github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'master' into wangyong

pull/6/head
halcyon 2015-04-16 14:34:49 +08:00
parent 55c5230eb2 60cb5561f0
commit 29d196410e
17 changed files with 329 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
jperm/views.py
View File

@ -3,7 +3,6 @@ import sys
reload(sys)
sys.setdefaultencoding('utf8')
from django.core.mail import send_mail
from django.shortcuts import render_to_response
from django.template import RequestContext
from jperm.models import Perm, SudoPerm, CmdGroup, Apply
@ -11,12 +10,6 @@ from django.db.models import Q
from jumpserver.api import *
CONF = ConfigParser()
CONF.read('%s/jumpserver.conf' % BASE_DIR)
send_ip = CONF.get('base', 'ip')
send_port = CONF.get('base', 'port')
def asset_cmd_groups_get(asset_groups_select='', cmd_groups_select=''):
asset_groups_select_list = []
cmd_groups_select_list = []
@ -120,7 +113,7 @@ def dept_perm_list(request):
if keyword:
contact_list = DEPT.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)).order_by('name')
else:
contact_list = DEPT.objects.filter(id__gt=1)
contact_list = DEPT.objects.filter(id__gt=2)
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
@ -533,14 +526,23 @@ def cmd_add(request):
dept_id = request.POST.get('dept_id')
cmd = ','.join(request.POST.get('cmd').split())
comment = request.POST.get('comment')
dept = DEPT.objects.filter(id=dept_id)
if dept:
try:
if CmdGroup.objects.filter(name=name):
error = '%s 命令组已存在'
raise ServerError(error)
if not dept:
error = u"部门不能为空"
raise ServerError(error)
except ServerError, e:
pass
else:
dept = dept[0]
CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment)
else:
error = u"部门不能为空"
msg = u'命令组添加成功'
return HttpResponseRedirect('/jperm/cmd_list/')
return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
@ -555,8 +557,16 @@ def cmd_add_adm(request):
cmd = ','.join(request.POST.get('cmd').split())
comment = request.POST.get('comment')
try:
if CmdGroup.objects.filter(name=name):
error = '%s 命令组已存在'
raise ServerError(error)
except ServerError, e:
pass
else:
CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment)
msg = u'命令组添加成功'
return HttpResponseRedirect('/jperm/cmd_list/')
return HttpResponseRedirect('/jperm/cmd_list/')
return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
@ -568,10 +578,12 @@ def cmd_edit(request):
cmd_group_id = request.GET.get('id')
cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
dept_all = DEPT.objects.all()
if cmd_group:
cmd_group = cmd_group[0]
cmd_group_id = cmd_group.id
dept_id = cmd_group.dept.id
name = cmd_group.name
cmd = '\n'.join(cmd_group.cmd.split(','))
comment = cmd_group.comment
@ -579,12 +591,23 @@ def cmd_edit(request):
if request.method == 'POST':
cmd_group_id = request.POST.get('cmd_group_id')
name = request.POST.get('name')
dept_id = request.POST.get('dept_id')
cmd = ','.join(request.POST.get('cmd').split())
comment = request.POST.get('comment')
cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
if cmd_group:
cmd_group.update(name=name, cmd=cmd, comment=comment)
dept = DEPT.objects.filter(id=dept_id)
try:
if not dept:
error = '没有该部门'
raise ServerError(error)
if not cmd_group:
error = '没有该命令组'
except ServerError, e:
pass
else:
cmd_group.update(name=name, cmd=cmd, dept=dept[0], comment=comment)
return HttpResponseRedirect('/jperm/cmd_list/')
return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
@ -624,10 +647,22 @@ def cmd_del(request):
@require_admin
def cmd_detail(request):
cmd_id = request.GET.get('id')
cmd_group = CmdGroup.objects.filter(id=cmd_id)
cmd_ids = request.GET.get('id').split(',')
cmds = []
if len(cmd_ids) == 1:
cmd_group = CmdGroup.objects.filter(id=cmd_ids[0])
if cmd_group:
cmd_group = cmd_group[0]
cmds.extend(cmd_group.cmd.split(','))
cmd_group_name = cmd_group.name
else:
cmd_groups = []
for cmd_id in cmd_ids:
cmd_groups.extend(CmdGroup.objects.filter(id=cmd_id))
for cmd_group in cmd_groups:
cmds.extend(cmd_group.cmd.split(','))
cmds_str = ', '.join(cmds)
return render_to_response('jperm/sudo_cmd_detail.html', locals(), context_instance=RequestContext(request))
@ -660,7 +695,7 @@ def perm_apply(request):
time_now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
a = Apply.objects.create(applyer=applyer, dept=dept, bisgroup=group, date_add=datetime.datetime.now(), asset=hosts, status=0, comment=comment)
uuid = a.uuid
url = "http://%s:%s/jperm/apply_exec/?uuid=%s" % (send_ip, send_port, uuid)
url = "http://%s:%s/jperm/apply_exec/?uuid=%s" % (SEND_IP, SEND_PORT, uuid)
mail_msg = """
Hi,%s:
有新的权限申请, 详情如下:
@ -674,7 +709,7 @@ def perm_apply(request):
%s
""" % (da.username, applyer, group_lis, hosts_lis, time_now, comment, url)
send_mail(mail_title, mail_msg, 'jkfunshion@fun.tv', [mail_address], fail_silently=False)
send_mail(mail_title, mail_msg, MAIL_FROM, [mail_address], fail_silently=False)
smg = "提交成功,已发邮件通知部门管理员。"
return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request))
return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request))

14
jumpserver.conf
View File

@ -1,8 +1,10 @@
#coding: utf8
[base]
ip = 192.168.173.129
ip = 192.168.20.209
port = 80
key = 88aaaf7ffe3c6c04
[db]
@ -25,13 +27,9 @@ root_pw = secret234
web_socket_host = 192.168.173.129:3000
[web]
key = 88aaaf7ffe3c6c04
[mail]
email_host = mail.funshion.com
email_host = smtp.exmail.qq.com
email_port = 25
email_host_user = jkfunshion
email_host_password = jkmail%
email_host_user = noreply@jumpserver.org
email_host_password = jumpserver123
email_use_tls = False

59
jumpserver/api.py
View File

@ -19,6 +19,7 @@ from jasset.models import Asset, BisGroup, IDC
from jlog.models import Log
from jasset.models import AssetAlias
from django.core.exceptions import ObjectDoesNotExist
from django.core.mail import send_mail
BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__)))
@ -27,18 +28,12 @@ CONF.read(os.path.join(BASE_DIR, 'jumpserver.conf'))
LOG_DIR = os.path.join(BASE_DIR, 'logs')
SSH_KEY_DIR = os.path.join(BASE_DIR, 'keys')
SERVER_KEY_DIR = os.path.join(SSH_KEY_DIR, 'server')
KEY = CONF.get('web', 'key')
KEY = CONF.get('base', 'key')
LOGIN_NAME = getpass.getuser()
LDAP_ENABLE = CONF.getint('ldap', 'ldap_enable')
# def user_perm_group_api(username):
# user = User.objects.get(username=username)
# if user:
# perm_list = []
# user_group_all = user.group.all()
# for user_group in user_group_all:
# perm_list.extend(user_group.perm_set.all())
SEND_IP = CONF.get('base', 'ip')
SEND_PORT = CONF.get('base', 'port')
MAIL_FROM = CONF.get('mail', 'email_host_user')
class LDAPMgmt():
@ -201,6 +196,9 @@ def require_login(func):
def require_super_user(func):
def _deco(request, *args, **kwargs):
if not request.session.get('user_id'):
return HttpResponseRedirect('/login/')
if request.session.get('role_id', 0) != 2:
return HttpResponseRedirect('/')
return func(request, *args, **kwargs)
@ -209,6 +207,9 @@ def require_super_user(func):
def require_admin(func):
def _deco(request, *args, **kwargs):
if not request.session.get('user_id'):
return HttpResponseRedirect('/login/')
if request.session.get('role_id', 0) < 1:
return HttpResponseRedirect('/')
return func(request, *args, **kwargs)
@ -276,7 +277,8 @@ def view_splitter(request, su=None, adm=None):
return su(request)
elif is_group_admin(request):
return adm(request)
raise Http404
else:
return HttpResponseRedirect('/login/')
def user_perm_group_api(username):
@ -384,39 +386,38 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None,
if user_group:
dept_user_groups = dept.usergroup_set.all()
user_groups = []
for user_group_id in user_group:
user_groups.extend(UserGroup.objects.filter(id=user_group_id))
if not set(user_groups).issubset(set(dept_user_groups)):
user_group_ids = []
for group in dept_user_groups:
user_group_ids.append(str(group.id))
if not set(user_group).issubset(set(user_group_ids)):
return False
if user:
dept_users = dept.user_set.all()
users = []
for user_id in user:
users.extend(User.objects.filter(id=user_id))
user_ids = []
for user in dept_users:
user_ids.append(str(user.id))
if not set(users).issubset(set(dept_users)):
if not set(user).issubset(set(user_ids)):
return False
if asset_group:
dept_asset_groups = dept.bisgroup_set.all()
asset_groups = []
for group_id in asset_group:
asset_groups.extend(BisGroup.objects.filter(id=int(group_id)))
asset_group_ids = []
for group in dept_asset_groups:
asset_group_ids.append(group.id)
if not set(asset_groups).issubset(set(dept_asset_groups)):
if not set(asset_group).issubset(set(asset_group_ids)):
return False
if asset:
dept_assets = dept.asset_set.all()
assets, eassets = [], []
for asset_id in dept_assets:
eassets.append(int(asset_id.id))
for i in asset:
assets.append(int(i))
asset_ids = []
for asset in dept_assets:
asset_ids.append(str(asset.id))
if not set(assets).issubset(eassets):
if not set(asset).issubset(set(asset_ids)):
return False
return True

81
jumpserver/templatetags/mytags.py
View File

@ -163,6 +163,18 @@ def ugrp_perm_agrp_count(user_group_id):
return 0
@register.filter(name='ugrp_sudo_agrp_count')
def ugrp_sudo_agrp_count(user_group_id):
user_group = UserGroup.objects.filter(id=user_group_id)
asset_groups = []
if user_group:
user_group = user_group[0]
for perm in user_group.sudoperm_set.all():
asset_groups.extend(perm.asset_group.all())
return len(set(asset_groups))
return 0
@register.filter(name='ugrp_perm_asset_count')
def ugrp_perm_asset_count(user_group_id):
user_group = UserGroup.objects.filter(id=user_group_id)
@ -175,6 +187,21 @@ def ugrp_perm_asset_count(user_group_id):
return len(set(assets))
@register.filter(name='ugrp_sudo_asset_count')
def ugrp_sudo_asset_count(user_group_id):
user_group = UserGroup.objects.filter(id=user_group_id)
asset_groups = []
assets = []
if user_group:
user_group = user_group[0]
for perm in user_group.sudoperm_set.all():
asset_groups.extend(perm.asset_group.all())
for asset_group in asset_groups:
assets.extend(asset_group.asset_set.all())
return len(set(assets))
@register.filter(name='get_user_alias')
def get_user_alias(post, user_id):
user = User.objects.get(id=user_id)
@ -304,8 +331,52 @@ def sudo_cmd_list(cmd_group_id):
@register.filter(name='sudo_cmd_count')
def sudo_cmd_count(cmd_group_id):
cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
if cmd_group:
cmd_group = cmd_group[0]
return len(cmd_group.cmd.split(','))
def sudo_cmd_count(user_group_id):
user_group = UserGroup.objects.filter(id=user_group_id)
cmds = []
if user_group:
user_group = user_group[0]
cmd_groups = []
for perm in user_group.sudoperm_set.all():
cmd_groups.extend(perm.cmd_group.all())
for cmd_group in cmd_groups:
cmds.extend(cmd_group.cmd.split(','))
return len(set(cmds))
else:
return 0
@register.filter(name='sudo_cmd_count')
def sudo_cmd_count(user_group_id):
user_group = UserGroup.objects.filter(id=user_group_id)
cmds = []
if user_group:
user_group = user_group[0]
cmd_groups = []
for perm in user_group.sudoperm_set.all():
cmd_groups.extend(perm.cmd_group.all())
for cmd_group in cmd_groups:
cmds.extend(cmd_group.cmd.split(','))
return len(set(cmds))
else:
return 0
@register.filter(name='sudo_cmd_ids')
def sudo_cmd_ids(user_group_id):
user_group = UserGroup.objects.filter(id=user_group_id)
if user_group:
user_group = user_group[0]
cmd_groups = []
for perm in user_group.sudoperm_set.all():
cmd_groups.extend(perm.cmd_group.all())
cmd_ids = [str(cmd_group.id) for cmd_group in cmd_groups]
return ','.join(cmd_ids)
else:
return '0'

