github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

基本完成用户管理

pull/6/head
guanghongwei 2015-03-05 00:20:24 +08:00
parent d32026013f
commit 8bc40dbea1
8 changed files with 320 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -39,3 +39,4 @@ nosetests.xml
node_modules node_modules
logs logs
keys keys
jumpserver.conf

10
jumpserver.conf
View File

@ -8,11 +8,11 @@ password = mysql234
database = jumpserver database = jumpserver
[ldap] [ldap]
ldap_enable = 0 ldap_enable = 1
host_url = ldap://192.168.8.60:389 host_url = ldap://127.0.0.1:389
base_dn = dc=fengxing, dc=com base_dn = dc=jumpserver, dc=org
root_dn = cn=admin,dc=fengxing,dc=com root_dn = cn=admin,dc=jumpserver,dc=org
root_pw = 123456 root_pw = secret234
[websocket] [websocket]
web_socket_host = 127.0.0.1:3000 web_socket_host = 127.0.0.1:3000

8
jumpserver/templatetags/mytags.py
View File

@ -27,8 +27,12 @@ def int2str(value):
@register.filter(name='get_role') @register.filter(name='get_role')
def get_role(user_id): def get_role(user_id):
user_role = {'SU': u'超级管理员', 'DA': u'部门管理员', 'CU': u'普通用户'} user_role = {'SU': u'超级管理员', 'DA': u'部门管理员', 'CU': u'普通用户'}
user = User.objects.get(id=user_id) user = User.objects.filter(id=user_id)
return user_role.get(str(user.role)) if user:
user = user[0]
return user_role.get(str(user.role), u"普通用户")
else:
return u"普通用户"
@register.filter(name='groups_str') @register.filter(name='groups_str')

1
juser/urls.py
View File

@ -23,6 +23,7 @@ urlpatterns = patterns('juser.views',
(r'^user_list/$', 'user_list'), (r'^user_list/$', 'user_list'),
(r'^user_detail/$', 'user_detail'), (r'^user_detail/$', 'user_detail'),
(r'^user_del/$', 'user_del'), (r'^user_del/$', 'user_del'),
(r'^user_del_ajax/$', 'user_del_ajax'),
(r'^user_edit/$', 'user_edit'), (r'^user_edit/$', 'user_edit'),
(r'^profile/$', 'profile'), (r'^profile/$', 'profile'),
(r'^chg_pass/$', 'chg_pass'), (r'^chg_pass/$', 'chg_pass'),

138
juser/views.py
View File

@ -111,7 +111,7 @@ def db_update_user(**kwargs):
for group_id in groups_post: for group_id in groups_post:
group = UserGroup.objects.filter(id=group_id) group = UserGroup.objects.filter(id=group_id)
group_select.extend(group) group_select.extend(group)
user.user_group = group_select user.group = group_select
def db_del_user(username): def db_del_user(username):
@ -203,27 +203,6 @@ def ldap_del_user(username):
ldap_conn.delete(sudo_dn) ldap_conn.delete(sudo_dn)
# def ldap_group_add(group_name, username_list, gid):
# group_dn = "cn=%s,ou=Group,%s" % (group_name, LDAP_BASE_DN)
# group_attr = {'objectClass': ['posixGroup', 'top'],
# 'cn': [str(group_name)],
# 'userPassword': ['{crypt}x'],
# 'gidNumber': [gid],
# 'memberUid': username_list}
# ldap_conn.add(group_dn, group_attr)
# def group_add_ajax(request):
# group_type = request.POST.get('type', 'A')
# users_all = User.objects.all()
# if group_type == 'A':
# users = users_all
# else:
# users = [user for user in users_all if not user.user_group.filter(type='M')]
#
# return render_to_response('juser/group_add_ajax.html', locals(), context_instance=RequestContext(request))
def dept_add(request): def dept_add(request):
header_title, path1, path2 = '添加部门', '用户管理', '添加部门' header_title, path1, path2 = '添加部门', '用户管理', '添加部门'
if request.method == 'POST': if request.method == 'POST':
@ -494,11 +473,11 @@ def user_add(request):
groups = request.POST.getlist('groups', []) groups = request.POST.getlist('groups', [])
role_post = request.POST.get('role', 'CU') role_post = request.POST.get('role', 'CU')
ssh_key_pwd = request.POST.get('ssh_key_pwd', '') ssh_key_pwd = request.POST.get('ssh_key_pwd', '')
is_active = request.POST.get('is_active', '1') is_active = True if request.POST.get('is_active', '1') == '1' else False
ldap_pwd = gen_rand_pwd(16) ldap_pwd = gen_rand_pwd(16)
try: try:
if None in [username, password, ssh_key_pwd, name, groups, role_post, is_active]: if '' in [username, password, ssh_key_pwd, name, groups, role_post, is_active]:
error = u'带*内容不能为空' error = u'带*内容不能为空'
raise AddError raise AddError
user = User.objects.filter(username=username) user = User.objects.filter(username=username)
@ -568,76 +547,87 @@ def user_list(request):
def user_detail(request): def user_detail(request):
user_id = request.GET.get('id', None) user_id = request.GET.get('id', '')
if not user_id: if not user_id:
return HttpResponseRedirect('/') return HttpResponseRedirect('/juser/user_list/')
user = User.objects.get(id=user_id) user = User.objects.filter(id=user_id)
if user:
user = user[0]
return render_to_response('juser/user_detail.html', locals(), context_instance=RequestContext(request)) return render_to_response('juser/user_detail.html', locals(), context_instance=RequestContext(request))
def user_del(request): def user_del(request):
user_id = request.GET.get('id', None) user_id = request.GET.get('id', '')
if not user_id: if not user_id:
return HttpResponseRedirect('/') return HttpResponseRedirect('/')
user = User.objects.get(id=user_id) user = User.objects.filter(id=user_id)
user.delete() if user:
group = UserGroup.objects.get(name=user.username) user = user[0]
group.delete() user.delete()
server_del_user(user.username) server_del_user(user.username)
ldap_del_user(user.username) if LDAP_ENABLE:
return HttpResponseRedirect('/juser/user_list/', locals(), context_instance=RequestContext(request)) ldap_del_user(user.username)
return HttpResponseRedirect('/juser/user_list/')
def user_del_ajax(request):
user_ids = request.POST.get('ids')
for user_id in user_ids.split(','):
user = User.objects.filter(id=user_id)
if user:
user = user[0]
user.delete()
server_del_user(user.username)
if LDAP_ENABLE:
ldap_del_user(user.username)
return HttpResponse('删除成功')
def user_edit(request): def user_edit(request):
header_title, path1, path2 = '编辑用户 | Edit User', 'juser', 'user_edit' header_title, path1, path2 = '编辑用户', '用户管理', '用户编辑'
readonly = "readonly"
if request.method == 'GET': if request.method == 'GET':
user_id = request.GET.get('id', None) user_id = request.GET.get('id', '')
if not user_id: if not user_id:
return HttpResponseRedirect('/') return HttpResponseRedirect('/')
user = User.objects.get(id=user_id)
username = user.username user_role = {'SU': u'超级管理员', 'DA': u'部门管理员', 'CU': u'普通用户'}
password = user.password user = User.objects.filter(id=user_id)
ssh_key_pwd = user.ssh_key_pwd dept_all = DEPT.objects.all()
name = user.name group_all = UserGroup.objects.all()
manage_groups = UserGroup.objects.filter(type='M') if user:
auth_groups = UserGroup.objects.filter(type='A') user = user[0]
manage_group_id = user.user_group.get(type='M').id groups_str = ' '.join([str(group.id) for group in user.group.all()])
groups_str = ' '.join([str(group.id) for group in auth_groups])
user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
role_post = user.role
ssh_pwd = user.ssh_pwd
email = user.email
else: else:
username = request.POST.get('username', None) username = request.POST.get('username', '')
password = request.POST.get('password', None) password = request.POST.get('password', '')
name = request.POST.get('name', None) name = request.POST.get('name', '')
email = request.POST.get('email', '') email = request.POST.get('email', '')
manage_group_id = request.POST.get('manage_group', '') dept_id = request.POST.get('dept_id')
auth_groups = request.POST.getlist('groups', None) groups = request.POST.getlist('groups', [])
groups = auth_groups role_post = request.POST.get('role', 'CU')
groups.append(manage_group_id) ssh_key_pwd = request.POST.get('ssh_key_pwd', '')
groups_str = ' '.join(auth_groups) is_active = True if request.POST.get('is_active', '1') == '1' else False
role_post = request.POST.get('role', None)
ssh_pwd = request.POST.get('ssh_pwd', None) user_role = {'SU': u'超级管理员', 'DA': u'部门管理员', 'CU': u'普通用户'}
ssh_key_pwd = request.POST.get('ssh_key_pwd', None) dept = DEPT.objects.filter(id=dept_id)
is_active = request.POST.get('is_active', '1') if dept:
ldap_pwd = gen_rand_pwd(16) dept = dept[0]
all_group = UserGroup.objects.filter(Q(type='M') | Q(type='A')) else:
user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'} dept = DEPT.objects.get(id='1')
if username: if username:
user = User.objects.get(username=username) user = User.objects.filter(username=username)
if user:
user = user[0]
else: else:
return HttpResponseRedirect('/') return HttpResponseRedirect('/juser/user_list/')
if password != user.password: if password != user.password:
password = md5_crypt(password) password = md5_crypt(password)
if ssh_pwd != user.ssh_pwd:
ssh_pwd = CRYPTOR.encrypt(ssh_pwd)
if ssh_key_pwd != user.ssh_key_pwd: if ssh_key_pwd != user.ssh_key_pwd:
ssh_key_pwd = CRYPTOR.encrypt(ssh_key_pwd) ssh_key_pwd = CRYPTOR.encrypt(ssh_key_pwd)
@ -646,14 +636,14 @@ def user_edit(request):
name=name, name=name,
email=email, email=email,
groups=groups, groups=groups,
dept=dept,
role=role_post, role=role_post,
ssh_pwd=ssh_pwd, is_active=is_active,
ssh_key_pwd=ssh_key_pwd) ssh_key_pwd=ssh_key_pwd)
msg = u'修改用户成功'
return HttpResponseRedirect('/juser/user_list/') return HttpResponseRedirect('/juser/user_list/')
return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request)) return render_to_response('juser/user_edit.html', locals(), context_instance=RequestContext(request))
def profile(request): def profile(request):

12
templates/juser/user_detail.html
View File

@ -39,10 +39,16 @@
</tr> </tr>
<tr class="gradeX"> <tr class="gradeX">
<td class="text-center">角色</td> <td class="text-center">角色</td>
<td class="text-center">{{ user.id|get_role }}</td> <td class="text-center">{{ user.id }}</td>
</tr> </tr>
<tr class="gradeX"> <tr class="gradeX">
<td class="text-center">属组</td> <td class="text-center">部门</td>
<td class="text-center">
{{ user.dept.name }}
</td>
</tr>
<tr class="gradeX">
<td class="text-center">小组</td>
<td class="text-center"> <td class="text-center">
{% for group in user.user_group.all %} {% for group in user.user_group.all %}
{{ group.name }} {{ group.name }}
@ -59,7 +65,7 @@
</tr> </tr>
<tr class="gradeX"> <tr class="gradeX">
<td class="text-center">添加时间</td> <td class="text-center">添加时间</td>
<td class="text-center">{{ user.date_joined|stamp2str }}</td> <td class="text-center">{{ user.date_joined }}</td>
</tr> </tr>
<tr class="gradeX"> <tr class="gradeX">
<td class="text-center">最后登录</td> <td class="text-center">最后登录</td>

214
templates/juser/user_edit.html Normal file
View File

@ -0,0 +1,214 @@
{% extends 'base.html' %}
{% load mytags %}
{% block content %}
{% include 'nav_cat_bar.html' %}
<div class="wrapper wrapper-content animated fadeInRight">
<div class="row">
<div class="col-lg-10">
<div class="ibox float-e-margins">
<div class="ibox-title">
<h5>编辑用户信息</h5>
<div class="ibox-tools">
<a class="collapse-link">
<i class="fa fa-chevron-up"></i>
</a>
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
<i class="fa fa-wrench"></i>
</a>
<ul class="dropdown-menu dropdown-user">
<li><a href="#">未启用 1</a>
</li>
<li><a href="#">未启用 2</a>
</li>
</ul>
<a class="close-link">
<i class="fa fa-times"></i>
</a>
</div>
</div>
<div class="ibox-content">
<form method="post" id="userForm" class="form-horizontal" action="">
{% if error %}
<div class="alert alert-warning text-center">{{ error }}</div>
{% endif %}
{% if msg %}
<div class="alert alert-success text-center">{{ msg }}</div>
{% endif %}
<div class="form-group">
<label for="username" class="col-sm-2 control-label">用户名<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="username" name="username" placeholder="Username" type="text" class="form-control" value="{{ user.username }}" readonly>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="password" class="col-sm-2 control-label">密码<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="password" name="password" placeholder="Password" type="password" class="form-control" value="{{ user.password }}">
<span class="help-block m-b-none">
登陆web的密码
</span>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="ssh_key_pwd" class="col-sm-2 control-label">密钥密码<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="ssh_key_pwd" name="ssh_key_pwd" placeholder="SSH Key Password" type="password" class="form-control" value="{{ user.ssh_key_pwd }}">
<span class="help-block m-b-none">
登陆 Jumpserver 使用的SSH密钥的密码
</span>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="name" class="col-sm-2 control-label">姓名<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="name" name="name" placeholder="Name" type="text" class="form-control" value="{{ user.name }}">
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="dept_id" class="col-lg-2 control-label">部门<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<select id="dept_id" name="dept_id" class="form-control m-b">
{% for dept in dept_all %}
{% ifequal user.dept.id dept.id %}
<option selected value="{{ dept.id }}">{{ dept.name }}</option>
{% else %}
<option value="{{ dept.id }}">{{ dept.name }}</option>
{% endifequal %}
{% endfor %}
</select>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="groups" class="col-lg-2 control-label">小组</label>
<div class="col-sm-8">
<select id="groups" name="groups" class="form-control m-b" multiple size="12">
{% for group in group_all %}
{% if group.id|int2str in groups_str %}
<option value="{{ group.id }}" selected>{{ group.name }}</option>
{% else %}
<option value="{{ group.id }}">{{ group.name }}</option>
{% endif %}
{% endfor %}
</select>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="role" class="col-lg-2 control-label">角色<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<select id="role" name="role" class="form-control m-b">
{% for r, role_name in user_role.items %}
{% ifequal r user.role %}
<option value="{{ r }}" selected>{{ role_name }}</option>
{% else %}
<option value="{{ r }}">{{ role_name }}</option>
{% endifequal %}
{% endfor %}
</select>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="email" class="col-sm-2 control-label">Email<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="email" name="email" type="email" placeholder="Email" class="form-control" value="{{ user.email }}" >
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group"><label class="col-sm-2 control-label">是否启用</label>
<div class="col-sm-8">
<div class="radio i-checks">
<label>
<input type="radio" value="1" name="is_active" {% if user.is_active %} } checked {% endif %}>启用
</label>
</div>
<div class="radio i-checks">
<label><input type="radio" value="0" name="is_active" {% if not user.is_active %} checked {% endif %}>禁用 </label>
</div>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<div class="col-sm-4 col-sm-offset-2">
<button class="btn btn-white" type="submit">取消</button>
<button id="submit_button" class="btn btn-primary" type="submit">确认保存</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
<script>
$('#userForm').validator({
timely: 2,
theme: "yellow_right_effect",
rules: {
check_ip: [/^(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])(\.(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])){3}$/, 'ip地址不正确'],
check_port: [/^\d{1,5}$/, '端口号不正确'],
type_m: function(element){
return $("#M").is(":checked");
}
},
fields: {
"username": {
rule: "required",
tip: "输入用户名",
ok: "",
msg: {required: "必须填写!"}
},
"password": {
rule: "required;length[6~50]",
tip: "输入密码",
ok: "",
msg: {required: "必须填写!"}
},
"ssh_key_pwd": {
rule: "required;length[6~50]",
tip: "ssh私钥密码",
ok: "",
msg: {required: "必须填写"}
},
"dept_id": {
rule: "checked",
tip: "选择部门",
ok: "",
msg: {checked: "至少选择一个部门"}
},
"name": {
rule: "required",
tip: "姓名",
ok: "",
msg: {required: "必须填写"}
},
"email": {
rule: "required",
tip: "Email",
ok: "",
msg: {required: "必须填写"}
},
"role": {
rule: "checked",
tip: "角色",
ok: "",
msg: {required: "选择一个"}
}
},
valid: function(form) {
form.submit();
}
});
</script>
{% endblock %}

22
templates/juser/user_list.html
View File

@ -30,8 +30,8 @@
<div class="ibox-content"> <div class="ibox-content">
<div class=""> <div class="">
<a target="_blank" href="/juser/user_add/" class="btn btn-sm btn-primary "> 添加 </a> <a target="_blank" href="/juser/user_add/" class="btn btn-sm btn-primary "> 添加用户 </a>
<a target="_blank" href="/juser/group_add/" class="btn btn-sm btn-danger "> 删除所选 </a> <a id="del_btn" class="btn btn-sm btn-danger "> 删除所选 </a>
<form id="search_form" method="get" action="" class="pull-right mail-search"> <form id="search_form" method="get" action="" class="pull-right mail-search">
<div class="input-group"> <div class="input-group">
<input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search"> <input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search">
@ -124,5 +124,23 @@
</div> </div>
</div> </div>
<script>
$(document).ready(function(){
$(".iframe").colorbox({iframe:true, width:"70%", height:"70%"});
var check_array = []
$('#del_btn').click(function(){
$(".gradeX input:checked").each(function() {check_array.push($(this).attr("value")) })
$(".gradeX input:checked").closest("tr").remove()
$.post("/juser/user_del_ajax/",
{ids: check_array.join(",")},
function(data){
alert(data)
}
)
})
});
</script>
{% endblock %} {% endblock %}