mirror of https://github.com/jumpserver/jumpserver
Merge pull request #78 from jumpserver/bug_fix_guang
#78 统一资产添加文案,修改添加用户流程,修复添加系统用户使用key推送,不生成密码pull/85/head
ibuler
commit
f79675b265
|
|
@ -512,10 +512,10 @@ def perm_role_push(request):
|
||||||
task = MyTask(push_resource)
|
task = MyTask(push_resource)
|
||||||
ret = {}
|
ret = {}
|
||||||
|
|
||||||
# 因为要先建立用户,所以password 是必选项,而push key是在 password也完成的情况下的 可选项
|
# 因为要先建立用户,而push key是在 password也完成的情况下的 可选项
|
||||||
# 1. 以秘钥 方式推送角色
|
# 1. 以秘钥 方式推送角色
|
||||||
if key_push:
|
if key_push:
|
||||||
ret["pass_push"] = task.add_user(role.name, CRYPTOR.decrypt(role.password))
|
ret["pass_push"] = task.add_user(role.name)
|
||||||
ret["key_push"] = task.push_key(role.name, os.path.join(role.key_path, 'id_rsa.pub'))
|
ret["key_push"] = task.push_key(role.name, os.path.join(role.key_path, 'id_rsa.pub'))
|
||||||
|
|
||||||
# 2. 推送账号密码
|
# 2. 推送账号密码
|
||||||
|
|
|
||||||
|
|
@ -137,7 +137,7 @@ def gen_ssh_key(username, password='',
|
||||||
|
|
||||||
if authorized_keys:
|
if authorized_keys:
|
||||||
auth_key_dir = os.path.join(home, username, '.ssh')
|
auth_key_dir = os.path.join(home, username, '.ssh')
|
||||||
mkdir(auth_key_dir, username=username , mode=0700)
|
mkdir(auth_key_dir, username=username, mode=0700)
|
||||||
authorized_key_file = os.path.join(auth_key_dir, 'authorized_keys')
|
authorized_key_file = os.path.join(auth_key_dir, 'authorized_keys')
|
||||||
with open(private_key_file+'.pub') as pub_f:
|
with open(private_key_file+'.pub') as pub_f:
|
||||||
with open(authorized_key_file, 'w') as auth_f:
|
with open(authorized_key_file, 'w') as auth_f:
|
||||||
|
|
@ -146,14 +146,12 @@ def gen_ssh_key(username, password='',
|
||||||
chown(authorized_key_file, username)
|
chown(authorized_key_file, username)
|
||||||
|
|
||||||
|
|
||||||
def server_add_user(username, password, ssh_key_pwd='', ssh_key_login_need=True):
|
def server_add_user(username, ssh_key_pwd=''):
|
||||||
"""
|
"""
|
||||||
add a system user in jumpserver
|
add a system user in jumpserver
|
||||||
在jumpserver服务器上添加一个用户
|
在jumpserver服务器上添加一个用户
|
||||||
"""
|
"""
|
||||||
bash("useradd -s '%s' '%s'; echo '%s'; echo '%s:%s' | chpasswd " %
|
bash("useradd -s '%s' '%s'" % (os.path.join(BASE_DIR, 'init.sh'), username))
|
||||||
(os.path.join(BASE_DIR, 'init.sh'), username, password, username, password))
|
|
||||||
if ssh_key_login_need:
|
|
||||||
gen_ssh_key(username, ssh_key_pwd)
|
gen_ssh_key(username, ssh_key_pwd)
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -171,7 +169,7 @@ def user_add_mail(user, kwargs):
|
||||||
您的web登录密码: %s
|
您的web登录密码: %s
|
||||||
您的ssh密钥文件密码: %s
|
您的ssh密钥文件密码: %s
|
||||||
密钥下载地址: %s/juser/key/down/?uuid=%s
|
密钥下载地址: %s/juser/key/down/?uuid=%s
|
||||||
说明: 请登陆后再下载密钥!
|
说明: 请登陆跳板机后台下载密钥, 然后使用密钥登陆跳板机!
|
||||||
""" % (user.name, user.username, user_role.get(user.role, u'普通用户'),
|
""" % (user.name, user.username, user_role.get(user.role, u'普通用户'),
|
||||||
kwargs.get('password'), kwargs.get('ssh_key_pwd'), URL, user.uuid)
|
kwargs.get('password'), kwargs.get('ssh_key_pwd'), URL, user.uuid)
|
||||||
send_mail(mail_title, mail_msg, MAIL_FROM, [user.email], fail_silently=False)
|
send_mail(mail_title, mail_msg, MAIL_FROM, [user.email], fail_silently=False)
|
||||||
|
|
@ -185,27 +183,17 @@ def server_del_user(username):
|
||||||
bash('userdel -r %s' % username)
|
bash('userdel -r %s' % username)
|
||||||
|
|
||||||
|
|
||||||
def get_display_msg(user, password, ssh_key_pwd, ssh_key_login_need, send_mail_need):
|
def get_display_msg(user, password='', ssh_key_pwd='', send_mail_need=False):
|
||||||
if send_mail_need:
|
if send_mail_need:
|
||||||
msg = u'添加用户 %s 成功! 用户密码已发送到 %s 邮箱!' % (user.name, user.email)
|
msg = u'添加用户 %s 成功! 用户密码已发送到 %s 邮箱!' % (user.name, user.email)
|
||||||
return msg
|
|
||||||
|
|
||||||
if ssh_key_login_need:
|
|
||||||
msg = u"""
|
|
||||||
跳板机地址: %s
|
|
||||||
用户名:%s
|
|
||||||
密码:%s
|
|
||||||
密钥密码:%s
|
|
||||||
密钥下载url: %s/juser/key/down/?uuid=%s
|
|
||||||
该账号密码可以登陆web和跳板机。
|
|
||||||
""" % (URL, user.username, password, ssh_key_pwd, URL, user.uuid)
|
|
||||||
else:
|
else:
|
||||||
msg = u"""
|
msg = u"""
|
||||||
跳板机地址: %s \n
|
跳板机地址: %s <br />
|
||||||
用户名:%s \n
|
用户名:%s <br />
|
||||||
密码:%s \n
|
密码:%s <br />
|
||||||
|
密钥密码:%s <br />
|
||||||
|
密钥下载url: %s/juser/key/down/?uuid=%s <br />
|
||||||
该账号密码可以登陆web和跳板机。
|
该账号密码可以登陆web和跳板机。
|
||||||
""" % (URL, user.username, password)
|
""" % (URL, user.username, password, ssh_key_pwd, URL, user.uuid)
|
||||||
|
|
||||||
return msg
|
return msg
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -153,8 +153,7 @@ def user_add(request):
|
||||||
ssh_key_pwd = PyCrypt.gen_rand_pass(16)
|
ssh_key_pwd = PyCrypt.gen_rand_pass(16)
|
||||||
extra = request.POST.getlist('extra', [])
|
extra = request.POST.getlist('extra', [])
|
||||||
is_active = False if '0' in extra else True
|
is_active = False if '0' in extra else True
|
||||||
ssh_key_login_need = True
|
send_mail_need = True if '1' in extra else False
|
||||||
send_mail_need = True if '2' in extra else False
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
if '' in [username, password, ssh_key_pwd, name, role]:
|
if '' in [username, password, ssh_key_pwd, name, role]:
|
||||||
|
|
@ -176,7 +175,7 @@ def user_add(request):
|
||||||
ssh_key_pwd=ssh_key_pwd,
|
ssh_key_pwd=ssh_key_pwd,
|
||||||
is_active=is_active,
|
is_active=is_active,
|
||||||
date_joined=datetime.datetime.now())
|
date_joined=datetime.datetime.now())
|
||||||
server_add_user(username, password, ssh_key_pwd, ssh_key_login_need)
|
server_add_user(username=username, ssh_key_pwd=ssh_key_pwd)
|
||||||
user = get_object(User, username=username)
|
user = get_object(User, username=username)
|
||||||
if groups:
|
if groups:
|
||||||
user_groups = []
|
user_groups = []
|
||||||
|
|
@ -193,7 +192,7 @@ def user_add(request):
|
||||||
else:
|
else:
|
||||||
if MAIL_ENABLE and send_mail_need:
|
if MAIL_ENABLE and send_mail_need:
|
||||||
user_add_mail(user, kwargs=locals())
|
user_add_mail(user, kwargs=locals())
|
||||||
msg = get_display_msg(user, password, ssh_key_pwd, ssh_key_login_need, send_mail_need)
|
msg = get_display_msg(user, password=password, ssh_key_pwd=ssh_key_pwd, send_mail_need=send_mail_need)
|
||||||
return my_render('juser/user_add.html', locals(), request)
|
return my_render('juser/user_add.html', locals(), request)
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -361,7 +360,7 @@ def user_edit(request):
|
||||||
admin_groups = request.POST.getlist('admin_groups', [])
|
admin_groups = request.POST.getlist('admin_groups', [])
|
||||||
extra = request.POST.getlist('extra', [])
|
extra = request.POST.getlist('extra', [])
|
||||||
is_active = True if '0' in extra else False
|
is_active = True if '0' in extra else False
|
||||||
email_need = True if '2' in extra else False
|
email_need = True if '1' in extra else False
|
||||||
user_role = {'SU': u'超级管理员', 'GA': u'部门管理员', 'CU': u'普通用户'}
|
user_role = {'SU': u'超级管理员', 'GA': u'部门管理员', 'CU': u'普通用户'}
|
||||||
|
|
||||||
if user_id:
|
if user_id:
|
||||||
|
|
|
||||||
|
|
@ -50,24 +50,23 @@
|
||||||
|
|
||||||
<div class="hr-line-dashed"></div>
|
<div class="hr-line-dashed"></div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="j_group" class="col-sm-2 control-label">管理账号<span class="red-fonts"> *</span></label>
|
<label for="j_group" class="col-sm-2 control-label">管理用户<span class="red-fonts"> *</span></label>
|
||||||
<div class="col-sm-2">
|
<div class="col-sm-2">
|
||||||
<div class="radio i-checks">
|
<div class="radio i-checks">
|
||||||
<label>
|
<label style="padding-left: 0">
|
||||||
<input type="checkbox" checked="checked" id="id_use_default_auth" name="use_default_auth"><span> 使用默认 </span>
|
<input type="checkbox" checked="checked" id="id_use_default_auth" name="use_default_auth"><span> 使用默认 </span>
|
||||||
</label>
|
</label>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<p class="col-sm-offset-2">Tips: 管理账号是服务器存在的root等高权限账号,用来推送新建系统用户</p>
|
<p class="col-sm-offset-2">Tips: 管理用户是服务器存在的root或拥有sudo的用户,用来推送系统用户</p>
|
||||||
<div class="form-group" id="admin_account" style="display: none">
|
<div class="form-group" id="admin_account" style="display: none">
|
||||||
<div class="hr-line-dashed"></div>
|
<label class="col-sm-2 control-label"> <span class="red-fonts"></span> </label>
|
||||||
<label class="col-sm-2 control-label"> 管理用户名<span class="red-fonts">*</span> </label>
|
|
||||||
<div class="col-sm-3">
|
<div class="col-sm-3">
|
||||||
<input type="text" placeholder="Username" name="username" class="form-control">
|
<input type="text" placeholder="Username" name="username" class="form-control">
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<label class="col-sm-1 control-label"> 密码<span class="red-fonts">*</span> </label>
|
<label class="col-sm-1 control-label"> <span class="red-fonts"></span> </label>
|
||||||
<div class="col-sm-4">
|
<div class="col-sm-4">
|
||||||
<input type="password" placeholder="Password" name="password" class="form-control">
|
<input type="password" placeholder="Password" name="password" class="form-control">
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
|
|
@ -57,20 +57,19 @@
|
||||||
<label for="j_group" class="col-sm-2 control-label">管理账号 <span class="red-fonts">*</span></label>
|
<label for="j_group" class="col-sm-2 control-label">管理账号 <span class="red-fonts">*</span></label>
|
||||||
<div class="col-sm-2">
|
<div class="col-sm-2">
|
||||||
<div class="radio i-checks">
|
<div class="radio i-checks">
|
||||||
<label>
|
<label style="padding-left: 0">
|
||||||
<input type="checkbox" {% if asset.use_default_auth %} checked="checked" {% endif %} id="id_use_default_auth" name="use_default_auth"><span> 使用默认 </span>
|
<input type="checkbox" {% if asset.use_default_auth %} checked="checked" {% endif %} id="id_use_default_auth" name="use_default_auth"><span> 使用默认 </span>
|
||||||
</label>
|
</label>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="form-group" id="admin_account" {% if asset.use_default_auth %} style="display: none" {% endif %}>
|
<div class="form-group" id="admin_account" {% if asset.use_default_auth %} style="display: none" {% endif %}>
|
||||||
<div class="hr-line-dashed"></div>
|
<label class="col-sm-2 control-label"> </label>
|
||||||
<label class="col-sm-2 control-label"> 管理用户名 <span class="red-fonts">*</span> </label>
|
|
||||||
<div class="col-sm-3">
|
<div class="col-sm-3">
|
||||||
<input type="text" value="{{ asset.username }}" name="username" class="form-control">
|
<input type="text" value="{{ asset.username }}" name="username" class="form-control">
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<label class="col-sm-1 control-label"> 密码<span class="red-fonts">*</span> </label>
|
<label class="col-sm-1 control-label"> </label>
|
||||||
<div class="col-sm-4">
|
<div class="col-sm-4">
|
||||||
<input type="password" value="" name="password" placeholder="不填写即不更改密码." class="form-control">
|
<input type="password" value="" name="password" placeholder="不填写即不更改密码." class="form-control">
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,7 @@
|
||||||
<div class="alert alert-warning text-center">{{ error }}</div>
|
<div class="alert alert-warning text-center">{{ error }}</div>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if msg %}
|
{% if msg %}
|
||||||
<div class="alert alert-success text-center">{{ msg }}</div>
|
<div class="alert alert-success">{{ msg | safe }}</div>
|
||||||
{% endif %}
|
{% endif %}
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label for="username" class="col-sm-2 control-label">用户名<span class="red-fonts">*</span></label>
|
<label for="username" class="col-sm-2 control-label">用户名<span class="red-fonts">*</span></label>
|
||||||
|
|
@ -99,14 +99,9 @@
|
||||||
<label><input type="checkbox" value="0" name="extra" >禁用 </label>
|
<label><input type="checkbox" value="0" name="extra" >禁用 </label>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{# <div class="col-sm-2">#}
|
|
||||||
{# <div class="checkbox i-checks">#}
|
|
||||||
{# <label><input type="checkbox" value="1" name="extra">ssh key登录 </label>#}
|
|
||||||
{# </div>#}
|
|
||||||
{# </div>#}
|
|
||||||
<div class="col-sm-2">
|
<div class="col-sm-2">
|
||||||
<div class="checkbox i-checks">
|
<div class="checkbox i-checks">
|
||||||
<label><input type="checkbox" value="2" name="extra">发送邮件 </label>
|
<label><input type="checkbox" value="1" name="extra" checked>发送邮件 </label>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
|
|
@ -116,7 +116,7 @@
|
||||||
</div>
|
</div>
|
||||||
<div class="col-sm-2">
|
<div class="col-sm-2">
|
||||||
<div class="checkbox i-checks">
|
<div class="checkbox i-checks">
|
||||||
<label><input type="checkbox" value="2" name="extra">发送邮件 </label>
|
<label><input type="checkbox" value="1" name="extra">发送邮件 </label>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue