def Qrcode(User=None, Grade=None): try: if User and Grade: if User and int(Grade) >= 2: verify_key = "{0}_{1}".format(User, Grade) code = produce.Produce(length=6, chars=string.digits) Redis.set(verify_key, code) Redis.expire(verify_key, 900) # send sms result = produce.send_sms( content='上线码:{0} 申请人:{1} 15分钟内有效!'.format(code, User), mobile=Mobile) if isinstance(result, dict): if result['code'] == 200: INFO = '上线码已成功发送给领导!' else: INFO = '上线码发送失败!' else: INFO = '上线码发送失败!' else: INFO = "无需申请上线码!" else: INFO = "非法请求信息!" except Exception as e: INFO = str(e) return render_template('qrcode.html', INFO=INFO)
def login(): form = MyForm.MyForm_login() form.name.label = '用户名:' form.password.label = '密码:' user = request.cookies.get('user') if user: Incr = Redis.incr('%s_Incr' % user) else: Incr = 0 if form.submit.data: if form.name.data and form.password.data: user = form.name.data pw = form.password.data Key_Incr = '%s_Incr' % user Key_Lock = '%s_lock' % user try: if Incr >= 30: raise flash('该帐号异常登陆,已被锁定3分钟!') if Incr >= 5: if form.code.data: if str(form.code.data) != str(session['verify_code']): raise flash('输入验证码错误!') else: raise flash('请输入验证码,看不清点击验证码刷新!') va_p = db_op.idc_users.query.filter( and_(db_op.idc_users.name == user, db_op.idc_users.passwd == Md5.Md5_make(pw))).first() produce.Async_log(user, request.url) if va_p: URL = url_for('index.index') if pw == app.config.get('INIT_OP_PASSWORD'): URL = url_for('pw.pw') flash('请修改初始密码!') timestamp = None if form.remember_me.data: timestamp = check.timestamp(7) ID = produce.Produce(length=24, chars=string.hexdigits) app_resp = make_response(redirect(URL)) app_resp.set_cookie('user', user, expires=timestamp) app_resp.set_cookie('ID', ID, expires=timestamp) Redis.set('OP_ID_%s' % user, ID) Redis.delete(Key_Lock) Redis.delete(Key_Incr) return app_resp else: Redis.incr(Key_Incr) if Incr >= 30: Redis.set(Key_Lock, 'True') Redis.expire(Key_Incr, 60) Redis.expire(Key_Lock, 180) flash('用户名或者密码错误!') URL = url_for('login.login') app_resp = make_response(redirect(URL)) app_resp.set_cookie('user', user) return app_resp except Exception as e: if 'old' not in str(e): flash(str(e)) return render_template('login.html', form=form, verify_incr=Incr)
def vpn_admin(): form = MyForm.MyForm_vpn() if form.submit.data: users = form.text.data.strip().splitlines() users = set(users) for i, name in enumerate(users): if not re.search('.*@baihe.com$', name): flash('%s格式错误,用户名应为百合个人邮箱账号!' % name) i = -1 if i < 0: return render_template('Message.html') action = form.select_action.data key = 'vpn2_list' sender = "*****@*****.**" if action == 'query': List = [] user_list = Redis.hgetall(key) for user in users: try: if user_list[user]: List.append((user, user_list[user])) except: continue if List: return render_template('vpn_admin_show.html', user_list=List) else: flash('%s 账号不存在!' % user) elif action == 'add': for user in users: pw = produce.Produce(13) val = [K for K in Redis.hgetall(key)] if user in val: flash('%s 账号已存在' % user) continue msg = Message("VPN账号信息", sender=sender, recipients=[user]) msg.html = '<p>用户名:%s</p><p> 密码:%s</p><p><font color="red">账号5分钟后开通,请妥善保管此封邮件,勿邮件回复!</font></p>' % ( user, pw) with app.open_resource("%s/../doc/vpn_conf.docx" % page_vpn_admin.root_path) as f: msg.attach("vpn_conf.docx", "text/docx", f.read()) try: with app.app_context(): mail.send(msg) Redis.hset(key, user, pw) except Exception as e: flash(e) else: flash('%s 账号开通完毕,通知邮件已发送.' % user) elif action == 'del': for user in users: Redis.hdel(key, user) Redis.hdel('vpn_list', user) flash('%s 账号已关闭!' % user) return render_template('Message.html') return render_template('vpn_admin.html', form=form)
def login(): form = MyForm.MyForm_login() form.name.label = '用户名:' form.password.label = '密码:' ym = time.strftime('%Y', time.localtime()) if form.submit.data: if form.name.data and form.password.data: user = form.name.data pw = form.password.data try: Key_Incr = '%s_Incr' % user Key_Lock = 'Lock_login_%s' % user if Redis.exists(Key_Incr): Incr = int(Redis.get(Key_Incr)) else: Incr = 1 if Redis.exists(Key_Lock): raise flash('该帐号异常登陆,已被锁定1分钟!') va_p = db_op.idc_users.query.filter( and_(db_op.idc_users.name == user, db_op.idc_users.passwd == Md5.Md5_make(pw))).first() produce.Async_log(user, request.url) if va_p: URL = url_for('index.index') if pw == app.config.get('INIT_OP_PASSWORD'): URL = url_for('pw.pw') flash('请修改初始密码!') timestamp = None if form.remember_me.data: timestamp = check.timestamp(7) ID = produce.Produce(length=24, chars=string.hexdigits) app_resp = make_response(redirect(URL)) app_resp.set_cookie('user', user, expires=timestamp) app_resp.set_cookie('ID', ID, expires=timestamp) Redis.set('OP_ID_%s' % user, ID) return app_resp else: Redis.set(Key_Incr, Incr + 1) if Incr >= 11: Redis.incr(Key_Lock, 'True') Redis.expire(Key_Lock, 60) flash('用户名或者密码错误,还有%s次机会重试!' % (10 - int(Incr))) URL = url_for('login.login') app_resp = make_response(redirect(URL)) app_resp.set_cookie('user', user) return app_resp except Exception as e: if 'old' not in str(e): flash(str(e)) return render_template('login.html', form=form, ym=ym)
def Qrcode(User = None,Grade = None,project=None,project_level = None): try: tw = int(time.strftime('%w', time.localtime())) publish_time = int(time.strftime("%H", time.localtime())) crypto = Md5.crypto(crypto_key) if User and Grade: db = db_op.idc_users User = crypto.decrypt(User) project = crypto.decrypt(project) if db.query.filter(db.name == User).all() and int(Grade) >= 2: if tw in (0,6) or publish_time >= 17 or publish_time < 9: verify_key = "{0}_{1}".format(User,project) code = str(produce.Produce(length=6, chars=string.digits)) if '0' in code: code.replace('0','1') myRedis.set(verify_key,code) myRedis.expire(verify_key, 900) # send sms mobile = JAVA_Mobile if int(project_level) >= 7: mobile = Mobile result = produce.send_sms(content='上线码:{0} 上线项目:{1} 申请人:{2} 15分钟内有效!'.format(code,project,User), mobile=mobile) if isinstance(result, dict): if result['code'] == 200: INFO = '上线码已成功发送给JAVA领导!' if int(project_level) >= 7: INFO = '上线码已成功发送给曾总!' else: INFO = '上线码发送失败!' else: INFO = '上线码发送失败!' else: INFO = "只允许在工作日17点之后或者周末全天申请!" else: INFO = "该账号无权申请上线码!" else: INFO = '非法请求信息!' except Exception as e: INFO = str(e) return render_template('qrcode.html',INFO=INFO)
def vpn_admin(): form = MyForm.MyForm_vpn() db = db_op.vpn_users if form.submit.data: users = form.text.data.strip().splitlines() vpn_type = form.select_type.data users = set(users) crypto = Md5.crypto(crypto_key) try: for user in users: if '@' not in user: raise flash('%s格式错误,用户名应为百合个人邮箱账号!' % user) action = form.select_action.data sender = app.config.get('MAIL_DEFAULT_SENDER') if vpn_type == 'intranet': vpn_servers = app.config.get('VPN_INTRA') if vpn_type == 'internet': vpn_servers = app.config.get('VPN_INTER') if action == 'query': List = [] for user in users: user = user.strip() val = db.query.with_entities( db.user, db.password).filter(db.user == user).all() if val: List.append([va for va in val[0]]) else: flash('%s 账号不存在!' % user) if List: List = [(list[0], list[1]) for list in List] return render_template('vpn_admin_show.html', Main_Infos=g.main_infos, user_list=List) elif action == 'add': for user in users: user = user.strip() pw = produce.Produce(13) if db.query.filter(db.user == user).all(): flash('%s 账号已存在' % user) continue msg = Message("VPN账号信息", sender=sender, recipients=[user]) msg.html = '<p>用户名:%s</p><p> 密码:%s</p><p> VPN地址:%s</p><p><font color="red">账号5分钟后开通,请妥善保管此封邮件,勿邮件回复!</font></p>' % ( user, pw, vpn_servers) with app.open_resource("%s/../doc/vpn_conf.docx" % page_vpn_admin.root_path) as f: msg.attach("vpn_conf.docx", "text/docx", f.read()) try: with app.app_context(): mail.send(msg) db_op.DB.session.add( db(user=user, password=crypto.encrypt(pw), status=1, vpn_type=vpn_type)) db_op.DB.session.commit() except Exception as e: flash(e) else: flash('%s 账号开通完毕,通知邮件已发送.' % user) elif action == 'del': for user in users: user = user.strip() db.query.filter(db.user == user).update({db.status: 2}) db_op.DB.session.commit() flash('%s 账号已关闭!' % user) elif action == 'change': for user in users: user = user.strip() db.query.filter(db.user == user).update({ db.status: 1, db.vpn_type: vpn_type }) db_op.DB.session.commit() flash(('%s vpn类型已变更!' % user)) except Exception as e: flash(e) return render_template('Message_static.html', Main_Infos=g.main_infos) return render_template('vpn_admin.html', Main_Infos=g.main_infos, form=form)
def op_user(): form = MyForm.Myform_op_user() db = db_op.idc_users sender = "*****@*****.**" if form.submit.data: users = form.text.data.splitlines() action = form.select.data for user in users: if '@baihe.com' in user: if action == 'unlock': Redis.delete('%s_lock' % user) flash('{0}账号已解锁!'.format(user)) val = db.query.with_entities(db.name).filter( and_(db.name == user, db.grade == 2)).all() if action == 'query': if val: flash('{0}账号已存在!'.format(user)) else: flash('{0}账号不存在!'.format(user)) if action == 'add': if val: flash('{0}账号已存在!'.format(user)) else: PW = Md5.Md5_make(produce.Produce()) pw = Md5.Md5_make(PW) # 开通成功后再发送邮件 msg = Message("OP账号信息", sender=sender, recipients=[user]) msg.html = '<p>用户名:%s</p><p> 密码:%s</p><p>访问地址:http://xxx.baihe.com/</p><p><font color="red">勿邮件回复!</font></p>' % ( user, PW) with app.app_context(): try: mail.send(msg) except Exception as e: flash(e) flash('%s 邮件发送失败!' % user) else: db_op.DB.session.add( db(name=user, passwd=pw, grade=2)) db_op.DB.session.commit() flash('%s 账号开通成功,通知邮件已发送.' % user) if action == 'del': try: val = db.query.filter( and_(db.name == user, db.grade == 2)).all() if val: for c in val: db_op.DB.session.delete(c) db_op.DB.session.commit() flash('{0}账号删除成功!'.format(user)) else: flash('{0}账号不存在!'.format(user)) except Exception as e: flash(e) if action == 'init': if val: pw = Md5.Md5_make('123456') db.query.filter(and_(db.name == user, db.grade == 2)).update( {db.passwd: pw}) db_op.DB.session.commit() flash('{0}账号初始化成功,初始化密码:123456'.format(user)) else: flash('{0}账号不存在!'.format(user)) else: flash('{0}账号格式不正确,账号应为个人邮箱!'.format(user)) return render_template('Message_static.html') return render_template('op_user.html', form=form)
def svn_admin(): reload(MyForm) form = MyForm.MyForm_svn_admin() if form.submit.data: sender = "*****@*****.**" db = db_op.svn_users db_groups = db_op.svn_groups ts = form.text.data.strip().splitlines() ts = set(ts) for i, name in enumerate(ts): if not re.search('.*@.*\.com$', name): flash('%s格式错误,用户名应为个人邮箱账号!' % name) i = -1 if i < 0: return render_template('Message.html') Action = form.select_action.data def Query(db, *ts): #生成用户列表 user_list = [] for name in ts[0]: try: val = db.query.with_entities( db.user, db.password).filter(db.user == name).all() if val: val = [v for v in val[0]] groups = [ group[0] for group in db_groups.query.with_entities( distinct(db_groups.groups)).filter( db_groups.users == name).all() ] for group in groups: val.append(group) user_list.append(val) except Exception as e: loging.write(e) return render_template_string('获取数据错误!') return user_list if Action == 'query': user_list = Query(db, ts) if user_list: return render_template('svn_admin_show.html', user_list=user_list) else: flash('账号不存在!') elif Action == 'add': groups_list = form.select_groups.data if groups_list: for name in ts: if Query(db, (name, )): flash('%s 账号已存在!' % name) continue else: try: #数据库插入账户 pw = produce.Produce(13) db_op.DB.session.add( db(user=name, password=pw, status=1)) db_op.DB.session.commit() #数据库插入用户组 for group in groups_list: db_op.DB.session.add( db_groups(groups=group, users=name)) db_op.DB.session.commit() except Exception as e: flash(e) flash('%s 账号开通失败!' % name) else: #开通成功后再发送邮件 msg = Message("SVN账号信息", sender=sender, recipients=[name]) msg.html = '<p>用户名:%s</p><p> 密码:%s</p><p>SVN根路径http://svn.ibaihe.com:1722/svn/,具体项目路径请咨询各自组内同事.</p><p><font color="red">账号5分钟后开通,请妥善保管此封邮件,勿邮件回复!</font></p>' % ( name, pw) with app.app_context(): try: mail.send(msg) except Exception as e: flash(e) flash('%s 邮件发送失败!' % name) else: flash('%s 账号开通成功,通知邮件已发送.' % name) else: flash('开通账户需选择账号对应的用户组') elif Action == 'add_group' or Action == 'del_group': svn_users = db.query.filter(db.user == name) groups_list = form.select_groups.data if groups_list: for name in ts: if Query(db, (name, )): try: #修改用户组列表 for group in groups_list: if 'add' in Action: db_op.DB.session.add( db_groups(groups=group, users=name)) db_op.DB.session.commit() flash('%s 账号已添加到用户组%s' % (name, group)) if 'del' in Action: Info = db_groups.query.filter( and_(db_groups.groups == group, db_groups.users == name)).all() for c in Info: db_op.DB.session.delete(c) db_op.DB.session.commit() flash('%s 账号已从用户组%s移除.' % (name, group)) #修改用户状态 svn_users.update({db.status: 4}) db_op.DB.session.commit() except Exception as e: loging.write(e) return render_template_string('获取数据错误!') else: flash('%s 账号不存在!' % name) else: flash('变更账户所属用户组,需先选择要变更的用户组') else: if Query(db, ts): for name in ts: try: #数据库删除账号 svn_users = db.query.filter(db.user == name) if Action == 'del': Str = '关闭' #用户组内删除账号 Info = db_groups.query.filter( db_groups.users == name).all() for c in Info: db_op.DB.session.delete(c) db_op.DB.session.commit() svn_users.update({db.status: 2}) elif Action == 'lock': Str = '锁定' svn_users.update({db.status: 3}) elif Action == 'unlock': Str = '解锁' svn_users.update({db.status: 4}) db_op.DB.session.commit() except Exception as e: loging.write(e) return render_template_string('获取数据错误!') else: flash('%s 账号%s成功!' % (name, Str)) else: flash('账号不存在!') return render_template('Message.html') return render_template('svn_admin.html', form=form)
def index(): DB = db_op.rota date = time.strftime('%Y-%m-%d', time.localtime()) new_date = datetime.date.today() + datetime.timedelta(1) ym = time.strftime('%Y.%m', time.localtime()) if '@' in g.user: g.user = g.user.split('@')[0] data = [g.user] try: # 生成今日和明日的运维排班 users = [] duty = u'报警值班' pools = [u'李晓辉', u'周福成'] for t in (date, new_date): VAL = DB.query.with_entities(DB.name).filter( and_(DB.date == t, DB.duty == duty)).all() if VAL: user = VAL[0][0] else: user = random.choice(pools) c = DB(name=user, duty=duty, date=t) db_op.DB.session.add(c) db_op.DB.session.commit() pools.remove(user) users.append(user) data.extend(users) ip = request.headers.get('X-Forwarded-For') if not ip: ip = request.remote_addr #获取页面菜单 DB = db_op.op_menu nav_val = {} sub_val = {} Menu_val = DB.query.with_entities( DB.Menu_name, DB.id_name, DB.module_name, DB.action_name).filter(DB.grade >= g.grade).all() navMenu = DB.query.with_entities(distinct(DB.Menu_name)).filter( and_(DB.Menu == 'navMenu', DB.grade >= g.grade)).order_by(DB.Menu_id).all() navMenu = [Menu[0] for Menu in navMenu] for Menu in navMenu: val = [val[1:] for val in Menu_val if Menu in val] if val: nav_val[Menu] = val submenu = DB.query.with_entities(distinct(DB.Menu_name)).filter( and_(DB.Menu == 'submenu', DB.grade >= g.grade)).order_by(DB.Menu_id).all() submenu = [menu[0] for menu in submenu] for menu in submenu: val = [val[2:] for val in Menu_val if menu in val] if val: sub_val[menu] = val app_resp = make_response( render_template('index.html', datas=data, Year=ym, navMenu=navMenu, nav_val=nav_val, submenu=submenu, sub_val=sub_val, ip=ip)) app_resp.set_cookie('secret_key', produce.Produce(length=6, chars=string.digits)) return app_resp except Exception as e: loging.write(str(e)) return render_template_string('获取数据异常!')
def git_admin(): params = {'private_token':'g-1h1deDz-ghC_xU4DjM'} URL = "http://git.baihe.com/api/v3/users?" def Get_user(user): username = user.split('@')[0] params['search'] = username r = requests.request('get',URL,timeout=3,params=params) return r.json() def Add_user(user,pw): username = user.split('@')[0] params['username'] = username params['name'] = username params['email'] = user params['password'] = pw params['projects_limit'] = 50 params['can_create_group'] = 'true' params['confirm'] = 'false' r = requests.request('post',URL,timeout=3,params=params) return r.json() def Del_user(id): URL = "http://git.baihe.com/api/v3/users/%s/block" %id requests.request('put', URL, timeout=3, params=params) URL = "http://git.baihe.com/api/v3/users/%s" % id r = requests.request('delete',URL,timeout=3,params=params) return r.json() form = MyForm.MyForm_git_admin() if form.submit.data: sender = "*****@*****.**" names = form.text.data.strip().splitlines() action = form.select_action.data for name in names: name = name.strip() if '@' in name: if action == 'query': INFOS = ('id','username','name','email','state','projects_limit','can_create_group','web_url','current_sign_in_at','created_at') user_info =Get_user(name) if user_info: user_info = user_info[0] flash('账号:%s信息如下:' %name) for info in INFOS: flash('%s: %s' %(info,user_info[info])) flash('--- '*16) else: flash('%s 不存在!' %name) elif action == 'add': if Get_user(name): flash('%s 账号已存在!' %name) else: pw = produce.Produce(13) if Add_user(name,pw): #开通成功后再发送邮件 msg = Message("GIT账号信息",sender=sender,recipients=[name]) msg.html = '<p>用户名:%s</p><p> 密码:%s</p><p>GIT访问地址:http://git.baihe.com/</p><p><font color="red">勿邮件回复!</font></p>' %(name,pw) with app.app_context(): try: mail.send(msg) except Exception as e: flash(e) flash('%s 邮件发送失败!' %name) else: flash('%s 账号开通成功,通知邮件已发送.' %name) else: flash('%s 账号开通失败!' %name) elif action == 'del': user = Get_user(name) if user: id = user[0]['id'] if Del_user(id): flash('%s 账号已删除!' %name) else: flash('%s 账号不存在!' %name) else: flash('%s 账号格式错误,应该为邮箱地址!' %name) return render_template('Message_static.html') return render_template('git_admin.html',form=form)
def index(): try: tm = datetime.datetime.now() - datetime.timedelta(minutes=1) tm = tm.strftime('%Y%m%d%H%M') td = time.strftime("%Y-%m-%d", time.localtime()) Tra_ser_minute_Key = 'traffic.ser.%s' % tm Tra_cli_minute_Key = 'traffic.cli.%s' % tm tt = time.strftime('%Y%m%d', time.localtime()) th = time.strftime('%Y%m%d%H', time.localtime()) TM = time.strftime('%M', time.localtime()) ip_key = 'top_ip_%s' % tt ip_key_hour = 'top_ip_%s' % th IP_DATA = [[str(ip), int(RC.zscore(ip_key, ip))] for ip in RC.zrevrange(ip_key, 0, 20)] IP_DATA_HOUR = [[str(ip), int(RC.zscore(ip_key_hour, ip))] for ip in RC.zrevrange(ip_key_hour, 0, 20)] val_cli = [ [ str(url), int(RC.zscore(Tra_cli_minute_Key, url)) * 8 / 1024 / 1024 ] for url in RC.zrevrange(Tra_cli_minute_Key, 0, 10) if int(RC.zscore(Tra_cli_minute_Key, url)) * 8 / 1024 / 1024 > 1 ] val_ser = [ [ str(url), int(RC.zscore(Tra_ser_minute_Key, url)) * 8 / 1024 / 1024 ] for url in RC.zrevrange(Tra_ser_minute_Key, 0, 10) if int(RC.zscore(Tra_ser_minute_Key, url)) * 8 / 1024 / 1024 > 1 ] INTERNET_DATA = [ eval(v) for v in RC.lrange('internet_access_%s' % td, 0, -1) ] INTERNET_DATA = [ INTERNET_DATA[i] for i in range(0, len(INTERNET_DATA), 2) ] INTRANET_DATA = [ eval(v) for v in RC.lrange('intranet_access_%s' % td, 0, -1) ] INTRANET_DATA = [ INTRANET_DATA[i] for i in range(0, len(INTRANET_DATA), 2) ] WEB_ACCESS = [{ 'data': INTERNET_DATA, 'name': 'internet' }, { 'data': INTRANET_DATA, 'name': 'intranet' }] app_resp = make_response( render_template('index.html', Main_Infos=g.main_infos, val_cli=val_cli, val_ser=val_ser, WEB_ACCESS=WEB_ACCESS, IP_DATA=IP_DATA, IP_DATA_HOUR=IP_DATA_HOUR, tm=TM)) app_resp.set_cookie('secret_key', produce.Produce(length=6, chars=string.digits)) return app_resp except Exception as e: logging.error(e) flash('获取数据错误!') return render_template('Message_static.html', Main_Infos=g.main_infos)