github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

usermodle

pull/26/head
liuzheng712 2015-09-15 23:38:06 +08:00
parent d32ea9f9a1
commit 79c79432f5
5 changed files with 129 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
jumpserver/settings.py
View File

@ -22,7 +22,7 @@ DB_PORT = config.getint('db', 'port')
DB_USER = config.get('db', 'user') DB_USER = config.get('db', 'user')
DB_PASSWORD = config.get('db', 'password') DB_PASSWORD = config.get('db', 'password')
DB_DATABASE = config.get('db', 'database') DB_DATABASE = config.get('db', 'database')
AUTH_USER_MODEL = 'juser.CustomUser'
# mail config # mail config
EMAIL_HOST = config.get('mail', 'email_host') EMAIL_HOST = config.get('mail', 'email_host')
EMAIL_PORT = config.get('mail', 'email_port') EMAIL_PORT = config.get('mail', 'email_port')
@ -98,7 +98,7 @@ TEMPLATE_CONTEXT_PROCESSORS = (
'django.core.context_processors.static', 'django.core.context_processors.static',
'django.core.context_processors.tz', 'django.core.context_processors.tz',
'django.contrib.messages.context_processors.messages', 'django.contrib.messages.context_processors.messages',
'jumpserver.context_processors.name_proc' 'jumpserver.context_processors.name_proc',
) )
TEMPLATE_DIRS = ( TEMPLATE_DIRS = (

4
jumpserver/urls.py
View File

@ -8,8 +8,8 @@ urlpatterns = patterns('',
(r'^skin_config/$', 'jumpserver.views.skin_config'), (r'^skin_config/$', 'jumpserver.views.skin_config'),
(r'^install/$', 'jumpserver.views.install'), (r'^install/$', 'jumpserver.views.install'),
(r'^base/$', 'jumpserver.views.base'), (r'^base/$', 'jumpserver.views.base'),
(r'^login/$', 'jumpserver.views.login'), (r'^login/$', 'jumpserver.views.Login'),
(r'^logout/$', 'jumpserver.views.logout'), (r'^logout/$', 'jumpserver.views.Logout'),
(r'^file/upload/$', 'jumpserver.views.upload'), (r'^file/upload/$', 'jumpserver.views.upload'),
(r'^file/download/$', 'jumpserver.views.download'), (r'^file/download/$', 'jumpserver.views.download'),
(r'^error/$', 'jumpserver.views.httperror'), (r'^error/$', 'jumpserver.views.httperror'),

124
jumpserver/views.py
View File

@ -12,7 +12,8 @@ from django.http import HttpResponse
# from jperm.models import Apply # from jperm.models import Apply
import paramiko import paramiko
from jumpserver.api import * from jumpserver.api import *
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required
def getDaysByNum(num): def getDaysByNum(num):
@ -46,13 +47,105 @@ def get_data(data, items, option):
dic[name] = li dic[name] = li
return dic return dic
class CustomUser(object):
def __init__(self,request):
self.requset = request
def __unicode__(self):
return self.requset.user.username
def get_asset_group(self):
"""
Get user host_groups.
获取用户有权限的主机组
"""
host_group_list = []
perm_list = []
user_group_all = self.requset.user.group.all()
for user_group in user_group_all:
perm_list.extend(user_group.perm_set.all())
for perm in perm_list:
host_group_list.append(perm.asset_group)
return host_group_list
def get_asset_group_info(self, printable=False):
"""
Get or print asset group info
获取或打印用户授权资产组
"""
asset_groups_info = {}
asset_groups = self.get_asset_group()
for asset_group in asset_groups:
asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment]
if printable:
for group_id in asset_groups_info:
if asset_groups_info[group_id][1]:
print "[%3s] %s -- %s" % (group_id,
asset_groups_info[group_id][0],
asset_groups_info[group_id][1])
else:
print "[%3s] %s" % (group_id, asset_groups_info[group_id][0])
print ''
else:
return asset_groups_info
def get_asset(self):
"""
Get the assets of under the user control.
获取主机列表
"""
assets = []
asset_groups = self.get_asset_group()
for asset_group in asset_groups:
assets.extend(asset_group.asset_set.all())
return assets
def get_asset_info(self, printable=False):
"""
Get or print the user asset info
获取或打印用户资产信息
"""
from jasset.models import AssetAlias
assets_info = {}
assets = self.get_asset()
for asset in assets:
asset_alias = AssetAlias.objects.filter(user=self, asset=asset)
if asset_alias and asset_alias[0].alias != '':
assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)]
else:
assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)]
if printable:
ips = assets_info.keys()
ips.sort()
for ip in ips:
if assets_info[ip][2]:
print '%-15s -- %s' % (ip, assets_info[ip][2])
else:
print '%-15s' % ip
print ''
else:
return assets_info
# @login_required
@require_role(role='user') @require_role(role='user')
def index_cu(request): def index_cu(request):
user_id = request.session.get('user_id') # user_id = request.session.get('user_id')
user = get_object(User, id=user_id) # user = get_object(User, id=user_id)
# user = {}
# user.name = request.user.username
# user.username = request.user.username
# user.id = request.user.id
login_types = {'L': 'LDAP', 'M': 'MAP'} login_types = {'L': 'LDAP', 'M': 'MAP'}
username = user.username user = CustomUser(request)
posts = user.get_asset() posts = user.get_asset()
host_count = len(posts) host_count = len(posts)
new_posts = [] new_posts = []
@ -64,7 +157,6 @@ def index_cu(request):
new_posts.append(post_five) new_posts.append(post_five)
post_five = [] post_five = []
new_posts.append(post_five) new_posts.append(post_five)
return render_to_response('index_cu.html', locals(), context_instance=RequestContext(request)) return render_to_response('index_cu.html', locals(), context_instance=RequestContext(request))
@ -193,7 +285,7 @@ def is_latest():
pass pass
def login(request): def Login(request):
"""登录界面""" """登录界面"""
if request.session.get('username'): if request.session.get('username'):
return HttpResponseRedirect('/') return HttpResponseRedirect('/')
@ -202,22 +294,20 @@ def login(request):
else: else:
username = request.POST.get('username') username = request.POST.get('username')
password = request.POST.get('password') password = request.POST.get('password')
user_filter = User.objects.filter(username=username) user = authenticate(username=username, password=password)
if user_filter: if user is not None:
user = user_filter[0] if user.is_active:
if PyCrypt.md5_crypt(password) == user.password: login(request, user)
request.session['user_id'] = user.id request.session['user_id'] = user.id
user_filter.update(last_login=datetime.datetime.now())
if user.role == 'SU': if user.role == 'SU':
request.session['role_id'] = 2 request.session['role_id'] = 2
elif user.role == 'GA': elif user.role == 'GA':
request.session['role_id'] = 1 request.session['role_id'] = 1
else: else:
request.session['role_id'] = 0 request.session['role_id'] = 0
response = HttpResponseRedirect('/', ) # response.set_cookie('username', username, expires=604800)
response.set_cookie('username', username, expires=604800) # response.set_cookie('seed', PyCrypt.md5_crypt(password), expires=604800)
response.set_cookie('seed', PyCrypt.md5_crypt(password), expires=604800) return HttpResponseRedirect('/', )
return response
else: else:
error = '密码错误,请重新输入。' error = '密码错误,请重新输入。'
else: else:
@ -225,8 +315,8 @@ def login(request):
return render_to_response('login.html', {'error': error}) return render_to_response('login.html', {'error': error})
def logout(request): def Logout(request):
request.session.delete() logout(request)
return HttpResponseRedirect('/login/') return HttpResponseRedirect('/login/')
# #

19
juser/models.py
View File

@ -1,4 +1,4 @@
#coding: utf-8 # coding: utf-8
from django.db import models from django.db import models
@ -19,6 +19,21 @@ class UserGroup(models.Model):
self.save() self.save()
from django.contrib.auth.models import AbstractUser
class CustomUser(AbstractUser):
USER_ROLE_CHOICES = (
('SU', 'SuperUser'),
('GA', 'GroupAdmin'),
('CU', 'CommonUser'),
)
name = models.CharField(max_length=80)
uuid = models.CharField(max_length=100)
role = models.CharField(max_length=2, choices=USER_ROLE_CHOICES, default='CU')
group = models.ManyToManyField(UserGroup)
ssh_key_pwd = models.CharField(max_length=200)
class User(models.Model): class User(models.Model):
USER_ROLE_CHOICES = ( USER_ROLE_CHOICES = (
('SU', 'SuperUser'), ('SU', 'SuperUser'),
@ -137,5 +152,3 @@ class AdminGroup(models.Model):
def __unicode__(self): def __unicode__(self):
return '%s: %s' % (self.user.username, self.group.name) return '%s: %s' % (self.user.username, self.group.name)

4
templates/index_cu.html
View File

@ -72,7 +72,7 @@
<div class="col-lg-4"> <div class="col-lg-4">
<div class="ibox float-e-margins"> <div class="ibox float-e-margins">
<div class="ibox-title"> <div class="ibox-title">
<span class="label label-primary"><b>{{ user.name }}</b></span> <span class="label label-primary"><b>{{ user.username }}</b></span>
<div class="ibox-tools"> <div class="ibox-tools">
<a class="collapse-link"> <a class="collapse-link">
<i class="fa fa-chevron-up"></i> <i class="fa fa-chevron-up"></i>
@ -109,7 +109,7 @@
</tr> </tr>
<tr> <tr>
<td class="text-navy">角色</td> <td class="text-navy">角色</td>
<td>{{ user.id | get_role }}</td> <td>{{ user.role }}</td>
</tr> </tr>
<tr> <tr>
<td class="text-navy">Email</td> <td class="text-navy">Email</td>