整合系统操作日志

Author: pythonzm

Ops/__pycache__/settings.cpython-36.opt-1.pyc

@@ -24,6 +24,7 @@
     Queue('ansible', Exchange('ansible', type='direct'), routing_key='ansible'),
     Queue('fort', Exchange('fort', type='direct'), routing_key='fort'),
     Queue('plan', Exchange('plan', type='direct'), routing_key='plan'),
+    Queue('commons', Exchange('commons', type='direct'), routing_key='commons'),
 )
 
 app.conf.task_default_queue = 'default'

Ops/__pycache__/urls.cpython-36.opt-1.pyc

@@ -53,6 +53,7 @@
     'assets.tasks.*': {'queue': 'default', 'routing_key': 'default'},
     'task.tasks.*': {'queue': 'ansible', 'routing_key': 'ansible'},
     'fort.tasks.*': {'queue': 'fort', 'routing_key': 'fort'},
+    'commons.tasks.*': {'queue': 'commons', 'routing_key': 'commons'},
 }
 
 # 执行ansible命令使用的redis信息
@@ -62,9 +63,12 @@
 REDIS_PASSWORD = None
 
 # mongodb配置信息
-MONGODB_HOST = '127.0.0.1'
+MONGODB_HOST = '10.1.7.198'
 MONGODB_PORT = 27017
-COMMANDS_DB = 'commands'
+MONGODB_USER = 'admin'
+MONGODB_PASS = '123456'
+RECORD_DB = 'records'
+RECORD_COLL = 'ops'
 
 # Application definition
 INSTALLED_APPS = [
@@ -88,6 +92,7 @@
     'wiki.apps.WikiConfig',
     'haystack.apps.HaystackConfig',
     'dbmanager.apps.DbmanagerConfig',
+    'commons.apps.CommonsConfig',
 ]
 
 # 全局搜索配置

Ops/__pycache__/views.cpython-36.opt-1.pyc

@@ -16,14 +16,16 @@
 from django.urls import path, include, re_path
 from django.views.static import serve
 from django.conf import settings
-from Ops import views
+from commons import views
 
 urlpatterns = [
     path('', views.dashboard, name='dashboard'),
     path(r'login/', views.login, name='login'),
     path(r'create_code/', views.gen_code_img, name='create_code'),
     path(r'logout/', views.logout, name='logout'),
     path(r'lock_screen/', views.lock_screen, name='lock_screen'),
+    path(r'system_log/', views.system_log, name='system_log'),
+    path(r'get_system_log/', views.get_system_log, name='get_system_log'),
     path(r'api/', include('api.urls')),
     path(r'run/', include('task.urls')),
     path(r'users/', include('users.urls')),

Ops/celery.py

@@ -3,7 +3,7 @@
 from task.models import AnsibleInventory
 from rest_framework import serializers
 from assets.models import *
-from users.models import UserProfile, UserLog
+from users.models import UserProfile
 from django.contrib.auth.models import Permission, Group
 from utils.crypt_pwd import CryptPwd
 from fort.models import *
@@ -194,18 +194,6 @@ class Meta:
         fields = ('id', 'name', 'user_set', 'permissions')
 
 
-class UserLogSerializer(serializers.ModelSerializer):
-    class Meta:
-        model = UserLog
-        fields = '__all__'
-
-
-class AssetsLogSerializer(serializers.ModelSerializer):
-    class Meta:
-        model = AssetsLog
-        fields = '__all__'
-
-
 class InventorySerializer(serializers.ModelSerializer):
     class Meta:
         model = AnsibleInventory

Ops/settings.py

@@ -20,8 +20,6 @@
 router.register(r'users', views.UsersViewSet)
 router.register(r'permission', views.PermissionViewSet)
 router.register(r'group', views.GroupViewSet)
-router.register(r'user_log', views.UserLogViewSet)
-router.register(r'assets_log', views.AssetsLogViewSet)
 router.register(r'fort', views.FortViewSet)
 router.register(r'fort_user', views.FortUserViewSet)
 router.register(r'periodic_task', views.PeriodicTaskViewSet)

Ops/urls.py

@@ -107,18 +107,6 @@ class GroupViewSet(viewsets.ModelViewSet):
     permission_classes = (permissions.IsAuthenticated,)
 
