jumpserver/juser/views.py

# coding: utf-8
# Author: Guanghongwei
# Email: ibuler@qq.com

import random
from Crypto.PublicKey import RSA
import uuid as uuid_r

from django.db.models import Q
from django.template import RequestContext
from django.db.models import ObjectDoesNotExist

from juser.user_api import *


def chg_role(request):
    role = {'SU': 2, 'DA': 1, 'CU': 0}
    user, dept = get_session_user_dept(request)
    if request.session['role_id'] > 0:
        request.session['role_id'] = 0
    elif request.session['role_id'] == 0:
        request.session['role_id'] = role.get(user.role, 0)
    return HttpResponseRedirect('/')


@require_role(role='super')
def group_add(request):
    """
    group add view for route
    添加用户组的视图
    """
    error = ''
    msg = ''
    header_title, path1, path2 = '添加用户组', '用户管理', '添加用户组'
    user_all = User.objects.all()

    if request.method == 'POST':
        group_name = request.POST.get('group_name', '')
        users_selected = request.POST.getlist('users_selected', '')
        comment = request.POST.get('comment', '')

        try:
            if not group_name:
                error = u'组名 不能为空'
                raise ServerError(error)

            if UserGroup.objects.filter(name=group_name):
                error = u'组名已存在'
                raise ServerError(error)
            db_add_group(name=group_name, users_id=users_selected, comment=comment)
        except ServerError:
            pass
        except TypeError:
            error = u'添加小组失败'
        else:
            msg = u'添加组 %s 成功' % group_name

    return my_render('juser/group_add.html', locals(), request)


@require_role(role='super')
def group_list(request):
    """
    list user group
    用户组列表
    """
    header_title, path1, path2 = '查看用户组', '用户管理', '查看用户组'
    keyword = request.GET.get('search', '')
    user_group_list = UserGroup.objects.all().order_by('name')

    if keyword:
        user_group_list = user_group_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))

    user_group_list, p, user_groups, page_range, current_page, show_first, show_end = pages(user_group_list, request)
    return my_render('juser/group_list.html', locals(), request)


@require_role(role='super')
def group_del(request):
    """
    del a group
    删除用户组
    """
    group_ids = request.GET.get('id', '')
    group_id_list = group_ids.split(',')
    for group_id in group_id_list:
        UserGroup.objects.filter(id=group_id).delete()

    return HttpResponse('删除成功')


# @require_role(role='admin')
# def group_list_adm(request):
#     header_title, path1, path2 = '查看部门小组', '用户管理', '查看小组'
#     keyword = request.GET.get('search', '')
#     did = request.GET.get('did', '')
#     user, dept = get_session_user_dept(request)
#     contact_list = dept.usergroup_set.all().order_by('name')
#
#     if keyword:
#         contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
#
#     contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
#     return render_to_response('juser/group_list.html', locals(), context_instance=RequestContext(request))

#
# @require_role(role='admin')
# def group_detail(request):
#     group_id = request.GET.get('id', None)
#     if not group_id:
#         return HttpResponseRedirect('/')
#     group = UserGroup.objects.get(id=group_id)
#     users = group.user_set.all()
#     return render_to_response('juser/group_detail.html', locals(), context_instance=RequestContext(request))


@require_role(role='super')
def group_edit(request):
    error = ''
    msg = ''
    header_title, path1, path2 = '编辑用户组', '用户管理', '编辑用户组'

    if request.method == 'GET':
        group_id = request.GET.get('id', '')
        user_group = get_object(UserGroup, id=group_id)
        if user_group:
            users_all = User.objects.all()
            users_selected = user_group.user_set.all()
            users_remain = [user for user in users_all if user not in users_selected]

    else:
        group_id = request.POST.get('group_id', '')
        group_name = request.POST.get('group_name', '')
        comment = request.POST.get('comment', '')
        users_selected = request.POST.getlist('users_selected')

        users = []
        try:
            if '' in [group_id, group_name]:
                raise ServerError('组名不能为空')

            user_group = get_object(UserGroup, id=group_id)
            other_group = get_object(UserGroup, name=group_name)

            if other_group and other_group.id != int(group_id):
                raise ServerError(u'%s 用户组已存在' % group_name)

            for user_id in users_selected:
                users.extend(User.objects.filter(id=user_id))

            if user_group:
                user_group.update(name=group_name, comment=comment)
                user_group.user_set.clear()
                user_group.user_set = users

        except ServerError, e:
            error = e
        if not error:
            return HttpResponseRedirect('/juser/group_list/')
        else:
            users_all = User.objects.all()
            users_selected = user_group.user_set.all()
            users_remain = [user for user in users_all if user not in users_selected]

    return my_render('juser/group_edit.html', locals(), request)


# @require_role(role='admin')
# def group_edit_adm(request):
#     error = ''
#     msg = ''
#     header_title, path1, path2 = '修改小组信息', '用户管理', '编辑小组'
#     user, dept = get_session_user_dept(request)
#     if request.method == 'GET':
#         group_id = request.GET.get('id', '')
#         if not validate(request, user_group=[group_id]):
#             return HttpResponseRedirect('/juser/group_list/')
#         group = UserGroup.objects.filter(id=group_id)
#         if group:
#             group = group[0]
#             users_all = dept.user_set.all()
#             users_selected = group.user_set.all()
#             users = [user for user in users_all if user not in users_selected]
#
#         return render_to_response('juser/group_edit.html', locals(), context_instance=RequestContext(request))
#     else:
#         group_id = request.POST.get('group_id', '')
#         group_name = request.POST.get('group_name', '')
#         comment = request.POST.get('comment', '')
#         users_selected = request.POST.getlist('users_selected')
#
#         users = []
#         try:
#             if not validate(request, user=users_selected):
#                 raise ServerError(u'右侧非部门用户')
#
#             if not validate(request, user_group=[group_id]):
#                 raise ServerError(u'没有权限修改本组')
#
#             for user_id in users_selected:
#                 users.extend(User.objects.filter(id=user_id))
#
#             user_group = UserGroup.objects.filter(id=group_id)
#             if user_group:
#                 user_group.update(name=group_name, comment=comment, dept=dept)
#                 user_group = user_group[0]
#                 user_group.user_set.clear()
#                 user_group.user_set = users
#
#         except ServerError, e:
#             error = e
#
#         return HttpResponseRedirect('/juser/group_list/')


