github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

merge dev ...

pull/26/head
yumaojun 2015-11-15 23:30:37 +08:00
parent 218ba0d189
commit 6da97c5403
16 changed files with 42 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
jasset/models.py
View File

@ -41,7 +41,7 @@ class IDC(models.Model):
phone = models.CharField(max_length=32, verbose_name=u'联系电话') phone = models.CharField(max_length=32, verbose_name=u'联系电话')
address = models.CharField(max_length=128, blank=True, null=True, verbose_name=u"机房地址") address = models.CharField(max_length=128, blank=True, null=True, verbose_name=u"机房地址")
network = models.TextField(blank=True, null=True, verbose_name=u"IP地址段") network = models.TextField(blank=True, null=True, verbose_name=u"IP地址段")
date_added = models.DateField(auto_now=True, default=datetime.datetime.now(), null=True) date_added = models.DateField(auto_now=True, null=True)
operator = models.IntegerField(max_length=32, blank=True, null=True, verbose_name=u"运营商") operator = models.IntegerField(max_length=32, blank=True, null=True, verbose_name=u"运营商")
comment = models.CharField(max_length=128, blank=True, null=True, verbose_name=u"备注") comment = models.CharField(max_length=128, blank=True, null=True, verbose_name=u"备注")
@ -81,7 +81,7 @@ class Asset(models.Model):
asset_type = models.IntegerField(max_length=2, choices=ASSET_TYPE, blank=True, null=True, verbose_name=u"主机类型") asset_type = models.IntegerField(max_length=2, choices=ASSET_TYPE, blank=True, null=True, verbose_name=u"主机类型")
env = models.IntegerField(max_length=2, choices=ASSET_ENV, blank=True, null=True, verbose_name=u"运行环境") env = models.IntegerField(max_length=2, choices=ASSET_ENV, blank=True, null=True, verbose_name=u"运行环境")
sn = models.CharField(max_length=128, blank=True, null=True, verbose_name=u"SN编号") sn = models.CharField(max_length=128, blank=True, null=True, verbose_name=u"SN编号")
date_added = models.DateTimeField(auto_now=True, default=datetime.datetime.now(), null=True) date_added = models.DateTimeField(auto_now=True, null=True)
is_active = models.BooleanField(default=True, verbose_name=u"是否激活") is_active = models.BooleanField(default=True, verbose_name=u"是否激活")
comment = models.CharField(max_length=128, blank=True, null=True, verbose_name=u"备注") comment = models.CharField(max_length=128, blank=True, null=True, verbose_name=u"备注")

5
jperm/utils.py
View File

@ -7,8 +7,7 @@ from paramiko.rsakey import RSAKey
from os import chmod, mkdir from os import chmod, mkdir
from uuid import uuid4 from uuid import uuid4
PERM_DIR = os.path.dirname(os.path.abspath(__file__)) from jumpserver.settings import KEY_DIR
KEY_DIR = os.path.join(PERM_DIR, 'role_keys')
def get_rand_pass(): def get_rand_pass():
@ -45,7 +44,7 @@ def gen_keys():
并且在该目录下 生产一对秘钥 并且在该目录下 生产一对秘钥
:return: 返回目录名(uuid) :return: 返回目录名(uuid)
""" """
key_basename = "keys-" + uuid4().hex key_basename = "key-" + uuid4().hex
key_path_dir = os.path.join(KEY_DIR, key_basename) key_path_dir = os.path.join(KEY_DIR, key_basename)
mkdir(key_path_dir, 0700) mkdir(key_path_dir, 0700)

25
jperm/views.py
View File

@ -2,7 +2,6 @@
from django.db.models import Q from django.db.models import Q
from jumpserver.api import *
from jperm.perm_api import * from jperm.perm_api import *
from jperm.models import PermLog as Log from jperm.models import PermLog as Log
from jperm.models import SysUser from jperm.models import SysUser
@ -47,7 +46,7 @@ def perm_rule_list(request):
render_data = updates_dict(data_nav, data_content) render_data = updates_dict(data_nav, data_content)
return my_render('jperm/perm_rule_list.html', render_data, request) return my_render('jperm/perm_rule_list.html', locals(), request)
@require_role('admin') @require_role('admin')
@ -73,7 +72,7 @@ def perm_rule_detail(request):
render_data = updates_dict(data_nav, data_content) render_data = updates_dict(data_nav, data_content)
return my_render('jperm/perm_rule_detail.html', render_data, request) return my_render('jperm/perm_rule_detail.html', locals(), request)
def perm_rule_add(request): def perm_rule_add(request):
@ -96,7 +95,7 @@ def perm_rule_add(request):
"assets": assets, "asset_groups": asset_groups, "assets": assets, "asset_groups": asset_groups,
"roles": roles} "roles": roles}
render_data = updates_dict(data_nav, data_content) render_data = updates_dict(data_nav, data_content)
return my_render('jperm/perm_rule_add.html', render_data, request) return my_render('jperm/perm_rule_add.html', locals(), request)
elif request.method == 'POST': elif request.method == 'POST':
# 获取用户选择的 用户,用户组,资产,资产组,用户角色 # 获取用户选择的 用户,用户组,资产,资产组,用户角色
@ -186,7 +185,7 @@ def perm_rule_edit(request):
"assets": assets_obj, "asset_groups": asset_groups_obj, "assets": assets_obj, "asset_groups": asset_groups_obj,
"roles": roles_obj, "rule": rule_obj} "roles": roles_obj, "rule": rule_obj}
render_data = updates_dict(data_nav, data_content) render_data = updates_dict(data_nav, data_content)
return my_render('jperm/perm_rule_edit.html', render_data, request) return my_render('jperm/perm_rule_edit.html', locals(), request)
elif request.method == 'POST' and rule_id: elif request.method == 'POST' and rule_id:
return HttpResponse("uncompleted") return HttpResponse("uncompleted")
@ -237,7 +236,7 @@ def perm_role_list(request):
render_data = updates_dict(data_nav, data_content) render_data = updates_dict(data_nav, data_content)
return my_render('jperm/perm_role_list.html', render_data, request) return my_render('jperm/perm_role_list.html', locals(), request)
@require_role('admin') @require_role('admin')
@ -253,7 +252,7 @@ def perm_role_add(request):
data_nav = {"header_title": "系统角色", "path1": "角色管理", "path2": "添加角色"} data_nav = {"header_title": "系统角色", "path1": "角色管理", "path2": "添加角色"}
if request.method == "GET": if request.method == "GET":
return my_render('jperm/perm_role_add.html', data_nav, request) return my_render('jperm/perm_role_add.html', locals(), request)
elif request.method == "POST": elif request.method == "POST":
# 获取参数: name, comment # 获取参数: name, comment
@ -311,7 +310,7 @@ def perm_role_detail(request):
role_id = request.GET.get("id") role_id = request.GET.get("id")
role_info = get_role_info(role_id) role_info = get_role_info(role_id)
render_data = updates_dict(data_nav, role_info) render_data = updates_dict(data_nav, role_info)
return my_render('jperm/perm_role_detail.html', render_data, request) return my_render('jperm/perm_role_detail.html', locals(), request)
@require_role('admin') @require_role('admin')
@ -327,7 +326,7 @@ def perm_role_edit(request):
role_id = request.GET.get("id") role_id = request.GET.get("id")
data_content = {"role": PermRole.objects.get(id=role_id)} data_content = {"role": PermRole.objects.get(id=role_id)}
render_data = updates_dict(data_nav, data_content) render_data = updates_dict(data_nav, data_content)
return my_render('jperm/perm_role_edit.html', render_data, request) return my_render('jperm/perm_role_edit.html', locals(), request)
if request.method == "POST": if request.method == "POST":
return HttpResponse(u"未实现") return HttpResponse(u"未实现")
@ -347,7 +346,7 @@ def perm_role_push(request):
"assets": Asset.objects.all(), "assets": Asset.objects.all(),
"asset_groups": AssetGroup.objects.all()} "asset_groups": AssetGroup.objects.all()}
render_data = updates_dict(data_nav, data_content) render_data = updates_dict(data_nav, data_content)
return my_render('jperm/perm_role_push.html', render_data, request) return my_render('jperm/perm_role_push.html', locals(), request)
if request.method == "POST": if request.method == "POST":
# 获取推荐角色的名称列表 # 获取推荐角色的名称列表
@ -400,12 +399,6 @@ def perm_role_push(request):
@require_role('admin') @require_role('admin')
def perm_group_list(request): def perm_group_list(request):
header_title, path1, path2 = '用户组授权', '授权管理', '用户组授权' header_title, path1, path2 = '用户组授权', '授权管理', '用户组授权'

4
jumpserver.conf
View File

@ -9,11 +9,11 @@ log = debug
host = 127.0.0.1 host = 127.0.0.1
port = 3306 port = 3306
user = jumpserver user = jumpserver
password = mysql234 password = mysql1234
database = jumpserver database = jumpserver
[websocket] [websocket]
web_socket_host = j:3000 web_socket_host = 127.0.0.1:3000
[mail] [mail]
mail_enable = 1 mail_enable = 1

3
jumpserver/settings.py
View File

@ -18,6 +18,7 @@ config = ConfigParser.ConfigParser()
BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__))) BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__)))
config.read(os.path.join(BASE_DIR, 'jumpserver.conf')) config.read(os.path.join(BASE_DIR, 'jumpserver.conf'))
KEY_DIR = os.path.join(BASE_DIR, 'role_keys')
DB_HOST = config.get('db', 'host') DB_HOST = config.get('db', 'host')
DB_PORT = config.getint('db', 'port') DB_PORT = config.getint('db', 'port')
@ -36,7 +37,7 @@ EMAIL_TIMEOUT = 5
# ======== Log ========== # ======== Log ==========
LOG_DIR = os.path.join(BASE_DIR, 'logs') LOG_DIR = os.path.join(BASE_DIR, 'logs')
SSH_KEY_DIR = os.path.join(BASE_DIR, 'keys') SSH_KEY_DIR = os.path.join(BASE_DIR, 'role_keys')
KEY = config.get('base', 'key') KEY = config.get('base', 'key')
URL = config.get('base', 'url') URL = config.get('base', 'url')
LOG_LEVEL = config.get('base', 'log') LOG_LEVEL = config.get('base', 'log')

BIN
jumpserver/templatetags/__init__.pyc
View File

Binary file not shown.

20
jumpserver/views.py
View File

@ -80,17 +80,17 @@ def index_cu(request):
user = get_object(User, id=user_id) user = get_object(User, id=user_id)
login_types = {'L': 'LDAP', 'M': 'MAP'} login_types = {'L': 'LDAP', 'M': 'MAP'}
username = user.username username = user.username
posts = user.get_asset() # posts = user.get_asset()
host_count = len(posts) # host_count = len(posts)
new_posts = [] new_posts = []
post_five = [] post_five = []
for post in posts: # for post in posts:
if len(post_five) < 5: # if len(post_five) < 5:
post_five.append(post) # post_five.append(post)
else: # else:
new_posts.append(post_five) # new_posts.append(post_five)
post_five = [] # post_five = []
new_posts.append(post_five) # new_posts.append(post_five)
return render_to_response('index_cu.html', locals(), context_instance=RequestContext(request)) return render_to_response('index_cu.html', locals(), context_instance=RequestContext(request))
@ -266,7 +266,7 @@ def setting(request):
if '' in [username, port] and ('' in password or '' in private_key): if '' in [username, port] and ('' in password or '' in private_key):
return HttpResponse('所填内容不能为空, 且密码和私钥填一个') return HttpResponse('所填内容不能为空, 且密码和私钥填一个')
else: else:
private_key_path = os.path.join(BASE_DIR, 'keys', 'default', 'default_private_key.pem') private_key_path = os.path.join(BASE_DIR, 'role_keys', 'default', 'default_private_key.pem')
if private_key: if private_key:
with open(private_key_path, 'w') as f: with open(private_key_path, 'w') as f:
f.write(private_key) f.write(private_key)

2
juser/models.py
View File

@ -28,8 +28,6 @@ class User(AbstractUser):
# last_login = models.DateTimeField(null=True) # last_login = models.DateTimeField(null=True)
# date_joined = models.DateTimeField(null=True) # date_joined = models.DateTimeField(null=True)
def __unicode__(self): def __unicode__(self):
return self.username return self.username

2
juser/user_api.py
View File

@ -119,7 +119,7 @@ def db_del_user(username):
def gen_ssh_key(username, password='', def gen_ssh_key(username, password='',
key_dir=os.path.join(BASE_DIR, 'keys/user/'), key_dir=os.path.join(BASE_DIR, 'role_keys/user/'),
authorized_keys=True, home="/home", length=2048): authorized_keys=True, home="/home", length=2048):
""" """
generate a user ssh key in a property dir generate a user ssh key in a property dir

2
juser/views.py
View File

@ -481,7 +481,7 @@ def down_key(request):
user = get_object(User, id=user_id) user = get_object(User, id=user_id)
if user: if user:
username = user.username username = user.username
private_key_file = os.path.join(BASE_DIR, 'keys/jumpserver', username+".pem") private_key_file = os.path.join(BASE_DIR, 'role_keys/jumpserver', username + ".pem")
if os.path.isfile(private_key_file): if os.path.isfile(private_key_file):
f = open(private_key_file) f = open(private_key_file)
data = f.read() data = f.read()

6
static/js/highcharts/highcharts.src.js
View File

@ -180,7 +180,7 @@ function merge() {
} }
/** /**
* Take an array and turn into a hash with even number arguments as keys and odd numbers as * Take an array and turn into a hash with even number arguments as role_keys and odd numbers as
* values. Allows creating constants for commonly used style properties, attributes etc. * values. Allows creating constants for commonly used style properties, attributes etc.
* Avoid it in performance critical situations like looping * Avoid it in performance critical situations like looping
*/ */
@ -448,7 +448,7 @@ dateFormat = function (format, timestamp, capitalize) {
lang = defaultOptions.lang, lang = defaultOptions.lang,
langWeekdays = lang.weekdays, langWeekdays = lang.weekdays,
// List all format keys. Custom formats can be added from the outside. // List all format role_keys. Custom formats can be added from the outside.
replacements = extend({ replacements = extend({
// Day // Day
@ -14895,7 +14895,7 @@ var AreaSeries = extendClass(Series, {
pointMap[points[i].x] = points[i]; pointMap[points[i].x] = points[i];
} }
// Sort the keys (#1651) // Sort the role_keys (#1651)
for (x in stack) { for (x in stack) {
if (stack[x].total !== null) { // nulled after switching between grouping and not (#1651, #2336) if (stack[x].total !== null) { // nulled after switching between grouping and not (#1651, #2336)
keys.push(+x); keys.push(+x);

2
static/js/jquery-ui-1.10.4.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
static/js/jquery.colorbox.js
View File

@ -358,7 +358,7 @@
getRelated(settings.get('rel')); getRelated(settings.get('rel'));
if (!open) { if (!open) {
open = active = true; // Prevents the page-change action from queuing up if the visitor holds down the left or right keys. open = active = true; // Prevents the page-change action from queuing up if the visitor holds down the left or right role_keys.
setClass(settings.get('className')); setClass(settings.get('className'));

10
static/js/term.js
View File

@ -2777,7 +2777,7 @@ Terminal.prototype.deviceStatus = function(params) {
// this.send('\x1b[?11n'); // this.send('\x1b[?11n');
break; break;
case 25: case 25:
// dont support user defined keys // dont support user defined role_keys
// this.send('\x1b[?21n'); // this.send('\x1b[?21n');
break; break;
case 26: case 26:
@ -2964,7 +2964,7 @@ Terminal.prototype.HPositionRelative = function(params) {
// Ps = 1 -> 132-columns. // Ps = 1 -> 132-columns.
// Ps = 2 -> Printer. // Ps = 2 -> Printer.
// Ps = 6 -> Selective erase. // Ps = 6 -> Selective erase.
// Ps = 8 -> User-defined keys. // Ps = 8 -> User-defined role_keys.
// Ps = 9 -> National replacement character sets. // Ps = 9 -> National replacement character sets.
// Ps = 1 5 -> Technical characters. // Ps = 1 5 -> Technical characters.
// Ps = 2 2 -> ANSI color, e.g., VT525. // Ps = 2 2 -> ANSI color, e.g., VT525.
@ -3105,7 +3105,7 @@ Terminal.prototype.HVPosition = function(params) {
// Ps = 1 0 3 4 -> Interpret "meta" key, sets eighth bit. // Ps = 1 0 3 4 -> Interpret "meta" key, sets eighth bit.
// (enables the eightBitInput resource). // (enables the eightBitInput resource).
// Ps = 1 0 3 5 -> Enable special modifiers for Alt and Num- // Ps = 1 0 3 5 -> Enable special modifiers for Alt and Num-
// Lock keys. (This enables the numLock resource). // Lock role_keys. (This enables the numLock resource).
// Ps = 1 0 3 6 -> Send ESC when Meta modifies a key. (This // Ps = 1 0 3 6 -> Send ESC when Meta modifies a key. (This
// enables the metaSendsEscape resource). // enables the metaSendsEscape resource).
// Ps = 1 0 3 7 -> Send DEL from the editing-keypad Delete // Ps = 1 0 3 7 -> Send DEL from the editing-keypad Delete
@ -3304,7 +3304,7 @@ Terminal.prototype.setMode = function(params) {
// Ps = 1 0 3 4 -> Don't interpret "meta" key. (This disables // Ps = 1 0 3 4 -> Don't interpret "meta" key. (This disables
// the eightBitInput resource). // the eightBitInput resource).
// Ps = 1 0 3 5 -> Disable special modifiers for Alt and Num- // Ps = 1 0 3 5 -> Disable special modifiers for Alt and Num-
// Lock keys. (This disables the numLock resource). // Lock role_keys. (This disables the numLock resource).
// Ps = 1 0 3 6 -> Don't send ESC when Meta modifies a key. // Ps = 1 0 3 6 -> Don't send ESC when Meta modifies a key.
// (This disables the metaSendsEscape resource). // (This disables the metaSendsEscape resource).
// Ps = 1 0 3 7 -> Send VT220 Remove from the editing-keypad // Ps = 1 0 3 7 -> Send VT220 Remove from the editing-keypad
@ -3588,7 +3588,7 @@ Terminal.prototype.setResources = function(params) {
// Ps = 4 -> modifyOtherKeys. // Ps = 4 -> modifyOtherKeys.
// If the parameter is omitted, modifyFunctionKeys is disabled. // If the parameter is omitted, modifyFunctionKeys is disabled.
// When modifyFunctionKeys is disabled, xterm uses the modifier // When modifyFunctionKeys is disabled, xterm uses the modifier
// keys to make an extended sequence of functions rather than // role_keys to make an extended sequence of functions rather than
// adding a parameter to each function key to denote the modi- // adding a parameter to each function key to denote the modi-
// fiers. // fiers.
Terminal.prototype.disableModifiers = function(params) { Terminal.prototype.disableModifiers = function(params) {

4
templates/jperm/perm_role_list.html
View File

@ -24,8 +24,8 @@
<div class="ibox-content"> <div class="ibox-content">
<div class=""> <div class="">
<a target="_blank" href="/jperm/role/perm_role_add/" class="btn btn-sm btn-primary "> 添加角色 </a> <a href="/jperm/role/perm_role_add/" class="btn btn-sm btn-primary "> 添加角色 </a>
<a target="_blank" href="/jperm/role/perm_role_push/" class="btn btn-sm btn-primary "> 推送角色 </a> <a href="/jperm/role/perm_role_push/" class="btn btn-sm btn-primary "> 推送角色 </a>
<a id="del_btn" class="btn btn-sm btn-danger "> 删除所选 </a> <a id="del_btn" class="btn btn-sm btn-danger "> 删除所选 </a>
<form id="search_form" method="get" action="" class="pull-right mail-search"> <form id="search_form" method="get" action="" class="pull-right mail-search">
<div class="input-group"> <div class="input-group">

2
templates/jperm/perm_rule_list.html
View File

@ -24,7 +24,7 @@
<div class="ibox-content"> <div class="ibox-content">
<div class=""> <div class="">
<a target="_blank" href="/jperm/perm_rule_add/" class="btn btn-sm btn-primary "> 添加规则 </a> <a href="/jperm/perm_rule_add/" class="btn btn-sm btn-primary "> 添加规则 </a>
<a id="del_btn" class="btn btn-sm btn-danger "> 删除所选 </a> <a id="del_btn" class="btn btn-sm btn-danger "> 删除所选 </a>
<form id="search_form" method="get" action="" class="pull-right mail-search"> <form id="search_form" method="get" action="" class="pull-right mail-search">
<div class="input-group"> <div class="input-group">