def destroy(self, request, *args, **kwargs): ''' 删除指定APP,model下的所有权限点 :param request.data: { "appName": "workOrder", "modelName": "workorder", } ''' user = self.get_object() try: app_name = request.data.get('appName') app = apps.get_app_config(app_name) model = app.get_model(request.data.get('modelName')) content_type = ContentType.objects.get_for_model(model) # 用户所有权限点 permissions = Permission.objects.filter(user=user) # 过滤要删除的权限 permissions = permissions.exclude(content_type=content_type) user.user_permissions.set(permissions) except Exception as e: logger.error(e) return Response({'detail': str(e)}, status=status.HTTP_400_BAD_REQUEST) return Response({'detail': '删除权限点成功'}, status=status.HTTP_204_NO_CONTENT)
def update(self, request, *args, **kwargs): ''' 修改用户权限点 :param request.data: [ "users.add_user", "users.change_user", "users.delete_user" ] ''' permissions = [] user = self.get_object() # 设置权限范围不能大于自己所拥有的权限 # 设置权限对象不能是自己 if (not user.is_superuser and not \ set(request.data).issubset(request.user.get_all_permissions())) \ or user == request.user: return Response({'detail': '权限拒绝'}, status=status.HTTP_403_FORBIDDEN) try: for permission_node in request.data: permission_node = permission_node.split('.', 1) permission = Permission.objects.get( content_type__app_label=permission_node[0], codename=permission_node[1]) permissions.append(permission) user.user_permissions.set(permissions) except Exception as e: logger.error(e) return Response({'detail': str(e)}, status=status.HTTP_400_BAD_REQUEST) return Response({'detail': '设置权限成功'}, status=status.HTTP_204_NO_CONTENT)
def __new__(cls, **params): res = utils.check_hostname(params['ip']) if res == 1: logger.warning("Host %s not answer" % (params['ip'])) logger.error("Device not created") return None return object.__new__(cls)
def update(self, request, *args, **kwargs): ''' :param request.data: [ "users.add_user", "users.change_user", "users.delete_user" ] ''' group = self.get_object() permissions = [] try: for permission_node in request.data: permission_node = permission_node.split('.', 1) permission = Permission.objects.get( content_type__app_label=permission_node[0], codename=permission_node[1]) permissions.append(permission) group.permissions.set(permissions) except Exception as e: logger.error(e) return Response({'detail': str(e)}, status=status.HTTP_400_BAD_REQUEST) return Response({'detail': '设置权限成功'}, status=status.HTTP_204_NO_CONTENT)
def exit_cfg_mode(self): try: self.__tn.write("exit\n".encode()) self.__tn.write("exit\n".encode()) except EOFError as e: logger.error("%s: Execution failed: %s" % (self.ip, e)) return # timeout for correct work telnet time.sleep(1)
def set_parameter(self, param, value): try: self.__conn.request("GET", "/axis-cgi/param.cgi?action=update&%s=%s" % (param, value), headers=self.__headers_auth) res = self.__conn.getresponse() #logger.debug("%s %s", res.status, res.reason) except httplib.HTTPException as e: logger.error("Execution failed: %s", e)
def restart(self): if vc.restart(self) == False: return try: self.__conn.request("GET", "/axis-cgi/restart.cgi", headers=self.__headers_auth) res = self.__conn.getresponse() #logger.debug("%s %s", res.status, res.reason) except httplib.HTTPException as e: logger.error("Execution failed: %s", e)
def get(self, request, format=None): data = [] try: jobs = jenkins_api.get_all_jobs() data = [{'name': job['name'], 'url': job['url']} for job in jobs] except Exception as e: logger.error(e) return Response({'detail': '获取jenkins job 列表失败'}) return Response(data)
def get(self, request, format=None): # 2019-04-17 00:00:00 try: data = request.GET # 查询条件 datetime_start = datetime.strptime(data.get('datetime_start'), '%Y-%m-%d %H:%M:%S') datetime_end = datetime.strptime(data.get('datetime_end'), '%Y-%m-%d %H:%M:%S') db_name = data.get('db_type') collection_name = data.get('db_instance') accountName = data.get('account_name', '.*') sql_text = '.*{}.*'.format( data.get('cmd')) if data.get('cmd') else '.