github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

Finish permission create and list

pull/530/head
ibuler 2016-09-11 22:45:24 +08:00
parent f558ded5bb
commit 6d736d7309
10 changed files with 109 additions and 144 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/assets/migrations/0001_initial.py
View File

@ -1,5 +1,5 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10 on 2016-09-10 16:40
# Generated by Django 1.10 on 2016-09-11 09:22
from __future__ import unicode_literals
from django.db import migrations, models

24
apps/perms/forms.py
View File

@ -4,23 +4,33 @@ from __future__ import absolute_import, unicode_literals
from django import forms
from django.utils.translation import ugettext_lazy as _
from .hands import User, UserGroup, Asset, AssetGroup, SystemUser
from .models import PermUserAsset
# from .hands import User, UserGroup, Asset, AssetGroup, SystemUser
from .models import AssetPermission
class PermUserAssetForm(forms.ModelForm):
class AssetPermissionForm(forms.ModelForm):
class Meta:
model = PermUserAsset
model = AssetPermission
fields = [
'user', 'action', 'assets', 'asset_groups', 'system_users', 'date_expired', 'comment'
'name', 'users', 'user_groups', 'assets', 'asset_groups',
'system_users', 'action', 'is_active', 'date_expired', 'comment',
]
widgets = {
'user': forms.HiddenInput(attrs={'style': 'display: none'}),
'users': forms.SelectMultiple(attrs={'class': 'select2',
'data-placeholder': _('Select users')}),
'user_groups': forms.SelectMultiple(attrs={'class': 'select2',
'data-placeholder': _('Select user groups')}),
'assets': forms.SelectMultiple(attrs={'class': 'select2',
'data-placeholder': _('Select assets')}),
'asset_groups': forms.SelectMultiple(attrs={'class': 'select2',
'data-placeholder': _('Select asset groups')}),
'system_users': forms.SelectMultiple(attrs={'class': 'select2',
'data-placeholder': _('Select system users')}),
}
help_texts = {
'name': '* required',
'user_groups': '* User or user group at least one required',
'asset_groups': '* Asset or Asset group at least one required',
'system_users': '* required',
}

62
apps/perms/models.py
View File

@ -9,70 +9,34 @@ from assets.models import Asset, AssetGroup, SystemUser
from common.utils import date_expired_default
class PermUserAsset(models.Model):
class AssetPermission(models.Model):
ACTION_CHOICE = (
('1', 'Allow'),
('0', 'Deny'),
)
user = models.ForeignKey(User, on_delete=models.CASCADE)
name = models.CharField(max_length=128, verbose_name=_('Name'))
users = models.ManyToManyField(User, related_name='asset_permissions')
user_groups = models.ManyToManyField(UserGroup, related_name='asset_permissions')
assets = models.ManyToManyField(Asset, related_name='granted_by_permissions', blank=True)
asset_groups = models.ManyToManyField(AssetGroup, related_name='granted_by_permissions', blank=True)
system_users = models.ManyToManyField(SystemUser, related_name='granted_by_permissions')
action = models.CharField(choices=ACTION_CHOICE, max_length=8, default='1')
assets = models.ManyToManyField(Asset, blank=True)
asset_groups = models.ManyToManyField(AssetGroup, blank=True)
system_users = models.ManyToManyField(SystemUser, blank=True)
is_active = models.BooleanField(default=True)
date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired'))
created_by = models.CharField(max_length=128, blank=True)
date_created = models.DateTimeField(auto_now=True)
comment = models.TextField(verbose_name=_('Comment'), blank=True)
def __unicode__(self):
return '%(id)s: %(user)s %(action)s' % {
'id': self.id,
'user': self.user.username,
'action': self.action,
}
return '%(name)s: %(action)s' % {'name': self.name, 'action': self.action}
@property
def is_expired(self):
if self.date_expired > timezone.now():
return False
else:
def is_valid(self):
if self.date_expired < timezone.now() and is_active:
return True
return True
class Meta:
db_table = 'perm_user_asset'
class PermUserGroupAsset(models.Model):
ACTION_CHOICES = (
('0', 'Deny'),
('1', 'Allow'),
)
user_group = models.ForeignKey(User, on_delete=models.CASCADE)
action = models.CharField(choices=ACTION_CHOICES, max_length=8, default='1')
assets = models.ManyToManyField(Asset, blank=True)
asset_groups = models.ManyToManyField(AssetGroup, blank=True)
system_users = models.ManyToManyField(SystemUser, blank=True)
date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired'))
created_by = models.CharField(max_length=128)
date_created = models.DateTimeField(auto_now=True)
comment = models.TextField(verbose_name=_('Comment'))
def __unicode__(self):
return '%(id)s: %(user)s %(action)s' % {
'id': self.id,
'user': self.user_group.name,
'action': self.action,
}
@property
def is_expired(self):
if self.date_expired > timezone.now():
return False
else:
return True
class Meta:
db_table = 'perm_user_group_asset'
db_table = 'asset_permission'

24
apps/perms/templates/perms/perm_user_asset_create.html → apps/perms/templates/perms/asset_permission_create.html
View File

@ -14,7 +14,7 @@
<div class="col-sm-12">
<div class="ibox float-e-margins">
<div class="ibox-title">
<h5>{% trans 'Create asset perm for ' %}<b>{{ user.name }}</b></h5>
<h5>{% trans 'Create asset permission ' %}</h5>
<div class="ibox-tools">
<a class="collapse-link">
<i class="fa fa-chevron-up"></i>
@ -28,13 +28,29 @@
</div>
</div>
<div class="ibox-content">
<form enctype="multipart/form-data" method="post" class="form-horizontal" action="" >
<form method="post" class="form-horizontal" action="" >
{% csrf_token %}
<input name="{{ form.user.html_name }}" hidden="hidden" style="display: none" value="{{ user.id }}">
{{ form.action|bootstrap_horizontal }}
<h3>{% trans 'Name' %}</h3>
{{ form.name|bootstrap_horizontal }}
<div class="hr-line-dashed"></div>
<h3>{% trans 'User' %}</h3>
{{ form.users|bootstrap_horizontal }}
{{ form.user_groups|bootstrap_horizontal }}
<div class="hr-line-dashed"></div>
<h3>{% trans 'Asset' %}</h3>
{{ form.assets|bootstrap_horizontal }}
{{ form.asset_groups|bootstrap_horizontal }}
{{ form.system_users |bootstrap_horizontal }}
<div class="hr-line-dashed"></div>
<h3>{% trans 'Other' %}</h3>
{{ form.action|bootstrap_horizontal }}
<div class="form-group">
<label for="{{ form.is_active.id_for_label }}" class="col-sm-2 control-label">{% trans 'Active' %}</label>
<div class="col-sm-8">
{{ form.is_active }}
</div>
</div>
<div class="form-group {% if form.date_expired.errors %} has-error {% endif %}" id="date_5">
<label for="{{ form.date_expired.id_for_label }}" class="col-sm-2 control-label">{{ form.date_expired.label }}</label>

28
apps/perms/templates/perms/user_asset_permission_list.html → apps/perms/templates/perms/asset_permission_list.html
View File

@ -2,41 +2,49 @@
{% load i18n %}
{% load common_tags %}
{% block content_left_head %}
<a href="{% url 'users:user-create' %}" class="btn btn-sm btn-primary "> {% trans "Batch create perm " %} </a>
<a href="{% url 'perms:asset-permission-create' %}" class="btn btn-sm btn-primary "> {% trans "Create permission" %} </a>
{% endblock %}
{% block table_head %}
<th class="text-center">
<input type="checkbox" id="check_all" onclick="checkAll('check_all', 'checked')">
</th>
<th class="text-center"><a href="{% url 'perms:user-permission-list' %}?sort=name">{% trans 'Name' %}</a></th>
<th class="text-center"><a href="{% url 'perms:user-permission-list' %}?sort=username">{% trans 'Username' %}</a></th>
<th class="text-center"><a href="{% url 'perms:asset-permission-list' %}?sort=name">{% trans 'Name' %}</a></th>
<th class="text-center">{% trans 'User count' %}</th>
<th class="text-center">{% trans 'User group count' %}</th>
<th class="text-center">{% trans 'Asset count' %}</th>
<th class="text-center">{% trans 'Asset group count' %}</th>
<th class="text-center">{% trans 'System user count' %}</th>
<th class="text-center"><a href="{% url 'users:user-list' %}?sort=date_expired">{% trans 'Is expired' %}</a></th>
<th class="text-center"><a href="{% url 'users:user-list' %}?sort=date_expired">{% trans 'Is valid' %}</a></th>
<th class="text-center"></th>
{% endblock %}
{% block table_body %}
{% for permission in user_permission_list %}
{% for permission in asset_permission_list %}
<tr class="gradeX">
<td class="text-center">
<input type="checkbox" name="checked" value="{{ permission.id }}">
</td>
<td class="text-center">
<a href="">
{{ permission.user.name }}
{{ permission.name }}
</a>
</td>
<td class="text-center">{{ permission.user.username }}</td>
<td class="text-center">{{ permission.users.count}}</td>
<td class="text-center">{{ permission.user_groups.count}}</td>
<td class="text-center">{{ permission.assets.count }}</td>
<td class="text-center">{{ permission.asset_groups.count }}</td>
<td class="text-center">{{ permission.system_users.count }}</td>
<td class="text-center">{{ permission.is_expired }}</td>
<td class="text-center">
<a href="{% url 'perms:user-asset-permission-create' pk=user.id %}" class="btn btn-xs btn-info">{% trans 'Create perm' %}</a>
<a href="{% url 'users:user-delete' pk=user.id %}" class="btn btn-xs btn-danger del {% if user.id == request.user.id or user.username == 'admin' %} disabled {% endif %}">{% trans 'Flush' %}</a>
{% if permission.is_valid %}
<i class="fa fa-check text-navy"></i>
{% else %}
<i class="fa fa-times text-danger"></i>
{% endif %}
</td>
<td class="text-center">
<a href="" class="btn btn-xs btn-info">{% trans 'Update' %}</a>
<a href="" class="btn btn-xs btn-danger del">{% trans 'Delete' %}</a>
</td>
</tr>
{% endfor %}

12
apps/perms/urls.py
View File

@ -6,15 +6,7 @@ import views
app_name = 'perms'
urlpatterns = [
# Resource asset url
url(r'^user$', views.PermUserListView.as_view(), name='perm-user-list'),
url(r'^user/(?P<pk>[0-9]+)/perm-asset/$', views.PermUserAssetListView.as_view(), name='perm-user-asset-list'),
url(r'^user/(?P<pk>[0-9]+)/perm-asset/create$', views.PermUserAssetCreateView.as_view(),
name='perm-user-asset-create'),
# url(r'^user/(?P<user>[0-9]+)$', views.AssetListView.as_view(), name='asset-list'),
# url(r'^asset/create$', views.AssetCreateView.as_view(), name='asset-create'),
# url(r'^asset/(?P<pk>[0-9]+)$', views.AssetDetailView.as_view(), name='asset-detail'),
# url(r'^asset/(?P<pk>[0-9]+)/update', views.AssetUpdateView.as_view(), name='asset-update'),
# url(r'^asset/(?P<pk>[0-9]+)/delete$', views.AssetDeleteView.as_view(), name='asset-delete'),
url(r'^asset-permission$', views.UserAssetPermissionListView.as_view(), name='asset-permission-list'),
url(r'^asset-permission/create$', views.UserAssetPermissionCreateView.as_view(), name='asset-permission-create'),
]

85
apps/perms/views.py
View File

@ -12,33 +12,40 @@ from django.contrib.messages.views import SuccessMessageMixin
from django.views.generic.detail import DetailView, SingleObjectMixin
from .hands import AdminUserRequiredMixin, User, UserGroup
from .models import PermUserAsset, PermUserGroupAsset
from .forms import PermUserAssetForm
from .models import AssetPermission
from .forms import AssetPermissionForm
class PermUserListView(AdminUserRequiredMixin, ListView):
model = User
class UserAssetPermissionListView(AdminUserRequiredMixin, ListView):
model = AssetPermission
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
context_object_name = 'user_list'
template_name = 'perms/perm_user_list.html'
context_object_name = 'asset_permission_list'
template_name = 'perms/asset_permission_list.html'
def get_context_data(self, **kwargs):
context = {
'app': _('Perms'),
'action': _('Perms user list'),
'action': _('Asset permission list'),
'keyword': self.request.GET.get('keyword', '')
}
kwargs.update(context)
return super(PermUserListView, self).get_context_data(**kwargs)
return super(UserAssetPermissionListView, self).get_context_data(**kwargs)
def get_queryset(self):
# Todo: Default order by lose asset connection num
self.queryset = super(PermUserListView, self).get_queryset()
self.queryset = super(UserAssetPermissionListView, self).get_queryset()
self.keyword = keyword = self.request.GET.get('keyword', '')
self.sort = sort = self.request.GET.get('sort', '-date_joined')
self.sort = sort = self.request.GET.get('sort', '-date_created')
if keyword:
self.queryset = self.queryset.filter(Q(name__icontains=keyword) |
self.queryset = self.queryset.filter(Q(users__name__icontains=keyword) |
Q(users__username__icontains=keyword) |
Q(user_groups__name__icontains=keyword) |
Q(assets__ip__icontains=keyword) |
Q(assets__hostname__icontains=keyword) |
Q(system_users__username_icontains=keyword) |
Q(system_users__name_icontains=keyword) |
Q(asset_groups__name__icontains=keyword) |
Q(comment__icontains=keyword))
if sort:
@ -46,57 +53,25 @@ class PermUserListView(AdminUserRequiredMixin, ListView):
return self.queryset
class PermUserAssetListView(AdminUserRequiredMixin, SingleObjectMixin, ListView):
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
context_object_name = 'perm_user_asset_list'
template_name = 'perms/perm_user_asset_list.html'
model = User
def get(self, request, *args, **kwargs):
self.object = self.get_object(queryset=User.objects.all())
return super(PermUserAssetListView, self).get(request, *args, **kwargs)
def get_context_data(self, **kwargs):
context = {
'app': _('Assets'),
'action': _('User perm asset list'),
'keyword': self.request.GET.get('keyword', '')
}
kwargs.update(context)
return super(PermUserAssetListView, self).get_context_data(**kwargs)
def get_queryset(self):
self.queryset = self.object.permuserasset_set.all()
return self.queryset
class PermUserAssetCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView):
model = PermUserAsset
form_class = PermUserAssetForm
template_name = 'perms/perm_user_asset_create_update.html'
success_url = reverse_lazy('perms:perm-user-list')
success_message = _('Create user asset perm <a href="%s">%s</a> successfully.')
def get_initial(self):
return {'user': self.get_object(queryset=User.objects.all())}
def form_invalid(self, form):
print(form.errors)
return super(PermUserAssetCreateView, self).form_invalid(form)
class UserAssetPermissionCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView):
model = AssetPermission
form_class = AssetPermissionForm
template_name = 'perms/asset_permission_create.html'
success_url = reverse_lazy('perms:asset-permission-list')
success_message = _('Create asset <a href="%s"> %s </a> perm successfully.')
def get_context_data(self, **kwargs):
context = {
'app': _('Perms'),
'action': _('Create user asset perm'),
'user': self.get_object(queryset=User.objects.all()),
'action': _('Create asset permission'),
}
kwargs.update(context)
return super(PermUserAssetCreateView, self).get_context_data(**kwargs)
return super(UserAssetPermissionCreateView, self).get_context_data(**kwargs)
def get_success_message(self, cleaned_data):
return self.success_message % (
reverse_lazy('perms:perm-user-asset-list', kwargs={'pk': self.object.user.id})
)
# def get_success_message(self, cleaned_data):
# return self.success_message % (
# reverse_lazy('perms:asset-permission-list', kwargs={'pk': self.object.pk})
# )
# class PermUserAssetUpdateView(AdminUserRequiredMixin, UpdateView):

12
apps/templates/_nav.html
View File

@ -26,15 +26,15 @@
<li id=""><a href="">{% trans 'Label' %}</a></li>
</ul>
</li>
<li id="">
<li id="perms">
<a href="#"><i class="fa fa-edit"></i> <span class="nav-label">{% trans 'Perms' %}</span><span class="fa arrow"></span></a>
<ul class="nav nav-second-level">
<li id="sudo">
<a class="sudo" href="{% url 'perms:perm-user-list' %}">{% trans 'User perm' %}</a>
</li>
<li id="role">
<a href="">{% trans 'User group perm' %}</a>
<li id="asset-permission">
<a href="{% url 'perms:asset-permission-list' %}">{% trans 'Asset permission' %}</a>
</li>
{# <li id="user-group">#}
{# <a href="">{% trans 'User group perm' %}</a>#}
{# </li>#}
</ul>
</li>
<li id="">

2
apps/users/models.py
View File

@ -32,7 +32,7 @@ class UserGroup(models.Model):
return False
class Meta:
db_table = 'user-group'
db_table = 'user_group'
@classmethod
def initial(cls):

2
apps/users/views.py
View File

@ -84,7 +84,7 @@ class UserListView(AdminUserRequiredMixin, ListView):
model = User
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
context_object_name = 'user_list'
template_name = 'users/user_list.html'
template_name = 'users/asset_permission_list.html'
ordering = '-date_joined'
def get_queryset(self):