github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

bugs

pull/6/head
halcyon 2015-03-25 19:02:14 +08:00
parent e3b2be0261
commit 408e4a54d8
5 changed files with 57 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
jasset/urls.py
View File

@ -22,5 +22,4 @@ urlpatterns = patterns('',
url(r'^host_del/(\w+)/$', host_del), url(r'^host_del/(\w+)/$', host_del),
url(r'^host_edit/$', host_edit), url(r'^host_edit/$', host_edit),
url(r'^host_edit/batch/$', batch_host_edit), url(r'^host_edit/batch/$', batch_host_edit),
url(r'^test/$', test),
) )

47
jasset/views.py
View File

@ -3,12 +3,13 @@
import ast import ast
from django.db.models import Q from django.db.models import Q
from django.http import Http404
from django.http import HttpResponseRedirect from django.http import HttpResponseRedirect
from django.template import RequestContext from django.template import RequestContext
from django.shortcuts import render_to_response from django.shortcuts import render_to_response
from models import IDC, Asset, BisGroup from models import IDC, Asset, BisGroup
from juser.models import UserGroup, DEPT, User from juser.models import UserGroup, DEPT
from connect import PyCrypt, KEY from connect import PyCrypt, KEY
from jlog.models import Log from jlog.models import Log
from jumpserver.views import jasset_host_edit, pages from jumpserver.views import jasset_host_edit, pages
@ -81,13 +82,9 @@ def add_host(request):
j_comment = request.POST.get('j_comment') j_comment = request.POST.get('j_comment')
j_dept = request.POST.getlist('j_dept') j_dept = request.POST.getlist('j_dept')
try: if is_group_admin(request) and not validate(request, asset_group=j_group, edept=j_dept):
if is_group_admin(request) and not validate(request, asset_group=j_group): emg = u'添加失败,您无权操作!'
print validate(request, asset_group=j_group), 'hello' return render_to_response('jasset/host_add.html', locals(), context_instance=RequestContext(request))
emg = u'滚Y'
raise RaiseError(emg)
except RaiseError:
pass
if Asset.objects.filter(ip=str(j_ip)): if Asset.objects.filter(ip=str(j_ip)):
emg = u'该IP %s 已存在!' % j_ip emg = u'该IP %s 已存在!' % j_ip
@ -145,6 +142,7 @@ def batch_host_edit(request):
j_id = "editable[" + str(i) + "][j_id]" j_id = "editable[" + str(i) + "][j_id]"
j_ip = "editable[" + str(i) + "][j_ip]" j_ip = "editable[" + str(i) + "][j_ip]"
j_port = "editable[" + str(i) + "][j_port]" j_port = "editable[" + str(i) + "][j_port]"
j_dept = "editable[" + str(i) + "][j_dept]"
j_idc = "editable[" + str(i) + "][j_idc]" j_idc = "editable[" + str(i) + "][j_idc]"
j_type = "editable[" + str(i) + "][j_type]" j_type = "editable[" + str(i) + "][j_type]"
j_group = "editable[" + str(i) + "][j_group]" j_group = "editable[" + str(i) + "][j_group]"
@ -154,11 +152,18 @@ def batch_host_edit(request):
j_id = request.POST.get(j_id).strip() j_id = request.POST.get(j_id).strip()
j_ip = request.POST.get(j_ip).strip() j_ip = request.POST.get(j_ip).strip()
j_port = request.POST.get(j_port).strip() j_port = request.POST.get(j_port).strip()
j_dept = request.POST.getlist(j_dept).strip()
j_idc = request.POST.get(j_idc).strip() j_idc = request.POST.get(j_idc).strip()
j_type = request.POST.get(j_type).strip() j_type = request.POST.get(j_type).strip()
j_group = request.POST.getlist(j_group) j_group = request.POST.getlist(j_group)
j_active = request.POST.get(j_active).strip() j_active = request.POST.get(j_active).strip()
j_comment = request.POST.get(j_comment).strip() j_comment = request.POST.get(j_comment).strip()
print j_dept, j_group
#
# if is_group_admin(request) and not validate(request, asset=[j_id]):
# emg = u'删除失败,您无权操作!'
# print 'hehe'
# return HttpResponseRedirect('/jasset/host_list/')
if j_type == 'M': if j_type == 'M':