@require_role(role='super')
def user_add(request):
    error = ''
    msg = ''
    header_title, path1, path2 = '添加用户', '用户管理', '添加用户'
    user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
    group_all = UserGroup.objects.all()

    if request.method == 'POST':
        username = request.POST.get('username', '')
        password = PyCrypt.random_pass(16)
        name = request.POST.get('name', '')
        email = request.POST.get('email', '')
        groups = request.POST.getlist('groups', [])
        admin_groups = request.POST.getlist('admin_groups', [])
        role = request.POST.get('role', 'CU')
        uuid = uuid_r.uuid1()
        ssh_key_pwd = PyCrypt.random_pass(16)
        extra = request.POST.getlist('extra', [])
        is_active = True if '0' in extra else False
        ssh_key_login_need = True if '1' in extra else False
        send_mail_need = True if '2' in extra else False

        try:
            if '' in [username, password, ssh_key_pwd, name, role]:
                error = u'带*内容不能为空'
                raise ServerError
            user_test = get_object(User, username=username)
            if user_test:
                error = u'用户 %s 已存在' % username
                raise ServerError

        except ServerError:
            pass
        else:
            try:
                user = db_add_user(username=username, name=name,
                                   password=CRYPTOR.md5_crypt(password),
                                   email=email, role=role, uuid=uuid,
                                   groups=groups, admin_groups=admin_groups,
                                   ssh_key_pwd=CRYPTOR.md5_crypt(ssh_key_pwd),
                                   is_active=is_active,
                                   date_joined=datetime.datetime.now())
                server_add_user(username, password, ssh_key_pwd, ssh_key_login_need)
            except Exception, e:
                error = u'添加用户 %s 失败 %s ' % (username, e)
                try:
                    db_del_user(username)
                    server_del_user(username)
                except Exception:
                    pass
            else:
                if MAIL_ENABLE and send_mail_need:
                    user_add_mail(user, kwargs=locals())
                msg = get_display_msg(user, password, ssh_key_pwd, ssh_key_login_need, send_mail_need)
    return my_render('juser/user_add.html', locals(), request)


# @require_role(role='admin')
# def user_add_adm(request):
#     error = ''
#     msg = ''
#     header_title, path1, path2 = '添加用户', '用户管理', '添加用户'
#     user, dept = get_session_user_dept(request)
#     group_all = dept.usergroup_set.all()
#
#     if request.method == 'POST':
#         username = request.POST.get('username', '')
#         password = PyCrypt.gen_rand_pwd(16)
#         name = request.POST.get('name', '')
#         email = request.POST.get('email', '')
#         groups = request.POST.getlist('groups', [])
#         ssh_key_pwd = PyCrypt.gen_rand_pwd(16)
#         is_active = True if request.POST.get('is_active', '1') == '1' else False
#         ldap_pwd = PyCrypt.gen_rand_pwd(16)
#
#         try:
#             if '' in [username, password, ssh_key_pwd, name, groups, is_active]:
#                 error = u'带*内容不能为空'
#                 raise ServerError
#             user = User.objects.filter(username=username)
#             if user:
#                 error = u'用户 %s 已存在' % username
#                 raise ServerError
#
#         except ServerError:
#             pass
#         else:
#             try:
#                 user = db_add_user(username=username,
#                                    password=CRYPTOR.md5_crypt(password),
#                                    name=name, email=email, dept=dept,
#                                    groups=groups, role='CU',
#                                    ssh_key_pwd=CRYPTOR.md5_crypt(ssh_key_pwd),
#                                    ldap_pwd=CRYPTOR.encrypt(ldap_pwd),
#                                    is_active=is_active,
#                                    date_joined=datetime.datetime.now())
#
#                 server_add_user(username, password, ssh_key_pwd)
#                 if LDAP_ENABLE:
#                     ldap_add_user(username, ldap_pwd)
#
#             except Exception, e:
#                 error = u'添加用户 %s 失败 %s ' % (username, e)
#                 try:
#                     db_del_user(username)
#                     server_del_user(username)
#                     if LDAP_ENABLE:
#                         ldap_del_user(username)
#                 except Exception:
#                     pass
#             else:
#                 mail_title = u'恭喜你的跳板机用户添加成功 Jumpserver'
#                 mail_msg = """
#                 Hi, %s
#                     您的用户名： %s
#                     您的部门: %s
#                     您的角色： %s
#                     您的web登录密码： %s
#                     您的ssh密钥文件密码： %s
#                     密钥下载地址： http://%s:%s/juser/down_key/?id=%s
#                     说明： 请登陆后再下载密钥！
#                 """ % (name, username, dept.name, '普通用户',
#                        password, ssh_key_pwd, SEND_IP, SEND_PORT, user.id)
#                 send_mail(mail_title, mail_msg, MAIL_FROM, [email], fail_silently=False)
#                 msg = u'添加用户 %s 成功！ 用户密码已发送到 %s 邮箱！' % (username, email)
#
#     return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request))


@require_role(role='super')
def user_list(request):
    user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
    header_title, path1, path2 = '查看用户', '用户管理', '用户列表'
    keyword = request.GET.get('keyword', '')
    gid = request.GET.get('gid', '')
    users_list = User.objects.all().order_by('username')

    if gid:
        user_group = UserGroup.objects.filter(id=gid)
        if user_group:
            user_group = user_group[0]
            users_list = user_group.user_set.all()

    if keyword:
        users_list = users_list.filter(Q(username__icontains=keyword) | Q(name__icontains=keyword)).order_by('username')

    users_list, p, users, page_range, current_page, show_first, show_end = pages(users_list, request)

    return my_render('juser/user_list.html', locals(), request)


# @require_role(role='admin')
# def user_list_adm(request):
#     user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
#     header_title, path1, path2 = '查看用户', '用户管理', '用户列表'
#     keyword = request.GET.get('keyword', '')
#     user, dept = get_session_user_dept(request)
#     gid = request.GET.get('gid', '')
#     contact_list = dept.user_set.all().order_by('name')
#
#     if gid:
#         if not validate(request, user_group=[gid]):
#             return HttpResponseRedirect('/juser/user_list/')
#         user_group = UserGroup.objects.filter(id=gid)
#         if user_group:
#             user_group = user_group[0]
#             contact_list = user_group.user_set.all()
#
#     if keyword:
#         contact_list = contact_list.filter(Q(username__icontains=keyword) | Q(name__icontains=keyword)).order_by('name')
#
#     contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
#
#     return render_to_response('juser/user_list.html', locals(), context_instance=RequestContext(request))


@require_role(role='user')
def user_detail(request):
    header_title, path1, path2 = '用户详情', '用户管理', '用户详情'
    if request.session.get('role_id') == 0:
        user_id = request.session.get('user_id')
    else:
        user_id = request.GET.get('id', '')
    #     if request.session.get('role_id') == 1:
    #         user, dept = get_session_user_dept(request)
    #         if not validate(request, user=[user_id]):
    #             return HttpResponseRedirect('/')
    # if not user_id:
    #     return HttpResponseRedirect('/juser/user_list/')

    user = get_object(User, id=user_id)
    if user:
        pass
        # asset_group_permed = user.get_asset_group()
        # logs_last = Log.objects.filter(user=user.name).order_by('-start_time')[0:10]
        # logs_all = Log.objects.filter(user=user.name).order_by('-start_time')
        # logs_num = len(logs_all)

    return my_render('juser/user_detail.html', locals(), request)


@require_role(role='admin')
def user_del(request):
    user_ids = request.GET.get('id', '')
    user_id_list = user_ids.split(',')
    for user_id in user_id_list:
        User.objects.filter(id=user_id).delete()

    return HttpResponse('删除成功')


@require_role('admin')
def send_mail_retry(request):
    user_uuid = request.GET.get('uuid', '1')
    user = get_object(User, uuid=user_uuid)
    msg = u"""
    跳板机地址： %s
    用户名：%s
    重设密码：%s/juser/forget_password/
    请登录web重新生成key
    """ % (URL, user.username, URL)

    try:
        send_mail(u'邮件重发', msg, MAIL_FROM, [user.email], fail_silently=False)
    except IndexError:
        return Http404
    return HttpResponse('发送成功')


def forget_password(request):
    if request.method == 'POST':
        email = request.POST.get('email', '')
        username = request.POST.get('username', '')
        user = get_object(User, username=username, email=email)
        if user:
            timestamp = int(time.time())
            hash_encode = PyCrypt.md5_crypt(str(user.uuid) + str(timestamp) + KEY)
            msg = u"""
            Hi %s, 请点击下面链接重设密码！
            %s/juser/reset_password/?uuid=%s&timestamp=%s&hash=%s
            """ % (user.name, URL, user.uuid, timestamp, hash_encode)
            send_mail('忘记跳板机密码', msg, MAIL_FROM, [email], fail_silently=False)
            msg = u'请登陆邮箱，点击邮件重设密码'
            return HttpResponse(msg)
        else:
            error = u'用户不存在或邮件地址错误'

    return render_to_response('juser/forget_password.html', locals())


def reset_password(request):
    uuid = request.GET.get('uuid', '')
    timestamp = request.GET.get('timestamp', '')
    hash_encode = request.GET.get('hash', '')
    action = '/juser/reset_password/?uuid=%s&timestamp=%s&hash=%s' % (uuid, timestamp, hash_encode)

    if request.method == 'POST':
        password = request.POST.get('password')
        password_confirm = request.POST.get('password_confirm')
        if password != password_confirm:
            return HttpResponse('密码不匹配')
        else:
            user = get_object(User, uuid=uuid)
            if user:
                user.password = PyCrypt.md5_crypt(password)
                user.save()
                return HttpResponse('密码重设成功')
            else:
                return HttpResponse('用户不存在')

    if hash_encode == PyCrypt.md5_crypt(uuid + timestamp + KEY):
        if int(time.time()) - int(timestamp) > 600:
            return HttpResponse('链接已超时')
        else:
            return render_to_response('juser/reset_password.html', locals())

    return http_error(request, u'错误请求')


@require_role(role='super')
def user_edit(request):
    header_title, path1, path2 = '编辑用户', '用户管理', '编辑用户'
    if request.method == 'GET':
        user_id = request.GET.get('id', '')
        if not user_id:
            return HttpResponseRedirect('/')

        user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
        user = get_object(User, id=user_id)
        group_all = UserGroup.objects.all()
        if user:
            groups_str = ' '.join([str(group.id) for group in user.group.all()])
            admin_groups_str = ' '.join([str(admin_group.group.id) for admin_group in user.admingroup_set.all()])

    else:
        user_id = request.GET.get('id', '')
        password = request.POST.get('password', '')
        name = request.POST.get('name', '')
        email = request.POST.get('email', '')
        groups = request.POST.getlist('groups', [])
        role_post = request.POST.get('role', 'CU')
        admin_groups = request.POST.getlist('admin_groups', [])
        extra = request.POST.getlist('extra', [])
        is_active = True if '0' in extra else False
        email_need = True if '2' in extra else False
        user_role = {'SU': u'超级管理员', 'GA': u'部门管理员', 'CU': u'普通用户'}

        if user_id:
            user = get_object(User, id=user_id)
        else:
            return HttpResponseRedirect('/juser/user_list/')

        if password != user.password:
            password_decode = password
            password = CRYPTOR.md5_crypt(password)
        else:
            password_decode = None

        db_update_user(user_id=user_id,
                       password=password,
                       name=name,
                       email=email,
                       groups=groups,
                       admin_groups=admin_groups,
                       role=role_post,
                       is_active=is_active)

        if email_need:
            msg = u"""
            Hi %s:
                您的信息已修改，请登录跳板机查看详细信息
                地址：%s
                用户名： %s
                密码：%s (如果密码为None代表密码为原密码)
                角色：%s

            """ % (user.name, URL, user.username, password_decode, user_role.get(role_post, u''))
            send_mail('您的信息已修改', msg, MAIL_FROM, [email], fail_silently=False)

        return HttpResponseRedirect('/juser/user_list/')

    return my_render('juser/user_edit.html', locals(), request)


# @require_role(role='admin')
def user_edit_adm(request):
    pass
#     header_title, path1, path2 = '编辑用户', '用户管理', '用户编辑'
#     user, dept = get_session_user_dept(request)
#     if request.method == 'GET':
#         user_id = request.GET.get('id', '')
#         if not user_id:
#             return HttpResponseRedirect('/juser/user_list/')
#
#         if not validate(request, user=[user_id]):
#             return HttpResponseRedirect('/juser/user_list/')
#
#         user = User.objects.filter(id=user_id)
#         dept_all = DEPT.objects.all()
#         group_all = dept.usergroup_set.all()
#         if user:
#             user = user[0]
#             groups_str = ' '.join([str(group.id) for group in user.group.all()])
#
#     else:
#         user_id = request.POST.get('user_id', '')
#         password = request.POST.get('password', '')
#         name = request.POST.get('name', '')
#         email = request.POST.get('email', '')
#         groups = request.POST.getlist('groups', [])
#         ssh_key_pwd = request.POST.get('ssh_key_pwd', '')
#         is_active = True if request.POST.get('is_active', '1') == '1' else False
#
#         if not validate(request, user=[user_id], user_group=groups):
#             return HttpResponseRedirect('/juser/user_edit/')
#         if user_id:
#             user = User.objects.filter(id=user_id)
#             if user:
#                 user = user[0]
#         else:
#             return HttpResponseRedirect('/juser/user_list/')
#
#         if password != user.password:
#             password = CRYPTOR.md5_crypt(password)
#
#         if ssh_key_pwd != user.ssh_key_pwd:
#             ssh_key_pwd = CRYPTOR.encrypt(ssh_key_pwd)
#
#         db_update_user(user_id=user_id,
#                        password=password,
#                        name=name,
#                        email=email,
#                        groups=groups,
#                        is_active=is_active,
#                        ssh_key_pwd=ssh_key_pwd)
#
#         return HttpResponseRedirect('/juser/user_list/')
#
#     return render_to_response('juser/user_edit.html', locals(), context_instance=RequestContext(request))
#


def profile(request):
    user_id = request.session.get('user_id')
    if not user_id:
        return HttpResponseRedirect('/')
    user = User.objects.get(id=user_id)
    return render_to_response('juser/profile.html', locals(), context_instance=RequestContext(request))


def change_info(request):
    header_title, path1, path2 = '修改信息', '用户管理', '修改个人信息'
    user_id = request.session.get('user_id')
    user = get_object(User, id=user_id)
    error = ''
    if not user:
        return HttpResponseRedirect('/')

    if request.method == 'POST':
        name = request.POST.get('name', '')
        password = request.POST.get('password', '')
        email = request.POST.get('email', '')

        if '' in [name, password, email]:
            error = '不能为空'

        if len(password) < 6:
            error = '密码须大于6位'

        if not error:
            if password != user.password:
                password = CRYPTOR.md5_crypt(password)

            user.update(name=name, password=password, email=email)
            msg = '修改成功'

    return render_to_response('juser/change_info.html', locals(), context_instance=RequestContext(request))


@require_role(role='user')
def regen_ssh_key(request):
    uuid = request.GET.get('uuid', '')
    user = get_object(User, uuid=uuid)
    if not user:
        return HttpResponse('没有该用户')

    username = user.username
    ssh_key_pass = PyCrypt.random_pass(16)
    gen_ssh_key(username, ssh_key_pass)
    return HttpResponse('ssh密钥已生成，密码为 %s, 请到下载页面下载' % ssh_key_pass)


@require_role(role='user')
def down_key(request):
    user_id = ''
    if is_role_request(request, 'super'):
        user_id = request.GET.get('id')

    if is_role_request(request, 'user'):
        user_id = request.session.get('user_id')

    if user_id:
        user = get_object(User, id=user_id)
        if user:
            username = user.username
            private_key_file = os.path.join(BASE_DIR, 'keys/jumpserver', username+".pem")
            if os.path.isfile(private_key_file):
                f = open(private_key_file)
                data = f.read()
                f.close()
                response = HttpResponse(data, content_type='application/octet-stream')
                response['Content-Disposition'] = 'attachment; filename=%s' % os.path.basename(private_key_file)
                return response

    return HttpResponse('No Key File. Contact Admin.')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								# coding: utf-8
 								# Author: Guanghongwei
 								# Email: ibuler@qq.com
 								import random
 								from Crypto.PublicKey import RSA
-												添加忘记密码

											
										
										
											9 years ago
+								import uuid as uuid_r
-												version 2.0.0 beta

											
										
										
											10 years ago
 								from django.db.models import Q
 								from django.template import RequestContext
-												modify some

											
										
										
											10 years ago
+								from django.db.models import ObjectDoesNotExist
-												version 2.0.0 beta

											
										
										
											10 years ago
-												删除部门前

											
										
										
											9 years ago
+								from juser.user_api import *
-												version 2.0.0 beta

											
										
										
											10 years ago
 								def chg_role(request):
 								    role = {'SU': 2, 'DA': 1, 'CU': 0}
 								    user, dept = get_session_user_dept(request)
 								    if request.session['role_id'] > 0:
 								        request.session['role_id'] = 0
 								    elif request.session['role_id'] == 0:
 								        request.session['role_id'] = role.get(user.role, 0)
 								    return HttpResponseRedirect('/')
-												删除部门前

											
										
										
											9 years ago
+								@require_role(role='super')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def group_add(request):
-												修改用户组视图

											
										
										
											9 years ago
+								    """
 								    group add view for route
 								    添加用户组的视图
 								    """
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    error = ''
 								    msg = ''
-												删除部门后

											
										
										
											9 years ago
+								    header_title, path1, path2 = '添加用户组', '用户管理', '添加用户组'
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    user_all = User.objects.all()
 								    if request.method == 'POST':
 								        group_name = request.POST.get('group_name', '')
 								        users_selected = request.POST.getlist('users_selected', '')
 								        comment = request.POST.get('comment', '')
 								        try:
-												删除部门后

											
										
										
											9 years ago
+								            if not group_name:
 								                error = u'组名 不能为空'
-												modify some

											
										
										
											10 years ago
+								                raise ServerError(error)
-												version 2.0.0 beta

											
										
										
											10 years ago
 								            if UserGroup.objects.filter(name=group_name):
 								                error = u'组名已存在'
-												modify some

											
										
										
											10 years ago
+								                raise ServerError(error)
-												删除部门后

											
										
										
											9 years ago
+								            db_add_group(name=group_name, users_id=users_selected, comment=comment)
-												modify some

											
										
										
											10 years ago
+								        except ServerError:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								            pass
 								        except TypeError:
-												删除部门后

											
										
										
											9 years ago
+								            error = u'添加小组失败'
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        else:
 								            msg = u'添加组 %s 成功' % group_name
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    return my_render('juser/group_add.html', locals(), request)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												删除部门前

											
										
										
											9 years ago
+								@require_role(role='super')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def group_list(request):
-												修改用户组视图

											
										
										
											9 years ago
+								    """
 								    list user group
 								    用户组列表
 								    """
 								    header_title, path1, path2 = '查看用户组', '用户管理', '查看用户组'
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    keyword = request.GET.get('search', '')
-												修改用户组视图

											
										
										
											9 years ago
+								    user_group_list = UserGroup.objects.all().order_by('name')
-												version 2.0.0 beta

											
										
										
											10 years ago
 								    if keyword:
-												修改用户组视图

											
										
										
											9 years ago
+								        user_group_list = user_group_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
-												version 2.0.0 beta

											
										
										
											10 years ago
-												修改资产管理

											
										
										
											9 years ago
+								    user_group_list, p, user_groups, page_range, current_page, show_first, show_end = pages(user_group_list, request)
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    return my_render('juser/group_list.html', locals(), request)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												删除部门前

											
										
										
											9 years ago
+								@require_role(role='super')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def group_del(request):
-												修改用户组视图

											
										
										
											9 years ago
+								    """
 								    del a group
 								    删除用户组
 								    """
-												资产修改基本完成

											
										
										
											9 years ago
+								    group_ids = request.GET.get('id', '')
 								    group_id_list = group_ids.split(',')
 								    for group_id in group_id_list:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        UserGroup.objects.filter(id=group_id).delete()
-												资产修改基本完成

											
										
										
											9 years ago
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    return HttpResponse('删除成功')
-												资产修改基本完成

											
										
										
											9 years ago
-												修改用户组视图

											
										
										
											9 years ago
+								# @require_role(role='admin')
 								# def group_list_adm(request):
 								#     header_title, path1, path2 = '查看部门小组', '用户管理', '查看小组'
 								#     keyword = request.GET.get('search', '')
 								#     did = request.GET.get('did', '')
 								#     user, dept = get_session_user_dept(request)
 								#     contact_list = dept.usergroup_set.all().order_by('name')
 								#
 								#     if keyword:
 								#         contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
 								#
 								#     contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
 								#     return render_to_response('juser/group_list.html', locals(), context_instance=RequestContext(request))
 								#
 								# @require_role(role='admin')
 								# def group_detail(request):
 								#     group_id = request.GET.get('id', None)
 								#     if not group_id:
 								#         return HttpResponseRedirect('/')
 								#     group = UserGroup.objects.get(id=group_id)
 								#     users = group.user_set.all()
 								#     return render_to_response('juser/group_detail.html', locals(), context_instance=RequestContext(request))
-												version 2.0.0 beta

											
										
										
											10 years ago
-												删除部门前

											
										
										
											9 years ago
+								@require_role(role='super')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def group_edit(request):
 								    error = ''
 								    msg = ''
-												修改用户组视图

											
										
										
											9 years ago
+								    header_title, path1, path2 = '编辑用户组', '用户管理', '编辑用户组'
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    if request.method == 'GET':
 								        group_id = request.GET.get('id', '')
-												修改用户组视图

											
										
										
											9 years ago
+								        user_group = get_object(UserGroup, id=group_id)
 								        if user_group:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								            users_all = User.objects.all()
-												修改用户组视图

											
										
										
											9 years ago
+								            users_selected = user_group.user_set.all()
 								            users_remain = [user for user in users_all if user not in users_selected]
-												version 2.0.0 beta

											
										
										
											10 years ago
 								    else:
 								        group_id = request.POST.get('group_id', '')
 								        group_name = request.POST.get('group_name', '')
 								        comment = request.POST.get('comment', '')
 								        users_selected = request.POST.getlist('users_selected')
 								        users = []
 								        try:
 								            if '' in [group_id, group_name]:
-												modify some

											
										
										
											10 years ago
+								                raise ServerError('组名不能为空')
-												修改用户组视图

											
										
										
											9 years ago
 								            user_group = get_object(UserGroup, id=group_id)
 								            other_group = get_object(UserGroup, name=group_name)
 								            if other_group and other_group.id != int(group_id):
 								                raise ServerError(u'%s 用户组已存在' % group_name)
-												version 2.0.0 beta

											
										
										
											10 years ago
+								            for user_id in users_selected:
 								                users.extend(User.objects.filter(id=user_id))
 								            if user_group:
-												修改用户组视图

											
										
										
											9 years ago
+								                user_group.update(name=group_name, comment=comment)
-												version 2.0.0 beta

											
										
										
											10 years ago
+								                user_group.user_set.clear()
 								                user_group.user_set = users
-												modify some

											
										
										
											10 years ago
+								        except ServerError, e:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								            error = e
-												修改用户组视图

											
										
										
											9 years ago
+								        if not error:
 								            return HttpResponseRedirect('/juser/group_list/')
 								        else:
 								            users_all = User.objects.all()
 								            users_selected = user_group.user_set.all()
 								            users_remain = [user for user in users_all if user not in users_selected]
-												version 2.0.0 beta

											
										
										
											10 years ago
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    return my_render('juser/group_edit.html', locals(), request)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												修改用户添加视图

											
										
										
											9 years ago
+								# @require_role(role='admin')
 								# def group_edit_adm(request):
 								#     error = ''
 								#     msg = ''
 								#     header_title, path1, path2 = '修改小组信息', '用户管理', '编辑小组'
 								#     user, dept = get_session_user_dept(request)
 								#     if request.method == 'GET':
 								#         group_id = request.GET.get('id', '')
 								#         if not validate(request, user_group=[group_id]):
 								#             return HttpResponseRedirect('/juser/group_list/')
 								#         group = UserGroup.objects.filter(id=group_id)
 								#         if group:
 								#             group = group[0]
 								#             users_all = dept.user_set.all()
 								#             users_selected = group.user_set.all()
 								#             users = [user for user in users_all if user not in users_selected]
 								#
 								#         return render_to_response('juser/group_edit.html', locals(), context_instance=RequestContext(request))
 								#     else:
 								#         group_id = request.POST.get('group_id', '')
 								#         group_name = request.POST.get('group_name', '')
 								#         comment = request.POST.get('comment', '')
 								#         users_selected = request.POST.getlist('users_selected')
 								#
 								#         users = []
 								#         try:
 								#             if not validate(request, user=users_selected):
 								#                 raise ServerError(u'右侧非部门用户')
 								#
 								#             if not validate(request, user_group=[group_id]):
 								#                 raise ServerError(u'没有权限修改本组')
 								#
 								#             for user_id in users_selected:
 								#                 users.extend(User.objects.filter(id=user_id))
 								#
 								#             user_group = UserGroup.objects.filter(id=group_id)
 								#             if user_group:
 								#                 user_group.update(name=group_name, comment=comment, dept=dept)
 								#                 user_group = user_group[0]
 								#                 user_group.user_set.clear()
 								#                 user_group.user_set = users
 								#
 								#         except ServerError, e:
 								#             error = e
 								#
 								#         return HttpResponseRedirect('/juser/group_list/')
-												version 2.0.0 beta

											
										
										
											10 years ago
-												删除部门前

											
										
										
											9 years ago
+								@require_role(role='super')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def user_add(request):
 								    error = ''
 								    msg = ''
 								    header_title, path1, path2 = '添加用户', '用户管理', '添加用户'
-												修改用户添加视图

											
										
										
											9 years ago
+								    user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    group_all = UserGroup.objects.all()
 								    if request.method == 'POST':
 								        username = request.POST.get('username', '')
-												修改用户添加视图

											
										
										
											9 years ago
+								        password = PyCrypt.random_pass(16)
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        name = request.POST.get('name', '')
 								        email = request.POST.get('email', '')
 								        groups = request.POST.getlist('groups', [])
-												修改用户添加视图

											
										
										
											9 years ago
+								        admin_groups = request.POST.getlist('admin_groups', [])
 								        role = request.POST.get('role', 'CU')
-												添加忘记密码

											
										
										
											9 years ago
+								        uuid = uuid_r.uuid1()
-												修改用户添加视图

											
										
										
											9 years ago
+								        ssh_key_pwd = PyCrypt.random_pass(16)
-												干掉ldap前

											
										
										
											9 years ago
+								        extra = request.POST.getlist('extra', [])
 								        is_active = True if '0' in extra else False
-												添加忘记密码

											
										
										
											9 years ago
+								        ssh_key_login_need = True if '1' in extra else False
 								        send_mail_need = True if '2' in extra else False
-												version 2.0.0 beta

											
										
										
											10 years ago
 								        try:
-												添加忘记密码

											
										
										
											9 years ago
+								            if '' in [username, password, ssh_key_pwd, name, role]:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								                error = u'带*内容不能为空'
-												modify some

											
										
										
											10 years ago
+								                raise ServerError
-												修改用户添加视图

											
										
										
											9 years ago
+								            user_test = get_object(User, username=username)
 								            if user_test:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								                error = u'用户 %s 已存在' % username
-												modify some

											
										
										
											10 years ago
+								                raise ServerError
-												version 2.0.0 beta

											
										
										
											10 years ago
-												modify some

											
										
										
											10 years ago
+								        except ServerError:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								            pass
 								        else:
 								            try:
-												添加忘记密码

											
										
										
											9 years ago
+								                user = db_add_user(username=username, name=name,
-												modify some

											
										
										
											10 years ago
+								                                   password=CRYPTOR.md5_crypt(password),
-												添加忘记密码

											
										
										
											9 years ago
+								                                   email=email, role=role, uuid=uuid,
-												修改用户添加视图

											
										
										
											9 years ago
+								                                   groups=groups, admin_groups=admin_groups,
-												modify some

											
										
										
											10 years ago
+								                                   ssh_key_pwd=CRYPTOR.md5_crypt(ssh_key_pwd),
-												version 2.0.0 beta

											
										
										
											10 years ago
+								                                   is_active=is_active,
 								                                   date_joined=datetime.datetime.now())
-												添加忘记密码

											
										
										
											9 years ago
+								                server_add_user(username, password, ssh_key_pwd, ssh_key_login_need)
 								            except Exception, e:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								                error = u'添加用户 %s 失败 %s ' % (username, e)
 								                try:
 								                    db_del_user(username)
 								                    server_del_user(username)
 								                except Exception:
 								                    pass
 								            else:
-												添加忘记密码

											
										
										
											9 years ago
+								                if MAIL_ENABLE and send_mail_need:
-												修改用户添加视图

											
										
										
											9 years ago
+								                    user_add_mail(user, kwargs=locals())
-												添加忘记密码

											
										
										
											9 years ago
+								                msg = get_display_msg(user, password, ssh_key_pwd, ssh_key_login_need, send_mail_need)
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    return my_render('juser/user_add.html', locals(), request)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												干掉ldap前

											
										
										
											9 years ago
+								# @require_role(role='admin')
 								# def user_add_adm(request):
 								#     error = ''
 								#     msg = ''
 								#     header_title, path1, path2 = '添加用户', '用户管理', '添加用户'
 								#     user, dept = get_session_user_dept(request)
 								#     group_all = dept.usergroup_set.all()
 								#
 								#     if request.method == 'POST':
 								#         username = request.POST.get('username', '')
 								#         password = PyCrypt.gen_rand_pwd(16)
 								#         name = request.POST.get('name', '')
 								#         email = request.POST.get('email', '')
 								#         groups = request.POST.getlist('groups', [])
 								#         ssh_key_pwd = PyCrypt.gen_rand_pwd(16)
 								#         is_active = True if request.POST.get('is_active', '1') == '1' else False
 								#         ldap_pwd = PyCrypt.gen_rand_pwd(16)
 								#
 								#         try:
 								#             if '' in [username, password, ssh_key_pwd, name, groups, is_active]:
 								#                 error = u'带*内容不能为空'
 								#                 raise ServerError
 								#             user = User.objects.filter(username=username)
 								#             if user:
 								#                 error = u'用户 %s 已存在' % username
 								#                 raise ServerError
 								#
 								#         except ServerError:
 								#             pass
 								#         else:
 								#             try:
 								#                 user = db_add_user(username=username,
 								#                                    password=CRYPTOR.md5_crypt(password),
 								#                                    name=name, email=email, dept=dept,
 								#                                    groups=groups, role='CU',
 								#                                    ssh_key_pwd=CRYPTOR.md5_crypt(ssh_key_pwd),
 								#                                    ldap_pwd=CRYPTOR.encrypt(ldap_pwd),
 								#                                    is_active=is_active,
 								#                                    date_joined=datetime.datetime.now())
 								#
 								#                 server_add_user(username, password, ssh_key_pwd)
 								#                 if LDAP_ENABLE:
 								#                     ldap_add_user(username, ldap_pwd)
 								#
 								#             except Exception, e:
 								#                 error = u'添加用户 %s 失败 %s ' % (username, e)
 								#                 try:
 								#                     db_del_user(username)
 								#                     server_del_user(username)
 								#                     if LDAP_ENABLE:
 								#                         ldap_del_user(username)
 								#                 except Exception:
 								#                     pass
 								#             else:
 								#                 mail_title = u'恭喜你的跳板机用户添加成功 Jumpserver'
 								#                 mail_msg = """
 								#                 Hi, %s
 								#                     您的用户名： %s
 								#                     您的部门: %s
 								#                     您的角色： %s
 								#                     您的web登录密码： %s
 								#                     您的ssh密钥文件密码： %s
 								#                     密钥下载地址： http://%s:%s/juser/down_key/?id=%s
 								#                     说明： 请登陆后再下载密钥！
 								#                 """ % (name, username, dept.name, '普通用户',
 								#                        password, ssh_key_pwd, SEND_IP, SEND_PORT, user.id)
 								#                 send_mail(mail_title, mail_msg, MAIL_FROM, [email], fail_silently=False)
 								#                 msg = u'添加用户 %s 成功！ 用户密码已发送到 %s 邮箱！' % (username, email)
 								#
 								#     return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request))
-												version 2.0.0 beta

											
										
										
											10 years ago
-												删除部门前

											
										
										
											9 years ago
+								@require_role(role='super')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def user_list(request):
 								    user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
 								    header_title, path1, path2 = '查看用户', '用户管理', '用户列表'
 								    keyword = request.GET.get('keyword', '')
 								    gid = request.GET.get('gid', '')
-												修改资产管理

											
										
										
											9 years ago
+								    users_list = User.objects.all().order_by('username')
-												version 2.0.0 beta

											
										
										
											10 years ago
 								    if gid:
 								        user_group = UserGroup.objects.filter(id=gid)
 								        if user_group:
 								            user_group = user_group[0]
-												修改资产管理

											
										
										
											9 years ago
+								            users_list = user_group.user_set.all()
-												version 2.0.0 beta

											
										
										
											10 years ago
 								    if keyword:
-												修改资产管理

											
										
										
											9 years ago
+								        users_list = users_list.filter(Q(username__icontains=keyword) | Q(name__icontains=keyword)).order_by('username')
-												version 2.0.0 beta

											
										
										
											10 years ago
-												修改资产管理

											
										
										
											9 years ago
+								    users_list, p, users, page_range, current_page, show_first, show_end = pages(users_list, request)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    return my_render('juser/user_list.html', locals(), request)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												添加忘记密码

											
										
										
											9 years ago
+								# @require_role(role='admin')
 								# def user_list_adm(request):
 								#     user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
 								#     header_title, path1, path2 = '查看用户', '用户管理', '用户列表'
 								#     keyword = request.GET.get('keyword', '')
 								#     user, dept = get_session_user_dept(request)
 								#     gid = request.GET.get('gid', '')
 								#     contact_list = dept.user_set.all().order_by('name')
 								#
 								#     if gid:
 								#         if not validate(request, user_group=[gid]):
 								#             return HttpResponseRedirect('/juser/user_list/')
 								#         user_group = UserGroup.objects.filter(id=gid)
 								#         if user_group:
 								#             user_group = user_group[0]
 								#             contact_list = user_group.user_set.all()
 								#
 								#     if keyword:
 								#         contact_list = contact_list.filter(Q(username__icontains=keyword) | Q(name__icontains=keyword)).order_by('name')
 								#
 								#     contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
 								#
 								#     return render_to_response('juser/user_list.html', locals(), context_instance=RequestContext(request))
-												version 2.0.0 beta

											
										
										
											10 years ago
-												删除部门前

											
										
										
											9 years ago
+								@require_role(role='user')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def user_detail(request):
-												添加忘记密码

											
										
										
											9 years ago
+								    header_title, path1, path2 = '用户详情', '用户管理', '用户详情'
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    if request.session.get('role_id') == 0:
 								        user_id = request.session.get('user_id')
 								    else:
 								        user_id = request.GET.get('id', '')
-												添加忘记密码

											
										
										
											9 years ago
+								    #     if request.session.get('role_id') == 1:
 								    #         user, dept = get_session_user_dept(request)
 								    #         if not validate(request, user=[user_id]):
 								    #             return HttpResponseRedirect('/')
 								    # if not user_id:
 								    #     return HttpResponseRedirect('/juser/user_list/')
 								    user = get_object(User, id=user_id)
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    if user:
-												用户模块修改告一段落

											
										
										
											9 years ago
+								        pass
-												添加忘记密码

											
										
										
											9 years ago
+								        # asset_group_permed = user.get_asset_group()
-												用户模块修改告一段落

											
										
										
											9 years ago
+								        # logs_last = Log.objects.filter(user=user.name).order_by('-start_time')[0:10]
 								        # logs_all = Log.objects.filter(user=user.name).order_by('-start_time')
 								        # logs_num = len(logs_all)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    return my_render('juser/user_detail.html', locals(), request)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												删除部门前

											
										
										
											9 years ago
+								@require_role(role='admin')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def user_del(request):
-												资产修改基本完成

											
										
										
											9 years ago
+								    user_ids = request.GET.get('id', '')
 								    user_id_list = user_ids.split(',')
 								    for user_id in user_id_list:
 								        User.objects.filter(id=user_id).delete()
-												version 2.0.0 beta

											
										
										
											10 years ago
 								    return HttpResponse('删除成功')
-												添加忘记密码

											
										
										
											9 years ago
+								@require_role('admin')
 								def send_mail_retry(request):
 								    user_uuid = request.GET.get('uuid', '1')
 								    user = get_object(User, uuid=user_uuid)
 								    msg = u"""
 								    跳板机地址： %s
 								    用户名：%s
 								    重设密码：%s/juser/forget_password/
 								    请登录web重新生成key
 								    """ % (URL, user.username, URL)
 								    try:
 								        send_mail(u'邮件重发', msg, MAIL_FROM, [user.email], fail_silently=False)
 								    except IndexError:
 								        return Http404
 								    return HttpResponse('发送成功')
 								def forget_password(request):
 								    if request.method == 'POST':
 								        email = request.POST.get('email', '')
 								        username = request.POST.get('username', '')
 								        user = get_object(User, username=username, email=email)
 								        if user:
 								            timestamp = int(time.time())
 								            hash_encode = PyCrypt.md5_crypt(str(user.uuid) + str(timestamp) + KEY)
 								            msg = u"""
 								            Hi %s, 请点击下面链接重设密码！
 								            %s/juser/reset_password/?uuid=%s&timestamp=%s&hash=%s
 								            """ % (user.name, URL, user.uuid, timestamp, hash_encode)
 								            send_mail('忘记跳板机密码', msg, MAIL_FROM, [email], fail_silently=False)
 								            msg = u'请登陆邮箱，点击邮件重设密码'
 								            return HttpResponse(msg)
 								        else:
 								            error = u'用户不存在或邮件地址错误'
 								    return render_to_response('juser/forget_password.html', locals())
 								def reset_password(request):
 								    uuid = request.GET.get('uuid', '')
 								    timestamp = request.GET.get('timestamp', '')
 								    hash_encode = request.GET.get('hash', '')
 								    action = '/juser/reset_password/?uuid=%s&timestamp=%s&hash=%s' % (uuid, timestamp, hash_encode)
 								    if request.method == 'POST':
 								        password = request.POST.get('password')
 								        password_confirm = request.POST.get('password_confirm')
 								        if password != password_confirm:
 								            return HttpResponse('密码不匹配')
 								        else:
 								            user = get_object(User, uuid=uuid)
 								            if user:
 								                user.password = PyCrypt.md5_crypt(password)
 								                user.save()
 								                return HttpResponse('密码重设成功')
 								            else:
 								                return HttpResponse('用户不存在')
 								    if hash_encode == PyCrypt.md5_crypt(uuid + timestamp + KEY):
 								        if int(time.time()) - int(timestamp) > 600:
 								            return HttpResponse('链接已超时')
 								        else:
 								            return render_to_response('juser/reset_password.html', locals())
 								    return http_error(request, u'错误请求')
-												删除部门前

											
										
										
											9 years ago
+								@require_role(role='super')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def user_edit(request):
-												添加忘记密码

											
										
										
											9 years ago
+								    header_title, path1, path2 = '编辑用户', '用户管理', '编辑用户'
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    if request.method == 'GET':
 								        user_id = request.GET.get('id', '')
 								        if not user_id:
 								            return HttpResponseRedirect('/')
-												修改修改用户bug

											
										
										
											9 years ago
+								        user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
-												添加忘记密码

											
										
										
											9 years ago
+								        user = get_object(User, id=user_id)
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        group_all = UserGroup.objects.all()
 								        if user:
 								            groups_str = ' '.join([str(group.id) for group in user.group.all()])
-												修改修改用户bug

											
										
										
											9 years ago
+								            admin_groups_str = ' '.join([str(admin_group.group.id) for admin_group in user.admingroup_set.all()])
-												version 2.0.0 beta

											
										
										
											10 years ago
 								    else:
-												修改修改用户bug

											
										
										
											9 years ago
+								        user_id = request.GET.get('id', '')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        password = request.POST.get('password', '')
 								        name = request.POST.get('name', '')
 								        email = request.POST.get('email', '')
 								        groups = request.POST.getlist('groups', [])
 								        role_post = request.POST.get('role', 'CU')
-												修改修改用户bug

											
										
										
											9 years ago
+								        admin_groups = request.POST.getlist('admin_groups', [])
 								        extra = request.POST.getlist('extra', [])
 								        is_active = True if '0' in extra else False
 								        email_need = True if '2' in extra else False
-												用户模块修改告一段落

											
										
										
											9 years ago
+								        user_role = {'SU': u'超级管理员', 'GA': u'部门管理员', 'CU': u'普通用户'}
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        if user_id:
-												修改修改用户bug

											
										
										
											9 years ago
+								            user = get_object(User, id=user_id)
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        else:
 								            return HttpResponseRedirect('/juser/user_list/')
 								        if password != user.password:
-												修改修改用户bug

											
										
										
											9 years ago
+								            password_decode = password
-												modify some

											
										
										
											10 years ago
+								            password = CRYPTOR.md5_crypt(password)
-												修改修改用户bug

											
										
										
											9 years ago
+								        else:
 								            password_decode = None
-												version 2.0.0 beta

											
										
										
											10 years ago
 								        db_update_user(user_id=user_id,
 								                       password=password,
 								                       name=name,
 								                       email=email,
 								                       groups=groups,
-												修改修改用户bug

											
										
										
											9 years ago
+								                       admin_groups=admin_groups,
-												version 2.0.0 beta

											
										
										
											10 years ago
+								                       role=role_post,
-												修改修改用户bug

											
										
										
											9 years ago
+								                       is_active=is_active)
-												用户模块修改告一段落

											
										
										
											9 years ago
+								        if email_need:
-												修改修改用户bug

											
										
										
											9 years ago
+								            msg = u"""
 								            Hi %s:
 								                您的信息已修改，请登录跳板机查看详细信息
 								                地址：%s
 								                用户名： %s
 								                密码：%s (如果密码为None代表密码为原密码)
 								                角色：%s
 								            """ % (user.name, URL, user.username, password_decode, user_role.get(role_post, u''))
 								            send_mail('您的信息已修改', msg, MAIL_FROM, [email], fail_silently=False)
-												version 2.0.0 beta

											
										
										
											10 years ago
 								        return HttpResponseRedirect('/juser/user_list/')
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    return my_render('juser/user_edit.html', locals(), request)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												用户模块修改告一段落

											
										
										
											9 years ago
+								# @require_role(role='admin')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def user_edit_adm(request):
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    pass
 								#     header_title, path1, path2 = '编辑用户', '用户管理', '用户编辑'
 								#     user, dept = get_session_user_dept(request)
 								#     if request.method == 'GET':
 								#         user_id = request.GET.get('id', '')
 								#         if not user_id:
 								#             return HttpResponseRedirect('/juser/user_list/')
 								#
 								#         if not validate(request, user=[user_id]):
 								#             return HttpResponseRedirect('/juser/user_list/')
 								#
 								#         user = User.objects.filter(id=user_id)
 								#         dept_all = DEPT.objects.all()
 								#         group_all = dept.usergroup_set.all()
 								#         if user:
 								#             user = user[0]
 								#             groups_str = ' '.join([str(group.id) for group in user.group.all()])
 								#
 								#     else:
 								#         user_id = request.POST.get('user_id', '')
 								#         password = request.POST.get('password', '')
 								#         name = request.POST.get('name', '')
 								#         email = request.POST.get('email', '')
 								#         groups = request.POST.getlist('groups', [])
 								#         ssh_key_pwd = request.POST.get('ssh_key_pwd', '')
 								#         is_active = True if request.POST.get('is_active', '1') == '1' else False
 								#
 								#         if not validate(request, user=[user_id], user_group=groups):
 								#             return HttpResponseRedirect('/juser/user_edit/')
 								#         if user_id:
 								#             user = User.objects.filter(id=user_id)
 								#             if user:
 								#                 user = user[0]
 								#         else:
 								#             return HttpResponseRedirect('/juser/user_list/')
 								#
 								#         if password != user.password:
 								#             password = CRYPTOR.md5_crypt(password)
 								#
 								#         if ssh_key_pwd != user.ssh_key_pwd:
 								#             ssh_key_pwd = CRYPTOR.encrypt(ssh_key_pwd)
 								#
 								#         db_update_user(user_id=user_id,
 								#                        password=password,
 								#                        name=name,
 								#                        email=email,
 								#                        groups=groups,
 								#                        is_active=is_active,
 								#                        ssh_key_pwd=ssh_key_pwd)
 								#
 								#         return HttpResponseRedirect('/juser/user_list/')
 								#
 								#     return render_to_response('juser/user_edit.html', locals(), context_instance=RequestContext(request))
 								#
-												version 2.0.0 beta

											
										
										
											10 years ago
 								def profile(request):
 								    user_id = request.session.get('user_id')
 								    if not user_id:
 								        return HttpResponseRedirect('/')
 								    user = User.objects.get(id=user_id)
 								    return render_to_response('juser/profile.html', locals(), context_instance=RequestContext(request))
-												用户模块修改告一段落

											
										
										
											9 years ago
+								def change_info(request):
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    header_title, path1, path2 = '修改信息', '用户管理', '修改个人信息'
 								    user_id = request.session.get('user_id')
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    user = get_object(User, id=user_id)
-												version 2.0.0 beta

											
										
										
											10 years ago
+								    error = ''
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    if not user:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        return HttpResponseRedirect('/')
 								    if request.method == 'POST':
 								        name = request.POST.get('name', '')
 								        password = request.POST.get('password', '')
 								        email = request.POST.get('email', '')
-												用户模块修改告一段落

											
										
										
											9 years ago
+								        if '' in [name, password, email]:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								            error = '不能为空'
-												修改资产管理

											
										
										
											9 years ago
+								        if len(password) < 6:
-												version 2.0.0 beta

											
										
										
											10 years ago
+								            error = '密码须大于6位'
 								        if not error:
 								            if password != user.password:
-												modify some

											
										
										
											10 years ago
+								                password = CRYPTOR.md5_crypt(password)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												用户模块修改告一段落

											
										
										
											9 years ago
+								            user.update(name=name, password=password, email=email)
-												version 2.0.0 beta

											
										
										
											10 years ago
+								            msg = '修改成功'
-												用户模块修改告一段落

											
										
										
											9 years ago
+								    return render_to_response('juser/change_info.html', locals(), context_instance=RequestContext(request))
 								@require_role(role='user')
 								def regen_ssh_key(request):
 								    uuid = request.GET.get('uuid', '')
 								    user = get_object(User, uuid=uuid)
 								    if not user:
 								        return HttpResponse('没有该用户')
 								    username = user.username
 								    ssh_key_pass = PyCrypt.random_pass(16)
 								    gen_ssh_key(username, ssh_key_pass)
 								    return HttpResponse('ssh密钥已生成，密码为 %s, 请到下载页面下载' % ssh_key_pass)
-												version 2.0.0 beta

											
										
										
											10 years ago
-												删除部门前

											
										
										
											9 years ago
+								@require_role(role='user')
-												version 2.0.0 beta

											
										
										
											10 years ago
+								def down_key(request):
 								    user_id = ''
-												删除部门前

											
										
										
											9 years ago
+								    if is_role_request(request, 'super'):
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        user_id = request.GET.get('id')
-												删除部门前

											
										
										
											9 years ago
+								    if is_role_request(request, 'user'):
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        user_id = request.session.get('user_id')
 								    if user_id:
-												用户模块修改告一段落

											
										
										
											9 years ago
+								        user = get_object(User, id=user_id)
-												version 2.0.0 beta

											
										
										
											10 years ago
+								        if user:
 								            username = user.username
-												用户模块修改告一段落

											
										
										
											9 years ago
+								            private_key_file = os.path.join(BASE_DIR, 'keys/jumpserver', username+".pem")
-												version 2.0.0 beta

											
										
										
											10 years ago
+								            if os.path.isfile(private_key_file):
 								                f = open(private_key_file)
 								                data = f.read()
 								                f.close()
 								                response = HttpResponse(data, content_type='application/octet-stream')
 								                response['Content-Disposition'] = 'attachment; filename=%s' % os.path.basename(private_key_file)
 								                return response
 								    return HttpResponse('No Key File. Contact Admin.')