def __init__(self): mysqlallvalue = dbinfo_select_global_configuration()[0] self.iisip = 'http://'+str(mysqlallvalue['iis_ip'])+':'+str(mysqlallvalue['iis_port'])+'/api/Adapi/' self.testiisip = 'http://localhost:22238/api/Adapi/' self.addomain = str(mysqlallvalue['ad_domain']) self.exdomain = str(mysqlallvalue['ex_domain']) self.skey = admd5()
def userisinitgroup(username): mysqlallvalue = dbinfo_select_global_configuration()[0] it_group = mysqlallvalue['it_group'] if it_group == '' or it_group == None or it_group == "None": return False else: if sel_account_to_group(username, it_group): return True else: return False
def serverip(): #ipvalue = 'http://localhost:55823/api/adapi/' try: mysqlallvalue = dbinfo_select_global_configuration()[0] iisip = str(mysqlallvalue['iis_ip']) iisport = str(mysqlallvalue['iis_port']) ipvalue = 'http://' + iisip + ':' + iisport + '/api/Adapi/' except Exception as e: ipvalue = '没有获取到url' return ipvalue
def __init__(self, adusername, level_id_list, read_m_list, account_list): self.adusername = adusername #当前登陆用户的AD self.level_id_list = level_id_list # 目录ID# self.read_m_list = read_m_list ##list self.account_list = account_list # AD账号 mysqlallvalue = dbinfo_select_global_configuration() if mysqlallvalue: self.domain = str(mysqlallvalue[0]['ad_domain']) else: self.domain = "test" threading.Thread.__init__(self)
def adminconfig(request): username = request.session.get('username') if username.lower() != 'administrator': return HttpResponseRedirect('/portal/', request) displayname = request.session.get('displayname') mysqlipvalue = readprofile('mysql', 'ip') mysqlusernamevalue = readprofile('mysql', 'username') mysqlPortevalue = readprofile('mysql', 'Port') mysqlPasswordvalue = readprofile('mysql', 'Password') if mysqlipvalue != 'None' and mysqlipvalue != "" and mysqlipvalue != None: mysqlallvalue = dbinfo_select_global_configuration()[0] iis_ip = mysqlallvalue['iis_ip'] if iis_ip == '' or iis_ip == None: iis_ip = 'None' iis_port = mysqlallvalue['iis_port'] if iis_port == '' or iis_port == None: iis_port = 'None' ad_ip = mysqlallvalue['ad_ip'] if ad_ip == '' or ad_ip == None: ad_ip = 'None' ad_account = mysqlallvalue['ad_account'] if ad_account == '' or ad_account == None: ad_account = 'None' ad_password = mysqlallvalue['ad_password'] if ad_password == '' or ad_password == None: ad_password = '******' ad_domain = mysqlallvalue['ad_domain'] if ad_domain == '' or ad_domain == None: ad_domain = 'None' ad_path = mysqlallvalue['ad_path'] if ad_path == '' or ad_path == None: ad_path = 'None' ex_ip = mysqlallvalue['ex_ip'] if ex_ip == '' or ex_ip == None: ex_ip = 'None' ex_account = mysqlallvalue['ex_account'] if ex_account == '' or ex_account == None: ex_account = 'None' ex_password = mysqlallvalue['ex_password'] if ex_password == '' or ex_password == None: ex_password = '******' ex_domain = mysqlallvalue['ex_domain'] if ex_domain == '' or ex_domain == None: ex_domain = 'None' it_group = mysqlallvalue['it_group'] if it_group == '' or it_group == None: it_group = 'None' # ad_ips = mysqlallvalue['ad_ips'] # if ad_ips == '' or ad_ips == None or ad_ips == "None": # ad_ips = 'None' # else: # ad_ips = ad_ips.split(",") return render_to_response('admin/adminindex.html', locals())
