sudo privilege删除走api

apps/ops/api/serializers.py

@@ -1,7 +1,7 @@
 # ~*~ coding: utf-8 ~*~
 
 from __future__ import unicode_literals, print_function
-from ..models import HostAlia, UserAlia, CmdAlia, RunasAlia, Extra_conf
+from ..models import HostAlia, UserAlia, CmdAlia, RunasAlia, Extra_conf, Privilege, Sudo
 from rest_framework import serializers
 
 
@@ -34,3 +34,16 @@ class ExtraconfSerializer(serializers.ModelSerializer):
     class Meta:
         model = Extra_conf
 
+
+class PrivilegeSerializer(serializers.ModelSerializer):
+
+    class Meta:
+        model = Privilege
+
+
+class SudoSerializer(serializers.ModelSerializer):
+
+    class Meta:
+        model = Sudo
+
+

apps/ops/api/views.py

@@ -193,3 +193,55 @@ class ExtraconfViewSet(viewsets.GenericViewSet):
         pass
 
 
+class PrivilegeViewSet(viewsets.GenericViewSet):
+    queryset = Privilege.objects.all()
+    serializer_class = PrivilegeSerializer
+    permission_classes = None
+
+    def list(self):
+        pass
+
+    def create(self):
+        pass
+
+    def retrieve(self, *args, **kwargs):
+        pass
+
+    def update(self, *args, **kwargs):
+        pass
+
+    def destroy(self, *args, **kwargs):
+        privilege = self.get_object()
+        privilege.delete()
+        return Response(status=status.HTTP_204_NO_CONTENT)
+
+    def perform_create(self):
+        pass
+
+
+class SudoViewSet(viewsets.GenericViewSet):
+    queryset = Sudo.objects.all()
+    serializer_class = SudoSerializer
+    permission_classes = None
+
+    def list(self):
+        pass
+
+    def create(self):
+        pass
+
+    def retrieve(self, *args, **kwargs):
+        pass
+
+    def update(self, *args, **kwargs):
+        pass
+
+    def destroy(self, *args, **kwargs):
+        sudo = self.get_object()
+        sudo.delete()
+        return Response(status=status.HTTP_204_NO_CONTENT)
+
+    def perform_create(self):
+        pass
+
+

apps/ops/models.py

@@ -274,49 +274,29 @@ class Sudo(models.Model):
     """
     Sudo配置文件对象, 用于配置sudo的配置文件
 
-    :param user_alias: <dict> {<alia>: <users_list>}
-    :param cmnd_alias: <dict> {<alia>: <commands_list>}
-    :param host_alias: <dict> {<alia>: <hosts_list>}
-    :param runas_alias: <dict> {<alia>: <runas_list>}
     :param extra_lines: <list> [<line1>, <line2>,...]
     :param privileges: <list> [(user, host, runas, command, nopassword),]
     """
 
     asset = models.ForeignKey(Asset, null=True, blank=True, related_name='sudos')
-    host_alias = models.ManyToManyField(HostAlia, related_name='sudos', blank=True)
-    user_alias = models.ManyToManyField(UserAlia, related_name='sudos', blank=True)
-    cmnd_alias = models.ManyToManyField(CmdAlia, related_name='sudos', blank=True)
-    runas_alias = models.ManyToManyField(RunasAlia, related_name='sudos', blank=True)
     extra_lines = models.ManyToManyField(Extra_conf, related_name='sudos', blank=True)
     privilege_items = models.ManyToManyField(Privilege, related_name='sudos', blank=True)
 
     @property
     def users(self):
-        ret = {}
+        return {privilege.user.name: privilege.user.user_items.split(',') for privilege in self.privilege_items.all()}
-        for user in self.user_alias.all():
-            ret[user.name] = user.user_items.split(',')
-        return ret
 
     @property
     def commands(self):
-        ret = {}
+        return {privilege.command.name: privilege.command.cmd_items.split(',') for privilege in self.privilege_items.all()}
-        for cmd in self.cmnd_alias.all():
-            ret[cmd.name] = cmd.cmd_items.split(',')
-        return ret
 
     @property
     def hosts(self):
-        ret = {}
+        return {privilege.host.name: privilege.host.host_items.split(',') for privilege in self.privilege_items.all()}
-        for host in self.host_alias.all():
-            ret[host.name] = host.host_items.split(',')
-        return ret
 
     @property
     def runas(self):
-        ret = {}
+        return {privilege.runas.name: privilege.runas.runas_items.split(',') for privilege in self.privilege_items.all()}
-        for runas in self.runas_alias.all():
-            ret[runas.name] = runas.runas_items.split(',')
-        return ret
 
     @property
     def extras(self):
@@ -391,7 +371,7 @@ root    ALL=(ALL:ALL) ALL
 
 # JumpServer Generate User privilege is here.
 # Note privileges is a tuple list like [(user, host, runas, command, nopassword),]
-{% if privileges -%}
+{% if Privileges -%}
 {% for User_Flag, Host_Flag, Runas_Flag, Command_Flag, NopassWord in Privileges -%}
 {% if NopassWord -%}
 {{ User_Flag }} {{ Host_Flag }}=({{ Runas_Flag }}) NOPASSWD: {{ Command_Flag }}

apps/ops/urls.py

@@ -21,10 +21,10 @@ router.register(r'Extraconf',  api_view.ExtraconfViewSet)
 urlpatterns = [
     # Resource Sudo url
     url(r'^sudo/list$',   mvc_view.SudoListView.as_view(),   name='sudo-list'),
-    url(r'^sudo/create', mvc_view.SudoCreateView.as_view(), name='sudo-create'),
+    url(r'^sudo/create$', mvc_view.SudoCreateView.as_view(), name='sudo-create'),
-    url(r'^sudo/detail', mvc_view.SudoDetailView.as_view(), name='sudo-detail'),
+    url(r'^sudo/detail$', mvc_view.SudoDetailView.as_view(), name='sudo-detail'),
-    url(r'^sudo/update', mvc_view.SudoUpdateView.as_view(), name='sudo-update'),
+    url(r'^sudo/update$', mvc_view.SudoUpdateView.as_view(), name='sudo-update'),
-    url(r'^sudo/delete', mvc_view.SudoDeleteView.as_view(), name='sudo-delete'),
+    url(r'^sudo/delete$', mvc_view.SudoDeleteView.as_view(), name='sudo-delete'),
 ]
 
 urlpatterns += [

apps/ops/utils.py

@@ -1,41 +1,16 @@
 # ~*~ coding: utf-8 ~*~
 
 
-class CreateHostAliasMinxin(object):
+class CreateSudoPrivilegesMixin(object):
+
+    def create_privilege(self):
         pass
 
 
-class CreateUserAliasMinxin(object):
+class ListSudoPrivilegesMixin(object):
+
+    def get_all_privilege(self):
         pass
 
 
-class CreateCmdAliasMinxin(object):
-    pass
 
-
-class CreateRunasAliasMinxin(object):
-    pass
-
-
-class CreateExtralineAliasMinxin(object):
-    pass
-
-
-class UpdateHostAliasMinxin(object):
-    pass
-
-
-class UpdateUserAliasMinxin(object):
-    pass
-
-
-class UpdateCmdAliasMinxin(object):
-    pass
-
-
-class UpdateRunasAliasMinxin(object):
-    pass
-
-
-class UpdateExtralineAliasMinxin(object):
-    pass

apps/ops/views.py

@@ -7,102 +7,29 @@ from django.views.generic.edit import CreateView, DeleteView, UpdateView
 from django.views.generic.detail import DetailView, SingleObjectMixin
 
 from .hands import AdminUserRequiredMixin
+from .utils import CreateSudoPrivilegesMixin, ListSudoPrivilegesMixin
+from models import *
 
 
-class SudoListView(AdminUserRequiredMixin, ListView):
+class SudoListView(AdminUserRequiredMixin, ListSudoPrivilegesMixin, ListView):
     paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
-    model = Asset
+    model = Sudo
-    context_object_name = 'asset_list'
+    context_object_name = 'sudos'
-    template_name = 'assets/asset_list.html'
+    template_name = 'sudo/list.html'
-
-    def get_queryset(self):
-        queryset = super(AssetListView, self).get_queryset()
-        queryset = sorted(queryset, key=self.sorted_by_valid_and_ip)
-        return queryset
-
-    @staticmethod
-    def sorted_by_valid_and_ip(asset):
-        ip_list = int_seq(asset.ip.split('.'))
-        ip_list.insert(0, asset.is_valid()[0])
-        return ip_list
-
-    def get_context_data(self, **kwargs):
-        context = {
-            'app': 'Assets',
-            'action': 'asset list',
-            'tag_list': [(i.id,i.name,i.asset_set.all().count())for i in Tag.objects.all().order_by('name')]
-
-        }
-        kwargs.update(context)
-        return super(AssetListView, self).get_context_data(**kwargs)
 
 
-class SudoCreateView(AdminUserRequiredMixin, CreateView):
+class SudoCreateView(AdminUserRequiredMixin, CreateSudoPrivilegesMixin, CreateView):
-    model = Asset
+    model = Sudo
-    tag_type = 'asset'
+    template_name = 'sudo/create.html'
-    form_class = AssetCreateForm
-    template_name = 'assets/asset_create.html'
-    success_url = reverse_lazy('assets:asset-list')
-
-    def form_valid(self, form):
-        asset = form.save()
-        asset.created_by = self.request.user.username or 'Admin'
-        asset.save()
-        return super(AssetCreateView, self).form_valid(form)
-
-    def form_invalid(self, form):
-        print(form.errors)
-        return super(AssetCreateView, self).form_invalid(form)
-
-
-    def get_context_data(self, **kwargs):
-        context = {
-            'app': 'Assets',
-            'action': 'Create asset',
-        }
-        kwargs.update(context)
-
-        return super(AssetCreateView, self).get_context_data(**kwargs)
 
 
 class SudoUpdateView(AdminUserRequiredMixin, UpdateView):
-    model = Asset
+    model = Sudo
-    form_class = AssetCreateForm
+    template_name = 'sudo/update.html'
-    template_name = 'assets/asset_update.html'
-    success_url = reverse_lazy('assets:asset-list')
-
-    def get_context_data(self, **kwargs):
-        context = {
-            'app': 'Assets',
-            'action': 'Update asset',
-        }
-        kwargs.update(context)
-        return super(AssetUpdateView, self).get_context_data(**kwargs)
-
-    def form_invalid(self, form):
-        print(form.errors)
-        return super(AssetUpdateView, self).form_invalid(form)
-
-
-class SudoDeleteView(DeleteView):
-    model = Asset
-    template_name = 'assets/delete_confirm.html'
-    success_url = reverse_lazy('assets:asset-list')
 
 
 class SudoDetailView(DetailView):
-    model = Asset
+    model = Sudo
-    context_object_name = 'asset'
+    context_object_name = 'sudo'
-    template_name = 'assets/asset_detail.html'
+    template_name = 'sudo/detail.html'
 
-    def get_context_data(self, **kwargs):
-        asset_groups = self.object.groups.all()
-        context = {
-            'app': 'Assets',
-            'action': 'Asset detail',
-            'asset_groups_remain': [asset_group for asset_group in AssetGroup.objects.all()
-                                   if asset_group not in asset_groups],
-            'asset_groups': asset_groups,
-        }
-        kwargs.update(context)
-        return super(AssetDetailView, self).get_context_data(**kwargs)