github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

update

pull/26/head
liuzheng712 2015-10-27 23:34:38 +08:00
parent 8e9f22537f
commit f8c8c3deff
3 changed files with 55 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
jumpserver/api.py
View File

@ -492,7 +492,7 @@ def require_role(role='user'):
def _deco(func):
def __deco(request, *args, **kwargs):
if role == 'user':
if not request.session.get('user_id'):
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/')
elif role == 'admin':
if request.session.get('role_id', 0) < 1:
@ -522,13 +522,14 @@ def get_session_user_dept(request):
get department of the user in session
获取session中用户的部门
"""
user_id = request.session.get('user_id', 0)
print '#' * 20
print user_id
user = User.objects.filter(id=user_id)
if user:
user = user[0]
return user, None
# user_id = request.session.get('user_id', 0)
# print '#' * 20
# print user_id
# user = User.objects.filter(id=user_id)
# if user:
# user = user[0]
# return user, None
return request.user, None
@require_role
@ -537,18 +538,18 @@ def get_session_user_info(request):
get the user info of the user in session, for example id, username etc.
获取用户的信息
"""
user_id = request.session.get('user_id', 0)
user = get_object(User, id=user_id)
if user:
return [user.id, user.username, user]
# user_id = request.session.get('user_id', 0)
# user = get_object(User, id=user_id)
# if user:
# return [user.id, user.username, user]
return [request.user.id, request.user.username, request.user]
def get_user_dept(request):
"""
get the user dept id
获取用户的部门id
"""
user_id = request.session.get('user_id')
user_id = request.user.id
if user_id:
user_dept = User.objects.get(id=user_id).dept
return user_dept.id

57
jumpserver/views.py
View File

@ -12,7 +12,7 @@ from django.http import HttpResponse
# from jperm.models import Apply
import paramiko
from jumpserver.api import *
from django.contrib.auth import authenticate,logout,login
def getDaysByNum(num):
@ -49,7 +49,7 @@ def get_data(data, items, option):
@require_role(role='user')
def index_cu(request):
user_id = request.session.get('user_id')
user_id = request.user.id
user = get_object(User, id=user_id)
login_types = {'L': 'LDAP', 'M': 'MAP'}
username = user.username
@ -193,40 +193,49 @@ def is_latest():
pass
def login(request):
def Login(request):
"""登录界面"""
if request.session.get('username'):
if not request.user.is_authenticated():
return HttpResponseRedirect('/')
if request.method == 'GET':
return render_to_response('login.html')
else:
username = request.POST.get('username')
password = request.POST.get('password')
user_filter = User.objects.filter(username=username)
if user_filter:
user = user_filter[0]
if PyCrypt.md5_crypt(password) == user.password:
request.session['user_id'] = user.id
user_filter.update(last_login=datetime.datetime.now())
if user.role == 'SU':
request.session['role_id'] = 2
elif user.role == 'GA':
request.session['role_id'] = 1
else:
request.session['role_id'] = 0
response = HttpResponseRedirect('/', )
response.set_cookie('username', username, expires=604800)
response.set_cookie('seed', PyCrypt.md5_crypt(password), expires=604800)
return response
else:
error = '密码错误,请重新输入。'
if username and password:
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
# c = {}
# c.update(csrf(request))
# request.session['csrf_token'] = str(c.get('csrf_token'))
# user_filter = User.objects.filter(username=username)
# if user_filter:
# user = user_filter[0]
# if PyCrypt.md5_crypt(password) == user.password:
# request.session['user_id'] = user.id
# user_filter.update(last_login=datetime.datetime.now())
if user.role == 'SU':
request.session['role_id'] = 2
elif user.role == 'GA':
request.session['role_id'] = 1
else:
request.session['role_id'] = 0
return HttpResponseRedirect('/', )
# response.set_cookie('username', username, expires=604800)
# response.set_cookie('seed', PyCrypt.md5_crypt(password), expires=604800)
# return response
# else:
# error = '密码错误,请重新输入。'
else:
error = '用户不存在。'
error = '用户名或密码错误'
return render_to_response('login.html', {'error': error})
def logout(request):
def Logout(request):
request.session.delete()
logout(request)
return HttpResponseRedirect('/login/')
#

11
juser/views.py
View File

@ -394,7 +394,7 @@ def user_list(request):
def user_detail(request):
header_title, path1, path2 = '用户详情', '用户管理', '用户详情'
if request.session.get('role_id') == 0:
user_id = request.session.get('user_id')
user_id = request.user.id
else:
user_id = request.GET.get('id', '')
# if request.session.get('role_id') == 1:
@ -617,7 +617,10 @@ def user_edit_adm(request):
def profile(request):
user_id = request.session.get('user_id')
a = request.user.id
a = request.user.groups
user_id = request.user.id
if not user_id:
return HttpResponseRedirect('/')
user = User.objects.get(id=user_id)
@ -626,7 +629,7 @@ def profile(request):
def change_info(request):
header_title, path1, path2 = '修改信息', '用户管理', '修改个人信息'
user_id = request.session.get('user_id')
user_id = request.user.id
user = get_object(User, id=user_id)
error = ''
if not user:
@ -673,7 +676,7 @@ def down_key(request):
user_id = request.GET.get('id')
if is_role_request(request, 'user'):
user_id = request.session.get('user_id')
user_id = request.user.id
if user_id:
user = get_object(User, id=user_id)