temp.
Apex Liu
parent
206c9fdead
commit
001cf53e8f
|
|
@ -12,8 +12,8 @@ $app.on_init = function (cb_stack) {
|
|||
btn_remove_auditor: $('#btn-remove-auditor'),
|
||||
|
||||
btn_refresh_auditee: $('#btn-refresh-auditee'),
|
||||
btn_add_auditee_user: $('#btn-add-auditee-user'),
|
||||
btn_add_auditee_user_group: $('#btn-add-auditee-user-group'),
|
||||
// btn_add_auditee_user: $('#btn-add-auditee-user'),
|
||||
// btn_add_auditee_user_group: $('#btn-add-auditee-user-group'),
|
||||
btn_add_auditee_host: $('#btn-add-auditee-host'),
|
||||
btn_add_auditee_host_group: $('#btn-add-auditee-host-group'),
|
||||
select_all_auditee: $('#table-auditee-select-all'),
|
||||
|
|
@ -277,6 +277,7 @@ $app.create_controls = function (cb_stack) {
|
|||
$app.dlg_sel_auditor_user = $app.create_dlg_sel_auditor_user();
|
||||
cb_stack.add($app.dlg_sel_auditor_user.init);
|
||||
|
||||
/*
|
||||
//-------------------------------
|
||||
// 选择用户(资源)对话框
|
||||
//-------------------------------
|
||||
|
|
@ -354,6 +355,7 @@ $app.create_controls = function (cb_stack) {
|
|||
|
||||
$app.dlg_sel_auditee_user = $app.create_dlg_sel_auditee_user();
|
||||
cb_stack.add($app.dlg_sel_auditee_user.init);
|
||||
*/
|
||||
|
||||
//-------------------------------
|
||||
// 选择用户组(操作者)对话框
|
||||
|
|
@ -412,6 +414,7 @@ $app.create_controls = function (cb_stack) {
|
|||
$app.dlg_sel_auditor_ug = $app.create_dlg_sel_auditor_ug();
|
||||
cb_stack.add($app.dlg_sel_auditor_ug.init);
|
||||
|
||||
/*
|
||||
//-------------------------------
|
||||
// 选择用户组(资源)对话框
|
||||
//-------------------------------
|
||||
|
|
@ -468,6 +471,7 @@ $app.create_controls = function (cb_stack) {
|
|||
|
||||
$app.dlg_sel_auditee_ug = $app.create_dlg_sel_auditee_ug();
|
||||
cb_stack.add($app.dlg_sel_auditee_ug.init);
|
||||
*/
|
||||
|
||||
//-------------------------------
|
||||
// 选择主机对话框
|
||||
|
|
@ -623,12 +627,12 @@ $app.create_controls = function (cb_stack) {
|
|||
$app.dom.btn_add_auditor_user_group.click(function () {
|
||||
$app.dlg_sel_auditor_ug.show();
|
||||
});
|
||||
$app.dom.btn_add_auditee_user.click(function () {
|
||||
$app.dlg_sel_auditee_user.show();
|
||||
});
|
||||
$app.dom.btn_add_auditee_user_group.click(function () {
|
||||
$app.dlg_sel_auditee_ug.show();
|
||||
});
|
||||
// $app.dom.btn_add_auditee_user.click(function () {
|
||||
// $app.dlg_sel_auditee_user.show();
|
||||
// });
|
||||
// $app.dom.btn_add_auditee_user_group.click(function () {
|
||||
// $app.dlg_sel_auditee_ug.show();
|
||||
// });
|
||||
$app.dom.btn_add_auditee_host.click(function () {
|
||||
$app.dlg_sel_host.show();
|
||||
});
|
||||
|
|
@ -1132,7 +1136,7 @@ $app.create_dlg_sel_auditor_user = function () {
|
|||
return dlg;
|
||||
};
|
||||
|
||||
|
||||
/*
|
||||
//-------------------------------
|
||||
// 选择用户(资源)对话框
|
||||
//-------------------------------
|
||||
|
|
@ -1305,7 +1309,7 @@ $app.create_dlg_sel_auditee_user = function () {
