fix (jperm): 统一调整系统用户 仅使用秘钥进行通信， 已存在的用户不会修改密码

1. perm_role_push 模板取消密码选项，但是为了 那么留下秘钥推送可勾选，允许空推送
2. perm_role_add 同上 取消 密码选项
3. perm_role_edit 同上 取消 密码选项
4. views 调整role push add edit 相关视图
5. perm_api，调整 gen_resource，仅支持秘钥认证（是否需要支持密码认证，我觉得没必要，如果需要请提出)

close #100
close #127

jperm/perm_api.py

@@ -182,8 +182,9 @@ def gen_resource(ob, perm=None):
                 info = {'hostname': asset.hostname,
                         'ip': asset.ip,
                         'port': asset_info.get('port', 22),
+                        'ansible_ssh_private_key_file': role_key,
                         'username': role.name,
-                        'password': CRYPTOR.decrypt(role.password)
+                        # 'password': CRYPTOR.decrypt(role.password)
                        }
 
                 if os.path.isfile(role_key):

jperm/views.py

@@ -519,12 +519,12 @@ def perm_role_push(request):
             ret["pass_push"] = task.add_user(role.name)
             ret["key_push"] = task.push_key(role.name, os.path.join(role.key_path, 'id_rsa.pub'))
 
-        # 2. 推送账号密码
-        elif password_push:
-            ret["pass_push"] = task.add_user(role.name, CRYPTOR.decrypt(role.password))
+        # 2. 推送账号密码 <为了安全 系统用户统一使用秘钥进行通信， 不再提供密码方式的推送>
+        # elif password_push:
+        #     ret["pass_push"] = task.add_user(role.name, CRYPTOR.decrypt(role.password))
 
         # 3. 推送sudo配置文件
-        if password_push or key_push:
+        if key_push:
             sudo_list = set([sudo for sudo in role.sudo.all()])  # set(sudo1, sudo2, sudo3)
             if sudo_list:
                 ret['sudo'] = task.push_sudo_file([role], sudo_list)

jumpserver.conf

@@ -1,6 +1,6 @@
 [base]
-url = http://192.168.244.129
-key = i6k2zeu8x6mncl76
+url = http://192.168.10.165
+key = 941enj9neshd1wes
 ip = 0.0.0.0
 port = 80
 log = debug
@@ -14,9 +14,9 @@ database = jumpserver
 
 [mail]
 mail_enable = 1
-email_host = smtp.exmail.qq.com
-email_port = 25
-email_host_user = noreply@jumpserver.org
-email_host_password = xxxxxxxxxx
+email_host = 
+email_port = 587
+email_host_user = 
+email_host_password = 
 email_use_tls = True
 

templates/jperm/perm_role_add.html

@@ -40,13 +40,13 @@
                                 </div>
                             </div>
                             <div class="hr-line-dashed"></div>
-                            <div class="form-group">
-                                <label for="role_password" class="col-sm-2 control-label">用户密码</label>
-                                <div class="col-sm-8">
-                                    <input id="role_password" name="role_password" placeholder="Role Password" type="password" class="form-control">
-                                    <span class="help-block m-b-none">如果不添加密码，会自动生成</span>
-                                </div>
-                            </div>
+{#                            <div class="form-group">#}
+{#                                <label for="role_password" class="col-sm-2 control-label">用户密码</label>#}
+{#                                <div class="col-sm-8">#}
+{#                                    <input id="role_password" name="role_password" placeholder="Role Password" type="password" class="form-control">#}
+{#                                    <span class="help-block m-b-none">如果不添加密码，会自动生成</span>#}
+{#                                </div>#}
+{#                            </div>#}
                             <div class="form-group">
                                 <label for="role_key" class="col-sm-2 control-label">用户密钥</label>
                                 <div class="col-sm-8">

templates/jperm/perm_role_edit.html

@@ -40,13 +40,13 @@
                                 </div>
                             </div>
                             <div class="hr-line-dashed"></div>
-                            <div class="form-group">
-                                <label for="role_password" class="col-sm-2 control-label">用户密码</label>
-                                <div class="col-sm-8">
-                                    <input id="role_password" name="role_password" type="password" class="form-control">
-                                    <span class="help-block m-b-none">不修改请留空</span>
-                                </div>
-                            </div>
+{#                            <div class="form-group">#}
+{#                                <label for="role_password" class="col-sm-2 control-label">用户密码</label>#}
+{#                                <div class="col-sm-8">#}
+{#                                    <input id="role_password" name="role_password" type="password" class="form-control">#}
+{#                                    <span class="help-block m-b-none">不修改请留空</span>#}
+{#                                </div>#}
+{#                            </div>#}
                             <div class="hr-line-dashed"></div>
                             <div class="form-group">
                                 <label for="role_key" class="col-sm-2 control-label">用户密钥</label>

templates/jperm/perm_role_push.html

@@ -74,16 +74,6 @@
                                         </div>
                                     </div>
                                 </div>
-                                <div class="form-group">
-                                    <label for="j_group" class="col-sm-2 control-label">使用密码</label>
-                                    <div class="col-sm-1">
-                                        <div class="radio i-checks">
-                                            <label>
-                                                <input type="checkbox" value="1" id="use_password" name="use_password">
-                                            </label>
-                                        </div>
-                                    </div>
-                                </div>
                             </div>
                             <div class="hr-line-dashed"></div>
                             <div class="form-group">