github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

perm edit fix

pull/26/head
ibuler 2015-12-09 17:27:13 +08:00
parent f74b15c1bf
commit d337b929ef
4 changed files with 66 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
jperm/views.py
View File

@ -80,18 +80,21 @@ def perm_rule_add(request):
if request.method == 'POST':
# 获取用户选择的 用户,用户组,资产,资产组,用户角色
users_select = request.POST.getlist('user', []) # 需要授权用户
user_groups_select = request.POST.getlist('usergroup', []) # 需要授权用户组
user_groups_select = request.POST.getlist('user_group', []) # 需要授权用户组
assets_select = request.POST.getlist('asset', []) # 需要授权资产
asset_groups_select = request.POST.getlist('assetgroup', []) # 需要授权资产组
asset_groups_select = request.POST.getlist('asset_group', []) # 需要授权资产组
roles_select = request.POST.getlist('role', []) # 需要授权角色
rule_name = request.POST.get('rulename')
rule_comment = request.POST.get('rule_comment')
rule_name = request.POST.get('name')
rule_comment = request.POST.get('comment')
try:
rule = get_object(PermRule, name=rule_name)
if rule:
raise ServerError(u'授权规则 %s 已存在' % rule_name)
if not rule_name or not roles_select:
raise ServerError(u'角色名称和授权角色不能为空')
# 获取需要授权的主机列表
assets_obj = [Asset.objects.get(id=asset_id) for asset_id in assets_select]
asset_groups_obj = [AssetGroup.objects.get(id=group_id) for group_id in asset_groups_select]
@ -156,31 +159,34 @@ def perm_rule_edit(request):
if request.method == 'POST' and rule_id:
# 获取用户选择的 用户,用户组,资产,资产组,用户角色
rule_name = request.POST.get('rule_name')
rule_comment = request.POST.get("rule_comment")
rule_name = request.POST.get('name')
rule_comment = request.POST.get("comment")
users_select = request.POST.getlist('user', [])
user_groups_select = request.POST.getlist('usergroup', [])
user_groups_select = request.POST.getlist('user_group', [])
assets_select = request.POST.getlist('asset', [])
asset_groups_select = request.POST.getlist('assetgroup', [])
asset_groups_select = request.POST.getlist('asset_group', [])
roles_select = request.POST.getlist('role', [])
assets_obj = [Asset.objects.get(id=asset_id) for asset_id in assets_select]
asset_groups_obj = [AssetGroup.objects.get(id=group_id) for group_id in asset_groups_select]
group_assets_obj = []
for asset_group in asset_groups_obj:
group_assets_obj.extend(list(asset_group.asset_set.all()))
calc_assets = set(group_assets_obj) | set(assets_obj) # 授权资产和资产组包含的资产
# 获取需要授权的用户列表
users_obj = [User.objects.get(id=user_id) for user_id in users_select]
user_groups_obj = [UserGroup.objects.get(id=group_id) for group_id in user_groups_select]
# group_users_obj = [user for user in [group.user_set.all() for group in user_groups_obj]]
# calc_users = set(group_users_obj) | set(users_obj)
# 获取授予的角色列表
roles_obj = [PermRole.objects.get(id=role_id) for role_id in roles_select]
need_push_asset = set()
print rule_name, roles_select
try:
if not rule_name or not roles_select:
raise ServerError(u'角色名称和授权角色不能为空')
assets_obj = [Asset.objects.get(id=asset_id) for asset_id in assets_select]
asset_groups_obj = [AssetGroup.objects.get(id=group_id) for group_id in asset_groups_select]
group_assets_obj = []
for asset_group in asset_groups_obj:
group_assets_obj.extend(list(asset_group.asset_set.all()))
calc_assets = set(group_assets_obj) | set(assets_obj) # 授权资产和资产组包含的资产
# 获取需要授权的用户列表
users_obj = [User.objects.get(id=user_id) for user_id in users_select]
user_groups_obj = [UserGroup.objects.get(id=group_id) for group_id in user_groups_select]
# group_users_obj = [user for user in [group.user_set.all() for group in user_groups_obj]]
# calc_users = set(group_users_obj) | set(users_obj)
# 获取授予的角色列表
roles_obj = [PermRole.objects.get(id=role_id) for role_id in roles_select]
need_push_asset = set()
for role in roles_obj:
asset_no_push = get_role_push_host(role=role)[0] # 获取某角色已经推送的资产
need_push_asset.update(set(calc_assets) - set(asset_no_push))
@ -188,12 +194,12 @@ def perm_rule_edit(request):
raise ServerError(u'没有推送角色 %s 的主机 %s'
% (role.name, ','.join([asset.hostname for asset in need_push_asset])))
# 仅授权成功的,写回数据库(授权规则,用户,用户组,资产,资产组,用户角色)
rule.user = users_obj
rule.user_group = user_groups_obj
rule.asset = assets_obj
rule.asset_group = asset_groups_obj
rule.role = roles_obj
# 仅授权成功的,写回数据库(授权规则,用户,用户组,资产,资产组,用户角色)
rule.user = users_obj
rule.user_group = user_groups_obj
rule.asset = assets_obj
rule.asset_group = asset_groups_obj
rule.role = roles_obj
rule.name = rule_name
rule.comment = rule.comment
rule.save()
@ -623,9 +629,11 @@ def perm_role_get(request):
asset = get_object(Asset, id=asset_id)
if asset:
role = user_have_perm(request.user, asset=asset)
logger.debug('#' + ','.join([i.name for i in role]) + '#')
return HttpResponse(','.join([i.name for i in role]))
else:
roles = get_group_user_perm(request.user).get('role').keys()
return HttpResponse(','.join(i.name for i in roles))
return HttpResponse('error')

8
templates/jasset/asset_list.html
View File

@ -219,9 +219,9 @@
});
$('.conn').click(function(){
var url='/jperm/role/get/?id=' + $(this).attr('value');
var url='/jperm/role/get/?id=' + $(this).attr('value'); // 获取用户有权限的角色
var href = $(this).attr('href');
var new_url = '/jlog/web_terminal/?id=' + $(this).attr('value') + '&role=';
var new_url = '/jlog/web_terminal/?id=' + $(this).attr('value') + '&role='; // webterminal socket url
var hostname = $(this).closest('tr').find('.hostname a')[0].innerHTML;
$.ajax({
type: 'GET',
@ -229,6 +229,8 @@
data: {},
success: function(data){
var dataArray = data.split(',');
console.log(data+'a');
console.log(dataArray);
if (dataArray.length == 1 && data != 'error'){
var title = 'Jumpserver Web Terminal' + '<span class="text-info"> '+ hostname +'</span>';
console.log(new_url+data);
@ -241,7 +243,7 @@
content: new_url+data
});
//window.open(new_url + data, '', 'location=no, resizeable=no, height=410, width=625, top=89px, left=99px,toolbar=no,menubar=no,scrollbars=auto,status=no');
} else if (dataArray.length == '1' && data == 'error'){
} else if (data == 'error' || data == '' || data == null || data == undefined){
layer.alert('没有授权角色')
} else {
aUrl = '';

21
templates/jperm/perm_rule_add.html
View File

@ -34,9 +34,9 @@
<div class="alert alert-success text-center">{{ msg }}</div>
{% endif %}
<div class="form-group">
<label for="rulename" class="col-sm-2 control-label">授权名称<span class="red-fonts">*</span></label>
<label for="name" class="col-sm-2 control-label">授权名称<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="rulename" name="rulename" placeholder="Rule Name" type="text" class="form-control">
<input id="name" name="name" placeholder="Rule Name" type="text" class="form-control">
</div>
</div>
<div class="hr-line-dashed"></div>
@ -52,10 +52,9 @@
</div>
</div>
<div class="form-group">
<label for="usergroup" class="col-sm-2 control-label">用户组</label>
<label for="user_group" class="col-sm-2 control-label">用户组</label>
<div class="col-sm-8">
<select name="usergroup" id="usergroup" data-placeholder="请选择用户组" class="chosen-select form-control m-b" multiple tabindex="2">
<select name="user_group" id="user_group" data-placeholder="请选择用户组" class="chosen-select form-control m-b" multiple tabindex="2">
{% for user_group in user_groups %}
<option value="{{ user_group.id }}">{{ user_group.name }}</option>
{% endfor %}
@ -75,9 +74,9 @@
</div>
</div>
<div class="form-group">
<label for="assetgroup" id="assetgroup" class="col-sm-2 control-label">资产组</label>
<label for="asset_group" id="asset_group" class="col-sm-2 control-label">资产组</label>
<div class="col-sm-8">
<select name="assetgroup" data-placeholder="请选择资产组" class="chosen-select form-control m-b" multiple tabindex="2">
<select name="asset_group" data-placeholder="请选择资产组" class="chosen-select form-control m-b" multiple tabindex="2">
{% for asset_group in asset_groups %}
<option value="{{ asset_group.id }}">{{ asset_group.name }}</option>
{% endfor %}
@ -100,7 +99,7 @@
<div class="form-group">
<label for="comment" class="col-sm-2 control-label">备注</label>
<div class="col-sm-8">
<input id="rule_comment" name="rule_comment" placeholder="Rule Comment" type="text" class="form-control" {% if error %}value="{{ username }}" {% endif %}>
<input id="comment" name="comment" placeholder="Rule Comment" type="text" class="form-control" {% if error %}value="{{ username }}" {% endif %}>
</div>
</div>
<div class="hr-line-dashed"></div>
@ -133,17 +132,17 @@ $('#ruleForm').validator({
},
fields: {
"rulename": {
"name": {
rule: "required;check_name",
tip: "输入规则名称",
msg: {required: "规则名称必填"}
},
"usergroup": {
"user_group": {
rule: "required(check_user)",
tip: "请选择用户组",
msg: {required: "用户和用户组必选一个!"}
},
"assetgroup": {
"asset_group": {
rule: "required(check_asset)",
tip: "输入资产组",
msg: {required: "资产和资产组必选一个!"}

23
templates/jperm/perm_rule_edit.html
View File

@ -34,9 +34,9 @@
<div class="alert alert-success text-center">{{ msg }}</div>
{% endif %}
<div class="form-group">
<label for="rulename" class="col-sm-2 control-label">授权名称<span class="red-fonts">*</span></label>
<label for="name" class="col-sm-2 control-label">授权名称<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="rulename" name="rulename" placeholder="Rule Name" type="text" class="form-control" value={{ rule.name }}>
<input id="name" name="name" placeholder="Rule Name" type="text" class="form-control" value={{ rule.name }}>
</div>
</div>
<div class="hr-line-dashed"></div>
@ -52,9 +52,9 @@
</div>
</div>
<div class="form-group">
<label for="usergroup" class="col-sm-2 control-label">用户组</label>
<label for="user_group" class="col-sm-2 control-label">用户组</label>
<div class="col-sm-8">
<select name="usergroup" id="usergroup" data-placeholder="请选择用户组" class="chosen-select form-control m-b" multiple tabindex="2">
<select name="user_group" id="user_group" data-placeholder="请选择用户组" class="chosen-select form-control m-b" multiple tabindex="2">
{% for user_group in user_groups %}
<option value="{{ user_group.id }}"{% if user_group in rule.user_group.all %} selected {% endif %}>{{ user_group.name }}</option>
{% endfor %}
@ -74,9 +74,9 @@
</div>
</div>
<div class="form-group">
<label for="assetgroup" id="assetgroup" class="col-sm-2 control-label">资产组</label>
<label for="asset_group" id="asset_group" class="col-sm-2 control-label">资产组</label>
<div class="col-sm-8">
<select name="assetgroup" data-placeholder="请选择资产组" class="chosen-select form-control m-b" multiple tabindex="2">
<select name="asset_group" data-placeholder="请选择资产组" class="chosen-select form-control m-b" multiple tabindex="2">
{% for asset_group in asset_groups %}
<option value="{{ asset_group.id }}"{% if asset_group in rule.asset_group.all %} selected {% endif %}>{{ asset_group.name }}</option>
{% endfor %}
@ -86,7 +86,7 @@
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="role" class="col-sm-2 control-label">角色<span class="red-fonts">*</span></label>
<div class="col-sm-8" id="role_name">
<div class="col-sm-8">
<select name="role" data-placeholder="请选择角色" class="chosen-select form-control m-b" multiple tabindex="2">
{% for role in roles %}
<option value="{{ role.id }}"{% if role in rule.role.all %} selected {% endif %}>{{ role.name }}</option>
@ -99,7 +99,7 @@
<div class="form-group">
<label for="comment" class="col-sm-2 control-label">备注</label>
<div class="col-sm-8">
<input id="rule_comment" name="rule_comment" placeholder="Rule Comment" type="text" class="form-control" value="{{ rule.comment }}">
<input id="comment" name="rule_comment" placeholder="Rule Comment" type="text" class="form-control" value="{{ rule.comment }}">
</div>
</div>
<div class="hr-line-dashed"></div>
@ -118,6 +118,7 @@
{% endblock %}
{% block self_footer_js %}
<script>
$('#ruleForm').validator({
timely: 2,
theme: "yellow_right_effect",
@ -132,17 +133,17 @@ $('#ruleForm').validator({
},
fields: {
"rulename": {
"name": {
rule: "required;check_name",
tip: "输入规则名称",
msg: {required: "规则名称必填"}
},
"usergroup": {
"user_group": {
rule: "required(check_user)",
tip: "请选择用户组",
msg: {required: "用户和用户组必选一个!"}
},
"assetgroup": {
"asset_group": {
rule: "required(check_asset)",
tip: "输入资产组",
msg: {required: "资产和资产组必选一个!"}