去掉runas

jperm/models.py

@@ -22,7 +22,6 @@ class SysUser(models.Model):
 class PermSudo(models.Model):
     name = models.CharField(max_length=100, unique=True)
     date_added = models.DateTimeField(auto_now=True)
-    runas = models.CharField(max_length=200, default='root')
     commands = models.TextField()
     comment = models.CharField(max_length=100, null=True, blank=True, default='')
 

jperm/views.py

@@ -466,12 +466,12 @@ def perm_role_push(request):
                 ret_failed["step2-2"] = "failed"
 
         # 3. 推送sudo配置文件
-        role_chosen_aliase = {}  # {'dev': [sudo1, sudo2], 'sa': [sudo2, sudo3]}
+        role_chosen_aliase = {}  # {'dev': 'NETWORKING, SHUTDOWN', 'sa': 'NETWORKING, SHUTDOWN'}
         sudo_alias = set()     # set(sudo1, sudo2, sudo3)
         for role in roles_obj:
             sudos = set([sudo for sudo in role.sudo.all()])
             sudo_alias.update(sudos)
-            role_chosen_aliase[role.name] = sudos
+            role_chosen_aliase[role.name] = ','.join(sudo.name for sudo in sudos)
         add_sudo_script = get_add_sudo_script(role_chosen_aliase, sudo_alias)
         ret_sudo = task.push_sudo_file(add_sudo_script)
 
@@ -533,14 +533,13 @@ def perm_sudo_add(request):
     if request.method == "POST":
         # 获取参数： name, comment
         name = request.POST.get("sudo_name").strip()
-        runas = request.POST.get('sudo_runas', 'root').strip()
         comment = request.POST.get("sudo_comment").strip()
         commands = request.POST.get("sudo_commands").strip()
 
         if get_object(PermSudo, name=name):
             error = 'Sudo别名 %s已经存在' % name
         else:
-            sudo = PermSudo(name=name.strip(), runas=runas, comment=comment, commands=commands.strip())
+            sudo = PermSudo(name=name.strip(), comment=comment, commands=commands.strip())
             sudo.save()
             msg = u"添加Sudo命令别名: %s" % name
         # 渲染数据
@@ -564,11 +563,9 @@ def perm_sudo_edit(request):
     if request.method == "POST":
         name = request.POST.get("sudo_name")
         commands = request.POST.get("sudo_commands")
-        runas = request.POST.get('sudo_runas', 'root')
         comment = request.POST.get("sudo_comment")
         sudo.name = name.strip()
         sudo.commands = commands.strip()
-        sudo.runas = runas.strip()
         sudo.comment = comment
         sudo.save()
 

jumpserver.conf

@@ -9,7 +9,7 @@ log = debug
 host = 127.0.0.1
 port = 3306
 user = jumpserver
-password = mysql1234
+password = mysql234
 database = jumpserver
 
 [websocket]

templates/jperm/perm_sudo_add.html

@@ -35,13 +35,6 @@
                                 </div>
                             </div>
                             <div class="hr-line-dashed"></div>
-                            <div class="form-group">
-                                <label for="sudo_runas" class="col-sm-2 control-label">RunAs<span class="red-fonts">*</span></label>
-                                <div class="col-sm-8">
-                                    <input id="sudo_runas" name="sudo_runas" placeholder="Sudo RunAs User" type="text" class="form-control">
-                                </div>
-                            </div>
-                            <div class="hr-line-dashed"></div>
                             <div class="form-group">
                                 <label for="sudo_commands" class="col-sm-2 control-label">系统命令<span class="red-fonts">*</span></label>
                                 <div class="col-sm-8">

templates/jperm/perm_sudo_edit.html

@@ -40,13 +40,6 @@
                                 </div>
                             </div>
                             <div class="hr-line-dashed"></div>
-                            <div class="form-group">
-                                <label for="sudo_runas" class="col-sm-2 control-label">RunAs<span class="red-fonts">*</span></label>
-                                <div class="col-sm-8">
-                                    <input id="sudo_runas" name="sudo_runas" placeholder="Sudo RunAs User" type="text" class="form-control" value="{{ sudo.runas }}">
-                                </div>
-                            </div>
-                            <div class="hr-line-dashed"></div>
                             <div class="form-group">
                                 <label for="sudo_commands_label" class="col-sm-2 control-label">系统命令<span class="red-fonts">*</span></label>
                                 <div class="col-sm-8">

templates/jperm/role_sudo.j2

@@ -17,14 +17,12 @@ add_cmd_alias() {
 
 
 add_role_chosen() {
-    {% for role, sudos in role_chosen_aliase.items %}
-        {% for sudo in sudos %}
-        if $(grep '^{{ role }}.*sudo.name' ${sudo_file} &> /dev/null); then
-            sed -i 's@^{{ role }}.*sudo.name@{{ role }} ALL = ({{ sudo.runas }}) NOPASSWD: {{ sudo.name }}@g' ${sudo_file}
+    {% for role, alias in role_chosen_aliase.items %}
+        if $(grep '^{{ role }}.*' ${sudo_file} &> /dev/null); then
+            sed -i 's@^{{ role }}.*@{{ role }} ALL =  NOPASSWD: {{ alias }}@g' ${sudo_file}
         else
-            echo "{{ role }} ALL = ({{ sudo.runas }}) NOPASSWD: {{ sudo.name }}"  >> ${sudo_file}
+            echo "{{ role }} ALL =  NOPASSWD: {{ alias }}"  >> ${sudo_file}
         fi
-        {% endfor %}
     {% endfor %}
 }