You are here
自己亲自写的代码 连 ISE 有大用 有大大用 有大大大用 有大大大大用
星期日, 2023-09-24 01:31 — adminshiping1
custom_twenty_three_ise.module
<?php
function custom_twenty_three_ise_permission()
{
return array('operation ise'=>array(
'title' => t('operation ise'),
'description' => t('operation ise'),
)
);
}
function custom_twenty_three_ise_menu()
{
$items['query_modify_ise'] = array(
'title' => '查询更改ise',
'page callback' => 'custom_twenty_three_ise_query_ise',
'access arguments' => array('operation ise'),
);
$items['batch_del_ise'] = array(
'title' => '批量刪除ise中的mac',
'page callback' => 'custom_twenty_three_batch_del_ise',
'access arguments' => array('operation ise'),
);
$items['clean_dhcp'] = array(
'title' => '清理dhcp保留',
'page callback' => 'custom_twenty_three_batch_clean_dhcp',
'access arguments' => array('operation ise'),
);
return $items;
}
function custom_twenty_three_ise_init()
{
//这是命令行执行的话 就返回 为的是drupal 能够顺利执行
if (!empty($_SERVER["USER"]) && 'root' == $_SERVER["USER"]) {
//$param_arr = getopt('q:generate_dhcpclients:');
$param_arr = getopt('', ['q:']);
$_GET = $param_arr;
}
}
function custom_twenty_three_batch_del_ise()
{
$table = '';
foreach($_SESSION['transform_to_ise_infos'] as $key=>$value){
$table .='<table>';
foreach($value as $sonKey=>$mac){
$table .= '<tr><td>';
$table .= $mac;
$table .= '</td></tr>';
}
$table .='</table>';
// $table .='<br/>';
}
$form = drupal_get_form('batch_ise_form');
$output = array(
'first_para' => $form,
'second_para' => array(
'#type' => 'markup',
'#markup' => $table,
),
);
return $output;
}
//有关无线的名称,,这里我们只用到无线
function _get_dhcp_net_area_key_value()
{
return array(
'js_nst'=>'A1-NPI-L2-Wireless',
'js_nyb'=>'A1-NPI-L3-Wireless',
'js_mst'=>'A-MP-L2-Wireless',
'js_myb'=>'A-MP-L3-Wireless',
'js_b_mst'=>'B-MP-L2-Wireless',
'js_b_myb'=>'B-MP-L3-Wireless',
'js_a_cpc'=>'A2-CPC-L3-Wireless', //A1似乎没有CPC 的无线网
'js_b_cpc'=>'B-CPC-L3-Wireless',
'js_tst'=>array('Luxshare-TAB-NST','Luxshare-B-TAB-NST'),
'js_tyb'=>array('Luxshare-TAB-NYB','Luxshare-B-TAB-NYB'),
);
}
function _get_dhcp_net_area_key_value_flip()
{
$arr = _get_dhcp_net_area_key_value();
$new_arr = array();
foreach($arr as $key=>$value)
{
if(!is_array($value)){
$new_arr[$value] = $key;
}else{
foreach($value as $son_key=>$son_value){
$new_arr[$son_value] = $key;
}
}
}
return $new_arr;
}
//清理的本质是 dhcp 上的mac所在的组 与 ise上面的mac所在的组进行比较,,,如果某个mac在dhcp上有保留,但是
function custom_twenty_three_batch_clean_dhcp()
{
$all_ises = _query_all_ise();
$all_ises_one_dim = array();
foreach($all_ises as $key=>$row)
{
/* 下面的一行代码执行后,, $all_ises_one_dim 的是结果 类似于 如下
array(3349) {
["80:2B:F9:5C:51:E7"]=>
string(6) "js_nst"
["D8:12:65:D4:A8:43"]=>
string(8) "js_b_cpc"
........
