mirror of https://github.com/jumpserver/jumpserver
修改一些bug
guanghongwei
parent
67f9aad1b9
commit
9a638bc856
11
connect.py
11
connect.py
|
|
@ -24,7 +24,8 @@ django.setup()
|
||||||
from juser.models import User
|
from juser.models import User
|
||||||
from jasset.models import Asset
|
from jasset.models import Asset
|
||||||
from jlog.models import Log
|
from jlog.models import Log
|
||||||
from jumpserver.views import PyCrypt, perm_user_asset
|
from jumpserver.views import PyCrypt
|
||||||
|
from jumpserver.api import user_perm_asset_api
|
||||||
|
|
||||||
try:
|
try:
|
||||||
import termios
|
import termios
|
||||||
|
|
@ -45,8 +46,7 @@ SERVER_KEY_DIR = os.path.join(SSH_KEY_DIR, 'server')
|
||||||
# The key of decryptor.
|
# The key of decryptor.
|
||||||
KEY = CONF.get('web', 'key')
|
KEY = CONF.get('web', 'key')
|
||||||
# Login user.
|
# Login user.
|
||||||
#LOGIN_NAME = getpass.getuser()
|
LOGIN_NAME = getpass.getuser()
|
||||||
LOGIN_NAME = 'halcyon'
|
|
||||||
#LOGIN_NAME = os.getlogin()
|
#LOGIN_NAME = os.getlogin()
|
||||||
USER_KEY_FILE = os.path.join(SERVER_KEY_DIR, LOGIN_NAME)
|
USER_KEY_FILE = os.path.join(SERVER_KEY_DIR, LOGIN_NAME)
|
||||||
|
|
||||||
|
|
@ -178,7 +178,7 @@ def posix_shell(chan, username, host):
|
||||||
def get_user_host(username):
|
def get_user_host(username):
|
||||||
"""Get the hosts of under the user control."""
|
"""Get the hosts of under the user control."""
|
||||||
hosts_attr = {}
|
hosts_attr = {}
|
||||||
asset_all = perm_user_asset(username=username)
|
asset_all = user_perm_asset_api(username)
|
||||||
for asset in asset_all:
|
for asset in asset_all:
|
||||||
hosts_attr[asset.ip] = [asset.id, asset.comment]
|
hosts_attr[asset.ip] = [asset.id, asset.comment]
|
||||||
return hosts_attr
|
return hosts_attr
|
||||||
|
|
@ -200,7 +200,6 @@ def get_connect_item(username, ip):
|
||||||
|
|
||||||
login_type_dict = {
|
login_type_dict = {
|
||||||
'L': user.ldap_pwd,
|
'L': user.ldap_pwd,
|
||||||
'P': user.ssh_pwd,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if asset.login_type in login_type_dict:
|
if asset.login_type in login_type_dict:
|
||||||
|
|
@ -247,7 +246,7 @@ def print_user_host(username):
|
||||||
hosts = hosts_attr.keys()
|
hosts = hosts_attr.keys()
|
||||||
hosts.sort()
|
hosts.sort()
|
||||||
for ip in hosts:
|
for ip in hosts:
|
||||||
print '[%s] %s -- %s' % (hosts_attr[ip][0], ip, hosts_attr[ip][1])
|
print '%s -- %s' % (ip, hosts_attr[ip][1])
|
||||||
|
|
||||||
|
|
||||||
def connect(username, password, host, port, login_name):
|
def connect(username, password, host, port, login_name):
|
||||||
|
|
|
||||||
|
|
@ -114,8 +114,6 @@ if __name__ == '__main__':
|
||||||
#test_add_idc()
|
#test_add_idc()
|
||||||
#test_add_asset_group()
|
#test_add_asset_group()
|
||||||
test_add_asset()
|
test_add_asset()
|
||||||
|
|
||||||
test_add_user()
|
|
||||||
test_add_log()
|
test_add_log()
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,8 @@ from jasset.models import Asset, BisGroup
|
||||||
from jperm.models import Perm, SudoPerm, CmdGroup
|
from jperm.models import Perm, SudoPerm, CmdGroup
|
||||||
from django.core.paginator import Paginator, EmptyPage, InvalidPage
|
from django.core.paginator import Paginator, EmptyPage, InvalidPage
|
||||||
from django.db.models import Q
|
from django.db.models import Q
|
||||||
from jumpserver.views import LDAP_ENABLE, ldap_conn, CONF, perm_user_asset, page_list_return
|
from jumpserver.views import LDAP_ENABLE, ldap_conn, CONF, page_list_return
|
||||||
|
from jumpserver.api import user_perm_asset_api
|
||||||
|
|
||||||
|
|
||||||
if LDAP_ENABLE:
|
if LDAP_ENABLE:
|
||||||
|
|
@ -198,7 +199,7 @@ def perm_asset_detail(request):
|
||||||
user = User.objects.filter(id=user_id)
|
user = User.objects.filter(id=user_id)
|
||||||
if user:
|
if user:
|
||||||
user = user[0]
|
user = user[0]
|
||||||
assets_list = perm_user_asset(user_id)
|
assets_list = user_perm_asset_api(user.username)
|
||||||
return render_to_response('jperm/perm_asset_detail.html', locals(), context_instance=RequestContext(request))
|
return render_to_response('jperm/perm_asset_detail.html', locals(), context_instance=RequestContext(request))
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -277,7 +278,7 @@ def sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select,
|
||||||
|
|
||||||
def sudo_add(request):
|
def sudo_add(request):
|
||||||
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'添加Sudo权限'
|
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'添加Sudo权限'
|
||||||
user_groups = UserGroup.objects.all()
|
user_groups = UserGroup.objects.filter(id__gt=2)
|
||||||
asset_groups = BisGroup.objects.all()
|
asset_groups = BisGroup.objects.all()
|
||||||
cmd_groups = CmdGroup.objects.all()
|
cmd_groups = CmdGroup.objects.all()
|
||||||
|
|
||||||
|
|
@ -293,7 +294,6 @@ def sudo_add(request):
|
||||||
sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select)
|
sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select)
|
||||||
|
|
||||||
msg = '添加成功'
|
msg = '添加成功'
|
||||||
return HttpResponseRedirect('/jperm/sudo_list/')
|
|
||||||
return render_to_response('jperm/sudo_add.html', locals(), context_instance=RequestContext(request))
|
return render_to_response('jperm/sudo_add.html', locals(), context_instance=RequestContext(request))
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -301,7 +301,7 @@ def sudo_list(request):
|
||||||
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情'
|
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情'
|
||||||
sudo_perms = contact_list = SudoPerm.objects.all()
|
sudo_perms = contact_list = SudoPerm.objects.all()
|
||||||
p1 = paginator1 = Paginator(contact_list, 10)
|
p1 = paginator1 = Paginator(contact_list, 10)
|
||||||
user_groups = UserGroup.objects.filter(Q(type='A') | Q(type='P'))
|
user_groups = UserGroup.objects.filter(id__gt=2)
|
||||||
asset_groups = BisGroup.objects.all()
|
asset_groups = BisGroup.objects.all()
|
||||||
cmd_groups = CmdGroup.objects.all()
|
cmd_groups = CmdGroup.objects.all()
|
||||||
|
|
||||||
|
|
@ -324,7 +324,7 @@ def sudo_edit(request):
|
||||||
sudo_perm_id = request.GET.get('id', '0')
|
sudo_perm_id = request.GET.get('id', '0')
|
||||||
sudo_perm = SudoPerm.objects.filter(id=int(sudo_perm_id))
|
sudo_perm = SudoPerm.objects.filter(id=int(sudo_perm_id))
|
||||||
if sudo_perm:
|
if sudo_perm:
|
||||||
user_group_all = UserGroup.objects.filter(Q(type='A') | Q(type='P'))
|
user_group_all = UserGroup.objects.filter(id__gt=2)
|
||||||
asset_group_all = BisGroup.objects.filter()
|
asset_group_all = BisGroup.objects.filter()
|
||||||
cmd_group_all = CmdGroup.objects.all()
|
cmd_group_all = CmdGroup.objects.all()
|
||||||
|
|
||||||
|
|
@ -424,7 +424,7 @@ def cmd_edit(request):
|
||||||
cmd_group = cmd_group[0]
|
cmd_group = cmd_group[0]
|
||||||
cmd_group_id = cmd_group.id
|
cmd_group_id = cmd_group.id