*' # 分页 page = int(data.get('page', 1)) size = int(data.get('size', 10)) skip_count = (page - 1) * size collection = mongodb_client[db_name][collection_name] cursor = collection.find({ 'ExecuteTime': { '$gte': datetime_start, '$lte': datetime_end }, 'AccountName': { '$regex': accountName }, 'SQLText': { '$regex': sql_text } }).sort('ExecuteTime', DESCENDING) # 分页后的数据 documents = list(cursor.skip(skip_count).limit(size)) # 转换MongoDBObjectId for i in range(len(documents)): documents[i]['_id'] = str(documents[i]['_id']) data = {'count': cursor.count(), 'results': documents} return Response(data) except (ValueError, TypeError) as e: logger.info(e) return Response({'detail': str(e)}, status=status.HTTP_400_BAD_REQUEST) except Exception as e: logger.error(e) return Response({'detail': str(e)}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def update(self, request, *args, **kwargs): ''' 修改用户指定APP,model下的权限点 :param request.data: { "appName": "workOrder", "modelName": "workorder", "codenames": ["delete", "delete_workorder"], "reset":bool } reset默认值为True,当reset为True时重置组权限,当reset为True时添加用户权限 ''' user = self.get_object() try: app_name = request.data.get('appName') codenames = request.data.get('codenames') reset = request.data.get('reset', True) app = apps.get_app_config(app_name) model = app.get_model(request.data.get('modelName')) content_type = ContentType.objects.get_for_model(model) # 设置权限范围不能大于自己所拥有的权限 # 设置权限对象不能是自己 if (not user.is_superuser and not \ set(codenames).issubset(request.user.get_all_permissions())) \ or user == request.user: return Response({'detail': '权限拒绝'}, status=status.HTTP_400_BAD_REQUEST) # 需要设置的权限点 permissions_set = Permission.objects.filter( content_type=content_type, codename__in=codenames) if reset: # 用户所有权限点 permissions_all = Permission.objects.filter(user=user) # 排除包含当前模块的权限点 permissions_exclude = permissions_all.exclude( content_type=content_type) user.user_permissions.set( (permissions_exclude | permissions_set)) else: user.user_permissions.add(*permissions_set) except Exception as e: logger.error(e) return Response({'detail': str(e)}, status=status.HTTP_400_BAD_REQUEST) return Response({'detail': '权限设置成功'}, status=status.HTTP_204_NO_CONTENT)
def __getSongByUrl(self, song_url, song_name, counter): try: resp = requests.Session().head(song_url, timeout=self.timeout, stream=True, headers=headers, proxies=self.proxies) if resp.status_code == 302: realLocation = resp.headers.get("Location") print("地址被重定向:", realLocation) else: realLocation = song_url resp = requests.Session().get(realLocation, timeout=self.timeout, stream=True, headers=headers, proxies=self.proxies) length = int(resp.headers.get('content-length')) while (length == 0): if resp.status_code == 302: realLocation = resp.headers.get("Location") print("地址再次被重定向:", realLocation) resp = requests.Session().get(realLocation, timeout=self.timeout, stream=True, headers=headers, proxies=self.proxies) length = int(resp.headers.get('content-length')) else: print("服务器返回:", resp.status_code, resp) counter['error'] += 1 return False label = 'Downloading {} {}kb'.format(song_name, int(length / 1024)) with click.progressbar(length=length, label=label) as progressbar: with open(song_name, 'wb') as song_file: for chunk in resp.iter_content(chunk_size=1024): if chunk: # filter out keep-alive new chunks song_file.write(chunk) progressbar.update(1024) if counter != None: counter["success"] += 1 return True except requests.exceptions.Timeout as err: logger.error("%s during download filepath" % err) if counter != None: counter['error'] += 1 return False
def get_parameter(self, param): if utils.check_hostname(self.ip) == 1: return try: self.__conn.request("GET", "/axis-cgi/param.cgi?action=list&group=%s" % (param), headers=self.__headers_auth) res = self.__conn.getresponse() #logger.debug("%s %s", res.status, res.reason) data = res.read() return (data.split("=")[1]).strip() except httplib.HTTPException as e: logger.error("Execution failed: %s", e)
def __init__(self, **params): logger.debug("Init axis %s", params['ip']) vc.__init__(self, **params) auth = '%s:%s' % (self.user, self.password) auth = auth.encode('ascii') userAndPass = b64encode(auth).decode("ascii") self.__headers_auth = {'Authorization': 'Basic %s' % userAndPass} logger.debug("Connection string http://%s:%s@%s" % (self.user, self.password, self.ip)) try: self.__conn = httplib.HTTPConnection("%s" % self.ip) except httplib.HTTPException as e: logger.error("Execution failed: %s", e)
def get(self, request, format=None): try: databases = [ db for db in mongodb_client.list_database_names() if 'audit' in db ] # data = [{db: mongodb_client[db].collection_names()} for db in databases] data = [{ 'db': db, 'tables': mongodb_client[db].collection_names() } for db in databases] except Exception as e: logger.error(e) return Response({'detail': str(e)}) return Response(data)
def start(self): try: retcode = call("service %s %s" % (self.service_name, "start"), shell=True) if retcode < 0: logger.error("%s: Unable start the service" % (self.service_name)) elif retcode == 0: logger.info("%s: Service is started succesfully" % (self.service_name)) self.__state = Service_State.run else: logger.warning("Service already started") except OSError as e: logger.error("Execution failed: %s", e)
def state(self): try: logger.debug("%s: Check service state", self.service_name) FNULL = open(os.devnull, 'w') retcode = call("pgrep %s" % (self.service_name), stdout=FNULL, stderr=subprocess.STDOUT, shell=True) if retcode == 0: logger.info("%s: Service runnig" % (self.service_name)) return Service_State.run else: logger.info("%s: Service stopped" % (self.service_name)) return Service_State.stop except OSError as e: logger.error("Execution failed: %s", e)
def get_devops_members(self, request): ''' 获取运维组成员 ''' try: # group = UserGroup.objects.get(name='devops') # members = group.members.all(name='devops') group = Group.objects.get(name='devops') serializer = UserSerializer(group.user_set.all(), many=True) except Exception as e: # 不存着devops组就获取超级用户 members = User.objects.filter(is_superuser=1) serializer = UserSerializer(members, many=True) logger.error('获取运维组失败!') return Response(serializer.data)
def get(self, request, format=None): data = [] try: projects = gitlab_api.get_user_projects() for p in projects: data.append({ 'id': p.id, 'name': p.name, 'description': p.description, 'path_with_namespace': p.path_with_namespace }) except Exception as e: logger.error(e) return Response({'detail': '获取gitlab项目失败'}, status=status.HTTP_500_INTERNAL_SERVER_ERROR) return Response(data)
def get_grains_items(self, key_id): prefix = '/minions/{}'.format(key_id) try: req = self.get(prefix=prefix) logger.debug(req.json()) data = req.json() response = data['return'][0][key_id] if req.status_code != 200: response = {'code': req.status_code, 'detail': '请求异常'} elif not response: response = {'code': -1, 'detail': 'minion 返回false'} else: response['code'] = req.status_code except Exception as e: logger.error(e) response = {'code': -1, 'detail': 'salt api返回数据异常'} return response
def post(self, request, format=None): salt_id = request.data.get('keyID') response = saltapi.accept_key(salt_id) if response.get('code') == 200 and request.data.get('addAssets'): data = saltapi.get_grains_items(salt_id) try: if data['code'] == 200: data['comment'] = '来自salt添加' saveServer(data) except ValidationError as e: logger.error(e) response['detail'] = '接受KEY成功,资产中已存在此saltID的资产' except Exception as e: logger.error(e) response['detail'] = '接受KEY成功,导入到资产失败' # response = {'code': 200, 'status': True, 'detail': '接受KEY成功,资产中已存在此saltID的资产'} return Response(response)
def reject_key(self, key_id): data = { 'client': 'wheel', 'fun': 'key.reject', 'match': key_id, 'include_accepted': True, 'include_denied': True } try: req = self.post(data=data) logger.debug(req.json()) if req.status_code != 200: response = {'code': req.status_code, 'detail': '请求异常'} else: data = req.json() status = data['return'][0]['data']['success'] # salt-api 返回执行成功的成员,任意saltID都会返回status,最终结果还得看numbers numbers = data['return'][0]['data']['return'] if numbers and status: response = { 'code': 200, 'status': status, 'detail': '驳回成功' } else: if not status: response = { 'code': 200, 'status': status, 'detail': '驳回失败' } else: response = { 'code': 200, 'status': False, 'detail': '未知的minion' } except Exception as e: logger.error(e) response = {'code': -1, 'detail': 'salt api返回数据异常'} return response
def update(self, request, *args, **kwargs): ''' :param request.data: { "appName": "workOrder", "modelName": "workorder", "codenames": ["delete", "delete_workorder"], "reset":bool } reset默认值为True,当reset为True时重置组权限,当reset为True时添加组权限 ''' group = self.get_object() try: app_name = request.data.get('appName') codenames = request.data.get('codenames') reset = request.data.get('reset', True) app = apps.get_app_config(app_name) model = app.get_model(request.data.get('modelName')) content_type = ContentType.objects.get_for_model(model) # 需要设置的权限点 permissions_set = Permission.objects.filter( content_type=content_type, codename__in=codenames) if reset: # 获取组所有权限点 permissions_all = group.permissions.all() # 排除包含当前模块的权限点 permissions_exclude = permissions_all.exclude( content_type=content_type) group.permissions.set((permissions_exclude | permissions_set)) else: group.permissions.add(*permissions_set) except Exception as e: logger.error(e) return Response({'detail': str(e)}, status=status.HTTP_400_BAD_REQUEST) return Response({'detail': '权限设置成功'}, status=status.HTTP_204_NO_CONTENT)
def permissions_node(self, request, app, model): ''' 获取模块权限点 :return: { "id": val, "name": val, "codename": val, "content_type": val, "node": val }, ''' try: data = get_permission_nodes(app, model) except Exception as e: logger.error(e) return Response({'detail': str(e)}, status=status.HTTP_404_NOT_FOUND) return Response(data)
def get_token(self, prefix='token'): """ 登录获取token """ data = json.dumps({ "userName": self.username, "password": self.password}) headers = { 'Content-Type': 'application/json', 'Accept': 'application/json' } token_url = '{}{}'.format(self.url, prefix) try: req = requests.post(token_url, headers=headers, data=data, verify=False, timeout=self.timeout) if req.status_code == 200: logger.info('获取OA token: {}'.format(req.json())) return req.json().get('id') except Exception as e: logger.error(e) return ''
def delete_key(self, key_id): data = {'client': 'wheel', 'fun': 'key.delete', 'match': key_id} try: req = self.post(data=data) logger.debug(req.json()) if req.status_code != 200: response = {'code': req.status_code, 'detail': '请求异常'} else: data = req.json() status = data['return'][0]['data']['success'] response = {'code': 200, 'status': status, 'detail': '删除key成功'} # delete key 无论key是否存在都返回空 if not status: response['detail'] = '删除key失败' except Exception as e: logger.error(e) response = {'code': -1, 'detail': '删除key失败'} return response
def get(self, request, format=None): data = [] path_with_namespace = request.GET.get('path_with_namespace') try: branches = gitlab_api.get_project_branchs(path_with_namespace) if len(branches) > 1: return Response({'detail': '多个gitlab中存在多个相同的工程'}, status=status.HTTP_500_INTERNAL_SERVER_ERROR) elif len(branches) == 1: data = [{ 'name': branch.name, 'commit_id': branch.commit.get('id'), 'message': branch.commit.get('message'), 'created': branch.commit.get('created_at') } for branch in branches[0]] except Exception as e: logger.error(e) return Response({'detail': '获取项目分支失败'}, status=status.HTTP_500_INTERNAL_SERVER_ERROR) return Response(data)
def create(self, request, *args, **kwargs): salt_id = request.data.get('keyID') data = saltapi.get_grains_items(salt_id) try: if data['code'] == 200: data['comment'] = '来自salt添加' response = saveServer(data) status = 201 else: response = {'detail': data.get('detail')} status = 500 except ValidationError as e: logger.error(e) response = {'detail': '资产中已存在此saltID的资产'} status = 500 except Exception as e: logger.error(e) response = {'detail': '添加资产失败'} status = 500 return Response(data=response, status=status)
def sendMessageToMPClient(msg, device): global deviceConnectionToIPMap, outputs, messageForMPQueue for conn in deviceConnectionToIPMap.keys(): addr = deviceConnectionToIPMap[conn] d = getOrBuildMPClient(addr[0], addr[1]) if d.code: try: # 只发给对应用的MP if device.code != d.code: continue q = messageForMPQueue[d] #如果满了,则弹出一个 if q.full(): q.get_nowait() q.put_nowait(msg) if not conn in outputs: outputs.append(conn) logger.debug("MP outputs conn: " + str(len(outputs))) except: traceback.print_exc() logger.error("add MP msg QUEUE ERROR :" + binascii.b2a_hex(msg)) pass
def __oa_request(self, prefix='', type='get', **data): headers = { 'Accept': 'application/json' } url = '{}{}'.format(self.url, prefix) params = { 'token': self.token } if 'post' == type.lower(): __params = { 'headers': headers, 'url': url, 'params': params, 'timeout': self.timeout, 'json': data, 'verify': False } __request = requests.post else: __params = { 'headers': headers, 'url': url, 'params': data, 'timeout': self.timeout, 'verify': False } __request = requests.get try: req = __request(**__params) if req.status_code == 401 and req.json().get('code') == '1010': self.token = self.get_token() __params['params']['token'] = self.token req = __request(**__params) return req.json() except Exception as e: logger.error(e) return False
def log(self, request, pk): try: obj = self.get_object() lineno = int(request.GET.get('lineno', 1)) size = int(request.GET.get('size', 0)) line_count = len(linecache.getlines(obj.log_file)) if line_count == 0: return Response({ 'detail': '不存在日志文件或者日志文件无内容', 'is_tail': True }, status=status.HTTP_404_NOT_FOUND) elif line_count >= lineno: lines = linecache.getlines(obj.log_file)[lineno - 1:lineno - 1 + size] is_tail = bool(line_count < (lineno + size)) return Response({'content': lines, 'is_tail': is_tail}) except Exception as e: logger.exception(e) logger.error(e) return Response({'detail': '获取日志失败'}, status=status.HTTP_400_BAD_REQUEST)