|
|||
|
||||
return dlg;
|
||||
};
|
||||
|
||||
*/
|
||||
|
||||
//-------------------------------
|
||||
// 选择用户组(操作者)对话框
|
||||
|
|
@ -1445,6 +1449,7 @@ $app.create_dlg_sel_auditor_ug = function () {
|
|||
return dlg;
|
||||
};
|
||||
|
||||
/*
|
||||
//-------------------------------
|
||||
// 选择用户组(资源)对话框
|
||||
//-------------------------------
|
||||
|
|
@ -1582,6 +1587,7 @@ $app.create_dlg_sel_auditee_ug = function () {
|
|||
|
||||
return dlg;
|
||||
};
|
||||
*/
|
||||
|
||||
//-------------------------------
|
||||
// 选择主机对话框
|
||||
|
|
|
|||
|
|
@ -142,7 +142,7 @@
|
|||
|
||||
<div class="col-md-6">
|
||||
<div id="area-auditee">
|
||||
<div class="area-title"><span class="name">被审计资源</span><span class="desc">(被审计的用户或主机)</span></div>
|
||||
<div class="area-title"><span class="name">被审计资源</span><span class="desc">(被审计的主机)</span></div>
|
||||
|
||||
<div style="padding:5px;">
|
||||
<div class="table-extend-area">
|
||||
|
|
@ -153,8 +153,8 @@
|
|||
</div>
|
||||
<div class="table-extend-cell table-item-counter">
|
||||
<div class="btn-group btn-group-sm">
|
||||
<btn class="btn btn-success" id="btn-add-auditee-user"><i class="fa fa-plus"></i> 添加用户</btn>
|
||||
<btn class="btn btn-primary" id="btn-add-auditee-user-group"><i class="fa fa-plus-circle"></i> 添加用户组</btn>
|
||||
## <btn class="btn btn-success" id="btn-add-auditee-user"><i class="fa fa-plus"></i> 添加用户</btn>
|
||||
## <btn class="btn btn-primary" id="btn-add-auditee-user-group"><i class="fa fa-plus-circle"></i> 添加用户组</btn>
|
||||
<btn class="btn btn-success" id="btn-add-auditee-host"><i class="fa fa-plus"></i> 添加主机</btn>
|
||||
<btn class="btn btn-primary" id="btn-add-auditee-host-group"><i class="fa fa-plus-circle"></i> 添加主机组</btn>
|
||||
</div>
|
||||
|
|
@ -243,46 +243,46 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div class="modal fade" id="dlg-sel-auditee-user" tabindex="-1" role="dialog">
|
||||
<div class="modal-dialog modal-lg" role="document">
|
||||
<div class="modal-content">
|
||||
<div class="modal-header">
|
||||
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fa fa-times-circle fa-fw"></i></button>
|
||||
<h3 data-field="dlg-title" class="modal-title">选择用户</h3>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
|
||||
<table id="table-sel-auditee-user" class="table table-striped table-bordered table-hover table-data no-footer dtr-inline"></table>
|
||||
<div class="table-extend-area">
|
||||
<div class="table-extend-cell checkbox-select-all"><input data-action="sel-all" type="checkbox"/></div>
|
||||
<div class="table-extend-cell group-actions">
|
||||
<div class="btn-group" role="group">
|
||||
<button data-action="use-selected" type="button" class="btn btn-primary"><i class="fa fa-edit fa-fw"></i> 添加为被授权资源</button>
|
||||
</div>
|
||||
</div>
|
||||
<div class="table-extend-cell table-item-counter">
|
||||
<ol id="table-sel-auditee-user-paging"></ol>
