• 堡垒机调用原生ssh登陆


    #models.py
    from django.db import models
    from django.contrib.auth.models import (BaseUserManager,AbstractBaseUser,PermissionsMixin)
    from django.utils.translation import ugettext_lazy as _
    from django.utils.safestring import mark_safe
    # Create your models here.
    
    class Host(models.Model):
        """存储主机列表"""
        hostname = models.CharField(max_length=64,unique=True)
        ip_addr = models.GenericIPAddressField(unique=True)
        port = models.SmallIntegerField(default=22)
        idc = models.ForeignKey("IDC",on_delete=models.CASCADE) #机房
        enabled = models.BooleanField(default=True)
    
        def __str__(self):
            return "%s(%s)"%(self.hostname,self.ip_addr)
    
    class IDC(models.Model):
        """机房信息"""
        name = models.CharField(max_length=64,unique=True)
        def __str__(self):
            return self.name
    
    class HostGroup(models.Model):
        """主机组"""
        name = models.CharField(max_length=64,unique=True)
        bind_hosts = models.ManyToManyField("BindHost",blank=True,null=True)
    
        def __str__(self):
            return self.name
    
    class UserProfileManager(BaseUserManager):
        def create_user(self, email, name, password=None):
            """
            Creates and saves a User with the given email, date of
            birth and password.
            """
            if not email:
                raise ValueError('Users must have an email address')
    
            user = self.model(
                email=self.normalize_email(email),
                name=name,
            )
    
            user.set_password(password)
            self.is_active = True
            user.save(using=self._db)
            return user
    
        def create_superuser(self,email, name, password):
            """
            Creates and saves a superuser with the given email, date of
            birth and password.
            """
            user = self.create_user(
                email,
                password=password,
                name=name,
            )
            user.is_active = True
            user.is_superuser = True
            #user.is_admin = True
            user.save(using=self._db)
            return user
    
    
    class UserProfile(AbstractBaseUser,PermissionsMixin):
        """堡垒机账号"""
        email = models.EmailField(
            verbose_name='email address',
            max_length=255,
            unique=True,
            null=True
        )
        password = models.CharField(_('password'), max_length=128,
                                    help_text=mark_safe('''<a href='password/'>修改密码</a>'''))
        name = models.CharField(max_length=32)
        is_active = models.BooleanField(default=True)
        #is_admin = models.BooleanField(default=False)
    
        bind_hosts = models.ManyToManyField("BindHost",blank=True)
        host_groups = models.ManyToManyField("HostGroup",blank=True)
    
        objects = UserProfileManager()
    
        USERNAME_FIELD = 'email'
        REQUIRED_FIELDS = ['name']
    
        def get_full_name(self):
            # The user is identified by their email address
            return self.email
    
        def get_short_name(self):
            # The user is identified by their email address
            return self.email
    
        def __str__(self):              # __unicode__ on Python 2
            return self.email
    
        # def has_perm(self, perm, obj=None):
        #     "Does the user have a specific permission?"
        #     # Simplest possible answer: Yes, always
        #     return True
        #
        # def has_module_perms(self, app_label):
        #     "Does the user have permissions to view the app `app_label`?"
        #     # Simplest possible answer: Yes, always
        #     return True
    
        @property
        def is_staff(self):
            "Is the user a member of staff?"
            # Simplest possible answer: All admins are staff
            return self.is_active
    
    class HostUser(models.Model):
        """主机登陆账户"""
        auth_type_choices = ((0,'ssh-password'),(1,'ssh-key'))
        auth_type = models.SmallIntegerField(choices=auth_type_choices,default=0)
        username = models.CharField(max_length=64)
        password = models.CharField(max_length=128,blank=True,null=True)
        def __str__(self):
            return "%s:%s" %(self.username,self.password)
        class Meta:
            unique_together = ('auth_type','username','password')
    
    class BindHost(models.Model):
        """绑定主机和主机账号"""
        host = models.ForeignKey("Host",on_delete=models.CASCADE)
        host_user = models.ForeignKey("HostUser",on_delete=models.CASCADE)
        def __str__(self):
            return "%s@%s"%(self.host,self.host_user)
    
        class Meta:
            unique_together = ('host','host_user')
    
