diff --git a/jasset/asset_api.py b/jasset/asset_api.py index 0b5fbcd48..6968efa7b 100644 --- a/jasset/asset_api.py +++ b/jasset/asset_api.py @@ -37,8 +37,15 @@ def db_asset_add(**kwargs): add asset to db 添加主机时数据库操作函数 """ + group_id_list = kwargs.pop('groups') + asset = Asset(**kwargs) + asset.save() - Asset(**kwargs).save() + group_select = [] + for group_id in group_id_list: + group = AssetGroup.objects.filter(id=group_id) + group_select.extend(group) + asset.group = group_select # diff --git a/jasset/urls.py b/jasset/urls.py index 536478c52..a3df6dbec 100644 --- a/jasset/urls.py +++ b/jasset/urls.py @@ -7,6 +7,7 @@ urlpatterns = patterns('', # url(r"^host_add_multi/$", host_add_batch), url(r'^group_add/$', group_add), url(r'^group_list/$', group_list), + url(r'^group_del/$', group_del), url(r'^asset_list/$', asset_list), url(r'^asset_del/$', asset_del), url(r"^asset_detail/$", asset_detail), @@ -19,7 +20,7 @@ urlpatterns = patterns('', # url(r'^group_list/$', group_list), # url(r'^group_detail/$', group_detail), # url(r'^group_del_host/$', group_del_host), - # url(r'^group_del/$', group_del), + # url(r'^host_edit/batch/$', host_edit_batch), # url(r'^host_edit_common/batch/$', host_edit_common_batch), ) \ No newline at end of file diff --git a/jasset/views.py b/jasset/views.py index 6340eea4b..e03b7d04f 100644 --- a/jasset/views.py +++ b/jasset/views.py @@ -57,12 +57,27 @@ def group_list(request): asset_group_list = AssetGroup.objects.all() if keyword: - asset_groups = asset_group_list.filter(Q(name__contains=keyword) | Q(comment__contains=keyword)) + asset_group_list = asset_group_list.filter(Q(name__contains=keyword) | Q(comment__contains=keyword)) asset_group_list, p, asset_groups, page_range, current_page, show_first, show_end = pages(asset_group_list, request) return my_render('jasset/group_list.html', locals(), request) +@require_role('admin') +def group_del(request): + """ + del asset group + 删除主机组 + """ + group_ids = request.GET.get('id', '') + group_id_list = group_ids.split(',') + + for group_id in group_id_list: + AssetGroup.objects.filter(id=group_id).delete() + + return HttpResponse(u'删除成功') + + @require_role('admin') def asset_add(request): """ @@ -70,10 +85,11 @@ def asset_add(request): 添加资产 """ header_title, path1, path2 = u'添加资产', u'资产管理', u'添加资产' + asset_group_all = AssetGroup.objects.all() if request.method == 'POST': ip = request.POST.get('ip') port = request.POST.get('port') - group = request.POST.getlist('group') + groups = request.POST.getlist('groups') use_default_auth = True if request.POST.getlist('use_default_auth', []) else False is_active = True if request.POST.get('is_active') else False comment = request.POST.get('comment') @@ -96,7 +112,7 @@ def asset_add(request): else: db_asset_add( ip=ip, port=port, use_default_auth=use_default_auth, is_active=is_active, comment=comment, - username=username, password=password_encode + groups=groups, username=username, password=password_encode ) msg = u'主机 %s 添加成功' % ip @@ -447,27 +463,7 @@ def asset_detail(request): # # return HttpResponseRedirect('/jasset/group_detail/?id=%s' % group.id) # -# -# @require_admin -# def group_del(request): -# """ 删除主机组 """ -# offset = request.GET.get('id', '') -# if offset == 'multi': -# len_list = request.POST.get("len_list") -# for i in range(int(len_list)): -# key = "id_list[" + str(i) + "]" -# gid = request.POST.get(key) -# if is_group_admin(request) and not validate(request, asset_group=[gid]): -# return httperror(request, '删除失败, 您无权删除!') -# BisGroup.objects.filter(id=gid).delete() -# else: -# gid = int(offset) -# if is_group_admin(request) and not validate(request, asset_group=[gid]): -# return httperror(request, '删除失败, 您无权删除!') -# BisGroup.objects.filter(id=gid).delete() -# return HttpResponseRedirect('/jasset/group_list/') -# -# + # @require_admin # def dept_host_ajax(request): # """ 添加主机组时, 部门联动主机异步 """ diff --git a/jperm/models.py b/jperm/models.py index 3aaa7138a..167ae0485 100644 --- a/jperm/models.py +++ b/jperm/models.py @@ -1,52 +1,60 @@ import datetime -from uuidfield import UUIDField - from django.db import models -from juser.models import UserGroup +from juser.models import User, UserGroup from jasset.models import Asset, AssetGroup -class Perm(models.Model): +class UserPerm(models.Model): + user = models.ForeignKey(User) + asset = models.ForeignKey(Asset, null=True) + asset_group = models.ForeignKey(AssetGroup, null=True) + + def __unicode__(self): + return self.user.name + + +class GroupPerm(models.Model): user_group = models.ForeignKey(UserGroup) - asset_group = models.ForeignKey(AssetGroup) + asset = models.ForeignKey(Asset, null=True) + asset_group = models.ForeignKey(AssetGroup, null=True) def __unicode__(self): - return '%s_%s' % (self.user_group.name, self.asset_group.name) + return self.user.name -class CmdGroup(models.Model): - name = models.CharField(max_length=50, unique=True) - cmd = models.CharField(max_length=999) - comment = models.CharField(blank=True, null=True, max_length=50) - - def __unicode__(self): - return self.name - - -class SudoPerm(models.Model): - user_group = models.ForeignKey(UserGroup) - user_runas = models.CharField(max_length=100) - asset_group = models.ManyToManyField(AssetGroup) - cmd_group = models.ManyToManyField(CmdGroup) - comment = models.CharField(max_length=30, null=True, blank=True) - - def __unicode__(self): - return self.user_group.name - - -class Apply(models.Model): - uuid = UUIDField(auto=True) - applyer = models.CharField(max_length=20) - admin = models.CharField(max_length=20) - approver = models.CharField(max_length=20) - bisgroup = models.CharField(max_length=500) - asset = models.CharField(max_length=500) - comment = models.TextField(blank=True, null=True) - status = models.IntegerField(max_length=2) - date_add = models.DateTimeField(null=True) - date_end = models.DateTimeField(null=True) - read = models.IntegerField(max_length=2) - - def __unicode__(self): - return self.applyer +# class CmdGroup(models.Model): +# name = models.CharField(max_length=50, unique=True) +# cmd = models.CharField(max_length=999) +# comment = models.CharField(blank=True, null=True, max_length=50) +# +# def __unicode__(self): +# return self.name +# +# +# class SudoPerm(models.Model): +# user_group = models.ForeignKey(UserGroup) +# user_runas = models.CharField(max_length=100) +# asset_group = models.ManyToManyField(AssetGroup) +# cmd_group = models.ManyToManyField(CmdGroup) +# comment = models.CharField(max_length=30, null=True, blank=True) +# +# def __unicode__(self): +# return self.user_group.name +# +# +# class Apply(models.Model): +# uuid = UUIDField(auto=True) +# applyer = models.CharField(max_length=20) +# admin = models.CharField(max_length=20) +# approver = models.CharField(max_length=20) +# bisgroup = models.CharField(max_length=500) +# asset = models.CharField(max_length=500) +# comment = models.TextField(blank=True, null=True) +# status = models.IntegerField(max_length=2) +# date_add = models.DateTimeField(null=True) +# date_end = models.DateTimeField(null=True) +# read = models.IntegerField(max_length=2) +# +# def __unicode__(self): +# return self.applyer diff --git a/jperm/urls.py b/jperm/urls.py index 41a7b26ed..c4f398c66 100644 --- a/jperm/urls.py +++ b/jperm/urls.py @@ -3,31 +3,29 @@ from jperm.views import * urlpatterns = patterns('jperm.views', # Examples: - # url(r'^$', 'jumpserver.views.home', name='home'), - # url(r'^blog/', include('blog.urls')), + (r'^user/$', user_perm), + # (r'^dept_perm_edit/$', 'dept_perm_edit'), + # (r'^perm_list/$', view_splitter, {'su': perm_list, 'adm': perm_list_adm}), + # (r'^dept_perm_list/$', 'dept_perm_list'), + # (r'^perm_user_detail/$', 'perm_user_detail'), + # (r'^perm_detail/$', 'perm_detail'), + # (r'^perm_del/$', 'perm_del'), + # (r'^perm_asset_detail/$', 'perm_asset_detail'), + # (r'^sudo_list/$', view_splitter, {'su': sudo_list, 'adm': sudo_list_adm}), + # (r'^sudo_del/$', 'sudo_del'), + # (r'^sudo_edit/$', view_splitter, {'su': sudo_edit, 'adm': sudo_edit_adm}), + # (r'^sudo_refresh/$', 'sudo_refresh'), + # (r'^sudo_detail/$', 'sudo_detail'), + # (r'^cmd_add/$', view_splitter, {'su': cmd_add, 'adm': cmd_add_adm}), + # (r'^cmd_list/$', 'cmd_list'), + # (r'^cmd_del/$', 'cmd_del'), + # (r'^cmd_edit/$', 'cmd_edit'), + # (r'^cmd_detail/$', 'cmd_detail'), + # (r'^apply/$', 'perm_apply'), + # (r'^apply_show/(\w+)/$', 'perm_apply_log'), + # (r'^apply_exec/$', 'perm_apply_exec'), + # (r'^apply_info/$', 'perm_apply_info'), + # (r'^apply_del/$', 'perm_apply_del'), + # (r'^apply_search/$', 'perm_apply_search'), - (r'^perm_edit/$', view_splitter, {'su': perm_edit, 'adm': perm_edit_adm}), - (r'^dept_perm_edit/$', 'dept_perm_edit'), - (r'^perm_list/$', view_splitter, {'su': perm_list, 'adm': perm_list_adm}), - (r'^dept_perm_list/$', 'dept_perm_list'), - (r'^perm_user_detail/$', 'perm_user_detail'), - (r'^perm_detail/$', 'perm_detail'), - (r'^perm_del/$', 'perm_del'), - (r'^perm_asset_detail/$', 'perm_asset_detail'), - (r'^sudo_list/$', view_splitter, {'su': sudo_list, 'adm': sudo_list_adm}), - (r'^sudo_del/$', 'sudo_del'), - (r'^sudo_edit/$', view_splitter, {'su': sudo_edit, 'adm': sudo_edit_adm}), - (r'^sudo_refresh/$', 'sudo_refresh'), - (r'^sudo_detail/$', 'sudo_detail'), - (r'^cmd_add/$', view_splitter, {'su': cmd_add, 'adm': cmd_add_adm}), - (r'^cmd_list/$', 'cmd_list'), - (r'^cmd_del/$', 'cmd_del'), - (r'^cmd_edit/$', 'cmd_edit'), - (r'^cmd_detail/$', 'cmd_detail'), - (r'^apply/$', 'perm_apply'), - (r'^apply_show/(\w+)/$', 'perm_apply_log'), - (r'^apply_exec/$', 'perm_apply_exec'), - (r'^apply_info/$', 'perm_apply_info'), - (r'^apply_del/$', 'perm_apply_del'), - (r'^apply_search/$', 'perm_apply_search'), ) diff --git a/jperm/views.py b/jperm/views.py index 0fd0d4720..8213506c1 100644 --- a/jperm/views.py +++ b/jperm/views.py @@ -1,813 +1,817 @@ -# coding: utf-8 -import sys - -reload(sys) -sys.setdefaultencoding('utf8') - -from django.shortcuts import render_to_response -from django.template import RequestContext -from jperm.models import Perm, SudoPerm, CmdGroup, Apply +# # coding: utf-8 +# import sys +# +# reload(sys) +# sys.setdefaultencoding('utf8') +# +# from django.shortcuts import render_to_response +# from django.template import RequestContext +# from jperm.models import Perm, SudoPerm, CmdGroup, Apply from django.db.models import Q from jumpserver.api import * -def asset_cmd_groups_get(asset_groups_select='', cmd_groups_select=''): - asset_groups_select_list = [] - cmd_groups_select_list = [] - - for asset_group_id in asset_groups_select: - asset_groups_select_list.extend(BisGroup.objects.filter(id=asset_group_id)) - - for cmd_group_id in cmd_groups_select: - cmd_groups_select_list.extend(CmdGroup.objects.filter(id=cmd_group_id)) - - return asset_groups_select_list, cmd_groups_select_list +def user_perm(request): + return my_render('jperm/perm_add.html', locals(), request) -@require_admin -def perm_add(request): - header_title, path1, path2 = u'主机授权添加', u'授权管理', u'授权添加' - - if request.method == 'GET': - user_groups = UserGroup.objects.filter(id__gt=2) - asset_groups = BisGroup.objects.all() - - else: - name = request.POST.get('name', '') - user_groups_select = request.POST.getlist('user_groups_select') - asset_groups_select = request.POST.getlist('asset_groups_select') - comment = request.POST.get('comment', '') - - user_groups, asset_groups = user_asset_cmd_groups_get(user_groups_select, asset_groups_select, '')[0:2] - - perm = Perm(name=name, comment=comment) - perm.save() - - perm.user_group = user_groups - perm.asset_group = asset_groups - msg = '添加成功' - return render_to_response('jperm/perm_add.html', locals(), context_instance=RequestContext(request)) - - -def dept_add_asset(dept_id, asset_list): - dept = DEPT.objects.filter(id=dept_id) - if dept: - dept = dept[0] - new_perm_asset = [] - for asset_id in asset_list: - asset = Asset.objects.filter(id=asset_id) - new_perm_asset.extend(asset) - - dept.asset_set.clear() - dept.asset_set = new_perm_asset - - -@require_super_user -def dept_perm_edit(request): - header_title, path1, path2 = u'部门授权添加', u'授权管理', u'部门授权添加' - if request.method == 'GET': - dept_id = request.GET.get('id', '') - dept = DEPT.objects.filter(id=dept_id) - if dept: - dept = dept[0] - asset_all = Asset.objects.all() - asset_select = dept.asset_set.all() - assets = [asset for asset in asset_all if asset not in asset_select] - else: - dept_id = request.POST.get('dept_id') - asset_select = request.POST.getlist('asset_select') - dept_add_asset(dept_id, asset_select) - return HttpResponseRedirect('/jperm/dept_perm_list/') - return render_to_response('jperm/dept_perm_edit.html', locals(), context_instance=RequestContext(request)) - - -@require_super_user -def perm_list(request): - header_title, path1, path2 = u'小组授权', u'授权管理', u'授权详情' - keyword = request.GET.get('search', '') - uid = request.GET.get('uid', '') - agid = request.GET.get('agid', '') - if keyword: - contact_list = UserGroup.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)) - else: - contact_list = UserGroup.objects.all().order_by('name') - - if uid: - user = User.objects.filter(id=uid) - print user - if user: - user = user[0] - contact_list = contact_list.filter(user=user) - - if agid: - contact_list_confirm = [] - asset_group = BisGroup.objects.filter(id=agid) - if asset_group: - asset_group = asset_group[0] - for user_group in contact_list: - if asset_group in user_group_perm_asset_group_api(user_group): - contact_list_confirm.append(user_group) - contact_list = contact_list_confirm - - contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) - return render_to_response('jperm/perm_list.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def perm_list_adm(request): - header_title, path1, path2 = u'小组授权', u'授权管理', u'授权详情' - keyword = request.GET.get('search', '') - uid = request.GET.get('uid', '') - agid = request.GET.get('agid', '') - user, dept = get_session_user_dept(request) - contact_list = dept.usergroup_set.all().order_by('name') - if keyword: - contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)) - - if uid: - user = User.objects.filter(id=uid) - print user - if user: - user = user[0] - contact_list = contact_list.filter(user=user) - - if agid: - contact_list_confirm = [] - asset_group = BisGroup.objects.filter(id=agid) - if asset_group: - asset_group = asset_group[0] - for user_group in contact_list: - if asset_group in user_group_perm_asset_group_api(user_group): - contact_list_confirm.append(user_group) - contact_list = contact_list_confirm - - contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) - return render_to_response('jperm/perm_list.html', locals(), context_instance=RequestContext(request)) - - -@require_super_user -def dept_perm_list(request): - header_title, path1, path2 = '查看部门', '授权管理', '部门授权' - keyword = request.GET.get('search') - if keyword: - contact_list = DEPT.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)).order_by('name') - else: - contact_list = DEPT.objects.filter(id__gt=2) - - contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) - - return render_to_response('jperm/dept_perm_list.html', locals(), context_instance=RequestContext(request)) - - -def perm_group_update(user_group_id, asset_groups_id_list): - user_group = UserGroup.objects.filter(id=user_group_id) - if user_group: - user_group = user_group[0] - old_asset_group = [perm.asset_group for perm in user_group.perm_set.all()] - new_asset_group = [] - - for asset_group_id in asset_groups_id_list: - new_asset_group.extend(BisGroup.objects.filter(id=asset_group_id)) - - del_asset_group = [asset_group for asset_group in old_asset_group if asset_group not in new_asset_group] - add_asset_group = [asset_group for asset_group in new_asset_group if asset_group not in old_asset_group] - - for asset_group in del_asset_group: - Perm.objects.filter(user_group=user_group, asset_group=asset_group).delete() - - for asset_group in add_asset_group: - Perm(user_group=user_group, asset_group=asset_group).save() - - -@require_super_user -def perm_edit(request): - if request.method == 'GET': - header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权编辑' - user_group_id = request.GET.get('id', '') - user_group = UserGroup.objects.filter(id=user_group_id) - if user_group: - user_group = user_group[0] - asset_groups_all = BisGroup.objects.all() - asset_groups_select = [perm.asset_group for perm in user_group.perm_set.all()] - asset_groups = [asset_group for asset_group in asset_groups_all if asset_group not in asset_groups_select] - else: - user_group_id = request.POST.get('user_group_id') - asset_group_id_list = request.POST.getlist('asset_groups_select') - perm_group_update(user_group_id, asset_group_id_list) - - return HttpResponseRedirect('/jperm/perm_list/') - return render_to_response('jperm/perm_edit.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def perm_edit_adm(request): - if request.method == 'GET': - header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权编辑' - user_group_id = request.GET.get('id', '') - user_group = UserGroup.objects.filter(id=user_group_id) - user, dept = get_session_user_dept(request) - if user_group: - user_group = user_group[0] - asset_groups_all = dept.bisgroup_set.all() - asset_groups_select = [perm.asset_group for perm in user_group.perm_set.all()] - asset_groups = [asset_group for asset_group in asset_groups_all if asset_group not in asset_groups_select] - else: - user_group_id = request.POST.get('user_group_id') - asset_group_id_list = request.POST.getlist('asset_groups_select') - print user_group_id, asset_group_id_list - if not validate(request, user_group=[user_group_id], asset_group=asset_group_id_list): - return HttpResponseRedirect('/') - perm_group_update(user_group_id, asset_group_id_list) - - return HttpResponseRedirect('/jperm/perm_list/') - return render_to_response('jperm/perm_edit.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def perm_detail(request): - header_title, path1, path2 = u'授权管理', u'小组管理', u'授权详情' - group_id = request.GET.get('id') - user_group = UserGroup.objects.filter(id=group_id) - if user_group: - user_group = user_group[0] - users = user_group.user_set.all() - group_user_num = len(users) - perms = user_group.perm_set.all() - asset_groups = [perm.asset_group for perm in perms] - return render_to_response('jperm/perm_detail.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def perm_del(request): - perm_id = request.GET.get('id') - perm = Perm.objects.filter(id=perm_id) - if perm: - perm = perm[0] - perm.delete() - return HttpResponseRedirect('/jperm/perm_list/') - - -@require_admin -def perm_asset_detail(request): - header_title, path1, path2 = u'用户授权主机', u'权限管理', u'用户主机详情' - user_id = request.GET.get('id') - user = User.objects.filter(id=user_id) - if user: - user = user[0] - assets_list = user_perm_asset_api(user.username) - return render_to_response('jperm/perm_asset_detail.html', locals(), context_instance=RequestContext(request)) - - -def unicode2str(unicode_list): - return [str(i) for i in unicode_list] - - -# def sudo_ldap_add(user_group, user_runas, asset_groups_select, -# cmd_groups_select): -# if not LDAP_ENABLE: -# return True +# def asset_cmd_groups_get(asset_groups_select='', cmd_groups_select=''): +# asset_groups_select_list = [] +# cmd_groups_select_list = [] # -# assets = [] -# cmds = [] -# user_runas = user_runas.split(',') -# if len(asset_groups_select) == 1 and asset_groups_select[0].name == 'ALL': -# asset_all = True -# else: -# asset_all = False -# for asset_group in asset_groups_select: -# assets.extend(asset_group.asset_set.all()) +# for asset_group_id in asset_groups_select: +# asset_groups_select_list.extend(BisGroup.objects.filter(id=asset_group_id)) +# +# for cmd_group_id in cmd_groups_select: +# cmd_groups_select_list.extend(CmdGroup.objects.filter(id=cmd_group_id)) +# +# return asset_groups_select_list, cmd_groups_select_list +# +# +# @require_admin +# def perm_add(request): +# header_title, path1, path2 = u'主机授权添加', u'授权管理', u'授权添加' +# +# if request.method == 'GET': +# user_groups = UserGroup.objects.filter(id__gt=2) +# asset_groups = BisGroup.objects.all() # -# if user_group.name == 'ALL': -# user_all = True -# users = [] # else: -# user_all = False +# name = request.POST.get('name', '') +# user_groups_select = request.POST.getlist('user_groups_select') +# asset_groups_select = request.POST.getlist('asset_groups_select') +# comment = request.POST.get('comment', '') +# +# user_groups, asset_groups = user_asset_cmd_groups_get(user_groups_select, asset_groups_select, '')[0:2] +# +# perm = Perm(name=name, comment=comment) +# perm.save() +# +# perm.user_group = user_groups +# perm.asset_group = asset_groups +# msg = '添加成功' +# return render_to_response('jperm/perm_add.html', locals(), context_instance=RequestContext(request)) +# +# +# def dept_add_asset(dept_id, asset_list): +# dept = DEPT.objects.filter(id=dept_id) +# if dept: +# dept = dept[0] +# new_perm_asset = [] +# for asset_id in asset_list: +# asset = Asset.objects.filter(id=asset_id) +# new_perm_asset.extend(asset) +# +# dept.asset_set.clear() +# dept.asset_set = new_perm_asset +# +# +# @require_super_user +# def dept_perm_edit(request): +# header_title, path1, path2 = u'部门授权添加', u'授权管理', u'部门授权添加' +# if request.method == 'GET': +# dept_id = request.GET.get('id', '') +# dept = DEPT.objects.filter(id=dept_id) +# if dept: +# dept = dept[0] +# asset_all = Asset.objects.all() +# asset_select = dept.asset_set.all() +# assets = [asset for asset in asset_all if asset not in asset_select] +# else: +# dept_id = request.POST.get('dept_id') +# asset_select = request.POST.getlist('asset_select') +# dept_add_asset(dept_id, asset_select) +# return HttpResponseRedirect('/jperm/dept_perm_list/') +# return render_to_response('jperm/dept_perm_edit.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_super_user +# def perm_list(request): +# header_title, path1, path2 = u'小组授权', u'授权管理', u'授权详情' +# keyword = request.GET.get('search', '') +# uid = request.GET.get('uid', '') +# agid = request.GET.get('agid', '') +# if keyword: +# contact_list = UserGroup.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)) +# else: +# contact_list = UserGroup.objects.all().order_by('name') +# +# if uid: +# user = User.objects.filter(id=uid) +# print user +# if user: +# user = user[0] +# contact_list = contact_list.filter(user=user) +# +# if agid: +# contact_list_confirm = [] +# asset_group = BisGroup.objects.filter(id=agid) +# if asset_group: +# asset_group = asset_group[0] +# for user_group in contact_list: +# if asset_group in user_group_perm_asset_group_api(user_group): +# contact_list_confirm.append(user_group) +# contact_list = contact_list_confirm +# +# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) +# return render_to_response('jperm/perm_list.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def perm_list_adm(request): +# header_title, path1, path2 = u'小组授权', u'授权管理', u'授权详情' +# keyword = request.GET.get('search', '') +# uid = request.GET.get('uid', '') +# agid = request.GET.get('agid', '') +# user, dept = get_session_user_dept(request) +# contact_list = dept.usergroup_set.all().order_by('name') +# if keyword: +# contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)) +# +# if uid: +# user = User.objects.filter(id=uid) +# print user +# if user: +# user = user[0] +# contact_list = contact_list.filter(user=user) +# +# if agid: +# contact_list_confirm = [] +# asset_group = BisGroup.objects.filter(id=agid) +# if asset_group: +# asset_group = asset_group[0] +# for user_group in contact_list: +# if asset_group in user_group_perm_asset_group_api(user_group): +# contact_list_confirm.append(user_group) +# contact_list = contact_list_confirm +# +# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) +# return render_to_response('jperm/perm_list.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_super_user +# def dept_perm_list(request): +# header_title, path1, path2 = '查看部门', '授权管理', '部门授权' +# keyword = request.GET.get('search') +# if keyword: +# contact_list = DEPT.