github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'dev' of https://git.coding.net/jumpserver/jumpserver into NormalUserPageLZ

pull/26/head
liuzheng712 2015-11-22 20:35:03 +08:00
parent 09de12c02a 5f9e675d00
commit 962d16172c
5 changed files with 83 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

121
connect.py
View File

@ -52,23 +52,6 @@ def color_print(msg, color='red', exits=False):
sys.exit() sys.exit()
def check_vim_status(command, ssh):
global SSH_TTY
print command
if command == '':
return True
else:
command_str= 'ps -ef |grep "%s" | grep "%s"|grep -v grep |wc -l' % (command,SSH_TTY)
print command_str
stdin, stdout, stderr = ssh.exec_command(command_str)
ps_num = stdout.read()
print ps_num
if int(ps_num) == 0:
return True
else:
return False
class Tty(object): class Tty(object):
""" """
A virtual tty class A virtual tty class
@ -96,7 +79,7 @@ class Tty(object):
return False return False
@staticmethod @staticmethod
def deal_command(str_r, ssh): def deal_command(str_r):
""" """
处理命令中特殊字符 处理命令中特殊字符
""" """
@ -107,87 +90,60 @@ class Tty(object):
result_command = '' #最后的结果 result_command = '' #最后的结果
backspace_num = 0 #光标移动的个数 backspace_num = 0 #光标移动的个数
backspace_list = []
reach_backspace_flag = False #没有检测到光标键则为true reach_backspace_flag = False #没有检测到光标键则为true
reach_backspace_second_flag = False
pattern_list = []
pattern_str='' pattern_str=''
while str_r: while str_r:
tmp = re.match(r'\s*\w+\s*', str_r) #获取字符串,其它特殊字符匹配暂时还不知道。。 tmp = re.match(r'\s*\w+\s*', str_r)
if tmp: if tmp:
if reach_backspace_flag : if reach_backspace_flag :
if not reach_backspace_second_flag: pattern_str +=str(tmp.group(0))
pattern_str +=str(tmp.group(0))
else:
pattern_list.append(pattern_str)
pattern_str=str(tmp.group(0))
reach_backspace_second_flag=False
str_r = str_r[len(str(tmp.group(0))):] str_r = str_r[len(str(tmp.group(0))):]
continue continue
else: else:
result_command += str(tmp.group(0)) result_command += str(tmp.group(0))
str_r = str_r[len(str(tmp.group(0))):] str_r = str_r[len(str(tmp.group(0))):]
continue continue
tmp = re.match(r'\x1b\[K[\x08]*', str_r) #遇到删除确认符,确定删除数据 tmp = re.match(r'\x1b\[K[\x08]*', str_r)
if tmp: if tmp:
for x in backspace_list:
backspace_num += int(x)
if backspace_num > 0: if backspace_num > 0:
if backspace_num > len(result_command) : if backspace_num > len(result_command) :
result_command += ''.join(pattern_list)
result_command += pattern_str result_command += pattern_str
result_command = result_command[0:-backspace_num] result_command = result_command[0:-backspace_num]
else: else:
result_command = result_command[0:-backspace_num] result_command = result_command[0:-backspace_num]
result_command += ''.join(pattern_list)
result_command += pattern_str result_command += pattern_str
del_len = len(str(tmp.group(0)))-3 del_len = len(str(tmp.group(0)))-3
if del_len > 0: if del_len > 0:
result_command = result_command[0:-del_len] result_command = result_command[0:-del_len]
reach_backspace_flag = False reach_backspace_flag = False
reach_backspace_second_flag =False
backspace_num =0 backspace_num =0
del pattern_list[:]
del backspace_list[:]
pattern_str='' pattern_str=''
str_r = str_r[len(str(tmp.group(0))):] str_r = str_r[len(str(tmp.group(0))):]
continue continue
tmp = re.match(r'\x08+', str_r) #将遇到的退格数字存放到队列中 tmp = re.match(r'\x08+', str_r)
if tmp: if tmp:
if reach_backspace_flag:
reach_backspace_second_flag = True
else:
reach_backspace_flag = True
str_r = str_r[len(str(tmp.group(0))):] str_r = str_r[len(str(tmp.group(0))):]
if len(str_r) != 0: #如果退格键在最后,则放弃 if len(str_r) != 0:
backspace_list.append(len(str(tmp.group(0)))) if reach_backspace_flag:
continue result_command = result_command[0:-backspace_num] + pattern_str
pattern_str = ''
if reach_backspace_flag : else:
if not reach_backspace_second_flag: reach_backspace_flag = True
pattern_str +=str_r[0] backspace_num = len(str(tmp.group(0)))
continue
else: else:
pattern_list.append(pattern_str) break
pattern_str=str_r[0]
reach_backspace_second_flag=False if reach_backspace_flag :
pattern_str +=str_r[0]
else : else :
result_command += str_r[0] result_command += str_r[0]
str_r = str_r[1:] str_r = str_r[1:]
if pattern_str !='': if backspace_num > 0 :
pattern_list.append(pattern_str) result_command = result_command[0:-backspace_num] + pattern_str
#退格队列中还有腿哥键,则进行删除操作
if len(backspace_list) > 0 :
for backspace in backspace_list:
if int(backspace) >= len(result_command):
result_command = pattern_list[0]
else:
result_command = result_command[:-int(backspace)]
result_command += pattern_list[0]
pattern_list = pattern_list[1:]
control_char = re.compile(r""" control_char = re.compile(r"""
\x1b[ #%()*+\-.\/]. | \x1b[ #%()*+\-.\/]. |
@ -200,21 +156,12 @@ class Tty(object):
""", re.X) """, re.X)
result_command = control_char.sub('', result_command.strip()) result_command = control_char.sub('', result_command.strip())
global VIM_FLAG global VIM_FLAG
global VIM_COMMAND
if not VIM_FLAG: if not VIM_FLAG:
if result_command.startswith('vi'): if result_command.startswith('vi'):
VIM_FLAG = True VIM_FLAG = True
VIM_COMMAND = result_command
return result_command.decode('utf8',"ignore") return result_command.decode('utf8',"ignore")
else: else:
if check_vim_status(VIM_COMMAND, ssh): return ''
VIM_FLAG = False
VIM_COMMAND=''
if result_command.endswith(':wq') or result_command.endswith(':wq!') or result_command.endswith(':q!'):
return ''
return result_command.decode('utf8',"ignore")
else:
return ''
@staticmethod @staticmethod
def remove_control_char(str_r): def remove_control_char(str_r):
@ -372,9 +319,12 @@ class SshTty(Tty):
log_file_f, log_time_f, log = self.get_log() log_file_f, log_time_f, log = self.get_log()
old_tty = termios.tcgetattr(sys.stdin) old_tty = termios.tcgetattr(sys.stdin)
pre_timestamp = time.time() pre_timestamp = time.time()
pattern = re.compile('\[.*@.*\][\$#]')
data = '' data = ''
chan_str = ''
input_mode = False input_mode = False
global VIM_FLAG
try: try:
tty.setraw(sys.stdin.fileno()) tty.setraw(sys.stdin.fileno())
tty.setcbreak(sys.stdin.fileno()) tty.setcbreak(sys.stdin.fileno())
@ -391,6 +341,8 @@ class SshTty(Tty):
x = self.channel.recv(1024) x = self.channel.recv(1024)
if len(x) == 0: if len(x) == 0:
break break
if VIM_FLAG:
chan_str += x
sys.stdout.write(x) sys.stdout.write(x)
sys.stdout.flush() sys.stdout.flush()
now_timestamp = time.time() now_timestamp = time.time()
@ -411,10 +363,19 @@ class SshTty(Tty):
input_mode = True input_mode = True
if str(x) in ['\r', '\n', '\r\n']: if str(x) in ['\r', '\n', '\r\n']:
data = self.deal_command(data, self.ssh) if VIM_FLAG:
match = pattern.search(chan_str)
TtyLog(log=log, datetime=datetime.datetime.now(), cmd=data).save() if match:
VIM_FLAG = False
data = self.deal_command(data)
if len(data) > 0:
TtyLog(log=log, datetime=datetime.datetime.now(), cmd=data).save()
else:
data = self.deal_command(data)
if len(data) > 0:
TtyLog(log=log, datetime=datetime.datetime.now(), cmd=data).save()
data = '' data = ''
chan_str = ''
input_mode = False input_mode = False
if len(x) == 0: if len(x) == 0:

22
jperm/perm_api.py
View File

@ -132,13 +132,29 @@ def get_group_asset_perm(ob):
return perm return perm
def gen_resource(ob, perm=None): def gen_resource(ob, ex='', perm=None):
""" """
ob为用户或资产列表或资产queryset ob为用户或资产列表或资产queryset, 如果同时输入用户和资产则获取用户在这些资产上的信息
生成MyInventory需要的 resource文件 生成MyInventory需要的 resource文件
""" """
res = [] res = []
if isinstance(ob, User): if isinstance(ob, User) and isinstance(ex, (list, QuerySet)):
if not perm:
perm = get_group_user_perm(ob)
for asset, asset_info in perm.get('asset').items():
if asset not in ex:
continue
asset_info = get_asset_info(asset)
info = {'hostname': asset.hostname, 'ip': asset.ip, 'port': asset_info.get('port', 22)}
try:
role = sorted(list(perm.get('asset').get(asset).get('role')))[0]
except IndexError:
continue
info['username'] = role.name
info['password'] = role.password
info['ssh_key'] = get_role_key(ob, role)
res.append(info)
elif isinstance(ob, User):
if not perm: if not perm:
perm = get_group_user_perm(ob) perm = get_group_user_perm(ob)

9
jumpserver/api.py
View File

@ -96,9 +96,12 @@ def get_role_key(user, role):
def chown(path, user, group=''): def chown(path, user, group=''):
if not group: if not group:
group = user group = user
uid = pwd.getpwnam(user).pw_uid try:
gid = pwd.getpwnam(group).pwd_gid uid = pwd.getpwnam(user).pw_uid
os.chown(path, uid, gid) gid = pwd.getpwnam(group).pw_gid
os.chown(path, uid, gid)
except KeyError:
pass
def page_list_return(total, current=1): def page_list_return(total, current=1):

1
templates/jasset/asset_add.html
View File

@ -48,6 +48,7 @@
{{ af.ip|bootstrap_horizontal }} {{ af.ip|bootstrap_horizontal }}
<p class="col-sm-offset-2">Tips: 如果IP地址不填写, IP默认会设置与主机名一致</p> <p class="col-sm-offset-2">Tips: 如果IP地址不填写, IP默认会设置与主机名一致</p>
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
<div class="form-group"> <div class="form-group">
<label for="j_group" class="col-sm-2 control-label">管理账号<span class="red-fonts"> *</span></label> <label for="j_group" class="col-sm-2 control-label">管理账号<span class="red-fonts"> *</span></label>

32
templates/jperm/perm_rule_add.html
View File

@ -26,7 +26,7 @@
</div> </div>
</div> </div>
<div class="ibox-content"> <div class="ibox-content">
<form method="post" id="userForm" class="form-horizontal" action=""> <form method="post" id="ruleForm" class="form-horizontal" action="">
{% if error %} {% if error %}
<div class="alert alert-warning text-center">{{ error }}</div> <div class="alert alert-warning text-center">{{ error }}</div>
{% endif %} {% endif %}
@ -34,7 +34,7 @@
<div class="alert alert-success text-center">{{ msg }}</div> <div class="alert alert-success text-center">{{ msg }}</div>
{% endif %} {% endif %}
<div class="form-group"> <div class="form-group">
<label for="username" class="col-sm-2 control-label">授权名称<span class="red-fonts">*</span></label> <label for="rulename" class="col-sm-2 control-label">授权名称<span class="red-fonts">*</span></label>
<div class="col-sm-8"> <div class="col-sm-8">
<input id="rulename" name="rulename" placeholder="Rule Name" type="text" class="form-control" {% if error %}value="{{ username }}" {% endif %}> <input id="rulename" name="rulename" placeholder="Rule Name" type="text" class="form-control" {% if error %}value="{{ username }}" {% endif %}>
</div> </div>
@ -48,11 +48,11 @@
<option value="{{ user.name }}">{{ user.name }}</option> <option value="{{ user.name }}">{{ user.name }}</option>
{% endfor %} {% endfor %}
</select> </select>
<span class="help-block m-b-none">用户和用户组必选一个</span>
</div> </div>
</div> </div>
<div class="hr-line-dashed"></div>
<div class="form-group"> <div class="form-group">
<label for="usergroup" class="col-sm-2 control-label">用户组<span class="red-fonts">*</span></label> <label for="usergroup" class="col-sm-2 control-label">用户组</label>
<div class="col-sm-8"> <div class="col-sm-8">
<select name="usergroup" data-placeholder="请选择用户组" class="chosen-select form-control m-b" multiple tabindex="2"> <select name="usergroup" data-placeholder="请选择用户组" class="chosen-select form-control m-b" multiple tabindex="2">
{% for user_group in user_groups %} {% for user_group in user_groups %}
@ -70,11 +70,11 @@
<option value="{{ asset.ip }}">{{ asset.ip }}</option> <option value="{{ asset.ip }}">{{ asset.ip }}</option>
{% endfor %} {% endfor %}
</select> </select>
<span class="help-block m-b-none">资产和资产组必选一个</span>
</div> </div>
</div> </div>
<div class="hr-line-dashed"></div>
<div class="form-group"> <div class="form-group">
<label for="assetgroup" class="col-sm-2 control-label">资产组<span class="red-fonts">*</span></label> <label for="assetgroup" class="col-sm-2 control-label">资产组</label>
<div class="col-sm-8"> <div class="col-sm-8">
<select name="assetgroup" data-placeholder="请选择资产组" class="chosen-select form-control m-b" multiple tabindex="2"> <select name="assetgroup" data-placeholder="请选择资产组" class="chosen-select form-control m-b" multiple tabindex="2">
{% for asset_group in asset_groups %} {% for asset_group in asset_groups %}
@ -120,31 +120,31 @@
<script> <script>
$('#ruleForm').submit(function() { $('#ruleForm').submit(function() {
var result = {} var result = {};
var data = $(this).serializeArray(); var data = $(this).serializeArray();
$.each(data, function(i, field){ $.each(data, function (i, field) {
result[field.name] = field.value; result[field.name] = field.value;
}); });
if (result['user'] || result['usergroup'] || result['asset'] || result['assetgroup'] || result['rulename'] || result['role']) { if (result['user'] || result['usergroup'] || result['asset'] || result['assetgroup'] || result['rulename'] || result['role']) {
if (result['rulename'] === '') { if (result['rulename'] === '') {
alert("请添加授权名称") alert("请添加授权名称");
return false return false
} }
if (! result['user'] && ! result['usergroup']) { if (!result['user'] && !result['usergroup']) {
alert("用户和用户组必选1个") alert("用户和用户组必选1个");
return false return false
} }
if (! result['asset'] && ! result['assetgroup']) { if (!result['asset'] && !result['assetgroup']) {
alert("资产和资产组必选1个") alert("资产和资产组必选1个");
return false return false
} }
if (! result['role']) { if (!result['role']) {
alert("请填写角色") alert("请填写角色");
return false return false
} }
return true return true
} else { } else {
alert("请填必选项") alert("请填必选项");
return false; return false;
} }
}); });