github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

hehe

pull/6/head
halcyon 2015-04-18 18:04:03 +08:00
parent 9ab855fd92
commit bd2d7ce007
3 changed files with 31 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
jasset/views.py
View File

@ -140,6 +140,7 @@ def batch_host_edit(host_info, j_user='', j_password=''):
def db_host_delete(request, host_id):
""" 删除主机操作 """
print host_id
if is_group_admin(request) and not validate(request, asset=[host_id]):
return httperror(request, '删除失败, 您无权删除!')
@ -187,10 +188,16 @@ def host_add(request):
j_group = request.POST.getlist('j_group')
j_active = request.POST.get('j_active')
j_comment = request.POST.get('j_comment')
j_dept = request.POST.getlist('j_dept')
host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment]
if is_group_admin(request) and not verify(request, asset_group=j_group, edept=j_dept):
if is_super_user(request):
j_dept = request.POST.getlist('j_dept')
host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment]
elif is_group_admin(request):
j_dept = request.POST.get('j_dept')
host_info = [j_ip, j_port, j_idc, j_type, j_group, [j_dept], j_active, j_comment]
if is_group_admin(request) and not validate(request, asset_group=j_group, edept=[j_dept]):
print j_dept
return httperror(request, u'添加失败,您无权操作!')
if Asset.objects.filter(ip=str(j_ip)):
@ -251,7 +258,7 @@ def host_add_batch(request):
return httperror(request, '添加失败, 没有%s这个部门' % dept_name)
dept_ids.append(dept_id)
if is_group_admin(request) and not verify(request, asset_group=group_ids, edept=dept_ids):
if is_group_admin(request) and not validate(request, asset_group=group_ids, edept=dept_ids):
return httperror(request, '添加失败, 没有%s这个主机组' % group_name)
if Asset.objects.filter(ip=str(j_ip)):
@ -349,7 +356,7 @@ def host_list(request):
if is_common_user(request):
return httperror(request, u'您无权查看!')
elif is_group_admin(request) and not verify(request, user_group=[gid]):
elif is_group_admin(request) and not validate(request, user_group=[gid]):
return httperror(request, u'您无权查看!')
posts = []
@ -368,7 +375,7 @@ def host_list(request):
if is_common_user(request):
return httperror(request, u'您无权查看!')
elif is_group_admin(request) and not verify(request, user_group=[sid]):
elif is_group_admin(request) and not validate(request, user_group=[sid]):
return httperror(request, u'您无权查看!')
posts, asset_groups = [], []
@ -499,7 +506,7 @@ def host_edit_adm(request):
host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment]
if not verify(request, asset_group=j_group, edept=j_dept):
if not validate(request, asset_group=j_group, edept=j_dept):
emg = u'修改失败,您无权操作!'
return my_render('jasset/host_edit.html', locals(), request)
@ -526,7 +533,7 @@ def host_detail(request):
return httperror(request, '没有此主机!')
post = post.first()
if is_group_admin(request) and not verify(request, asset=[host_id]):
if is_group_admin(request) and not validate(request, asset=[host_id]):
return httperror(request, '您无权查看!')
elif is_common_user(request):
@ -670,7 +677,7 @@ def group_add(request):
j_comment = request.POST.get('j_comment', '')
try:
if is_group_admin(request) and not verify(request, asset=j_hosts, edept=[j_dept]):
if is_group_admin(request) and not validate(request, asset=j_hosts, edept=[j_dept]):
emg = u'添加失败, 您无权操作!'
raise RaiseError
@ -705,7 +712,7 @@ def group_list(request):
if is_common_user(request):
return httperror(request, u'您无权查看!')
elif is_group_admin(request) and not verify(request, user_group=[gid]):
elif is_group_admin(request) and not validate(request, user_group=[gid]):
return httperror(request, u'您无权查看!')
posts = []
@ -720,7 +727,7 @@ def group_list(request):
if is_common_user(request):
return httperror(request, u'您无权查看!')
elif is_group_admin(request) and not verify(request, user_group=[sid]):
elif is_group_admin(request) and not validate(request, user_group=[sid]):
return httperror(request, u'您无权查看!')
posts = []
@ -765,7 +772,7 @@ def group_edit(request):
dept_id = get_session_user_info(request)[3]
eposts = Asset.objects.filter(bis_group=group)
if is_group_admin(request) and not verify(request, asset_group=[group_id]):
if is_group_admin(request) and not validate(request, asset_group=[group_id]):
return httperror(request, '编辑失败, 您无权操作!')
dept = DEPT.objects.filter(id=group.dept.id)
if dept:
@ -808,7 +815,7 @@ def group_detail(request):
posts = Asset.objects.filter(bis_group=group).order_by('ip')
elif is_group_admin(request):
if not verify(request, asset_group=[group_id]):
if not validate(request, asset_group=[group_id]):
return httperror(request, u'您无权查看!')
posts = Asset.objects.filter(bis_group=group).filter(dept=dept).order_by('ip')
@ -850,12 +857,12 @@ def group_del(request):
for i in range(int(len_list)):
key = "id_list[" + str(i) + "]"
gid = request.POST.get(key)
if is_group_admin(request) and not verify(request, asset_group=[gid]):
if is_group_admin(request) and not validate(request, asset_group=[gid]):
return httperror(request, '删除失败, 您无权删除!')
BisGroup.objects.filter(id=gid).delete()
else:
gid = int(offset)
if is_group_admin(request) and not verify(request, asset_group=[gid]):
if is_group_admin(request) and not validate(request, asset_group=[gid]):
return httperror(request, '删除失败, 您无权删除!')
BisGroup.objects.filter(id=gid).delete()
return HttpResponseRedirect('/jasset/group_list/')

19
jumpserver/api.py
View File

@ -416,9 +416,9 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None,
if asset:
dept_assets = dept.asset_set.all()
asset_ids = []
for asset in dept_assets:
asset_ids.append(str(asset.id))
for a in dept_assets:
asset_ids.append(str(a.id))
print asset, asset_ids
if not set(asset).issubset(set(asset_ids)):
return False
@ -428,7 +428,6 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None,
def verify(request, user_group=None, user=None, asset_group=None, asset=None, edept=None):
dept = get_session_user_dept(request)[1]
if edept:
print dept.id, edept[0]
if dept.id != int(edept[0]):
return False
@ -453,20 +452,18 @@ def verify(request, user_group=None, user=None, asset_group=None, asset=None, ed
dept_asset_groups = dept.bisgroup_set.all()
asset_group_ids = []
for group in dept_asset_groups:
asset_group_ids.append(group.id)
asset_group_ids.append(str(group.id))
if not set(asset_group).issubset(set(asset_group_ids)):
return False
if asset:
dept_assets = dept.asset_set.all()
assets_id, dept_assets_id = [], []
asset_ids = []
for a in dept_assets:
dept_assets_id.append(int(a.id))
for i in asset:
assets_id.append(int(i))
print assets_id, dept_assets_id
if not set(assets_id).issubset(dept_assets_id):
asset_ids.append(str(a.id))
print asset, asset_ids
if not set(asset).issubset(set(asset_ids)):
return False
return True

2
log_handler.py
View File

@ -16,7 +16,7 @@ from jlog.models import Log
def log_hanler(id):
log = Log.objects.get(id=id)
pattern = re.compile(r'(\[.*@.*\][\$#].*) | (mysql>.*)')
pattern = re.compile(r'([\[.*@.*\][\$#].* | mysql>.*])')
if log:
filename = log.log_path
if os.path.isfile(filename):