From 4eb78e151e9de9795067c9a5734a16278e7c37d9 Mon Sep 17 00:00:00 2001 From: ibuler Date: Sun, 6 Sep 2015 21:37:22 +0800 Subject: [PATCH] =?UTF-8?q?=E7=94=A8=E6=88=B7=E6=A8=A1=E5=9D=97=E4=BF=AE?= =?UTF-8?q?=E6=94=B9=E5=91=8A=E4=B8=80=E6=AE=B5=E8=90=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- jasset/views.py | 7 - jumpserver/api.py | 10 +- jumpserver/context_processors.py | 20 +- jumpserver/templatetags/mytags.py | 4 +- jumpserver/views.py | 79 ++++---- juser/models.py | 5 + juser/urls.py | 3 +- juser/views.py | 183 +++++++++--------- templates/index_cu.html | 10 - .../juser/{chg_info.html => change_info.html} | 41 ++-- templates/juser/group_list.html | 2 +- templates/juser/profile.html | 2 - templates/juser/user_detail.html | 4 - templates/juser/user_list.html | 10 +- templates/nav_li_profile.html | 6 +- 15 files changed, 178 insertions(+), 208 deletions(-) rename templates/juser/{chg_info.html => change_info.html} (82%) diff --git a/jasset/views.py b/jasset/views.py index 22c72f8e5..57401f909 100644 --- a/jasset/views.py +++ b/jasset/views.py @@ -9,15 +9,8 @@ from django.shortcuts import get_object_or_404 from jperm.models import Perm from jumpserver.api import * -cryptor = PyCrypt(KEY) -class RaiseError(Exception): - pass - - -def my_render(template, data, request): - return render_to_response(template, data, context_instance=RequestContext(request)) def get_host_groups(groups): diff --git a/jumpserver/api.py b/jumpserver/api.py index c920137f1..72ac4fb1e 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -538,11 +538,9 @@ def get_session_user_info(request): 获取用户的信息 """ user_id = request.session.get('user_id', 0) - user = User.objects.filter(id=user_id) + user = get_object(User, id=user_id) if user: - user = user[0] - dept = user.dept - return [user.id, user.username, user, dept.id, dept.name, dept] + return [user.id, user.username, user] def get_user_dept(request): @@ -698,6 +696,10 @@ def http_error(request, emg): return render_to_response('error.html', locals()) +def my_render(template, data, request): + return render_to_response(template, data, context_instance=RequestContext(request)) + + CRYPTOR = PyCrypt(KEY) # if LDAP_ENABLE: diff --git a/jumpserver/context_processors.py b/jumpserver/context_processors.py index 2beeed3a0..9485fb12c 100644 --- a/jumpserver/context_processors.py +++ b/jumpserver/context_processors.py @@ -7,19 +7,13 @@ from jperm.models import Apply def name_proc(request): user_id = request.session.get('user_id') role_id = request.session.get('role_id') - if role_id == 2: - user_total_num = User.objects.all().count() - user_active_num = User.objects.filter().count() - host_total_num = Asset.objects.all().count() - host_active_num = Asset.objects.filter(is_active=True).count() - else: - user, dept = get_session_user_dept(request) - print user, dept - user_total_num = dept.user_set.all().count() - user_active_num = dept.user_set.filter(is_active=True).count() - host_total_num = dept.asset_set.all().count() - host_active_num = dept.asset_set.all().filter(is_active=True).count() - pass + # if role_id == 2: + user_total_num = User.objects.all().count() + user_active_num = User.objects.filter().count() + host_total_num = Asset.objects.all().count() + host_active_num = Asset.objects.filter(is_active=True).count() + # else: + # pass username = User.objects.get(id=user_id).name apply_info = Apply.objects.filter(admin=username, status=0, read=0) diff --git a/jumpserver/templatetags/mytags.py b/jumpserver/templatetags/mytags.py index b8b236dfe..c0d5dedbc 100644 --- a/jumpserver/templatetags/mytags.py +++ b/jumpserver/templatetags/mytags.py @@ -290,7 +290,7 @@ def to_dept_name(user_id): @register.filter(name='to_role_name') def to_role_name(role_id): - role_dict = {'0': '普通用户', '1': '部门管理员', '2': '超级管理员'} + role_dict = {'0': '普通用户', '1': '组管理员', '2': '超级管理员'} return role_dict.get(str(role_id), '未知') @@ -302,7 +302,7 @@ def to_avatar(role_id='0'): @register.filter(name='get_user_asset_group') def get_user_asset_group(user): - return user_perm_group_api(user) + return user.get_asset_group() @register.filter(name='group_asset_list') diff --git a/jumpserver/views.py b/jumpserver/views.py index e9d2819a2..e56452084 100644 --- a/jumpserver/views.py +++ b/jumpserver/views.py @@ -50,12 +50,9 @@ def get_data(data, items, option): @require_role(role='user') def index_cu(request): user_id = request.session.get('user_id') - user = User.objects.filter(id=user_id) - if user: - user = user[0] + user = get_object(User, id=user_id) login_types = {'L': 'LDAP', 'M': 'MAP'} - user_id = request.session.get('user_id') - username = User.objects.get(id=user_id).username + username = user.username posts = user.get_asset() host_count = len(posts) new_posts = [] @@ -91,16 +88,16 @@ def index(request): week_data = Log.objects.filter(start_time__range=[from_week, datetime.datetime.now()]) elif is_role_request(request, 'admin'): - user = get_session_user_info(request)[2] - dept_name, dept = get_session_user_info(request)[4:] - users = User.objects.filter(dept=dept) - hosts = Asset.objects.filter(dept=dept) - online = Log.objects.filter(dept_name=dept_name, is_finished=0) - online_host = online.values('host').distinct() - online_user = online.values('user').distinct() - active_users = users.filter(is_active=1) - active_hosts = hosts.filter(is_active=1) - week_data = Log.objects.filter(dept_name=dept_name, start_time__range=[from_week, datetime.datetime.now()]) + return index_cu(request) + # user = get_session_user_info(request)[2] + # users = User.objects.filter(dept=dept) + # hosts = Asset.objects.filter(dept=dept) + # online = Log.objects.filter(dept_name=dept_name, is_finished=0) + # online_host = online.values('host').distinct() + # online_user = online.values('user').distinct() + # active_users = users.filter(is_active=1) + # active_hosts = hosts.filter(is_active=1) + # week_data = Log.objects.filter(dept_name=dept_name, start_time__range=[from_week, datetime.datetime.now()]) # percent of dashboard if users.count() == 0: @@ -157,32 +154,32 @@ def skin_config(request): return render_to_response('skin_config.html') -def pages(posts, r): - """分页公用函数""" - contact_list = posts - p = paginator = Paginator(contact_list, 10) - try: - current_page = int(r.GET.get('page', '1')) - except ValueError: - current_page = 1 - - page_range = page_list_return(len(p.page_range), current_page) - - try: - contacts = paginator.page(current_page) - except (EmptyPage, InvalidPage): - contacts = paginator.page(paginator.num_pages) - - if current_page >= 5: - show_first = 1 - else: - show_first = 0 - if current_page <= (len(p.page_range) - 3): - show_end = 1 - else: - show_end = 0 - - return contact_list, p, contacts, page_range, current_page, show_first, show_end +# def pages(posts, r): +# """分页公用函数""" +# contact_list = posts +# p = paginator = Paginator(contact_list, 10) +# try: +# current_page = int(r.GET.get('page', '1')) +# except ValueError: +# current_page = 1 +# +# page_range = page_list_return(len(p.page_range), current_page) +# +# try: +# contacts = paginator.page(current_page) +# except (EmptyPage, InvalidPage): +# contacts = paginator.page(paginator.num_pages) +# +# if current_page >= 5: +# show_first = 1 +# else: +# show_first = 0 +# if current_page <= (len(p.page_range) - 3): +# show_end = 1 +# else: +# show_end = 0 +# +# return contact_list, p, contacts, page_range, current_page, show_first, show_end def is_latest(): diff --git a/juser/models.py b/juser/models.py index d2a0d9f8d..67325ef7f 100644 --- a/juser/models.py +++ b/juser/models.py @@ -120,6 +120,11 @@ class User(models.Model): else: return assets_info + def update(self, **kwargs): + for key, value in kwargs.items(): + self.