Exemplo n.º 1
0
def create_users(argvs):
    '''
    create little_finger access user
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        user_file  = argvs[argvs.index("-f") +1 ]
    else:
        print_err("invalid usage, should be:\ncreateusers -f <the new users file>",quit=True)

    source = yaml_parser(user_file)
    if source:
        for key,val in source.items():
            print(key,val)
            obj = models.UserProfile(username=key,password=val.get('password'))
            if val.get('groups'):
                groups = session.query(models.Group).filter(models.Group.name.in_(val.get('groups'))).all()
                if not groups:
                    print_err("none of [%s] exist in group table." % val.get('groups'),quit=True)
                obj.groups = groups
            if val.get('bind_hosts'):
                bind_hosts = common_filters.bind_hosts_filter(val)
                obj.bind_hosts = bind_hosts
            #print(obj)
            session.add(obj)
        session.commit()
Exemplo n.º 2
0
def create_users(argvs):
    '''
    create little_finger access user
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        user_file  = argvs[argvs.index("-f") +1 ]
    else:
        print_err("invalid usage, should be:\ncreateusers -f <the new users file>",quit=True)

    source = yaml_parser(user_file)
    if source:
        for key,val in source.items():
            print(key,val)
            obj = models.UserProfile(username=key,password=val.get('password'))
            if val.get('groups'):
                groups = session.query(models.Group).filter(models.Group.name.in_(val.get('groups'))).all()
                if not groups:
                    print_err("none of [%s] exist in group table." % val.get('groups'),quit=True)
                obj.groups = groups
            if val.get('bind_hosts'):
                bind_hosts = common_filters.bind_hosts_filter(val)
                obj.bind_hosts = bind_hosts
            #print(obj)
            session.add(obj)
        session.commit()
Exemplo n.º 3
0
def create_groups(argvs):
    """
    create groups
    :param argvs:
    :return:
    """
    if '-f' in argvs:
        group_file = argvs[argvs.index("-f") + 1]
    else:
        print_err("invalid usage, should be:\ncreategroups -f <the new groups file>", logout=True)
        return
    source = yaml_parser(group_file)
    if source:
        logger.debug("source:\n%s" % source)
        for key, val in source.items():
            logger.debug("%s:%s" % (key, val))
            obj = models.HostGroup(name=key)
            logger.info(obj)
            # if val.get('bind_hosts'):
            #     bind_hosts = common_filters.bind_hosts_filter(val)
            #     obj.bind_hosts = bind_hosts
            #
            if val.get('user_profiles'):  # 用户与主机分组关系
                user_profiles = common_filters.user_profiles_filter(val)
                obj.user_profiles = user_profiles
            session.add(obj)
        session.commit()
        logger.info("create groups sucess!")
Exemplo n.º 4
0
def create_bindhosts(argvs):
    msg = 'the new bind_hosts file'
    bindhost_file = parse_argvs(argvs, msg)
    source = yaml_parser(bindhost_file)
    if source:
        for key,val in source.items():
            host_obj = session.query(models.Host).filter(models.Host.hostname==val.get('hostname')).first()
            assert host_obj
            for item in val['remote_users']:
                assert item.get('auth_type')
                if item.get('auth_type') == 'ssh-passwd':
                    remoteuser_obj = session.query(models.RemoteUser).filter(models.RemoteUser.username==item.get('username'),
                                                                             models.RemoteUser.password==item.get('password')).first()
                else:
                    remoteuser_obj = session.query(models.RemoteUser).filter(models.RemoteUser.username==item.get('username'),
                                                                             models.RemoteUser.auth_type==item.get('auth_type')).first()
                # print('>>>>',host_obj,remoteuser_obj)
                bindhost_obj = models.BindHost(host_id=host_obj.id,remote_user_id=remoteuser_obj.id)
                session.add(bindhost_obj)

                if source[key].get('groups'):
                    groups = common_filters.groups_filter(source[key])
                    bindhost_obj.groups = groups
                if source[key].get('user_profiles'):
                    user_profiles = common_filters.user_profiles_filter(source[key])
                    bindhost_obj.user_profiles = user_profiles

        session.commit()
Exemplo n.º 5
0
def create_remoteusers(argvs):
    '''
    create remoteusers
    :param argvs:
    :return:
    '''
    # 里面加了判断是否是文件
    if '-f' in argvs:
        remoteusers_file = argvs[argvs.index("-f") + 1]
    else:
        print_err(
            "invalid usage, should be:\ncreate_remoteusers -f <the new remoteusers file>",
            quit=True)

