def isAdminHaveModules(offset1):
if offset1 in (
'admin',
'adapter',
'smtp',
'storagemgr',
'quotamgr',
'update',
'serversadminmgr',
'license',
'system',
'setweixin',
'operationlog',
'updatelog',
'adminstoragestatus',
'devicestatus',
'tunnel',
'debug',
'linuxcompatible',
'linuxinternalcompatible',
):
return True
if offset1 in ('offlinestorage', ) and hasFunctional('offlineStorage'):
return True
if offset1 in ('user', ) and not hasFunctional('nouser_mgr'):
return True
if offset1 in (
'volumepool',
'libraryinfo',
'tapasmgr',
) and (is_functional_visible('importExport')):
return True
return False
def getserverid(request):
agentserverid = request.GET.get('agentserverid', 'none')
if hasFunctional('clw_desktop_aio'):
if _is_dest_host_in_audit(agentserverid):
return HttpResponse(json.dumps({'r': 2, 'e': '恢复目标正在等待审批'}, ensure_ascii=False))
rspn = Agent2Pe().post(request=request, host_ident=agentserverid, api_request={})
if status.is_success(rspn.status_code):
return HttpResponse('{"r":"0","e":"操作成功","serverid":"%s","destserverid":"%s"}' % (agentserverid, rspn.data))
return HttpResponse(json.dumps({'r': 1, 'e': rspn.data}, ensure_ascii=False))
def modifyfileText(tfile, sstr, rstr):
try:
file_object = open(tfile, 'r')
lines = file_object.readlines()
file_object.close()
flen = len(lines)
for i in range(flen):
if sstr in lines[i]:
lines[i] = lines[i].replace(sstr, rstr)
file_object = open(tfile, 'w')
file_object.writelines(lines)
if hasFunctional('closeagentcompress'):
file_object.writelines('\nAgent.PostDataQLZ=0')
file_object.close()
except Exception as e:
pass
def ON_createNewHost(user_id, host_ident):
if not hasFunctional('clw_desktop_aio'):
return
storage_node_ident = _get_storage_node_ident(user_id)
if storage_node_ident is None:
# 没有存储节点
return
host_group = HostGroup.objects.filter(name=all_host_group_name, user_id=user_id)
if host_group:
host_group = host_group.first()
else:
host_group = HostGroup.objects.create(name=all_host_group_name, user_id=user_id)
host = Host.objects.get(ident=host_ident)
host_group.hosts.add(host)
gs_list = GroupBackupTaskSchedule.objects.filter(host_group=host_group)
# 创建备份计划
if gs_list:
gs = gs_list.first()
schedule = gs.schedules.first()
hostId = host.id
planName = '{}({})'.format(gs.name, uuid.uuid4().hex)
params = {"host": hostId, "name": planName, "storage_device_type": 1,
"cycle_type": schedule.cycle_type, "plan_start_date": schedule.plan_start_date,
"backup_source_type": schedule.backup_source_type, "ext_config": schedule.ext_config,
'storage_node_ident': schedule.storage_node_ident, 'enabled': schedule.enabled}
respn = BackupTaskSchedules().post(request=None, api_request=params)
plan_id = respn.data['id']
gs.schedules.add(BackupTaskSchedule.objects.get(id=plan_id))
else:
gs = GroupBackupTaskSchedule.objects.create(name="自动创建的备份计划",
user_id=user_id,
host_group_id=host_group.id,
type=GroupBackupTaskSchedule.SCHEDULE_TYPE_BACKUP_TASK)
hostId = host.id
planName = '{}({})'.format(gs.name, uuid.uuid4().hex)
ext_config = r'{"backupDataHoldDays": 30, "backupLeastNumber": 5, "autoCleanDataWhenlt": 200, "cdpDataHoldDays": 7, "maxBroadband": 300, "cdpSynchAsynch": 1, "backupDayInterval": 86400, "daysInWeek": [], "daysInMonth": [], "removeDuplicatesInSystemFolder": true, "incMode": 2, "exclude": [], "IntervalUnit": "day", "data_keeps_deadline_unit": "month", "diskreadthreadcount": 4, "backup_retry": {"enable": true, "count": 5, "interval": 10}, "BackupIOPercentage": 30, "nas_protocol": null, "nas_username": null, "nas_password": null, "nas_exclude_dir": null, "nas_path": null, "enum_threads": -1, "sync_threads": -1, "cores": -1, "memory_mbytes": -1, "net_limit": -1, "enum_level": -1, "sync_queue_maxsize": -1, "nas_max_space_val": -1, "nas_max_space_unit": "", "nas_max_space_actual": -1}'
params = {"host": hostId, "name": planName, "storage_device_type": 1,