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)).order_by('name') +# else: +# contact_list = DEPT.objects.filter(id__gt=2) +# +# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) +# +# return render_to_response('jperm/dept_perm_list.html', locals(), context_instance=RequestContext(request)) +# +# +# def perm_group_update(user_group_id, asset_groups_id_list): +# user_group = UserGroup.objects.filter(id=user_group_id) +# if user_group: +# user_group = user_group[0] +# old_asset_group = [perm.asset_group for perm in user_group.perm_set.all()] +# new_asset_group = [] +# +# for asset_group_id in asset_groups_id_list: +# new_asset_group.extend(BisGroup.objects.filter(id=asset_group_id)) +# +# del_asset_group = [asset_group for asset_group in old_asset_group if asset_group not in new_asset_group] +# add_asset_group = [asset_group for asset_group in new_asset_group if asset_group not in old_asset_group] +# +# for asset_group in del_asset_group: +# Perm.objects.filter(user_group=user_group, asset_group=asset_group).delete() +# +# for asset_group in add_asset_group: +# Perm(user_group=user_group, asset_group=asset_group).save() +# +# +# @require_super_user +# def perm_edit(request): +# if request.method == 'GET': +# header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权编辑' +# user_group_id = request.GET.get('id', '') +# user_group = UserGroup.objects.filter(id=user_group_id) +# if user_group: +# user_group = user_group[0] +# asset_groups_all = BisGroup.objects.all() +# asset_groups_select = [perm.asset_group for perm in user_group.perm_set.all()] +# asset_groups = [asset_group for asset_group in asset_groups_all if asset_group not in asset_groups_select] +# else: +# user_group_id = request.POST.get('user_group_id') +# asset_group_id_list = request.POST.getlist('asset_groups_select') +# perm_group_update(user_group_id, asset_group_id_list) +# +# return HttpResponseRedirect('/jperm/perm_list/') +# return render_to_response('jperm/perm_edit.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def perm_edit_adm(request): +# if request.method == 'GET': +# header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权编辑' +# user_group_id = request.GET.get('id', '') +# user_group = UserGroup.objects.filter(id=user_group_id) +# user, dept = get_session_user_dept(request) +# if user_group: +# user_group = user_group[0] +# asset_groups_all = dept.bisgroup_set.all() +# asset_groups_select = [perm.asset_group for perm in user_group.perm_set.all()] +# asset_groups = [asset_group for asset_group in asset_groups_all if asset_group not in asset_groups_select] +# else: +# user_group_id = request.POST.get('user_group_id') +# asset_group_id_list = request.POST.getlist('asset_groups_select') +# print user_group_id, asset_group_id_list +# if not validate(request, user_group=[user_group_id], asset_group=asset_group_id_list): +# return HttpResponseRedirect('/') +# perm_group_update(user_group_id, asset_group_id_list) +# +# return HttpResponseRedirect('/jperm/perm_list/') +# return render_to_response('jperm/perm_edit.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def perm_detail(request): +# header_title, path1, path2 = u'授权管理', u'小组管理', u'授权详情' +# group_id = request.GET.get('id') +# user_group = UserGroup.objects.filter(id=group_id) +# if user_group: +# user_group = user_group[0] # users = user_group.user_set.all() +# group_user_num = len(users) +# perms = user_group.perm_set.all() +# asset_groups = [perm.asset_group for perm in perms] +# return render_to_response('jperm/perm_detail.html', locals(), context_instance=RequestContext(request)) # -# for cmd_group in cmd_groups_select: -# cmds.extend(cmd_group.cmd.split(',')) # -# if user_all: -# users_name = ['ALL'] +# @require_admin +# def perm_del(request): +# perm_id = request.GET.get('id') +# perm = Perm.objects.filter(id=perm_id) +# if perm: +# perm = perm[0] +# perm.delete() +# return HttpResponseRedirect('/jperm/perm_list/') +# +# +# @require_admin +# def perm_asset_detail(request): +# header_title, path1, path2 = u'用户授权主机', u'权限管理', u'用户主机详情' +# user_id = request.GET.get('id') +# user = User.objects.filter(id=user_id) +# if user: +# user = user[0] +# assets_list = user_perm_asset_api(user.username) +# return render_to_response('jperm/perm_asset_detail.html', locals(), context_instance=RequestContext(request)) +# +# +# def unicode2str(unicode_list): +# return [str(i) for i in unicode_list] +# +# +# # def sudo_ldap_add(user_group, user_runas, asset_groups_select, +# # cmd_groups_select): +# # if not LDAP_ENABLE: +# # return True +# # +# # assets = [] +# # cmds = [] +# # user_runas = user_runas.split(',') +# # if len(asset_groups_select) == 1 and asset_groups_select[0].name == 'ALL': +# # asset_all = True +# # else: +# # asset_all = False +# # for asset_group in asset_groups_select: +# # assets.extend(asset_group.asset_set.all()) +# # +# # if user_group.name == 'ALL': +# # user_all = True +# # users = [] +# # else: +# # user_all = False +# # users = user_group.user_set.all() +# # +# # for cmd_group in cmd_groups_select: +# # cmds.extend(cmd_group.cmd.split(',')) +# # +# # if user_all: +# # users_name = ['ALL'] +# # else: +# # users_name = list(set([user.username for user in users])) +# # +# # if asset_all: +# # assets_ip = ['ALL'] +# # else: +# # assets_ip = list(set([asset.ip for asset in assets])) +# # +# # name = 'sudo%s' % user_group.id +# # sudo_dn = 'cn=%s,ou=Sudoers,%s' % (name, LDAP_BASE_DN) +# # sudo_attr = {'objectClass': ['top', 'sudoRole'], +# # 'cn': ['%s' % name], +# # 'sudoCommand': unicode2str(cmds), +# # 'sudoHost': unicode2str(assets_ip), +# # 'sudoOption': ['!authenticate'], +# # 'sudoRunAsUser': unicode2str(user_runas), +# # 'sudoUser': unicode2str(users_name)} +# # ldap_conn.delete(sudo_dn) +# # ldap_conn.add(sudo_dn, sudo_attr) +# +# # +# # def sudo_update(user_group, user_runas, asset_groups_select, cmd_groups_select, comment): +# # asset_groups_select_list, cmd_groups_select_list = \ +# # asset_cmd_groups_get(asset_groups_select, cmd_groups_select) +# # sudo_perm = user_group.sudoperm_set.all() +# # if sudo_perm: +# # sudo_perm.update(user_runas=user_runas, comment=comment) +# # sudo_perm = sudo_perm[0] +# # sudo_perm.asset_group = asset_groups_select_list +# # sudo_perm.cmd_group = cmd_groups_select_list +# # else: +# # sudo_perm = SudoPerm(user_group=user_group, user_runas=user_runas, comment=comment) +# # sudo_perm.save() +# # sudo_perm.asset_group = asset_groups_select_list +# # sudo_perm.cmd_group = cmd_groups_select_list +# # +# # sudo_ldap_add(user_group, user_runas, asset_groups_select_list, cmd_groups_select_list) +# +# +# @require_super_user +# def sudo_list(request): +# header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情' +# keyword = request.GET.get('search', '') +# contact_list = UserGroup.objects.all().order_by('name') +# if keyword: +# contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)) +# +# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) +# return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def sudo_list_adm(request): +# header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情' +# keyword = request.GET.get('search', '') +# user, dept = get_session_user_dept(request) +# contact_list = dept.usergroup_set.all().order_by('name') +# if keyword: +# contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)) +# +# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) +# return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_super_user +# def sudo_edit(request): +# header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo授权' +# +# if request.method == 'GET': +# user_group_id = request.GET.get('id', '0') +# user_group = UserGroup.objects.filter(id=user_group_id) +# asset_group_all = BisGroup.objects.filter() +# cmd_group_all = CmdGroup.objects.all() +# if user_group: +# user_group = user_group[0] +# sudo_perm = user_group.sudoperm_set.all() +# if sudo_perm: +# sudo_perm = sudo_perm[0] +# asset_group_permed = sudo_perm.asset_group.all() +# cmd_group_permed = sudo_perm.cmd_group.all() +# user_runas = sudo_perm.user_runas +# comment = sudo_perm.comment +# else: +# asset_group_permed = [] +# cmd_group_permed = [] +# +# asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed] +# cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed] +# # else: -# users_name = list(set([user.username for user in users])) +# user_group_id = request.POST.get('user_group_id', '') +# users_runas = request.POST.get('runas') if request.POST.get('runas') else 'root' +# asset_groups_select = request.POST.getlist('asset_groups_select') +# cmd_groups_select = request.POST.getlist('cmd_groups_select') +# comment = request.POST.get('comment', '') +# user_group = UserGroup.objects.filter(id=user_group_id) +# if user_group: +# user_group = user_group[0] +# if LDAP_ENABLE: +# sudo_update(user_group, users_runas, asset_groups_select, cmd_groups_select, comment) +# msg = '修改成功' +# +# return HttpResponseRedirect('/jperm/sudo_list/') +# +# return render_to_response('jperm/sudo_edit.