|
||||
</div>
|
||||
</div>
|
||||
<div class="table-extend-area">
|
||||
<div class="table-extend-cell">
|
||||
<div style="text-align:right;">
|
||||
<nav>
|
||||
<ul id="table-sel-auditee-user-pagination" class="pagination"></ul>
|
||||
</nav>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-sm btn-default" data-dismiss="modal"><i class="fa fa-close fa-fw"></i> 关闭</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
## <div class="modal fade" id="dlg-sel-auditee-user" tabindex="-1" role="dialog">
|
||||
## <div class="modal-dialog modal-lg" role="document">
|
||||
## <div class="modal-content">
|
||||
## <div class="modal-header">
|
||||
## <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fa fa-times-circle fa-fw"></i></button>
|
||||
## <h3 data-field="dlg-title" class="modal-title">选择用户</h3>
|
||||
## </div>
|
||||
## <div class="modal-body">
|
||||
##
|
||||
## <table id="table-sel-auditee-user" class="table table-striped table-bordered table-hover table-data no-footer dtr-inline"></table>
|
||||
## <div class="table-extend-area">
|
||||
## <div class="table-extend-cell checkbox-select-all"><input data-action="sel-all" type="checkbox"/></div>
|
||||
## <div class="table-extend-cell group-actions">
|
||||
## <div class="btn-group" role="group">
|
||||
## <button data-action="use-selected" type="button" class="btn btn-primary"><i class="fa fa-edit fa-fw"></i> 添加为被授权资源</button>
|
||||
## </div>
|
||||
## </div>
|
||||
## <div class="table-extend-cell table-item-counter">
|
||||
## <ol id="table-sel-auditee-user-paging"></ol>
|
||||
## </div>
|
||||
## </div>
|
||||
## <div class="table-extend-area">
|
||||
## <div class="table-extend-cell">
|
||||
## <div style="text-align:right;">
|
||||
## <nav>
|
||||
## <ul id="table-sel-auditee-user-pagination" class="pagination"></ul>
|
||||
## </nav>
|
||||
## </div>
|
||||
## </div>
|
||||
## </div>
|
||||
##
|
||||
## </div>
|
||||
##
|
||||
##
|
||||
## <div class="modal-footer">
|
||||
## <button type="button" class="btn btn-sm btn-default" data-dismiss="modal"><i class="fa fa-close fa-fw"></i> 关闭</button>
|
||||
## </div>
|
||||
## </div>
|
||||
## </div>
|
||||
## </div>
|
||||
|
||||
<div class="modal fade" id="dlg-sel-auditor-user-group" tabindex="-1" role="dialog">
|
||||
<div class="modal-dialog" role="document">
|
||||
|
|
@ -325,46 +325,46 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div class="modal fade" id="dlg-sel-auditee-user-group" tabindex="-1" role="dialog">
|
||||
<div class="modal-dialog" role="document">
|
||||
<div class="modal-content">
|
||||
<div class="modal-header">
|
||||
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fa fa-times-circle fa-fw"></i></button>
|
||||
<h3 data-field="dlg-title" class="modal-title">选择用户组</h3>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
|
||||
<table id="table-sel-auditee-user-group" class="table table-striped table-bordered table-hover table-data no-footer dtr-inline"></table>
