github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

修改授权web 

映射去掉 user_common 和 password_common ===
pull/6/head
ibuler 2015-01-25 23:38:58 +08:00
parent 569e12e83c
commit c460323c5b
5 changed files with 52 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
connect.py
View File

@ -240,28 +240,13 @@ def get_connect_item(username, ip):
if asset.login_type in login_type_dict: if asset.login_type in login_type_dict:
password = cryptor.decrypt(login_type_dict[asset.login_type]) password = cryptor.decrypt(login_type_dict[asset.login_type])
return username, password, ip, port return username, password, ip, port
elif asset.login_type == 'M': elif asset.login_type == 'M':
perms = asset.permission_set.filter(user=user) username = asset.username
if perms: password= cryptor.decrypt(asset.password)
perm = perms[0] return username, password, ip, port
else:
raise ServerError('Permission %s to %s does not exist.' % (username, ip))
if perm.role == 'SU':
username_super = asset.username_super
password_super = cryptor.decrypt(asset.password_super)
return username_super, password_super, ip, port
elif perm.role == 'CU':
username_common = asset.username_common
password_common = asset.password_common
return username_common, password_common, ip, port
else:
raise ServerError('Perm in %s for %s map role is not in ["SU", "CU"].' % (ip, username))
else: else:
raise ServerError('Login type is not in ["L", "S", "P", "M"]') raise ServerError('Login type is not in ["L", "S", "P", "M"]')

6
jasset/models.py
View File

@ -32,10 +32,8 @@ class Asset(models.Model):
user_group = models.ManyToManyField(UserGroup) user_group = models.ManyToManyField(UserGroup)
bis_group = models.ManyToManyField(BisGroup) bis_group = models.ManyToManyField(BisGroup)
login_type = models.CharField(max_length=1, choices=LOGIN_TYPE_CHOICES, default='L') login_type = models.CharField(max_length=1, choices=LOGIN_TYPE_CHOICES, default='L')
username_common = models.CharField(max_length=20, blank=True, null=True) username = models.CharField(max_length=20, blank=True, null=True)
password_common = models.CharField(max_length=80, blank=True, null=True) password = models.CharField(max_length=80, blank=True, null=True)
username_super = models.CharField(max_length=20, blank=True, null=True)
password_super = models.CharField(max_length=80, blank=True, null=True)
date_added = models.DateTimeField(auto_now=True, default=datetime.datetime.now(), null=True) date_added = models.DateTimeField(auto_now=True, default=datetime.datetime.now(), null=True)
is_active = models.BooleanField(default=True) is_active = models.BooleanField(default=True)
comment = models.CharField(max_length=100, blank=True, null=True) comment = models.CharField(max_length=100, blank=True, null=True)

8
jperm/models.py
View File

@ -4,16 +4,8 @@ from jasset.models import Asset
class Perm(models.Model): class Perm(models.Model):
USER_ROLE_CHOICES = (
('SU', 'SuperUser'),
('CU', 'CommonUser'),
)
user = models.ForeignKey(User) user = models.ForeignKey(User)
asset = models.ForeignKey(Asset) asset = models.ForeignKey(Asset)
role = models.CharField(choices=USER_ROLE_CHOICES,
max_length=2,
blank=True,
null=True)
def __unicode__(self): def __unicode__(self):
return '%s_%s' % (self.user.username, self.asset.ip) return '%s_%s' % (self.user.username, self.asset.ip)

20
jperm/views.py
View File

@ -1,7 +1,7 @@
# coding: utf-8 # coding: utf-8
from django.shortcuts import render_to_response from django.shortcuts import render_to_response
from django.http import HttpResponseRedirect from django.http import HttpResponseRedirect, HttpResponse
from juser.models import User, UserGroup from juser.models import User, UserGroup
from jasset.models import Asset from jasset.models import Asset
from jperm.models import Perm from jperm.models import Perm
@ -28,6 +28,13 @@ def perm_host(request):
return render_to_response('jperm/perm_host.html', locals()) return render_to_response('jperm/perm_host.html', locals())
def perm_user_host(username, ip):
user = User.objects.get(username=username)
asset = Asset.objects.get(ip=ip)
if not Perm.objects.filter(user=user, asset=asset):
Perm.objects.create(user=user, asset=asset)
def perm_edit(request): def perm_edit(request):
header_title, path1, path2 = u'授权编辑 | Perm Edit.', u'jperm', u'perm_edit' header_title, path1, path2 = u'授权编辑 | Perm Edit.', u'jperm', u'perm_edit'
if request.method == 'GET': if request.method == 'GET':
@ -35,7 +42,18 @@ def perm_edit(request):
user_id = request.GET.get('id') user_id = request.GET.get('id')
user = User.objects.get(id=user_id) user = User.objects.get(id=user_id)
assets = Asset.objects.all() assets = Asset.objects.all()
assets_permed = []
for perm in user.perm_set.all():
assets_permed.append(perm.asset)
assets_unperm = list(set(assets)-set(assets_permed))
return render_to_response('jperm/perm_edit.html', locals()) return render_to_response('jperm/perm_edit.html', locals())
else:
host_ips = request.POST.getlist('host_permed', '')
username = request.POST.get('username')
for ip in host_ips:
perm_user_host(username, ip)
return HttpResponseRedirect('/jperm/perm_host/')
def perm_add(request): def perm_add(request):

