EdgeAdmin/internal/web/actions/default/clusters/grants/update.go

package grants

import (
	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
	"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
	"github.com/iwind/TeaGo/actions"
	"github.com/iwind/TeaGo/maps"
	"golang.org/x/crypto/ssh"
	"strings"
)

type UpdateAction struct {
	actionutils.ParentAction
}

func (this *UpdateAction) Init() {
	this.Nav("", "grant", "update")
}

func (this *UpdateAction) RunGet(params struct {
	GrantId int64
}) {
	this.Data["methods"] = grantutils.AllGrantMethods(this.LangCode())

	grantResp, err := this.RPC().NodeGrantRPC().FindEnabledNodeGrant(this.AdminContext(), &pb.FindEnabledNodeGrantRequest{NodeGrantId: params.GrantId})
	if err != nil {
		this.ErrorPage(err)
		return
	}
	if grantResp.NodeGrant == nil {
		this.WriteString("can not find the grant")
		return
	}

	// TODO 处理节点专用的认证

	var grant = grantResp.NodeGrant

	// private key
	var privateKey = grant.PrivateKey
	const maskLength = 64
	if len(privateKey) > maskLength+32 {
		privateKey = privateKey[:maskLength] + strings.Repeat("*", len(privateKey)-maskLength)
	}

	this.Data["grant"] = maps.Map{
		"id":          grant.Id,
		"name":        grant.Name,
		"method":      grant.Method,
		"methodName":  grantutils.FindGrantMethodName(grant.Method, this.LangCode()),
		"username":    grant.Username,
		"password":    strings.Repeat("*", len(grant.Password)),
		"privateKey":  privateKey,
		"passphrase":  grant.Passphrase,
		"description": grant.Description,
		"su":          grant.Su,
	}

	this.Show()
}

func (this *UpdateAction) RunPost(params struct {
	GrantId     int64
	Name        string
	Method      string
	Username    string
	Password    string
	PrivateKey  string
	Passphrase  string
	Description string
	Su          bool

	Must *actions.Must
}) {
	// 创建日志
	defer this.CreateLogInfo(codes.NodeGrant_LogUpdateSSHGrant, params.GrantId)

	params.Must.
		Field("name", params.Name).
		Require("请输入名称")

	switch params.Method {
	case "user":
		if len(params.Username) == 0 {
			this.FailField("username", "请输入SSH登录用户名")
		}
	case "privateKey":
		if len(params.Username) == 0 {
			this.FailField("username", "请输入SSH登录用户名")
		}
		if len(params.PrivateKey) == 0 {
			this.FailField("privateKey", "请输入RSA私钥")
		}

		// 验证私钥
		if !strings.HasSuffix(params.PrivateKey, "******") /* 非掩码 */ {
			var err error
			if len(params.Passphrase) > 0 {
				_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(params.PrivateKey), []byte(params.Passphrase))
			} else {
				_, err = ssh.ParsePrivateKey([]byte(params.PrivateKey))
			}
			if err != nil {
				this.Fail("私钥验证失败，请检查格式：" + err.Error())
				return
			}
		}
	default:
		this.Fail("请选择正确的认证方式")
	}

	// TODO 检查grantId是否存在

	_, err := this.RPC().NodeGrantRPC().UpdateNodeGrant(this.AdminContext(), &pb.UpdateNodeGrantRequest{
		NodeGrantId: params.GrantId,
		Name:        params.Name,
		Method:      params.Method,
		Username:    params.Username,
		Password:    params.Password,
		PrivateKey:  params.PrivateKey,
		Passphrase:  params.Passphrase,
		Description: params.Description,
		Su:          params.Su,
		NodeId:      0,
	})
	if err != nil {
		this.ErrorPage(err)
		return
	}

	this.Success()
}
阶段性提交 2020-07-29 19:34:54 +08:00			`package grants`

节点SSH密码和私钥均以掩码方式显示 2024-03-18 10:51:14 +08:00			`import (`
			`"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"`
显示SSH认证相关集群、节点 2020-10-25 21:27:28 +08:00			`"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"`
部分中文转换为多语言代号 2023-06-30 18:08:30 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"`
显示SSH认证相关集群、节点 2020-10-25 21:27:28 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"`
阶段性提交 2020-07-29 19:34:54 +08:00			`"github.com/iwind/TeaGo/actions"`
			`"github.com/iwind/TeaGo/maps"`
创建SSH认证私钥时校验私钥内容 2023-03-19 17:48:43 +08:00			`"golang.org/x/crypto/ssh"`
节点SSH密码和私钥均以掩码方式显示 2024-03-18 10:51:14 +08:00			`"strings"`
阶段性提交 2020-07-29 19:34:54 +08:00			`)`

			`type UpdateAction struct {`
			`actionutils.ParentAction`
			`}`

			`func (this *UpdateAction) Init() {`
显示SSH认证相关集群、节点 2020-10-25 21:27:28 +08:00			`this.Nav("", "grant", "update")`
阶段性提交 2020-07-29 19:34:54 +08:00			`}`

			`func (this *UpdateAction) RunGet(params struct {`
			`GrantId int64`
			`}) {`
部分中文转换为多语言代号 2023-06-28 19:07:42 +08:00			`this.Data["methods"] = grantutils.AllGrantMethods(this.LangCode())`
阶段性提交 2020-07-29 19:34:54 +08:00
增加SSH认证连接测试功能 2021-04-18 21:19:50 +08:00			`grantResp, err := this.RPC().NodeGrantRPC().FindEnabledNodeGrant(this.AdminContext(), &pb.FindEnabledNodeGrantRequest{NodeGrantId: params.GrantId})`
阶段性提交 2020-07-29 19:34:54 +08:00			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`
增加SSH认证连接测试功能 2021-04-18 21:19:50 +08:00			`if grantResp.NodeGrant == nil {`
阶段性提交 2020-07-29 19:34:54 +08:00			`this.WriteString("can not find the grant")`
			`return`
			`}`

			`// TODO 处理节点专用的认证`

节点SSH密码和私钥均以掩码方式显示 2024-03-18 10:51:14 +08:00			`var grant = grantResp.NodeGrant`

			`// private key`
			`var privateKey = grant.PrivateKey`
			`const maskLength = 64`
			`if len(privateKey) > maskLength+32 {`
			`privateKey = privateKey[:maskLength] + strings.Repeat("*", len(privateKey)-maskLength)`
			`}`

阶段性提交 2020-07-29 19:34:54 +08:00			`this.Data["grant"] = maps.Map{`
			`"id": grant.Id,`
			`"name": grant.Name,`
			`"method": grant.Method,`
部分中文转换为多语言代号 2023-06-28 19:07:42 +08:00			`"methodName": grantutils.FindGrantMethodName(grant.Method, this.LangCode()),`
阶段性提交 2020-07-29 19:34:54 +08:00			`"username": grant.Username,`
节点SSH密码和私钥均以掩码方式显示 2024-03-18 10:51:14 +08:00			`"password": strings.Repeat("*", len(grant.Password)),`
			`"privateKey": privateKey,`
SSH登录支持Passphrase 2021-11-06 15:31:07 +08:00			`"passphrase": grant.Passphrase,`
阶段性提交 2020-07-29 19:34:54 +08:00			`"description": grant.Description,`
			`"su": grant.Su,`
			`}`

			`this.Show()`
			`}`

			`func (this *UpdateAction) RunPost(params struct {`
			`GrantId int64`
			`Name string`
			`Method string`
			`Username string`
			`Password string`
			`PrivateKey string`
SSH登录支持Passphrase 2021-11-06 15:31:07 +08:00			`Passphrase string`
阶段性提交 2020-07-29 19:34:54 +08:00			`Description string`
SSH认证支持sudo 2021-12-06 19:24:30 +08:00			`Su bool`
阶段性提交 2020-07-29 19:34:54 +08:00
			`Must *actions.Must`
			`}) {`
增加一部分操作日志 2020-11-10 21:37:48 +08:00			`// 创建日志`
部分中文转换为多语言代号 2023-06-30 18:08:30 +08:00			`defer this.CreateLogInfo(codes.NodeGrant_LogUpdateSSHGrant, params.GrantId)`
增加一部分操作日志 2020-11-10 21:37:48 +08:00
阶段性提交 2020-07-29 19:34:54 +08:00			`params.Must.`
			`Field("name", params.Name).`
			`Require("请输入名称")`

			`switch params.Method {`
			`case "user":`
			`if len(params.Username) == 0 {`
			`this.FailField("username", "请输入SSH登录用户名")`
			`}`
			`case "privateKey":`
SSH认证--私钥认证方式增加用户名选项 2021-06-30 14:55:21 +08:00			`if len(params.Username) == 0 {`
			`this.FailField("username", "请输入SSH登录用户名")`
			`}`
阶段性提交 2020-07-29 19:34:54 +08:00			`if len(params.PrivateKey) == 0 {`
			`this.FailField("privateKey", "请输入RSA私钥")`
			`}`
创建SSH认证私钥时校验私钥内容 2023-03-19 17:48:43 +08:00
			`// 验证私钥`
节点SSH密码和私钥均以掩码方式显示 2024-03-18 10:51:14 +08:00			`if !strings.HasSuffix(params.PrivateKey, "*****") / 非掩码 */ {`
			`var err error`
			`if len(params.Passphrase) > 0 {`
			`_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(params.PrivateKey), []byte(params.Passphrase))`
			`} else {`
			`_, err = ssh.ParsePrivateKey([]byte(params.PrivateKey))`
			`}`
			`if err != nil {`
			`this.Fail("私钥验证失败，请检查格式：" + err.Error())`
			`return`
			`}`
创建SSH认证私钥时校验私钥内容 2023-03-19 17:48:43 +08:00			`}`
阶段性提交 2020-07-29 19:34:54 +08:00			`default:`
			`this.Fail("请选择正确的认证方式")`
			`}`

			`// TODO 检查grantId是否存在`

			`_, err := this.RPC().NodeGrantRPC().UpdateNodeGrant(this.AdminContext(), &pb.UpdateNodeGrantRequest{`
增加SSH认证连接测试功能 2021-04-18 21:19:50 +08:00			`NodeGrantId: params.GrantId,`
阶段性提交 2020-07-29 19:34:54 +08:00			`Name: params.Name,`
			`Method: params.Method,`
			`Username: params.Username,`
			`Password: params.Password,`
			`PrivateKey: params.PrivateKey,`
SSH登录支持Passphrase 2021-11-06 15:31:07 +08:00			`Passphrase: params.Passphrase,`
阶段性提交 2020-07-29 19:34:54 +08:00			`Description: params.Description,`
SSH认证支持sudo 2021-12-06 19:24:30 +08:00			`Su: params.Su,`
阶段性提交 2020-07-29 19:34:54 +08:00			`NodeId: 0,`
			`})`
			`if err != nil {`
			`this.ErrorPage(err)`
			`return`
			`}`

			`this.Success()`
			`}`