__setattr__(key, value) + self.save() + class AdminGroup(models.Model): """ diff --git a/juser/urls.py b/juser/urls.py index 4f3e5daa5..1be8d0f5e 100644 --- a/juser/urls.py +++ b/juser/urls.py @@ -22,7 +22,8 @@ urlpatterns = patterns('juser.views', (r'^user_del_ajax/$', 'user_del_ajax'), (r'^user_edit/$', view_splitter, {'su': user_edit, 'adm': user_edit_adm}), (r'^profile/$', 'profile'), - (r'^chg_info/$', 'chg_info'), + (r'^change_info/$', 'change_info'), + (r'^regen_ssh_key/$', 'regen_ssh_key'), (r'^chg_role/$', 'chg_role'), (r'^down_key/$', 'down_key'), ) diff --git a/juser/views.py b/juser/views.py index c77f90cd2..833500b33 100644 --- a/juser/views.py +++ b/juser/views.py @@ -55,7 +55,7 @@ def group_add(request): else: msg = u'添加组 %s 成功' % group_name - return render_to_response('juser/group_add.html', locals(), context_instance=RequestContext(request)) + return my_render('juser/group_add.html', locals(), request) @require_role(role='super') @@ -72,7 +72,7 @@ def group_list(request): user_group_list = user_group_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)) contacts, p, contacts, page_range, current_page, show_first, show_end = pages(user_group_list, request) - return render_to_response('juser/group_list.html', locals(), context_instance=RequestContext(request)) + return my_render('juser/group_list.html', locals(), request) @require_role(role='super') @@ -169,7 +169,7 @@ def group_edit(request): users_selected = user_group.user_set.all() users_remain = [user for user in users_all if user not in users_selected] - return render_to_response('juser/group_edit.html', locals(), context_instance=RequestContext(request)) + return my_render('juser/group_edit.html', locals(), request) # @require_role(role='admin') @@ -275,7 +275,7 @@ def user_add(request): if MAIL_ENABLE and send_mail_need: user_add_mail(user, kwargs=locals()) msg = get_display_msg(user, password, ssh_key_pwd, ssh_key_login_need, send_mail_need) - return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request)) + return my_render('juser/user_add.html', locals(), request) # @require_role(role='admin') @@ -369,7 +369,7 @@ def user_list(request): contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) - return render_to_response('juser/user_list.html', locals(), context_instance=RequestContext(request)) + return my_render('juser/user_list.html', locals(), request) # @require_role(role='admin') @@ -413,12 +413,13 @@ def user_detail(request): user = get_object(User, id=user_id) if user: + pass # asset_group_permed = user.get_asset_group() - logs_last = Log.objects.filter(user=user.name).order_by('-start_time')[0:10] - logs_all = Log.objects.filter(user=user.name).order_by('-start_time') - logs_num = len(logs_all) + # logs_last = Log.objects.filter(user=user.name).order_by('-start_time')[0:10] + # logs_all = Log.objects.filter(user=user.name).order_by('-start_time') + # logs_num = len(logs_all) - return render_to_response('juser/user_detail.html', locals(), context_instance=RequestContext(request)) + return my_render('juser/user_detail.html', locals(), request) @require_role(role='admin') @@ -545,9 +546,8 @@ def user_edit(request): extra = request.POST.getlist('extra', []) is_active = True if '0' in extra else False email_need = True if '2' in extra else False - user_role = {'SU': u'超级管理员', 'DA': u'部门管理员', 'CU': u'普通用户'} - print '#'*10 + str(email_need) - print extra + user_role = {'SU': u'超级管理员', 'GA': u'部门管理员', 'CU': u'普通用户'} + if user_id: user = get_object(User, id=user_id) else: @@ -568,8 +568,9 @@ def user_edit(request): role=role_post, is_active=is_active) - if email_need: + print '#'* 10 + role_post + if email_need: msg = u""" Hi %s: 您的信息已修改,请登录跳板机查看详细信息 @@ -579,68 +580,69 @@ def user_edit(request): 角色:%s """ % (user.name, URL, user.username, password_decode, user_role.get(role_post, u'')) - send_mail('您的信息已修改', msg, MAIL_FROM, [email], fail_silently=False) return HttpResponseRedirect('/juser/user_list/') - return render_to_response('juser/user_edit.html', locals(), context_instance=RequestContext(request)) + return my_render('juser/user_edit.html', locals(), request) -@require_role(role='admin') +# @require_role(role='admin') def user_edit_adm(request): - header_title, path1, path2 = '编辑用户', '用户管理', '用户编辑' - user, dept = get_session_user_dept(request) - if request.method == 'GET': - user_id = request.GET.get('id', '') - if not user_id: - return HttpResponseRedirect('/juser/user_list/') - - if not validate(request, user=[user_id]): - return HttpResponseRedirect('/juser/user_list/') - - user = User.objects.filter(id=user_id) - dept_all = DEPT.objects.all() - group_all = dept.usergroup_set.all() - if user: - user = user[0] - groups_str = ' '.join([str(group.id) for group in user.group.all()]) - - else: - user_id = request.POST.get('user_id', '') - password = request.POST.get('password', '') - name = request.POST.get('name', '') - email = request.POST.get('email', '') - groups = request.POST.getlist('groups', []) - ssh_key_pwd = request.POST.get('ssh_key_pwd', '') - is_active = True if request.POST.get('is_active', '1') == '1' else False - - if not validate(request, user=[user_id], user_group=groups): - return HttpResponseRedirect('/juser/user_edit/') - if user_id: - user = User.objects.filter(id=user_id) - if user: - user = user[0] - else: - return HttpResponseRedirect('/juser/user_list/') - - if password != user.password: - password = CRYPTOR.md5_crypt(password) - - if ssh_key_pwd != user.ssh_key_pwd: - ssh_key_pwd = CRYPTOR.encrypt(ssh_key_pwd) - - db_update_user(user_id=user_id, - password=password, - name=name, - email=email, - groups=groups, - is_active=is_active, - ssh_key_pwd=ssh_key_pwd) - - return HttpResponseRedirect('/juser/user_list/') - - return render_to_response('juser/user_edit.html', locals(), context_instance=RequestContext(request)) + pass +# header_title, path1, path2 = '编辑用户', '用户管理', '用户编辑' +# user, dept = get_session_user_dept(request) +# if request.method == 'GET': +# user_id = request.GET.get('id', '') +# if not user_id: +# return HttpResponseRedirect('/juser/user_list/') +# +# if not validate(request, user=[user_id]): +# return HttpResponseRedirect('/juser/user_list/') +# +# user = User.objects.filter(id=user_id) +# dept_all = DEPT.objects.all() +# group_all = dept.usergroup_set.all() +# if user: +# user = user[0] +# groups_str = ' '.join([str(group.id) for group in user.group.all()]) +# +# else: +# user_id = request.POST.get('user_id', '') +# password = request.POST.get('password', '') +# name = request.POST.get('name', '') +# email = request.POST.get('email', '') +# groups = request.POST.getlist('groups', []) +# ssh_key_pwd = request.POST.get('ssh_key_pwd', '') +# is_active = True if request.POST.get('is_active', '1') == '1' else False +# +# if not validate(request, user=[user_id], user_group=groups): +# return HttpResponseRedirect('/juser/user_edit/') +# if user_id: +# user = User.objects.filter(id=user_id) +# if user: +# user = user[0] +# else: +# return HttpResponseRedirect('/juser/user_list/') +# +# if password != user.password: +# password = CRYPTOR.md5_crypt(password) +# +# if ssh_key_pwd != user.ssh_key_pwd: +# ssh_key_pwd = CRYPTOR.encrypt(ssh_key_pwd) +# +# db_update_user(user_id=user_id, +# password=password, +# name=name, +# email=email, +# groups=groups, +# is_active=is_active, +# ssh_key_pwd=ssh_key_pwd) +# +# return HttpResponseRedirect('/juser/user_list/') +# +# return render_to_response('juser/user_edit.html', locals(), context_instance=RequestContext(request)) +# def profile(request): @@ -651,40 +653,46 @@ def profile(request): return render_to_response('juser/profile.html', locals(), context_instance=RequestContext(request)) -def chg_info(request): +def change_info(request): header_title, path1, path2 = '修改信息', '用户管理', '修改个人信息' user_id = request.session.get('user_id') - user_set = User.objects.filter(id=user_id) + user = get_object(User, id=user_id) error = '' - if user_set: - user = user_set[0] - else: + if not user: return HttpResponseRedirect('/') if request.method == 'POST': name = request.POST.get('name', '') password = request.POST.get('password', '') - ssh_key_pwd = request.POST.get('ssh_key_pwd', '') email = request.POST.get('email', '') - if '' in [name, password, ssh_key_pwd, email]: + if '' in [name, password, email]: error = '不能为空' - if len(password) < 6 or len(ssh_key_pwd) < 6: + if len(password) < 6 : error = '密码须大于6位' if not error: if password != user.password: password = CRYPTOR.md5_crypt(password) - if ssh_key_pwd != user.ssh_key_pwd: - gen_ssh_key(user.username, ssh_key_pwd) - ssh_key_pwd = CRYPTOR.md5_crypt(ssh_key_pwd) - - user_set.update(name=name, password=password, ssh_key_pwd=ssh_key_pwd, email=email) + user.update(name=name, password=password, email=email) msg = '修改成功' - return render_to_response('juser/chg_info.html', locals(), context_instance=RequestContext(request)) + return render_to_response('juser/change_info.html', locals(), context_instance=RequestContext(request)) + + +@require_role(role='user') +def regen_ssh_key(request): + uuid = request.GET.get('uuid', '') + user = get_object(User, uuid=uuid) + if not user: + return HttpResponse('没有该用户') + + username = user.username + ssh_key_pass = PyCrypt.random_pass(16) + gen_ssh_key(username, ssh_key_pass) + return HttpResponse('ssh密钥已生成,密码为 %s, 请到下载页面下载' % ssh_key_pass) @require_role(role='user') @@ -693,21 +701,14 @@ def down_key(request): if is_role_request(request, 'super'): user_id = request.GET.get('id') - if is_role_request(request, 'admin'): - user_id = request.GET.get('id') - if not validate(request, user=[user_id]): - user_id = request.session.get('user_id') - if is_role_request(request, 'user'): user_id = request.session.get('user_id') if user_id: - user = User.objects.filter(id=user_id) + user = get_object(User, id=user_id) if user: - user = user[0] username = user.username - private_key_dir = os.path.join(BASE_DIR, 'keys/jumpserver/') - private_key_file = os.path.join(private_key_dir, username+".pem") + private_key_file = os.path.join(BASE_DIR, 'keys/jumpserver', username+".pem") if os.path.isfile(private_key_file): f = open(private_key_file) data = f.read() diff --git a/templates/index_cu.html b/templates/index_cu.html index 116613fab..b52f2b4dc 100644 --- a/templates/index_cu.html +++ b/templates/index_cu.html @@ -16,12 +16,6 @@ - @@ -117,10 +111,6 @@ 角色 {{ user.id | get_role }} - - 部门 - {{ user.dept.name }} - Email {{ user.email }} diff --git a/templates/juser/chg_info.html b/templates/juser/change_info.html similarity index 82% rename from templates/juser/chg_info.html rename to templates/juser/change_info.html index 1658d6a4b..521e96ec4 100644 --- a/templates/juser/chg_info.html +++ b/templates/juser/change_info.html @@ -14,15 +14,7 @@ - - - - + @@ -59,11 +51,11 @@
- +
- + 重新生成 - 登陆 Jumpserver 使用的SSH密钥的密码,更改密钥密码需要重新下载密钥 + 重新生成密钥,需要重新下载并导入
@@ -89,7 +81,9 @@ +{% endblock %} +{% block self_footer_js %} - - {% endblock %} \ No newline at end of file diff --git a/templates/juser/group_list.html b/templates/juser/group_list.html index 6958e47b6..4085685c9 100644 --- a/templates/juser/group_list.html +++ b/templates/juser/group_list.html @@ -32,7 +32,7 @@
diff --git a/templates/juser/profile.html b/templates/juser/profile.html index 7be33cce4..80d880ba7 100644 --- a/templates/juser/profile.html +++ b/templates/juser/profile.html @@ -24,7 +24,6 @@ 用户名 姓名 角色 - 部门 Email 激活 {# 添加时间#} @@ -38,7 +37,6 @@ {{ user.username }} {{ user.name }} {{ user.id | get_role }} - {{ user.dept.name }} {{ user.email }} {{ user.is_active|bool2str }} {# {{ user.date_joined }}#} diff --git a/templates/juser/user_detail.html b/templates/juser/user_detail.html index 883085ed8..88b284c4f 100644 --- a/templates/juser/user_detail.html +++ b/templates/juser/user_detail.html @@ -48,10 +48,6 @@ 角色 {{ user.id | get_role }} - - 部门 - {{ user.dept.name }} - Email {{ user.email }} diff --git a/templates/juser/user_list.html b/templates/juser/user_list.html index 0f9c2827c..b470c5e84 100644 --- a/templates/juser/user_list.html +++ b/templates/juser/user_list.html @@ -10,18 +10,12 @@
查看用户
- + - @@ -37,7 +31,7 @@
diff --git a/templates/nav_li_profile.html b/templates/nav_li_profile.html index 47c8dcd70..14c55cdba 100644 --- a/templates/nav_li_profile.html +++ b/templates/nav_li_profile.html @@ -7,7 +7,7 @@ - {{ session_user_id | to_name}} {{ session_user_id | to_dept_name}} + {{ session_user_id | to_name}} {{ session_role_id | to_role_name }} @@ -16,8 +16,8 @@