|
||||
<div class="table-extend-area">
|
||||
<div class="table-extend-cell checkbox-select-all"><input data-action="sel-all" type="checkbox"/></div>
|
||||
<div class="table-extend-cell group-actions">
|
||||
<div class="btn-group" role="group">
|
||||
<button data-action="use-selected" type="button" class="btn btn-primary"><i class="fa fa-edit fa-fw"></i> 添加为被授权资源</button>
|
||||
</div>
|
||||
</div>
|
||||
<div class="table-extend-cell table-item-counter">
|
||||
<ol id="table-sel-auditee-user-group-paging"></ol>
|
||||
</div>
|
||||
</div>
|
||||
<div class="table-extend-area">
|
||||
<div class="table-extend-cell">
|
||||
<div style="text-align:right;">
|
||||
<nav>
|
||||
<ul id="table-sel-auditee-user-group-pagination" class="pagination"></ul>
|
||||
</nav>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
<div class="modal-footer">
|
||||
<button type="button" class="btn btn-sm btn-default" data-dismiss="modal"><i class="fa fa-close fa-fw"></i> 关闭</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
## <div class="modal fade" id="dlg-sel-auditee-user-group" tabindex="-1" role="dialog">
|
||||
## <div class="modal-dialog" role="document">
|
||||
## <div class="modal-content">
|
||||
## <div class="modal-header">
|
||||
## <button type="button" class="close" data-dismiss="modal" aria-label="Close"><i class="fa fa-times-circle fa-fw"></i></button>
|
||||
## <h3 data-field="dlg-title" class="modal-title">选择用户组</h3>
|
||||
## </div>
|
||||
## <div class="modal-body">
|
||||
##
|
||||
## <table id="table-sel-auditee-user-group" class="table table-striped table-bordered table-hover table-data no-footer dtr-inline"></table>
|
||||
## <div class="table-extend-area">
|
||||
## <div class="table-extend-cell checkbox-select-all"><input data-action="sel-all" type="checkbox"/></div>
|
||||
## <div class="table-extend-cell group-actions">
|
||||
## <div class="btn-group" role="group">
|
||||
## <button data-action="use-selected" type="button" class="btn btn-primary"><i class="fa fa-edit fa-fw"></i> 添加为被授权资源</button>
|
||||
## </div>
|
||||
## </div>
|
||||
## <div class="table-extend-cell table-item-counter">
|
||||
## <ol id="table-sel-auditee-user-group-paging"></ol>
|
||||
## </div>
|
||||
## </div>
|
||||
## <div class="table-extend-area">
|
||||
## <div class="table-extend-cell">
|
||||
## <div style="text-align:right;">
|
||||
## <nav>
|
||||
## <ul id="table-sel-auditee-user-group-pagination" class="pagination"></ul>
|
||||
## </nav>
|
||||
## </div>
|
||||
## </div>
|
||||
## </div>
|
||||
##
|
||||
## </div>
|
||||
##
|
||||
##
|
||||
## <div class="modal-footer">
|
||||
## <button type="button" class="btn btn-sm btn-default" data-dismiss="modal"><i class="fa fa-close fa-fw"></i> 关闭</button>
|
||||
## </div>
|
||||
## </div>
|
||||
## </div>
|
||||
## </div>
|
||||
|
||||
