github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

调整User,UserGroup类

pull/26/head
Guang 2015-08-20 23:42:27 +08:00
parent 9e52e6a320
commit 9f0620f97e
6 changed files with 416 additions and 271 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
connect.py
View File

@ -26,20 +26,19 @@ os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings'
if django.get_version() != '1.6':
django.setup()
from jlog.models import Log
from jumpserver.api import CONF, BASE_DIR, ServerError, Juser, Jasset, JassetGroup
from jumpserver.api import CONF, BASE_DIR, ServerError, User, UserGroup, Asset, BisGroup
from jumpserver.api import CRYPTOR, logger, is_dir
try:
import termios
import tty
except ImportError:
print '\033[1;31mOnly unix like supported.\033[0m'
print '\033[1;31m仅支持类Unix系统 Only unix like supported.\033[0m'
time.sleep(3)
sys.exit()
CONF.read(os.path.join(BASE_DIR, 'jumpserver.conf'))
log_dir = os.path.join(BASE_DIR, 'logs')
login_user = Juser(username=getpass.getuser())
login_user = User(username=getpass.getuser())
def color_print(msg, color='red', exits=False):
@ -265,7 +264,7 @@ def verify_connect(user, option):
elif len(ip_matched) < 1:
color_print('No Permission or No host.', 'red')
else:
asset = Jasset(ip=ip_matched[0]).asset
asset = Asset(ip=ip_matched[0]).asset
jtty = Jtty(user, asset)
jtty.connect()

14
docs/AddUserAsset.py
View File

@ -127,14 +127,14 @@ def test_add_log():
if __name__ == '__main__':
#install()
#test_add_dept()
#test_add_group()
#test_add_user()
#test_add_idc()
#test_add_asset_group()
install()
test_add_dept()
test_add_group()
test_add_user()
test_add_idc()
test_add_asset_group()
test_add_asset()
#test_add_log()
test_add_log()

55
jasset/models.py
View File

@ -23,6 +23,45 @@ class BisGroup(models.Model):
def __unicode__(self):
return self.name
def get_asset(self):
return self.asset_set.all()
def get_asset_info(self, printable=False):
assets = self.get_asset()
for asset in assets:
if asset.comment:
print '%-15s -- %s' % (asset.ip, asset.comment)
else:
print '%-15s' % asset.ip
print ''
def get_asset_num(self):
return len(self.get_asset())
def get_user_group(self):
perm_list = self.perm_set.all()
user_group_list = []
for perm in perm_list:
user_group_list.append(perm.user_group)
return user_group_list
def get_user(self):
user_list = []
user_group_list = self.get_user_group()
for user_group in user_group_list:
user_list.extend(user_group.user_set.all())
return user_list
def is_permed(self, user=None, user_group=None):
if user:
if user in self.get_user():
return True
if user_group:
if user_group in self.get_user_group():
return True
return False
class Asset(models.Model):
LOGIN_TYPE_CHOICES = (
@ -44,6 +83,22 @@ class Asset(models.Model):
def __unicode__(self):
return self.ip
def get_user(self):
perm_list = []
asset_group_all = self.bis_group.all()
for asset_group in asset_group_all:
perm_list.extend(asset_group.perm_set.all())
user_group_list = []
for perm in perm_list:
user_group_list.append(perm.user_group)
user_permed_list = []
for user_group in user_group_list:
user_permed_list.extend(user_group.user_set.all())
user_permed_list = list(set(user_permed_list))
return user_permed_list
class AssetAlias(models.Model):
user = models.ForeignKey(User)

521
jumpserver/api.py
View File

@ -219,6 +219,7 @@ def require_login(func):
def require_super_user(func):
"""要求是超级管理员"""
def _deco(request, *args, **kwargs):
if not request.session.get('user_id'):
return HttpResponseRedirect('/login/')
@ -230,6 +231,7 @@ def require_super_user(func):
def require_admin(func):
"""要求是管理员"""
def _deco(request, *args, **kwargs):
if not request.session.get('user_id'):
return HttpResponseRedirect('/login/')
@ -241,6 +243,7 @@ def require_admin(func):
def is_super_user(request):
"""要求请求是超级管理员"""
if request.session.get('role_id') == 2:
return True
else:
@ -248,6 +251,7 @@ def is_super_user(request):
def is_group_admin(request):
"""要求请求是组管理员"""
if request.session.get('role_id') == 1:
return True
else:
@ -255,6 +259,7 @@ def is_group_admin(request):
def is_common_user(request):
"""要求用户是普通用户"""
if request.session.get('role_id') == 0:
return True
else:
@ -313,267 +318,267 @@ def api_user(request):
# return asset_group_list
class Juser(object):
"""
Jumpserver user class
用户类
"""
# class Juser(object):
# """
# Jumpserver user class
# 用户类
# """
#
# def __init__(self, username=None, uid=None):
# if username:
# user = User.objects.filter(username=username)
# elif uid:
# user = User.objects.filter(id=uid)
# else:
# user = ''
#
# if user:
# user = user[0]
# self.user = user
# self.id = user.id
# # self.id = user.id
# # self.username = user.username
# # self.name = user.name
# self.group = user.group.all()
# else:
# self.id = None
#
# def __repr__(self):
# if self.id:
# return '<%s Juser instance>' % getattr(self.user, 'username')
# else:
# return 'None'
#
# def __getattr__(self, item):
# if self.id:
# return getattr(self.user, item)
# else:
# return None
#
# def validate(self):
# """
# Validate is or not a true user
# 鉴定用户
# """
# if self.id:
# return True
# else:
# return False
#
# def get_asset_group(self):
# """
# Get user host_groups.
# 获取用户有权限的主机组
# """
# host_group_list = []
# perm_list = []
# user_group_all = self.user.group.all()
# for user_group in user_group_all:
# perm_list.extend(user_group.perm_set.all())
#
# for perm in perm_list:
# host_group_list.append(perm.asset_group)
#
# return host_group_list
#
# def get_asset_group_info(self, printable=False):
# """
# Get or print asset group info
# 获取或打印用户授权资产组
# """
# asset_groups_info = {}
# asset_groups = self.get_asset_group()
#
# for asset_group in asset_groups:
# asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment]
#
# if printable:
# for group_id in asset_groups_info:
# if asset_groups_info[group_id][1]:
# print "[%3s] %s -- %s" % (group_id,
# asset_groups_info[group_id][0],
# asset_groups_info[group_id][1])
# else:
# print "[%3s] %s" % (group_id, asset_groups_info[group_id][0])
# print ''
# else:
# return asset_groups_info
#
# def get_asset(self):
# """
# Get the assets of under the user control.
# 获取主机列表
# """
# assets = []
# asset_groups = self.get_asset_group()
#
# for asset_group in asset_groups:
# assets.extend(asset_group.asset_set.all())
#
# return assets
#
# def get_asset_info(self, printable=False):
# """
# Get or print the user asset info
# 获取或打印用户资产信息
# """
# assets_info = {}
# assets = self.get_asset()
#
# for asset in assets:
# asset_alias = AssetAlias.objects.filter(user=self.user, asset=asset)
# if asset_alias and asset_alias[0].alias != '':
# assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)]
# else:
# assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)]
#
# if printable:
# ips = assets_info.keys()
# ips.sort()
# for ip in ips:
# if assets_info[ip][2]:
# print '%-15s -- %s' % (ip, assets_info[ip][2])
# else:
# print '%-15s' % ip
# print ''
# else:
# return assets_info
#
def __init__(self, username=None, uid=None):
if username:
user = User.objects.filter(username=username)
elif uid:
user = User.objects.filter(id=uid)
else:
user = ''
if user:
user = user[0]
self.user = user
self.id = user.id
# self.id = user.id
# self.username = user.username
# self.name = user.name
self.group = user.group.all()
else:
self.id = None
def __repr__(self):
if self.id:
return '<%s Juser instance>' % getattr(self.user, 'username')
else:
return 'None'
def __getattr__(self, item):
if self.id:
return getattr(self.user, item)
else:
return None
def validate(self):
"""
Validate is or not a true user
鉴定用户
"""
if self.id:
return True
else:
return False
def get_asset_group(self):
"""
Get user host_groups.
获取用户有权限的主机组
"""
host_group_list = []
perm_list = []
user_group_all = self.user.group.all()
for user_group in user_group_all:
perm_list.extend(user_group.perm_set.all())
for perm in perm_list:
host_group_list.append(perm.asset_group)
return host_group_list
def get_asset_group_info(self, printable=False):
"""
Get or print asset group info
获取或打印用户授权资产组
"""
asset_groups_info = {}
asset_groups = self.get_asset_group()
for asset_group in asset_groups:
asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment]
if printable:
for group_id in asset_groups_info:
if asset_groups_info[group_id][1]:
print "[%3s] %s -- %s" % (group_id,
asset_groups_info[group_id][0],
asset_groups_info[group_id][1])
else:
print "[%3s] %s" % (group_id, asset_groups_info[group_id][0])
print ''
else:
return asset_groups_info
def get_asset(self):
"""
Get the assets of under the user control.
获取主机列表
"""
assets = []
asset_groups = self.get_asset_group()
for asset_group in asset_groups:
assets.extend(asset_group.asset_set.all())
return assets
def get_asset_info(self, printable=False):
"""
Get or print the user asset info
获取或打印用户资产信息
"""
assets_info = {}
assets = self.get_asset()
for asset in assets:
asset_alias = AssetAlias.objects.filter(user=self.user, asset=asset)