47
templates/jperm/perm_edit.html
View File

@ -21,8 +21,13 @@
function search_host(text){ function search_host(text){
$("#host_unperm").children().each(function(){$(this).remove();}); $("#host_unperm").children().each(function(){$(this).remove();});
$("#host_all").children().each(function(){ $("#host_all").children().each(function(){
if ($(this).text().search(text) != -1) { if ($(this).text().search(text) != -1){
$("#host_unperm").append($(this).clone()) {# $("#host_permed").children().each(function(){#}
{# if ($(this).text().search(text) == -1){#}
{# $("#host_unperm").append($(this).clone())#}
{# }#}
{# });#}
$("#host_unperm").append($(this).clone())
} }
}); });
} }
@ -35,7 +40,7 @@
<div class="ibox float-e-margins"> <div class="ibox float-e-margins">
<!-- title --> <!-- title -->
<div class="ibox-title"> <div class="ibox-title">
<h5>Basic form <small>Simple login form example</small></h5> <h5>授权编辑表单 <small>Edit perm of user</small></h5>
<div class="ibox-tools"> <div class="ibox-tools">
<a class="collapse-link"> <a class="collapse-link">
<i class="fa fa-chevron-up"></i> <i class="fa fa-chevron-up"></i>
@ -60,7 +65,7 @@
<div class="col-sm-5 "> <div class="col-sm-5 ">
<div class="form-group"> <div class="form-group">
<label></label> <label></label>
<input type="text" id="host_filter" placeholder="过滤" class="form-control" value="" oninput="search_host(this.value)"> <input type="text" id="host_filter" placeholder="Search" class="form-control" value="" oninput="search_host(this.value)">
</div> </div>
</div> </div>
<div class="col-sm-1 "> <div class="col-sm-1 ">
@ -71,12 +76,13 @@
<div class="col-sm-5 "> <div class="col-sm-5 ">
<div class="form-group"> <div class="form-group">
<label></label> <label></label>
<input type="text" class="form-control" value="{{ user.name }}" readonly> <input type="text" class="form-control" value="{{ user.name }}" readonly>
</div> </div>
</div> </div>
</div> </div>
<form method="post" action=""> <form method="post" action="">
<input type="text" name="username" class="form-control" value="{{ user.username }}" style="display: none">
<div class="row"> <div class="row">
<div class="col-sm-5"><h4>未授权主机</h4> <div class="col-sm-5"><h4>未授权主机</h4>
<div> <div>
@ -86,7 +92,7 @@
{% endfor %} {% endfor %}
</select> </select>
<select id="host_unperm" name="host_unperm" class="form-control m-b" size="12" multiple> <select id="host_unperm" name="host_unperm" class="form-control m-b" size="12" multiple>
{% for asset in assets %} {% for asset in assets_unperm %}
<option value="{{ asset.ip }}">{{ asset.ip }}</option> <option value="{{ asset.ip }}">{{ asset.ip }}</option>
{% endfor %} {% endfor %}
</select> </select>
@ -100,9 +106,12 @@
</div> </div>
</div> </div>
<div class="col-sm-5"><h4>授权主机</h4> <div class="col-sm-5"><h4>授权主机</h4>
<div> <div>
<select id="host_permed" name="host_permed" class="form-control m-b" size="12" multiple> <select id="host_permed" name="host_permed" class="form-control m-b" size="12" multiple>
{% for asset in assets_permed %}
<option value="{{ asset.ip }}">{{ asset.ip }}</option>
{% endfor %}
</select> </select>
</div> </div>
</div> </div>
@ -111,7 +120,7 @@
<div class="form-group"> <div class="form-group">
<div class="col-sm-4 col-sm-offset-2"> <div class="col-sm-4 col-sm-offset-2">
<button class="btn btn-white" type="submit">取消</button> <button class="btn btn-white" type="submit">取消</button>
<button class="btn btn-primary" type="submit">确认保存</button> <button class="btn btn-primary" type="submit" onclick="javascript: (function(){$('#host_permed option').each(function(){$(this).prop('selected', true)})})()">确认保存</button>
</div> </div>
</div> </div>
</div> </div>
@ -128,16 +137,16 @@
$("#"+str).addClass('active'); $("#"+str).addClass('active');
$("#"+str1).addClass('active'); $("#"+str1).addClass('active');
</script> </script>
<script type="text/javascript"> {# <script type="text/javascript">#}
$("#host_permed").children().each(function(){ {# $("#host_permed").children().each(function(){#}
$("#host_all").append($(this).clone()); {# $("#host_all").append($(this).clone());#}
{##}
if ($(this).prop("selected") == false) { {# if ($(this).prop("selected") == false) {#}
$("#host_unperm").append(this); {# $("#host_unperm").append(this);#}
} {# }#}
{##}
$("#host_all").children().each(function(){$(this).prop("selected", false)}); {# $("#host_all").children().each(function(){$(this).prop("selected", false)});#}
}); {# });#}
</script> {# </script>#}
{% endblock %} {% endblock %}