<div class="modal fade" id="dlg-sel-host" tabindex="-1" role="dialog">
|
||||
<div class="modal-dialog modal-lg" role="document">
|
||||
|
|
|
|||
|
|
@ -101,10 +101,10 @@ TP_POLICY_AUTH_gUSER_gACC = 6 # 6=用户组:账号组
|
|||
TP_POLICY_AUTH_gUSER_HOST = 7 # 7=用户组:主机
|
||||
TP_POLICY_AUTH_gUSER_gHOST = 8 # 8=用户组:主机组
|
||||
# 下列四个仅用于审计授权
|
||||
TP_POLICY_AUTH_USER_USER = 9 # 1=用户:用户
|
||||
TP_POLICY_AUTH_USER_gUSER = 10 # 2=用户:用户组
|
||||
TP_POLICY_AUTH_gUSER_USER = 11 # 5=用户组:用户
|
||||
TP_POLICY_AUTH_gUSER_gUSER = 12 # 6=用户组:用户组
|
||||
# TP_POLICY_AUTH_USER_USER = 9 # 1=用户:用户
|
||||
# TP_POLICY_AUTH_USER_gUSER = 10 # 2=用户:用户组
|
||||
# TP_POLICY_AUTH_gUSER_USER = 11 # 5=用户组:用户
|
||||
# TP_POLICY_AUTH_gUSER_gUSER = 12 # 6=用户组:用户组
|
||||
|
||||
|
||||
# =======================================================
|
||||
|
|
|
|||
|
|
@ -487,10 +487,10 @@ def get_remotes(handler, sql_filter, sql_order, sql_limit):
|
|||
def build_auz_map():
|
||||
_users = {}
|
||||
_hosts = {}
|
||||
_accs = {}
|
||||
# _accs = {}
|
||||
_gusers = {}
|
||||
_ghosts = {}
|
||||
_gaccs = {}
|
||||
# _gaccs = {}
|
||||
_groups = {}
|
||||
_policies = {}
|
||||
|
||||
|
|
@ -499,6 +499,10 @@ def build_auz_map():
|
|||
|
||||
_map = []
|
||||
|
||||
db = get_db()
|
||||
dbtp = db.table_prefix
|
||||
db.exec('DELETE FROM {}audit_map'.format(dbtp))
|
||||
|
||||
s = SQL(get_db())
|
||||
|
||||
# 加载所有策略
|
||||
|
|
@ -547,8 +551,8 @@ def build_auz_map():
|
|||
_gusers[i.id] = []
|
||||
elif i.type == TP_GROUP_HOST:
|
||||
_ghosts[i.id] = []
|
||||
elif i.type == TP_GROUP_ACCOUNT:
|
||||
_gaccs[i.id] = []
|
||||
# elif i.type == TP_GROUP_ACCOUNT:
|
||||
# _gaccs[i.id] = []
|
||||
|
||||
# 加载所有的组
|
||||
err = s.reset().select_from('group_map', ['id', 'type', 'gid', 'mid'], alt_name='g').query()
|
||||
|
|
@ -563,10 +567,10 @@ def build_auz_map():
|
|||
# if g.gid not in _ghosts:
|
||||
# _ghosts[g.gid] = []
|
||||
_ghosts[g.gid].append(_hosts[g.mid])
|
||||
# elif g.type == TP_GROUP_ACCOUNT:
|
||||
# # if g.gid not in _gaccs:
|
||||
# # _gaccs[g.gid] = []
|
||||
# _gaccs[g.gid].append(_accs[g.mid])
|
||||
# elif g.type == TP_GROUP_ACCOUNT:
|
||||
# # if g.gid not in _gaccs:
|
||||
# # _gaccs[g.gid] = []
|
||||
# _gaccs[g.gid].append(_accs[g.mid])
|
||||
|
||||
# 加载所有策略明细
|
||||
err = s.reset().select_from('audit_auz', ['id', 'policy_id', 'type', 'rtype', 'rid'], alt_name='o').query()
|
||||
|
|
@ -613,94 +617,95 @@ def build_auz_map():
|
|||
if i.policy_id not in _p_assets:
|
||||
_p_assets[i.policy_id] = []
|
||||
|
||||
if i.rtype == TP_ACCOUNT:
|
||||
a = _accs[i.rid]
|
||||
h = _hosts[a.host_id]
|
||||
# if i.rtype == TP_ACCOUNT:
|
||||
# a = _accs[i.rid]
|
||||
# h = _hosts[a.host_id]
|
||||
# _p_assets[i.policy_id].append({
|
||||
# 'a_id': i.rid,
|
||||
# 'a_state': a.state,
|
||||
# 'ga_id': 0,
|
||||
# 'ga_state': 0,
|
||||
# 'h_id': h.id,
|
||||
# 'h_state': h.state,
|
||||
# 'gh_id': 0,
|
||||
# 'gh_state': 0,
|
