robin/waf-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

1.4.5.2

Browse Source
This commit is contained in:
unknown
2026-02-04 20:27:13 +08:00
commit 3b042d1dad
9410 changed files with 1488147 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
EdgeAdmin/internal/web/actions/default/clusters/grants/create.go Normal file
View File

@@ -0,0 +1,90 @@
package grants
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"golang.org/x/crypto/ssh"
)
type CreateAction struct {
actionutils.ParentAction
}
func (this *CreateAction) Init() {
this.Nav("", "grant", "create")
}
func (this *CreateAction) RunGet(params struct{}) {
this.Data["methods"] = grantutils.AllGrantMethods(this.LangCode())
this.Show()
}
func (this *CreateAction) RunPost(params struct {
Name string
Method string
Username string
Password string
PrivateKey string
Passphrase string
Description string
Su bool
Must *actions.Must
}) {
params.Must.
Field("name", params.Name).
Require("请输入名称")
switch params.Method {
case "user":
if len(params.Username) == 0 {
this.FailField("username", "请输入SSH登录用户名")
}
case "privateKey":
if len(params.Username) == 0 {
this.FailField("username", "请输入SSH登录用户名")
}
if len(params.PrivateKey) == 0 {
this.FailField("privateKey", "请输入RSA私钥")
}
// 验证私钥
var err error
if len(params.Passphrase) > 0 {
_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(params.PrivateKey), []byte(params.Passphrase))
} else {
_, err = ssh.ParsePrivateKey([]byte(params.PrivateKey))
}
if err != nil {
this.Fail("私钥验证失败,请检查格式:" + err.Error())
return
}
default:
this.Fail("请选择正确的认证方式")
}
createResp, err := this.RPC().NodeGrantRPC().CreateNodeGrant(this.AdminContext(), &pb.CreateNodeGrantRequest{
Name: params.Name,
Method: params.Method,
Username: params.Username,
Password: params.Password,
PrivateKey: params.PrivateKey,
Passphrase: params.Passphrase,
Description: params.Description,
Su: params.Su,
NodeId: 0,
})
if err != nil {
this.ErrorPage(err)
return
}
// 创建日志
defer this.CreateLogInfo(codes.NodeGrant_LogCreateSSHGrant, createResp.NodeGrantId)
this.Success()
}

99
EdgeAdmin/internal/web/actions/default/clusters/grants/createPopup.go Normal file
View File

@@ -0,0 +1,99 @@
package grants
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
"golang.org/x/crypto/ssh"
)
type CreatePopupAction struct {
actionutils.ParentAction
}
func (this *CreatePopupAction) Init() {
this.Nav("", "", "")
}
func (this *CreatePopupAction) RunGet(params struct{}) {
this.Data["methods"] = grantutils.AllGrantMethods(this.LangCode())
this.Show()
}
func (this *CreatePopupAction) RunPost(params struct {
Name string
Method string
Username string
Password string
PrivateKey string
Passphrase string
Description string
Su bool
Must *actions.Must
}) {
params.Must.
Field("name", params.Name).
Require("请输入名称")
switch params.Method {
case "user":
if len(params.Username) == 0 {
this.FailField("username", "请输入SSH登录用户名")
}
case "privateKey":
if len(params.Username) == 0 {
this.FailField("username", "请输入SSH登录用户名")
}
if len(params.PrivateKey) == 0 {
this.FailField("privateKey", "请输入RSA私钥")
}
// 验证私钥
var err error
if len(params.Passphrase) > 0 {
_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(params.PrivateKey), []byte(params.Passphrase))
} else {
_, err = ssh.ParsePrivateKey([]byte(params.PrivateKey))
}
if err != nil {
this.Fail("私钥验证失败,请检查格式:" + err.Error())
return
}
default:
this.Fail("请选择正确的认证方式")
}
createResp, err := this.RPC().NodeGrantRPC().CreateNodeGrant(this.AdminContext(), &pb.CreateNodeGrantRequest{
Name: params.Name,
Method: params.Method,
Username: params.Username,
Password: params.Password,
PrivateKey: params.PrivateKey,
Passphrase: params.Passphrase,
Description: params.Description,
Su: params.Su,
NodeId: 0,
})
if err != nil {
this.ErrorPage(err)
return
}
this.Data["grant"] = maps.Map{
"id": createResp.NodeGrantId,
"name": params.Name,
"method": params.Method,
"methodName": grantutils.FindGrantMethodName(params.Method, this.LangCode()),
"username": params.Username,
}
// 创建日志
defer this.CreateLogInfo(codes.NodeGrant_LogCreateSSHGrant, createResp.NodeGrantId)
this.Success()
}