if asset_alias and asset_alias[0].alias != '':
assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)]
else:
assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)]
if printable:
ips = assets_info.keys()
ips.sort()
for ip in ips:
if assets_info[ip][2]:
print '%-15s -- %s' % (ip, assets_info[ip][2])
else:
print '%-15s' % ip
print ''
else:
return assets_info
# class Jasset(object):
# """
# Jumpserver asset class
# Jumpserver资产类
# """
# def __init__(self, ip=None, id=None):
# if ip:
# asset = Asset.objects.filter(ip=ip)
# elif id:
# asset = Asset.objects.filter(id=id)
# else:
# asset = ''
#
# if asset:
# asset = asset[0]
# self.asset = asset
# self.id = asset.id
# else:
# self.id = None
#
# def __repr__(self):
# if self.id:
# return '<%s Jasset instance>' % self.asset.ip
# else:
# return 'None'
#
# def __getattr__(self, item):
# if self.id:
# return getattr(self.asset, item)
# else:
# return None
#
# def validate(self):
# """
# Validate is or not a true asset
# 判断是否存在
# """
# if self.id:
# return True
# else:
# return False
#
# def get_user(self):
# perm_list = []
# asset_group_all = self.bis_group.all()
# for asset_group in asset_group_all:
# perm_list.extend(asset_group.perm_set.all())
#
# user_group_list = []
# for perm in perm_list:
# user_group_list.append(perm.user_group)
#
# user_permed_list = []
# for user_group in user_group_list:
# user_permed_list.extend(user_group.user_set.all())
# user_permed_list = list(set(user_permed_list))
# return user_permed_list
class Jasset(object):
"""
Jumpserver asset class
Jumpserver资产类
"""
def __init__(self, ip=None, id=None):
if ip:
asset = Asset.objects.filter(ip=ip)
elif id:
asset = Asset.objects.filter(id=id)
else:
asset = ''
if asset:
asset = asset[0]
self.asset = asset
self.id = asset.id
else:
self.id = None
def __repr__(self):
if self.id:
return '<%s Jasset instance>' % self.asset.ip
else:
return 'None'
def __getattr__(self, item):
if self.id:
return getattr(self.asset, item)
else:
return None
def validate(self):
"""
Validate is or not a true asset
判断是否存在
"""
if self.id:
return True
else:
return False
def get_user(self):
perm_list = []
asset_group_all = self.asset.bis_group.all()
for asset_group in asset_group_all:
perm_list.extend(asset_group.perm_set.all())
user_group_list = []
for perm in perm_list:
user_group_list.append(perm.user_group)
user_permed_list = []
for user_group in user_group_list:
user_permed_list.extend(user_group.user_set.all())
user_permed_list = list(set(user_permed_list))
return user_permed_list
class JassetGroup(object):
"""
Jumpserver AssetGroup class
Jumpserver 资产组类
"""
def __init__(self, name=None, id=None):
if id:
asset_group = BisGroup.objects.filter(id=int(id))
elif name:
asset_group = BisGroup.objects.filter(name=name)
else:
asset_group = ''
if asset_group:
asset_group = asset_group[0]
self.asset_group = asset_group
# self.name = asset_group.name
self.id = asset_group.id
else:
self.id = None
def __repr__(self):
if self.id:
return '<%s JassetGroup instance>' % self.name
else:
return 'None'
def validate(self):
"""
Validate it is a true asset group or not
鉴定是否为真是存在的组
"""
if self.id:
return True
else:
return False
def get_asset(self):
return self.asset_group.asset_set.all()
def get_asset_info(self, printable=False):
assets = self.get_asset()
for asset in assets:
if asset.comment:
print '%-15s -- %s' % (asset.ip, asset.comment)
else:
print '%-15s' % asset.ip
print ''
def get_asset_num(self):
return len(self.get_asset())
def get_user_group(self):
perm_list = self.asset_group.perm_set.all()
user_group_list = []
for perm in perm_list:
user_group_list.append(perm.user_group)
return user_group_list
def get_user(self):
user_list = []
user_group_list = self.get_user_group()
for user_group in user_group_list:
user_list.extend(user_group.user_set.all())
return user_list
def is_permed(self, user=None, user_group=None):
if user:
if user in self.get_user():
return True
if user_group:
if user_group in self.get_user_group():
return True
return False
# class JassetGroup(object):
# """
# Jumpserver AssetGroup class
# Jumpserver 资产组类
# """
# def __init__(self, name=None, id=None):
# if id:
# asset_group = BisGroup.objects.filter(id=int(id))
# elif name:
# asset_group = BisGroup.objects.filter(name=name)
# else:
# asset_group = ''
#
# if asset_group:
# asset_group = asset_group[0]
# self.asset_group = asset_group
# # self.name = asset_group.name
# self.id = asset_group.id
# else:
# self.id = None
#
# def __repr__(self):
# if self.id:
# return '<%s JassetGroup instance>' % self.name
# else:
# return 'None'
#
# def validate(self):
# """
# Validate it is a true asset group or not
# 鉴定是否为真是存在的组
# """
# if self.id:
# return True
# else:
# return False
#
# def get_asset(self):
# return self.asset_group.asset_set.all()
#
# def get_asset_info(self, printable=False):
# assets = self.get_asset()
# for asset in assets:
# if asset.comment:
# print '%-15s -- %s' % (asset.ip, asset.comment)
# else:
# print '%-15s' % asset.ip
# print ''
#
# def get_asset_num(self):
# return len(self.get_asset())
#
# def get_user_group(self):
# perm_list = self.asset_group.perm_set.all()
# user_group_list = []
# for perm in perm_list:
# user_group_list.append(perm.user_group)
# return user_group_list
#
# def get_user(self):
# user_list = []
# user_group_list = self.get_user_group()
# for user_group in user_group_list:
# user_list.extend(user_group.user_set.all())
# return user_list
#
# def is_permed(self, user=None, user_group=None):
# if user:
# if user in self.get_user():
# return True
#
# if user_group:
# if user_group in self.get_user_group():
# return True
# return False
# def asset_perm_api(asset):

84
juser/models.py
View File

@ -1,3 +1,5 @@
#coding: utf-8
from django.db import models
@ -32,10 +34,90 @@ class User(models.Model):
dept = models.ForeignKey(DEPT)
group = models.ManyToManyField(UserGroup)
ldap_pwd = models.CharField(max_length=128)
ssh_key_pwd = models.CharField(max_length=100)
ssh_key_pwd = models.CharField(max_length=200)
is_active = models.BooleanField(default=True)
last_login = models.DateTimeField(null=True)
date_joined = models.DateTimeField(null=True)
def __unicode__(self):
return self.username
def get_asset_group(self):
"""
Get user host_groups.
获取用户有权限的主机组
"""
host_group_list = []
perm_list = []
user_group_all = self.group.all()
for user_group in user_group_all:
perm_list.extend(user_group.perm_set.all())
for perm in perm_list:
host_group_list.append(perm.asset_group)
return host_group_list
def get_asset_group_info(self, printable=False):
"""
Get or print asset group info
获取或打印用户授权资产组
"""
asset_groups_info = {}
asset_groups = self.get_asset_group()
for asset_group in asset_groups:
asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment]
if printable:
for group_id in asset_groups_info:
if asset_groups_info[group_id][1]:
print "[%3s] %s -- %s" % (group_id,
asset_groups_info[group_id][0],
asset_groups_info[group_id][1])
else:
print "[%3s] %s" % (group_id, asset_groups_info[group_id][0])
print ''
else:
return asset_groups_info
def get_asset(self):
"""
Get the assets of under the user control.
获取主机列表
"""
assets = []
asset_groups = self.get_asset_group()
for asset_group in asset_groups:
assets.extend(asset_group.asset_set.all())
return assets
def get_asset_info(self, printable=False):
"""
Get or print the user asset info
获取或打印用户资产信息
"""
from jasset.models import AssetAlias
assets_info = {}
assets = self.get_asset()
for asset in assets:
asset_alias = AssetAlias.objects.filter(user=self.user, asset=asset)
if asset_alias and asset_alias[0].alias != '':
assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)]
else:
assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)]
if printable:
ips = assets_info.keys()
ips.sort()
for ip in ips:
if assets_info[ip][2]:
print '%-15s -- %s' % (ip, assets_info[ip][2])
else:
print '%-15s' % ip
print ''
else:
return assets_info

4
juser/views.py
View File

@ -13,6 +13,10 @@ from django.db.models import ObjectDoesNotExist
from jumpserver.api import *
def md5_crypt(string):
return hashlib.new("md5", string).hexdigest()
def gen_rand_pwd(num):
"""
generate random password