mirror of https://github.com/jumpserver/jumpserver
commit
0c611b6429
|
@ -16,3 +16,4 @@ db.sqlite3
|
|||
config.py
|
||||
migrations/
|
||||
*.log
|
||||
host_rsa_key
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
# coding: utf-8
|
||||
|
||||
from django.db import models
|
||||
from django.http import JsonResponse
|
||||
from django.utils.timezone import now
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
|
@ -36,3 +37,27 @@ class NoDeleteModelMixin(models.Model):
|
|||
self.is_discard = True
|
||||
self.discard_time = now()
|
||||
return self.save()
|
||||
|
||||
|
||||
class JSONResponseMixin(object):
|
||||
|
||||
"""JSON mixin"""
|
||||
|
||||
def render_json_response(self, context):
|
||||
return JsonResponse(context)
|
||||
|
||||
|
||||
class BulkDeleteApiMixin(object):
|
||||
|
||||
def filter_queryset(self, queryset):
|
||||
id_list = self.request.query_params.get('id__in')
|
||||
if id_list:
|
||||
import json
|
||||
try:
|
||||
ids = json.loads(id_list)
|
||||
except Exception as e:
|
||||
print e
|
||||
return queryset
|
||||
if isinstance(ids, list):
|
||||
queryset = queryset.filter(id__in=ids)
|
||||
return queryset
|
||||
|
|
|
@ -30,11 +30,17 @@ def get_object_or_none(model, **kwargs):
|
|||
|
||||
|
||||
def encrypt(*args, **kwargs):
|
||||
return signing.dumps(*args, **kwargs)
|
||||
try:
|
||||
return signing.dumps(*args, **kwargs)
|
||||
except signing.BadSignature:
|
||||
return ''
|
||||
|
||||
|
||||
def decrypt(*args, **kwargs):
|
||||
return signing.loads(*args, **kwargs)
|
||||
try:
|
||||
return signing.loads(*args, **kwargs)
|
||||
except signing.BadSignature:
|
||||
return ''
|
||||
|
||||
|
||||
def date_expired_default():
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -54,7 +54,7 @@ INSTALLED_APPS = [
|
|||
'users.apps.UsersConfig',
|
||||
'assets.apps.AssetsConfig',
|
||||
'perms.apps.PermsConfig',
|
||||
'webterminal.apps.WebterminalConfig',
|
||||
# 'terminal.apps.TerminalConfig',
|
||||
'ops.apps.OpsConfig',
|
||||
'audits.apps.AuditsConfig',
|
||||
'common.apps.CommonConfig',
|
||||
|
@ -274,36 +274,36 @@ REST_FRAMEWORK = {
|
|||
}
|
||||
# This setting is required to override the Django's main loop, when running in
|
||||
# development mode, such as ./manage runserver
|
||||
WSGI_APPLICATION = 'ws4redis.django_runserver.application'
|
||||
# WSGI_APPLICATION = 'ws4redis.django_runserver.application'
|
||||
|
||||
# URL that distinguishes websocket connections from normal requests
|
||||
WEBSOCKET_URL = '/ws/'
|
||||
# WEBSOCKET_URL = '/ws/'
|
||||
|
||||
# WebSocket Redis
|
||||
WS4REDIS_CONNECTION = {
|
||||
'host': CONFIG.REDIS_HOST or '127.0.0.1',
|
||||
'port': CONFIG.REDIS_PORT or 6379,
|
||||
'db': 2,
|
||||
}
|
||||
# WS4REDIS_CONNECTION = {
|
||||
# 'host': CONFIG.REDIS_HOST or '127.0.0.1',
|
||||
# 'port': CONFIG.REDIS_PORT or 6379,
|
||||
# 'db': 2,
|
||||
# }
|
||||
|
||||
# Set the number of seconds each message shall persisted
|
||||
WS4REDIS_EXPIRE = 3600
|
||||
# WS4REDIS_EXPIRE = 3600
|
||||
|
||||
WS4REDIS_HEARTBEAT = 'love you'
|
||||
# WS4REDIS_HEARTBEAT = 'love you'
|
||||
|
||||
WS4REDIS_PREFIX = 'demo'
|
||||
# WS4REDIS_PREFIX = 'demo'
|
||||
|
||||
SESSION_ENGINE = 'redis_sessions.session'
|
||||
# SESSION_ENGINE = 'redis_sessions.session'
|
||||
|
||||
SESSION_REDIS_PREFIX = 'session'
|
||||
# SESSION_REDIS_PREFIX = 'session'
|
||||
|
||||
SESSION_REDIS_HOST = CONFIG.REDIS_HOST
|
||||
# SESSION_REDIS_HOST = CONFIG.REDIS_HOST
|
||||
|
||||
SESSION_REDIS_PORT = CONFIG.REDIS_PORT
|
||||
# SESSION_REDIS_PORT = CONFIG.REDIS_PORT
|
||||
|
||||
SESSION_REDIS_PASSWORD = CONFIG.REDIS_PASSWORD
|
||||
# SESSION_REDIS_PASSWORD = CONFIG.REDIS_PASSWORD
|
||||
|
||||
SESSION_REDIS_DB = CONFIG.REDIS_DB
|
||||
# SESSION_REDIS_DB = CONFIG.REDIS_DB
|
||||
|
||||
|
||||
# Custom User Auth model
|
||||
|
|
|
@ -25,7 +25,6 @@ urlpatterns = [
|
|||
url(r'^(api/)?users/', include('users.urls')),
|
||||
url(r'^assets/', include('assets.urls')),
|
||||
url(r'^perms/', include('perms.urls')),
|
||||
url(r'^terminal/', include('webterminal.urls')),
|
||||
]
|
||||
|
||||
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -9,51 +9,28 @@ from rest_framework import generics, status
|
|||
from rest_framework.response import Response
|
||||
from rest_framework_bulk import ListBulkCreateUpdateDestroyAPIView
|
||||
|
||||
from .serializers import UserSerializer, UserGroupSerializer, UserAttributeSerializer, GroupUserEditSerializer, \
|
||||
GroupEditSerializer, UserPKUpdateSerializer, UserBulkUpdateSerializer
|
||||
from .models import User, UserGroup
|
||||
from .serializers import UserDetailSerializer, UserAndGroupSerializer, \
|
||||
GroupDetailSerializer, UserPKUpdateSerializer, UserBulkUpdateSerializer, GroupBulkUpdateSerializer
|
||||
from common.mixins import BulkDeleteApiMixin
|
||||
|
||||
|
||||
logger = logging.getLogger('jumpserver.users.api')
|
||||
|
||||
|
||||
class UserListAddApi(generics.ListCreateAPIView):
|
||||
class UserDetailApi(generics.RetrieveUpdateDestroyAPIView):
|
||||
queryset = User.objects.all()
|
||||
serializer_class = UserSerializer
|
||||
serializer_class = UserDetailSerializer
|
||||
|
||||
|
||||
class UserDetailDeleteUpdateApi(generics.RetrieveUpdateDestroyAPIView):
|
||||
class UserAndGroupEditApi(generics.RetrieveUpdateAPIView):
|
||||
queryset = User.objects.all()
|
||||
serializer_class = UserSerializer
|
||||
|
||||
def delete(self, request, *args, **kwargs):
|
||||
print(self.request.data)
|
||||
return super(UserDetailDeleteUpdateApi, self).delete(request, *args, **kwargs)
|
||||
|
||||
|
||||
class UserGroupListAddApi(generics.ListCreateAPIView):
|
||||
queryset = UserGroup.objects.all()
|
||||
serializer_class = UserGroupSerializer
|
||||
|
||||
|
||||
class UserGroupDetailDeleteUpdateApi(generics.RetrieveUpdateDestroyAPIView):
|
||||
queryset = UserGroup.objects.all()
|
||||
serializer_class = UserGroupSerializer
|
||||
|
||||
|
||||
class UserAttributeApi(generics.RetrieveUpdateDestroyAPIView):
|
||||
queryset = User.objects.all()
|
||||
serializer_class = UserAttributeSerializer
|
||||
|
||||
|
||||
class GroupUserEditApi(generics.RetrieveUpdateAPIView):
|
||||
queryset = User.objects.all()
|
||||
serializer_class = GroupUserEditSerializer
|
||||
serializer_class = UserAndGroupSerializer
|
||||
|
||||
|
||||
class UserResetPasswordApi(generics.UpdateAPIView):
|
||||
queryset = User.objects.all()
|
||||
serializer_class = GroupUserEditSerializer
|
||||
serializer_class = UserDetailSerializer
|
||||
|
||||
def perform_update(self, serializer):
