diff --git a/connect.py b/connect.py index f55c328cb..b269eeb42 100644 --- a/connect.py +++ b/connect.py @@ -312,6 +312,7 @@ class Tty(object): port=connect_info.get('port'), username=connect_info.get('role_name'), password=connect_info.get('role_pass'), + allow_agent=False, look_for_keys=False) except paramiko.ssh_exception.AuthenticationException, paramiko.ssh_exception.SSHException: @@ -748,7 +749,7 @@ def main(): else: try: asset = nav.search_result[int(option)] - roles = get_role(login_user, asset) + roles = nav.user_perm.get('asset').get(asset).get('role') if len(roles) > 1: role_check = dict(zip(range(len(roles)), roles)) print "\033[32m[ID] 角色\033[0m" @@ -766,7 +767,7 @@ def main(): color_print('请输入正确ID', 'red') continue elif len(roles) == 1: - role = roles[0] + role = list(roles)[0] else: color_print('没有映射用户', 'red') continue diff --git a/jlog/views.py b/jlog/views.py index a6564cbfb..3665e8968 100644 --- a/jlog/views.py +++ b/jlog/views.py @@ -23,7 +23,12 @@ def log_list(request, offset): cmd = request.GET.get('cmd', '') if offset == 'online': + keyword = request.GET.get('keyword', '') posts = Log.objects.filter(is_finished=False).order_by('-start_time') + if keyword: + posts = posts.filter(Q(user__icontains=keyword) | Q(host__icontains=keyword) | + Q(login_type_icontains=keyword)) + elif offset == 'exec': posts = ExecLog.objects.all().order_by('-id') keyword = request.GET.get('keyword', '') diff --git a/jumpserver/api.py b/jumpserver/api.py index f7ab1b7fa..cab5bf60e 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -71,17 +71,6 @@ def get_asset_info(asset): return info -def get_role(user, asset): - """ - 获取用户在这个资产上的授权角色列表 - """ - roles = [] - rules = PermRule.objects.filter(user=user, asset=asset) - for rule in rules: - roles.extend(list(rule.role.all())) - return roles - - def get_role_key(user, role): """ 由于role的key的权限是所有人可以读的, ansible执行命令等要求为600,所以拷贝一份到特殊目录 diff --git a/jumpserver/templatetags/mytags.py b/jumpserver/templatetags/mytags.py index cca4deba3..a5d70d801 100644 --- a/jumpserver/templatetags/mytags.py +++ b/jumpserver/templatetags/mytags.py @@ -237,7 +237,7 @@ def key_exist(username): """ ssh key is exist or not """ - if os.path.isfile(os.path.join(KEY_DIR, 'user', username+'pem')): + if os.path.isfile(os.path.join(KEY_DIR, 'user', username+'.pem')): return True else: return False diff --git a/juser/urls.py b/juser/urls.py index bfd3a6270..098587770 100644 --- a/juser/urls.py +++ b/juser/urls.py @@ -25,9 +25,6 @@ urlpatterns = patterns('juser.views', (r'^forget_password/$', forget_password), (r'^change_info/$', 'change_info'), - (r'^change_role/$', 'chg_role'), (r'^regen_ssh_key/$', 'regen_ssh_key'), (r'^down_key/$', 'down_key'), - - (r'runcommand/$', 'RunCommand'), ) diff --git a/juser/views.py b/juser/views.py index df0ec1787..cc18d7e9a 100644 --- a/juser/views.py +++ b/juser/views.py @@ -248,10 +248,11 @@ def user_del(request): user_id_list = user_ids.split(',') else: return HttpResponse('错误请求') + for user_id in user_id_list: user = get_object(User, id=user_id) - if user: - logger.debug("删除用户 %s " % user.username) + if user and user.username != 'admin': + logger.debug(u"删除用户 %s " % user.username) bash('userdel -r %s' % user.username) user.delete() return HttpResponse('删除成功') @@ -418,9 +419,6 @@ def change_info(request): error = '密码须大于6位' if not error: - # if password != user.password: - # password = CRYPTOR.md5_crypt(password) - User.objects.filter(id=user_id).update(name=name, email=email) if len(password) > 0: user.set_password(password) @@ -454,7 +452,7 @@ def down_key(request): user = get_object(User, uuid=uuid_r) if user: username = user.username - private_key_file = os.path.join(KEY_DIR, 'user', username+'pem') + private_key_file = os.path.join(KEY_DIR, 'user', username+'.pem') print private_key_file if os.path.isfile(private_key_file): f = open(private_key_file) diff --git a/templates/jlog/log_exec.html b/templates/jlog/log_exec.html index 8dcf31711..5de2ccf9f 100644 --- a/templates/jlog/log_exec.html +++ b/templates/jlog/log_exec.html @@ -9,7 +9,7 @@
-
+
批量命令日志
@@ -33,20 +33,19 @@
  • 历史记录
  • 命令记录
  • 上传下载
    • - -
    -
    -
    -
    diff --git a/templates/jlog/log_file.html b/templates/jlog/log_file.html index 4aaf4ba90..bad4ddb09 100644 --- a/templates/jlog/log_file.html +++ b/templates/jlog/log_file.html @@ -33,20 +33,19 @@
  • 历史记录
  • 命令记录
  • 上传下载
    • - - -
    -
    - -
    - -
    - -
    +
    + +
    + +
    + +
    +
    +
    - +
    @@ -70,7 +69,7 @@ - + diff --git a/templates/jlog/log_offline.html b/templates/jlog/log_offline.html index c2ca33459..9f2d6c2bd 100644 --- a/templates/jlog/log_offline.html +++ b/templates/jlog/log_offline.html @@ -58,7 +58,6 @@
  • 上传下载
    • -
    @@ -89,7 +88,7 @@
    diff --git a/templates/jlog/log_online.html b/templates/jlog/log_online.html index 3c522e056..d5ed8aea6 100644 --- a/templates/jlog/log_online.html +++ b/templates/jlog/log_online.html @@ -71,9 +71,20 @@
  • 历史记录
  • 命令记录
  • 上传下载
    • +
    + +
    + +
    + +
    +
    + +
    -
    {{ post.id }} {{ post.user }} {{ post.host | truncatechars:30 }} {{ post.filename | truncatechars:30 }} {{ post.filename | truncatechars:20 }} {{ post.type }} {{ post.remote_ip }} {{ post.datetime|date:"Y-m-d H:i:s"}}
    diff --git a/templates/juser/user_list.html b/templates/juser/user_list.html index bce395fb5..0140b3170 100644 --- a/templates/juser/user_list.html +++ b/templates/juser/user_list.html @@ -123,6 +123,7 @@ $(".gradeX input:checked").each(function() { check_array.push($(this).attr("value")) }); + console.log(check_array.join(",")); $.post("/juser/user_del/", {id: check_array.join(",")}, function(data){ diff --git a/templates/nav.html b/templates/nav.html index c10f9733c..6611f0fcc 100644 --- a/templates/nav.html +++ b/templates/nav.html @@ -9,8 +9,8 @@
  • 用户管理