Merge branches 'guanghongwei' and 'wangyong' of gitcafe.com:ibuler/jumpserver into guanghongwei

.gitignore

@@ -40,3 +40,4 @@ node_modules
 logs
 keys
 jumpserver.conf
+nohup.out

jasset/views.py

@@ -6,8 +6,7 @@ from django.db.models import Q
 from django.template import RequestContext
 from django.shortcuts import render_to_response
 
-from jasset.models import IDC, Asset, BisGroup, AssetAlias
-from jperm.models import Perm, SudoPerm
+from jperm.models import Perm
 from jumpserver.api import *
 
 cryptor = PyCrypt(KEY)
@@ -334,36 +333,38 @@ def host_list(request):
     dept = DEPT.objects.get(id=dept_id)
     did = request.GET.get('did', '')
     gid = request.GET.get('gid', '')
-    sid = request.GET.get('sid', '')
-    post_all = Asset.objects.all().order_by('ip')
+    user_id = get_session_user_info(request)[0]
 
+    post_all = Asset.objects.all().order_by('ip')
     post_keyword_all = Asset.objects.filter(Q(ip__contains=keyword) |
                                             Q(idc__name__contains=keyword) |
                                             Q(bis_group__name__contains=keyword) |
                                             Q(comment__contains=keyword)).distinct().order_by('ip')
     if did:
+        if is_common_user(request) or is_group_admin(request):
+            return httperror(request, u'您无权查看!')
+
         dept = DEPT.objects.get(id=did)
         posts = dept.asset_set.all()
         return my_render('jasset/host_list_nop.html', locals(), request)
 
     elif gid:
-        posts = []
-        user_group = UserGroup.objects.get(id=gid)
-        perms = Perm.objects.filter(user_group=user_group)
-        for perm in perms:
-            for post in perm.asset_group.asset_set.all():
-                posts.append(post)
-        posts = list(set(posts))
-        return my_render('jasset/host_list_nop.html', locals(), request)
+        if is_common_user(request):
+            return httperror(request, u'您无权查看!')
+
+        elif is_group_admin(request) and not verify(request, user_group=[gid]):
+            return httperror(request, u'您无权查看!')
 
-    elif sid:
         posts = []
-        user_group = UserGroup.objects.get(id=sid)
-        perms = Perm.objects.filter(user_group=user_group)
-        for perm in perms:
-            for post in perm.asset_group.asset_set.all():
-                posts.append(post)
-        posts = list(set(posts))
+        user_group = UserGroup.objects.filter(id=gid)
+        if user_group:
+            perms = Perm.objects.filter(user_group=user_group)
+            for perm in perms:
+                for post in perm.asset_group.asset_set.all():
+                    posts.append(post)
+            posts = list(set(posts))
+        else:
+            return httperror(request, u'没有这个小组!')
         return my_render('jasset/host_list_nop.html', locals(), request)
 
     else:

jlog/views.py

@@ -1,20 +1,11 @@
 # coding:utf-8
-import os
-import ConfigParser
-from datetime import datetime
-
 from django.db.models import Q
-from django.http import HttpResponse
 from django.template import RequestContext
-from django.http import HttpResponseRedirect
 from django.shortcuts import render_to_response
 
-from connect import BASE_DIR
-from jlog.models import Log
-from jumpserver.views import pages
-from juser.models import User, DEPT
 from jumpserver.api import *
 from jasset.views import httperror
+from django.http import HttpResponseNotFound
 
 CONF = ConfigParser()
 CONF.read('%s/jumpserver.conf' % BASE_DIR)
@@ -84,10 +75,12 @@ def log_kill(request):
         dept_name = log.dept_name
         deptname = get_session_user_info(request)[4]
         if is_group_admin(request) and dept_name != deptname:
-            return httperror(request, 'Kill失败, 您无权操作!')
+            return httperror(request, u'Kill失败, 您无权操作!')
         os.kill(int(pid), 9)
         Log.objects.filter(pid=pid).update(is_finished=1, end_time=datetime.datetime.now())
         return render_to_response('jlog/log_offline.html', locals(), context_instance=RequestContext(request))
+    else:
+        return HttpResponseNotFound(u'没有此进程!')
 
 
 @require_login

jumpserver.conf

@@ -17,14 +17,14 @@ database = jumpserver
 
 [ldap]
 ldap_enable = 1
-host_url = ldap://127.0.0.1:389
+host_url = ldap://192.168.0.129:389
 base_dn = dc=jumpserver, dc=org
 root_dn = cn=admin,dc=jumpserver,dc=org
 root_pw = secret234
 
 
 [websocket]
-web_socket_host = 192.168.20.209:3000
+web_socket_host = 192.168.0.129:3000
 
 
 [mail]

jumpserver/api.py

@@ -451,11 +451,11 @@ def verify(request, user_group=None, user=None, asset_group=None, asset=None, ed
 
     if asset_group:
         dept_asset_groups = dept.bisgroup_set.all()
-        asset_groups = []
-        for group_id in asset_group:
-            asset_groups.extend(BisGroup.objects.filter(id=int(group_id)))
+        asset_group_ids = []
+        for group in dept_asset_groups:
+            asset_group_ids.append(group.id)
 
-        if not set(asset_groups).issubset(set(dept_asset_groups)):
+        if not set(asset_group).issubset(set(asset_group_ids)):
             return False
 
     if asset:

templates/jlog/log_online.html

@@ -209,7 +209,7 @@
            type: "GET",
            url: g_url,
            success: window.open("/jlog/log_list/online/", "_self")
-//           error: window.open(g_url, "_self")
+           error: window.open(g_url, "_self")
        });
 
 }