|
||||
# Note: we are not updating the user object here.
|
||||
|
@ -68,7 +45,7 @@ class UserResetPasswordApi(generics.UpdateAPIView):
|
|||
|
||||
class UserResetPKApi(generics.UpdateAPIView):
|
||||
queryset = User.objects.all()
|
||||
serializer_class = GroupUserEditSerializer
|
||||
serializer_class = UserDetailSerializer
|
||||
|
||||
def perform_update(self, serializer):
|
||||
user = self.get_object()
|
||||
|
@ -88,9 +65,9 @@ class UserUpdatePKApi(generics.UpdateAPIView):
|
|||
user.save()
|
||||
|
||||
|
||||
class GroupEditApi(generics.RetrieveUpdateDestroyAPIView):
|
||||
class GroupDetailApi(generics.RetrieveUpdateDestroyAPIView):
|
||||
queryset = UserGroup.objects.all()
|
||||
serializer_class = GroupEditSerializer
|
||||
serializer_class = GroupDetailSerializer
|
||||
|
||||
def perform_update(self, serializer):
|
||||
users = serializer.validated_data.get('users')
|
||||
|
@ -105,27 +82,19 @@ class GroupEditApi(generics.RetrieveUpdateDestroyAPIView):
|
|||
serializer.save()
|
||||
|
||||
|
||||
class UserBulkUpdateApi(ListBulkCreateUpdateDestroyAPIView):
|
||||
class UserListUpdateApi(BulkDeleteApiMixin, ListBulkCreateUpdateDestroyAPIView):
|
||||
queryset = User.objects.all()
|
||||
serializer_class = UserBulkUpdateSerializer
|
||||
|
||||
def filter_queryset(self, queryset):
|
||||
id_list = self.request.query_params.get('id__in')
|
||||
if id_list:
|
||||
import json
|
||||
try:
|
||||
ids = json.loads(id_list)
|
||||
except Exception as e:
|
||||
logger.error(str(e))
|
||||
return queryset
|
||||
if isinstance(ids, list):
|
||||
queryset = queryset.filter(id__in=ids)
|
||||
return queryset
|
||||
|
||||
class GroupListUpdateApi(BulkDeleteApiMixin, ListBulkCreateUpdateDestroyAPIView):
|
||||
queryset = UserGroup.objects.all()
|
||||
serializer_class = GroupBulkUpdateSerializer
|
||||
|
||||
|
||||
class DeleteUserFromGroupApi(generics.DestroyAPIView):
|
||||
queryset = UserGroup.objects.all()
|
||||
serializer_class = GroupEditSerializer
|
||||
serializer_class = GroupDetailSerializer
|
||||
|
||||
def destroy(self, request, *args, **kwargs):
|
||||
group = self.get_object()
|
||||
|
|
|
@ -34,6 +34,13 @@ class UserCreateForm(forms.ModelForm):
|
|||
}
|
||||
|
||||
|
||||
class UserBulkImportForm(forms.ModelForm):
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ['username', 'email', 'enable_otp', 'role']
|
||||
|
||||
|
||||
class UserUpdateForm(forms.ModelForm):
|
||||
|
||||
class Meta:
|
||||
|
|
|
@ -112,6 +112,12 @@ class User(AbstractUser):
|
|||
else:
|
||||
return True
|
||||
|
||||
@property
|
||||
def is_valid(self):
|
||||
if self.is_active and not self.is_expired:
|
||||
return True
|
||||
return False
|
||||
|
||||
@property
|
||||
def private_key(self):
|
||||
return decrypt(self._private_key)
|
||||
|
|
|
@ -8,47 +8,13 @@ from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin
|
|||
from .models import User, UserGroup
|
||||
|
||||
|
||||
class UserSerializer(serializers.ModelSerializer):
|
||||
groups = serializers.HyperlinkedRelatedField(many=True, read_only=True, view_name='users:user-group-detail-api')
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
exclude = [
|
||||
'password', 'first_name', 'last_name', 'secret_key_otp',
|
||||
'private_key', 'public_key', 'avatar',
|
||||
]
|
||||
|
||||
|
||||
class UserGroupSerializer(serializers.ModelSerializer):
|
||||
users = serializers.HyperlinkedRelatedField(many=True, read_only=True, view_name='users:user-detail-api')
|
||||
|
||||
class Meta:
|
||||
model = UserGroup
|
||||
fields = '__all__'
|
||||
|
||||
|
||||
class GroupEditSerializer(serializers.ModelSerializer):
|
||||
|
||||
class Meta:
|
||||
model = UserGroup
|
||||
fields = ['id', 'name', 'comment', 'date_created', 'created_by', 'users']
|
||||
|
||||
|
||||
class UserAttributeSerializer(serializers.ModelSerializer):
|
||||
class UserDetailSerializer(serializers.ModelSerializer):
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ['avatar', 'wechat', 'phone', 'enable_otp', 'comment', 'is_active', 'name']
|
||||
|
||||
|
||||
class GroupUserEditSerializer(serializers.ModelSerializer):
|
||||
groups = serializers.PrimaryKeyRelatedField(many=True, queryset=UserGroup.objects.all())
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ['id', 'groups']
|
||||
|
||||
|
||||
class UserPKUpdateSerializer(serializers.ModelSerializer):
|
||||
|
||||
class Meta:
|
||||
|
@ -70,6 +36,21 @@ class UserPKUpdateSerializer(serializers.ModelSerializer):
|
|||
return value
|
||||
|
||||
|
||||
class UserAndGroupSerializer(serializers.ModelSerializer):
|
||||
groups = serializers.PrimaryKeyRelatedField(many=True, queryset=UserGroup.objects.all())
|
||||
|
||||
class Meta:
|
||||
model = User
|
||||
fields = ['id', 'groups']
|
||||
|
||||
|
||||
class GroupDetailSerializer(serializers.ModelSerializer):
|
||||
|
||||
class Meta:
|
||||
model = UserGroup
|
||||
fields = ['id', 'name', 'comment', 'date_created', 'created_by', 'users']
|
||||
|
||||
|
||||
class UserBulkUpdateSerializer(BulkSerializerMixin, serializers.ModelSerializer):
|
||||
group_display = serializers.SerializerMethodField()
|
||||
active_display = serializers.SerializerMethodField()
|
||||
|
@ -88,3 +69,16 @@ class UserBulkUpdateSerializer(BulkSerializerMixin, serializers.ModelSerializer)
|
|||
def get_active_display(self, obj):
|
||||
# TODO: user ative state
|
||||
return not (obj.is_expired and obj.is_active)
|
||||
|
||||
|
||||
class GroupBulkUpdateSerializer(BulkSerializerMixin, serializers.ModelSerializer):
|
||||
|
||||
user_amount = serializers.SerializerMethodField()
|
||||
|
||||
class Meta:
|
||||
model = UserGroup
|
||||
list_serializer_class = BulkListSerializer
|
||||
fields = ['id', 'name', 'comment', 'user_amount']
|
||||
|
||||
def get_user_amount(self, obj):
|
||||
return obj.users.count()
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
{% extends '_modal.html' %}
|
||||
{% load i18n %}
|
||||
{% block modal_id %}user_import_modal{% endblock %}
|
||||
{% block modal_title%}{% trans "Import User" %}{% endblock %}
|
||||
{% block modal_body %}
|
||||
<p class="text-success text-center">{% trans "Hint: your excel should organized in the following format." %}</p>
|
||||
<p class="text-success text-center">{% trans "* You should have a very worksheet named `users`." %}</p>
|
||||
<p class="text-success text-center">{% trans "* Rows in this worksheet: username, email, enable_opt(0, 1), role(one of ['Admin', 'User'])" %}</p>
|
||||
<form method="post" class="form-horizontal" action="{% url 'users:user-import' %}" id="fm_user_import" enctype="multipart/form-data">
|
||||
{% csrf_token %}
|
||||
<div class="form-group">
|
||||
<label class="control-label col-sm-2 col-lg-2 " for="id_excel">{% trans "Excel" %}</label>
|
||||
<div class=" col-sm-9 col-lg-9 ">
|
||||
<input id="id_excel" type="file" name="excel" />
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
{% endblock %}
|
||||
{% block modal_confirm_id %}btn_user_import{% endblock %}
|
|
@ -218,7 +218,7 @@ $(document).on('click', '.btn_remove', function(){
|
|||
users: plain_id_list.map(Number)
|
||||
};
|
||||
$('#select_user_modal').modal('hide');
|
||||
var the_url = "{% url 'users:user-group-edit-api' pk=object.id %}";
|
||||
var the_url = "{% url 'users:user-group-detail-api' pk=object.id %}";
|
||||
var success = function() {
|
||||
toastr.success('{% trans "The selected users has been added to current group." %}');
|
||||
var html = "";
|
||||
|
|
|
@ -1,71 +1,85 @@
|
|||
{% extends '_base_list.html' %}
|
||||
{% load i18n static %}
|
||||
{% load common_tags %}
|
||||
{% block custom_head_css_js %}
|
||||
<link href="{% static "css/plugins/sweetalert/sweetalert.css" %}" rel="stylesheet">
|
||||
<script src="{% static "js/plugins/sweetalert/sweetalert.min.js" %}"></script>
|
||||
{% endblock %}
|
||||
{{ block.super }}
|
||||
<style>
|
||||
div.dataTables_wrapper div.dataTables_filter,
|
||||
.dataTables_length {
|
||||
float: right !important;
|
||||
}
|
||||
|
||||
{% block content_left_head %}
|
||||
<a href="{% url 'users:user-group-create' %}" class="btn btn-sm btn-primary ">{% trans "Add User Group" %}</a>
|
||||
div.dataTables_wrapper div.dataTables_filter {
|
||||
margin-left: 15px;
|
||||
}
|
||||
</style>
|
||||
{% endblock %}
|
||||
|
||||
{% block table_head %}
|
||||
<th class="text-center">
|
||||
<input type="checkbox" id="check_all" onclick="checkAll('check_all', 'checked')">
|
||||
</th>
|
||||
<th class="text-center"><a href="{% url 'users:user-group-list' %}?sort=name">{% trans "Name" %}</a></th>
|
||||
<th class="text-center">{% trans "User Amount" %}</th>
|
||||
<th class="text-center">{% trans "Asset Amount" %}</th>
|
||||
<th class="text-center">{% trans "Comment" %}</th>
|
||||
<th class="text-center"></th>
|
||||
{% endblock %}
|
||||
|
||||