j_user = "editable[" + str(i) + "][j_user]" j_user = "editable[" + str(i) + "][j_user]"
@ -166,9 +171,9 @@ def batch_host_edit(request):
j_user = request.POST.get(j_user).strip() j_user = request.POST.get(j_user).strip()
password = request.POST.get(j_password).strip() password = request.POST.get(j_password).strip()
j_password = cryptor.encrypt(password) j_password = cryptor.encrypt(password)
jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_active, j_comment, j_user, j_password) jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment, j_user, j_password)
else: else:
jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_active, j_comment) jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment)
return render_to_response('jasset/host_list.html') return render_to_response('jasset/host_list.html')
@ -207,11 +212,17 @@ def host_del(request, offset):
for i in range(int(len_list)): for i in range(int(len_list)):
key = "id_list[" + str(i) + "]" key = "id_list[" + str(i) + "]"
jid = request.POST.get(key) jid = request.POST.get(key)
if is_group_admin(request) and not validate(request, asset=[jid]):
emg = u'删除失败,您无权操作!'
return HttpResponseRedirect('/jasset/host_list/')
a = Asset.objects.get(id=jid).ip a = Asset.objects.get(id=jid).ip
Asset.objects.filter(id=jid).delete() Asset.objects.filter(id=jid).delete()
BisGroup.objects.filter(name=a).delete() BisGroup.objects.filter(name=a).delete()
else: else:
jid = int(offset) jid = int(offset)
if is_group_admin(request) and not validate(request, asset=[jid]):
emg = u'删除失败,您无权操作!'
return HttpResponseRedirect('/jasset/host_list/')
a = Asset.objects.get(id=jid).ip a = Asset.objects.get(id=jid).ip
BisGroup.objects.filter(name=a).delete() BisGroup.objects.filter(name=a).delete()
Asset.objects.filter(id=jid).delete() Asset.objects.filter(id=jid).delete()
@ -243,8 +254,12 @@ def host_edit(request):
j_active = request.POST.get('j_active') j_active = request.POST.get('j_active')
j_comment = request.POST.get('j_comment') j_comment = request.POST.get('j_comment')
j_idc = IDC.objects.get(name=j_idc) j_idc = IDC.objects.get(name=j_idc)
if is_group_admin(request) and not validate(request, asset_group=j_group, edept=j_dept):
emg = u'修改失败,您无权操作!'
return render_to_response('jasset/host_edit.html', locals(), context_instance=RequestContext(request))
for group in j_group: for group in j_group:
print group
c = BisGroup.objects.get(name=group) c = BisGroup.objects.get(name=group)
groups.append(c) groups.append(c)
@ -382,8 +397,12 @@ def add_group(request):
j_dept = request.POST.get('j_dept') j_dept = request.POST.get('j_dept')
j_hosts = request.POST.getlist('j_hosts') j_hosts = request.POST.getlist('j_hosts')
j_comment = request.POST.get('j_comment') j_comment = request.POST.get('j_comment')
j_dept = DEPT.objects.get(name=j_dept)
if is_group_admin(request) and not validate(request, asset=j_hosts, edept=[j_dept]):
emg = u'添加失败,您无权操作!'
return render_to_response('jasset/group_add.html', locals(), context_instance=RequestContext(request))
j_dept = DEPT.objects.get(name=j_dept)
if BisGroup.objects.filter(name=j_group): if BisGroup.objects.filter(name=j_group):
emg = u'该主机组已存在!' emg = u'该主机组已存在!'
return render_to_response('jasset/group_add.html', locals(), context_instance=RequestContext(request)) return render_to_response('jasset/group_add.html', locals(), context_instance=RequestContext(request))
@ -540,7 +559,3 @@ def host_search(request):
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
return render_to_response('jasset/host_search.html', locals(), context_instance=RequestContext(request)) return render_to_response('jasset/host_search.html', locals(), context_instance=RequestContext(request))
def test(request):
return render_to_response('jasset/test.html', locals())

