@ -13,7 +13,7 @@ from urllib.parse import urlencode
import hashlib
import hashlib
import requests
import requests
from flask import request , Flask , redirect , session , render_template
from flask import request , Flask , redirect , session , render_template , g
from flask_cors import CORS
from flask_cors import CORS
app = Flask ( __name__ ,
app = Flask ( __name__ ,
@ -27,6 +27,9 @@ gHost = ""
gPort = 0
gPort = 0
gDebug = 0
gDebug = 0
# 数据库文件
gSqlite3File = " /usr/local/jumpserver/jumpserver.db "
# 默认ssh管理账号
# 默认ssh管理账号
gDefaultSSHAdmin = " ec2-user "
gDefaultSSHAdmin = " ec2-user "
@ -193,6 +196,17 @@ def checkCookie(request):
# return True
# return True
@app.before_request
def before_request ( ) :
g . db = connect_db ( )
@app.after_request
def after_request ( response ) :
g . db . close ( )
return response
# sso回调接口
# sso回调接口
@app.route ( ' /sso ' , methods = [ ' GET ' , ' POST ' ] )
@app.route ( ' /sso ' , methods = [ ' GET ' , ' POST ' ] )
def sso ( ) :
def sso ( ) :
@ -316,20 +330,6 @@ def host_deluser():
return do_host_deluser ( request )
return do_host_deluser ( request )
@app.route ( ' /jump/host/sudouser ' , methods = [ ' GET ' , ' POST ' ] )
def host_sudouser ( ) :
if not checkCookie ( request ) :
return redirect_sso ( )
return do_host_sudouser ( request )
@app.route ( ' /jump/host/unsudouser ' , methods = [ ' GET ' , ' POST ' ] )
def host_unsudouser ( ) :
if not checkCookie ( request ) :
return redirect_sso ( )
return do_host_unsudouser ( request )
@app.route ( ' /jump/host/modifyuser ' , methods = [ ' GET ' , ' POST ' ] )
@app.route ( ' /jump/host/modifyuser ' , methods = [ ' GET ' , ' POST ' ] )
def host_modifyuser ( ) :
def host_modifyuser ( ) :
if not checkCookie ( request ) :
if not checkCookie ( request ) :
@ -370,12 +370,7 @@ def do_login(request):
# get主机列表
# get主机列表
def do_hostlist ( request ) :
def do_hostlist ( request ) :
conn , cur = get_db ( )
cur . execute ( " select id,name,ip,port,desc,date from hosts where isdelete=0; " )
hosts = cur . fetchall ( )
cur . close ( )
conn . close ( )
hosts = g . db . execute ( " select id,name,ip,port,desc,date from hosts where isdelete=0; " ) . fetchall ( )
resp = [ ]
resp = [ ]
for host in hosts :
for host in hosts :
res = { }
res = { }
@ -391,12 +386,7 @@ def do_hostlist(request):
# 获取用户列表
# 获取用户列表
def do_userlist ( request ) :
def do_userlist ( request ) :
conn , cur = get_db ( )
cur . execute ( " select id,name,sudo,desc,date from users where isdelete=0; " )
users = cur . fetchall ( )
cur . close ( )
conn . close ( )
users = g . db . execute ( " select id,name,sudo,desc,date from users where isdelete=0; " ) . fetchall ( )
resp = [ ]
resp = [ ]
for user in users :
for user in users :
res = { }
res = { }
@ -417,9 +407,7 @@ def do_add_user(request):
name = request . form [ " name " ]
name = request . form [ " name " ]
desc = request . form [ " desc " ]
desc = request . form [ " desc " ]
conn , cur = get_db ( )
cur . execute ( " select count(1) from users where name= ' %s ' " % name )
ret = cur . fetchone ( )
ret = g . db . execute ( " select count(1) from users where name= ' %s ' " % name ) . fetchone ( )
if ( len ( ret ) > 0 and ret [ 0 ] ) > = 1 :
if ( len ( ret ) > 0 and ret [ 0 ] ) > = 1 :
return " user %s exists " % name
return " user %s exists " % name
@ -430,11 +418,9 @@ def do_add_user(request):
return " error %s " % output
return " error %s " % output
# 新增用户 sql
# 新增用户 sql
cur . execute ( " insert into users(name,desc) values( ' %s ' , \" %s \" ) " %
g . db . execute ( " insert into users(name,desc) values( ' %s ' , \" %s \" ) " %
( name , desc ) )
( name , desc ) )
conn . commit ( )
cur . close ( )
conn . close ( )
g . db . commit ( )
return " ok "
return " ok "
@ -453,12 +439,9 @@ def do_del_user(request):
print ( " output= %s " % output )
print ( " output= %s " % output )
return " error %s " % output
return " error %s " % output
conn , cur = get_db ( )
cur . execute ( " delete from users where name= ' %s ' " % username )
cur . execute ( " delete from hostuser where username= ' %s ' " % username )
conn . commit ( )
cur . close ( )
conn . close ( )
g . db . execute ( " delete from users where name= ' %s ' " % username )
g . db . execute ( " delete from hostuser where username= ' %s ' " % username )
g . db . commit ( )
return " del user %s ok " % username
return " del user %s ok " % username
@ -479,12 +462,8 @@ def do_modify_user(request):
if sudo != 0 and sudo != 1 :
if sudo != 0 and sudo != 1 :
return " invalid request sudo: %d param " % sudo
return " invalid request sudo: %d param " % sudo
# 需求数据库
conn , cur = get_db ( )
# 检查
# 检查
cur . execute ( " select sudo,desc from users where name= ' %s ' " % username )
users = cur . fetchall ( )
users = g . db . execute ( " select sudo,desc from users where name= ' %s ' " % username ) . fetchall ( )
if len ( users ) == 0 :
if len ( users ) == 0 :
print ( " user( %s ) not exitst " % username )
print ( " user( %s ) not exitst " % username )
return " user( %s ) not exitst " % username
return " user( %s ) not exitst " % username
@ -515,13 +494,10 @@ def do_modify_user(request):
if change :
if change :
print ( " update users set sudo= %d ,desc= \" %s \" where name= ' %s ' " %
print ( " update users set sudo= %d ,desc= \" %s \" where name= ' %s ' " %
( sudo , desc , username ) )
( sudo , desc , username ) )
cur . execute ( " update users set sudo= %d ,desc= \" %s \" where name= ' %s ' " % (
g . db . execute ( " update users set sudo= %d ,desc= \" %s \" where name= ' %s ' " % (
sudo , desc , username ) )
sudo , desc , username ) )
conn . commit ( )
g . db . commit ( )
# 清理数据库
cur . close ( )
conn . close ( )
print ( " modify user: %s successful [output: %s ] " % ( username , output ) )
print ( " modify user: %s successful [output: %s ] " % ( username , output ) )
return " modify user: %s successful [output: %s ] " % ( username , output )
return " modify user: %s successful [output: %s ] " % ( username , output )
@ -539,22 +515,17 @@ def do_add_host(request):
port = int ( request . form [ " port " ] )
port = int ( request . form [ " port " ] )
desc = request . form [ " desc " ]
desc = request . form [ " desc " ]
conn , cur = get_db ( )
cur . execute (
" select count(1) from hosts where name= ' %s ' or ip= ' %s ' " % ( name , ip ) )
ret = cur . fetchone ( )
ret = g . db . execute (
" select count(1) from hosts where name= ' %s ' or ip= ' %s ' " % ( name , ip ) ) . fetchone ( )
if ( len ( ret ) > 0 and ret [ 0 ] ) > = 1 :
if ( len ( ret ) > 0 and ret [ 0 ] ) > = 1 :
return " alias name( %s ) or ip( %s ) is exists " % ( name , ip )
return " alias name( %s ) or ip( %s ) is exists " % ( name , ip )
# 新增用户 sql
# 新增用户 sql
cur . execute ( " insert into hosts(name,ip,port,desc) values( ' %s ' , ' %s ' , %d , ' %s ' ) " % (
g . db . execute ( " insert into hosts(name,ip,port,desc) values( ' %s ' , ' %s ' , %d , ' %s ' ) " % (
name , ip , port , desc ) )
name , ip , port , desc ) )
cur . execute ( " insert into hostuser(hostname,username,sudo) values( ' %s ' , ' %s ' , ' %d ' ) " % (
g . db . execute ( " insert into hostuser(hostname,username,sudo) values( ' %s ' , ' %s ' , ' %d ' ) " % (
name , gDefaultSSHAdmin , 1 ) )
name , gDefaultSSHAdmin , 1 ) )
conn . commit ( )