def updateconfigall(request): post = request.POST WiFiname = post.getlist("WiFiname") WiFilist = post.getlist("WiFilist") vnplist = post.getlist("vnplist") vpnname = post.getlist("vpnname") networklist = post.getlist("networklist") networkname = post.getlist("networkname") inputpubmailou = post.get("inputpubmailou") inputmailgroupou = post.get("inputmailgroupou") inputpwdlen = post.get("inputpwdlen") inputjzou = post.get("inputjzou") inputjzgroup = post.get("inputjzgroup") inputunlockgroup = post.get("inputunlockgroup") inputpubmailDB = post.get("inputpubmailDB") inputpubmaillanwei = post.get("inputpubmaillanwei") inputewge = 'regex:^(?![a-zA-Z]+$)(?![A-Z0-9]+$)(?![A-Z\W_]+$)(?![a-z0-9]+$)(?![a-z\W_]+$)(?![0-9\W_]+$)[a-zA-Z0-9\W_]{' + inputpwdlen + ',}$;' inputips = '至少有' + inputpwdlen + '个字符长' try: ad_domain = dbinfo_select_global_configuration()[0]['ad_domain'] network = list() vpn = list() wifi = list() for i in range(len(WiFiname)): wifi.append({"description": WiFiname[i], "name": WiFilist[i]}) for i in range(len(vpnname)): vpn.append({"description": vpnname[i], "name": vnplist[i]}) for i in range(len(networkname)): network.append({ "description": networkname[i], "name": networklist[i] }) savecon = update_config(ad_domain, str(network), str(vpn), str(wifi), inputpubmailou, inputmailgroupou, inputewge, inputips, inputjzou, inputjzgroup, inputunlockgroup, inputpubmailDB, inputpubmaillanwei, inputpwdlen) if savecon == (): status = True else: status = False except Exception as e: status = False result = {'status': status} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def __init__(self): management_configuration = get_management_configuration() self.dfs_api = management_configuration.get("dfs_api", "") self.dfs_manager = management_configuration.get("dfs_manager", "") self.dfs_group = management_configuration.get("dfs_group", "") self.Basic_authority = management_configuration.get( "Basic_authority", "") self.AD_time = management_configuration.get("AD_time", "") mysqlallvalue = dbinfo_select_global_configuration() if mysqlallvalue: mysqlallvalue = mysqlallvalue[0] self.addomain = str(mysqlallvalue['ad_domain']) self.exdomain = str(mysqlallvalue['ex_domain']) self.dict = setkey() self.signature = self.dict.get("signature", '') self.timestamp = self.dict.get("timestamp", '') self.nonce = self.dict.get("nonce", '')
def index(request): try: username = request.session.get('username') displayname = request.session.get('displayname') if username: sel_account_to_groups = False app_director_count = showmyapproval_count(username) #显示主管需要的审批数量 app_relation_count = showrelationapproval_count( username) #显示文件夹管理员需要的审批数量 app_relation = showlevel2byusername(username) #是不是文件夹管理员 global_configuration = dbinfo_select_global_configuration() # 查找数据 if global_configuration: it_group = global_configuration[0].get("it_group", '') sel_account_to_groups = sel_account_to_group( username, it_group) #是不是DFS管理员 True return render_to_response('index.html', locals()) else: return HttpResponseRedirect('/', request) except: return HttpResponseRedirect('/', request)
def changeadminpwd(request): try: post = request.POST adminoldpwd = post.get("adminoldpwd") adminnewpwd = post.get("adminnewpwd") adminrealnewpwd = post.get("adminrealnewpwd") username = request.session.get('username') if username.lower() == "administrator": if adminoldpwd != '' and adminnewpwd != '' and adminrealnewpwd != '': if adminnewpwd == adminrealnewpwd: adminsqlpassword = dbinfo_select_global_configuration( )[0]['adminpwd'] if adminsqlpassword == '' or adminsqlpassword == None or adminsqlpassword == "None": adminoldassword = administratorpassword else: adminoldassword = adminsqlpassword if check_password(adminoldpwd, adminoldassword): realpassword = make_password(adminnewpwd) dbinfo_insert_adminvalue(realpassword) isSuccess = 1 message = '' else: isSuccess = 0 message = "请输入正确的密码" else: isSuccess = 0 message = "两次密码不一致" else: isSuccess = 0 message = "请输入完整" else: isSuccess = 0 message = "越权" except Exception as e: isSuccess = 0 message = "系统异常" result = {'isSuccess': isSuccess, "message": message} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def psdpubmailset(request): log = logmanager() ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) username = request.session.get('username') samcoun = request.POST.get('samcoun') mailaddress = request.session.get('mail') try: configsql = getmailou_new() publicmailconfig = configsql[0]['pubmailou'] pubmailfence = configsql[0]['pubmailfence'] if pubmailfence != "" and pubmailfence != None: pubmailfencelastvalue = pubmailfence else: pubmailfencelastvalue = "physicalDeliveryOfficeName" if publicmailconfig != "" and publicmailconfig != None: ad_path = publicmailconfig else: ad_path = dbinfo_select_global_configuration()[0]['ad_path'] publicmailvalue = adapi().postapi( 'GetUserFromLdap', ldaps= '(&(objectCategory=person)(objectClass=user)(mail=*) (sAMAccountName=' + samcoun + '))', path=ad_path) if publicmailvalue['isSuccess'] and publicmailvalue['Count'] != 0: publicmailvaluemessage = publicmailvalue['message'][0] managervalue = publicmailvaluemessage.get( pubmailfencelastvalue.lower(), [None])[0] if managervalue.lower() == username.lower(): passwd = genpwd() message = adapi().Initialapi('ResetPasswordByOU', username=samcoun, newpassword=passwd) if message['isSuccess']: subject = u'公共邮箱密码重置' emaillists = '您的公共邮箱:' + samcoun + '已经重置密码,新密码为' + passwd + ',请妥善保管密码,并同步给使用此公共邮箱的同事' email_data = {'emaillists': emaillists} template = "mailmould/sendmailpassword.html" to_list = [mailaddress] send_email_by_template(subject, template, email_data, to_list) log.log(returnid=1, username=username, ip=ip, message=username + "重置公共邮箱密码", returnparameters='密码修改成功', issuccess=1, methodname="psdpubmailset", types="AD") else: message = { 'message': { 'message': '重置失败。' }, 'isSuccess': False } log.log(returnid=0, username=username, ip=ip, message=username + "重置公共邮箱密码", returnparameters=str(message), issuccess=0, methodname="psdpubmailset", types="AD") else: message = {'message': {'message': '越权操作。'}, 'isSuccess': False} except Exception as e: message = {'message': {'message': '异常。'}, 'isSuccess': False} print(e) log.log(returnid=0, username=username, ip=ip, message=username + "重置公共邮箱密码", returnparameters=str(e), issuccess=0, methodname="psdpubmailset", types="AD") result = message response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def updatepubmess(request): log = logmanager() username = request.session.get('username') ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) pubmailadd = request.POST.get('pubmailadd') samcoun = request.POST.get('sancount') displaypub = request.POST.get('displaypub') pbmanger = request.POST.get('pbmanger') oldmanger = request.POST.get('oldmanger') try: configsql = getmailou_new() publicmailconfig = configsql[0]['pubmailou'] pubmailfence = configsql[0]['pubmailfence'] if pubmailfence != "" and pubmailfence != None: pubmailfencelastvalue = pubmailfence else: pubmailfencelastvalue = "physicalDeliveryOfficeName" if publicmailconfig != "" and publicmailconfig != None: ad_path = publicmailconfig else: ad_path = dbinfo_select_global_configuration()[0]['ad_path'] publicmailvalue = adapi().postapi( 'GetUserFromLdap', ldaps= '(&(objectCategory=person)(objectClass=user)(mail=*) (sAMAccountName=' + samcoun + '))', path=ad_path) if publicmailvalue['isSuccess'] and publicmailvalue['Count'] != 0: publicmailvaluemessage = publicmailvalue['message'][0] managervalue = publicmailvaluemessage.get( pubmailfencelastvalue.lower(), [None])[0] if managervalue.lower() == username.lower(): if oldmanger.lower() != pbmanger.lower(): usermail = adapi().Initialapi('GetobjectProperty', objects=pbmanger.lower(), objectClass='user') pnmangermail = usermail['message'][0]['mail'] setdisname = adapi().Initialapi('SetuserProperty', username=samcoun, PropertyName='displayName', PropertyValue=displaypub) setmanger = adapi().Initialapi( 'SetuserProperty', username=samcoun, PropertyName='physicalDeliveryOfficeName', PropertyValue=pbmanger) if setdisname['isSuccess'] and setmanger['isSuccess']: log.log(returnid=1, ip=ip, message=username + "修改公共邮箱属性,修改管理者为" + pbmanger + '修改显示名称' + displaypub, issuccess=1, inparameters=str(setdisname) + str(setmanger), methodname="updatepubmess", types="exchange") subject = u'公共邮箱更改' emaillists = '您已经拥有公共邮箱:' + pubmailadd + '的权限,如果想要重置密码,请登录平台重置该公共邮箱的密码! ' email_data = {'emaillists': emaillists} template = "mailmould/sendmailpassword.html" to_list = [pnmangermail] send_email_by_template(subject, template, email_data, to_list) status = 1 else: log.log(returnid=0, ip=ip, message=username + "修改公共邮箱属性,修改管理者为" + pbmanger + '修改显示名称' + displaypub, issuccess=0, inparameters=str(setdisname) + str(setmanger), methodname="updatepubmess", types="exchange") status = 2 else: setdisname = adapi().Initialapi('SetuserProperty', username=samcoun, PropertyName='displayName', PropertyValue=displaypub) if setdisname['isSuccess']: log.log(returnid=1, ip=ip, message=username + "修改公共邮箱属性,修改显示名称" + displaypub, issuccess=1, inparameters=str(setdisname), methodname="updatepubmess", types="exchange") status = 1 else: log.log(returnid=0, ip=ip, message=username + "修改公共邮箱属性,修改显示名称" + displaypub, issuccess=0, inparameters=str(setdisname), methodname="updatepubmess", types="exchange") status = 2 else: status = 2 except Exception as e: log.log(returnid=0, ip=ip, message=username + "修改公共邮箱属性,修改显示名称" + displaypub, issuccess=0, inparameters=str(e), methodname="updatepubmess", types="exchange") print(e) result = {'status': status} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def mailcountdel(request): log = logmanager() username = request.session.get('username') ip = request.META.get('HTTP_X_FORWARDED_FOR', request.META['REMOTE_ADDR']) count = request.POST.get('count') try: configsql = getmailou_new() publicmailconfig = configsql[0]['pubmailou'] pubmailfence = configsql[0]['pubmailfence'] if pubmailfence != "" and pubmailfence != None: pubmailfencelastvalue = pubmailfence else: pubmailfencelastvalue = "physicalDeliveryOfficeName" if publicmailconfig != "" and publicmailconfig != None: ad_path = publicmailconfig else: ad_path = dbinfo_select_global_configuration()[0]['ad_path'] publicmailvalue = adapi().postapi( 'GetUserFromLdap', ldaps= '(&(objectCategory=person)(objectClass=user)(mail=*) (sAMAccountName=' + count + '))', path=ad_path) if publicmailvalue['isSuccess'] and publicmailvalue['Count'] != 0: publicmailvaluemessage = publicmailvalue['message'][0] managervalue = publicmailvaluemessage.get( pubmailfencelastvalue.lower(), [None])[0] if managervalue.lower() == username.lower(): message = adapi().Initialapi('SetuserProperty', username=count, PropertyName='userAccountControl', PropertyValue=514) if message['isSuccess']: status = 1 log.log(returnid=0, ip=ip, message=username + "删除公共邮箱成功" + count, issuccess=0, inparameters=str(publicmailvalue), methodname="mailcountdel", types="exchange") else: log.log(returnid=0, ip=ip, message=username + "删除公共邮箱失败" + count, issuccess=0, inparameters=str(publicmailvalue), methodname="mailcountdel", types="exchange") status = 2 else: status = 2 log.log(returnid=0, ip=ip, message=username + "越权" + count, issuccess=0, inparameters=str(publicmailvalue), methodname="mailcountdel", types="exchange") else: status = 2 log.log(returnid=0, ip=ip, message=username + "为查询到公共邮箱,疑似越权" + count, issuccess=0, inparameters=str(publicmailvalue), methodname="mailcountdel", types="exchange") except Exception as e: status = 2 log.log(returnid=0, ip=ip, message=username + "删除公共邮箱异常" + count, issuccess=0, inparameters=str(e), methodname="mailcountdel", types="exchange") print(e) result = {'status': status} response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response
def serverip_new(): mysqlallvalue = dbinfo_select_global_configuration()[0] iisip = str(mysqlallvalue['iis_ip']) iisport = str(mysqlallvalue['iis_port']) ipvalue = 'http://'+iisip+':'+iisport+'/api/Adapi/' return ipvalue
def admd5(): mysqlallvalue = dbinfo_select_global_configuration()[0] skey = mysqlallvalue['skey'] return skey
def userlogin(request): post = request.POST username = post.get("Username") password = post.get("Password") returnbackurl = request.session.get("returnbackurl") try: if not returnbackurl: returnbackurl = r'/' if username: if password: if username.lower() == 'administrator': # adminpassword = make_password('ITPortal...123') if not dbinfo_select_global_configuration(): adminoldassword = administratorpassword else: adminsqlpassword = dbinfo_select_global_configuration( )[0]['adminpwd'] if adminsqlpassword == '' or adminsqlpassword == None or adminsqlpassword == "None": adminoldassword = administratorpassword else: adminoldassword = adminsqlpassword if check_password(password, adminoldassword): request.session['username'] = '******' request.session['displayname'] = '超级管理员' request.session['titleshow'] = 'IT开放平台' status = { 'backurl': '/adminconfig/', 'status': 'success' } else: status = {'backurl': '', 'status': 'errorpasswd'} else: loginvalue = adapi().Initialapi('VerifyUserLogin', username=username, password=password) if loginvalue['isSuccess']: request.session['username'] = username.lower() request.session['displayname'] = loginvalue['message'][ 'name'] # tltile = shwotitle() # if tltile == None or tltile ==False : # request.session['titleshow']='IT开放平台' # else: # request.session['titleshow'] = shwotitle()['title'] request.session['jobnumber'] = loginvalue['message'][ 'jobnumber'] request.session['givenName'] = loginvalue['message'][ 'givenName'] request.session['DN'] = loginvalue['message']['DN'] request.session['description'] = loginvalue['message'][ 'description'] request.session['guid'] = loginvalue['message']['guid'] request.session['mail'] = loginvalue['message']['mail'] request.session['sn'] = loginvalue['message']['sn'] request.session['returnbackurl'] = '' status = { 'backurl': returnbackurl, 'status': 'success' } else: status = {'backurl': '', 'status': 'errorpasswd'} else: status = {'backurl': '', 'status': 'nopassword'} else: status = {'backurl': '', 'status': 'nouser'} except Exception as e: status = {'backurl': '', 'status': 'error'} result = status response = HttpResponse() response['Content-Type'] = "text/javascript" response.write(json.dumps(result)) return response