diff --git a/jumpserver.py b/jumpserver.py index 69dadf2cd..0529d7fc7 100755 --- a/jumpserver.py +++ b/jumpserver.py @@ -24,6 +24,8 @@ if not cur_dir: sys.path.append('%s/webroot/AutoSa/' % cur_dir) os.environ['DJANGO_SETTINGS_MODULE'] = 'AutoSa.settings' +import django +django.setup() from UserManage.models import User, Logs, Pid from Assets.models import Assets @@ -88,18 +90,6 @@ def getwinsize(): return struct.unpack('HHHH', x)[0:2] -# def connect_db(user, passwd, db, host='127.0.0.1', port=3306): -# """This function connect db and return db and cursor""" -# db = MySQLdb.connect(host=host, -# port=port, -# user=user, -# passwd=passwd, -# db=db, -# charset='utf8') -# cursor = db.cursor() -# return db, cursor - - def run_cmd(cmd): """run command and return stdout""" pipe = subprocess.Popen(cmd, @@ -121,7 +111,7 @@ def connect(host, port, user, password): log_date_dir = '%s/%s' % (log_dir, time.strftime('%Y%m%d')) if not os.path.isdir(log_date_dir): os.mkdir(log_date_dir) - os.chmod(log_date_dir, 0777) + os.mkdir(log_date_dir, 0777) structtime_start = time.localtime() datetime_start = time.strftime('%Y%m%d%H%M%S', structtime_start) logtime_start = time.strftime('%Y/%m/%d %H:%M:%S', structtime_start) @@ -259,6 +249,14 @@ def exec_cmd_servers(username): cmd = raw_input('\033[1;32mCmd(s): \033[0m') if cmd in ['q', 'Q']: break + exec_log_dir = os.path.join(log_dir, 'exec_cmds') + if not os.path.isdir(exec_log_dir): + os.mkdir(exec_log_dir) + os.chmod(exec_log_dir, 0777) + filename = "%s/%s.log" % (exec_log_dir, time.strftime('%Y%m%d')) + f = open(filename, 'a') + f.write("DateTime: %s User: %s Host: %s Cmds: %s\n" % + (time.strftime('%Y/%m/%d %H:%M:%S'), username, hosts, cmd)) for host in hosts: remote_exec_cmd(host, username, cmd) diff --git a/webroot/AutoSa/AutoSa/views.py b/webroot/AutoSa/AutoSa/views.py index bff9ead47..ca765bbd2 100644 --- a/webroot/AutoSa/AutoSa/views.py +++ b/webroot/AutoSa/AutoSa/views.py @@ -34,6 +34,7 @@ ldap_host = cf.get('jumpserver', 'ldap_host') ldap_base_dn = cf.get('jumpserver', 'ldap_base_dn') admin_cn = cf.get('jumpserver', 'admin_cn') admin_pass = cf.get('jumpserver', 'admin_pass') +log_dir = os.path.join(CONF_DIR, 'logs') def keygen(num): @@ -794,9 +795,6 @@ def addPerm(request): context_instance=RequestContext(request)) - - - @login_required def chgPass(request): """修改登录密码""" @@ -910,13 +908,24 @@ def upFile(request): port = asset.port jm = PyCrypt(key) user = User.objects.get(username=username) - t = paramiko.Transport((host, port)) - t.connect(username=username, password=jm.decrypt(user.ldap_password)) - sftp = paramiko.SFTPClient.from_transport(t) - sftp.put(filename, '%s/%s' % (path, upload_file.name)) - msg = u'上传成功,位于 %s主机,位置 %s.' % (host, path) + try: + t = paramiko.Transport((host, port)) + t.connect(username=username, password=jm.decrypt(user.ldap_password)) + sftp = paramiko.SFTPClient.from_transport(t) + sftp.put(filename, '%s/%s' % (path, upload_file.name)) + msg = u'上传成功,位于 %s主机,位置 %s.' % (host, path) + uplog_dir = os.path.join(log_dir, 'upload') + if not os.path.isdir(uplog_dir): + os.mkdir(uplog_dir) + filename = os.path.join(uplog_dir, '%s.log' % time.strftime('%Y%m%d')) + f = open(filename, 'a') + f.write('DateTime: %s User: %s Host: %s File: %s\n' % + (time.strftime('%Y/%m/%d %H:%M:%S'), username, host, path)) + f.close() + except paramiko.AuthenticationException: + error = u'密码不对 或者 你用的admin用户' - return render_to_response('info.html', {'msg': msg}) + return render_to_response('info.html', {'msg': msg, 'error': error}) else: return render_to_response('info.html', {'error': u"上传失败"}) @@ -944,8 +953,15 @@ def downFile(request): sftp = paramiko.SFTPClient.from_transport(t) sftp.get(path, download_file) if os.path.isfile(download_file): + downlog_dir = os.path.join(log_dir, 'download') + if not os.path.isdir(downlog_dir): + os.mkdir(downlog_dir) + filename = os.path.join(downlog_dir, '%s.log' % time.strftime('%Y%m%d')) + f = open(filename, 'a') + f.write('DateTime: %s User: %s Host: %s File: %s\n' % + (time.strftime('%Y/%m/%d %H:%M:%S'), username, host, path)) + f.close() wrapper = FileWrapper(open(download_file)) - response = HttpResponse(wrapper, mimetype='application/octet-stream') response['Content-Disposition'] = 'attachment; filename=%s' % os.path.basename(path) return response diff --git a/webroot/AutoSa/log_handler.py b/webroot/AutoSa/log_handler.py index 9709e7d44..769ac65d3 100755 --- a/webroot/AutoSa/log_handler.py +++ b/webroot/AutoSa/log_handler.py @@ -9,6 +9,8 @@ cur_dir = os.path.dirname(__file__) sys.path.append('%s/webroot/AutoSa/' % cur_dir) os.environ['DJANGO_SETTINGS_MODULE'] = 'AutoSa.settings' +import django +django.setup() from UserManage.models import Logs, Pid @@ -17,12 +19,12 @@ def log_hanler(logid): if log: log = log[0] filename = log.logfile - ret1 = os.system('cat %s | grep "DateTime" > %s.his' % (filename, filename)) - ret2 = os.system('cat %s | grep "\[.*@.*\][\$\#]" >> %s.his' % (filename, filename)) - ret3 = os.system('cat %s | grep "EndTime" >> %s.his' % (filename, filename)) - if (ret1 + ret2 + ret3) == 0: - print 'Handler % ok.' % filename - + if os.path.isfile(filename): + ret1 = os.system('cat %s | grep "DateTime" > %s.his' % (filename, filename)) + ret2 = os.system('cat %s | grep "\[.*@.*\][\$\#]" >> %s.his' % (filename, filename)) + ret3 = os.system('cat %s | grep "EndTime" >> %s.his' % (filename, filename)) + if (ret1 + ret2 + ret3) == 0: + print 'Handler % ok.' % filename def set_finish(id): diff --git a/webroot/AutoSa/templates/addUser.html b/webroot/AutoSa/templates/addUser.html index 4d367438f..7630836ff 100644 --- a/webroot/AutoSa/templates/addUser.html +++ b/webroot/AutoSa/templates/addUser.html @@ -68,6 +68,12 @@
{{ form.group }}
+
+ 添加属组 +
+
+ 删除属组 +
{{ form.is_admin.errors }} diff --git a/webroot/AutoSa/templates/addVPN.html b/webroot/AutoSa/templates/addVPN.html deleted file mode 100644 index 07c7501c0..000000000 --- a/webroot/AutoSa/templates/addVPN.html +++ /dev/null @@ -1,3 +0,0 @@ -{% extends 'base.html' %} -{% block content %} -{% endblock %} \ No newline at end of file diff --git a/webroot/AutoSa/templates/assets_edit.html b/webroot/AutoSa/templates/assets_edit.html deleted file mode 100644 index f57a076a8..000000000 --- a/webroot/AutoSa/templates/assets_edit.html +++ /dev/null @@ -1,34 +0,0 @@ -{% extends "base.html" %} -{% block content %} -

修改主机信息

-
-
- - - - - - - - - - - - - - - - - - - - - -
- - -
- -
-
-{% endblock %} diff --git a/webroot/AutoSa/templates/assets_view.html b/webroot/AutoSa/templates/assets_view.html deleted file mode 100644 index eeb324fe3..000000000 --- a/webroot/AutoSa/templates/assets_view.html +++ /dev/null @@ -1,58 +0,0 @@ -{% extends "base.html" %} -{% block content %} -
-

主机列表

-
添加 
-
- - - - - - - - - - - - - - - - - - {% for post in contacts.object_list %} - - - - - - - - - - - - - {% endfor %} - - -
编号IP主机名cpu内存硬盘操作系统详情编辑删除
{{ post.s_num }}{{ post.s_ip }}{{ post.s_hostname }}{{ post.s_cpu }}{{ post.s_mem }}{{ post.s_disk }}{{ post.s_system }}详情编辑删除
- - -{% endblock %} diff --git a/webroot/AutoSa/templates/chgPass.html b/webroot/AutoSa/templates/chgPass.html index 4ddfbfadf..3aee92594 100644 --- a/webroot/AutoSa/templates/chgPass.html +++ b/webroot/AutoSa/templates/chgPass.html @@ -41,7 +41,7 @@
- +
diff --git a/webroot/AutoSa/templates/index.html b/webroot/AutoSa/templates/index.html index 07ba7f21a..56ced86e4 100644 --- a/webroot/AutoSa/templates/index.html +++ b/webroot/AutoSa/templates/index.html @@ -15,6 +15,7 @@ ID IP Port + IDC 备注 @@ -25,6 +26,7 @@ {{ asset.id }} {{ asset.ip }} {{ asset.port }} + {{ asset.idc }} {{ asset.comment }} {% endfor %} diff --git a/webroot/AutoSa/templates/logView.html b/webroot/AutoSa/templates/logView.html index 6a6d535d6..109441073 100644 --- a/webroot/AutoSa/templates/logView.html +++ b/webroot/AutoSa/templates/logView.html @@ -6,7 +6,7 @@ - + @@ -19,15 +19,16 @@ {% for log in logs.object_list %} - + + {% if log.finish %} - + {% else %} - + {% endif %} diff --git a/webroot/AutoSa/templates/runCommand.html b/webroot/AutoSa/templates/runCommand.html deleted file mode 100644 index ab3d911ae..000000000 --- a/webroot/AutoSa/templates/runCommand.html +++ /dev/null @@ -1,43 +0,0 @@ -{% extends 'base.html' %} -{% block content %} - -
-
-
-
- - - - - -
- 输入一个IP,或者多个IP逗号隔开。 -
-
- -
-
-
- - - - -
- 输入在执行的命令,多个命令分号隔开. -
-
-
- -
- -
-
- - - {% if stdout %} -
{{ stdout }}
- {% endif %} - {% if stderr %} -
{{ stderr }}
- {% endif %} -{% endblock %} \ No newline at end of file diff --git a/webroot/AutoSa/templates/showAssets.html b/webroot/AutoSa/templates/showAssets.html index 198fe915f..92c120438 100644 --- a/webroot/AutoSa/templates/showAssets.html +++ b/webroot/AutoSa/templates/showAssets.html @@ -13,6 +13,7 @@ + @@ -24,6 +25,7 @@ + {% endfor %} diff --git a/webroot/AutoSa/templates/showServer.html b/webroot/AutoSa/templates/showServer.html deleted file mode 100644 index 280c0e830..000000000 --- a/webroot/AutoSa/templates/showServer.html +++ /dev/null @@ -1,33 +0,0 @@ -{% extends 'base.html' %} -{% block content %} - - {% if info %} -

- {{ info }} -

- {% endif %} -
id 用户名 主机 监控
{{ log.id }} {{ log.user }} {{ log.host }}监控命令统计统计 阻断监控监控 命令统计 阻断
ID IP PortIDC 备注
{{ asset.id }} {{ asset.ip }} {{ asset.port }}{{ asset.idc }} {{ asset.comment }}
- - - - - - - - - - - {% for server in servers %} - - - - - - - - {% endfor %} - -
ip用户名端口sudo
{{ server.ip }}{{ server.username }}{{ server.port }}{{ server.sudo }}
- - -{% endblock %} \ No newline at end of file diff --git a/webroot/AutoSa/templates/showUser.html b/webroot/AutoSa/templates/showUser.html index b27df1c75..75f7be6d4 100644 --- a/webroot/AutoSa/templates/showUser.html +++ b/webroot/AutoSa/templates/showUser.html @@ -30,7 +30,6 @@ {{ user.id }} {{ user.username }} {{ user.name }} - {% for group in user.group.all %} {{ group.name }}