def post(self): ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return user_info = json.loads(self.request.body) user_id = user_info['user_id'] ok, info = check.check_user_id(user_id) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return access_token = encrypt.make_cookie_secret() action_time = utils.cur_timestamp() session_data = { 'access_token': access_token, 'user_id': user_id, 'action_time': action_time, 'expire_time': action_time + config.expire_second } if db_session.update(session_data): self.set_secure_cookie("access_token", access_token) self.set_cookie("user_id", user_id) ok = True info = {} else: ok = False info = u"登陆失败,请联系管理员!" self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self): ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return user_info = json.loads(self.request.body) username, password = user_info['username'], user_info['passwd'] ok, info = check.check_password(username, password) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return access_token = encrypt.make_cookie_secret() action_time = utils.cur_timestamp() session_data = { 'access_token': access_token, 'username': username, 'action_time': action_time, 'expire_time': action_time + config.expire_second } if db_session.update(session_data): self.set_secure_cookie("access_token", access_token) self.set_cookie("username", username) ok = True info = {} else: ok = False info = "Login error, please contact with the system administrator" self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self): post_add_permission = '3.2.1' post_update_permission = '3.2.2' ok, info = check.check_login(self.token) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return body = json.loads(self.request.body) action, permission_data = body['action'], body['data'] if action == 'add': local_permission_list = [self.handler_permission, self.post_permission, post_add_permission] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if db_permission.add(permission_data): ok = True info = 'Add permission successful' else: ok = False info = 'Add permission failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if action == 'update': local_permission_list = [self.handler_permission, self.post_permission, post_update_permission] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if db_permission.update(permission_data): ok = True info = 'Update permission successful' else: ok = False info = 'Update permission failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok = False info = 'Unsupported permission action' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self): post_add_permission = '1.2.1' ok, info = check.check_login(self.token) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return body = json.loads(self.request.body) action, task_data, mailto = body['action'], body['data'], body[ 'mailto'] if action == 'add': local_permission_list = [ self.handler_permission, self.post_permission, post_add_permission ] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return task_data['task_id'] = uuid.uuid1().hex task_data['create_time'] = utils.cur_timestamp() if db_task.add(task_data): if list(mailto): message = task_data['creator'] + " create a new task, see in " \ "http://oms.example.com/task?task_id=" + task_data['task_id'] tornado.ioloop.IOLoop.instance().add_callback( self.sending_mail(list(mailto), message)) ok = True info = {'task_id': task_data['task_id']} else: ok = False info = 'Add task failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok = False info = 'Unsupported task action' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self): ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return task_status = json.loads(self.request.body)['data'] print task_status if not db_task.update(task_status): ok = False info = 'update task status failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok = True info = "info = 'update task status successful" self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self): post_initialize_permission = '8.2.1' post_install_permission = '8.2.2' ok, info = check.check_login(self.token) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return body = json.loads(self.request.body) action, data = body['action'], body['data'] if action == 'initialize': local_permission_list = [self.handler_permission, self.post_permission, post_initialize_permission] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return tornado.ioloop.IOLoop.instance().add_callback(self.machine_initialize(data['ip'])) ok = True info = "Initializing..." self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if action == 'install': local_permission_list = [self.handler_permission, self.post_permission, post_install_permission] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return tornado.ioloop.IOLoop.instance().add_callback(self.install_software(data['ip'], data['software'])) ok = True info = 'Software installing...' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok = False info = 'Unsupported task action' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self): post_update_file_permission = '5.2.1' post_update_db_permission = '5.2.2' ok, info = check.check_login(self.token) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return body = json.loads(self.request.body) action, data = body['action'], body['data'] excutor = self.get_cookie("username") if action == 'update': task = db_task.get(data['task_id']) update_type = task['type'] local_permission_list = [ self.handler_permission, self.post_permission ] if update_type == 'update_file': local_permission_list = [ self.handler_permission, self.post_permission, post_update_file_permission ] if update_type == 'update_db': local_permission_list = [ self.handler_permission, self.post_permission, post_update_db_permission ] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return if task['status'] is True: ok = False info = 'Task has been executed' self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return task_status = { 'task_id': task['task_id'], 'status': 1, 'start_time': utils.cur_timestamp(), 'executor': excutor } if not db_task.update(task_status): ok = False info = 'update task status failed' self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return tornado.ioloop.IOLoop.instance().add_callback( self.salt_run_update(task)) ok = True info = 'Execute update script successful' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if action == 'revert': task = db_task.get(data['task_id']) update_type = task['type'] local_permission_list = [ self.handler_permission, self.post_permission ] if update_type == 'update_file': local_permission_list = [ self.handler_permission, self.post_permission, post_update_file_permission ] if update_type == 'update_db': local_permission_list = [ self.handler_permission, self.post_permission, post_update_db_permission ] ok, info, is_admin = verify.has_permission(self.token, local_permission_list) if not is_admin: info = "Only admin can revert." self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return task_status = { 'task_id': task['task_id'], 'revert': 1, 'revert_time': utils.cur_timestamp() } if not db_task.update(task_status): ok = False info = 'update task status failed' self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return tornado.ioloop.IOLoop.instance().add_callback( self.salt_run_revert(task)) ok = True info = 'Execute revert script successful' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if action == 'get_current_version': target = data['target'] ip = '127.0.0.1' result = sapi.run_script([ip], 'salt://scripts/get_current_version.sh', target) retcode, cur_version = result[ip]['retcode'], result[ip]['stdout'] if retcode == 0: ok = True info = cur_version else: ok = False info = u'Get version info failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok = False info = 'Unsupported update action' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self): ok, info = check.check_login(self.token) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return body = json.loads(self.request.body) action, user_data = body['action'], body['data'] if action == 'add': user_type, expiry_mouth = user_data['user_type'], user_data[ 'expiry_mouth'] if 'remarks' in user_data: remarks = user_data['remarks'] else: remarks = '' cur_timestamp = utils.cur_timestamp() expiry_timestamp = int( expiry_mouth) * 31 * 60 * 60 * 24 + cur_timestamp if user_type == "vip": # todo user_id = encrypt.make_user_id() port = db_user.get_largest_port(is_share=False) + 1 user_data = { 'user_id': user_id, 'create_time': cur_timestamp, 'expire_time': expiry_timestamp, 'port': port, 'type': user_type, 'enabled': 1, 'remarks': remarks } if db_user.add(user_data): ok = True info = u'新增用户信息成功' else: ok = False info = u'新增用户信息失败' elif user_type == "normal": user_id = encrypt.make_user_id() port = db_user.get_largest_port(is_share=False) + 1 user_data = { 'user_id': user_id, 'create_time': cur_timestamp, 'expire_time': expiry_timestamp, 'port': port, 'type': user_type, 'enabled': 1, 'remarks': remarks } if db_user.add(user_data): count = 0 for i in range(1, 6): sub_user_id = encrypt.make_user_id() port = db_user.get_largest_port(is_share=True) + 1 sub_user_data = { 'user_id': sub_user_id, 'parent_id': user_id, 'create_time': cur_timestamp, 'expire_time': expiry_timestamp, 'port': port, 'type': 'share', 'enabled': 0, 'remarks': '' } if not db_user.add(sub_user_data): count += 1 if count == 0: ok = True info = u"新增账户及子账号成功" else: ok = False info = u"新增子账户失败,请检查" else: ok = False info = u'新增用户信息失败' else: ok = False info = "不支持的用户类型" self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if action == 'update_time': user_id, add_mouth = user_data['user_id'], user_data['add_mouth'] user_info = db_user.get(user_id) if user_info is not False: cur_expire_time = user_info['expire_time'] cur_time = utils.cur_timestamp() if cur_expire_time >= cur_time: new_expire_time = cur_expire_time + int( add_mouth) * 31 * 24 * 60 * 60 else: new_expire_time = cur_time + int( add_mouth) * 31 * 24 * 60 * 60 user_data = { 'user_id': user_id, 'expire_time': new_expire_time } if db_user.update(user_data): sub_id_list = db_user.get_sub_id_list(user_id) if sub_id_list: count = 0 for sub_user_id in sub_id_list: sub_user_data = { 'user_id': sub_user_id, 'expire_time': new_expire_time } if not db_user.update(sub_user_data): count += 1 if count == 0: ok = True info = u"更新账户及子账号过期时间成功" else: ok = False info = u"更新子账户过期时间失败,请检查" else: ok = True info = u'更新用户过期时间成功' else: ok = False info = u'更新用户过期时间失败' else: ok = False info = u'获取用户信息失败' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok = False info = u'不支持的操作类型' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self): post_add_permission = '7.2.1' post_delete_permission = '7.2.1' ok, info = check.check_login(self.token) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return body = json.loads(self.request.body) action, ssh_key_data = body['action'], body['data'] if action == 'add': local_permission_list = [self.handler_permission, self.post_permission, post_add_permission] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ip = ssh_key_data['ip'] ssh_key_string = db_user.get(username=ssh_key_data['username'])['ssh_key'] if ssh_key_string is None: ok = False info = "User ssh-key does not exist, please add first" self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return encrypt_ssh_key_info = encrypt.base64_encode(ssh_key_data['system_user'] + '@' + ssh_key_string + " " + ssh_key_data['username']) result = sapi.run_script([ip], 'salt://scripts/add_ssh_key.sh', encrypt_ssh_key_info) retcode = result[ip]['retcode'] if retcode == 0: if db_ssh_key_info.add(ssh_key_data): ok = True info = 'Add ssh-key successful' else: ok = False info = 'Add ssh-key failed' else: ok = False info = 'Add ssh-key failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if action == 'delete': local_permission_list = [self.handler_permission, self.post_permission, post_delete_permission] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return fail_count = 0 for ssh_key_info in ssh_key_data: ip = ssh_key_info['ip'] encrypt_ssh_key_info = encrypt.base64_encode(ssh_key_info['system_user'] + '@' + ssh_key_info['username']) result = sapi.run_script([ip], 'salt://scripts/delete_ssh_key.sh', encrypt_ssh_key_info) retcode = result[ip]['retcode'] if retcode == 0: if db_ssh_key_info.delete(ssh_key_info['username'], ssh_key_info['ip'], ssh_key_info['system_user']): fail_count += 0 else: fail_count += 1 else: fail_count += 1 if fail_count == 0: ok = True info = 'Delete all ssh-key info failed' else: ok = False info = 'Delete some ssh-key info failed, please retry' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok = False info = 'Unsupported ssh-key action' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def post(self): post_add_permission = '4.2.1' post_user_update_permission = '4.2.2' post_admin_update_permission = '4.2.3' ok, info = check.check_login(self.token) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return body = json.loads(self.request.body) action, user_data = body['action'], body['data'] if action == 'add': local_permission_list = [ self.handler_permission, self.post_permission, post_add_permission ] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return ok, info = check.check_user_input(user_data) if not ok: self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return user_data['salt'], user_data['passwd'] = encrypt.md5_salt( user_data['passwd']) if db_user.add(user_data): ok = True info = 'Add user successful' else: ok = False info = 'Add user failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if action == 'update': local_permission_list = [ self.handler_permission, self.post_permission, post_user_update_permission ] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return ok, info = check.check_user_input(user_data) if not ok: self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return if 'old_passwd' in user_data: ok, info = check.check_password(user_data['username'], user_data['old_passwd']) if not ok: self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return user_data['salt'], user_data['passwd'] = encrypt.md5_salt( user_data['new_passwd']) if db_user.update(user_data): ok = True info = 'Update password successful' else: ok = False info = 'Update password failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return # update user info without verify password, by admin if action == 'update_all': local_permission_list = [ self.handler_permission, self.post_permission, post_admin_update_permission ] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return if user_data['passwd'] == "": user_data.pop('passwd') ok, info = check.check_user_input(user_data) if not ok: self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return if 'passwd' in user_data: user_data['salt'], user_data['passwd'] = encrypt.md5_salt( user_data['passwd']) if db_user.update(user_data): ok = True info = 'Update user info successful' else: ok = False info = 'Update user info failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok = False info = 'Unsupported user action' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))