github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

[Bugfix] 修复以下bug 

- 删除用户报错,上次更新带来的
- 管理员用户页面会看到所有主机的,而不是授权给自己的
- 授权详情页面 资产显示无效
pull/915/head
ibuler 2018-01-08 11:22:19 +08:00
parent c16471d54f
commit 07a70311df
16 changed files with 31 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
apps/assets/api.py
View File

@ -40,15 +40,10 @@ class AssetViewSet(IDInFilterMixin, BulkModelViewSet):
""" """
queryset = Asset.objects.all() queryset = Asset.objects.all()
serializer_class = serializers.AssetSerializer serializer_class = serializers.AssetSerializer
permission_classes = (IsValidUser,) permission_classes = (IsSuperUserOrAppUser,)
def get_queryset(self): def get_queryset(self):
if self.request.user.is_superuser or self.request.user.is_app: queryset = super().get_queryset()
queryset = super().get_queryset()
else:
assets_granted = get_user_granted_assets(self.request.user)
queryset = self.queryset.filter(id__in=[asset.id for asset in assets_granted])
cluster_id = self.request.query_params.get('cluster_id') cluster_id = self.request.query_params.get('cluster_id')
asset_group_id = self.request.query_params.get('asset_group_id') asset_group_id = self.request.query_params.get('asset_group_id')
admin_user_id = self.request.query_params.get('admin_user_id') admin_user_id = self.request.query_params.get('admin_user_id')
@ -70,6 +65,19 @@ class AssetViewSet(IDInFilterMixin, BulkModelViewSet):
return queryset return queryset
class UserAssetListView(generics.ListAPIView):
queryset = Asset.objects.all()
serializer_class = serializers.AssetSerializer
permission_classes = (IsValidUser,)
def get_queryset(self):
assets_granted = get_user_granted_assets(self.request.user)
queryset = self.queryset.filter(
id__in=[asset.id for asset in assets_granted]
)
return queryset
class AssetGroupViewSet(IDInFilterMixin, BulkModelViewSet): class AssetGroupViewSet(IDInFilterMixin, BulkModelViewSet):
""" """
Asset group api set, for add,delete,update,list,retrieve resource Asset group api set, for add,delete,update,list,retrieve resource

1
apps/assets/templates/assets/admin_user_detail.html
View File

@ -133,7 +133,6 @@ function bindToCluster(clusters) {
$('.select2-selection__rendered').empty(); $('.select2-selection__rendered').empty();
$('#cluster_selected').val(''); $('#cluster_selected').val('');
$.map(jumpserver.cluster_selected, function(cluster_name, index) { $.map(jumpserver.cluster_selected, function(cluster_name, index) {
console.log(index);
$('#opt_' + index).remove(); $('#opt_' + index).remove();
// change tr html of user groups. // change tr html of user groups.
$('#table-clusters tbody').append( $('#table-clusters tbody').append(

1
apps/assets/templates/assets/asset_group_detail.html
View File

@ -223,7 +223,6 @@ $(document).ready(function () {
}); });
var delete_asset_id = $(this).data('aid'); var delete_asset_id = $(this).data('aid');
assets.remove(delete_asset_id); assets.remove(delete_asset_id);
console.log(assets);
var data = {"assets": assets}; var data = {"assets": assets};
leaveGroup($this, name, the_url, data); leaveGroup($this, name, the_url, data);
}) })

2
apps/assets/templates/assets/asset_group_list.html
View File

@ -75,8 +75,6 @@ $(document).ready(function(){
return false; return false;
} }
var the_url = '{% url "api-assets:asset-group-list" %}'; var the_url = '{% url "api-assets:asset-group-list" %}';
console.log(plain_id_list);
console.log(the_url);
function doDelete() { function doDelete() {
swal({ swal({
title: "{% trans 'Are you sure?' %}", title: "{% trans 'Are you sure?' %}",

3
apps/assets/templates/assets/user_asset_list.html
View File

@ -42,7 +42,6 @@ function initTable() {
columnDefs: [ columnDefs: [
{targets: 1, createdCell: function (td, cellData, rowData) { {targets: 1, createdCell: function (td, cellData, rowData) {
{% url 'assets:asset-detail' pk=DEFAULT_PK as the_url %} {% url 'assets:asset-detail' pk=DEFAULT_PK as the_url %}
console.log('{{ the_url }}');
var detail_btn = '<a href="{{ the_url }}">' + cellData + '</a>'; var detail_btn = '<a href="{{ the_url }}">' + cellData + '</a>';
$(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id)); $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
}}, }},
@ -67,7 +66,7 @@ function initTable() {
$(td).html(conn_btn) $(td).html(conn_btn)
}} }}
], ],
ajax_url: '{% url "api-assets:asset-list" %}', ajax_url: '{% url "api-assets:user-asset-list" %}',
columns: [ columns: [
{data: "id"}, {data: "hostname" }, {data: "ip" }, {data: "port" }, {data: "id"}, {data: "hostname" }, {data: "ip" }, {data: "port" },
{data: "get_type_display" }, {data: "get_env_display"}, {data: "hardware_info"}, {data: "get_type_display" }, {data: "get_env_display"}, {data: "hardware_info"},

2
apps/assets/urls/api_urls.py
View File

@ -21,6 +21,8 @@ urlpatterns = [
api.AssetRefreshHardwareApi.as_view(), name='asset-refresh'), api.AssetRefreshHardwareApi.as_view(), name='asset-refresh'),
url(r'^v1/assets/(?P<pk>[0-9a-zA-Z\-]{36})/alive/$', url(r'^v1/assets/(?P<pk>[0-9a-zA-Z\-]{36})/alive/$',
api.AssetAdminUserTestApi.as_view(), name='asset-alive-test'), api.AssetAdminUserTestApi.as_view(), name='asset-alive-test'),
url(r'^v1/assets/user-assets/$',
api.UserAssetListView.as_view(), name='user-asset-list'),
# update the asset group, which add or delete the asset to the group # update the asset group, which add or delete the asset to the group
url(r'^v1/groups/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$', url(r'^v1/groups/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$',
api.GroupUpdateAssetsApi.as_view(), name='group-update-assets'), api.GroupUpdateAssetsApi.as_view(), name='group-update-assets'),

11
apps/perms/templates/perms/asset_permission_asset.html
View File

@ -53,8 +53,6 @@
<tr> <tr>
<th>{% trans 'Hostname' %}</th> <th>{% trans 'Hostname' %}</th>
<th>{% trans 'IP' %}</th> <th>{% trans 'IP' %}</th>
<th>{% trans 'Port' %}</th>
<th>{% trans 'Is valid' %}</th>
<th></th> <th></th>
</tr> </tr>
</thead> </thead>
@ -63,15 +61,6 @@
<tr> <tr>
<td>{{ asset.hostname }}</td> <td>{{ asset.hostname }}</td>
<td>{{ asset.ip }}</td> <td>{{ asset.ip }}</td>
<td>{{ user.port }}</td>
<td>
{% if asset.is_active %}
<i class="fa fa-times text-danger"></i>
{% else %}
<i class="fa fa-check text-navy"></i>
{% endif %}
</td>
<td> <td>
<button title="{{ asset.inherit_from_asset_groups }}" data-gid="{{ asset.id }}" class="btn btn-danger btn-xs btn-remove-asset {% if asset.is_inherit_from_asset_groups %} disabled {% endif %}" type="button" style="float: right;"><i class="fa fa-minus"></i></button> <button title="{{ asset.inherit_from_asset_groups }}" data-gid="{{ asset.id }}" class="btn btn-danger btn-xs btn-remove-asset {% if asset.is_inherit_from_asset_groups %} disabled {% endif %}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
</td> </td>

12
apps/perms/templates/perms/asset_permission_detail.html
View File

@ -113,7 +113,7 @@
<table class="table"> <table class="table">
<tbody> <tbody>
<tr class="no-borders-tr"> <tr class="no-borders-tr">
<td width="50%">Active:</td> <td width="50%">{% trans 'Active' %} :</td>
<td><span style="float: right"> <td><span style="float: right">
<div class="switch"> <div class="switch">
<div class="onoffswitch"> <div class="onoffswitch">
@ -139,8 +139,8 @@
<table class="table" id="system-user-table"> <table class="table" id="system-user-table">
<tbody> <tbody>
<form> <form>
<tr> <tr class="no-borders-tr">
<td colspan="2" class="no-borders"> <td colspan="2">
<select data-placeholder="{% trans 'Select system users' %}" class="select2" style="width: 100%" multiple="" tabindex="4"> <select data-placeholder="{% trans 'Select system users' %}" class="select2" style="width: 100%" multiple="" tabindex="4">
{% for system_user in system_users_remain %} {% for system_user in system_users_remain %}
<option value="{{ system_user.id }}" id="opt_{{ system_user.id }}">{{ system_user.name }}</option> <option value="{{ system_user.id }}" id="opt_{{ system_user.id }}">{{ system_user.name }}</option>
@ -148,15 +148,15 @@
</select> </select>
</td> </td>
</tr> </tr>
<tr> <tr class="no-borders-tr">
<td colspan="2" class="no-borders"> <td colspan="2">
<button type="button" class="btn btn-info btn-small" id="btn-add-system-user">{% trans 'Add' %}</button> <button type="button" class="btn btn-info btn-small" id="btn-add-system-user">{% trans 'Add' %}</button>
</td> </td>
</tr> </tr>
</form> </form>
{% for system_user in system_users %} {% for system_user in system_users %}
<tr> <tr {% if forloop.counter == 1 %} class="no-borders-tr" {% endif %} >
<td ><b class="bdg-system-user" data-uid={{ system_user.id }}>{{ system_user.name }}</b></td> <td ><b class="bdg-system-user" data-uid={{ system_user.id }}>{{ system_user.name }}</b></td>
<td> <td>
<button class="btn btn-danger btn-xs btn-remove-user" data-uid="{{ system_user.id }}" type="button" style="float: right;"><i class="fa fa-minus"></i></button> <button class="btn btn-danger btn-xs btn-remove-user" data-uid="{{ system_user.id }}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>

12
apps/perms/templates/perms/asset_permission_user.html
View File

@ -53,8 +53,6 @@
<tr> <tr>
<th>{% trans 'Name' %}</th> <th>{% trans 'Name' %}</th>
<th>{% trans 'Username' %}</th> <th>{% trans 'Username' %}</th>
<th>{% trans 'Email' %}</th>
<th>{% trans 'Is valid' %}</th>
<th></th> <th></th>
</tr> </tr>
</thead> </thead>
@ -63,15 +61,6 @@
<tr> <tr>
<td>{{ user.name }}</td> <td>{{ user.name }}</td>
<td>{{ user.username }}</td> <td>{{ user.username }}</td>
<td>{{ user.email }}</td>
<td>
{% if user.is_expired and user.is_active %}
<i class="fa fa-times text-danger"></i>
{% else %}
<i class="fa fa-check text-navy"></i>
{% endif %}
</td>
<td> <td>
<button class="btn btn-danger btn-xs btn-remove-user {% if user.is_inherit_from_user_groups %} disabled {% endif %}" data-gid="{{ user.id }}" type="button" style="float: right;"><i class="fa fa-minus"></i></button> <button class="btn btn-danger btn-xs btn-remove-user {% if user.is_inherit_from_user_groups %} disabled {% endif %}" data-gid="{{ user.id }}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
</td> </td>
@ -231,7 +220,6 @@ $(document).ready(function () {
$.map(jumpserver.users_selected, function(value, index) { $.map(jumpserver.users_selected, function(value, index) {
users_id.push(index); users_id.push(index);
}); });
console.log(users_id);
addUsers(users_id); addUsers(users_id);
}).on('click', '.btn-remove-user', function () { }).on('click', '.btn-remove-user', function () {
var user_id = $(this).data("gid"); var user_id = $(this).data("gid");

2
apps/static/js/jumpserver.js
View File

@ -61,7 +61,6 @@ function GetTableDataBox() {
id_list.push(i); id_list.push(i);
} }
} }
console.log(id_list);
for (i in id_list) { for (i in id_list) {
console.log(tabProduct); console.log(tabProduct);
tableData.push(GetRowData(tabProduct.rows[id_list[i]])); tableData.push(GetRowData(tabProduct.rows[id_list[i]]));
@ -358,7 +357,6 @@ function setCookie(key, value) {
var expires = new Date(); var expires = new Date();
expires.setTime(expires.getTime() + (24 * 60 * 60 * 1000)); expires.setTime(expires.getTime() + (24 * 60 * 60 * 1000));
document.cookie = key + '=' + value + ';expires=' + expires.toUTCString() + ';path=/'; document.cookie = key + '=' + value + ';expires=' + expires.toUTCString() + ';path=/';
console.log("Cookie: " + document.cookie)
} }

1
apps/templates/_user_profile.html
View File

@ -28,7 +28,6 @@ $(document).ready(function () {
.on('click', '#switch_user', function () { .on('click', '#switch_user', function () {
var cookieName = "IN_ADMIN_PAGE"; var cookieName = "IN_ADMIN_PAGE";
setTimeout(function () { setTimeout(function () {
console.log("Set to No");
delCookie(cookieName); delCookie(cookieName);
setCookie(cookieName, "No"); setCookie(cookieName, "No");
window.location = "/" window.location = "/"

1
apps/terminal/templates/terminal/terminal_list.html
View File

@ -136,7 +136,6 @@ $(document).ready(function(){
}).on('click', '.btn-connect', function () { }).on('click', '.btn-connect', function () {
var $this = $(this); var $this = $(this);
var id = $this.data('id'); var id = $this.data('id');
console.log(id)
}) })
</script> </script>
{% endblock %} {% endblock %}

4
apps/users/forms.py
View File

@ -184,12 +184,14 @@ class UserBulkUpdateForm(forms.ModelForm):
class UserGroupForm(forms.ModelForm): class UserGroupForm(forms.ModelForm):
users = forms.ModelMultipleChoiceField( users = forms.ModelMultipleChoiceField(
queryset=User.objects.all(), queryset=User.objects.all(),
label=_("User"),
widget=forms.SelectMultiple( widget=forms.SelectMultiple(
attrs={ attrs={
'class': 'select2', 'class': 'select2',
'data-placeholder': _('Select users') 'data-placeholder': _('Select users')
} }
) ),
required=False,
) )
def __init__(self, **kwargs): def __init__(self, **kwargs):

1
apps/users/templates/users/user_group_detail.html
View File

@ -171,7 +171,6 @@ $(document).ready(function () {
var users = $('.bdg_user').map(function() { var users = $('.bdg_user').map(function() {
return $(this).data('uid'); return $(this).data('uid');
}).get(); }).get();
console.log(users);
updateGroupMember(users) updateGroupMember(users)
}).on('click', '#btn_add_user', function() { }).on('click', '#btn_add_user', function() {
if (Object.keys(jumpserver.users_selected).length === 0) { if (Object.keys(jumpserver.users_selected).length === 0) {

2
apps/users/templates/users/user_list.html
View File

@ -223,7 +223,7 @@ $(document).ready(function(){
var $this = $(this); var $this = $(this);
var name = $this.data('name'); var name = $this.data('name');
var uid = $this.data('uid'); var uid = $this.data('uid');
var the_url = '{% url "api-users:user-detail" pk="{{ DEFAULT_PK }}" %}'.replace("{{ DEFAULT_PK }}", uid); var the_url = '{% url "api-users:user-detail" pk=DEFAULT_PK %}'.replace("{{ DEFAULT_PK }}", uid);
objectDelete($this, name, the_url); objectDelete($this, name, the_url);
}) })
</script> </script>

4
apps/users/views/group.py
View File

@ -39,7 +39,9 @@ class UserGroupCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateVie
form_class = forms.UserGroupForm form_class = forms.UserGroupForm
template_name = 'users/user_group_create_update.html' template_name = 'users/user_group_create_update.html'
success_url = reverse_lazy('users:user-group-list') success_url = reverse_lazy('users:user-group-list')
success_message = '<a href={url}> {name} </a> was created successfully' success_message = _(
'User group <a href={url}> {name} </a> was created successfully'
)
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
context = { context = {