mm
This commit is contained in:
@@ -127,4 +127,17 @@ amf:
|
|||||||
optional: "false"
|
optional: "false"
|
||||||
filter: ""
|
filter: ""
|
||||||
display: "CMD"
|
display: "CMD"
|
||||||
comment: ""
|
comment: ""
|
||||||
|
subsManagement:
|
||||||
|
display: "Subscriber Management"
|
||||||
|
mml:
|
||||||
|
- operation: "list"
|
||||||
|
object: "imsi"
|
||||||
|
display: "List Online IMSI"
|
||||||
|
params:
|
||||||
|
- name: "imsi"
|
||||||
|
type: "string"
|
||||||
|
optional: "false"
|
||||||
|
filter: "32"
|
||||||
|
display: "IMSI"
|
||||||
|
comment: ""
|
||||||
@@ -260,14 +260,15 @@ func ExtDatabaseGetData(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pack := "dbrest"
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
module := vars["managementModule"]
|
module := vars["managementModule"]
|
||||||
dbname := vars["dataStorage"]
|
dbname := vars["dataStorage"]
|
||||||
tbname := vars["dataObject"]
|
tbname := vars["dataObject"]
|
||||||
|
|
||||||
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s", token, r.Method, module, dbname, tbname)
|
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s", token, r.Method, module, dbname, tbname, pack)
|
||||||
|
|
||||||
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, dbname, tbname)
|
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, dbname, tbname, pack)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Failed to get permission:", err)
|
log.Error("Failed to get permission:", err)
|
||||||
services.ResponseForbidden403NotPermission(w)
|
services.ResponseForbidden403NotPermission(w)
|
||||||
@@ -353,9 +354,10 @@ func ExtDatabaseInsertData(w http.ResponseWriter, r *http.Request) {
|
|||||||
module := vars["managementModule"]
|
module := vars["managementModule"]
|
||||||
dbname := vars["dataStorage"]
|
dbname := vars["dataStorage"]
|
||||||
tbname := vars["dataObject"]
|
tbname := vars["dataObject"]
|
||||||
|
pack := "dbrest"
|
||||||
|
|
||||||
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s", token, r.Method, module, dbname, tbname)
|
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s pack:%s", token, r.Method, module, dbname, tbname, pack)
|
||||||
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, dbname, tbname)
|
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, dbname, tbname, pack)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Failed to get permission:", err)
|
log.Error("Failed to get permission:", err)
|
||||||
services.ResponseForbidden403NotPermission(w)
|
services.ResponseForbidden403NotPermission(w)
|
||||||
@@ -408,9 +410,10 @@ func ExtDatabaseUpdateData(w http.ResponseWriter, r *http.Request) {
|
|||||||
module := vars["managementModule"]
|
module := vars["managementModule"]
|
||||||
dbname := vars["dataStorage"]
|
dbname := vars["dataStorage"]
|
||||||
tbname := vars["dataObject"]
|
tbname := vars["dataObject"]
|
||||||
|
pack := "dbrest"
|
||||||
|
|
||||||
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s", token, r.Method, module, dbname, tbname)
|
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s pack:%s", token, r.Method, module, dbname, tbname, pack)
|
||||||
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, dbname, tbname)
|
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, dbname, tbname, pack)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Failed to get permission:", err)
|
log.Error("Failed to get permission:", err)
|
||||||
services.ResponseForbidden403NotPermission(w)
|
services.ResponseForbidden403NotPermission(w)
|
||||||
@@ -470,9 +473,10 @@ func ExtDatabaseDeleteData(w http.ResponseWriter, r *http.Request) {
|
|||||||
module := vars["managementModule"]
|
module := vars["managementModule"]
|
||||||
dbname := vars["dataStorage"]
|
dbname := vars["dataStorage"]
|
||||||
tbname := vars["dataObject"]
|
tbname := vars["dataObject"]
|
||||||
|
pack := "dbreset"
|
||||||
|
|
||||||
log.Debugf("token:%s, method:%s, module:%, dbname:%s, tbname:%s", token, r.Method, module, dbname, tbname)
|
log.Debugf("token:%s, method:%s, module:%, dbname:%s, tbname:%s pack:%s", token, r.Method, module, dbname, tbname, pack)
|
||||||
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, dbname, tbname)
|
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, dbname, tbname, pack)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Failed to get permission:", err)
|
log.Error("Failed to get permission:", err)
|
||||||
services.ResponseForbidden403NotPermission(w)
|
services.ResponseForbidden403NotPermission(w)
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ package lm
|
|||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"os/exec"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
@@ -93,9 +94,9 @@ func ExtDatabaseBackupData(w http.ResponseWriter, r *http.Request) {
|
|||||||
module := vars["managementModule"]
|
module := vars["managementModule"]
|
||||||
dbname := vars["dataStorage"]
|
dbname := vars["dataStorage"]
|
||||||
tbname := vars["dataObject"]
|
tbname := vars["dataObject"]
|
||||||
|
pack := "lm"
|
||||||
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s", token, r.Method, module, dbname, tbname)
|
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s pack:%s", token, r.Method, module, dbname, tbname, pack)
|
||||||
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, dbname, tbname)
|
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, dbname, tbname, pack)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Failed to get permission:", err)
|
log.Error("Failed to get permission:", err)
|
||||||
services.ResponseForbidden403NotPermission(w)
|
services.ResponseForbidden403NotPermission(w)
|
||||||
@@ -108,15 +109,16 @@ func ExtDatabaseBackupData(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
var sql string
|
var sql string
|
||||||
|
var filePath string
|
||||||
switch tbname {
|
switch tbname {
|
||||||
case "operation_log":
|
case "operation_log":
|
||||||
filePath := fmt.Sprintf("%s/%s-%s.csv", config.GetYamlConfig().Database.Backup, tbname, time.Now().Local().Format(global.DateData))
|
filePath = fmt.Sprintf("/tmp/%s-%s.csv", tbname, time.Now().Local().Format(global.DateData))
|
||||||
sql = fmt.Sprintf("select * into outfile '%s' fields terminated by ',' escaped by '' optionally enclosed by '' lines terminated by '\n' from (select 'op_id','account_name','op_ip','subsys_tag','op_type','op_content','op_result','begin_time','end_time','vnf_flag','log_time' union select op_id,account_name,op_ip,subsys_tag,op_type,op_content,op_result,begin_time,end_time,vnf_flag,log_time from operation_log) b", filePath)
|
sql = fmt.Sprintf("select * into outfile '%s' fields terminated by ',' escaped by '' optionally enclosed by '' lines terminated by '\n' from (select 'op_id','account_name','op_ip','subsys_tag','op_type','op_content','op_result','begin_time','end_time','vnf_flag','log_time' union select op_id,account_name,op_ip,subsys_tag,op_type,op_content,op_result,begin_time,end_time,vnf_flag,log_time from operation_log) b", filePath)
|
||||||
case "security_log":
|
case "security_log":
|
||||||
filePath := fmt.Sprintf("%s/%s-%s.csv", config.GetYamlConfig().Database.Backup, tbname, time.Now().Local().Format(global.DateData))
|
filePath = fmt.Sprintf("/tmp/%s-%s.csv", tbname, time.Now().Local().Format(global.DateData))
|
||||||
sql = fmt.Sprintf("select * into outfile '%s' fields terminated by ',' escaped by '' optionally enclosed by '' lines terminated by '\n' from (select 'id','account_name','account_type','op_ip','op_type','op_content','op_result','op_time' union select id,account_name,account_type,op_ip,op_type,op_content,op_result,op_time from security_log) b", filePath)
|
sql = fmt.Sprintf("select * into outfile '%s' fields terminated by ',' escaped by '' optionally enclosed by '' lines terminated by '\n' from (select 'id','account_name','account_type','op_ip','op_type','op_content','op_result','op_time' union select id,account_name,account_type,op_ip,op_type,op_content,op_result,op_time from security_log) b", filePath)
|
||||||
case "alarm_log":
|
case "alarm_log":
|
||||||
filePath := fmt.Sprintf("%s/%s-%s.csv", config.GetYamlConfig().Database.Backup, tbname, time.Now().Local().Format(global.DateData))
|
filePath = fmt.Sprintf("/tmp/%s-%s.csv", tbname, time.Now().Local().Format(global.DateData))
|
||||||
sql = fmt.Sprintf("select * into outfile '%s' fields terminated by ',' escaped by '' optionally enclosed by '' lines terminated by '\n' from (select 'id','ne_type','ne_id','alarm_seq','alarm_id','alarm_code','alarm_status','event_time','log_time' union select id,ne_type,ne_id,alarm_seq,alarm_id,alarm_code,alarm_status,event_time,log_time from alarm_log) b", filePath)
|
sql = fmt.Sprintf("select * into outfile '%s' fields terminated by ',' escaped by '' optionally enclosed by '' lines terminated by '\n' from (select 'id','ne_type','ne_id','alarm_seq','alarm_id','alarm_code','alarm_status','event_time','log_time' union select id,ne_type,ne_id,alarm_seq,alarm_id,alarm_code,alarm_status,event_time,log_time from alarm_log) b", filePath)
|
||||||
default:
|
default:
|
||||||
log.Error("error target table")
|
log.Error("error target table")
|
||||||
@@ -132,6 +134,14 @@ func ExtDatabaseBackupData(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
affected, _ := res.RowsAffected()
|
affected, _ := res.RowsAffected()
|
||||||
|
|
||||||
|
cmd := exec.Command("cp", "-rf", filePath, config.GetYamlConfig().Database.Backup)
|
||||||
|
out, err := cmd.CombinedOutput()
|
||||||
|
log.Tracef("Exec output: %v", string(out))
|
||||||
|
if err != nil {
|
||||||
|
log.Errorf("Faile to exec:", err)
|
||||||
|
services.ResponseInternalServerError500ProcessError(w, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
mapRow := make(map[string]interface{})
|
mapRow := make(map[string]interface{})
|
||||||
row := map[string]interface{}{"affectedRows": affected}
|
row := map[string]interface{}{"affectedRows": affected}
|
||||||
mapRow[tbname] = row
|
mapRow[tbname] = row
|
||||||
|
|||||||
@@ -55,7 +55,7 @@ func PostMMLToNF(w http.ResponseWriter, r *http.Request) {
|
|||||||
log.Error("Request error:", err)
|
log.Error("Request error:", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
pack := "mml"
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
module := vars["managementModule"]
|
module := vars["managementModule"]
|
||||||
neType := vars["elementTypeValue"]
|
neType := vars["elementTypeValue"]
|
||||||
@@ -68,13 +68,14 @@ func PostMMLToNF(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
log.Debug("neType:", neType, "neId", neId)
|
log.Debug("neType:", neType, "neId", neId)
|
||||||
|
|
||||||
log.Debugf("token:%s, method:%s, managementModule:%s dbname:%s, tbname:%s", token, r.Method, module, neType, neId[0])
|
log.Debugf("token:%s, method:%s, managementModule:%s dbname:%s, tbname:%s pack:%s",
|
||||||
|
token, r.Method, module, neType, neId[0], pack)
|
||||||
|
|
||||||
var buf [8192]byte
|
var buf [8192]byte
|
||||||
var n int
|
var n int
|
||||||
var mmlResult []string
|
var mmlResult []string
|
||||||
|
|
||||||
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, neType, neId[0])
|
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), module, neType, neId[0], pack)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Failed to get permission:", err)
|
log.Error("Failed to get permission:", err)
|
||||||
errMsg := fmt.Sprintf("RetCode = -1 operation failed: do not have the operation permissions")
|
errMsg := fmt.Sprintf("RetCode = -1 operation failed: do not have the operation permissions")
|
||||||
|
|||||||
@@ -1484,14 +1484,14 @@ type permission struct {
|
|||||||
Object string `json:"object"`
|
Object string `json:"object"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func IsPermissionAllowed(token, method, module, dbname, tbname string) (bool, error) {
|
func IsPermissionAllowed(token, method, module, dbname, tbname, pack string) (bool, error) {
|
||||||
log.Info("IsPermissionAllowed processing... ")
|
log.Info("IsPermissionAllowed processing... ")
|
||||||
|
|
||||||
exist, err := xEngine.Table("permission").
|
exist, err := xEngine.Table("permission").
|
||||||
Join("INNER", "role_permission", "permission.permission_name = role_permission.p_name").
|
Join("INNER", "role_permission", "permission.permission_name = role_permission.p_name").
|
||||||
Join("INNER", "user_role", "role_permission.r_name = user_role.r_name").
|
Join("INNER", "user_role", "role_permission.r_name = user_role.r_name").
|
||||||
Join("INNER", "session", "user_role.u_name = session.account_id and session.access_token=?", token).
|
Join("INNER", "session", "user_role.u_name = session.account_id and session.access_token=?", token).
|
||||||
Where("method in ('*',?) and management in ('*',?) and element in ('*',?) and object in ('*',?)", method, module, dbname, tbname).
|
Where("method in ('*',?) and module in ('*',?) and management in ('*',?) and element in ('*',?) and object in ('*',?)", method, pack, module, dbname, tbname).
|
||||||
Exist()
|
Exist()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false, err
|
return false, err
|
||||||
|
|||||||
@@ -417,7 +417,7 @@ func CheckCommonValidRequest(w http.ResponseWriter, r *http.Request) (string, er
|
|||||||
return token, nil
|
return token, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func CheckUserPermission(token, method, module, dbname, tbname string) (bool, error) {
|
func CheckUserPermission(token, method, module, dbname, tbname, pack string) (bool, error) {
|
||||||
if config.GetYamlConfig().OMC.RBACMode == true {
|
if config.GetYamlConfig().OMC.RBACMode == true {
|
||||||
if module == "" {
|
if module == "" {
|
||||||
module = "*"
|
module = "*"
|
||||||
@@ -428,7 +428,7 @@ func CheckUserPermission(token, method, module, dbname, tbname string) (bool, er
|
|||||||
if tbname == "" {
|
if tbname == "" {
|
||||||
tbname = "*"
|
tbname = "*"
|
||||||
}
|
}
|
||||||
exist, err := dborm.IsPermissionAllowed(token, method, module, dbname, tbname)
|
exist, err := dborm.IsPermissionAllowed(token, method, module, dbname, tbname, pack)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -15,5 +15,5 @@ database:
|
|||||||
name: omc_db
|
name: omc_db
|
||||||
|
|
||||||
mml:
|
mml:
|
||||||
filedir: ../../config/mml/omc
|
filedir: ../../config/mml/system
|
||||||
table: mml_command
|
table: mml_system
|
||||||
|
|||||||
@@ -45,4 +45,5 @@ sys_extended
|
|||||||
sys_backup
|
sys_backup
|
||||||
pm_template
|
pm_template
|
||||||
monitor_warn
|
monitor_warn
|
||||||
ne_check
|
ne_check
|
||||||
|
ne_pool
|
||||||
Reference in New Issue
Block a user