pull/6/head
halcyon 10 years ago
parent 408e4a54d8
commit 359f70b9f9

@ -13,9 +13,7 @@ from juser.models import UserGroup, DEPT
from connect import PyCrypt, KEY
from jlog.models import Log
from jumpserver.views import jasset_host_edit, pages
from jumpserver.api import asset_perm_api, validate
from jumpserver.api import require_login, require_super_user, \
require_admin, is_group_admin, is_super_user, is_common_user, get_user_dept
from jumpserver.api import *
cryptor = PyCrypt(KEY)
@ -201,7 +199,11 @@ def list_host(request):
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
elif is_common_user(request):
pass
user_id = request.session.get('user_id')
username = User.objects.get(id=user_id).name
posts = user_perm_asset_api(username)
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
print posts, username
return render_to_response('jasset/host_list.html', locals(), context_instance=RequestContext(request))
@ -212,6 +214,7 @@ def host_del(request, offset):
for i in range(int(len_list)):
key = "id_list[" + str(i) + "]"
jid = request.POST.get(key)
print jid
if is_group_admin(request) and not validate(request, asset=[jid]):
emg = u'删除失败,您无权操作!'
return HttpResponseRedirect('/jasset/host_list/')

@ -45,7 +45,12 @@ def log_list_online(request):
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
elif is_common_user(request):
if keyword:
posts = Log.objects.filter(user=username).filter(Q(user__contains=keyword) | Q(host__contains=keyword))\
.filter(is_finished=0).order_by('-start_time')
else:
posts = Log.objects.filter(is_finished=0).filter(user=username).order_by('-start_time')
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
return render_to_response('jlog/log_online.html', locals(), context_instance=RequestContext(request))
@ -75,8 +80,12 @@ def log_list_offline(request):
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
elif is_common_user(request):
if keyword:
posts = Log.objects.filter(user=username).filter(Q(user__contains=keyword) | Q(host__contains=keyword))\
.filter(is_finished=1).order_by('-start_time')
else:
posts = Log.objects.filter(is_finished=1).filter(user=username).order_by('-start_time')
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
return render_to_response('jlog/log_offline.html', locals(), context_instance=RequestContext(request))
@ -105,6 +114,8 @@ def log_search(request):
env = request.GET.get('env')
dept_id = get_user_dept(request)
dept_name = DEPT.objects.get(id=dept_id).name
user_id = request.session.get('user_id')
username = User.objects.get(id=user_id).username
if is_super_user(request):
if env == 'online':
posts = contact_list = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \
@ -122,4 +133,13 @@ def log_search(request):
posts = contact_list = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \
.filter(is_finished=1).filter(dept_name=dept_name).order_by('-start_time')
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
elif is_common_user(request):
if env == 'online':
posts = contact_list = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \
.filter(is_finished=0).filter(user=username).order_by('-start_time')
elif env == 'offline':
posts = contact_list = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \
.filter(is_finished=1).filter(user=username).order_by('-start_time')
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
return render_to_response('jlog/log_search.html', locals(), context_instance=RequestContext(request))

@ -1,3 +1,5 @@
import datetime
from django.db import models
from juser.models import UserGroup, DEPT
from jasset.models import Asset, BisGroup
@ -31,3 +33,17 @@ class SudoPerm(models.Model):
def __unicode__(self):
return self.name
class Apply(models.Model):
applyer = models.CharField(max_length=20)
approver = models.CharField(max_length=20)
dept = models.CharField(max_length=20)
bisgroup = models.CharField(max_length=500)
asset = models.CharField(max_length=500)
comment = models.TextField(blank=True, null=True)
date_add = models.DateTimeField(default=datetime.datetime.now(), null=True)
date_end = models.DateTimeField(null=True)
def __unicode__(self):
return self.applyer

