def show_audit_log(request): try: request_data = common.print_header_data(request) # 获取请求数据 start_pos, end_pos, page_size = common.get_page_data(request_data) # 获取页码数据 query_terms = get_audit_log_query_terms(request_data) # 构造查询参数 query_data = AuditLog.objects.filter(**query_terms).order_by('-id')[ start_pos:end_pos] # 过滤查询,若query_terms={},相当于all serializer_data = serialize('json', query_data, fields=('device_id', 'log_type', 'filename', 'time', 'receive_time', 'save_path')) list_data = json.loads(serializer_data) show_data = [] for data in list_data: fields = data['fields'] fields['time'] = fields['time'].replace('T', ' ') # 去除时间显示时多出的字符'T' fields['receive_time'] = fields['receive_time'].replace('T', ' ') # 去除时间显示时多出的字符'T' fields['file_name'] = fields.pop('filename') fields['file_path'] = common.MEDIA_ROOT + fields.pop('save_path') show_data.append(fields) return common.ui_message_response(200, '查询成功', show_data, status.HTTP_200_OK) except Exception: traceback.print_exc() return common.ui_message_response(500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def group_query_permission(request): """ 角色查询权限 :param request: :return: """ try: request_data = common.print_header_data(request) role_id = common.check_request_int_field(request_data, 'role_id') if isinstance(role_id, Response): return role_id result_list = [] role_select = Group.objects.filter(id=role_id) for group in role_select: query_result = group.permissions.all() for permission in query_result: if len(permission.codename.split('|')) > 1: result_list.append(permission.id) return common.ui_message_response( 200, '查询成功', {'permission_id_list': result_list}, status.HTTP_200_OK) except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def show_local_audit(request): try: request_data = common.print_header_data(request) # 获取请求数据 start_pos, end_pos, page_size = common.get_page_data( request_data) # 获取页码数据 query_terms = get_local_audit_query_terms(request_data) # 构造查询参数 query_data = AuditManagement.objects.filter(**query_terms).order_by( '-id')[start_pos:end_pos] # 过滤查询,若query_terms={},相当于all serializer_data = serialize('json', query_data, fields=('log_id', 'user', 'opt_type', 'event_type', 'message', 'time')) list_data = json.loads(serializer_data) show_data = [] for data in list_data: fields = data['fields'] fields['time'] = fields['time'].replace('T', ' ') # 去除时间显示时多出的字符'T' show_data.append(fields) return common.ui_message_response(200, '查询成功', show_data, status.HTTP_200_OK) except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def role_add_permission(request): """ 角色增加权限 :param request: :return: """ try: request_data = common.print_header_data(request) role_id = common.check_request_int_field(request_data, 'role_id') if isinstance(role_id, Response): return role_id permission_id_list = common.check_request_list_or_dict_field( request_data, 'permission_id_list') if isinstance(permission_id_list, Response): return permission_id_list role_select = Group.objects.filter(id=role_id) if role_select.exists(): if role_select[0].permissions.all(): role_select[0].permissions.clear() for permission_id in permission_id_list: role_select[0].permissions.add(permission_id) return common.ui_message_response(200, '角色添加权限成功', 'success', status.HTTP_200_OK) else: return common.ui_message_response(400, '角色不存在', '角色不存在') except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def reset_user_password(request): """ 重置用户密码 :param request: :return: """ try: request_data = common.print_header_data(request) user_data = lc.trans_user_change_password(request_data) user = User.objects.get(id=user_data['id']) username = user.username if user is not None: user.set_password(str(su.get_md5('123456')).upper()) user.save() User.objects.filter(username=username).update( last_update_time=du.get_current_time()) common.generate_system_log(request_data, u' 用户操作', u'重置密码操作', username + u'重置密码成功') return common.ui_message_response(200, '修改密码成功', "success", status.HTTP_200_OK) else: common.generate_system_log(request_data, u' 用户操作', u'重置密码操作', username + u'重置密码失败') return common.ui_message_response(400, '用户不存在', '用户不存在') except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def user_query_permission(request): """ 用户查询权限 :param request: :return: """ try: request_data = common.print_header_data(request) user_name = request_data.get('username') # user_name = "admin" user_select = User.objects.filter(username=user_name) if user_select.exists(): result_list = [] groups = user_select[0].groups.all() for group in groups: query_result = group.permissions.all() for permission in query_result: if len(permission.codename.split('|')) > 1: result_list.append(permission.id) # result_list = list(user_select[0].get_all_permissions()) return common.ui_message_response( 200, '查询成功' + json.dumps(result_list), {'permission_id_list': result_list}, status.HTTP_200_OK) else: return common.ui_message_response(400, '用户不存在', '用户不存在') except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def user_login(request): """ 登录校验 :param request: :return: """ try: result = {} user_data = {} role_result = {} request_data = common.print_header_data(request) username = request_data.get('username') # user_data['username'] = '******' # username = '******' user_data['username'] = username password = request_data.get('password') # user_data['password'] = str(su.get_md5('123456')).upper() # password = str(su.get_md5('123456')).upper() user_data['password'] = password if User.objects.filter(username=username): user = auth.authenticate(**user_data) if user: # django.contrib.auth.login(request, user) result['username'] = user_data['username'] user_query = User.objects.filter(username=result['username']) user_query.update(last_login=du.get_current_time()) group_query = user_query[0].groups.all() for group in group_query: permission_id_list = [] permission_query = group.permissions.all() for permission in permission_query: permission_id_list.append(permission.id) role_result[group.name] = permission_id_list result['role'] = role_result common.generate_system_log(request_data, u'用户操作', u'登录操作', username + u'登录成功') result['flag'] = "success" print "login result:", result return common.ui_message_response(200, '登录成功', result, status.HTTP_200_OK) else: common.generate_system_log(request_data, u'用户操作', u'登录操作', username + u'密码错误') return common.ui_message_response(400, '密码错误', '密码错误') else: common.generate_system_log(request_data, u'用户操作', u'登录操作', u'用户名不存在') return common.ui_message_response(400, '用户名不存在', '用户名不存在') except Exception: traceback.print_exc() common.generate_system_log(request_data, u'用户操作', u'登录操作', u'登录模块出现异常') return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def show_local_audit_count(request): try: request_data = common.print_header_data(request) # 获取请求数据 query_terms = get_local_audit_query_terms(request_data) # 构造查询参数 count = AuditManagement.objects.filter(**query_terms).count() # 数据条数 show_data = {'count': count} return common.ui_message_response(200, '查询成功', show_data, status.HTTP_200_OK) except Exception: traceback.print_exc() return common.ui_message_response(500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def role_remove_all_user(request): """ 角色删除所有用户 :param request: :return: """ try: request_data = common.print_header_data(request) role_name = request_data.get('role_name') group_select = Group.objects.filter(name=role_name) for group in group_select: group.user_set.clear() return common.ui_message_response(200, '删除成功', '删除成功', status.HTTP_200_OK) except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def get_user_number(request): """ 获取用户数量 :param request: :return: """ try: result = {} query_terms = {} request_data = common.print_header_data(request) query_result = User.objects.filter(**query_terms) user_count = query_result.count() result['user_count'] = user_count return common.ui_message_response(200, '查询成功', result, status.HTTP_200_OK) except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def user_registration(request): """ 注册用户信息,创建用户名和密码,auth模块不存储用户密码明文而是存储一个Hash值, 比如迭代使用Md5算法. :param request: :return: """ try: request_data = common.print_header_data(request) user_data = lc.trans_user_registration_info(request_data) if 'password' not in user_data: user_data['password'] = str(su.get_md5('123456')).upper() user_name = user_data['username'] if 'role_id' in user_data: role_id = user_data['role_id'] del user_data['role_id'] else: role_id = 3 # 默认角色 user_data['is_active'] = '1' user_data['is_staff'] = '1' print "user_data:", user_data if user_data: query_data = User.objects.filter(username=user_name) if query_data.exists(): common.generate_system_log(request_data, u'用户操作', u'注册操作', user_name + u'注册失败,用户名被占用') return common.ui_message_response(400, '用户名已经被占用', "用户名已经被占用") else: user = User.objects.create_user(**user_data) user.save() if role_id: group_select = Group.objects.filter(id=role_id) for group in group_select: user.groups.add(group) common.generate_system_log(request_data, u'用户操作', u'注册操作', user_name + u'注册成功') return common.ui_message_response(200, '用户注册成功', "success", status.HTTP_200_OK) except Exception: traceback.print_exc() common.generate_system_log(request_data, u' 用户操作', u'注册操作', user_name + u'注册失败,注册出现错误') return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def delete_role(request): """ 删除角色 :param request: :return: """ try: request_data = common.print_header_data(request) role_id_list = common.check_request_list_or_dict_field( request_data, 'role_id_list') if isinstance(role_id_list, Response): return role_id_list for role_id in role_id_list: user_query = Group.objects.filter(id=role_id) for role in user_query: role.delete() return common.ui_message_response(200, '角色删除成功', "success", status.HTTP_200_OK) except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def create_role(request): """ 创建角色 :param request: :return: """ try: request_data = common.print_header_data(request) role_name = request_data.get('rolename') print role_name if role_name is not None: query_data = Group.objects.filter(name=role_name) if query_data.exists(): return common.ui_message_response(400, '角色名已经被占用', "角色名已经被占用") else: group = Group.objects.create(name=role_name) group.save() return common.ui_message_response(200, '角色创建成功', "success", status.HTTP_200_OK) except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def is_pwd_expire(request): try: request_data = common.print_header_data(request) # 获取请求数据 # 获取请求参数 login_id = request_data.get('username') # 用户id if login_id is not None: query_data = User.objects.filter(username=login_id) now_time = du.get_current_time() if now_time - query_data[0].last_update_time >= common.EXPIRE_TIME: # is_expire = 1 is_expire = 0 else: is_expire = 0 return common.ui_message_response( 200, '过期' if is_expire == 1 else '未过期', is_expire, status.HTTP_200_OK) else: return common.ui_message_response(400, '没有username参数', "参数为空") except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def delete_user(request): """ 根据用户id删除用户信息 :param request: :return: """ try: request_data = common.print_header_data(request) user_id_list = common.check_request_list_or_dict_field( request_data, 'user_id_list') if isinstance(user_id_list, Response): return user_id_list for user_id in user_id_list: user_query = User.objects.filter(id=user_id) for user in user_query: user.groups.clear() user.delete() return common.ui_message_response(200, '用户删除成功', 'success', status.HTTP_200_OK) except Exception: traceback.print_exc() return common.ui_message_response( 500, '用户删除失败', '用户删除失败', status.HTTP_500_INTERNAL_SERVER_ERROR)
def user_query_all(request): """ 检索账户信息 :param request: :return: """ try: request_data = common.print_header_data(request) result = {} user_list = [] query_terms = {} role_id = '' if 'role_id' in request_data: role_id = request_data.get('role_id') if 'username' in request_data: username = request_data.get('username') query_terms['username__contains'] = username start_pos, end_pos, page_size = common.get_page_data(request_data) if query_terms: query_result = User.objects.filter(**query_terms) else: query_result = User.objects.all() if role_id: user_result_list = [] query_result = query_result.order_by('-id') for user in query_result: role_query = user.groups.all() for role in role_query: if role.id == int(role_id): user_result_list.append(user) for user in user_result_list: user_dict = {} user_dict['id'] = user.id user_dict['username'] = user.username role_query = user.groups.all() if len(role_query) > 0: role_name_list = [] role_id_list = [] for role in role_query: role_name_list.append(role.name) role_id_list.append(role.id) user_dict['role_name'] = role_name_list user_dict['role_id'] = role_id_list user_list.append(user_dict) else: user_count = query_result.count() query_result = query_result.order_by('-id') for user in query_result: user_dict = {} user_dict['id'] = user.id user_dict['username'] = user.username role_query = user.groups.all() if len(role_query) > 0: role_name_list = [] role_id_list = [] for role in role_query: role_name_list.append(role.name) role_id_list.append(role.id) user_dict['role_name'] = role_name_list user_dict['role_id'] = role_id_list user_list.append(user_dict) print user_list result['user_query'] = user_list[start_pos:end_pos] result['user_count'] = len(user_list) print "query_user:", result #return JsonResponse(result, safe=False) return common.ui_message_response(200, '查询用户成功', result, status_code=status.HTTP_200_OK) except Exception: traceback.print_exc() return common.ui_message_response( 500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)
def process_system_audit(request): try: report_time = du.get_current_time() # 获取当前时间 request_data = common.print_header_data(request) # 获取请求数据 detector_id = common.check_detector_available(request, Detector) # 检查检测器是否合法,合法就返回检测器ID if isinstance(detector_id, Response): return detector_id data_list = common.detector_upload_json_preprocess(request_data) # 返回List()格式的上传json数据 if isinstance(data_list, Response): return data_list # 日志记录 # logger_record.info('%s %s %s %d' % (request.META.get('REMOTE_ADDR'), detector_id, 'detector_audit', len(data_list))) log_str = '%s %s %s %s %d' % (request.META.get('REMOTE_ADDR'), request.META.get('HTTP_X_REMOTE_ADDR', '0.0.0.0'), detector_id, 'detector_audit', len(data_list)) fu.string2log_append_per_day(content=log_str, path=common.LOG_PATH + 'detector_access_log/') business_data_list = [] # 发送到业务数据服务器上的列表[(请求头, 数据),...] handle_data = copy.deepcopy(data_list) # 生成业务处置系统所需文件的告警数据 command_send_data = [] # 发送到指挥中心的数据[(请求头, 数据),...] for data in data_list: business_request_data = copy.deepcopy(data) # 业务数据传输请求数据 result = common.check_time_field(data) if isinstance(request, Response): return result if 'id' in data: data['log_id'] = data.pop('id') else: return common.detector_message_response(400, '请求数据中没有id字段', '请求数据中没有id字段') data['device_id'] = detector_id # 加入检测器id字段 data['report_time'] = report_time # 加入上报时间字段 if config.const.UPLOAD_BUSINESS: # 构建传输到业务数据服务器上的请求头和请求数据 business_request_header = { 'Host': business_host, 'Date': datetime.datetime.now().strftime('%a, %d %b %Y %H:%M:%S'), 'Content-Type': 'application/json', 'Version': '1.0', # 'Cookie': 'unknown', 'Source-Type': 'JCQ_XTSJ', 'Data-Type': 'msg', 'User-Agent': request.META.get('HTTP_USER_AGENT'), 'Capture-Date': data['time'].strftime('%a, %d %b %Y %H:%M:%S'), 'BusinessData-Type': 'JCQ_XTSJ', 'Meta-Data': json.dumps({ 'id': detector_id }), } # 业务数据传输请求头 ##### update by wwenan 2019.06.18 17:47#### #business_data_list.append((business_request_header, business_request_data)) ########################################### if config.const.UPLOAD_DIRECTOR and check_global_director_connection(): common_header = ccd.get_common_command_header_of_detector('status', 'AUDIT', 'JCQ_AUDIT', request, detector_id, capture_date=data['time'], data_type='msg') command_data = json.dumps(business_request_data, ensure_ascii=False).encode('utf-8') ccd.upload_json_2_director_of_detector(common_header, data, command_data, 'JCQ_AUDIT', async_level=3) serializer = AuditSystemSerializer(data=data_list, many=True) # 序列化 if serializer.is_valid(): serializer.save() # 存储数据库 ##### update by wwenan 2019.06.18 17:47##### #if config.const.UPLOAD_BUSINESS: #sender.async_send_business_data('project.audit', 'JCQ_XTSJ', detector_id, business_data_list) ############################################ # 生成业务处置系统所需文件 if config.const.UPLOAD_BUSINESS_DISPOSAL: handle_data_type = 'detector_audit' file_dir = os.path.join(config.const.DISPOSAL_DIR, 'audit') file_name = 'detector_audit_' + str(int(time.time())) + '_' + str(1) sender.send_business_disposal(file_dir, file_name, request.META.get('HTTP_USER_AGENT'), handle_data_type, handle_data) return common.detector_message_response(200, '数据存储成功', {'message': 'Success'}, status.HTTP_200_OK) else: return common.detector_message_response(400, json.dumps(serializer.errors), '数据缺失或字段不符合规定,序列化出错') except Exception: traceback.print_exc() return common.detector_message_response(500, '服务器内部错误', '服务器内部错误', status.HTTP_500_INTERNAL_SERVER_ERROR)