* )
*/
$all_ises_one_dim[$row['mac']] = _ise_level_flip()[$row['endpointgroup']];
}
$sql = " select n.nid,net_area.field_jses_net_area_value,mac.field_jses_mac_value from node n inner join field_data_field_jses_mac mac on n.nid=mac.entity_id
inner join field_data_field_jses_net_area net_area on n.nid=net_area.entity_id
inner join field_data_field_jses_lease_expires expire on n.nid=expire.entity_id
where type='jses_dhcp'
and mac.entity_type='node' and mac.bundle='jses_dhcp'
and net_area.entity_type='node' and net_area.bundle='jses_dhcp'
and expire.entity_type='node' and expire.bundle='jses_dhcp'
and expire.field_jses_lease_expires_value='9999-12-31'
";
$dhcp_arr = array();
$results = db_query($sql)->fetchAll();
foreach($results as $key=>$obj)
{
/* 下面的一行代码执行后,, $dhcp_arr 的是结果 类似于 如下
array(3740) {
[0]=>
array(2) {
[0]=>
string(17) "F8-E4-3B-5B-5E-11"
[1]=>
string(8) "js_a_cpc"
}
[1]=>
array(2) {
[0]=>
string(17) "9C-5A-44-47-6E-53"
[1]=>
string(6) "js_tyb"
......
}
*/
$dhcp_arr[$obj->nid]=array($obj->field_jses_mac_value,_get_dhcp_net_area_key_value_flip()[$obj->field_jses_net_area_value]);
}
// var_dump($all_ises_one_dim);
foreach($dhcp_arr as $key=>$value){
$value[0] = strtoupper(_mac_replace_to_zhong_duan_heng_maohao_dian($value[0],':'));
$dhcp_arr[$key] = $value;
if(empty($value[1])){
unset($dhcp_arr[$key]);//称除 不相干的 比如 'js_nst','js_nyb','js_mst','js_myb','js_b_mst','js_b_myb','js_a_cpc','js_b_cpc','js_tst','js_tyb' 之外的
}
}
//如果 某个dhcp中的mac 地址 在 ise 中 ('js_nst','js_nyb','js_mst','js_myb','js_b_mst','js_b_myb','js_a_cpc','js_b_cpc','js_tst','js_tyb') 没有相应的值
//我们就删除这个保留
foreach($dhcp_arr as $key=>$row)
{
if( $row[1] != $all_ises_one_dim[$row[0]]){ //dhcp中的mac所在的组 不等于 ise中这个mac所在的组,我们就 删除保留吧
$node = node_load($key);
$result = _my_DeleteReservation_for_jses_dhcp($node);
if (is_array($result) && !empty($result['failed'])) {
drupal_set_message($result['failed'], 'warning');
} else {
drupal_set_message("在dhcp上成功删除此mac {$row[0]} 地址在 {$row[1]} 上的保留");
}
$result2 = _my_create_lease_for_jses_dhcp($node);
if (is_array($result2) && !empty($result2['failed'])) {
drupal_set_message($result2['failed'], 'warning');
} else {
// drupal_set_message('在dhcp上成功创建此mac地址的租约'); 这里可以不用提示了吧,因为在 _my_create_lease_for_jses_dhcp 已经提示
}
$result3 = _my_SubnetFindOneClient_by_jses_dhcp_node($node);
if (is_array($result3) && !empty($result3['failed'])) {
drupal_set_message($result3['failed'], 'warning');
node_delete($node->nid);
} else {
$one_client = $result3->SubnetFindOneClientResult;
$one_client = _object_to_array($one_client);
$one_client = _my_OneClientResult_two_dim_array($one_client);
$node->field_jses_lease_expires['und'][0]['value'] = _removeCnEnSpace(_my_get_LeaseExpires($one_client));
node_save($node);
}
}
}
//是命令执行的话,就不跳转
if (!empty($_SERVER["USER"]) && 'root' == $_SERVER["USER"]) {
//
}
else{//直接在浏览器执行的话,就跳转
drupal_goto('list_dhcps');//跳转
}
}
function batch_ise_form()
{
$form['mac_address'] = array(
'#type' => 'textarea',
'#title' => t('mac address'),
'#cols' => 60,
'#rows' => 10,
'#default_value' => $_SESSION['transfor_form_textarea'],
'#description' => '一行一个mac地址中短横,冒号及连在一起的mac都可以;'
);
//提交按钮 //
$form['submit'] = array('#type' => 'submit', '#value' => t('submit'));
unset($_SESSION['transfor_form_textarea']);
unset($_SESSION['transform_to_ise_infos']);
return $form;
}
function batch_ise_form_submit(&$form, &$form_state)
{
$mac_address = trim($form_state['values']['mac_address']);
$_SESSION['transfor_form_textarea'] = $mac_address;
// var_dump($mac_address);
$mac_address_arr = explode("\n", $mac_address);
foreach ($mac_address_arr as $key => $one) {
$mac_address_arr[$key] = _mac_replace_to_zhong_duan_heng_maohao_dian(_removeCnEnSpace($one),':');
}
foreach($mac_address_arr as $key=>$one)
{
$query_ise_result = _query_ise($one);
if(empty($query_ise_result['endpointgroup'])){
unset($mac_address_arr[$key]);
drupal_set_message("{$one} 不存在,无须删除",'warning');
}else{
//_update_delete_ise($one,0,'fc_delete_button');
}
}
_update_delete_ises($mac_address_arr,0,'fc_delete_button'); //对于删除来说 ,第二个参数其实没有意义,我们设为 0 吧
}
function _get_ise_host()
{
return '192.168.0.53';//这里是使用ip吧
}
function _get_ise_user_password()
{
return array('username'=>'AAAA','password'=>'BBBB');
}
function _my_curl_pre_login_ise($method = 'GET')
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://"._get_ise_host()."/login/?next=/");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // to resolve your current error
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); // 模拟用户使用的浏览器
$response = curl_exec($ch);
if (curl_error($ch)) {
$response = curl_error($ch);
}
curl_close($ch);
return $response;
}
function _my_curl_login_ise($method = 'POST',$data='',$cookie)
{
$header[] = $_SERVER['HTTP_USER_AGENT'];
$header[] = "Host:192.168.0.53";
$header[] = 'Pragma:no-cache';
$header[] = 'Connection:keep-Alive';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://"._get_ise_host()."/login/?next=/");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // to resolve your current error
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); // 模拟用户使用的浏览器 为什么Firefox 有问题
curl_setopt($ch, CURLOPT_POSTFIELDS,$data); // Post提交的数据包
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
curl_setopt ($ch,CURLOPT_REFERER,"https://"._get_ise_host()."/login/?next=/");
curl_setopt ($ch,CURLOPT_COOKIE,$cookie);
curl_setopt($ch, CURLOPT_HEADER, 1);
$response = curl_exec($ch);
if (curl_error($ch)) {
$response = curl_error($ch);
}
curl_close($ch);
return $response;
}
function _my_curl_search_ise($method = 'GET',$mac='',$p='',$cookie)
{
// $cookieFile = dirname(__FILE__).'cookie.curl.tmp';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://"._get_ise_host()."/npiadmin/ise_query/?q={$mac}&p={$p}");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // to resolve your current error
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); // 模拟用户使用的浏览器
curl_setopt($ch,CURLOPT_COOKIE,$cookie);
curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE);
$response = curl_exec($ch);
if (curl_error($ch)) {
$response = curl_error($ch);
}
curl_close($ch);
return $response;
}
//或更新 或删除
function _my_curl_update_delete_ise($method = 'POST',$data='',$cookie,$mac_param)
{
$header[] = $_SERVER['HTTP_USER_AGENT'];
$header[] = "Host:"._get_ise_host()."";
$header[] = 'Pragma:no-cache';
$header[] = 'Connection:keep-Alive';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://"._get_ise_host()."/npiadmin/ise_query/ajax?q=".$mac_param);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // to resolve your current error
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); // 模拟用户使用的浏览器
curl_setopt($ch, CURLOPT_POSTFIELDS,$data); // Post提交的数据包
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_AUTOREFERER, 1);
curl_setopt($ch,CURLOPT_REFERER,"https://"._get_ise_host()."/npiadmin/ise_query/ajax?q=".$mac_param);
curl_setopt($ch,CURLOPT_COOKIE,$cookie);
// curl_setopt($ch, CURLOPT_HEADER, 1);
$response = curl_exec($ch);
if (curl_error($ch)) {
$response = curl_error($ch);
}
curl_close($ch);
return $response;
}
//根据mac地址查询ise
function _query_ise($mac)
{
$result = _my_curl_pre_login_ise();
preg_match_all('|name="csrfmiddlewaretoken".*value="(.*)"|isU',$result,$m);
$csrf_token = $m[1][0];
$ise_user_password = _get_ise_user_password();
$data= "csrfmiddlewaretoken={$csrf_token}&username={$ise_user_password['username']}&password={$ise_user_password['password']}&name=/";
$cookie = "csrftoken={$csrf_token}";
$result1 = _my_curl_login_ise('POST',$data,$cookie);
preg_match_all('|csrftoken=(.*);|isU',$result1,$m1);
$csrf_token1 = $m1[1][0];
preg_match_all('|sessionid=(.*);|isU',$result1,$m2);
$sessionid = $m2[1][0];
//var_dump($csrf_token1);
//echo "<br/>";
//var_dump($sessionid);
//exit;
$cookie1="sessionid={$sessionid}";
$result2 = _my_curl_search_ise('GET',$mac,'',$cookie1);
preg_match_all('|class="field-mac">(.*)<|isU',$result2,$m3);
$mac = $m3[1][0];
preg_match_all('|class="field-endpointgroup">(.*)<|isU',$result2,$m4);
$endpointgroup = $m4[1][0];
return compact('mac','endpointgroup');
}
//查询所有的ise
function _query_all_ise()
{
$result = _my_curl_pre_login_ise();
preg_match_all('|name="csrfmiddlewaretoken".*value="(.*)"|isU',$result,$m);
$csrf_token = $m[1][0];
$ise_user_password = _get_ise_user_password();
$data= "csrfmiddlewaretoken={$csrf_token}&username={$ise_user_password['username']}&password={$ise_user_password['password']}&name=/";
$cookie = "csrftoken={$csrf_token}";
$result1 = _my_curl_login_ise('POST',$data,$cookie);
preg_match_all('|csrftoken=(.*);|isU',$result1,$m1);
$csrf_token1 = $m1[1][0];
preg_match_all('|sessionid=(.*);|isU',$result1,$m2);
$sessionid = $m2[1][0];
//var_dump($csrf_token1);
//echo "<br/>";
//var_dump($sessionid);
//exit;
$cookie1="sessionid={$sessionid}";
$result2 = _my_curl_search_ise('GET','','',$cookie1);//第一个参数为 mac 地址 (我们这里为空),第二个参数为第几页p (我们这里为空,默认是第1页吧)
preg_match_all('|:total="(.*)"|isU',$result2,$m3);
$total = $m3[1][0]; //得到 $total
$total_pages = ceil($total/20); //每页是20条数据
empty($total_pages) && $total_pages = 1; //至少让它等于1吧
$all_ises = array();
for($i=1;$i<=$total_pages;$i++)
{
$result3 = _my_curl_search_ise('GET','',$i,$cookie1); //第一个参数为 mac 地址 (我们这里为空),第二个参数为第几页p (我们这里从第1页开始至 $total_pages,循环取结果 )
preg_match_all('|class="field-mac">(.*)<|isU',$result3,$m4);
$macs = $m4[1];
preg_match_all('|class="field-endpointgroup">(.*)<|isU',$result3,$m5);
$endpointgroups = $m5[1];
$tmp_arr = array();
foreach($macs as $key=>$value){
$tmp_arr[$key] = array('mac'=>strtoupper($macs[$key]),'endpointgroup'=>$endpointgroups[$key]);
}
$all_ises = array_merge($all_ises,$tmp_arr);
}
return $all_ises;
}
/*function _update_ise($form,$form_state)
{
//预登录 ise
$result = _my_curl_pre_login_ise();
preg_match_all('|name="csrfmiddlewaretoken".*value="(.*)"|isU',$result,$m);
$csrf_token = $m[1][0];
//登录 ise
$ise_user_password = _get_ise_user_password();
$data= "csrfmiddlewaretoken={$csrf_token}&username={$ise_user_password['username']}&password={$ise_user_password['password']}&name=/";
$cookie = "csrftoken={$csrf_token}";
$result1 = _my_curl_login_ise('POST',$data,$cookie);
preg_match_all('|csrftoken=(.*);|isU',$result1,$m1);
$csrf_token1 = $m1[1][0];
preg_match_all('|sessionid=(.*);|isU',$result1,$m2);
$sessionid = $m2[1][0];
//var_dump($csrf_token1);
//echo "<br/>";
//var_dump($sessionid);
//更新 ise
$mac="8C:C8:4B:F3:69:1F";
$cookie1="sessionid={$sessionid}";
$data1 = "_action=layer_input&_selected=&select_across=0&csrfmiddlewaretoken={$csrf_token1}&mac={$mac}&group=4";
$result2 = _my_curl_update_delete_ise($method = 'POST',$data1,$cookie1);
$result_arr2 = json_decode($result2,TRUE);
if(!empty($result_arr2['status']) && $result_arr2['status']='success'){
echo "更改ise 成功!";
}
else{
echo "可能不成功,可能本来就是这个权限组!";
}
}*/
function _ise_level()
{
return array(
'js_nst'=>'JS-Luxshare-NST',
'js_nyb'=>'JS-Luxshare-NYB',
'js_mst'=>'JS-Luxshare-MST',
'js_myb'=>'JS-Luxshare-MYB',
'js_b_mst'=>'JS-B-MST',
'js_b_myb'=>'JS-B-MYB',
'js_a_cpc'=>'JS-A-CPC',
'js_b_cpc'=>'JS-B-CPC',
'js_tst'=>'JS-TST',
'js_tyb'=>'JS-TYB',
);
}
//array_flip键值反转 ise 的 键值等级反转
function _ise_level_flip()
{
return array_flip(_ise_level());
}
//这里 执行update 还是 delete 其实 是由 $action 参数来决定
// $action 为 layer_input 就是更新
// $action 为 fc_delete_button 就是删除
function _update_delete_ise($mac,$new_ad_net_level,$action='layer_input')
{
$mac = _mac_replace_to_zhong_duan_heng_maohao_dian(_removeCnEnSpace($mac),':');
//预登录 获取 csrftoken
$result = _my_curl_pre_login_ise();
preg_match_all('|name="csrfmiddlewaretoken".*value="(.*)"|isU',$result,$m);
$csrf_token = $m[1][0];
//登录 获取 cookie 此时是获取新的 $csrf_token1 和 $sessionid
$ise_user_password = _get_ise_user_password();
$data= "csrfmiddlewaretoken={$csrf_token}&username={$ise_user_password['username']}&password={$ise_user_password['password']}&name=/";
$cookie = "csrftoken={$csrf_token}";
$result1 = _my_curl_login_ise('POST',$data,$cookie);
preg_match_all('|csrftoken=(.*);|isU',$result1,$m1);
$csrf_token1 = $m1[1][0];
preg_match_all('|sessionid=(.*);|isU',$result1,$m2);
$sessionid = $m2[1][0];
//获取 无线mac所在的组
//下面的查询功能 不要用吧,,,,,用了之后感觉到 把 mac 添加到 某个ise组里有问题 (但是 mac 地址修改到某个ise组没有问题!)
/*
$cookie1="sessionid={$sessionid}";
$result2 = _my_curl_search_ise($method = 'GET',$mac,$cookie1);
preg_match_all('|class="field-mac">(.*)<|isU',$result2,$m3);
$mac = $m3[1][0];
preg_match_all('|class="field-endpointgroup">(.*)<|isU',$result2,$m4);
$endpointgroup = $m4[1][0];
preg_match_all('|class="field-id"><a.*>(.*)</a><|isU',$result2,$m5);
$select = $m5[1][0];
empty($select) && $select = '';
preg_match_all('|name="csrfmiddlewaretoken".*value="(.*)"|isU',$result2,$m6);
$csrf_token2 = $m[1][0]; */
//假如 ise 上取得的权限组与 ad 上工号的权限组是一样的话,也要更新,所以下面几行就注释掉了
// if(_ise_level()[$new_ad_net_level] == $endpointgroup){
//drupal_set_message('ise上的权限组本来是: '.$endpointgroup." , 再次更新!");
// }
//假如不一样的话,我们就更新ise上的权限组
// $cookie1="sessionid={$sessionid}"; //感觉 $csrf_token1 不起作用
$cookie1="sessionid={$sessionid};csrftoken={$csrf_token1};theme=;theme_name=";
$ad_net_levels = array_keys(_ise_level());
$group = $key = array_search($new_ad_net_level, $ad_net_levels);
//$group 是李 的 ise 网站提交的数值 //感觉 $select 和 $csrf_token1 不起作用
//假如是吏新时
if($action == 'layer_input'){
$data1 = "_action=$action&_selected={$select}&select_across=0&csrfmiddlewaretoken={$csrf_token1}&mac={$mac}&group={$group}";
$result2 = _my_curl_update_delete_ise($method = 'POST',$data1,$cookie1,$mac);
$result_arr2 = json_decode($result2,TRUE);
if(!empty($result_arr2['status']) && $result_arr2['status']='success'){
drupal_set_message('ise上的权限组成功更新为: '._ise_level()[$new_ad_net_level]);
return ;
}
else{
// if(!$is_chaxun){
// drupal_set_message('ise上的权限组不能成功更新为: '._ise_level()[$new_ad_net_level].' 可能本来就在这个权限组');
// }
return ;
}
}else { //假如是删除时 ($action == 'fc_delete_button' 时
$data1 = "_action=$action&_selected={$select}&select_across=0&csrfmiddlewaretoken={$csrf_token1}";
$result2 = _my_curl_update_delete_ise($method = 'POST',$data1,$cookie1,$mac);
$result_arr2 = json_decode($result2,TRUE);
if(!empty($result_arr2['status']) && $result_arr2['status']='success'){
drupal_set_message("ise上的 {$mac} 地址已删除");
}
return ;
}
}
//批量执行
//这里 执行update 还是 delete 其实 是由 $action 参数来决定
// $action 为 layer_input 就是更新
// $action 为 fc_delete_button 就是删除
function _update_delete_ises($macs,$new_ad_net_level,$action='layer_input')
{
foreach($macs as $key=>$mac)
{
$mac = _mac_replace_to_zhong_duan_heng_maohao_dian(_removeCnEnSpace($mac),':');
$macs[$key] = $mac;
}
//预登录 获取 csrftoken
$result = _my_curl_pre_login_ise();
preg_match_all('|name="csrfmiddlewaretoken".*value="(.*)"|isU',$result,$m);
$csrf_token = $m[1][0];
//登录 获取 cookie 此时是获取新的 $csrf_token1 和 $sessionid
$ise_user_password = _get_ise_user_password();
$data= "csrfmiddlewaretoken={$csrf_token}&username={$ise_user_password['username']}&password={$ise_user_password['password']}&name=/";
$cookie = "csrftoken={$csrf_token}";
$result1 = _my_curl_login_ise('POST',$data,$cookie);
preg_match_all('|csrftoken=(.*);|isU',$result1,$m1);
$csrf_token1 = $m1[1][0];
preg_match_all('|sessionid=(.*);|isU',$result1,$m2);
$sessionid = $m2[1][0];
//获取 无线mac所在的组
//下面的查询功能 不要用吧,,,,,用了之后感觉到 把 mac 添加到 某个ise组里有问题 (但是 mac 地址修改到某个ise组没有问题!)
/*
$cookie1="sessionid={$sessionid}";
$result2 = _my_curl_search_ise($method = 'GET',$mac,$cookie1);
preg_match_all('|class="field-mac">(.*)<|isU',$result2,$m3);
$mac = $m3[1][0];
preg_match_all('|class="field-endpointgroup">(.*)<|isU',$result2,$m4);
$endpointgroup = $m4[1][0];
preg_match_all('|class="field-id"><a.*>(.*)</a><|isU',$result2,$m5);
$select = $m5[1][0];
empty($select) && $select = '';
preg_match_all('|name="csrfmiddlewaretoken".*value="(.*)"|isU',$result2,$m6);
$csrf_token2 = $m[1][0]; */
//假如 ise 上取得的权限组与 ad 上工号的权限组是一样的话,也要更新,所以下面几行就注释掉了
// if(_ise_level()[$new_ad_net_level] == $endpointgroup){
//drupal_set_message('ise上的权限组本来是: '.$endpointgroup." , 再次更新!");
// }
//假如不一样的话,我们就更新ise上的权限组
// $cookie1="sessionid={$sessionid}"; //感觉 $csrf_token1 不起作用
$cookie1="sessionid={$sessionid};csrftoken={$csrf_token1};theme=;theme_name=";
$ad_net_levels = array_keys(_ise_level());
$group = $key = array_search($new_ad_net_level, $ad_net_levels);
//$group 是李 的 ise 网站提交的数值 //感觉 $select 和 $csrf_token1 不起作用
//假如是吏新时
if($action == 'layer_input'){
foreach($macs as $key=>$mac)
{
$data1 = "_action=$action&_selected={$select}&select_across=0&csrfmiddlewaretoken={$csrf_token1}&mac={$mac}&group={$group}";
$result2 = _my_curl_update_delete_ise($method = 'POST',$data1,$cookie1,$mac);
$result_arr2 = json_decode($result2,TRUE);
if(!empty($result_arr2['status']) && $result_arr2['status']='success'){
drupal_set_message('ise上的权限组成功更新为: '._ise_level()[$new_ad_net_level]);
}
}
}else { //假如是删除时 ($action == 'fc_delete_button' 时
foreach($macs as $key=>$mac)
{
$data1 = "_action=$action&_selected={$select}&select_across=0&csrfmiddlewaretoken={$csrf_token1}";
$result2 = _my_curl_update_delete_ise($method = 'POST',$data1,$cookie1,$mac);
$result_arr2 = json_decode($result2,TRUE);
if(!empty($result_arr2['status']) && $result_arr2['status']='success'){
drupal_set_message("ise上的 {$mac} 地址已删除");
}
}
}
return ;
}
function js_ise_form()
{
$form['mac'] = array(
'#type' => 'textfield',
'#title' => t('mac地址:'),
'#size' => 30,
'#default_value' =>!empty($_GET['mac'])?_removeCnEnSpace($_GET['mac']):'' ,
);
$ise_groups = _ise_level();
$ise_groups = array_values($ise_groups);//让键全部变成数字
$ise_groups = array(-1=>'请选择')+ $ise_groups;
$form['group'] = array(
'#type' => 'select',
'#options' => $ise_groups,
// '#default_value' => !empty($_GET['group'])?$_GET['group']:''
'#default_value' => ''
);
$form['diqu'] = array('#type' => 'hidden', '#value' => _my_node_jses_terminal_manager_diqu());
$form['#method'] = 'get';
$form['#action'] = '/query_modify_ise';
//提交按钮 //
$form['submit'] = array('#type' => 'submit', '#value' => t('查询'));
$form['submit1'] = array('#type' => 'submit', '#value' => t('更改'));
$form['#attributes']['class'] = 'js_ise_form_class';
