diff --git a/templates/jperm/perm_rule_list.html b/templates/jperm/perm_rule_list.html
index 270431c61..e08b8f7f4 100644
--- a/templates/jperm/perm_rule_list.html
+++ b/templates/jperm/perm_rule_list.html
@@ -55,19 +55,19 @@
| {{ rule.name }} |
- {{ rule | rule_member_count:"user" }}
+ {{ rule | rule_member_count:"user" }}
|
- {{ rule | rule_member_count:"user_group" }}
+ {{ rule | rule_member_count:"user_group" }}
|
- {{ rule | rule_member_count:"asset" }}
+ {{ rule | rule_member_count:"asset" }}
|
- {{ rule | rule_member_count:"asset_group" }}
+ {{ rule | rule_member_count:"asset_group" }}
|
- {{ rule | rule_member_count:"role" }}
+ {{ rule | rule_member_count:"role" }}
|
详情
From 8d941dc028a8f3c100856284f532db634a6379a0 Mon Sep 17 00:00:00 2001
From: yumaojun <719118794@qq.com>
Date: Tue, 17 Nov 2015 13:55:13 +0800
Subject: [PATCH 05/17] update role edit and rule edit
---
jperm/views.py | 1 -
1 file changed, 1 deletion(-)
diff --git a/jperm/views.py b/jperm/views.py
index f41a03ed6..fd4b9a756 100644
--- a/jperm/views.py
+++ b/jperm/views.py
@@ -1,6 +1,5 @@
# -*- coding: utf-8 -*-
-
from django.db.models import Q
from jperm.perm_api import *
from jperm.models import PermLog as Log
From e5c1071073b8610bbad7500fce41c5b45ad2a295 Mon Sep 17 00:00:00 2001
From: yumaojun <719118794@qq.com>
Date: Tue, 17 Nov 2015 14:10:46 +0800
Subject: [PATCH 06/17] Merge branch 'dev' into map_perm
---
jasset/views.py | 2 +-
jperm/models.py | 4 +-
jperm/views.py | 88 ++++++++++++++++++++++++-----
jumpserver.conf | 2 +-
templates/jperm/perm_role_edit.html | 7 +++
templates/jperm/perm_role_push.html | 10 ----
templates/jperm/perm_rule_add.html | 30 +---------
templates/jperm/perm_rule_edit.html | 30 +---------
templates/jperm/perm_rule_list.html | 10 ++--
9 files changed, 92 insertions(+), 91 deletions(-)
diff --git a/jasset/views.py b/jasset/views.py
index 8427f9f67..b0d616d92 100644
--- a/jasset/views.py
+++ b/jasset/views.py
@@ -160,7 +160,7 @@ def asset_add(request):
asset_save = af_post.save(commit=False)
if not use_default_auth:
password = request.POST.get('password', '')
- password_encode = CRYPTOR.encrypt(password)
+ password_encode = password
asset_save.password = password_encode
asset_save.is_active = True if is_active else False
asset_save.save()
diff --git a/jperm/models.py b/jperm/models.py
index 2bcea14e3..d9553a00c 100644
--- a/jperm/models.py
+++ b/jperm/models.py
@@ -32,14 +32,14 @@ class PermRole(models.Model):
class PermRule(models.Model):
date_added = models.DateTimeField(auto_now=True)
- name = models.CharField(max_length=100)
+ name = models.CharField(max_length=100, unique=True)
comment = models.CharField(max_length=100)
asset = models.ManyToManyField(Asset, related_name='perm_rule')
asset_group = models.ManyToManyField(AssetGroup, related_name='perm_rule')
user = models.ManyToManyField(User, related_name='perm_rule')
user_group = models.ManyToManyField(UserGroup, related_name='perm_rule')
role = models.ManyToManyField(PermRole, related_name='perm_rule')
- ssh_type = models.BooleanField()
+ is_secret_key = models.BooleanField()
def __unicode__(self):
return self.name
\ No newline at end of file
diff --git a/jperm/views.py b/jperm/views.py
index 2685d6bd6..fd4b9a756 100644
--- a/jperm/views.py
+++ b/jperm/views.py
@@ -1,6 +1,5 @@
# -*- coding: utf-8 -*-
-
from django.db.models import Q
from jperm.perm_api import *
from jperm.models import PermLog as Log
@@ -89,7 +88,8 @@ def perm_rule_add(request):
asset_groups_select = request.POST.getlist('assetgroup', [])
roles_select = request.POST.getlist('role', [])
rule_name = request.POST.get('rulename')
- rule_comment = request.POST.get('comment')
+ rule_comment = request.POST.get('rule_comment')
+ rule_ssh_key = request.POST.get("use_publicKey")
# 获取需要授权的主机列表
assets_obj = [Asset.objects.get(ip=asset) for asset in assets_select]
@@ -114,7 +114,9 @@ def perm_rule_add(request):
rule.asset = assets_obj
rule.asset_group = asset_groups_obj
rule.role = roles_obj
+ rule.is_secret_key = bool(rule_ssh_key)
rule.save()
+
return HttpResponse(u"添加授权规则:%s" % rule.name)
@@ -130,8 +132,10 @@ def perm_rule_edit(request):
rule_id = request.GET.get("id")
rule = PermRule.objects.get(id=rule_id)
+
if request.method == 'GET' and rule_id:
# 渲染数据, 获取所有的rule对象
+ rule_comment = rule.comment
users = rule.user.all()
user_groups = rule.user_group.all()
assets = rule.asset.all()
@@ -141,7 +145,44 @@ def perm_rule_edit(request):
return my_render('jperm/perm_rule_edit.html', locals(), request)
elif request.method == 'POST' and rule_id:
- return HttpResponse("uncompleted")
+ # 获取用户选择的 用户,用户组,资产,资产组,用户角色
+ rule_name = request.POST.get('rule_name')
+ rule_comment = request.POST.get("rule_comment")
+ users_select = request.POST.getlist('user', [])
+ user_groups_select = request.POST.getlist('usergroup', [])
+ assets_select = request.POST.getlist('asset', [])
+ asset_groups_select = request.POST.getlist('assetgroup', [])
+ roles_select = request.POST.getlist('role', [])
+
+ # 获取需要授权的主机列表
+ assets_obj = [Asset.objects.get(ip=asset) for asset in assets_select]
+ asset_groups_obj = [AssetGroup.objects.get(name=group) for group in asset_groups_select]
+ group_assets_obj = [asset for asset in [group.asset_set.all() for group in asset_groups_obj]]
+ calc_assets = set(group_assets_obj) | set(assets_obj)
+
+ # 获取需要授权的用户列表
+ users_obj = [User.objects.get(name=user) for user in users_select]
+ user_groups_obj = [UserGroup.objects.get(name=group) for group in user_groups_select]
+ group_users_obj = [user for user in [group.user_set.all() for group in user_groups_obj]]
+ calc_users = set(group_users_obj) | set(users_obj)
+
+ # 获取授予的角色列表
+ roles_obj = [PermRole.objects.get(name=role) for role in roles_select]
+
+ # 仅授权成功的,写回数据库(授权规则,用户,用户组,资产,资产组,用户角色)
+ rule.user = users_obj
+ rule.usergroup = user_groups_obj
+ rule.asset = assets_obj
+ rule.asset_group = asset_groups_obj
+ rule.role = roles_obj
+ rule.name = rule_name
+ rule.comment = rule.comment
+
+ print rule, rule.name
+ rule.save()
+ return HttpResponse(u"更新授权规则:%s" % rule.name)
+
+
@require_role('admin')
@@ -252,8 +293,12 @@ def perm_role_detail(request):
role_info = get_role_info(role_id)
# 渲染数据
- for key, value in role_info.iteritems():
- key = value
+ rules = role_info.get("rules")
+ assets = role_info.get("assets")
+ asset_groups = role_info.get("asset_groups")
+ users = role_info.get("users")
+ user_groups = role_info.get("user_groups")
+
return my_render('jperm/perm_role_detail.html', locals(), request)
@@ -265,15 +310,27 @@ def perm_role_edit(request):
# 渲染数据
header_title, path1, path2 = "系统角色", "角色管理", "角色编辑"
+ # 渲染数据
+ role_id = request.GET.get("id")
+ role = PermRole.objects.get(id=role_id)
if request.method == "GET":
- role_id = request.GET.get("id")
- # 渲染数据
- role = PermRole.objects.get(id=role_id)
-
return my_render('jperm/perm_role_edit.html', locals(), request)
if request.method == "POST":
- return HttpResponse(u"未实现")
+ # 获取 POST 数据
+ role_name = request.POST.get("role_name")
+ role_password = request.POST.get("role_password")
+ role_comment = request.POST.get("role_comment")
+
+ # 写入数据库
+ role.name = role_name
+ role.password = role_password
+ role.comment = role_comment
+
+ role.save()
+ return HttpResponse(u"更新系统角色: %s" % role.name)
+
+
@require_role('admin')
@@ -326,10 +383,13 @@ def perm_role_push(request):
task = Tasks(push_resource)
ret = {}
ret_failed = []
- if password_push:
- ret["password_push"] = task.add_multi_user(**role_pass)
- if ret["password_push"].get("status") != "success":
- ret_failed.append(1)
+
+ # 因为要先建立用户,所以password 是必选项,
+ # 而push key是在 password也完成的情况下的 可选项
+ ret["password_push"] = task.add_multi_user(**role_pass)
+ if ret["password_push"].get("status") != "success":
+ ret_failed.append(1)
+
if key_push:
ret["key_push"] = task.push_multi_key(**role_key)
if ret["key_push"].get("status") != "success":
diff --git a/jumpserver.conf b/jumpserver.conf
index 6297ab00a..ac9506672 100644
--- a/jumpserver.conf
+++ b/jumpserver.conf
@@ -9,7 +9,7 @@ log = debug
host = 127.0.0.1
port = 3306
user = jumpserver
-password = mysql234
+password = mysql1234
database = jumpserver
[websocket]
diff --git a/templates/jperm/perm_role_edit.html b/templates/jperm/perm_role_edit.html
index 23c7e7617..81d56d4b4 100644
--- a/templates/jperm/perm_role_edit.html
+++ b/templates/jperm/perm_role_edit.html
@@ -40,6 +40,13 @@
+
+
diff --git a/templates/jperm/perm_role_push.html b/templates/jperm/perm_role_push.html
index a524d0cc2..91a4c7a0d 100644
--- a/templates/jperm/perm_role_push.html
+++ b/templates/jperm/perm_role_push.html
@@ -67,16 +67,6 @@
-
-
-
-
-
-
-
-
-
-
diff --git a/templates/jperm/perm_rule_list.html b/templates/jperm/perm_rule_list.html
index 270431c61..e08b8f7f4 100644
--- a/templates/jperm/perm_rule_list.html
+++ b/templates/jperm/perm_rule_list.html
@@ -55,19 +55,19 @@
| {{ rule.name }} |
- {{ rule | rule_member_count:"user" }}
+ {{ rule | rule_member_count:"user" }}
|
- {{ rule | rule_member_count:"user_group" }}
+ {{ rule | rule_member_count:"user_group" }}
|
- {{ rule | rule_member_count:"asset" }}
+ {{ rule | rule_member_count:"asset" }}
|
- {{ rule | rule_member_count:"asset_group" }}
+ {{ rule | rule_member_count:"asset_group" }}
|
- {{ rule | rule_member_count:"role" }}
+ {{ rule | rule_member_count:"role" }}
|
详情
From 8479989ea856ea8e05b666c5e52372ac5afb60a9 Mon Sep 17 00:00:00 2001
From: ibuler
Date: Tue, 17 Nov 2015 21:41:03 +0800
Subject: [PATCH 07/17] =?UTF-8?q?=E6=9B=B4=E6=8D=A2nav=20ico,=20=E4=BF=AE?=
=?UTF-8?q?=E5=A4=8D=E9=9C=80=E8=A6=81=E7=99=BB=E9=99=86=EF=BC=8C=E7=99=BB?=
=?UTF-8?q?=E9=99=86=E5=90=8E=E8=B7=B3=E8=BD=AC=E5=88=B0=E7=99=BB=E9=99=86?=
=?UTF-8?q?=E5=89=8D=E9=A1=B5=E9=9D=A2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
docs/requirements.txt | 5 ++++-
jumpserver/api.py | 2 +-
jumpserver/views.py | 2 +-
keys/README.md | 3 +++
templates/index.html | 16 +++-------------
templates/nav.html | 8 ++++----
6 files changed, 16 insertions(+), 20 deletions(-)
create mode 100644 keys/README.md
diff --git a/docs/requirements.txt b/docs/requirements.txt
index d32aff3a4..28d7b9137 100644
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -10,4 +10,7 @@ xlsxwriter==0.7.7
xlrd==0.9.4
django-bootstrap-form
tornado
-ansible
\ No newline at end of file
+ansible
+pyinotify
+passlib
+argparse
\ No newline at end of file
diff --git a/jumpserver/api.py b/jumpserver/api.py
index 5b964586c..97fc659bb 100644
--- a/jumpserver/api.py
+++ b/jumpserver/api.py
@@ -197,9 +197,9 @@ def require_role(role='user'):
def _deco(func):
def __deco(request, *args, **kwargs):
+ request.session['pre_url'] = request.path
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/')
-
if role == 'admin':
# if request.session.get('role_id', 0) < 1:
if request.user.role == 'CU':
diff --git a/jumpserver/views.py b/jumpserver/views.py
index 89bc75fd8..a907ced4f 100644
--- a/jumpserver/views.py
+++ b/jumpserver/views.py
@@ -235,7 +235,7 @@ def Login(request):
request.session['role_id'] = 1
else:
request.session['role_id'] = 0
- return HttpResponseRedirect(request.GET.get('next', '/'), )
+ return HttpResponseRedirect(request.session.get('pre_url', '/'))
# response.set_cookie('username', username, expires=604800)
# response.set_cookie('seed', PyCrypt.md5_crypt(password), expires=604800)
# return response
diff --git a/keys/README.md b/keys/README.md
new file mode 100644
index 000000000..9e060e41d
--- /dev/null
+++ b/keys/README.md
@@ -0,0 +1,3 @@
+看山是山,看水是水
+看山不是山,看水不是水
+看山是山,看水是水
diff --git a/templates/index.html b/templates/index.html
index af6966ef6..0d8baf9f9 100644
--- a/templates/index.html
+++ b/templates/index.html
@@ -14,7 +14,6 @@
-{# {{ percent_user }} #}
All user
@@ -27,7 +26,6 @@
-{# {{ percent_host }} #}
All host
@@ -37,7 +35,7 @@
Online
- 实时在线用户
+ 在线用户
-{# {{ percent_online_host }} #}
Connected host
@@ -169,7 +166,7 @@
- 一周Top10资产
+ 一周Top10资产
登录次数及最近一次登录记录.
@@ -309,14 +306,7 @@
-
-
-
-
-
-
-
-
+
{% endblock %}
diff --git a/templates/nav.html b/templates/nav.html
index 3f3e76d42..32d31bcc4 100644
--- a/templates/nav.html
+++ b/templates/nav.html
@@ -4,10 +4,10 @@
|
| 资产编号 |
- {{ asset.number }} |
+ {{ asset.number|default_if_none:"" }} |
| SN |
- {{ asset.sn }} |
+ {{ asset.sn|default_if_none:"" }} |
| 主机类型 |
- {{ asset.get_asset_type_display }} |
+ {{ asset.get_asset_type_display|default_if_none:"" }} |
| 系统版本 |
- {{ asset.system_type }} {{ asset.system_version }} |
+ {{ asset.system_type|default_if_none:"" }} {{ asset.system_version|default_if_none:"" }} |
| 运行环境 |
- {{ asset.get_env_display }} |
+ {{ asset.get_env_display|default_if_none:"" }} |
| 机器状态 |
- {{ asset.get_status_display }} |
+ {{ asset.get_status_display|default_if_none:"" }} |
| 机柜号 |
- {{ asset.cabinet }} |
+ {{ asset.cabinet|default_if_none:"" }} |
| 机柜位置 |
- {{ asset.position }} |
+ {{ asset.position|default_if_none:"" }} |
| 激活 |
@@ -149,7 +149,7 @@
| 备注 |
- {{ asset.comment }} |
+ {{ asset.comment|default_if_none:"" }} |
diff --git a/templates/jasset/asset_list.html b/templates/jasset/asset_list.html
index 133e41eea..63eb123ad 100644
--- a/templates/jasset/asset_list.html
+++ b/templates/jasset/asset_list.html
@@ -119,12 +119,12 @@
|
- {{ asset.ip }} |
- {{ asset.hostname }} |
- {{ asset.idc.name }} |
+ {{ asset.ip|default_if_none:"" }} |
+ {{ asset.hostname|default_if_none:"" }} |
+ {{ asset.idc.name|default_if_none:"" }} |
{{ asset.group.all|group_str2 }} |
{# {{ asset.cpu }}|{{ asset.memory }}|{{ asset.disk }} | #}
- {{ asset.system_type }}{{ asset.system_version }} |
+ {{ asset.system_type|default_if_none:"" }}{{ asset.system_version|default_if_none:"" }} |
{{ asset.use_default_auth|bool2str }} |
详情
diff --git a/templates/jasset/group_add.html b/templates/jasset/group_add.html
index f5013ae14..51ffd23c1 100644
--- a/templates/jasset/group_add.html
+++ b/templates/jasset/group_add.html
@@ -75,12 +75,12 @@
| |