def post(self):
ok, info = check.check_content_type(self.request)
if not ok:
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
user_info = json.loads(self.request.body)
user_id = user_info['user_id']
ok, info = check.check_user_id(user_id)
if not ok:
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
access_token = encrypt.make_cookie_secret()
action_time = utils.cur_timestamp()
session_data = {
'access_token': access_token,
'user_id': user_id,
'action_time': action_time,
'expire_time': action_time + config.expire_second
}
if db_session.update(session_data):
self.set_secure_cookie("access_token", access_token)
self.set_cookie("user_id", user_id)
ok = True
info = {}
else:
ok = False
info = u"登陆失败,请联系管理员!"
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self):
ok, info = check.check_content_type(self.request)
if not ok:
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
user_info = json.loads(self.request.body)
username, password = user_info['username'], user_info['passwd']
ok, info = check.check_password(username, password)
if not ok:
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
access_token = encrypt.make_cookie_secret()
action_time = utils.cur_timestamp()
session_data = {
'access_token': access_token,
'username': username,
'action_time': action_time,
'expire_time': action_time + config.expire_second
}
if db_session.update(session_data):
self.set_secure_cookie("access_token", access_token)
self.set_cookie("username", username)
ok = True
info = {}
else:
ok = False
info = "Login error, please contact with the system administrator"
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def update_expire_time(access_token):
action_time = utils.cur_timestamp()
data = {
'access_token': access_token,
'action_time': action_time,
'expire_time': action_time + config.expire_second
}
db_session.update(data)
def is_expired(access_token):
"""
verify if user has action time
@param access_token: user's access_token, get form cookie
@return Boolean, expired or not
"""
info = db_utils.get_info_by_token(access_token)
expire_time = info['expire_time']
if utils.cur_timestamp() > expire_time:
return True
else:
action_time = utils.cur_timestamp()
session_data = {
'username': info['username'],
'action_time': action_time,
'expire_time': action_time + config.expire_second
}
db_session.update(session_data)
return False
def post(self):
post_add_permission = '1.2.1'
ok, info = check.check_login(self.token)
if not ok:
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
ok, info = check.check_content_type(self.request)
if not ok:
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
body = json.loads(self.request.body)
action, task_data, mailto = body['action'], body['data'], body[
'mailto']
if action == 'add':
local_permission_list = [
self.handler_permission, self.post_permission,
post_add_permission
]
ok, info, _ = verify.has_permission(self.token,
local_permission_list)
if not ok:
self.finish(
tornado.escape.json_encode({
'ok': ok,
'info': info
}))
return
task_data['task_id'] = uuid.uuid1().hex
task_data['create_time'] = utils.cur_timestamp()
if db_task.add(task_data):
if list(mailto):
message = task_data['creator'] + " create a new task, see in " \
"http://oms.example.com/task?task_id=" + task_data['task_id']
tornado.ioloop.IOLoop.instance().add_callback(
self.sending_mail(list(mailto), message))
ok = True
info = {'task_id': task_data['task_id']}
else:
ok = False
info = 'Add task failed'
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
ok = False
info = 'Unsupported task action'
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def check_user_id(user_id):
user_info = db_user.get(user_id)
if user_info is not False:
cur_time = utils.cur_timestamp()
if cur_time <= user_info['expire_time']:
ok = False
info = "Account expired"
else:
ok = True
info = ''
else:
ok = False
info = "No such a user"
return ok, info
def post(self):
post_update_file_permission = '5.2.1'
post_update_db_permission = '5.2.2'
ok, info = check.check_login(self.token)
if not ok:
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
ok, info = check.check_content_type(self.request)
if not ok:
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
body = json.loads(self.request.body)
action, data = body['action'], body['data']
excutor = self.get_cookie("username")
if action == 'update':
task = db_task.get(data['task_id'])
update_type = task['type']
local_permission_list = [
self.handler_permission, self.post_permission
]
if update_type == 'update_file':
local_permission_list = [
self.handler_permission, self.post_permission,
post_update_file_permission
]
if update_type == 'update_db':
local_permission_list = [
self.handler_permission, self.post_permission,
post_update_db_permission
]
ok, info, _ = verify.has_permission(self.token,
local_permission_list)
if not ok:
self.finish(
tornado.escape.json_encode({
'ok': ok,
'info': info
}))
return
if task['status'] is True:
ok = False
info = 'Task has been executed'
self.finish(
tornado.escape.json_encode({
'ok': ok,
'info': info
}))
return
task_status = {
'task_id': task['task_id'],
'status': 1,
'start_time': utils.cur_timestamp(),
'executor': excutor
}
if not db_task.update(task_status):
ok = False
info = 'update task status failed'
self.finish(
tornado.escape.json_encode({
'ok': ok,
'info': info
}))
return
tornado.ioloop.IOLoop.instance().add_callback(
self.salt_run_update(task))
ok = True
info = 'Execute update script successful'
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
if action == 'revert':
task = db_task.get(data['task_id'])
update_type = task['type']
local_permission_list = [
self.handler_permission, self.post_permission
]
if update_type == 'update_file':
local_permission_list = [
self.handler_permission, self.post_permission,
post_update_file_permission
]
if update_type == 'update_db':
local_permission_list = [
self.handler_permission, self.post_permission,
post_update_db_permission
]
ok, info, is_admin = verify.has_permission(self.token,
local_permission_list)
if not is_admin:
info = "Only admin can revert."
self.finish(
tornado.escape.json_encode({
'ok': ok,
'info': info
}))
return
task_status = {
'task_id': task['task_id'],
'revert': 1,
'revert_time': utils.cur_timestamp()
}
if not db_task.update(task_status):
ok = False
info = 'update task status failed'
self.finish(
tornado.escape.json_encode({
'ok': ok,
'info': info
}))
return
tornado.ioloop.IOLoop.instance().add_callback(
self.salt_run_revert(task))
ok = True
info = 'Execute revert script successful'
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
if action == 'get_current_version':
target = data['target']
ip = '127.0.0.1'
result = sapi.run_script([ip],
'salt://scripts/get_current_version.sh',
target)
retcode, cur_version = result[ip]['retcode'], result[ip]['stdout']
if retcode == 0:
ok = True
info = cur_version
else:
ok = False
info = u'Get version info failed'
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
ok = False
info = 'Unsupported update action'
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self):
ok, info = check.check_login(self.token)
if not ok:
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
ok, info = check.check_content_type(self.request)
if not ok:
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
body = json.loads(self.request.body)
action, user_data = body['action'], body['data']
if action == 'add':
user_type, expiry_mouth = user_data['user_type'], user_data[
'expiry_mouth']
if 'remarks' in user_data:
remarks = user_data['remarks']
else:
remarks = ''
cur_timestamp = utils.cur_timestamp()
expiry_timestamp = int(
expiry_mouth) * 31 * 60 * 60 * 24 + cur_timestamp
if user_type == "vip":
# todo
user_id = encrypt.make_user_id()
port = db_user.get_largest_port(is_share=False) + 1
user_data = {
'user_id': user_id,
'create_time': cur_timestamp,
'expire_time': expiry_timestamp,
'port': port,
'type': user_type,
'enabled': 1,
'remarks': remarks
}
if db_user.add(user_data):
ok = True
info = u'新增用户信息成功'
else:
ok = False
info = u'新增用户信息失败'
elif user_type == "normal":
user_id = encrypt.make_user_id()
port = db_user.get_largest_port(is_share=False) + 1
user_data = {
'user_id': user_id,
'create_time': cur_timestamp,
'expire_time': expiry_timestamp,
'port': port,
'type': user_type,
'enabled': 1,
'remarks': remarks
}
if db_user.add(user_data):
count = 0
for i in range(1, 6):
sub_user_id = encrypt.make_user_id()
port = db_user.get_largest_port(is_share=True) + 1
sub_user_data = {
'user_id': sub_user_id,
'parent_id': user_id,
'create_time': cur_timestamp,
'expire_time': expiry_timestamp,
'port': port,
'type': 'share',
'enabled': 0,
'remarks': ''
}
if not db_user.add(sub_user_data):
count += 1
if count == 0:
ok = True
info = u"新增账户及子账号成功"
else:
ok = False
info = u"新增子账户失败,请检查"
else:
ok = False
info = u'新增用户信息失败'
else:
ok = False
info = "不支持的用户类型"
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
if action == 'update_time':
user_id, add_mouth = user_data['user_id'], user_data['add_mouth']
user_info = db_user.get(user_id)
if user_info is not False:
cur_expire_time = user_info['expire_time']
cur_time = utils.cur_timestamp()
if cur_expire_time >= cur_time:
new_expire_time = cur_expire_time + int(
add_mouth) * 31 * 24 * 60 * 60
else:
new_expire_time = cur_time + int(
add_mouth) * 31 * 24 * 60 * 60
user_data = {
'user_id': user_id,
'expire_time': new_expire_time
}
if db_user.update(user_data):
sub_id_list = db_user.get_sub_id_list(user_id)
if sub_id_list:
count = 0
for sub_user_id in sub_id_list:
sub_user_data = {
'user_id': sub_user_id,
'expire_time': new_expire_time
}
if not db_user.update(sub_user_data):
count += 1
if count == 0:
ok = True
info = u"更新账户及子账号过期时间成功"
else:
ok = False
info = u"更新子账户过期时间失败,请检查"
else:
ok = True
info = u'更新用户过期时间成功'
else:
ok = False
info = u'更新用户过期时间失败'
else:
ok = False
info = u'获取用户信息失败'
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
return
ok = False
info = u'不支持的操作类型'
self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))