    #从yaml中 load 出来
    source = yaml_parser(remoteusers_file)
    if source:
        for key, val in source.items():
            print(key, val)
            #把 yaml中load出来的值获取到,赋值给对应的 sql中表的字段
            obj = models.RemoteUser(username=val.get('username'),
                                    auth_type=val.get('auth_type'),
                                    password=val.get('password'))
            session.add(obj)
    #再提交,真正的插入数据到表中
        session.commit()
Exemplo n.º 6
0
def create_groups(argv):
    '''
    create groups
    :param argv:
    :return:
    '''
    if '-f' in argv:
        group_file = argv[argv.index('-f') + 1]
    else:
        print_err(
            "Invalid usage, should be:\ncreate group -f <the new group file>",
            quit=True)
    source = yaml_parser(group_file)
    if source:
        print(source)
        for key, val in source.items():
            print(key, val)
            obj = models.HostGroup(name=key)
            if val.get('bind_host'):
                bind_hosts = common_filters.bind_hosts_filter()
                obj.bind_hosts = bind_hosts
            if val.get('user_profiles'):
                user_profiles = common_filters
                obj.user_profiles = user_profiles
            session.add(obj)
        session.commit()
Exemplo n.º 7
0
def create_users(argvs):
    if '-f' in argvs:
        '''首先判断输入是否存在-f选项,将-f后的文件赋予user_file'''
        user_file = argvs[argvs.index("-f") + 1]
    else:
        print_err(
            "invalid usage, should be:\ncreateusers -f <the new users file>",
            quit=True)

    source = yaml_parser(user_file)
    if source:
        for key, val in source.items():
            print(key, val)
            obj = models.UserProfile(username=key,
                                     password=val.get('password'))
            if val.get('groups'):
                '''如果val中含有group,且该group存在,则同时讲该用户加入对应group'''
                groups = session.query(models.Group).filter(
                    models.Group.name.in_(val.get('groups'))).all()
                if not groups:
                    print_err("none of [%s] exist in group table." %
                              val.get('groups'),
                              quit=True)
                obj.groups = groups
            if val.get('bind_hosts'):
                '''如果val有bind_hosts,则同时绑定hosts'''
                bind_hosts = common_filters.bind_hosts_filter(val)
                obj.bind_hosts = bind_hosts
            #print(obj)
            session.add(obj)
        session.commit()
Exemplo n.º 8
0
def create_hosts(argvs):
    '''
    create hosts
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        hosts_file = argvs[argvs.index("-f") + 1]
    else:
        print_err(
            "invalid usage, should be:\ncreate_hosts -f <the new hosts file>",
            quit=True)
    source = yaml_parser(hosts_file)
    if source:
        for key, val in source.items():
            print(key, val)

            #models.Host 是导入进来的。是from models import models
            #把参数给models.py中的Host类中的形参
            obj = models.Host(hostname=key,
                              ip=val.get('ip'),
                              port=val.get('port') or 22)
            session.add(obj)
        #一定要提交才能真的插入进去
        session.commit()
Exemplo n.º 9
0
def create_groups(argvs):
    '''
    create 组数据
    create groups
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        group_file = argvs[argvs.index("-f") + 1]
        host_path = os.path.join(setting.BASE_DESC, group_file)
    else:
        print_err(
            "invalid usage, should be:\ncreategroups -f <the new groups file>",
            quit=True)
    source = yaml_parser(host_path)
    if source:
        for key, val in source.items():
            print(key, val)
            obj = create_table.Group(group_name=key)
            if val.get('bind_hosts'):
                bind_hosts = common_filters.bind_hosts_filter(val)
                obj.bind_hosts = bind_hosts