    #admin.py
    from django.contrib import admin
    from django import forms
    from django.contrib.auth.models import Group
    from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
    from django.contrib.auth.forms import ReadOnlyPasswordHashField
    
    from audit.CrazyEye.auditapp import models
    # Register your models here.
    
    
    
    class UserCreationForm(forms.ModelForm):
        """A form for creating new users. Includes all the required
        fields, plus a repeated password."""
        password1 = forms.CharField(label='Password', widget=forms.PasswordInput)
        password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput)
    
        class Meta:
            model = models.UserProfile
            fields = ('email', 'name')
    
        def clean_password2(self):
            # Check that the two password entries match
            password1 = self.cleaned_data.get("password1")
            password2 = self.cleaned_data.get("password2")
            if password1 and password2 and password1 != password2:
                raise forms.ValidationError("Passwords don't match")
            return password2
    
        def save(self, commit=True):
            # Save the provided password in hashed format
            user = super(UserCreationForm, self).save(commit=False)
            user.set_password(self.cleaned_data["password1"])
            if commit:
                user.save()
            return user
    
    
    class UserChangeForm(forms.ModelForm):
        """A form for updating users. Includes all the fields on
        the user, but replaces the password field with admin's
        password hash display field.
        """
        password = ReadOnlyPasswordHashField()
    
        class Meta:
            model = models.UserProfile
            fields = ('email', 'password', 'name', 'is_active', 'is_superuser')
    
        def clean_password(self):
            # Regardless of what the user provides, return the initial value.
            # This is done here, rather than on the field, because the
            # field does not have access to the initial value
            return self.initial["password"]
    
    
    class UserProfileAdmin(BaseUserAdmin):
        # The forms to add and change user instances
        form = UserChangeForm
        add_form = UserCreationForm
    
        # The fields to be used in displaying the User model.
        # These override the definitions on the base UserAdmin
        # that reference specific fields on auth.User.
        list_display = ('email', 'name', "is_active",'is_superuser')
        list_filter = ('is_superuser',)
        fieldsets = (
            (None, {'fields': ('email', 'password')}),
            ('Personal', {'fields': ('name',)}),
            ('Permissions', {'fields': ('is_superuser',"is_active","bind_hosts","host_groups","user_permissions","groups")}),
        )
        # add_fieldsets is not a standard ModelAdmin attribute. UserAdmin
        # overrides get_fieldsets to use this attribute when creating a user.
        add_fieldsets = (
            (None, {
                'classes': ('wide',),
                'fields': ('email', 'name', 'password1', 'password2')}
            ),
        )
        search_fields = ('email',)
        ordering = ('email',)
        filter_horizontal = ("bind_hosts","host_groups","user_permissions","groups")
    
    
    
    class HostUserAdmin(admin.ModelAdmin):
        list_display = ('username','auth_type','password')
    
    admin.site.register(models.UserProfile,UserProfileAdmin)
    admin.site.register(models.Host,)
    admin.site.register(models.HostGroup,)
    admin.site.register(models.HostUser,HostUserAdmin)
    admin.site.register(models.BindHost,)
    admin.site.register(models.IDC,)
    
    
  • 相关阅读:
    13_函数的基本使用简介
    12_goto语句的使用
    11_for语句的使用
    10_switch语句的使用
    09_if条件语句的使用
    08_类型别名(类型声明)
    day-32网络编程
    day-31网络编程
    day-30网络编程
    day-29元类、异常处理
  • 原文地址:https://www.cnblogs.com/venvive/p/11908755.html
Copyright © 2020-2023  润新知