|
||||||
name = cmd_group.name
|
name = cmd_group.name
|
||||||
cmd = cmd_group.cmd
|
cmd = '\n'.join(cmd_group.cmd.split(','))
|
||||||
comment = cmd_group.comment
|
comment = cmd_group.comment
|
||||||
|
|
||||||
if request.method == 'POST':
|
if request.method == 'POST':
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,18 @@ def user_perm_group_api(user):
|
||||||
return asset_group_list
|
return asset_group_list
|
||||||
|
|
||||||
|
|
||||||
|
def user_perm_asset_api(username):
|
||||||
|
user = User.objects.filter(username=username)
|
||||||
|
if user:
|
||||||
|
user = user[0]
|
||||||
|
asset_list = []
|
||||||
|
asset_group_list = user_perm_group_api(user)
|
||||||
|
for asset_group in asset_group_list:
|
||||||
|
asset_list.extend(asset_group.asset_set.all())
|
||||||
|
|
||||||
|
return asset_list
|
||||||
|
|
||||||
|
|
||||||
def asset_perm_api(asset):
|
def asset_perm_api(asset):
|
||||||
if asset:
|
if asset:
|
||||||
perm_list = []
|
perm_list = []
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,7 @@ import time
|
||||||
from django import template
|
from django import template
|
||||||
from juser.models import User, UserGroup, DEPT
|
from juser.models import User, UserGroup, DEPT
|
||||||
from jasset.models import BisGroup
|
from jasset.models import BisGroup
|
||||||
from jumpserver.views import perm_user_asset
|
from jumpserver.api import user_perm_asset_api
|
||||||
|
|
||||||
register = template.Library()
|
register = template.Library()
|
||||||
|
|
||||||
|
|
@ -109,9 +109,13 @@ def group_type_to_str(type_name):
|
||||||
return group_types.get(type_name)
|
return group_types.get(type_name)
|
||||||
|
|
||||||
|
|
||||||
@register.filter(name='perm_asset_count')
|
# @register.filter(name='perm_asset_count')
|
||||||
def perm_asset_count(user_id):
|
# def perm_asset_count(user_id):
|
||||||
return len(perm_user_asset(user_id))
|
# return len(perm_user_asset(user_id))
|
||||||
|
|
||||||
|
@register.filter(name='string_length')
|
||||||
|
def string_length(string, length):
|
||||||
|
return '%s ...' % string[0:length]
|
||||||
|
|
||||||
|
|
||||||
@register.filter(name='filter_private')
|
@register.filter(name='filter_private')
|
||||||
|
|
|
||||||
|
|
@ -292,26 +292,26 @@ class PyCrypt(object):
|
||||||
return plain_text.rstrip('\0')
|
return plain_text.rstrip('\0')
|
||||||
|
|
||||||
|
|
||||||
def perm_user_asset(user_id=None, username=None):
|
# def perm_user_asset(user_id=None, username=None):
|
||||||
if user_id:
|
# if user_id:
|
||||||
user = User.objects.get(id=user_id)
|
# user = User.objects.get(id=user_id)
|
||||||
else:
|
# else:
|
||||||
user = User.objects.get(username=username)
|
# user = User.objects.get(username=username)
|
||||||
user_groups = user.user_group.all()
|
# user_groups = user.user_group.all()
|
||||||
perms = []
|
# perms = []
|
||||||
assets = []
|
# assets = []
|
||||||
asset_groups = []
|
# asset_groups = []
|
||||||
for user_group in user_groups:
|
# for user_group in user_groups:
|
||||||
perm = user_group.perm_set.all()
|
# perm = user_group.perm_set.all()
|
||||||
perms.extend(perm)
|
# perms.extend(perm)
|
||||||
|
#
|
||||||
for perm in perms:
|
# for perm in perms:
|
||||||
asset_groups.extend(perm.asset_group.all())
|
# asset_groups.extend(perm.asset_group.all())
|
||||||
|
#
|
||||||
for asset_group in asset_groups:
|
# for asset_group in asset_groups:
|
||||||
assets.extend(list(asset_group.asset_set.all()))
