github
/
teleport
mirror of https://github.com/tp4a/teleport
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

导入或创建用户时,如果系统配置了SMTP,且用户有设置email,则自动发送密码函。

pull/105/head
Apex Liu 2017-12-22 00:12:54 +08:00
parent aedb6099a0
commit 0d72354680
5 changed files with 130 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
server/www/teleport/static/js/user/user-list.js
View File

@ -440,14 +440,11 @@ $app.on_btn_do_upload_click = function () {
.html('<i class="fa fa-cog fa-spin fa-fw"></i> 正在导入,请稍候...') .html('<i class="fa fa-cog fa-spin fa-fw"></i> 正在导入,请稍候...')
.show(); .show();
console.log('xxx');
var param = {}; var param = {};
$.ajaxFileUpload({ $.ajaxFileUpload({
url: "/user/upload-import",// 需要链接到服务器地址 url: "/user/upload-import",// 需要链接到服务器地址
fileElementId: "file-selector", // 文件选择框的id属性 fileElementId: "file-selector", // 文件选择框的id属性
timeout: 60000, timeout: 120000,
secureuri: false, secureuri: false,
dataType: 'text', dataType: 'text',
data: param, data: param,
@ -888,7 +885,7 @@ $app.create_dlg_edit_user = function () {
if (dlg.dom.btn_auth_username_password_oath.hasClass('tp-selected')) if (dlg.dom.btn_auth_username_password_oath.hasClass('tp-selected'))
dlg.field_auth_type |= TP_LOGIN_AUTH_USERNAME_PASSWORD_OATH; dlg.field_auth_type |= TP_LOGIN_AUTH_USERNAME_PASSWORD_OATH;
if(dlg.field_auth_type === 0) { if (dlg.field_auth_type === 0) {
$tp.notify_error('请设置用户登录时身份验证方式!'); $tp.notify_error('请设置用户登录时身份验证方式!');
return false; return false;
} }
@ -902,6 +899,7 @@ $app.create_dlg_edit_user = function () {
return; return;
var action = (dlg.field_id === -1) ? '创建' : '更新'; var action = (dlg.field_id === -1) ? '创建' : '更新';
var timeout = (dlg.field_id === -1) ? 60000 : 3000;
// 如果id为-1表示创建否则表示更新 // 如果id为-1表示创建否则表示更新
$tp.ajax_post_json('/user/update-user', { $tp.ajax_post_json('/user/update-user', {
@ -918,6 +916,9 @@ $app.create_dlg_edit_user = function () {
}, },
function (ret) { function (ret) {
if (ret.code === TPE_OK) { if (ret.code === TPE_OK) {
if (ret.message.length > 0)
$tp.notify_success(ret.message);
else
$tp.notify_success('用户账号' + action + '成功!'); $tp.notify_success('用户账号' + action + '成功!');
$app.table_users.load_data(); $app.table_users.load_data();
dlg.dom.dialog.modal('hide'); dlg.dom.dialog.modal('hide');
@ -927,7 +928,8 @@ $app.create_dlg_edit_user = function () {
}, },
function () { function () {
$tp.notify_error('网络故障,用户账号' + action + '失败!'); $tp.notify_error('网络故障,用户账号' + action + '失败!');
} },
timeout
); );
}; };

1
server/www/teleport/webroot/app/base/core_server.py
View File

@ -38,7 +38,6 @@ def core_service_async_post_http(post_data):
@tornado.gen.coroutine @tornado.gen.coroutine
def core_service_async_enc(data): def core_service_async_enc(data):
# url = 'http://{}:{}/rpc'.format(ts_server_rpc_ip, ts_server_rpc_port)
req = {'method': 'enc', 'param': {'p': data}} req = {'method': 'enc', 'param': {'p': data}}
_yr = core_service_async_post_http(req) _yr = core_service_async_post_http(req)

30
server/www/teleport/webroot/app/base/utils.py
View File

@ -6,6 +6,7 @@ import time
import datetime import datetime
import hashlib import hashlib
import threading import threading
import random
__all__ = ['AttrDict', 'tp_make_dir'] __all__ = ['AttrDict', 'tp_make_dir']
@ -170,7 +171,7 @@ def tp_timestamp_utc_now():
def tp_utc_timestamp_ms(): def tp_utc_timestamp_ms():
return int(datetime.datetime.utcnow().timestamp()*1000) return int(datetime.datetime.utcnow().timestamp() * 1000)
def tp_bytes2string(b, encode='utf8'): def tp_bytes2string(b, encode='utf8'):
@ -199,6 +200,33 @@ def tp_md5file(file_name):
return m.hexdigest() return m.hexdigest()
def tp_gen_password(length=8):
random.seed()
# 生成一个随机密码
_chars = ['ABCDEFGHJKMNPQRSTWXYZ', 'abcdefhijkmnprstwxyz', '2345678'] # 默认去掉了容易混淆的字符oO,Ll,9gq,Vv,Uu,I1
have_CHAR = False
have_char = False
have_num = False
while True:
ret = []
for i in range(length):
idx = random.randint(0, len(_chars) - 1)
if idx == 0:
have_CHAR = True
elif idx == 1:
have_char = True
else:
have_num = True
ret.append(random.choice(_chars[idx]))
if have_CHAR and have_char and have_num:
break
return ''.join(ret)
def tp_check_strong_password(p): def tp_check_strong_password(p):
s = 0 s = 0
if len(p) < 8: if len(p) < 8:

160
server/www/teleport/webroot/app/controller/user.py
View File

@ -11,14 +11,14 @@ from app.base.configs import tp_cfg
from app.base.controller import TPBaseHandler, TPBaseJsonHandler from app.base.controller import TPBaseHandler, TPBaseJsonHandler
from app.base.logger import * from app.base.logger import *
from app.base.session import tp_session from app.base.session import tp_session
from app.base.utils import tp_check_strong_password from app.base.utils import tp_check_strong_password, tp_gen_password
from app.base.utils import tp_timestamp_utc_now # from app.base.utils import tp_timestamp_utc_now
from app.logic.auth.oath import tp_oath_verify_code from app.logic.auth.oath import tp_oath_verify_code
from app.const import * from app.const import *
from app.logic.auth.oath import tp_oath_generate_secret, tp_oath_generate_qrcode from app.logic.auth.oath import tp_oath_generate_secret, tp_oath_generate_qrcode
from app.logic.auth.password import tp_password_generate_secret, tp_password_verify from app.logic.auth.password import tp_password_generate_secret, tp_password_verify
from app.model import group from app.model import group
from app.model import syslog # from app.model import syslog
from app.model import user from app.model import user
@ -401,6 +401,8 @@ class DoImportHandler(TPBaseHandler):
u['wechat'] = csv_recorder[self.IDX_WECHAT].strip() u['wechat'] = csv_recorder[self.IDX_WECHAT].strip()
u['desc'] = csv_recorder[self.IDX_DESC].strip() u['desc'] = csv_recorder[self.IDX_DESC].strip()
u['password'] = tp_gen_password(8)
# fix # fix
if len(u['surname']) == 0: if len(u['surname']) == 0:
u['surname'] = _username u['surname'] = _username
@ -455,15 +457,47 @@ class DoImportHandler(TPBaseHandler):
group.make_group_map(TP_GROUP_USER, gm) group.make_group_map(TP_GROUP_USER, gm)
# 对于创建成功的用户,发送密码邮件函
sys_smtp_password = tp_cfg().sys_smtp_password
if len(sys_smtp_password) > 0:
web_url = '{}://{}'.format(self.request.protocol, self.request.host)
for u in user_list:
if u['_id'] == 0 or len(u['email']) == 0:
continue
err, msg = yield mail.tp_send_mail(
u['email'],
'{surname} 您好!\n\n已为您创建teleport系统用户账号现在可以使用以下信息登录teleport系统\n\n'
'登录用户名:{username}\n'
'密码:{password}\n'
'地址:{web_url}\n\n\n\n'
'[本邮件由teleport系统自动发出请勿回复]'
'\n\n'
''.format(surname=u['surname'], username=u['username'], password=u['password'], web_url=web_url),
subject='用户密码函'
)
if err != TPE_OK:
failed.append({'line': u['_line'], 'error': '无法发送密码函到邮箱 {},错误:{}'.format(u['email'], msg)})
# 统计结果
total_success = 0
total_failed = 0
for u in user_list:
if u['_id'] == 0:
total_failed += 1
else:
total_success += 1
# 生成最终结果信息
if len(failed) == 0: if len(failed) == 0:
ret['code'] = TPE_OK ret['code'] = TPE_OK
ret['message'] = '所有 {} 个用户账号均已导入!'.format(len(success)) ret['message'] = '共导入 {} 个用户账号'.format(total_success)
return self.write(json.dumps(ret).encode('utf8')) return self.write(json.dumps(ret).encode('utf8'))
else: else:
ret['code'] = TPE_FAILED ret['code'] = TPE_FAILED
if len(success) > 0: if total_success > 0:
ret['message'] = '{} 个用户账号导入成功,'.format(len(success)) ret['message'] = '{} 个用户账号导入成功,'.format(total_success)
ret['message'] += '{} 个用户账号未能导入!'.format(len(failed)) if total_failed > 0:
ret['message'] += '{} 个用户账号未能导入!'.format(total_failed)
ret['data'] = failed ret['data'] = failed
return self.write(json.dumps(ret).encode('utf8')) return self.write(json.dumps(ret).encode('utf8'))
@ -474,7 +508,7 @@ class DoImportHandler(TPBaseHandler):
ret['message'] += '{} 个用户账号导入后发生异常!'.format(len(success)) ret['message'] += '{} 个用户账号导入后发生异常!'.format(len(success))
else: else:
ret['message'] = '发生异常!' ret['message'] = '发生异常!'
if len(failed) > 0:
ret['data'] = failed ret['data'] = failed
return self.write(json.dumps(ret).encode('utf8')) return self.write(json.dumps(ret).encode('utf8'))
