_new() publicmailconfig = configsql[0]['pubmailou'] pubmailfence = configsql[0]['pubmailfence'] if pubmailfence != "" and pubmailfence != None: pubmailfencelastvalue = pubmailfence else: pubmailfencelastvalue = "physicalDeliveryOfficeName" if publicmailconfig != "" and publicmailconfig != None: ad_path = publicmailconfig else: ad_path = dbinfo_select_global_configuration()[0]['ad_path'] publicmailvalue = adapi().postapi( 'GetUserFromLdap', ldaps= '(&(objectCategory=person)(objectClass=user)(mail=*) (sAMAccountName=' + samcoun + '))', path=ad_path) if publicmailvalue['isSuccess'] and publicmailvalue['Count'] != 0: publicmailvaluemessage = publicmailvalue['message'][0] managervalue = publicmailvaluemessage.get( pubmailfencelastvalue.lower(), [None])[0] if managervalue.lower() == username.lower(): passwd = genpwd() message = adapi().Initialapi('ResetPasswordByOU', username=samcoun, newpassword=passwd) if message['isSuccess']: subject = u'公共邮箱密码重置' emaillists = '您的公共邮箱:' + samcoun + '已经重置密码,新密码为' + passwd + ',请妥善保管密码,并同步给使用此公共邮箱的同事' email_data = {'emaillists': emaillists} template = "mailmould/sendmailpassword.html" to_list = [mailaddress] send_email_by_template(subject, template, email_data, to_list) log.log(returnid=1, username=username, ip=ip, message=username + "重置公共邮箱密码", returnparameters='密码修改成功', issuccess=1, methodname="psdpubmailset", types="AD") else: message = { 'message': { 'message': '重置失败。' }, 'isSuccess': False } log.log(returnid=0, username=username, ip=ip, message=username + "重置公共邮箱密码", returnparameters=str(message), issuccess=0, methodname="psdpubmailset", types="AD") else: message = {'message': {'message': '越权操作。'}, 'isSuccess': False} except Exception as e: message = {'message': {'message': '异常。'}, 'isSuccess': False} print(e) log.log(returnid=0, username=username, ip=ip, message=username + "重置公共邮箱密码", returnparameters=str(e), issuccess=0, methodname="psdpubmailset", types="AD") result = message response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def mailcountdel(request): log = logmanager() username = request.session.get('username') ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) count = request.POST.get('count') try: configsql = getmailou_new() publicmailconfig = configsql[0]['pubmailou'] pubmailfence = configsql[0]['pubmailfence'] if pubmailfence != "" and pubmailfence != None: pubmailfencelastvalue = pubmailfence else: pubmailfencelastvalue = "physicalDeliveryOfficeName" if publicmailconfig != "" and publicmailconfig != None: ad_path = publicmailconfig else: ad_path = dbinfo_select_global_configuration()[0]['ad_path'] publicmailvalue = adapi().postapi( 'GetUserFromLdap', ldaps= '(&(objectCategory=person)(objectClass=user)(mail=*) (sAMAccountName=' + count + '))', path=ad_path) if publicmailvalue['isSuccess'] and publicmailvalue['Count'] != 0: publicmailvaluemessage = publicmailvalue['message'][0] managervalue = publicmailvaluemessage.get( pubmailfencelastvalue.lower(), [None])[0] if managervalue.lower() == username.lower(): message = adapi().Initialapi('SetuserProperty', username=count, PropertyName='userAccountControl', PropertyValue=514) if message['isSuccess']: status = 1 log.log(returnid=0, ip=ip, message=username + "删除公共邮箱成功" + count, issuccess=0, inparameters=str(publicmailvalue), methodname="mailcountdel", types="exchange") else: log.log(returnid=0, ip=ip, message=username + "删除公共邮箱失败" + count, issuccess=0, inparameters=str(publicmailvalue), methodname="mailcountdel", types="exchange") status = 2 else: status = 2 log.log(returnid=0, ip=ip, message=username + "越权" + count, issuccess=0, inparameters=str(publicmailvalue), methodname="mailcountdel", types="exchange") else: status = 2 log.log(returnid=0, ip=ip, message=username + "为查询到公共邮箱,疑似越权" + count, issuccess=0, inparameters=str(publicmailvalue), methodname="mailcountdel", types="exchange") except Exception as e: status = 2 log.log(returnid=0, ip=ip, message=username + "删除公共邮箱异常" + count, issuccess=0, inparameters=str(e), methodname="mailcountdel", types="exchange") print(e) result = {'status': status} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def run(self): try: process = get_api("process") director_account_list = [] for i in range(len(self.account_list) - 1): username = self.account_list[i] if username: GetobjectPropertys = GetobjectProperty(username, 'user', self.domain, tokenid=None, ip=None) if GetobjectPropertys['isSuccess']: displayName = GetobjectPropertys['message'][0].get( 'displayName', '') else: displayName = "" #获取treeid 和需要添加的权限组 treelists = self.level_id_list[i].split('-') treeids = showtreeid(treelists[0], treelists[1], treelists[2]) tree_id = treeids.get('tree_id', '') group_name = showgroupname(tree_id, self.read_m_list[i]).get( "group_name", '') #根据AD账号获取主管,AD ,姓名,邮箱 manger = getmanger(username, "dfsmanger") get_management_configurations = get_management_configuration( ) if process: director_name = "系统" director_account = "系统" director_mail = "系统" else: if manger: director_account = manger mangervalue = adapi().Initialapi( "GetobjectProperty", objects=manger, objectClass="user") if mangervalue['isSuccess']: director_mail = mangervalue['message'][0].get( "mail", '') director_name = mangervalue['message'][0].get( "displayName", '') else: director_name = get_management_configurations.get( 'dfs_relation_name', '') director_account = get_management_configurations.get( 'dfs_relation', '') director_mail = get_management_configurations.get( 'dfs_relation_mail', '') else: director_name = get_management_configurations.get( 'dfs_relation_name', '') director_account = get_management_configurations.get( 'dfs_relation', '') director_mail = get_management_configurations.get( 'dfs_relation_mail', '') # 根据 level2_id 查找文件夹管理员 ,如果没有则使用默认 relations = show_level2name(treelists[1]) level2_manager_name = relations.get( 'level2_manager_name', '') level2_manager = relations.get('level2_manager', '') level2_manager_mail = relations.get( 'level2_manager_mail', '') if not level2_manager: level2_manager_name = get_management_configurations.get( 'dfs_relation_name', '') level2_manager = get_management_configurations.get( 'dfs_relation', '') level2_manager_mail = get_management_configurations.get( 'dfs_relation_mail', '') now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') if tree_id and group_name and director_account and level2_manager: #确认数据无错,插数据库 flowidcounts = checkflow(username, group_name) # 检查flow表是否有相同数据 if flowidcounts['counts'] == 0: add_dfs_flows = add_dfs_flow( username, displayName, treeids['tree_id'], group_name, now, director_name, director_account, level2_manager_name, level2_manager, 0, self.adusername) #添加 if process and add_dfs_flows: value = { "status": 0, "message": { "id": add_dfs_flows['id'], "username": username, "displayname": displayName, "types": "DFS", "applytype": "申请文件夹权限", "applydetail": group_name } } process_outgoing(value) director_account_list.append( [director_account, director_mail]) if not process: for x in director_account_list: while director_account_list.count(x) > 1: del director_account_list[director_account_list.index( x)] # 去除director_account 的重复项\ # 发送邮件 for i in range(len(director_account_list)): emaillists = showmyemailflowdir( director_account_list[i][0]) #根据主管AD 账号获取工单 sendnumber = len(emaillists) if sendnumber > 0: subject = u'文件夹权限_主管审批' email_data = { 'emaillists': emaillists, 'username': self.adusername } template = "dfsweb/common/directoremail.html" if director_account_list[i][1]: to_list = [ director_account_list[i][1], ] send_email_by_template(subject, template, email_data, to_list) # 微信发送申请信息给主管 # sendjobnumber = oalistslist[i][3] # sendmsg = '您有%' % (sendnumber) + '\n' + '请您登陆平台进行审批' # sendwechat(sendjobnumber, sendmsg) except Exception as e: print(e)
def addgroupmembersfromadmin(request): try: log = logmanager() post = request.POST itgroupname = post.get("groupname") username = request.session.get('username') ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) groupmembersvalue = request.POST.get('groupmembersvalue') if username.lower() == "administrator": groupmembersvaluelist = groupmembersvalue.split("\n") if len(groupmembersvaluelist) == 0: isSuccess = False message = "" lenerrorlist = 0 log.log(returnid=1, username=username, ip=ip, message="添加" + itgroupname + "收件人权限", returnparameters=str(groupmembersvalue), issuccess=1, methodname="addgroupmembers", types="exchange") else: erruserlist = list() for i in groupmembersvaluelist: if i != "": memberadvalue = adapi().Initialapi_noskey( "ObjectExists", objectName=i, catalog="user") if memberadvalue: addreturnvalue = adapi().Initialapi( "AddUserToGroup", sAMAccountName=i, groupname=itgroupname) log.log(returnid=1, username=username, ip=ip, message="添加" + itgroupname + "收件人权限" + str(i), returnparameters=str(addreturnvalue), issuccess=1, methodname="addgroupmembers", types="exchange") if not ( addreturnvalue['isSuccess'] ) and "对象已存在" not in addreturnvalue['message']: if i not in erruserlist: erruserlist.append(i) else: membergroupadvalue = adapi().Initialapi_noskey( "ObjectExists", objectName=i, catalog="group") if membergroupadvalue: addreturnvalue = adapi().Initialapi( "AddUserToGroup", sAMAccountName=i, groupname=itgroupname) log.log(returnid=1, username=username, ip=ip, message="添加" + itgroupname + "收件人权限" + str(i), returnparameters=str(addreturnvalue), issuccess=1, methodname="addgroupmembers", types="exchange") if not ( addreturnvalue['isSuccess'] ) and "对象已存在" not in addreturnvalue['message']: if i not in erruserlist: erruserlist.append(i) else: log.log(returnid=0, username=username, ip=ip, message="添加" + itgroupname + "收件人权限" + str(i), returnparameters="找不到" + str(i), issuccess=0, methodname="addgroupmembers", types="exchange") if i not in erruserlist: erruserlist.append(i) isSuccess = True message = ' '.join(erruserlist) lenerrorlist = len(erruserlist) result = { "isSuccess": isSuccess, "message": message, "lenerrorlist": lenerrorlist } response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response else: return HttpResponseRedirect('/', request) except Exception as e: return HttpResponseRedirect('/adminconfig/', request)
def access(request): try: username = request.session.get('username') displayname = request.session.get('displayname') ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) if username: internet_group_now = [] wifi_group_now = [] vpn_group_now = [] internet_group_now_des = [] wifi_group_now_des = [] vpn_group_now_des = [] internet_group_list = [] wifi_group_list = [] vpn_group_list = [] get_management_configurations = get_management_configuration() if get_management_configurations : if get_management_configurations.get('internet_group',''): internet_group_list= ast.literal_eval(get_management_configurations.get('internet_group','').replace("true", "'true'").replace("false", "'false'").replace("null", "'null'")) #上网权限, if get_management_configurations.get('wifi_group', ''): wifi_group_list = ast.literal_eval(get_management_configurations.get('wifi_group', '').replace("true", "'true'").replace("false", "'false'").replace("null", "'null'")) #无线权限 if get_management_configurations.get('vpn_group', ''): vpn_group_list = ast.literal_eval(get_management_configurations.get('vpn_group', '').replace("true", "'true'").replace("false", "'false'").replace("null", "'null'")) #VPN权限 #确定用户权限 #获取用户属性 GetobjectPropertys = adapi().Initialapi("GetobjectProperty", objects=username, objectClass='user') if GetobjectPropertys['isSuccess']: memberof = GetobjectPropertys['message'][0].get("memberof", '') if memberof: for member in memberof: for internet_group in internet_group_list: internet_group_name = internet_group.get("name",'') internet_group_cn = "CN=" + str(internet_group_name) + "," if internet_group_cn in member: internet_group_now.append(internet_group) for wifi_group in wifi_group_list: wifi_group_name = wifi_group.get("name",'') wifi_group_cn = "CN=" + str(wifi_group_name) + "," if wifi_group_cn in member: wifi_group_now.append(wifi_group) for vpn_group in vpn_group_list: vpn_group_name = vpn_group.get("name",'npne') vpn_group_cn = "CN=" + str(vpn_group_name) + "," if vpn_group_cn in member: vpn_group_now.append(vpn_group) if internet_group_list and internet_group_now: for internet_group_now_str in internet_group_now: internet_group_now_des.append(internet_group_now_str.get("description",'')) # internet_group_list.remove(internet_group_now_str) if wifi_group_list and wifi_group_now: for wifi_group_now_str in wifi_group_now: wifi_group_now_des.append(wifi_group_now_str.get("description", '')) # wifi_group_list.remove(wifi_group_now_str) if vpn_group_list and vpn_group_now: for vpn_group_now_str in vpn_group_now: vpn_group_now_des.append(vpn_group_now_str.get("description", '')) # vpn_group_list.remove(vpn_group_now_str ) return render_to_response('internetweb/access.html', locals()) else: return HttpResponseRedirect('/', request) except Exception as e: logmanager().log(returnid=0, username=username, ip=ip, message="access,网络权限申请页面:"+str(e), issuccess=0, methodname="access",returnparameters = str(request.POST), types="internet") return HttpResponseRedirect('/', request)
def run(self): account = getCloseaccount() log = logmanager() if account != '': for i in account: Closeaccount = i['jzcount'] id = i['id'] #数据库ID status = '4' # 4到期自动关闭 nowdeadtime = datetime.datetime.now().strftime( '%Y-%m-%d %H:%M:%S') #当前时间 jzound = get_PermissionsGrops()['jz_account_dn'] #获取兼职DN jzcountdn = adapi().Initialapi('ObjectExistsOU', objectName=Closeaccount, catalog='user', ouname=jzound) #判断账号是否在兼职账号OU中 property = adapi().Initialapi('GetuseraccountExpires', objects=Closeaccount) if property['isSuccess']: propertydate = property['message'] #从AD中获取账号到期时间 propertydate = datetime.datetime.strptime( propertydate, "%Y/%m/%d %H:%M:%S") # 将时间字符串转换成datetime.date形式 propertydate = propertydate.strftime( '%Y-%m-%d %H:%M:%S') # 将datetime.date形式 转换成字符串 if jzcountdn == True and propertydate <= nowdeadtime: dejzcount = adapi().Initialapi('delaccount', username=Closeaccount) log.log(returnid=1, username='******', message=Closeaccount + '调用API删除账号,状态未知', methodname="Close_account", types="AD", issuccess=1) if dejzcount['isSuccess']: log.log(returnid=1, username='******', message=Closeaccount + '账号删除成功', methodname="Close_account", types="AD", issuccess=1) updel_jzcountid(status, id) else: print('账号删除失败') log.log(returnid=0, username='******', message=Closeaccount + '账号删除失败', methodname="Close_account", types="AD", issuccess=0) else: print('账号不在特定OU或账号在AD中未到期') log.log(returnid=0, username='******', message=Closeaccount + '删除失败,账号不在特定OU或账号在AD中未到期', methodname="Close_account", types="AD", issuccess=0) else: print('未知错误') log.log(returnid=0, username='******', message=Closeaccount + '未知错误', methodname="Close_account", types="AD", issuccess=0) else: print('账号为空')
def userindexvalueshow(request): log = logmanager() username = request.session.get('username') displayname = request.session.get('displayname') ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) isSuccess = False message = {} if username: try: uservalue = adapi().Initialapi("GetobjectProperty", objects=username, objectClass="user") if uservalue['isSuccess']: userdisplayname = uservalue['message'][0]['displayName'] usermail = uservalue['message'][0]['mail'] PasswordExpirationDate = uservalue['message'][0][ 'PasswordExpirationDate'] usermemberof = uservalue['message'][0]['memberof'] usermemberoflist = list() usermemberoflastlist = list() userip = ip strtype = "" listtype = list() if type(usermemberof) == type(strtype) or type( usermemberof) == type(listtype): if type(usermemberof) == type(strtype): usermemberoflist.append(usermemberof) else: usermemberoflist = usermemberof li = list() rows = list() for i in usermemberoflist: t = MyThread(i) li.append(t) t.start() for t in li: t.join() usermemberoflastlist.append(t.get_result()) usermaillist = list() userinternetlist = list() userwifilist = list() uservpnlist = list() for i in usermemberoflastlist: if i['mail'] != None: usermaillist.append({ "displayname": i['displayName'], "mail": i['mail'] }) internet_group = ast.literal_eval( get_management_configuration()['internet_group']) for internet_group_one in internet_group: if internet_group_one['name'].lower( ) == i['sAMAccountName'].lower(): userinternetlist.append( internet_group_one['description']) wifi_group = ast.literal_eval( get_management_configuration()['wifi_group']) for wifi_group_one in wifi_group: if wifi_group_one['name'].lower( ) == i['sAMAccountName'].lower(): userwifilist.append(wifi_group_one['description']) vpn_group = ast.literal_eval( get_management_configuration()['vpn_group']) for vpn_group_one in vpn_group: if vpn_group_one['name'].lower( ) == i['sAMAccountName'].lower(): uservpnlist.append(vpn_group_one['description']) isSuccess = True message = { "userdisplayname": userdisplayname, "usermail": usermail, "usermaillist": usermaillist, "userinternetlist": userinternetlist, "userwifilist": userwifilist, "uservpnlist": uservpnlist, "ip": ip, "PasswordExpirationDate": PasswordExpirationDate } except Exception as e: isSuccess = False message = {} result = {'isSuccess': isSuccess, "message": message} return HttpResponse(json.dumps(result, cls=DatetimeEncoder), content_type="application/json") else: return HttpResponseRedirect('/', request)