@ -24,4 +24,6 @@ urlpatterns = patterns('jperm.views',
(r'^cmd_list/$', 'cmd_list'),
(r'^cmd_del/$', 'cmd_del'),
(r'^cmd_edit/$', 'cmd_edit'),
(r'^apply/$', 'perm_apply'),
(r'^apply/online/$', 'perm_apply_log'),
)

@ -5,7 +5,7 @@ from django.http import HttpResponseRedirect, HttpResponse
from django.template import RequestContext
from juser.models import User, UserGroup, DEPT
from jasset.models import Asset, BisGroup
from jperm.models import Perm, SudoPerm, CmdGroup
from jperm.models import Perm, SudoPerm, CmdGroup, Apply
from django.core.paginator import Paginator, EmptyPage, InvalidPage
from django.db.models import Q
from jumpserver.views import LDAP_ENABLE, ldap_conn, CONF, page_list_return, pages
@ -525,3 +525,60 @@ def cmd_del(request):
if cmd_group:
cmd_group[0].delete()
return HttpResponseRedirect('/jperm/cmd_list/')
@require_login
def perm_apply(request):
header_title, path1, path2 = u'主机权限申请', u'权限管理', u'申请主机'
user_id = request.session.get('user_id')
username = User.objects.get(id=user_id).username
dept_id = get_user_dept(request)
deptname = DEPT.objects.get(id=dept_id).name
dept = DEPT.objects.get(id=dept_id)
posts = Asset.objects.filter(dept=dept)
egroup = dept.bisgroup_set.all()
if request.method == 'POST':
applyer = request.POST.get('applyer')
dept = request.POST.get('dept')
group = request.POST.getlist('group')
hosts = request.POST.getlist('hosts')
comment = request.POST.get('comment')
Apply.objects.create(applyer=applyer, dept=dept, bisgroup=group, asset=hosts, comment=comment)
print applyer, dept, group, hosts, comment
return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request))
return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request))
def perm_apply_log(request):
header_title, path1, path2 = u'权限申请记录', u'权限管理', u'申请记录'
keyword = request.GET.get('keyword')
dept_id = get_user_dept(request)
dept_name = DEPT.objects.get(id=dept_id).name
user_id = request.session.get('user_id')
username = User.objects.get(id=user_id).username
if is_super_user(request):
if keyword:
posts = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \
.filter(is_finished=1).order_by('-start_time')
else:
posts = Log.objects.filter(is_finished=1).order_by('-start_time')
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
elif is_group_admin(request):
if keyword:
posts = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \
.filter(is_finished=1).filter(dept_name=dept_name).order_by('-start_time')
else:
posts = Log.objects.filter(is_finished=1).filter(dept_name=dept_name).order_by('-start_time')
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
elif is_common_user(request):
if keyword:
posts = Apply.objects.filter(applyer=username).filter(Q(applyer__contains=keyword) | Q(asset__contains=keyword))\
.order_by('-date_add')
else:
posts = Apply.objects.filter(applyer=username).order_by('-date_add')
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
return render_to_response('jperm/perm_log.html', locals(), context_instance=RequestContext(request))

@ -76,8 +76,10 @@
<td class="text-center" name="j_comment"> {{ post.comment }} </td>
<td class="text-center" data-editable='false'>
<a value="/jasset/{{ post.ip }}/" class="iframe btn btn-xs btn-primary">详情</a>
{% ifnotequal session_role_id 0 %}
<a href="/jasset/host_edit/?id={{ post.id }}" class="btn btn-xs btn-info">编辑</a>
<a href="/jasset/host_del/{{ post.id }}" class="btn btn-xs btn-danger">删除</a>
{% endifnotequal %}
</td>
</tr>
{% endfor %}

@ -80,7 +80,9 @@
<th class="text-center"> 所属部门 </th>
<th class="text-center"> 登录主机 </th>
<th class="text-center"> 来源IP </th>
{% ifnotequal session_role_id 0 %}
<th class="text-center"> 命令统计 </th>
{% endifnotequal %}
<th class="text-center"> 登录时间 </th>
<th class="text-center"> 结束时间 </th>
@ -93,7 +95,9 @@
<td class="text-center" id="dept"> {{ post.dept_name }} </td>
<td class="text-center" id="ip"> {{ post.host }} </td>
<td class="text-center" id="remote_ip"> {{ post.remote_ip }} </td>
{% ifnotequal session_role_id 0 %}
<td class="text-center"><a href="/jlog/history/?id={{ post.id }}" class="log_command"> 命令统计 </td>
{% endifnotequal %}
<td class="text-center" id="start_time"> {{ post.start_time|date:"Y-m-d H:i:s"}} </td>
<td class="text-center" id="end_time"> {{ post.end_time|date:"Y-m-d H:i:s" }} </td>
</tr>

@ -80,8 +80,10 @@
<th class="text-center"> 所属部门 </th>
<th class="text-center"> 登录主机 </th>
<th class="text-center"> 来源IP </th>
{% ifnotequal session_role_id 0 %}
<th class="text-center"> 实时监控 </th>
<th class="text-center"> 阻断 </th>
{% endifnotequal %}
<th class="text-center"> 登录时间 </th>
</tr>
@ -93,8 +95,10 @@
<td id="ip" class="text-center"> {{ post.dept_name }} </td>
<td id="ip" class="text-center"> {{ post.host }} </td>
<td id="ip" class="text-center"> {{ post.remote_ip }} </td>
{% ifnotequal session_role_id 0 %}
<td class="text-center"><a class="monitor" filename="{{ post.log_path }}"> 监控 </a></td>
<td class="text-center"><input type="button" id="cut" class="btn btn-danger btn-xs" name="cut" value="阻断" onclick='cut("{{ post.pid }}")' /></td>
{% endifnotequal %}
<td class="text-center"> {{ post.start_time|date:"Y-m-d H:i:s" }} </td>
</tr>
{% endfor %}

@ -0,0 +1,163 @@
{% extends 'base.html' %}
{% block content %}
{% include 'nav_cat_bar.html' %}
<style>
.bootstrap-dialog-body {
background-color: rgba(0, 0, 0, 0);
}
.bootstrap-dialog-message {
background-color: rgba(0, 0, 0, 0);
}
.modal-content {
background-color: rgba(0, 0, 0, 0.6);
}
.modal-dialog {
background-color: rgba(0, 0, 0, 0);
width: 800px;
}
.modal-body {
background-color: rgba(0, 0, 0, 0);
}
.modal-header {
background-color: #FFFFFF;
}
.bootstrap-dialog-message {
color: #00FF00;
}
</style>
<div class="wrapper wrapper-content animated fadeInRight">
<div class="row">
<div class="col-lg-12">
<div class="ibox float-e-margins">
<div id="ibox-content" class="ibox-title">
<h5> 用户{{ username }}日志详细信息列表 </h5>
<div class="ibox-tools">
<a class="collapse-link">
<i class="fa fa-chevron-up"></i>
</a>
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
<i class="fa fa-wrench"></i>
</a>
<ul class="dropdown-menu dropdown-user">
<li><a href="#">未启用 1</a>
</li>
<li><a href="#">未启用 2</a>
</li>
</ul>
<a class="close-link">
<i class="fa fa-times"></i>
</a>
</div>
</div>
<div class="ibox-content">
<div class="panel-options">
<ul class="nav nav-tabs">
<li style="float: right">
<form id="search_form" method="get" action="" class="pull-right mail-search">
<div class="input-group">
<input type="text" class="form-control input-sm" id="search_input" name="keyword" placeholder="Search">
<input type="text" style="display: none">
<div class="input-group-btn">
<button id='search_btn' type="button" class="btn btn-sm btn-primary" onclick="log_search()">
Search
</button>
</div>
</div>
</form>
</li>
</ul>
</div>
<br/>
<div class="tab-content">
<table class="table table-striped table-bordered table-hover ">
<thead>
<tr>
<th class="text-center"> 用户名 </th>
<th class="text-center"> 所属部门 </th>
<th class="text-center"> 登录主机 </th>
<th class="text-center"> 来源IP </th>
<!--<th class="text-center"> 命令统计 </th>-->
<th class="text-center"> 登录时间 </th>
<th class="text-center"> 结束时间 </th>
</tr>
</thead>
<tbody>
{% for post in contacts.object_list %}
<tr class="gradeX">
<td class="text-center" id="username"> {{ post.user }} </td>
<td class="text-center" id="dept"> {{ post.dept_name }} </td>
<td class="text-center" id="ip"> {{ post.host }} </td>
<td class="text-center" id="remote_ip"> {{ post.remote_ip }} </td>
<!--<td class="text-center"><a href="/jlog/history/?id={{ post.id }}" class="log_command"> 命令统计 </td>-->
<td class="text-center" id="start_time"> {{ post.start_time|date:"Y-m-d H:i:s"}} </td>
<td class="text-center" id="end_time"> {{ post.end_time|date:"Y-m-d H:i:s" }} </td>
</tr>
{% endfor %}
</tbody>
</table>
<div class="row">
<div class="col-sm-6">
</div>
{% include 'paginator.html' %}
</div>
</div>
</div>
</div>
</div>
</div>
</div>
{#<script src="http://{{ web_socket_host }}/socket.io/socket.io.js"></script>#}
<script>
$('.log_command').on('click',function(){
var url = $(this).attr('href');
var username = $('#username')[0].innerText;
var ip = $('#ip')[0].innerText;
var start_time = $('#start_time')[0].innerText;
var end_time = $('#end_time')[0].innerText;
var div_username = ' 登录用户名: '+'<span class="text-info">'+username+'' + '</span>';
var div_ip = ' 登录主机: '+'<span class="text-info">' + ip + '</span>';
var div_time = ' 开始时间: ' + '<span class="text-info">'+start_time +'</span>' + ' 结束时间: ' +'<span class="text-info">' + end_time + '</span'
var title = 'JumpServer命令统计 '+ div_username + div_ip + div_time
$.ajax({url:url,success:function(data){
BootstrapDialog.show({title: title, message:data});
}});
return false;
})
globalConfig = {
SOCKET_HOST: "{{ web_socket_host }}"
}
function cut(num){
var g_url = "/jlog/log_kill/"+num;
console.log(g_url);
$.ajax({
type: "GET",
url: g_url,
success: window.open("/jlog/","_self")
});
}
function log_search(){
$.ajax({
type: "GET",
url: "/jlog/search/?env=offline",
data: $("#search_form").serialize(),
success: function (data) {
$(".tab-content").html(data);
}
});
}
$("#search_input").keydown(function(e){
if(e.keyCode==13){
log_search()
}
})
</script>
{% endblock %}

@ -0,0 +1,127 @@
{% extends 'base.html' %}
{% block content %}
{% include 'nav_cat_bar.html' %}
<!--<h3 class="text-center">项目发布申请</h3>-->
<div class="wrapper wrapper-content animated fadeInRight">
<div class="row">
<div class="col-lg-10">
<div id="add_asset" class="ibox float-e-margins">
<div id="ibox-content" class="ibox-title">
<h5> 填写要申请主机的基本信息 </h5>
<div class="ibox-tools">
<a class="collapse-link">
<i class="fa fa-chevron-up"></i>
</a>
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
<i class="fa fa-wrench"></i>
</a>
<ul class="dropdown-menu dropdown-user">
<li><a href="#">未启用 1</a>
</li>
<li><a href="#">未启用 2</a>
</li>
</ul>
<a class="close-link">
<i class="fa fa-times"></i>
</a>
</div>
</div>
<div class="ibox-content">
{% if emg %}
<div class="alert alert-warning text-center">{{ emg }}</div>
{% endif %}
{% if smg %}
<div class="alert alert-success text-center">{{ smg }}</div>
{% endif %}
<form id="assetForm" method="post" class="form-horizontal">
{% csrf_token %}
<div class="form-group"><label class="col-sm-2 control-label"> 申请人 </label>
<div class="col-sm-8"><input type="text" name="applyer" value="{{ username }}" class="form-control" readonly="readonly"></div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group"><label class="col-sm-2 control-label"> 所在部门 </label>
<div class="col-sm-8"><input type="text" name="dept" value="{{ deptname }}" class="form-control" readonly="readonly"></div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="group" class="col-lg-2 control-label">主机组<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<select id="group" name="group" class="form-control m-b" multiple size="10">
{% for g in egroup %}
<option type="checkbox" value="{{ g.name }}">{{ g.name }} {% if g.comment %} --- {{ g.comment }} {% endif %}</option>
{% endfor %}
</select>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<div>
<label for="groups" class="col-lg-2 control-label">主机<span class="red-fonts">*</span></label>
<div class="col-sm-3">
<select multiple="multiple" id="id_domains_filter" name="domains_filter" style="display: none;">
</select>
<div class="input-group" style="padding-bottom: 5px">
<input type="text" size="19" class="form-control input-sm" id="search_input" name="keyword" placeholder="过滤" oninput="search_domain(this.value)">
</div>
<select id="groups" size="12" class="form-control m-b" multiple>
{% for post in posts %}
<option value="{{ post.ip }}">{{ post.ip }}</option>
{% endfor %}
</select>
</div>
<div class="col-sm-1">
<div class="btn-group" style="margin-top: 50px;">
<button type="button" class="btn btn-xm btn-white" onclick="move('groups', 'groups_selected')"><i class="fa fa-chevron-right"></i></button>
<button type="button" class="btn btn-xm btn-white" onclick="move_left('groups_selected', 'groups')"><i class="fa fa-chevron-left"></i></button>
</div>
</div>
<div class="col-sm-3">
<h4 style="padding-bottom: 5px">已选中主机</h4>
<div>
<select id="groups_selected" name="hosts" class="form-control m-b" size="12" multiple>
{% for post in eposts %}
<option value="{{ post.ip }}">{{ post.ip }}</option>
{% endfor %}
</select>
</div>
</div>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group"><label class="col-sm-2 control-label"> 申请说明 </label>
<div class="col-sm-8"><textarea type="text" placeholder="" name="comment" class="form-control" rows="5" cols="20"></textarea></div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<div class="col-sm-4 col-sm-offset-5">
<button class="btn btn-primary" type="submit"> 提交 </button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
<script>
function search_domain(text){
console.log(text)
$("#groups").children().each(function(){$(this).remove();});
$("#id_domains_filter").children().each(function(){
if ($(this).text().search(text) != -1) {
console.log(text);
$("#groups").append($(this).clone())
}
});
}
</script>
{% endblock content %}

@ -0,0 +1,93 @@
{% extends 'base.html' %}
{% block content %}
{% include 'nav_cat_bar.html' %}
<div class="wrapper wrapper-content animated fadeInRight">
<div class="row">
<div class="col-lg-12">
<div class="ibox float-e-margins">
<div id="ibox-content" class="ibox-title">
<h5> 用户权限申请详细信息列表 </h5>
<div class="ibox-tools">
<a class="collapse-link">
<i class="fa fa-chevron-up"></i>
</a>
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
<i class="fa fa-wrench"></i>
</a>
<ul class="dropdown-menu dropdown-user">
<li><a href="#">未启用 1</a>
</li>
<li><a href="#">未启用 2</a>
</li>
</ul>
<a class="close-link">
<i class="fa fa-times"></i>
</a>
</div>
</div>
<div class="ibox-content">
<div class="panel-options">
<ul class="nav nav-tabs">
<li><a href="/jperm/apply/online/" class="text-center"><i class="fa fa-laptop"></i> 未审批 </a></li>
<li class="active"><a href="/jperm/apply/offline/" class="text-center"><i class="fa fa-bar-chart-o"></i> 已审批 </a></li>
<li style="float: right">
<form id="search_form" method="get" action="" class="pull-right mail-search">
<div class="input-group">
<input type="text" class="form-control input-sm" id="search_input" name="keyword" placeholder="Search">
<input type="text" style="display: none">
<div class="input-group-btn">
<button id='search_btn' type="button" class="btn btn-sm btn-primary" onclick="log_search()">
Search
</button>
</div>
</div>
</form>
</li>
</ul>
</div>
<br/>
<div class="tab-content">
<table class="table table-striped table-bordered table-hover ">
<thead>
<tr>
<th class="text-center"> 申请人 </th>
<th class="text-center"> 所属部门 </th>
<th class="text-center"> 申请主机组 </th>
<th class="text-center"> 申请主机 </th>
<th class="text-center"> 申请时间 </th>
<th class="text-center"> 批准时间 </th>
<th class="text-center"> 备注 </th>
</tr>
</thead>
<tbody>
{% for post in contacts.object_list %}
<tr class="gradeX">
<td class="text-center" id="username"> {{ post.applyer }} </td>
<td class="text-center" id="dept"> {{ post.dept }} </td>
<td class="text-center" id="ip"> {{ post.bisgroup }} </td>
<td class="text-center" id="remote_ip"> {{ post.asset }} </td>
<!--{% ifnotequal session_role_id 0 %}-->
<!--<td class="text-center"><a href="/jlog/history/?id={{ post.id }}" class="log_command"> 命令统计 </td>-->
<!--{% endifnotequal %}-->
<td class="text-center" id="start_time"> {{ post.date_add|date:"Y-m-d H:i:s"}} </td>
<td class="text-center" id="end_time"> {{ post.date_end|date:"Y-m-d H:i:s" }} </td>
<td class="text-center" id=""> {{ post.comment }} </td>
</tr>
{% endfor %}
</tbody>
</table>
<div class="row">
<div class="col-sm-6">
</div>
{% include 'paginator.html' %}
</div>
</div>
</div>
</div>
</div>
</div>
</div>
{% endblock %}

@ -137,14 +137,18 @@
<li>
<a href="/"><i class="fa fa-rebel"></i> <span class="nav-label">个人信息</span><span class="label label-info pull-right"></span></a>
</li>
<li>
<a href="/"><i class="fa fa-cube"></i> <span class="nav-label">查看主机</span><span class="label label-info pull-right"></span></a>
<li id="jasset">
<a href="/jasset/host_list/"><i class="fa fa-cube"></i> <span class="nav-label">查看主机</span><span class="label label-info pull-right"></span></a>
</li>
<li>
<a href="/"><i class="fa fa-cube"></i> <span class="nav-label">申请主机</span><span class="label label-info pull-right"></span></a>
<li id="jperm">
<a><i class="fa fa-cube"></i> <span class="nav-label">权限申请</span><span class="fa arrow"></span></a>
<ul class="nav nav-second-level">
<li class="apply host_add_multi"><a href="/jperm/apply/">申请主机</a></li>
<li class="apply online"><a href="/jperm/apply/online/">申请记录</a></li>
</ul>
</li>
<li>
<a href="/"><i class="fa fa-files-o"></i> <span class="nav-label">登录历史</span><span class="label label-info pull-right"></span></a>
<li id="jlog">
<a href="/jlog/log_list/online/"><i class="fa fa-files-o"></i> <span class="nav-label">登录历史</span><span class="label label-info pull-right"></span></a>
</li>
<li>

Loading…
Cancel
Save