48
EdgeAdmin/internal/web/actions/default/clusters/grants/delete.go Normal file
View File

@@ -0,0 +1,48 @@
package grants
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
)
type DeleteAction struct {
actionutils.ParentAction
}
func (this *DeleteAction) RunPost(params struct {
GrantId int64
}) {
// 创建日志
defer this.CreateLogInfo(codes.NodeGrant_LogDeleteSSHGrant, params.GrantId)
// 检查是否有别的集群或节点正在使用
countResp, err := this.RPC().NodeClusterRPC().CountAllEnabledNodeClustersWithNodeGrantId(this.AdminContext(), &pb.CountAllEnabledNodeClustersWithNodeGrantIdRequest{
NodeGrantId: params.GrantId,
})
if err != nil {
this.ErrorPage(err)
return
}
if countResp.Count > 0 {
this.Fail("有集群正在使用此服务,请修改后再删除")
}
countResp2, err := this.RPC().NodeRPC().CountAllEnabledNodesWithNodeGrantId(this.AdminContext(), &pb.CountAllEnabledNodesWithNodeGrantIdRequest{NodeGrantId: params.GrantId})
if err != nil {
this.ErrorPage(err)
return
}
if countResp2.Count > 0 {
this.Fail("有节点正在使用此服务,请修改后再删除")
}
// 删除
_, err = this.RPC().NodeGrantRPC().DisableNodeGrant(this.AdminContext(), &pb.DisableNodeGrantRequest{NodeGrantId: params.GrantId})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

97
EdgeAdmin/internal/web/actions/default/clusters/grants/grant.go Normal file
View File

@@ -0,0 +1,97 @@
package grants
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/maps"
"strings"
)
type GrantAction struct {
actionutils.ParentAction
}
func (this *GrantAction) Init() {
this.Nav("", "grant", "index")
}
func (this *GrantAction) RunGet(params struct {
GrantId int64
}) {
grantResp, err := this.RPC().NodeGrantRPC().FindEnabledNodeGrant(this.AdminContext(), &pb.FindEnabledNodeGrantRequest{NodeGrantId: params.GrantId})
if err != nil {
this.ErrorPage(err)
return
}
if grantResp.NodeGrant == nil {
this.WriteString("can not find the grant")
return
}
// TODO 处理节点专用的认证
var grant = grantResp.NodeGrant
var privateKey = grant.PrivateKey
const maskLength = 64
if len(privateKey) > maskLength+32 {
privateKey = privateKey[:maskLength] + strings.Repeat("*", len(privateKey)-maskLength)
}
this.Data["grant"] = maps.Map{
"id": grant.Id,
"name": grant.Name,
"method": grant.Method,
"methodName": grantutils.FindGrantMethodName(grant.Method, this.LangCode()),
"username": grant.Username,
"password": strings.Repeat("*", len(grant.Password)),
"privateKey": privateKey,
"passphrase": strings.Repeat("*", len(grant.Passphrase)),
"description": grant.Description,
"su": grant.Su,
}
// 使用此认证的集群
clusterMaps := []maps.Map{}
clustersResp, err := this.RPC().NodeClusterRPC().FindAllEnabledNodeClustersWithNodeGrantId(this.AdminContext(), &pb.FindAllEnabledNodeClustersWithNodeGrantIdRequest{NodeGrantId: params.GrantId})
if err != nil {
this.ErrorPage(err)
return
}
for _, cluster := range clustersResp.NodeClusters {
clusterMaps = append(clusterMaps, maps.Map{
"id": cluster.Id,
"name": cluster.Name,
})
}
this.Data["clusters"] = clusterMaps
// 使用此认证的节点
nodeMaps := []maps.Map{}
nodesResp, err := this.RPC().NodeRPC().FindAllEnabledNodesWithNodeGrantId(this.AdminContext(), &pb.FindAllEnabledNodesWithNodeGrantIdRequest{NodeGrantId: params.GrantId})
if err != nil {
this.ErrorPage(err)
return
}
for _, node := range nodesResp.Nodes {
if node.NodeCluster == nil {
continue
}
clusterMap := maps.Map{
"id": node.NodeCluster.Id,
"name": node.NodeCluster.Name,
}
nodeMaps = append(nodeMaps, maps.Map{
"id": node.Id,
"name": node.Name,
"cluster": clusterMap,
"isOn": node.IsOn,
})
}
this.Data["nodes"] = nodeMaps
this.Show()
}

