github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

޸

Browse Source
pull/6/head
ibuler 10 years ago
parent 9ab855fd92
commit 6d6e9d97b5
7 changed files with 27 additions and 24 deletions
Show Stats Download Patch File Download Diff File

7
jasset/views.py
Unescape View File

@ -338,10 +338,13 @@ def host_list(request):
Q(bis_group__name__contains=keyword) |
Q(comment__contains=keyword)).distinct().order_by('ip')
if did:
if is_common_user(request) or is_group_admin(request):
if is_common_user(request):
return httperror(request, u'您无权查看!')
dept = DEPT.objects.get(id=did)
if is_group_admin(request):
user, dept = get_session_user_dept(request)
else:
dept = DEPT.objects.get(id=did)
posts = dept.asset_set.all()
return my_render('jasset/host_list_nop.html', locals(), request)

3
jperm/views.py
Unescape View File

@ -176,8 +176,9 @@ def perm_edit_adm(request):
else:
user_group_id = request.POST.get('user_group_id')
asset_group_id_list = request.POST.getlist('asset_groups_select')
print user_group_id, asset_group_id_list
if not validate(request, user_group=[user_group_id], asset_group=asset_group_id_list):
return HttpResponseRedirect('/jperm/perm_list/')
return HttpResponseRedirect('/')
perm_group_update(user_group_id, asset_group_id_list)
return HttpResponseRedirect('/jperm/perm_list/')

17
jumpserver/api.py
Unescape View File

@ -383,9 +383,9 @@ def get_connect_item(username, ip):
def validate(request, user_group=None, user=None, asset_group=None, asset=None, edept=None):
dept = get_session_user_dept(request)[1]
if edept:
if dept.name != edept[0]:
print dept.id, edept[0]
if dept.id != int(edept[0]):
return False
if user_group:
dept_user_groups = dept.usergroup_set.all()
user_group_ids = []
@ -398,8 +398,8 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None,
if user:
dept_users = dept.user_set.all()
user_ids = []
for user in dept_users:
user_ids.append(str(user.id))
for dept_user in dept_users:
user_ids.append(str(dept_user.id))
if not set(user).issubset(set(user_ids)):
return False
@ -408,7 +408,7 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None,
dept_asset_groups = dept.bisgroup_set.all()
asset_group_ids = []
for group in dept_asset_groups:
asset_group_ids.append(group.id)
asset_group_ids.append(str(group.id))
if not set(asset_group).issubset(set(asset_group_ids)):
return False
@ -416,8 +416,8 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None,
if asset:
dept_assets = dept.asset_set.all()
asset_ids = []
for asset in dept_assets:
asset_ids.append(str(asset.id))
for dept_asset in dept_assets:
asset_ids.append(str(dept_asset.id))
if not set(asset).issubset(set(asset_ids)):
return False
@ -453,7 +453,7 @@ def verify(request, user_group=None, user=None, asset_group=None, asset=None, ed
dept_asset_groups = dept.bisgroup_set.all()
asset_group_ids = []
for group in dept_asset_groups:
asset_group_ids.append(group.id)
asset_group_ids.append(str(group.id))
if not set(asset_group).issubset(set(asset_group_ids)):
return False
@ -465,7 +465,6 @@ def verify(request, user_group=None, user=None, asset_group=None, asset=None, ed
dept_assets_id.append(int(a.id))
for i in asset:
assets_id.append(int(i))
print assets_id, dept_assets_id
if not set(assets_id).issubset(dept_assets_id):
return False

16
juser/views.py
Unescape View File

@ -692,14 +692,14 @@ def user_add_adm(request):
pass
else:
try:
db_add_user(username=username,
password=md5_crypt(password),
name=name, email=email, dept=dept,
groups=groups, role='CU',
ssh_key_pwd=md5_crypt(ssh_key_pwd),
ldap_pwd=CRYPTOR.encrypt(ldap_pwd),
is_active=is_active,
date_joined=datetime.datetime.now())
user = db_add_user(username=username,
password=md5_crypt(password),
name=name, email=email, dept=dept,
groups=groups, role='CU',
ssh_key_pwd=md5_crypt(ssh_key_pwd),
ldap_pwd=CRYPTOR.encrypt(ldap_pwd),
is_active=is_active,
date_joined=datetime.datetime.now())
server_add_user(username, password, ssh_key_pwd)
if LDAP_ENABLE:

2
log_handler.py
Unescape View File

@ -16,7 +16,7 @@ from jlog.models import Log
def log_hanler(id):
log = Log.objects.get(id=id)
pattern = re.compile(r'(\[.*@.*\][\$#].*) | (mysql>.*)')
pattern = re.compile(r'([\[.*@.*\][\$#].* | mysql>.*])')
if log:
filename = log.log_path
if os.path.isfile(filename):

2
templates/jlog/log_online.html
Unescape View File

@ -154,7 +154,7 @@
// tag.append('<p>'+escapeString(obj.content.replace(regx,''))+'</p>');
if (option == 'new') {
// tag.append('<p style="margin: 2px">' + escapeString(obj.content) + '</p>');
tag.append('<p>'+escapeString(obj.content.replace(regx,' '))+'</p>');
tag.append('<p style="margin: 2px">'+escapeString(obj.content.replace(regx,' '))+'</p>');
} else if (option == 'exist') {
tag.append('<pre>' + exsit_message + '</pre>');
}

4
templates/juser/user_list.html
Unescape View File

@ -79,8 +79,8 @@
<a href="../user_edit/?id={{ user.id }}" class="btn btn-xs btn-info">编辑</a>
<a href="../user_del/?id={{ user.id }}" class="btn btn-xs btn-danger {% if user.username == 'admin' %} disabled {% endif %}">删除</a>
{% else %}
<a href="../user_edit/?id={{ user.id }}" class="btn btn-xs btn-info {% if user.role == 'CU' %} disabled {% endif %}">编辑</a>
<a href="../user_del/?id={{ user.id }}" class="btn btn-xs btn-danger {% if user.role == 'CU' %} disabled {% endif %}">删除</a>
<a href="../user_edit/?id={{ user.id }}" class="btn btn-xs btn-info {% if user.role != 'CU' %} disabled {% endif %}">编辑</a>
<a href="../user_del/?id={{ user.id }}" class="btn btn-xs btn-danger {% if user.role != 'CU' %} disabled {% endif %}">删除</a>
{% endifequal %}
</td>
</tr>

Write Preview
Loading…
Cancel
Save