添加权限鉴定

2015-11-04 16:24:52 +08:00 · 2015-11-04 16:24:52 +08:00 · c8c0061244
parent ad4b68a390
commit c8c0061244
3 changed files with 11 additions and 6 deletions
--- a/jlog/views.py
+++ b/jlog/views.py
@ -14,9 +14,10 @@ from jumpserver.settings import web_socket_host
 web_socket_host = 'ws://j:8080/monitor'


+@require_role('admin')
 def log_list(request, offset):
    """ 显示日志 """
-    header_title, path1, path2 = u'查看日志', u'查看日志', u'在线用户'
+    header_title, path1 = u'审计', u'操作审计'
    date_seven_day = request.GET.get('start', '')
    date_now_str = request.GET.get('end', '')
    username_list = request.GET.getlist('username', [])
@ -54,6 +55,7 @@ def log_list(request, offset):
    return render_to_response('jlog/log_%s.html' % offset, locals(), context_instance=RequestContext(request))


+@require_role('admin')
 def log_kill(request):
    """ 杀掉connect进程 """
    pid = request.GET.get('id', '')
@ -70,6 +72,7 @@ def log_kill(request):
        return HttpResponseNotFound(u'没有此进程!')


+@require_role('admin')
 def log_history(request):
    """ 命令历史记录 """
    log_id = request.GET.get('id', 0)
@ -87,6 +90,7 @@ def log_history(request):
    return HttpResponse('无日志记录, 请查看日志处理脚本是否开启!')


+@require_role('admin')
 def log_record(request):
    log_id = request.GET.get('id', 0)
    log = Log.objects.filter(id=int(log_id))
--- a/jumpserver/api.py
+++ b/jumpserver/api.py
@ -561,10 +561,10 @@ def require_role(role='user'):

    def _deco(func):
        def __deco(request, *args, **kwargs):
-            if role == 'user':
-                if not request.user.is_authenticated():
-                    return HttpResponseRedirect('/login/')
-            elif role == 'admin':
+            if not request.user.is_authenticated():
+                return HttpResponseRedirect('/login/')
+            
+            if role == 'admin':
                # if request.session.get('role_id', 0) < 1:
                if request.user.role == 'CU':
                    return HttpResponseRedirect('/')
--- a/juser/user_api.py
+++ b/juser/user_api.py
@ -5,7 +5,8 @@ from subprocess import call

 from juser.models import AdminGroup
 from jumpserver.api import *
-from  jumpserver.settings import BASE_DIR
+from jumpserver.settings import BASE_DIR
+

 def group_add_user(group, user_id=None, username=None):
    """