bug

2015-04-18 13:51:47 +08:00 · 2015-04-18 13:51:47 +08:00 · 84929840d0
parent d6171f7fe7
commit 84929840d0
6 changed files with 32 additions and 37 deletions
--- a/.gitignore
+++ b/.gitignore
@ -40,3 +40,4 @@ node_modules
 logs
 keys
 jumpserver.conf
+nohup.out
--- a/jasset/views.py
+++ b/jasset/views.py
@ -6,8 +6,7 @@ from django.db.models import Q
 from django.template import RequestContext
 from django.shortcuts import render_to_response

-from jasset.models import IDC, Asset, BisGroup, AssetAlias
-from jperm.models import Perm, SudoPerm
+from jperm.models import Perm
 from jumpserver.api import *

 cryptor = PyCrypt(KEY)
@ -334,36 +333,38 @@ def host_list(request):
    dept = DEPT.objects.get(id=dept_id)
    did = request.GET.get('did', '')
    gid = request.GET.get('gid', '')
-    sid = request.GET.get('sid', '')
-    post_all = Asset.objects.all().order_by('ip')
+    user_id = get_session_user_info(request)[0]

+    post_all = Asset.objects.all().order_by('ip')
    post_keyword_all = Asset.objects.filter(Q(ip__contains=keyword) |
                                            Q(idc__name__contains=keyword) |
                                            Q(bis_group__name__contains=keyword) |
                                            Q(comment__contains=keyword)).distinct().order_by('ip')
    if did:
+        if is_common_user(request) or is_group_admin(request):
+            return httperror(request, u'您无权查看!')
+
        dept = DEPT.objects.get(id=did)
        posts = dept.asset_set.all()
        return my_render('jasset/host_list_nop.html', locals(), request)

    elif gid:
-        posts = []
-        user_group = UserGroup.objects.get(id=gid)
-        perms = Perm.objects.filter(user_group=user_group)
-        for perm in perms:
-            for post in perm.asset_group.asset_set.all():
-                posts.append(post)
-        posts = list(set(posts))
-        return my_render('jasset/host_list_nop.html', locals(), request)
+        if is_common_user(request):
+            return httperror(request, u'您无权查看!')
+
+        elif is_group_admin(request) and not verify(request, user_group=[gid]):
+            return httperror(request, u'您无权查看!')

-    elif sid:
        posts = []
-        user_group = UserGroup.objects.get(id=sid)
-        perms = Perm.objects.filter(user_group=user_group)
-        for perm in perms:
-            for post in perm.asset_group.asset_set.all():
-                posts.append(post)
-        posts = list(set(posts))
+        user_group = UserGroup.objects.filter(id=gid)
+        if user_group:
+            perms = Perm.objects.filter(user_group=user_group)
+            for perm in perms:
+                for post in perm.asset_group.asset_set.all():
+                    posts.append(post)
+            posts = list(set(posts))
+        else:
+            return httperror(request, u'没有这个小组!')
        return my_render('jasset/host_list_nop.html', locals(), request)

    else:
--- a/jlog/views.py
+++ b/jlog/views.py
@ -1,20 +1,11 @@
 # coding:utf-8
-import os
-import ConfigParser
-from datetime import datetime
-
 from django.db.models import Q
-from django.http import HttpResponse
 from django.template import RequestContext
-from django.http import HttpResponseRedirect
 from django.shortcuts import render_to_response

-from connect import BASE_DIR
-from jlog.models import Log
-from jumpserver.views import pages
-from juser.models import User, DEPT
 from jumpserver.api import *
 from jasset.views import httperror
+from django.http import HttpResponseNotFound

 CONF = ConfigParser()
 CONF.read('%s/jumpserver.conf' % BASE_DIR)
@ -84,10 +75,12 @@ def log_kill(request):
        dept_name = log.dept_name
        deptname = get_session_user_info(request)[4]
        if is_group_admin(request) and dept_name != deptname:
-            return httperror(request, 'Kill失败, 您无权操作!')
+            return httperror(request, u'Kill失败, 您无权操作!')
        os.kill(int(pid), 9)
        Log.objects.filter(pid=pid).update(is_finished=1, end_time=datetime.datetime.now())
        return render_to_response('jlog/log_offline.html', locals(), context_instance=RequestContext(request))
+    else:
+        return HttpResponseNotFound(u'没有此进程!')


@require_login
--- a/jumpserver.conf
+++ b/jumpserver.conf
@ -17,14 +17,14 @@ database = jumpserver

 [ldap]
 ldap_enable = 1
-host_url = ldap://127.0.0.1:389
+host_url = ldap://192.168.0.129:389
 base_dn = dc=jumpserver, dc=org
 root_dn = cn=admin,dc=jumpserver,dc=org
 root_pw = secret234


 [websocket]
-web_socket_host = 192.168.20.209:3000
+web_socket_host = 192.168.0.129:3000


 [mail]
--- a/jumpserver/api.py
+++ b/jumpserver/api.py
@ -449,11 +449,11 @@ def verify(request, user_group=None, user=None, asset_group=None, asset=None, ed

    if asset_group:
        dept_asset_groups = dept.bisgroup_set.all()
-        asset_groups = []
-        for group_id in asset_group:
-            asset_groups.extend(BisGroup.objects.filter(id=int(group_id)))
+        asset_group_ids = []
+        for group in dept_asset_groups:
+            asset_group_ids.append(group.id)

-        if not set(asset_groups).issubset(set(dept_asset_groups)):
+        if not set(asset_group).issubset(set(asset_group_ids)):
            return False

    if asset:
--- a/templates/jlog/log_online.html
+++ b/templates/jlog/log_online.html
@ -209,7 +209,7 @@
           type: "GET",
           url: g_url,
           success: window.open("/jlog/log_list/online/", "_self")
-//           error: window.open(g_url, "_self")
+           error: window.open(g_url, "_self")
       });

 }