def group(request): """ [メソッド概要] グループ画面 """ logger.logic_log('LOSI00001', 'None', request=request) # メンテナンス権限チェック permission_type = request.user_config.get_menu_auth_type(MENU_ID) editable_user = True if permission_type == defs.ALLOWED_MENTENANCE else False menu_id_list = [2141001006, 2141002002, 2141002008, 2141002003, 2141002004, 2141002007] acs_perm_list = AccessPermission.objects.filter( group_id__gte=defs.GROUP_DEFINE.GROUP_ID_ADMIN, menu_id__in=menu_id_list, ).order_by('group_id', 'permission_id') group_list = [] group_list_tmp = [] acs_list = {} filter_list = [] msg = '' try: # グループ情報取得 filters = {} group_list_tmp = _select(filters) group_count = len(group_list_tmp) # グループごとにアクセス権限を分けたリストを作成する for mid in menu_id_list: for acs_perm in acs_perm_list: if acs_perm.group_id not in acs_list: acs_list[acs_perm.group_id] = [] if mid == acs_perm.menu_id: acs_list[acs_perm.group_id].append(acs_perm) except: logger.logic_log('LOSI00005', traceback.format_exc(), request=request) msg = get_message('MOSJA23018', request.user.get_lang_mode(), showMsgId=False) # 一覧画面のgroup_listはアクセス権限も含む for group in group_list_tmp: group_id = group['group_id'] if group_id in acs_list: group_list.append([group, acs_list[group_id]]) data = { 'msg': msg, 'group_list': group_list, 'filter_list': filter_list, 'menu_id_list': menu_id_list, 'editable_user': editable_user, 'filters': json.dumps(filters), 'actdirflg': System.objects.get(config_id='ADCOLLABORATION').value, } data.update(request.user_config.get_templates_data(request)) logger.logic_log('LOSI00002', 'editable_user: %s, group_list count: %s' % (editable_user, group_count), request=request) return render(request, 'system/group_disp.html', data)
def delete_table(request, rule_type_id): """ [メソッド概要] データ削除処理 POSTリクエストのみ """ logger.logic_log('LOSI00001', 'RuleTypeID: %s' % (rule_type_id), request=request) response_data = {} try: # ルール別アクセス権限チェック dtabr = DecisionTableAuthByRule(request) if not dtabr.allow_delete(rule_type_id=int(rule_type_id)): rtname = RuleType.objects.get(rule_type_id=rule_type_id).rule_type_name rule_ids = dtabr.get_modify_rules(defs.MENU_CATEGORY.ALLOW_ADMIN) raise OASEError('MOSJA11022', 'LOSI14001', msg_params={'opename':'削除', 'rule_type_name':rtname}, log_params=['Delete', rule_type_id, rule_ids]) # 適用君へルール削除リクエスト送信 send_data = { 'request' : 'DELETE', 'ruletypeid' : rule_type_id, 'user_id' : request.user.user_id, } result, msg = RequestToApply.operate(send_data, request=request) # 正常処理 if result: response_data['status'] = 'success' response_data['redirect_url'] = '/oase_web/rule/decision_table' # 適用君異常 else: response_data['status'] = 'failure' response_data['error_msg'] = get_message('MOSJA11017', request.user.get_lang_mode()) if msg: response_data['error_msg'] = get_message(msg, request.user.get_lang_mode()) logger.system_log('LOSM14004', response_data['error_msg'], request=request) except OASEError as e: if e.log_id: if e.arg_list and isinstance(e.arg_list, list): logger.logic_log(e.log_id, *(e.arg_list), request=request) else: logger.logic_log(e.log_id, request=request) if e.msg_id: if e.arg_dict and isinstance(e.arg_dict, dict): msg = get_message(e.msg_id, request.user.get_lang_mode(), **(e.arg_dict)) else: msg = get_message(e.msg_id, request.user.get_lang_mode()) response_data['status'] = 'failure' response_data['error_msg'] = msg if msg else get_message('MOSJA11017', request.user.get_lang_mode()) except Exception as e: # 異常処理 logger.system_log('LOSI00005', traceback.format_exc(), request=request) response_data['status'] = 'failure' response_data['error_msg'] = get_message('MOSJA11017', request.user.get_lang_mode()) logger.logic_log('LOSI00002', 'status: %s' % (response_data['status']), request=request) response_json = json.dumps(response_data) return HttpResponse(response_json, content_type="application/json")
def modify(request, version): """ [メソッド概要] メッセージ解析のデータ更新処理 """ # パラメーターチェック logger.logic_log('LOSI00001', 'None', request=request) msg = '' error_msg = {} now = datetime.datetime.now(pytz.timezone('UTC')) try: with transaction.atomic(): json_str = json.loads(request.POST.get('json_str', '{}')) if 'json_str' not in json_str: msg = get_message('MOSJA27010', request.user.get_lang_mode(), showMsgId=False) logger.user_log('LOSM27001', 'json_str', request=request) raise Exception() if not chk_permission(json_str, request): msg = get_message('MOSJA27351', request.user.get_lang_mode(), showMsgId=False) logger.user_log('LOSM27004', request.user_config.group_id_list) raise Exception() # 更新前にレコードロック message_update_list = [ rq['match_id'] for rq in json_str['json_str'] if int(rq['ope']) in (defs.DABASE_OPECODE.OPE_UPDATE, defs.DABASE_OPECODE.OPE_DELETE) ] ItaParameterMatchInfo = getattr(import_module('web_app.models.ITA_models'), 'ItaParameterMatchInfo') ItaParameterMatchInfo.objects.select_for_update().filter(pk__in=message_update_list) # バリデーションチェック error_flag, error_msg = _validate(json_str['json_str'], version, request) if error_flag: raise Exception('validation error.') # 挿入/更新/削除振り分け match_id_list_reg = [] match_id_list_mod = [] match_id_list_del = [] sorted_data = sorted(json_str['json_str'], key=lambda x: x['match_id']) upd_data = list(filter(lambda x: int(x['ope']) == defs.DABASE_OPECODE.OPE_UPDATE, sorted_data)) del_data = list(filter(lambda x: int(x['ope']) == defs.DABASE_OPECODE.OPE_DELETE, sorted_data)) ins_data = list(filter(lambda x: int(x['ope']) == defs.DABASE_OPECODE.OPE_INSERT, sorted_data)) # 削除処理 logger.user_log('LOSI27004', 'web_app.models.ITA_models', request=request) match_id_list_del = [rq['match_id'] for rq in del_data] ItaParameterMatchInfo.objects.filter(pk__in=match_id_list_del).delete() logger.user_log('LOSI27005', 'web_app.models.ITA_models', request=request) # 更新処理 logger.user_log('LOSI27002', 'web_app.models.ITA_models', request=request) for rq in upd_data: match_id_list_mod = ItaParameterMatchInfo.objects.filter(match_id=rq['match_id']) if len(match_id_list_mod) <= 0: logger.logic_log('LOSM27001', rq['parameter_name'], request=request) continue match_id_list_mod[0].ita_driver_id = rq['ita_driver_id'] match_id_list_mod[0].menu_id=rq['menu_id'] match_id_list_mod[0].parameter_name=rq['parameter_name'] match_id_list_mod[0].order=rq['order'] match_id_list_mod[0].conditional_name=rq['conditional_name'] match_id_list_mod[0].extraction_method1=rq['extraction_method1'] match_id_list_mod[0].extraction_method2=rq['extraction_method2'] match_id_list_mod[0].last_update_timestamp = now match_id_list_mod[0].last_update_user = request.user.user_name match_id_list_mod[0].save(force_update=True) logger.user_log('LOSI27003', 'web_app.models.ITA_models', request=request) # 挿入処理 logger.user_log('LOSI27006', 'web_app.models.ITA_models', request=request) for rq in ins_data: match_info = ItaParameterMatchInfo( ita_driver_id=rq['ita_driver_id'], menu_id=rq['menu_id'], parameter_name=rq['parameter_name'], order=rq['order'], conditional_name=rq['conditional_name'], extraction_method1=rq['extraction_method1'], extraction_method2=rq['extraction_method2'], last_update_timestamp=now, last_update_user=request.user.user_name ) match_id_list_reg.append(match_info) ItaParameterMatchInfo.objects.bulk_create(match_id_list_reg) logger.user_log('LOSI27007', 'web_app.models.ITA_models', request=request) except Http404: raise Http404 # 応答情報作成 except Exception as e: logger.logic_log('LOSI00005', traceback.format_exc(), request=request) msg = get_message('MOSJA27311', request.user.get_lang_mode()) + '\\n' + str(e.args) response = {} response['status'] = 'failure' response['msg'] = msg response['error_msg'] = error_msg response_json = json.dumps(response) return HttpResponse(response_json, content_type="application/json") redirect_url = reverse('web_app:system:paramsheet', args=[version, ]) response_json = '{"status": "success", "redirect_url": "%s"}' % redirect_url logger.logic_log('LOSI00002', 'None', request=request) return HttpResponse(response_json, content_type="application/json")
def _validate(self, rq, error_msg, request, mode): """ [概要] 入力チェック [引数] rq: dict リクエストされた入力データ error_msg: dict [戻り値] """ logger.logic_log('LOSI00001', 'data: %s, error_msg:%s' % (rq, error_msg)) error_flag = False emo_chk = UnicodeCheck() emo_flag_zabbix_disp_name = False emo_flag_hostname = False rule_type_id_error_flag = False lang = request.user.get_lang_mode() # zabbix_disp_name未入力チェック if len(rq['zabbix_disp_name']) == 0: error_flag = True error_msg['zabbix_disp_name'] += get_message('MOSJA26102', lang) + '\n' logger.user_log('LOSM07001', 'zabbix_disp_name', request=request) # zabbix_disp_name長さチェック if len(rq['zabbix_disp_name']) > 64: error_flag = True error_msg['zabbix_disp_name'] += get_message('MOSJA26103', lang) + '\n' logger.user_log('LOSM07002', 'zabbix_disp_name', 64, rq['zabbix_disp_name'], request=request) # zabbix_disp_name絵文字使用チェック value_list = emo_chk.is_emotion(rq['zabbix_disp_name']) if len(value_list) > 0: error_flag = True emo_flag_zabbix_disp_name = True error_msg['zabbix_disp_name'] += get_message('MOSJA26104', lang) + '\n' logger.user_log('LOSM07008', rq['zabbix_disp_name'], request=request) # protocol未入力チェック if len(rq['protocol']) == 0: error_flag = True error_msg['protocol'] += get_message('MOSJA26105', lang) + '\n' logger.user_log('LOSM07001', 'protocol', request=request) # protocol長さチェック if len(rq['protocol']) > 64: error_flag = True error_msg['protocol'] += get_message('MOSJA26106', lang) + '\n' logger.user_log('LOSM07002', 'protocol', 64, rq['protocol'], request=request) # hostname未入力チェック if len(rq['hostname']) == 0: error_flag = True error_msg['hostname'] += get_message('MOSJA26107', lang) + '\n' logger.user_log('LOSM07001', 'hostname', request=request) # hostname長さチェック if len(rq['hostname']) > 128: error_flag = True error_msg['hostname'] += get_message('MOSJA26108', lang) + '\n' logger.user_log('LOSM07002', 'hostname', 128, rq['hostname'], request=request) # hostname絵文字使用チェック value_list = emo_chk.is_emotion(rq['hostname']) if len(value_list) > 0: error_flag = True emo_flag_hostname = True error_msg['hostname'] += get_message('MOSJA26109', lang) + '\n' logger.user_log('LOSM07008', rq['hostname'], request=request) # port未入力チェック if len(rq['port']) == 0: error_flag = True error_msg['port'] += get_message('MOSJA26110', lang) + '\n' logger.user_log('LOSM07001', 'port', request=request) # port長さチェック try: tmp_port = int(rq['port']) if 0 > tmp_port or tmp_port > 65535: error_flag = True error_msg['port'] += get_message('MOSJA26111', lang) + '\n' logger.user_log('LOSM07003', 'port', rq['port'], request=request) except ValueError: error_flag = True error_msg['port'] += get_message('MOSJA26111', lang) + '\n' logger.user_log('LOSM07003', 'port', rq['port'], request=request) # username未入力チェック if len(rq['username']) == 0: error_flag = True error_msg['username'] += get_message('MOSJA26112', lang) + '\n' logger.user_log('LOSM07001', 'username', request=request) # username長さチェック if len(rq['username']) > 64: error_flag = True error_msg['username'] += get_message('MOSJA26113', lang) + '\n' logger.user_log('LOSM07002', 'username', 64, rq['username'], request=request) # username絵文字使用チェック value_list = emo_chk.is_emotion(rq['username']) if len(value_list) > 0: error_flag = True error_msg['username'] += get_message('MOSJA26114', lang) + '\n' logger.user_log('LOSM07008', rq['username'], request=request) # password未入力チェック if len(rq['password']) == 0: error_flag = True error_msg['password'] += get_message('MOSJA26115', lang) + '\n' logger.user_log('LOSM07001', 'password', request=request) # password長さチェック # 追加の場合 if rq['zabbix_adapter_id'] == '0': if len(rq['password']) > 64: error_flag = True error_msg['password'] += get_message('MOSJA26116', lang) + '\n' logger.user_log('LOSM07002', 'password', 64, rq['password'], request=request) # password絵文字使用チェック value_list = emo_chk.is_emotion(rq['password']) if len(value_list) > 0: error_flag = True error_msg['password'] += get_message('MOSJA26117', lang) + '\n' logger.user_log('LOSM07008', rq['password'], request=request) # 変更の場合 else: old_password = ZabbixAdapter.objects.get( zabbix_adapter_id=rq['zabbix_adapter_id']).password # パスワード復号 cipher = AESCipher(settings.AES_KEY) old_password_dec = cipher.decrypt(old_password) if old_password != rq['password']: if len(rq['password']) > 64: error_flag = True error_msg['password'] += get_message('MOSJA26116', lang) + '\n' logger.user_log('LOSM07002', 'password', 64, rq['password'], request=request) # password絵文字使用チェック value_list = emo_chk.is_emotion(rq['password']) if len(value_list) > 0: error_flag = True error_msg['password'] += get_message('MOSJA26117', lang) + '\n' logger.user_log('LOSM07008', rq['password'], request=request) # rule_type_id未入力チェック if len(rq['rule_type_id']) == 0: error_flag = True rule_type_id_error_flag = True error_msg['rule_type_id'] += get_message('MOSJA26118', lang) + '\n' logger.user_log('LOSM07001', 'rule_type_id', request=request) # rule_type_id存在チェック else: check_rule_id = RuleType.objects.filter( rule_type_id=rq['rule_type_id']) if len(check_rule_id) < 1: error_flag = True rule_type_id_error_flag = True error_msg['rule_type_id'] += get_message('MOSJA26119', lang) + '\n' logger.user_log('LOSM07001', 'rule_type_id', request=request) if not rule_type_id_error_flag: # 突合情報存在チェック # 条件名の数を取得 do_list = DataObject.objects.filter( rule_type_id=rq['rule_type_id']).values_list('data_object_id', flat=True) # Zabbix項目チェック for data_object_id, zabbix_response_key in rq['match_list'].items( ): id_name = 'zabbix-' + data_object_id error_msg.setdefault(id_name, '') # 条件名とZabbix項目の数があっているかチェック if len(do_list) != len(rq['match_list'].keys()): error_flag = True error_msg[id_name] += get_message( 'MOSJA26121', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07007', len(do_list), len(rq['match_list'].items()), request=request) if len(zabbix_response_key) == 0: error_flag = True error_msg[id_name] += get_message('MOSJA26122', lang) + '\n' logger.user_log('LOSM07001', 'zabbix_response_key', request=request) if len(zabbix_response_key) > 32: error_flag = True error_msg[id_name] += get_message('MOSJA26128', lang) + '\n' logger.user_log('LOSM07002', 'zabbix_response_key', 32, zabbix_response_key, request=request) # Zabbix項目絵文字使用チェック value_list = emo_chk.is_emotion(zabbix_response_key) if len(value_list) > 0: error_flag = True error_msg[id_name] += get_message('MOSJA26123', lang) + '\n' logger.user_log('LOSM07008', rq['zabbix_disp_name'], request=request) # 使用可能名チェック if zabbix_response_key not in ZABBIX_ITEMS: error_flag = True error_msg[id_name] += get_message('MOSJA26147', lang) + '\n' logger.user_log('LOSM07009', rq['zabbix_disp_name'], request=request) # zabbix_disp_name重複チェック if not emo_flag_zabbix_disp_name: duplication = ZabbixAdapter.objects.filter( zabbix_disp_name=rq['zabbix_disp_name']) if len(duplication) == 1 and int( rq['zabbix_adapter_id'] ) != duplication[0].zabbix_adapter_id: error_flag = True error_msg['zabbix_disp_name'] += get_message( 'MOSJA26124', lang) + '\n' logger.user_log('LOSM07004', 'zabbix_disp_name', rq['zabbix_disp_name'], request=request) # hostname重複チェック if not emo_flag_hostname: duplication = ZabbixAdapter.objects.filter( hostname=rq['hostname'], rule_type_id=rq['rule_type_id']) # ホスト名重複かつルール種別名が同一の場合 if len(duplication) == 1 and int( rq['zabbix_adapter_id'] ) != duplication[0].zabbix_adapter_id: error_flag = True error_msg['hostname'] += get_message( 'MOSJA26125', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07004', 'hostname', rq['hostname'], request=request) # 疎通確認 if not error_flag: resp_code = -1 try: with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock: resp_code = sock.connect_ex( (rq['hostname'], int(rq['port']))) # host名名前解決が必要/etc/hostsとか sock.close() except: pass if resp_code != 0: error_flag = True error_msg['hostname'] += get_message('MOSJA26126', lang) + '\n' logger.user_log('LOSM07005', rq['hostname'], rq['port'], request=request) logger.logic_log('LOSI00002', 'return: %s' % error_flag) return error_flag
def modify(request): """ [メソッド概要] データ更新処理 POSTリクエストのみ """ logger.logic_log('LOSI00001', 'None', request=request) msg = '' error_flag = False error_msg = {} error_msg_top = {} response_data = {} now = datetime.datetime.now(pytz.timezone('UTC')) # アクセスチェック add_record = request.POST.get('add_record',"{}") add_record = json.loads(add_record) request_record_check(add_record, request) try: ######################################################## # リクエスト情報のバリデーションチェック ######################################################## # DataObjectの登録データ存在チェック if not len(add_record['data_obj_info']): logger.user_log('LOSM14002', 'data_obj_info', request=request) error_msg['New3'] = get_message('MOSJA11018', request.user.get_lang_mode()) raise Exception() # ルールテーブル名自動生成処理 dict_table_id = RuleType.objects.all().aggregate(Max('rule_type_id')) if dict_table_id['rule_type_id__max'] is None: rule_table_name = 'id00000000001' else: table_id = dict_table_id['rule_type_id__max'] rule_table_name = 'id' + str(table_id + 1).zfill(11) # ルール種別のバリデーションチェック info = add_record['table_info'] info['rule_table_name'] = rule_table_name dtcomp = DecisionTableComponent(rule_table_name) notification = add_record['notificationInfo'] decision_table_data = { 'rule_type_name' : info['rule_type_name'], 'summary' : info['summary'], 'rule_table_name' : info['rule_table_name'], 'generation_limit' : 3, 'group_id' : dtcomp.group_id, 'artifact_id' : dtcomp.artifact_id, 'container_id_prefix_staging' : dtcomp.contid_stg, 'container_id_prefix_product' : dtcomp.contid_prd, 'unknown_event_notification' : notification['unknown_event_notification'], 'mail_address' : notification['mail_address'], 'last_update_user' : request.user.user_name, } # 入力チェック f = RuleTypeForm(0, decision_table_data, auto_id=False, error_class=DivErrorList) # エラーがあればエラーメッセージを作成 for content, validate_list in f.errors.items(): error_msg_top[content] = '\n'.join([get_message(v, request.user.get_lang_mode()) for v in validate_list]) if len(f.errors.items()): raise Exception("validate error") # データオブジェクトのバリデーションチェック data_obj_data = [] for rq in add_record['data_obj_info']: data = { 'conditional_name' : rq['conditional_name'], 'conditional_expression_id' : int(rq['conditional_expression_id']), 'last_update_user' : request.user.user_name, } data_obj_data.append(data) row_id_list = [] for rq in add_record['data_obj_info']: row_id_list.append(rq['row_id']) conditionalList = {} for i,d in enumerate(data_obj_data): serializer = DataObjectSerializer(data=d) error_flag, error_msg = serializer_check(request, row_id_list, i, serializer, error_flag, error_msg) conditionalList, error_msg = conditional_name_type_check(i, d, serializer, conditionalList, error_msg, row_id_list, request) # label自動生成 data_obj_info = [] index = 0 data_obj_info, index = automatic_label_generation(data_obj_data) if len(error_msg) > 0: raise Exception(msg) # 適用君へ新規ルール作成リクエスト送信 send_data = { 'request' : 'CREATE', 'table_info' : add_record['table_info'], 'data_obj_info' : data_obj_info, 'notificationInfo' : add_record['notificationInfo'], 'user_id' : request.user.user_id, 'label_count' : index, 'lang' : request.user.get_lang_mode(), } result, msg = RequestToApply.operate(send_data, request=request) # 正常処理 if result: response_data['status'] = 'success' response_data['redirect_url'] = '/oase_web/rule/decision_table' with transaction.atomic(): # 権限を追加 ruletypeid = RuleType.objects.get(rule_table_name=rule_table_name).rule_type_id group_list = add_record['group_list'] # システム管理者グループ追加 admin_perm = [{'menu_id': m, 'permission_type_id': '1'} for m in defs.MENU_BY_RULE] admin_group_dict = {'group_id': str(defs.GROUP_DEFINE.GROUP_ID_ADMIN), 'permission': admin_perm} group_list.append(admin_group_dict) # システム管理者グループ以外のグループに権限追加 permission_list = add_permission(request, now, ruletypeid, group_list) AccessPermission.objects.bulk_create(permission_list) # 適用君異常 else: response_data['status'] = 'failure' response_data['error_msg'] = error_msg response_data['error_top'] = error_msg_top response_data['error_apl'] = '' if msg: response_data['error_apl'] = get_message(msg, request.user.get_lang_mode()) logger.system_log('LOSM14004', response_data['error_apl'], request=request) except Exception as e: # 異常処理 logger.system_log('LOSI00005', traceback.format_exc(), request=request) response_data['status'] = 'failure' response_data['error_msg'] = error_msg response_data['error_top'] = error_msg_top response_data['error_apl'] = '' response_data['error_flag'] = error_flag logger.logic_log('LOSI00002', 'status: %s' % (response_data['status']), request=request) response_json = json.dumps(response_data) return HttpResponse(response_json, content_type="application/json")
def check_decision_table_file(self, dt_filepath, lang): """ [メソッド概要] ディシジョンテーブルファイルの内容をチェックする """ message_list = [] # 指定のディシジョンテーブルファイルが存在しない場合は処理を中断 if not os.path.exists(dt_filepath): logger.logic_log('LOSM12057', dt_filepath) message_list.append(get_message('MOSJA03120', lang)) return message_list ######################################## # チェック処理 ######################################## try: # ファイルオープン wbook = xlrd.open_workbook(dt_filepath) wsheet = wbook.sheet_by_index(0) # データオブジェクトからアクション部の開始列を取得 cond_col_cnt = 0 if len(self.data_object_list) <= 0: self.load_data_object() for dobj in self.data_object_list: cond_col_cnt += 1 # 15:時刻の"From"と"To"で2カラム分を計上 if dobj['conditional_expression_id'] == 15: cond_col_cnt += 1 # チェック対象の範囲を設定 row_index = self.ROW_INDEX_RULE_START row_max = self.ROW_INDEX_RULE_START row_rule_cnt = 0 col_index = self.COL_INDEX_RULE_START col_index_act = self.COL_INDEX_RULE_START + cond_col_cnt col_max = self.COL_INDEX_RULE_START + cond_col_cnt + self.ACTION_COLUMN_COUNT date_effective_col_index = col_max date_expires_col_index = date_effective_col_index + 1 if col_max > wsheet.ncols: message_list.append(get_message('MOSJA03109', lang)) raise OASEError() # ルール上限数取得 rule_row_max = int(System.objects.get(config_id='RULE_ROW_MAX').value) for row in range(row_index, wsheet.nrows): for col in range(col_index, col_max): if wsheet.cell_type(row, col) == self.CELL_TYPE_EMPTY: continue if wsheet.cell_type(row, col) == self.CELL_TYPE_TEXT \ and wsheet.cell(row, col).value == '': continue row_max = row + 1 row_rule_cnt += 1 break else: break # ルール上限数チェック if row_rule_cnt > rule_row_max: message_list.append(get_message('MOSJA03122', lang, rulerowmax=rule_row_max)) break # 修正不可領域のチェック if wsheet.ncols > self.COL_INDEX_RULE_START + cond_col_cnt + self.ACTION_COLUMN_COUNT_FULL: cellname = self.convert_colno_to_colname( self.COL_INDEX_RULE_START + cond_col_cnt + self.ACTION_COLUMN_COUNT_FULL - 1) message_list.append(get_message('MOSJA03128', lang, cellname=cellname)) # 修正禁止項目チェック self.check_header_part(wsheet, message_list, lang) # オリジナルとの差分チェック # 条件部 入力チェック self.check_condition_part(wsheet, row_index, col_index, row_max, col_index_act, message_list, lang) # アクション部チェック col_max_required = self.COL_INDEX_RULE_START + cond_col_cnt + self.ACTION_COLUMN_COUNT self.check_action_part(wsheet, row_index, col_index_act, row_max, col_max_required, message_list, lang) self.check_retry_part(wsheet, row_index, col_index_act, row_max, message_list, lang) self.check_break_part(wsheet, row_index, col_index_act, row_max, message_list, lang) self.check_rule_name(wsheet, row_index, col_index_act, row_max, message_list, lang) self.check_action_type_and_param(wsheet, row_index, col_index_act, row_max, message_list, lang) self.check_pre_action(wsheet, row_index, col_index_act, row_max, message_list, lang) # 有効日無効日チェック self.check_date_effective(wsheet, row_index, date_effective_col_index, row_max, message_list, lang) self.check_date_expires(wsheet, row_index, date_expires_col_index, row_max, message_list, lang) except OASEError as e: if e.msg_id: if e.arg_dict: message_list.append(get_message(e.msg_id, lang, e.arg_dict)) else: message_list.append(get_message(e.msg_id, lang)) except Exception as e: message_list.append(get_message('MOSJA03120', lang)) logger.system_log('LOSM00001', traceback.format_exc()) # message_listから None を除去したもの返す return [m for m in message_list if m]
def update(self, rq, request): """ [メソッド概要] DB更新処理 """ logger.logic_log('LOSI00001', 'None', request=request) lang = request.user.get_lang_mode() error_flag = False error_msg = { 'zabbix_disp_name': '', 'protocol': '', 'hostname': '', 'port': '', 'username': '', 'password': '', 'rule_type_id': '', 'match_list': '', } now = datetime.datetime.now(pytz.timezone('UTC')) # 成功時データ response = { "status": "success", } try: zabbix_adapter_id = rq['zabbix_adapter_id'] # 更新または削除の時は更新前にレコードロック ZabbixAdapter.objects.select_for_update().get(pk=zabbix_adapter_id) #入力チェック error_flag = self._validate(rq, error_msg, request, 'edit') if error_flag: raise UserWarning('validation error.') # パスワードを暗号化 cipher = AESCipher(settings.AES_KEY) encrypted_password = cipher.encrypt(rq['password']) # ZABBIXアダプタの更新 adapter = ZabbixAdapter.objects.get(pk=zabbix_adapter_id) adapter.zabbix_disp_name = rq['zabbix_disp_name'] adapter.hostname = rq['hostname'] adapter.username = rq['username'] adapter.password = encrypted_password adapter.protocol = rq['protocol'] adapter.port = rq['port'] adapter.rule_type_id = rq['rule_type_id'] adapter.last_update_user = request.user.user_name adapter.last_update_timestamp = now adapter.save(force_update=True) # 変更の有無にかかわらず既存のZABBIX突合情報の削除 ZabbixMatchInfo.objects.filter( zabbix_adapter_id=zabbix_adapter_id).delete() # ZABBIX突合情報の保存 create_match_list = [] for data_object_id, zabbix_response_key in rq['match_list'].items( ): match = ZabbixMatchInfo( zabbix_adapter_id=zabbix_adapter_id, data_object_id=data_object_id, zabbix_response_key=zabbix_response_key, last_update_user=request.user.user_name, last_update_timestamp=now, ) create_match_list.append(match) ZabbixMatchInfo.objects.bulk_create(create_match_list) except ZabbixAdapter.DoesNotExist: logger.logic_log('LOSM07006', "zabbix_adapter_id", zabbix_adapter_id, request=request) response = { 'status': 'deleted', 'msg': get_message('MOSJA26127', lang), } except Exception as e: logger.logic_log('LOSI00005', traceback.format_exc(), request=request) response = { 'status': 'failure', 'msg': error_msg, # エラー詳細(エラーアイコンで出す) } logger.logic_log('LOSI00002', 'response=%s' % response, request=request) return response
def _validate(self, rq, error_msg, request): """ [概要] 入力チェック [引数] rq: dict リクエストされた入力データ error_msg: dict [戻り値] """ logger.logic_log('LOSI00001', 'data: %s, error_msg:%s' % (rq, error_msg)) error_flag = False emo_chk = UnicodeCheck() emo_flag_ita_disp_name = False emo_flag_hostname = False if len(rq['ita_disp_name']) == 0: error_flag = True error_msg['ita_disp_name'] += get_message( 'MOSJA27101', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07001', 'ita_disp_name', request=request) if len(rq['ita_disp_name']) > 64: error_flag = True error_msg['ita_disp_name'] += get_message( 'MOSJA27102', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07002', 'ita_disp_name', 64, rq['ita_disp_name'], request=request) # 絵文字チェック value_list = emo_chk.is_emotion(rq['ita_disp_name']) if len(value_list) > 0: error_flag = True emo_flag_ita_disp_name = True error_msg['ita_disp_name'] += get_message( 'MOSJA27120', request.user.get_lang_mode(), showMsgId=False) + '\n' if len(rq['protocol']) == 0: error_flag = True error_msg['protocol'] += get_message( 'MOSJA27115', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07001', 'protocol', request=request) if len(rq['protocol']) > 64: error_flag = True error_msg['protocol'] += get_message( 'MOSJA27116', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07002', 'protocol', 64, rq['protocol'], request=request) if len(rq['hostname']) == 0: error_flag = True error_msg['hostname'] += get_message( 'MOSJA27103', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07001', 'hostname', request=request) if len(rq['hostname']) > 128: error_flag = True error_msg['hostname'] += get_message( 'MOSJA27104', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07002', 'hostname', 128, rq['hostname'], request=request) # 絵文字チェック value_list = emo_chk.is_emotion(rq['hostname']) if len(value_list) > 0: error_flag = True emo_flag_hostname = True error_msg['hostname'] += get_message('MOSJA27121', request.user.get_lang_mode(), showMsgId=False) + '\n' if len(rq['port']) == 0: error_flag = True error_msg['port'] += get_message( 'MOSJA27105', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07001', 'port', request=request) try: tmp_port = int(rq['port']) if 0 > tmp_port or tmp_port > 65535: error_flag = True error_msg['port'] += get_message( 'MOSJA27106', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07003', 'port', rq['port'], request=request) except ValueError: error_flag = True error_msg['port'] += get_message( 'MOSJA27106', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07003', 'port', rq['port'], request=request) if len(rq['username']) == 0: error_flag = True error_msg['username'] += get_message( 'MOSJA27107', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07001', 'username', request=request) if len(rq['username']) > 64: error_flag = True error_msg['username'] += get_message( 'MOSJA27108', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07002', 'username', 64, rq['username'], request=request) # 絵文字チェック value_list = emo_chk.is_emotion(rq['username']) if len(value_list) > 0: error_flag = True error_msg['username'] += get_message('MOSJA27122', request.user.get_lang_mode(), showMsgId=False) + '\n' if len(rq['password']) == 0: error_flag = True error_msg['password'] += get_message( 'MOSJA27109', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07001', 'password', request=request) driver_info_old = ItaDriver.objects.filter( ita_driver_id=rq['ita_driver_id']) if len(driver_info_old ) > 0 and driver_info_old[0].password != rq['password']: if len(rq['password']) > 64: error_flag = True error_msg['password'] += get_message( 'MOSJA27110', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07002', 'password', 64, rq['password'], request=request) # 絵文字チェック value_list = emo_chk.is_emotion(rq['password']) if len(value_list) > 0: error_flag = True error_msg['password'] += get_message( 'MOSJA27123', request.user.get_lang_mode(), showMsgId=False) + '\n' if not emo_flag_ita_disp_name: duplication = ItaDriver.objects.filter( ita_disp_name=rq['ita_disp_name']) if len(duplication) == 1 and int( rq['ita_driver_id']) != duplication[0].ita_driver_id: error_flag = True error_msg['ita_disp_name'] += get_message( 'MOSJA27111', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07004', 'ita_disp_name', rq['ita_disp_name'], request=request) if not emo_flag_hostname: duplication = ItaDriver.objects.filter(hostname=rq['hostname']) if len(duplication) == 1 and int( rq['ita_driver_id']) != duplication[0].ita_driver_id: error_flag = True error_msg['hostname'] += get_message( 'MOSJA27112', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07004', 'hostname', rq['hostname'], request=request) # 疎通確認 if not error_flag: resp_code = -1 try: with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock: resp_code = sock.connect_ex( (rq['hostname'], int(rq['port']))) # host名名前解決が必要/etc/hostsとか sock.close() except: pass if resp_code != 0: error_flag = True error_msg['ita_disp_name'] += get_message( 'MOSJA27119', request.user.get_lang_mode()) + '\n' logger.user_log('LOSM07005', rq['hostname'], rq['port'], request=request) logger.logic_log('LOSI00002', 'return: %s' % error_flag) return error_flag
def determ_mailaddr(request): """ [メソッド概要] メールアドレス変更確定処理 """ msg = '' now = datetime.datetime.now(pytz.timezone('UTC')) hash_login = request.GET.get('arg', None) hash_maddr = request.GET.get('tok', None) logger.logic_log('LOSI00001', hash_maddr) try: login_id = '' mail_addr = '' # パラメーター不正 if not hash_login or not hash_maddr: logger.user_log('LOSM10002', hash_login, hash_maddr) raise OASEError('MOSJA31009', 'LOSM10000') # メールアドレス変更情報取得 login_id, mail_addr = _reverse_conv_login_id_mailaddr( hash_login, hash_maddr, now) # 重複チェック rcnt = User.objects.filter(mail_address=mail_addr, mail_address__contains=mail_addr).exclude( login_id=login_id, login_id__contains=login_id).count() if rcnt > 0: logger.logic_log('LOSI10005', mail_addr) raise OASEError('MOSJA31011', 'LOSM10000') # メールアドレス変更 user = User.objects.get(login_id=login_id, login_id__contains=login_id) if mail_addr == user.mail_address: logger.logic_log('LOSI10001', login_id, mail_addr) msg = get_message('MOSJA31012') else: logger.logic_log('LOSI10010', login_id, user.mail_address, mail_addr) user.mail_address = mail_addr user.save(force_update=True) msg = get_message('MOSJA31013') except OASEError as e: if e.log_id: logger.logic_log(e.log_id) if e.msg_id: if e.arg_dict: msg = get_message(e.msg_id, e.arg_dict) else: msg = get_message(e.msg_id) except Exception as e: result = 'error' logger.logic_log('LOSI00005', traceback.format_exc()) msg = get_message('MOSJA31015') logger.logic_log('LOSI00002', msg) data = { 'msg': msg, 'lang_mode': user.get_lang_mode(), } return render(request, 'user/determ_mailaddr.html', data)
def action_history(request): """ [メソッド概要] アクション履歴画面の一覧表示 """ logger.logic_log('LOSI00001', 'none', request=request) msg = '' try: # アクション画面のルール別アクセス権限を取得 permission_info = request.user_config.get_rule_auth_type(MENU_ID) # アクセス可能なルール種別IDを取得 rule_ids_view = permission_info[defs.VIEW_ONLY] rule_ids_admin = permission_info[defs.ALLOWED_MENTENANCE] rule_ids_all = rule_ids_view + rule_ids_admin # アクション種別管理 action_type_list = ActionType.objects.all() # アクションステータス管理 action_status_dict = defs.ACTION_STATUS # ドライバ種別を取得 driver_type_list = DriverType.objects.all() # アクション履歴を取得 action_history_list = ActionHistory.objects.filter( rule_type_id__in=rule_ids_all).order_by( '-pk') if len(rule_ids_all) > 0 else [] # 表示用データ整備 for act in action_history_list: # ルール種別の削除フラグを確認 act.disuse_flag = RuleType.objects.get( rule_type_id=act.rule_type_id).disuse_flag # アイコン表示用文字列セット status = act.status if act.retry_status is not None: status = act.retry_status if status in defs.ACTION_HISTORY_STATUS.ICON_INFO: #承認中のものが削除された場合は処理済みとして取り扱う if act.disuse_flag != '0' and status == 6: act.class_info = defs.ACTION_HISTORY_STATUS.ICON_INFO[8] else: act.class_info = defs.ACTION_HISTORY_STATUS.ICON_INFO[ status] else: act.class_info = { 'status': 'attention', 'name': 'owf-attention', 'description': 'MOSJA13063' } except Exception as e: msg = get_message('MOSJA13000', request.user.get_lang_mode()) logger.logic_log('LOSM05000', 'traceback: %s' % traceback.format_exc(), request=request) data = { 'message': msg, 'action_type_list': action_type_list, 'action_history_data': action_history_list, 'action_status_dict': action_status_dict, 'action_info_dict': '', 'request_info_dict': '', 'action_log_list': '', 'can_update': rule_ids_admin, 'driver_type_list': driver_type_list, } data.update(request.user_config.get_templates_data(request)) logger.logic_log('LOSI00002', 'none', request=request) return render(request, 'rule/action_history.html', data)
def stop(request): """ 保留中のアクションを停止する """ logger.logic_log('LOSI00001', 'none', request=request) now = datetime.datetime.now(pytz.timezone('UTC')) msg = '' action_history_id = 0 try: with transaction.atomic(): action_history_id = request.POST.get('act_his_id', None) if action_history_id is None: msg = get_message('MOSJA13022', request.user.get_lang_mode(), showMsgId=False) # ルール種別管理を確認し、削除フラグが立っている場合は処理を中断する! if _chk_disuse_flag(action_history_id) == False: raise OASEError('MOSJA13082', '') # 再開対象のアクション履歴を抽出 act_his = ActionHistory.objects.select_for_update().get( action_history_id=action_history_id) # ルール別アクセス権限をチェック _validate_permission(request, act_his, 'MOSJA13021') # 停止対象のルールマッチング結果を取得 response_id = act_his.response_id rhdm_resp = RhdmResponse.objects.select_for_update().get( response_id=response_id) if not (rhdm_resp.status == defs.PENDING and act_his.status == defs.PENDING): raise OASEError('MOSJA13016', '') # 停止にする act_his.status = defs.STOP act_his.last_act_user = request.user.user_name act_his.last_update_timestamp = now act_his.save(force_update=True) # ルールマッチング結果の状態を処理済みに遷移 rhdm_resp.status = defs.PROCESSED rhdm_resp.last_update_user = request.user.user_name rhdm_resp.last_update_timestamp = now rhdm_resp.save(force_update=True) # アクションログに実行中断のログを残す ActionLog( response_id=rhdm_resp.response_id, execution_order=act_his.execution_order, trace_id=rhdm_resp.trace_id, message_id='MOSJA01050', message_params=None, last_update_timestamp=now, ).save(force_insert=True) except OASEError as e: if e.log_id: if e.arg_list and isinstance(e.arg_list, list): logger.logic_log(e.log_id, *(e.arg_list), request=request) else: logger.logic_log(e.log_id, request=request) if e.msg_id: if e.arg_dict and isinstance(e.arg_dict, dict): msg = get_message(e.msg_id, request.user.get_lang_mode(), **(e.arg_dict)) else: msg = get_message(e.msg_id, request.user.get_lang_mode()) except ActionHistory.DoesNotExist: logger.logic_log('LOSI08001', action_history_id, request=request) except RhdmResponse.DoesNotExist: logger.logic_log('LOSI08002', action_history_id, request=request) except Exception as e: logger.logic_log('LOSI00005', 'Fail to retry an action. trace: %s' % (traceback.format_exc()), request=request) data = {'message': msg} response_json = json.dumps(data) return HttpResponse(response_json, content_type="application/json")
def resume(request): """ アクションを再開する """ logger.logic_log('LOSI00001', 'none', request=request) now = datetime.datetime.now(pytz.timezone('UTC')) msg = '' action_history_id = 0 try: with transaction.atomic(): action_history_id = request.POST.get('act_his_id', None) if action_history_id is None: msg = get_message('MOSJA13022', request.user.get_lang_mode(), showMsgId=False) # ルール種別管理を確認し、削除フラグが立っている場合は処理を中断する! if _chk_disuse_flag(action_history_id) == False: raise OASEError('MOSJA13082', '') # 再開対象のアクション履歴を抽出 act_his = ActionHistory.objects.select_for_update().get( action_history_id=action_history_id) # ルール別アクセス権限をチェック _validate_permission(request, act_his, 'MOSJA13018') # アクション履歴の状態をチェック if act_his.status != defs.PENDING and act_his.retry_status != defs.PENDING: raise OASEError('MOSJA13016', '') # 再開のみの場合 if act_his.retry_status != defs.PENDING: # 再開対象のルールマッチング結果を取得 response_id = act_his.response_id rhdm_resp = RhdmResponse.objects.select_for_update().get( response_id=response_id) if rhdm_resp.status != defs.PENDING and act_his.retry_status != defs.PENDING: raise OASEError('MOSJA13016', '') # アクション履歴の状態を未処理に遷移 act_his.status = defs.PROCESSING act_his.last_act_user = request.user.user_name act_his.action_start_time = now act_his.last_update_timestamp = now act_his.save(force_update=True) # ルールマッチング結果の状態を未処理に遷移 rhdm_resp.status = defs.UNPROCESS rhdm_resp.last_update_user = request.user.user_name rhdm_resp.last_update_timestamp = now rhdm_resp.save(force_update=True) # 再開、かつ、再実行の場合 else: act_his.retry_flag = True act_his.retry_status = defs.PROCESSING act_his.last_act_user = request.user.user_name act_his.action_start_time = now act_his.last_update_timestamp = now act_his.save(force_update=True) except OASEError as e: if e.log_id: if e.arg_list and isinstance(e.arg_list, list): logger.logic_log(e.log_id, *(e.arg_list), request=request) else: logger.logic_log(e.log_id, request=request) if e.msg_id: if e.arg_dict and isinstance(e.arg_dict, dict): msg = get_message(e.msg_id, request.user.get_lang_mode(), **(e.arg_dict)) else: msg = get_message(e.msg_id, request.user.get_lang_mode()) except ActionHistory.DoesNotExist: logger.logic_log('LOSI08001', action_history_id, request=request) except RhdmResponse.DoesNotExist: logger.logic_log('LOSI08002', action_history_id, request=request) except Exception as e: logger.logic_log('LOSI00005', 'Fail to retry an action. trace: %s' % (traceback.format_exc()), request=request) data = {'message': msg} response_json = json.dumps(data) return HttpResponse(response_json, content_type="application/json")
def download(request, response_id, execution_order): """ [メソッド概要] アクションログダウンロード処理 """ logger.logic_log('LOSI00001', 'response_id: %s, execution_order: %s' % (response_id, execution_order), request=request) try: err_flag = False log_message = '' log_txt = '' lang = request.user.get_lang_mode() # ルール別アクセス権限チェック act_history_info = ActionHistory.objects.get( response_id=response_id, execution_order=execution_order) user_auth = request.user_config.get_menu_auth_type( MENU_ID, rule_type_id=act_history_info.rule_type_id) if user_auth not in defs.MENU_CATEGORY.ALLOW_EVERY: logger.user_log('LOSI13003', request.path, user_auth, defs.MENU_CATEGORY.ALLOW_EVERY) if 'HTTP_X_REQUESTED_WITH' in request.META and request.META[ 'HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest': return HttpResponse(status=400) else: return HttpResponseRedirect( reverse('web_app:top:notpermitted')) # ログデータ取得 err_flag, req_dic, act_dic, action_history_log_list = get_logdata( request, response_id, execution_order, act_history_info=act_history_info) if err_flag: logger.system_log( 'LOSM08001', 'req_dic: %s, act_dic: %s, action_history_log_list: %s' % (req_dic, act_dic, len(action_history_log_list)), request=request) return HttpResponse(request, status=500) # リクエスト情報整形 log_message += '[' + get_message('MOSJA13001', lang, showMsgId=False) + ']' + '\n' \ + get_message('MOSJA13002', lang, showMsgId=False) + ':' + req_dic['req_time_stamp'] + '\n' \ + get_message('MOSJA13003', lang, showMsgId=False) + ':' + req_dic['req_trace_id'] + '\n' \ + get_message('MOSJA13004', lang, showMsgId=False) + ':' + req_dic['event_info'] + '\n' \ + '\n' # アクション情報整形 log_message += '[' + get_message('MOSJA13005', lang, showMsgId=False) + ']' + '\n' \ + get_message('MOSJA13006', lang, showMsgId=False) + ':' + act_dic['act_time_stamp'] + '\n' \ + get_message('MOSJA13003', lang, showMsgId=False) + ':' + act_dic['act_trace_id'] + '\n' \ + get_message('MOSJA13007', lang, showMsgId=False) + ':' + act_dic['rule_type_name'] + '\n' \ + get_message('MOSJA13008', lang, showMsgId=False) + ':' + act_dic['rule_name'] + '\n' \ + get_message('MOSJA13010', lang, showMsgId=False) + ':' + act_dic['action_parameter_info'] + '\n' \ # 各ドライバーのアクションの詳細を取得 func = _get_get_history_data_func(act_history_info.action_type_id) history_data = func(act_history_info.pk) # ドライバー固有のアクション情報追記 for k, v in history_data.items(): if not v: v = '' log_message += get_message(k, lang, showMsgId=False) + ':' + str(v) + '\n' else: log_message += '\n' # action_history_listをループしながらテキストにいれる。 if len(action_history_log_list) > 0: log_message += '[' + get_message( 'MOSJA13011', lang, showMsgId=False) + ']' + '\n' for action_log in action_history_log_list: msg_params = action_log.message_params if not msg_params: message = get_message(action_log.message_id, request.user.get_lang_mode()) else: msg_params = ast.literal_eval(msg_params) message = get_message(action_log.message_id, request.user.get_lang_mode(), **(msg_params)) time_stamp = TimeConversion.get_time_conversion( action_log.last_update_timestamp, 'Asia/Tokyo', request=request) log_message += '[%s] %s\n' % (time_stamp, message) # ダウンロード rule_name = act_dic['rule_type_name'] act_type = act_dic['action_type_id'] act_list = ActionType.objects.all() num = act_type - 1 act_typ = str(act_list[num]) action_type = act_typ.split('(')[0] act_time = act_dic['act_time_stamp'] action_time = (act_time.translate( str.maketrans({ '-': '', '_': '', ':': '', ' ': '' }))) file_name = 'Action_log_%s_%s_%s.txt' % (rule_name, action_type, action_time) response = HttpResponse(log_message, content_type='text/plain') response['Content-Disposition'] = "attachment; filename*=UTF-8''%s" % ( urllib.parse.quote(file_name)) logger.logic_log('LOSI00002', 'success', request=request) return response except Exception as e: logger.logic_log( 'LOSI00005', 'response_id: %s, execution_order: %s, trace: %s' % (response_id, execution_order, traceback.format_exc()), request=request) return HttpResponse(request, status=500)
def dataobject(request, response_id, execution_order): """ [メソッド概要] アクション履歴画面の一覧表示 """ msg = '' req_shape_dic = {} act_shape_dic = {} log_message = [] logger.logic_log('LOSI00001', 'response_id: %s, execution_order: %s' % (response_id, execution_order), request=request) lang = request.user.get_lang_mode() try: # ルール別アクセス権限チェック act_history_info = ActionHistory.objects.get( response_id=response_id, execution_order=execution_order) user_auth = request.user_config.get_menu_auth_type( MENU_ID, rule_type_id=act_history_info.rule_type_id) if user_auth not in defs.MENU_CATEGORY.ALLOW_EVERY: logger.user_log('LOSI13003', request.path, user_auth, defs.MENU_CATEGORY.ALLOW_EVERY) if 'HTTP_X_REQUESTED_WITH' in request.META and request.META[ 'HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest': return HttpResponse(status=400) else: return HttpResponseRedirect( reverse('web_app:top:notpermitted')) # ログデータ取得 err_flag, req_dic, act_dic, action_history_log_list = get_logdata( request, response_id, execution_order, act_history_info=act_history_info) if err_flag: logger.system_log( 'LOSM08001', 'req_dic: %s, act_dic: %s, action_history_log_list: %s' % (req_dic, act_dic, len(action_history_log_list)), request=request) msg = get_message('MOSJA13000', lang) raise Exception() #[リクエスト情報] req_shape_dic[get_message('MOSJA13002', lang, showMsgId=False)] = req_dic['req_time_stamp'] req_shape_dic[get_message('MOSJA13003', lang, showMsgId=False)] = req_dic['req_trace_id'] req_shape_dic[get_message('MOSJA13004', lang, showMsgId=False)] = req_dic['event_info'] #[アクション情報] act_shape_dic[get_message('MOSJA13006', lang, showMsgId=False)] = act_dic['act_time_stamp'] act_shape_dic[get_message('MOSJA13003', lang, showMsgId=False)] = act_dic['act_trace_id'] act_shape_dic[get_message('MOSJA13007', lang, showMsgId=False)] = act_dic['rule_type_name'] act_shape_dic[get_message('MOSJA13008', lang, showMsgId=False)] = act_dic['rule_name'] act_shape_dic[get_message( 'MOSJA13010', lang, showMsgId=False)] = act_dic['action_parameter_info'] # 各ドライバーのアクションの詳細を取得 func = _get_get_history_data_func(act_history_info.action_type_id) history_data = func(act_history_info.pk) # ドライバー固有のアクション情報 for k, v in history_data.items(): act_shape_dic[get_message(k, lang, showMsgId=False)] = v #[ログ] for log in action_history_log_list: msg_params = log.message_params if not msg_params: message = get_message(log.message_id, lang) else: msg_params = ast.literal_eval(msg_params) message = get_message(log.message_id, lang, **(msg_params)) time_stamp = TimeConversion.get_time_conversion( log.last_update_timestamp, 'Asia/Tokyo', request=request) message = '[' + time_stamp + ']' + message log_message.append(message) data = { 'message': msg, 'action_info_dict': act_shape_dic, 'request_info_dict': req_shape_dic, 'action_log_list': log_message, } data.update(request.user_config.get_templates_data(request)) logger.logic_log('LOSI00002', 'success', request=request) return render(request, 'rule/action_history_data.html', data) except Exception as e: logger.logic_log( 'LOSI00005', 'response_id: %s, execution_order: %s, trace: %s' % (response_id, execution_order, traceback.format_exc()), request=request) if not msg: msg = get_message('MOSJA13000', lang) data = { 'message': msg, 'action_info_dict': '', 'request_info_dict': '', 'action_log_list': '', } data.update(request.user_config.get_templates_data(request)) response_json = json.dumps(data) return HttpResponse(response_json, content_type="application/json")
def modify(request): logger.logic_log('LOSI00001', 'None', request=request) use_drivers = _get_available_drivers() logger.logic_log('LOSI07001', use_drivers, request=request) # 成功時レスポンスデータ redirect_url = '/oase_web/system/action' response = { "status": "success", "redirect_url": redirect_url, } msg = '' try: if request and request.method != 'POST': logger.logic_log('LOSM04004', request=request) msg = get_message('MOSJA27010', request.user.get_lang_mode()) return HttpResponseServerError(msg) json_str = request.POST.get('json_str', '{}') json_str = json.loads(json_str) if 'json_str' not in json_str: msg = get_message('MOSJA27010', request.user.get_lang_mode()) logger.user_log('LOSM04000', 'json_str', request=request) raise Exception() with transaction.atomic(): for ud in use_drivers: # 必要情報取得 driver_info = ActionDriverSupportTool.get_driver_data_modify( ud) if str(driver_info['driver_id'] ) != json_str['json_str']["driver_id"]: continue record_lock_function = driver_info[ 'driver_record_lock_function'] modify_func = driver_info['driver_data_modify_function'] # 関連TBLにロックかける record_lock_function(json_str, request) # 更新 or 追加 or 削除処理 each_driver_response = modify_func(json_str, request) if each_driver_response['status'] != 'success': if 'notpermitted' in each_driver_response and each_driver_response[ 'notpermitted']: response['redirect_url'] = reverse( 'web_app:top:notpermitted') response['status'] = 'failure' response['error_msg'] = each_driver_response.get( 'error_msg', {}) # 最終的にfailure扱いであればロールバック if response['status'] == 'failure': transaction.rollback() except Exception as e: logger.logic_log('LOSI00005', traceback.format_exc(), request=request) if not msg: msg = get_message('MOSJA27009', request.user.get_lang_mode()) response['status'] = 'failure' response['msg'] = msg # alertで出すメッセージ #response['error_msg'] = error_msg # エラー詳細(エラーアイコンで出す) response_json = json.dumps(response) logger.logic_log('LOSI00002', 'status=%s' % response['status'], request=request) return HttpResponse(response_json, content_type="application/json")
def modify_mailaddr(request): """ [メソッド概要] メールアドレス変更処理 """ msg = {} error_msg = {} result = 'success' now = datetime.datetime.now(pytz.timezone('UTC')) mail_pass = request.POST.get('password', '') mail_addr = request.POST.get('mail', '') uid = request.user.user_id login_id = request.user.login_id emo_chk = UnicodeCheck() logger.logic_log('LOSI00001', mail_pass, mail_addr, request=request) if uid == '': error_msg = get_message('MOSJA32009', request.user.get_lang_mode()) logger.user_log('LOSM17000') return HttpResponseServerError(error_msg) try: # パスワードチェック error_msg = _check_password(request, mail_pass, uid) # 値チェック if mail_addr == request.user.mail_address: error_msg['txtMailAddr'] = get_message( 'MOSJA31008', request.user.get_lang_mode()) logger.user_log('LOSI10001', login_id, mail_addr, request=request) logger.logic_log('LOSM10000', request=request) # バリデーションチェック dot_string = r'[\w!#$%&\'*+\-\/=?^`{|}~]+(\.[\w!#$%&\'*+\-\/=?^`{|}~]+)*' quoted_string = r'"([\w!#$%&\'*+\-\/=?^`{|}~. ()<>\[\]:;@,]|\\[\\"])+"' domain = r'([a-zA-Z\d\-]+\.)+[a-zA-Z]+' ip_v4 = r'(\d{1,3}(\.\d{1,3}){3}' ip_v6 = r'IPv6:[\da-fA-F]{0,4}(:[\da-fA-F]{0,4}){1,5}(:\d{1,3}(\.\d{1,3}){3}|(:[\da-fA-F]{0,4}){0,2}))' mail_ip_addr = r'\[' + ip_v4 + r'|' + ip_v6 + r'\]' mail_pattern = r'^(' + dot_string + r'|' + quoted_string + \ r')@(' + domain + r'|' + mail_ip_addr + r')$' if len(mail_addr) <= 0: error_msg['txtMailAddr'] = get_message( 'MOSJA31004', request.user.get_lang_mode()) logger.user_log('LOSI10002', request=request) logger.logic_log('LOSM10000', request=request) elif len(mail_addr) > 256: error_msg['txtMailAddr'] = get_message( 'MOSJA31005', request.user.get_lang_mode()) logger.user_log('LOSI10003', request=request) logger.logic_log('LOSM10000', request=request) # 絵文字チェック value_list = emo_chk.is_emotion(mail_addr) if len(value_list) > 0: error_msg['txtMailAddr'] = get_message( 'MOSJA31018', request.user.get_lang_mode()) logger.user_log('LOSI10011', request=request) logger.logic_log('LOSM10000', request=request) elif not re.match(mail_pattern, mail_addr): error_msg['txtMailAddr'] = get_message( 'MOSJA31006', request.user.get_lang_mode()) logger.user_log('LOSI10004', request=request) logger.logic_log('LOSM10000', request=request) # 機密情報URL生成 req_protcol = request.scheme req_host = request.get_host() modify_url = reverse('web_app:user:user_determ_mailaddr') hash_login = OaseCommon.oase_hash(login_id) hash_maddr = OaseCommon.oase_hash(mail_addr) modify_url = '%s://%s%s?arg=%s&tok=%s' % ( req_protcol, req_host, modify_url, hash_login, hash_maddr) # 重複チェック error_msg = _check_duplication(request, error_msg, mail_addr, now, login_id) # DB保存 hour_expire = int( System.objects.get(config_id='MAILADDR_URL_VALID_PERIOD').value) url_expire = now + datetime.timedelta(hours=hour_expire) rcnt = MailAddressModify.objects.filter( login_id=login_id, login_id__contains=login_id).count() if rcnt > 0: MailAddressModify.objects.filter( login_id=login_id, login_id__contains=login_id).update( mail_address=mail_addr, mail_address_hash=hash_maddr, url_expire=url_expire, last_update_timestamp=now, last_update_user=request.user.user_name) else: MailAddressModify(login_id=login_id, mail_address=mail_addr, mail_address_hash=hash_maddr, url_expire=url_expire, last_update_timestamp=now, last_update_user=request.user.user_name).save( force_insert=True) if len(error_msg) == 0: # 署名用URL生成 req_protcol = request.scheme req_host = request.get_host() login_url = reverse('web_app:top:login') inquiry_url = reverse('web_app:top:inquiry') login_url = '%s://%s%s' % (req_protcol, req_host, login_url) inquiry_url = '%s://%s%s' % (req_protcol, req_host, inquiry_url) # メール送信 obj_smtp = OASEMailSMTP(request=request) obj_mail = OASEMailModifyMailAddressNotify(mail_addr, request.user.user_name, hour_expire, modify_url, inquiry_url, login_url) send_result = obj_smtp.send_mail(obj_mail) if send_result: error_msg['system'] = get_message(send_result, request.user.get_lang_mode()) logger.user_log('LOSI10006', request=request) logger.logic_log('LOSM10000', request=request) except Exception as e: logger.logic_log('LOSI00005', traceback.format_exc(), request=request) error_msg['system'] = get_message('MOSJA31014', request.user.get_lang_mode()) if len(error_msg) > 0: result = 'failure' else: msg['system'] = get_message('MOSJA31017', request.user.get_lang_mode()) data = { 'status': result, 'msg': msg, 'error_msg': error_msg, } respdata = json.dumps(data) logger.logic_log('LOSI00002', result, request=request) return HttpResponse(respdata, content_type="application/json")
def index(request): """ [メソッド概要] リクエスト履歴画面の一覧表示 """ logger.logic_log('LOSI00001', 'none', request=request) msg = '' lang = request.user.get_lang_mode() try: # リクエスト履歴画面のルール別アクセス権限を取得 permission_info = request.user_config.get_rule_auth_type(MENU_ID) # アクセス可能なルール種別IDを取得 rule_ids_view = permission_info[defs.VIEW_ONLY] rule_ids_admin = permission_info[defs.ALLOWED_MENTENANCE] rule_ids_all = rule_ids_view + rule_ids_admin # リクエストデータを取得 request_history_list = EventsRequest.objects.filter( rule_type_id__in=rule_ids_all).order_by( '-pk') if len(rule_ids_all) > 0 else [] table_list = [] for req in request_history_list: # アイコン表示用文字列セット status = req.status if status in defs.REQUEST_HISTORY_STATUS.ICON_INFO: req.class_info = defs.REQUEST_HISTORY_STATUS.ICON_INFO[status] else: req.class_info = { 'status': 'attention', 'name': 'owf-attention', 'description': 'リクエストエラー' } # ルール種別欄 rules = RuleType.objects.filter(rule_type_id=req.rule_type_id) # 削除されているルール種別の場合リクエスト履歴を表示しない if not len(rules): continue rule_name = rules[0].rule_type_name # リクエスト種別欄 request_name = '' if req.request_type_id == 1: # request_name = "プロダクション" request_name = get_message('MOSJA00094', lang, showMsgId=False) elif req.request_type_id == 2: # request_name = "ステージング" request_name = get_message('MOSJA00093', lang, showMsgId=False) table_info = { 'class_info': req.class_info, 'rule_id': req.rule_type_id, 'rule_name': rule_name, 'request_id': req.request_type_id, 'request_name': request_name, 'request_reception_time': req.request_reception_time, 'event_info': req.event_info, 'event_to_time': req.event_to_time, 'trace_id': req.trace_id } table_list.append(table_info) except Exception as e: msg = get_message('MOSJA36000', lang) logger.logic_log('LOSM24000', 'traceback: %s' % traceback.format_exc(), request=request) data = { 'message': msg, 'mainmenu_list': request.user_config.get_menu_list(), 'user_name': request.user.user_name, 'table_list': table_list, 'user_name': request.user.user_name, 'can_update': rule_ids_admin, 'lang_mode': lang, } logger.logic_log('LOSI00002', 'none', request=request) return render(request, 'rule/request_history.html', data)
def download(request, rule_type_id): """ [メソッド概要] DecisionTableダウンロード処理 """ logger.logic_log('LOSI00001', 'RuleTypeID: %s' % (rule_type_id), request=request) try: # ルール別アクセス権限チェック dtabr = DecisionTableAuthByRule(request) if not dtabr.allow_download(rule_type_id=int(rule_type_id)): rtname = RuleType.objects.get( rule_type_id=rule_type_id).rule_type_name rule_ids = dtabr.get_modify_rules(defs.MENU_CATEGORY.ALLOW_EVERY) raise OASEError('MOSJA11022', 'LOSI14001', msg_params={ 'opename': 'ダウンロード', 'rule_type_name': rtname }, log_params=['Download', rule_type_id, rule_ids]) # 適用君へDecisionTableダウンロードリクエスト送信 send_data = { 'request': 'DOWNLOAD_DT', 'ruletypeid': rule_type_id, } result, msg, filename, filedata = RequestToApply.getfile( send_data, request=request) # 正常処理 if result: response = HttpResponse(filedata, content_type='application/excel') response[ 'Content-Disposition'] = "attachment; filename*=UTF-8''%s" % ( urllib.parse.quote(filename)) # 適用君異常 else: logger.system_log('LOSM14004', msg, request=request) raise Exception('ダウンロード失敗') logger.logic_log('LOSI00002', 'success', request=request) return response except OASEError as e: if e.log_id: if e.arg_list and isinstance(e.arg_list, list): logger.logic_log(e.log_id, *(e.arg_list), request=request) else: logger.logic_log(e.log_id, request=request) if e.msg_id: if e.arg_dict and isinstance(e.arg_dict, dict): msg = get_message(e.msg_id, request.user.get_lang_mode(), **(e.arg_dict)) else: msg = get_message(e.msg_id, request.user.get_lang_mode()) return HttpResponse(request, status=500) except Exception as e: logger.logic_log('LOSI00005', traceback.format_exc(), request=request) return HttpResponse(request, status=500)
def modify(request): """ [メソッド概要] データ更新処理 """ msg = '' error_msg = '' error_flag = False json_str_list = [] now = datetime.datetime.now(pytz.timezone('UTC')) json_str = request.POST.get('json_str', None) logger.logic_log('LOSI00001', 'json_str: %s' % json_str, request=request) if json_str is None: msg = get_message('MOSJA35001', request.user.get_lang_mode()) logger.user_log('LOSM20001', request=request) raise Http404 try: with transaction.atomic(): json_str = json.loads(json_str) # バリデーションチェック error_flag, error_msg, json_str_list = _validate(json_str, request=request) if error_flag: raise Exception('validation error.') ip_address_list_reg = [] ip_address_list_del = [] for rq in sorted(json_str_list, key=lambda x: x['row_id']): ope = int(rq['ope']) # 更新 if ope == defs.DABASE_OPECODE.OPE_UPDATE: ip_address_list_mod = WhiteListIPAddress.objects.select_for_update( ).get(white_list_id=rq['row_id']) ip_address_list_mod.ipaddr = rq['ipaddr'] ip_address_list_mod.last_update_user = request.user.user_name ip_address_list_mod.last_update_timestamp = now ip_address_list_mod.save(force_update=True) # 削除 elif ope == defs.DABASE_OPECODE.OPE_DELETE: ip_address_list_del.append(rq['row_id']) # 新規 elif ope == defs.DABASE_OPECODE.OPE_INSERT: ipaddress_info = WhiteListIPAddress( ipaddr=rq['ipaddr'], last_update_user=request.user.user_name, last_update_timestamp=now) ip_address_list_reg.append(ipaddress_info) # 追加 reg_count = len(ip_address_list_reg) if reg_count > 1: WhiteListIPAddress.objects.bulk_create(ip_address_list_reg) elif reg_count == 1: whitelist = ip_address_list_reg[0] whitelist.save(force_insert=True) if len(ip_address_list_del) > 0: WhiteListIPAddress.objects.filter( pk__in=ip_address_list_del).delete() except WhiteListIPAddress.DoesNotExist: error_flag = True logger.logic_log('LOSM20007', traceback.format_exc(), request=request) except Exception as e: error_flag = True logger.logic_log('LOSM20002', 'json_str: %s, traceback: %s' % (json_str, traceback.format_exc()), request=request) # 結果レスポンス response_data = {} # 異常処理 if error_flag == True: response_data['status'] = 'failure' response_data['error_msg'] = error_msg response_data['msg'] = msg logger.logic_log('LOSM20003', 'json_str: %s, response_data: %s, traceback: %s' % (json_str, response_data, traceback.format_exc()), request=request) # 正常処理 else: response_data['status'] = 'success' response_data['redirect_url'] = '/oase_web/user/white_list' response_json = json.dumps(response_data) logger.logic_log('LOSI00002', 'json_str: %s, response_json: %s' % (json_str, response_json), request=request) return HttpResponse(response_json, content_type="application/json")
def edit(request): """ [メソッド概要] システム設定ページの一覧画面 """ logger.logic_log('LOSI00001', 'None', request=request) msg = '' system_log_list = [] system_session_list = [] system_password_list = [] system_actdir_list = [] system_targro_list = [] output_flag = 0 pass_flag = 0 permission_type = request.user_config.get_menu_auth_type(MENU_ID) edit = True if permission_type == defs.ALLOWED_MENTENANCE else False try: # システム設定情報取得 system_list = System.objects.filter( maintenance_flag='1').order_by('item_id') # システム設定情報作成 for s in system_list: system_info = { 'item_id': s.item_id, 'config_name': s.config_name, 'category': s.category, 'config_id': s.config_id, 'value': s.value, 'maintenance_flag': s.maintenance_flag, } if s.category == "LOG_STORAGE_PERIOD": system_log_list.append(system_info) elif s.category == "SESSION_TIMEOUT": system_session_list.append(system_info) elif s.category == "PASSWORD": system_password_list.append(system_info) elif s.category == "ACTIVE_DIRECTORY": if s.config_id == "TARGET_GROUP_LIST" and s.value: system_targro_list = ast.literal_eval(s.value) # パスワード復号化 if s.config_id == "ADMINISTRATOR_PW" and s.value is not None and len( s.value) > 0: cipher = AESCipher(settings.AES_KEY) s.value = cipher.decrypt(s.value) # 復号化されたパスワードに更新 system_info['value'] = s.value system_actdir_list.append(system_info) if s.config_id == "ADCOLLABORATION" and s.value == '1': output_flag = 1 if request.user.user_id not in (1, -2140000000): pass_flag = 1 except: msg = get_message('MOSJA22016', request.user.get_lang_mode()) logger.logic_log('LOSI00005', traceback.format_exc(), request=request) logger.system_log('LOSM09001', request=request) data = { 'msg': msg, 'edit': edit, 'system_log_list': system_log_list, 'system_session_list': system_session_list, 'system_password_list': system_password_list, 'system_actdir_list': system_actdir_list, 'system_targro_list': system_targro_list, 'output_flag': output_flag, 'pass_flag': pass_flag, 'disabled_flag': settings.DISABLE_WHITE_BLACK_LIST, } data.update(request.user_config.get_templates_data(request)) logger.logic_log('LOSI00002', 'msg:%s, edit:%s, output:%s, pass:%s' % (msg, edit, output_flag, pass_flag), request=request) return render(request, 'system/system_conf_edit.html', data)
def create(self, json_str, request): """ [メソッド概要] DB作成処理 """ logger.logic_log('LOSI00001', 'json_str: %s' % (json_str), request=request) lang = request.user.get_lang_mode() error_flag = False error_msg = { 'zabbix_disp_name': '', 'protocol': '', 'hostname': '', 'port': '', 'username': '', 'password': '', 'rule_type_id': '', } now = datetime.datetime.now(pytz.timezone('UTC')) # 成功時データ response = { "status": "success", } try: rq = json_str #入力チェック error_flag = self._validate(rq, error_msg, request, 'add') if error_flag: raise UserWarning('validation error.') # パスワードを暗号化 cipher = AESCipher(settings.AES_KEY) encrypted_password = cipher.encrypt(rq['password']) # ZABBIXアダプタの追加 zabbix_adp = ZabbixAdapter( zabbix_disp_name=rq['zabbix_disp_name'], hostname=rq['hostname'], username=rq['username'], password=encrypted_password, protocol=rq['protocol'], port=rq['port'], rule_type_id=rq['rule_type_id'], last_update_user=request.user.user_name, last_update_timestamp=now, ) zabbix_adp.save(force_insert=True) # 保存したアダプタのadapter_idを取得 zabbix_adpid = zabbix_adp.zabbix_adapter_id # ZABBIX突合情報の保存 create_match_list = [] for data_object_id, zabbix_response_key in rq['match_list'].items( ): match = ZabbixMatchInfo( zabbix_adapter_id=zabbix_adpid, data_object_id=data_object_id, zabbix_response_key=zabbix_response_key, last_update_user=request.user.user_name, last_update_timestamp=now, ) create_match_list.append(match) ZabbixMatchInfo.objects.bulk_create(create_match_list) except ZabbixAdapter.DoesNotExist: logger.logic_log('LOSM07001', 'hostname: %s rule_type_id: %s' % (rq['hostname'], rq['rule_type_id']), request=request) response = { 'status': 'deleted', 'msg': get_message('MOSJA26127', lang), } except Exception as e: logger.logic_log('LOSI00005', traceback.format_exc(), request=request) response = { 'status': 'failure', 'msg': error_msg, # エラー詳細(エラーアイコンで出す) } logger.logic_log('LOSI00002', 'response=%s' % response, request=request) return response
def modify(request): """ [メソッド概要] システム設定のDB更新処理 """ logger.logic_log('LOSI00001', '[before_analyze_args]', request=request) no_output_ids = [ 'ADMINISTRATOR_PW', ] msg = {} error_txt = '' error_flag = False cipher = AESCipher(settings.AES_KEY) adlinkage_new = '' adlinkage_old = '' adlinkage_flg = 0 try: with transaction.atomic(): json_str = request.POST.get('json_str', None) if json_str is None: msg['alertMsg'] = get_message('MOSJA22014', request.user.get_lang_mode()) logger.user_log('LOSM09002', request=request) raise Exception() json_str = json.loads(json_str) if 'json_str' not in json_str: msg['alertMsg'] = get_message('MOSJA22014', request.user.get_lang_mode()) logger.user_log('LOSM09002', request=request) raise Exception() for data in json_str['json_str']: logger.logic_log( 'LOSI00003', 'id:%s, config_id:%s, val:%s' % (data['item_id'], data['config_id'], data['value'] if data['config_id'] not in no_output_ids else len(data['value'])), request=request) model_serializer = SystemSerializer() for data in json_str['json_str']: try: model_serializer.validate(data) except serializers.ValidationError as e: if data['config_id'] == "TARGET_GROUP_LIST": targetlist = {} for d in e.detail: targetlist[d] = e.detail[d] msg[data['config_id']] = targetlist else: for d in e.detail: msg[data['config_id']] = str(d) if len(msg) > 0: logger.user_log('LOSM09003', error_txt, request=request) raise Exception() item_id_info = { } #{ item_id : {'value'} } item_idをkeyにvalueを辞書型で格納 # 更新データを取得 for rq in json_str['json_str']: item_id_info[rq['item_id']] = rq[ 'value'] #item_idをkeyにvalueを格納 # 更新データをまとめてロック System.objects.select_for_update().filter( item_id__in=list(item_id_info.keys())) #更新処理 for key, value in sorted(item_id_info.items()): #item_idで昇順にソート system_data = System.objects.get(item_id=key) if system_data.maintenance_flag <= 0: logger.user_log('LOSM09008', system_data.config_id, system_data.maintenance_flag, request=request) msg['alertMsg'] = get_message('MOSJA22014', request.user.get_lang_mode()) raise Exception() if system_data.value != value: # 「メール通知種別:ログインID指定」のとき「既存のログインID」か確認 if system_data.config_id == 'NOTIFICATION_DESTINATION': if value != "": # フォームの入力値「input_login_list」を取得 input_login = value.split(',') input_login_list = list(set(input_login)) if 'administrator' in input_login_list: input_login_list.remove('administrator') # DBの値「db_login_id_list」を取得(マイナスユーザを除く) db_data = User.objects.values_list( 'user_id', 'login_id') db_login_id_list = [] for data in db_data: if data[0] > 1: db_login_id_list.append(data[1]) # ログインIDの登録 login_id_lists = [] error_ids = [] for input_login_id in input_login_list: if input_login_id not in db_login_id_list: error_ids.append(input_login_id) else: login_id_lists.append(str(input_login_id)) if len(error_ids) != 0: msg['NOTIFICATION_DESTINATION'] = get_message( 'MOSJA22036', request.user.get_lang_mode(), ids=error_ids) logger.user_log('LOSM09007', error_ids, request=request) raise Exception('validation error.') value = ','.join(login_id_lists) if system_data.config_id == 'ADMINISTRATOR_PW': if len(value) > 64: msg['ADMINISTRATOR_PW'] = get_message( 'MOSJA22007', request.user.get_lang_mode(), strConName=system_data.config_name) logger.user_log( 'LOSM09003', '%s: length %s' % (system_data.config_name, len(value)), request=request) raise Exception('validation error.') value = cipher.encrypt(value) if system_data.config_id == 'AD_LINKAGE_TIMER': adlinkage_old = system_data.value adlinkage_new = value if system_data.config_id == 'TARGET_GROUP_LIST': keylist = [] vallist = [] targetlist = {} for i in range(len(value)): if list(value[i].keys()) not in keylist: keylist.append(list(value[i].keys())) else: targetlist[i * 2] = get_message( 'MOSJA22024', request.user.get_lang_mode(), key=list(value[i].keys())) msg['TARGET_GROUP_LIST'] = targetlist logger.user_log('LOSM09004', request=request) if list(value[i].values()) not in vallist: vallist.append(list(value[i].values())) else: targetlist[i * 2 + 1] = get_message( 'MOSJA22024', request.user.get_lang_mode(), key=list(value[i].keys())) msg['TARGET_GROUP_LIST'] = targetlist logger.user_log('LOSM09005', request=request) if len(msg) > 0: raise Exception('validation error.') if system_data.config_id == 'ADCOLLABORATION' and system_data.value == '0' and value == '1': adlinkage_flg = 2 # 2:AD連携実施 if system_data.config_id == 'ADCOLLABORATION' and system_data.value == '1' and value == '0': ad_key_list = [ 'ADMINISTRATOR_USER', 'ADMINISTRATOR_PW', 'ACCESS_POINT', 'AD_LINKAGE_TIMER', 'CONNECTION_TIMEOUT', 'READ_TIMEOUT', 'AUTHSERVER_SEARCH_CHAR', 'TARGET_GROUP_LIST' ] for ad_key in ad_key_list: adcollabo_date = System.objects.get( config_id=ad_key) if adcollabo_date.config_id == 'AD_LINKAGE_TIMER': adlinkage_old = adcollabo_date.value if adcollabo_date.config_id == 'CONNECTION_TIMEOUT' or adcollabo_date.config_id == 'READ_TIMEOUT': adcollabo_date.value = '30' else: adcollabo_date.value = '' adcollabo_date.last_update_user = request.user.user_name adcollabo_date.last_update_timestamp = datetime.datetime.now( pytz.timezone('UTC')) adcollabo_date.save() adlinkage_flg = 1 # 1:AD連携解除 adlinkage_new = '' system_data.value = value system_data.last_update_user = request.user.user_name system_data.last_update_timestamp = datetime.datetime.now( pytz.timezone('UTC')) system_data.save() # 同一パスワード設定不可世代数変更時処理 if system_data.config_id == 'Pass_generate_manage': password_generation = int(value) user_list = User.objects.select_for_update().filter( disuse_flag='0') for user in user_list: uid = user.user_id pw_history_list = PasswordHistory.objects.filter( user_id=uid).order_by('last_update_timestamp') pw_history_list_length = len(pw_history_list) if password_generation < pw_history_list_length: # パスワード履歴の削除 del_count = pw_history_list_length - password_generation loop_count = 0 for pw_history in pw_history_list: if loop_count < del_count: pw_history.delete() loop_count += 1 else: break # AD連携タイマー設定 if adlinkage_new != adlinkage_old and getattr( settings, 'EVTIMER_SERVER', None): try: if adlinkage_new: adlinkage_new = adlinkage_new.replace(',', '_') else: adlinkage_new = 'None' query = urllib.parse.quote(adlinkage_new) url = settings.EVTIMER_SERVER['path'] % ( settings.EVTIMER_SERVER['type'], 'AD_LINKAGE_TIMER', query) url = '%s//%s/%s' % (settings.EVTIMER_SERVER['protocol'], settings.EVTIMER_SERVER['location'], url) te_req = urllib.request.Request(url) with urllib.request.urlopen(te_req) as te_resp: logger.logic_log('LOSI09001', te_resp.status, request=request) except urllib.error.HTTPError as e: msg['alertMsg'] = get_message('MOSJA22030', request.user.get_lang_mode()) logger.system_log('LOSM09006', e.code, request=request) raise Exception() except urllib.error.URLError as e: msg['alertMsg'] = get_message('MOSJA22030', request.user.get_lang_mode()) logger.system_log('LOSM09006', e.reason, request=request) raise Exception() except Exception as e: msg['alertMsg'] = get_message('MOSJA22030', request.user.get_lang_mode()) raise Exception() except Exception as e: if 'validation error.' != str(e): logger.logic_log('LOSM00001', traceback.format_exc(), request=request) error_flag = True adlinkage_flg = 0 logger.system_log('LOSM09006', traceback.format_exc(), request=request) # 結果レスポンス response_data = {} # 異常処理 if error_flag == True: response_data['status'] = 'failure' response_data['error_msg'] = msg response_data['error_txt'] = error_txt # 正常処理 else: response_data['status'] = 'success' response_data['adflg'] = adlinkage_flg response_data['redirect_url'] = reverse('web_app:system:system_conf') response_json = json.dumps(response_data, ensure_ascii=False) logger.logic_log('LOSI00002', 'response_data: %s' % response_json, request=request) return HttpResponse(response_json, content_type="application/json")
def index(request): """ [メソッド概要] """ logger.logic_log('LOSI00001', 'None', request=request) msg = '' lang = request.user.get_lang_mode() edit_mode = False decision_table_list = [] dtabr = DecisionTableAuthByRule(request) hasUpdateAuthority = True if dtabr.auth_create_rules == defs.ALLOWED_MENTENANCE else False object_flg = 0 dt_rule_ids_disp = [] dt_rule_ids_edit = [] dt_rule_ids_disp.extend(dtabr.get_modify_rules([defs.VIEW_ONLY, defs.ALLOWED_MENTENANCE])) dt_rule_ids_edit.extend(dtabr.get_modify_rules(defs.ALLOWED_MENTENANCE)) try: #==================取得=================# filters = {} if request and request.method == 'POST': filters = request.POST.get('filters', None) filters = json.loads(filters) # 参照以上の権限を持つルール種別IDをフィルター条件に追加 if 'rule_type_id' not in filters: filters['rule_type_id'] = {} if 'LIST' not in filters['rule_type_id']: filters['rule_type_id']['LIST'] = [] filters['rule_type_id']['LIST'].extend(dt_rule_ids_disp) # ディシジョンテーブル情報を取得 decision_table_list = _select(filters) msg = get_message('MOSJA11000', lang) if not decision_table_list else '' # ディシジョンテーブル情報に操作権限情報を追加 for dt in decision_table_list: auth_val = dtabr.get_auth_table_val(dt['pk']) dt.update( { 'allow_view' : dtabr.allow_view(auth_val, dt['pk']), 'allow_download' : dtabr.allow_download(auth_val, dt['pk']), 'allow_create' : dtabr.allow_create(auth_val, dt['pk']), 'allow_copy' : dtabr.allow_copy(auth_val, dt['pk']), 'allow_update' : dtabr.allow_update(auth_val, dt['pk']), 'allow_delete' : dtabr.allow_delete(auth_val, dt['pk']), } ) group_list, group_list_default = get_group_list(dt_rule_ids_disp) add_group_information(decision_table_list, group_list) # 条件名の言語別変換処理 ce = ConditionalExpression.objects.all() for c in ce: c.operator_name = get_message(c.operator_name, lang, showMsgId=False) #==================編集モード判定=================# if request and request.method == 'POST': edit_mode = request.POST.get('edit_mode', False) except Exception as e: msg = get_message('MOSJA11013', lang) logger.logic_log('LOSI00005', traceback.format_exc(), request=request) data = { 'msg' : msg, 'decision_table_list' : decision_table_list, 'conditional_expression' : ce, 'object_list' : get_data_object(dt_rule_ids_disp), 'edit_mode' : edit_mode, 'hasUpdateAuthority' : hasUpdateAuthority, 'rule_ids_disp' : dt_rule_ids_disp, 'rule_ids_edit' : dt_rule_ids_edit, 'object_flg' : object_flg, 'group_list' : group_list_default, } data.update(request.user_config.get_templates_data(request)) logger.logic_log('LOSI00002', 'edit_mode: %s, dt_count: %s' % (edit_mode, len(decision_table_list)), request=request) return render(request,'rule/decision_table.html',data)
def create(request): """ [メソッド概要] メールテンプレートの新規作成 """ logger.logic_log('LOSI00001', 'user_id: %s' % (request.user.user_id)) error_msg = '' error_flag = False lang = request.user.get_lang_mode() try: with transaction.atomic(): # json形式判定 json_str = json.loads(request.POST.get('json_str', '{}')) logger.user_log('LOSI16003', "json_str", json_str) if 'json_str' not in json_str: logger.user_log('LOSM16001', 'json_str', 'user_id: %s' % (request.user.user_id)) raise Http404 rq = json_str['json_str'] data = { 'mail_template_name': rq.get('mail_template_name', ''), 'subject': rq.get('subject', ''), 'content': rq.get('content', ''), 'destination': rq.get('destination', ''), 'cc': rq.get('cc', ''), 'bcc': rq.get('bcc', ''), } f = MailTemplateForm(data, auto_id=False) # 入力値チェック if len(f.errors.items()): error_msg = {} for content, validate_list in f.errors.items(): error_msg[content] = '\n'.join( [get_message(v, lang) for v in validate_list]) response_json = json.dumps({ 'status': 'failure', 'error_msg': error_msg, }) logger.user_log('LOSM05004', 'error_msg: %s' % error_msg, request=request) logger.logic_log('LOSI00002', 'json_str: %s' % json_str, request=request) return HttpResponse(response_json, content_type="application/json") MailTemplate( mail_template_name=f.cleaned_data['mail_template_name'], subject=f.cleaned_data['subject'], content=f.cleaned_data['content'], destination=f.cleaned_data['destination'], cc=f.cleaned_data['cc'], bcc=f.cleaned_data['bcc'], last_update_user=request.user.user_name, last_update_timestamp=datetime.datetime.now( pytz.timezone('UTC')), ).save(force_insert=True) except Exception as e: error_flag = True logger.logic_log('LOSI00005', traceback.format_exc()) error_msg = get_message('MOSJA24015', request.user.get_lang_mode()) # 結果レスポンス response_data = {'status': 'success'} if error_flag: response_data['status'] = 'failure' response_data['error_msg'] = error_msg response_json = json.dumps(response_data) logger.logic_log('LOSI00002', 'response_json: %s' % (response_json), request=request) return HttpResponse(response_json, content_type="application/json")
def modify_detail(request, rule_type_id): """ [メソッド概要] データ更新処理(詳細画面) POSTリクエストのみ """ logger.logic_log('LOSI00001', 'RuleTypeID: %s' % (rule_type_id), request=request) msg = '' error_flag = False error_msg = {} error_msg_top = {} response_data = {} now = datetime.datetime.now(pytz.timezone('UTC')) try: with transaction.atomic(): rule_type = RuleType.objects.select_for_update().get(rule_type_id=rule_type_id) # ルール別アクセス権限チェック dtabr = DecisionTableAuthByRule(request) if not dtabr.allow_update(rule_type_id=int(rule_type_id)): rule_ids = dtabr.get_modify_rules(defs.MENU_CATEGORY.ALLOW_ADMIN) raise OASEError('MOSJA11022', 'LOSI14001', msg_params={'opename':'更新', 'rule_type_name':rule_type.rule_type_name}, log_params=['Update', rule_type_id, rule_ids]) # アクセスチェック add_record = request.POST.get('add_record', "{}") add_record = json.loads(add_record) # TODO 後でログIDふり直す log_msg = 'posted add_record: %s' % (add_record) logger.logic_log('LOSI11000', log_msg, request=request) if 'table_info' not in add_record: logger.user_log('LOSM14002', 'table_info', request=request) error_msg = get_message('MOSJA11010', request.user.get_lang_mode()) raise Exception('不正なリクエストです request=%s' % (add_record)) # キーの存在確認 if not {'rule_type_name', 'summary'} == set(add_record['table_info'].keys()): logger.user_log('LOSM14001', add_record['table_info'].keys(), ['rule_type_name', 'summary'], request=request) error_msg = get_message('MOSJA11010', request.user.get_lang_mode()) raise Exception('不正なリクエストです request=%s' % (add_record)) if 'group_list' not in add_record: logger.user_log('LOSM14001', add_record.keys(), 'group_list', request=request) error_msg = get_message('MOSJA11010', request.user.get_lang_mode()) raise Exception('不正なリクエストです request=%s' % (add_record)) # バリデーションチェック info = add_record['table_info'] notification = add_record['notificationInfo'] serializer = RuleTypeSerializer() try: serializer.validate_rule_type_name(info['rule_type_name']) serializer.validate_summary(info['summary']) serializer.validate_mail_address(notification['mail_address']) select_object = RuleType.objects.filter(rule_type_name=info['rule_type_name']) if len(select_object) == 1 and rule_type_id != select_object[0].rule_type_id: logger.user_log('LOSM14005', info['rule_type_name'], rule_type_id, select_object[0].rule_type_id, request=request) error_msg = get_message('MOSJA00005', request.user.get_lang_mode()).replace('\\n', '\n') error_msg_top['rule_type_name'] = get_message('MOSJA11009', request.user.get_lang_mode()) raise Exception('ルール種別名称が重複しています。 request=%s' % (add_record)) except serializers.ValidationError as e: error_msg = get_message('MOSJA00005', request.user.get_lang_mode()) error_msg = error_msg.replace('\\n', '\n') log_txt = '' logger_txt = '' for d1, d2 in zip(e.get_full_details(), e.detail): k = '%s' % (d1['code']) v = str(d2) + ' (MOSJA11011)' error_msg_top[k] = v if logger_txt: logger_txt += ', ' logger_txt += '%s:%s' % (d1['code'], str(d2)) if log_txt: log_txt += '\n' log_txt += v logger.user_log('LOSM14003', logger_txt, request=request) raise Exception(log_txt) # データ更新 RuleType.objects.filter(rule_type_id=rule_type_id).update( rule_type_name = info['rule_type_name'], summary = info['summary'], unknown_event_notification = notification['unknown_event_notification'], mail_address = notification['mail_address'], last_update_timestamp = now, last_update_user = request.user.user_name ) # アクセス権限データ更新 grlock = Group.objects.select_for_update().filter(group_id__gt=defs.GROUP_DEFINE.GROUP_ID_ADMIN) group_ids = list(grlock.values_list('group_id', flat=True)) perm_rset = list(AccessPermission.objects.filter(group_id__in=group_ids, menu_id__in=defs.MENU_BY_RULE, rule_type_id=rule_type_id).values('group_id', 'menu_id', 'rule_type_id', 'permission_type_id')) bulk_list = [] # グループ管理に登録されているグループIDのみを更新対象とする for group_id in group_ids: for gr in add_record['group_list']: if group_id != int(gr['group_id']): continue perm_list = gr['permission'] # 要求アクセス権限種別が、DBに登録済みか否かチェック for perm in perm_list: menu_id = int(perm['menu_id']) type_id = int(perm['permission_type_id']) # DB登録済みの場合は更新 for rs in perm_rset: if group_id == rs['group_id'] and menu_id == rs['menu_id'] and rule_type_id == rs['rule_type_id']: if type_id != rs['permission_type_id']: AccessPermission.objects.filter(group_id=group_id, menu_id=menu_id, rule_type_id=rule_type_id).update( permission_type_id = type_id, last_update_timestamp = now, last_update_user = request.user.user_name ) break # DB未登録の場合は追加リストへ保持 else: acperm = AccessPermission( group_id = group_id, menu_id = menu_id, rule_type_id = rule_type_id, permission_type_id = type_id, last_update_timestamp = now, last_update_user = request.user.user_name ) bulk_list.append(acperm) break # 要求にないグループIDは追加リストへ保持 else: for menu_id in defs.MENU_BY_RULE: acperm = AccessPermission( group_id = group_id, menu_id = menu_id, rule_type_id = rule_type_id, permission_type_id = defs.NO_AUTHORIZATION, last_update_timestamp = now, last_update_user = request.user.user_name ) bulk_list.append(acperm) # TODO 後でログIDふり直す log_msg = 'update count: %s' % len(bulk_list) logger.logic_log('LOSI11000', log_msg, request=request) # 追加リストがあればDBに一括挿入 if len(bulk_list) > 0: AccessPermission.objects.bulk_create(bulk_list) # 正常処理 response_data['status'] = 'success' response_data['redirect_url'] = '/oase_web/rule/decision_table' except OASEError as e: if e.log_id: if e.arg_list and isinstance(e.arg_list, list): logger.logic_log(e.log_id, *(e.arg_list), request=request) else: logger.logic_log(e.log_id, request=request) if e.msg_id: if e.arg_dict and isinstance(e.arg_dict, dict): msg = get_message(e.msg_id, request.user.get_lang_mode(), **(e.arg_dict)) else: msg = get_message(e.msg_id, request.user.get_lang_mode()) response_data['status'] = 'failure' response_data['error_msg'] = msg if msg else error_msg response_data['error_top'] = error_msg_top except Exception as e: # 異常処理 if not error_msg: tb = sys.exc_info()[2] error_msg = '%s' % (e.with_traceback(tb)) logger.logic_log('LOSI00005', traceback.format_exc(), request=request) response_data['status'] = 'failure' response_data['error_msg'] = error_msg response_data['error_top'] = error_msg_top logger.logic_log('LOSI00002', 'status: %s' % (response_data['status']), request=request) response_json = json.dumps(response_data) return HttpResponse(response_json, content_type="application/json")
def modify(request): """ [メソッド概要] データ更新処理 """ #====アカウント追加時の初期値====# disp = defs.DISP_MODE.DEFAULT lang = defs.LANG_MODE.JP msg = '' error_msg = '' error_msg_user_name = '' error_msg_login_id = '' error_msg_mail = '' error_msg_user_group = '' json_str = request.POST.get('json_str',None) logger.logic_log('LOSI00001', 'json_str: %s' % json_str, request=request) if json_str is None: msg = get_message('MOSJA24001', request.user.get_lang_mode()) logger.user_log('LOSM05002', request=request) raise Http404 try: with transaction.atomic(): json_str = json.loads(json_str) #=================ロック=============================# # リクエストされたグループIDを取得 group_ids_req = [] for rq in json_str['insertInfo']: for gid in rq['add_group_id']: if len(gid) != 0: gid = int(gid) if gid not in group_ids_req: group_ids_req.append(gid) for rq in json_str['updateInfo']: for gid in rq['add_group_id']: if len(gid) != 0: gid = int(gid) if gid not in group_ids_req: group_ids_req.append(gid) for gid in rq['del_group_id']: if len(gid) != 0: gid = int(gid) if gid not in group_ids_req: group_ids_req.append(gid) group_ids_req.sort() # グループ管理をロック group_ids_db = [] for gid in group_ids_req: gr = Group.objects.select_for_update().filter(group_id=gid) if len(gr) <= 0: logger.user_log('LOSM05005', 'group_id: %s' % gid , request=request) continue group_ids_db.append(gr[0].group_id) group_ids_diff = list(set(group_ids_req) ^ set(group_ids_db)) # 更新レコードのリスト作成(administrator除く) update_info = [] update_userid_list = [] for rq in json_str['updateInfo']: if int(rq['user_id']) != 1: update_info.append(rq) update_userid_list.append(int(rq['user_id'])) else: logger.user_log('LOSM05008', 'update_user_info: %s ' % rq , request=request) # 削除レコードのリスト作成(administrator除く) del_info = [] del_userid_list = [] for rq in json_str['delInfo']: if int(rq['user_id']) != 1: del_info.append(rq) del_userid_list.append(int(rq['user_id'])) else: logger.user_log('LOSM05008', 'delete_user_info: %s ' % rq , request=request) # 更新/削除ユーザをロック mod_user_list = update_userid_list + del_userid_list mod_user_list.sort() for m in mod_user_list: User.objects.select_for_update().filter(pk=m) #=================チェック===========================# # 入力データチェック データ不正であればresponseを返す error_flag, error_msg_user_name, error_msg_login_id, error_msg_mail, error_msg_user_group = _validate(json_str, group_ids_diff, request=request) if error_flag: response_json = json.dumps({ 'status' : 'failure', 'error_msg_user_name' : error_msg_user_name, 'error_msg_login_id' : error_msg_login_id, 'error_msg_mail' : error_msg_mail, 'error_msg_user_group': error_msg_user_group, 'msg' : '', }) logger.user_log('LOSM05004', 'error_msg_user_name: %s' % error_msg_user_name, request=request) logger.user_log('LOSM05004', 'error_msg_login_id: %s' % error_msg_login_id, request=request) logger.user_log('LOSM05004', 'error_msg_mail: %s' % error_msg_mail, request=request) logger.user_log('LOSM05004', 'error_msg_user_group: %s' % error_msg_user_group, request=request) logger.logic_log('LOSI00002', 'json_str: %s' % json_str, request=request) return HttpResponse(response_json, content_type="application/json") #=================更新===============================# update_list = [] del_usergroup_list = {} add_usergroup_list = {} user_info = {} logger.user_log('LOSI05000', update_info, request=request) for rq in update_info: user_info[int(rq['user_id'])] = { 'user_name': rq['user_name'], 'login_id' : rq['login_id'], 'mail' : rq['mail'], 'add_group_id' : rq['add_group_id'], 'del_group_id' : rq['del_group_id'], } users = User.objects.filter(pk__in=update_userid_list, disuse_flag='0') for u in users: u.user_name = user_info[u.pk]['user_name'] u.login_id = user_info[u.pk]['login_id'] u.mail_address = user_info[u.pk]['mail'] u.last_update_timestamp = datetime.datetime.now(pytz.timezone('UTC')) u.last_update_user = request.user.user_name add_usergroup_list[u.user_id] = [int(s) for s in user_info[u.pk]['add_group_id']] del_usergroup_list[u.user_id] = [int(s) for s in user_info[u.pk]['del_group_id']] update_list.append(u) for u in update_list: u.save() if u.pk in add_usergroup_list: for g in add_usergroup_list[u.pk]: ug = UserGroup( user_id = u.pk, group_id = g, last_update_user = request.user.user_name, ) ug.save(force_insert=True) if u.pk in del_usergroup_list: UserGroup.objects.filter(user_id=u.pk, group_id__in=del_usergroup_list[u.pk]).delete() logger.user_log('LOSI05001', update_info, request=request) #=================削除===============================# logger.user_log('LOSI05002', del_info, request=request) User.objects.filter(pk__in=del_userid_list).delete() UserGroup.objects.filter(user_id__in=del_userid_list).delete() PasswordHistory.objects.filter(user_id__in=del_userid_list).delete() logger.user_log('LOSI05003', del_info, request=request) #==================新規追加===============================# insert_list = [] insert_usergroup_list = {} insert_list_pwhist = [] create_list = [] create_err_flag = False ttl_hour = int(System.objects.get(config_id='INITIAL_PASS_VALID_PERIOD').value) for rq in json_str['insertInfo']: # ランダムパスワード生成 password = RandomPassword().get_password() password_hash = Common.oase_hash(password) password_expire = None if ttl_hour == 0: # datetime supportで日時がずれoverflowするため9000年とした password_expire = datetime.datetime.strptime('9000-12-31 23:59:59', '%Y-%m-%d %H:%M:%S') else: password_expire = datetime.datetime.now(pytz.timezone('UTC')) + datetime.timedelta(hours=ttl_hour) user = User( user_name = rq['user_name'], login_id = rq['login_id'], mail_address = rq['mail'], password = password_hash, disp_mode_id = disp, lang_mode_id = lang, password_count = 0, password_expire = password_expire, last_update_user = request.user.user_name, last_update_timestamp = datetime.datetime.now(pytz.timezone('UTC')), ) insert_list.append(user) insert_usergroup_list[rq['login_id']] = rq['add_group_id'] create_info = { 'name' : rq['user_name'], 'mail' : rq['mail'], 'pass' : password, 'id' : rq['login_id'], } create_list.append(create_info) Pass_generate_manage = int(System.objects.get(config_id='Pass_generate_manage').value) logger.user_log('LOSI05004', json_str['insertInfo'], Pass_generate_manage, request=request) # create処理 for i in insert_list: i.save(force_insert=True) # userが登録できたらusergroupを登録 for j in insert_usergroup_list[i.login_id]: usergroup = UserGroup( user_id = i.pk, group_id = j, last_update_user = request.user.user_name, ) usergroup.save(force_insert=True) if Pass_generate_manage > 0: passwd_history = PasswordHistory( user_id = i.user_id, password = password_hash, last_update_timestamp = datetime.datetime.now(pytz.timezone('UTC')), last_update_user = request.user.user_name, ) insert_list_pwhist.append(passwd_history) if len(insert_list_pwhist) > 0: PasswordHistory.objects.bulk_create(insert_list_pwhist) logger.user_log('LOSI05005', json_str['insertInfo'], Pass_generate_manage, request=request) # 署名用URL生成 req_protcol = request.scheme req_host = request.get_host() login_url = reverse('web_app:top:login') inquiry_url = reverse('web_app:top:inquiry') login_url = '%s://%s%s' % (req_protcol, req_host, login_url) inquiry_url = '%s://%s%s' % (req_protcol, req_host, inquiry_url) # 新規登録ユーザに初期ユーザIDをメールで通知 msg_ids = [] if len(create_list) > 0 and create_err_flag == False: smtp = OASEMailSMTP(request=request) for u in create_list: user_mail = OASEMailInitialLoginID( request.user.mail_address, u['mail'], u['name'], u['id'], ttl_hour, inquiry_url, login_url ) send_result = smtp.send_mail(user_mail) logger.logic_log('LOSI05006', u['mail'], u['id'], request=request) if send_result and send_result not in msg_ids: msg_ids.append(send_result) send_result = get_message(send_result, request.user.get_lang_mode()) error_flag = True if msg: msg += '\n' msg += send_result # 新規登録ユーザに初期パスワードをメールで通知 if len(create_list) > 0 and create_err_flag == False: smtp = OASEMailSMTP(request=request) for u in create_list: user_mail = OASEMailInitialPasswd( request.user.mail_address, u['mail'], u['name'], u['pass'], ttl_hour, inquiry_url, login_url ) send_result = smtp.send_mail(user_mail) logger.logic_log('LOSI05007', u['mail'], request=request) if send_result and send_result not in msg_ids: msg_ids.append(send_result) send_result = get_message(send_result, request.user.get_lang_mode()) error_flag = True if msg: msg += '\n' msg += send_result except Exception as e: error_flag = True logger.logic_log('LOSM05003', 'json_str: %s, traceback: %s' % (json_str, traceback.format_exc()), request=request) # 結果レスポンス response_data = {} # 異常処理 if error_flag == True: response_data['status'] = 'failure' response_data['error_msg'] = error_msg response_data['msg'] = msg logger.logic_log('LOSM05007', 'json_str: %s, response_data: %s, traceback: %s' % (json_str, response_data, traceback.format_exc()), request=request) # 正常処理 else: response_data['status'] = 'success' response_data['redirect_url'] = '/oase_web/system/user' response_json = json.dumps(response_data) logger.logic_log('LOSI00002', 'json_str: %s, response_json: %s' % (json_str, response_json), request=request) return HttpResponse(response_json, content_type="application/json")
def data(request): """ [メソッド概要] (フィルタ実行時の)データ取得 """ logger.logic_log('LOSI00001', 'None', request=request) #メンテナンス権限チェック dtabr = DecisionTableAuthByRule(request) edit = True if dtabr.auth_create_rules == defs.ALLOWED_MENTENANCE else False filter_flg = False dt_rule_ids_disp = [] dt_rule_ids_edit = [] dt_rule_ids_disp.extend(dtabr.get_modify_rules([defs.VIEW_ONLY, defs.ALLOWED_MENTENANCE])) dt_rule_ids_edit.extend(dtabr.get_modify_rules(defs.ALLOWED_MENTENANCE)) # postパラメータチェック filters = request.POST.get('filters',"{}") filters = json.loads(filters) if ('rule_type_name' not in filters or 'last_update_user' not in filters or 'last_update_timestamp' not in filters): logger.user_log('LOSM14001', filters.keys(), ['rule_type_name', 'last_update_user', 'last_update_timestamp'], request=request) msg = get_message('MOSJA11013', request.user.get_lang_mode()) raise Http404 #フィルター条件1つ以上あればフィルタフラグを立てる if (len(filters['rule_type_name']) or len(filters['last_update_user']) or len(filters['last_update_timestamp']) ): filter_flg = True # 参照以上の権限を持つルール種別IDをフィルター条件に追加 if 'rule_type_id' not in filters: filters['rule_type_id'] = {} if 'LIST' not in filters['rule_type_id']: filters['rule_type_id']['LIST'] = [] filters['rule_type_id']['LIST'].extend(dt_rule_ids_disp) # ディシジョンテーブル情報を取得 decision_table_list = _select(filters) msg = get_message('MOSJA11000', request.user.get_lang_mode()) if not decision_table_list else '' # ディシジョンテーブル情報に操作権限情報を追加 for dt in decision_table_list: auth_val = dtabr.get_auth_table_val(dt['pk']) dt.update( { 'allow_view' : dtabr.allow_view(auth_val, dt['pk']), 'allow_download' : dtabr.allow_download(auth_val, dt['pk']), 'allow_create' : dtabr.allow_create(auth_val, dt['pk']), 'allow_copy' : dtabr.allow_copy(auth_val, dt['pk']), 'allow_update' : dtabr.allow_update(auth_val, dt['pk']), 'allow_delete' : dtabr.allow_delete(auth_val, dt['pk']), } ) data = { 'msg' : msg, 'edit_mode' : edit, 'decision_table_list' : decision_table_list, 'rule_ids_disp' : dt_rule_ids_disp, 'rule_ids_edit' : dt_rule_ids_edit, } data.update(request.user_config.get_templates_data(request)) logger.logic_log('LOSI00002', 'edit_mode: %s, dt_count: %s' % (edit, len(decision_table_list)), request=request) return render(request,'rule/decision_table_data.html',data)
def _validate(json_str, group_ids_diff=[], request=None): """ [メソッド概要] 入力チェック [引数] request :logger.logic_logでuserId sessionIDを表示するために使用する [戻り値] error_flag error_msg_user_name error_msg_login_id error_msg_mail error_msg_user_group """ error_flag = False error_msg_user_name = {} error_msg_login_id = {} error_msg_mail = {} error_msg_user_group = {} chk_login = [] chk_mail = [] loginID_pattern = r'^[a-zA-Z0-9.@_\-]+$' mail_pattern = r'^([\w!#$%&\'*+\-\/=?^`{|}~]+(\.[\w!#$%&\'*+\-\/=?^`{|}~]+)*|"([\w!#$%&\'*+\-\/=?^`{|}~. ()<>\[\]:;@,]|\\[\\"])+")@(([a-zA-Z\d\-]+\.)+[a-zA-Z]+|\[(\d{1,3}(\.\d{1,3}){3}|IPv6:[\da-fA-F]{0,4}(:[\da-fA-F]{0,4}){1,5}(:\d{1,3}(\.\d{1,3}){3}|(:[\da-fA-F]{0,4}){0,2}))\])$' emo_chk = UnicodeCheck() logger.logic_log('LOSI00001', 'json_str: %s' % json_str, request=request) # jsonの形式チェック if {'insertInfo','updateInfo','delInfo'} != set(list(json_str.keys())): logger.user_log('LOSM05002', request=request) raise TypeError( 'json_strの形式不正') loginID_repatter = re.compile(loginID_pattern) mail_repatter = re.compile(mail_pattern) for k,v in json_str.items(): for rq in v: # 削除の場合は飛ばす if k == 'delInfo': continue error_msg_user_name[rq['row_id']] = '' error_msg_login_id[rq['row_id']] = '' error_msg_mail[rq['row_id']] = '' error_msg_user_group[rq['row_id']] = '' if 'user_name' in rq and len(rq['user_name']) == 0: error_msg_user_name[rq['row_id']] += get_message('MOSJA24005', request.user.get_lang_mode()) + '\n' if 'login_id' in rq and len(rq['login_id']) == 0: error_msg_login_id[rq['row_id']] += get_message('MOSJA24006', request.user.get_lang_mode()) + '\n' if 'mail' in rq and len(rq['mail']) == 0: error_msg_mail[rq['row_id']] += get_message('MOSJA24007', request.user.get_lang_mode()) + '\n' if k == 'insertInfo': if 'add_group_id' not in rq: error_msg_user_group[rq['row_id']] += get_message('MOSJA24008', request.user.get_lang_mode()) + '\n' if 'add_group_id' in rq: for gid in rq['add_group_id']: if len(gid) == 0: error_msg_user_group[rq['row_id']] += get_message('MOSJA24008', request.user.get_lang_mode()) + '\n' break gid = int(gid) if gid in group_ids_diff: error_msg_user_group[rq['row_id']] += get_message('MOSJA24016', request.user.get_lang_mode()) + '\n' break if 'del_group_id' in rq: for gid in rq['del_group_id']: gid = int(gid) if gid in group_ids_diff: error_msg_user_group[rq['row_id']] += get_message('MOSJA24019', request.user.get_lang_mode()) + '\n' break if 'user_name' in rq and len(rq['user_name']) > 64: error_msg_user_name[rq['row_id']] += get_message('MOSJA24011', request.user.get_lang_mode()) + '\n' if 'login_id' in rq and len(rq['login_id']) > 32: error_msg_login_id[rq['row_id']] += get_message('MOSJA24012', request.user.get_lang_mode()) + '\n' if 'mail' in rq and len(rq['mail']) > 256: error_msg_mail[rq['row_id']] += get_message('MOSJA24013', request.user.get_lang_mode()) + '\n' if chk_login.count(rq['login_id']) > 0: error_msg_login_id[rq['row_id']] += get_message('MOSJA24017', request.user.get_lang_mode()) + '\n' # user_name絵文字チェック value_list = emo_chk.is_emotion(rq['user_name']) if len(value_list) > 0: error_msg_user_name[rq['row_id']] += get_message('MOSJA24022', request.user.get_lang_mode(), strConName='ユーザ名') + '\n' # login_id絵文字チェック value_list = emo_chk.is_emotion(rq['login_id']) if len(value_list) > 0: error_msg_login_id[rq['row_id']] += get_message('MOSJA24022', request.user.get_lang_mode(), strConName='ログインID') + '\n' # mail絵文字チェック value_list = emo_chk.is_emotion(rq['mail']) if len(value_list) > 0: error_msg_mail[rq['row_id']] += get_message('MOSJA24022', request.user.get_lang_mode(), strConName='メールアドレス') + '\n' else: duplication = User.objects.filter(login_id=rq['login_id']) if len(duplication) == 1 and int(rq['user_id']) != duplication[0].user_id: error_msg_login_id[rq['row_id']] += get_message('MOSJA24017', request.user.get_lang_mode()) + '\n' if chk_mail.count(rq['mail']) > 0: error_msg_mail[rq['row_id']] += get_message('MOSJA24018', request.user.get_lang_mode()) + '\n' else: duplication = User.objects.filter(mail_address=rq['mail']) if len(duplication) == 1 and int(rq['user_id']) != duplication[0].user_id: error_msg_mail[rq['row_id']] += get_message('MOSJA24018', request.user.get_lang_mode()) + '\n' if 'login_id' in rq and len(rq['login_id']) != 0: re_obj = loginID_repatter.match(rq['login_id']) if not re_obj: error_msg_login_id[rq['row_id']] += get_message('MOSJA24021', request.user.get_lang_mode()) + '\n' if 'mail' in rq and len(rq['mail']) != 0: re_obj = mail_repatter.match(rq['mail']) if not re_obj: error_msg_mail[rq['row_id']] += get_message('MOSJA24014', request.user.get_lang_mode()) + '\n' if len(error_msg_user_name[rq['row_id']]) > 0: error_flag = True elif len(error_msg_login_id[rq['row_id']]) > 0: error_flag = True elif len(error_msg_mail[rq['row_id']]) > 0: error_flag = True elif len(error_msg_user_group[rq['row_id']]) > 0: error_flag = True chk_login.append(rq['login_id']) chk_mail.append(rq['mail']) logger.logic_log('LOSI00002', 'error_flag: %s' % error_flag, request=request) return error_flag, error_msg_user_name, error_msg_login_id, error_msg_mail, error_msg_user_group
def select(request): """ [メソッド概要] メニューグループ:メニューのプルダウンリスト作成処理 """ logger.logic_log('LOSI00001', 'None', request=request) msg = '' try: ita_driver_id = request.POST.get('ita_driver_id', None) version = request.POST.get('version', None) # パラメーターチェック if ita_driver_id is None or version is None: msg = get_message('MOSJA27310', request.user.get_lang_mode()) logger.user_log('LOSM27002', ita_driver_id, version, request=request) raise Exception() ita_driver_id = int(ita_driver_id) version = int(version) # リクエストデータの妥当性チェック if ita_driver_id <= 0: msg = get_message('MOSJA27310', request.user.get_lang_mode()) logger.user_log('LOSM27003', ita_driver_id, request=request) raise Exception() # インストールドライバー取得 rcnt = ActionType.objects.filter(driver_type_id=defs.ITA, disuse_flag='0').count() if rcnt <= 0: logger.user_log('LOSI27000', defs.ITA, request=request) raise Http404 rset = DriverType.objects.filter(driver_type_id=defs.ITA, driver_major_version=version) drv_names = list(rset.values_list('name', flat=True)) if len(drv_names) <= 0: logger.system_log('LOSM27000', defs.ITA, version, request=request) raise Http404 # バージョンが1以上の場合は、ドライバー名にバージョン番号を付与 drv_name = drv_names[0].capitalize() if version > 1: drv_name = '%s%s' % (drv_name, version) # ITAメニュー名称を取得 module_name = '%sMenuName' % (drv_name) # モジュール名からアクション設定モジュールを取得 module = import_module('web_app.models.ITA_models') ItaMenuName = getattr(module, module_name, None) if not ItaMenuName: logger.user_log('LOSI27001', module_name, request=request) raise Http404 # データ取得処理 menu_dict = ItaMenuName.objects.filter(ita_driver_id=ita_driver_id).values( 'menu_group_id', 'menu_id', 'menu_group_name', 'menu_name') # データ加工処理 menu_info = {} menu_ids = [] for menu in menu_dict: value = '%s:%s:%s:%s' % (menu['menu_group_id'], menu['menu_group_name'], menu['menu_id'], menu['menu_name']) menu_info[menu['menu_id']] = value except Http404: raise Http404 except Exception as e: # 異常 logger.logic_log('LOSI00005', traceback.format_exc(), request=request) if msg == '': msg = get_message('MOSJA27330', request.user.get_lang_mode()) response = {} response['status'] = 'failure' response['msg'] = msg response_json = json.dumps(response) return HttpResponse(response_json, content_type="application/json") # 正常 response = {} response['status'] = 'success' response['menu_info'] = menu_info response_json = json.dumps(response) logger.logic_log('LOSI00002', 'None', request=request) return HttpResponse(response_json, content_type="application/json")
def modify(request): """ [メソッド概要] グループのDB更新処理 """ logger.logic_log('LOSI00001', 'None', request=request) msg = '' error_msg = {} now = datetime.datetime.now(pytz.timezone('UTC')) try: with transaction.atomic(): json_str = json.loads(request.POST.get('json_str', '{}')) if 'json_str' not in json_str: msg = get_message('MOSJA23019', request.user.get_lang_mode(), showMsgId=False) logger.user_log('LOSM04000', 'json_str', request=request) raise Exception() # 更新前にレコードロック group_update_list = [ rq['group_id'] for rq in json_str['json_str'] if int(rq['ope']) in (defs.DABASE_OPECODE.OPE_UPDATE, defs.DABASE_OPECODE.OPE_DELETE) ] Group.objects.select_for_update().filter(pk__in=group_update_list) error_flag, error_msg = _validate(json_str['json_str'], request) if error_flag: raise Exception('validation error.') # 更新データ作成 group_id_list_reg = [] group_id_list_mod = [] sorted_data = sorted(json_str['json_str'], key=lambda x: x['group_id']) upd_data = list(filter(lambda x: int(x['ope']) == defs.DABASE_OPECODE.OPE_UPDATE, sorted_data)) del_data = list(filter(lambda x: int(x['ope']) == defs.DABASE_OPECODE.OPE_DELETE, sorted_data)) ins_data = list(filter(lambda x: int(x['ope']) == defs.DABASE_OPECODE.OPE_INSERT, sorted_data)) for rq in upd_data: group_id_list_mod = Group.objects.filter(group_id=rq['group_id']) if len(group_id_list_mod) <= 0: logger.logic_log('LOSI04000', rq['group_name'], request=request) continue # システム管理系はグループ名の更新不可 if int(rq['group_id']) not in defs.GROUP_DEFINE.PROTECTED_GROUP_IDS: group_id_list_mod[0].group_name = rq['group_name'] group_id_list_mod[0].summary = rq['summary'] group_id_list_mod[0].last_update_user = request.user.user_name group_id_list_mod[0].last_update_timestamp = now group_id_list_mod[0].save(force_update=True) group_id_list_del = [rq['group_id'] for rq in del_data if int(rq['group_id']) not in defs.GROUP_DEFINE.PROTECTED_GROUP_IDS] for rq in ins_data: group_info = Group( group_name=rq['group_name'], summary=rq['summary'], last_update_user=request.user.user_name, last_update_timestamp=now ) group_id_list_reg.append(group_info) # 追加 Group.objects.bulk_create(group_id_list_reg) # 権限を追加 _bulk_create_access_permission( request.user.user_name, [i.group_name for i in group_id_list_reg], now, ) # 削除対象グループを削除 Group.objects.filter(pk__in=group_id_list_del).delete() # 削除対象ユーザグループに該当するユーザIDを取得 before_user_list = list(UserGroup.objects.filter(group_id__in=group_id_list_del).values_list('user_id', flat=True).distinct()) # ユーザグループを削除 UserGroup.objects.filter(group_id__in=group_id_list_del).delete() # どのグループにも所属しないユーザを検索 after_user_list = list(UserGroup.objects.filter(user_id__in=before_user_list).values_list('user_id', flat=True).distinct()) delete_user_list = list(set(before_user_list) ^ set(after_user_list)) # ユーザ、パスワード履歴、アクセス権限を削除 User.objects.filter(pk__in=delete_user_list).delete() PasswordHistory.objects.filter(user_id__in=delete_user_list).delete() AccessPermission.objects.filter(group_id__in=group_id_list_del).delete() except Exception as e: logger.logic_log('LOSI00005', traceback.format_exc(), request=request) msg = get_message('MOSJA23021', request.user.get_lang_mode()) + '\\n' + str(e.args) response = {} response['status'] = 'failure' response['msg'] = msg response['error_msg'] = error_msg response_json = json.dumps(response) return HttpResponse(response_json, content_type="application/json") redirect_url = '/oase_web/system/group' response_json = '{"status": "success", "redirect_url": "%s"}' % redirect_url logger.logic_log('LOSI00002', 'None', request=request) return HttpResponse(response_json, content_type="application/json")