mirror of https://github.com/jumpserver/jumpserver
fix common
ibuler@qq.com
parent
afbbad1604
commit
06eedff49f
|
|
@ -54,19 +54,18 @@ def get_playbook(template, var):
|
||||||
return path
|
return path
|
||||||
|
|
||||||
|
|
||||||
def playbook_run(inventory, playbook, default_user=None, default_port=None, default_pri_key_path=None):
|
def playbook_run(inventory, playbook, settings):
|
||||||
stats = callbacks.AggregateStats()
|
stats = callbacks.AggregateStats()
|
||||||
playbook_cb = callbacks.PlaybookCallbacks(verbose=utils.VERBOSITY)
|
playbook_cb = callbacks.PlaybookCallbacks(verbose=utils.VERBOSITY)
|
||||||
runner_cb = callbacks.PlaybookRunnerCallbacks(stats, verbose=utils.VERBOSITY)
|
runner_cb = callbacks.PlaybookRunnerCallbacks(stats, verbose=utils.VERBOSITY)
|
||||||
# run the playbook
|
# run the playbook
|
||||||
print default_user, default_port, default_pri_key_path, inventory, playbook
|
if settings:
|
||||||
if default_user and default_port and default_pri_key_path:
|
|
||||||
playbook = PlayBook(host_list=inventory,
|
playbook = PlayBook(host_list=inventory,
|
||||||
playbook=playbook,
|
playbook=playbook,
|
||||||
forks=5,
|
forks=5,
|
||||||
remote_user=default_user,
|
remote_user=settings.default_user,
|
||||||
remote_port=default_port,
|
remote_port=settings.default_port,
|
||||||
private_key_file=default_pri_key_path,
|
private_key_file=settings.default_pri_key_path,
|
||||||
callbacks=playbook_cb,
|
callbacks=playbook_cb,
|
||||||
runner_callbacks=runner_cb,
|
runner_callbacks=runner_cb,
|
||||||
stats=stats,
|
stats=stats,
|
||||||
|
|
@ -98,43 +97,67 @@ def playbook_run(inventory, playbook, default_user=None, default_port=None, defa
|
||||||
return results_r
|
return results_r
|
||||||
|
|
||||||
|
|
||||||
def perm_user_api(asset_new, asset_del, asset_group_new, asset_group_del, user=None, user_group=None):
|
def perm_user_api(perm_info):
|
||||||
"""用户授权api,通过调用ansible API完成用户新建等"""
|
"""
|
||||||
asset_new_ip = [] # 新授权的ip列表
|
用户授权api,通过调用ansible API完成用户新建等,传入参数必须如下,列表中可以是对象,也可以是用户名和ip
|
||||||
asset_del_ip = [] # 回收授权的ip列表
|
perm_info = {'del': {'users': [],
|
||||||
|
'assets': [],
|
||||||
|
},
|
||||||
|
'new': {'users': [],
|
||||||
|
'assets': []}}
|
||||||
|
"""
|
||||||
|
try:
|
||||||
|
new_users = perm_info['new']['users']
|
||||||
|
new_assets = perm_info['new']['assets']
|
||||||
|
del_users = perm_info['del']['users']
|
||||||
|
del_assets = perm_info['del']['assets']
|
||||||
|
except IndexError:
|
||||||
|
raise ServerError("Error: function perm_user_api传入参数错误")
|
||||||
|
|
||||||
asset_new_ip.extend([asset.ip for asset in asset_new]) # 查库,获取新授权ip
|
# 检查传入的是字符串还是对象
|
||||||
for asset_group in asset_group_new:
|
check_users = new_users + del_users
|
||||||
asset_new_ip.extend([asset.ip for asset in asset_group.asset_set.all()]) # 同理
|
try:
|
||||||
asset_del_ip.extend([asset.ip for asset in asset_del]) # 查库,获取回收授权的ip
|
if isinstance(check_users[0], str):
|
||||||
for asset_group in asset_group_del:
|
var_type = 'str'
|
||||||
asset_del_ip.extend([asset.ip for asset in asset_group.asset_set.all()]) # 同理
|
|
||||||
|
|
||||||
if asset_new_ip or asset_del_ip:
|
|
||||||
host_group = {'new': asset_new_ip, 'del': asset_del_ip}
|
|
||||||
inventory = get_inventory(host_group)
|
|
||||||
if user:
|
|
||||||
the_items = user.username,
|
|
||||||
elif user_group:
|
|
||||||
users = user_group.user_set.all()
|
|
||||||
the_items = ','.join([user.username for user in users])
|
|
||||||
else:
|
else:
|
||||||
return HttpResponse('Argument error.')
|
var_type = 'obj'
|
||||||
|
|
||||||
playbook = get_playbook(os.path.join(BASE_DIR, 'playbook', 'user_perm.yaml'),
|
except IndexError:
|
||||||
{'the_new_group': 'new', 'the_del_group': 'del',
|
raise ServerError("Error: function perm_user_api传入参数错误")
|
||||||
'the_items': the_items, 'the_pub_key': '/tmp/id_rsa.pub'})
|
|
||||||
|
|
||||||
settings = get_object(Setting, id=1)
|
print new_assets, del_assets
|
||||||
if settings:
|
print new_users, del_users
|
||||||
default_user = settings.default_user
|
try:
|
||||||
default_port = settings.default_port
|
if var_type == 'str':
|
||||||
default_pri_key_path = settings.default_pri_key_path
|
new_ip = new_assets
|
||||||
|
del_ip = del_assets
|
||||||
|
new_username = new_users
|
||||||
|
del_username = del_users
|
||||||
else:
|
else:
|
||||||
default_user = default_port = default_pri_key_path = ''
|
new_ip = [asset.ip for asset in new_assets if isinstance(asset, Asset)]
|
||||||
|
del_ip = [asset.ip for asset in del_assets if isinstance(asset, Asset)]
|
||||||
|
new_username = [user.username for user in new_users if isinstance(user, User)]
|
||||||
|
del_username = [user.username for user in del_users if isinstance(user, User)]
|
||||||
|
except IndexError:
|
||||||
|
raise ServerError("Error: function perm_user_api传入参数类型错误")
|
||||||
|
|
||||||
results_r = playbook_run(inventory, playbook, default_user, default_port, default_pri_key_path)
|
print new_ip, del_ip
|
||||||
return results_r
|
print new_username, del_username
|
||||||
|
|
||||||
|
host_group = {'new': new_ip, 'del': del_ip}
|
||||||
|
inventory = get_inventory(host_group)
|
||||||
|
|
||||||
|
the_new_users = ','.join(new_username)
|
||||||
|
the_del_users = ','.join(del_username)
|
||||||
|
|
||||||
|
playbook = get_playbook(os.path.join(BASE_DIR, 'playbook', 'user_perm.yaml'),
|
||||||
|
{'the_new_group': 'new', 'the_del_group': 'del',
|
||||||
|
'the_new_users': the_new_users, 'the_del_users': the_del_users,
|
||||||
|
'the_pub_key': '/tmp/id_rsa.pub'})
|
||||||
|
|
||||||
|
settings = get_object(Setting, name='default')
|
||||||
|
results_r = playbook_run(inventory, playbook, settings)
|
||||||
|
return results_r
|
||||||
|
|
||||||
|
|
||||||
def refresh_group_api(user_group=None, asset_group=None):
|
def refresh_group_api(user_group=None, asset_group=None):
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
|
|
@ -2,18 +2,16 @@
|
||||||
tasks:
|
tasks:
|
||||||
- name: del user
|
- name: del user
|
||||||
user: name={{ item }} state=absent remove=yes
|
user: name={{ item }} state=absent remove=yes
|
||||||
with_items: [ the_items ]
|
with_items: [ the_del_users ]
|
||||||
|
|
||||||
- hosts: the_new_group
|
- hosts: the_new_group
|
||||||
tasks:
|
tasks:
|
||||||
- name: add user
|
- name: add user
|
||||||
user: name={{ item }} state=present
|
user: name={{ item }} state=present
|
||||||
with_items: [ the_items ]
|
with_items: [ the_new_users ]
|
||||||
- name: .ssh direcotory
|
- name: .ssh direcotory
|
||||||
file: name=/home/{{ item }}/.ssh mode=700 owner={{ item }} group={{ item }} state=directory
|
file: name=/home/{{ item }}/.ssh mode=700 owner={{ item }} group={{ item }} state=directory
|
||||||
with_items: [ the_items ]
|
with_items: [ the_new_users ]
|
||||||
- name: set authorizied_file
|
- name: set authorizied_file
|
||||||
copy: src=the_pub_key dest=/home/{{ item }}/.ssh/authorizied_keys owner={{ item }} group={{ item }} mode=600
|
copy: src=the_pub_key dest=/home/{{ item }}/.ssh/authorizied_keys owner={{ item }} group={{ item }} mode=600
|
||||||
with_items: [ the_items ]
|
with_items: [ the_new_users ]
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -107,7 +107,7 @@
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<div class="col-sm-4 col-sm-offset-2">
|
<div class="col-sm-4 col-sm-offset-2">
|
||||||
<button class="btn btn-white" type="reset">取消</button>
|
<button class="btn btn-white" type="reset">取消</button>
|
||||||
<button id="submit_button" class="btn btn-primary" type="submit" onclick="checkAll('userPerm')">确认保存</button>
|
<button id="submit_button" class="btn btn-primary" type="submit" onclick="selectAll()">确认保存</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue