From 47397d23086f454cde67523557c0dd5e7bf72324 Mon Sep 17 00:00:00 2001
From: ibuler <ibuler@qq.com>
Date: Mon, 28 May 2018 16:44:00 +0800
Subject: [PATCH] =?UTF-8?q?[Bugfix]=20=E4=BF=AE=E5=A4=8D=E7=BD=91=E5=85=B3?=
 =?UTF-8?q?=E6=B5=8B=E8=AF=95=E8=BF=9E=E6=8E=A5=E9=9C=80=E8=A6=81ssh?=
 =?UTF-8?q?=E4=BF=A1=E4=BB=BBkey=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/assets/utils.py | 28 +++++++++++++++-------------
 apps/perms/api.py    |  7 +------
 2 files changed, 16 insertions(+), 19 deletions(-)

diff --git a/apps/assets/utils.py b/apps/assets/utils.py
index 5fb5eae84..367c5e5f7 100644
--- a/apps/assets/utils.py
+++ b/apps/assets/utils.py
@@ -1,7 +1,8 @@
 # ~*~ coding: utf-8 ~*~
 #
-
+import os
 import paramiko
+from paramiko.ssh_exception import SSHException
 
 from common.utils import get_object_or_none
 from .models import Asset, SystemUser, Label
@@ -49,22 +50,23 @@ def test_gateway_connectability(gateway):
     """
     client = paramiko.SSHClient()
     client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
-
-    proxy_command = [
-        "ssh", "{}@{}".format(gateway.username, gateway.ip),
-        "-p", str(gateway.port), "-W", "127.0.0.1:{}".format(gateway.port),
-    ]
-
-    if gateway.password:
-        proxy_command.insert(0, "sshpass -p '{}'".format(gateway.password))
-    if gateway.private_key:
-        proxy_command.append("-i {}".format(gateway.private_key_file))
+    proxy = paramiko.SSHClient()
+    proxy.load_host_keys(os.path.expanduser('~/.ssh/known_hosts'))
+    proxy.set_missing_host_key_policy(paramiko.AutoAddPolicy())
 
     try:
-        sock = paramiko.ProxyCommand(" ".join(proxy_command))
-    except paramiko.ProxyCommandFailure as e:
+        proxy.connect(gateway.ip, username=gateway.username,
+                      password=gateway.password,
+                      pkey=gateway.private_key_obj)
+    except(paramiko.AuthenticationException,
+           paramiko.BadAuthenticationType,
+           SSHException) as e:
         return False, str(e)
 
+    sock = proxy.get_transport().open_channel(
+        'direct-tcpip', ('127.0.0.1', gateway.port), ('127.0.0.1', 0)
+    )
+
     try:
         client.connect("127.0.0.1", port=gateway.port,
                        username=gateway.username,
diff --git a/apps/perms/api.py b/apps/perms/api.py
index e104cc1c4..bd2fb1139 100644
--- a/apps/perms/api.py
+++ b/apps/perms/api.py
@@ -147,13 +147,8 @@ class UserGrantedNodeAssetsApi(ListAPIView):
             user = get_object_or_404(User, id=user_id)
         else:
             user = self.request.user
+        node = get_object_or_404(Node, id=node_id)
         nodes = AssetPermissionUtil.get_user_nodes_with_assets(user)
-        node = get_object_or_none(Node, id=node_id)
-
-        if not node:
-            unnode = [node for node in nodes if node.name == 'Unnode']
-            node = unnode[0] if unnode else None
-
         assets = nodes.get(node, [])
         for asset, system_users in assets.items():
             asset.system_users_granted = system_users