diff --git a/connect.py b/connect.py index 8e49abbeb..ae4527a62 100755 --- a/connect.py +++ b/connect.py @@ -24,7 +24,8 @@ django.setup() from juser.models import User from jasset.models import Asset from jlog.models import Log -from jumpserver.views import PyCrypt, perm_user_asset +from jumpserver.views import PyCrypt +from jumpserver.api import user_perm_asset_api try: import termios @@ -45,8 +46,7 @@ SERVER_KEY_DIR = os.path.join(SSH_KEY_DIR, 'server') # The key of decryptor. KEY = CONF.get('web', 'key') # Login user. -#LOGIN_NAME = getpass.getuser() -LOGIN_NAME = 'halcyon' +LOGIN_NAME = getpass.getuser() #LOGIN_NAME = os.getlogin() USER_KEY_FILE = os.path.join(SERVER_KEY_DIR, LOGIN_NAME) @@ -178,7 +178,7 @@ def posix_shell(chan, username, host): def get_user_host(username): """Get the hosts of under the user control.""" hosts_attr = {} - asset_all = perm_user_asset(username=username) + asset_all = user_perm_asset_api(username) for asset in asset_all: hosts_attr[asset.ip] = [asset.id, asset.comment] return hosts_attr @@ -200,7 +200,6 @@ def get_connect_item(username, ip): login_type_dict = { 'L': user.ldap_pwd, - 'P': user.ssh_pwd, } if asset.login_type in login_type_dict: @@ -247,7 +246,7 @@ def print_user_host(username): hosts = hosts_attr.keys() hosts.sort() for ip in hosts: - print '[%s] %s -- %s' % (hosts_attr[ip][0], ip, hosts_attr[ip][1]) + print '%s -- %s' % (ip, hosts_attr[ip][1]) def connect(username, password, host, port, login_name): diff --git a/docs/AddUserAsset.py b/docs/AddUserAsset.py index b9fabc291..0993c1853 100644 --- a/docs/AddUserAsset.py +++ b/docs/AddUserAsset.py @@ -114,8 +114,6 @@ if __name__ == '__main__': #test_add_idc() #test_add_asset_group() test_add_asset() - - test_add_user() test_add_log() diff --git a/jperm/views.py b/jperm/views.py index b1b14b737..fe7258f2b 100644 --- a/jperm/views.py +++ b/jperm/views.py @@ -8,7 +8,8 @@ from jasset.models import Asset, BisGroup from jperm.models import Perm, SudoPerm, CmdGroup from django.core.paginator import Paginator, EmptyPage, InvalidPage from django.db.models import Q -from jumpserver.views import LDAP_ENABLE, ldap_conn, CONF, perm_user_asset, page_list_return +from jumpserver.views import LDAP_ENABLE, ldap_conn, CONF, page_list_return +from jumpserver.api import user_perm_asset_api if LDAP_ENABLE: @@ -198,7 +199,7 @@ def perm_asset_detail(request): user = User.objects.filter(id=user_id) if user: user = user[0] - assets_list = perm_user_asset(user_id) + assets_list = user_perm_asset_api(user.username) return render_to_response('jperm/perm_asset_detail.html', locals(), context_instance=RequestContext(request)) @@ -277,7 +278,7 @@ def sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select, def sudo_add(request): header_title, path1, path2 = u'Sudo授权', u'权限管理', u'添加Sudo权限' - user_groups = UserGroup.objects.all() + user_groups = UserGroup.objects.filter(id__gt=2) asset_groups = BisGroup.objects.all() cmd_groups = CmdGroup.objects.all() @@ -293,7 +294,6 @@ def sudo_add(request): sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select) msg = '添加成功' - return HttpResponseRedirect('/jperm/sudo_list/') return render_to_response('jperm/sudo_add.html', locals(), context_instance=RequestContext(request)) @@ -301,7 +301,7 @@ def sudo_list(request): header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情' sudo_perms = contact_list = SudoPerm.objects.all() p1 = paginator1 = Paginator(contact_list, 10) - user_groups = UserGroup.objects.filter(Q(type='A') | Q(type='P')) + user_groups = UserGroup.objects.filter(id__gt=2) asset_groups = BisGroup.objects.all() cmd_groups = CmdGroup.objects.all() @@ -324,7 +324,7 @@ def sudo_edit(request): sudo_perm_id = request.GET.get('id', '0') sudo_perm = SudoPerm.objects.filter(id=int(sudo_perm_id)) if sudo_perm: - user_group_all = UserGroup.objects.filter(Q(type='A') | Q(type='P')) + user_group_all = UserGroup.objects.filter(id__gt=2) asset_group_all = BisGroup.objects.filter() cmd_group_all = CmdGroup.objects.all() @@ -424,7 +424,7 @@ def cmd_edit(request): cmd_group = cmd_group[0] cmd_group_id = cmd_group.id name = cmd_group.name - cmd = cmd_group.cmd + cmd = '\n'.join(cmd_group.cmd.split(',')) comment = cmd_group.comment if request.method == 'POST': diff --git a/jumpserver/api.py b/jumpserver/api.py index 2a0aaa932..b4fd70b55 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -18,6 +18,18 @@ def user_perm_group_api(user): return asset_group_list +def user_perm_asset_api(username): + user = User.objects.filter(username=username) + if user: + user = user[0] + asset_list = [] + asset_group_list = user_perm_group_api(user) + for asset_group in asset_group_list: + asset_list.extend(asset_group.asset_set.all()) + + return asset_list + + def asset_perm_api(asset): if asset: perm_list = [] diff --git a/jumpserver/templatetags/mytags.py b/jumpserver/templatetags/mytags.py index 41f338e24..9a418eba5 100644 --- a/jumpserver/templatetags/mytags.py +++ b/jumpserver/templatetags/mytags.py @@ -6,7 +6,7 @@ import time from django import template from juser.models import User, UserGroup, DEPT from jasset.models import BisGroup -from jumpserver.views import perm_user_asset +from jumpserver.api import user_perm_asset_api register = template.Library() @@ -109,9 +109,13 @@ def group_type_to_str(type_name): return group_types.get(type_name) -@register.filter(name='perm_asset_count') -def perm_asset_count(user_id): - return len(perm_user_asset(user_id)) +# @register.filter(name='perm_asset_count') +# def perm_asset_count(user_id): +# return len(perm_user_asset(user_id)) + +@register.filter(name='string_length') +def string_length(string, length): + return '%s ...' % string[0:length] @register.filter(name='filter_private') diff --git a/jumpserver/views.py b/jumpserver/views.py index 1e2a00fa6..cc82543ea 100644 --- a/jumpserver/views.py +++ b/jumpserver/views.py @@ -292,26 +292,26 @@ class PyCrypt(object): return plain_text.rstrip('\0') -def perm_user_asset(user_id=None, username=None): - if user_id: - user = User.objects.get(id=user_id) - else: - user = User.objects.get(username=username) - user_groups = user.user_group.all() - perms = [] - assets = [] - asset_groups = [] - for user_group in user_groups: - perm = user_group.perm_set.all() - perms.extend(perm) - - for perm in perms: - asset_groups.extend(perm.asset_group.all()) - - for asset_group in asset_groups: - assets.extend(list(asset_group.asset_set.all())) - - return assets +# def perm_user_asset(user_id=None, username=None): +# if user_id: +# user = User.objects.get(id=user_id) +# else: +# user = User.objects.get(username=username) +# user_groups = user.user_group.all() +# perms = [] +# assets = [] +# asset_groups = [] +# for user_group in user_groups: +# perm = user_group.perm_set.all() +# perms.extend(perm) +# +# for perm in perms: +# asset_groups.extend(perm.asset_group.all()) +# +# for asset_group in asset_groups: +# assets.extend(list(asset_group.asset_set.all())) +# +# return assets if LDAP_ENABLE: @@ -322,7 +322,7 @@ else: def install(request): from juser.models import DEPT - DEPT(id=1, name="跨部门", comment="添加跨部门小组使用").save() - DEPT(id=2, name="默认", comment="默认部门,作为中间,可以用来初始化").save() + DEPT(id=1, name="跨部门", comment="跨部门小组使用").save() + DEPT(id=2, name="默认", comment="默认部门").save() return HttpResponse('Ok') diff --git a/templates/jperm/sudo_cmd_list.html b/templates/jperm/sudo_cmd_list.html index 78b25e196..f576e7c8c 100644 --- a/templates/jperm/sudo_cmd_list.html +++ b/templates/jperm/sudo_cmd_list.html @@ -46,9 +46,10 @@ {% for group in contacts.object_list %} {{ group.name }} - {{ group.cmd }} + {{ group.cmd | string_length:50 }} {{ group.comment }} + 详情 编辑 删除 diff --git a/templates/jperm/sudo_detail.html b/templates/jperm/sudo_detail.html index 39fd1393d..d22af8320 100644 --- a/templates/jperm/sudo_detail.html +++ b/templates/jperm/sudo_detail.html @@ -42,8 +42,8 @@ {{ user.username }} {{ user.name }} - {{ user.username|group_manage_str }} - {{ user.username|groups_str }} + {{ user.dept.name }} + {{ user.group.all | group_str2}} {% endfor %} diff --git a/templates/jperm/sudo_list.html b/templates/jperm/sudo_list.html index 182c42ed3..fceaef4e5 100644 --- a/templates/jperm/sudo_list.html +++ b/templates/jperm/sudo_list.html @@ -5,7 +5,7 @@
-
+
Sudo授权列表
@@ -29,11 +29,11 @@
- +{# #}
@@ -78,21 +78,15 @@ {{ sudo_perm.name }} {{ sudo_perm.user_runas }} - {% for user_group in sudo_perm.user_group.all %} - {{ user_group.name }} - {% endfor %} + {{ sudo_perm.user_group.all | group_str2 }} - {% for asset_group in sudo_perm.asset_group.all %} - {{ asset_group.name }} - {% endfor %} + {{ sudo_perm.asset_group.all | group_str2 }} - {% for cmd_group in sudo_perm.cmd_group.all %} - {{ cmd_group.name }} - {% endfor %} + {{ sudo_perm.cmd_group.all | group_str2 }} 详情 @@ -161,7 +155,7 @@ {{ user.name }} {{ user.id | get_role }} {{ user.username }} - {{ user.id | perm_asset_count }} + {{ user.id }} 详情 diff --git a/templates/nav.html b/templates/nav.html index 7a6cca4d6..8665bd60b 100644 --- a/templates/nav.html +++ b/templates/nav.html @@ -40,12 +40,7 @@
  • 授权查看
    • -
  • - 命令组添加 -
    • -
  • - 命令组查看 -
    • +
  • Sudo添加
    • @@ -53,6 +48,13 @@ Sudo查看 +
  • + 命令组添加 +
    • +
  • + 命令组查看 +
    • +