github
/
teleport
mirror of https://github.com/tp4a/teleport
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

修正 bug#51 类似问题,修改主机信息、分组信息、用户信息、账号信息均可以同步了。

pull/105/head
Apex Liu 2018-04-09 23:07:31 +08:00
parent 7bfbfc9a4d
commit 1657622385
3 changed files with 84 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
server/www/teleport/webroot/app/model/account.py
View File

@ -298,32 +298,56 @@ def update_account(handler, host_id, acc_id, args):
db = get_db()
# 1. 判断是否存在
sql = 'SELECT id FROM {}acc WHERE host_id={host_id} AND id={acc_id};'.format(db.table_prefix, host_id=host_id, acc_id=acc_id)
sql = 'SELECT `id`, `host_ip`, `router_ip`, `router_port` FROM `{}acc` WHERE `host_id`={host_id} AND `id`={acc_id};'.format(db.table_prefix, host_id=host_id, acc_id=acc_id)
db_ret = db.query(sql)
if db_ret is None or len(db_ret) == 0:
return TPE_NOT_EXISTS
_host_ip = db_ret[0][1]
_router_ip = db_ret[0][2]
_router_port = db_ret[0][3]
sql_list = []
sql = list()
sql.append('UPDATE `{}acc` SET'.format(db.table_prefix))
_set = list()
_set.append('protocol_type={}'.format(args['protocol_type']))
_set.append('protocol_port={}'.format(args['protocol_port']))
_set.append('auth_type={}'.format(args['auth_type']))
_set.append('username="{}"'.format(args['username']))
_set.append('username_prompt="{}"'.format(args['username_prompt']))
_set.append('password_prompt="{}"'.format(args['password_prompt']))
_set.append('`protocol_type`={}'.format(args['protocol_type']))
_set.append('`protocol_port`={}'.format(args['protocol_port']))
_set.append('`auth_type`={}'.format(args['auth_type']))
_set.append('`username`="{}"'.format(args['username']))
_set.append('`username_prompt`="{}"'.format(args['username_prompt']))
_set.append('`password_prompt`="{}"'.format(args['password_prompt']))
if args['auth_type'] == TP_AUTH_TYPE_PASSWORD and len(args['password']) > 0:
_set.append('password="{}"'.format(args['password']))
_set.append('`password`="{}"'.format(args['password']))
elif args['auth_type'] == TP_AUTH_TYPE_PRIVATE_KEY and len(args['pri_key']) > 0:
_set.append('pri_key="{}"'.format(args['pri_key']))
_set.append('`pri_key`="{}"'.format(args['pri_key']))
sql.append(','.join(_set))
sql.append('WHERE id={};'.format(acc_id))
sql.append('WHERE `id`={};'.format(acc_id))
db_ret = db.exec(' '.join(sql))
if not db_ret:
# db_ret = db.exec(' '.join(sql))
# if not db_ret:
# return TPE_DATABASE
sql_list.append(' '.join(sql))
if len(_router_ip) == 0:
_name = '{}@{}'.format(args['username'], _host_ip)
else:
_name = '{}@{} (由{}:{}路由)'.format(args['username'], _host_ip, _router_ip, _router_port)
# 运维授权
sql = 'UPDATE `{}ops_auz` SET `name`="{name}" WHERE (`rtype`={rtype} AND `rid`={rid});'.format(db.table_prefix, name=_name, rtype=TP_ACCOUNT, rid=acc_id)
sql_list.append(sql)
sql = 'UPDATE `{}ops_map` SET `a_name`="{name}", `protocol_type`={protocol_type}, `protocol_port`={protocol_port} ' \
'WHERE (a_id={aid});'.format(db.table_prefix,
name=args['username'], protocol_type=args['protocol_type'], protocol_port=args['protocol_port'],
aid=acc_id)
sql_list.append(sql)
if not db.transaction(sql_list):
return TPE_DATABASE
return TPE_OK

