diff --git a/.gitignore b/.gitignore index ccd5937f2..abf165e2e 100644 --- a/.gitignore +++ b/.gitignore @@ -30,3 +30,4 @@ celerybeat.pid django.db celerybeat-schedule.db data/static +_build/ diff --git a/apps/assets/models/user.py b/apps/assets/models/user.py index a429d9895..7eaff63e6 100644 --- a/apps/assets/models/user.py +++ b/apps/assets/models/user.py @@ -26,14 +26,14 @@ signer = get_signer() class AssetUser(models.Model): id = models.UUIDField(default=uuid.uuid4, primary_key=True) name = models.CharField(max_length=128, unique=True, verbose_name=_('Name')) - username = models.CharField(max_length=16, verbose_name=_('Username')) + username = models.CharField(max_length=128, verbose_name=_('Username')) _password = models.CharField(max_length=256, blank=True, null=True, verbose_name=_('Password')) _private_key = models.TextField(max_length=4096, blank=True, null=True, verbose_name=_('SSH private key'), validators=[private_key_validator, ]) _public_key = models.TextField(max_length=4096, blank=True, verbose_name=_('SSH public key')) comment = models.TextField(blank=True, verbose_name=_('Comment')) date_created = models.DateTimeField(auto_now_add=True) date_updated = models.DateTimeField(auto_now=True) - created_by = models.CharField(max_length=32, null=True, verbose_name=_('Created by')) + created_by = models.CharField(max_length=128, null=True, verbose_name=_('Created by')) @property def password(self): diff --git a/apps/assets/templates/assets/_system_user.html b/apps/assets/templates/assets/_system_user.html index 358f7dd5e..528e271e6 100644 --- a/apps/assets/templates/assets/_system_user.html +++ b/apps/assets/templates/assets/_system_user.html @@ -13,7 +13,7 @@
-
{% trans 'Create system user' %}
+
{{ action }}
diff --git a/apps/assets/templates/assets/admin_user_create_update.html b/apps/assets/templates/assets/admin_user_create_update.html index 3d1772172..4ec2780ea 100644 --- a/apps/assets/templates/assets/admin_user_create_update.html +++ b/apps/assets/templates/assets/admin_user_create_update.html @@ -13,7 +13,7 @@
-
{% trans 'Create admin user' %}
+
{{ action }}
diff --git a/apps/i18n/zh/LC_MESSAGES/django.mo b/apps/i18n/zh/LC_MESSAGES/django.mo index 0f8484c1f..c3c6b39c8 100644 Binary files a/apps/i18n/zh/LC_MESSAGES/django.mo and b/apps/i18n/zh/LC_MESSAGES/django.mo differ diff --git a/apps/i18n/zh/LC_MESSAGES/django.po b/apps/i18n/zh/LC_MESSAGES/django.po index 84d9c2ba1..05acb43c3 100644 --- a/apps/i18n/zh/LC_MESSAGES/django.po +++ b/apps/i18n/zh/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: Jumpserver 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2018-03-01 15:29+0800\n" +"POT-Creation-Date: 2018-03-06 17:57+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: ibuler \n" "Language-Team: Jumpserver team\n" @@ -87,7 +87,7 @@ msgid "Password or private key passphrase" msgstr "密码或密钥密码" #: assets/forms/user.py:25 assets/models/user.py:30 common/forms.py:113 -#: users/forms.py:16 users/forms.py:24 users/templates/users/login.html:56 +#: users/forms.py:16 users/forms.py:24 users/templates/users/login.html:59 #: users/templates/users/reset_password.html:52 #: users/templates/users/user_create.html:11 #: users/templates/users/user_password_update.html:40 @@ -138,9 +138,9 @@ msgstr "名称" #: assets/templates/assets/system_user_detail.html:62 #: assets/templates/assets/system_user_list.html:25 #: perms/templates/perms/asset_permission_user.html:55 users/forms.py:14 -#: users/models/authentication.py:44 users/models/user.py:34 +#: users/models/authentication.py:45 users/models/user.py:34 #: users/templates/users/_select_user_modal.html:14 -#: users/templates/users/login.html:53 +#: users/templates/users/login.html:56 #: users/templates/users/login_log_list.html:49 #: users/templates/users/user_detail.html:67 #: users/templates/users/user_list.html:24 @@ -165,7 +165,7 @@ msgstr "高优先级的系统用户将会作为默认登录用户" #: assets/models/asset.py:50 assets/templates/assets/_asset_list_modal.html:21 #: assets/templates/assets/admin_user_assets.html:52 #: assets/templates/assets/asset_detail.html:61 -#: assets/templates/assets/asset_list.html:81 +#: assets/templates/assets/asset_list.html:87 #: assets/templates/assets/system_user_asset.html:50 #: assets/templates/assets/user_asset_list.html:20 common/forms.py:144 #: perms/templates/perms/asset_permission_asset.html:55 @@ -178,7 +178,7 @@ msgstr "IP" #: assets/models/asset.py:51 assets/templates/assets/_asset_list_modal.html:20 #: assets/templates/assets/admin_user_assets.html:51 #: assets/templates/assets/asset_detail.html:57 -#: assets/templates/assets/asset_list.html:80 +#: assets/templates/assets/asset_list.html:86 #: assets/templates/assets/system_user_asset.html:49 #: assets/templates/assets/user_asset_list.html:19 common/forms.py:143 #: perms/templates/perms/asset_permission_asset.html:54 @@ -331,7 +331,7 @@ msgid "Default" msgstr "默认" #: assets/models/cluster.py:36 assets/models/label.py:13 -#: users/models/user.py:265 +#: users/models/user.py:266 msgid "System" msgstr "系统" @@ -357,8 +357,9 @@ msgstr "默认资产组" #: terminal/templates/terminal/command_list.html:72 #: terminal/templates/terminal/session_list.html:33 #: terminal/templates/terminal/session_list.html:71 users/forms.py:190 -#: users/models/user.py:30 users/templates/users/user_group_detail.html:78 -#: users/templates/users/user_group_list.html:13 users/views/user.py:334 +#: users/models/user.py:30 users/models/user.py:254 +#: users/templates/users/user_group_detail.html:78 +#: users/templates/users/user_group_list.html:13 users/views/user.py:333 msgid "User" msgstr "用户" @@ -463,7 +464,7 @@ msgstr "推送系统用户到节点: {}" #: assets/templates/assets/_asset_group_bulk_update_modal.html:5 msgid "Update asset group" -msgstr "编辑用户组" +msgstr "更新用户组" #: assets/templates/assets/_asset_group_bulk_update_modal.html:8 msgid "Hint: only change the field you want to update." @@ -474,12 +475,11 @@ msgstr "仅修改你需要更新的字段" #: assets/views/admin_user.py:29 assets/views/admin_user.py:47 #: assets/views/admin_user.py:63 assets/views/admin_user.py:78 #: assets/views/admin_user.py:102 assets/views/asset.py:48 -#: assets/views/asset.py:61 assets/views/asset.py:95 assets/views/asset.py:155 -#: assets/views/asset.py:172 assets/views/asset.py:196 assets/views/label.py:26 -#: assets/views/label.py:42 assets/views/label.py:58 -#: assets/views/system_user.py:28 assets/views/system_user.py:44 -#: assets/views/system_user.py:60 assets/views/system_user.py:74 -#: templates/_nav.html:20 +#: assets/views/asset.py:94 assets/views/asset.py:154 assets/views/asset.py:171 +#: assets/views/asset.py:195 assets/views/label.py:26 assets/views/label.py:42 +#: assets/views/label.py:58 