@ -484,6 +518,7 @@ class DoImportHandler(TPBaseHandler):
class DoUpdateUserHandler(TPBaseJsonHandler): class DoUpdateUserHandler(TPBaseJsonHandler):
@tornado.gen.coroutine
def post(self): def post(self):
ret = self.check_privilege(TP_PRIVILEGE_USER_CREATE) ret = self.check_privilege(TP_PRIVILEGE_USER_CREATE)
if ret != TPE_OK: if ret != TPE_OK:
@ -511,15 +546,37 @@ class DoUpdateUserHandler(TPBaseJsonHandler):
except: except:
return self.write_json(TPE_PARAM) return self.write_json(TPE_PARAM)
if len(args['username']) == 0: # or len(args['email']) == 0: if len(args['username']) == 0:
return self.write_json(TPE_PARAM) return self.write_json(TPE_PARAM)
if args['id'] == -1: if args['id'] == -1:
err, info = user.create_user(self, args) args['password'] = tp_gen_password(8)
err, _ = user.create_user(self, args)
if err == TPE_OK:
# 对于创建成功的用户,发送密码邮件函
sys_smtp_password = tp_cfg().sys_smtp_password
if len(sys_smtp_password) > 0:
web_url = '{}://{}'.format(self.request.protocol, self.request.host)
err, msg = yield mail.tp_send_mail(
args['email'],
'{surname} 您好!\n\n已为您创建teleport系统用户账号现在可以使用以下信息登录teleport系统\n\n'
'登录用户名:{username}\n'
'密码:{password}\n'
'地址:{web_url}\n\n\n\n'
'[本邮件由teleport系统自动发出请勿回复]'
'\n\n'
''.format(surname=args['surname'], username=args['username'], password=args['password'], web_url=web_url),
subject='用户密码函'
)
if err != TPE_OK:
return self.write_json(TPE_OK, '用户账号创建成功,但发送密码函失败:{}'.format(msg))
else:
return self.write_json(TPE_OK)
else:
return self.write_json(err)
else: else:
err = user.update_user(self, args) err = user.update_user(self, args)
info = {} self.write_json(err)
self.write_json(err, data=info)
class DoSetRoleForUsersHandler(TPBaseJsonHandler): class DoSetRoleForUsersHandler(TPBaseJsonHandler):
@ -945,85 +1002,6 @@ class DoGetGroupWithMemberHandler(TPBaseJsonHandler):
self.write_json(err, data=ret) self.write_json(err, data=ret)
# class DoAddGroupMemberHandler(TPBaseJsonHandler):
# def post(self):
# ret = self.check_privilege(TP_PRIVILEGE_USER_GROUP)
# if ret != TPE_OK:
# return
#
# args = self.get_argument('args', None)
# if args is None:
# return self.write_json(TPE_PARAM)
# try:
# args = json.loads(args)
# except:
# return self.write_json(TPE_JSON_FORMAT)
#
# try:
# gid = args['group_id']
# members = args['members']
# except:
# return self.write_json(TPE_PARAM)
#
# err = user.add_group_members(gid, members)
# self.write_json(err)
# class DoRemoveGroupMemberHandler(TPBaseJsonHandler):
# def post(self):
# ret = self.check_privilege(TP_PRIVILEGE_USER_GROUP)
# if ret != TPE_OK:
# return
#
# args = self.get_argument('args', None)
# if args is None:
# return self.write_json(TPE_PARAM)
# try:
# args = json.loads(args)
# except:
# return self.write_json(TPE_JSON_FORMAT)
#
# try:
# gid = args['group_id']
# members = args['members']
# except:
# return self.write_json(TPE_PARAM)
#
# err = user.remove_group_members(gid, members)
# self.write_json(err)
# class DoUpdateGroupHandler(TPBaseJsonHandler):
# def post(self):
# ret = self.check_privilege(TP_PRIVILEGE_USER_GROUP)
# if ret != TPE_OK:
# return
#
# args = self.get_argument('args', None)
# if args is None:
# return self.write_json(TPE_PARAM)
# try:
# args = json.loads(args)
# except:
# return self.write_json(TPE_JSON_FORMAT)
#
# try:
# args['id'] = int(args['id'])
# args['name'] = args['name'].strip()
# args['desc'] = args['desc'].strip()
# except:
# return self.write_json(TPE_PARAM)
#
# if len(args['name']) == 0:
# return self.write_json(TPE_PARAM)
#
# if args['id'] == -1:
# err, _ = user.create_group(self, args)
# else:
# err = user.update_group(self, args)
# self.write_json(err)
class DoGetRoleListHandler(TPBaseJsonHandler): class DoGetRoleListHandler(TPBaseJsonHandler):
def post(self): def post(self):
err, role_list = user.get_role_list() err, role_list = user.get_role_list()

33
server/www/teleport/webroot/app/model/user.py
View File

@ -9,7 +9,7 @@ from app.base.utils import tp_timestamp_utc_now, tp_generate_random
from app.const import * from app.const import *
from app.model import syslog from app.model import syslog
from app.base.stats import tp_stats from app.base.stats import tp_stats
from app.logic.auth.password import tp_password_verify from app.logic.auth.password import tp_password_verify, tp_password_generate_secret
from app.logic.auth.oath import tp_oath_verify_code from app.logic.auth.oath import tp_oath_verify_code
@ -191,10 +191,12 @@ def create_users(handler, user_list, success, failed):
failed.append({'line': user['_line'], 'error': '账号 `{}` 已经存在'.format(user['username'])}) failed.append({'line': user['_line'], 'error': '账号 `{}` 已经存在'.format(user['username'])})
continue continue
sql = 'INSERT INTO `{}user` (`type`, `auth_type`, `username`, `surname`, `role_id`, `state`, `email`, `creator_id`, `create_time`, `last_login`, `last_chpass`, `desc`) VALUES ' \ _password = tp_password_generate_secret(user['password'])
'(1, 0, "{username}", "{surname}", 0, {state}, "{email}", {creator_id}, {create_time}, {last_login}, {last_chpass}, "{desc}");' \
sql = 'INSERT INTO `{}user` (`type`, `auth_type`, `password`, `username`, `surname`, `role_id`, `state`, `email`, `creator_id`, `create_time`, `last_login`, `last_chpass`, `desc`) VALUES ' \
'(1, 0, "{password}", "{username}", "{surname}", 0, {state}, "{email}", {creator_id}, {create_time}, {last_login}, {last_chpass}, "{desc}");' \
''.format(db.table_prefix, ''.format(db.table_prefix,
username=user['username'], surname=user['surname'], state=TP_STATE_NORMAL, email=user['email'], username=user['username'], surname=user['surname'], password=_password, state=TP_STATE_NORMAL, email=user['email'],
creator_id=operator['id'], create_time=_time_now, last_login=0, last_chpass=0, desc=user['desc']) creator_id=operator['id'], create_time=_time_now, last_login=0, last_chpass=0, desc=user['desc'])
db_ret = db.exec(sql) db_ret = db.exec(sql)
if not db_ret: if not db_ret:
@ -206,7 +208,7 @@ def create_users(handler, user_list, success, failed):
user['_id'] = db.last_insert_id() user['_id'] = db.last_insert_id()
if len(name_list) > 0: if len(name_list) > 0:
syslog.sys_log(operator, handler.request.remote_ip, TPE_OK, "创建用户:{}".format(''.join(name_list))) syslog.sys_log(operator, handler.request.remote_ip, TPE_OK, "批量导入方式创建用户:{}".format(''.join(name_list)))
tp_stats().user_counter_change(len(name_list)) tp_stats().user_counter_change(len(name_list))
@ -230,10 +232,11 @@ def create_user(handler, args):
# db_ret = db.query(sql) # db_ret = db.query(sql)
# if db_ret is not None and len(db_ret) > 0: # if db_ret is not None and len(db_ret) > 0:
# return TPE_EXISTS, 0 # return TPE_EXISTS, 0
_password = tp_password_generate_secret(args['password'])
sql = 'INSERT INTO `{}user` (`type`, `auth_type`, `username`, `surname`, `role_id`, `state`, `email`, `creator_id`, `create_time`, `last_login`, `last_chpass`, `desc`) VALUES ' \ sql = 'INSERT INTO `{}user` (`type`, `auth_type`, `password`, `username`, `surname`, `role_id`, `state`, `email`, `creator_id`, `create_time`, `last_login`, `last_chpass`, `desc`) VALUES ' \
'(1, {auth_type}, "{username}", "{surname}", {role}, {state}, "{email}", {creator_id}, {create_time}, {last_login}, {last_chpass}, "{desc}");' \ '(1, {auth_type}, "{password}", "{username}", "{surname}", {role}, {state}, "{email}", {creator_id}, {create_time}, {last_login}, {last_chpass}, "{desc}");' \
''.format(db.table_prefix, auth_type=args['auth_type'], ''.format(db.table_prefix, auth_type=args['auth_type'], password=_password,
username=args['username'], surname=args['surname'], role=args['role'], state=TP_STATE_NORMAL, email=args['email'], username=args['username'], surname=args['surname'], role=args['role'], state=TP_STATE_NORMAL, email=args['email'],
creator_id=operator['id'], creator_id=operator['id'],
create_time=_time_now, last_login=0, last_chpass=0, desc=args['desc']) create_time=_time_now, last_login=0, last_chpass=0, desc=args['desc'])
@ -256,14 +259,22 @@ def update_user(handler, args):
db = get_db() db = get_db()
# 1. 判断此账号是否已经存在 # 1. 判断此账号是否已经存在
sql = 'SELECT id FROM {}user WHERE id="{}";'.format(db.table_prefix, args['id']) sql = 'SELECT `username` FROM {}user WHERE id={};'.format(db.table_prefix, args['id'])
db_ret = db.query(sql) db_ret = db.query(sql)
if db_ret is None or len(db_ret) == 0: if db_ret is None or len(db_ret) == 0:
return TPE_NOT_EXISTS return TPE_NOT_EXISTS
sql = 'UPDATE `{}user` SET `surname`="{surname}", `auth_type`={auth_type}, `role_id`={role}, `email`="{email}", `mobile`="{mobile}", `qq`="{qq}", `wechat`="{wechat}", `desc`="{desc}" WHERE `id`={user_id};' \ old_username = db_ret[0][0]
if old_username == args['username']:
# 如果要更新用户登录名,则需要判断是否已经存在了
sql = 'SELECT `id` FROM {}user WHERE username="{}";'.format(db.table_prefix, args['username'])
db_ret = db.query(sql)
if db_ret is not None and len(db_ret) > 0:
return TPE_EXISTS
sql = 'UPDATE `{}user` SET `username`="{username}", `surname`="{surname}", `auth_type`={auth_type}, `role_id`={role}, `email`="{email}", `mobile`="{mobile}", `qq`="{qq}", `wechat`="{wechat}", `desc`="{desc}" WHERE `id`={user_id};' \
''.format(db.table_prefix, ''.format(db.table_prefix,
surname=args['surname'], auth_type=args['auth_type'], role=args['role'], email=args['email'], username=args['username'], surname=args['surname'], auth_type=args['auth_type'], role=args['role'], email=args['email'],
mobile=args['mobile'], qq=args['qq'], wechat=args['wechat'], desc=args['desc'], mobile=args['mobile'], qq=args['qq'], wechat=args['wechat'], desc=args['desc'],
user_id=args['id'] user_id=args['id']
) )