diff --git a/jasset/urls.py b/jasset/urls.py index 8fcbcdea4..ab7b6ac10 100644 --- a/jasset/urls.py +++ b/jasset/urls.py @@ -12,15 +12,11 @@ urlpatterns = patterns('', url(r'^asset_edit/$', asset_edit), url(r'^asset_update/$', asset_update), url(r'^asset_update_batch/$', asset_update_batch), - # url(r'^search/$', host_search), - # url(r"^show_all_ajax/$", show_all_ajax), url(r'^group_add/$', group_add), url(r'^group_list/$', group_list), url(r'^group_edit/$', group_edit), url(r'^group_list/$', group_list), - # url(r'^group_del_host/$', group_del_host), url(r'^asset_edit_batch/$', asset_edit_batch), - # url(r'^host_edit_common/batch/$', host_edit_common_batch), url(r'^idc_add/$', idc_add), url(r'^idc_list/$', idc_list), url(r'^idc_edit/$', idc_edit), diff --git a/jasset/views.py b/jasset/views.py index 0d9e07c82..01aa1b7eb 100644 --- a/jasset/views.py +++ b/jasset/views.py @@ -294,7 +294,6 @@ def asset_list(request): asset_find = asset_find.filter(idc__name__contains=idc_name) if group_name: - print asset_find, type(asset_find) asset_find = asset_find.filter(group__name__contains=group_name) if asset_type: @@ -413,7 +412,7 @@ def asset_edit_batch(request): if alert_list: recode_name = unicode(name) + ' - ' + u'批量' AssetRecord.objects.create(asset=asset, username=recode_name, content=alert_list) - return HttpResponse('ok') + return my_render('jasset/asset_update_status.html', locals(), request) return my_render('jasset/asset_edit_batch.html', locals(), request) diff --git a/jperm/ansible_api.py b/jperm/ansible_api.py index 0b40d93a5..0fa0296b2 100644 --- a/jperm/ansible_api.py +++ b/jperm/ansible_api.py @@ -323,11 +323,13 @@ class MyTask(MyRunner): """ add a host user. """ + if password: encrypt_pass = sha512_crypt.encrypt(password) module_args = 'name=%s shell=/bin/bash password=%s' % (username, encrypt_pass) else: module_args = 'name=%s shell=/bin/bash' % username + self.run("user", module_args, become=True) return self.results @@ -359,9 +361,9 @@ class MyTask(MyRunner): """ module_args = 'name=%s state=absent remove=yes move_home=yes force=yes' % username self.run("user", module_args, become=True) - return self.results + @staticmethod def gen_sudo_script(role_list, sudo_list): # receive role_list = [role1, role2] sudo_list = [sudo1, sudo2] diff --git a/jperm/perm_api.py b/jperm/perm_api.py index 9e4d014cd..0a6d0b805 100644 --- a/jperm/perm_api.py +++ b/jperm/perm_api.py @@ -241,47 +241,39 @@ def get_role_info(role_id, type="all"): """ # 获取role对应的授权规则 role_obj = PermRole.objects.get(id=role_id) - rules_obj = role_obj.perm_rule.all() + rule_push_obj = role_obj.perm_rule.all() # 获取role 对应的用户 和 用户组 # 获取role 对应的主机 和主机组 users_obj = [] assets_obj = [] user_groups_obj = [] - group_users_obj = [] asset_groups_obj = [] - group_assets_obj = [] - for rule in rules_obj: - for user in rule.user.all(): + for push in rule_push_obj: + for user in push.user.all(): users_obj.append(user) - for asset in rule.asset.all(): + for asset in push.asset.all(): assets_obj.append(asset) - for user_group in rule.user_group.all(): + for user_group in push.user_group.all(): user_groups_obj.append(user_group) - for user in user_group.user_set.all(): - group_users_obj.append(user) - for asset_group in rule.asset_group.all(): + for asset_group in push.asset_group.all(): asset_groups_obj.append(asset_group) - for asset in asset_group.asset_set.all(): - group_assets_obj.append(asset) - - calc_users = set(users_obj) | set(group_users_obj) - calc_assets = set(assets_obj) | set(group_assets_obj) if type == "all": - return {"rules": rules_obj, - "users": list(calc_users), + return {"rules": rule_push_obj, + "users": users_obj, "user_groups": user_groups_obj, - "assets": list(calc_assets), + "assets": assets_obj, "asset_groups": asset_groups_obj, } + elif type == "rule": - return rules_obj + return rule_push_obj elif type == "user": - return calc_users + return users_obj elif type == "user_group": return user_groups_obj elif type == "asset": - return calc_assets + return assets_obj elif type == "asset_group": return asset_groups_obj else: @@ -308,7 +300,3 @@ def get_role_push_host(role): if __name__ == "__main__": print get_role_info(1) - - - - diff --git a/jperm/views.py b/jperm/views.py index 44e59b6fe..1c6e0fd37 100644 --- a/jperm/views.py +++ b/jperm/views.py @@ -35,7 +35,7 @@ def perm_rule_list(request): rules_list = rules_list.filter(Q(name=keyword)) rules_list, p, rules, page_range, current_page, show_first, show_end = pages(rules_list, request) - + return my_render('jperm/perm_rule_list.html', locals(), request) diff --git a/jumpserver/api.py b/jumpserver/api.py index b1f5b2cec..a904fe0e1 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -27,12 +27,12 @@ from django.shortcuts import render_to_response from django.core.mail import send_mail -def set_log(level): +def set_log(level, filename='jumpserver.log'): """ return a log file object 根据提示设置log打印 """ - log_file = os.path.join(LOG_DIR, 'jumpserver.log') + log_file = os.path.join(LOG_DIR, filename) if not os.path.isfile(log_file): os.mknod(log_file) os.chmod(log_file, 0777) diff --git a/templates/jasset/asset_cu_list.html b/templates/jasset/asset_cu_list.html index 9d1dd7bf9..49d81e12d 100644 --- a/templates/jasset/asset_cu_list.html +++ b/templates/jasset/asset_cu_list.html @@ -24,61 +24,7 @@
-
- - - - - - - -
- -
+
diff --git a/templates/jasset/asset_list.html b/templates/jasset/asset_list.html index 4124b30d1..428c4bf73 100644 --- a/templates/jasset/asset_list.html +++ b/templates/jasset/asset_list.html @@ -301,7 +301,7 @@ return false; } var url= $(this).attr("value") + '?asset_id_all=' + asset_id_all; - layer.open({ + parent.layer.open({ type: 2, title: 'JumpServer - 批量修改主机', maxmin: true, diff --git a/templates/jasset/asset_update_status.html b/templates/jasset/asset_update_status.html new file mode 100644 index 000000000..e0897b074 --- /dev/null +++ b/templates/jasset/asset_update_status.html @@ -0,0 +1,45 @@ + + + + + + + + + + + + + {% load bootstrap %} + {% block content %} + +
+
+
+
+

+
+
+
+
+ + + {% endblock content %} + + \ No newline at end of file diff --git a/templates/jperm/perm_rule_detail.html b/templates/jperm/perm_rule_detail.html index 4a7a835d5..1df2b8ff3 100644 --- a/templates/jperm/perm_rule_detail.html +++ b/templates/jperm/perm_rule_detail.html @@ -93,12 +93,15 @@ - {% for user in users %} + {% for user in users %} {{ user.name }} - {{ user | user_which_groups:"group" }} + {% endfor %} + {% for group in user_groups %} + {{ group.name }} + {% endfor %} - {% endfor %} +
@@ -139,12 +142,14 @@ - {% for asset in assets %} + {% for asset in assets %} {{ asset.ip }} - {{ asset | asset_which_groups:"group" }} + {% endfor %} + {% for group in asset_groups %} + {{ group.name }} + {% endfor %} - {% endfor %}
diff --git a/templates/jperm/role_sudo.j2 b/templates/jperm/role_sudo.j2 index cc4d7a425..df58c8b58 100644 --- a/templates/jperm/role_sudo.j2 +++ b/templates/jperm/role_sudo.j2 @@ -4,6 +4,9 @@ real_file=/etc/sudoers tmp_file=$(mktemp /tmp/XXXXXXX) +# Backup sudoers file +cp ${sudo_file} ${sudo_file_bak} + # Add Command Aliases add_cmd_alias() { sudo_file=$1 @@ -17,6 +20,7 @@ add_cmd_alias() { } +# Add Command Aliases to role add_role_chosen() { sudo_file=$1 {% for user, alias in sudo_user.items %} @@ -28,6 +32,7 @@ add_role_chosen() { {% endfor %} } + check_syntax(){ visudo -c -f $1 }