def forget_password(request):
if request.method == 'POST':
try:
defend_attack(request)
email = request.POST.get('email', '')
username = request.POST.get('username', '')
user = get_object(User, username=username, email=email)
if user:
timestamp = int(time.time())
hash_encode = PyCrypt.md5_crypt(
str(user.uuid_id) + str(timestamp) + KEY)
msg = u"""
Hi %s, 请点击下面链接重设密码!
http://%s:%s/user/password/reset/?uuid=%s×tamp=%s&hash=%s
""" % (user.username, HOST_IP, HOST_PORT, user.uuid_id,
timestamp, hash_encode)
if not default_email:
msg = u'没有邮件服务器信息,请先到告警管理中配置邮件服务器,谢谢!'
rest = send_email(default_email, u'忘记登录密码', [email], msg)
logger.info(u'重置密码,发送邮件信息:%s' % rest)
if rest['msgCode'] == 0:
msg = u'邮件成功已成功发送至您的邮箱,请登陆邮箱,点击邮件重设密码'
return http_success(request, msg)
else:
error = u'邮件发送失败:%s' % rest['msgError']
return http_error(request, error)
else:
error = u'用户不存在或邮件地址错误'
return http_error(request, error)
except Exception as e:
logger.error(e)
def forget_password(request):
if request.method == 'POST':
try:
defend_attack(request)
email = request.POST.get('email', '')
username = request.POST.get('username', '')
user = get_object(User, username=username, email=email)
if user:
timestamp = int(time.time())
hash_encode = PyCrypt.md5_crypt(str(user.uuid_id) + str(timestamp) + KEY)
msg = u"""
Hi %s, 请点击下面链接重设密码!
http://%s:%s/user/password/reset/?uuid=%s×tamp=%s&hash=%s
""" % (user.username, HOST_IP, HOST_PORT, user.uuid_id, timestamp, hash_encode)
if not default_email:
msg = u'没有邮件服务器信息,请先到告警管理中配置邮件服务器,谢谢!'
rest = send_email(default_email, u'忘记登录密码', [email], msg)
logger.info(u'重置密码,发送邮件信息:%s'%rest)
if rest['msgCode'] == 0:
msg = u'邮件成功已成功发送至您的邮箱,请登陆邮箱,点击邮件重设密码'
return http_success(request, msg)
else:
error = u'邮件发送失败:%s'%rest['msgError']
return http_error(request, error)
else:
error = u'用户不存在或邮件地址错误'
return http_error(request, error)
except Exception as e:
logger.error(e)
def send_mail_retry(request, res, *args):
res['operator'] = u'发送邮件'
uuid_r = request.GET.get('uuid', '1')
user = get_object(User, uuid_id=uuid_r)
msg = u"""
MagicStack地址: %s
用户名:%s
重设密码:%s/userManage/password/forget/
请登录web点击个人信息页面重新生成ssh密钥
""" % (URL, user.username, URL)
if not default_email:
return HttpResponse(u'没有邮件服务器信息,请先到告警管理中配置邮件服务器,谢谢!')
try:
send_email(default_email, u'邮件重发', [user.email], msg)
except IndexError, e:
res['flag'] = 'false'
res['comment'].append(e)
return Http404
def send_mail_retry(request,res, *args):
res['operator'] = u'发送邮件'
uuid_r = request.GET.get('uuid', '1')
user = get_object(User, uuid_id=uuid_r)
msg = u"""
MagicStack地址: %s
用户名:%s
重设密码:%s/userManage/password/forget/
请登录web点击个人信息页面重新生成ssh密钥
""" % (URL, user.username, URL)
if not default_email:
return HttpResponse(u'没有邮件服务器信息,请先到告警管理中配置邮件服务器,谢谢!')
try:
send_email(default_email, u'邮件重发', [user.email], msg)
except IndexError,e:
res['flag'] = 'false'
res['comment'].append(e)
return Http404
def user_add_mail(user, default_email, kwargs):
"""
add user send mail
发送用户添加邮件
"""
user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
mail_title = u'恭喜你!用户 %s 已成功添加至MagicStack,您可以用此账户登录MagicStack' % user.name
mail_msg = u"""
Hi, %s
您的用户名: %s
您的权限: %s
您的web登录密码: %s
感谢您使用MagicStack,谢谢!
""" % (user.name, user.username, user_role.get(user.role, u'普通用户'),
kwargs.get('password'))
rest_send_mail = send_email(default_email, mail_title, [user.email], mail_msg)
if rest_send_mail['msgCode'] == 1:
return False
return True
def user_add_mail(user, default_email, kwargs):
"""
add user send mail
发送用户添加邮件
"""
user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
mail_title = u'恭喜你!用户 %s 已成功添加至MagicStack,您可以用此账户登录MagicStack' % user.name
mail_msg = u"""
Hi, %s
您的用户名: %s
您的权限: %s
您的web登录密码: %s
感谢您使用MagicStack,谢谢!
""" % (user.name, user.username, user_role.get(
user.role, u'普通用户'), kwargs.get('password'))
rest_send_mail = send_email(default_email, mail_title, [user.email],
mail_msg)
if rest_send_mail['msgCode'] == 1:
return False
return True
def user_edit(request, res, *args):
res['operator'] = u'编辑用户'
res['emer_content'] = 1
if request.method == 'GET':
rest = {}
user_id = request.GET.get('id', '')
if not user_id:
return HttpResponseRedirect(reverse('index'))
user = get_object(User, id=user_id)
if user:
groups_str = ','.join(
[str(group.id) for group in user.group.all()])
admin_groups_str = ' '.join([
str(admin_group.group.id)
for admin_group in user.admingroup_set.all()
])
is_super = True if user.role == 'SU' else False
rest['Id'] = user.id
rest['username'] = user.username
rest['password'] = user.password
rest['email'] = user.email
rest['is_active'] = user.is_active
rest['user_group'] = groups_str
rest['is_super'] = is_super
return HttpResponse(json.dumps(rest),
content_type='application/json')
else:
response = {'success': False, 'error': ''}
try:
user_id = request.GET.get('id', '')
user = User.objects.get(id=int(user_id))
username = request.POST.get('username', '')
password = request.POST.get('password', '')
email = request.POST.get('email', '')
groups = request.POST.getlist('groups', [])
role_post = request.POST.get('role', 'CU')
admin_groups = request.POST.getlist('admin_groups', [])
extra = request.POST.getlist('extra', [])
is_active = False if '0' in extra else True
email_need = True if '1' in extra else False
user_role = {'SU': u'超级管理员', 'GA': u'部门管理员', 'CU': u'普通用户'}
if not user:
res['flag'] = 'false'
res['content'] = u'用户不存在!'
res['emer_satus'] = u"编辑用户失败:{1}".format(u'用户不存在!')
response['error'] = u"编辑用户失败:{1}".format(u'用户不存在!')
username_old = user.username
if username_old == username:
if len(User.objects.filter(username=username)) > 1:
raise ServerError(u'用户已存在')
else:
if len(User.objects.filter(username=username)) > 0:
raise ServerError(u'用户已存在')
db_update_user(user_id=user_id,
username=username,
password=password,
email=email,
groups=groups,
admin_groups=admin_groups,
role=role_post,
is_active=is_active)
res['content'] = u'编辑用户%s' % username_old
res['emer_status'] = u"编辑用户[{0}]成功".format(username_old)
response['success'] = True
response['error'] = res['emer_status']
if email_need:
emsg = u"""
Hi %s:
您的信息已修改,请登录MagicStack查看详细信息
地址:%s
用户名: %s
密码:%s (如果密码为None代表密码为原密码)
权限::%s
""" % (user.username, URL, user.username, password,
user_role.get(role_post, u''))
if not default_email:
error = u"没有邮件服务器信息,请先到告警管理配置邮件服务器,谢谢!"
return HttpResponse(error)
rest_send_mail = send_email(default_email, u'您的信息已修改', [email],
emsg)
if rest_send_mail['msgCode'] == 1:
response['success'] = False
response['error'] = u"发送邮件失败:请查找原因"
except Exception as e:
logger.error(e)
res['flag'] = 'false'
error_info = u"编辑用户{0}失败:{1}".format(username_old, e.message)
res['content'] = res['emer_status'] = response[
'error'] = error_info
return HttpResponse(json.dumps(response),
content_type='application/json')
def user_edit(request,res, *args):
res['operator'] = u'编辑用户'
res['emer_content'] = 1
if request.method == 'GET':
rest = {}
user_id = request.GET.get('id', '')
if not user_id:
return HttpResponseRedirect(reverse('index'))
user = get_object(User, id=user_id)
if user:
groups_str = ','.join([str(group.id) for group in user.group.all()])
admin_groups_str = ' '.join([str(admin_group.group.id) for admin_group in user.admingroup_set.all()])
is_super = True if user.role == 'SU' else False
rest['Id'] = user.id
rest['username'] = user.username
rest['password'] = user.password
rest['email'] = user.email
rest['is_active'] = user.is_active
rest['user_group'] = groups_str
rest['is_super'] = is_super
return HttpResponse(json.dumps(rest), content_type='application/json')
else:
response = {'success': False, 'error': ''}
try:
user_id = request.GET.get('id', '')
user = User.objects.get(id=int(user_id))
username = request.POST.get('username','')
password = request.POST.get('password', '')
email = request.POST.get('email', '')
groups = request.POST.getlist('groups', [])
role_post = request.POST.get('role', 'CU')
admin_groups = request.POST.getlist('admin_groups', [])
extra = request.POST.getlist('extra', [])
is_active = False if '0' in extra else True
email_need = True if '1' in extra else False
user_role = {'SU': u'超级管理员', 'GA': u'部门管理员', 'CU': u'普通用户'}
if not user:
res['flag'] = 'false'
res['content'] = u'用户不存在!'
res['emer_satus'] = u"编辑用户失败:{1}".format(u'用户不存在!')
response['error'] = u"编辑用户失败:{1}".format(u'用户不存在!')
username_old = user.username
if username_old == username:
if len(User.objects.filter(username=username)) > 1:
raise ServerError(u'用户已存在')
else:
if len(User.objects.filter(username=username)) > 0:
raise ServerError(u'用户已存在')
db_update_user(user_id=user_id,
username=username,
password=password,
email=email,
groups=groups,
admin_groups=admin_groups,
role=role_post,
is_active=is_active)
res['content'] = u'编辑用户%s' % username_old
res['emer_status'] = u"编辑用户[{0}]成功".format(username_old)
response['success'] = True
response['error'] = res['emer_status']
if email_need:
emsg = u"""
Hi %s:
您的信息已修改,请登录MagicStack查看详细信息
地址:%s
用户名: %s
密码:%s (如果密码为None代表密码为原密码)
权限::%s
""" % (user.username, URL, user.username, password, user_role.get(role_post, u''))
if not default_email:
error = u"没有邮件服务器信息,请先到告警管理配置邮件服务器,谢谢!"
return HttpResponse(error)
rest_send_mail = send_email(default_email, u'您的信息已修改',[email], emsg)
if rest_send_mail['msgCode'] == 1:
response['success'] = False
response['error'] = u"发送邮件失败:请查找原因"
except Exception as e:
logger.error(e)
res['flag'] = 'false'
error_info = u"编辑用户{0}失败:{1}".format(username_old ,e.message)
res['content'] = res['emer_status'] = response['error'] = error_info
return HttpResponse(json.dumps(response), content_type='application/json')