def run(self): for i in range(len(self.firstcelllist)): sameadaccount = checkdiretorissamerelation(self.firstcelllist[i]) sameadaccount_director_adaccount = sameadaccount.get( 'director_adaccount', '') #主管的AD账号 sameadaccount_relation_adaccount = sameadaccount.get( 'relation_adaccount', '') # 文件夹管理员的AD账号 sameadaccount_authority_applicant = sameadaccount.get( 'authority_applicant', '') # 申请人的AD账号 sameadaccount_username = sameadaccount.get('username', '') # 使用人的AD账号 sameadaccount_group_name = sameadaccount.get('group_name', '') # 组名 #判断主管和文件夹管理员 or 文件夹管理员和申请人,使用人 是同一人 if sameadaccount_director_adaccount == sameadaccount_relation_adaccount or sameadaccount_relation_adaccount == sameadaccount_username or sameadaccount_relation_adaccount == sameadaccount_authority_applicant: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') approvalresult = directorapproval('1', now, '1', self.firstcelllist[i]) relationapprovalresult = relationapprovaldb( '1', now, '2', self.firstcelllist[i]) if relationapprovalresult == 1 and approvalresult == 1: #添加权限组 AddUserToGroups = adapi().Initialapi( "AddUserToGroup", sAMAccountName=sameadaccount_username, groupname=sameadaccount_group_name) if AddUserToGroups[ 'isSuccess'] or "对象已存在" in AddUserToGroups[ 'message']: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') opresult = operate(now, '3', self.firstcelllist[i]) else: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') opresults = operate(now, '6', self.firstcelllist[i]) else: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') opresults = operate(now, '6', self.firstcelllist[i]) else: now = datetime.now().strftime('%Y-%m-%d %H:%M:%S') approvalresult = directorapproval('1', now, '1', self.firstcelllist[i]) if len(self.firstcelllist) == 1: oneusername = showrelationemail(self.firstcelllist[0], 1) #主管已审批,发送给文件夹关联人 threeusername = showrelationemail(self.firstcelllist[0], 3) #权限已开通,发送给用户 else: oneusername = checkusernameissamerelation(tuple( self.firstcelllist), 1) # #主管已审批,发送给文件夹关联人 threeusername = checkusernameissamerelation( tuple(self.firstcelllist), 3) # #权限已开通,发送给用户 if oneusername: #主管已审批,发送给文件夹关联人 relation_adaccounts = list() for i in range(len(oneusername)): relation_adaccounts.append( oneusername[i]['relation_adaccount']) for x in relation_adaccounts: while relation_adaccounts.count(x) > 1: del relation_adaccounts[relation_adaccounts.index( x)] # 去除文件夹管理员AD 的重复项 for relation_adaccount in relation_adaccounts: emaillists = showrelationadaccountemail(relation_adaccount) subject = u'文件夹权限_文件夹管理员审批' email_data = {'emaillists': emaillists} template = "dfsweb/common/relationemail.html" GetobjectPropertys = adapi().Initialapi( "GetobjectProperty", objects=relation_adaccount, objectClass='user') if GetobjectPropertys['isSuccess']: mail = GetobjectPropertys['message'][0].get("mail", "") if mail: to_list = [mail] send_email_by_template(subject, template, email_data, to_list) if threeusername: ##权限已开通,发送给用户 sucapproval_usernames = list() for i in range(len(threeusername)): sucapproval_usernames.append(threeusername[i]['username']) for x in sucapproval_usernames: while sucapproval_usernames.count(x) > 1: del sucapproval_usernames[sucapproval_usernames.index( x)] # 去除文件夹管理员AD 的重复项 if len(self.firstcelllist) == 1: subject = u'文件夹权限_权限已开通' email_data = {'emaillists': threeusername} template = "dfsweb/common/successmail.html" GetobjectPropertys = adapi().Initialapi( "GetobjectProperty", objects=threeusername[0]['username'], objectClass='user') if GetobjectPropertys['isSuccess']: mail = GetobjectPropertys['message'][0].get("mail", "") if mail: to_list = [mail] send_email_by_template(subject, template, email_data, to_list) else: for sucapproval_username in sucapproval_usernames: emaillists = showidemail(tuple(self.firstcelllist), sucapproval_username) subject = u'文件夹权限_权限已开通' email_data = {'emaillists': emaillists} template = "dfsweb/common/successmail.html" GetobjectPropertys = adapi().Initialapi( "GetobjectProperty", objects=sucapproval_username, objectClass='user') if GetobjectPropertys['isSuccess']: mail = GetobjectPropertys['message'][0].get("mail", "") if mail: to_list = [mail] send_email_by_template(subject, template, email_data, to_list)