||||
# 'a_name': a.username,
|
||||
# 'protocol_type': a.protocol_type,
|
||||
# 'protocol_port': a.protocol_port,
|
||||
# 'h_name': h.name,
|
||||
# 'ip': h.ip,
|
||||
# 'router_ip': h.router_ip,
|
||||
# 'router_port': h.router_port,
|
||||
# 'auth_to_': 'ACC'
|
||||
# })
|
||||
# elif i.rtype == TP_GROUP_ACCOUNT:
|
||||
# for a in _gaccs[i.rid]:
|
||||
# h = _hosts[a.host_id]
|
||||
# _p_assets[i.policy_id].append({
|
||||
# 'a_id': a.id,
|
||||
# 'a_state': a.state,
|
||||
# 'ga_id': i.rid,
|
||||
# 'ga_state': _groups[i.rid].state,
|
||||
# 'h_id': h.id,
|
||||
# 'h_state': h.state,
|
||||
# 'gh_id': 0,
|
||||
# 'gh_state': 0,
|
||||
# 'a_name': a.username,
|
||||
# 'protocol_type': a.protocol_type,
|
||||
# 'protocol_port': a.protocol_port,
|
||||
# 'h_name': h.name,
|
||||
# 'ip': h.ip,
|
||||
# 'router_ip': h.router_ip,
|
||||
# 'router_port': h.router_port,
|
||||
# 'auth_to_': 'gACC'
|
||||
# })
|
||||
# el
|
||||
if i.rtype == TP_HOST:
|
||||
# for aid in _accs:
|
||||
# if _accs[aid].host_id == i.rid:
|
||||
# a = _accs[aid]
|
||||
h = _hosts[i.rid]
|
||||
_p_assets[i.policy_id].append({
|
||||
'a_id': i.rid,
|
||||
'a_state': a.state,
|
||||
'ga_id': 0,
|
||||
'ga_state': 0,
|
||||
# 'a_id': aid,
|
||||
# 'a_state': a.state,
|
||||
# 'ga_id': 0,
|
||||
# 'ga_state': 0,
|
||||
'h_id': h.id,
|
||||
'h_state': h.state,
|
||||
# 'h_state': h.state,
|
||||
'gh_id': 0,
|
||||
'gh_state': 0,
|
||||
'a_name': a.username,
|
||||
'protocol_type': a.protocol_type,
|
||||
'protocol_port': a.protocol_port,
|
||||
# 'gh_state': 0,
|
||||
# 'a_name': a.username,
|
||||
# 'protocol_type': h.protocol_type,
|
||||
# 'protocol_port': h.protocol_port,
|
||||
'h_name': h.name,
|
||||
'ip': h.ip,
|
||||
'router_ip': h.router_ip,
|
||||
'router_port': h.router_port,
|
||||
'auth_to_': 'ACC'
|
||||
'auth_to_': 'HOST'
|
||||
})
|
||||
elif i.rtype == TP_GROUP_ACCOUNT:
|
||||
for a in _gaccs[i.rid]:
|
||||
h = _hosts[a.host_id]
|
||||
elif i.rtype == TP_GROUP_HOST:
|
||||
for h in _ghosts[i.rid]:
|
||||
# for aid in _accs:
|
||||
# if _accs[aid].host_id == h.id:
|
||||
# a = _accs[aid]
|
||||
_p_assets[i.policy_id].append({
|
||||
'a_id': a.id,
|
||||
'a_state': a.state,
|
||||
'ga_id': i.rid,
|
||||
'ga_state': _groups[i.rid].state,
|
||||
# 'a_id': aid,
|
||||
# 'a_state': a.state,
|
||||
'ga_id': 0,
|
||||
'ga_state': 0,
|
||||
'h_id': h.id,
|
||||
'h_state': h.state,
|
||||
'gh_id': 0,
|
||||
'gh_state': 0,
|
||||
'a_name': a.username,
|
||||
'protocol_type': a.protocol_type,
|
||||
'protocol_port': a.protocol_port,
|
||||
# 'h_state': h.state,
|
||||
'gh_id': i.rid,
|
||||
# 'gh_state': _groups[i.rid].state,
|
||||
# 'a_name': a.username,
|
||||
# 'protocol_type': a.protocol_type,
|
||||
# 'protocol_port': a.protocol_port,
|
||||
'h_name': h.name,
|
||||
'ip': h.ip,
|
||||
'router_ip': h.router_ip,
|
||||
'router_port': h.router_port,
|
||||
'auth_to_': 'gACC'
|