$form['submit']['#validate'][] = 'js_ise_form_validate';
$form['mac']['value']['#element_ validate']=array('js_ise_form_validate');
// $e = kprint_r($form,TRUE);
// print $e;
return $form;
}
// method 为 get 的 form ,似乎不执行 validate方法
//function js_ise_form_validate($form, &$form_state)
//{
// $mac = $form_state['values']['mac'];
// $mac_wireless = _isMacAddressOrEmtpy($mac,':');
// if (!$mac_wireless) {
// form_set_error('field_jses_mac_wireless', '无线mac地址错误');
// } else {
// if ($mac_wireless === true) {
// $form_state['values']['mac'] = '';
// } else {
// $mac_wireless = strtoupper($mac_wireless);
// $form_state['values']['mac'] = $mac_wireless;
// }
// }
//}
// method 为 get 的 form ,似乎也不执行 submit方法
//function js_ise_form_submit($form, &$form_state)
//{
// if($form_state['values']['op'] == '查询') {
// $mac = $form_state['values']['mac'];
// $query_ise_result = _query_ise($mac);
// $_SESSION['ise_result'] = $query_ise_result;
// }
// else if($form_state['values']['op'] == '更改'){
// $mac = $form_state['values']['mac'];
// $group = $form_state['values']['group'];
// $ad_net_levels = array_keys(_ise_level());
// $new_ad_net_level = $ad_net_levels[$group];//这里其实是得到的ise_level的键
// _update_delete_ise($mac,$new_ad_net_level);
// $query_ise_result = _query_ise($mac);
// $_SESSION['ise_result'] = $query_ise_result;
// $_SESSION['ise_result']['group'] = $group;
// }
//}
function custom_twenty_three_ise_query_ise()
{
$form = drupal_get_form('js_ise_form');
$mac = $_GET['mac'];
if(!empty($_GET['op']) && empty($_GET['mac'])){
drupal_set_message('无线mac地址不能为空','warning');
return $form;
}
$mac = _isMacAddressOrEmtpy($mac,':');
if (!$mac) {
drupal_set_message('无线mac地址错误','warning');
return $form;
} else {
$mac = strtoupper($mac);
}
if($_GET['op'] == '查询') {
$query_ise_result = _query_ise($mac);
//我们在查询有结果的情况下,再更新一下
// if(!empty($query_ise_result['endpointgroup'])) {
// $new_ad_net_level = _ise_level_flip()[$query_ise_result['endpointgroup']];
// _update_delete_ise($mac,$new_ad_net_level);
// $query_ise_result = _query_ise($mac);
// }
}
else if($_GET['op'] == '更改'){
$group = $_GET['group'];
$ad_net_levels = array_keys(_ise_level());
$new_ad_net_level = $ad_net_levels[$group];//这里其实是得到的ise_level的键
$query_ise_result = array();
for($i=0;$i<=3;$i++){ //如果结果为空的话,就顶多重复执行4次
if(empty($query_ise_result['endpointgroup'])){
_update_delete_ise($mac,$new_ad_net_level);
$query_ise_result = _query_ise($mac);
}else{
break;
}
}
}
$output = array(
'first_para' => $form,
'second_para' =>$query_ise_result?array(
'#type' => 'markup',
'#markup' => empty($query_ise_result['endpointgroup'])?'无结果':"<table style='width: auto;'><tr><td>mac: {$query_ise_result['mac']} </td><td>权限组: {$query_ise_result['endpointgroup']} </td></tr></table>",
):array(),
);
return $output;
}
普通分类: