Merge branches 'guanghongwei' and 'wangyong' of gitcafe.com:ibuler/jumpserver into guanghongwei

2015-04-18 14:02:57 +08:00 · 2015-04-18 14:02:57 +08:00 · 0873211d13
parent bcc5774365 84929840d0
commit 0873211d13
6 changed files with 32 additions and 37 deletions
--- a/.gitignore
+++ b/.gitignore
@ -40,3 +40,4 @@ node_modules
 logs
 keys
 jumpserver.conf
 nohup.out
--- a/jasset/views.py
+++ b/jasset/views.py
@ -6,8 +6,7 @@ from django.db.models import Q
 from django.template import RequestContext
 from django.shortcuts import render_to_response
-from jasset.models import IDC, Asset, BisGroup, AssetAlias
+from jperm.models import Perm
 from jperm.models import Perm, SudoPerm
 from jumpserver.api import *
 cryptor = PyCrypt(KEY)
@ -334,36 +333,38 @@ def host_list(request):
    dept = DEPT.objects.get(id=dept_id)
    did = request.GET.get('did', '')
    gid = request.GET.get('gid', '')
-    sid = request.GET.get('sid', '')
+    user_id = get_session_user_info(request)[0]
    post_all = Asset.objects.all().order_by('ip')
    post_all = Asset.objects.all().order_by('ip')
    post_keyword_all = Asset.objects.filter(Q(ip__contains=keyword) |
                                            Q(idc__name__contains=keyword) |
                                            Q(bis_group__name__contains=keyword) |
                                            Q(comment__contains=keyword)).distinct().order_by('ip')
    if did:
        if is_common_user(request) or is_group_admin(request):
            return httperror(request, u'您无权查看!')
        dept = DEPT.objects.get(id=did)
        posts = dept.asset_set.all()
        return my_render('jasset/host_list_nop.html', locals(), request)
    elif gid:
-        posts = []
+        if is_common_user(request):
-        user_group = UserGroup.objects.get(id=gid)
+            return httperror(request, u'您无权查看!')
-        perms = Perm.objects.filter(user_group=user_group)
+
-        for perm in perms:
+        elif is_group_admin(request) and not verify(request, user_group=[gid]):
-            for post in perm.asset_group.asset_set.all():
+            return httperror(request, u'您无权查看!')
                posts.append(post)
        posts = list(set(posts))
        return my_render('jasset/host_list_nop.html', locals(), request)
    elif sid:
        posts = []
-        user_group = UserGroup.objects.get(id=sid)
+        user_group = UserGroup.objects.filter(id=gid)
-        perms = Perm.objects.filter(user_group=user_group)
+        if user_group:
-        for perm in perms:
+            perms = Perm.objects.filter(user_group=user_group)
-            for post in perm.asset_group.asset_set.all():
+            for perm in perms:
-                posts.append(post)
+                for post in perm.asset_group.asset_set.all():
-        posts = list(set(posts))
+                    posts.append(post)
            posts = list(set(posts))
        else:
            return httperror(request, u'没有这个小组!')
        return my_render('jasset/host_list_nop.html', locals(), request)
    else:
--- a/jlog/views.py
+++ b/jlog/views.py
@ -1,20 +1,11 @@
 # coding:utf-8
 import os
 import ConfigParser
 from datetime import datetime
 from django.db.models import Q
 from django.http import HttpResponse
 from django.template import RequestContext
 from django.http import HttpResponseRedirect
 from django.shortcuts import render_to_response
 from connect import BASE_DIR
 from jlog.models import Log
 from jumpserver.views import pages
 from juser.models import User, DEPT
 from jumpserver.api import *
 from jasset.views import httperror
 from django.http import HttpResponseNotFound
 CONF = ConfigParser()
 CONF.read('%s/jumpserver.conf' % BASE_DIR)
@ -84,10 +75,12 @@ def log_kill(request):
        dept_name = log.dept_name
        deptname = get_session_user_info(request)[4]
        if is_group_admin(request) and dept_name != deptname:
-            return httperror(request, 'Kill失败, 您无权操作!')
+            return httperror(request, u'Kill失败, 您无权操作!')
        os.kill(int(pid), 9)
        Log.objects.filter(pid=pid).update(is_finished=1, end_time=datetime.datetime.now())
        return render_to_response('jlog/log_offline.html', locals(), context_instance=RequestContext(request))
    else:
        return HttpResponseNotFound(u'没有此进程!')
@require_login
--- a/jumpserver.conf
+++ b/jumpserver.conf
@ -17,14 +17,14 @@ database = jumpserver
 [ldap]
 ldap_enable = 1
-host_url = ldap://127.0.0.1:389
+host_url = ldap://192.168.0.129:389
 base_dn = dc=jumpserver, dc=org
 root_dn = cn=admin,dc=jumpserver,dc=org
 root_pw = secret234
 [websocket]
-web_socket_host = 192.168.20.209:3000
+web_socket_host = 192.168.0.129:3000
 [mail]
--- a/jumpserver/api.py
+++ b/jumpserver/api.py
@ -451,11 +451,11 @@ def verify(request, user_group=None, user=None, asset_group=None, asset=None, ed
    if asset_group:
        dept_asset_groups = dept.bisgroup_set.all()
-        asset_groups = []
+        asset_group_ids = []
-        for group_id in asset_group:
+        for group in dept_asset_groups:
-            asset_groups.extend(BisGroup.objects.filter(id=int(group_id)))
+            asset_group_ids.append(group.id)
-        if not set(asset_groups).issubset(set(dept_asset_groups)):
+        if not set(asset_group).issubset(set(asset_group_ids)):
            return False
    if asset:
--- a/templates/jlog/log_online.html
+++ b/templates/jlog/log_online.html
@ -209,7 +209,7 @@
           type: "GET",
           url: g_url,
           success: window.open("/jlog/log_list/online/", "_self")
-//           error: window.open(g_url, "_self")
+           error: window.open(g_url, "_self")
       });
 }