From 84929840d0d6e0505020f54cac55540544155cc6 Mon Sep 17 00:00:00 2001 From: halcyon <864072399@qq.com> Date: Sat, 18 Apr 2015 13:51:47 +0800 Subject: [PATCH] bug --- .gitignore | 1 + jasset/views.py | 39 +++++++++++++++++----------------- jlog/views.py | 15 ++++--------- jumpserver.conf | 4 ++-- jumpserver/api.py | 8 +++---- templates/jlog/log_online.html | 2 +- 6 files changed, 32 insertions(+), 37 deletions(-) diff --git a/.gitignore b/.gitignore index d4aea3dae..b749de2d9 100644 --- a/.gitignore +++ b/.gitignore @@ -40,3 +40,4 @@ node_modules logs keys jumpserver.conf +nohup.out diff --git a/jasset/views.py b/jasset/views.py index 6703fc1ef..f59aef065 100644 --- a/jasset/views.py +++ b/jasset/views.py @@ -6,8 +6,7 @@ from django.db.models import Q from django.template import RequestContext from django.shortcuts import render_to_response -from jasset.models import IDC, Asset, BisGroup, AssetAlias -from jperm.models import Perm, SudoPerm +from jperm.models import Perm from jumpserver.api import * cryptor = PyCrypt(KEY) @@ -334,36 +333,38 @@ def host_list(request): dept = DEPT.objects.get(id=dept_id) did = request.GET.get('did', '') gid = request.GET.get('gid', '') - sid = request.GET.get('sid', '') - post_all = Asset.objects.all().order_by('ip') + user_id = get_session_user_info(request)[0] + post_all = Asset.objects.all().order_by('ip') post_keyword_all = Asset.objects.filter(Q(ip__contains=keyword) | Q(idc__name__contains=keyword) | Q(bis_group__name__contains=keyword) | Q(comment__contains=keyword)).distinct().order_by('ip') if did: + if is_common_user(request) or is_group_admin(request): + return httperror(request, u'您无权查看!') + dept = DEPT.objects.get(id=did) posts = dept.asset_set.all() return my_render('jasset/host_list_nop.html', locals(), request) elif gid: - posts = [] - user_group = UserGroup.objects.get(id=gid) - perms = Perm.objects.filter(user_group=user_group) - for perm in perms: - for post in perm.asset_group.asset_set.all(): - posts.append(post) - posts = list(set(posts)) - return my_render('jasset/host_list_nop.html', locals(), request) + if is_common_user(request): + return httperror(request, u'您无权查看!') + + elif is_group_admin(request) and not verify(request, user_group=[gid]): + return httperror(request, u'您无权查看!') - elif sid: posts = [] - user_group = UserGroup.objects.get(id=sid) - perms = Perm.objects.filter(user_group=user_group) - for perm in perms: - for post in perm.asset_group.asset_set.all(): - posts.append(post) - posts = list(set(posts)) + user_group = UserGroup.objects.filter(id=gid) + if user_group: + perms = Perm.objects.filter(user_group=user_group) + for perm in perms: + for post in perm.asset_group.asset_set.all(): + posts.append(post) + posts = list(set(posts)) + else: + return httperror(request, u'没有这个小组!') return my_render('jasset/host_list_nop.html', locals(), request) else: diff --git a/jlog/views.py b/jlog/views.py index cabc15351..85a937028 100644 --- a/jlog/views.py +++ b/jlog/views.py @@ -1,20 +1,11 @@ # coding:utf-8 -import os -import ConfigParser -from datetime import datetime - from django.db.models import Q -from django.http import HttpResponse from django.template import RequestContext -from django.http import HttpResponseRedirect from django.shortcuts import render_to_response -from connect import BASE_DIR -from jlog.models import Log -from jumpserver.views import pages -from juser.models import User, DEPT from jumpserver.api import * from jasset.views import httperror +from django.http import HttpResponseNotFound CONF = ConfigParser() CONF.read('%s/jumpserver.conf' % BASE_DIR) @@ -84,10 +75,12 @@ def log_kill(request): dept_name = log.dept_name deptname = get_session_user_info(request)[4] if is_group_admin(request) and dept_name != deptname: - return httperror(request, 'Kill失败, 您无权操作!') + return httperror(request, u'Kill失败, 您无权操作!') os.kill(int(pid), 9) Log.objects.filter(pid=pid).update(is_finished=1, end_time=datetime.datetime.now()) return render_to_response('jlog/log_offline.html', locals(), context_instance=RequestContext(request)) + else: + return HttpResponseNotFound(u'没有此进程!') @require_login diff --git a/jumpserver.conf b/jumpserver.conf index 6fb97b1f2..aeea304a5 100644 --- a/jumpserver.conf +++ b/jumpserver.conf @@ -17,14 +17,14 @@ database = jumpserver [ldap] ldap_enable = 1 -host_url = ldap://127.0.0.1:389 +host_url = ldap://192.168.0.129:389 base_dn = dc=jumpserver, dc=org root_dn = cn=admin,dc=jumpserver,dc=org root_pw = secret234 [websocket] -web_socket_host = 192.168.20.209:3000 +web_socket_host = 192.168.0.129:3000 [mail] diff --git a/jumpserver/api.py b/jumpserver/api.py index db2b93e3b..fbda2ef83 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -449,11 +449,11 @@ def verify(request, user_group=None, user=None, asset_group=None, asset=None, ed if asset_group: dept_asset_groups = dept.bisgroup_set.all() - asset_groups = [] - for group_id in asset_group: - asset_groups.extend(BisGroup.objects.filter(id=int(group_id))) + asset_group_ids = [] + for group in dept_asset_groups: + asset_group_ids.append(group.id) - if not set(asset_groups).issubset(set(dept_asset_groups)): + if not set(asset_group).issubset(set(asset_group_ids)): return False if asset: diff --git a/templates/jlog/log_online.html b/templates/jlog/log_online.html index 3f85fca2a..cc253d9e8 100644 --- a/templates/jlog/log_online.html +++ b/templates/jlog/log_online.html @@ -209,7 +209,7 @@ type: "GET", url: g_url, success: window.open("/jlog/log_list/online/", "_self") -// error: window.open(g_url, "_self") + error: window.open(g_url, "_self") }); }