From 9e78fd3651b29ce66efce569445163b1190e8ab4 Mon Sep 17 00:00:00 2001 From: ibuler Date: Fri, 22 Apr 2016 11:51:36 +0800 Subject: [PATCH 1/2] Merge master to dev (#212) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Update install.py 修改centos7支持 * Update install.py * Support resize web terminal size Support resize web terminal size. Change new windows to a new tab. May be more hommization * Static bug (#204) * 紧急修复下载文件后静态文件404问题 * 紧急修复监控白屏问题 * bugfix(upload web) When download file, static file will unreachable. Didn't change dir fixed * bugfix(upload web) When download file, static file will unreachable. (#206) (#207) * Update install.py 修改centos7支持 * Update install.py * Support resize web terminal size Support resize web terminal size. Change new windows to a new tab. May be more hommization * Static bug (#204) * 紧急修复下载文件后静态文件404问题 * 紧急修复监控白屏问题 * bugfix(upload web) When download file, static file will unreachable. Didn't change dir fixed * fix bug index out of range (#210) --- jlog/views.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/jlog/views.py b/jlog/views.py index ff1239e8e..d8a4268d1 100644 --- a/jlog/views.py +++ b/jlog/views.py @@ -240,6 +240,7 @@ class TermLogRecorder(object): TermLogRecorder.loglist[str(id)] = [self] def write(self, msg): + """ if self.recoder and (not self._in_vim): if self.commands.__len__() == 0: self._stream.feed(msg) @@ -256,6 +257,7 @@ class TermLogRecorder(object): self._screen.reset() else: self._command() + """ try: self.write_message(msg) except: From bd69339e220025b27634aa713813d6f5084cbe74 Mon Sep 17 00:00:00 2001 From: yumaojun03 <719118794@qq.com> Date: Thu, 28 Apr 2016 15:44:48 +0800 Subject: [PATCH 2/2] Bug fix hostname (#216) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix (jasset): 修复资产hostname过长和密码过长引起的bug 1. 修改password字段的长度,对称加密过后的字符串会变长,所有设置得比较大(256) 2. 添加check hostname 和 password的 长度校验 * fix (jumpserver/jasset): 修复setting时,秘密过长问题。 1. 修改password字段的长度,对称加密过后的字符串会变长,所有设置得比较大(256) 2. 后端修复views秘密超过30位不保存 3.前段使用js限制秘密长多不能超过30位 * fix (jumpserver/jasset): setting and asset hostname password too long. 1. 添加setting password字段长度验证 2. 添加资产主机名和密码长度验证 * fix (jumpserver/jasset): setting and asset hostname password too long. 1. 修正setting时的 输入密码的提示错误. --- jasset/models.py | 2 +- jasset/views.py | 63 +++++++++++++++++------------- jumpserver/models.py | 2 +- jumpserver/views.py | 67 +++++++++++++++++--------------- templates/jasset/asset_add.html | 4 +- templates/jasset/asset_edit.html | 16 ++++---- templates/setting.html | 6 +++ 7 files changed, 89 insertions(+), 71 deletions(-) diff --git a/jasset/models.py b/jasset/models.py index 82c5f54a6..0ec72e553 100644 --- a/jasset/models.py +++ b/jasset/models.py @@ -67,7 +67,7 @@ class Asset(models.Model): port = models.IntegerField(blank=True, null=True, verbose_name=u"端口号") group = models.ManyToManyField(AssetGroup, blank=True, verbose_name=u"所属主机组") username = models.CharField(max_length=16, blank=True, null=True, verbose_name=u"管理用户名") - password = models.CharField(max_length=64, blank=True, null=True, verbose_name=u"密码") + password = models.CharField(max_length=256, blank=True, null=True, verbose_name=u"密码") use_default_auth = models.BooleanField(default=True, verbose_name=u"使用默认管理账号") idc = models.ForeignKey(IDC, blank=True, null=True, on_delete=models.SET_NULL, verbose_name=u'机房') mac = models.CharField(max_length=20, blank=True, null=True, verbose_name=u"MAC地址") diff --git a/jasset/views.py b/jasset/views.py index 779306580..d2dcff55d 100644 --- a/jasset/views.py +++ b/jasset/views.py @@ -135,13 +135,16 @@ def asset_add(request): af_post = AssetForm(request.POST) ip = request.POST.get('ip', '') hostname = request.POST.get('hostname', '') + is_active = True if request.POST.get('is_active') == '1' else False use_default_auth = request.POST.get('use_default_auth', '') try: if Asset.objects.filter(hostname=unicode(hostname)): error = u'该主机名 %s 已存在!' % hostname raise ServerError(error) - + if len(hostname) > 54: + error = u"主机名长度不能超过53位!" + raise ServerError(error) except ServerError: pass else: @@ -219,34 +222,38 @@ def asset_edit(request): if asset_test and asset_id != unicode(asset_test.id): emg = u'该主机名 %s 已存在!' % hostname raise ServerError(emg) - except ServerError: - pass - else: - if af_post.is_valid(): - af_save = af_post.save(commit=False) - if use_default_auth: - af_save.username = '' - af_save.password = '' - # af_save.port = None - else: - if password: - password_encode = CRYPTOR.encrypt(password) - af_save.password = password_encode - else: - af_save.password = password_old - af_save.is_active = True if is_active else False - af_save.save() - af_post.save_m2m() - # asset_new = get_object(Asset, id=asset_id) - # asset_diff_one(asset_old, asset_new) - info = asset_diff(af_post.__dict__.get('initial'), request.POST) - db_asset_alert(asset, username, info) - - smg = u'主机 %s 修改成功' % ip + if len(hostname) > 54: + emg = u'主机名长度不能超过54位!' + raise ServerError(emg) else: - emg = u'主机 %s 修改失败' % ip - return my_render('jasset/error.html', locals(), request) - return HttpResponseRedirect(reverse('asset_detail')+'?id=%s' % asset_id) + if af_post.is_valid(): + af_save = af_post.save(commit=False) + if use_default_auth: + af_save.username = '' + af_save.password = '' + # af_save.port = None + else: + if password: + password_encode = CRYPTOR.encrypt(password) + af_save.password = password_encode + else: + af_save.password = password_old + af_save.is_active = True if is_active else False + af_save.save() + af_post.save_m2m() + # asset_new = get_object(Asset, id=asset_id) + # asset_diff_one(asset_old, asset_new) + info = asset_diff(af_post.__dict__.get('initial'), request.POST) + db_asset_alert(asset, username, info) + + smg = u'主机 %s 修改成功' % ip + else: + emg = u'主机 %s 修改失败' % ip + raise ServerError(emg) + except ServerError as e: + error = e.message + return my_render('jasset/asset_edit.html', locals(), request) + return HttpResponseRedirect(reverse('asset_detail')+'?id=%s' % asset_id) return my_render('jasset/asset_edit.html', locals(), request) diff --git a/jumpserver/models.py b/jumpserver/models.py index e75921aa4..60a2be50f 100644 --- a/jumpserver/models.py +++ b/jumpserver/models.py @@ -7,7 +7,7 @@ class Setting(models.Model): name = models.CharField(max_length=100) field1 = models.CharField(max_length=100, null=True, blank=True) field2 = models.CharField(max_length=100, null=True, blank=True) - field3 = models.CharField(max_length=100, null=True, blank=True) + field3 = models.CharField(max_length=256, null=True, blank=True) field4 = models.CharField(max_length=100, null=True, blank=True) field5 = models.CharField(max_length=100, null=True, blank=True) diff --git a/jumpserver/views.py b/jumpserver/views.py index fae546a28..4aee6961d 100644 --- a/jumpserver/views.py +++ b/jumpserver/views.py @@ -220,41 +220,46 @@ def setting(request): setting_default = get_object(Setting, name='default') if request.method == "POST": - setting_raw = request.POST.get('setting', '') - if setting_raw == 'default': - username = request.POST.get('username', '') - port = request.POST.get('port', '') - password = request.POST.get('password', '') - private_key = request.POST.get('key', '') + try: + setting_raw = request.POST.get('setting', '') + if setting_raw == 'default': + username = request.POST.get('username', '') + port = request.POST.get('port', '') + password = request.POST.get('password', '') + private_key = request.POST.get('key', '') - if '' in [username, port]: - return HttpResponse('所填内容不能为空, 且密码和私钥填一个') - else: - private_key_dir = os.path.join(BASE_DIR, 'keys', 'default') - private_key_path = os.path.join(private_key_dir, 'admin_user.pem') - mkdir(private_key_dir) - - if private_key: - with open(private_key_path, 'w') as f: - f.write(private_key) - os.chmod(private_key_path, 0600) - - if setting_default: - if password: - password_encode = CRYPTOR.encrypt(password) - else: - password_encode = password - Setting.objects.filter(name='default').update(field1=username, field2=port, - field3=password_encode, - field4=private_key_path) + if len(password) > 30: + raise ServerError(u'秘密长度不能超过30位!') + if '' in [username, port]: + return ServerError(u'所填内容不能为空, 且密码和私钥填一个') else: - password_encode = CRYPTOR.encrypt(password) - setting_r = Setting(name='default', field1=username, field2=port, - field3=password_encode, - field4=private_key_path).save() + private_key_dir = os.path.join(BASE_DIR, 'keys', 'default') + private_key_path = os.path.join(private_key_dir, 'admin_user.pem') + mkdir(private_key_dir) - msg = "设置成功" + if private_key: + with open(private_key_path, 'w') as f: + f.write(private_key) + os.chmod(private_key_path, 0600) + + if setting_default: + if password: + password_encode = CRYPTOR.encrypt(password) + else: + password_encode = password + Setting.objects.filter(name='default').update(field1=username, field2=port, + field3=password_encode, + field4=private_key_path) + + else: + password_encode = CRYPTOR.encrypt(password) + setting_r = Setting(name='default', field1=username, field2=port, + field3=password_encode, + field4=private_key_path).save() + msg = "设置成功" + except ServerError as e: + error = e.message return my_render('setting.html', locals(), request) diff --git a/templates/jasset/asset_add.html b/templates/jasset/asset_add.html index 57c0c04d3..bd730f18b 100644 --- a/templates/jasset/asset_add.html +++ b/templates/jasset/asset_add.html @@ -164,7 +164,7 @@ msg: {required: "必须填写!"} }, "hostname": { - rule: "required", + rule: "required;length[0~53]", tip: "填写主机名", ok: "", msg: {required: "必须填写!"} @@ -182,7 +182,7 @@ msg: {required: "必须填写!"} }, "password": { - rule: "required(use_default_auth)", + rule: "required(use_default_auth);length[0~64]", tip: "输入密码", ok: "", msg: {required: "必须填写!"} diff --git a/templates/jasset/asset_edit.html b/templates/jasset/asset_edit.html index 6e886c27c..7fdf5aaa1 100644 --- a/templates/jasset/asset_edit.html +++ b/templates/jasset/asset_edit.html @@ -206,7 +206,7 @@ }, fields: { "hostname": { - rule: "required", + rule: "required;length[0~53]", tip: "填写主机名", ok: "", msg: {required: "必须填写!"} @@ -218,17 +218,17 @@ msg: {required: "必须填写!"} }, "username": { - rule: "required(use_default_auth)", + rule: "required(use_default_auth);", tip: "输入用户名", ok: "", msg: {required: "必须填写!"} }, -{# "password": {#} -{# rule: "required(use_default_auth)",#} -{# tip: "输入密码",#} -{# ok: "",#} -{# msg: {required: "必须填写!"}#} -{# }#} + "password": { + rule: "length[0~64]", + tip: "输入密码", + ok: "", + empty: true + } }, valid: function(form) { form.submit(); diff --git a/templates/setting.html b/templates/setting.html index 061a71f0e..b2b88eb87 100644 --- a/templates/setting.html +++ b/templates/setting.html @@ -128,6 +128,12 @@ tip: "输入端口号", ok: "", msg: {required: "端口号必填"} + }, + "password": { + rule: "length[0~30]", + tip: "输入密码", + ok: "", + empty: true } {# "key": {#} {# rule: "required(either)",#}