def put(self, user_id): args = parser.parse_args() user = g.user_info["username"] if not args["mail"]: return { "status": False, "message": "The specified mail parameter does not exist" }, 200 db = DB() select_status, select_result = db.select( "user", "where data -> '$.username'='%s'" % args["username"]) if select_status is True and select_result: if select_result[0]["id"] != user_id: db.close_mysql() return { "status": False, "message": "The user name already exists" }, 200 status, result = db.select_by_id("user", user_id) if status is True and result: result["username"] = args["username"] result["mail"] = args["mail"] update_status, update_result = db.update_by_id( "user", json.dumps(result, ensure_ascii=False), user_id) db.close_mysql() if update_status is not True: logger.error("Change %s user info error: %s" % (user_id, update_result)) return {"status": False, "message": update_result}, 500 audit_log(user, user_id, "", "user", "change user info") return {"status": True, "message": ""}, 201 else: db.close_mysql() logger.error("Select user error: %s" % result) return {"status": False, "message": result}, 500
def post(self): args = parser.parse_args() args["id"] = uuid_prefix("p") user = g.user_info["username"] product = args db = DB() status, result = db.select( "product", "where data -> '$.name'='%s'" % args["name"]) if status is True: if len(result) == 0: insert_status, insert_result = db.insert( "product", json.dumps(product, ensure_ascii=False)) db.close_mysql() if insert_status is not True: logger.error("Add product error: %s" % insert_result) return {"status": False, "message": insert_result}, 500 audit_log(user, args["id"], "", "product", "add") return {"status": True, "message": ""}, 201 else: return { "status": False, "message": "The product name already exists" }, 200 else: logger.error("Select product name error: %s" % result) return {"status": False, "message": result}, 500
def post(self): args = parser.parse_args() salt_api = salt_api_for_product(args["product_id"]) user = g.user_info["username"] if isinstance(salt_api, dict): return salt_api, 500 else: if args["action"] == "kill" and args["jid"] and args["minion"]: for minion in args["minion"]: for minion_id, ppid in minion.items(): # 获取pgid 并杀掉 kill_ppid_pid = r'''ps -eo pid,pgid,ppid,comm |grep %s |grep salt-minion | awk '{print "kill -- -"$2}'|sh''' % ppid try: # kill_job = "salt %s saltutil.kill_job %s" % (minion_id, args["jid"]) # result = salt_api.shell_remote_execution(product.get("salt_master_id"), kill_job) # audit_log(user, args["jid"], args["product_id"], "job id", "kill") # logger.info("kill %s %s return: %s" % (minion, args["jid"], result)) audit_log(user, args["jid"], args["product_id"], "job id", "kill") # 通过kill -- -pgid 删除salt 相关的父进程及子进程 pid_result = salt_api.shell_remote_execution(minion_id, kill_ppid_pid) logger.info("kill %s %s return: %s" % (minion, kill_ppid_pid, pid_result)) except Exception as e: logger.info("kill %s %s error: %s" % (minion, args["jid"], e)) return {"status": True, "message": ""}, 200 else: return {"status": False, "message": "The specified jid or action or minion_id " "parameter does not exist"}, 400
def post(self): user = g.user_info["username"] args = parser.parse_args() args["id"] = uuid_prefix("u") db = DB() status, result = db.select( "user", "where data -> '$.username'='%s'" % args["username"]) if status is True: if len(result) == 0: # 默认新添加的用户都是默认用户 role_id = get_common_user() if isinstance(role_id, dict): return role_id args["role"].append(role_id) insert_status, insert_result = db.insert( "user", json.dumps(args, ensure_ascii=False)) db.close_mysql() if insert_status is not True: logger.error("Add user error: %s" % insert_result) return {"status": False, "message": insert_result}, 500 audit_log(user, args["id"], "", "user", "add") return {"status": True, "message": ""}, 201 else: db.close_mysql() return { "status": False, "message": "The user name already exists" }, 200 else: db.close_mysql() logger.error("Select user error: %s" % result) return {"status": False, "message": result}, 500
def post(self): args = parser.parse_args() command = args["command"] if not command: return { "status": False, "message": "Missing required parameter in the JSON body or " "the post body or the query string" }, 400 minion_id = args["minion_id"] salt_api = salt_api_for_product(args["product_id"]) user_info = g.user_info if isinstance(salt_api, dict): return salt_api, 500 acl_list = user_info["acl"] # 验证 acl status = verify_acl(acl_list, command) # acl deny 验证完成后执行命令 if status["status"]: host = ",".join(minion_id) result = salt_api.shell_remote_execution(host, command) # 记录历史命令 db = DB() cmd_history = { "user_id": user_info["id"], "command": command, "minion_id": minion_id, "result": result, "time": time.strftime('%Y-%m-%d %H:%M:%S', time.localtime()) } db.insert("cmd_history", json.dumps(cmd_history, ensure_ascii=False)) db.close_mysql() audit_log(user_info["username"], minion_id, args["product_id"], "minion", "shell") minion_count = 'Total: ' + str(len(minion_id)) cmd_succeed = 'Succeed: ' + str(len(result)) cmd_failure = 'Failure: ' + str(len(minion_id) - len(result)) command = 'Command: ' + command succeed_minion = [] for i in result: succeed_minion.append(i) failure_minion = 'Failure_Minion: ' + ','.join( list(set(minion_id).difference(set(succeed_minion)))) return { 'result': result, 'command': command, 'line': "#" * 50, 'minion_count': minion_count, 'cmd_succeed': cmd_succeed, 'cmd_failure': cmd_failure, 'failure_minion': failure_minion, "status": True, "message": "" }, 200 else: return status, 500
def put(self, period_id): product_id = request.args.get("product_id") user = g.user_info["username"] db = DB() status, result = db.select_by_id("period_task", period_id) if status is True: result["action"] = "concurrent_play" audit = { "timestamp": int(time.time()), "user": user, "option": period_audit.get(2) } insert_period_audit(period_id, audit) update_status, update_result = db.update_by_id( "period_task", json.dumps(result, ensure_ascii=False), period_id) if update_status is not True: logger.error("Pause period_task error: %s" % update_result) db.close_mysql() return {"status": False, "message": update_result}, 500 if result["scheduler"] == "once" and result["once"][ "type"] == "now": job.delay(period_id, product_id, user) audit_log(user, period_id, product_id, "period_task", "pause") return {"status": True, "message": ""}, 200 else: db.close_mysql() return {"status": False, "message": result}, 500
def put(self, host_id): user = g.user_info["username"] args = parser.parse_args() args["id"] = host_id host = args db = DB() # 判断是否存在 select_status, select_result = db.select_by_id("host", host_id) if select_status is False: db.close_mysql() logger.error("Modify host error: %s" % select_result) return {"status": False, "message": select_result}, 500 if select_result: for i in select_result: try: host = eval(i[0]) host["group_id"] = args["group_id"] host["tag"] = args["tag"] except Exception as e: db.close_mysql() logger.error("Modify %s host error: %s" % (host_id, e)) return {"status": False, "message": str(e)}, 500 status, result = db.update_by_id("host", json.dumps(host, ensure_ascii=False), host_id) db.close_mysql() if status is not True: logger.error("Modify host error: %s" % result) return {"status": False, "message": result}, 500 audit_log(user, args["id"], args["product_id"], "host", "edit") return {"status": True, "message": ""}, 200
