Merge branch 'master' into dev

.gitignore

@@ -37,6 +37,7 @@ nosetests.xml
 .mr.developer.cfg
 .project
 .pydevproject
+.settings
 *.log
 logs/*
 keys/*

connect.py

@@ -582,12 +582,15 @@ class Nav(object):
                     role = role_check[int(role_id)]
             elif len(roles) == 1:  # 授权角色数为1
                 role = roles[0]
+            else:
+                color_print('当前用户未被授予角色，无法执行任何操作，如有疑问请联系管理员。')
+                return
             assets = list(self.user_perm.get('role', {}).get(role).get('asset'))  # 获取该用户，角色授权主机
             print "授权包含该系统用户的所有主机"
             for asset in assets:
                 print ' %s' % asset.hostname
             print
-            print "请输入主机名或ansile支持的pattern, 多个主机:分隔, q退出"
+            print "请输入主机名或ansible支持的pattern, 多个主机:分隔, q退出"
             pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
             if pattern == 'q':
                 break
@@ -629,7 +632,7 @@ class Nav(object):
                 self.user_perm = get_group_user_perm(self.user)
             try:
                 print "进入批量上传模式"
-                print "请输入主机名或ansile支持的pattern, 多个主机:分隔 q退出"
+                print "请输入主机名或ansible支持的pattern, 多个主机:分隔 q退出"
                 pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
                 if pattern == 'q':
                     break
@@ -682,7 +685,7 @@ class Nav(object):
                 self.user_perm = get_group_user_perm(self.user)
             try:
                 print "进入批量下载模式"
-                print "请输入主机名或ansile支持的pattern, 多个主机:分隔,q退出"
+                print "请输入主机名或ansible支持的pattern, 多个主机:分隔,q退出"
                 pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
                 if pattern == 'q':
                     break

install/install.py

@@ -101,6 +101,7 @@ class PreSetup(object):
         color_print('默认用户名: %s 默认密码: %s' % (self.db_user, self.db_pass), 'green')
         bash('yum -y install mysql-server')
         bash('service mysqld start')
+        bash('chkconfig mysqld on')
         bash('mysql -e "create database %s default charset=utf8"' % self.db)
         bash('mysql -e "grant all on %s.* to \'%s\'@\'%s\' identified by \'%s\'"' % (self.db,
                                                                                      self.db_user,

install/next.py

@@ -18,7 +18,7 @@ if django.get_version() != '1.6':
 
 from juser.user_api import db_add_user, get_object, User
 from install import color_print
-from jumpserver.api import get_mac_address
+from jumpserver.api import get_mac_address, bash
 
 socket.setdefaulttimeout(2)
 
@@ -84,6 +84,7 @@ class Setup(object):
     def _cp_zzsh():
         os.chdir(os.path.join(jms_dir, 'install'))
         shutil.copy('zzjumpserver.sh', '/etc/profile.d/')
+        bash("sed -i 's#/opt/jumpserver#%s#g' /etc/profile.d/zzjumpserver.sh" % jms_dir)
 
     @staticmethod
     def _run_service():

jlog/log_api.py

@@ -6,7 +6,10 @@ from contextlib import closing
 from io import open as copen
 from json import dumps
 from math import ceil
+import datetime
+import time
 import re
+import os
 from os.path import basename, dirname, exists, join
 from struct import unpack
 from subprocess import Popen
@@ -17,6 +20,7 @@ from jinja2 import FileSystemLoader, Template
 from jinja2.environment import Environment
 
 from jumpserver.api import BASE_DIR
+from jlog.models import Log
 
 
 DEFAULT_TEMPLATE = join(BASE_DIR, 'templates', 'jlog', 'static.jinja2')
@@ -75,3 +79,28 @@ def renderTemplate(script_path, time_file_path, dimensions=(24, 80), templatenam
     return rendered
 
 
+def kill_invalid_connection():
+    long_time_logs = []
+    unfinished_logs = Log.objects.filter(is_finished=False)
+    now = datetime.datetime.now()
+    now_timestamp = int(time.mktime(now.timetuple()))
+    for log in unfinished_logs:
+        if (now - log.start_time).days > 1:
+            long_time_logs.append(log)
+
+    for log in long_time_logs:
+        try:
+            log_file_mtime = int(os.stat(log.log_path).st_mtime)
+        except OSError:
+            log_file_mtime = 0
+
+        if (now_timestamp - log_file_mtime) > 3600:
+            try:
+                os.kill(int(log.pid), 9)
+            except OSError:
+                pass
+
+            log.is_finished = True
+            log.end_time = now
+            log.save()
+

jumpserver/settings.py

@@ -152,5 +152,6 @@ STATIC_URL = '/static/'
 BOOTSTRAP_COLUMN_COUNT = 10
 
 CRONJOBS = [
-    ('0 1 * * *', 'jasset.asset_api.asset_ansible_update_all')
+    ('0 1 * * *', 'jasset.asset_api.asset_ansible_update_all'),
+    ('1 * * * *', 'jlog.log_api.kill_invalid_connection'),
 ]

templates/jasset/asset_list.html

@@ -243,8 +243,9 @@
                             area: ['628px', '420px'],
                             content: new_url+data
                         });
+                        window.open(new_url+data, '_blank', 'toolbar=yes, location=yes, scrollbars=yes, resizable=yes, copyhistory=yes, width=628, height=400')
                         */
-                        window.open(new_url+data, '', 'width=628px, height=380px')
+                        window.open(new_url+data, '', 'width=628px, height=380px');
                     }  else if (dataArray.length == 1 && data != 'error'){
                        /*layer.open({
                             type: 2,
@@ -255,7 +256,7 @@
                             content: new_url+data
                         });
                         */
-                        window.open(new_url+data, '', 'width=628px, height=440px')
+                        window.open(new_url+data, '_blank', 'toolbar=yes, location=yes, copyhistory=yes, scrollbars=yes, width=628, height=410');
 
                     }
                     else {
@@ -292,7 +293,7 @@
             content: new_url
             });
             */
-            window.open(new_url, '', 'height=628px, width=380px')
+            window.open(new_url, '_blank', 'toolbar=yes, location=yes, copyhistory=yes, scrollbars=yes, width=628, height=400')
 
         } else {
             /*
@@ -305,7 +306,7 @@
             content: new_url
             });
             */
-            window.open(new_url, '', 'height=628px, width=452px')
+            window.open(new_url, '_blank', 'toolbar=yes, location=yes, copyhistory=yes, scrollbars=yes, width=628, height=410');
         }
 
         return false

templates/jlog/web_terminal.html

@@ -117,7 +117,7 @@
                 $('.terminal').css('width', window.innerWidth-25);
                 console.log(window.innerWidth);
                 console.log(window.innerWidth-10);
-                var rows = Math.floor(window.innerHeight/rowHeight) - 1;
+                var rows = Math.floor(window.innerHeight/rowHeight) - 2;
                 var cols = Math.floor(window.innerWidth/colWidth) - 1;
 
                 return {rows: rows, cols: cols};

templates/jperm/perm_role_add.html

@@ -93,7 +93,7 @@ $('#roleForm').validator({
     theme: "yellow_right_effect",
     rules: {
         check_name: [/(?!^root$)^[\w.]{2,20}$/i, '大小写字母数字和下划线小数点,2-20位,并且非root'],
-        check_begin: [/^[\-]+BEGIN RSA PRIVATE KEY[\-]+/gm, 'RSA Key填写有误，请检查'],
+        check_begin: [/^[\-]+BEGIN R|DSA PRIVATE KEY[\-]+/gm, 'RSA|DSA Key填写有误，请检查']
 
     },
 
@@ -108,7 +108,7 @@ $('#roleForm').validator({
             rule: "check_begin",
             ok: "",
             empty: true
-        },
+        }
 
     },
     valid: function(form) {

templates/jperm/role_sudo.j2

@@ -46,7 +46,7 @@ add_role_chosen() {
 
 
 check_syntax(){
-    visudo -c -f $1
+    /usr/sbin/visudo -c -f $1
 }
 
 cp $real_file $tmp_file && add_cmd_alias $tmp_file && add_role_chosen $tmp_file || exit 1