diff --git a/Aries/Aries/settings.py b/Aries/Aries/settings.py index a2ef65b..2503933 100644 --- a/Aries/Aries/settings.py +++ b/Aries/Aries/settings.py @@ -306,3 +306,7 @@ POLL_TIME = 600 import sumSpace sumSpace.run(POLL_TIME) + +#admin页面白名单IP +WHITELIST_SETTINGS = SETTINGS['WHITELIST'] +WHITELIST_IP = WHITELIST_SETTINGS['WHITELIST_IP'] \ No newline at end of file diff --git a/Aries/Aries/urls.py b/Aries/Aries/urls.py index 2a6faee..161b0ab 100644 --- a/Aries/Aries/urls.py +++ b/Aries/Aries/urls.py @@ -7,7 +7,8 @@ admin.autodiscover() import views urlpatterns = [ - url(r'^admin/', include(admin.site.urls)), + #url(r'^admin/', include(admin.site.urls)), + url(r'^admin/', views.permission_check), url(r'^v1/user_auth/', include('user_auth.urls')), url(r'^v1/hdfs/', include('hdfs.urls')), url(r'^v1/codis/', include('codis.urls')), diff --git a/Aries/Aries/views.py b/Aries/Aries/views.py index 413ff9e..85c84fb 100644 --- a/Aries/Aries/views.py +++ b/Aries/Aries/views.py @@ -9,6 +9,7 @@ from user_auth.models import * from ldap_client import ldap_get_vaild from django.views.decorators.csrf import ensure_csrf_cookie +from django.conf import settings def is_admin(account,cur_space_in): is_supper = 0 @@ -170,3 +171,25 @@ def index(request): user = "" user = json.dumps(user) return render_to_response('index/index.html',locals()) + +def permission_check(request): + from django.contrib import admin + from django.conf.urls import patterns,url,include + import urls + admin.autodiscover() + if request.META.has_key('HTTP_X_FORWARDED_FOR'): + ip = request.META['HTTP_X_FORWARDED_FOR'] + else: + ip = request.META['REMOTE_ADDR'] + whitelist = settings.WHITELIST_IP + temp = False + for i in whitelist: + #ac_logger.error('\n\n\n ip is :\n %s \n\n\n'%ip) + #ac_logger.error('\n\n\n whitelist ip is :\n %s \n\n\n'%i) + if ip.startswith(i): + temp = True + break + if temp: + urls.urlpatterns[0] = url(r'^admin/', include(admin.site.urls)) + else: + return HttpResponse('

Permission Forbidden!

') \ No newline at end of file diff --git a/sbin/Aries.yaml b/sbin/Aries.yaml index a240b14..5bde0ac 100644 --- a/sbin/Aries.yaml +++ b/sbin/Aries.yaml @@ -72,3 +72,7 @@ OPENSTACK: IP_CINDER: "192.168.190.11" PORT_CINDER: 8776 +WHITELIST: + WHITELIST_IP: + - "192." + - "10." \ No newline at end of file