From 408e4a54d8624095c6f6b0c04fb81af26c85aacc Mon Sep 17 00:00:00 2001
From: halcyon <864072399@qq.com>
Date: Wed, 25 Mar 2015 19:02:14 +0800
Subject: [PATCH] bugs
---
jasset/urls.py | 1 -
jasset/views.py | 49 +++++++++++++++++++++------------
jumpserver/api.py | 24 +++++++++-------
jumpserver/views.py | 13 +++++++--
templates/jasset/host_list.html | 2 +-
5 files changed, 57 insertions(+), 32 deletions(-)
diff --git a/jasset/urls.py b/jasset/urls.py
index c37330264..7e8912a67 100644
--- a/jasset/urls.py
+++ b/jasset/urls.py
@@ -22,5 +22,4 @@ urlpatterns = patterns('',
url(r'^host_del/(\w+)/$', host_del),
url(r'^host_edit/$', host_edit),
url(r'^host_edit/batch/$', batch_host_edit),
- url(r'^test/$', test),
)
\ No newline at end of file
diff --git a/jasset/views.py b/jasset/views.py
index f3552ed82..64d5b848c 100644
--- a/jasset/views.py
+++ b/jasset/views.py
@@ -3,12 +3,13 @@
import ast
from django.db.models import Q
+from django.http import Http404
from django.http import HttpResponseRedirect
from django.template import RequestContext
from django.shortcuts import render_to_response
from models import IDC, Asset, BisGroup
-from juser.models import UserGroup, DEPT, User
+from juser.models import UserGroup, DEPT
from connect import PyCrypt, KEY
from jlog.models import Log
from jumpserver.views import jasset_host_edit, pages
@@ -81,13 +82,9 @@ def add_host(request):
j_comment = request.POST.get('j_comment')
j_dept = request.POST.getlist('j_dept')
- try:
- if is_group_admin(request) and not validate(request, asset_group=j_group):
- print validate(request, asset_group=j_group), 'hello'
- emg = u'滚Y'
- raise RaiseError(emg)
- except RaiseError:
- pass
+ if is_group_admin(request) and not validate(request, asset_group=j_group, edept=j_dept):
+ emg = u'添加失败,您无权操作!'
+ return render_to_response('jasset/host_add.html', locals(), context_instance=RequestContext(request))
if Asset.objects.filter(ip=str(j_ip)):
emg = u'该IP %s 已存在!' % j_ip
@@ -145,6 +142,7 @@ def batch_host_edit(request):
j_id = "editable[" + str(i) + "][j_id]"
j_ip = "editable[" + str(i) + "][j_ip]"
j_port = "editable[" + str(i) + "][j_port]"
+ j_dept = "editable[" + str(i) + "][j_dept]"
j_idc = "editable[" + str(i) + "][j_idc]"
j_type = "editable[" + str(i) + "][j_type]"
j_group = "editable[" + str(i) + "][j_group]"
@@ -154,11 +152,18 @@ def batch_host_edit(request):
j_id = request.POST.get(j_id).strip()
j_ip = request.POST.get(j_ip).strip()
j_port = request.POST.get(j_port).strip()
+ j_dept = request.POST.getlist(j_dept).strip()
j_idc = request.POST.get(j_idc).strip()
j_type = request.POST.get(j_type).strip()
j_group = request.POST.getlist(j_group)
j_active = request.POST.get(j_active).strip()
j_comment = request.POST.get(j_comment).strip()
+ print j_dept, j_group
+ #
+ # if is_group_admin(request) and not validate(request, asset=[j_id]):
+ # emg = u'删除失败,您无权操作!'
+ # print 'hehe'
+ # return HttpResponseRedirect('/jasset/host_list/')
if j_type == 'M':
j_user = "editable[" + str(i) + "][j_user]"
@@ -166,9 +171,9 @@ def batch_host_edit(request):
j_user = request.POST.get(j_user).strip()
password = request.POST.get(j_password).strip()
j_password = cryptor.encrypt(password)
- jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_active, j_comment, j_user, j_password)
+ jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment, j_user, j_password)
else:
- jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_active, j_comment)
+ jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment)
return render_to_response('jasset/host_list.html')
@@ -207,11 +212,17 @@ def host_del(request, offset):
for i in range(int(len_list)):
key = "id_list[" + str(i) + "]"
jid = request.POST.get(key)
+ if is_group_admin(request) and not validate(request, asset=[jid]):
+ emg = u'删除失败,您无权操作!'
+ return HttpResponseRedirect('/jasset/host_list/')
a = Asset.objects.get(id=jid).ip
Asset.objects.filter(id=jid).delete()
BisGroup.objects.filter(name=a).delete()
else:
jid = int(offset)
+ if is_group_admin(request) and not validate(request, asset=[jid]):
+ emg = u'删除失败,您无权操作!'
+ return HttpResponseRedirect('/jasset/host_list/')
a = Asset.objects.get(id=jid).ip
BisGroup.objects.filter(name=a).delete()
Asset.objects.filter(id=jid).delete()
@@ -243,8 +254,12 @@ def host_edit(request):
j_active = request.POST.get('j_active')
j_comment = request.POST.get('j_comment')
j_idc = IDC.objects.get(name=j_idc)
+
+ if is_group_admin(request) and not validate(request, asset_group=j_group, edept=j_dept):
+ emg = u'修改失败,您无权操作!'
+ return render_to_response('jasset/host_edit.html', locals(), context_instance=RequestContext(request))
+
for group in j_group:
- print group
c = BisGroup.objects.get(name=group)
groups.append(c)
@@ -382,8 +397,12 @@ def add_group(request):
j_dept = request.POST.get('j_dept')
j_hosts = request.POST.getlist('j_hosts')
j_comment = request.POST.get('j_comment')
- j_dept = DEPT.objects.get(name=j_dept)
+ if is_group_admin(request) and not validate(request, asset=j_hosts, edept=[j_dept]):
+ emg = u'添加失败,您无权操作!'
+ return render_to_response('jasset/group_add.html', locals(), context_instance=RequestContext(request))
+
+ j_dept = DEPT.objects.get(name=j_dept)
if BisGroup.objects.filter(name=j_group):
emg = u'该主机组已存在!'
return render_to_response('jasset/group_add.html', locals(), context_instance=RequestContext(request))
@@ -539,8 +558,4 @@ def host_search(request):
comment__contains=keyword)).filter(dept=dept).distinct().order_by('ip')
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
- return render_to_response('jasset/host_search.html', locals(), context_instance=RequestContext(request))
-
-
-def test(request):
- return render_to_response('jasset/test.html', locals())
+ return render_to_response('jasset/host_search.html', locals(), context_instance=RequestContext(request))
\ No newline at end of file
diff --git a/jumpserver/api.py b/jumpserver/api.py
index 131dc78d1..537843aed 100644
--- a/jumpserver/api.py
+++ b/jumpserver/api.py
@@ -299,8 +299,12 @@ def asset_perm_api(asset):
return user_permed_list
-def validate(request, user_group=None, user=None, asset_group=None, asset=None):
+def validate(request, user_group=None, user=None, asset_group=None, asset=None, edept=None):
dept = get_session_user_dept(request)[1]
+ if edept:
+ if dept.name != edept[0]:
+ return False
+
if user_group:
dept_user_groups = dept.usergroup_set.all()
user_groups = []
@@ -321,24 +325,24 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None):
if asset_group:
dept_asset_groups = dept.bisgroup_set.all()
asset_groups = []
- for asset_group_name in asset_group:
- asset_groups.extend(BisGroup.objects.filter(name=asset_group_name))
+ for asset_group_name in dept_asset_groups:
+ asset_groups.extend(asset_group_name.name)
if len(asset_groups) == 0:
- print 'hehe'
return False
- if not set(asset_groups).issubset(set(dept_asset_groups)):
- print 'not in'
+ if not set(asset_group).issubset(set(asset_groups)):
return False
if asset:
dept_assets = dept.asset_set.all()
- assets = []
- for asset_id in asset:
- assets.extend(asset_id)
+ assets, eassets = [], []
+ for asset_id in dept_assets:
+ eassets.append(int(asset_id.id))
+ for i in asset:
+ assets.append(int(i))
- if not set(assets).issubset(dept_assets):
+ if not set(assets).issubset(eassets):
return False
return True
\ No newline at end of file
diff --git a/jumpserver/views.py b/jumpserver/views.py
index a52e99881..7fe3417b0 100644
--- a/jumpserver/views.py
+++ b/jumpserver/views.py
@@ -6,6 +6,7 @@ from django.db.models import Count
from django.shortcuts import render_to_response
from django.template import RequestContext
from jasset.models import IDC
+from juser.models import DEPT
from jumpserver.api import *
@@ -84,13 +85,18 @@ def jasset_group_add(name, comment, jtype):
smg = u'业务组%s添加成功' % name
-def jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_active, j_comment, j_user='', j_password=''):
- groups = []
+def jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment, j_user='', j_password=''):
+ groups, depts = [], []
is_active = {u'是': '1', u'否': '2'}
- login_types = {'LDAP': 'L', 'SSH_KEY': 'S', 'PASSWORD': 'P', 'MAP': 'M'}
+ login_types = {'LDAP': 'L', 'MAP': 'M'}
for group in j_group[0].split():
c = BisGroup.objects.get(name=group.strip())
groups.append(c)
+ print j_dept
+ for d in j_dept[0].split():
+ p = DEPT.objects.get(name=d.strip())
+ depts.append(p)
+
j_type = login_types[j_type]
j_idc = IDC.objects.get(name=j_idc)
a = Asset.objects.get(id=j_id)
@@ -112,6 +118,7 @@ def jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_active, j_com
a.comment = j_comment
a.save()
a.bis_group = groups
+ a.dept = depts
a.save()
diff --git a/templates/jasset/host_list.html b/templates/jasset/host_list.html
index 9bcfaa152..cb75b3c3d 100644
--- a/templates/jasset/host_list.html
+++ b/templates/jasset/host_list.html
@@ -69,7 +69,7 @@
| {{ post.port }} |
{{ login_types|get_item:post.login_type }} |
{{ post.idc.name }} |
- {{ post.dept.all | group_str2 }} |
+ {{ post.dept.all | group_str2 }} |
{{ post.bis_group.all | group_str2 }} |
{{ post.is_active|bool2str }} |