def put(self, period_id): user = g.user_info["username"] args = parser.parse_args() args["id"] = period_id period_task = args db = DB() # 判断是否存在 select_status, select_result = db.select_by_id("period_task", period_id) if select_status is not True: db.close_mysql() logger.error("Modify period_task error: %s" % select_result) return {"status": False, "message": select_result}, 500 if not select_result: db.close_mysql() return { "status": False, "message": "%s does not exist" % period_id }, 404 # 判断名字否已经存在 status, result = db.select( "period_task", "where data -> '$.name'='%s' and data -> '$.product_id'='%s'" % (args["name"], args["product_id"])) if status is True and result: if period_id != result[0].get("id"): db.close_mysql() return { "status": False, "message": "The period_task name already exists" }, 200 period_task["result"] = select_result["result"] period_task["timestamp"] = select_result["timestamp"] period_task["status"] = select_result["status"] period_task["action"] = select_result["action"] period_task["executed_minion"] = select_result["executed_minion"] period_task["count"] = select_result["count"] period_task["step"] = select_result["step"] period_task["audit"] = select_result["audit"] if args["once"]["date"]: args["once"]["date"] = utc_to_local(args["once"]["date"]) status, result = db.update_by_id( "period_task", json.dumps(period_task, ensure_ascii=False), period_id) db.close_mysql() # 修改调度任务 if args["scheduler"] == "once" and args["once"]["type"] == "timing": run_date = args["once"]["date"].split( " ")[0] + " " + args["once"]["time"] scheduler_timing_modify(args["id"], args["product_id"], user, run_date) if args["scheduler"] == "period": scheduler_interval_modify(args["id"], args["product_id"], user, args["period"]["interval"], args["period"]["type"]) if status is not True: logger.error("Modify period_task error: %s" % result) return {"status": False, "message": result}, 500 audit_log(user, period_id, "", "period_task", "edit") return {"status": True, "message": ""}, 200
def add_host(minion_list, product_id, user): db = DB() for minion_id in minion_list: select_status, select_result = db.select( "host", "where data -> '$.minion_id'='%s' " "and data -> '$.product_id'='%s'" % (minion_id, product_id)) if select_status is False: logger.error("Add %s host error: %s" % (minion_id, select_result)) continue if not select_result: id = uuid_prefix("h") host = { "id": id, "minion_id": minion_id, "product_id": product_id, "groups": [], "tag": [], } insert_status, insert_result = db.insert( "host", json.dumps(host, ensure_ascii=False)) if insert_status is False: logger.error("Add %s host error: %s" % (minion_id, insert_result)) else: audit_log(user, id, product_id, "host", "add") db.close_mysql()
def post(self): args = parser.parse_args() user = g.user_info["username"] project, _ = gitlab_project(args["product_id"], args["project_type"]) # 支持的action create, delete, move, update data = { 'branch_name': args["branch"], 'commit_message': args["action"] + " " + args["path"], 'actions': [{ 'action': args["action"], 'file_path': args["path"], 'content': args["content"] }] } if isinstance(project, dict): return project, 500 else: try: project.commits.create(data) # 假如删除,删除数据库中封装的SLS信息 if args["action"] == "delete": delete_sls(args["path"]) audit_log(user, args["path"], args["product_id"], "sls", args["action"]) except Exception as e: logger.error("Commit file: %s" % e) return {"status": False, "message": str(e)}, 500 return {"status": True, "message": ""}, 200
def post(self): logger.info("HOSTLIST") args = parser.parse_args() args["id"] = uuid_prefix("h") user = g.user_info["username"] host = args db = DB() status, result = db.select( "host", "where data -> '$.minion_id'='%s'" % args["minion_id"]) if status is True: if len(result) == 0: insert_status, insert_result = db.insert( "host", json.dumps(host, ensure_ascii=False)) db.close_mysql() if insert_status is not True: logger.error("Add host error: %s" % insert_result) return {"status": False, "message": insert_result}, 500 audit_log(user, args["id"], args["product_id"], "host", "add") return {"status": True, "message": ""}, 201 else: db.close_mysql() return { "status": False, "message": "The host name already exists" }, 200 else: db.close_mysql() logger.error("Select host name error: %s" % result) return {"status": False, "message": result}, 500
def delete(self): args = parser.parse_args() db = DB() status, result = db.select_by_id("product", args["product_id"]) db.close_mysql() if status is True: if result: product = eval(result[0][0]) else: return {"status": False, "message": "%s does not exist" % args["product_id"]} else: return {"status": False, "message": result} salt_api = salt_api_for_product(args["product_id"]) user = g.user_info["username"] if isinstance(salt_api, dict): return salt_api, 500 else: if args["action"] == "kill" and args["jid"]: kill = "salt %s saltutil.kill_job %s" % (product.get("salt_master_id"), args["jid"]) try: result = salt_api.shell_remote_execution(product.get("salt_master_id"), kill) audit_log(user, args["jid"], args["product_id"], "job id", "kill") return {"status": True, "message": result}, 200 except Exception as e: return {"status": False, "message": str(e)}, 500 else: return {"status": False, "message": "The specified job id does not exist or arguments error"}, 400
def reject_host(minion_list, product_id, user): db = DB() for minion_id in minion_list: select_status, select_result = db.select( "host", "where data -> '$.minion_id'='%s' " "and data -> '$.product_id'='%s'" % (minion_id, product_id)) if select_status is False: logger.error("Reject %s host error: %s" % (minion_id, select_result)) if select_result: for host in select_result: try: # 拒绝后添加拒绝标签 host["tag"].append({"name": "reject", "color": "red"}) status, result = db.update_by_id( "host", json.dumps(host, ensure_ascii=False), host["id"]) if status is False: logger.error("Reject %s host error: %s" % (minion_id, result)) else: audit_log(user, host["id"], product_id, "host", "reject") except Exception as e: logger.error("Reject %s host error: %s" % (minion_id, e)) else: logger.error("Select %s host does not exist" % minion_id) db.close_mysql()
def put(self, role_id): user = g.user_info["username"] args = parser.parse_args() args["id"] = role_id role = args db = DB() status, result = db.select( "role", "where data -> '$.name'='%s'" % args["name"]) if status is True: if len(result) != 0: info = eval(result[0][0]) if role_id != info.get("id"): return { "status": False, "message": "The role name already exists" }, 200 status, result = db.update_by_id("role", json.dumps(role, ensure_ascii=False), role_id) db.close_mysql() if status is not True: logger.error("Modify role error: %s" % result) return {"status": False, "message": result}, 500 audit_log(user, role_id, "", "role", "edit") return {"status": True, "message": ""}, 200
def put(self, host_id): logger.info("HOSTPUT") user = g.user_info["username"] args = parser.parse_args() args["id"] = host_id db = DB() # 判断是否存在 select_status, select_result = db.select_by_id("host", host_id) if select_status is False: db.close_mysql() logger.error("Modify host error: %s" % select_result) return {"status": False, "message": select_result}, 500 if select_result: try: host = select_result if args['tag'] != []: host["tag"] = args["tag"] if args['rename'] != '': host["rename"] = args["rename"] status, result = db.update_by_id( "host", json.dumps(host, ensure_ascii=False), host_id) db.close_mysql() if status is not True: logger.error("Modify host error: %s" % result) return {"status": False, "message": result}, 500 except Exception as e: db.close_mysql() logger.error("Modify %s host error: %s" % (host_id, e)) return {"status": False, "message": str(e)}, 500 audit_log(user, args["id"], args["product_id"], "host", "edit") return {"status": True, "message": ""}, 200
def put(self, period_id): product_id = request.args.get("product_id") user = g.user_info["username"] db = DB() status, result = db.select_by_id("period_task", period_id) if status is True: result["action"] = "scheduler_resume" result["status"] = {"id": 9, "name": period_status.get(9)} audit = { "timestamp": int(time.time()), "user": user, "option": period_audit.get(10) } insert_period_audit(period_id, audit) update_status, update_result = db.update_by_id( "period_task", json.dumps(result, ensure_ascii=False), period_id) if update_status is not True: logger.error("Pause period_task error: %s" % update_result) db.close_mysql() return {"status": False, "message": update_result}, 500 scheduler_result = scheduler_resume(period_id) if scheduler_result.get("status") is not True: return { "status": False, "message": scheduler_result.get("message") }, 500 audit_log(user, period_id, product_id, "period_task", "scheduler resume") return {"status": True, "message": ""}, 200 else: db.close_mysql() return {"status": False, "message": result}, 500
def get(self, user_id): user = g.user_info["username"] db = DB() status, result = db.select_by_id("user", user_id) if status is True and result: # 生成12位随机密码 password = ''.join( random.sample(string.ascii_letters + string.digits, 12)) send_mail(result["mail"], "Saltshaker 重置密码", "新密码:" + password) # 离散hash password_hash = custom_app_context.encrypt(password) result["password"] = password_hash insert_status, insert_result = db.update_by_id( "user", json.dumps(result, ensure_ascii=False), user_id) db.close_mysql() if insert_status is not True: logger.error("Reset %s password error: %s" % (user_id, insert_result)) return {"status": False, "message": insert_result}, 500 audit_log(user, user_id, "", "user", "reset") return {"status": True, "message": ""}, 201 else: db.close_mysql() logger.error("Select user error: %s" % result) return {"status": False, "message": result}, 500
def post(self): args = parser.parse_args() sls = args["sls"] if not sls: return { "status": False, "message": "The specified sls parameter does not exist" }, 400 # 去掉后缀 sls = sls.replace(".sls", "") minion_id = args["minion_id"] salt_api = salt_api_for_product(args["product_id"]) user_info = g.user_info audit_log(user_info["username"], minion_id, args["product_id"], "minion", "sls") if isinstance(salt_api, dict): return salt_api, 500 result = salt_api.target_deploy(minion_id, sls) db = DB() cmd_history = { "user_id": user_info["id"], "product_id": args["product_id"], "command": args["sls"], "type": "sls", "minion_id": minion_id, "result": result, "time": time.strftime('%Y-%m-%d %H:%M:%S', time.localtime()) } db.insert("cmd_history", json.dumps(cmd_history, ensure_ascii=False)) db.close_mysql() audit_log(user_info["username"], minion_id, args["product_id"], "minion", "sls") minion_count = str(len(minion_id)) cmd_succeed = str(len(result)) cmd_failure = str(len(minion_id) - len(result)) succeed_minion = [] for i in result: succeed_minion.append(i) failure_minion = ','.join( list(set(minion_id).difference(set(succeed_minion)))) if result.get("status") is False: status = False message = result.get("message") else: status = True message = "" return { "data": { "result": result, "command": args["sls"], "total": minion_count, "succeed": cmd_succeed, "failure": cmd_failure, "failure_minion": failure_minion }, "status": status, "message": message }, 200
def post(self): args = parser.parse_args() command = args["command"] if not command: return {"status": False, "message": "The specified command parameter does not exist"}, 400 minion_id = args["minion_id"] salt_api = salt_api_for_product(args["product_id"]) user_info = g.user_info if isinstance(salt_api, dict): return salt_api, 500 acl_list = user_info["acl"] # 验证 acl status = verify_acl(acl_list, command) # acl deny 验证完成后执行命令 if status["status"]: result = salt_api.shell_remote_execution(minion_id, command) # 记录历史命令 db = DB() cmd_history = { "user_id": user_info["id"], "product_id": args["product_id"], "command": command, "type": "shell", "minion_id": minion_id, "result": result, "time": time.strftime('%Y-%m-%d %H:%M:%S', time.localtime()) } db.insert("cmd_history", json.dumps(cmd_history, ensure_ascii=False)) db.close_mysql() audit_log(user_info["username"], minion_id, args["product_id"], "minion", "shell") minion_count = str(len(minion_id)) result_len = len(result) for k, v in result.items(): if not v: result_len -= 1 cmd_succeed = str(result_len) cmd_failure = str(len(minion_id) - result_len) succeed_minion = [] for i in result: succeed_minion.append(i) failure_minion = ','.join( list(set(minion_id).difference(set(succeed_minion)))) if result.get("status") is False: status = False message = result.get("message") else: status = True message = "" return {"data": {"result": result, "command": command, "total": minion_count, "succeed": cmd_succeed, "failure": cmd_failure, "failure_minion": failure_minion}, "status": status, "message": message}, 200 else: return status, 500
def delete(self, host_id): user = g.user_info["username"] db = DB() status, result = db.delete_by_id("host", host_id) db.close_mysql() if status is not True: logger.error("Delete host error: %s" % result) return {"status": False, "message": result}, 500 if result is 0: return {"status": False, "message": "%s does not exist" % host_id}, 404 audit_log(user, host_id, "", "host", "delete") return {"status": True, "message": ""}, 200
def put(self, groups_id): user = g.user_info["username"] args = parser.parse_args() args["id"] = groups_id groups = args db = DB() # 判断产品线是否存在 status, result = db.select_by_id("product", args["product_id"]) if status is True: if not result: db.close_mysql() return { "status": False, "message": "%s does not exist" % args["product_id"] }, 404 else: return {"status": False, "message": result}, 500 # 判断是否存在 select_status, select_result = db.select_by_id("groups", groups_id) projects = select_result['projects'] groups['projects'] = projects if select_status is not True: db.close_mysql() logger.error("Modify groups error: %s" % select_result) return {"status": False, "message": select_result}, 500 if not select_result: db.close_mysql() return { "status": False, "message": "%s does not exist" % groups_id }, 404 # 判断名字否已经存在 status, result = db.select( "groups", "where data -> '$.name'='%s' and data -> '$.product_id'='%s'" % (args["name"], args["product_id"])) if status is True and result: if groups_id != result[0].get("id"): db.close_mysql() return { "status": False, "message": "The groups name already exists" }, 200 status, result = db.update_by_id( "groups", json.dumps(groups, ensure_ascii=False), groups_id) db.close_mysql() if status is not True: logger.error("Modify groups error: %s" % result) return {"status": False, "message": result}, 500 audit_log(user, groups_id, "", "groups", "edit") return {"status": True, "message": ""}, 200
def delete(self, groups_id): user = g.user_info["username"] db = DB() status, result = db.delete_by_id("groups", groups_id) db.close_mysql() if status is not True: logger.error("Delete groups error: %s" % result) return {"status": False, "message": result}, 500 if result is 0: return {"status": False, "message": "%s does not exist" % groups_id}, 404 audit_log(user, groups_id, "", "groups", "delete") info = update_user_privilege("groups", groups_id) if info["status"] is False: return {"status": False, "message": info["message"]}, 500 return {"status": True, "message": ""}, 204
def put(self, user_id): user = g.user_info["username"] args = parser.parse_args() args["id"] = user_id db = DB() # 判断是否存在 select_status, select_result = db.select_by_id("user", user_id) if select_status is not True: db.close_mysql() logger.error("Modify user error: %s" % select_result) return {"status": False, "message": select_result}, 500 if not select_result: db.close_mysql() return {"status": False, "message": "%s does not exist" % user_id}, 404 # 判断名字否已经存在 status, result = db.select("user", "where data -> '$.username'='%s'" % args["username"]) if status is True: if len(result) != 0: info = eval(result[0][0]) if user_id != info.get("id"): db.close_mysql() return {"status": False, "message": "The user name already exists"}, 200 # 获取之前的加密密码 status, result = db.select_by_id("user", user_id) if status is True: if result: try: user_info = eval(result[0][0]) args["password"] = user_info.get("password") except Exception as e: db.close_mysql() return {"status": False, "message": str(e)}, 500 else: db.close_mysql() return {"status": False, "message": "%s does not exist" % user_id}, 404 else: db.close_mysql() return {"status": False, "message": result}, 500 # 更新用户信息 users = args status, result = db.update_by_id("user", json.dumps(users, ensure_ascii=False), user_id) db.close_mysql() if status is not True: logger.error("Modify user error: %s" % result) return {"status": False, "message": result}, 500 audit_log(user, user_id, "", "user", "edit") return {"status": True, "message": ""}, 200
def delete(self): args = parser.parse_args() salt_api = salt_api_for_product(args["product_id"]) user = g.user_info["username"] if isinstance(salt_api, dict): return salt_api, 500 else: if args["action"] == "kill" and args["jid"]: kill = "salt '*' saltutil.kill_job" + " " + args["jid"] try: result = os.popen(kill).read() audit_log(user, args["jid"], args["product_id"], "job id", "kill") return {"status": True, "message": result}, 200 except Exception as e: return {"status": False, "message": str(e)}, 500 else: return {"status": False, "message": "The specified job id does not exist or arguments error"}, 400
def post(self): args = parser.parse_args() user = g.user_info["username"] project, _ = gitlab_project(args["product_id"], args["project_type"]) file = request.files['file'] if args["path"]: file_path = args["path"] + "/" + file.filename content = file.read() try: content_decode = content.decode() actions = [ { 'action': 'create', 'file_path': file_path, 'content': content_decode } ] except Exception as e: return {"status": False, "message": str(e)}, 500 # try: # content_decode = content.decode() # actions = [ # { # 'action': args["action"], # 'file_path': file_path, # 'content': base64.b64encode(content_decode), # 'encoding': 'base64', # } # ] # except Exception as e: # print(e) data = { 'branch': args["branch"], 'commit_message': args["action"] + " " + args["path"], 'actions': actions } if isinstance(project, dict): return project, 500 else: try: project.commits.create(data) audit_log(user, file_path, args["product_id"], "sls", "upload") except Exception as e: logger.error("Upload file: %s" % e) return {"status": False, "message": str(e)}, 500 return {"status": True, "message": ""}, 200
def no_concurrent(period_result, period_id, minion_list, salt_api, user, product_id): db = DB() period_result["status"] = { "id": 2, "name": period_status.get(2) } db.update_by_id("period_task", json.dumps(period_result, ensure_ascii=False), period_id) if period_result.get("execute") == "shell": result = salt_api.shell_remote_execution(minion_list, period_result.get("shell")) elif period_result.get("execute") == "sls": # 去掉后缀 sls = period_result.get("sls").replace(".sls", "") result = salt_api.target_deploy(minion_list, sls) results = { "time": int(time.time()), "result": result, "option": period_audit.get(9) } insert_period_result(period_id, results) # 不同调度方式使用不同的状态显示 if period_result["scheduler"] == "period": period_result["status"] = { "id": 9, "name": period_status.get(9) } elif period_result["scheduler"] == "crontab": period_result["status"] = { "id": 10, "name": period_status.get(10) } else: period_result["status"] = { "id": 3, "name": period_status.get(3) } # 执行审计写入到period_audit表 audits = { "timestamp": int(time.time()), "user": "******", "option": period_audit.get(3) } insert_period_audit(period_id, audits) db.update_by_id("period_task", json.dumps(period_result, ensure_ascii=False), period_id) db.close_mysql() audit_log(user, minion_list, product_id, "minion", "shell")
def delete_host(minion_list, product_id, user): db = DB() group_status, group_result = db.select( "groups", "where data -> '$.product_id'='%s'" % product_id) if group_status is False: logger.error("Delete %s host error: %s" % (minion_list, group_status)) for minion_id in minion_list: try: # 组里面删除主机 for group in group_result: for minion in group.get("minion"): if minion == minion_id: group.get("minion").remove(minion_id) status, result = db.update_by_id( "groups", json.dumps(group, ensure_ascii=False), group.get("id")) if status is not True: logger.error("Modify group error: %s" % result) except Exception as e: logger.error("Delete %s host error: %s" % (minion_id, e)) select_status, select_result = db.select( "host", "where data -> '$.minion_id'='%s' " "and data -> '$.product_id'='%s'" % (minion_id, product_id)) if select_status is False: logger.error("Delete % host error: %s" % (minion_id, select_result)) if select_result: for host in select_result: try: status, result = db.delete_by_id("host", host["id"]) if status is False: logger.error("Delete %s host error: %s" % (minion_id, result)) else: audit_log(user, host["id"], product_id, "host", "delete") except Exception as e: logger.error("Delete %s host error: %s" % (minion_id, e)) else: logger.error("Select %s host does not exist" % minion_id) db.close_mysql()
def post(self, user_id): args = parser.parse_args() user = g.user_info["username"] if not args["old_password"]: return { "status": False, "message": "The specified old_password parameter does not exist" }, 200 if not args["new_password"]: return { "status": False, "message": "The specified now_password parameter does not exist" }, 200 db = DB() status, result = db.select_by_id("user", user_id) if status is True and result: if not verify_password(result["username"], args["old_password"]): return {"status": False, "message": "Old password error"}, 200 else: # 基于RSA加密算法获取密码 password = rsa_decrypt(args["new_password"]) if password is False: return { "status": False, "message": "Decrypt is failure" }, 500 # 加密新密码 password_hash = custom_app_context.encrypt(password) result["password"] = password_hash update_status, update_result = db.update_by_id( "user", json.dumps(result, ensure_ascii=False), user_id) db.close_mysql() if update_status is not True: logger.error("Reset %s password error: %s" % (user_id, update_result)) return {"status": False, "message": update_result}, 500 audit_log(user, user_id, "", "user", "reset by owner") return {"status": True, "message": ""}, 201 else: db.close_mysql() logger.error("Select user error: %s" % result) return {"status": False, "message": result}, 500
def delete(self, period_id): user = g.user_info["username"] db = DB() select_status, select_result = db.select_by_id("period_task", period_id) if select_status is not True: db.close_mysql() logger.error("Modify period_task error: %s" % select_result) return {"status": False, "message": select_result}, 500 # 删除定期任务的时候删除对应的调度 if select_result["scheduler"] == "period": scheduler_result = scheduler_delete(period_id) if scheduler_result.get("status") is not True: # 假如不是job不存在,才返回 if "'No job" not in scheduler_result.get("message"): return { "status": False, "message": scheduler_result.get("message") }, 500 status, result = db.delete_by_id("period_task", period_id) if status is not True: logger.error("Delete period_task error: %s" % result) return {"status": False, "message": result}, 500 if result is 0: return { "status": False, "message": "%s does not exist" % period_id }, 404 period_result_status, period_result_result = db.delete_by_id( "period_result", period_id) if period_result_status is not True: logger.error("Delete period_result error: %s" % period_result_result) return {"status": False, "message": result}, 500 period_audit_status, period_audit_result = db.delete_by_id( "period_audit", period_id) if period_audit_status is not True: logger.error("Delete period_result error: %s" % period_audit_result) return {"status": False, "message": result}, 500 db.close_mysql() audit_log(user, period_id, "", "period_task", "delete") return {"status": True, "message": ""}, 200
def delete(self, product_id): user = g.user_info["username"] db = DB() status, result = db.delete_by_id("product", product_id) db.close_mysql() if status is not True: logger.error("Delete product error: %s" % result) return {"status": False, "message": result}, 500 if result is 0: return { "status": False, "message": "%s does not exist" % product_id }, 404 audit_log(user, product_id, product_id, "product", "delete") info = update_user_privilege("product", product_id) if info["status"] is False: return {"status": False, "message": info["message"]}, 500 # 更新Rsync配置 rsync_config() return {"status": True, "message": ""}, 200