一些js, setting的KEY_DIR, 下载秘钥鉴定

9 years ago · 6b1b33481c
parent 1471e0a247
commit 6b1b33481c
7 changed files with 31 additions and 12 deletions
--- a/jumpserver.conf
+++ b/jumpserver.conf
@ -9,7 +9,7 @@ log = debug
 host = 127.0.0.1
 port = 3306
 user = jumpserver
-password = mysql1234
+password = mysql234
 database = jumpserver

 [websocket]
--- a/jumpserver/api.py
+++ b/jumpserver/api.py
@ -386,7 +386,7 @@ def bash(cmd):
    return subprocess.call(cmd, shell=True)


-def mkdir(dir_name, mode=0755):
+def mkdir(dir_name, username='root', mode=0755):
    """
    insure the dir exist and mode ok
    目录存在，如果不存在就建立，并且权限正确
@ -394,6 +394,8 @@ def mkdir(dir_name, mode=0755):
    if not os.path.isdir(dir_name):
        os.makedirs(dir_name)
    os.chmod(dir_name, mode)
+    if username:
+        bash('chown %s:%s %s' % (username, username, dir_name))


 def http_success(request, msg):
--- a/jumpserver/settings.py
+++ b/jumpserver/settings.py
@ -17,7 +17,7 @@ config = ConfigParser.ConfigParser()

 BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__)))
 config.read(os.path.join(BASE_DIR, 'jumpserver.conf'))
-KEY_DIR = os.path.join(BASE_DIR, 'keys/role_keys')
+KEY_DIR = os.path.join(BASE_DIR, 'keys')


 DB_HOST = config.get('db', 'host')
--- a/jumpserver/templatetags/mytags.py
+++ b/jumpserver/templatetags/mytags.py
@ -226,3 +226,14 @@ def ip_str_to_list(ip_str):
    ip str to list
    """
    return ip_str.split(',')
+
+
+@register.filter(name='key_exist')
+def key_exist(username):
+    """
+    ssh key is exist or not
+    """
+    if os.path.isfile(os.path.join(KEY_DIR, 'user', username)):
+        return True
+    else:
+        return False
--- a/juser/user_api.py
+++ b/juser/user_api.py
@ -123,21 +123,21 @@ def db_del_user(username):

 def gen_ssh_key(username, password='',
                key_dir=os.path.join(KEY_DIR, 'user'),
-
                authorized_keys=True, home="/home", length=2048):
    """
    generate a user ssh key in a property dir
    生成一个用户ssh密钥对
    """
+    logger.debug('生成ssh key， 并设置authorized_keys')
    private_key_file = os.path.join(key_dir, username)
-    mkdir(private_key_file, username)
+    mkdir(key_dir)
    if os.path.isfile(private_key_file):
        os.unlink(private_key_file)
    ret = bash('echo -e  "y\n"|ssh-keygen -t rsa -f %s -b %s -P "%s"' % (private_key_file, length, password))

    if authorized_keys:
        auth_key_dir = os.path.join(home, username, '.ssh')
-        mkdir(auth_key_dir, username, mode=0700)
+        mkdir(auth_key_dir, mode=0700)
        authorized_key_file = os.path.join(auth_key_dir, 'authorized_keys')
        with open(private_key_file+'.pub') as pub_f:
            with open(authorized_key_file, 'w') as auth_f:
--- a/templates/jasset/asset_edit_batch.html
+++ b/templates/jasset/asset_edit_batch.html
@ -54,17 +54,17 @@
                        <div class="col-sm-2">
                            <div class="radio i-checks">
                                <label>
-                                    <input type="radio" checked="" value="no_action" name="use_default_auth"><span> 不修改 </span>
+                                    <input type="radio" checked="" value="no_action" id="no" name="use_default_auth" class="auth"><span> 不修改 </span>
                                </label>
                            </div>
                            <div class="radio i-checks">
                                <label>
-                                    <input type="radio" name="use_default_auth"><span> 使用默认 </span>
+                                    <input type="radio" id="default" name="use_default_auth" class="auth"><span> 使用默认 </span>
                                </label>
                            </div>
                            <div class="radio i-checks">
                                <label>
-                                    <input type="radio" id="id_use_default_auth" name="use_default_auth"><span> 用户名密码 </span>
+                                    <input type="radio" id="pass" name="use_default_auth" class="auth"><span> 用户名密码 </span>
                                </label>
                            </div>
                        </div>
@ -140,8 +140,8 @@
            $('#uuid').val(ids)
        });

-        $('#id_use_default_auth').click(function(){
-            if ($(this).is(':checked')){
+        $('.auth').click(function(){
+            if ($(this).attr('id') == 'pass'){
                $('#admin_account').css('display', 'block')
            }
            else {
--- a/templates/juser/user_list.html
+++ b/templates/juser/user_list.html
@ -64,7 +64,13 @@
                                <td class="text-center" title="{% for user_group in user.group.all %} {{ user_group.name }} {% endfor %}"> {{ user.group.all | groups2str  }} </td>
                                <td class="text-center"> {{ user.id | get_role }}</td>
                                <td class="text-center">{{ user.is_active | bool2str }}</td>
-                                <td class="text-center"><a href="/juser/down_key/?id={{ user.id }}">下载</a></td>
+                                <td class="text-center">
+                                    {% if user.username|key_exist %}
+                                        <a  href="/juser/down_key/?id={{ user.id }}" >下载</a>
+                                    {% else %}
+                                        <span style="color: #586b7d">下载</span>
+                                    {% endif %}
+                                </td>
                                <td class="text-center">
                                    <a href="../user_detail/?id={{ user.id }}" class="btn btn-xs btn-primary">详情</a>
                                    <a href="../user_edit/?id={{ user.id }}" class="btn btn-xs btn-info">编辑</a>