"cycle_type": BackupTaskSchedule.CYCLE_PERDAY, "plan_start_date": timezone.now(),
"backup_source_type": BackupTaskSchedule.BACKUP_DISKS, "ext_config": ext_config,
'storage_node_ident': storage_node_ident, 'enabled': True}
respn = BackupTaskSchedules().post(request=None, api_request=params)
plan_id = respn.data['id']
gs.schedules.add(BackupTaskSchedule.objects.get(id=plan_id))
def get_oem_info():
oem = dict()
oem_ini_path = r'/var/www/static/OEM/oem.ini'
config = configparser.ConfigParser()
try:
config.read(oem_ini_path, 'gb2312')
except Exception as e:
config.read(oem_ini_path, 'utf-8')
if 'res' not in config:
config['res'] = dict()
topsecret = config['res']
if hasFunctional('clw_desktop_aio'):
oem['title'] = topsecret.get("title", "科力锐桌面保障恢复系统")
oem['base_html'] = topsecret.get("base_html", "_base_desktop.html")
else:
oem['title'] = topsecret.get("title", "智动全景灾备系统")
oem['base_html'] = topsecret.get("base_html", "_base.html")
oem['company'] = topsecret.get("company", "科力锐")
oem['prefix'] = topsecret.get("prefix", "ClwDR")
return oem
def needloginview(request, offset1, offset2, param):
"通用页面"
adict = dict()
set_response_context(request, offset1, offset2, adict)
adict['title'] = param['title']
adict['company'] = param['company']
adict['right_body'] = offset1 + '_body'
adict['is_superuser'] = request.user.is_superuser
if request.user.is_superuser:
user_type = 'sec-admin'
else:
user_type = request.user.userprofile.user_type
adict['user_type'] = user_type
if adict['user_type'] == 'sec-admin':
if get_separation_of_the_three_members(
).is_separation_of_the_three_members_available():
adict['user_type_name'] = '安全保密管理员'
elif hasFunctional('clw_desktop_aio'):
adict['user_type_name'] = '系统管理员'
else:
adict['user_type_name'] = '超级管理员'
elif adict['user_type'] == 'normal-admin':
if hasFunctional('clw_desktop_aio'):
adict['user_type_name'] = '业务管理员'
else:
adict['user_type_name'] = '系统管理员'
elif adict['user_type'] == 'aud-admin':
adict['user_type_name'] = '安全审计管理员'
elif adict['user_type'] == 'audit-admin':
adict['user_type_name'] = '验证/恢复审批管理员'
else:
adict['user_type_name'] = 'unknown({})'.format(adict['user_type'])
url = offset1 + offset2 + '.html'
if not request.user.is_active or isSessionTimeout(request):
return user_logout(request, adict)
else:
request.session.set_expiry(0)
if offset2 != '_handle' and request.user.is_active and hasattr(
request.user, 'userprofile'):
if request.user.userprofile.user_type == UserProfile.CONTENT_ADMIN: # 拦截: 内容管理员, 且访问非_handle
if 'modify_entry' in request.GET: # 用户选择指定的"入口地址"
entry_id = request.GET['modify_entry']
return start_one_modify_task(request, entry_id)
else: # 获取用户可用的"入口地址"
entries = request.user.modify_entries.all()
admin = request.user.username
return render(request, 'webcontentmodifyentries.html', {
'entries': entries,
'admin': admin
})
if offset2 == '_body':
if offset1 == 'home':
if user_type == 'audit-admin':
url = 'audittask_body.html'
no_license = '(未授权)'
adict['now'] = timezone.now()
if offset1 in ('createbackup', 'mgrbackup', 'taskpolicy',
'clusterbackup'):
adict[
'remove_duplicates_in_system_folder_available'] = is_functional_available(
'remove_duplicates_in_system_folder')
if offset1 in ('createbackup', 'mgrbackup', 'taskpolicy', 'restore'):
adict['backupobj'] = hasFunctional('backupobj')
adict['page'] = offset1
if offset1 in ('validate', 'restore', 'takeover'):
if not is_functional_available('takeover'):
adict['takeover_license'] = no_license
adict['smbencrypt'] = hasFunctional('smbencrypt')
adict['temporary_takeover_visible'] = is_functional_visible(
'temporary_takeover')
if request.user.userprofile.modules & 65536 * 128 and is_functional_visible(
'takeover'):
adict['takeover'] = True
else:
adict['takeover'] = False
if request.user.userprofile.modules & 8:
adict['createtemplate'] = True
else:
adict['createtemplate'] = False
if offset1 in (
'migrate',
'restore',
'validate',
):
