mirror of https://github.com/jumpserver/jumpserver
基本完成用户管理
guanghongwei
parent
d32026013f
commit
8bc40dbea1
|
|
@ -39,3 +39,4 @@ nosetests.xml
|
|||
node_modules
|
||||
logs
|
||||
keys
|
||||
jumpserver.conf
|
||||
|
|
|
|||
|
|
@ -8,11 +8,11 @@ password = mysql234
|
|||
database = jumpserver
|
||||
|
||||
[ldap]
|
||||
ldap_enable = 0
|
||||
host_url = ldap://192.168.8.60:389
|
||||
base_dn = dc=fengxing, dc=com
|
||||
root_dn = cn=admin,dc=fengxing,dc=com
|
||||
root_pw = 123456
|
||||
ldap_enable = 1
|
||||
host_url = ldap://127.0.0.1:389
|
||||
base_dn = dc=jumpserver, dc=org
|
||||
root_dn = cn=admin,dc=jumpserver,dc=org
|
||||
root_pw = secret234
|
||||
|
||||
[websocket]
|
||||
web_socket_host = 127.0.0.1:3000
|
||||
|
|
|
|||
|
|
@ -27,8 +27,12 @@ def int2str(value):
|
|||
@register.filter(name='get_role')
|
||||
def get_role(user_id):
|
||||
user_role = {'SU': u'超级管理员', 'DA': u'部门管理员', 'CU': u'普通用户'}
|
||||
user = User.objects.get(id=user_id)
|
||||
return user_role.get(str(user.role))
|
||||
user = User.objects.filter(id=user_id)
|
||||
if user:
|
||||
user = user[0]
|
||||
return user_role.get(str(user.role), u"普通用户")
|
||||
else:
|
||||
return u"普通用户"
|
||||
|
||||
|
||||
@register.filter(name='groups_str')
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ urlpatterns = patterns('juser.views',
|
|||
(r'^user_list/$', 'user_list'),
|
||||
(r'^user_detail/$', 'user_detail'),
|
||||
(r'^user_del/$', 'user_del'),
|
||||
(r'^user_del_ajax/$', 'user_del_ajax'),
|
||||
(r'^user_edit/$', 'user_edit'),
|
||||
(r'^profile/$', 'profile'),
|
||||
(r'^chg_pass/$', 'chg_pass'),
|
||||
|
|
|
|||
138
juser/views.py
138
juser/views.py
|
|
@ -111,7 +111,7 @@ def db_update_user(**kwargs):
|
|||
for group_id in groups_post:
|
||||
group = UserGroup.objects.filter(id=group_id)
|
||||
group_select.extend(group)
|
||||
user.user_group = group_select
|
||||
user.group = group_select
|
||||
|
||||
|
||||
def db_del_user(username):
|
||||
|
|
@ -203,27 +203,6 @@ def ldap_del_user(username):
|
|||
ldap_conn.delete(sudo_dn)
|
||||
|
||||
|
||||
# def ldap_group_add(group_name, username_list, gid):
|
||||
# group_dn = "cn=%s,ou=Group,%s" % (group_name, LDAP_BASE_DN)
|
||||
# group_attr = {'objectClass': ['posixGroup', 'top'],
|
||||
# 'cn': [str(group_name)],
|
||||
# 'userPassword': ['{crypt}x'],
|
||||
# 'gidNumber': [gid],
|
||||
# 'memberUid': username_list}
|
||||
# ldap_conn.add(group_dn, group_attr)
|
||||
|
||||
|
||||
# def group_add_ajax(request):
|
||||
# group_type = request.POST.get('type', 'A')
|
||||
# users_all = User.objects.all()
|
||||
# if group_type == 'A':
|
||||
# users = users_all
|
||||
# else:
|
||||
# users = [user for user in users_all if not user.user_group.filter(type='M')]
|
||||
#
|
||||
# return render_to_response('juser/group_add_ajax.html', locals(), context_instance=RequestContext(request))
|
||||
|
||||
|
||||
def dept_add(request):
|
||||
header_title, path1, path2 = '添加部门', '用户管理', '添加部门'
|
||||
if request.method == 'POST':
|
||||
|
|
@ -494,11 +473,11 @@ def user_add(request):
|
|||
groups = request.POST.getlist('groups', [])
