sudo privilege删除走api

pull/530/head
Administrator 2016-11-20 14:48:18 +08:00
parent 39ae4a3a10
commit 5ae2711c6e
6 changed files with 98 additions and 151 deletions

View File

@ -1,7 +1,7 @@
# ~*~ coding: utf-8 ~*~
from __future__ import unicode_literals, print_function
from ..models import HostAlia, UserAlia, CmdAlia, RunasAlia, Extra_conf
from ..models import HostAlia, UserAlia, CmdAlia, RunasAlia, Extra_conf, Privilege, Sudo
from rest_framework import serializers
@ -34,3 +34,16 @@ class ExtraconfSerializer(serializers.ModelSerializer):
class Meta:
model = Extra_conf
class PrivilegeSerializer(serializers.ModelSerializer):
class Meta:
model = Privilege
class SudoSerializer(serializers.ModelSerializer):
class Meta:
model = Sudo

View File

@ -193,3 +193,55 @@ class ExtraconfViewSet(viewsets.GenericViewSet):
pass
class PrivilegeViewSet(viewsets.GenericViewSet):
queryset = Privilege.objects.all()
serializer_class = PrivilegeSerializer
permission_classes = None
def list(self):
pass
def create(self):
pass
def retrieve(self, *args, **kwargs):
pass
def update(self, *args, **kwargs):
pass
def destroy(self, *args, **kwargs):
privilege = self.get_object()
privilege.delete()
return Response(status=status.HTTP_204_NO_CONTENT)
def perform_create(self):
pass
class SudoViewSet(viewsets.GenericViewSet):
queryset = Sudo.objects.all()
serializer_class = SudoSerializer
permission_classes = None
def list(self):
pass
def create(self):
pass
def retrieve(self, *args, **kwargs):
pass
def update(self, *args, **kwargs):
pass
def destroy(self, *args, **kwargs):
sudo = self.get_object()
sudo.delete()
return Response(status=status.HTTP_204_NO_CONTENT)
def perform_create(self):
pass

View File

@ -274,49 +274,29 @@ class Sudo(models.Model):
"""
Sudo配置文件对象, 用于配置sudo的配置文件
:param user_alias: <dict> {<alia>: <users_list>}
:param cmnd_alias: <dict> {<alia>: <commands_list>}
:param host_alias: <dict> {<alia>: <hosts_list>}
:param runas_alias: <dict> {<alia>: <runas_list>}
:param extra_lines: <list> [<line1>, <line2>,...]
:param privileges: <list> [(user, host, runas, command, nopassword),]
"""
asset = models.ForeignKey(Asset, null=True, blank=True, related_name='sudos')
host_alias = models.ManyToManyField(HostAlia, related_name='sudos', blank=True)
user_alias = models.ManyToManyField(UserAlia, related_name='sudos', blank=True)
cmnd_alias = models.ManyToManyField(CmdAlia, related_name='sudos', blank=True)
runas_alias = models.ManyToManyField(RunasAlia, related_name='sudos', blank=True)
extra_lines = models.ManyToManyField(Extra_conf, related_name='sudos', blank=True)
privilege_items = models.ManyToManyField(Privilege, related_name='sudos', blank=True)
@property
def users(self):
ret = {}
for user in self.user_alias.all():
ret[user.name] = user.user_items.split(',')
return ret
return {privilege.user.name: privilege.user.user_items.split(',') for privilege in self.privilege_items.all()}
@property
def commands(self):
ret = {}
for cmd in self.cmnd_alias.all():
ret[cmd.name] = cmd.cmd_items.split(',')
return ret
return {privilege.command.name: privilege.command.cmd_items.split(',') for privilege in self.privilege_items.all()}
@property
def hosts(self):
ret = {}
for host in self.host_alias.all():
ret[host.name] = host.host_items.split(',')
return ret
return {privilege.host.name: privilege.host.host_items.split(',') for privilege in self.privilege_items.all()}
@property
def runas(self):
ret = {}
for runas in self.runas_alias.all():
ret[runas.name] = runas.runas_items.split(',')
return ret
return {privilege.runas.name: privilege.runas.runas_items.split(',') for privilege in self.privilege_items.all()}
@property
def extras(self):
@ -391,7 +371,7 @@ root ALL=(ALL:ALL) ALL
# JumpServer Generate User privilege is here.
# Note privileges is a tuple list like [(user, host, runas, command, nopassword),]
{% if privileges -%}
{% if Privileges -%}
{% for User_Flag, Host_Flag, Runas_Flag, Command_Flag, NopassWord in Privileges -%}
{% if NopassWord -%}
{{ User_Flag }} {{ Host_Flag }}=({{ Runas_Flag }}) NOPASSWD: {{ Command_Flag }}

View File

@ -20,11 +20,11 @@ router.register(r'Extraconf', api_view.ExtraconfViewSet)
urlpatterns = [
# Resource Sudo url
url(r'^sudo/list$', mvc_view.SudoListView.as_view(), name='sudo-list'),
url(r'^sudo/create', mvc_view.SudoCreateView.as_view(), name='sudo-create'),
url(r'^sudo/detail', mvc_view.SudoDetailView.as_view(), name='sudo-detail'),
url(r'^sudo/update', mvc_view.SudoUpdateView.as_view(), name='sudo-update'),
url(r'^sudo/delete', mvc_view.SudoDeleteView.as_view(), name='sudo-delete'),
url(r'^sudo/list$', mvc_view.SudoListView.as_view(), name='sudo-list'),
url(r'^sudo/create$', mvc_view.SudoCreateView.as_view(), name='sudo-create'),
url(r'^sudo/detail$', mvc_view.SudoDetailView.as_view(), name='sudo-detail'),
url(r'^sudo/update$', mvc_view.SudoUpdateView.as_view(), name='sudo-update'),
url(r'^sudo/delete$', mvc_view.SudoDeleteView.as_view(), name='sudo-delete'),
]
urlpatterns += [

View File

@ -1,41 +1,16 @@
# ~*~ coding: utf-8 ~*~
class CreateHostAliasMinxin(object):
pass
class CreateSudoPrivilegesMixin(object):
def create_privilege(self):
pass
class CreateUserAliasMinxin(object):
pass
class ListSudoPrivilegesMixin(object):
def get_all_privilege(self):
pass
class CreateCmdAliasMinxin(object):
pass
class CreateRunasAliasMinxin(object):
pass
class CreateExtralineAliasMinxin(object):
pass
class UpdateHostAliasMinxin(object):
pass
class UpdateUserAliasMinxin(object):
pass
class UpdateCmdAliasMinxin(object):
pass
class UpdateRunasAliasMinxin(object):
pass
class UpdateExtralineAliasMinxin(object):
pass

View File

@ -7,102 +7,29 @@ from django.views.generic.edit import CreateView, DeleteView, UpdateView
from django.views.generic.detail import DetailView, SingleObjectMixin
from .hands import AdminUserRequiredMixin
from .utils import CreateSudoPrivilegesMixin, ListSudoPrivilegesMixin
from models import *
class SudoListView(AdminUserRequiredMixin, ListView):
class SudoListView(AdminUserRequiredMixin, ListSudoPrivilegesMixin, ListView):
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
model = Asset
context_object_name = 'asset_list'
template_name = 'assets/asset_list.html'
def get_queryset(self):
queryset = super(AssetListView, self).get_queryset()
queryset = sorted(queryset, key=self.sorted_by_valid_and_ip)
return queryset
@staticmethod
def sorted_by_valid_and_ip(asset):
ip_list = int_seq(asset.ip.split('.'))
ip_list.insert(0, asset.is_valid()[0])
return ip_list
def get_context_data(self, **kwargs):
context = {
'app': 'Assets',
'action': 'asset list',
'tag_list': [(i.id,i.name,i.asset_set.all().count())for i in Tag.objects.all().order_by('name')]
}
kwargs.update(context)
return super(AssetListView, self).get_context_data(**kwargs)
model = Sudo
context_object_name = 'sudos'
template_name = 'sudo/list.html'
class SudoCreateView(AdminUserRequiredMixin, CreateView):
model = Asset
tag_type = 'asset'
form_class = AssetCreateForm
template_name = 'assets/asset_create.html'
success_url = reverse_lazy('assets:asset-list')
def form_valid(self, form):
asset = form.save()
asset.created_by = self.request.user.username or 'Admin'
asset.save()
return super(AssetCreateView, self).form_valid(form)
def form_invalid(self, form):
print(form.errors)
return super(AssetCreateView, self).form_invalid(form)
def get_context_data(self, **kwargs):
context = {
'app': 'Assets',
'action': 'Create asset',
}
kwargs.update(context)
return super(AssetCreateView, self).get_context_data(**kwargs)
class SudoCreateView(AdminUserRequiredMixin, CreateSudoPrivilegesMixin, CreateView):
model = Sudo
template_name = 'sudo/create.html'
class SudoUpdateView(AdminUserRequiredMixin, UpdateView):
model = Asset
form_class = AssetCreateForm
template_name = 'assets/asset_update.html'
success_url = reverse_lazy('assets:asset-list')
def get_context_data(self, **kwargs):
context = {
'app': 'Assets',
'action': 'Update asset',
}
kwargs.update(context)
return super(AssetUpdateView, self).get_context_data(**kwargs)
def form_invalid(self, form):
print(form.errors)
return super(AssetUpdateView, self).form_invalid(form)
class SudoDeleteView(DeleteView):
model = Asset
template_name = 'assets/delete_confirm.html'
success_url = reverse_lazy('assets:asset-list')
model = Sudo
template_name = 'sudo/update.html'
class SudoDetailView(DetailView):
model = Asset
context_object_name = 'asset'
template_name = 'assets/asset_detail.html'
model = Sudo
context_object_name = 'sudo'
template_name = 'sudo/detail.html'
def get_context_data(self, **kwargs):
asset_groups = self.object.groups.all()
context = {
'app': 'Assets',
'action': 'Asset detail',
'asset_groups_remain': [asset_group for asset_group in AssetGroup.objects.all()
if asset_group not in asset_groups],
'asset_groups': asset_groups,
}
kwargs.update(context)
return super(AssetDetailView, self).get_context_data(**kwargs)