24
jumpserver/api.py
View File

@ -299,8 +299,12 @@ def asset_perm_api(asset):
return user_permed_list return user_permed_list
def validate(request, user_group=None, user=None, asset_group=None, asset=None): def validate(request, user_group=None, user=None, asset_group=None, asset=None, edept=None):
dept = get_session_user_dept(request)[1] dept = get_session_user_dept(request)[1]
if edept:
if dept.name != edept[0]:
return False
if user_group: if user_group:
dept_user_groups = dept.usergroup_set.all() dept_user_groups = dept.usergroup_set.all()
user_groups = [] user_groups = []
@ -321,24 +325,24 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None):
if asset_group: if asset_group:
dept_asset_groups = dept.bisgroup_set.all() dept_asset_groups = dept.bisgroup_set.all()
asset_groups = [] asset_groups = []
for asset_group_name in asset_group: for asset_group_name in dept_asset_groups:
asset_groups.extend(BisGroup.objects.filter(name=asset_group_name)) asset_groups.extend(asset_group_name.name)
if len(asset_groups) == 0: if len(asset_groups) == 0:
print 'hehe'
return False return False
if not set(asset_groups).issubset(set(dept_asset_groups)): if not set(asset_group).issubset(set(asset_groups)):
print 'not in'
return False return False
if asset: if asset:
dept_assets = dept.asset_set.all() dept_assets = dept.asset_set.all()
assets = [] assets, eassets = [], []
for asset_id in asset: for asset_id in dept_assets:
assets.extend(asset_id) eassets.append(int(asset_id.id))
for i in asset:
assets.append(int(i))
if not set(assets).issubset(dept_assets): if not set(assets).issubset(eassets):
return False return False
return True return True

13
jumpserver/views.py
View File

@ -6,6 +6,7 @@ from django.db.models import Count
from django.shortcuts import render_to_response from django.shortcuts import render_to_response
from django.template import RequestContext from django.template import RequestContext
from jasset.models import IDC from jasset.models import IDC
from juser.models import DEPT
from jumpserver.api import * from jumpserver.api import *
@ -84,13 +85,18 @@ def jasset_group_add(name, comment, jtype):
smg = u'业务组%s添加成功' % name smg = u'业务组%s添加成功' % name
def jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_active, j_comment, j_user='', j_password=''): def jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment, j_user='', j_password=''):
groups = [] groups, depts = [], []
is_active = {u'': '1', u'': '2'} is_active = {u'': '1', u'': '2'}
login_types = {'LDAP': 'L', 'SSH_KEY': 'S', 'PASSWORD': 'P', 'MAP': 'M'} login_types = {'LDAP': 'L', 'MAP': 'M'}
for group in j_group[0].split(): for group in j_group[0].split():
c = BisGroup.objects.get(name=group.strip()) c = BisGroup.objects.get(name=group.strip())
groups.append(c) groups.append(c)
print j_dept
for d in j_dept[0].split():
p = DEPT.objects.get(name=d.strip())
depts.append(p)
j_type = login_types[j_type] j_type = login_types[j_type]
j_idc = IDC.objects.get(name=j_idc) j_idc = IDC.objects.get(name=j_idc)
a = Asset.objects.get(id=j_id) a = Asset.objects.get(id=j_id)
@ -112,6 +118,7 @@ def jasset_host_edit(j_id, j_ip, j_idc, j_port, j_type, j_group, j_active, j_com
a.comment = j_comment a.comment = j_comment
a.save() a.save()
a.bis_group = groups a.bis_group = groups
a.dept = depts
a.save() a.save()

2
templates/jasset/host_list.html
View File

@ -69,7 +69,7 @@
<td class="text-center" name="j_port"> {{ post.port }} </td> <td class="text-center" name="j_port"> {{ post.port }} </td>
<td class="text-center" name="j_type"> {{ login_types|get_item:post.login_type }} </td> <td class="text-center" name="j_type"> {{ login_types|get_item:post.login_type }} </td>
<td class="text-center" name="j_idc"> {{ post.idc.name }} </td> <td class="text-center" name="j_idc"> {{ post.idc.name }} </td>
<td class="text-center" name="j_group">{{ post.dept.all | group_str2 }}</td> <td class="text-center" name="j_dept">{{ post.dept.all | group_str2 }}</td>
<td class="text-center" name="j_group">{{ post.bis_group.all | group_str2 }}</td> <td class="text-center" name="j_group">{{ post.bis_group.all | group_str2 }}</td>
<td class="text-center" name="j_active"> {{ post.is_active|bool2str }} </td> <td class="text-center" name="j_active"> {{ post.is_active|bool2str }} </td>
<!--<td class="text-center"> {{ post.date_added|date:"Y-m-d H:i:s" }} </td>--> <!--<td class="text-center"> {{ post.date_added|date:"Y-m-d H:i:s" }} </td>-->