github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

授权管理

pull/26/head
ibuler 2015-09-11 00:04:07 +08:00
parent 907c2c7e97
commit d32ea9f9a1
6 changed files with 125 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
jasset/views.py
View File

@ -6,7 +6,6 @@ from django.db.models import Q
from django.template import RequestContext from django.template import RequestContext
from django.shortcuts import get_object_or_404 from django.shortcuts import get_object_or_404
from jperm.models import Perm
from jasset.asset_api import * from jasset.asset_api import *
from jumpserver.api import * from jumpserver.api import *

5
jperm/views.py
View File

@ -12,7 +12,8 @@ from jumpserver.api import *
def user_perm(request): def user_perm(request):
return my_render('jperm/perm_add.html', locals(), request) header_title, path1, path2 = '用户授权', '授权管理', '用户授权'
return my_render('jperm/user_perm.html', locals(), request)
# def asset_cmd_groups_get(asset_groups_select='', cmd_groups_select=''): # def asset_cmd_groups_get(asset_groups_select='', cmd_groups_select=''):
@ -50,7 +51,7 @@ def user_perm(request):
# perm.user_group = user_groups # perm.user_group = user_groups
# perm.asset_group = asset_groups # perm.asset_group = asset_groups
# msg = '添加成功' # msg = '添加成功'
# return render_to_response('jperm/perm_add.html', locals(), context_instance=RequestContext(request)) # return render_to_response('jperm/user_perm.html', locals(), context_instance=RequestContext(request))
# #
# #
# def dept_add_asset(dept_id, asset_list): # def dept_add_asset(dept_id, asset_list):

5
jumpserver/context_processors.py
View File

@ -1,7 +1,6 @@
from juser.models import User from juser.models import User
from jasset.models import Asset from jasset.models import Asset
from jumpserver.api import * from jumpserver.api import *
from jperm.models import Apply
def name_proc(request): def name_proc(request):
@ -15,8 +14,6 @@ def name_proc(request):
# else: # else:
# pass # pass
username = User.objects.get(id=user_id).name
apply_info = Apply.objects.filter(admin=username, status=0, read=0)
request.session.set_expiry(3600) request.session.set_expiry(3600)
info_dic = {'session_user_id': user_id, info_dic = {'session_user_id': user_id,
@ -25,7 +22,7 @@ def name_proc(request):
'user_active_num': user_active_num, 'user_active_num': user_active_num,
'host_total_num': host_total_num, 'host_total_num': host_total_num,
'host_active_num': host_active_num, 'host_active_num': host_active_num,
'apply_info': apply_info} }
return info_dic return info_dic

2
jumpserver/templatetags/mytags.py
View File

@ -5,7 +5,7 @@ import ast
import time import time
from django import template from django import template
from jperm.models import CmdGroup # from jperm.models import CmdGroup
from jumpserver.api import * from jumpserver.api import *
from jasset.models import AssetAlias from jasset.models import AssetAlias