20
server/www/teleport/webroot/app/model/group.py
View File

@ -170,16 +170,28 @@ def update(handler, gid, name, desc):
db = get_db()
# 1. 判断是否已经存在
sql = 'SELECT id FROM {}group WHERE id={};'.format(db.table_prefix, gid)
sql = 'SELECT `id`, `type` FROM `{}group` WHERE `id`={};'.format(db.table_prefix, gid)
db_ret = db.query(sql)
if db_ret is None or len(db_ret) == 0:
return TPE_NOT_EXISTS
gtype = db_ret[0][1]
sql_list = []
# 2. 更新记录
sql = 'UPDATE `{}group` SET `name`="{name}", `desc`="{desc}" WHERE id={gid};' \
''.format(db.table_prefix, name=name, desc=desc, gid=gid)
db_ret = db.exec(sql)
if not db_ret:
sql_list.append(sql)
# 3. 同步更新授权表和权限映射表
# 运维授权
sql = 'UPDATE `{}ops_auz` SET `name`="{name}" WHERE (`rtype`={rtype} AND `rid`={rid});'.format(db.table_prefix, name=name, rtype=gtype, rid=gid)
sql_list.append(sql)
# 审计授权
sql = 'UPDATE `{}audit_auz` SET `name`="{name}" WHERE (`rtype`={rtype} AND `rid`={rid});'.format(db.table_prefix, name=name, rtype=gtype, rid=gid)
sql_list.append(sql)
if not db.transaction(sql_list):
return TPE_DATABASE
return TPE_OK
@ -187,14 +199,12 @@ def update(handler, gid, name, desc):
def add_members(gtype, gid, members):
# 向指定组中增加成员,同时根据授权策略,更新授权映射表
db = get_db()
sql = []
for uid in members:
sql.append('INSERT INTO `{}group_map` (`type`, `gid`, `mid`) VALUES ({}, {}, {});'.format(db.table_prefix, gtype, gid, uid))
if db.transaction(sql):
#return TPE_OK
return policy.rebuild_auz_map()
else:
return TPE_DATABASE

40
server/www/teleport/webroot/app/model/host.py
View File

@ -222,17 +222,17 @@ def update_host(handler, args):
db = get_db()
# 1. 判断是否存在
sql = 'SELECT id FROM {}host WHERE id="{}";'.format(db.table_prefix, args['id'])
sql = 'SELECT `id` FROM `{}host` WHERE `id`={};'.format(db.table_prefix, args['id'])
db_ret = db.query(sql)
if db_ret is None or len(db_ret) == 0:
return TPE_NOT_EXISTS
sql_list = []
sql = 'UPDATE `{}host` SET `os_type`="{os_type}", `name`="{name}", `ip`="{ip}", `router_ip`="{router_ip}", `router_port`={router_port}, `cid`="{cid}", `desc`="{desc}" WHERE `id`={host_id};' \
sql = 'UPDATE `{}host` SET `os_type`="{os_type}", `name`="{name}", `ip`="{ip}", `router_ip`="{router_ip}", ' \
'`router_port`={router_port}, `cid`="{cid}", `desc`="{desc}" WHERE `id`={host_id};' \
''.format(db.table_prefix,
os_type=args['os_type'], name=args['name'], ip=args['ip'], router_ip=args['router_ip'], router_port=args['router_port'],
cid=args['cid'], desc=args['desc'], host_id=args['id']
)
cid=args['cid'], desc=args['desc'], host_id=args['id'])
sql_list.append(sql)
# 更新所有此主机相关的账号
@ -241,11 +241,37 @@ def update_host(handler, args):
ip=args['ip'], router_ip=args['router_ip'], router_port=args['router_port'], id=args['id'])
sql_list.append(sql)
if db.transaction(sql_list):
return TPE_OK
else:
# 同步更新授权表和权限映射表
_name = args['ip']
if len(args['name']) > 0:
_name = '{} [{}]'.format(args['name'], args['ip'])
sql_list = []
# 运维授权
sql = 'UPDATE `{}ops_auz` SET `name`="{name}" WHERE (`rtype`={rtype} AND `rid`={rid});' \
''.format(db.table_prefix, name=_name, rtype=TP_HOST, rid=args['id'])
sql_list.append(sql)
sql = 'UPDATE `{}ops_map` SET `h_name`="{hname}", `ip`="{ip}", `router_ip`="{router_ip}", `router_port`={router_port} ' \
'WHERE (h_id={hid});'.format(db.table_prefix,
hname=args['name'], ip=args['ip'], hid=args['id'],
router_ip=args['router_ip'], router_port=args['router_port'])
sql_list.append(sql)
# 审计授权
sql = 'UPDATE `{}audit_auz` SET `name`="{name}" WHERE (`rtype`={rtype} AND `rid`={rid});'.format(db.table_prefix, name=_name, rtype=TP_HOST, rid=args['id'])
sql_list.append(sql)
sql = 'UPDATE `{}audit_map` SET `h_name`="{hname}", `ip`="{ip}", `router_ip`="{router_ip}", `router_port`={router_port} ' \
'WHERE (h_id={hid});'.format(db.table_prefix,
hname=args['name'], ip=args['ip'], hid=args['id'],
router_ip=args['router_ip'], router_port=args['router_port'])
sql_list.append(sql)
if not db.transaction(sql_list):
return TPE_DATABASE
operator = handler.get_current_user()
syslog.sys_log(operator, handler.request.remote_ip, TPE_OK, "更新主机信息:{}".format(_name))
return TPE_OK
def update_hosts_state(handler, host_ids, state):
db = get_db()