cur . close ( )
conn . close ( )
g . db . commit ( )
return " add host %s : %s ok " % ( name , ip )
return " add host %s : %s ok " % ( name , ip )
@ -569,14 +540,10 @@ def do_del_host(request):
else :
else :
return " invalid request for del host "
return " invalid request for del host "
conn , cur = get_db ( )
cur . execute ( " delete from hosts where name= ' %s ' and ip= ' %s ' " %
g . db . execute ( " delete from hosts where name= ' %s ' and ip= ' %s ' " %
( hostname , ip ) )
( hostname , ip ) )
cur . execute ( " delete from hostuser where hostname= ' %s ' " % hostname )
conn . commit ( )
cur . close ( )
conn . close ( )
g . db . execute ( " delete from hostuser where hostname= ' %s ' " % hostname )
g . db . commit ( )
return " delete host %s : %s ok " % ( hostname , ip )
return " delete host %s : %s ok " % ( hostname , ip )
@ -591,19 +558,15 @@ def do_host_adduser(request):
else :
else :
return " invalid request for add user to host "
return " invalid request for add user to host "
# 需求数据库
conn , cur = get_db ( )
# 检查
# 检查
cur . execute ( " select count(1) from hostuser where hostname= ' %s ' and username= ' %s ' " % (
hostname , username ) )
ret = cur . fetchone ( )
ret = g . db . execute ( " select count(1) from hostuser where hostname= ' %s ' and username= ' %s ' " % (
hostname , username ) ) . fetchone ( )
if ( len ( ret ) > 0 and ret [ 0 ] ) > = 1 :
if ( len ( ret ) > 0 and ret [ 0 ] ) > = 1 :
print ( " user( %s ) exitst on host( %s ) " % ( username , hostname ) )
print ( " user( %s ) exitst on host( %s ) " % ( username , hostname ) )
return " user( %s ) exitst on host( %s ) " % ( username , hostname )
return " user( %s ) exitst on host( %s ) " % ( username , hostname )
# 检查
# 检查
cur . execute ( " select ip,port from hosts where name= ' %s ' " % ( hostname ) )
hostips = cur . fetchone ( )
hostips = g . db . execute ( " select ip,port from hosts where name= ' %s ' " % ( hostname ) ) . fetchone ( )
if hostips == None :
if hostips == None :
print ( " host( %s ) not exitst on hosts " % hostname )
print ( " host( %s ) not exitst on hosts " % hostname )
return " host( %s ) not exitst on hosts " % hostname
return " host( %s ) not exitst on hosts " % hostname
@ -631,14 +594,10 @@ def do_host_adduser(request):
return " error: remote add user host( %s ) user( %s ) failed! => output= %s " % ( hostname , username , output )
return " error: remote add user host( %s ) user( %s ) failed! => output= %s " % ( hostname , username , output )
# 记录在数据库中
# 记录在数据库中
cur . execute ( " insert into hostuser(hostname,username) values( ' %s ' , ' %s ' ) " % (
hostname , username ) )
cur . fetchone ( )
conn . commit ( )
g . db . execute ( " insert into hostuser(hostname,username) values( ' %s ' , ' %s ' ) " % (
hostname , username ) ) . fetchone ( )
g . db . commit ( )
# 清理数据库
cur . close ( )
conn . close ( )
print ( " host remote =>> add user: %s to host: %s successful [output: %s ] " % (
print ( " host remote =>> add user: %s to host: %s successful [output: %s ] " % (
username , hostname , output ) )
username , hostname , output ) )
return " host remote =>> add user: %s to host: %s successful " % ( username , hostname )
return " host remote =>> add user: %s to host: %s successful " % ( username , hostname )
@ -655,20 +614,15 @@ def do_host_deluser(request):
else :
else :
return " invalid request for add user to host "
return " invalid request for add user to host "
# 需求数据库
conn , cur = get_db ( )
# 检查
# 检查
cur . execute ( " select count(1) from hostuser where hostname= ' %s ' and username= ' %s ' " % (
hostname , username ) )
ret = cur . fetchone ( )
ret = g . db . execute ( " select count(1) from hostuser where hostname= ' %s ' and username= ' %s ' " % (
hostname , username ) ) . fetchone ( )
if ( len ( ret ) > 0 and ret [ 0 ] ) == 0 :
if ( len ( ret ) > 0 and ret [ 0 ] ) == 0 :
print ( " user( %s ) not exitst on host( %s ) " % ( username , hostname ) )
print ( " user( %s ) not exitst on host( %s ) " % ( username , hostname ) )
return " user( %s ) not exitst on host( %s ) " % ( username , hostname )
return " user( %s ) not exitst on host( %s ) " % ( username , hostname )
# 检查
# 检查
cur . execute ( " select ip,port from hosts where name= ' %s ' " % ( hostname ) )
hostips = cur . fetchone ( )
hostips = g . db . execute ( " select ip,port from hosts where name= ' %s ' " % ( hostname ) ) . fetchone ( )
if hostips == None :
if hostips == None :
print ( " host( %s ) not exitst on hosts " % hostname )
print ( " host( %s ) not exitst on hosts " % hostname )
return " host( %s ) not exitst on hosts " % hostname
return " host( %s ) not exitst on hosts " % hostname
@ -687,13 +641,10 @@ def do_host_deluser(request):
return " error: remote del user host( %s ) user( %s ) failed! => output= %s " % ( hostname , username , output )
return " error: remote del user host( %s ) user( %s ) failed! => output= %s " % ( hostname , username , output )
# 记录在数据库中
# 记录在数据库中
cur . execute ( " delete from hostuser where hostname= ' %s ' and username= ' %s ' " % (
g . db . execute ( " delete from hostuser where hostname= ' %s ' and username= ' %s ' " % (
hostname , username ) )
hostname , username ) )
conn . commit ( )
g . db . commit ( )
# 清理数据库
cur . close ( )
conn . close ( )
print ( " host remote =>> del user: %s from host: %s successful [output: %s ] " % (
print ( " host remote =>> del user: %s from host: %s successful [output: %s ] " % (
username , hostname , output ) )
username , hostname , output ) )
return " host remote =>> del user: %s from host: %s successful " % ( username , hostname )
return " host remote =>> del user: %s from host: %s successful " % ( username , hostname )
@ -713,19 +664,14 @@ def do_host_modifyuser(request):
else :
else :
return " invalid request for add user to host "
return " invalid request for add user to host "
# 需求数据库
conn , cur = get_db ( )
# 检查
# 检查
cur . execute ( " select sudo,desc from hostuser where hostname= ' %s ' and username= ' %s ' and isdelete=0 " % (
hostname , username ) )
hostusers = cur . fetchone ( )
hostusers = g . db . execute ( " select sudo,desc from hostuser where hostname= ' %s ' and username= ' %s ' and isdelete=0 " % (
hostname , username ) ) . fetchone ( )
if len ( hostusers ) > 0 and hostusers [ 0 ] != None :
if len ( hostusers ) > 0 and hostusers [ 0 ] != None :
print ( " user( %s ) not exitst on host( %s ) " % ( username , hostname ) )
print ( " user( %s ) not exitst on host( %s ) " % ( username , hostname ) )
return " user( %s ) not exitst on host( %s ) " % ( username , hostname )
return " user( %s ) not exitst on host( %s ) " % ( username , hostname )
hostuser = hostusers [ 0 ]
hostuser = hostusers [ 0 ]
user_sudo = hostuser [ 0 ]
user_sudo = hostuser [ 0 ]
user_desc = hostuser [ 1 ]
user_desc = hostuser [ 1 ]
change = False
change = False
@ -738,8 +684,7 @@ def do_host_modifyuser(request):
change = True
change = True
# 检查
# 检查
cur . execute ( " select ip,port from hosts where name= ' %s ' " % ( hostname ) )
hostips = cur . fetchone ( )
hostips = g . db . execute ( " select ip,port from hosts where name= ' %s ' " % ( hostname ) ) . fetchone ( )
if hostips == None :
if hostips == None :
print ( " host( %s ) not exitst on hosts " % hostname )