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def sudo_edit_adm(request): +# header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo授权' +# user, dept = get_session_user_dept(request) +# if request.method == 'GET': +# user_group_id = request.GET.get('id', '0') +# if not validate(request, user_group=[user_group_id]): +# return render_to_response('/jperm/sudo_list/') +# user_group = UserGroup.objects.filter(id=user_group_id) +# asset_group_all = dept.bisgroup_set.all() +# cmd_group_all = dept.cmdgroup_set.all() +# if user_group: +# user_group = user_group[0] +# sudo_perm = user_group.sudoperm_set.all() +# if sudo_perm: +# sudo_perm = sudo_perm[0] +# asset_group_permed = sudo_perm.asset_group.all() +# cmd_group_permed = sudo_perm.cmd_group.all() +# user_runas = sudo_perm.user_runas +# comment = sudo_perm.comment +# else: +# asset_group_permed = [] +# cmd_group_permed = [] +# +# asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed] +# cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed] # -# if asset_all: -# assets_ip = ['ALL'] # else: -# assets_ip = list(set([asset.ip for asset in assets])) +# user_group_id = request.POST.get('user_group_id', '') +# users_runas = request.POST.get('runas', 'root') +# asset_groups_select = request.POST.getlist('asset_groups_select') +# cmd_groups_select = request.POST.getlist('cmd_groups_select') +# comment = request.POST.get('comment', '') +# user_group = UserGroup.objects.filter(id=user_group_id) +# if not validate(request, user_group=[user_group_id], asset_group=asset_groups_select): +# return render_to_response('/jperm/sudo_list/') +# if user_group: +# user_group = user_group[0] +# if LDAP_ENABLE: +# sudo_update(user_group, users_runas, asset_groups_select, cmd_groups_select, comment) +# msg = '修改成功' # -# name = 'sudo%s' % user_group.id -# sudo_dn = 'cn=%s,ou=Sudoers,%s' % (name, LDAP_BASE_DN) -# sudo_attr = {'objectClass': ['top', 'sudoRole'], -# 'cn': ['%s' % name], -# 'sudoCommand': unicode2str(cmds), -# 'sudoHost': unicode2str(assets_ip), -# 'sudoOption': ['!authenticate'], -# 'sudoRunAsUser': unicode2str(user_runas), -# 'sudoUser': unicode2str(users_name)} -# ldap_conn.delete(sudo_dn) -# ldap_conn.add(sudo_dn, sudo_attr) - +# return HttpResponseRedirect('/jperm/sudo_list/') +# return render_to_response('jperm/sudo_edit.html', locals(), context_instance=RequestContext(request)) # -# def sudo_update(user_group, user_runas, asset_groups_select, cmd_groups_select, comment): -# asset_groups_select_list, cmd_groups_select_list = \ -# asset_cmd_groups_get(asset_groups_select, cmd_groups_select) -# sudo_perm = user_group.sudoperm_set.all() -# if sudo_perm: -# sudo_perm.update(user_runas=user_runas, comment=comment) -# sudo_perm = sudo_perm[0] -# sudo_perm.asset_group = asset_groups_select_list -# sudo_perm.cmd_group = cmd_groups_select_list +# +# @require_admin +# def sudo_detail(request): +# header_title, path1, path2 = u'Sudo授权详情', u'授权管理', u'授权详情' +# user_group_id = request.GET.get('id') +# user_group = UserGroup.objects.filter(id=user_group_id) +# if user_group: +# asset_groups = [] +# cmd_groups = [] +# user_group = user_group[0] +# users = user_group.user_set.all() +# group_user_num = len(users) +# +# for perm in user_group.sudoperm_set.all(): +# asset_groups.extend(perm.asset_group.all()) +# cmd_groups.extend(perm.cmd_group.all()) +# +# print asset_groups +# return render_to_response('jperm/sudo_detail.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def sudo_refresh(request): +# sudo_perm_all = SudoPerm.objects.all() +# for sudo_perm in sudo_perm_all: +# user_group = sudo_perm.user_group +# user_runas = sudo_perm.user_runas +# asset_groups_select = sudo_perm.asset_group.all() +# cmd_groups_select = sudo_perm.cmd_group.all() +# sudo_ldap_add(user_group, user_runas, asset_groups_select, cmd_groups_select) +# return HttpResponse('刷新sudo授权成功') +# +# +# @require_super_user +# def cmd_add(request): +# header_title, path1, path2 = u'sudo命令添加', u'授权管理', u'命令组添加' +# dept_all = DEPT.objects.all() +# +# if request.method == 'POST': +# name = request.POST.get('name') +# dept_id = request.POST.get('dept_id') +# cmd = ','.join(request.POST.get('cmd').split('\n')) +# comment = request.POST.get('comment') +# dept = DEPT.objects.filter(id=dept_id) +# +# try: +# if CmdGroup.objects.filter(name=name): +# error = '%s 命令组已存在' +# raise ServerError(error) +# +# if not dept: +# error = u"部门不能为空" +# raise ServerError(error) +# except ServerError, e: +# pass +# else: +# dept = dept[0] +# CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment) +# msg = u'命令组添加成功' +# return HttpResponseRedirect('/jperm/cmd_list/') +# +# return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def cmd_add_adm(request): +# header_title, path1, path2 = u'sudo命令添加', u'授权管理', u'命令组添加' +# user, dept = get_session_user_dept(request) +# +# if request.method == 'POST': +# name = request.POST.get('name') +# cmd = ','.join(request.POST.get('cmd').split('\n')) +# comment = request.POST.get('comment') +# +# try: +# if CmdGroup.objects.filter(name=name): +# error = '%s 命令组已存在' +# raise ServerError(error) +# except ServerError, e: +# pass +# else: +# CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment) +# return HttpResponseRedirect('/jperm/cmd_list/') +# +# return HttpResponseRedirect('/jperm/cmd_list/') +# +# return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def cmd_edit(request): +# header_title, path1, path2 = u'sudo命令修改', u'授权管理管理', u'命令组修改' +# +# cmd_group_id = request.GET.get('id') +# cmd_group = CmdGroup.objects.filter(id=cmd_group_id) +# dept_all = DEPT.objects.all() +# +# if cmd_group: +# cmd_group = cmd_group[0] +# cmd_group_id = cmd_group.id +# dept_id = cmd_group.dept.id +# name = cmd_group.name +# cmd = '\n'.join(cmd_group.cmd.split(',')) +# comment = cmd_group.comment +# +# if request.method == 'POST': +# cmd_group_id = request.POST.get('cmd_group_id') +# name = request.POST.get('name') +# dept_id = request.POST.get('dept_id') +# cmd = ','.join(request.POST.get('cmd').split()) +# comment = request.POST.get('comment') +# cmd_group = CmdGroup.objects.filter(id=cmd_group_id) +# +# dept = DEPT.objects.filter(id=dept_id) +# try: +# if not dept: +# error = '没有该部门' +# raise ServerError(error) +# +# if not cmd_group: +# error = '没有该命令组' +# except ServerError, e: +# pass +# else: +# cmd_group.update(name=name, cmd=cmd, dept=dept[0], comment=comment) +# return HttpResponseRedirect('/jperm/cmd_list/') +# return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def cmd_list(request): +# header_title, path1, path2 = u'sudo命令查看', u'权限管理', u'Sudo命令添加' +# +# if is_super_user(request): +# cmd_groups = contact_list = CmdGroup.objects.all() # else: -# sudo_perm = SudoPerm(user_group=user_group, user_runas=user_runas, comment=comment) -# sudo_perm.save() -# sudo_perm.asset_group = asset_groups_select_list -# sudo_perm.cmd_group = cmd_groups_select_list +# user, dept = get_session_user_dept(request) +# cmd_groups = contact_list = dept.cmdgroup_set.all() +# p = paginator = Paginator(contact_list, 10) +# +# try: +# page = int(request.GET.get('page', '1')) +# except ValueError: +# page = 1 +# +# try: +# contacts = paginator.page(page) +# except (EmptyPage, InvalidPage): +# contacts = paginator.page(paginator.num_pages) +# return render_to_response('jperm/sudo_cmd_list.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def cmd_del(request): +# cmd_group_id = request.GET.get('id') +# cmd_group = CmdGroup.objects.filter(id=cmd_group_id) +# +# if cmd_group: +# cmd_group[0].delete() +# return HttpResponseRedirect('/jperm/cmd_list/') +# +# +# @require_admin +# def cmd_detail(request): +# cmd_ids = request.GET.get('id').split(',') +# cmds = [] +# if len(cmd_ids) == 1: +# if cmd_ids[0]: +# cmd_id = cmd_ids[0] +# else: +# cmd_id = 1 +# cmd_group = CmdGroup.objects.filter(id=cmd_id) +# if cmd_group: +# cmd_group = cmd_group[0] +# cmds.extend(cmd_group.cmd.split(',')) +# cmd_group_name = cmd_group.name +# else: +# cmd_groups = [] +# for cmd_id in cmd_ids: +# cmd_groups.extend(CmdGroup.objects.filter(id=cmd_id)) +# for cmd_group in cmd_groups: +# cmds.extend(cmd_group.cmd.split(',')) +# +# cmds_str = ', '.join(cmds) +# +# return render_to_response('jperm/sudo_cmd_detail.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_login +# def perm_apply(request): +# """ 权限申请 """ +# header_title, path1, path2 = u'主机权限申请', u'权限管理', u'申请主机' +# user_id, username = get_session_user_info(request)[0:2] +# name = User.objects.get(id=user_id).username +# dept_id, deptname, dept = get_session_user_info(request)[3:6] +# perm_host = user_perm_asset_api(username) +# all_host = Asset.objects.filter(dept=dept) +# +# perm_group = user_perm_group_api(username) +# all_group = dept.bisgroup_set.all() +# +# posts = [g for g in all_host if g not in perm_host] +# egroup = [d for d in all_group if d not in perm_group] +# +# dept_da = User.objects.filter(dept_id=dept_id, role='DA') +# admin = User.objects.get(name='admin') +# +# if request.method == 'POST': +# applyer = request.POST.get('applyer') +# dept = request.POST.get('dept') +# da = request.POST.get('da') +# group = request.POST.getlist('group') +# hosts = request.POST.getlist('hosts') +# comment = request.POST.get('comment') +# if not da: +# return httperror(request, u'请选择管理员!') +# da = User.objects.get(id=da) +# mail_address = da.email +# mail_title = '%s - 权限申请' % username +# group_lis = ', '.join(group) +# hosts_lis = ', '.join(hosts) +# time_now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S') +# a = Apply.objects.create(applyer=applyer, admin=da, dept=dept, bisgroup=group, date_add=datetime.datetime.now(), +# asset=hosts, status=0, comment=comment, read=0) +# uuid = a.uuid +# url = "http://%s:%s/jperm/apply_exec/?uuid=%s" % (SEND_IP, SEND_PORT, uuid) +# mail_msg = """ +# Hi,%s: +# 有新的权限申请, 详情如下: +# 申请人: %s +# 申请主机组: %s +# 申请的主机: %s +# 申请时间: %s +# 申请说明: %s +# 请及时审批, 审批完成后, 点击以下链接或登录授权管理-权限审批页面点击确认键,告知申请人。 +# +# %s +# """ % (da.username, applyer, group_lis, hosts_lis, time_now, comment, url) +# +# send_mail(mail_title, mail_msg, MAIL_FROM, [mail_address], fail_silently=False) +# smg = "提交成功,已发邮件至 %s 通知部门管理员。" % mail_address +# return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request)) +# return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def perm_apply_exec(request): +# """ 确认权限 """ +# header_title, path1, path2 = u'主机权限申请', u'权限管理', u'审批完成' +# uuid = request.GET.get('uuid') +# user_id = request.session.get('user_id') +# approver = User.objects.get(id=user_id).name +# if uuid: +# p_apply = Apply.objects.filter(uuid=str(uuid)) +# q_apply = Apply.objects.get(uuid=str(uuid)) +# if q_apply.status == 1: +# smg = '此权限已经审批完成, 请勿重复审批, 十秒钟后返回首页' +# return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request)) +# else: +# user = User.objects.get(username=q_apply.applyer) +# mail_address = user.email +# time_now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S') +# p_apply.update(status=1, approver=approver, date_end=time_now) +# mail_title = '%s - 权限审批完成' % q_apply.applyer +# mail_msg = """ +# Hi,%s: +# 您所申请的权限已由 %s 在 %s 审批完成, 请登录验证。 +# """ % (q_apply.applyer, q_apply.approver, time_now) +# send_mail(mail_title, mail_msg, MAIL_FROM, [mail_address], fail_silently=False) +# smg = '授权完成, 已邮件通知申请人, 十秒钟后返回首页' +# return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request)) +# else: +# smg = '没有此授权记录, 十秒钟后返回首页' +# return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request)) +# +# +# def get_apply_posts(request, status, username, dept_name, keyword=None): +# """ 获取申请记录 """ +# post_all = Apply.objects.filter(status=status).order_by('-date_add') +# post_keyword_all = Apply.objects.filter(Q(applyer__contains=keyword) | +# Q(approver__contains=keyword)) \ +# .filter(status=status).order_by('-date_add') +# +# if is_super_user(request): +# if keyword: +# posts = post_keyword_all +# else: +# posts = post_all +# elif is_group_admin(request): +# if keyword: +# posts = post_keyword_all.filter(dept=dept_name) +# else: +# posts = post_all.filter(dept=dept_name) +# elif is_common_user(request): +# if keyword: +# posts = post_keyword_all.filter(applyer=username) +# else: +# posts = post_all.filter(applyer=username) +# +# return posts +# +# +# @require_login +# def perm_apply_log(request, offset): +# """ 申请记录 """ +# header_title, path1, path2 = u'权限申请记录', u'权限管理', u'申请记录' +# keyword = request.GET.get('keyword', '') +# user_id = get_session_user_info(request)[0] +# username = User.objects.get(id=user_id).name +# dept_name = get_session_user_info(request)[4] +# status_dic = {'online': 0, 'offline': 1} +# status = status_dic[offset] +# posts = get_apply_posts(request, status, username, dept_name, keyword) +# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) +# return render_to_response('jperm/perm_log_%s.html' % offset, locals(), context_instance=RequestContext(request)) +# +# +# @require_login +# def perm_apply_info(request): +# """ 申请信息详情 """ +# uuid = request.GET.get('uuid', '') +# post = Apply.objects.filter(uuid=uuid) +# username = get_session_user_info(request)[1] +# if post: +# post = post[0] +# if post.read == 0 and post.applyer != username: +# post.read = 1 +# post.save() +# else: +# return httperror(request, u'没有这个申请记录!') +# +# return render_to_response('jperm/perm_apply_info.html', locals(), context_instance=RequestContext(request)) +# +# +# @require_admin +# def perm_apply_del(request): +# """ 删除日志记录 """ +# uuid = request.GET.get('uuid') +# u_apply = Apply.objects.filter(uuid=uuid) +# if u_apply: +# u_apply.delete() +# return HttpResponseRedirect('/jperm/apply_show/online/') +# +# +# @require_login +# def perm_apply_search(request): +# """ 申请搜索 """ +# keyword = request.GET.get('keyword') +# offset = request.GET.get('env') +# username = get_session_user_info(request)[1] +# dept_name = get_session_user_info(request)[3] +# status_dic = {'online': 0, 'offline': 1} +# status = status_dic[offset] +# posts = get_apply_posts(request, status, username, dept_name, keyword) +# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) +# return render_to_response('jperm/perm_apply_search.html', locals(), context_instance=RequestContext(request)) +# +# +# +# +# +# +# +# +# +# +# +# +# # -# sudo_ldap_add(user_group, user_runas, asset_groups_select_list, cmd_groups_select_list) - - -@require_super_user -def sudo_list(request): - header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情' - keyword = request.GET.get('search', '') - contact_list = UserGroup.objects.all().order_by('name') - if keyword: - contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)) - - contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) - return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def sudo_list_adm(request): - header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情' - keyword = request.GET.get('search', '') - user, dept = get_session_user_dept(request) - contact_list = dept.usergroup_set.all().order_by('name') - if keyword: - contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)) - - contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) - return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request)) - - -@require_super_user -def sudo_edit(request): - header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo授权' - - if request.method == 'GET': - user_group_id = request.GET.get('id', '0') - user_group = UserGroup.objects.filter(id=user_group_id) - asset_group_all = BisGroup.objects.filter() - cmd_group_all = CmdGroup.objects.all() - if user_group: - user_group = user_group[0] - sudo_perm = user_group.sudoperm_set.all() - if sudo_perm: - sudo_perm = sudo_perm[0] - asset_group_permed = sudo_perm.asset_group.all() - cmd_group_permed = sudo_perm.cmd_group.all() - user_runas = sudo_perm.user_runas - comment = sudo_perm.comment - else: - asset_group_permed = [] - cmd_group_permed = [] - - asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed] - cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed] - - else: - user_group_id = request.POST.get('user_group_id', '') - users_runas = request.POST.get('runas') if request.POST.get('runas') else 'root' - asset_groups_select = request.POST.getlist('asset_groups_select') - cmd_groups_select = request.POST.getlist('cmd_groups_select') - comment = request.POST.get('comment', '') - user_group = UserGroup.objects.filter(id=user_group_id) - if user_group: - user_group = user_group[0] - if LDAP_ENABLE: - sudo_update(user_group, users_runas, asset_groups_select, cmd_groups_select, comment) - msg = '修改成功' - - return HttpResponseRedirect('/jperm/sudo_list/') - - return render_to_response('jperm/sudo_edit.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def sudo_edit_adm(request): - header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo授权' - user, dept = get_session_user_dept(request) - if request.method == 'GET': - user_group_id = request.GET.get('id', '0') - if not validate(request, user_group=[user_group_id]): - return render_to_response('/jperm/sudo_list/') - user_group = UserGroup.objects.filter(id=user_group_id) - asset_group_all = dept.bisgroup_set.all() - cmd_group_all = dept.cmdgroup_set.all() - if user_group: - user_group = user_group[0] - sudo_perm = user_group.sudoperm_set.all() - if sudo_perm: - sudo_perm = sudo_perm[0] - asset_group_permed = sudo_perm.asset_group.all() - cmd_group_permed = sudo_perm.cmd_group.all() - user_runas = sudo_perm.user_runas - comment = sudo_perm.comment - else: - asset_group_permed = [] - cmd_group_permed = [] - - asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed] - cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed] - - else: - user_group_id = request.POST.get('user_group_id', '') - users_runas = request.POST.get('runas', 'root') - asset_groups_select = request.POST.getlist('asset_groups_select') - cmd_groups_select = request.POST.getlist('cmd_groups_select') - comment = request.POST.get('comment', '') - user_group = UserGroup.objects.filter(id=user_group_id) - if not validate(request, user_group=[user_group_id], asset_group=asset_groups_select): - return render_to_response('/jperm/sudo_list/') - if user_group: - user_group = user_group[0] - if LDAP_ENABLE: - sudo_update(user_group, users_runas, asset_groups_select, cmd_groups_select, comment) - msg = '修改成功' - - return HttpResponseRedirect('/jperm/sudo_list/') - return render_to_response('jperm/sudo_edit.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def sudo_detail(request): - header_title, path1, path2 = u'Sudo授权详情', u'授权管理', u'授权详情' - user_group_id = request.GET.get('id') - user_group = UserGroup.objects.filter(id=user_group_id) - if user_group: - asset_groups = [] - cmd_groups = [] - user_group = user_group[0] - users = user_group.user_set.all() - group_user_num = len(users) - - for perm in user_group.sudoperm_set.all(): - asset_groups.extend(perm.asset_group.all()) - cmd_groups.extend(perm.cmd_group.all()) - - print asset_groups - return render_to_response('jperm/sudo_detail.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def sudo_refresh(request): - sudo_perm_all = SudoPerm.objects.all() - for sudo_perm in sudo_perm_all: - user_group = sudo_perm.user_group - user_runas = sudo_perm.user_runas - asset_groups_select = sudo_perm.asset_group.all() - cmd_groups_select = sudo_perm.cmd_group.all() - sudo_ldap_add(user_group, user_runas, asset_groups_select, cmd_groups_select) - return HttpResponse('刷新sudo授权成功') - - -@require_super_user -def cmd_add(request): - header_title, path1, path2 = u'sudo命令添加', u'授权管理', u'命令组添加' - dept_all = DEPT.objects.all() - - if request.method == 'POST': - name = request.POST.get('name') - dept_id = request.POST.get('dept_id') - cmd = ','.join(request.POST.get('cmd').split('\n')) - comment = request.POST.get('comment') - dept = DEPT.objects.filter(id=dept_id) - - try: - if CmdGroup.objects.filter(name=name): - error = '%s 命令组已存在' - raise ServerError(error) - - if not dept: - error = u"部门不能为空" - raise ServerError(error) - except ServerError, e: - pass - else: - dept = dept[0] - CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment) - msg = u'命令组添加成功' - return HttpResponseRedirect('/jperm/cmd_list/') - - return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def cmd_add_adm(request): - header_title, path1, path2 = u'sudo命令添加', u'授权管理', u'命令组添加' - user, dept = get_session_user_dept(request) - - if request.method == 'POST': - name = request.POST.get('name') - cmd = ','.join(request.POST.get('cmd').split('\n')) - comment = request.POST.get('comment') - - try: - if CmdGroup.objects.filter(name=name): - error = '%s 命令组已存在' - raise ServerError(error) - except ServerError, e: - pass - else: - CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment) - return HttpResponseRedirect('/jperm/cmd_list/') - - return HttpResponseRedirect('/jperm/cmd_list/') - - return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def cmd_edit(request): - header_title, path1, path2 = u'sudo命令修改', u'授权管理管理', u'命令组修改' - - cmd_group_id = request.GET.get('id') - cmd_group = CmdGroup.objects.filter(id=cmd_group_id) - dept_all = DEPT.objects.all() - - if cmd_group: - cmd_group = cmd_group[0] - cmd_group_id = cmd_group.id - dept_id = cmd_group.dept.id - name = cmd_group.name - cmd = '\n'.join(cmd_group.cmd.split(',')) - comment = cmd_group.comment - - if request.method == 'POST': - cmd_group_id = request.POST.get('cmd_group_id') - name = request.POST.get('name') - dept_id = request.POST.get('dept_id') - cmd = ','.join(request.POST.get('cmd').split()) - comment = request.POST.get('comment') - cmd_group = CmdGroup.objects.filter(id=cmd_group_id) - - dept = DEPT.objects.filter(id=dept_id) - try: - if not dept: - error = '没有该部门' - raise ServerError(error) - - if not cmd_group: - error = '没有该命令组' - except ServerError, e: - pass - else: - cmd_group.update(name=name, cmd=cmd, dept=dept[0], comment=comment) - return HttpResponseRedirect('/jperm/cmd_list/') - return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def cmd_list(request): - header_title, path1, path2 = u'sudo命令查看', u'权限管理', u'Sudo命令添加' - - if is_super_user(request): - cmd_groups = contact_list = CmdGroup.objects.all() - else: - user, dept = get_session_user_dept(request) - cmd_groups = contact_list = dept.cmdgroup_set.all() - p = paginator = Paginator(contact_list, 10) - - try: - page = int(request.GET.get('page', '1')) - except ValueError: - page = 1 - - try: - contacts = paginator.page(page) - except (EmptyPage, InvalidPage): - contacts = paginator.page(paginator.num_pages) - return render_to_response('jperm/sudo_cmd_list.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def cmd_del(request): - cmd_group_id = request.GET.get('id') - cmd_group = CmdGroup.objects.filter(id=cmd_group_id) - - if cmd_group: - cmd_group[0].delete() - return HttpResponseRedirect('/jperm/cmd_list/') - - -@require_admin -def cmd_detail(request): - cmd_ids = request.GET.get('id').split(',') - cmds = [] - if len(cmd_ids) == 1: - if cmd_ids[0]: - cmd_id = cmd_ids[0] - else: - cmd_id = 1 - cmd_group = CmdGroup.objects.filter(id=cmd_id) - if cmd_group: - cmd_group = cmd_group[0] - cmds.extend(cmd_group.cmd.split(',')) - cmd_group_name = cmd_group.name - else: - cmd_groups = [] - for cmd_id in cmd_ids: - cmd_groups.extend(CmdGroup.objects.filter(id=cmd_id)) - for cmd_group in cmd_groups: - cmds.extend(cmd_group.cmd.split(',')) - - cmds_str = ', '.join(cmds) - - return render_to_response('jperm/sudo_cmd_detail.html', locals(), context_instance=RequestContext(request)) - - -@require_login -def perm_apply(request): - """ 权限申请 """ - header_title, path1, path2 = u'主机权限申请', u'权限管理', u'申请主机' - user_id, username = get_session_user_info(request)[0:2] - name = User.objects.get(id=user_id).username - dept_id, deptname, dept = get_session_user_info(request)[3:6] - perm_host = user_perm_asset_api(username) - all_host = Asset.objects.filter(dept=dept) - - perm_group = user_perm_group_api(username) - all_group = dept.bisgroup_set.all() - - posts = [g for g in all_host if g not in perm_host] - egroup = [d for d in all_group if d not in perm_group] - - dept_da = User.objects.filter(dept_id=dept_id, role='DA') - admin = User.objects.get(name='admin') - - if request.method == 'POST': - applyer = request.POST.get('applyer') - dept = request.POST.get('dept') - da = request.POST.get('da') - group = request.POST.getlist('group') - hosts = request.POST.getlist('hosts') - comment = request.POST.get('comment') - if not da: - return httperror(request, u'请选择管理员!') - da = User.objects.get(id=da) - mail_address = da.email - mail_title = '%s - 权限申请' % username - group_lis = ', '.join(group) - hosts_lis = ', '.join(hosts) - time_now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S') - a = Apply.objects.create(applyer=applyer, admin=da, dept=dept, bisgroup=group, date_add=datetime.datetime.now(), - asset=hosts, status=0, comment=comment, read=0) - uuid = a.uuid - url = "http://%s:%s/jperm/apply_exec/?uuid=%s" % (SEND_IP, SEND_PORT, uuid) - mail_msg = """ - Hi,%s: - 有新的权限申请, 详情如下: - 申请人: %s - 申请主机组: %s - 申请的主机: %s - 申请时间: %s - 申请说明: %s - 请及时审批, 审批完成后, 点击以下链接或登录授权管理-权限审批页面点击确认键,告知申请人。 - - %s - """ % (da.username, applyer, group_lis, hosts_lis, time_now, comment, url) - - send_mail(mail_title, mail_msg, MAIL_FROM, [mail_address], fail_silently=False) - smg = "提交成功,已发邮件至 %s 通知部门管理员。" % mail_address - return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request)) - return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def perm_apply_exec(request): - """ 确认权限 """ - header_title, path1, path2 = u'主机权限申请', u'权限管理', u'审批完成' - uuid = request.GET.get('uuid') - user_id = request.session.get('user_id') - approver = User.objects.get(id=user_id).name - if uuid: - p_apply = Apply.objects.filter(uuid=str(uuid)) - q_apply = Apply.objects.get(uuid=str(uuid)) - if q_apply.status == 1: - smg = '此权限已经审批完成, 请勿重复审批, 十秒钟后返回首页' - return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request)) - else: - user = User.objects.get(username=q_apply.applyer) - mail_address = user.email - time_now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S') - p_apply.update(status=1, approver=approver, date_end=time_now) - mail_title = '%s - 权限审批完成' % q_apply.applyer - mail_msg = """ - Hi,%s: - 您所申请的权限已由 %s 在 %s 审批完成, 请登录验证。 - """ % (q_apply.applyer, q_apply.approver, time_now) - send_mail(mail_title, mail_msg, MAIL_FROM, [mail_address], fail_silently=False) - smg = '授权完成, 已邮件通知申请人, 十秒钟后返回首页' - return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request)) - else: - smg = '没有此授权记录, 十秒钟后返回首页' - return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request)) - - -def get_apply_posts(request, status, username, dept_name, keyword=None): - """ 获取申请记录 """ - post_all = Apply.objects.filter(status=status).order_by('-date_add') - post_keyword_all = Apply.objects.filter(Q(applyer__contains=keyword) | - Q(approver__contains=keyword)) \ - .filter(status=status).order_by('-date_add') - - if is_super_user(request): - if keyword: - posts = post_keyword_all - else: - posts = post_all - elif is_group_admin(request): - if keyword: - posts = post_keyword_all.filter(dept=dept_name) - else: - posts = post_all.filter(dept=dept_name) - elif is_common_user(request): - if keyword: - posts = post_keyword_all.filter(applyer=username) - else: - posts = post_all.filter(applyer=username) - - return posts - - -@require_login -def perm_apply_log(request, offset): - """ 申请记录 """ - header_title, path1, path2 = u'权限申请记录', u'权限管理', u'申请记录' - keyword = request.GET.get('keyword', '') - user_id = get_session_user_info(request)[0] - username = User.objects.get(id=user_id).name - dept_name = get_session_user_info(request)[4] - status_dic = {'online': 0, 'offline': 1} - status = status_dic[offset] - posts = get_apply_posts(request, status, username, dept_name, keyword) - contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) - return render_to_response('jperm/perm_log_%s.html' % offset, locals(), context_instance=RequestContext(request)) - - -@require_login -def perm_apply_info(request): - """ 申请信息详情 """ - uuid = request.GET.get('uuid', '') - post = Apply.objects.filter(uuid=uuid) - username = get_session_user_info(request)[1] - if post: - post = post[0] - if post.read == 0 and post.applyer != username: - post.read = 1 - post.save() - else: - return httperror(request, u'没有这个申请记录!') - - return render_to_response('jperm/perm_apply_info.html', locals(), context_instance=RequestContext(request)) - - -@require_admin -def perm_apply_del(request): - """ 删除日志记录 """ - uuid = request.GET.get('uuid') - u_apply = Apply.objects.filter(uuid=uuid) - if u_apply: - u_apply.delete() - return HttpResponseRedirect('/jperm/apply_show/online/') - - -@require_login -def perm_apply_search(request): - """ 申请搜索 """ - keyword = request.GET.get('keyword') - offset = request.GET.get('env') - username = get_session_user_info(request)[1] - dept_name = get_session_user_info(request)[3] - status_dic = {'online': 0, 'offline': 1} - status = status_dic[offset] - posts = get_apply_posts(request, status, username, dept_name, keyword) - contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) - return render_to_response('jperm/perm_apply_search.html', locals(), context_instance=RequestContext(request)) - - - - - - - - - - - - - - diff --git a/jumpserver/urls.py b/jumpserver/urls.py index f6db9f3ad..617d0351e 100644 --- a/jumpserver/urls.py +++ b/jumpserver/urls.py @@ -16,7 +16,7 @@ urlpatterns = patterns('', (r'^juser/', include('juser.urls')), (r'^jasset/', include('jasset.urls')), # (r'^jlog/', include('jlog.urls')), - # (r'^jperm/', include('jperm.urls')), + (r'^jperm/', include('jperm.urls')), (r'^node_auth/', 'jumpserver.views.node_auth'), ) diff --git a/juser/urls.py b/juser/urls.py index 1be8d0f5e..5e6f354bf 100644 --- a/juser/urls.py +++ b/juser/urls.py @@ -10,7 +10,6 @@ urlpatterns = patterns('juser.views', (r'^group_add/$', group_add), (r'^group_list/$', group_list), (r'^group_del/$', group_del), - (r'^group_del_ajax', group_del_ajax), (r'^group_edit/$', group_edit), (r'^user_add/$', user_add), (r'^user_list/$', user_list), @@ -19,8 +18,7 @@ urlpatterns = patterns('juser.views', (r'^forget_password/$', forget_password), (r'^user_detail/$', 'user_detail'), (r'^user_del/$', 'user_del'), - (r'^user_del_ajax/$', 'user_del_ajax'), - (r'^user_edit/$', view_splitter, {'su': user_edit, 'adm': user_edit_adm}), + (r'^user_edit/$', user_edit), (r'^profile/$', 'profile'), (r'^change_info/$', 'change_info'), (r'^regen_ssh_key/$', 'regen_ssh_key'), diff --git a/juser/views.py b/juser/views.py index 2c8cd50de..6cfd91ef1 100644 --- a/juser/views.py +++ b/juser/views.py @@ -81,21 +81,14 @@ def group_del(request): del a group 删除用户组 """ - group_id = request.GET.get('id', '') - if not group_id: - return HttpResponseRedirect('/') - UserGroup.objects.filter(id=group_id).delete() - return HttpResponseRedirect('/juser/group_list/') - - -@require_role(role='super') -def group_del_ajax(request): - group_ids = request.POST.get('group_ids') - group_ids = group_ids.split(',') - for group_id in group_ids: + group_ids = request.GET.get('id', '') + group_id_list = group_ids.split(',') + for group_id in group_id_list: UserGroup.objects.filter(id=group_id).delete() + return HttpResponse('删除成功') + # @require_role(role='admin') # def group_list_adm(request): # header_title, path1, path2 = '查看部门小组', '用户管理', '查看小组' @@ -424,30 +417,10 @@ def user_detail(request): @require_role(role='admin') def user_del(request): - user_id = request.GET.get('id', '') - if not user_id: - return HttpResponseRedirect('/juser/user_list/') - - user = get_object(User, id=user_id) - if user and user.username != 'admin': - user.delete() - server_del_user(user.username) - return HttpResponseRedirect('/juser/user_list/') - - -@require_role(role='admin') -def user_del_ajax(request): - user_ids = request.POST.get('ids') - user_ids = user_ids.split(',') - if request.session.get('role_id', '') == 1: - if not validate(request, user=user_ids): - return "error" - - for user_id in user_ids: - user = get_object(User, id=user_id) - if user and user.username != 'admin': - user.delete() - server_del_user(user.username) + user_ids = request.GET.get('id', '') + user_id_list = user_ids.split(',') + for user_id in user_id_list: + User.objects.filter(id=user_id).delete() return HttpResponse('删除成功') diff --git a/templates/jasset/asset_add.html b/templates/jasset/asset_add.html index fe6d72f5a..bbf8b196f 100644 --- a/templates/jasset/asset_add.html +++ b/templates/jasset/asset_add.html @@ -80,8 +80,8 @@
diff --git a/templates/jasset/dept_host_ajax.html b/templates/jasset/dept_host_ajax.html deleted file mode 100644 index be529cfc7..000000000 --- a/templates/jasset/dept_host_ajax.html +++ /dev/null @@ -1,3 +0,0 @@ -{% for host in hosts %} - -{% endfor %} \ No newline at end of file diff --git a/templates/jasset/group_list.html b/templates/jasset/group_list.html index 62e70731b..4beac8b72 100644 --- a/templates/jasset/group_list.html +++ b/templates/jasset/group_list.html @@ -24,6 +24,7 @@
添加主机组 + 删除所选
+{% endblock %} +{% block self_footer_js %} {% endblock %} diff --git a/templates/juser/group_list.html b/templates/juser/group_list.html index 0755016fd..092c75776 100644 --- a/templates/juser/group_list.html +++ b/templates/juser/group_list.html @@ -26,7 +26,7 @@
添加用户组 - 删除所选组 + 删除所选
@@ -62,7 +62,7 @@ {{ group.comment }} 编辑 - 删除 + 删除 {% endfor %} @@ -71,7 +71,7 @@
- Showing {{ contacts.start_index }} to {{ contacts.end_index }} of {{ p.count }} entries + Showing {{ user_groups.start_index }} to {{ user_groups.end_index }} of {{ p.count }} entries
{% include 'paginator.html' %} @@ -86,14 +86,27 @@ {% block self_footer_js %}