|
||||
role_post = request.POST.get('role', 'CU')
|
||||
ssh_key_pwd = request.POST.get('ssh_key_pwd', '')
|
||||
is_active = request.POST.get('is_active', '1')
|
||||
is_active = True if request.POST.get('is_active', '1') == '1' else False
|
||||
ldap_pwd = gen_rand_pwd(16)
|
||||
|
||||
try:
|
||||
if None in [username, password, ssh_key_pwd, name, groups, role_post, is_active]:
|
||||
if '' in [username, password, ssh_key_pwd, name, groups, role_post, is_active]:
|
||||
error = u'带*内容不能为空'
|
||||
raise AddError
|
||||
user = User.objects.filter(username=username)
|
||||
|
|
@ -568,76 +547,87 @@ def user_list(request):
|
|||
|
||||
|
||||
def user_detail(request):
|
||||
user_id = request.GET.get('id', None)
|
||||
user_id = request.GET.get('id', '')
|
||||
if not user_id:
|
||||
return HttpResponseRedirect('/')
|
||||
user = User.objects.get(id=user_id)
|
||||
return HttpResponseRedirect('/juser/user_list/')
|
||||
user = User.objects.filter(id=user_id)
|
||||
if user:
|
||||
user = user[0]
|
||||
|
||||
return render_to_response('juser/user_detail.html', locals(), context_instance=RequestContext(request))
|
||||
|
||||
|
||||
def user_del(request):
|
||||
user_id = request.GET.get('id', None)
|
||||
user_id = request.GET.get('id', '')
|
||||
if not user_id:
|
||||
return HttpResponseRedirect('/')
|
||||
user = User.objects.get(id=user_id)
|
||||
user.delete()
|
||||
group = UserGroup.objects.get(name=user.username)
|
||||
group.delete()
|
||||
server_del_user(user.username)
|
||||
ldap_del_user(user.username)
|
||||
return HttpResponseRedirect('/juser/user_list/', locals(), context_instance=RequestContext(request))
|
||||
user = User.objects.filter(id=user_id)
|
||||
if user:
|
||||
user = user[0]
|
||||
user.delete()
|
||||
server_del_user(user.username)
|
||||
if LDAP_ENABLE:
|
||||
ldap_del_user(user.username)
|
||||
return HttpResponseRedirect('/juser/user_list/')
|
||||
|
||||
|
||||
def user_del_ajax(request):
|
||||
user_ids = request.POST.get('ids')
|
||||
for user_id in user_ids.split(','):
|
||||
user = User.objects.filter(id=user_id)
|
||||
if user:
|
||||
user = user[0]
|
||||
user.delete()
|
||||
server_del_user(user.username)
|
||||
if LDAP_ENABLE:
|
||||
ldap_del_user(user.username)
|
||||
|
||||
return HttpResponse('删除成功')
|
||||
|
||||
|
||||
def user_edit(request):
|
||||
header_title, path1, path2 = '编辑用户 | Edit User', 'juser', 'user_edit'
|
||||
readonly = "readonly"
|
||||
header_title, path1, path2 = '编辑用户', '用户管理', '用户编辑'
|
||||
if request.method == 'GET':
|
||||
user_id = request.GET.get('id', None)
|
||||
user_id = request.GET.get('id', '')
|
||||
if not user_id:
|
||||
return HttpResponseRedirect('/')
|
||||
user = User.objects.get(id=user_id)
|
||||
username = user.username
|
||||
password = user.password
|
||||
ssh_key_pwd = user.ssh_key_pwd
|
||||
name = user.name
|
||||
manage_groups = UserGroup.objects.filter(type='M')
|
||||
auth_groups = UserGroup.objects.filter(type='A')
|
||||
manage_group_id = user.user_group.get(type='M').id
|
||||
groups_str = ' '.join([str(group.id) for group in auth_groups])
|
||||
user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
|
||||
role_post = user.role
|
||||
ssh_pwd = user.ssh_pwd
|
||||
email = user.email
|
||||
|
||||
user_role = {'SU': u'超级管理员', 'DA': u'部门管理员', 'CU': u'普通用户'}
|
||||
user = User.objects.filter(id=user_id)
|
||||
dept_all = DEPT.objects.all()
|
||||
group_all = UserGroup.objects.all()
|
||||
if user:
|
||||
user = user[0]
|
||||
groups_str = ' '.join([str(group.id) for group in user.group.all()])
|
||||
|
||||
else:
|
||||
username = request.POST.get('username', None)
|
||||
password = request.POST.get('password', None)
|
||||
name = request.POST.get('name', None)
|
||||
username = request.POST.get('username', '')
|
||||
password = request.POST.get('password', '')
|
||||
name = request.POST.get('name', '')
|
||||
email = request.POST.get('email', '')
|
||||
manage_group_id = request.POST.get('manage_group', '')
|
||||
auth_groups = request.POST.getlist('groups', None)
|
||||
groups = auth_groups
|
||||
groups.append(manage_group_id)
|
||||
groups_str = ' '.join(auth_groups)
|
||||
role_post = request.POST.get('role', None)
|
||||
ssh_pwd = request.POST.get('ssh_pwd', None)
|
||||
ssh_key_pwd = request.POST.get('ssh_key_pwd', None)
|
||||
is_active = request.POST.get('is_active', '1')
|
||||
ldap_pwd = gen_rand_pwd(16)
|
||||
all_group = UserGroup.objects.filter(Q(type='M') | Q(type='A'))
|
||||
user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
|
||||
dept_id = request.POST.get('dept_id')
|
||||
groups = request.POST.getlist('groups', [])
|
||||
role_post = request.POST.get('role', 'CU')
|
||||
ssh_key_pwd = request.POST.get('ssh_key_pwd', '')
|
||||
is_active = True if request.POST.get('is_active', '1') == '1' else False
|
||||
|
||||
user_role = {'SU': u'超级管理员', 'DA': u'部门管理员', 'CU': u'普通用户'}
|
||||
dept = DEPT.objects.filter(id=dept_id)
|
||||
if dept:
|
||||
dept = dept[0]
|
||||
else:
|
||||
dept = DEPT.objects.get(id='1')
|
||||
|
||||
if username:
|
||||
user = User.objects.get(username=username)
|
||||
user = User.objects.filter(username=username)
|
||||
if user:
|
||||
user = user[0]
|
||||
else:
|
||||
return HttpResponseRedirect('/')
|
||||
return HttpResponseRedirect('/juser/user_list/')
|
||||
|
||||
if password != user.password:
|
||||
password = md5_crypt(password)
|
||||
|
||||
if ssh_pwd != user.ssh_pwd:
|
||||
ssh_pwd = CRYPTOR.encrypt(ssh_pwd)
|
||||
|
||||
if ssh_key_pwd != user.ssh_key_pwd:
|
||||
ssh_key_pwd = CRYPTOR.encrypt(ssh_key_pwd)
|
||||
|
||||
|
|
@ -646,14 +636,14 @@ def user_edit(request):
|
|||
name=name,
|
||||
email=email,
|
||||
groups=groups,
|
||||
dept=dept,
|
||||
role=role_post,
|
||||
ssh_pwd=ssh_pwd,
|
||||
is_active=is_active,
|
||||
ssh_key_pwd=ssh_key_pwd)
|
||||
msg = u'修改用户成功'
|
||||
|
||||
return HttpResponseRedirect('/juser/user_list/')
|
||||
|
||||
return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request))
|
||||
return render_to_response('juser/user_edit.html', locals(), context_instance=RequestContext(request))
|
||||
|
||||
|
||||
def profile(request):
|
||||
|
|
|
|||
|
|
@ -39,10 +39,16 @@
|
|||
