mirror of https://github.com/jumpserver/jumpserver
mapping model
parent
c49a02d1c5
commit
26e3634814
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,8 +1,8 @@
|
|||
import datetime
|
||||
|
||||
from django.db import models
|
||||
from juser.models import User, UserGroup
|
||||
from jasset.models import Asset, AssetGroup
|
||||
from juser.models import User, UserGroup
|
||||
|
||||
|
||||
class PermLog(models.Model):
|
||||
|
@ -19,3 +19,27 @@ class SysUser(models.Model):
|
|||
comment = models.CharField(max_length=100, null=True, blank=True, default='')
|
||||
|
||||
|
||||
class PermRole(models.Model):
|
||||
name = models.CharField(max_length=100)
|
||||
comment = models.CharField(max_length=100)
|
||||
|
||||
|
||||
class UserMapping(models.Model):
|
||||
role = models.ForeignKey(PermRole, related_name='user_mapping')
|
||||
user = models.ForeignKey(User, related_name='user_mapping')
|
||||
asset = models.ForeignKey(Asset, related_name='user_mapping')
|
||||
asset_group = models.ForeignKey(AssetGroup, related_name='user_mapping', null=True, blank=True)
|
||||
|
||||
|
||||
class GroupMapping(models.Model):
|
||||
role = models.ForeignKey(PermRole, related_name='group_mapping')
|
||||
usergroup = models.ForeignKey(UserGroup, related_name='group_mapping', null=True, blank=True)
|
||||
asset = models.ForeignKey(Asset, related_name='group_mapping')
|
||||
asset_group = models.ForeignKey(AssetGroup, related_name='group_mapping', null=True, blank=True)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
|
||||
- hosts: 'add_users_group'
|
||||
gather_facts: no
|
||||
tasks:
|
||||
- name: add SA user
|
||||
command: uname -a
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
|
||||
- hosts: test
|
||||
gather_facts: no
|
||||
tasks:
|
||||
- name: just for test
|
||||
command: uname -a
|
||||
|
||||
|
|
@ -4,6 +4,7 @@ from jperm.views import *
|
|||
urlpatterns = patterns('jperm.views',
|
||||
(r'^user/$', perm_user_list),
|
||||
(r'^perm_user_edit/$', perm_user_edit),
|
||||
(r'^perm_user_detail/$', perm_user_detail),
|
||||
(r'^group/$', perm_group_list),
|
||||
(r'^perm_group_edit/$', perm_group_edit),
|
||||
(r'^log/$', log),
|
||||
|
|
Binary file not shown.
|
@ -0,0 +1,36 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
|
||||
import random
|
||||
|
||||
def get_rand_pass():
|
||||
"""
|
||||
get a reandom password.
|
||||
"""
|
||||
lower = [chr(i) for i in range(97,123)]
|
||||
upper = [chr(i).upper() for i in range(97,123)]
|
||||
digit = [str(i) for i in range(10)]
|
||||
password_pool = []
|
||||
password_pool.extend(lower)
|
||||
password_pool.extend(upper)
|
||||
password_pool.extend(digit)
|
||||
pass_list = [random.choice(password_pool) for i in range(1,14)]
|
||||
pass_list.insert(random.choice(range(1,14)), '@')
|
||||
pass_list.insert(random.choice(range(1,14)), random.choice(digit))
|
||||
password = ''.join(pass_list)
|
||||
return password
|
||||
|
||||
def updates_dict(*args):
|
||||
"""
|
||||
surport update multi dict
|
||||
"""
|
||||
result = {}
|
||||
for d in args:
|
||||
result.update(d)
|
||||
return result
|
||||
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
pass
|
||||
|
||||
|
Binary file not shown.
|
@ -9,7 +9,12 @@ from jperm.models import SysUser
|
|||
from juser.user_api import gen_ssh_key
|
||||
|
||||
|
||||
from django.shortcuts import render_to_response
|
||||
from juser.models import User
|
||||
from jasset.models import Asset, AssetGroup
|
||||
|
||||
from jperm.utils import updates_dict
|
||||
|
||||
from jumpserver.api import my_render, get_object
|
||||
|
||||
|
||||
@require_role('admin')
|
||||
|
@ -22,8 +27,8 @@ def perm_user_list(request):
|
|||
2. include 部分:{% include 'nav_cat_bar.html' %}
|
||||
rander_nav 为渲染数据
|
||||
"""
|
||||
render_data = {}
|
||||
data_nav = {"header_title": "用户授权", "path1": "授权管理", "path2": "用户授权"}
|
||||
|
||||
# 获取所有用户
|
||||
users_list = User.objects.all()
|
||||
|
||||
|
@ -32,39 +37,72 @@ def perm_user_list(request):
|
|||
if keyword:
|
||||
users_list = users_list.filter(Q(name=keyword) | Q(username=keyword))
|
||||
users_list, p, users, page_range, current_page, show_first, show_end = pages(users_list, request)
|
||||
|
||||
data_content = {"users": users}
|
||||
for data in [data_nav, data_content]:
|
||||
render_data.update(data)
|
||||
|
||||
return render_to_response('jperm/perm_user_list.html', render_data)
|
||||
|
||||
render_data = updates_dict(data_nav, data_content)
|
||||
|
||||
return my_render('jperm/perm_user_list.html', render_data, request)
|
||||
|
||||
|
||||
@require_role('admin')
|
||||
def perm_user_detail(request):
|
||||
"""
|
||||
用户详情视图:
|
||||
该视图的模板包含2部分:
|
||||
1. block 部分:{% block content %}
|
||||
rander_content 为渲染数据
|
||||
2. include 部分:{% include 'nav_cat_bar.html' %}
|
||||
rander_nav 为渲染数据
|
||||
"""
|
||||
data_nav = {"header_title": "用户授权", "path1": "授权管理", "path2": "用户详情"}
|
||||
|
||||
# 待实现
|
||||
render_data = updates_dict(data_nav)
|
||||
|
||||
return my_render('jperm/perm_user_detail.html', render_data, request)
|
||||
|
||||
|
||||
@require_role('admin')
|
||||
def perm_user_edit(request):
|
||||
"""
|
||||
TODO:
|
||||
"""
|
||||
header_title, path1, path2 = '用户授权', '授权管理', '授权更改'
|
||||
data_nav = {"header_title": "用户授权", "path1": "授权管理", "path2": "授权更改"}
|
||||
|
||||
# 获取user对象
|
||||
user_id = request.GET.get('id', '')
|
||||
user = get_object(User, id=user_id)
|
||||
asset_all = Asset.objects.all() # 获取所有资产
|
||||
asset_group_all = AssetGroup.objects.all() # 获取所有资产组
|
||||
asset_permed = user.asset.all() # 获取授权的资产对象列表
|
||||
asset_group_permed = user.asset_group.all() # 获取授权的资产组对象列表
|
||||
|
||||
# 获取所有 资产 和 资产组
|
||||
asset_all = Asset.objects.all()
|
||||
asset_group_all = AssetGroup.objects.all()
|
||||
|
||||
# 获取授权的 资产对象列表 和 资产组对象列表
|
||||
asset_permed = user.asset.all()
|
||||
asset_group_permed = user.asset_group.all()
|
||||
|
||||
# 获取未授权的 资产对象列表 和 资产组对象列表
|
||||
if request.method == 'GET' and user:
|
||||
assets = [asset for asset in asset_all if asset not in asset_permed] # 获取没有授权的资产对象列表
|
||||
asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed] # 同理
|
||||
return my_render('jperm/perm_user_edit.html', locals(), request)
|
||||
assets = [asset for asset in asset_all if asset not in asset_permed]
|
||||
asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed]
|
||||
data_content = {"assets": assets, "asset_groups": asset_groups, "user": user}
|
||||
|
||||
render_data = updates_dict(data_nav, data_content)
|
||||
return my_render('jperm/perm_user_edit.html', render_data, request)
|
||||
|
||||
elif request.method == 'POST' and user:
|
||||
asset_id_select = request.POST.getlist('asset_select', []) # 获取选择的资产id列表
|
||||
asset_group_id_select = request.POST.getlist('asset_groups_select', []) # 获取选择的资产组id列表
|
||||
# 获取选择的资产列表 和 资产组列表
|
||||
asset_id_select = request.POST.getlist('asset_select', [])
|
||||
asset_group_id_select = request.POST.getlist('asset_groups_select', [])
|
||||
asset_select = get_object_list(Asset, asset_id_select)
|
||||
asset_group_select = get_object_list(AssetGroup, asset_group_id_select)
|
||||
asset_new = list(set(asset_select) - set(asset_permed)) # 计算的得到新授权的资产对象列表
|
||||
asset_del = list(set(asset_permed) - set(asset_select)) # 计算得到回收权限的资产对象列表
|
||||
asset_group_new = list(set(asset_group_select) - set(asset_group_permed)) # 新授权的资产组对象列表
|
||||
asset_group_del = list(set(asset_group_permed) - set(asset_group_select)) # 回收的资产组对象列表
|
||||
|
||||
# 新授权的资产对象列表, 回收权限的资产对象列表, 新授权的资产组对象列表, 回收的资产组对象列表
|
||||
asset_new = list(set(asset_select) - set(asset_permed))
|
||||
asset_del = list(set(asset_permed) - set(asset_select))
|
||||
asset_group_new = list(set(asset_group_select) - set(asset_group_permed))
|
||||
asset_group_del = list(set(asset_group_permed) - set(asset_group_select))
|
||||
|
||||
for asset_group in asset_group_new:
|
||||
asset_new.extend(asset_group.asset_set.all())
|
||||
for asset_group in asset_group_del:
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1,4 +1,4 @@
|
|||
# coding: utf-8
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
from ansible.playbook import PlayBook
|
||||
from ansible import callbacks, utils
|
||||
|
@ -44,4 +44,5 @@ def playbook_run(inventory, playbook, default_user=None, default_port=None, defa
|
|||
else:
|
||||
results_r['success'].append(hostname)
|
||||
print "%s >>> Success" % hostname
|
||||
return results_r
|
||||
return results_r
|
||||
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -2,7 +2,6 @@
|
|||
|
||||
from django.db import models
|
||||
|
||||
from jasset.models import Asset, AssetGroup
|
||||
|
||||
|
||||
class UserGroup(models.Model):
|
||||
|
@ -10,8 +9,8 @@ class UserGroup(models.Model):
|
|||
# assets = models.TextField(max_length=1000, verbose_name="Assets", default='')
|
||||
# asset_groups = models.CharField(max_length=1000, verbose_name="Asset Groups", default='')
|
||||
comment = models.CharField(max_length=160, blank=True, null=True)
|
||||
asset = models.ManyToManyField(Asset)
|
||||
asset_group = models.ManyToManyField(AssetGroup)
|
||||
#asset = models.ManyToManyField(Asset)
|
||||
#asset_group = models.ManyToManyField(AssetGroup)
|
||||
|
||||
def __unicode__(self):
|
||||
return self.name
|
||||
|
@ -42,8 +41,7 @@ class User(models.Model):
|
|||
is_active = models.BooleanField(default=True)
|
||||
last_login = models.DateTimeField(null=True)
|
||||
date_joined = models.DateTimeField(null=True)
|
||||
asset = models.ManyToManyField(Asset)
|
||||
asset_group = models.ManyToManyField(AssetGroup)
|
||||
|
||||
|
||||
def __unicode__(self):
|
||||
return self.username
|
||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,30 @@
|
|||
{% extends 'base.html' %}
|
||||
{% load mytags %}
|
||||
{% block content %}
|
||||
{% include 'nav_cat_bar.html' %}
|
||||
|
||||
<div class="wrapper wrapper-content animated fadeInRight">
|
||||
<div class="row">
|
||||
<div class="col-lg-10">
|
||||
<div class="ibox float-e-margins">
|
||||
<div class="ibox-title">
|
||||
<h5> 还未实现...</h5>
|
||||
<div class="ibox-tools">
|
||||
<a class="collapse-link">
|
||||
<i class="fa fa-chevron-up"></i>
|
||||
</a>
|
||||
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
|
||||
<i class="fa fa-wrench"></i>
|
||||
</a>
|
||||
<a class="close-link">
|
||||
<i class="fa fa-times"></i>
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{% endblock %}
|
|
@ -78,4 +78,4 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
{% endblock %}
|
||||
{% endblock %}
|
||||
|
|
Loading…
Reference in New Issue