github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'dev' of git.coding.net:jumpserver/jumpserver into dev

pull/26/head
ibuler 2015-12-10 14:10:56 +08:00
parent e03b4722b0 b5a3fb44c3
commit e117cd003f
11 changed files with 83 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
jasset/urls.py
View File

@ -12,15 +12,11 @@ urlpatterns = patterns('',
url(r'^asset_edit/$', asset_edit), url(r'^asset_edit/$', asset_edit),
url(r'^asset_update/$', asset_update), url(r'^asset_update/$', asset_update),
url(r'^asset_update_batch/$', asset_update_batch), url(r'^asset_update_batch/$', asset_update_batch),
# url(r'^search/$', host_search),
# url(r"^show_all_ajax/$", show_all_ajax),
url(r'^group_add/$', group_add), url(r'^group_add/$', group_add),
url(r'^group_list/$', group_list), url(r'^group_list/$', group_list),
url(r'^group_edit/$', group_edit), url(r'^group_edit/$', group_edit),
url(r'^group_list/$', group_list), url(r'^group_list/$', group_list),
# url(r'^group_del_host/$', group_del_host),
url(r'^asset_edit_batch/$', asset_edit_batch), url(r'^asset_edit_batch/$', asset_edit_batch),
# url(r'^host_edit_common/batch/$', host_edit_common_batch),
url(r'^idc_add/$', idc_add), url(r'^idc_add/$', idc_add),
url(r'^idc_list/$', idc_list), url(r'^idc_list/$', idc_list),
url(r'^idc_edit/$', idc_edit), url(r'^idc_edit/$', idc_edit),

3
jasset/views.py
View File

@ -294,7 +294,6 @@ def asset_list(request):
asset_find = asset_find.filter(idc__name__contains=idc_name) asset_find = asset_find.filter(idc__name__contains=idc_name)
if group_name: if group_name:
print asset_find, type(asset_find)
asset_find = asset_find.filter(group__name__contains=group_name) asset_find = asset_find.filter(group__name__contains=group_name)
if asset_type: if asset_type:
@ -413,7 +412,7 @@ def asset_edit_batch(request):
if alert_list: if alert_list:
recode_name = unicode(name) + ' - ' + u'批量' recode_name = unicode(name) + ' - ' + u'批量'
AssetRecord.objects.create(asset=asset, username=recode_name, content=alert_list) AssetRecord.objects.create(asset=asset, username=recode_name, content=alert_list)
return HttpResponse('ok') return my_render('jasset/asset_update_status.html', locals(), request)
return my_render('jasset/asset_edit_batch.html', locals(), request) return my_render('jasset/asset_edit_batch.html', locals(), request)

4
jperm/ansible_api.py
View File

@ -323,11 +323,13 @@ class MyTask(MyRunner):
""" """
add a host user. add a host user.
""" """
if password: if password:
encrypt_pass = sha512_crypt.encrypt(password) encrypt_pass = sha512_crypt.encrypt(password)
module_args = 'name=%s shell=/bin/bash password=%s' % (username, encrypt_pass) module_args = 'name=%s shell=/bin/bash password=%s' % (username, encrypt_pass)
else: else:
module_args = 'name=%s shell=/bin/bash' % username module_args = 'name=%s shell=/bin/bash' % username
self.run("user", module_args, become=True) self.run("user", module_args, become=True)
return self.results return self.results
@ -359,9 +361,9 @@ class MyTask(MyRunner):
""" """
module_args = 'name=%s state=absent remove=yes move_home=yes force=yes' % username module_args = 'name=%s state=absent remove=yes move_home=yes force=yes' % username
self.run("user", module_args, become=True) self.run("user", module_args, become=True)
return self.results return self.results
@staticmethod @staticmethod
def gen_sudo_script(role_list, sudo_list): def gen_sudo_script(role_list, sudo_list):
# receive role_list = [role1, role2] sudo_list = [sudo1, sudo2] # receive role_list = [role1, role2] sudo_list = [sudo1, sudo2]

38
jperm/perm_api.py
View File

@ -241,47 +241,39 @@ def get_role_info(role_id, type="all"):
""" """
# 获取role对应的授权规则 # 获取role对应的授权规则
role_obj = PermRole.objects.get(id=role_id) role_obj = PermRole.objects.get(id=role_id)
rules_obj = role_obj.perm_rule.all() rule_push_obj = role_obj.perm_rule.all()
# 获取role 对应的用户 和 用户组 # 获取role 对应的用户 和 用户组
# 获取role 对应的主机 和主机组 # 获取role 对应的主机 和主机组
users_obj = [] users_obj = []
assets_obj = [] assets_obj = []
user_groups_obj = [] user_groups_obj = []
group_users_obj = []
asset_groups_obj = [] asset_groups_obj = []
group_assets_obj = [] for push in rule_push_obj:
for rule in rules_obj: for user in push.user.all():
for user in rule.user.all():
users_obj.append(user) users_obj.append(user)
for asset in rule.asset.all(): for asset in push.asset.all():
assets_obj.append(asset) assets_obj.append(asset)
for user_group in rule.user_group.all(): for user_group in push.user_group.all():
user_groups_obj.append(user_group) user_groups_obj.append(user_group)
for user in user_group.user_set.all(): for asset_group in push.asset_group.all():
group_users_obj.append(user)
for asset_group in rule.asset_group.all():
asset_groups_obj.append(asset_group) asset_groups_obj.append(asset_group)
for asset in asset_group.asset_set.all():
group_assets_obj.append(asset)
calc_users = set(users_obj) | set(group_users_obj)
calc_assets = set(assets_obj) | set(group_assets_obj)
if type == "all": if type == "all":
return {"rules": rules_obj, return {"rules": rule_push_obj,
"users": list(calc_users), "users": users_obj,
"user_groups": user_groups_obj, "user_groups": user_groups_obj,
"assets": list(calc_assets), "assets": assets_obj,
"asset_groups": asset_groups_obj, "asset_groups": asset_groups_obj,
} }
elif type == "rule": elif type == "rule":
return rules_obj return rule_push_obj
elif type == "user": elif type == "user":
return calc_users return users_obj
elif type == "user_group": elif type == "user_group":
return user_groups_obj return user_groups_obj
elif type == "asset": elif type == "asset":
return calc_assets return assets_obj
elif type == "asset_group": elif type == "asset_group":
return asset_groups_obj return asset_groups_obj
else: else:
@ -308,7 +300,3 @@ def get_role_push_host(role):
if __name__ == "__main__": if __name__ == "__main__":
print get_role_info(1) print get_role_info(1)

2
jperm/views.py
View File

@ -35,7 +35,7 @@ def perm_rule_list(request):
rules_list = rules_list.filter(Q(name=keyword)) rules_list = rules_list.filter(Q(name=keyword))
rules_list, p, rules, page_range, current_page, show_first, show_end = pages(rules_list, request) rules_list, p, rules, page_range, current_page, show_first, show_end = pages(rules_list, request)
return my_render('jperm/perm_rule_list.html', locals(), request) return my_render('jperm/perm_rule_list.html', locals(), request)

4
jumpserver/api.py
View File

@ -27,12 +27,12 @@ from django.shortcuts import render_to_response
from django.core.mail import send_mail from django.core.mail import send_mail
def set_log(level): def set_log(level, filename='jumpserver.log'):
""" """
return a log file object return a log file object
根据提示设置log打印 根据提示设置log打印
""" """
log_file = os.path.join(LOG_DIR, 'jumpserver.log') log_file = os.path.join(LOG_DIR, filename)
if not os.path.isfile(log_file): if not os.path.isfile(log_file):
os.mknod(log_file) os.mknod(log_file)
os.chmod(log_file, 0777) os.chmod(log_file, 0777)

56
templates/jasset/asset_cu_list.html
View File

@ -24,61 +24,7 @@
<div class="ibox-content"> <div class="ibox-content">
<form id="asset_form"> <form id="asset_form">
<div class="col-sm-7" style="padding-left: 0px"> <div class="col-sm-4 col-sm-offset-8" style="padding-right: 0">
<label>
<select name="idc" class="form-control m-b input-sm" onchange="change_info()">
<option value="">机房</option>
{% for idc in idc_all %}
{% ifequal idc.name idc_name %}
<option value="{{idc.name}}" selected> {{ idc.name }}</option>
{% else %}
<option value="{{idc.name}}"> {{ idc.name }}</option>
{% endifequal %}
{% endfor %}
</select>
</label>
<label>
<select name="group" class="form-control m-b input-sm" onchange="change_info()">
<option value="">主机组</option>
{% for asset_group in asset_group_all %}
{% ifequal asset_group.name group_name %}
<option value="{{ asset_group.name }}" selected> {{ asset_group.name }} </option>
{% else %}
<option value="{{ asset_group.name }}"> {{ asset_group.name }} </option>
{% endifequal %}
{% endfor %}
</select>
</label>
<label>
<select name="asset_type" class="form-control m-b input-sm" onchange="change_info()">
<option value="">资产类型</option>
{% for type in asset_types %}
{% ifequal type.0|int2str asset_type %}
<option value="{{ type.0 }}" selected> {{ type.1 }}</option>
{% else %}
<option value="{{ type.0 }}"> {{ type.1 }}</option>
{% endifequal %}
{% endfor %}
</select>
</label>
<label>
<select name="status" class="form-control m-b input-sm" onchange="change_info()">
<option value="">资产状态</option>
{% for s in asset_status %}
{% ifequal s.0|int2str status %}
<option value="{{ s.0 }}" selected> {{ s.1 }}</option>
{% else %}
<option value="{{ s.0 }}"> {{ s.1 }}</option>
{% endifequal %}
{% endfor %}
</select>
</label>
</div>
<div class="col-sm-4" style="padding-right: 0">
<div class="input-group inline-group"> <div class="input-group inline-group">
<input type="text" class="form-control m-b input-sm" id="search_input" name="keyword" value="{{ keyword }}" placeholder="Search"> <input type="text" class="form-control m-b input-sm" id="search_input" name="keyword" value="{{ keyword }}" placeholder="Search">
<input type="text" style="display: none"> <input type="text" style="display: none">

2
templates/jasset/asset_list.html
View File

@ -301,7 +301,7 @@
return false; return false;
} }
var url= $(this).attr("value") + '?asset_id_all=' + asset_id_all; var url= $(this).attr("value") + '?asset_id_all=' + asset_id_all;
layer.open({ parent.layer.open({
type: 2, type: 2,
title: 'JumpServer - 批量修改主机', title: 'JumpServer - 批量修改主机',
maxmin: true, maxmin: true,

45
templates/jasset/asset_update_status.html Normal file
View File

@ -0,0 +1,45 @@
<html>
<head>
<link href="/static/css/bootstrap.min.css" rel="stylesheet">
<link href="/static/font-awesome/css/font-awesome.css" rel="stylesheet">
<link href="/static/css/plugins/iCheck/custom.css" rel="stylesheet">
<link href="/static/css/animate.css" rel="stylesheet">
<link href="/static/css/style.css" rel="stylesheet">
<script src="/static/js/jquery-2.1.1.js"></script>
<style>
body {background: #ffffff;}
</style>
</head>
{% load bootstrap %}
{% block content %}
<body onload="closeWindow();">
<div>
<div class="row">
<div class="col-lg-10">
<div class="ibox-content">
<h2 id="jumpTo" class="text-center text-info"></h2>
</div>
</div>
</div>
</div>
<script type="text/javascript">
var time=2;
function closeWindow(){
window.setTimeout('closeWindow()',1000);
if(time>0){
document.getElementById("jumpTo").innerHTML="修改成功, <font color=red>"+time+"</font>秒后关闭当前窗口";
time--;
}
else{
window.parent.location.reload();
var index = parent.layer.getFrameIndex(window.name);
parent.layer.close(index);
}
}
</script>
{% endblock content %}
</body>
</html>

17
templates/jperm/perm_rule_detail.html
View File

@ -93,12 +93,15 @@
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
{% for user in users %}
<tr class="gradeX"> <tr class="gradeX">
{% for user in users %}
<td class="text-center"> {{ user.name }} </td> <td class="text-center"> {{ user.name }} </td>
<td class="text-center"> {{ user | user_which_groups:"group" }} </td> {% endfor %}
{% for group in user_groups %}
<td class="text-center"> {{ group.name }} </td>
{% endfor %}
</tr> </tr>
{% endfor %}
</tbody> </tbody>
</table> </table>
</div> </div>
@ -139,12 +142,14 @@
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
{% for asset in assets %}
<tr class="gradeX"> <tr class="gradeX">
{% for asset in assets %}
<td class="text-center"> {{ asset.ip }} </td> <td class="text-center"> {{ asset.ip }} </td>
<td class="text-center"> {{ asset | asset_which_groups:"group" }} </td> {% endfor %}
{% for group in asset_groups %}
<td class="text-center"> {{ group.name }} </td>
{% endfor %}
</tr> </tr>
{% endfor %}
</tbody> </tbody>
</table> </table>
</div> </div>

5
templates/jperm/role_sudo.j2
View File

@ -4,6 +4,9 @@
real_file=/etc/sudoers real_file=/etc/sudoers
tmp_file=$(mktemp /tmp/XXXXXXX) tmp_file=$(mktemp /tmp/XXXXXXX)
# Backup sudoers file
cp ${sudo_file} ${sudo_file_bak}
# Add Command Aliases # Add Command Aliases
add_cmd_alias() { add_cmd_alias() {
sudo_file=$1 sudo_file=$1
@ -17,6 +20,7 @@ add_cmd_alias() {
} }
# Add Command Aliases to role
add_role_chosen() { add_role_chosen() {
sudo_file=$1 sudo_file=$1
{% for user, alias in sudo_user.items %} {% for user, alias in sudo_user.items %}
@ -28,6 +32,7 @@ add_role_chosen() {
{% endfor %} {% endfor %}
} }
check_syntax(){ check_syntax(){
visudo -c -f $1 visudo -c -f $1
} }