            if val.get('user_profiles'):
                user_profiles = common_filters.user_profiles_filter(val)
                obj.user_profiles = user_profiles
            session.add(obj)
        session.commit()
Exemplo n.º 10
0
def create_hosts(argvs):
    '''
    create 主机
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        # 指定一个文件名否则报错
        hosts_file = argvs[argvs.index("-f") + 1]
        host_path = os.path.join(setting.BASE_DESC, hosts_file)
        #print('hosts_path:',host_path)
    else:
        print_err(
            "invalid usage, should be:\ncreate_hosts -f <the new hosts file>",
            quit=True)
    source = yaml_parser(host_path)  # 传文件回来
    if source:  # 循环字典
        print(source)
        for key, val in source.items():
            print(key, val)
            obj = create_table.Host(host_name=key,
                                    IP=val.get('ip'),
                                    port=val.get('port') or 22)
            # 添加到表
            try:
                session.add(obj)
            except IntegrityError as e:
                print('主机名和主机IP是唯一值已在数据库创建:', e)
            else:
                session.commit()
Exemplo n.º 11
0
def create_bindhosts(argvs):
    '''
    create bind hosts
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        bindhosts_file = argvs[argvs.index("-f") + 1]
    else:
        print_err(
            "invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>",
            quit=True)
    source = yaml_parser(bindhosts_file)
    if source:
        for key, val in source.items():
            print(key, val)
            # 获取到了主机
            host_obj = session.query(models.Host).filter(
                models.Host.hostname == val.get('hostname')).first()
            # 取hostname
            assert host_obj  # 断言,必须存在
            for item in val['remote_users']:  # 判断
                print(item)
                assert item.get('auth_type')
                if item.get('auth_type') == 'ssh-password':  # 判断认证password
                    remoteuser_obj = session.query(models.RemoteUser).filter(
                        models.RemoteUser.username == item.get('username'),
                        models.RemoteUser.password == item.get(
                            'password')).first()
                else:
                    # 获取远程用户
                    remoteuser_obj = session.query(models.RemoteUser).filter(
                        models.RemoteUser.username == item.get('username'),
                        models.RemoteUser.auth_type == item.get('auth_type'),
                    ).first()
                if not remoteuser_obj:  # 没取到,程序退出
                    print_err("RemoteUser obj %s does not exist." % item,
                              quit=True)
                bindhost_obj = models.BindHost(host_id=host_obj.id,
                                               remoteuser_id=remoteuser_obj.id)
                session.add(bindhost_obj)  # 获取到关系后添加session
                # for groups this host binds to
                if source[key].get('groups'):  # 获取组
                    group_objs = session.query(models.HostGroup).filter(
                        models.HostGroup.name.in_(
                            source[key].get('groups'))).all()
                    assert group_objs
                    print('groups:', group_objs)
                    bindhost_obj.host_groups = group_objs
                # for user_profiles this host binds to
                if source[key].get('user_profiles'):  # 判断是否直接属于哪一台机器
                    userprofile_objs = session.query(
                        models.Userprofile).filter(
                            models.Userprofile.username.in_(
                                source[key].get('user_profiles'))).all()
                    assert userprofile_objs
                    print("userprofiles:", userprofile_objs)
                    bindhost_obj.user_profiles = userprofile_objs
                # print(bindhost_obj)
        session.commit()
Exemplo n.º 12
0
def create_users(argvs):
    '''
    create little_finger access user
    :param argvs:
    :return:
    '''
    # 输入的命令行参数是否含有'-f'字符串
    if '-f' in argvs:
        # 取出文件名
        user_file = argvs[argvs.index("-f") + 1]
    else:
        # 文件不存在时,输出错误信息
        print_err(
            "invalid usage, should be:\ncreateusers -f <the new users file>",
            quit=True)
    # 得到包含用户信息的字典.
    source = yaml_parser(user_file)
    if source:
        # 一个一个的将用户存入数据库中.
        for key, val in source.items():
            print(key, val)
            obj = models.UserProfile(username=key,
                                     password=val.get('password'))
            # if val.get('groups'):
            #     groups = session.query(models.Group).filter(models.Group.name.in_(val.get('groups'))).all()
            #     if not groups:
            #         print_err("none of [%s] exist in group table." % val.get('groups'),quit=True)
            #     obj.groups = groups
            # if val.get('bind_hosts'):
            #     bind_hosts = common_filters.bind_hosts_filter(val)
            #     obj.bind_hosts = bind_hosts
            #print(obj)
            session.add(obj)
        session.commit()
Exemplo n.º 13
0
def create_users(argvs):
    """
    create user
    :param argvs:
    :return:
    """
    if '-f' in argvs:
        user_file = argvs[argvs.index("-f") + 1]
    else:
        print_err("invalid usage, should be:\ncreateusers -f <the new users file>", logout=True)
        return

    source = yaml_parser(user_file)
    if source:
        logger.debug("source:\n%s" % source)
        for key, val in source.items():
            logger.debug("%s:%s" % (key, val))
            obj = models.UserProfile(username=key, password=val.get('password'))
            logger.info(obj)
            # if val.get('groups'):
            #     groups = session.query(models.Group).filter(models.Group.name.in_(val.get('groups'))).all()
            #     if not groups:
            #         print_err("none of [%s] exist in group table." % val.get('groups'),quit=True)
            #     obj.groups = groups
            # if val.get('bind_hosts'):
            #     bind_hosts = common_filters.bind_hosts_filter(val)
            #     obj.bind_hosts = bind_hosts
            # print(obj)
            session.add(obj)
        session.commit()
        logger.info("create user sucess!")
Exemplo n.º 14
0
def create_groups(argvs):
    '''
    create groups
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        group_file = argvs[argvs.index("-f") + 1]
    else:
        print_err(
            "invalid usage, should be:\ncreategroups -f <the new groups file>",
            quit=True)
    source = yaml_parser(group_file)
    if source:
        for key, val in source.items():
            print(key, val)
            obj = models.HostGroup(name=key)