||||
'auth_to_': 'gHOST'
|
||||
})
|
||||
elif i.rtype == TP_HOST:
|
||||
for aid in _accs:
|
||||
if _accs[aid].host_id == i.rid:
|
||||
a = _accs[aid]
|
||||
h = _hosts[i.rid]
|
||||
_p_assets[i.policy_id].append({
|
||||
'a_id': aid,
|
||||
'a_state': a.state,
|
||||
'ga_id': 0,
|
||||
'ga_state': 0,
|
||||
'h_id': h.id,
|
||||
'h_state': h.state,
|
||||
'gh_id': 0,
|
||||
'gh_state': 0,
|
||||
'a_name': a.username,
|
||||
'protocol_type': a.protocol_type,
|
||||
'protocol_port': a.protocol_port,
|
||||
'h_name': h.name,
|
||||
'ip': h.ip,
|
||||
'router_ip': h.router_ip,
|
||||
'router_port': h.router_port,
|
||||
'auth_to_': 'HOST'
|
||||
})
|
||||
elif i.rtype == TP_GROUP_HOST:
|
||||
for h in _ghosts[i.rid]:
|
||||
for aid in _accs:
|
||||
if _accs[aid].host_id == h.id:
|
||||
a = _accs[aid]
|
||||
_p_assets[i.policy_id].append({
|
||||
'a_id': aid,
|
||||
'a_state': a.state,
|
||||
'ga_id': 0,
|
||||
'ga_state': 0,
|
||||
'h_id': h.id,
|
||||
'h_state': h.state,
|
||||
'gh_id': i.rid,
|
||||
'gh_state': _groups[i.rid].state,
|
||||
'a_name': a.username,
|
||||
'protocol_type': a.protocol_type,
|
||||
'protocol_port': a.protocol_port,
|
||||
'h_name': h.name,
|
||||
'ip': h.ip,
|
||||
'router_ip': h.router_ip,
|
||||
'router_port': h.router_port,
|
||||
'auth_to_': 'gHOST'
|
||||
})
|
||||
else:
|
||||
log.e('invalid asset type.\n')
|
||||
return TPE_FAILED
|
||||
|
|
@ -725,47 +730,47 @@ def build_auz_map():
|
|||
x.update(u)
|
||||
x.update(a)
|
||||
|
||||
x.uni_id = '{}-{}-{}-{}-{}-{}-{}'.format(x.p_id, x.gu_id, x.u_id, x.gh_id, x.h_id, x.ga_id, x.a_id)
|
||||
x.ua_id = 'u{}-a{}'.format(x.u_id, x.a_id)
|
||||
x.uni_id = '{}-{}-{}-{}-{}'.format(x.p_id, x.gu_id, x.u_id, x.gh_id, x.h_id)
|
||||
x.uh_id = 'u{}-h{}'.format(x.u_id, x.h_id)
|
||||
|
||||
x.policy_auth_type = TP_POLICY_AUTH_UNKNOWN
|
||||
if u['auth_from_'] == 'USER' and a['auth_to_'] == 'ACC':
|
||||
x.policy_auth_type = TP_POLICY_AUTH_USER_ACC
|
||||
elif u['auth_from_'] == 'USER' and a['auth_to_'] == 'gACC':
|
||||
x.policy_auth_type = TP_POLICY_AUTH_USER_gACC
|
||||
elif u['auth_from_'] == 'USER' and a['auth_to_'] == 'HOST':
|
||||
# if u['auth_from_'] == 'USER' and a['auth_to_'] == 'ACC':
|
||||
# x.policy_auth_type = TP_POLICY_AUTH_USER_ACC
|
||||
# elif u['auth_from_'] == 'USER' and a['auth_to_'] == 'gACC':
|
||||
# x.policy_auth_type = TP_POLICY_AUTH_USER_gACC
|
||||
# el
|
||||
if u['auth_from_'] == 'USER' and a['auth_to_'] == 'HOST':
|
||||
x.policy_auth_type = TP_POLICY_AUTH_USER_HOST
|
||||
elif u['auth_from_'] == 'USER' and a['auth_to_'] == 'gHOST':
|
||||
x.policy_auth_type = TP_POLICY_AUTH_USER_gHOST
|
||||
elif u['auth_from_'] == 'gUSER' and a['auth_to_'] == 'ACC':
|
||||
x.policy_auth_type = TP_POLICY_AUTH_gUSER_ACC
|
||||
elif u['auth_from_'] == 'gUSER' and a['auth_to_'] == 'gACC':
|
||||
x.policy_auth_type = TP_POLICY_AUTH_gUSER_gACC
|
||||
# elif u['auth_from_'] == 'gUSER' and a['auth_to_'] == 'ACC':
|
||||
# x.policy_auth_type = TP_POLICY_AUTH_gUSER_ACC
|
||||
# elif u['auth_from_'] == 'gUSER' and a['auth_to_'] == 'gACC':
|
||||
# x.policy_auth_type = TP_POLICY_AUTH_gUSER_gACC
|
||||
elif u['auth_from_'] == 'gUSER' and a['auth_to_'] == 'HOST':
|
||||
x.policy_auth_type = TP_POLICY_AUTH_gUSER_HOST
|
||||
elif u['auth_from_'] == 'gUSER' and a['auth_to_'] == 'gHOST':
|
||||
x.policy_auth_type = TP_POLICY_AUTH_gUSER_gHOST
|
||||
else:
|
||||
log.w('invalid policy data.\n')
|
||||
continue
|
||||
|
||||
_map.append(x)
|
||||
|
||||
db = get_db()
|
||||
dbtp = db.table_prefix
|
||||
|
||||
db.exec('DELETE FROM {}audit_map'.format(dbtp))
|
||||
if len(_map) == 0:
|
||||
return TPE_OK
|
||||
|
||||
values = []
|
||||
for i in _map:
|
||||
v = '("{uni_id}","{ua_id}",{p_id},{p_rank},{p_state},{policy_auth_type},{u_id},{u_state},{gu_id},{gu_state},{h_id},{h_state},{gh_id},{gh_state},{a_id},{a_state},{ga_id},{ga_state},' \
|
||||
'"{u_name}","{u_surname}","{h_name}","{ip}","{router_ip}",{router_port},"{a_name}",{protocol_type},{protocol_port})' \
|
||||
''.format(uni_id=i.uni_id, ua_id=i.ua_id, p_id=i.p_id, p_rank=i.p_rank, p_state=i.p_state,policy_auth_type=i.policy_auth_type,
|
||||
u_id=i.u_id, u_state=i.u_state, gu_id=i.gu_id, gu_state=i.gu_state, h_id=i.h_id, h_state=i.h_state,
|
||||
gh_id=i.gh_id, gh_state=i.gh_state, a_id=i.a_id, a_state=i.a_state, ga_id=i.ga_id, ga_state=i.ga_state,
|
||||
u_name=i.u_name, u_surname=i.u_surname, h_name=i.h_name, ip=i.ip, router_ip=i.router_ip, router_port=i.router_port,
|
||||
a_name=i.a_name, protocol_type=i.protocol_type, protocol_port=i.protocol_port)
|
||||
v = '("{uni_id}","{uh_id}",{p_id},{p_rank},{p_state},{policy_auth_type},{u_id},{u_state},{gu_id},{gu_state},{h_id},{gh_id},' \
|
||||
'"{u_name}","{u_surname}","{h_name}","{ip}","{router_ip}",{router_port})' \
|
||||
''.format(uni_id=i.uni_id, uh_id=i.uh_id, p_id=i.p_id, p_rank=i.p_rank, p_state=i.p_state, policy_auth_type=i.policy_auth_type,
|
||||
u_id=i.u_id, u_state=i.u_state, gu_id=i.gu_id, gu_state=i.gu_state, h_id=i.h_id,gh_id=i.gh_id,
|
||||
u_name=i.u_name, u_surname=i.u_surname, h_name=i.h_name, ip=i.ip, router_ip=i.router_ip, router_port=i.router_port)
|
||||
values.append(v)
|
||||
|
||||
sql = 'INSERT INTO `{dbtp}audit_map` (uni_id,ua_id,p_id,p_rank,p_state,policy_auth_type,u_id,u_state,gu_id,gu_state,h_id,h_state,gh_id,gh_state,a_id,a_state,ga_id,ga_state,' \
|
||||
'u_name,u_surname,h_name,ip,router_ip,router_port,a_name,protocol_type,protocol_port) VALUES \n{values};' \
|
||||
sql = 'INSERT INTO `{dbtp}audit_map` (uni_id,uh_id,p_id,p_rank,p_state,policy_auth_type,u_id,u_state,gu_id,gu_state,h_id,gh_id,' \
|
||||
'u_name,u_surname,h_name,ip,router_ip,router_port) VALUES \n{values};' \
|
||||
''.format(dbtp=dbtp, values=',\n'.join(values))
|
||||
|
||||
db_ret = db.exec(sql)
|
||||
|
|
|
|||
Loading…
Reference in New Issue