Merge branch 'feature/v3' of github.com:eomsoft/teleport into feature/v3

2017-12-15 21:53:15 +08:00 · 2017-12-15 21:53:15 +08:00 · 0d5cf16331
parent 5b6b9ebb0e 7aed827ee8
commit 0d5cf16331
3 changed files with 45 additions and 10 deletions
--- a/config.ini.in
+++ b/config.ini.in
@ -1,6 +1,6 @@
 [toolchain]
 #============================================
-# for windows
+# for Windows
 #============================================

 # Need wget to download necessary dependency files.
@ -24,7 +24,7 @@ wget = C:\Program Files (x86)\wget\wget.exe


 # ============================================
-# for linux
+# for Linux and macOS
 # ============================================

 # if not set cmake path, default to '/usr/bin/cmake'
--- a/server/www/teleport/webroot/app/base/database/create.py
+++ b/server/www/teleport/webroot/app/base/database/create.py
@ -31,6 +31,7 @@ class DatabaseInit:
            self._create_audit_map()
            self._create_syslog()
            self._create_record()
+            self._create_record_audit()
            self._make_builtin_data(sysadmin, email, password)
        except:
            log.e('[db] can not create and initialize database.\n')
@ -127,7 +128,7 @@ class DatabaseInit:
        f.append('`auth_type` int(11) DEFAULT 0')
        # password: 登录密码（如果是LDAP账号则忽略此字段）
        f.append('`password` varchar(128) DEFAULT ""')
-        # oath_secret: 身份验证器密钥（使用核心服务加密存储）
+        # oath_secret: 身份验证器密钥
        f.append('`oath_secret` varchar(64) DEFAULT ""')
        # state: 状态，1=正常，2=禁用，3=临时锁定
        f.append('`state` int(3) DEFAULT 1')
@ -165,6 +166,7 @@ class DatabaseInit:

    def _create_user_rpt(self):
        """ 用户忘记密码时重置需要进行验证的token，24小时有效
+        rpt = Reset Password Token
        """
        f = list()

@ -178,7 +180,7 @@ class DatabaseInit:
        f.append('`create_time` int(11) DEFAULT 0')

        self._db_exec(
-            '创建用户找回密码表...',
+            '创建用户密码重置表...',
            'CREATE TABLE `{}user_rpt` ({});'.format(self.db.table_prefix, ','.join(f))
        )

@ -745,6 +747,9 @@ class DatabaseInit:
        # id: 自增主键
        f.append('`id` integer PRIMARY KEY {}'.format(self.db.auto_increment))

+        # audited: 是否已审查
+        f.append('`audited` int(3) DEFAULT 0')
+
        # sid: 会话ID
        f.append('`sid` varchar(32) DEFAULT ""')

@ -783,7 +788,7 @@ class DatabaseInit:
        f.append('`protocol_sub_type` int(11) DEFAULT 0')

        # time_begin: 会话开始时间
-        f.append('`time_begin` int(11)')
+        f.append('`time_begin` int(11) DEFAULT 0')
        # time_end: 会话结束时间
        f.append('`time_end` int(11) DEFAULT 0')

@ -792,6 +797,32 @@ class DatabaseInit:
            'CREATE TABLE `{}record` ({});'.format(self.db.table_prefix, ','.join(f))
        )

+    def _create_record_audit(self):
+        """ 运维录像日志审计操作及结果 """
+        f = list()
+
+        # id: 自增主键
+        f.append('`id` integer PRIMARY KEY {}'.format(self.db.auto_increment))
+        # record_id: 运维日志ID
+        f.append('`record_id` int(11) DEFAULT 0')
+        # user_id: 审计者ID
+        f.append('`user_id` int(11) DEFAULT 0')
+        # user_name: 审计者用户名
+        f.append('`user_username` varchar(32) DEFAULT ""')
+        # user_surname: 审计者用户姓名
+        f.append('`user_surname` varchar(64) DEFAULT ""')
+        # ts: 审计时间 timestamp
+        f.append('`ts` int(11) DEFAULT 0')
+        # ret_code: 审计结果
+        f.append('`ret_code` TEXT')
+        # ret_desc: 审计结果说明
+        f.append('`ret_desc` TEXT')
+
+        self._db_exec(
+            '创建运维审计操作表...',
+            'CREATE TABLE `{}record_audit` ({});'.format(self.db.table_prefix, ','.join(f))
+        )
+
    def _make_builtin_data(self, sysadmin, email, password):
        _time_now = tp_timestamp_utc_now()

--- a/server/www/teleport/webroot/app/base/db.py
+++ b/server/www/teleport/webroot/app/base/db.py
@ -63,8 +63,8 @@ class TPDatabase:
                cfg.set_default('database::sqlite-file', os.path.join(cfg.data_path, 'db', 'teleport.db'))
            if not self._init_sqlite(cfg.database.sqlite_file):
                return False
-            # if self.need_create:
-            #     return True
+            if self.need_create:
+                return True
        elif 'mysql' == cfg.database.type:
            if not self._init_mysql(cfg.database.mysql_host, cfg.database.mysql_port,
                                    cfg.database.mysql_db, cfg.database.mysql_prefix,
@ -81,6 +81,8 @@ class TPDatabase:
            self.connected = True

    def check_status(self):
+        if self.need_create:
+            return True
        # 看看数据库中是否存在指定的数据表（如果不存在，可能是一个空数据库文件），则可能是一个新安装的系统
        # ret = self.query('SELECT COUNT(*) FROM `sqlite_master` WHERE `type`="table" AND `name`="{}account";'.format(self._table_prefix))
        ret = self.is_table_exists('{}config'.format(self._table_prefix))
@ -194,6 +196,8 @@ class TPDatabase:
            return None

    def query(self, sql, args=()):
+        if self.need_create:
+            return None
        # log.d('[db] {}, {}\n'.format(sql, args))
        # _start = datetime.datetime.utcnow().timestamp()
        ret = self._conn_pool.query(sql, args)
@ -388,9 +392,9 @@ class TPSqlitePool(TPDatabasePool):
        self._db_file = db_file

    def _do_connect(self):
-        if not os.path.exists(self._db_file):
-            log.e('[sqlite] can not connect, database file not exists.\n')
-            return None
+        # if not os.path.exists(self._db_file):
+        #     log.e('[sqlite] can not connect, database file not exists.\n')
+        #     return None

        try:
            return sqlite3.connect(self._db_file)