adict['no_fast_boot'] = hasFunctional('no_fast_boot')
adict['no_host_validate'] = hasFunctional('clw_desktop_aio')
if offset1 == 'validate':
adict['page'] = 'validate'
url = 'restore' + offset2 + '.html'
if offset1 == 'browsepoint':
adict['pointid'] = request.GET.get('pointid', 'none')
if offset1 == 'operationlog' or offset1 == 'serverlog':
adict['search'] = 1
adict['export'] = 1
adict['del'] = 1
adict['delall'] = 1
adict['log_entries'] = list(HostLog.LOG_TYPE_CHOICES)
if offset1 == 'operationlog' and not request.user.is_superuser:
adict['search'] = 0
adict['export'] = 0
adict['del'] = 0
adict['delall'] = 0
if request.user.userprofile.modules & 8192:
adict['search'] = 1
if request.user.userprofile.modules & 16384:
adict['export'] = 1
if request.user.userprofile.modules & 32768:
adict['del'] = 1
if request.user.userprofile.modules & 65536:
adict['delall'] = 1
if offset1 == 'serverlog' and not request.user.is_superuser:
adict['search'] = 0
adict['export'] = 0
adict['del'] = 0
adict['delall'] = 0
adict['tasktype'] = request.GET.get('tasktype', default='')
adict['taskid'] = request.GET.get('taskid', default='')
adict['servername'] = request.GET.get('servername', default='')
adict['stime'] = request.GET.get('stime', default='')
if request.user.userprofile.modules & 512:
adict['search'] = 1
if request.user.userprofile.modules & 1024:
adict['export'] = 1
if request.user.userprofile.modules & 2048:
adict['del'] = 1
if request.user.userprofile.modules & 4096:
adict['delall'] = 1
if offset1 == 'operationlog' and not request.user.is_superuser and request.user.userprofile.user_type == UserProfile.AUD_ADMIN:
adict['search'] = 1
adict['export'] = 1
if offset1 == 'operationlog':
if get_separation_of_the_three_members(
).is_separation_of_the_three_members_available():
adict['separation_of_the_three_members'] = 1
if request.user.is_superuser:
adict['user_type'] = 'sec-admin'
else:
adict['user_type'] = request.user.userprofile.user_type
if offset1 in (
'operationlog',
'updatelog',
'serverlog',
):
# 覆盖上面的设置
if get_separation_of_the_three_members().is_cannot_del_log():
adict['del'] = 0
adict['delall'] = 0
if offset1 in (
'remotebackup',
'mgrrebackup',
):
adict['remotebackup_license'] = ''
if not is_functional_available('remotebackup'):
adict['remotebackup_license'] = no_license
if offset1 in (
'createhotbackup',
'mgrhotbackup',
):
adict['hotBackup_license'] = ''
if not is_functional_available('hotBackup'):
adict['hotBackup_license'] = no_license
if offset1 in ('clusterbackup', ):
adict['clusterbackup_license'] = ''
if not is_functional_available('clusterbackup'):
adict['clusterbackup_license'] = no_license
if offset1 in (
'serversadminmgr',
'serversmgr',
):
adict['vmwarebackup_visible'] = is_functional_visible(
'vmwarebackup')
if offset1 == 'serversmgr':
if not request.user.userprofile.modules & 65536 * 512:
adict['vmwarebackup_visible'] = False
if offset1 in ('license', ):
from xdashboard.handle.authorize.authorize_init import AIO_NET_LIC_FLAG_FILE
if os.path.isfile(AIO_NET_LIC_FLAG_FILE):
adict['license_type'] = 'www'
adict['license_name'] = '互联网授权'
elif os.path.isfile(r'/usr/lib64/test_v2.so'):
adict['license_type'] = 'tdog'
adict['license_name'] = '加密狗授权'
else:
adict['license_type'] = 'aio'
adict['license_name'] = ''
if request.user.is_superuser:
if isAdminHaveModules(offset1):
return render_to_response(url, adict)
elif request.user.userprofile.user_type == UserProfile.AUD_ADMIN:
if isAudAdminHaveModules(offset1):
return render_to_response(url, adict)
elif request.user.userprofile.user_type == UserProfile.AUDIT_ADMIN:
if isAuditAdminHaveModules(offset1):
return render_to_response(url, adict)
elif type(request.user.userprofile.modules) == type(1):
if isHaveModules(offset1, request.user.userprofile.modules,
request.user.userprofile.user_type):
return render_to_response(url, adict)
return HttpResponse('<div class="right">没有权限</div>')
if offset2 == '_handle':
result = handleview(request, offset1)
result['Cache-Control'] = 'no-cache'
return result
if offset1 == 'novnc':
adict['id'] = request.GET['id']
return render_to_response("novnc.html", adict)
if offset1 == 'vnclite':
return render_to_response("vnc_lite.html", adict)
aList = list()
syspower = CSyspower()
aList = syspower.getSyspowerList(request.user)
adict['menulist'] = aList
if 'aioversion' in request.session:
adict['version'] = request.session['aioversion']
else:
request.session['aioversion'] = getAIOVersion()
adict['version'] = request.session['aioversion']
adict['now'] = timezone.now()
adict['nolinux'] = hasFunctional('nolinux')
add_recently_login_status(request, adict)
get_pwd_expire(request, adict)
adict['loginusername'] = request.user.username
adict['loginrealname'] = request.user.first_name
if os.path.isfile(r'/var/www/static/OEM/top_bg1.png'):
adict['top_bg1'] = r'/static/OEM/top_bg1.png'
else:
adict['top_bg1'] = r'/static/images/top_bg1.png'
if os.path.isfile(r'/var/www/static/OEM/top_bg2.png'):
adict['top_bg2'] = r'/static/OEM/top_bg2.png'
else:
adict['top_bg2'] = r'/static/images/top_bg2.png'
if os.path.isfile(r'/var/www/static/OEM/top_bg3.png'):
adict['top_bg3'] = r'/static/OEM/top_bg3.png'
else:
adict['top_bg3'] = r'/static/images/top_bg3.png'
adict['PREFIX_DR_CLIENT'] = xdata.PREFIX_DR_CLIENT
oem_info = json.loads(request.session['oem'])
return render_to_response(oem_info['base_html'], adict)
def isHaveModules(offset1, modules, user_type):
if offset1 in (
'home',
'decode',
):
return True
elif offset1 == 'webhome' and is_functional_visible('webguard'):
if modules & 65536 * 32:
return True
elif offset1 in ('createbackup', 'mgrbackup', 'taskpolicy',
'clusterbackup'):
if offset1 == 'clusterbackup' and (
not is_functional_visible('clusterbackup')
or not modules & 65536 * 2048):
return False
if modules & 2:
return True
elif offset1 in (
'restore',
'validate',
'takeover',
):
if modules & 4:
return True
elif offset1 == 'mgrtemplate':
if modules & 8:
return True
elif offset1 == 'migrate':
if modules & 32 and not hasFunctional('nomigrate_UI'):
return True
elif offset1 == 'destroy':
if modules & 64:
return True
elif offset1 in ('serversmgr', ):
if modules & 128:
return True
elif offset1 == 'sysset':
if modules & 256:
return True
elif offset1 == 'serverlog':
if modules & 512 or modules & 1024 or modules & 2048 or modules & 4096:
return True
elif offset1 == 'operationlog':
if modules & 8192 or modules & 16384 or modules & 32768 or modules & 65536:
return True
elif offset1 == 'safetyreport':
if modules & 65536 * 2:
return True
elif offset1 == 'storagestatus':
if modules & 65536 * 4:
return True
elif offset1 == 'devicestatus':
if modules & 65536 * 8:
return True
elif offset1 == 'tunnel':
if modules & 65536 * 16:
return True
elif offset1 in (
'webstrategies',
'webguardset',
'webautoplans',
'webemergency',
'switchemergency',
):
if modules & 65536 * 32:
return True
elif offset1 in (
'createhotbackup',
'mgrhotbackup',
'masterstandbyswitching',
):
if modules & 65536 * 64:
return True
elif offset1 in ('backupdataexport', 'backupdataimport',
'backupfileexport'):
if modules & 65536 * 4096:
return True
elif offset1 == 'emaillog':
if modules & 65536 * 1024:
return True
elif offset1 in (
'remotebackup',
'mgrrebackup',
):
return True
elif offset1 in (
'mgrvmclient',
'mgrvcenter',
) and is_functional_visible('vmwarebackup'):
if modules & 65536 * 512:
return True
elif offset1 in ('mgrnasbackup', ) and is_functional_visible('nas_backup'):
if modules & 65536 * 8192:
return True
elif offset1 in (
'autoverifytask',
'verifytaskreport',
'userverifyscript',
):
if modules & 65536 * 16384:
return True
elif offset1 == 'dashboard':
if hasFunctional(
'clw_desktop_aio') and user_type == UserProfile.NORMAL_USER:
return True
return False
def getBigVersion():
if hasFunctional('version1'):
return '1.0'
return '2.0'