mirror of https://github.com/jumpserver/jumpserver
修改一点点
guanghongwei
parent
9191d3b6e5
commit
41dbfbb335
|
|
@ -122,10 +122,8 @@ class LDAPMgmt():
|
||||||
def list(self, filter, scope=ldap.SCOPE_SUBTREE, attr=None):
|
def list(self, filter, scope=ldap.SCOPE_SUBTREE, attr=None):
|
||||||
try:
|
try:
|
||||||
ldap_result = self.conn.search_s(self.ldap_base_dn, scope, filter, attr)
|
ldap_result = self.conn.search_s(self.ldap_base_dn, scope, filter, attr)
|
||||||
print 'Here is the result: '
|
|
||||||
for entry in ldap_result:
|
for entry in ldap_result:
|
||||||
name, data = entry
|
name, data = entry
|
||||||
print '#'*20, name, '#'*20
|
|
||||||
for k, v in data.items():
|
for k, v in data.items():
|
||||||
print '%s: %s' % (k,v)
|
print '%s: %s' % (k,v)
|
||||||
except ldap.LDAPError, e:
|
except ldap.LDAPError, e:
|
||||||
|
|
@ -349,8 +347,10 @@ def showUser(request):
|
||||||
ldap_del = LDAPMgmt()
|
ldap_del = LDAPMgmt()
|
||||||
user_dn = "uid=%s,ou=People,%s" % (username, ldap_base_dn)
|
user_dn = "uid=%s,ou=People,%s" % (username, ldap_base_dn)
|
||||||
group_dn = "cn=%s,ou=Group,%s" % (username, ldap_base_dn)
|
group_dn = "cn=%s,ou=Group,%s" % (username, ldap_base_dn)
|
||||||
|
sudo_dn = 'cn=%s,ou=Sudoers,%s' % (username, ldap_base_dn)
|
||||||
ldap_del.delete(user_dn)
|
ldap_del.delete(user_dn)
|
||||||
ldap_del.delete(group_dn)
|
ldap_del.delete(group_dn)
|
||||||
|
ldap_del.delete(sudo_dn)
|
||||||
except Exception, e:
|
except Exception, e:
|
||||||
error = u'ldap中用户删除错误' + unicode(e)
|
error = u'ldap中用户删除错误' + unicode(e)
|
||||||
|
|
||||||
|
|
@ -442,17 +442,30 @@ def addUser(request):
|
||||||
'gidNumber': [str(u.id)],
|
'gidNumber': [str(u.id)],
|
||||||
'homeDirectory': [str('/home/%s' % username)]}
|
'homeDirectory': [str('/home/%s' % username)]}
|
||||||
|
|
||||||
group_dn = "cn=%s,out=Group,%s" % (username, ldap_base_dn)
|
group_dn = "cn=%s,ou=Group,%s" % (username, ldap_base_dn)
|
||||||
group_attr = {
|
group_attr = {
|
||||||
'objectClass': ['posixGroup', 'top'],
|
'objectClass': ['posixGroup', 'top'],
|
||||||
'cn': [str(username)],
|
'cn': [str(username)],
|
||||||
'userPassword': ['{crypt}x'],
|
'userPassword': ['{crypt}x'],
|
||||||
'gidNumber': [str(u.id)]
|
'gidNumber': [str(u.id)]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sudo_dn = 'cn=%s,ou=Sudoers,%s' % (username, ldap_base_dn)
|
||||||
|
sudo_attr = {
|
||||||
|
'objectClass': ['top'],
|
||||||
|
'objectClass': ['sudoRole'],
|
||||||
|
'cn': ['%s' % username],
|
||||||
|
'sudoCommand': ['/bin/pwd'],
|
||||||
|
'sudoHost': ['192.168.1.1'],
|
||||||
|
'sudoOption': ['!authenticate'],
|
||||||
|
'sudoRunAsUser': ['root'],
|
||||||
|
'sudoUser': ['%s' % username]
|
||||||
|
}
|
||||||
ldap_conn = LDAPMgmt()
|
ldap_conn = LDAPMgmt()
|
||||||
try:
|
try:
|
||||||
ldap_conn.add(user_dn, user_attr)
|
ldap_conn.add(user_dn, user_attr)
|
||||||
ldap_conn.add(group_dn, group_attr)
|
ldap_conn.add(group_dn, group_attr)
|
||||||
|
ldap_conn.add(sudo_dn, sudo_attr)
|
||||||
except Exception, e:
|
except Exception, e:
|
||||||
error = u'添加ladp用户失败' + unicode(e)
|
error = u'添加ladp用户失败' + unicode(e)
|
||||||
try:
|
try:
|
||||||
|
|
@ -460,6 +473,7 @@ def addUser(request):
|
||||||
u.delete()
|
u.delete()
|
||||||
ldap_conn.delete(user_dn)
|
ldap_conn.delete(user_dn)
|
||||||
ldap_conn.delete(group_dn)
|
ldap_conn.delete(group_dn)
|
||||||
|
ldap_conn.delete(sudo_dn)
|
||||||
except Exception:
|
except Exception:
|
||||||
pass
|
pass
|
||||||
return render_to_response('addUser.html', {'user_menu': 'active', 'form': form, 'error': error},
|
return render_to_response('addUser.html', {'user_menu': 'active', 'form': form, 'error': error},
|
||||||
|
|
@ -585,6 +599,15 @@ def chgGroup(request):
|
||||||
context_instance=RequestContext(request))
|
context_instance=RequestContext(request))
|
||||||
|
|
||||||
|
|
||||||
|
@admin_required
|
||||||
|
def showSudo(request):
|
||||||
|
if request.method == 'GET':
|
||||||
|
username = request.GET.get('username')
|
||||||
|
if not username:
|
||||||
|
return HttpResponseRedirect('/showUser/')
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@admin_required
|
@admin_required
|
||||||
def showAssets(request):
|
def showAssets(request):
|
||||||
"""查看服务器"""
|
"""查看服务器"""
|
||||||
|
|
@ -779,6 +802,9 @@ def chgKey(request):
|
||||||
if password != password_again:
|
if password != password_again:
|
||||||
error = '密码不匹配'
|
error = '密码不匹配'
|
||||||
|
|
||||||
|
if len(password) < 5:
|
||||||
|
error = '密码长度需要>5'
|
||||||
|
|
||||||
if error:
|
if error:
|
||||||
return render_to_response('info.html', {'error': error})
|
return render_to_response('info.html', {'error': error})
|
||||||
|
|
||||||
|
|
@ -787,7 +813,7 @@ def chgKey(request):
|
||||||
ret = bash('ssh-keygen -p -P %s -N %s -f %s' % (jm.decrypt(user.key_pass), password, keyfile))
|
ret = bash('ssh-keygen -p -P %s -N %s -f %s' % (jm.decrypt(user.key_pass), password, keyfile))
|
||||||
if ret != 0:
|
if ret != 0:
|
||||||
error = '更改私钥密码错误'
|
error = '更改私钥密码错误'
|
||||||
return render_to_response('info.hmtl', {'error': error})
|
return render_to_response('info.html', {'error': error})
|
||||||
user.key_pass = password
|
user.key_pass = password
|
||||||
user.save()
|
user.save()
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -92,7 +92,6 @@
|
||||||
<li><a href="/addUser/"><i class="glyphicon glyphicon-send"></i> 添加用户</a></li>
|
<li><a href="/addUser/"><i class="glyphicon glyphicon-send"></i> 添加用户</a></li>
|
||||||
<li><a href="/showGroup/"><i class="glyphicon glyphicon-send"></i> 查看属组</a></li>
|
<li><a href="/showGroup/"><i class="glyphicon glyphicon-send"></i> 查看属组</a></li>
|
||||||
<li><a href="/addGroup/"><i class="glyphicon glyphicon-send"></i> 添加属组</a></li>
|
<li><a href="/addGroup/"><i class="glyphicon glyphicon-send"></i> 添加属组</a></li>
|
||||||
<li><a href="/addUser/"><i class="glyphicon glyphicon-send"></i> Sudo管理</a></li>
|
|
||||||
</ul>
|
</ul>
|
||||||
<!--<div class="menu-first" ><a href="#monitorMenu" data-toggle="collapse"><i class="glyphicon glyphicon-th"></i> 执行命令</a></div>
|
<!--<div class="menu-first" ><a href="#monitorMenu" data-toggle="collapse"><i class="glyphicon glyphicon-th"></i> 执行命令</a></div>
|
||||||
<ul id="monitorMenu" class="nav nav-list navbar-collapse.in menu-second">
|
<ul id="monitorMenu" class="nav nav-list navbar-collapse.in menu-second">
|
||||||
|
|
|
||||||
|
|
@ -19,6 +19,8 @@
|
||||||
<th>Email</th>
|
<th>Email</th>
|
||||||
<th>Key</th>
|
<th>Key</th>
|
||||||
<th>修改</th>
|
<th>修改</th>
|
||||||
|
<th>sudo</th>
|
||||||
|
<th>sudo</th>
|
||||||
</tr>
|
</tr>
|
||||||
</thead>
|
</thead>
|
||||||
<tbody>
|
<tbody>
|
||||||
|
|
@ -39,6 +41,8 @@
|
||||||
<td>{{ user.email }}</td>
|
<td>{{ user.email }}</td>
|
||||||
<td><a href="/downKey/?username={{ user.username }}">下载</a></td>
|
<td><a href="/downKey/?username={{ user.username }}">下载</a></td>
|
||||||
<td><a href="/chgUser/?username={{ user.username }}">修改</a></td>
|
<td><a href="/chgUser/?username={{ user.username }}">修改</a></td>
|
||||||
|
<td><a href="/showSudo/?username={{ user.username }">查看</a></td>
|
||||||
|
<td><a href="/chgSudo/?username={{ user.username }">修改</a></td>
|
||||||
</tr>
|
</tr>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
</tbody>
|
</tbody>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue