Permalink
Browse files

Bug fix hostname (#216)

* fix (jasset):   修复资产hostname过长和密码过长引起的bug

1. 修改password字段的长度,对称加密过后的字符串会变长,所有设置得比较大(256)
2. 添加check hostname 和 password的 长度校验

* fix (jumpserver/jasset):   修复setting时,秘密过长问题。

1. 修改password字段的长度,对称加密过后的字符串会变长,所有设置得比较大(256)
2. 后端修复views秘密超过30位不保存
3.前段使用js限制秘密长多不能超过30位

* fix (jumpserver/jasset):   setting and asset hostname password  too long.

1. 添加setting password字段长度验证
2. 添加资产主机名和密码长度验证

* fix (jumpserver/jasset):   setting and asset hostname password  too long.

1. 修正setting时的 输入密码的提示错误.
  • Loading branch information...
1 parent 9e78fd3 commit bd69339e220025b27634aa713813d6f5084cbe74 @yumaojun03 yumaojun03 committed with ibuler Apr 28, 2016
Showing with 91 additions and 73 deletions.
  1. +1 −1 jasset/models.py
  2. +35 −28 jasset/views.py
  3. +1 −1 jumpserver/models.py
  4. +38 −33 jumpserver/views.py
  5. +2 −2 templates/jasset/asset_add.html
  6. +8 −8 templates/jasset/asset_edit.html
  7. +6 −0 templates/setting.html
View
@@ -67,7 +67,7 @@ class Asset(models.Model):
port = models.IntegerField(blank=True, null=True, verbose_name=u"端口号")
group = models.ManyToManyField(AssetGroup, blank=True, verbose_name=u"所属主机组")
username = models.CharField(max_length=16, blank=True, null=True, verbose_name=u"管理用户名")
- password = models.CharField(max_length=64, blank=True, null=True, verbose_name=u"密码")
+ password = models.CharField(max_length=256, blank=True, null=True, verbose_name=u"密码")
use_default_auth = models.BooleanField(default=True, verbose_name=u"使用默认管理账号")
idc = models.ForeignKey(IDC, blank=True, null=True, on_delete=models.SET_NULL, verbose_name=u'机房')
mac = models.CharField(max_length=20, blank=True, null=True, verbose_name=u"MAC地址")
View
@@ -135,13 +135,16 @@ def asset_add(request):
af_post = AssetForm(request.POST)
ip = request.POST.get('ip', '')
hostname = request.POST.get('hostname', '')
+
is_active = True if request.POST.get('is_active') == '1' else False
use_default_auth = request.POST.get('use_default_auth', '')
try:
if Asset.objects.filter(hostname=unicode(hostname)):
error = u'该主机名 %s 已存在!' % hostname
raise ServerError(error)
-
+ if len(hostname) > 54:
+ error = u"主机名长度不能超过53位!"
+ raise ServerError(error)
except ServerError:
pass
else:
@@ -219,34 +222,38 @@ def asset_edit(request):
if asset_test and asset_id != unicode(asset_test.id):
emg = u'该主机名 %s 已存在!' % hostname
raise ServerError(emg)
- except ServerError:
- pass
- else:
- if af_post.is_valid():
- af_save = af_post.save(commit=False)
- if use_default_auth:
- af_save.username = ''
- af_save.password = ''
- # af_save.port = None
- else:
- if password:
- password_encode = CRYPTOR.encrypt(password)
- af_save.password = password_encode
- else:
- af_save.password = password_old
- af_save.is_active = True if is_active else False
- af_save.save()
- af_post.save_m2m()
- # asset_new = get_object(Asset, id=asset_id)
- # asset_diff_one(asset_old, asset_new)
- info = asset_diff(af_post.__dict__.get('initial'), request.POST)
- db_asset_alert(asset, username, info)
-
- smg = u'主机 %s 修改成功' % ip
+ if len(hostname) > 54:
+ emg = u'主机名长度不能超过54位!'
+ raise ServerError(emg)
else:
- emg = u'主机 %s 修改失败' % ip
- return my_render('jasset/error.html', locals(), request)
- return HttpResponseRedirect(reverse('asset_detail')+'?id=%s' % asset_id)
+ if af_post.is_valid():
+ af_save = af_post.save(commit=False)
+ if use_default_auth:
+ af_save.username = ''
+ af_save.password = ''
+ # af_save.port = None
+ else:
+ if password:
+ password_encode = CRYPTOR.encrypt(password)
+ af_save.password = password_encode
+ else:
+ af_save.password = password_old
+ af_save.is_active = True if is_active else False
+ af_save.save()
+ af_post.save_m2m()
+ # asset_new = get_object(Asset, id=asset_id)
+ # asset_diff_one(asset_old, asset_new)
+ info = asset_diff(af_post.__dict__.get('initial'), request.POST)
+ db_asset_alert(asset, username, info)
+
+ smg = u'主机 %s 修改成功' % ip
+ else:
+ emg = u'主机 %s 修改失败' % ip
+ raise ServerError(emg)
+ except ServerError as e:
+ error = e.message
+ return my_render('jasset/asset_edit.html', locals(), request)
+ return HttpResponseRedirect(reverse('asset_detail')+'?id=%s' % asset_id)
return my_render('jasset/asset_edit.html', locals(), request)
@@ -7,7 +7,7 @@ class Setting(models.Model):
name = models.CharField(max_length=100)
field1 = models.CharField(max_length=100, null=True, blank=True)
field2 = models.CharField(max_length=100, null=True, blank=True)
- field3 = models.CharField(max_length=100, null=True, blank=True)
+ field3 = models.CharField(max_length=256, null=True, blank=True)
field4 = models.CharField(max_length=100, null=True, blank=True)
field5 = models.CharField(max_length=100, null=True, blank=True)
View
@@ -220,41 +220,46 @@ def setting(request):
setting_default = get_object(Setting, name='default')
if request.method == "POST":
- setting_raw = request.POST.get('setting', '')
- if setting_raw == 'default':
- username = request.POST.get('username', '')
- port = request.POST.get('port', '')
- password = request.POST.get('password', '')
- private_key = request.POST.get('key', '')
-
- if '' in [username, port]:
- return HttpResponse('所填内容不能为空, 且密码和私钥填一个')
- else:
- private_key_dir = os.path.join(BASE_DIR, 'keys', 'default')
- private_key_path = os.path.join(private_key_dir, 'admin_user.pem')
- mkdir(private_key_dir)
-
- if private_key:
- with open(private_key_path, 'w') as f:
- f.write(private_key)
- os.chmod(private_key_path, 0600)
-
- if setting_default:
- if password:
- password_encode = CRYPTOR.encrypt(password)
- else:
- password_encode = password
- Setting.objects.filter(name='default').update(field1=username, field2=port,
- field3=password_encode,
- field4=private_key_path)
-
+ try:
+ setting_raw = request.POST.get('setting', '')
+ if setting_raw == 'default':
+ username = request.POST.get('username', '')
+ port = request.POST.get('port', '')
+ password = request.POST.get('password', '')
+ private_key = request.POST.get('key', '')
+
+ if len(password) > 30:
+ raise ServerError(u'秘密长度不能超过30位!')
+
+ if '' in [username, port]:
+ return ServerError(u'所填内容不能为空, 且密码和私钥填一个')
else:
- password_encode = CRYPTOR.encrypt(password)
- setting_r = Setting(name='default', field1=username, field2=port,
- field3=password_encode,
- field4=private_key_path).save()
+ private_key_dir = os.path.join(BASE_DIR, 'keys', 'default')
+ private_key_path = os.path.join(private_key_dir, 'admin_user.pem')
+ mkdir(private_key_dir)
+
+ if private_key:
+ with open(private_key_path, 'w') as f:
+ f.write(private_key)
+ os.chmod(private_key_path, 0600)
+
+ if setting_default:
+ if password:
+ password_encode = CRYPTOR.encrypt(password)
+ else:
+ password_encode = password
+ Setting.objects.filter(name='default').update(field1=username, field2=port,
+ field3=password_encode,
+ field4=private_key_path)
- msg = "设置成功"
+ else:
+ password_encode = CRYPTOR.encrypt(password)
+ setting_r = Setting(name='default', field1=username, field2=port,
+ field3=password_encode,
+ field4=private_key_path).save()
+ msg = "设置成功"
+ except ServerError as e:
+ error = e.message
return my_render('setting.html', locals(), request)
@@ -164,7 +164,7 @@
msg: {required: "必须填写!"}
},
"hostname": {
- rule: "required",
+ rule: "required;length[0~53]",
tip: "填写主机名",
ok: "",
msg: {required: "必须填写!"}
@@ -182,7 +182,7 @@
msg: {required: "必须填写!"}
},
"password": {
- rule: "required(use_default_auth)",
+ rule: "required(use_default_auth);length[0~64]",
tip: "输入密码",
ok: "",
msg: {required: "必须填写!"}
@@ -206,7 +206,7 @@
},
fields: {
"hostname": {
- rule: "required",
+ rule: "required;length[0~53]",
tip: "填写主机名",
ok: "",
msg: {required: "必须填写!"}
@@ -218,17 +218,17 @@
msg: {required: "必须填写!"}
},
"username": {
- rule: "required(use_default_auth)",
+ rule: "required(use_default_auth);",
tip: "输入用户名",
ok: "",
msg: {required: "必须填写!"}
},
-{# "password": {#}
-{# rule: "required(use_default_auth)",#}
-{# tip: "输入密码",#}
-{# ok: "",#}
-{# msg: {required: "必须填写!"}#}
-{# }#}
+ "password": {
+ rule: "length[0~64]",
+ tip: "输入密码",
+ ok: "",
+ empty: true
+ }
},
valid: function(form) {
form.submit();
@@ -128,6 +128,12 @@
tip: "输入端口号",
ok: "",
msg: {required: "端口号必填"}
+ },
+ "password": {
+ rule: "length[0~30]",
+ tip: "输入密码",
+ ok: "",
+ empty: true
}
{# "key": {#}
{# rule: "required(either)",#}

0 comments on commit bd69339

Please sign in to comment.