31
EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils/utils.go Normal file
View File

@@ -0,0 +1,31 @@
package grantutils
import (
"github.com/TeaOSLab/EdgeCommon/pkg/langs"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/iwind/TeaGo/maps"
)
// AllGrantMethods 所有的认证类型
func AllGrantMethods(langCode langs.LangCode) []maps.Map {
return []maps.Map{
{
"name": langs.Message(langCode, codes.NodeGrant_MethodUserPassword),
"value": "user",
},
{
"name": langs.Message(langCode, codes.NodeGrant_MethodPrivateKey),
"value": "privateKey",
},
}
}
// FindGrantMethodName 获得对应的认证类型名称
func FindGrantMethodName(method string, langCode langs.LangCode) string {
for _, m := range AllGrantMethods(langCode) {
if m.GetString("value") == method {
return m.GetString("name")
}
}
return ""
}

75
EdgeAdmin/internal/web/actions/default/clusters/grants/index.go Normal file
View File

@@ -0,0 +1,75 @@
package grants
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/maps"
)
type IndexAction struct {
actionutils.ParentAction
}
func (this *IndexAction) Init() {
this.Nav("", "grant", "index")
}
func (this *IndexAction) RunGet(params struct {
Keyword string
}) {
this.Data["keyword"] = params.Keyword
countResp, err := this.RPC().NodeGrantRPC().CountAllEnabledNodeGrants(this.AdminContext(), &pb.CountAllEnabledNodeGrantsRequest{
Keyword: params.Keyword,
})
if err != nil {
this.ErrorPage(err)
return
}
var page = this.NewPage(countResp.Count)
this.Data["page"] = page.AsHTML()
grantsResp, err := this.RPC().NodeGrantRPC().ListEnabledNodeGrants(this.AdminContext(), &pb.ListEnabledNodeGrantsRequest{
Keyword: params.Keyword,
Offset: page.Offset,
Size: page.Size,
})
if err != nil {
this.ErrorPage(err)
return
}
var grantMaps = []maps.Map{}
for _, grant := range grantsResp.NodeGrants {
// 集群数
countClustersResp, err := this.RPC().NodeClusterRPC().CountAllEnabledNodeClustersWithNodeGrantId(this.AdminContext(), &pb.CountAllEnabledNodeClustersWithNodeGrantIdRequest{NodeGrantId: grant.Id})
if err != nil {
this.ErrorPage(err)
return
}
var countClusters = countClustersResp.Count
// 节点数
countNodesResp, err := this.RPC().NodeRPC().CountAllEnabledNodesWithNodeGrantId(this.AdminContext(), &pb.CountAllEnabledNodesWithNodeGrantIdRequest{NodeGrantId: grant.Id})
if err != nil {
this.ErrorPage(err)
return
}
var countNodes = countNodesResp.Count
grantMaps = append(grantMaps, maps.Map{
"id": grant.Id,
"name": grant.Name,
"method": maps.Map{
"type": grant.Method,
"name": grantutils.FindGrantMethodName(grant.Method, this.LangCode()),
},
"username": grant.Username,
"countClusters": countClusters,
"countNodes": countNodes,
})
}
this.Data["grants"] = grantMaps
this.Show()
}

31
EdgeAdmin/internal/web/actions/default/clusters/grants/init.go Normal file
View File

@@ -0,0 +1,31 @@
package grants
import (
"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/clusterutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
"github.com/iwind/TeaGo"
)
func init() {
TeaGo.BeforeStart(func(server *TeaGo.Server) {
server.
Helper(helpers.NewUserMustAuth(configloaders.AdminModuleCodeNode)).
Helper(clusterutils.NewClustersHelper()).
Data("teaMenu", "clusters").
Data("teaSubMenu", "grant").
Prefix("/clusters/grants").
// 授权管理
Get("", new(IndexAction)).
GetPost("/create", new(CreateAction)).
GetPost("/update", new(UpdateAction)).
Post("/delete", new(DeleteAction)).
Get("/grant", new(GrantAction)).
GetPost("/selectPopup", new(SelectPopupAction)).
GetPost("/createPopup", new(CreatePopupAction)).
GetPost("/updatePopup", new(UpdatePopupAction)).
GetPost("/test", new(TestAction)).
EndAll()
})
}

99
EdgeAdmin/internal/web/actions/default/clusters/grants/selectPopup.go Normal file
View File

@@ -0,0 +1,99 @@
package grants
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
)
type SelectPopupAction struct {
actionutils.ParentAction
}
func (this *SelectPopupAction) Init() {
this.Nav("", "", "")
}
func (this *SelectPopupAction) RunGet(params struct {
NodeClusterId int64
NsClusterId int64
}) {
// 所有的认证
grantsResp, err := this.RPC().NodeGrantRPC().FindAllEnabledNodeGrants(this.AdminContext(), &pb.FindAllEnabledNodeGrantsRequest{})
if err != nil {
this.ErrorPage(err)
return
}
grants := grantsResp.NodeGrants
grantMaps := []maps.Map{}
for _, grant := range grants {
grantMaps = append(grantMaps, maps.Map{
"id": grant.Id,
"name": grant.Name,
"method": grant.Method,
"methodName": grantutils.FindGrantMethodName(grant.Method, this.LangCode()),
"username": grant.Username,
"description": grant.Description,
})
}
this.Data["grants"] = grantMaps
// 推荐的认证
suggestGrantsResp, err := this.RPC().NodeGrantRPC().FindSuggestNodeGrants(this.AdminContext(), &pb.FindSuggestNodeGrantsRequest{
NodeClusterId: params.NodeClusterId,
NsClusterId: params.NsClusterId,
})
if err != nil {
this.ErrorPage(err)
return
}
var suggestGrantMaps = []maps.Map{}
for _, grant := range suggestGrantsResp.NodeGrants {
suggestGrantMaps = append(suggestGrantMaps, maps.Map{
"id": grant.Id,
"name": grant.Name,
"method": grant.Method,
"methodName": grantutils.FindGrantMethodName(grant.Method, this.LangCode()),
"username": grant.Username,
"description": grant.Description,
})
}
this.Data["suggestGrants"] = suggestGrantMaps
this.Show()
}
func (this *SelectPopupAction) RunPost(params struct {
GrantId int64
Must *actions.Must
}) {
if params.GrantId <= 0 {
this.Data["grant"] = maps.Map{
"id": params.GrantId,
"name": "",
"method": "",
"methodName": "",
}
this.Success()
}
grantResp, err := this.RPC().NodeGrantRPC().FindEnabledNodeGrant(this.AdminContext(), &pb.FindEnabledNodeGrantRequest{NodeGrantId: params.GrantId})
if err != nil {
this.ErrorPage(err)
return
}
grant := grantResp.NodeGrant
if grant == nil {
this.Fail("找不到要使用的认证")
}
this.Data["grant"] = maps.Map{
"id": grant.Id,
"name": grant.Name,
"method": grant.Method,
"methodName": grantutils.FindGrantMethodName(grant.Method, this.LangCode()),
}
this.Success()
}

78
EdgeAdmin/internal/web/actions/default/clusters/grants/test.go Normal file
View File

@@ -0,0 +1,78 @@
// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
package grants
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
"strings"
)
type TestAction struct {
actionutils.ParentAction
}
func (this *TestAction) Init() {
this.Nav("", "", "test")
}
func (this *TestAction) RunGet(params struct {
GrantId int64
}) {
grantResp, err := this.RPC().NodeGrantRPC().FindEnabledNodeGrant(this.AdminContext(), &pb.FindEnabledNodeGrantRequest{NodeGrantId: params.GrantId})
if err != nil {
this.ErrorPage(err)
return
}
if grantResp.NodeGrant == nil {
this.WriteString("can not find the grant")
return
}
grant := grantResp.NodeGrant
this.Data["grant"] = maps.Map{
"id": grant.Id,
"name": grant.Name,
"method": grant.Method,
"methodName": grantutils.FindGrantMethodName(grant.Method, this.LangCode()),
"username": grant.Username,
"password": strings.Repeat("*", len(grant.Password)),
"privateKey": grant.PrivateKey,
"description": grant.Description,
"su": grant.Su,
}
this.Show()
}
func (this *TestAction) RunPost(params struct {
GrantId int64
Host string
Port int32
Must *actions.Must
CSRF *actionutils.CSRF
}) {
params.Must.
Field("host", params.Host).
Require("请输入节点主机地址").
Field("port", params.Port).
Gt(0, "请输入正确的端口号").
Lt(65535, "请输入正确的端口号")
resp, err := this.RPC().NodeGrantRPC().TestNodeGrant(this.AdminContext(), &pb.TestNodeGrantRequest{
NodeGrantId: params.GrantId,
Host: params.Host,
Port: params.Port,
})
if err != nil {
this.ErrorPage(err)
return
}
this.Data["isOk"] = resp.IsOk
this.Data["error"] = resp.Error
this.Success()
}

134
EdgeAdmin/internal/web/actions/default/clusters/grants/update.go Normal file
View File

@@ -0,0 +1,134 @@
package grants
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
"golang.org/x/crypto/ssh"
"strings"
)
type UpdateAction struct {
actionutils.ParentAction
}
func (this *UpdateAction) Init() {
this.Nav("", "grant", "update")
}
func (this *UpdateAction) RunGet(params struct {
GrantId int64
}) {
this.Data["methods"] = grantutils.AllGrantMethods(this.LangCode())
grantResp, err := this.RPC().NodeGrantRPC().FindEnabledNodeGrant(this.AdminContext(), &pb.FindEnabledNodeGrantRequest{NodeGrantId: params.GrantId})
if err != nil {
this.ErrorPage(err)
return
}
if grantResp.NodeGrant == nil {
this.WriteString("can not find the grant")
return
}
// TODO 处理节点专用的认证
var grant = grantResp.NodeGrant
// private key
var privateKey = grant.PrivateKey
const maskLength = 64
if len(privateKey) > maskLength+32 {
privateKey = privateKey[:maskLength] + strings.Repeat("*", len(privateKey)-maskLength)
}
this.Data["grant"] = maps.Map{
"id": grant.Id,
"name": grant.Name,
"method": grant.Method,
"methodName": grantutils.FindGrantMethodName(grant.Method, this.LangCode()),
"username": grant.Username,
"password": strings.Repeat("*", len(grant.Password)),
"privateKey": privateKey,
"passphrase": grant.Passphrase,
"description": grant.Description,
"su": grant.Su,
}
this.Show()
}
func (this *UpdateAction) RunPost(params struct {
GrantId int64
Name string
Method string
Username string
Password string
PrivateKey string
Passphrase string
Description string
Su bool
Must *actions.Must
}) {
// 创建日志
defer this.CreateLogInfo(codes.NodeGrant_LogUpdateSSHGrant, params.GrantId)
params.Must.
Field("name", params.Name).
Require("请输入名称")
switch params.Method {
case "user":
if len(params.Username) == 0 {
this.FailField("username", "请输入SSH登录用户名")
}
case "privateKey":
if len(params.Username) == 0 {
this.FailField("username", "请输入SSH登录用户名")
}
if len(params.PrivateKey) == 0 {
this.FailField("privateKey", "请输入RSA私钥")
}
// 验证私钥
if !strings.HasSuffix(params.PrivateKey, "******") /* 非掩码 */ {
var err error
if len(params.Passphrase) > 0 {
_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(params.PrivateKey), []byte(params.Passphrase))
} else {
_, err = ssh.ParsePrivateKey([]byte(params.PrivateKey))
}
if err != nil {
this.Fail("私钥验证失败,请检查格式:" + err.Error())
return
}
}
default:
this.Fail("请选择正确的认证方式")
}
// TODO 检查grantId是否存在
_, err := this.RPC().NodeGrantRPC().UpdateNodeGrant(this.AdminContext(), &pb.UpdateNodeGrantRequest{
NodeGrantId: params.GrantId,
Name: params.Name,
Method: params.Method,
Username: params.Username,
Password: params.Password,
PrivateKey: params.PrivateKey,
Passphrase: params.Passphrase,
Description: params.Description,
Su: params.Su,
NodeId: 0,
})
if err != nil {
this.ErrorPage(err)
return
}
this.Success()
}

131
EdgeAdmin/internal/web/actions/default/clusters/grants/updatePopup.go Normal file
View File

@@ -0,0 +1,131 @@
package grants
import (
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
"github.com/iwind/TeaGo/actions"
"github.com/iwind/TeaGo/maps"
"golang.org/x/crypto/ssh"
)
type UpdatePopupAction struct {
actionutils.ParentAction
}
func (this *UpdatePopupAction) Init() {
this.Nav("", "", "")
}
func (this *UpdatePopupAction) RunGet(params struct {
GrantId int64
}) {
this.Data["methods"] = grantutils.AllGrantMethods(this.LangCode())
grantResp, err := this.RPC().NodeGrantRPC().FindEnabledNodeGrant(this.AdminContext(), &pb.FindEnabledNodeGrantRequest{NodeGrantId: params.GrantId})
if err != nil {
this.ErrorPage(err)
return
}
if grantResp.NodeGrant == nil {
this.WriteString("找不到要操作的对象")
return
}
grant := grantResp.NodeGrant
this.Data["grant"] = maps.Map{
"id": grant.Id,
"nodeId": grant.NodeId,
"method": grant.Method,
"name": grant.Name,
"username": grant.Username,
"password": grant.Password,
"description": grant.Description,
"privateKey": grant.PrivateKey,
"passphrase": grant.Passphrase,
"su": grant.Su,
}
this.Show()
}
func (this *UpdatePopupAction) RunPost(params struct {
GrantId int64
NodeId int64
Name string
Method string
Username string
Password string
PrivateKey string
Passphrase string
Description string
Su bool
Must *actions.Must
}) {
// 创建日志
defer this.CreateLogInfo(codes.NodeGrant_LogUpdateSSHGrant, params.GrantId)
params.Must.
Field("name", params.Name).
Require("请输入名称")
switch params.Method {
case "user":
if len(params.Username) == 0 {
this.FailField("username", "请输入SSH登录用户名")
}
case "privateKey":
if len(params.Username) == 0 {
this.FailField("username", "请输入SSH登录用户名")
}
if len(params.PrivateKey) == 0 {
this.FailField("privateKey", "请输入RSA私钥")
}
// 验证私钥
var err error
if len(params.Passphrase) > 0 {
_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(params.PrivateKey), []byte(params.Passphrase))
} else {
_, err = ssh.ParsePrivateKey([]byte(params.PrivateKey))
}
if err != nil {
this.Fail("私钥验证失败,请检查格式:" + err.Error())
return
}
default:
this.Fail("请选择正确的认证方式")
}
// 执行修改
_, err := this.RPC().NodeGrantRPC().UpdateNodeGrant(this.AdminContext(), &pb.UpdateNodeGrantRequest{
NodeGrantId: params.GrantId,
Name: params.Name,
Method: params.Method,
Username: params.Username,
Password: params.Password,
PrivateKey: params.PrivateKey,
Passphrase: params.Passphrase,
Description: params.Description,
NodeId: params.NodeId,
Su: params.Su,
})
if err != nil {
this.ErrorPage(err)
return
}
// 返回信息
this.Data["grant"] = maps.Map{
"id": params.GrantId,
"name": params.Name,
"method": params.Method,
"methodName": grantutils.FindGrantMethodName(params.Method, this.LangCode()),
"username": params.Username,
}
this.Success()
}