From c8c0061244f8dd91234c69230348bf8c437dd8c4 Mon Sep 17 00:00:00 2001 From: ibuler Date: Wed, 4 Nov 2015 16:24:52 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E6=9D=83=E9=99=90=E9=89=B4?= =?UTF-8?q?=E5=AE=9A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- jlog/views.py | 6 +++++- jumpserver/api.py | 8 ++++---- juser/user_api.py | 3 ++- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/jlog/views.py b/jlog/views.py index 9cad5010f..9b20a6602 100644 --- a/jlog/views.py +++ b/jlog/views.py @@ -14,9 +14,10 @@ from jumpserver.settings import web_socket_host web_socket_host = 'ws://j:8080/monitor' +@require_role('admin') def log_list(request, offset): """ 显示日志 """ - header_title, path1, path2 = u'查看日志', u'查看日志', u'在线用户' + header_title, path1 = u'审计', u'操作审计' date_seven_day = request.GET.get('start', '') date_now_str = request.GET.get('end', '') username_list = request.GET.getlist('username', []) @@ -54,6 +55,7 @@ def log_list(request, offset): return render_to_response('jlog/log_%s.html' % offset, locals(), context_instance=RequestContext(request)) +@require_role('admin') def log_kill(request): """ 杀掉connect进程 """ pid = request.GET.get('id', '') @@ -70,6 +72,7 @@ def log_kill(request): return HttpResponseNotFound(u'没有此进程!') +@require_role('admin') def log_history(request): """ 命令历史记录 """ log_id = request.GET.get('id', 0) @@ -87,6 +90,7 @@ def log_history(request): return HttpResponse('无日志记录, 请查看日志处理脚本是否开启!') +@require_role('admin') def log_record(request): log_id = request.GET.get('id', 0) log = Log.objects.filter(id=int(log_id)) diff --git a/jumpserver/api.py b/jumpserver/api.py index e0d113593..0184135f2 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -561,10 +561,10 @@ def require_role(role='user'): def _deco(func): def __deco(request, *args, **kwargs): - if role == 'user': - if not request.user.is_authenticated(): - return HttpResponseRedirect('/login/') - elif role == 'admin': + if not request.user.is_authenticated(): + return HttpResponseRedirect('/login/') + + if role == 'admin': # if request.session.get('role_id', 0) < 1: if request.user.role == 'CU': return HttpResponseRedirect('/') diff --git a/juser/user_api.py b/juser/user_api.py index 201d8175a..627768bf7 100644 --- a/juser/user_api.py +++ b/juser/user_api.py @@ -5,7 +5,8 @@ from subprocess import call from juser.models import AdminGroup from jumpserver.api import * -from jumpserver.settings import BASE_DIR +from jumpserver.settings import BASE_DIR + def group_add_user(group, user_id=None, username=None): """