print ( " host( %s ) not exitst on hosts " % hostname )
return " host( %s ) not exitst on hosts " % hostname
return " host( %s ) not exitst on hosts " % hostname
@ -760,13 +705,10 @@ def do_host_modifyuser(request):
if change :
if change :
# 记录在数据库中
# 记录在数据库中
cur . execute ( " update hostuser set sudo= %d ,desc= %s where hostname= ' %s ' and username= ' %s ' " % (
g . db . execute ( " update hostuser set sudo= %d ,desc= %s where hostname= ' %s ' and username= ' %s ' " % (
sudo , desc , hostname , username ) )
sudo , desc , hostname , username ) )
conn . commit ( )
g . db . commit ( )
# 清理数据库
cur . close ( )
conn . close ( )
print ( " host remote =>> %s user: %s from host: %s successful [output: %s ] " % (
print ( " host remote =>> %s user: %s from host: %s successful [output: %s ] " % (
opParam , username , hostname , output ) )
opParam , username , hostname , output ) )
return " host remote =>> %s user: %s from host: %s successful [output: %s ] " % ( opParam , username , hostname , output )
return " host remote =>> %s user: %s from host: %s successful [output: %s ] " % ( opParam , username , hostname , output )
@ -781,12 +723,7 @@ def do_userhostlist(request):
else :
else :
return " invalid request for getting user host list "
return " invalid request for getting user host list "
conn , cur = get_db ( )
cur . execute ( " select id,name,ip,port,desc,date from hosts where isdelete=0 and name in (select hostname from hostuser where username= ' %s ' ) " % username )
hosts = cur . fetchall ( )
cur . close ( )
conn . close ( )
hosts = g . db . execute ( " select id,name,ip,port,desc,date from hosts where isdelete=0 and name in (select hostname from hostuser where username= ' %s ' ) " % username ) . fetchall ( )
resp = [ ]
resp = [ ]
for host in hosts :
for host in hosts :
res = { }
res = { }
@ -809,13 +746,8 @@ def do_hostuserlist(request):
else :
else :
return " invalid request for getting host user list "
return " invalid request for getting host user list "
conn , cur = get_db ( )
cur . execute (
" select id,username,sudo,date from hostuser where isdelete=0 and hostname= ' %s ' " % hostname )
users = cur . fetchall ( )
cur . close ( )
conn . close ( )
users = g . db . execute (
" select id,username,sudo,date from hostuser where isdelete=0 and hostname= ' %s ' " % hostname ) . fetchall ( )
resp = [ ]
resp = [ ]
for user in users :
for user in users :
res = { }
res = { }
@ -829,13 +761,8 @@ def do_hostuserlist(request):
# 获取所有的用户主机列表
# 获取所有的用户主机列表
def do_hostuserall ( request ) :
def do_hostuserall ( request ) :
conn , cur = get_db ( )
cur . execute (
" select id,hostname,username,sudo,date from hostuser where isdelete=0 " )
users = cur . fetchall ( )
cur . close ( )
conn . close ( )
users = g . db . execute (
" select id,hostname,username,sudo,date from hostuser where isdelete=0 " ) . fetchall ( )
resp = [ ]
resp = [ ]
for user in users :
for user in users :
res = { }
res = { }
@ -849,23 +776,22 @@ def do_hostuserall(request):
# 连接数据库
# 连接数据库
def get_db ( ) :
conn = sqlite3 . connect ( ' /usr/local/jumpserver/jumpserver.db ' )
curr = conn . cursor ( )
return conn , curr
def connect_db ( ) :
return sqlite3 . connect ( gSqlite3File )
# 初始化表
# 初始化表
def init_db ( ) :
def init_db ( ) :
# 连接数据库
# 连接数据库
conn , _ = ge t_db( )
conn = connec t_db ( )
if conn == None :
if conn == None :
sys . exit ( 1 )
sys . exit ( 1 )
# 初始化表
# 初始化用户 表
conn . execute ( gUsersTableSql )
conn . execute ( gUsersTableSql )
# 初始化主机表
conn . execute ( gHostsTableSql )
conn . execute ( gHostsTableSql )
# 创建主机数据库
# 创建主机用户表
conn . execute ( gHostUserSql )
conn . execute ( gHostUserSql )