 
-class UserLogViewSet(viewsets.ModelViewSet):
-    queryset = UserLog.objects.all().order_by('id')
-    serializer_class = UserLogSerializer
-    permission_classes = (permissions.IsAuthenticated,)
-
-
-class AssetsLogViewSet(viewsets.ModelViewSet):
-    queryset = AssetsLog.objects.all().order_by('id')
-    serializer_class = AssetsLogSerializer
-    permission_classes = (permissions.IsAuthenticated,)
-
-
 class FortViewSet(viewsets.ModelViewSet):
     queryset = FortServer.objects.all().order_by('id')
     serializer_class = FortSerializer

api/__pycache__/serializers.cpython-36.opt-1.pyc

@@ -251,19 +251,6 @@ class Meta:
         verbose_name_plural = '机柜表'
 
 
-class AssetsLog(models.Model):
-    user = models.ForeignKey('users.UserProfile', related_name='asset_log', verbose_name='操作用户',
-                             on_delete=models.PROTECT)
-    remote_ip = models.GenericIPAddressField(verbose_name='操作用户IP')
-    content = models.CharField(max_length=100, verbose_name='操作内容')
-    c_time = models.DateTimeField(auto_now_add=True, verbose_name='操作时间')
-
-    class Meta:
-        db_table = 'ops_assets_log'
-        verbose_name = '资产管理操作记录表'
-        verbose_name_plural = '资产管理操作记录表'
-
-
 class AdminRecord(models.Model):
     record_modes = (
         ('ssh', 'ssh'),

api/__pycache__/urls.cpython-36.opt-1.pyc

@@ -11,22 +11,8 @@
 -------------------------------------------------
 """
 import json
-import logging
 from Ops.celery import app
-from assets.models import AssetsLog
-from conf.logger import user_logger
-
-
-@app.task
-def assets_record(user, remote_ip, content):
-    try:
-        AssetsLog.objects.create(
-            user=user,
-            remote_ip=remote_ip,
-            content=content,
-        )
-    except Exception as e:
-        user_logger.error('添加用户操作记录失败，原因：{}'.format(e))
+from conf.logger import fort_logger
 
 
 @app.task
@@ -43,4 +29,4 @@ def admin_file(filename, txts, header=None):
                 for txt in txts:
                     f.write(txt)
     except Exception as e:
-        logging.getLogger().error('添加用户操作记录文件失败，原因：{}'.format(e))
+        fort_logger.error('添加用户操作记录文件失败，原因：{}'.format(e))

api/__pycache__/views.cpython-36.opt-1.pyc

@@ -10,7 +10,6 @@
     path(r'add_asset/', views.add_asset, name='add_asset'),
     path(r'add_base_asset/', views.add_base_asset, name='add_base_asset'),
     re_path(r'update_asset/(?P<asset_type>(.*?))/(?P<pk>[0-9]+)/', views.update_asset, name='update_asset'),
-    path(r'assets_log/', views.get_assets_log, name='assets_log'),
     path(r'server_facts/', views.server_facts, name='server_facts'),
     re_path(r'get_server_info/(?P<pk>[0-9]+)/', views.get_asset_info, name='get_asset_info'),
     path(r'import_assets/', views.import_assets, name='import_assets'),

api/serializers.py

@@ -64,7 +64,7 @@ def get_assets_charts(request):
         if m.get('software_type') == n[0]:
             data_detail.append({'asset_type': n[1], 'dcount': m.get('dcount')})
 
-    asset_logs = AssetsLog.objects.select_related('user').all().order_by('-c_time')[:5]
+    admin_records = AdminRecord.objects.select_related('admin_login_user').all().order_by('-admin_start_time')[:5]
 
     return render(request, 'assets/assets_charts.html', locals())
 
@@ -117,8 +117,9 @@ def update_asset(request, asset_type, pk):
         asset_admins = UserProfile.objects.all()
         asset_providers = AssetProvider.objects.all()
         asset_idcs = IDC.objects.all()
-        password = CryptPwd().decrypt_pwd(asset.serverassets.password)
-        server_assets = ServerAssets.objects.select_related('assets')
+        if asset_type == 'server':
+            password = CryptPwd().decrypt_pwd(asset.serverassets.password)
+            server_assets = ServerAssets.objects.select_related('assets')
         return render(request, 'assets/update_asset.html', locals())
     elif request.method == 'POST':
         if asset_type == 'server':
@@ -141,33 +142,6 @@ def update_asset(request, asset_type, pk):
         return JsonResponse({'code': 200, 'msg': '修改成功'})
 