</tr>
|
||||
<tr class="gradeX">
|
||||
<td class="text-center">角色</td>
|
||||
<td class="text-center">{{ user.id|get_role }}</td>
|
||||
<td class="text-center">{{ user.id }}</td>
|
||||
</tr>
|
||||
<tr class="gradeX">
|
||||
<td class="text-center">属组</td>
|
||||
<td class="text-center">部门</td>
|
||||
<td class="text-center">
|
||||
{{ user.dept.name }}
|
||||
</td>
|
||||
</tr>
|
||||
<tr class="gradeX">
|
||||
<td class="text-center">小组</td>
|
||||
<td class="text-center">
|
||||
{% for group in user.user_group.all %}
|
||||
{{ group.name }}
|
||||
|
|
@ -59,7 +65,7 @@
|
|||
</tr>
|
||||
<tr class="gradeX">
|
||||
<td class="text-center">添加时间</td>
|
||||
<td class="text-center">{{ user.date_joined|stamp2str }}</td>
|
||||
<td class="text-center">{{ user.date_joined }}</td>
|
||||
</tr>
|
||||
<tr class="gradeX">
|
||||
<td class="text-center">最后登录</td>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,214 @@
|
|||
{% extends 'base.html' %}
|
||||
{% load mytags %}
|
||||
|
||||
|
||||
{% block content %}
|
||||
{% include 'nav_cat_bar.html' %}
|
||||
<div class="wrapper wrapper-content animated fadeInRight">
|
||||
<div class="row">
|
||||
<div class="col-lg-10">
|
||||
<div class="ibox float-e-margins">
|
||||
<div class="ibox-title">
|
||||
<h5>编辑用户信息</h5>
|
||||
<div class="ibox-tools">
|
||||
<a class="collapse-link">
|
||||
<i class="fa fa-chevron-up"></i>
|
||||
</a>
|
||||
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
|
||||
<i class="fa fa-wrench"></i>
|
||||
</a>
|
||||
<ul class="dropdown-menu dropdown-user">
|
||||
<li><a href="#">未启用 1</a>
|
||||
</li>
|
||||
<li><a href="#">未启用 2</a>
|
||||
</li>
|
||||
</ul>
|
||||
<a class="close-link">
|
||||
<i class="fa fa-times"></i>
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
<div class="ibox-content">
|
||||
<form method="post" id="userForm" class="form-horizontal" action="">
|
||||
{% if error %}
|
||||
<div class="alert alert-warning text-center">{{ error }}</div>
|
||||
{% endif %}
|
||||
{% if msg %}
|
||||
<div class="alert alert-success text-center">{{ msg }}</div>
|
||||
{% endif %}
|
||||
<div class="form-group">
|
||||
<label for="username" class="col-sm-2 control-label">用户名<span class="red-fonts">*</span></label>
|
||||
<div class="col-sm-8">
|
||||
<input id="username" name="username" placeholder="Username" type="text" class="form-control" value="{{ user.username }}" readonly>
|
||||
</div>
|
||||
</div>
|
||||
<div class="hr-line-dashed"></div>
|
||||
<div class="form-group">
|
||||
<label for="password" class="col-sm-2 control-label">密码<span class="red-fonts">*</span></label>
|
||||
<div class="col-sm-8">
|
||||
<input id="password" name="password" placeholder="Password" type="password" class="form-control" value="{{ user.password }}">
|
||||
<span class="help-block m-b-none">
|
||||
登陆web的密码
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="hr-line-dashed"></div>
|
||||
<div class="form-group">
|
||||
<label for="ssh_key_pwd" class="col-sm-2 control-label">密钥密码<span class="red-fonts">*</span></label>
|
||||
<div class="col-sm-8">
|
||||
<input id="ssh_key_pwd" name="ssh_key_pwd" placeholder="SSH Key Password" type="password" class="form-control" value="{{ user.ssh_key_pwd }}">
|
||||
<span class="help-block m-b-none">
|
||||
登陆 Jumpserver 使用的SSH密钥的密码
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="hr-line-dashed"></div>
|
||||
<div class="form-group">
|
||||
<label for="name" class="col-sm-2 control-label">姓名<span class="red-fonts">*</span></label>
|
||||
<div class="col-sm-8">
|
||||
<input id="name" name="name" placeholder="Name" type="text" class="form-control" value="{{ user.name }}">
|
||||
</div>
|
||||
</div>
|
||||
<div class="hr-line-dashed"></div>
|
||||
<div class="form-group">
|
||||
<label for="dept_id" class="col-lg-2 control-label">部门<span class="red-fonts">*</span></label>
|
||||
<div class="col-sm-8">
|
||||
<select id="dept_id" name="dept_id" class="form-control m-b">
|
||||
{% for dept in dept_all %}
|
||||
{% ifequal user.dept.id dept.id %}
|
||||
<option selected value="{{ dept.id }}">{{ dept.name }}</option>
|
||||
{% else %}
|
||||
<option value="{{ dept.id }}">{{ dept.name }}</option>
|
||||
{% endifequal %}
|
||||
{% endfor %}
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="hr-line-dashed"></div>
|
||||
<div class="form-group">
|
||||
<label for="groups" class="col-lg-2 control-label">小组</label>
|
||||
<div class="col-sm-8">
|
||||
<select id="groups" name="groups" class="form-control m-b" multiple size="12">
|
||||
{% for group in group_all %}
|
||||
{% if group.id|int2str in groups_str %}
|
||||
<option value="{{ group.id }}" selected>{{ group.name }}</option>
|
||||
{% else %}
|
||||
<option value="{{ group.id }}">{{ group.name }}</option>
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="hr-line-dashed"></div>
|
||||
<div class="form-group">
|
||||
<label for="role" class="col-lg-2 control-label">角色<span class="red-fonts">*</span></label>
|
||||
<div class="col-sm-8">
|
||||
<select id="role" name="role" class="form-control m-b">
|
||||
{% for r, role_name in user_role.items %}
|
||||
{% ifequal r user.role %}
|
||||
<option value="{{ r }}" selected>{{ role_name }}</option>
|
||||
{% else %}
|
||||
<option value="{{ r }}">{{ role_name }}</option>
|
||||
{% endifequal %}
|
||||
{% endfor %}
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
<div class="hr-line-dashed"></div>
|
||||
<div class="form-group">
|
||||
<label for="email" class="col-sm-2 control-label">Email<span class="red-fonts">*</span></label>
|
||||
<div class="col-sm-8">
|
||||
<input id="email" name="email" type="email" placeholder="Email" class="form-control" value="{{ user.email }}" >
|
||||
</div>
|
||||
</div>
|
||||
<div class="hr-line-dashed"></div>
|
||||
<div class="form-group"><label class="col-sm-2 control-label">是否启用</label>
|
||||
<div class="col-sm-8">
|
||||
<div class="radio i-checks">
|
||||
<label>
|
||||
<input type="radio" value="1" name="is_active" {% if user.is_active %} } checked {% endif %}>启用
|
||||
</label>
|
||||
</div>
|
||||
<div class="radio i-checks">
|
||||
<label><input type="radio" value="0" name="is_active" {% if not user.is_active %} checked {% endif %}>禁用 </label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="hr-line-dashed"></div>
|
||||
<div class="form-group">
|
||||
<div class="col-sm-4 col-sm-offset-2">
|
||||
<button class="btn btn-white" type="submit">取消</button>
|
||||
<button id="submit_button" class="btn btn-primary" type="submit">确认保存</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
$('#userForm').validator({
|
||||
timely: 2,
|
||||
theme: "yellow_right_effect",
|
||||
rules: {
|
||||
check_ip: [/^(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])(\.(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])){3}$/, 'ip地址不正确'],
|
||||
check_port: [/^\d{1,5}$/, '端口号不正确'],
|
||||
type_m: function(element){
|
||||
return $("#M").is(":checked");
|
||||
}
|
||||
},
|
||||
fields: {
|
||||
"username": {
|
||||
rule: "required",
|
||||
tip: "输入用户名",
|
||||
ok: "",
|
||||
msg: {required: "必须填写!"}
|
||||
},
|
||||
"password": {
|
||||
rule: "required;length[6~50]",
|
||||
tip: "输入密码",
|
||||
ok: "",
|
||||
msg: {required: "必须填写!"}
|
||||
},
|
||||
"ssh_key_pwd": {
|
||||
rule: "required;length[6~50]",
|
||||
tip: "ssh私钥密码",
|
||||
ok: "",
|
||||
msg: {required: "必须填写"}
|
||||
},
|
||||
"dept_id": {
|
||||
rule: "checked",
|
||||
tip: "选择部门",
|
||||
ok: "",
|
||||
msg: {checked: "至少选择一个部门"}
|
||||
},
|
||||
"name": {
|
||||
rule: "required",
|
||||
tip: "姓名",
|
||||
ok: "",
|
||||
msg: {required: "必须填写"}
|
||||
},
|
||||
"email": {
|
||||
rule: "required",
|
||||
tip: "Email",
|
||||
ok: "",
|
||||
msg: {required: "必须填写"}
|
||||
},
|
||||
"role": {
|
||||
rule: "checked",
|
||||
tip: "角色",
|
||||
ok: "",
|
||||
msg: {required: "选择一个"}
|
||||
}
|
||||
},
|
||||
valid: function(form) {
|
||||
form.submit();
|
||||
}
|
||||
});
|
||||
|
||||
</script>
|
||||
|
||||
|
||||
{% endblock %}
|
||||
|
|
@ -30,8 +30,8 @@
|
|||
|
||||
<div class="ibox-content">
|
||||
<div class="">
|
||||
<a target="_blank" href="/juser/user_add/" class="btn btn-sm btn-primary "> 添加 </a>
|
||||
<a target="_blank" href="/juser/group_add/" class="btn btn-sm btn-danger "> 删除所选 </a>
|
||||
<a target="_blank" href="/juser/user_add/" class="btn btn-sm btn-primary "> 添加用户 </a>
|
||||
<a id="del_btn" class="btn btn-sm btn-danger "> 删除所选 </a>
|
||||
<form id="search_form" method="get" action="" class="pull-right mail-search">
|
||||
<div class="input-group">
|
||||
<input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search">
|
||||
|
|
@ -124,5 +124,23 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
$(document).ready(function(){
|
||||
$(".iframe").colorbox({iframe:true, width:"70%", height:"70%"});
|
||||
var check_array = []
|
||||
$('#del_btn').click(function(){
|
||||
$(".gradeX input:checked").each(function() {check_array.push($(this).attr("value")) })
|
||||
$(".gradeX input:checked").closest("tr").remove()
|
||||
$.post("/juser/user_del_ajax/",
|
||||
{ids: check_array.join(",")},
|
||||
function(data){
|
||||
alert(data)
|
||||
}
|
||||
)
|
||||
})
|
||||
});
|
||||
|
||||
|
||||
</script>
|
||||
|
||||
{% endblock %}
|
||||
|
|
|
|||
Loading…
Reference in New Issue