From f3a0c390b157065592df83f320c91b3533dd686d Mon Sep 17 00:00:00 2001 From: ibuler Date: Tue, 16 Jun 2015 09:21:11 +0800 Subject: [PATCH] connect.py base ok --- connect.py | 36 +++++++++--------------------------- jumpserver/api.py | 40 +++++++++++++++++++++++++++++++++------- juser/models.py | 2 +- 3 files changed, 43 insertions(+), 35 deletions(-) diff --git a/connect.py b/connect.py index b2e941472..b2da5a934 100644 --- a/connect.py +++ b/connect.py @@ -58,8 +58,8 @@ def color_print(msg, color='red', exits=False): class Jtty(object): - def __init__(self, chan, user, asset): - self.chan = chan + def __init__(self, user, asset): + self.chan = None self.username = user.username self.ip = asset.ip self.user = user @@ -86,7 +86,7 @@ class Jtty(object): """ try: win_size = self.get_win_size() - self.channel.resize_pty(height=win_size[0], width=win_size[1]) + self.chan.resize_pty(height=win_size[0], width=win_size[1]) except Exception: pass @@ -199,6 +199,7 @@ class Jtty(object): Connect server. """ username, password, ip, port = self.get_connect_item() + logger.debug("username: %s, password: %s, ip: %s, port: %s" % (username, password, ip, port)) ps1 = "PS1='[\u@%s \W]\$ '\n" % self.ip login_msg = "clear;echo -e '\\033[32mLogin %s done. Enjoy it.\\033[0m'\n" % self.ip @@ -216,7 +217,7 @@ class Jtty(object): # Make a channel and set windows size global channel win_size = self.get_win_size() - channel = ssh.invoke_shell(height=win_size[0], width=win_size[1]) + self.chan = channel = ssh.invoke_shell(height=win_size[0], width=win_size[1]) try: signal.signal(signal.SIGWINCH, self.set_win_size) except: @@ -264,8 +265,9 @@ def verify_connect(user, option): elif len(ip_matched) < 1: color_print('No Permission or No host.', 'red') else: - asset = Jasset(ip=ip_matched[0]) - jtty = Jtty(chan, user, ) + asset = Jasset(ip=ip_matched[0]).asset + jtty = Jtty(user, asset) + jtty.connect() def print_prompt(): @@ -280,26 +282,6 @@ def print_prompt(): print textwrap.dedent(msg) -# def print_user_host_group(username): -# host_groups = get_host_groups(username) -# for host_group in host_groups: -# print "[%3s] %s -- %s" % (host_group.id, host_group.ip, host_group.comment) - - -# def asset_group_member(username, gid): -# pattern = re.compile(r'\d+') -# match = pattern.match(gid) -# -# if match: -# hosts_attr = get_host_group_host(username, gid) -# hosts = hosts_attr.keys() -# hosts.sort() -# for ip in hosts: -# print '%-15s -- %s' % (ip, hosts_attr[ip][2]) -# else: -# color_print('No such group id, Please check it.', 'red') - - # def remote_exec_cmd(ip, port, username, password, cmd): # try: # time.sleep(5) @@ -394,7 +376,7 @@ if __name__ == '__main__': elif gid_pattern.match(option): gid = option[1:].strip() asset_group = JassetGroup(id=gid) - if asset_group.validate(): + if asset_group.validate() and asset_group.is_permed(user=login_user.user): asset_group.get_asset_info(printable=True) continue elif option in ['E', 'e']: diff --git a/jumpserver/api.py b/jumpserver/api.py index 5066bca8c..a431579ee 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -440,7 +440,10 @@ class Juser(object): class Jasset(object): - + """ + Jumpserver asset class + Jumpserver资产类 + """ def __init__(self, ip=None, id=None): if ip: asset = Asset.objects.filter(ip=ip) @@ -453,10 +456,6 @@ class Jasset(object): asset = asset[0] self.asset = asset self.id = asset.id - # self.ip = asset.ip - # self.id = asset.id - # self.port = asset.port - # self.comment = asset.comment else: self.id = None @@ -482,7 +481,7 @@ class Jasset(object): else: return False - def get__user(self): + def get_user(self): perm_list = [] asset_group_all = self.asset.bis_group.all() for asset_group in asset_group_all: @@ -500,7 +499,10 @@ class Jasset(object): class JassetGroup(object): - + """ + Jumpserver AssetGroup class + Jumpserver 资产组类 + """ def __init__(self, name=None, id=None): if id: asset_group = BisGroup.objects.filter(id=int(id)) @@ -548,6 +550,30 @@ class JassetGroup(object): def get_asset_num(self): return len(self.get_asset()) + def get_user_group(self): + perm_list = self.asset_group.perm_set.all() + user_group_list = [] + for perm in perm_list: + user_group_list.append(perm.user_group) + return user_group_list + + def get_user(self): + user_list = [] + user_group_list = self.get_user_group() + for user_group in user_group_list: + user_list.extend(user_group.user_set.all()) + return user_list + + def is_permed(self, user=None, user_group=None): + if user: + if user in self.get_user(): + return True + + if user_group: + if user_group in self.get_user_group(): + return True + return False + # def asset_perm_api(asset): # if asset: diff --git a/juser/models.py b/juser/models.py index d7efd7a28..b309effe4 100644 --- a/juser/models.py +++ b/juser/models.py @@ -31,7 +31,7 @@ class User(models.Model): role = models.CharField(max_length=2, choices=USER_ROLE_CHOICES, default='CU') dept = models.ForeignKey(DEPT) group = models.ManyToManyField(UserGroup) - ldap_pwd = models.CharField(max_length=100) + ldap_pwd = models.CharField(max_length=128) ssh_key_pwd = models.CharField(max_length=100) is_active = models.BooleanField(default=True) last_login = models.DateTimeField(null=True)