|
# assets.extend(list(asset_group.asset_set.all()))
|
||||||
|
#
|
||||||
return assets
|
# return assets
|
||||||
|
|
||||||
|
|
||||||
if LDAP_ENABLE:
|
if LDAP_ENABLE:
|
||||||
|
|
@ -322,7 +322,7 @@ else:
|
||||||
|
|
||||||
def install(request):
|
def install(request):
|
||||||
from juser.models import DEPT
|
from juser.models import DEPT
|
||||||
DEPT(id=1, name="跨部门", comment="添加跨部门小组使用").save()
|
DEPT(id=1, name="跨部门", comment="跨部门小组使用").save()
|
||||||
DEPT(id=2, name="默认", comment="默认部门,作为中间,可以用来初始化").save()
|
DEPT(id=2, name="默认", comment="默认部门").save()
|
||||||
return HttpResponse('Ok')
|
return HttpResponse('Ok')
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -46,9 +46,10 @@
|
||||||
{% for group in contacts.object_list %}
|
{% for group in contacts.object_list %}
|
||||||
<tr class="gradeX">
|
<tr class="gradeX">
|
||||||
<td class="text-center"> {{ group.name }} </td>
|
<td class="text-center"> {{ group.name }} </td>
|
||||||
<td class="text-center"> {{ group.cmd }} </td>
|
<td class="text-center"> {{ group.cmd | string_length:50 }} </td>
|
||||||
<td class="text-center"> {{ group.comment }} </td>
|
<td class="text-center"> {{ group.comment }} </td>
|
||||||
<td class="text-center">
|
<td class="text-center">
|
||||||
|
<a href="../cmd_detail/?id={{ group.id }}" class="btn btn-xs btn-info">详情</a>
|
||||||
<a href="../cmd_edit/?id={{ group.id }}" class="btn btn-xs btn-info">编辑</a>
|
<a href="../cmd_edit/?id={{ group.id }}" class="btn btn-xs btn-info">编辑</a>
|
||||||
<a href="../cmd_del/?id={{ group.id }}" class="btn btn-xs btn-danger">删除</a>
|
<a href="../cmd_del/?id={{ group.id }}" class="btn btn-xs btn-danger">删除</a>
|
||||||
</td>
|
</td>
|
||||||
|
|
|
||||||
|
|
@ -42,8 +42,8 @@
|
||||||
<tr>
|
<tr>
|
||||||
<td>{{ user.username }}</td>
|
<td>{{ user.username }}</td>
|
||||||
<td>{{ user.name }}</td>
|
<td>{{ user.name }}</td>
|
||||||
<td>{{ user.username|group_manage_str }}</td>
|
<td>{{ user.dept.name }}</td>
|
||||||
<td>{{ user.username|groups_str }}</td>
|
<td>{{ user.group.all | group_str2}}</td>
|
||||||
</tr>
|
</tr>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
</tbody>
|
</tbody>
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@
|
||||||
|
|
||||||
<div class="wrapper wrapper-content animated fadeInRight">
|
<div class="wrapper wrapper-content animated fadeInRight">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-lg-10">
|
<div class="col-lg-12">
|
||||||
<div class="ibox float-e-margins">
|
<div class="ibox float-e-margins">
|
||||||
<div class="ibox-title">
|
<div class="ibox-title">
|
||||||
<h5> Sudo授权列表 </h5>
|
<h5> Sudo授权列表 </h5>
|
||||||
|
|
@ -29,11 +29,11 @@
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="ibox-content">
|
<div class="ibox-content">
|
||||||
<div class="" style="margin-left: 15px;">
|
{# <div class="" style="margin-left: 15px;">#}
|
||||||
<a target="_blank" href="/jperm/cmd_add/" class="btn btn-sm btn-primary "> 添加命令组 </a>
|
{# <a target="_blank" href="/jperm/cmd_add/" class="btn btn-sm btn-primary "> 添加命令组 </a>#}
|
||||||
<a target="_blank" href="/jperm/cmd_list/" class="btn btn-sm btn-warning "> 查看命令组 </a>
|
{# <a target="_blank" href="/jperm/cmd_list/" class="btn btn-sm btn-warning "> 查看命令组 </a>#}
|
||||||
<a target="_blank" href="/jperm/sudo_add/" class="btn btn-sm btn-danger "> Sudo授权添加 </a>
|
{# <a target="_blank" href="/jperm/sudo_add/" class="btn btn-sm btn-danger "> Sudo授权添加 </a>#}
|
||||||
</div>
|
{# </div>#}
|
||||||
|
|
||||||
<div class="panel blank-panel">
|
<div class="panel blank-panel">
|
||||||
<div class="panel-heading">
|
<div class="panel-heading">
|
||||||
|
|
@ -78,21 +78,15 @@
|
||||||
<td class="text-center"> {{ sudo_perm.name }} </td>
|
<td class="text-center"> {{ sudo_perm.name }} </td>
|
||||||
<td class="text-center"> {{ sudo_perm.user_runas }} </td>
|
<td class="text-center"> {{ sudo_perm.user_runas }} </td>
|
||||||
<td class="text-center">
|
<td class="text-center">
|
||||||
{% for user_group in sudo_perm.user_group.all %}
|
{{ sudo_perm.user_group.all | group_str2 }}
|
||||||
{{ user_group.name }}
|
|
||||||
{% endfor %}
|
|
||||||
</td>
|
</td>
|
||||||
|
|
||||||
<td class="text-center">
|
<td class="text-center">
|
||||||
{% for asset_group in sudo_perm.asset_group.all %}
|
{{ sudo_perm.asset_group.all | group_str2 }}
|
||||||
{{ asset_group.name }}
|
|
||||||
{% endfor %}
|
|
||||||
</td>
|
</td>
|
||||||
|
|
||||||
<td class="text-center">
|
<td class="text-center">
|
||||||
{% for cmd_group in sudo_perm.cmd_group.all %}
|
{{ sudo_perm.cmd_group.all | group_str2 }}
|
||||||
{{ cmd_group.name }}
|
|
||||||
{% endfor %}
|
|
||||||
</td>
|
</td>
|
||||||
<td class="text-center">
|
<td class="text-center">
|
||||||
<a title="[ {{ sudo_perm.name }} 授权详情 ]" href="../sudo_detail/?id={{ sudo_perm.id }}" class="btn btn-xs btn-primary">详情</a>
|
<a title="[ {{ sudo_perm.name }} 授权详情 ]" href="../sudo_detail/?id={{ sudo_perm.id }}" class="btn btn-xs btn-primary">详情</a>
|
||||||
|
|
@ -161,7 +155,7 @@
|
||||||
<td class="text-center"> {{ user.name }} </td>
|
<td class="text-center"> {{ user.name }} </td>
|
||||||
<td class="text-center"> {{ user.id | get_role }} </td>
|
<td class="text-center"> {{ user.id | get_role }} </td>
|
||||||
<td class="text-center"> {{ user.username }} </td>
|
<td class="text-center"> {{ user.username }} </td>
|
||||||
<td class="text-center"> {{ user.id | perm_asset_count }} </td>
|
<td class="text-center"> {{ user.id }} </td>
|
||||||
<td class="text-center">
|
<td class="text-center">
|
||||||
<a title="[ {{ user.name }} ] 授权详情" href="../perm_asset_detail/?id={{ user.id }}" class="iframe btn btn-xs btn-primary">详情</a>
|
<a title="[ {{ user.name }} ] 授权详情" href="../perm_asset_detail/?id={{ user.id }}" class="iframe btn btn-xs btn-primary">详情</a>
|
||||||
</td>
|
</td>
|
||||||
|
|
|
||||||
|
|
@ -40,12 +40,7 @@
|
||||||
<li id="perm_list">
|
<li id="perm_list">
|
||||||
<a href="/jperm/perm_list/">授权查看</a>
|
<a href="/jperm/perm_list/">授权查看</a>
|
||||||
</li>
|
</li>
|
||||||
<li id="cmd_add">
|
|
||||||
<a href="/jperm/cmd_add/">命令组添加</a>
|
|
||||||
</li>
|
|
||||||
<li id="cmd_list">
|
|
||||||
<a href="/jperm/cmd_list/">命令组查看</a>
|
|
||||||
</li>
|
|
||||||
<li id="sudo_add">
|
<li id="sudo_add">
|
||||||
<a href="/jperm/sudo_add/">Sudo添加</a>
|
<a href="/jperm/sudo_add/">Sudo添加</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
@ -53,6 +48,13 @@
|
||||||
<a href="/jperm/sudo_list/">Sudo查看</a>
|
<a href="/jperm/sudo_list/">Sudo查看</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
|
<li id="cmd_add">
|
||||||
|
<a href="/jperm/cmd_add/">命令组添加</a>
|
||||||
|
</li>
|
||||||
|
<li id="cmd_list">
|
||||||
|
<a href="/jperm/cmd_list/">命令组查看</a>
|
||||||
|
</li>
|
||||||
|
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
<li id="jlog">
|
<li id="jlog">
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue