2015-01-21 15:28:56 +00:00
|
|
|
# coding: utf-8
|
|
|
|
|
2015-01-21 15:22:21 +00:00
|
|
|
from django.shortcuts import render_to_response
|
2015-03-06 16:12:38 +00:00
|
|
|
from django.http import HttpResponseRedirect, HttpResponse
|
2015-02-27 14:14:09 +00:00
|
|
|
from django.template import RequestContext
|
2015-01-24 08:27:29 +00:00
|
|
|
from juser.models import User, UserGroup
|
2015-01-28 16:53:15 +00:00
|
|
|
from jasset.models import Asset, BisGroup
|
2015-02-09 00:40:54 +00:00
|
|
|
from jperm.models import Perm, SudoPerm, CmdGroup
|
2015-01-24 06:36:58 +00:00
|
|
|
from django.core.paginator import Paginator, EmptyPage, InvalidPage
|
2015-02-09 00:40:54 +00:00
|
|
|
from django.db.models import Q
|
2015-03-07 09:37:26 +00:00
|
|
|
from jumpserver.views import LDAP_ENABLE, ldap_conn, CONF, page_list_return
|
|
|
|
from jumpserver.api import user_perm_asset_api
|
2015-02-09 10:50:21 +00:00
|
|
|
|
|
|
|
|
|
|
|
if LDAP_ENABLE:
|
|
|
|
LDAP_HOST_URL = CONF.get('ldap', 'host_url')
|
|
|
|
LDAP_BASE_DN = CONF.get('ldap', 'base_dn')
|
|
|
|
LDAP_ROOT_DN = CONF.get('ldap', 'root_dn')
|
|
|
|
LDAP_ROOT_PW = CONF.get('ldap', 'root_pw')
|
2015-01-24 06:36:58 +00:00
|
|
|
|
|
|
|
|
2015-02-11 10:38:56 +00:00
|
|
|
def user_asset_cmd_groups_get(user_groups_select='', asset_groups_select='', cmd_groups_select=''):
|
|
|
|
user_groups_select_list = []
|
|
|
|
asset_groups_select_list = []
|
|
|
|
cmd_groups_select_list = []
|
|
|
|
|
|
|
|
for user_group_id in user_groups_select:
|
|
|
|
user_groups_select_list.append(UserGroup.objects.get(id=user_group_id))
|
|
|
|
|
|
|
|
for asset_group_id in asset_groups_select:
|
|
|
|
asset_groups_select_list.append(BisGroup.objects.get(id=asset_group_id))
|
|
|
|
|
|
|
|
for cmd_group_id in cmd_groups_select:
|
|
|
|
cmd_groups_select_list.append(CmdGroup.objects.get(id=cmd_group_id))
|
|
|
|
|
|
|
|
return user_groups_select_list, asset_groups_select_list, cmd_groups_select_list
|
|
|
|
|
|
|
|
|
|
|
|
def perm_add(request):
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'主机授权添加.', u'授权管理', u'授权添加'
|
2015-02-11 10:38:56 +00:00
|
|
|
|
|
|
|
if request.method == 'GET':
|
2015-03-05 16:24:17 +00:00
|
|
|
user_groups = UserGroup.objects.filter(id__gt=2)
|
2015-02-11 10:38:56 +00:00
|
|
|
asset_groups = BisGroup.objects.all()
|
|
|
|
|
|
|
|
else:
|
|
|
|
name = request.POST.get('name', '')
|
|
|
|
user_groups_select = request.POST.getlist('user_groups_select')
|
|
|
|
asset_groups_select = request.POST.getlist('asset_groups_select')
|
|
|
|
comment = request.POST.get('comment', '')
|
|
|
|
|
|
|
|
user_groups, asset_groups = user_asset_cmd_groups_get(user_groups_select, asset_groups_select, '')[0:2]
|
|
|
|
|
|
|
|
perm = Perm(name=name, comment=comment)
|
|
|
|
perm.save()
|
|
|
|
|
|
|
|
perm.user_group = user_groups
|
|
|
|
perm.asset_group = asset_groups
|
|
|
|
msg = '添加成功'
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/perm_add.html', locals(), context_instance=RequestContext(request))
|
2015-02-11 10:38:56 +00:00
|
|
|
|
|
|
|
|
2015-03-05 16:24:17 +00:00
|
|
|
def perm_list(request):
|
|
|
|
header_title, path1, path2 = u'主机授权', u'授权管理', u'授权详情'
|
2015-03-06 16:12:38 +00:00
|
|
|
keyword = request.GET.get('search', '')
|
|
|
|
if keyword:
|
|
|
|
contact_list = Perm.objects.filter(name__icontains=keyword)
|
|
|
|
else:
|
|
|
|
contact_list = Perm.objects.all()
|
2015-03-05 16:24:17 +00:00
|
|
|
p = paginator = Paginator(contact_list, 10)
|
|
|
|
try:
|
|
|
|
current_page = int(request.GET.get('page', '1'))
|
|
|
|
except ValueError:
|
|
|
|
current_page = 1
|
|
|
|
|
|
|
|
page_range = page_list_return(len(p.page_range), current_page)
|
|
|
|
|
|
|
|
try:
|
|
|
|
contacts = paginator.page(current_page)
|
|
|
|
except (EmptyPage, InvalidPage):
|
|
|
|
contacts = paginator.page(paginator.num_pages)
|
|
|
|
return render_to_response('jperm/perm_list.html', locals(), context_instance=RequestContext(request))
|
|
|
|
|
|
|
|
|
2015-03-06 16:12:38 +00:00
|
|
|
# def perm_list_ajax(request):
|
|
|
|
# tab = request.POST.get('tab', 'tab1')
|
|
|
|
# search = request.POST.get('search', '')
|
|
|
|
#
|
|
|
|
# if tab == 'tab1':
|
|
|
|
# groups = contact_list = UserGroup.objects.filter(name__icontains=search).order_by('type')
|
|
|
|
# p = paginator = Paginator(contact_list, 10)
|
|
|
|
#
|
|
|
|
# try:
|
|
|
|
# page = int(request.GET.get('page', '1'))
|
|
|
|
# except ValueError:
|
|
|
|
# page = 1
|
|
|
|
#
|
|
|
|
# try:
|
|
|
|
# contacts = paginator.page(page)
|
|
|
|
# except (EmptyPage, InvalidPage):
|
|
|
|
# contacts = paginator.page(paginator.num_pages)
|
|
|
|
#
|
|
|
|
# else:
|
|
|
|
# users = contact_list2 = User.objects.filter(name__icontains=search).order_by('id')
|
|
|
|
# p2 = paginator2 = Paginator(contact_list2, 10)
|
|
|
|
#
|
|
|
|
# try:
|
|
|
|
# page = int(request.GET.get('page', '1'))
|
|
|
|
# except ValueError:
|
|
|
|
# page = 1
|
|
|
|
#
|
|
|
|
# try:
|
|
|
|
# contacts2 = paginator2.page(page)
|
|
|
|
# except (EmptyPage, InvalidPage):
|
|
|
|
# contacts2 = paginator2.page(paginator2.num_pages)
|
|
|
|
#
|
|
|
|
# return render_to_response('jperm/perm_list_ajax.html', locals())
|
|
|
|
|
|
|
|
def perm_group_update(perm_id, user_group_id_list, asset_groups_id_list):
|
|
|
|
perm = Perm.objects.filter(id=perm_id)
|
|
|
|
if perm:
|
|
|
|
perm = perm[0]
|
|
|
|
user_group_list = []
|
|
|
|
asset_group_list = []
|
2015-02-03 15:03:51 +00:00
|
|
|
|
2015-03-06 16:12:38 +00:00
|
|
|
for user_group_id in user_group_id_list:
|
|
|
|
user_group_list.extend(UserGroup.objects.filter(id=user_group_id))
|
2015-02-03 15:03:51 +00:00
|
|
|
|
2015-03-06 16:12:38 +00:00
|
|
|
for asset_group_id in asset_groups_id_list:
|
|
|
|
asset_group_list.extend(BisGroup.objects.filter(id=asset_group_id))
|
2015-02-03 15:03:51 +00:00
|
|
|
|
2015-03-06 16:12:38 +00:00
|
|
|
perm.user_group.clear()
|
|
|
|
perm.asset_group.clear()
|
|
|
|
perm.user_group = user_group_list
|
|
|
|
perm.asset_group = asset_group_list
|
2015-02-03 15:03:51 +00:00
|
|
|
|
|
|
|
|
2015-01-28 16:53:15 +00:00
|
|
|
def perm_edit(request):
|
2015-01-21 15:56:18 +00:00
|
|
|
if request.method == 'GET':
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权编辑'
|
2015-03-06 16:12:38 +00:00
|
|
|
perm_id = request.GET.get('id', '')
|
2015-02-11 10:38:56 +00:00
|
|
|
perm = Perm.objects.filter(id=perm_id)
|
|
|
|
if perm:
|
|
|
|
perm = perm[0]
|
|
|
|
name = perm.name
|
|
|
|
comment = perm.comment
|
|
|
|
user_groups_select = perm.user_group.all()
|
|
|
|
asset_groups_select = perm.asset_group.all()
|
|
|
|
|
2015-03-06 16:12:38 +00:00
|
|
|
user_groups_all = UserGroup.objects.all()
|
2015-02-11 10:38:56 +00:00
|
|
|
asset_groups_all = BisGroup.objects.all()
|
|
|
|
|
|
|
|
user_groups = [user_group for user_group in user_groups_all if user_group not in user_groups_select]
|
|
|
|
asset_groups = [asset_group for asset_group in asset_groups_all if asset_group not in asset_groups_select]
|
2015-01-21 15:56:18 +00:00
|
|
|
else:
|
2015-03-06 16:12:38 +00:00
|
|
|
perm_id = request.POST.get('perm_id', '')
|
|
|
|
user_group_id_list = request.POST.getlist('user_groups_select')
|
|
|
|
asset_group_id_list = request.POST.getlist('asset_groups_select')
|
|
|
|
# return HttpResponse("perm_id: %s user_group: %s asset_group: %s" % (perm_id, repr(user_group_id_list), repr(asset_group_id_list) ))
|
|
|
|
# return HttpResponse(perm_group_update(perm_id, user_group_id_list, asset_group_id_list))
|
|
|
|
perm_group_update(perm_id, user_group_id_list, asset_group_id_list)
|
|
|
|
|
|
|
|
return HttpResponseRedirect('/jperm/perm_list/')
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/perm_edit.html', locals(), context_instance=RequestContext(request))
|
2015-01-28 16:53:15 +00:00
|
|
|
|
|
|
|
|
2015-01-30 06:54:45 +00:00
|
|
|
def perm_detail(request):
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权详情'
|
2015-02-11 15:32:24 +00:00
|
|
|
perm_id = request.GET.get('id')
|
|
|
|
perm = Perm.objects.filter(id=perm_id)
|
|
|
|
if perm:
|
|
|
|
perm = perm[0]
|
|
|
|
user_groups = perm.user_group.all()
|
|
|
|
asset_groups = perm.asset_group.all()
|
|
|
|
|
|
|
|
users_list = []
|
|
|
|
assets_list = []
|
|
|
|
|
|
|
|
for user_group in user_groups:
|
|
|
|
users_list.extend(user_group.user_set.all())
|
|
|
|
for asset_group in asset_groups:
|
|
|
|
assets_list.extend(asset_group.asset_set.all())
|
|
|
|
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/perm_detail.html', locals(), context_instance=RequestContext(request))
|
2015-01-30 06:54:45 +00:00
|
|
|
|
|
|
|
|
|
|
|
def perm_del(request):
|
2015-02-11 15:32:24 +00:00
|
|
|
perm_id = request.GET.get('id')
|
|
|
|
perm = Perm.objects.filter(id=perm_id)
|
|
|
|
if perm:
|
|
|
|
perm = perm[0]
|
|
|
|
perm.delete()
|
2015-01-30 06:54:45 +00:00
|
|
|
return HttpResponseRedirect('/jperm/perm_list/')
|
|
|
|
|
|
|
|
|
2015-01-30 08:39:34 +00:00
|
|
|
def perm_asset_detail(request):
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'用户授权主机', u'权限管理', u'用户主机详情'
|
2015-01-30 08:39:34 +00:00
|
|
|
user_id = request.GET.get('id')
|
2015-02-12 16:00:07 +00:00
|
|
|
user = User.objects.filter(id=user_id)
|
|
|
|
if user:
|
|
|
|
user = user[0]
|
2015-03-07 09:37:26 +00:00
|
|
|
assets_list = user_perm_asset_api(user.username)
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/perm_asset_detail.html', locals(), context_instance=RequestContext(request))
|
2015-01-30 08:39:34 +00:00
|
|
|
|
2015-01-30 06:54:45 +00:00
|
|
|
|
2015-02-10 10:53:01 +00:00
|
|
|
def sudo_db_add(name, user_runas, user_groups_select, asset_groups_select, cmd_groups_select, comment):
|
2015-02-09 00:40:54 +00:00
|
|
|
user_groups_select_list, asset_groups_select_list, cmd_groups_select_list = \
|
|
|
|
user_asset_cmd_groups_get(user_groups_select, asset_groups_select, cmd_groups_select)
|
|
|
|
|
2015-02-09 16:21:08 +00:00
|
|
|
sudo_perm = SudoPerm(name=name, user_runas=user_runas, comment=comment)
|
2015-02-09 00:40:54 +00:00
|
|
|
sudo_perm.save()
|
|
|
|
sudo_perm.user_group = user_groups_select_list
|
|
|
|
sudo_perm.asset_group = asset_groups_select_list
|
|
|
|
sudo_perm.cmd_group = cmd_groups_select_list
|
|
|
|
|
|
|
|
|
2015-02-09 16:21:08 +00:00
|
|
|
def sudo_db_update(sudo_perm_id, name, user_runas, user_groups_select, asset_groups_select, cmd_groups_select, comment):
|
|
|
|
user_groups_select_list, asset_groups_select_list, cmd_groups_select_list = \
|
|
|
|
user_asset_cmd_groups_get(user_groups_select, asset_groups_select, cmd_groups_select)
|
|
|
|
sudo_perm = SudoPerm.objects.filter(id=sudo_perm_id)
|
|
|
|
if sudo_perm:
|
|
|
|
sudo_perm.update(name=name, user_runas=user_runas, comment=comment)
|
|
|
|
sudo_perm = sudo_perm[0]
|
|
|
|
sudo_perm.user_group = user_groups_select_list
|
|
|
|
sudo_perm.asset_group = asset_groups_select_list
|
|
|
|
sudo_perm.cmd_group = cmd_groups_select_list
|
|
|
|
|
|
|
|
|
2015-02-09 10:50:21 +00:00
|
|
|
def unicode2str(unicode_list):
|
|
|
|
return [str(i) for i in unicode_list]
|
|
|
|
|
|
|
|
|
2015-02-10 10:53:01 +00:00
|
|
|
def sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select,
|
|
|
|
cmd_groups_select, update=False, old_name=''):
|
2015-02-09 00:40:54 +00:00
|
|
|
user_groups_select_list, asset_groups_select_list, cmd_groups_select_list = \
|
|
|
|
user_asset_cmd_groups_get(user_groups_select, asset_groups_select, cmd_groups_select)
|
|
|
|
|
2015-02-09 10:50:21 +00:00
|
|
|
users = []
|
|
|
|
assets = []
|
|
|
|
cmds = []
|
2015-02-09 16:21:08 +00:00
|
|
|
users_runas = users_runas.split(',')
|
2015-02-10 10:53:01 +00:00
|
|
|
asset_all = False
|
2015-02-09 10:50:21 +00:00
|
|
|
|
|
|
|
for user_group in user_groups_select_list:
|
|
|
|
users.extend(user_group.user_set.all())
|
|
|
|
|
|
|
|
for asset_group in asset_groups_select_list:
|
2015-02-10 10:53:01 +00:00
|
|
|
if u'ALL' in asset_group.name:
|
|
|
|
asset_all = True
|
|
|
|
break
|
|
|
|
else:
|
|
|
|
assets.extend(asset_group.asset_set.all())
|
2015-02-09 10:50:21 +00:00
|
|
|
|
|
|
|
for cmd_group in cmd_groups_select_list:
|
|
|
|
cmds.extend(cmd_group.cmd.split(','))
|
|
|
|
|
2015-02-09 16:21:08 +00:00
|
|
|
users_name = [user.username for user in users]
|
2015-02-10 10:53:01 +00:00
|
|
|
if asset_all:
|
|
|
|
assets_ip = ['ALL']
|
|
|
|
else:
|
|
|
|
assets_ip = [asset.ip for asset in assets]
|
2015-02-09 10:50:21 +00:00
|
|
|
|
|
|
|
sudo_dn = 'cn=%s,ou=Sudoers,%s' % (name, LDAP_BASE_DN)
|
|
|
|
sudo_attr = {'objectClass': ['top', 'sudoRole'],
|
|
|
|
'cn': ['%s' % str(name)],
|
|
|
|
'sudoCommand': unicode2str(cmds),
|
|
|
|
'sudoHost': unicode2str(assets_ip),
|
|
|
|
'sudoOption': ['!authenticate'],
|
|
|
|
'sudoRunAsUser': unicode2str(users_runas),
|
|
|
|
'sudoUser': unicode2str(users_name)}
|
|
|
|
|
2015-02-09 16:21:08 +00:00
|
|
|
if update:
|
2015-02-10 10:53:01 +00:00
|
|
|
old_sudo_dn = 'cn=%s,ou=Sudoers,%s' % (old_name, LDAP_BASE_DN)
|
|
|
|
ldap_conn.delete(old_sudo_dn)
|
2015-02-09 16:21:08 +00:00
|
|
|
|
2015-02-09 10:50:21 +00:00
|
|
|
ldap_conn.add(sudo_dn, sudo_attr)
|
|
|
|
|
2015-02-09 00:40:54 +00:00
|
|
|
|
|
|
|
def sudo_add(request):
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'添加Sudo权限'
|
2015-03-07 09:37:26 +00:00
|
|
|
user_groups = UserGroup.objects.filter(id__gt=2)
|
2015-03-03 14:44:00 +00:00
|
|
|
asset_groups = BisGroup.objects.all()
|
2015-02-09 00:40:54 +00:00
|
|
|
cmd_groups = CmdGroup.objects.all()
|
|
|
|
|
|
|
|
if request.method == 'POST':
|
2015-02-09 10:50:21 +00:00
|
|
|
name = request.POST.get('name')
|
2015-02-09 16:21:08 +00:00
|
|
|
users_runas = request.POST.get('runas', 'root')
|
2015-02-09 00:40:54 +00:00
|
|
|
user_groups_select = request.POST.getlist('user_groups_select')
|
|
|
|
asset_groups_select = request.POST.getlist('asset_groups_select')
|
|
|
|
cmd_groups_select = request.POST.getlist('cmd_groups_select')
|
|
|
|
comment = request.POST.get('comment', '')
|
|
|
|
|
2015-02-09 16:21:08 +00:00
|
|
|
sudo_db_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select, comment)
|
2015-02-09 10:50:21 +00:00
|
|
|
sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select)
|
2015-02-09 00:40:54 +00:00
|
|
|
|
|
|
|
msg = '添加成功'
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/sudo_add.html', locals(), context_instance=RequestContext(request))
|
2015-02-09 00:40:54 +00:00
|
|
|
|
|
|
|
|
2015-02-06 16:07:07 +00:00
|
|
|
def sudo_list(request):
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情'
|
2015-02-09 16:21:08 +00:00
|
|
|
sudo_perms = contact_list = SudoPerm.objects.all()
|
|
|
|
p1 = paginator1 = Paginator(contact_list, 10)
|
2015-03-07 09:37:26 +00:00
|
|
|
user_groups = UserGroup.objects.filter(id__gt=2)
|
2015-02-09 00:40:54 +00:00
|
|
|
asset_groups = BisGroup.objects.all()
|
|
|
|
cmd_groups = CmdGroup.objects.all()
|
2015-02-09 16:21:08 +00:00
|
|
|
|
2015-02-06 16:07:07 +00:00
|
|
|
try:
|
2015-02-09 16:21:08 +00:00
|
|
|
page1 = int(request.GET.get('page', '1'))
|
2015-02-06 16:07:07 +00:00
|
|
|
except ValueError:
|
2015-02-09 16:21:08 +00:00
|
|
|
page1 = 1
|
2015-02-06 16:07:07 +00:00
|
|
|
|
|
|
|
try:
|
2015-02-09 16:21:08 +00:00
|
|
|
contacts1 = paginator1.page(page1)
|
2015-02-06 16:07:07 +00:00
|
|
|
except (EmptyPage, InvalidPage):
|
2015-02-09 16:21:08 +00:00
|
|
|
contacts1 = paginator1.page(paginator1.num_pages)
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request))
|
2015-02-06 16:07:07 +00:00
|
|
|
|
|
|
|
|
2015-02-09 16:21:08 +00:00
|
|
|
def sudo_edit(request):
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo修改'
|
2015-02-09 16:21:08 +00:00
|
|
|
|
|
|
|
if request.method == 'GET':
|
|
|
|
sudo_perm_id = request.GET.get('id', '0')
|
|
|
|
sudo_perm = SudoPerm.objects.filter(id=int(sudo_perm_id))
|
|
|
|
if sudo_perm:
|
2015-03-07 09:37:26 +00:00
|
|
|
user_group_all = UserGroup.objects.filter(id__gt=2)
|
2015-02-09 16:21:08 +00:00
|
|
|
asset_group_all = BisGroup.objects.filter()
|
|
|
|
cmd_group_all = CmdGroup.objects.all()
|
|
|
|
|
|
|
|
sudo_perm = sudo_perm[0]
|
|
|
|
user_group_permed = sudo_perm.user_group.all()
|
|
|
|
asset_group_permed = sudo_perm.asset_group.all()
|
|
|
|
cmd_group_permed = sudo_perm.cmd_group.all()
|
|
|
|
|
|
|
|
user_groups = [user_group for user_group in user_group_all if user_group not in user_group_permed]
|
|
|
|
asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed]
|
|
|
|
cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed]
|
|
|
|
|
|
|
|
name = sudo_perm.name
|
|
|
|
user_runas = sudo_perm.user_runas
|
|
|
|
comment = sudo_perm.comment
|
|
|
|
|
|
|
|
else:
|
|
|
|
sudo_perm_id = request.POST.get('sudo_perm_id')
|
|
|
|
name = request.POST.get('name')
|
|
|
|
users_runas = request.POST.get('runas', 'root')
|
|
|
|
user_groups_select = request.POST.getlist('user_groups_select')
|
|
|
|
asset_groups_select = request.POST.getlist('asset_groups_select')
|
|
|
|
cmd_groups_select = request.POST.getlist('cmd_groups_select')
|
|
|
|
comment = request.POST.get('comment', '')
|
|
|
|
|
2015-02-10 10:53:01 +00:00
|
|
|
sudo_perm = SudoPerm.objects.get(id=sudo_perm_id)
|
|
|
|
old_name = sudo_perm.name
|
2015-02-09 16:21:08 +00:00
|
|
|
sudo_db_update(sudo_perm_id, name, users_runas, user_groups_select,
|
|
|
|
asset_groups_select, cmd_groups_select, comment)
|
2015-02-10 10:53:01 +00:00
|
|
|
sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select,
|
|
|
|
cmd_groups_select, update=True, old_name=str(old_name))
|
2015-02-09 16:21:08 +00:00
|
|
|
msg = '修改成功'
|
|
|
|
|
|
|
|
return HttpResponseRedirect('/jperm/sudo_list/')
|
|
|
|
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/sudo_edit.html', locals(), context_instance=RequestContext(request))
|
2015-02-09 16:21:08 +00:00
|
|
|
|
|
|
|
|
|
|
|
def sudo_detail(request):
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'Sudo授权详情', u'授权管理', u'授权详情'
|
2015-02-09 16:21:08 +00:00
|
|
|
sudo_perm_id = request.GET.get('id')
|
|
|
|
sudo_perm = SudoPerm.objects.filter(id=sudo_perm_id)
|
|
|
|
if sudo_perm:
|
|
|
|
sudo_perm = sudo_perm[0]
|
|
|
|
user_groups = sudo_perm.user_group.all()
|
|
|
|
asset_groups = sudo_perm.asset_group.all()
|
|
|
|
cmd_groups = sudo_perm.cmd_group.all()
|
|
|
|
|
|
|
|
users_list = []
|
|
|
|
assets_list = []
|
|
|
|
cmds_list = []
|
|
|
|
|
|
|
|
for user_group in user_groups:
|
|
|
|
users_list.extend(user_group.user_set.all())
|
|
|
|
for asset_group in asset_groups:
|
|
|
|
assets_list.extend(asset_group.asset_set.all())
|
|
|
|
for cmd_group in cmd_groups:
|
2015-02-10 10:53:01 +00:00
|
|
|
cmds_list.append({cmd_group.name: cmd_group.cmd.split(',')})
|
2015-02-09 16:21:08 +00:00
|
|
|
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/sudo_detail.html', locals(), context_instance=RequestContext(request))
|
2015-02-09 16:21:08 +00:00
|
|
|
|
|
|
|
|
|
|
|
def sudo_del(request):
|
|
|
|
sudo_perm_id = request.GET.get('id', '0')
|
|
|
|
sudo_perm = SudoPerm.objects.filter(id=int(sudo_perm_id))
|
|
|
|
if sudo_perm:
|
|
|
|
name = sudo_perm[0].name
|
|
|
|
sudo_perm.delete()
|
|
|
|
sudo_dn = 'cn=%s,ou=Sudoers,%s' % (name, LDAP_BASE_DN)
|
|
|
|
ldap_conn.delete(sudo_dn)
|
|
|
|
return HttpResponseRedirect('/jperm/sudo_list/')
|
|
|
|
|
|
|
|
|
2015-02-09 00:40:54 +00:00
|
|
|
def cmd_add(request):
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'sudo命令添加', u'授权管理', u'命令组添加'
|
2015-02-09 00:40:54 +00:00
|
|
|
|
|
|
|
if request.method == 'POST':
|
|
|
|
name = request.POST.get('name')
|
|
|
|
cmd = ','.join(request.POST.get('cmd').split())
|
|
|
|
comment = request.POST.get('comment')
|
|
|
|
|
|
|
|
CmdGroup.objects.create(name=name, cmd=cmd, comment=comment)
|
|
|
|
msg = u'命令组添加成功'
|
|
|
|
|
2015-02-10 13:52:59 +00:00
|
|
|
return HttpResponseRedirect('/jperm/cmd_list/')
|
|
|
|
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
|
2015-02-10 13:52:59 +00:00
|
|
|
|
|
|
|
|
|
|
|
def cmd_edit(request):
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'sudo命令修改', u'授权管理管理', u'命令组修改'
|
2015-02-10 13:52:59 +00:00
|
|
|
|
|
|
|
cmd_group_id = request.GET.get('id')
|
|
|
|
cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
|
|
|
|
|
|
|
|
if cmd_group:
|
|
|
|
cmd_group = cmd_group[0]
|
|
|
|
cmd_group_id = cmd_group.id
|
|
|
|
name = cmd_group.name
|
2015-03-07 09:37:26 +00:00
|
|
|
cmd = '\n'.join(cmd_group.cmd.split(','))
|
2015-02-10 13:52:59 +00:00
|
|
|
comment = cmd_group.comment
|
|
|
|
|
|
|
|
if request.method == 'POST':
|
|
|
|
cmd_group_id = request.POST.get('cmd_group_id')
|
|
|
|
name = request.POST.get('name')
|
|
|
|
cmd = ','.join(request.POST.get('cmd').split())
|
|
|
|
comment = request.POST.get('comment')
|
|
|
|
|
|
|
|
cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
|
|
|
|
if cmd_group:
|
|
|
|
cmd_group.update(name=name, cmd=cmd, comment=comment)
|
|
|
|
return HttpResponseRedirect('/jperm/cmd_list/')
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
|
2015-02-09 00:40:54 +00:00
|
|
|
|
|
|
|
|
|
|
|
def cmd_list(request):
|
2015-03-05 16:24:17 +00:00
|
|
|
header_title, path1, path2 = u'sudo命令查看', u'权限管理', u'Sudo命令添加'
|
2015-02-09 00:40:54 +00:00
|
|
|
|
|
|
|
cmd_groups = contact_list = CmdGroup.objects.all()
|
|
|
|
p = paginator = Paginator(contact_list, 10)
|
|
|
|
|
|
|
|
try:
|
|
|
|
page = int(request.GET.get('page', '1'))
|
|
|
|
except ValueError:
|
|
|
|
page = 1
|
|
|
|
|
|
|
|
try:
|
|
|
|
contacts = paginator.page(page)
|
|
|
|
except (EmptyPage, InvalidPage):
|
|
|
|
contacts = paginator.page(paginator.num_pages)
|
2015-02-27 14:14:09 +00:00
|
|
|
return render_to_response('jperm/sudo_cmd_list.html', locals(), context_instance=RequestContext(request))
|
2015-02-09 00:40:54 +00:00
|
|
|
|
2015-02-10 13:52:59 +00:00
|
|
|
|
|
|
|
def cmd_del(request):
|
|
|
|
cmd_group_id = request.GET.get('id')
|
|
|
|
cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
|
|
|
|
|
|
|
|
if cmd_group:
|
|
|
|
cmd_group[0].delete()
|
|
|
|
return HttpResponseRedirect('/jperm/cmd_list/')
|