def asset_web_ssh(request): if request.method == 'POST': id = request.POST.get('id', None) obj = asset.objects.get(id=id) a = asset.objects.get(id=id) user = User.objects.get(username=request.user) checker = ObjectPermissionChecker(user) ret = {} try: if checker.has_perm('task_asset', a) == True: ip = obj.network_ip + ":" + str(obj.port) username = obj.system_user.username password1 = obj.system_user.password password = decrypt_p(password1) ret = { "ip": ip, "username": username, 'password': password, "static": True } login_ip = request.META['REMOTE_ADDR'] web_history.objects.create(user=request.user, ip=login_ip, login_user=obj.system_user.username, host=ip) except Exception as e: ret['status'] = False ret['error'] = '请求错误,{}'.format(e) finally: return HttpResponse(json.dumps(ret))
def job(id): ##计划任务 i = asset.objects.filter(id=id).first() password = decrypt_p(i.system_user.password) cpu1 = ssh(ip=i.network_ip, port=i.port, username=i.system_user.username, password=password, cmd=" top -bn 1 -i -c | grep Cpu ") cpu2 = cpu1['data'].split() cpu3 = cpu2[1].split('%') cpu4 = cpu2[3].split('%') cpu = str(float(str(cpu3[0])) + float(str(cpu4[0]))) total = ssh(ip=i.network_ip, port=i.port, username=i.system_user.username, password=password, cmd=" free | grep Mem: ") list = total['data'].split(" ") while '' in list: list.remove('') mem = float('%.2f' % (float('%.3f' % (int(list[2]) / int(list[1]))) * 100)) in1 = ssh(ip=i.network_ip, port=i.port, username=i.system_user.username, password=password, cmd="cat /proc/net/dev | grep eth0 ") in2 = in1['data'].split() time.sleep(1) in3 = ssh(ip=i.network_ip, port=i.port, username=i.system_user.username, password=password,cmd="cat /proc/net/dev | grep eth0 ") in4 = in3['data'].split() in_network = int((int(in4[1]) - int(in2[1]))/1024/10*8) out_network = int((int(in4[9]) - int(in2[9]))/1024/10*8) performance.objects.create(server_id=i.id, cpu_use=cpu, mem_use=mem,in_use=in_network,out_use=out_network)
def Inception(request): ##Inception 审核 if request.method == "GET": obj = get_objects_for_user(request.user, 'db.change_db_mysql') return render(request, 'tasks/Inception.html', {'sql_list': obj, "tasks_active": "active", "sql_active": "active"}) if request.method == 'POST': ids = request.POST.getlist('id') sql_db = request.POST.get('sql', None) databases = request.POST.get('databases', None) user = User.objects.get(username=request.user) checker = ObjectPermissionChecker(user) ids1 = [] for i in ids: assets = db_mysql.objects.get(id=i) if checker.has_perm('task_db_mysql', assets, ) == True: ids1.append(i) else: error_3 = "数据库没有权限" ret = {"error": error_3, "status": False} return HttpResponse(json.dumps(ret)) user = request.user idstring = ','.join(ids1) if not ids: error_1 = "请选择数据库" ret = {"error": error_1, "status": False} return HttpResponse(json.dumps(ret)) elif not sql_db: error_2 = "请输入命令" ret = {"error": error_2, "status": False} return HttpResponse(json.dumps(ret)) obj = db_mysql.objects.extra(where=['id IN (' + idstring + ')']) ret = {} ret['data'] = [] for i in obj: try: history.objects.create(ip=i.ip, root=i.db_user.username, port=i.port, cmd="审核:{0}".format(sql_db), user=user) password = decrypt_p(i.db_user.password) s = sql(user=i.db_user.username, password=password, host=i.ip, port=i.port,databases=databases,sqls=sql_db) if s == None or s['data'] == '': s = {} s['ip'] = i.ip s['data'] = "返回值为空,可能是权限不够。" ret['data'].append(s) except Exception as e: ret['data'].append({"ip": i.ip, "data": "账号密码不对,{0}".format(e)}) return HttpResponse(json.dumps(ret))
def cmd_job(host,cmd): i = asset.objects.get(network_ip=host) password = decrypt_p(i.system_user.password) cmd=cmd ret = ssh(ip=i.ip, port=i.port, username=i.username, password=password, cmd=cmd) return ret['data']
def Inception_query_databases(request): ##Inception 查询 数据库 名字 if request.method == 'POST': ids = request.POST.getlist('id') user = User.objects.get(username=request.user) checker = ObjectPermissionChecker(user) ids1 = [] for i in ids: assets = db_mysql.objects.get(id=i) if checker.has_perm( 'task_db_mysql', assets, ) == True: ids1.append(i) else: error_3 = "数据库没有权限" ret = {"error": error_3, "status": False} return HttpResponse(json.dumps(ret)) user = request.user idstring = ','.join(ids1) if not ids: error_1 = "请选择数据库" ret = {"error": error_1, "status": False} return HttpResponse(json.dumps(ret)) obj = db_mysql.objects.extra(where=['id IN (' + idstring + ')']) ret = {} ret['data'] = [] for i in obj: try: history.objects.create(ip=i.ip, root=i.db_user.username, port=i.port, cmd="查询数据库库名字".format(), user=user) password = decrypt_p(i.db_user.password) a = sql_query(user=i.db_user.username, password=password, host=i.ip, port=i.port, db='mysql') s1 = a.connectmysql( sql="select SCHEMA_NAME from information_schema.SCHEMATA;") s2 = [] for z in s1: s2.append(z[0]) s = {'ip': i.ip, 'data': s2} ret['data'].append(s) except Exception as e: ret['data'].append({"ip": i.ip, "data": "账号密码不对,{}".format(e)}) return HttpResponse(json.dumps(ret))
def asset_hardware_update(request): ret = {'status': True, 'error': None, 'data': None} if request.method == 'POST': try: id = request.POST.get('nid', None) obj = asset.objects.get(id=id) ip = obj.network_ip port = obj.port username = obj.system_user.username password1 = obj.system_user.password password = decrypt_p(password1) assets = [ { "hostname": 'host', "ip": ip, "port": port, "username": username, "password": password, }, ] task_tuple = (('setup', ''), ) runner = AdHocRunner(assets) result = runner.run(task_tuple=task_tuple, pattern='all', task_name='Ansible Ad-hoc') data = result['contacted']['host'][0]['ansible_facts'] hostname = data['ansible_nodename'] system = data['ansible_distribution'] + " " + data[ 'ansible_distribution_version'] try: a2 = "parted -l | grep \"Disk \/dev\/[a-z]d\" | awk -F\"[ ]\" '{print $3}' | awk -F\"GB\" '{print $1}'" s = ssh(ip=ip, port=port, username=username, password=password, cmd=a2) disk1 = s['data'] disk2 = disk1.rstrip().split("\n") disk = "+".join(map(str, disk2)) + " 共计:{} GB".format( round(sum(map(float, disk2)))) except Exception as e: disk = " 共计{}".format(str(sum([int(data["ansible_devices"][i]["sectors"]) * \ int(data["ansible_devices"][i]["sectorsize"]) / 1024 / 1024 / 1024 \ for i in data["ansible_devices"] if i[0:2] in ("vd", "ss", "sd")])) + str(" GB")) try: a1 = "dmidecode | grep -P -A5 \"Memory\ Device\" | grep Size | grep -v \"No Module Installed\" | grep -v \"0\" | awk -F\":\" \'{print $2}\' | awk -F\" \" \'{print $1}\'" s = ssh(ip=ip, port=port, username=username, password=password, cmd=a1) memory1 = s['data'] if memory1 == "": memory0 = [] memory0.append( int(round((data['ansible_memtotal_mb']) / 1000))) else: memory2 = memory1.rstrip().split("\n") memory0 = [] for i in range(len(memory2)): memory0.append((int(int(memory2[i]) / 1024))) memory = "+".join(map(str, memory0)) + ' 共计:{} GB'.format( (sum(map(int, memory0)))) except Exception as e: memory = ' 共计:{} GB'.format( round((data['ansible_memtotal_mb'] / 1000))) sn = data['ansible_product_serial'] model = data["ansible_system_vendor"] + " " + data[ 'ansible_product_name'] cpu = data['ansible_processor'][1] + " {}核心".format( data['ansible_processor_count'] * data["ansible_processor_cores"]) try: a = "ipmitool lan print | grep -w \"IP Address \" | awk -F\":\" \ '{print $2}\'" s = ssh(ip=ip, port=port, username=username, password=password, cmd=a) manage = s['data'] except Exception as e: manage = None net = data["ansible_interfaces"][1:] net.sort() try: eth0 = data['ansible_{}'.format(net[0])]['macaddress'] except Exception as e: eth0 = None try: eth1 = data['ansible_{}'.format(net[1])]['macaddress'] except Exception as e: eth1 = None try: eth2 = data['ansible_{}'.format(net[2])]['macaddress'] except Exception as e: eth2 = None try: eth3 = data['ansible_{}'.format(net[3])]['macaddress'] except Exception as e: eth3 = None ass = asset.objects.filter(id=id).first() ass.hostname = hostname ass.manage_ip = manage ass.system = system ass.memory = memory ass.disk = disk ass.sn = sn ass.model = model ass.cpu = cpu ass.eth0 = eth0 ass.eth1 = eth1 ass.eth2 = eth2 ass.eth3 = eth3 ass.save() except Exception as e: ret['status'] = False ret['error'] = '登陆账号权限不够| 请在被添加的主机安装 parted ipmitool dmidecode | 删除 主服务器/root/.ssh/known_hosts 文件'.format( e) return HttpResponse(json.dumps(ret))
def post(self, request): ##命令行 ids = request.POST.getlist('id') code_id = request.POST.get('code_id', None) dest = request.POST.get('dest', None) user = User.objects.get(username=request.user) checker = ObjectPermissionChecker(user) ids1 = [] for i in ids: assets = asset.objects.get(id=i) if checker.has_perm( 'task_asset', assets, ) == True: ids1.append(i) else: error_3 = "主机没有权限" ret = {"error": error_3, "status": False} return HttpResponse(json.dumps(ret)) idstring = ','.join(ids1) if not ids: error_1 = "请选择主机" ret = {"error": error_1, "status": False} return HttpResponse(json.dumps(ret)) obj = asset.objects.extra(where=['id IN (' + idstring + ')']) ret = {'data': []} tasks = [] file = codebase.objects.get(id=code_id) for i in obj: try: assets = [ { "hostname": 'host', "ip": i.network_ip, "port": i.port, "username": i.system_user.username, "password": decrypt_p(i.system_user.password), }, ] tasks = [ { "action": { "module": "copy", "args": "src=./upload/{0} {1}".format( file.file.name, dest) }, "name": "copy_code" }, ] inventory = BaseInventory(assets) runner = AdHocRunner(inventory) retsult = runner.run(tasks, "all") ret1 = [] try: ret1.append( "分发成功 {} 备注:如果前面返回值为 false,表示已经分发完成了,请不要重复分发。". format(retsult.results_raw['ok']['host']['copy_code'] ['changed'])) except Exception as e: if retsult.results_summary['dark'] == {}: ret1.append("执行成功") else: ret1.append("命令有问题,{}".format( retsult.results_summary['dark'])) history.objects.create(ip=i.network_ip, root=i.system_user, port=i.port, cmd="上传 {} 到 {}".format( file.name, dest), user=user) ret2 = {'ip': i.network_ip, 'data': '\n'.join(ret1)} ret['data'].append(ret2) except Exception as e: ret['data'].append({ "ip": i.network_ip, "data": "账号密码不对,{}".format(e) }) return HttpResponse(json.dumps(ret))
def cmd(request): ##命令行 if request.method == "GET": obj = get_objects_for_user(request.user, 'asset.change_asset') return render(request, 'tasks/cmd.html', { 'asset_list': obj, "tasks_active": "active", "cmd_active": "active" }) if request.method == 'POST': ids = request.POST.getlist('id') args = request.POST.getlist('args', None) module = request.POST.getlist('module', None) user = User.objects.get(username=request.user) checker = ObjectPermissionChecker(user) ids1 = [] for i in ids: assets = asset.objects.get(id=i) if checker.has_perm( 'task_asset', assets, ) == True: ids1.append(i) else: error_3 = "主机没有权限" ret = {"error": error_3, "status": False} return HttpResponse(json.dumps(ret)) idstring = ','.join(ids1) if not ids: error_1 = "请选择主机" ret = {"error": error_1, "status": False} return HttpResponse(json.dumps(ret)) elif args == ['']: error_2 = "请输入命令" ret = {"error": error_2, "status": False} return HttpResponse(json.dumps(ret)) obj = asset.objects.extra(where=['id IN (' + idstring + ')']) ret = {'data': []} tasks = [] for x in range(len(module)): tasks.append( { "action": { "module": module[x], "args": args[x] }, "name": 'task{}'.format(x) }, ) for i in obj: try: assets = [ { "hostname": 'host', "ip": i.network_ip, "port": i.port, "username": i.system_user.username, "password": decrypt_p(i.system_user.password), }, ] inventory = BaseInventory(assets) runner = AdHocRunner(inventory) retsult = runner.run(tasks, "all") ret1 = [] for c in range(len(module)): try: ret1.append(retsult.results_raw['ok']['host'][ 'task{}'.format(c)]['stdout']) except Exception as e: if retsult.results_summary['dark'] == ['']: ret1.append("执行成功") else: ret1.append("命令有问题,{}".format( retsult.results_summary['dark'])) history.objects.create(ip=i.network_ip, root=i.system_user, port=i.port, cmd=args, user=user) ret2 = {'ip': i.network_ip, 'data': '\n'.join(ret1)} ret['data'].append(ret2) except Exception as e: ret['data'].append({ "ip": i.network_ip, "data": "账号密码不对,{}".format(e) }) return HttpResponse(json.dumps(ret))
def tools_script_post(request): ret = {'data': None} if request.method == 'POST': try: host_ids = request.POST.getlist('id', None) sh_id = request.POST.get('shid', None) user = request.user if not host_ids: error1 = "请选择主机" ret = {"error": error1, "status": False} return HttpResponse(json.dumps(ret)) user = User.objects.get(username=request.user) checker = ObjectPermissionChecker(user) ids1 = [] for i in host_ids: assets = asset.objects.get(id=i) if checker.has_perm( 'task_asset', assets, ) == True: ids1.append(i) else: error2 = "主机没有权限" ret = {"error": error2, "status": False} return HttpResponse(json.dumps(ret)) idstring = ','.join(ids1) host = asset.objects.extra(where=['id IN (' + idstring + ')']) sh = toolsscript.objects.filter(id=sh_id) for s in sh: if s.tool_run_type == 0: with open('tasks/script/test.sh', 'w+') as f: f.write(s.tool_script) a = 'tasks/script/{}.sh'.format(s.id) os.system( "sed 's/\r//' tasks/script/test.sh > {}".format(a)) elif s.tool_run_type == 1: with open('tasks/script/test.py', 'w+') as f: f.write(s.tool_script) p = 'tasks/script/{}.py'.format(s.id) os.system( "sed 's/\r//' tasks/script/test.py > {}".format( p)) # elif s.tool_run_type == 2: # with open('tasks/script/test.yml', 'w+') as f: # f.write(s.tool_script) # y = 'tasks/script/{}.yml'.format(s.id) # os.system("sed 's/\r//' tasks/script/test.yml > {}".format(y)) else: ret['status'] = False ret['error'] = '脚本类型错误,只能是shell、python' return HttpResponse(json.dumps(ret)) data1 = [] for h in host: try: password = decrypt_p(h.system_user.password) assets = [ { "hostname": 'host', "ip": h.network_ip, "port": h.port, "username": h.system_user.username, "password": password, }, ] history.objects.create(ip=h.network_ip, root=h.system_user.username, port=h.port, cmd=s.name, user=user) if s.tool_run_type == 0: tasks1 = [ { "action": { "module": "script", "args": "{}".format(a) }, "name": "1" }, ] elif s.tool_run_type == 1: tasks1 = [ { "action": { "module": "script", "args": "{}".format(p) }, "name": "1" }, ] inventory = BaseInventory(assets) runner = AdHocRunner(inventory) retsu = runner.run(tasks1, "all") try: data2 = { 'ip': h.network_ip, 'data': retsu.results_raw['ok']['host']['1']['stdout'] } except Exception as e: if retsu.results_summary['dark'] == ['']: data2 = {'ip': h.network_ip, 'data': "执行成功"} else: data2 = { 'ip': h.network_ip, 'data': "命令有问题,{}".format( retsu.results_summary['dark']) } data1.append(data2) except Exception as e: data2['ip'] = h.network_ip data2['data'] = "账号密码不对,或没有权限,请修改 {}, ".format(e) data1.append(data2) ret['data'] = data1 return HttpResponse(json.dumps(ret)) except Exception as e: ret['error'] = '未知错误 {}'.format(e) return HttpResponse(json.dumps(ret))
def cmd(request): ##命令行 if request.method == "GET": obj = get_objects_for_user(request.user, 'asset.change_asset') return render(request, 'tasks/cmd.html', { 'asset_list': obj, "tasks_active": "active", "cmd_active": "active" }) if request.method == 'POST': ids = request.POST.getlist('id') cmd = request.POST.get('cmd', None) user = User.objects.get(username=request.user) checker = ObjectPermissionChecker(user) ids1 = [] for i in ids: assets = asset.objects.get(id=i) if checker.has_perm( 'task_asset', assets, ) == True: ids1.append(i) else: error_3 = "主机没有权限" ret = {"error": error_3, "status": False} return HttpResponse(json.dumps(ret)) user = request.user idstring = ','.join(ids1) if not ids: error_1 = "请选择主机" ret = {"error": error_1, "status": False} return HttpResponse(json.dumps(ret)) elif not cmd: error_2 = "请输入命令" ret = {"error": error_2, "status": False} return HttpResponse(json.dumps(ret)) obj = asset.objects.extra(where=['id IN (' + idstring + ')']) ret = {} ret['data'] = [] for i in obj: try: password = decrypt_p(i.system_user.password) s = ssh(ip=i.network_ip, port=i.port, username=i.system_user.username, password=password, cmd=cmd) historys = history.objects.create(ip=i.network_ip, root=i.system_user, port=i.port, cmd=cmd, user=user) if s == None or s['data'] == '': s = {} s['ip'] = i.network_ip s['data'] = "返回值为空,可能是权限不够。" ret['data'].append(s) except Exception as e: ret['data'].append({ "ip": i.network_ip, "data": "账号密码不对,{}".format(e) }) return HttpResponse(json.dumps(ret))
def tools_script_post(request): ret = {'data': None} if request.method == 'POST': try: host_ids = request.POST.getlist('id', None) sh_id = request.POST.get('shid', None) user = request.user if not host_ids: error1 = "请选择主机" ret = {"error": error1, "status": False} return HttpResponse(json.dumps(ret)) user = User.objects.get(username=request.user) checker = ObjectPermissionChecker(user) ids1 = [] for i in host_ids: assets = asset.objects.get(id=i) if checker.has_perm( 'task_asset', assets, ) == True: ids1.append(i) else: error2 = "主机没有权限" ret = {"error": error2, "status": False} return HttpResponse(json.dumps(ret)) idstring = ','.join(ids1) host = asset.objects.extra(where=['id IN (' + idstring + ')']) sh = toolsscript.objects.filter(id=sh_id) for s in sh: if s.tool_run_type == 0: with open('tasks/script/test.sh', 'w+') as f: f.write(s.tool_script) a = 'tasks/script/{}.sh'.format(s.id) os.system( "sed 's/\r//' tasks/script/test.sh > {}".format(a)) elif s.tool_run_type == 1: with open('tasks/script/test.py', 'w+') as f: f.write(s.tool_script) p = 'tasks/script/{}.py'.format(s.id) os.system( "sed 's/\r//' tasks/script/test.py > {}".format(p)) elif s.tool_run_type == 2: with open('tasks/script/test.yml', 'w+') as f: f.write(s.tool_script) y = 'tasks/script/{}.yml'.format(s.id) os.system( "sed 's/\r//' tasks/script/test.yml > {}".format(y)) else: ret['status'] = False ret['error'] = '脚本类型错误,只能是shell、yml、python' return HttpResponse(json.dumps(ret)) data1 = [] for h in host: try: data2 = {} password = decrypt_p(h.system_user.password) assets = [ { "hostname": h.hostname, "ip": h.network_ip, "port": h.port, "username": h.system_user.username, "password": password, }, ] history.objects.create(ip=h.network_ip, root=h.system_user.username, port=h.port, cmd=s.name, user=user) if s.tool_run_type == 0: task_tuple = (('script', a), ) hoc = AdHocRunner(hosts=assets) hoc.results_callback = CommandResultCallback() r = hoc.run(task_tuple) data2['ip'] = h.network_ip data2['data'] = r['contacted'][ h.hostname]['stdout'] data1.append(data2) elif s.tool_run_type == 1: task_tuple = (('script', p), ) hoc = AdHocRunner(hosts=assets) hoc.results_callback = CommandResultCallback() r = hoc.run(task_tuple) data2['ip'] = h.network_ip data2['data'] = r['contacted'][ h.hostname]['stdout'] data1.append(data2) elif s.tool_run_type == 2: play = PlayBookRunner(assets, playbook_path=y) b = play.run() data2['ip'] = h.network_ip data2['data'] = b['plays'][0]['tasks'][1]['hosts'][h.hostname]['stdout'] + \ b['plays'][0]['tasks'][1]['hosts'][h.hostname]['stderr'] data1.append(data2) else: data2['ip'] = "脚本类型错误" data2['data'] = "脚本类型错误" except Exception as e: data2['ip'] = h.network_ip data2[ 'data'] = "账号密码不对,或没有权限,请修改{}, 请查看主机资产中的 主机名 ,此值不能为空,可随便填写一个。 ".format( e) data1.append(data2) ret['data'] = data1 return HttpResponse(json.dumps(ret)) except Exception as e: ret['error'] = '未知错误 {}'.format(e) return HttpResponse(json.dumps(ret))
def Inception_query(request): ##查询数据库 if request.method == 'POST': ids = request.POST.getlist('id') sqls = request.POST.get('sql') db = request.POST.get('databases') sqls1 = sqls.split(';') for s in sqls1: if '' in sqls1: sqls1.remove('') for j in range(len(sqls1)): j1 = sqls1[j].strip()[:4] if j1 == 'show' or j1 == 'sele' or j1 == 'desc': break else: rets = { "error": "输入的命令有误,禁止使用非 select , show,desc", "status": False } return HttpResponse(json.dumps(rets)) user = User.objects.get(username=request.user) checker = ObjectPermissionChecker(user) ids1 = [] for i in ids: assets = db_mysql.objects.get(id=i) if checker.has_perm( 'task_db_mysql', assets, ) == True: ids1.append(i) else: error_3 = "数据库没有权限" ret = {"error": error_3, "status": False} return HttpResponse(json.dumps(ret)) user = request.user idstring = ','.join(ids1) if not ids: error_1 = "请选择数据库" ret = {"error": error_1, "status": False} return HttpResponse(json.dumps(ret)) elif not sqls: error_2 = "请输入要查询的语句" ret = {"error": error_2, "status": False} return HttpResponse(json.dumps(ret)) obj = db_mysql.objects.extra(where=['id IN (' + idstring + ')']) ret = {} ret['data'] = [] for i in obj: try: history.objects.create(ip=i.ip, root=i.db_user.username, port=i.port, cmd="查询:{}".format(sqls), user=user) password = decrypt_p(i.db_user.password) query = sql_query(user=i.db_user.username, password=password, host=i.ip, port=i.port, db=db) re = query.connectmysql_select(sql=sqls) re2 = json.dumps(re, cls=DateEncoder) re3 = re2.replace('["', '').replace('"]', '') re4 = re3.split(",") re5 = {'ip': i.ip, 'data': '\n'.join(re4)} ret['data'].append(re5) except Exception as e: ret['data'].append({ "ip": i.ip, "data": "账号密码不对,查询失败{}".format(e) }) return HttpResponse(json.dumps(ret))