 
-@permission_required('assets.add_assetslog', raise_exception=True)
-def get_assets_log(request):
-    if request.method == 'GET':
-        assets_logs = AssetsLog.objects.all()
-        return render(request, 'assets/assets_log.html', locals())
-    elif request.method == 'POST':
-        start_time = request.POST.get('startTime')
-        end_time = request.POST.get('endTime')
-        new_end_time = datetime.datetime.strptime(end_time, '%Y-%m-%d') + datetime.timedelta(1)
-        end_time = new_end_time.strftime('%Y-%m-%d')
-        try:
-            records = []
-            assets_logs = AssetsLog.objects.filter(c_time__gt=start_time, c_time__lt=end_time)
-            for assets_log in assets_logs:
-                record = {
-                    'id': assets_log.id,
-                    'user': assets_log.user.username,
-                    'remote_ip': assets_log.remote_ip,
-                    'content': assets_log.content,
-                    'c_time': assets_log.c_time
-                }
-                records.append(record)
-            return JsonResponse({'code': 200, 'records': records})
-        except Exception as e:
-            return JsonResponse({'error': '查询失败：{}'.format(e)})
-
-
 @permission_required('assets.add_assets', raise_exception=True)
 def server_facts(request):
     if request.method == 'POST':
@@ -384,6 +358,7 @@ def guacamole_terminal(request, pk):
     return render(request, 'assets/admin_guacamole.html', locals())
 
 
+# 已整合至系统日志
 @admin_auth
 def login_record(request):
     if request.method == 'GET':

api/urls.py

@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.

api/views.py

@@ -0,0 +1,5 @@
+from django.apps import AppConfig
+
+
+class CommonsConfig(AppConfig):
+    name = 'commons'

assets/__pycache__/models.cpython-36.opt-1.pyc

@@ -0,0 +1,3 @@
+from django.db import models
+
+# Create your models here.

assets/models.py

@@ -0,0 +1,53 @@
+# -*- coding: utf-8 -*-
+"""
+-------------------------------------------------
+   File Name：      tasks
+   Description:
+   Author:          Administrator
+   date：           2019-07-05
+-------------------------------------------------
+   Change Activity:
+                    2019-07-05:
+-------------------------------------------------
+"""
+from __future__ import absolute_import, unicode_literals
+import json
+import requests
+import datetime
+from Ops.celery import app
+from django.conf import settings
+from utils.wx_alert import WxApi
+
+
+@app.task
+def get_login_info(login_user, login_ip, login_status):
+    """
+    获取登录登录信息
+    :param login_user:
+    :param login_ip:
+    :param login_status:
+    :return:
+    """
+    url = f'http://ip-api.com/json/{login_ip}?lang=zh-CN'
+    r = requests.get(url=url)
+    wx = WxApi('XXXXXXXXXXXXXXXXXXX', 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXX')
+
+    if r.status_code == 200:
+        info = json.loads(r.text)
+        if info.get('status') == 'fail':
+            content = '用户{}于{}尝试登录系统\n结果：{}\n登录IP：{}\n'.format(login_user,
+                                                               datetime.datetime.now().strftime(settings.TIME_FORMAT),
+                                                               login_status, login_ip)
+        else:
+            content = '用户{}于{}尝试登录系统\n结果：{}\n登录IP：{}\n登录国家：{}\n登录省市：{}\n登录城市：{}\n'.format(login_user,
+                                                                                          datetime.datetime.now().strftime(
+                                                                                              settings.TIME_FORMAT),
+                                                                                          login_status, login_ip,
+                                                                                          info.get('country'),
+                                                                                          info.get('regionName'),
+                                                                                          info.get('city'))
+    else:
+        content = '用户{}于{}尝试登录系统\n结果：{}\n登录IP：{}\n'.format(login_user,
+                                                           datetime.datetime.now().strftime(settings.TIME_FORMAT),
+                                                           login_status, login_ip)
+    wx.send_msg(subject='系统ops.juren.com登录提醒【重要】', content=content)

assets/tasks.py

@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.