{% block table_body %}
|
||||
{% for user_group in user_group_list %}
|
||||
<tr class="gradeX">
|
||||
<td class="text-center">
|
||||
<input type="checkbox" name="checked" value="{{ user_group.id }}">
|
||||
</td>
|
||||
<td class="text-center">
|
||||
<a href="{% url 'users:user-group-detail' pk=user_group.id %}">
|
||||
{{ user_group.name }}
|
||||
</a>
|
||||
</td>
|
||||
<td class="text-center">{{ user_group.users.count }}</td>
|
||||
<td class="text-center">999</td>
|
||||
<th class="text-center">{{ user_group.comment|truncatewords:8 }}</th>
|
||||
<td class="text-center">
|
||||
<a href="{% url 'users:user-group-update' pk=user_group.id %}" class="btn btn-xs btn-info">{% trans "Edit" %}</a>
|
||||
<a href="javascript:void(0)" data-gid="{{ user_group.id }}"
|
||||
class="btn btn-xs btn-danger del {% ifequal user_group.name 'Default' %}disabled{% else %}btn_delete_user_group{% endifequal %}">{% trans "Delete" %}</a>
|
||||
</td>
|
||||
{% block table_search %}{% endblock %}
|
||||
{% block table_container %}
|
||||
<div class="pull-left m-r-5"><a href="{% url 'users:user-group-create' %}" class="btn btn-sm btn-primary ">{% trans "Add User Group" %}</a></div>
|
||||
<table class="table table-striped table-bordered table-hover " id="group_list_table" >
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="text-center">
|
||||
<div class="checkbox checkbox-default"><input id="" type="checkbox" class="ipt_check_all"><label></label></div>
|
||||
</th>
|
||||
<th class="text-center">{% trans 'Name' %}</a></th>
|
||||
<th class="text-center">{% trans 'User Amount' %}</a></th>
|
||||
<th class="text-center">{% trans 'Asset Amount' %}</th>
|
||||
<th class="text-center">{% trans 'Comment' %}</th>
|
||||
<th class="text-center">{% trans 'Action' %}</th>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
{% endblock %}
|
||||
|
||||
{% block content_bottom_left %}
|
||||
<form id="" method="get" action="" class=" mail-search">
|
||||
<div class="input-group">
|
||||
<select class="form-control m-b" style="width: auto">
|
||||
<option>{% trans "Bulk Update" %}</option>
|
||||
<option>{% trans "Bulk Export" %}</option>
|
||||
<option>{% trans "Bulk Update" %}</option>
|
||||
</select>
|
||||
<div class="input-group-btn pull-left" style="padding-left: 5px;">
|
||||
<button id='search_btn' type="submit" style="height: 32px;" class="btn btn-sm btn-primary">{% trans "Confirm" %}</button>
|
||||
</div>
|
||||
</thead>
|
||||
</table>
|
||||
<div id="actions" class="hide">
|
||||
<div class="input-group">
|
||||
<select class="form-control m-b" style="width: auto" id="slct_bulk_update">
|
||||
<option value="delete">{% trans 'Delete selected' %}</option>
|
||||
</select>
|
||||
<div class="input-group-btn pull-left" style="padding-left: 5px;">
|
||||
<button id='btn_bulk_update' style="height: 32px;" class="btn btn-sm btn-primary">
|
||||
{% trans 'Submit' %}
|
||||
</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
||||
{% block content_bottom_left %}{% endblock %}
|
||||
{% block custom_foot_js %}
|
||||
<script>
|
||||
$(document).on('click', '.btn_delete_user_group', function(){
|
||||
$(document).ready(function() {
|
||||
var options = {
|
||||
ele: $('#group_list_table'),
|
||||
buttons: [],
|
||||
columnDefs: [
|
||||
{targets: 1, createdCell: function (td, cellData, rowData) {
|
||||
var detail_btn = '<a href="{% url "users:user-group-detail" pk=99991937 %}">' + cellData + '</a>';
|
||||
$(td).html(detail_btn.replace('99991937', rowData.id));
|
||||
}},
|
||||
{targets: 4, createdCell: function (td, cellData) {
|
||||
var innerHtml = cellData.length > 18 ? cellData.substring(0, 18) + '...': cellData;
|
||||
$(td).html('<a href="javascript:void(0);" data-toggle="tooltip" title="' + cellData + '">' + innerHtml + '</a>');
|
||||
}},
|
||||
{targets: 5, createdCell: function (td, cellData, rowData) {
|
||||
var update_btn = '<a href="{% url "users:user-group-update" pk=99991937 %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('99991937', cellData);
|
||||
var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_delete_user_group" data-uid="99991937">{% trans "Delete" %}</a>'.replace('99991937', cellData);
|
||||
if (rowData.id === 1) {
|
||||
$(td).html(update_btn)
|
||||
} else {
|
||||
$(td).html(update_btn + del_btn)
|
||||
}
|
||||
}}],
|
||||
ajax_url: '{% url "users:user-group-bulk-update-api" %}',
|
||||
columns: [{data: function(){return ""}}, {data: "name" }, {data: "user_amount"},
|
||||
{data: function(){return 999}}, {data: "comment"}, {data: "id" }],
|
||||
op_html: $('#actions').html()
|
||||
};
|
||||
jumpserver.initDataTable(options);
|
||||
}).on('click', '.btn_delete_user_group', function(){
|
||||
var $this = $(this);
|
||||
function doDelete() {
|
||||
var group_id = $this.data('gid');
|
||||
var the_url = "{% url 'users:user-group-edit-api' 99991937 %}".replace('99991937', group_id);
|
||||
var the_url = "{% url 'users:user-group-detail-api' 99991937 %}".replace('99991937', group_id);
|
||||
var body = {};
|
||||
var success = function() {
|
||||
var msg = "{% trans 'Group Deleted.' %}";
|
||||
|
@ -95,6 +109,48 @@ $(document).on('click', '.btn_delete_user_group', function(){
|
|||
}, function() {
|
||||
doDelete();
|
||||
});
|
||||
}).on('click', '#btn_bulk_update', function(){
|
||||
var action = $('#slct_bulk_update').val();
|
||||
var $data_table = $('#group_list_table').DataTable()
|
||||
var plain_id_list = [];
|
||||
$data_table.rows({selected: true}).every(function(){
|
||||
plain_id_list.push(this.data().id);
|
||||
});
|
||||
if (plain_id_list === []) {
|
||||
return false;
|
||||
};
|
||||
var the_url = "{% url 'users:user-group-bulk-update-api' %}";
|
||||
function doDelete() {
|
||||
swal({
|
||||
title: "{% trans 'Are you sure?' %}",
|
||||
text: "{% trans 'This will delete the selected groups !!!' %}",
|
||||
type: "warning",
|
||||
showCancelButton: true,
|
||||
confirmButtonColor: "#DD6B55",
|
||||
confirmButtonText: "{% trans 'Confirm' %}",
|
||||
closeOnConfirm: false
|
||||
}, function() {
|
||||
var success = function() {
|
||||
var msg = "{% trans 'UserGroups Deleted.' %}";
|
||||
swal("{% trans 'UserGroups Delete' %}", msg, "success");
|
||||
$data_table.ajax.reload();
|
||||
};
|
||||
var fail = function() {
|
||||
var msg = "{% trans 'UserGroup Deleting failed.' %}";
|
||||
swal("{% trans 'UserGroups Delete' %}", msg, "error");
|
||||
};
|
||||
var url_delete = the_url + '?id__in=' + JSON.stringify(plain_id_list);
|
||||
APIUpdateAttr({url: url_delete, method: 'DELETE', success: success, error: fail});
|
||||
jumpserver.checked = false;
|
||||
});
|
||||
}
|
||||
switch(action) {
|
||||
case 'delete':
|
||||
doDelete();
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
})
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
|
|
@ -1,7 +1,5 @@
|
|||
{% extends '_base_list.html' %}
|
||||
{% load i18n static %}
|
||||
{% get_current_language as LANGUAGE_CODE %}
|
||||
{% load common_tags %}
|
||||
{% block custom_head_css_js %}
|
||||
{{ block.super }}
|
||||
<style>
|
||||
|
@ -17,7 +15,8 @@ div.dataTables_wrapper div.dataTables_filter {
|
|||
{% endblock %}
|
||||
{% block table_search %}{% endblock %}
|
||||
{% block table_container %}
|
||||
<div class="uc pull-left"><a href="{% url "users:user-create" %}" class="btn btn-sm btn-primary"> {% trans "Create user" %} </a></div>
|
||||
<div class="uc pull-left"><a href="javascript:void(0);" class="btn btn-sm btn-primary" data-toggle="modal" data-target="#user_import_modal"> {% trans "Import user" %} </a></div>
|
||||
<div class="uc pull-left m-l-5 m-r-5"><a href="{% url "users:user-create" %}" class="btn btn-sm btn-primary"> {% trans "Create user" %} </a></div>
|
||||
<table class="table table-striped table-bordered table-hover " id="user_list_table" >
|
||||
<thead>
|
||||
<tr>
|
||||
|
@ -51,10 +50,11 @@ div.dataTables_wrapper div.dataTables_filter {
|
|||
</div>
|
||||
</div>
|
||||
{% include "users/_user_bulk_update_modal.html" %}
|
||||
{% include "users/_user_import_modal.html" %}
|
||||
{% endblock %}
|
||||
{% block content_bottom_left %}
|
||||
{% endblock %}
|
||||
{% block content_bottom_left %}{% endblock %}
|
||||
{% block custom_foot_js %}
|
||||
<script src="{% static 'js/jquery.form.min.js' %}"></script>
|
||||
<script>
|
||||
$(document).ready(function(){
|
||||
var options = {
|
||||
|
@ -219,6 +219,23 @@ $(document).ready(function(){
|
|||
}
|
||||
APIUpdateAttr({url: the_url, method: 'PATCH', body: JSON.stringify(post_list), success: success});
|
||||
$('#user_bulk_update_modal').modal('hide');
|
||||
}).on('click', '#btn_user_import', function() {
|
||||
var $form = $('#fm_user_import');
|
||||
$form.find('.help-block').remove();
|
||||
function success (data) {
|
||||
if (data.success === false) {
|
||||
var $help = $form.find('.help-block');
|
||||
$('<span />', {class: 'help-block text-danger'}).html(data.msg).insertAfter($('#id_excel'));
|
||||
} else {
|
||||
$('#user_import_modal').modal('hide');
|
||||
var $data_table = $('#user_list_table').DataTable();
|
||||
toastr.success("{% trans 'Import User Success.' %}")
|
||||
$data_table.ajax.reload();
|
||||
}
|
||||
}
|
||||
$form.ajaxSubmit({success: success});
|
||||
}).on('change', '#id_excel', function() {
|
||||
$(this).siblings('.help-block').remove();
|
||||
})
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
|
|
@ -23,6 +23,7 @@ urlpatterns = [
|
|||
url(r'^user/(?P<pk>[0-9]+)/granted-asset', views.UserGrantedAssetView.as_view(), name='user-granted-asset'),
|
||||
url(r'^user/(?P<pk>[0-9]+)/login-history', views.UserDetailView.as_view(), name='user-login-history'),
|
||||
url(r'^first-login/$', views.UserFirstLoginView.as_view(), name='user-first-login'),
|
||||
url(r'^import/$', views.BulkImportUserView.as_view(), name='user-import'),
|
||||
url(r'^user/(?P<pk>[0-9]+)/assets-perm$', views.UserDetailView.as_view(), name='user-detail'),
|
||||
url(r'^user/create$', views.UserCreateView.as_view(), name='user-create'),
|
||||
url(r'^user/(?P<pk>[0-9]+)/update$', views.UserUpdateView.as_view(), name='user-update'),
|
||||
|
@ -34,22 +35,15 @@ urlpatterns = [
|
|||
|
||||
|
||||
urlpatterns += [
|
||||
url(r'^v1/users$', api.UserListAddApi.as_view(), name='user-list-api'),
|
||||
url(r'^v1/users/update/$', api.UserBulkUpdateApi.as_view(), name='user-bulk-update-api'),
|
||||
url(r'^v1/users/(?P<pk>[0-9]+)$',
|
||||
api.UserDetailDeleteUpdateApi.as_view(), name='user-detail-api'),
|
||||
url(r'^v1/users/(?P<pk>[0-9]+)/patch$',
|
||||
api.UserAttributeApi.as_view(), name='user-patch-api'),
|
||||
url(r'^v1/users/$', api.UserListUpdateApi.as_view(), name='user-bulk-update-api'),
|
||||
url(r'^v1/users/(?P<pk>\d+)/$', api.UserDetailApi.as_view(), name='user-patch-api'),
|
||||
url(r'^v1/users/(?P<pk>\d+)/reset-password/$', api.UserResetPasswordApi.as_view(), name='user-reset-password-api'),
|
||||
url(r'^v1/users/(?P<pk>\d+)/reset-pk/$', api.UserResetPKApi.as_view(), name='user-reset-pk-api'),
|
||||
url(r'^v1/users/(?P<pk>\d+)/update-pk/$', api.UserUpdatePKApi.as_view(), name='user-update-pk-api'),
|
||||
url(r'^v1/user-groups$', api.UserGroupListAddApi.as_view(), name='user-group-list-api'),
|
||||
url(r'^v1/user-groups/(?P<pk>[0-9]+)$',
|
||||
api.UserGroupDetailDeleteUpdateApi.as_view(), name='user-group-detail-api'),
|
||||
url(r'^v1/user-groups/$', api.GroupListUpdateApi.as_view(), name='user-group-bulk-update-api'),
|
||||
url(r'^v1/user-groups/(?P<pk>\d+)/$', api.GroupDetailApi.as_view(), name='user-group-detail-api'),
|
||||
url(r'^v1/user-groups/(?P<pk>\d+)/user/(?P<uid>\d+)/$',
|
||||
api.DeleteUserFromGroupApi.as_view(), name='delete-user-from-group-api'),
|
||||
url(r'^v1/user-groups/(?P<pk>[0-9]+)/users/$',
|
||||
api.GroupUserEditApi.as_view(), name='group-user-edit-api'),
|
||||
url(r'^v1/user-groups/(?P<pk>[0-9]+)/edit/$', api.GroupEditApi.as_view(),
|
||||
name='user-group-edit-api'),
|
||||
url(r'^v1/user-groups/(?P<pk>\d+)/users/$',
|
||||
api.UserAndGroupEditApi.as_view(), name='group-user-edit-api'),
|
||||
]
|
||||
|
|
|
@ -12,7 +12,8 @@ from django.utils.translation import ugettext as _
|
|||
from paramiko.rsakey import RSAKey
|
||||
|
||||
from common.tasks import send_mail_async
|
||||
from common.utils import reverse
|
||||
from common.utils import reverse, get_object_or_none
|
||||
from .models import User
|
||||
|
||||
|
||||
try:
|
||||
|
@ -147,3 +148,75 @@ def send_reset_ssh_key_mail(user):
|
|||
logger.debug(message)
|
||||
|
||||
send_mail_async.delay(subject, message, recipient_list, html_message=message)
|
||||
|
||||
|
||||
def validate_ssh_pk(text):
|
||||
"""
|
||||
Expects a SSH private key as string.
|
||||
Returns a boolean and a error message.
|
||||
If the text is parsed as private key successfully,
|
||||
(True,'') is returned. Otherwise,
|
||||
(False, <message describing the error>) is returned.
|
||||
|
||||
from https://github.com/githubnemo/SSH-private-key-validator/blob/master/validate.py
|
||||
|
||||
"""
|
||||
|
||||
if not text:
|
||||
return False, 'No text given'
|
||||
|
||||
startPattern = re.compile("^-----BEGIN [A-Z]+ PRIVATE KEY-----")
|
||||
optionPattern = re.compile("^.+: .+")
|
||||
contentPattern = re.compile("^([a-zA-Z0-9+/]{64}|[a-zA-Z0-9+/]{1,64}[=]{0,2})$")
|
||||
endPattern = re.compile("^-----END [A-Z]+ PRIVATE KEY-----")
|
||||
|
||||
def contentState(text):
|
||||
for i in range(0, len(text)):
|
||||
line = text[i]
|
||||
|
||||
if endPattern.match(line):
|
||||
if i == len(text) - 1 or len(text[i + 1]) == 0:
|
||||
return True, ''
|
||||
else:
|
||||
return False, 'At end but content coming'
|
||||
|
||||
elif not contentPattern.match(line):
|
||||
return False, 'Wrong string in content section'
|
||||
|
||||
return False, 'No content or missing end line'
|
||||
|
||||
def optionState(text):
|
||||
for i in range(0, len(text)):
|
||||
line = text[i]
|
||||
|
||||
if line[-1:] == '\\':
|
||||
return optionState(text[i + 2:])
|
||||
|
||||
if not optionPattern.match(line):
|
||||
return contentState(text[i + 1:])
|
||||
|
||||
return False, 'Expected option, found nothing'
|
||||
|
||||
def startState(text):
|
||||
if len(text) == 0 or not startPattern.match(text[0]):
|
||||
return False, 'Header is wrong'
|
||||
return optionState(text[1:])
|
||||
|
||||
return startState([n.strip() for n in text.splitlines()])
|
||||
|
||||
|
||||
def check_user_is_valid(**kwargs):
|
||||
password = kwargs.pop('password', None)
|
||||
public_key = kwargs.pop('public_key', None)
|
||||
user = get_object_or_none(User, **kwargs)
|
||||
|
||||
if password and not user.check_password(password):
|
||||
user = None
|
||||
|
||||
if public_key and not user.public_key == public_key:
|
||||
user = None
|
||||
|
||||
if user and user.is_valid:
|
||||
return user
|
||||
|
||||
return None
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from django import forms
|
||||
from django.conf import settings
|
||||
from django.contrib.auth import login as auth_login, logout as auth_logout
|
||||
from django.contrib.auth.mixins import LoginRequiredMixin
|
||||
|
@ -23,10 +24,11 @@ from django.views.generic.detail import DetailView
|
|||
|
||||
from formtools.wizard.views import SessionWizardView
|
||||
|
||||
from common.mixins import JSONResponseMixin
|
||||
from common.utils import get_object_or_none, get_logger
|
||||
from .models import User, UserGroup
|
||||
from .forms import UserCreateForm, UserUpdateForm, UserGroupForm, UserLoginForm, UserInfoForm, UserKeyForm, \
|
||||
UserPrivateAssetPermissionForm
|
||||
UserPrivateAssetPermissionForm, UserBulkImportForm
|
||||
from .utils import AdminUserRequiredMixin, user_add_success_next, send_reset_password_mail
|
||||
from .hands import AssetPermission, get_user_granted_asset_groups, get_user_granted_assets
|
||||
|
||||
|
@ -149,27 +151,12 @@ class UserDetailView(AdminUserRequiredMixin, DetailView):
|
|||
return super(UserDetailView, self).get_context_data(**kwargs)
|
||||
|
||||
|
||||
class UserGroupListView(AdminUserRequiredMixin, ListView):
|
||||
model = UserGroup
|
||||
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
|
||||
context_object_name = 'user_group_list'
|
||||
class UserGroupListView(AdminUserRequiredMixin, TemplateView):
|
||||
template_name = 'users/user_group_list.html'
|
||||
ordering = '-date_created'
|
||||
|
||||
def get_queryset(self):
|
||||
self.queryset = super(UserGroupListView, self).get_queryset()
|
||||
self.keyword = keyword = self.request.GET.get('keyword', '')
|
||||
self.sort = sort = self.request.GET.get('sort')
|
||||
if keyword:
|
||||
self.queryset = self.queryset.filter(name__icontains=keyword)
|
||||
|
||||
if sort:
|
||||
self.queryset = self.queryset.order_by(sort)
|
||||
return self.queryset
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super(UserGroupListView, self).get_context_data(**kwargs)
|
||||
context.update({'app': _('Users'), 'action': _('User group list'), 'keyword': self.keyword})
|
||||
context.update({'app': _('Users'), 'action': _('User group list')})
|
||||
return context
|
||||
|
||||
|
||||
|
@ -443,3 +430,66 @@ class UserGrantedAssetView(AdminUserRequiredMixin, SingleObjectMixin, ListView):
|
|||
}
|
||||
kwargs.update(context)
|
||||
return super(UserGrantedAssetView, self).get_context_data(**kwargs)
|
||||
|
||||
|
||||
class FileForm(forms.Form):
|
||||
excel = forms.FileField()
|
||||
|
||||
|
||||
class BulkImportUserView(AdminUserRequiredMixin, JSONResponseMixin, FormView):
|
||||
form_class = FileForm
|
||||
|
||||
def form_invalid(self, form):
|
||||
try:
|
||||
error = form.errors.values()[-1][-1]
|
||||
except Exception as e:
|
||||
print e
|
||||
error = _('Invalid file.')
|
||||
data = {
|
||||
'success': False,
|
||||
'msg': error
|
||||
}
|
||||
return self.render_json_response(data)
|
||||
|
||||
def form_valid(self, form):
|
||||
from openpyxl import load_workbook
|
||||
try:
|
||||
wb = load_workbook(form.cleaned_data['excel'])
|
||||
ws = wb['users']
|
||||
except Exception as e:
|
||||
print e
|
||||
error = _('Not a valid Excel file.')
|
||||
data = {
|
||||
'success': False,
|
||||
'msg': error
|
||||
}
|
||||
return self.render_json_response(data)
|
||||
|
||||
errors = []
|
||||
for index, row in enumerate(ws.rows):
|
||||
user_data = [cell.value for cell in row]
|
||||
if len(user_data) != 4:
|
||||
errors.append("Row {}: invalid user data format.".format(index))
|
||||
continue
|
||||
username, email, enable_otp, role = user_data
|
||||
data = {
|
||||
'username': username,
|
||||
'email': email,
|
||||
'enable_otp': True if enable_otp in ['T', '1', 1, True] else False,
|
||||
'role': role
|
||||
}
|
||||
form = UserBulkImportForm(data, auto_id=False)
|
||||
if form.is_valid():
|
||||
form.save()
|
||||
else:
|
||||
form_errors = form.errors.as_data()
|
||||
for key, err_list in form_errors.iteritems():
|
||||
error_line = "{} :".format(key)
|
||||
for errs in err_list:
|
||||
error_line = "{}{}".format(error_line, ";".join([err for err in errs.messages]))
|
||||
errors.append("Row {}: {}".format(index, error_line))
|
||||
data = {
|
||||
'success': True if not errors else False,
|
||||
'msg': 'ok' if not errors else '<br />'.join(errors)
|
||||
}
|
||||
return self.render_json_response(data)
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
from django.contrib import admin
|
||||
|
||||
# Register your models here.
|
|
@ -1,7 +0,0 @@
|
|||
from __future__ import unicode_literals
|
||||
|
||||
from django.apps import AppConfig
|
||||
|
||||
|
||||
class WebterminalConfig(AppConfig):
|
||||
name = 'webterminal'
|
|
@ -1,5 +0,0 @@
|
|||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import models
|
||||
|
||||
# Create your models here.
|
|
@ -1,176 +0,0 @@
|
|||
{% extends 'base.html' %}
|
||||
{% block content %}
|
||||
|
||||
<div class="container">
|
||||
<div id="term">
|
||||
</div>
|
||||
</div>
|
||||
<div class="termChangBar">
|
||||
<input type="number" min="100" value="100" placeholder="col" id="term-col"/>
|
||||
<input type="number" min="35" value="35" placeholder="row" id="term-row"/>
|
||||
<button id="col-row">修改窗口大小</button>
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
||||
{% block custom_foot_js %}
|
||||
<script type="application/javascript" src="/static/js/jquery-2.1.1.js"></script>
|
||||
<script type="application/javascript" src="/static/js/term.js"></script>
|
||||
<script>/**
|
||||
* Created by liuzheng on 3/3/16.
|
||||
*/
|
||||
var rowHeight = 1;
|
||||
var colWidth = 1;
|
||||
function WSSHClient() {
|
||||
}
|
||||
WSSHClient.prototype._generateEndpoint = function (options) {
|
||||
console.log(options);
|
||||
if (window.location.protocol == 'https:') {
|
||||
var protocol = 'wss://';
|
||||
} else {
|
||||
var protocol = 'ws://';
|
||||
}
|
||||
|
||||
var endpoint = protocol + document.URL.match(RegExp('//(.*?)/'))[1] + '/ws/foobar?subscribe-broadcast&publish-broadcast&echo';
|
||||
return endpoint;
|
||||
};
|
||||
WSSHClient.prototype.connect = function (options) {
|
||||
var endpoint = this._generateEndpoint(options);
|
||||
|
||||
if (window.WebSocket) {
|
||||
this._connection = new WebSocket(endpoint);
|
||||
}
|
||||
else if (window.MozWebSocket) {
|
||||
this._connection = MozWebSocket(endpoint);
|
||||
}
|
||||
else {
|
||||
options.onError('WebSocket Not Supported');
|
||||
return;
|
||||
}
|
||||
|
||||
this._connection.onopen = function () {
|
||||
options.onConnect();
|
||||
};
|
||||
|
||||
this._connection.onmessage = function (evt) {
|
||||
try {
|
||||
options.onData(evt.data);
|
||||
} catch (e) {
|
||||
var data = JSON.parse(evt.data.toString());
|
||||
options.onError(data.error);
|
||||
}
|
||||
};
|
||||
|
||||
this._connection.onclose = function (evt) {
|
||||
options.onClose();
|
||||
};
|
||||
};
|
||||
|
||||
WSSHClient.prototype.send = function (data) {
|
||||
this._connection.send(JSON.stringify({'data': data}));
|
||||
};
|
||||
|
||||
function openTerminal(options) {
|
||||
var client = new WSSHClient();
|
||||
var rowHeight, colWidth;
|
||||
try {
|
||||
rowHeight = localStorage.getItem('term-row');
|
||||
colWidth = localStorage.getItem('term-col');
|
||||
} catch (err) {
|
||||
rowHeight = 35;
|
||||
colWidth = 100
|
||||
}
|
||||
if (rowHeight) {
|
||||
} else {
|
||||
rowHeight = 35
|
||||
}
|
||||
if (colWidth) {
|
||||
} else {
|
||||
colWidth = 100
|
||||
}
|
||||
|
||||
var term = new Terminal({
|
||||
rows: rowHeight,
|
||||
cols: colWidth,
|
||||
useStyle: true,
|
||||
screenKeys: true
|
||||
});
|
||||
term.open();
|
||||
term.on('data', function (data) {
|
||||
client.send(data)
|
||||
});
|
||||
$('.terminal').detach().appendTo('#term');
|
||||
//term.resize(colWidth, rowHeight);
|
||||
term.write('Connecting...');
|
||||
client.connect($.extend(options, {
|
||||
onError: function (error) {
|
||||
term.write('Error: ' + error + '\r\n');
|
||||
},
|
||||
onConnect: function () {
|
||||
// Erase our connecting message
|
||||
client.send({'resize': {'rows': rowHeight, 'cols': colWidth}});
|
||||
term.write('\r');
|
||||
},
|
||||
onClose: function () {
|
||||
term.write('Connection Reset By Peer');
|
||||
},
|
||||
onData: function (data) {
|
||||
if (data == "love you")
|
||||
console.log(data);
|
||||
else
|
||||
term.write(data);
|
||||
}
|
||||
}));
|
||||
//rowHeight = 0.0 + 1.00 * $('.terminal').height() / 24;
|
||||
//colWidth = 0.0 + 1.00 * $('.terminal').width() / 80;
|
||||
return {'term': term, 'client': client};
|
||||
}
|
||||
|
||||
//function resize() {
|
||||
// $('.terminal').css('width', window.innerWidth - 25);
|
||||
// console.log(window.innerWidth);
|
||||
// console.log(window.innerWidth - 10);
|
||||
// var rows = Math.floor(window.innerHeight / rowHeight) - 2;
|
||||
// var cols = Math.floor(window.innerWidth / colWidth) - 1;
|
||||
//
|
||||
// return {rows: rows, cols: cols};
|
||||
//}
|
||||
|
||||
$(document).ready(function () {
|
||||
var options = {};
|
||||
|
||||
$('#ssh').show();
|
||||
var term_client = openTerminal(options);
|
||||
console.log(rowHeight);
|
||||
// by liuzheng712 because it will bring record bug
|
||||
//window.onresize = function () {
|
||||
// var geom = resize();
|
||||
// console.log(geom);
|
||||
// term_client.term.resize(geom.cols, geom.rows);
|
||||
// term_client.client.send({'resize': {'rows': geom.rows, 'cols': geom.cols}});
|
||||
// $('#ssh').show();
|
||||
//}
|
||||
try {
|
||||
$('#term-row')[0].value = localStorage.getItem('term-row');
|
||||
$('#term-col')[0].value = localStorage.getItem('term-col');
|
||||
} catch (err) {
|
||||
$('#term-row')[0].value = 35;
|
||||
$('#term-col')[0].value = 100;
|
||||
}
|
||||
$('#col-row').click(function () {
|
||||
var col = $('#term-col').val();
|
||||
var row = $('#term-row').val();
|
||||
localStorage.setItem('term-col', col);
|
||||
localStorage.setItem('term-row', row);
|
||||
term_client.term.resize(col, row);
|
||||
term_client.client.send({'resize': {'rows': row, 'cols': col}});
|
||||
$('#ssh').show();
|
||||
});
|
||||
$(".terminal").mouseleave(function () {
|
||||
$(".termChangBar").slideDown();
|
||||
});
|
||||
$(".terminal").mouseenter(function () {
|
||||
$(".termChangBar").slideUp();
|
||||
})
|
||||
});</script>
|
||||
|
||||
{% endblock %}
|
|
@ -1,3 +0,0 @@
|
|||
from django.test import TestCase
|
||||
|
||||
# Create your tests here.
|
|
@ -1,11 +0,0 @@
|
|||
# coding:utf-8
|
||||
from django.conf.urls import url
|
||||
from .views import *
|
||||
from django.contrib import admin
|
||||
admin.autodiscover()
|
||||
|
||||
app_name = 'webterminal'
|
||||
|
||||
urlpatterns = [
|
||||
url(r'^$', TerminalView.as_view(), name='webterminal'),
|
||||
]
|
|
@ -1,28 +0,0 @@
|
|||
from django.shortcuts import render
|
||||
from django.urls import reverse_lazy
|
||||
from django.db.models import Q
|
||||
from django.views.generic.list import ListView
|
||||
from django.views.generic.edit import CreateView, DeleteView, UpdateView
|
||||
from django.views.generic.detail import DetailView
|
||||
from django.views.generic.base import TemplateView
|
||||
from django.views import View
|
||||
from django.http import HttpResponse
|
||||
from ws4redis.redis_store import RedisMessage
|
||||
from ws4redis.publisher import RedisPublisher
|
||||
from django.conf import settings
|
||||
|
||||
|
||||
# Create your views here.
|
||||
class TerminalView(TemplateView):
|
||||
template_name = 'main.html'
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
welcome = RedisMessage('Hello everybody') # create a welcome message to be sent to everybody
|
||||
RedisPublisher(facility='foobar', broadcast=True).publish_message(welcome)
|
||||
return super(TerminalView, self).get(request, *args, **kwargs)
|
||||
|
||||
def post(self, request, *args, **kwargs):
|
||||
redis_publisher = RedisPublisher(facility='foobar', groups=[request.POST.get('group')])
|
||||
message = RedisMessage(request.POST.get('message'))
|
||||
redis_publisher.publish_message(message)
|
||||
return HttpResponse('OK')
|
|
@ -70,6 +70,10 @@ class Config:
|
|||
# EMAIL_USE_TLS = False # If port is 587, set True
|
||||
# EMAIL_SUBJECT_PREFIX = '[Jumpserver] '
|
||||
|
||||
# SSH use password or public key for auth
|
||||
SSH_PASSWORD_AUTH = False
|
||||
SSH_PUBLIC_KEY_AUTH = True
|
||||
|
||||
def __init__(self):
|
||||
pass
|
||||
|
|
@ -13,6 +13,7 @@ wcwidth==0.1.7
|
|||
websocket-client==0.37.0
|
||||
djangorestframework==3.4.5
|
||||
ForgeryPy==0.1
|
||||
openpyxl==2.4.0
|
||||
paramiko==2.0.2
|
||||
celery==3.1.23
|
||||
ansible==2.1.1.0
|
||||
|
@ -20,3 +21,6 @@ django-simple-captcha==0.5.2
|
|||
django-formtools==1.0
|
||||
sshpubkeys==2.2.0
|
||||
djangorestframework-bulk==0.2.1
|
||||
python-gssapi==0.6.4
|
||||
tornado==4.4.2
|
||||
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
#!/usr/bin/env python
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
pass
|
|
@ -0,0 +1,102 @@
|
|||
#!/usr/bin/env python
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
||||
import logging
|
||||
import os
|
||||
|
||||
|
||||
BASE_DIR = os.path.dirname(os.path.abspath(__name__))
|
||||
|
||||
|
||||
class Config:
|
||||
SSH_HOST = ''
|
||||
SSH_PORT = 2200
|
||||
LOG_LEVEL = 'INFO'
|
||||
LOG_DIR = os.path.join(BASE_DIR, 'logs')
|
||||
LOG_FILENAME = 'ssh_server.log'
|
||||
LOGGING = {
|
||||
'version': 1,
|
||||
'disable_existing_loggers': False,
|
||||
'formatters': {
|
||||
'verbose': {
|
||||
'format': '%(levelname)s %(asctime)s %(module)s %(process)d %(thread)d %(message)s'
|
||||
},
|
||||
'main': {
|
||||
'datefmt': '%Y-%m-%d %H:%M:%S',
|
||||
'format': '%(asctime)s [%(module)s %(levelname)s] %(message)s',
|
||||
},
|
||||
'simple': {
|
||||
'format': '%(levelname)s %(message)s'
|
||||
},
|
||||
},
|
||||
'handlers': {
|
||||
'null': {
|
||||
'level': 'DEBUG',
|
||||
'class': 'logging.NullHandler',
|
||||
},
|
||||
'console': {
|
||||
'level': 'DEBUG',
|
||||
'class': 'logging.StreamHandler',
|
||||
'formatter': 'main',
|
||||
'stream': 'ext://sys.stdout',
|
||||
},
|
||||
'file': {
|
||||
'level': 'DEBUG',
|
||||
'class': 'logging.handlers.TimedRotatingFileHandler',
|
||||
'formatter': 'main',
|
||||
'filename': os.path.join(LOG_DIR, LOG_FILENAME),
|
||||
'when': 'D',
|
||||
'backupCount': 10,
|
||||
},
|
||||
},
|
||||
'loggers': {
|
||||
'jumpserver': {
|
||||
'handlers': ['console', 'file'],
|
||||
# 'level': LOG_LEVEL_CHOICES.get(LOG_LEVEL, None) or LOG_LEVEL_CHOICES.get('info')
|
||||
'level': LOG_LEVEL,
|
||||
'propagate': True,
|
||||
},
|
||||
'jumpserver.web_ssh_server': {
|
||||
'handlers': ['console', 'file'],
|
||||
# 'level': LOG_LEVEL_CHOICES.get(LOG_LEVEL, None) or LOG_LEVEL_CHOICES.get('info')
|
||||
'level': LOG_LEVEL,
|
||||
'propagate': True,
|
||||
},
|
||||
'jumpserver.ssh_server': {
|
||||
'handlers': ['console', 'file'],
|
||||
# 'level': LOG_LEVEL_CHOICES.get(LOG_LEVEL, None) or LOG_LEVEL_CHOICES.get('info')
|
||||
'level': LOG_LEVEL,
|
||||
'propagate': True,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
def __init__(self):
|
||||
pass
|
||||
|
||||
def __getattr__(self, item):
|
||||
return None
|
||||
|
||||
|
||||
class DevelopmentConfig(Config):
|
||||
pass
|
||||
|
||||
|
||||
class ProductionConfig(Config):
|
||||
pass
|
||||
|
||||
|
||||
class TestingConfig(Config):
|
||||
pass
|
||||
|
||||
|
||||
config = {
|
||||
'development': DevelopmentConfig,
|
||||
'production': ProductionConfig,
|
||||
'testing': TestingConfig,
|
||||
'default': DevelopmentConfig,
|
||||
}
|
||||
|
||||
env = 'default'
|
||||
|
|
@ -0,0 +1,96 @@
|
|||
#!/usr/bin/env python
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
||||
import logging
|
||||
import os
|
||||
|
||||
|
||||
BASE_DIR = os.path.dirname(os.path.abspath(__name__))
|
||||
|
||||
|
||||
class Config:
|
||||
LOG_LEVEL = 'INFO'
|
||||
LOG_DIR = os.path.join(BASE_DIR, 'logs')
|
||||
LOGGING = {
|
||||
'version': 1,
|
||||
'disable_existing_loggers': False,
|
||||
'formatters': {
|
||||
'verbose': {
|
||||
'format': '%(levelname)s %(asctime)s %(module)s %(process)d %(thread)d %(message)s'
|
||||
},
|
||||
'main': {
|
||||
'datefmt': '%Y-%m-%d %H:%M:%S',
|
||||
'format': '%(asctime)s [%(module)s %(levelname)s] %(message)s',
|
||||
},
|
||||
'simple': {
|
||||
'format': '%(levelname)s %(message)s'
|
||||
},
|
||||
},
|
||||
'handlers': {
|
||||
'null': {
|
||||
'level': 'DEBUG',
|
||||
'class': 'logging.NullHandler',
|
||||
},
|
||||
'console': {
|
||||
'level': 'DEBUG',
|
||||
'class': 'logging.StreamHandler',
|
||||
'formatter': 'main'
|
||||
},
|
||||
'file': {
|
||||
'level': 'DEBUG',
|
||||
'class': 'logging.FileHandler',
|
||||
'formatter': 'main',
|
||||
'filename': LOG_DIR,
|
||||
},
|
||||
},
|
||||
'loggers': {
|
||||
'jumpserver': {
|
||||
'handlers': ['console', 'file'],
|
||||
# 'level': LOG_LEVEL_CHOICES.get(LOG_LEVEL, None) or LOG_LEVEL_CHOICES.get('info')
|
||||
'level': LOG_LEVEL,
|
||||
},
|
||||
'jumpserver.web_ssh_server': {
|
||||
'handlers': ['console', 'file'],
|
||||
# 'level': LOG_LEVEL_CHOICES.get(LOG_LEVEL, None) or LOG_LEVEL_CHOICES.get('info')
|
||||
'level': LOG_LEVEL,
|
||||
},
|
||||
'jumpserver.ssh_server': {
|
||||
'handlers': ['console', 'file'],
|
||||
# 'level': LOG_LEVEL_CHOICES.get(LOG_LEVEL, None) or LOG_LEVEL_CHOICES.get('info')
|
||||
'level': LOG_LEVEL,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
def __init__(self):
|
||||
pass
|
||||
|
||||
def __getattr__(self, item):
|
||||
return None
|
||||
|
||||
|
||||
class DevelopmentConfig(Config):
|
||||
pass
|
||||
|
||||
|
||||
class ProductionConfig(Config):
|
||||
pass
|
||||
|
||||
|
||||
class TestingConfig(Config):
|
||||
pass
|
||||
|
||||
|
||||
config = {
|
||||
'development': DevelopmentConfig,
|
||||
'production': ProductionConfig,
|
||||
'testing': TestingConfig,
|
||||
'default': DevelopmentConfig,
|
||||
}
|
||||
|
||||
env = 'default'
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
pass
|
|
@ -0,0 +1,411 @@
|
|||
#!/usr/bin/env python
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
||||
__version__ = '0.3.3'
|
||||
|
||||
import sys
|
||||
import os
|
||||
import base64
|
||||
import time
|
||||
from binascii import hexlify
|
||||
import sys
|
||||
import threading
|
||||
from multiprocessing.process import Process
|
||||
import traceback
|
||||
import tty
|
||||
import termios
|
||||
import struct
|
||||
import fcntl
|
||||
import signal
|
||||
import socket
|
||||
import select
|
||||
import errno
|
||||
import paramiko
|
||||
import django
|
||||
|
||||
BASE_DIR = os.path.abspath(os.path.dirname(__file__))
|
||||
APP_DIR = os.path.join(os.path.dirname(BASE_DIR), 'apps')
|
||||
sys.path.append(APP_DIR)
|
||||
os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings'
|
||||
|
||||
try:
|
||||
django.setup()
|
||||
except IndexError:
|
||||
pass
|
||||
|
||||
from django.conf import settings
|
||||
from users.utils import ssh_key_gen, check_user_is_valid
|
||||
from utils import get_logger, SSHServerException, control_char
|
||||
|
||||
|
||||
logger = get_logger(__name__)
|
||||
|
||||
paramiko.util.log_to_file(os.path.join(BASE_DIR, 'logs', 'paramiko.log'))
|
||||
|
||||
|
||||
class SSHServer(paramiko.ServerInterface):
|
||||
host_key_path = os.path.join(BASE_DIR, 'host_rsa_key')
|
||||
channel_pools = []
|
||||
|
||||
def __init__(self, client, addr):
|
||||
self.event = threading.Event()
|
||||
self.change_window_size_event = threading.Event()
|
||||
self.client = client
|
||||
self.addr = addr
|
||||
self.username = None
|
||||
self.user = None
|
||||
self.channel_width = None
|
||||
self.channel_height = None
|
||||
|
||||
@classmethod
|
||||
def host_key(cls):
|
||||
return cls.get_host_key()
|
||||
|
||||
@classmethod
|
||||
def get_host_key(cls):
|
||||
logger.debug("Get ssh server host key")
|
||||
if not os.path.isfile(cls.host_key_path):
|
||||
cls.host_key_gen()
|
||||
return paramiko.RSAKey(filename=cls.host_key_path)
|
||||
|
||||
@classmethod
|
||||
def host_key_gen(cls):
|
||||
logger.debug("Generate ssh server host key")
|
||||
ssh_key, ssh_pub_key = ssh_key_gen()
|
||||
with open(cls.host_key_path, 'w') as f:
|
||||
f.write(ssh_key)
|
||||
|
||||
def check_channel_request(self, kind, chanid):
|
||||
if kind == 'session':
|
||||
return paramiko.OPEN_SUCCEEDED
|
||||
return paramiko.OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED
|
||||
|
||||
def check_auth_password(self, username, password):
|
||||
self.user = user = check_user_is_valid(username=username, password=password)
|
||||
if self.user:
|
||||
self.username = username = user.username
|
||||
logger.info('Accepted password for %(username)s from %(host)s port %(port)s ' % {
|
||||
'username': username,
|
||||
'host': self.addr[0],
|
||||
'port': self.addr[1],
|
||||
})
|
||||
return paramiko.AUTH_SUCCESSFUL
|
||||
else:
|
||||
logger.info('Authentication password failed for %(username)s from %(host)s port %(port)s ' % {
|
||||
'username': username,
|
||||
'host': self.addr[0],
|
||||
'port': self.addr[1],
|
||||
})
|
||||
return paramiko.AUTH_FAILED
|
||||
|
||||
def check_auth_publickey(self, username, public_key):
|
||||
self.user = user = check_user_is_valid(username=username, public_key=public_key)
|
||||
|
||||
if self.user:
|
||||
self.username = username = user.username
|
||||
logger.info('Accepted public key for %(username)s from %(host)s port %(port)s ' % {
|
||||
'username': username,
|
||||
'host': self.addr[0],
|
||||
'port': self.addr[1],
|
||||
})
|
||||
return paramiko.AUTH_SUCCESSFUL
|
||||
else:
|
||||
logger.info('Authentication public key failed for %(username)s from %(host)s port %(port)s ' % {
|
||||
'username': username,
|
||||
'host': self.addr[0],
|
||||
'port': self.addr[1],
|
||||
})
|
||||
return paramiko.AUTH_FAILED
|
||||
|
||||
def get_allowed_auths(self, username):
|
||||
auth_method_list = []
|
||||
if settings.CONFIG.SSH_PASSWORD_AUTH:
|
||||
auth_method_list.append('password')
|
||||
if settings.CONFIG.SSH_PUBLICK_KEY_AUTH:
|
||||
auth_method_list.append('publickey')
|
||||
return ','.join(auth_method_list)
|
||||
|
||||
def check_channel_shell_request(self, channel):
|
||||
self.event.set()
|
||||
self.__class__.channel_pools.append(channel)
|
||||
channel.username = self.username
|
||||
channel.addr = self.addr
|
||||
return True
|
||||
|
||||
def check_channel_pty_request(self, channel, term, width, height, pixelwidth,
|
||||
pixelheight, modes):
|
||||
channel.change_window_size_event = threading.Event()
|
||||
channel.width = width
|
||||
channel.height = height
|
||||
return True
|
||||
|
||||
def check_channel_window_change_request(self, channel, width, height, pixelwidth, pixelheight):
|
||||
channel.change_window_size_event.set()
|
||||
channel.width = width
|
||||
channel.height = height
|
||||
return True
|
||||
|
||||
|
||||
class BackendServer:
|
||||
def __init__(self, host, port, username):
|
||||
self.host = host
|
||||
self.port = port
|
||||
self.username = username
|
||||
self.ssh = None
|
||||
self.channel = None
|
||||
|
||||
def connect(self, term='xterm', width=80, height=24, timeout=10):
|
||||
self.ssh = ssh = paramiko.SSHClient()
|
||||
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
|
||||
|
||||
try:
|
||||
ssh.connect(hostname=self.host, port=self.port, username=self.username, password=self.host_password,
|
||||
pkey=self.host_private_key, look_for_keys=False, allow_agent=True, compress=True, timeout=timeout)
|
||||
except Exception:
|
||||
logger.warning('Connect backend server %s failed' % self.host)
|
||||
return None
|
||||
|
||||
self.channel = channel = ssh.invoke_shell(term=term, width=width, height=height)
|
||||
logger.info('Connect backend server %(username)s@%(host)s:%(port)s successfully' % {
|
||||
'username': self.username,
|
||||
'host': self.host,
|
||||
'port': self.port,
|
||||
})
|
||||
channel.settimeout(100)
|
||||
channel.host = self.host
|
||||
channel.port = self.port
|
||||
channel.username = self.username
|
||||
return channel
|
||||
|
||||
@property
|
||||
def host_password(self):
|
||||
return 'redhat'
|
||||
|
||||
@property
|
||||
def host_private_key(self):
|
||||
return None
|
||||
|
||||
|
||||
class Navigation:
|
||||
def __init__(self, username, client_channel):
|
||||
self.username = username
|
||||
self.client_channel = client_channel
|
||||
|
||||
def display_banner(self):
|
||||
client_channel = self.client_channel
|
||||
client_channel.send(control_char.clear)
|
||||
client_channel.send('\r\n\r\n\t\tWelcome to use Jumpserver open source system !\r\n\r\n')
|
||||
client_channel.send('If you find some bug please contact us <ibuler@qq.com>\r\n')
|
||||
client_channel.send('See more at https://www.jumpserver.org\r\n')
|
||||
# client_channel.send(self.username)
|
||||
|
||||
def display(self):
|
||||
self.display_banner()
|
||||
|
||||
def return_to_connect(self):
|
||||
pass
|
||||
|
||||
|
||||
class ProxyChannel:
|
||||
ENTER_CHAR = ['\r', '\n', '\r\n']
|
||||
input_data = []
|
||||
output_data = []
|
||||
|
||||
def __init__(self, client_channel, backend_channel, client_addr):
|
||||
self.client_channel = client_channel
|
||||
self.backend_channel = backend_channel
|
||||
self.client_addr = client_addr
|
||||
self.in_input_mode = True
|
||||
|
||||
def stream_flow(self, input_=None, output_=None):
|
||||
if input_:
|
||||
self.in_input_mode = True
|
||||
if input_ in ['\r', '\n', '\r\n']:
|
||||
self.in_input_mode = False
|
||||
|
||||
if output_:
|
||||
print(''.join(self.__class__.output_data))
|
||||
if not self.in_input_mode:
|
||||
command = ''.join(self.__class__.output_data)
|
||||
del self.__class__.output_data
|
||||
self.__class__.output_data = []
|
||||
self.__class__.output_data.append(output_)
|
||||
|
||||
def proxy(self):
|
||||
client_channel = self.client_channel
|
||||
backend_channel = self.backend_channel
|
||||
client_addr = self.client_addr
|
||||
|
||||
while True:
|
||||
r, w, x = select.select([client_channel, backend_channel], [], [])
|
||||
|
||||
if client_channel.change_window_size_event.is_set():
|
||||
backend_channel.resize_pty(width=client_channel.width, height=client_channel.height)
|
||||
|
||||
if client_channel in r:
|
||||
self.in_input_mode = True
|
||||
client_data = client_channel.recv(1024)
|
||||
|
||||
if client_data in self.__class__.ENTER_CHAR:
|
||||
self.in_input_mode = False
|
||||
command = ''.join(self.__class__.output_data)
|
||||
print('########### command ##########')
|
||||
print(command)
|
||||
print('########### end command ##########')
|
||||
del self.__class__.output_data
|
||||
self.__class__.output_data = []
|
||||
backend_channel.send(client_data)
|
||||
output = ''.join(self.__class__.output_data)
|
||||
print('>>>>>>>>>>> output <<<<<<<<<<')
|
||||
print(output)
|
||||
print('>>>>>>>>>>> end output <<<<<<<<<<')
|
||||
continue
|
||||
|
||||
if len(client_data) == 0:
|
||||
logger.info('Logout from ssh server %(host)s: %(username)s' % {
|
||||
'host': client_addr[0],
|
||||
'username': client_channel.username,
|
||||
})
|
||||
break
|
||||
backend_channel.send(client_data)
|
||||
|
||||
if backend_channel in r:
|
||||
backend_data = backend_channel.recv(1024)
|
||||
if len(backend_data) == 0:
|
||||
client_channel.send('Disconnect from %s \r\n' % backend_channel.host)
|
||||
client_channel.close()
|
||||
logger.info('Logout from backend server %(host)s: %(username)s' % {
|
||||
'host': backend_channel.host,
|
||||
'username': backend_channel.username,
|
||||
})
|
||||
break
|
||||
self.__class__.output_data.append(backend_data)
|
||||
client_channel.send(backend_data)
|
||||
|
||||
|
||||
class JumpServer:
|
||||
backend_server_pools = []
|
||||
backend_channel_pools = []
|
||||
client_channel_pools = []
|
||||
|
||||
CONTROL_CHAR = {
|
||||
'clear': ''
|
||||
}
|
||||
|
||||
def __init__(self):
|
||||
self.listen_host = '0.0.0.0'
|
||||
self.listen_port = 2222
|
||||
|
||||
def display_navigation(self, username, client_channel):
|
||||
nav = Navigation(username, client_channel)
|
||||
nav.display()
|
||||
return 'j', 22, 'root'
|
||||
|
||||
def get_client_channel(self, client, addr):
|
||||
transport = paramiko.Transport(client, gss_kex=False)
|
||||
transport.set_gss_host(socket.getfqdn(""))
|
||||
try:
|
||||
transport.load_server_moduli()
|
||||
except:
|
||||
logger.warning('Failed to load moduli -- gex will be unsupported.')
|
||||
raise
|
||||
|
||||
transport.add_server_key(SSHServer.get_host_key())
|
||||
ssh_server = SSHServer(client, addr)
|
||||
|
||||
try:
|
||||
transport.start_server(server=ssh_server)
|
||||
except paramiko.SSHException:
|
||||
logger.warning('SSH negotiation failed.')
|
||||
|
||||
client_channel = transport.accept(20)
|
||||
if client_channel is None:
|
||||
logger.warning('No ssh channel get.')
|
||||
return None
|
||||
|
||||
self.__class__.client_channel_pools.append(client_channel)
|
||||
if not ssh_server.event.is_set():
|
||||
logger.warning('Client never asked for a shell.')
|
||||
return client_channel
|
||||
|
||||
def get_backend_channel(self, host, port, username, term='xterm', width=80, height=24):
|
||||
backend_server = BackendServer(host, port, username)
|
||||
backend_channel = backend_server.connect(term=term, width=width, height=height)
|
||||
|
||||
if backend_channel is None:
|
||||
logger.warning('Connect %(username)s@%(host)s:%(port)s failed' % {
|
||||
'username': username,
|
||||
'host': host,
|
||||
'port': port,
|
||||
})
|
||||
return None
|
||||
|
||||
self.__class__.backend_server_pools.append(backend_server)
|
||||
self.__class__.backend_channel_pools.append(backend_channel)
|
||||
|
||||
return backend_channel
|
||||
|
||||
def command_flow(self, input_=None, output_=None):
|
||||
pass
|
||||
|
||||
def handle_ssh_request(self, client, addr):
|
||||
logger.info("Get ssh request from %(host)s:%(port)s" % {
|
||||
'host': addr[0],
|
||||
'port': addr[1],
|
||||
})
|
||||
|
||||
try:
|
||||
client_channel = self.get_client_channel(client, addr)
|
||||
if client_channel is None:
|
||||
client.close()
|
||||
return
|
||||
|
||||
host, port, username = self.display_navigation('root', client_channel)
|
||||
backend_channel = self.get_backend_channel(host, port, username,
|
||||
width=client_channel.width,
|
||||
height=client_channel.height)
|
||||
if backend_channel is None:
|
||||
client.shutdown()
|
||||
client.close()
|
||||
client.send('Close')
|
||||
return
|
||||
|
||||
proxy_channel = ProxyChannel(client_channel, backend_channel, addr)
|
||||
proxy_channel.proxy()
|
||||
|
||||
# Todo: catch other exception
|
||||
except IndexError:
|
||||
logger.info('Close with server %s from %s' % (addr[0], addr[1]))
|
||||
sys.exit(100)
|
||||
|
||||
def listen(self):
|
||||
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
||||
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
|
||||
sock.bind((self.listen_host, self.listen_port))
|
||||
sock.listen(5)
|
||||
|
||||
print(time.ctime())
|
||||
print('Jumpserver version %s, more see https://www.jumpserver.org' % __version__)
|
||||
print('Starting ssh server at %(host)s:%(port)s' % {'host': self.listen_host, 'port': self.listen_port})
|
||||
print('Quit the server with CONTROL-C.')
|
||||
|
||||
while True:
|
||||
try:
|
||||
client, addr = sock.accept()
|
||||
thread = threading.Thread(target=self.handle_ssh_request, args=(client, addr))
|
||||
thread.daemon = True
|
||||
thread.start()
|
||||
except Exception as e:
|
||||
logger.error('Bind failed: ' + str(e))
|
||||
traceback.print_exc()
|
||||
sys.exit(1)
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
server = JumpServer()
|
||||
try:
|
||||
server.listen()
|
||||
except KeyboardInterrupt:
|
||||
sys.exit(1)
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
#!/usr/bin/env python
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
||||
import logging
|
||||
from logging.config import dictConfig
|
||||
from ssh_config import config, env
|
||||
|
||||
|
||||
CONFIG_SSH_SERVER = config.get(env)
|
||||
|
||||
|
||||
def get_logger(name):
|
||||
dictConfig(CONFIG_SSH_SERVER.LOGGING)
|
||||
return logging.getLogger('jumpserver.%s' % name)
|
||||
|
||||
|
||||
class ControlChar:
|
||||
CHARS = {
|
||||
'clear': '\x1b[H\x1b[2J',
|
||||
}
|
||||
|
||||
def __init__(self):
|
||||
pass
|
||||
|
||||
def __getattr__(self, item):
|
||||
return self.__class__.CHARS.get(item, '')
|
||||
|
||||
|
||||
class SSHServerException(Exception):
|
||||
pass
|
||||
|
||||
|
||||
control_char = ControlChar()
|
|
@ -0,0 +1,3 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
Loading…
Reference in New Issue