def put(self, *args, **kwargs): data = json.loads(self.request.body.decode("utf-8")) id = data.get('id', None) name = data.get('name', None) # 名称,也是唯一 system_user = data.get('system_user', None) # 系统用户 platform_users = data.get('platform_users', []) # 平台用户 priority = data.get('priority', None) # 优先级 sudo_list = data.get('sudo_list', None) # sudo权限 bash_shell = data.get('bash_shell', None) # sudo权限 remarks = data.get('remarks', None) # 备注 if not name or not system_user or not priority or not sudo_list or not bash_shell: return self.write(dict(code=-2, msg='关键参数不能为空')) if not platform_users: return self.write(dict(code=-2, msg='请至少选择一个关联用户')) if not is_number(priority): return self.write(dict(code=-2, msg='优先级必须是数字')) with DBContext('w', None, True) as session: exist_sudo_list = session.query(SystemUser.sudo_list).filter(SystemUser.id == id).first() if exist_sudo_list[0] != sudo_list: # 存在修改sudo_list,更新新的sudo_list到主机上 obj = PushSystemUser() obj.update_user_sudo(system_user, sudo_list) session.query(SystemUser).filter(SystemUser.id == id).update( {SystemUser.platform_users: ','.join(platform_users), SystemUser.priority: priority, SystemUser.sudo_list: sudo_list, SystemUser.remarks: remarks}) return self.write(dict(code=0, msg='编辑成功'))
def post(self, *args, **kwargs): data = json.loads(self.request.body.decode("utf-8")) name = data.get('name', None) # 名称,也是唯一 system_user = data.get('system_user', None) # 系统用户 platform_users = data.get('platform_users', []) # 平台用户 priority = data.get('priority', None) # 优先级 sudo_list = data.get('sudo_list', None) # sudo权限 bash_shell = data.get('bash_shell', None) # sudo权限 remarks = data.get('remarks', None) # 备注 if not name or not system_user or not priority or not sudo_list or not bash_shell: return self.write(dict(code=-2, msg='关键参数不能为空')) if not platform_users: return self.write(dict(code=-2, msg='请至少选择一个关联用户')) if not is_number(priority): return self.write(dict(code=-2, msg='优先级必须是数字')) with DBContext('r', None, True) as session: exist_id = session.query(SystemUser.id).filter(SystemUser.name == name).first() exist_priority = session.query(SystemUser.id).filter(SystemUser.priority == int(priority)).first() if exist_id: return self.write(dict(code=-2, msg='不要重复记录')) if exist_priority: return self.write(dict(code=-2, msg='优先级冲突')) # 新建一个系统用户用来登陆主机,此用户使用密钥认证登陆主机,密钥是自动生成的,生成后保存到数据库里面 key_name = shortuuid.uuid() init_keygen_cmd = 'ssh-keygen -t rsa -P "" -f /tmp/{}'.format(key_name) code, ret = exec_shell(init_keygen_cmd) if code == 0: # 这个系统用户的公钥和私钥是根据name+system_user生成到/tmp下的 with open('/tmp/{}'.format(key_name), 'r') as id_rsa, open( '/tmp/{}.pub'.format(key_name), 'r') as id_rsa_pub: # 对密钥进行加密再写数据库 mc = MyCryptV2() # 实例化 _private_key = mc.my_encrypt(id_rsa.read()) _public_key = mc.my_encrypt(id_rsa_pub.read()) # print('加密后的id_rsa--->',_private_key) # print('加密后的id_rsa_pub--->',_public_key) # print('解密公钥', mc.my_decrypt(_public_key)) # 生成密钥对写入数据库 with DBContext('w', None, True) as session: new_system_user = SystemUser(name=name, system_user=system_user, priority=priority, sudo_list=sudo_list, bash_shell=bash_shell, id_rsa=_private_key, id_rsa_pub=_public_key, platform_users=','.join(platform_users), remarks=remarks) session.add(new_system_user) return self.write(dict(code=0, msg='添加成功')) else: return self.write(dict(code=-4, msg=ret))