assets/views/system_user.py:28 +#: assets/views/system_user.py:44 assets/views/system_user.py:60 +#: assets/views/system_user.py:74 templates/_nav.html:20 msgid "Assets" msgstr "资产管理" @@ -522,14 +522,14 @@ msgid "If set id, will use this id update asset existed" msgstr "如果设置了id,则会使用该行信息更新该id的资产" #: assets/templates/assets/_asset_list_modal.html:22 -#: assets/templates/assets/asset_list.html:82 +#: assets/templates/assets/asset_list.html:88 #: assets/templates/assets/user_asset_list.html:22 msgid "Hardware" msgstr "硬件" #: assets/templates/assets/_asset_list_modal.html:23 #: assets/templates/assets/asset_detail.html:143 -#: assets/templates/assets/asset_list.html:83 +#: assets/templates/assets/asset_list.html:89 #: assets/templates/assets/user_asset_list.html:23 perms/models.py:20 #: perms/models.py:77 #: perms/templates/perms/asset_permission_create_update.html:51 @@ -548,7 +548,7 @@ msgstr "激活中" #: assets/templates/assets/admin_user_assets.html:54 #: assets/templates/assets/admin_user_list.html:25 #: assets/templates/assets/asset_detail.html:357 -#: assets/templates/assets/asset_list.html:84 +#: assets/templates/assets/asset_list.html:90 #: assets/templates/assets/system_user_asset.html:52 #: assets/templates/assets/system_user_list.html:27 #: users/templates/users/user_granted_asset.html:47 @@ -558,7 +558,7 @@ msgstr "可连接" #: assets/templates/assets/_asset_list_modal.html:25 #: assets/templates/assets/admin_user_list.html:29 -#: assets/templates/assets/asset_list.html:85 +#: assets/templates/assets/asset_list.html:91 #: assets/templates/assets/label_list.html:17 #: assets/templates/assets/system_user_list.html:31 #: ops/templates/ops/adhoc_history.html:59 ops/templates/ops/task_adhoc.html:61 @@ -572,25 +572,25 @@ msgid "Action" msgstr "动作" #: assets/templates/assets/_asset_list_modal.html:34 -#: assets/templates/assets/asset_list.html:94 +#: assets/templates/assets/asset_list.html:100 #: users/templates/users/user_list.html:37 msgid "Delete selected" msgstr "批量删除" #: assets/templates/assets/_asset_list_modal.html:35 -#: assets/templates/assets/asset_list.html:95 +#: assets/templates/assets/asset_list.html:101 #: users/templates/users/user_list.html:38 msgid "Update selected" msgstr "批量更新" #: assets/templates/assets/_asset_list_modal.html:36 -#: assets/templates/assets/asset_list.html:97 +#: assets/templates/assets/asset_list.html:103 #: users/templates/users/user_list.html:39 msgid "Deactive selected" msgstr "禁用所选" #: assets/templates/assets/_asset_list_modal.html:37 -#: assets/templates/assets/asset_list.html:98 +#: assets/templates/assets/asset_list.html:104 #: users/templates/users/user_list.html:40 msgid "Active selected" msgstr "激活所选" @@ -600,7 +600,7 @@ msgstr "激活所选" #: assets/templates/assets/admin_user_create_update.html:46 #: assets/templates/assets/asset_bulk_update.html:24 #: assets/templates/assets/asset_create.html:66 -#: assets/templates/assets/asset_list.html:102 +#: assets/templates/assets/asset_list.html:108 #: assets/templates/assets/asset_update.html:70 #: assets/templates/assets/label_create_update.html:17 #: common/templates/common/basic_setting.html:59 @@ -608,6 +608,7 @@ msgstr "激活所选" #: common/templates/common/ldap_setting.html:60 #: common/templates/common/terminal_setting.html:103 #: perms/templates/perms/asset_permission_create_update.html:72 +#: terminal/templates/terminal/session_list.html:120 #: terminal/templates/terminal/terminal_update.html:48 #: users/templates/users/_user.html:44 #: users/templates/users/first_login.html:62 @@ -624,7 +625,7 @@ msgstr "提交" #: assets/templates/assets/admin_user_detail.html:24 #: assets/templates/assets/admin_user_list.html:84 #: assets/templates/assets/asset_detail.html:24 -#: assets/templates/assets/asset_list.html:160 +#: assets/templates/assets/asset_list.html:166 #: assets/templates/assets/label_list.html:38 #: assets/templates/assets/system_user_detail.html:26 #: assets/templates/assets/system_user_list.html:85 @@ -643,7 +644,7 @@ msgstr "更新" #: assets/templates/assets/admin_user_detail.html:28 #: assets/templates/assets/admin_user_list.html:85 #: assets/templates/assets/asset_detail.html:28 -#: assets/templates/assets/asset_list.html:161 +#: assets/templates/assets/asset_list.html:167 #: assets/templates/assets/label_list.html:39 #: assets/templates/assets/system_user_detail.html:30 #: assets/templates/assets/system_user_list.html:86 @@ -773,7 +774,7 @@ msgstr "替换资产的管理员" #: assets/templates/assets/admin_user_detail.html:100 #: assets/templates/assets/asset_detail.html:198 -#: assets/templates/assets/asset_list.html:535 +#: assets/templates/assets/asset_list.html:541 #: assets/templates/assets/system_user_detail.html:181 #: assets/templates/assets/system_user_list.html:135 templates/_modal.html:16 #: terminal/templates/terminal/session_detail.html:108 @@ -807,12 +808,12 @@ msgid "Node" msgstr "节点" #: assets/templates/assets/asset_create.html:34 -#: assets/templates/assets/asset_list.html:69 +#: assets/templates/assets/asset_list.html:75 #: assets/templates/assets/asset_update.html:39 msgid "Label" msgstr "标签" -#: assets/templates/assets/asset_detail.html:20 assets/views/asset.py:197 +#: assets/templates/assets/asset_detail.html:20 assets/views/asset.py:196 msgid "Asset detail" msgstr "资产详情" @@ -850,50 +851,50 @@ msgstr "刷新" msgid "Update successfully!" msgstr "更新成功" -#: assets/templates/assets/asset_list.html:57 -#: assets/templates/assets/asset_list.html:114 assets/views/asset.py:96 +#: assets/templates/assets/asset_list.html:63 +#: assets/templates/assets/asset_list.html:120 assets/views/asset.py:95 msgid "Create asset" msgstr "创建资产" -#: assets/templates/assets/asset_list.html:61 +#: assets/templates/assets/asset_list.html:67 #: users/templates/users/user_list.html:7 msgid "Import" msgstr "导入" -#: assets/templates/assets/asset_list.html:64 +#: assets/templates/assets/asset_list.html:70 #: users/templates/users/user_list.html:10 msgid "Export" msgstr "导出" -#: assets/templates/assets/asset_list.html:96 +#: assets/templates/assets/asset_list.html:102 msgid "Remove from this node" msgstr "从节点移除" -#: assets/templates/assets/asset_list.html:115 +#: assets/templates/assets/asset_list.html:121 msgid "Add asset" msgstr "添加资产到节点" -#: assets/templates/assets/asset_list.html:117 +#: assets/templates/assets/asset_list.html:123 msgid "Add node" msgstr "新建节点" -#: assets/templates/assets/asset_list.html:118 +#: assets/templates/assets/asset_list.html:124 msgid "Rename node" msgstr "重命名节点" -#: assets/templates/assets/asset_list.html:120 +#: assets/templates/assets/asset_list.html:126 msgid "Delete node" msgstr "删除节点" -#: assets/templates/assets/asset_list.html:195 +#: assets/templates/assets/asset_list.html:201 msgid "Create node failed" msgstr "创建节点失败" -#: assets/templates/assets/asset_list.html:208 +#: assets/templates/assets/asset_list.html:214 msgid "Have child node, cancel" msgstr "存在子节点,不能删除" -#: assets/templates/assets/asset_list.html:530 +#: assets/templates/assets/asset_list.html:536 #: assets/templates/assets/system_user_list.html:130 #: users/templates/users/user_detail.html:334 #: users/templates/users/user_detail.html:359 @@ -902,20 +903,20 @@ msgstr "存在子节点,不能删除" msgid "Are you sure?" msgstr "你确认吗?" -#: assets/templates/assets/asset_list.html:531 +#: assets/templates/assets/asset_list.html:537 msgid "This will delete the selected assets !!!" msgstr "删除选择资产" -#: assets/templates/assets/asset_list.html:539 +#: assets/templates/assets/asset_list.html:545 msgid "Asset Deleted." msgstr "已被删除" -#: assets/templates/assets/asset_list.html:540 -#: assets/templates/assets/asset_list.html:545 +#: assets/templates/assets/asset_list.html:546 +#: assets/templates/assets/asset_list.html:551 msgid "Asset Delete" msgstr "删除" -#: assets/templates/assets/asset_list.html:544 +#: assets/templates/assets/asset_list.html:550 msgid "Asset Deleting failed." msgstr "删除失败" @@ -1011,19 +1012,23 @@ msgstr "更新管理用户" msgid "Admin user detail" msgstr "管理用户详情" -#: assets/views/asset.py:49 assets/views/asset.py:62 templates/_nav.html:23 +#: assets/views/asset.py:49 templates/_nav.html:23 msgid "Asset list" msgstr "资产列表" -#: assets/views/asset.py:156 +#: assets/views/asset.py:61 templates/_nav_user.html:4 +msgid "My assets" +msgstr "我的资产" + +#: assets/views/asset.py:155 msgid "Bulk update asset" msgstr "批量更新资产" -#: assets/views/asset.py:173 +#: assets/views/asset.py:172 msgid "Update asset" -msgstr "编辑资产" +msgstr "更新资产" -#: assets/views/asset.py:297 +#: assets/views/asset.py:296 msgid "already exists" msgstr "已经存在" @@ -1033,7 +1038,7 @@ msgstr "标签列表" #: assets/views/label.py:59 msgid "Update label" -msgstr "编辑标签" +msgstr "更新标签" #: assets/views/system_user.py:29 msgid "System user list" @@ -1269,7 +1274,7 @@ msgid "Type" msgstr "类型" #: common/views.py:20 common/views.py:46 common/views.py:72 common/views.py:102 -#: templates/_nav.html:67 +#: templates/_nav.html:72 msgid "Settings" msgstr "系统设置" @@ -1536,7 +1541,7 @@ msgstr "任务开始: " msgid "Ops" msgstr "作业中心" -#: ops/views.py:37 templates/_nav.html:53 +#: ops/views.py:37 templates/_nav.html:58 msgid "Task list" msgstr "任务列表" @@ -1546,7 +1551,8 @@ msgstr "执行历史" #: perms/forms.py:22 perms/models.py:16 perms/models.py:75 #: perms/templates/perms/asset_permission_list.html:68 templates/_nav.html:14 -#: users/models/user.py:37 users/templates/users/_select_user_modal.html:16 +#: users/models/group.py:25 users/models/user.py:37 +#: users/templates/users/_select_user_modal.html:16 #: users/templates/users/user_detail.html:179 #: users/templates/users/user_list.html:26 msgid "User group" @@ -1684,28 +1690,28 @@ msgstr "文档" #: users/templates/users/user_profile.html:17 #: users/templates/users/user_profile_update.html:37 #: users/templates/users/user_profile_update.html:57 -#: users/templates/users/user_pubkey_update.html:37 users/views/user.py:317 +#: users/templates/users/user_pubkey_update.html:37 users/views/user.py:316 msgid "Profile" msgstr "个人信息" -#: templates/_header_bar.html:41 +#: templates/_header_bar.html:40 msgid "Admin page" msgstr "管理页面" -#: templates/_header_bar.html:43 +#: templates/_header_bar.html:42 msgid "User page" msgstr "用户页面" -#: templates/_header_bar.html:46 +#: templates/_header_bar.html:45 msgid "Logout" msgstr "注销登录" -#: templates/_header_bar.html:50 users/templates/users/login.html:42 -#: users/templates/users/login.html:61 +#: templates/_header_bar.html:49 users/templates/users/login.html:44 +#: users/templates/users/login.html:64 msgid "Login" msgstr "登录" -#: templates/_header_bar.html:63 templates/_nav.html:4 +#: templates/_header_bar.html:62 templates/_nav.html:4 msgid "Dashboard" msgstr "仪表盘" @@ -1740,10 +1746,10 @@ msgid "Close" msgstr "关闭" #: templates/_nav.html:10 users/views/group.py:28 users/views/group.py:44 -#: users/views/group.py:62 users/views/group.py:79 users/views/login.py:200 -#: users/views/login.py:249 users/views/user.py:59 users/views/user.py:74 -#: users/views/user.py:93 users/views/user.py:149 users/views/user.py:304 -#: users/views/user.py:316 users/views/user.py:352 users/views/user.py:374 +#: users/views/group.py:62 users/views/group.py:79 users/views/group.py:95 +#: users/views/login.py:209 users/views/login.py:258 users/views/user.py:59 +#: users/views/user.py:74 users/views/user.py:93 users/views/user.py:149 +#: users/views/user.py:304 users/views/user.py:351 users/views/user.py:373 msgid "Users" msgstr "用户管理" @@ -1771,7 +1777,11 @@ msgstr "历史会话" msgid "Commands" msgstr "命令记录" -#: templates/_nav.html:45 terminal/templates/terminal/session_list.html:75 +#: templates/_nav.html:47 templates/_nav_user.html:14 +msgid "Web terminal" +msgstr "Web终端" + +#: templates/_nav.html:50 terminal/templates/terminal/session_list.html:75 #: terminal/views/command.py:47 terminal/views/session.py:75 #: terminal/views/session.py:92 terminal/views/session.py:114 #: terminal/views/terminal.py:31 terminal/views/terminal.py:46 @@ -1779,18 +1789,10 @@ msgstr "命令记录" msgid "Terminal" msgstr "终端管理" -#: templates/_nav.html:50 +#: templates/_nav.html:55 msgid "Job Center" msgstr "作业中心" -#: templates/_nav_user.html:4 -msgid "My assets" -msgstr "我的资产" - -#: templates/_nav_user.html:14 -msgid "Web terminal" -msgstr "Web终端" - #: templates/captcha/image.html:3 msgid "Play CAPTCHA as audio file" msgstr "语言播放验证码" @@ -1878,10 +1880,8 @@ msgid "Command" msgstr "命令" #: terminal/models.py:131 -#, fuzzy -#| msgid "Date start" msgid "Date last active" -msgstr "开始日期" +msgstr "最后活跃日期" #: terminal/models.py:133 msgid "Date end" @@ -1938,7 +1938,13 @@ msgstr "监控" msgid "Terminate" msgstr "终断" -#: terminal/templates/terminal/session_list.html:121 +#: terminal/templates/terminal/session_list.html:116 +#, fuzzy +#| msgid "Deactive selected" +msgid "Terminate selected" +msgstr "禁用所选" + +#: terminal/templates/terminal/session_list.html:136 msgid "Terminate task send, waiting ..." msgstr "终断任务已发送,请等待" @@ -2109,31 +2115,31 @@ msgstr "ssh密钥不合法" msgid "Select users" msgstr "选择用户" -#: users/models/authentication.py:35 +#: users/models/authentication.py:36 msgid "Private Token" msgstr "ssh密钥" -#: users/models/authentication.py:45 +#: users/models/authentication.py:46 msgid "Login type" msgstr "登录方式" -#: users/models/authentication.py:46 +#: users/models/authentication.py:47 msgid "Login ip" msgstr "登录IP" -#: users/models/authentication.py:47 +#: users/models/authentication.py:48 msgid "Login city" msgstr "登录城市" -#: users/models/authentication.py:48 +#: users/models/authentication.py:49 msgid "User agent" msgstr "Agent" -#: users/models/authentication.py:49 +#: users/models/authentication.py:50 msgid "Date login" msgstr "登录日期" -#: users/models/user.py:29 users/models/user.py:261 +#: users/models/user.py:29 users/models/user.py:262 msgid "Administrator" msgstr "管理员" @@ -2172,7 +2178,7 @@ msgstr "二次验证" msgid "Public key" msgstr "ssh公钥" -#: users/models/user.py:264 +#: users/models/user.py:265 msgid "Administrator is the super user of system" msgstr "Administrator是初始的超级管理员" @@ -2243,7 +2249,7 @@ msgid " for more information" msgstr "获取更多信息" #: users/templates/users/forgot_password.html:26 -#: users/templates/users/login.html:64 +#: users/templates/users/login.html:73 msgid "Forgot password" msgstr "忘记密码" @@ -2251,7 +2257,7 @@ msgstr "忘记密码" msgid "Input your email, that will send a mail to your" msgstr "输入您的邮箱, 将会发一封重置邮件到您的邮箱中" -#: users/templates/users/login.html:47 +#: users/templates/users/login.html:50 msgid "Captcha invalid" msgstr "验证码错误" @@ -2360,7 +2366,7 @@ msgstr "取消" #: users/templates/users/user_group_granted_asset.html:18 #: users/views/group.py:80 msgid "User group detail" -msgstr "资产组详情" +msgstr "用户组详情" #: users/templates/users/user_group_detail.html:86 msgid "Add user" @@ -2431,7 +2437,7 @@ msgstr "更新密钥" #: users/templates/users/user_update.html:4 users/views/user.py:93 msgid "Update user" -msgstr "编辑用户" +msgstr "更新用户" #: users/utils.py:35 msgid "Create account successfully" @@ -2569,54 +2575,58 @@ msgstr "用户组列表" #: users/views/group.py:63 msgid "Update user group" -msgstr "编辑用户组" +msgstr "更新用户组" -#: users/views/login.py:56 +#: users/views/group.py:96 +msgid "User group granted asset" +msgstr "用户组授权资产" + +#: users/views/login.py:57 msgid "Please enable cookies and try again." msgstr "设置你的浏览器支持cookie" -#: users/views/login.py:90 +#: users/views/login.py:99 msgid "Logout success" msgstr "退出登录成功" -#: users/views/login.py:91 +#: users/views/login.py:100 msgid "Logout success, return login page" msgstr "退出登录成功,返回到登录页面" -#: users/views/login.py:107 +#: users/views/login.py:116 msgid "Email address invalid, please input again" msgstr "邮箱地址错误,重新输入" -#: users/views/login.py:120 +#: users/views/login.py:129 msgid "Send reset password message" msgstr "发送重置密码邮件" -#: users/views/login.py:121 +#: users/views/login.py:130 msgid "Send reset password mail success, login your mail box and follow it " msgstr "" "发送重置邮件成功, 请登录邮箱查看, 按照提示操作 (如果没收到,请等待3-5分钟)" -#: users/views/login.py:135 +#: users/views/login.py:144 msgid "Reset password success" msgstr "重置密码成功" -#: users/views/login.py:136 +#: users/views/login.py:145 msgid "Reset password success, return to login page" msgstr "重置密码成功,返回到登录页面" -#: users/views/login.py:153 users/views/login.py:166 +#: users/views/login.py:162 users/views/login.py:175 msgid "Token invalid or expired" msgstr "Token错误或失效" -#: users/views/login.py:162 +#: users/views/login.py:171 msgid "Password not same" msgstr "密码不一致" -#: users/views/login.py:200 +#: users/views/login.py:209 msgid "First login" msgstr "首次登陆" -#: users/views/login.py:250 +#: users/views/login.py:259 msgid "Login log list" msgstr "登录日志" @@ -2632,17 +2642,14 @@ msgstr "文件不合法" msgid "User granted assets" msgstr "用户授权资产" -#: users/views/user.py:335 +#: users/views/user.py:334 msgid "Profile setting" msgstr "个人信息设置" -#: users/views/user.py:353 +#: users/views/user.py:352 msgid "Password update" msgstr "密码更新" -#: users/views/user.py:375 +#: users/views/user.py:374 msgid "Public key update" msgstr "密钥更新" - -#~ msgid "Help" -#~ msgstr "帮助" diff --git a/apps/perms/templates/perms/asset_permission_create_update.html b/apps/perms/templates/perms/asset_permission_create_update.html index aafb650da..d02b354f5 100644 --- a/apps/perms/templates/perms/asset_permission_create_update.html +++ b/apps/perms/templates/perms/asset_permission_create_update.html @@ -14,7 +14,7 @@
-
{% trans 'Create asset permission ' %}
+
{{ action }}
diff --git a/apps/users/views/group.py b/apps/users/views/group.py index fb279b582..958c00ccc 100644 --- a/apps/users/views/group.py +++ b/apps/users/views/group.py @@ -92,8 +92,8 @@ class UserGroupGrantedAssetView(AdminUserRequiredMixin, DetailView): def get_context_data(self, **kwargs): context = { - 'app': 'User', - 'action': 'User group granted asset', + 'app': _('Users'), + 'action': _('User group granted asset'), } kwargs.update(context) return super().get_context_data(**kwargs) diff --git a/docs/Makefile b/docs/Makefile new file mode 100644 index 000000000..526c8f5df --- /dev/null +++ b/docs/Makefile @@ -0,0 +1,20 @@ +# Minimal makefile for Sphinx documentation +# + +# You can set these variables from the command line. +SPHINXOPTS = +SPHINXBUILD = sphinx-build +SPHINXPROJ = Jumpserver +SOURCEDIR = . +BUILDDIR = _build + +# Put it first so that "make" without argument is like "make help". +help: + @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) + +.PHONY: help Makefile + +# Catch-all target: route all unknown targets to Sphinx using the new +# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). +%: Makefile + @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) \ No newline at end of file diff --git a/docs/_static/img/logo-text.png b/docs/_static/img/logo-text.png new file mode 100644 index 000000000..cb76b555a Binary files /dev/null and b/docs/_static/img/logo-text.png differ diff --git a/docs/_static/img/structure.png b/docs/_static/img/structure.png new file mode 100644 index 000000000..90476014c Binary files /dev/null and b/docs/_static/img/structure.png differ diff --git a/docs/admin_asset.rst b/docs/admin_asset.rst new file mode 100644 index 000000000..758db8912 --- /dev/null +++ b/docs/admin_asset.rst @@ -0,0 +1,2 @@ +资产管理模块 +============= \ No newline at end of file diff --git a/docs/admin_guide.rst b/docs/admin_guide.rst new file mode 100644 index 000000000..df59969cc --- /dev/null +++ b/docs/admin_guide.rst @@ -0,0 +1,10 @@ +管理文档 +========= + +这里介绍管理员功能。 + +.. toctree:: + :maxdepth: 1 + + admin_user + admin_asset diff --git a/docs/admin_user.rst b/docs/admin_user.rst new file mode 100644 index 000000000..cdce938e1 --- /dev/null +++ b/docs/admin_user.rst @@ -0,0 +1,51 @@ +用户管理 +======== + +这里介绍用户管理模块的功能。 + +点击页面左侧“用户列表”菜单下的“用户列表,进入用户列表页面。 + +.. contents:: Topics + +.. _create_user: + +创建用户 +```````` + +点击页面左上角“创建用户”按钮,进入创建用户页面,填写账户,角色安全,个人等信息,点击“提交”按钮,用户创建完成。 + + +.. _update_user: + +更新用户 +```````` + +点击页面右边的“更新”按钮,进入编辑用户页面,编辑用户信息,点击“提交”按钮,更新用户完成。 + +.. _delete_user: + +删除用户 +```````` + +点击页面右边的“删除”按钮,弹出是否删除确认框,点击“确定”按钮,删除用户完成。 + +.. _export_user: + +导出用户 +```````` + +选中用户,点击右上角的“导出”按钮,导出用户完成。 + +.. _inport_user: + +导入用户 +```````` + +点击右上角的“导入”按钮,弹出导入对话框,选择要导入的CSV格式文件,点击“确认”按钮,导入用户完成。 + +.. _batch_operation: + +批量操作 +```````` + +选中用户,选择页面左下角的批量操作选项,点击”提交“按钮,批量操作完成。 \ No newline at end of file diff --git a/docs/api_style_guide.rst b/docs/api_style_guide.rst new file mode 100644 index 000000000..438a6d94a --- /dev/null +++ b/docs/api_style_guide.rst @@ -0,0 +1,166 @@ +REST API规范约定 +---------------- + +这里仅考虑REST API的基本情况。参考 + +`RESTful API 设计指南`_ + +`github api文档`_ + +协议 +~~~~ + +API与用户的通信协议,总是使用HTTPs协议。 + +域名 +~~~~ + +这版api相对简单, 没有前后端分离, 没有独立app, 所以放在主域名下 + +:: + + https://example.org/api/ + +版本 +~~~~ + +将API的版本号放入URL中, 由于一个项目多个app所以Jumpserver使用以下风格, +将版本号放到app后面 + +:: + + https://example.com/api/:app:/:version:/:resource: + https://example.com/api/assets/v1.0/assets [GET, POST] + https://example.com/api/assets/v1.0/assets/1 [GET, PUT, DELETE] + +路径 +~~~~ + +路径又称“终点”(endpoint),表示API的具体网址。 +在RESTful架构中,每个网址代表一种资源(resource),所以网址中不能有动词,只能有名词,而且所用的名词往往与数据库的表格名对应。一般来说,数据库中的表都是同种记录的“集合”(collection),所以API中的名词也应该使用复数。 +举例来说 cmdb中的assets列表, idc列表 + +:: + + https://example.com/api/:app:/:version:/:resource: + + https://example.com/api/assets/v1.0/assets [GET, POST] + https://example.com/api/assets/v1.0/assets/1 [GET, PUT, DELETE] + https://example.com/api/assets/v1.0/idcs [GET, POST] + +一般性的增删查改(CRUD)API,完全使用HTTP +method加上url提供的语义,url中的可变部分(比如上面提到的) +一般用来传递该API操作的核心实体对象的唯一ID,如果有更多的参数需要提供,GET方法请使用url +parameter +(例如:“?client_id=xxxxx&app_id=xxxxxx”),PUT/POST/DELETE方法请使用请求体传递参数。 + +HTTP Method +~~~~~~~~~~~ + +对于资源的具体操作类型,由HTTP动词表示。 + +常用的HTTP动词有下面五个(括号里是对应的SQL命令)。 + +- GET(SELECT):从服务器取出资源(一项或多项)。 +- POST(CREATE):在服务器新建一个资源。 +- PUT(UPDATE):在服务器更新资源(客户端提供改变后的完整资源, 幂等 +- PATCH(UPDATE):在服务器更新资源(客户端提供改变的属性)。 +- DELETE(DELETE):从服务器删除资源。 + +.. _RESTful API 设计指南: http://www.ruanyifeng.com/blog/2014/05/restful_api.html +.. _github api文档: https://developer.github.com/v3/ + + +过滤信息 +~~~~~~~~ + +常见参数约定 + +:: + + ?keyword=localhost 模糊搜索 + ?limit=10:指定返回记录的数量 + ?offset=10:指定返回记录的开始位置。 + ?page=2&per_page=100:指定第几页,以及每页的记录数。 + ?sort=name&order=asc:指定返回结果按照哪个属性排序,以及排序顺序。 + ?asset_id=1:指定筛选条件 + +状态码 +~~~~~~ + +服务器向用户返回的状态码和提示信息,常见的有以下一些(方括号中是该状态码对应的HTTP动词)。 + +- 200 OK - + [GET]:服务器成功返回用户请求的数据,该操作是幂等的(Idempotent)。 +- 201 CREATED - [POST/PUT/PATCH]:用户新建或修改数据成功。 +- 202 Accepted - [*]:表示一个请求已经进入后台排队(异步任务) +- 204 NO CONTENT - [DELETE]:用户删除数据成功。 +- 400 INVALID REQUEST - + [POST/PUT/PATCH]:用户发出的请求有错误,服务器没有进行新建或修改数据的操作,该操作是幂等的。 +- 401 Unauthorized - [*]:表示用户没有权限(令牌、用户名、密码错误)。 +- 403 Forbidden - [*] + 表示用户得到授权(与401错误相对),但是访问是被禁止的。 +- 404 NOT FOUND - + [*]:用户发出的请求针对的是不存在的记录,服务器没有进行操作,该操作是幂等的。 +- 406 Not Acceptable - + [GET]:用户请求的格式不可得(比如用户请求JSON格式,但是只有XML格式)。 +- 410 Gone -[GET]:用户请求的资源被永久删除,且不会再得到的。 +- 422 Unprocesable entity - [POST/PUT/PATCH] + 当创建一个对象时,发生一个验证错误。 +- 500 INTERNAL SERVER ERROR - + [*]:服务器发生错误,用户将无法判断发出的请求是否成功。 + +错误处理 +~~~~~~~~ + +如果状态码是4xx,就应该向用户返回出错信息。一般来说,返回的信息中将error作为键名,出错信息作为键值即可。 + +:: + + { + error: "Invalid API key" + } + + +返回结果 +~~~~~~~~ + +针对不同操作,服务器向用户返回的结果应该符合以下规范。 + +:: + + GET /collection:返回资源对象的列表(数组) + GET /collection/resource:返回单个资源对象 + POST /collection:返回新生成的资源对象 + PUT /collection/resource:返回完整的资源对象 + PATCH /collection/resource:返回完整的资源对象 + DELETE /collection/resource:返回一个空文档 + +Hypermedia API +~~~~~~~~~~~~~~ + +RESTful +API最好做到Hypermedia,即返回结果中提供链接,连向其他API方法,使得用户不查文档,也知道下一步应该做什么。 +比如,当用户向api.example.com的根目录发出请求,会得到这样一个文档。 + +:: + + {"link": { + "rel": "collection https://www.example.com/zoos", + "href": "https://api.example.com/zoos", + "title": "List of zoos", + "type": "application/vnd.yourformat+json" + }} + +上面代码表示,文档中有一个link属性,用户读取这个属性就知道下一步该调用什么API了。 + +rel表示这个API与当前网址的关系(collection关系,并给出该collection的网址), + +href表示API的路径,title表示API的标题,type表示返回类型。 Hypermedia +API的设计被称为HATEOAS。 Github的API就是这种设计. + +其它 +~~~~ + +(1)API的身份认证应该使用OAuth 2.0框架。 +(2)服务器返回的数据格式,应该尽量使用JSON \ No newline at end of file diff --git a/docs/conf.py b/docs/conf.py new file mode 100644 index 000000000..068048c0f --- /dev/null +++ b/docs/conf.py @@ -0,0 +1,168 @@ +# -*- coding: utf-8 -*- +# +# Configuration file for the Sphinx documentation builder. +# +# This file does only contain a selection of the most common options. For a +# full list see the documentation: +# http://www.sphinx-doc.org/en/stable/config + +# -- Path setup -------------------------------------------------------------- + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# +# import os +# import sys +# sys.path.insert(0, os.path.abspath('.')) +import sphinx_rtd_theme + + +# -- Project information ----------------------------------------------------- + +project = 'jumpserver' +copyright = '北京堆栈科技有限公司 © 2014-2018' +author = 'Jumpserver team' + +# The short X.Y version +version = '' +# The full version, including alpha/beta/rc tags +release = '0.5.0' + + +# -- General configuration --------------------------------------------------- + +# If your documentation needs a minimal Sphinx version, state it here. +# +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'sphinx.ext.viewcode', + 'sphinx.ext.githubpages', +] + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# The suffix(es) of source filenames. +# You can specify multiple suffix as a list of string: +# +# source_suffix = ['.rst', '.md'] +source_suffix = '.rst' + +# The master toctree document. +master_doc = 'index' + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# +# This is also used if you do content translation via gettext catalogs. +# Usually you set "language" from the command line for these cases. +language = 'zh_CN' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +# This pattern also affects html_static_path and html_extra_path . +exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' +html_show_sourcelink = False + + +# -- Options for HTML output ------------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +# +# html_theme = 'alabaster' +html_theme = "sphinx_rtd_theme" +html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# +html_theme_options = { + 'logo_only': True, + 'display_version': False +} + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['_static'] + +# Custom sidebar templates, must be a dictionary that maps document names +# to template names. +# +# The default sidebars (for documents that don't match any pattern) are +# defined by theme itself. Builtin themes are using these templates by +# default: ``['localtoc.html', 'relations.html', 'sourcelink.html', +# 'searchbox.html']``. +# +# html_sidebars = {} + + +# -- Options for HTMLHelp output --------------------------------------------- + +# Output file base name for HTML help builder. +htmlhelp_basename = 'Jumpserver 文档' + + +# -- Options for LaTeX output ------------------------------------------------ + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # + # 'papersize': 'letterpaper', + + # The font size ('10pt', '11pt' or '12pt'). + # + # 'pointsize': '10pt', + + # Additional stuff for the LaTeX preamble. + # + # 'preamble': '', + + # Latex figure (float) alignment + # + # 'figure_align': 'htbp', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + (master_doc, 'jumpserver.tex', 'jumpserver Documentation', + 'Jumpserver team', 'manual'), +] + + +# -- Options for manual page output ------------------------------------------ + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + (master_doc, 'jumpserver', 'jumpserver Documentation', + [author], 1) +] + + +# -- Options for Texinfo output ---------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + (master_doc, 'jumpserver', 'jumpserver Documentation', + author, 'jumpserver', 'One line description of project.', + 'Miscellaneous'), +] + + +# -- Extension configuration ------------------------------------------------- +html_logo = '_static/img/logo-text.png' diff --git a/docs/contact.rst b/docs/contact.rst new file mode 100644 index 000000000..767554517 --- /dev/null +++ b/docs/contact.rst @@ -0,0 +1,33 @@ +联系方式 ++++++++++++++++++++++++++ + +QQ群 +~~~~~~~~ + +群1: 390139816 +群2: 399218702 +群3: 552054376 + + +Github +~~~~~~~~ + +https://github.com/jumpserver/jumpserver.git + + +官网 +~~~~~~~~ + +http://www.jumpserver.org + + +Demo +~~~~~~~~ + +http://demo.jumpserver.org:8080 + + +邮件 +~~~~~~~~ + +ibuler#fit2cloud.com (#替换为@) \ No newline at end of file diff --git a/docs/contributor.rst b/docs/contributor.rst new file mode 100644 index 000000000..05c2604f1 --- /dev/null +++ b/docs/contributor.rst @@ -0,0 +1,13 @@ +贡献者 +++++++++++++++++++++++++ + +感谢一下朋友为Jumpserver做出的贡献,世界因你们而不同,排名不分先后 + + +- **小彧 <李磊>** Django资深开发者,为用户模块贡献了很多代码 +- **sofia <周小侠>** 资深前端工程师, 前端代码贡献者 +- **liuz <刘正> 全栈工程师** 编写了Web terminal大部分代码 +- **jiaxiangkong <陈尚委>** Jumpserver测试运营 +- **halcyon <王墉>** DevOps 资深开发者, 0.3.2 核心开发者之一 +- **yumaojun03 <喻茂峻>** DevOps 资深开发者,擅长Python, Go以及PAAS平台开发 +- **kelianchun <柯连春>** DevOps 资产开发者,fix了很多bug \ No newline at end of file diff --git a/docs/development.rst b/docs/development.rst new file mode 100644 index 000000000..9e2411ea9 --- /dev/null +++ b/docs/development.rst @@ -0,0 +1,12 @@ +开发文档 +====================================== + +.. toctree:: + :maxdepth: 1 + :caption: 开发文档 + + api_style_guide + python_style_guide + project_structure + + diff --git a/docs/faq.rst b/docs/faq.rst new file mode 100644 index 000000000..d02cca126 --- /dev/null +++ b/docs/faq.rst @@ -0,0 +1,2 @@ +FAQ ++++++++++++++++++++++ \ No newline at end of file diff --git a/docs/index.rst b/docs/index.rst new file mode 100644 index 000000000..787f05564 --- /dev/null +++ b/docs/index.rst @@ -0,0 +1,29 @@ +.. jumpserver documentation master file, created by + sphinx-quickstart on Mon Feb 26 23:28:27 2018. + You can adapt this file completely to your liking, but it should at least + contain the root `toctree` directive. + +Jumpserver 文档 +====================================== + +.. toctree:: + :maxdepth: 2 + :caption: 文档: + + intro + installation + admin_guide + user_guide + development + contributor + contact + faq + + + +索引 +================== + +* :ref:`genindex` +* :ref:`modindex` +* :ref:`search` diff --git a/docs/installation.rst b/docs/installation.rst new file mode 100644 index 000000000..e9dde1f48 --- /dev/null +++ b/docs/installation.rst @@ -0,0 +1,9 @@ +安装文档 +++++++++++++++++++++++++ + +.. toctree:: + :maxdepth: 1 + + quickstart + step_by_step + upgrade diff --git a/docs/intro.rst b/docs/intro.rst new file mode 100644 index 000000000..a8810e14f --- /dev/null +++ b/docs/intro.rst @@ -0,0 +1,51 @@ +简介 +============ + +Jumpserver是混合云下更好用的堡垒机, 分布式架构设计无限扩展,轻松对接混合云资产,支持使用云存储(AWS S3, ES等)存储录像、命令 + +Jumpserver颠覆传统堡垒机, 无主机和并发数量限制,支持水平扩容,FIT2CLOUD提供完备的商业服务支持,用户无后顾之忧 + +Jumpserver拥有极致的用户体验, 极致UI体验,容器化的部署方式,部署过程方便快捷,可持续升级 + + +组件说明 +++++++++++++++++++++++++ + +Jumpserver +``````````` +现指Jumpserver管理后台,是核心组件(Core), 使用 Django Class Based View 风格开发,支持Restful API。 + +`Github `_ + + +Coco +```````` +实现了SSH Server 和 Web Terminal Server的组件,提供ssh和websocket接口, 使用 Paramiko 和 Flask 开发。 + + +`Github `__ + + +Luna +```````` +现在是Web Terminal前端,计划前端页面都由该项目提供,Jumpserver只提供API,不再负责后台渲染html等。 + +`Github `__ + + +Guacamole +``````````` +Apache 跳板机项目,Jumpserver使用其组件实现RDP功能,Jumpserver并没有修改其代码而是添加了额外的插件,支持Jumpserver调用 + + +Jumpserver-python-sdk +``````````````````````` +Jumpserver API Python SDK,Coco目前使用该SDK与Jumpserver API交互 + +`Github `__ + + +组件架构图 +++++++++++++++++++++++++ +.. image:: _static/img/structure.png + :alt: 组件架构图 diff --git a/docs/README.md b/docs/old/README.md similarity index 100% rename from docs/README.md rename to docs/old/README.md diff --git a/docs/api_style_guide.md b/docs/old/api_style_guide.md similarity index 100% rename from docs/api_style_guide.md rename to docs/old/api_style_guide.md diff --git a/docs/django_class_base_view_inheritance.py b/docs/old/django_class_base_view_inheritance.py similarity index 100% rename from docs/django_class_base_view_inheritance.py rename to docs/old/django_class_base_view_inheritance.py diff --git a/docs/install.md b/docs/old/install.md similarity index 100% rename from docs/install.md rename to docs/old/install.md diff --git a/docs/project_structure.md b/docs/old/project_structure.md similarity index 100% rename from docs/project_structure.md rename to docs/old/project_structure.md diff --git a/docs/python_style_guide.md b/docs/old/python_style_guide.md similarity index 100% rename from docs/python_style_guide.md rename to docs/old/python_style_guide.md diff --git a/docs/table_design.xml b/docs/old/table_design.xml similarity index 100% rename from docs/table_design.xml rename to docs/old/table_design.xml diff --git a/docs/project_structure.rst b/docs/project_structure.rst new file mode 100644 index 000000000..151cda143 --- /dev/null +++ b/docs/project_structure.rst @@ -0,0 +1,51 @@ +项目骨架 +-------- + +说明如下: + +:: + + . + ├── config-example.py // 配置文件样例 + ├── docs // 所有doc文件放到该目录 + │ └── README.md + ├── LICENSE + ├── README.md + ├── install // 安装说明 + ├── logs // 日志目录 + ├── apps // 管理后台目录,也是各app所在目录 + │ └── assets // app目录 + │ │ ├── admin.py + │ │ ├── apps.py // 新版本django app设置文件 + │ │ ├── api.py // api文件 + │ │ ├── __init__.py // 对外暴露的接口,放到该文件中,方便别的app引用 + │ │ ├── migrations // models Migrations版本控制目录 + │ │ │ └── __init__.py + │ │ ├── models.py // 数据模型目录 + │ │ ├── static // app下静态资源目录,如果需要 + │ │ │ └── assets // 多一层目录,防止资源重名 + │ │ │ └── some_image.png + │ │ ├── templates // app下模板目录 + │ │ │ └── assets // 多一层目录,防止资源重名 + │ │ │ └── asset_list.html + │ │ ├── templatetags // 模板标签目录 + │ │ ├── tests.py // 测试用例文件 + │ │ ├── urls.py // urlconf文件 + │ │ ├── utils.py // 将views和api可复用的代码放在这里, api和views只是请求和返回不同 + │ │ └── views.py // views文件 + │ ├── common + │ │ ├── templatetags // 通用template tag + │ │ ├── utils.py // 通用的函数方法 + │ │ └── views.py + │ ├── fixtures // 初始化数据目录 + │ │ ├── init.json // 初始化项目数据库 + │ │ └── fake.json // 生成大量测试数据 + │ ├── jumpserver // 项目设置目录 + │ │ ├── __init__.py + │ │ ├── settings.py // 项目设置文件 + │ │ ├── urls.py // 项目入口urlconf + │ │ └── wsgi.py + │ ├── manage.py + │ ├── static // 项目静态资源目录 + │ ├── i18n // 项目多语言目录 + │ └── templates // 项目模板目录 \ No newline at end of file diff --git a/docs/python_style_guide.rst b/docs/python_style_guide.rst new file mode 100644 index 000000000..de7bae56f --- /dev/null +++ b/docs/python_style_guide.rst @@ -0,0 +1,216 @@ +Jumpserver 项目规范(Draft) +============================ + +语言框架 +-------- + +1. Python 3.6.1 (当前最新) +2. Django 1.11 (当前最新) +3. Flask 0.12 Luna (当前最新) +4. Paramiko 2.12 Coco (当前最新) + +Django规范 +---------- + +1. 尽量使用Class Base View编程,更少代码 +2. 使用Django Form +3. 每个url独立命名,不要硬编码,同理static也是 +4. 数据库表名手动指定,不要使用默认 +5. 代码优雅简洁 +6. 注释明确优美 +7. 测试案例尽可能完整 +8. 尽可能利用Django造好的轮子 + +代码风格 +-------- + +Python方面大致的风格,我们采用pocoo的\ `Style +Guidance`_\ ,但是有些细节部分会尽量放开 参考国内翻译 + +基本的代码布局 +~~~~~~~~~~~~~~ + +缩进 +^^^^ + +1. Python严格采用4个空格的缩进,任何python代码都都必须遵守此规定。 +2. web部分代码(HTML, CSS, + JavaScript),Node.js采用2空格缩进,同样不使用tab (:raw-latex:`\t`)。 + 之所以与Python不同,是因为js中有大量回调式的写法,2空格可以显著降低视觉上的负担。 + +最大行长度 +^^^^^^^^^^ + +按PEP8规范,Python一般限制最大79个字符, +但是Django的命名,url等通常比较长, +而且21世纪都是宽屏了,所以我们限制最大120字符 + +**补充说明:HTML代码不受此规范约束。** + +长语句缩进 +^^^^^^^^^^ + +编写长语句时,可以使用换行符()换行。在这种情况下,下一行应该与上一行的最后 +一个“.”句点或“=”对齐,或者是缩进4个空格符 + +:: + + this_is_a_very_long(function_call, 'with many parameters') \ + .that_returns_an_object_with_an_attribute + + MyModel.query.filter(MyModel.scalar > 120) \ + .order_by(MyModel.name.desc()) \ + .limit(10) + +如果你使用括号“()”或花括号“{}”为长语句换行,那么下一行应与括号或花括号对齐: + +:: + + this_is_a_very_long(function_call, 'with many parameters', + 23, 42, 'and even more') + +对于元素众多的列表或元组,在第一个“[”或“(”之后马上换行: + +:: + + items = [ + 'this is the first', 'set of items', 'with more items', + 'to come in this line', 'like this' + ] + +.. _Style Guidance: http://www.pocoo.org/internal/styleguide/ + + +空行 +^^^^ + +顶层函数与类之间空两行,此外都只空一行。不要在代码中使用太多的空行来区分不同的逻辑模块。 + +:: + + def hello(name): + print 'Hello %s!' % name + + + def goodbye(name): + print 'See you %s.' % name + + + class MyClass(object): + """This is a simple docstring.""" + + def __init__(self, name): + self.name = name + + def get_annoying_name(self): + return self.name.upper() + '!!!!111' + +语句和表达式 +~~~~~~~~~~~~ + +一般空格规则 +^^^^^^^^^^^^ + +1. 单目运算符与运算对象之间不空格(例如,-,~等),即使单目运算符位于括号内部也一样。 +2. 双目运算符与运算对象之间要空格。 + +:: + + exp = -1.05 + value = (item_value / item_count) * offset / exp + value = my_list[index] + value = my_dict['key'] + +比较 +^^^^ + +1. 任意类型之间的比较,使用“==”和“!=”。 +2. 与单例(singletons)进行比较时,使用is和is not。 +3. 永远不要与True或False进行比较(例如,不要这样写:foo == + False,而应该这样写:not foo)。 + +否定成员关系检查 +^^^^^^^^^^^^^^^^ + +使用foo not in bar,而不是not foo in bar。 + +命名约定 +~~~~~~~~ + +1. 类名称:采用骆驼拼写法(CamelCase),首字母缩略词保持大写不变(HTTPWriter,而不是HttpWriter)。 +2. 变量名:小写_以及_下划线(lowercase_with_underscores)。 +3. 方法与函数名:小写_以及_下划线(lowercase_with_underscores)。 +4. 常量:大写_以及_下划线(UPPERCASE_WITH_UNDERSCORES)。 +5. 预编译的正则表达式:name_re。 +6. 受保护的元素以一个下划线为前缀。双下划线前缀只有定义混入类(mixin + classes)时才使用。 +7. 如果使用关键词(keywords)作为类名称,应在名称后添加后置下划线(trailing + underscore)。 + 允许与内建变量重名,不要在变量名后添加下划线进行区分。如果函数需要访问重名的内建变量,请将内建变量重新绑定为其他名称。 +8. 命名要有寓意, 不使用拼音,不使用无意义简单字母命名 (循环中计数例外 for + i in) +9. 命名缩写要谨慎, 尽量是大家认可的缩写 + +函数和方法的参数: +^^^^^^^^^^^^^^^^^^ + +1. 类方法:cls为第一个参数。 +2. 实例方法:self为第一个参数。 +3. property函数中使用匿名函数(lambdas)时,匿名函数的第一个参数可以用x替代, + 例如:display_name = property(lambda x: x.real_name or x.username)。 + + +文档注释(Docstring,即各方法,类的说明文档注释) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +所有文档字符串均以reStructuredText格式编写,方便Sphinx处理。文档字符串的行数不同,布局也不一样。 +如果只有一行,代表字符串结束的三个引号与代表字符串开始的三个引号在同一行。 +如果为多行,文档字符串中的文本紧接着代表字符串开始的三个引号编写,代表字符串结束的三个引号则自己独立成一行。 +(有能力尽可能用英文, 否则请中文优雅注释) + +:: + + def foo(): + """This is a simple docstring.""" + + + def bar(): + """This is a longer docstring with so much information in there + that it spans three lines. In this case, the closing triple quote + is on its own line. + """ + +文档字符串应分成简短摘要(尽量一行)和详细介绍。如果必要的话,摘要与详细介绍之间空一行。 + +模块头部 +~~~~~~~~ + +模块文件的头部包含有utf-8编码声明(如果模块中使用了非ASCII编码的字符,建议进行声明),以及标准的文档字符串。 + +:: + + # -*- coding: utf-8 -*- + """ + package.module + ~~~~~~~~~~~~~~ + + A brief description goes here. + + :copyright: (c) YEAR by AUTHOR. + :license: LICENSE_NAME, see LICENSE_FILE for more details. + """ + +注释(comment) +~~~~~~~~~~~~~ + +注释的规范与文档字符串编写规范类似。二者均以reStructuredText格式编写。 +如果使用注释来编写类属性的文档,请在#符号后添加一个冒号“:”。 +(有能力尽可能用英文, 否则请中文优雅注释) + +:: + + class User(object): + #: the name of the user as unicode string + name = Column(String) + #: the sha1 hash of the password + inline salt + pw_hash = Column(String) \ No newline at end of file diff --git a/docs/quickstart.rst b/docs/quickstart.rst new file mode 100644 index 000000000..7892999fe --- /dev/null +++ b/docs/quickstart.rst @@ -0,0 +1,48 @@ +快速安装 +========================== + +Jumpserver 封装了一个All in one Docker,可以快速启动。该镜像集成了所有需要的组件,可以使用外置db和redis + +Tips: 不建议在生产中使用 + + +Docker 安装见: `Docker官方安装文档 `_ + + +快速启动 +``````````````` +使用root命令行输入:: + + $ docker run -p 8080:80 -p 2222:2222 jumpserver/jumpserver:0.5.0-beta2 + +访问 +``````````````` + +浏览器访问: http://localhost:8080 + +ssh访问: ssh -p 2222 localhost + + +额外环境变量 +``````````````` + +- DB_ENGINE = mysql +- DB_HOST = mysql_host +- DB_PORT = 3306 +- DB_USER = xxx +- DB_PASSWORD = xxxx +- DB_NAME = jumpserver + +- REDIS_HOST = '' +- REDIS_PORT = '' +- REDIS_PASSWORD = '' + + :: + + docker run -p 8080:80 -p 2222:2222 -e DB_ENGINE=mysql -e DB_HOST=192.168.1.1 -e DB_PORT=3306 -e DB_USER=root -e DB_PASSWORD=xxx -e DB_NAME=jumpserver jumpserver/jumpserver:0.5.0-beta2 + + +仓库地址 +``````````````` + +https://github.com/jumpserver/Dockerfile diff --git a/docs/step_by_step.rst b/docs/step_by_step.rst new file mode 100644 index 000000000..db4b08608 --- /dev/null +++ b/docs/step_by_step.rst @@ -0,0 +1,294 @@ +一步一步安装 +-------------------------- + +环境 +~~~~ + +- 系统: CentOS 7 +- IP: 192.168.244.144 +- 关闭 selinux和防火墙 + +:: + + # CentOS 7 + $ setenforce 0 # 可以设置配置文件永久关闭 + $ systemctl stop iptables.service + $ systemctl stop firewalld.service + + # CentOS6 + $ setenforce 0 + $ service iptables stop + +一. 准备Python3和Python虚拟环境 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +**1.1 安装依赖包** + +:: + + $ yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release + +**1.2 编译安装** + +:: + + $ wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz + $ tar xvf Python-3.6.1.tar.xz && cd Python-3.6.1 + $ ./configure && make && make install + +**1.3 建立python虚拟环境** + +因为CentOS +6/7自带的是Python2,而Yum等工具依赖原来的Python,为了不扰乱原来的环境我们来使用Python虚拟环境 + +:: + + $ cd /opt + $ python3 -m venv py3 + $ source /opt/py3/bin/activate + + # 看到下面的提示符代表成功,以后运行jumpserver都要先运行以上source命令,以下所有命令均在该虚拟环境中运行 + (py3) [root@localhost py3]# + +二. 安装Jumpserver 0.5.0 +~~~~~~~~~~~~~~~~~~~~~~~~ + +**2.1 下载或clone项目** + +项目提交较多git clone时较大,你可以选择去github项目页面直接下载 +zip包,我的网速好,我直接clone了 + +:: + + $ cd /opt/ + $ git clone --depth=1 https://github.com/jumpserver/jumpserver.git && cd jumpserver && git checkout dev + +**2.2 安装依赖rpm包** + +:: + + $ cd /opt/jumpserver/requirements + $ yum -y install $(cat rpm_requirements.txt) # 如果没有任何报错请继续 + +**2.3 安装python库依赖** + +:: + + $ pip install -r requirements.txt # 不要指定-i参数,因为镜像上可能没有最新的包,如果没有任何报错请继续 + +**2.4 安装Redis, jumpserver使用redis做cache和celery broker** + +:: + + $ yum -y install redis + $ service redis start + +**2.5 安装MySQL** + +本教程使用mysql作为数据库,如果不使用mysql可以跳过相关mysql安装和配置 + +:: + + # centos7 + $ yum -y install mariadb mariadb-devel mariadb-server # centos7下安装的是mariadb + $ service mariadb start + + # centos6 + $ yum -y install mysql mysql-devel mysql-server + $ service mysqld start + +**2.6 创建数据库 jumpserver并授权** + +:: + + $ mysql + > create database jumpserver default charset 'utf8'; + > grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by 'somepassword'; + +**2.7 修改jumpserver配置文件** + +:: + + $ cd /opt/jumpserver + $ cp config_example.py config.py + $ vi config.py # 我们计划修改 DevelopmentConfig中的配置,因为默认jumpserver是使用该配置,它继承自Config + +**注意: 配置文件是python格式,不要用tab,而要用空格** **注意: +配置文件是python格式,不要用tab,而要用空格** **注意: +配置文件是python格式,不要用tab,而要用空格** + +:: + + class DevelopmentConfig(Config): + DEBUG = True + DB_ENGINE = 'mysql' + DB_HOST = '127.0.0.1' + DB_PORT = 3306 + DB_USER = 'jumpserver' + DB_PASSWORD = 'somepassword' + DB_NAME = 'jumpserver' + + ... + + config = DevelopmentConfig() # 确保使用的是刚才设置的配置文件 + +**2.8 生成数据库表结构和初始化数据** + +:: + + $ cd /opt/jumpserver/utils + $ bash make_migrations.sh + +**2.9 运行Jumpserver** + +:: + + $ cd /opt/jumpserver + $ python run_server.py all + +运行不报错,请浏览器访问 http://192.168.244.144:8080/ +(这里只是jumpserver, 没有web terminal,所以访问web terminal会报错) + +账号:admin 密码: admin + +三. 安装 SSH Server和Web Socket Server: Coco +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +**3.1 下载clone项目** + +新开一个终端,连接测试机,别忘了 source /opt/py3/bin/activate + +:: + + $ cd /opt + $ git clone https://github.com/jumpserver/coco.git && cd coco && git checkout dev + +**3.2 安装依赖** + +:: + + $ cd /opt/coco/requirements $ yum -y install $(cat rpm_requirements.txt) $ pip install requirements.txt + + +**3.2 安装依赖** + +:: + + $ cd /opt/coco/requirements + $ yum -y install $(cat rpm_requirements.txt) + $ pip install -r requirements.txt + +**3.3 查看配置文件并运行** + +:: + + $ cd /opt/coco + $ cp conf_example.py conf.py + $ python run_server.py + +这时需要去 +jumpserver管理后台-终端-终端(http://192.168.244.144:8080/terminal/terminal/)接受coco的注册 + +:: + + Coco version 0.4.0, more see https://www.jumpserver.org + Starting ssh server at 0.0.0.0:2222 + Quit the server with CONTROL-C. + +**3.4 测试连接** + +:: + + $ ssh -p2222 admin@192.168.244.144 + 密码: admin + + 如果是用在windows下,Xshell terminal登录语法如下 + $ssh admin@192.168.244.144 2222 + 密码: admin + 如果能登陆代表部署成功 + +四. 安装 Web Terminal 前端: Luna +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Luna已改为纯前端,需要nginx来运行访问 + +下载 release包,直接解压,不需要编译 + +访问 https://github.com/jumpserver/luna/releases,下载对应release包 + +4.1 解压luna + +:: + + $ pwd + /opt/ + + $ tar xvf luna.tar.gz + $ ls /opt/luna + ... + +五. 安装Windows支持组件 +~~~~~~~~~~~~~~~~~~~~~~~ + +使用docker启动 guacamole + +.. code:: shell + + docker run \ + -p 8080:8080 \ + -e JUMPSERVER_SERVER=http://:8080 \ + jumpserver/guacamole + +这里所需要注意的是guacamole暴露出来的端口是8080,若与jumpserver部署在同一主机上自定义一下。 + +修改JUMPSERVER_SERVER的配置,填上jumpserver的内网地址 + +六. 配置 nginx 整合各组件 +~~~~~~~~~~~~~~~~~~~~~~~~~ + +6.1 安装nginx 根据喜好选择安装方式和版本 + +6.2 配置文件 + +:: + + server { + listen 80; + + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + location /luna/ { + try_files $uri / /index.html; + alias /opt/luna/; + } + + location /media/ { + add_header Content-Encoding gzip; + root /opt/jumpserver/data/; + } + + location /static/ { + root /opt/jumpserver/data/; + } + + location /socket.io/ { + proxy_pass http://localhost:5000/socket.io/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + + location /guacamole/ { + proxy_pass http://:8080/; + } + + location / { + proxy_pass http://localhost:8080; + } + } + +6.3 运行 nginx + +6.4 访问 http://192.168.244.144 \ No newline at end of file diff --git a/docs/upgrade.rst b/docs/upgrade.rst new file mode 100644 index 000000000..422aba51b --- /dev/null +++ b/docs/upgrade.rst @@ -0,0 +1,18 @@ +升级 +---- + +1. 升级 jumpserver + +:: + + $ git pull && pip install -r requirements/requirements.txt && cd utils && sh make_migrations.sh + +2. 升级 coco + +:: + + $ git pull && cd requirements && pip install -r requirements.txt # 不要指定 -i参数 + +3. 升级 luna + +重新下载release包 \ No newline at end of file diff --git a/docs/user_asset.rst b/docs/user_asset.rst new file mode 100644 index 000000000..71855f76e --- /dev/null +++ b/docs/user_asset.rst @@ -0,0 +1,27 @@ +个人资产 +========= + +这里介绍用户个人资产相关的功能。 + +.. contents:: Topics + +.. _view_personal_assets: + +查看个人资产 +```````````` + +登录个人用户,默认展示个人资产列表。点击主机名,查看资产的详细信息。 + +.. _host_login: + +主机登录 +````````` + +点解页面左侧的"Web终端",进入主机登录页,然后点击页面右侧的主机IP地址,连接主机,页面右侧会展示当前连接的终端信息。 + +.. _host_logout: + +主机登出 +````````` + +在主机登录页面,选择左上角的“服务器”按钮,出现两个选项,一个“断开链接“按钮,断开当前连接的主机;另一个”断开所有链接“,断开当前所有连接的主机。 \ No newline at end of file diff --git a/docs/user_guide.rst b/docs/user_guide.rst new file mode 100644 index 000000000..97d9810b3 --- /dev/null +++ b/docs/user_guide.rst @@ -0,0 +1,10 @@ +用户使用文档 +============= + +这部分给您介绍Jumpserver的用户管理模块的使用方法。 + +.. toctree:: + :maxdepth: 1 + + user_asset + user_info \ No newline at end of file diff --git a/docs/user_info.rst b/docs/user_info.rst new file mode 100644 index 000000000..23feb4754 --- /dev/null +++ b/docs/user_info.rst @@ -0,0 +1,34 @@ +个人信息 +========= + +这里介绍个人信息相关的功能。 + +.. contents:: Topics + +.. _view_personal_info: + +查看个人信息 +```````````` + +点击页面左侧的“个人信息”,查看用户的个人信息、SSH密钥。 + +.. _modify_personal_info: + +修改个人信息 +```````````` + +在个人信息页,点击页面右上角的“设置”按钮,进入个人信息修改页面,填写个人信息,点击“提交”按钮,完成个人信息修改。 + +.. _update_password: + +更新密码 +````````` + +在个人信息页,点击页面右上角的“重置密码“按钮,进入密码更新页面,填写原来密码、新密码等信息,点击“提交”按钮,完成密码更新。 + +.. _update_ssh_key: + +密钥更新 +````````` + +在个人信息页,点击页面左上角的“重置SSH密钥“按钮,进入密钥更新页面,填写SSH公钥,点击“提交”按钮,完成密钥更新。 \ No newline at end of file