Bug fix hostname (#216)

* fix (jasset):   修复资产hostname过长和密码过长引起的bug

1. 修改password字段的长度，对称加密过后的字符串会变长，所有设置得比较大(256)
2. 添加check hostname 和 password的 长度校验

* fix (jumpserver/jasset):   修复setting时，秘密过长问题。

1. 修改password字段的长度，对称加密过后的字符串会变长，所有设置得比较大(256)
2. 后端修复views秘密超过30位不保存
3.前段使用js限制秘密长多不能超过30位

* fix (jumpserver/jasset):   setting and asset hostname password  too long.

1. 添加setting password字段长度验证
2. 添加资产主机名和密码长度验证

* fix (jumpserver/jasset):   setting and asset hostname password  too long.

1. 修正setting时的　输入密码的提示错误.

jasset/models.py

@@ -67,7 +67,7 @@ class Asset(models.Model):
     port = models.IntegerField(blank=True, null=True, verbose_name=u"端口号")
     group = models.ManyToManyField(AssetGroup, blank=True, verbose_name=u"所属主机组")
     username = models.CharField(max_length=16, blank=True, null=True, verbose_name=u"管理用户名")
-    password = models.CharField(max_length=64, blank=True, null=True, verbose_name=u"密码")
+    password = models.CharField(max_length=256, blank=True, null=True, verbose_name=u"密码")
     use_default_auth = models.BooleanField(default=True, verbose_name=u"使用默认管理账号")
     idc = models.ForeignKey(IDC, blank=True, null=True,  on_delete=models.SET_NULL, verbose_name=u'机房')
     mac = models.CharField(max_length=20, blank=True, null=True, verbose_name=u"MAC地址")

jasset/views.py

@@ -135,13 +135,16 @@ def asset_add(request):
         af_post = AssetForm(request.POST)
         ip = request.POST.get('ip', '')
         hostname = request.POST.get('hostname', '')
+
         is_active = True if request.POST.get('is_active') == '1' else False
         use_default_auth = request.POST.get('use_default_auth', '')
         try:
             if Asset.objects.filter(hostname=unicode(hostname)):
                 error = u'该主机名 %s 已存在!' % hostname
                 raise ServerError(error)
-
+            if len(hostname) > 54:
+                error = u"主机名长度不能超过53位!"
+                raise ServerError(error)
         except ServerError:
             pass
         else:
@@ -219,34 +222,38 @@ def asset_edit(request):
             if asset_test and asset_id != unicode(asset_test.id):
                 emg = u'该主机名 %s 已存在!' % hostname
                 raise ServerError(emg)
-        except ServerError:
-            pass
-        else:
-            if af_post.is_valid():
-                af_save = af_post.save(commit=False)
-                if use_default_auth:
-                    af_save.username = ''
-                    af_save.password = ''
-                    # af_save.port = None
-                else:
-                    if password:
-                        password_encode = CRYPTOR.encrypt(password)
-                        af_save.password = password_encode
-                    else:
-                        af_save.password = password_old
-                af_save.is_active = True if is_active else False
-                af_save.save()
-                af_post.save_m2m()
-                # asset_new = get_object(Asset, id=asset_id)
-                # asset_diff_one(asset_old, asset_new)
-                info = asset_diff(af_post.__dict__.get('initial'), request.POST)
-                db_asset_alert(asset, username, info)
-
-                smg = u'主机 %s 修改成功' % ip
+            if len(hostname) > 54:
+                emg = u'主机名长度不能超过54位!'
+                raise ServerError(emg)
             else:
-                emg = u'主机 %s 修改失败' % ip
-                return my_render('jasset/error.html', locals(), request)
-            return HttpResponseRedirect(reverse('asset_detail')+'?id=%s' % asset_id)
+                if af_post.is_valid():
+                    af_save = af_post.save(commit=False)
+                    if use_default_auth:
+                        af_save.username = ''
+                        af_save.password = ''
+                        # af_save.port = None
+                    else:
+                        if password:
+                            password_encode = CRYPTOR.encrypt(password)
+                            af_save.password = password_encode
+                        else:
+                            af_save.password = password_old
+                    af_save.is_active = True if is_active else False
+                    af_save.save()
+                    af_post.save_m2m()
+                    # asset_new = get_object(Asset, id=asset_id)
+                    # asset_diff_one(asset_old, asset_new)
+                    info = asset_diff(af_post.__dict__.get('initial'), request.POST)
+                    db_asset_alert(asset, username, info)
+
+                    smg = u'主机 %s 修改成功' % ip
+                else:
+                    emg = u'主机 %s 修改失败' % ip
+                    raise ServerError(emg)
+        except ServerError as e:
+            error = e.message
+            return my_render('jasset/asset_edit.html', locals(), request)
+        return HttpResponseRedirect(reverse('asset_detail')+'?id=%s' % asset_id)
 
     return my_render('jasset/asset_edit.html', locals(), request)
 

jumpserver/models.py

@@ -7,7 +7,7 @@ class Setting(models.Model):
     name = models.CharField(max_length=100)
     field1 = models.CharField(max_length=100, null=True, blank=True)
     field2 = models.CharField(max_length=100, null=True, blank=True)
-    field3 = models.CharField(max_length=100, null=True, blank=True)
+    field3 = models.CharField(max_length=256, null=True, blank=True)
     field4 = models.CharField(max_length=100, null=True, blank=True)
     field5 = models.CharField(max_length=100, null=True, blank=True)
 

jumpserver/views.py

@@ -220,41 +220,46 @@ def setting(request):
     setting_default = get_object(Setting, name='default')
 
     if request.method == "POST":
-        setting_raw = request.POST.get('setting', '')
-        if setting_raw == 'default':
-            username = request.POST.get('username', '')
-            port = request.POST.get('port', '')
-            password = request.POST.get('password', '')
-            private_key = request.POST.get('key', '')
-
-            if '' in [username, port]:
-                return HttpResponse('所填内容不能为空, 且密码和私钥填一个')
-            else:
-                private_key_dir = os.path.join(BASE_DIR, 'keys', 'default')
-                private_key_path = os.path.join(private_key_dir, 'admin_user.pem')
-                mkdir(private_key_dir)
-
-                if private_key:
-                    with open(private_key_path, 'w') as f:
-                            f.write(private_key)
-                    os.chmod(private_key_path, 0600)
-
-                if setting_default:
-                    if password:
-                        password_encode = CRYPTOR.encrypt(password)
-                    else:
-                        password_encode = password
-                    Setting.objects.filter(name='default').update(field1=username, field2=port,
-                                                                  field3=password_encode,
-                                                                  field4=private_key_path)
-
+        try:
+            setting_raw = request.POST.get('setting', '')
+            if setting_raw == 'default':
+                username = request.POST.get('username', '')
+                port = request.POST.get('port', '')
+                password = request.POST.get('password', '')
+                private_key = request.POST.get('key', '')
+
+                if len(password) > 30:
+                    raise ServerError(u'秘密长度不能超过30位!')
+
+                if '' in [username, port]:
+                    return ServerError(u'所填内容不能为空, 且密码和私钥填一个')
                 else:
-                    password_encode = CRYPTOR.encrypt(password)
-                    setting_r = Setting(name='default', field1=username, field2=port,
-                                        field3=password_encode,
-                                        field4=private_key_path).save()
+                    private_key_dir = os.path.join(BASE_DIR, 'keys', 'default')
+                    private_key_path = os.path.join(private_key_dir, 'admin_user.pem')
+                    mkdir(private_key_dir)
+
+                    if private_key:
+                        with open(private_key_path, 'w') as f:
+                                f.write(private_key)
+                        os.chmod(private_key_path, 0600)
+
+                    if setting_default:
+                        if password:
+                            password_encode = CRYPTOR.encrypt(password)
+                        else:
+                            password_encode = password
+                        Setting.objects.filter(name='default').update(field1=username, field2=port,
+                                                                      field3=password_encode,
+                                                                      field4=private_key_path)
 
-            msg = "设置成功"
+                    else:
+                        password_encode = CRYPTOR.encrypt(password)
+                        setting_r = Setting(name='default', field1=username, field2=port,
+                                            field3=password_encode,
+                                            field4=private_key_path).save()
+                        msg = "设置成功"
+        except ServerError as e:
+            error = e.message
     return my_render('setting.html', locals(), request)
 
 

templates/jasset/asset_add.html

@@ -164,7 +164,7 @@ <h5> 填写资产基本信息 </h5>
                 msg: {required: "必须填写!"}
             },
             "hostname": {
-                rule: "required",
+                rule: "required;length[0~53]",
                 tip: "填写主机名",
                 ok: "",
                 msg: {required: "必须填写!"}
@@ -182,7 +182,7 @@ <h5> 填写资产基本信息 </h5>
                 msg: {required: "必须填写!"}
             },
             "password": {
-                rule: "required(use_default_auth)",
+                rule: "required(use_default_auth);length[0~64]",
                 tip: "输入密码",
                 ok: "",
                 msg: {required: "必须填写!"}

templates/jasset/asset_edit.html

@@ -206,7 +206,7 @@ <h5> 修改资产基本信息 </h5>
         },
         fields: {
             "hostname": {
-                rule: "required",
+                rule: "required;length[0~53]",
                 tip: "填写主机名",
                 ok: "",
                 msg: {required: "必须填写!"}
@@ -218,17 +218,17 @@ <h5> 修改资产基本信息 </h5>
                 msg: {required: "必须填写!"}
             },
             "username": {
-                rule: "required(use_default_auth)",
+                rule: "required(use_default_auth);",
                 tip: "输入用户名",
                 ok: "",
                 msg: {required: "必须填写!"}
             },
-{#            "password": {#}
-{#                rule: "required(use_default_auth)",#}
-{#                tip: "输入密码",#}
-{#                ok: "",#}
-{#                msg: {required: "必须填写!"}#}
-{#            }#}
+            "password": {
+                rule: "length[0~64]",
+                tip: "输入密码",
+                ok: "",
+                empty: true
+            }
         },
         valid: function(form) {
             form.submit();

templates/setting.html

@@ -128,6 +128,12 @@ <h5> 项目设置 </h5>
                 tip: "输入端口号",
                 ok: "",
                 msg: {required: "端口号必填"}
+            },
+            "password": {
+                rule: "length[0~30]",
+                tip: "输入密码",
+                ok: "",
+                empty: true
             }
 {#            "key": {#}
 {#                rule: "required(either)",#}