Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
C
coco
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
coco
Commits
b66d9a5f
Unverified
Commit
b66d9a5f
authored
Jul 06, 2019
by
老广
Committed by
GitHub
Jul 06, 2019
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #236 from jumpserver/dev
Dev
parents
a8320a5c
8899fe5e
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
16 additions
and
4 deletions
+16
-4
app.py
coco/app.py
+1
-1
models.py
coco/models.py
+9
-0
proxy.py
coco/proxy.py
+4
-0
sftp.py
coco/sftp.py
+1
-2
requirements.txt
requirements/requirements.txt
+1
-1
No files found.
coco/app.py
View file @
b66d9a5f
...
...
@@ -23,7 +23,7 @@ from .session import Session
from
.models
import
Connection
__version__
=
'1.5.
0
'
__version__
=
'1.5.
1
'
BASE_DIR
=
os
.
path
.
dirname
(
os
.
path
.
dirname
(
__file__
))
logger
=
get_logger
(
__file__
)
...
...
coco/models.py
View file @
b66d9a5f
...
...
@@ -261,6 +261,15 @@ class BaseServer(object):
msg
=
_
(
"Command `{}` is forbidden ........"
)
.
format
(
cmd
)
data
=
self
.
command_forbidden
(
msg
)
break
elif
action
==
rule
.
ERROR
:
msg
=
"Command filter check exceptions "
\
"(for safety, check for consistency of rule type "
\
"and content in command filter)"
logger
.
warning
(
msg
)
_filter
=
"Command filter rule: {}"
.
format
(
rule
.
content
.
replace
(
'
\r\n
'
,
' '
)
)
logger
.
warning
(
_filter
)
return
data
def
command_forbidden
(
self
,
msg
):
...
...
coco/proxy.py
View file @
b66d9a5f
...
...
@@ -79,6 +79,7 @@ class ProxyServer:
logger
.
error
(
msg
)
self
.
client
.
send_unicode
(
msg
)
self
.
server
.
close
()
return
try
:
session
.
bridge
()
...
...
@@ -151,6 +152,9 @@ class ProxyServer:
)
if
not
conn
or
not
conn
.
is_active
:
return
None
else
:
# 采用复用连接创建session时,系统用户用户名如果为空,创建session-400
self
.
system_user
=
conn
.
system_user
else
:
conn
=
SSHConnection
.
new_connection
(
self
.
client
.
user
,
self
.
asset
,
self
.
system_user
...
...
coco/sftp.py
View file @
b66d9a5f
...
...
@@ -13,7 +13,6 @@ from .service import app_service
from
.connection
import
SSHConnection
from
.const
import
(
PERMS_ACTION_NAME_DOWNLOAD_FILE
,
PERMS_ACTION_NAME_UPLOAD_FILE
,
PERMS_ACTION_NAME_ALL
,
)
CURRENT_DIR
=
os
.
path
.
dirname
(
__file__
)
...
...
@@ -267,7 +266,7 @@ class SFTPServer(paramiko.SFTPServerInterface):
@staticmethod
def
validate_permission
(
system_user
,
action
):
check_actions
=
[
PERMS_ACTION_NAME_ALL
,
action
]
check_actions
=
[
action
]
granted_actions
=
getattr
(
system_user
,
'actions'
,
[])
actions
=
list
(
set
(
granted_actions
)
.
intersection
(
set
(
check_actions
)))
return
bool
(
actions
)
...
...
requirements/requirements.txt
View file @
b66d9a5f
...
...
@@ -19,7 +19,7 @@ itsdangerous==0.24
Jinja2==2.10.1
jmespath==0.9.3
jms-storage==0.0.23
jumpserver-python-sdk==0.0.6
3
jumpserver-python-sdk==0.0.6
4
MarkupSafe==1.0
oss2==2.4.0
paramiko==2.4.2
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment