From 6b1b33481c6acb607e701911c4b18b00048f0617 Mon Sep 17 00:00:00 2001
From: ibuler <ibuler@qq.com>
Date: Thu, 19 Nov 2015 23:11:00 +0800
Subject: [PATCH] =?UTF-8?q?=E4=B8=80=E4=BA=9Bjs,=20setting=E7=9A=84KEY=5FD?=
 =?UTF-8?q?IR,=20=E4=B8=8B=E8=BD=BD=E7=A7=98=E9=92=A5=E9=89=B4=E5=AE=9A?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 jumpserver.conf                        |  2 +-
 jumpserver/api.py                      |  4 +++-
 jumpserver/settings.py                 |  2 +-
 jumpserver/templatetags/mytags.py      | 11 +++++++++++
 juser/user_api.py                      |  6 +++---
 templates/jasset/asset_edit_batch.html | 10 +++++-----
 templates/juser/user_list.html         |  8 +++++++-
 7 files changed, 31 insertions(+), 12 deletions(-)

diff --git a/jumpserver.conf b/jumpserver.conf
index ac9506672..6297ab00a 100644
--- a/jumpserver.conf
+++ b/jumpserver.conf
@@ -9,7 +9,7 @@ log = debug
 host = 127.0.0.1
 port = 3306
 user = jumpserver
-password = mysql1234
+password = mysql234
 database = jumpserver
 
 [websocket]
diff --git a/jumpserver/api.py b/jumpserver/api.py
index 3870540d9..6dc1a1602 100644
--- a/jumpserver/api.py
+++ b/jumpserver/api.py
@@ -386,7 +386,7 @@ def bash(cmd):
     return subprocess.call(cmd, shell=True)
 
 
-def mkdir(dir_name, mode=0755):
+def mkdir(dir_name, username='root', mode=0755):
     """
     insure the dir exist and mode ok
     目录存在，如果不存在就建立，并且权限正确
@@ -394,6 +394,8 @@ def mkdir(dir_name, mode=0755):
     if not os.path.isdir(dir_name):
         os.makedirs(dir_name)
     os.chmod(dir_name, mode)
+    if username:
+        bash('chown %s:%s %s' % (username, username, dir_name))
 
 
 def http_success(request, msg):
diff --git a/jumpserver/settings.py b/jumpserver/settings.py
index c4bf90f46..be8464d38 100644
--- a/jumpserver/settings.py
+++ b/jumpserver/settings.py
@@ -17,7 +17,7 @@ config = ConfigParser.ConfigParser()
 
 BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__)))
 config.read(os.path.join(BASE_DIR, 'jumpserver.conf'))
-KEY_DIR = os.path.join(BASE_DIR, 'keys/role_keys')
+KEY_DIR = os.path.join(BASE_DIR, 'keys')
 
 
 DB_HOST = config.get('db', 'host')
diff --git a/jumpserver/templatetags/mytags.py b/jumpserver/templatetags/mytags.py
index 8dcdf377c..5af20cdd6 100644
--- a/jumpserver/templatetags/mytags.py
+++ b/jumpserver/templatetags/mytags.py
@@ -226,3 +226,14 @@ def ip_str_to_list(ip_str):
     ip str to list
     """
     return ip_str.split(',')
+
+
+@register.filter(name='key_exist')
+def key_exist(username):
+    """
+    ssh key is exist or not
+    """
+    if os.path.isfile(os.path.join(KEY_DIR, 'user', username)):
+        return True
+    else:
+        return False
diff --git a/juser/user_api.py b/juser/user_api.py
index 911c554ee..87e7b5cc5 100644
--- a/juser/user_api.py
+++ b/juser/user_api.py
@@ -123,21 +123,21 @@ def db_del_user(username):
 
 def gen_ssh_key(username, password='',
                 key_dir=os.path.join(KEY_DIR, 'user'),
-
                 authorized_keys=True, home="/home", length=2048):
     """
     generate a user ssh key in a property dir
     生成一个用户ssh密钥对
     """
+    logger.debug('生成ssh key， 并设置authorized_keys')
     private_key_file = os.path.join(key_dir, username)
-    mkdir(private_key_file, username)
+    mkdir(key_dir)
     if os.path.isfile(private_key_file):
         os.unlink(private_key_file)
     ret = bash('echo -e  "y\n"|ssh-keygen -t rsa -f %s -b %s -P "%s"' % (private_key_file, length, password))
 
     if authorized_keys:
         auth_key_dir = os.path.join(home, username, '.ssh')
-        mkdir(auth_key_dir, username, mode=0700)
+        mkdir(auth_key_dir, mode=0700)
         authorized_key_file = os.path.join(auth_key_dir, 'authorized_keys')
         with open(private_key_file+'.pub') as pub_f:
             with open(authorized_key_file, 'w') as auth_f:
diff --git a/templates/jasset/asset_edit_batch.html b/templates/jasset/asset_edit_batch.html
index b41afcb7b..5422a75b1 100644
--- a/templates/jasset/asset_edit_batch.html
+++ b/templates/jasset/asset_edit_batch.html
@@ -54,17 +54,17 @@
                         <div class="col-sm-2">
                             <div class="radio i-checks">
                                 <label>
-                                    <input type="radio" checked="" value="no_action" name="use_default_auth"><span> 不修改 </span>
+                                    <input type="radio" checked="" value="no_action" id="no" name="use_default_auth" class="auth"><span> 不修改 </span>
                                 </label>
                             </div>
                             <div class="radio i-checks">
                                 <label>
-                                    <input type="radio" name="use_default_auth"><span> 使用默认 </span>
+                                    <input type="radio" id="default" name="use_default_auth" class="auth"><span> 使用默认 </span>
                                 </label>
                             </div>
                             <div class="radio i-checks">
                                 <label>
-                                    <input type="radio" id="id_use_default_auth" name="use_default_auth"><span> 用户名密码 </span>
+                                    <input type="radio" id="pass" name="use_default_auth" class="auth"><span> 用户名密码 </span>
                                 </label>
                             </div>
                         </div>
@@ -140,8 +140,8 @@
             $('#uuid').val(ids)
         });
 
-        $('#id_use_default_auth').click(function(){
-            if ($(this).is(':checked')){
+        $('.auth').click(function(){
+            if ($(this).attr('id') == 'pass'){
                 $('#admin_account').css('display', 'block')
             }
             else {
diff --git a/templates/juser/user_list.html b/templates/juser/user_list.html
index 18b527373..62e938bce 100644
--- a/templates/juser/user_list.html
+++ b/templates/juser/user_list.html
@@ -64,7 +64,13 @@
                                 <td class="text-center" title="{% for user_group in user.group.all %} {{ user_group.name }} {% endfor %}"> {{ user.group.all | groups2str  }} </td>
                                 <td class="text-center"> {{ user.id | get_role }}</td>
                                 <td class="text-center">{{ user.is_active | bool2str }}</td>
-                                <td class="text-center"><a href="/juser/down_key/?id={{ user.id }}">下载</a></td>
+                                <td class="text-center">
+                                    {% if user.username|key_exist %}
+                                        <a  href="/juser/down_key/?id={{ user.id }}" >下载</a>
+                                    {% else %}
+                                        <span style="color: #586b7d">下载</span>
+                                    {% endif %}
+                                </td>
                                 <td class="text-center">
                                     <a href="../user_detail/?id={{ user.id }}" class="btn btn-xs btn-primary">详情</a>
                                     <a href="../user_edit/?id={{ user.id }}" class="btn btn-xs btn-info">编辑</a>