            # if val.get('bind_hosts'):
            #     bind_hosts = common_filters.bind_hosts_filter(val)
            #     obj.bind_hosts = bind_hosts
            #
            # if val.get('user_profiles'):
            #     user_profiles = common_filters.user_profiles_filter(val)
            #     obj.user_profiles = user_profiles

            session.add(obj)
        session.commit()
Exemplo n.º 15
0
def create_bindhosts(argvs):
    if '-f' in argvs:
        bindhosts_file = argvs[argvs.index("-f") + 1]
    else:
        print_err(
            "invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>",
            quit=True)
    source = yaml_parser(bindhosts_file)
    if source:
        for key, val in source.items():
            print(key, val)
            host_obj = session.query(models.Host).filter(
                models.Host.hostname == val.get('hostname')).first()
            assert host_obj
            print(host_obj)
            '''注意下面的for语句,实际上val['remote_users']返回的是一个列表(yaml中如果有-,则变成列表),然后列表里面嵌套了字典,
            所以for其实是对列表进行了循环,而列表里面的元素则是一个个字典'''
            for item in val['remote_users']:
                print('remote_users is', item)
                '''assert断言,表示如果没有auth_type这个key,或取不到auth_type这个的值,则下面语句不执行。'''
                assert item.get('auth_type')
                if item.get('auth_type') == 'ssh-password':
                    remoteuser_obj = session.query(models.RemoteUser).filter(
                        models.RemoteUser.username == item.get('username'),
                        models.RemoteUser.password == item.get('password'),
                        #models.RemoteUser.auth_type==item.get('auth_type'),
                    ).first()
                else:
                    remoteuser_obj = session.query(models.RemoteUser).filter(
                        models.RemoteUser.username == item.get('username'),
                        models.RemoteUser.auth_type == item.get('auth_type'),
                    ).first()
                if not remoteuser_obj:
                    print_err('user [%s] is not exist' % (item), quit=True)
                bindhost_obj = models.BindHost(host_id=host_obj.id,
                                               remoteuser_id=remoteuser_obj.id)
                session.add(bindhost_obj)
                '''判断是否有groups这个字段,如果有则执行下面语句'''
                if source[key].get('groups'):
                    print(source[key].get('groups'))
                    group_objs = session.query(models.HostGroup).filter(
                        models.HostGroup.name.in_(
                            source[key].get('groups'))).all()
                    assert group_objs
                    '''通过下面语句将bind_host和host_group两个表的关联表bindhost_m2m_hostgroup建立起来,
                    将两个表相对应的主机和组的id相对应起来,实现主机和组的关联。
                    注意下面的语句将对关联表插入相关联的ID值'''
                    bindhost_obj.host_groups = group_objs

                if source[key].get('user_profiles'):
                    user_objs = session.query(models.UserProfile).filter(
                        models.UserProfile.username.in_(
                            source[key].get('user_profiles'))).all()
                    assert user_objs
                    '''通过下面的语句,将堡垒机用户表和bind_host表相关联起来,对两者的关联表user_m2m_bindhost
                    插入对应的两方id,通过该表的外键实现两表关联,最终实现用户和主机关联'''
                    bindhost_obj.user_profiles = user_objs
        session.commit()
Exemplo n.º 16
0
def create_remoteusers(argvs):
    msg = 'the new remote users file'
    remoteuser_file = parse_argvs(argvs, msg)
    source = yaml_parser(remoteuser_file)
    if source:
        for key,val in source.items():
            obj = models.RemoteUser(username=val.get('username'),auth_type=val.get('auth_type'),password=val.get('password'))
            session.add(obj)
        session.commit()
Exemplo n.º 17
0
 def syncdb():
     print("Syncing DB....")
     models.Base.metadata.create_all(engine)
     source = yaml_parser(wisdom_file)
     if source:
         for key, val in source.items():
             obj = models.Wisdom(sentence=key)
             session.add(obj)
         session.commit()
Exemplo n.º 18
0
def create_bindhosts(argvs):
    """
    create bind hosts
    主机及该主机上的账户信息
    :param argvs:
    :return:
    """
    if '-f' in argvs:
        bindhosts_file = argvs[argvs.index("-f") + 1]
    else:
        print_err("invalid usage, should be:\ncreate_bindhosts -f <the new bindhosts file>", logout=True)
        return
    source = yaml_parser(bindhosts_file)
    if source:
        logger.debug("source:\n%s" % source)
        for key, val in source.items():
            logger.debug("%s:%s" % (key, val))
            # 要Bind的主机信息
            host_obj = session.query(models.Host).filter(models.Host.hostname == val.get('hostname')).first()
            logger.debug("host_obj---\n%s" % host_obj)
            assert host_obj
            for item in val['remote_users']:  # 要bind到该主机上的账户信息
                logger.debug(item)
                assert item.get('auth_type')
                if item.get('auth_type') == 'ssh-password':
                    remoteuser_obj = session.query(models.RemoteUser).filter(
                        models.RemoteUser.username == item.get('username'),
                        models.RemoteUser.password == item.get('password')
                    ).first()
                else:
                    remoteuser_obj = session.query(models.RemoteUser).filter(
                        models.RemoteUser.username == item.get('username'),
                        models.RemoteUser.auth_type == item.get('auth_type'),
                    ).first()
                if not remoteuser_obj:
                    print_err("RemoteUser obj %s does not exist." % item, logout=True)
                bindhost_obj = models.BindHost(host_id=host_obj.id, remoteuser_id=remoteuser_obj.id)  # 设定bind关系
                session.add(bindhost_obj)
                # for groups this host binds to 该主机bind到主机组
                if source[key].get('groups'):
                    group_objs = session.query(models.HostGroup).filter(
                        models.HostGroup.name.in_(source[key].get('groups'))).all()
                    assert group_objs
                    logger.info('groups:%s' % group_objs)
                    bindhost_obj.host_groups = group_objs
                # for user_profiles this host binds to  该主机bind到的用户
                if source[key].get('user_profiles'):
                    userprofile_objs = session.query(models.UserProfile).filter(models.UserProfile.username.in_(
                        source[key].get('user_profiles')
                    )).all()
                    logger.debug(userprofile_objs)
                    assert userprofile_objs
                    logger.info("userprofiles:%s" % userprofile_objs)
                    bindhost_obj.user_profiles = userprofile_objs
                    # print(bindhost_obj)
        session.commit()
        logger.info("create bindhosts sucess!")
Exemplo n.º 19
0
def create_bindhosts(argvs):
    '''
    create bind hosts
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        bindhosts_file = argvs[argvs.index("-f") + 1]
    else:
        print_err(
            "invalid usage, should be:\ncreate_bindhosts -f <the new bindhosts file>",
            quit=True)
    source = yaml_parser(bindhosts_file)
    if source:
        for key, val in source.items():
            # print(key,val)
            host_obj = session.query(model_v2.Host).filter(
                model_v2.Host.hostname == val.get('hostname')).first()
            assert host_obj
            for item in val['remote_users']:
                print(item)
                assert item.get('auth_type')
                if item.get('auth_type') == 'ssh-password':
                    remoteuser_obj = session.query(model_v2.RemoteUser).filter(
                        model_v2.RemoteUser.username == item.get('username'),
                        model_v2.RemoteUser.password == item.get(
                            'password')).first()
                else:
                    remoteuser_obj = session.query(model_v2.RemoteUser).filter(
                        model_v2.RemoteUser.username == item.get('username'),
                        model_v2.RemoteUser.auth_type == item.get('auth_type'),
                    ).first()
                if not remoteuser_obj:
                    print_err("RemoteUser obj %s does not exist." % item,
                              quit=True)
                bindhost_obj = model_v2.BindHost(
                    host_id=host_obj.id, remoteuser_id=remoteuser_obj.id)
                session.add(bindhost_obj)
                # for groups this host binds to
                if source[key].get('groups'):
                    group_objs = session.query(model_v2.HostGroup).filter(
                        model_v2.HostGroup.name.in_(
                            source[key].get('groups'))).all()
                    assert group_objs
                    print('groups:', group_objs)
                    bindhost_obj.hostgroups = group_objs
                # for user_profiles this host binds to
                if source[key].get('fortress_user'):
                    fortressuser_objs = session.query(
                        model_v2.FortressUser).filter(
                            model_v2.FortressUser.username.in_(
                                source[key].get('fortress_user'))).all()
                    assert fortressuser_objs
                    print("fortressuser:", fortressuser_objs)
                    bindhost_obj.fortress_users = fortressuser_objs
                    # print(bindhost_obj)
        session.commit()
Exemplo n.º 20
0
 def create_remoteusers(remoteuser_file):
     source = yaml_parser(remoteuser_file)
     if source:
         for key, val in source.items():
             print(key, val)
             obj = models.RemoteUser(username=val['username'],
                                     auth_type=val['auth_type'],
                                     password=val.get('password'))
             session.add(obj)
         session.commit()
Exemplo n.º 21
0
def create_hosts(argvs):
    msg = 'the new hosts file'
    host_file = parse_argvs(argvs, msg)
    #print(host_file)
    source = yaml_parser(host_file)
    if source:
        for key,val in source.items():
            obj = models.Host(hostname=key,ip_addr=val.get('ip_addr'),port=val.get('port') or 22)
            session.add(obj)
        session.commit()
Exemplo n.º 22
0
 def create_hosts(host_file):
     source = yaml_parser(host_file)
     if source:
         for key, val in source.items():
             print(key, val)
             obj = models.Host(hostname=key,
                               ip_addr=val['ip_addr'],
                               port=val.get('port') or 22)
             session.add(obj)
         session.commit()
Exemplo n.º 23
0
def log_recording(logs):
    """
    flush user operations on remote host into DB
    :param logs: list format [logItem1,logItem2,...]
    :return:
    """

    print("\033[41;1m--logs:\033[0m", logs)
    # session.add_all(logs)
    session.add(logs)
    session.commit()
Exemplo n.º 24
0
 def create_groups(group_file):
     source = yaml_parser(group_file)
     if source:
         for key, val in source.items():
             print(key, val)
             obj = models.Group(name=key)
             if val.get('user_profiles'):
                 user_profiles = common.user_profiles_filter(val)
                 obj.user_profiles = user_profiles
             if val.get('bind_hosts'):
                 bind_hosts = common.bind_hosts_filter(val)
                 obj.bind_hosts = bind_hosts
             session.add(obj)
         session.commit()
Exemplo n.º 25
0
def create_hosts(argvs):
    """根据yml文件创建host表中的数据"""
    if '-f' in argvs:
        hosts_file = argvs[argvs.index("-f") + 1]
    else:
        print_err("invalid usage, should be:\ncreate_hosts -f <the new hosts file>", quit=True)
    source = yaml_parser(hosts_file)  # 解析yml文件为对象
    if source:
        # print(source)
        for key, val in source.items():
            print(key, val)
            obj = models_v2.Host(hostname=key, ip=val.get('ip'), port=val.get('port') or 22)  # 创建一行host数据
            session.add(obj)
        session.commit()
Exemplo n.º 26
0
def store_aduit_log(user_profile_obj, bind_host_obj, cmd):
    '''

    :param user_obj: 登录远程计算机的用户对象
    :param bind_host_obj: 远程计算机对象
    :param cmd: 用户对象执行的命令字符串
    :return:
    '''
    aduitLog_obj = models.AuditLog(user_profile_id=user_profile_obj.id,
                                   bind_host_id=bind_host_obj.id,
                                   cmd=cmd,
                                   date=datetime.datetime.now())
    session.add(aduitLog_obj)
    session.commit()
Exemplo n.º 27
0
def create_bindhosts(argv):
    '''
    create bind hosts
    :param argv:
    :return:
    '''
    if '-f' in argv:
        bindhost_file = argv[argv.index('-f') + 1]
    else:
        print_err(
            "invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>",
            quit=True)
    source = yaml_parser(bindhost_file)
    if source:
        print(source)
        for key, val in source:
            host_obj = session.query(models.Host).filter(
                models.Host.hostname == val.get('hostname'))
            assert host_obj
            for item in val['remote_users']:
                assert item.get('auth_type')
                if item.get('auth_type') == 'ssh-passwd':
                    remoteuser_obj = session.query(models.RemoteUser).filter(
                        models.RemoteUser.username == item.get('username'),
                        models.RemoteUser.password == item.get('password'),
                    ).first()
                else:
                    remoteuser_obj = session.query(models.RemoteUser).filter(
                        models.RemoteUser.username == item.get('username'),
                        models.RemoteUser.auth_type == item.get('auth_type'),
                    ).first()
            if not remoteuser_obj:
                print_err("RemoteUser obj %s does not exist." % item,
                          quit=True)
            bindhost_obj = models.BindHost(host_id=host_obj.id,
                                           remoteuser_id=remoteuser_obj.id)
            session.add(bindhost_obj)
            if source[key].get('groups'):
                group_obj = session.query(models.HostGroup).filter(
                    models.HostGroup.name.in_(
                        source[key].get('groups'))).all()
                assert group_obj
                bindhost_obj.host_groups = group_obj
            if source[key].get('user_profiles'):
                userprofile_obj = session.query(models.UserProfile).filter(
                    models.UserProfile.username.in_(
                        source[key].get('user_profiles'))).all()
                assert userprofile_obj
                bindhost_obj.user_profiles = userprofile_obj
        session.commit()
Exemplo n.º 28
0
def create_remoteusers(argvs):
    """根据yml文件创建remote_user表中的数据"""
    if '-f' in argvs:
        remoteusers_file = argvs[argvs.index("-f") + 1]
    else:
        print_err("invalid usage, should be:\ncreate_remoteusers -f <the new remoteusers file>", quit=True)
    source = yaml_parser(remoteusers_file)
    if source:
        for key, val in source.items():
            print(key, val)
            obj = models_v2.RemoteUser(username=val.get('username'), auth_type=val.get('auth_type'),
                                       password=val.get('password'))
            session.add(obj)
        session.commit()
Exemplo n.º 29
0
def create_bindhosts(argvs):
    '''
    create bind hosts
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        bindhosts_file  = argvs[argvs.index("-f") +1 ]
    else:
        print_err("invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>",quit=True)
    source = yaml_parser(bindhosts_file)
    if source:
        for key,val in source.items():
            #print(key,val)
            host_obj = session.query(models.Host).filter(models.Host.hostname==val.get('hostname')).first()
            assert host_obj
            for item in val['remote_users']:
                print(item )
                assert item.get('auth_type')
                if item.get('auth_type') == 'ssh-passwd':
                    remoteuser_obj = session.query(models.RemoteUser).filter(
                                                        models.RemoteUser.username==item.get('username'),
                                                        models.RemoteUser.password==item.get('password')
                                                    ).first()
                else:
                    remoteuser_obj = session.query(models.RemoteUser).filter(
                                                        models.RemoteUser.username==item.get('username'),
                                                        models.RemoteUser.auth_type==item.get('auth_type'),
                                                    ).first()
                if not remoteuser_obj:
                    print_err("RemoteUser obj %s does not exist." % item,quit=True )
                bindhost_obj = models.BindHost(host_id=host_obj.id,remoteuser_id=remoteuser_obj.id)
                session.add(bindhost_obj)
                #for groups this host binds to
                if source[key].get('groups'):
                    group_objs = session.query(models.Group).filter(models.Group.name.in_(source[key].get('groups') )).all()
                    assert group_objs
                    print('groups:', group_objs)
                    bindhost_obj.groups = group_objs
                #for user_profiles this host binds to
                if source[key].get('user_profiles'):
                    userprofile_objs = session.query(models.UserProfile).filter(models.UserProfile.username.in_(
                        source[key].get('user_profiles')
                    )).all()
                    assert userprofile_objs
                    print("userprofiles:",userprofile_objs)
                    bindhost_obj.user_profiles = userprofile_objs
                #print(bindhost_obj)
        session.commit()
Exemplo n.º 30
0
def create_groups(argvs):
    msg = 'the new groups file'
    group_file = parse_argvs(argvs, msg)
    source = yaml_parser(group_file)
    if source:
        for key,val in source.items():
            obj = models.Group(name=key)
            if val.get('bind_hosts'):#多对多关系
                bind_hosts = common_filters.bind_hosts_filter(val)
                obj.bind_hosts = bind_hosts
            if val.get('user_profiles'):#多对多关系
                user_profiles = common_filters.user_profiles_filter(val)
                obj.user_profiles = user_profiles
            session.add(obj)
        session.commit()
Exemplo n.º 31
0
def create_hosts(argvs):
    if '-f' in argvs:
        hosts_file = argvs[argvs.index("-f") + 1]
    else:
        print_err(
            "invalid usage, should be:\ncreate_hosts -f <the new hosts file>",
            quit=True)
    source = yaml_parser(hosts_file)
    if source:
        for key, val in source.items():
            print(key, val)
            obj = models.Host(hostname=key,
                              ip_addr=val.get('ip_addr'),
                              port=val.get('port') or 22)
            session.add(obj)
        session.commit()
Exemplo n.º 32
0
def create_remoteusers(argvs):
    if '-f' in argvs:
        remoteusers_file = argvs[argvs.index("-f") + 1]
    else:
        print_err(
            "invalid usage, should be:\ncreate_remoteusers -f <the new remoteusers file>",
            quit=True)
    source = yaml_parser(remoteusers_file)
    if source:
        for key, val in source.items():
            print(key, val)
            obj = models.RemoteUser(username=val.get('username'),
                                    auth_type=val.get('auth_type'),
                                    password=val.get('password'))
            session.add(obj)
        session.commit()
Exemplo n.º 33
0
def create_users(argvs):
    msg = 'the new users file'
    user_file = parse_argvs(argvs, msg)

    source = yaml_parser(user_file)
    if source:
        for key,val in source.items():
            obj = models.UserProfile(username=key,password=val.get('password'))
            if val.get('groups'):#多对多关系
                groups = common_filters.groups_filter(val)
                obj.groups = groups
            if val.get('bind_hosts'):#多对多关系
                bind_hosts = common_filters.bind_hosts_filter(val)
                obj.bind_hosts = bind_hosts
            session.add(obj)
        session.commit()
Exemplo n.º 34
0
def create_bindhosts(argvs):
    """根据yml文件创建BindHost表中的数据"""
    if '-f' in argvs:
        bindhosts_file = argvs[argvs.index("-f") + 1]
    else:
        print_err("invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>", quit=True)
    source = yaml_parser(bindhosts_file)
    if source:
        for key, val in source.items():
            # print(key,val)
            host_obj = session.query(models_v2.Host).filter(models_v2.Host.hostname == val.get('hostname')).first()
            assert host_obj  # 断言是否存在这个主机, 如果没有抛出异常不向下执行
            for item in val['remote_users']:
                print(item)
                assert item.get('auth_type')
                if item.get('auth_type') == 'ssh-passwd':
                    remoteuser_obj = session.query(models_v2.RemoteUser).filter(
                        models_v2.RemoteUser.username == item.get('username'),
                        models_v2.RemoteUser.password == item.get('password')
                    ).first()
                else:
                    remoteuser_obj = session.query(models_v2.RemoteUser).filter(
                        models_v2.RemoteUser.username == item.get('username'),
                        models_v2.RemoteUser.auth_type == item.get('auth_type'),
                    ).first()
                if not remoteuser_obj:  # 如果RemoteUser表不存在bindhost.yml文件中的remoteUser, 抛出异常
                    print_err("RemoteUser obj %s does not exist." % item, quit=True)
                bindhost_obj = models_v2.BindHost(host_id=host_obj.id, remoteuser_id=remoteuser_obj.id)
                session.add(bindhost_obj)
                # for groups this host binds to
                if source[key].get('groups'):
                    # select * from HostGroup where name in (bjgroup, shgroup);
                    group_objs = session.query(models_v2.HostGroup).filter(
                        models_v2.HostGroup.name.in_(source[key].get('groups'))).all()
                    assert group_objs  # 断言
                    bindhost_obj.host_groups = group_objs
                # for user_profiles this host binds to
                if source[key].get('user_profiles'):
                    userprofile_objs = session.query(models_v2.UserProfile).filter(models_v2.UserProfile.username.in_(
                        source[key].get('user_profiles')
                    )).all()
                    assert userprofile_objs  # 断言
                    print("userprofiles:", userprofile_objs)
                    bindhost_obj.user_profiles = userprofile_objs
                    # print(bindhost_obj)
        session.commit()
Exemplo n.º 35
0
 def create_users(user_file):
     source = yaml_parser(user_file)
     if source:
         for key, val in source.items():
             print(key, val)
             obj = models.UserProfile(username=key,
                                      password=val['password'])
             if val.get('groups'):
                 '''如果val中含有group,且该group存在,则同时讲该用户加入对应group'''
                 groups = common.bind_group_filter(val)
                 obj.groups = groups
             if val.get('bind_hosts'):
                 '''如果val有bind_hosts,则同时绑定hosts'''
                 bind_hosts = common.bind_hosts_filter(val)
                 obj.bind_hosts = bind_hosts
             session.add(obj)
         session.commit()
Exemplo n.º 36
0
def create_hosts(argvs):
    '''
    create hosts
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        hosts_file  = argvs[argvs.index("-f") +1 ]
    else:
        print_err("invalid usage, should be:\ncreate_hosts -f <the new hosts file>",quit=True)
    source = yaml_parser(hosts_file)
    if source:
        for key,val in source.items():
            print(key,val)
            obj = models.Host(hostname=key,ip_addr=val.get('ip_addr'), port=val.get('port') or 22)
            session.add(obj)
        session.commit()
Exemplo n.º 37
0
def create_groups(argvs):
    """根据yml文件创建Group表中的数据"""
    if '-f' in argvs:
        group_file = argvs[argvs.index("-f") + 1]
    else:
        print_err("invalid usage, should be:\ncreategroups -f <the new groups file>", quit=True)
    source = yaml_parser(group_file)
    if source:
        for key, val in source.items():
            print(key, val)
            obj = models_v2.HostGroup(name=key)
            # if val.get('bind_hosts'):
            #     bind_hosts = common_filters.bind_hosts_filter(val)
            #     obj.bind_hosts = bind_hosts
            #
            # if val.get('user_profiles'):
            #     user_profiles = common_filters.user_profiles_filter(val)
            #     obj.user_profiles = user_profiles
            session.add(obj)
        session.commit()
Exemplo n.º 38
0
def create_users(argvs):
    """根据yml文件创建堡垒机user表中的数据"""
    if '-f' in argvs:
        user_file = argvs[argvs.index("-f") + 1]
    else:
        print_err("invalid usage, should be:\ncreateusers -f <the new users file>", quit=True)

    source = yaml_parser(user_file)
    if source:
        for key, val in source.items():
            print(key, val)
            obj = models_v2.UserProfile(username=key, password=val.get('password'))
            # if val.get('groups'):
            #     groups = session.query(models_v2.Group).filter(models_v2.Group.name.in_(val.get('groups'))).all()
            #     if not groups:
            #         print_err("none of [%s] exist in group table." % val.get('groups'), quit=True)
            #     obj.groups = groups
            # if val.get('bind_hosts'):
            #     bind_hosts = common_filters.bind_hosts_filter(val)
            #     obj.bind_hosts = bind_hosts
            # # print(obj)
            session.add(obj)
        session.commit()
Exemplo n.º 39
0
def create_groups(argvs):
    '''
    create groups
    :param argvs:
    :return:
    '''
    if '-f' in argvs:
        group_file  = argvs[argvs.index("-f") +1 ]
    else:
        print_err("invalid usage, should be:\ncreategroups -f <the new groups file>",quit=True)
    source = yaml_parser(group_file)
    if source:
        for key,val in source.items():
            print(key,val)
            obj = models.Group(name=key)
            if val.get('bind_hosts'):
                bind_hosts = common_filters.bind_hosts_filter(val)
                obj.bind_hosts = bind_hosts

            if val.get('user_profiles'):
                user_profiles = common_filters.user_profiles_filter(val)
                obj.user_profiles = user_profiles
            session.add(obj)
        session.commit()