From b0f2b346f965efcce3359c9db8aebf32cbf0acba Mon Sep 17 00:00:00 2001 From: yumaojun <719118794@qq.com> Date: Thu, 10 Dec 2015 17:44:45 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E4=BA=86rule=20=E5=92=8C=20r?= =?UTF-8?q?ole=E3=80=80=E7=9A=84detail=20=E9=A1=B5=E9=9D=A2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- jperm/perm_api.py | 20 ++++---- jperm/views.py | 17 ++++--- jumpserver.conf | 2 +- templates/jperm/perm_role_detail.html | 72 ++++++++++++++++---------- templates/jperm/perm_rule_detail.html | 73 ++++++++++++++++----------- templates/jperm/perm_rule_list.html | 3 +- 6 files changed, 111 insertions(+), 76 deletions(-) diff --git a/jperm/perm_api.py b/jperm/perm_api.py index 0a6d0b805..0814a1382 100644 --- a/jperm/perm_api.py +++ b/jperm/perm_api.py @@ -259,23 +259,23 @@ def get_role_info(role_id, type="all"): asset_groups_obj.append(asset_group) if type == "all": - return {"rules": rule_push_obj, - "users": users_obj, - "user_groups": user_groups_obj, - "assets": assets_obj, - "asset_groups": asset_groups_obj, + return {"rules": set(rule_push_obj), + "users": set(users_obj), + "user_groups": set(user_groups_obj), + "assets": set(assets_obj), + "asset_groups": set(asset_groups_obj), } elif type == "rule": - return rule_push_obj + return set(rule_push_obj) elif type == "user": - return users_obj + return set(users_obj) elif type == "user_group": - return user_groups_obj + return set(user_groups_obj) elif type == "asset": - return assets_obj + return set(assets_obj) elif type == "asset_group": - return asset_groups_obj + return set(asset_groups_obj) else: return u"不支持的查询" diff --git a/jperm/views.py b/jperm/views.py index d50be0113..66139649c 100644 --- a/jperm/views.py +++ b/jperm/views.py @@ -23,6 +23,7 @@ logger = set_log(LOG_LEVEL, filename='jumpserver_perm.log') def perm_rule_list(request): """ list rule page + 授权规则列表 """ # 渲染数据 header_title, path1, path2 = "授权规则", "规则管理", "查看规则" @@ -46,6 +47,7 @@ def perm_rule_list(request): def perm_rule_detail(request): """ rule detail page + 授权详情 """ # 渲染数据 header_title, path1, path2 = "授权规则", "规则管理", "规则详情" @@ -54,14 +56,18 @@ def perm_rule_detail(request): rule_id = request.GET.get("id") rule_obj = PermRule.objects.get(id=rule_id) user_obj = rule_obj.user.all() + user_group_obj = rule_obj.user_group.all() asset_obj = rule_obj.asset.all() + asset_group_obj = rule_obj.asset_group.all() roles_name = [role.name for role in rule_obj.role.all()] # 渲染数据 roles_name = ','.join(roles_name) rule = rule_obj users = user_obj + user_groups = user_group_obj assets = asset_obj + asset_groups = asset_group_obj return my_render('jperm/perm_rule_detail.html', locals(), request) @@ -69,6 +75,7 @@ def perm_rule_detail(request): def perm_rule_add(request): """ add rule page + 添加授权 """ # 渲染数据 header_title, path1, path2 = "授权规则", "规则管理", "添加规则" @@ -116,8 +123,8 @@ def perm_rule_add(request): need_push_asset = set() for role in roles_obj: - asset_no_push = get_role_push_host(role=role)[0] # 获取某角色已经推送的资产 - need_push_asset.update(set(calc_assets) - set(asset_no_push)) + asset_no_push = get_role_push_host(role=role)[1] # 获取某角色已经推送的资产 + need_push_asset.update(set(calc_assets) & set(asset_no_push)) if need_push_asset: raise ServerError(u'没有推送角色 %s 的主机 %s' % (role.name, ','.join([asset.hostname for asset in need_push_asset]))) @@ -183,15 +190,13 @@ def perm_rule_edit(request): # 获取需要授权的用户列表 users_obj = [User.objects.get(id=user_id) for user_id in users_select] user_groups_obj = [UserGroup.objects.get(id=group_id) for group_id in user_groups_select] - # group_users_obj = [user for user in [group.user_set.all() for group in user_groups_obj]] - # calc_users = set(group_users_obj) | set(users_obj) # 获取授予的角色列表 roles_obj = [PermRole.objects.get(id=role_id) for role_id in roles_select] need_push_asset = set() for role in roles_obj: - asset_no_push = get_role_push_host(role=role)[0] # 获取某角色已经推送的资产 - need_push_asset.update(set(calc_assets) - set(asset_no_push)) + asset_no_push = get_role_push_host(role=role)[1] # 获取某角色已经推送的资产 + need_push_asset.update(set(calc_assets) & set(asset_no_push)) if need_push_asset: raise ServerError(u'没有推送角色 %s 的主机 %s' % (role.name, ','.join([asset.hostname for asset in need_push_asset]))) diff --git a/jumpserver.conf b/jumpserver.conf index 6297ab00a..d5f4ed930 100644 --- a/jumpserver.conf +++ b/jumpserver.conf @@ -13,7 +13,7 @@ password = mysql234 database = jumpserver [websocket] -web_socket_host = j:3000 +web_socket_host = 127.0.0.1:3000 [mail] mail_enable = 1 diff --git a/templates/jperm/perm_role_detail.html b/templates/jperm/perm_role_detail.html index 0c5ca95ea..b20cd9833 100644 --- a/templates/jperm/perm_role_detail.html +++ b/templates/jperm/perm_role_detail.html @@ -41,7 +41,7 @@ {% for rule in rules %} {{ rule.date_added | date:"Y-m-d H:i:s"}} - {{ rule.name }} + {{ rule.name }} {% endfor %} @@ -54,7 +54,7 @@
- {{ role.name }} - 授权用户/用户组 + 授权用户/用户组
@@ -74,33 +74,47 @@
-
-
+
- + - - - + + + {% for user in users %} - - + {% endfor %} - + +
用户用户组
{{ user.name }} {{ user | user_which_groups:"group" }} {{ user.name }}
+
+
+ + + + + + + + + {% for group in user_groups %} + + + + {% endfor %} +
用户组
{{ group.name }}
-
-
-
+
+
- {{ role.name }} - 授权主机/主机组 + 授权主机/主机组
@@ -120,29 +134,33 @@
-
-
+
- - - - {% for asset in assets %} - - + + + {% endfor %} +
主机主机组
{{ asset.ip }} {{ asset | asset_which_groups:"group" }} {{ asset.ip }}
+
+
+ + + + + {% for group in asset_groups %} + + {% endfor %} -
主机组
{{ group.name }}
-
-
-
+
+
diff --git a/templates/jperm/perm_rule_detail.html b/templates/jperm/perm_rule_detail.html index 1df2b8ff3..e9184253e 100644 --- a/templates/jperm/perm_rule_detail.html +++ b/templates/jperm/perm_rule_detail.html @@ -83,29 +83,40 @@
-
-
+
- + - - - - - - {% for user in users %} - - {% endfor %} - {% for group in user_groups %} - - {% endfor %} + - + + {% for user in users %} + + + + {% endfor %} + +
用户用户组
{{ user.name }} {{ group.name }}
{{ user.name }}
+
+
+ + + + + + + + + {% for group in user_groups %} + + + + {% endfor %} +
用户组
{{ group.name }}
-
@@ -132,28 +143,30 @@
-
-
+
- - - - + {% for asset in assets %} - {% for asset in assets %} - - {% endfor %} - {% for group in asset_groups %} - - {% endfor %} + - + {% endfor %} +
主机主机组
{{ asset.ip }} {{ group.name }} {{ asset.ip }}
+
+
+ + + + + {% for group in asset_groups %} + + + + {% endfor %}
主机组
{{ group.name }}
-
diff --git a/templates/jperm/perm_rule_list.html b/templates/jperm/perm_rule_list.html index 11c40fbf6..921b5b5c5 100644 --- a/templates/jperm/perm_rule_list.html +++ b/templates/jperm/perm_rule_list.html @@ -62,7 +62,7 @@ {% for rule in rules %} - {{ rule.name }} + {{ rule.name }} {{ rule | rule_member_count:"user" }} @@ -79,7 +79,6 @@ {{ rule | rule_member_count:"role" }} - 详情 编辑