9
jumpserver/views.py
View File

@ -50,7 +50,7 @@ def index_cu(request):
user = user[0]
login_types = {'L': 'LDAP', 'M': 'MAP'}
user_id = request.session.get('user_id')
username = User.objects.get(id=user_id).name
username = User.objects.get(id=user_id).username
posts = user_perm_asset_api(username)
host_count = len(posts)
new_posts = []
@ -248,11 +248,12 @@ def login(request):
else:
username = request.POST.get('username')
password = request.POST.get('password')
user = User.objects.filter(username=username)
if user:
user = user[0]
user_filter = User.objects.filter(username=username)
if user_filter:
user = user_filter[0]
if md5_crypt(password) == user.password:
request.session['user_id'] = user.id
user_filter.update(last_login=datetime.datetime.now())
if user.role == 'SU':
request.session['role_id'] = 2
elif user.role == 'DA':

71
juser/views.py
View File

@ -68,9 +68,11 @@ def db_add_user(**kwargs):
group = UserGroup.objects.filter(id=group_id)
group_select.extend(group)
user.group = group_select
return user
def db_update_user(**kwargs):
print kwargs
groups_post = kwargs.pop('groups')
user_id = kwargs.pop('user_id')
user = User.objects.filter(id=user_id)
@ -152,18 +154,8 @@ def ldap_add_user(username, ldap_pwd):
'userPassword': ['{crypt}x'],
'gidNumber': [str(user.id)]}
# sudo_dn = 'cn=%s,ou=Sudoers,%s' % (username, LDAP_BASE_DN)
# sudo_attr = {'objectClass': ['top', 'sudoRole'],
# 'cn': ['%s' % str(username)],
# 'sudoCommand': ['/bin/pwd'],
# 'sudoHost': ['192.168.1.1'],
# 'sudoOption': ['!authenticate'],
# 'sudoRunAsUser': ['root'],
# 'sudoUser': ['%s' % str(username)]}
ldap_conn.add(user_dn, user_attr)
ldap_conn.add(group_dn, group_attr)
# ldap_conn.add(sudo_dn, sudo_attr)
def ldap_del_user(username):
@ -354,11 +346,16 @@ def group_add(request):
error = u'组名 或 部门 不能为空'
raise AddError(error)
if UserGroup.objects.filter(name=group_name):
error = u'组名已存在'
raise AddError(error)
dept = DEPT.objects.filter(id=dept_id)
if dept:
dept = dept[0]
else:
AddError(u'部门不存在')
error = u'部门不存在'
raise AddError(error)
db_add_group(name=group_name, users=users_selected, dept=dept, comment=comment)
except AddError:
@ -596,13 +593,13 @@ def user_add(request):
if request.method == 'POST':
username = request.POST.get('username', '')
password = request.POST.get('password', '')
password = gen_rand_pwd(16)
name = request.POST.get('name', '')
email = request.POST.get('email', '')
dept_id = request.POST.get('dept_id')
groups = request.POST.getlist('groups', [])
role_post = request.POST.get('role', 'CU')
ssh_key_pwd = request.POST.get('ssh_key_pwd', '')
ssh_key_pwd = gen_rand_pwd(16)
is_active = True if request.POST.get('is_active', '1') == '1' else False
ldap_pwd = gen_rand_pwd(16)
@ -626,11 +623,11 @@ def user_add(request):
pass
else:
try:
db_add_user(username=username,
user = db_add_user(username=username,
password=md5_crypt(password),
name=name, email=email, dept=dept,
groups=groups, role=role_post,
ssh_key_pwd=CRYPTOR.encrypt(ssh_key_pwd),
ssh_key_pwd=md5_crypt(ssh_key_pwd),
ldap_pwd=CRYPTOR.encrypt(ldap_pwd),
is_active=is_active,
date_joined=datetime.datetime.now())
@ -638,7 +635,18 @@ def user_add(request):
server_add_user(username, password, ssh_key_pwd)
if LDAP_ENABLE:
ldap_add_user(username, ldap_pwd)
msg = u'添加用户 %s 成功!' % username
mail_title = u'恭喜你的跳板机用户添加成功 Jumpserver'
mail_msg = """
Hi, %s
您的用户名 %s
您的部门: %s
您的角色 %s
您的web登录密码 %s
您的ssh登录密码 %s
密钥下载地址 http://%s:%s/juser/down_key/?id=%s
说明 请登陆后再下载密钥
""" % (name, username, dept.name, user_role.get(role_post, ''),
password, ssh_key_pwd, SEND_IP, SEND_PORT, user.id)
except Exception, e:
error = u'添加用户 %s 失败 %s ' % (username, e)
@ -649,6 +657,9 @@ def user_add(request):
ldap_del_user(username)
except Exception:
pass
else:
send_mail(mail_title, mail_msg, MAIL_FROM, [email], fail_silently=False)
msg = u'添加用户 %s 成功! 用户密码已发送到 %s 邮箱!' % (username, email)
return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request))
@ -662,11 +673,11 @@ def user_add_adm(request):
if request.method == 'POST':
username = request.POST.get('username', '')
password = request.POST.get('password', '')
password = gen_rand_pwd(16)
name = request.POST.get('name', '')
email = request.POST.get('email', '')
groups = request.POST.getlist('groups', [])
ssh_key_pwd = request.POST.get('ssh_key_pwd', '')
ssh_key_pwd = gen_rand_pwd(16)
is_active = True if request.POST.get('is_active', '1') == '1' else False
ldap_pwd = gen_rand_pwd(16)
@ -687,7 +698,7 @@ def user_add_adm(request):
password=md5_crypt(password),
name=name, email=email, dept=dept,
groups=groups, role='CU',
ssh_key_pwd=CRYPTOR.encrypt(ssh_key_pwd),
ssh_key_pwd=md5_crypt(ssh_key_pwd),
ldap_pwd=CRYPTOR.encrypt(ldap_pwd),
is_active=is_active,
date_joined=datetime.datetime.now())
@ -695,7 +706,6 @@ def user_add_adm(request):
server_add_user(username, password, ssh_key_pwd)
if LDAP_ENABLE:
ldap_add_user(username, ldap_pwd)
msg = u'添加用户 %s 成功!' % username
except Exception, e:
error = u'添加用户 %s 失败 %s ' % (username, e)
@ -706,6 +716,23 @@ def user_add_adm(request):
ldap_del_user(username)
except Exception:
pass
else:
mail_title = u'恭喜你的跳板机用户添加成功 Jumpserver'
mail_msg = """
Hi, %s
您的用户名 %s
您的部门: %s
您的角色 %s
您的web登录密码 %s
您的ssh登录密码 %s
密钥下载地址 http://%s:%s/juser/down_key/?id=%s
说明 请登陆后再下载密钥
""" % (name, username, dept.name, '普通用户',
password, ssh_key_pwd, SEND_IP, SEND_PORT, user.id)
print MAIL_FROM
send_mail(mail_title, mail_msg, MAIL_FROM, [email], fail_silently=False)
msg = u'添加用户 %s 成功! 用户密码已发送到 %s 邮箱!' % (username, email)
return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request))
@ -843,7 +870,7 @@ def user_edit(request):
groups_str = ' '.join([str(group.id) for group in user.group.all()])
else:
user_id = request.GET.get('user_id', '')
user_id = request.POST.get('user_id', '')
password = request.POST.get('password', '')
name = request.POST.get('name', '')
email = request.POST.get('email', '')
@ -858,7 +885,7 @@ def user_edit(request):
if dept:
dept = dept[0]
else:
dept = DEPT.objects.get(id='1')
dept = DEPT.objects.get(id='2')
if user_id:
user = User.objects.filter(id=user_id)

24
service.sh Normal file
View File

@ -0,0 +1,24 @@
#!/bin/bash
# Date: 2015-04-12
# Version: 2.0.0
# Site: http://www.jumpserver.org
# Author: jumpserver group
. /etc/init.d/functions
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/node/bin
base_dir=$(dirname $0)
case $1 in
start)
daemon $base_dir/manage.py runserver 0.0.0.0:80 &
daemon $base_dir/log_handler.py &
cd $base_dir/websocket/; daemon node index.js &
;;
stop)
pkill -15 python
pkill -15 node
;;
esac

29
static/js/base.js
View File

@ -59,10 +59,13 @@ function GetTableDataBox() {
return returnData;
}
function move(from, to) {
function move(from, to, from_o, to_o) {
$("#" + from + " option").each(function () {
if ($(this).prop("selected") == true) {
$("#" + to).append(this);
if( typeof from_o !== 'undefined'){
$("#"+to_o).append($("#"+from_o +" option[value='"+this.value+"']"));
}
}
});
}
@ -76,12 +79,12 @@ function move_left(from, to) {
});
}
function move_all(from, to) {
$("#" + from).children().each(function () {
$("#" + to).append(this);
});
}
//function move_all(from, to) {
// $("#" + from).children().each(function () {
// $("#" + to).append(this);
// });
//}
//
function selectAll(){
var checklist = document.getElementsByName ("selected");
@ -100,12 +103,12 @@ function selectAll(){
}
function move_all(from, to){
$("#"+from).children().each(function(){
$("#"+to).append(this);
});
}
//
//function move_all(from, to){
// $("#"+from).children().each(function(){
// $("#"+to).append(this);
// });
//}
//function commit_select(form_array){
// $('#{0} option'.format(form_array)).each(function(){

13
templates/jperm/dept_perm_edit.html
View File

@ -16,8 +16,6 @@ function search_ip(text, noselect, total){
})
}
</script>
<div class="wrapper wrapper-content animated fadeInRight">
@ -103,8 +101,8 @@ function search_ip(text, noselect, total){
<div class="col-sm-1">
<div class="btn-group" style="margin-top: 60px;">
<button type="button" class="btn btn-white" onclick="move('assets', 'asset_select' )"><i class="fa fa-chevron-right"></i></button>
<button type="button" class="btn btn-white" onclick="move('asset_select', 'assets')"><i class="fa fa-chevron-left"></i> </button>
<button type="button" class="btn btn-white" onclick="move('assets', 'asset_select', 'assets_total', 'asset_select_total' )"><i class="fa fa-chevron-right"></i></button>
<button type="button" class="btn btn-white" onclick="move('asset_select', 'assets', 'asset_select_total', 'assets_total')"><i class="fa fa-chevron-left"></i> </button>
</div>
</div>
@ -118,8 +116,6 @@ function search_ip(text, noselect, total){
</div>
</div>
</div>
</div>
<div class="row">
@ -172,14 +168,11 @@ $('#sudoPerm').validator({
$(document).ready(function(){
$("#submit_button").click(function(){
$('#users_selected option').each(function(){
$('#sudoPerm option').each(function(){
$(this).prop('selected', true)
})
});
})
</script>

5
templates/jperm/sudo_cmd_add.html
View File

@ -63,7 +63,12 @@
<div class="col-sm-8">
<select id="dept_id" name="dept_id" class="form-control m-b">
{% for dept in dept_all %}
{% ifequal dept_id dept.id %}
<option value="{{ dept.id }}" selected>{{ dept.name }}</option>
{% else %}
<option value="{{ dept.id }}">{{ dept.name }}</option>
{% endifequal %}
{% endfor %}
</select>
</div>

6
templates/jperm/sudo_cmd_detail.html
View File

@ -14,10 +14,13 @@
<body>
<div class="row">
<div class="contact-box">
{% if cmd_group_name %}
<h2 class="text-center">{{ cmd_group.name }} 命令详情</h2>
{% endif %}
<div class="ibox-content">
<table class="table table-striped table-bordered table-hover " id="editable" >
{% if cmd_group_name %}
<thead>
<tr>
<td class="text-center" width="120">ID</td>
@ -31,10 +34,11 @@
<td class="text-center">{{ cmd_group.name }}</td>
<td class="text-center">{{ cmd_group.dept.name }}</td>
</tr>
{% endif %}
<tr>
<td colspan="1" class="text-center">命令:</td>
<td colspan="6" class="text-center">
<b>{{ cmd_group.cmd }}</b>
<b>{{ cmds_str }}</b>
</td>
</tr>
</table>

19
templates/jperm/sudo_cmd_list.html
View File

@ -49,6 +49,7 @@
<tr>
<th class="text-center">组名</th>
<th class="text-center">命令</th>
<th class="text-center">部门</th>
<th class="text-center">备注</th>
<th class="text-center">操作</th>
</tr>
@ -58,9 +59,10 @@
<tr class="gradeX">
<td class="text-center"> {{ group.name }} </td>
<td class="text-center" title="{{ group.cmd }}"> {{ group.cmd | string_length:50 }} </td>
<td class="text-center"> {{ group.dept.name }} </td>
<td class="text-center"> {{ group.comment }} </td>
<td class="text-center">
{# <a href="../cmd_detail/?id={{ group.id }}" class="btn btn-xs btn-info">详情</a>#}
<a value="../cmd_detail/?id={{ group.id }}" class="btn btn-xs btn-primary iframe">详情</a>
<a href="../cmd_edit/?id={{ group.id }}" class="btn btn-xs btn-info">编辑</a>
<a href="../cmd_del/?id={{ group.id }}" class="btn btn-xs btn-danger">删除</a>
</td>
@ -118,7 +120,20 @@
<script>
$(document).ready(function() {
$(".iframe").colorbox({iframe:true, width:"70%", height:"70%"});
$(".iframe").on('click', function () {
var url = $(this).attr("value");
$.layer({
type: 2,
title: '命令详情',
maxmin: true,
shift: 'top',
border: [2, 0.3, '#1AB394'],
shade: [0.5, '#000000'],
shadeClose: true,
area: ['800px', '600px'],
iframe: {src: url}
});
});
});
</script>

6
templates/jperm/sudo_list.html
View File

@ -67,9 +67,9 @@
<td class="text-center"> {{ group.name }} </td>
<td class="text-center"> {{ group.dept.name }} </td>
<td class="text-center"><a href="/juser/user_list/?gid={{ group.id }}">{{ group.id | member_count }} </a> </td>
<td class="text-center"><a href="/jasset/group_list/?sid={{ group.id }}">{{ group.id | ugrp_perm_agrp_count }} </a> </td>
<td class="text-center"><a href="/jasset/host_list/?sid={{ group.id }}"> {{ group.id | ugrp_perm_asset_count }} </a> </td>
<td class="text-center"><a value="/jperm/cmd_detail/?id={{ group.id }}" class="iframe">{{ group.id | sudo_cmd_count }}</a> </td>
<td class="text-center"><a href="/jasset/group_list/?sid={{ group.id }}">{{ group.id | ugrp_sudo_agrp_count }} </a> </td>
<td class="text-center"><a href="/jasset/host_list/?sid={{ group.id }}"> {{ group.id | ugrp_sudo_asset_count }} </a> </td>
<td class="text-center"><a value="/jperm/cmd_detail/?id={{ group.id | sudo_cmd_ids }}" class="iframe">{{ group.id | sudo_cmd_count }}</a> </td>
<td class="text-center"> {{ group.comment }} </td>
<td class="text-center">
<a href="../sudo_edit/?id={{ group.id }}" class="btn btn-xs btn-danger">sudo授权</a>

40
templates/juser/user_add.html
View File

@ -42,26 +42,26 @@
<input id="username" name="username" placeholder="Username" type="text" class="form-control" {% if error %}value="{{ username }}" {% endif %}>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="password" class="col-sm-2 control-label">密码<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="password" name="password" placeholder="Password" type="password" class="form-control" {% if error %}value="{{ password }}" {% endif %}>
<span class="help-block m-b-none">
登陆web的密码
</span>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="ssh_key_pwd" class="col-sm-2 control-label">密钥密码<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="ssh_key_pwd" name="ssh_key_pwd" placeholder="SSH Key Password" type="password" class="form-control" {% if error %}value="{{ ssh_key_pwd }}" {% endif %}>
<span class="help-block m-b-none">
登陆 Jumpserver 使用的SSH密钥的密码
</span>
</div>
</div>
{# <div class="hr-line-dashed"></div>#}
{# <div class="form-group">#}
{# <label for="password" class="col-sm-2 control-label">密码<span class="red-fonts">*</span></label>#}
{# <div class="col-sm-8">#}
{# <input id="password" name="password" placeholder="Password" type="password" class="form-control" {% if error %}value="{{ password }}" {% endif %}>#}
{# <span class="help-block m-b-none">#}
{# 登陆web的密码#}
{# </span>#}
{# </div>#}
{# </div>#}
{# <div class="hr-line-dashed"></div>#}
{# <div class="form-group">#}
{# <label for="ssh_key_pwd" class="col-sm-2 control-label">密钥密码<span class="red-fonts">*</span></label>#}
{# <div class="col-sm-8">#}
{# <input id="ssh_key_pwd" name="ssh_key_pwd" placeholder="SSH Key Password" type="password" class="form-control" {% if error %}value="{{ ssh_key_pwd }}" {% endif %}>#}
{# <span class="help-block m-b-none">#}
{# 登陆 Jumpserver 使用的SSH密钥的密码#}
{# </span>#}
{# </div>#}
{# </div>#}
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="name" class="col-sm-2 control-label">姓名<span class="red-fonts">*</span></label>

1
templates/login.html
View File

@ -14,6 +14,7 @@
<link href="/static/css/animate.css" rel="stylesheet">
<link href="/static/css/style.css" rel="stylesheet">
</head>
<body class="gray-bg">

2
templates/upload.html
View File

@ -56,7 +56,7 @@
uploadMultiple: true,
parallelUploads: 100,
maxFiles: 100,
url: '/upload/',
url: '/file/upload/',
// Dropzone settings
init: function() {