github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

sudo perm

pull/6/head
guanghongwei 2015-02-06 18:39:20 +08:00
parent 121b76284a
commit c113035d3d
4 changed files with 75 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
jperm/models.py
View File

@ -9,3 +9,23 @@ class Perm(models.Model):
def __unicode__(self): def __unicode__(self):
return '%s_%s' % (self.user_group.name, self.asset_group.name) return '%s_%s' % (self.user_group.name, self.asset_group.name)
class CMD(models.Model):
cmd = models.CharField(max_length=200)
class CmdGroup(models.Model):
name = models.CharField(max_length=50)
cmd = models.ForeignKey(CMD)
comment = models.CharField(blank=True, null=True, max_length=50)
class SudoPerm(models.Model):
user = models.CharField(max_length=100)
is_user_group = models.BooleanField(default=False)
asset = models.CharField(max_length=100)
is_asset_group = models.BooleanField(default=False)
cmd = models.CharField(max_length=200)
is_cmd_group = models.BooleanField(default=False)

2
jumpserver/settings.py
View File

@ -34,7 +34,7 @@ DEBUG = True
TEMPLATE_DEBUG = True TEMPLATE_DEBUG = True
ALLOWED_HOSTS = [] ALLOWED_HOSTS = ['0.0.0.0/8']
# Application definition # Application definition

52
jumpserver/views.py
View File

@ -1,6 +1,8 @@
#coding: utf-8 #coding: utf-8
import hashlib import hashlib
import ldap
from ldap import modlist
from django.http import HttpResponse from django.http import HttpResponse
from django.shortcuts import render_to_response from django.shortcuts import render_to_response
@ -99,3 +101,53 @@ def logout(request):
request.session.delete() request.session.delete()
return HttpResponseRedirect('/login/') return HttpResponseRedirect('/login/')
class LDAPMgmt():
def __init__(self,
host_url,
base_dn,
root_cn,
root_pw):
self.ldap_host = host_url
self.ldap_base_dn = base_dn
self.conn = ldap.initialize(host_url)
self.conn.set_option(ldap.OPT_REFERRALS, 0)
self.conn.protocol_version = ldap.VERSION3
self.conn.simple_bind_s(root_cn, root_pw)
def list(self, filter, scope=ldap.SCOPE_SUBTREE, attr=None):
result = {}
try:
ldap_result = self.conn.search_s(self.ldap_base_dn, scope, filter, attr)
for entry in ldap_result:
name, data = entry
for k, v in data.items():
print '%s: %s' % (k, v)
result[k] = v
return result
except ldap.LDAPError, e:
print e
def add(self, dn, attrs):
try:
ldif = modlist.addModlist(attrs)
self.conn.add_s(dn, ldif)
except ldap.LDAPError, e:
print e
def modify(self, dn, attrs):
try:
attr_s = []
for k, v in attrs.items():
attr_s.append((2, k, v))
self.conn.modify_s(dn, attr_s)
except ldap.LDAPError, e:
print e
def delete(self, dn):
try:
self.conn.delete_s(dn)
except ldap.LDAPError, e:
print e

53
juser/views.py
View File

@ -6,8 +6,6 @@ import time
import os import os
import random import random
import subprocess import subprocess
import ldap
from ldap import modlist
from Crypto.PublicKey import RSA from Crypto.PublicKey import RSA
import crypt import crypt
from django.http import HttpResponseRedirect from django.http import HttpResponseRedirect
@ -22,7 +20,7 @@ from juser.models import UserGroup, User
from connect import PyCrypt, KEY from connect import PyCrypt, KEY
from connect import BASE_DIR from connect import BASE_DIR
from connect import CONF from connect import CONF
from jumpserver.views import md5_crypt from jumpserver.views import md5_crypt,LDAPMgmt
CRYPTOR = PyCrypt(KEY) CRYPTOR = PyCrypt(KEY)
@ -59,55 +57,6 @@ class AddError(Exception):
pass pass
class LDAPMgmt():
def __init__(self,
host_url,
base_dn,
root_cn,
root_pw):
self.ldap_host = host_url
self.ldap_base_dn = base_dn
self.conn = ldap.initialize(host_url)
self.conn.set_option(ldap.OPT_REFERRALS, 0)
self.conn.protocol_version = ldap.VERSION3
self.conn.simple_bind_s(root_cn, root_pw)
def list(self, filter, scope=ldap.SCOPE_SUBTREE, attr=None):
result = {}
try:
ldap_result = self.conn.search_s(self.ldap_base_dn, scope, filter, attr)
for entry in ldap_result:
name, data = entry
for k, v in data.items():
print '%s: %s' % (k, v)
result[k] = v
return result
except ldap.LDAPError, e:
print e
def add(self, dn, attrs):
try:
ldif = modlist.addModlist(attrs)
self.conn.add_s(dn, ldif)
except ldap.LDAPError, e:
print e
def modify(self, dn, attrs):
try:
attr_s = []
for k, v in attrs.items():
attr_s.append((2, k, v))
self.conn.modify_s(dn, attr_s)
except ldap.LDAPError, e:
print e
def delete(self, dn):
try:
self.conn.delete_s(dn)
except ldap.LDAPError, e:
print e
def gen_sha512(salt, password): def gen_sha512(salt, password):
return crypt.crypt(password, '$6$%s$' % salt) return crypt.crypt(password, '$6$%s$' % salt)