220
jumpserver/views.py
View File

@ -9,7 +9,7 @@ from django.shortcuts import render_to_response
from django.template import RequestContext from django.template import RequestContext
from django.http import HttpResponseNotFound from django.http import HttpResponseNotFound
from django.http import HttpResponse from django.http import HttpResponse
from jperm.models import Apply # from jperm.models import Apply
import paramiko import paramiko
from jumpserver.api import * from jumpserver.api import *
@ -123,7 +123,7 @@ def index(request):
color = ['label-success', 'label-info', 'label-primary', 'label-default', 'label-warnning'] color = ['label-success', 'label-info', 'label-primary', 'label-default', 'label-warnning']
# perm apply latest 10 # perm apply latest 10
perm_apply_10 = Apply.objects.order_by('-date_add')[:10] # perm_apply_10 = Apply.objects.order_by('-date_add')[:10]
# latest 10 login # latest 10 login
login_10 = Log.objects.order_by('-start_time')[:10] login_10 = Log.objects.order_by('-start_time')[:10]
@ -229,120 +229,120 @@ def logout(request):
request.session.delete() request.session.delete()
return HttpResponseRedirect('/login/') return HttpResponseRedirect('/login/')
def filter_ajax_api(request):
attr = request.GET.get('attr', 'user')
value = request.GET.get('value', '')
if attr == 'user':
contact_list = User.objects.filter(name__icontains=value)
elif attr == "user_group":
contact_list = UserGroup.objects.filter(name__icontains=value)
elif attr == "asset":
contact_list = Asset.objects.filter(ip__icontains=value)
elif attr == "asset":
contact_list = BisGroup.objects.filter(name__icontains=value)
return render_to_response('filter_ajax_api.html', locals())
def install(request):
from juser.models import DEPT, User
if User.objects.filter(id=5000):
return http_error(request, 'Jumpserver已初始化不能重复安装')
dept = DEPT(id=1, name="超管部", comment="超级管理部门")
dept.save()
dept2 = DEPT(id=2, name="默认", comment="默认部门")
dept2.save()
IDC(id=1, name="默认", comment="默认IDC").save()
BisGroup(id=1, name="ALL", dept=dept, comment="所有主机组").save()
User(id=5000, username="admin", password=PyCrypt.md5_crypt('admin'),
name='admin', email='admin@jumpserver.org', role='SU', is_active=True, dept=dept).save()
return http_success(request, u'Jumpserver初始化成功')
def download(request):
return render_to_response('download.html', locals(), context_instance=RequestContext(request))
def transfer(sftp, filenames):
# pool = Pool(processes=5)
for filename, file_path in filenames.items():
print filename, file_path
sftp.put(file_path, '/tmp/%s' % filename)
# pool.apply_async(transfer, (sftp, file_path, '/tmp/%s' % filename))
sftp.close()
# pool.close()
# pool.join()
def upload(request):
pass
# user, dept = get_session_user_dept(request)
# if request.method == 'POST':
# hosts = request.POST.get('hosts')
# upload_files = request.FILES.getlist('file[]', None)
# upload_dir = "/tmp/%s" % user.username
# is_dir(upload_dir)
# date_now = datetime.datetime.now().strftime("%Y%m%d%H%M%S")
# hosts_list = hosts.split(',')
# user_hosts = [asset.ip for asset in user.get_asset()]
# unperm_hosts = []
# filenames = {}
# for ip in hosts_list:
# if ip not in user_hosts:
# unperm_hosts.append(ip)
# #
# if not hosts: # def filter_ajax_api(request):
# return HttpResponseNotFound(u'地址不能为空') # attr = request.GET.get('attr', 'user')
# value = request.GET.get('value', '')
# if attr == 'user':
# contact_list = User.objects.filter(name__icontains=value)
# elif attr == "user_group":
# contact_list = UserGroup.objects.filter(name__icontains=value)
# elif attr == "asset":
# contact_list = Asset.objects.filter(ip__icontains=value)
# elif attr == "asset":
# contact_list = BisGroup.objects.filter(name__icontains=value)
# #
# if unperm_hosts: # return render_to_response('filter_ajax_api.html', locals())
# print hosts_list
# return HttpResponseNotFound(u'%s 没有权限.' % ', '.join(unperm_hosts))
# #
# for upload_file in upload_files:
# file_path = '%s/%s.%s' % (upload_dir, upload_file.name, date_now)
# filenames[upload_file.name] = file_path
# f = open(file_path, 'w')
# for chunk in upload_file.chunks():
# f.write(chunk)
# f.close()
# #
# sftps = [] # def install(request):
# for host in hosts_list: # from juser.models import DEPT, User
# username, password, host, port = get_connect_item(user.username, host) # if User.objects.filter(id=5000):
# try: # return http_error(request, 'Jumpserver已初始化不能重复安装')
# t = paramiko.Transport((host, port))
# t.connect(username=username, password=password)
# sftp = paramiko.SFTPClient.from_transport(t)
# sftps.append(sftp)
# except paramiko.AuthenticationException:
# return HttpResponseNotFound(u'%s 连接失败.' % host)
# #
# dept = DEPT(id=1, name="超管部", comment="超级管理部门")
# dept.save()
# dept2 = DEPT(id=2, name="默认", comment="默认部门")
# dept2.save()
# IDC(id=1, name="默认", comment="默认IDC").save()
# BisGroup(id=1, name="ALL", dept=dept, comment="所有主机组").save()
#
# User(id=5000, username="admin", password=PyCrypt.md5_crypt('admin'),
# name='admin', email='admin@jumpserver.org', role='SU', is_active=True, dept=dept).save()
# return http_success(request, u'Jumpserver初始化成功')
#
#
# def download(request):
# return render_to_response('download.html', locals(), context_instance=RequestContext(request))
#
#
# def transfer(sftp, filenames):
# # pool = Pool(processes=5) # # pool = Pool(processes=5)
# for sftp in sftps: # for filename, file_path in filenames.items():
# transfer(sftp, filenames) # print filename, file_path
# sftp.put(file_path, '/tmp/%s' % filename)
# # pool.apply_async(transfer, (sftp, file_path, '/tmp/%s' % filename))
# sftp.close()
# # pool.close() # # pool.close()
# # pool.join() # # pool.join()
# return HttpResponse('传送成功')
# #
# return render_to_response('upload.html', locals(), context_instance=RequestContext(request)) #
# def upload(request):
# pass
def node_auth(request): # # user, dept = get_session_user_dept(request)
username = request.POST.get('username', ' ') # # if request.method == 'POST':
seed = request.POST.get('seed', ' ') # # hosts = request.POST.get('hosts')
filename = request.POST.get('filename', ' ') # # upload_files = request.FILES.getlist('file[]', None)
user = User.objects.filter(username=username, password=seed) # # upload_dir = "/tmp/%s" % user.username
auth = 1 # # is_dir(upload_dir)
if not user: # # date_now = datetime.datetime.now().strftime("%Y%m%d%H%M%S")
auth = 0 # # hosts_list = hosts.split(',')
if not filename.startswith('/opt/jumpserver/logs/connect/'): # # user_hosts = [asset.ip for asset in user.get_asset()]
auth = 0 # # unperm_hosts = []
if auth: # # filenames = {}
result = {'auth': {'username': username, 'result': 'success'}} # # for ip in hosts_list:
else: # # if ip not in user_hosts:
result = {'auth': {'username': username, 'result': 'failed'}} # # unperm_hosts.append(ip)
# #
return HttpResponse(json.dumps(result, sort_keys=True, indent=2), content_type='application/json') # # if not hosts:
# # return HttpResponseNotFound(u'地址不能为空')
# #
# # if unperm_hosts:
# # print hosts_list
# # return HttpResponseNotFound(u'%s 没有权限.' % ', '.join(unperm_hosts))
# #
# # for upload_file in upload_files:
# # file_path = '%s/%s.%s' % (upload_dir, upload_file.name, date_now)
# # filenames[upload_file.name] = file_path
# # f = open(file_path, 'w')
# # for chunk in upload_file.chunks():
# # f.write(chunk)
# # f.close()
# #
# # sftps = []
# # for host in hosts_list:
# # username, password, host, port = get_connect_item(user.username, host)
# # try:
# # t = paramiko.Transport((host, port))
# # t.connect(username=username, password=password)
# # sftp = paramiko.SFTPClient.from_transport(t)
# # sftps.append(sftp)
# # except paramiko.AuthenticationException:
# # return HttpResponseNotFound(u'%s 连接失败.' % host)
# #
# # # pool = Pool(processes=5)
# # for sftp in sftps:
# # transfer(sftp, filenames)
# # # pool.close()
# # # pool.join()
# # return HttpResponse('传送成功')
# #
# # return render_to_response('upload.html', locals(), context_instance=RequestContext(request))
#
#
# def node_auth(request):
# username = request.POST.get('username', ' ')
# seed = request.POST.get('seed', ' ')
# filename = request.POST.get('filename', ' ')
# user = User.objects.filter(username=username, password=seed)
# auth = 1
# if not user:
# auth = 0
# if not filename.startswith('/opt/jumpserver/logs/connect/'):
# auth = 0
# if auth:
# result = {'auth': {'username': username, 'result': 'success'}}
# else:
# result = {'auth': {'username': username, 'result': 'failed'}}
#
# return HttpResponse(json.dumps(result, sort_keys=True, indent=2), content_type='application/json')

24
templates/jperm/perm_add.html → templates/jperm/user_perm.html
View File

@ -16,12 +16,6 @@
<a class="dropdown-toggle" data-toggle="dropdown" href="#"> <a class="dropdown-toggle" data-toggle="dropdown" href="#">
<i class="fa fa-wrench"></i> <i class="fa fa-wrench"></i>
</a> </a>
<ul class="dropdown-menu dropdown-user">
<li><a href="#">未启用 1</a>
</li>
<li><a href="#">未启用 2</a>
</li>
</ul>
<a class="close-link"> <a class="close-link">
<i class="fa fa-times"></i> <i class="fa fa-times"></i>
</a> </a>
@ -38,16 +32,7 @@
{% endif %} {% endif %}
<div class="row"> <div class="row">
<div class="form-group"> <div class="form-group">
<label for="name" class="col-sm-2 control-label">授权名<span class="red-fonts">*</span></label> <label for="" class="col-sm-2 control-label">用户<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="name" name="name" placeholder="授权名称" type="text" class="form-control">
<span class="help-block m-b-none">取个名字方便辨识</span>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="" class="col-sm-2 control-label">用户组<span class="red-fonts">*</span></label>
<div class="col-sm-4"> <div class="col-sm-4">
<div> <div>
<select id="user_groups" name="user_groups" class="form-control" size="12" multiple> <select id="user_groups" name="user_groups" class="form-control" size="12" multiple>
@ -58,7 +43,6 @@
</div> </div>
</div> </div>
<div class="col-sm-1"> <div class="col-sm-1">
<div class="btn-group" style="margin-top: 12px;"> <div class="btn-group" style="margin-top: 12px;">
<button type="button" class="btn btn-white" onclick="move('user_groups', 'user_groups_select')"><i class="fa fa-chevron-right"></i></button> <button type="button" class="btn btn-white" onclick="move('user_groups', 'user_groups_select')"><i class="fa fa-chevron-right"></i></button>
@ -75,6 +59,12 @@
</div> </div>
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
<div class="form-group">
<label for="group_name" class="col-sm-2 control-label">类型<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="comment" name="comment" placeholder="备注说明" type="text" class="form-control">
</div>
</div>
<div class="form-group"> <div class="form-group">
<label for="" class="col-sm-2 control-label">主机组<span class="red-fonts">*</span></label> <label for="" class="col-sm-2 control-label">主机组<span class="red-fonts">*</span></label>