From 34cbb13b8a3bee34f7999acb1b087db7463d799d Mon Sep 17 00:00:00 2001 From: ibuler Date: Fri, 11 Dec 2015 11:45:19 +0800 Subject: [PATCH] bug fix --- jumpserver/api.py | 8 +++++++- juser/user_api.py | 2 +- juser/views.py | 2 +- templates/jperm/perm_role_detail.html | 12 +++++++++++- templates/jperm/role_sudo.j2 | 12 +++++++----- templates/nav.html | 2 +- 6 files changed, 28 insertions(+), 10 deletions(-) diff --git a/jumpserver/api.py b/jumpserver/api.py index 534f60d00..0b3c065c3 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -487,7 +487,8 @@ def get_tmp_dir(): def defend_attack(func): def _deco(request, *args, **kwargs): - if int(request.session.get('visit', 1)) > 5: + if int(request.session.get('visit', 1)) > 10: + logger.debug('请求次数: %s' % request.session.get('visit', 1)) return HttpResponse('Forbidden', status=403) request.session['visit'] = request.session.get('visit', 1) + 1 request.session.set_expiry(300) @@ -495,6 +496,11 @@ def defend_attack(func): return _deco +def get_mac_address(): + node = uuid.getnode() + mac = uuid.UUID(int=node).hex[-12:] + return mac + CRYPTOR = PyCrypt(KEY) logger = set_log(LOG_LEVEL) diff --git a/juser/user_api.py b/juser/user_api.py index 36bb9319a..abe173213 100644 --- a/juser/user_api.py +++ b/juser/user_api.py @@ -137,7 +137,7 @@ def gen_ssh_key(username, password='', if authorized_keys: auth_key_dir = os.path.join(home, username, '.ssh') - mkdir(auth_key_dir, mode=0700) + mkdir(auth_key_dir, username=username , mode=0700) authorized_key_file = os.path.join(auth_key_dir, 'authorized_keys') with open(private_key_file+'.pub') as pub_f: with open(authorized_key_file, 'w') as auth_f: diff --git a/juser/views.py b/juser/views.py index 2b6856aa8..e08a92639 100644 --- a/juser/views.py +++ b/juser/views.py @@ -302,7 +302,7 @@ def forget_password(request): return render_to_response('juser/forget_password.html', locals()) -@require_role('user') +@defend_attack def reset_password(request): uuid_r = request.GET.get('uuid', '') timestamp = request.GET.get('timestamp', '') diff --git a/templates/jperm/perm_role_detail.html b/templates/jperm/perm_role_detail.html index b20cd9833..f9ceefc43 100644 --- a/templates/jperm/perm_role_detail.html +++ b/templates/jperm/perm_role_detail.html @@ -189,7 +189,8 @@
- 删除 + 删除 + 重新推送
@@ -322,6 +323,15 @@ }); var url = '/jperm/role/push/?id={{ role.id }}&asset_id=' + check_array.join(','); $(this).attr('href', url) + }); + + $('.re_push').click(function(){ + var check_array = []; + $(".gradeX input[name='asset_id']:checked").each(function() { + check_array.push($(this).attr("value")) + }); + var url = '/jperm/role/push/?id={{ role.id }}&asset_id=' + check_array.join(','); + $(this).attr('href', url) }) }) diff --git a/templates/jperm/role_sudo.j2 b/templates/jperm/role_sudo.j2 index df58c8b58..269a1486e 100644 --- a/templates/jperm/role_sudo.j2 +++ b/templates/jperm/role_sudo.j2 @@ -11,11 +11,13 @@ cp ${sudo_file} ${sudo_file_bak} add_cmd_alias() { sudo_file=$1 {% for sudo_name, sudo_cmd in sudo_alias.items %} - if $(grep '^Cmnd_Alias {{ sudo_name }}' ${sudo_file} &> /dev/null); then - sed -i 's@^Cmnd_Alias.*{{ sudo_name }}.*@Cmnd_Alias {{ sudo_name }} = {{ sudo_cmd }}@g' ${sudo_file} - else - echo "Cmnd_Alias {{ sudo_name }} = {{ sudo_cmd }}" >> ${sudo_file} - fi + {% if sudo_name != 'ALL' %} + if $(grep '^Cmnd_Alias {{ sudo_name }}' ${sudo_file} &> /dev/null); then + sed -i 's@^Cmnd_Alias.*{{ sudo_name }}.*@Cmnd_Alias {{ sudo_name }} = {{ sudo_cmd }}@g' ${sudo_file} + else + echo "Cmnd_Alias {{ sudo_name }} = {{ sudo_cmd }}" >> ${sudo_file} + fi + {% endif %} {% endfor %} } diff --git a/templates/nav.html b/templates/nav.html index b48dc3645..505439011 100644 --- a/templates/nav.html +++ b/templates/nav.html @@ -17,7 +17,7 @@ 资产管理