# coding:utf-8 import ast from django.db.models import Q from django.template import RequestContext from django.shortcuts import get_object_or_404 from jperm.models import Perm from jumpserver.api import * cryptor = PyCrypt(KEY) class RaiseError(Exception): pass def my_render(template, data, request): return render_to_response(template, data, context_instance=RequestContext(request)) def get_host_groups(groups): """ 获取主机所属的组类 """ ret = [] for group_id in groups: group = BisGroup.objects.filter(id=group_id) if group: group = group[0] ret.append(group) group_all = get_object_or_404(BisGroup, name='ALL') ret.append(group_all) return ret def get_host_depts(depts): """ 获取主机所属的部门类 """ ret = [] for dept_id in depts: dept = DEPT.objects.filter(id=dept_id) if dept: dept = dept[0] ret.append(dept) return ret def db_host_insert(host_info, username='', password=''): """ 添加主机时数据库操作函数 """ ip, port, idc, jtype, group, dept, active, comment = host_info idc = IDC.objects.filter(id=idc) if idc: idc = idc[0] if jtype == 'M': password = cryptor.encrypt(password) a = Asset(ip=ip, port=port, login_type=jtype, idc=idc, is_active=int(active), comment=comment, username=username, password=password) else: a = Asset(ip=ip, port=port, login_type=jtype, idc=idc, is_active=int(active), comment=comment) a.save() all_group = BisGroup.objects.get(name='ALL') groups = get_host_groups(group) groups.append(all_group) depts = get_host_depts(dept) a.bis_group = groups a.dept = depts a.save() def db_host_update(host_info, username='', password=''): """ 修改主机时数据库操作函数 """ ip, port, idc, jtype, group, dept, active, comment, host = host_info idc = IDC.objects.filter(id=idc) if idc: idc = idc[0] groups = get_host_groups(group) depts = get_host_depts(dept) host.ip = ip host.port = port host.login_type = jtype host.idc = idc host.is_active = int(active) host.comment = comment if jtype == 'M': if password != host.password: password = cryptor.encrypt(password) host.password = password host.username = username host.password = password host.save() host.bis_group = groups host.dept = depts host.save() def batch_host_edit(host_info, j_user='', j_password=''): """ 批量修改主机函数 """ j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment = host_info groups, depts = [], [] is_active = {u'是': '1', u'否': '2'} login_types = {'LDAP': 'L', 'MAP': 'M'} a = Asset.objects.get(id=j_id) if '...' in j_group[0].split(): groups = a.bis_group.all() else: for group in j_group[0].split(): c = BisGroup.objects.get(name=group.strip()) groups.append(c) if '...' in j_dept[0].split(): depts = a.dept.all() else: for d in j_dept[0].split(): p = DEPT.objects.get(name=d.strip()) depts.append(p) j_type = login_types[j_type] j_idc = IDC.objects.get(name=j_idc) if j_type == 'M': if a.password != j_password: j_password = cryptor.decrypt(j_password) a.ip = j_ip a.port = j_port a.login_type = j_type a.idc = j_idc a.is_active = j_active a.comment = j_comment a.username = j_user a.password = j_password else: a.ip = j_ip a.port = j_port a.idc = j_idc a.login_type = j_type a.is_active = is_active[j_active] a.comment = j_comment a.save() a.bis_group = groups a.dept = depts a.save() def db_host_delete(request, host_id): """ 删除主机操作 """ if is_group_admin(request) and not validate(request, asset=[host_id]): return httperror(request, '删除失败, 您无权删除!') asset = Asset.objects.filter(id=host_id) if asset: asset.delete() else: return httperror(request, '删除失败, 没有此主机!') def db_idc_delete(request, idc_id): """ 删除IDC操作 """ if idc_id == 1: return httperror(request, '删除失败, 默认IDC不能删除!') default_idc = IDC.objects.get(id=1) idc = IDC.objects.filter(id=idc_id) if idc: idc_class = idc[0] idc_class.asset_set.update(idc=default_idc) idc.delete() else: return httperror(request, '删除失败, 没有这个IDC!') @require_admin def host_add(request): """ 添加主机 """ header_title, path1, path2 = u'添加主机', u'资产管理', u'添加主机' login_types = {'L': 'LDAP', 'M': 'MAP'} eidc = IDC.objects.exclude(name='ALL') if is_super_user(request): edept = DEPT.objects.all() egroup = BisGroup.objects.exclude(name='ALL') elif is_group_admin(request): dept = get_session_user_info(request)[5] egroup = dept.bisgroup_set.all() if request.method == 'POST': j_ip = request.POST.get('j_ip') j_idc = request.POST.get('j_idc') j_port = request.POST.get('j_port') j_type = request.POST.get('j_type') j_group = request.POST.getlist('j_group') j_active = request.POST.get('j_active') j_comment = request.POST.get('j_comment') if is_super_user(request): j_dept = request.POST.getlist('j_dept') host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment] elif is_group_admin(request): j_dept = request.POST.get('j_dept') host_info = [j_ip, j_port, j_idc, j_type, j_group, [j_dept], j_active, j_comment] if is_group_admin(request) and not validate(request, asset_group=j_group, edept=[j_dept]): return httperror(request, u'添加失败,您无权操作!') if Asset.objects.filter(ip=str(j_ip)): emg = u'该IP %s 已存在!' % j_ip return my_render('jasset/host_add.html', locals(), request) if j_type == 'M': j_user = request.POST.get('j_user') j_password = request.POST.get('j_password', '') db_host_insert(host_info, j_user, j_password) else: db_host_insert(host_info) smg = u'主机 %s 添加成功' % j_ip return my_render('jasset/host_add.html', locals(), request) @require_admin def host_add_batch(request): """ 批量添加主机 """ header_title, path1, path2 = u'批量添加主机', u'资产管理', u'批量添加主机' login_types = {'LDAP': 'L', 'MAP': 'M'} active_types = {'激活': 1, '禁用': 0} dept_id = get_user_dept(request) if request.method == 'POST': multi_hosts = request.POST.get('j_multi').split('\n') for host in multi_hosts: if host == '': break j_ip, j_port, j_type, j_idc, j_groups, j_depts, j_active, j_comment = host.split() j_active = active_types[str(j_active)] j_group = ast.literal_eval(j_groups) j_dept = ast.literal_eval(j_depts) if j_type not in ['LDAP', 'MAP']: return httperror(request, u'没有%s这种登录方式!' %j_type) j_type = login_types[j_type] idc = IDC.objects.filter(name=j_idc) if idc: j_idc = idc[0].id else: return httperror(request, '添加失败, 没有%s这个IDC' % j_idc) group_ids, dept_ids = [], [] for group_name in j_group: group = BisGroup.objects.filter(name=group_name) if group: group_id = group[0].id else: return httperror(request, '添加失败, 没有%s这个主机组' % group_name) group_ids.append(group_id) for dept_name in j_dept: dept = DEPT.objects.filter(name=dept_name) if dept: dept_id = dept[0].id else: return httperror(request, '添加失败, 没有%s这个部门' % dept_name) dept_ids.append(dept_id) if is_group_admin(request) and not validate(request, asset_group=group_ids, edept=dept_ids): return httperror(request, '添加失败, 没有%s这个主机组' % group_name) if Asset.objects.filter(ip=str(j_ip)): return httperror(request, '添加失败, 改IP%s已存在' % j_ip) host_info = [j_ip, j_port, j_idc, j_type, group_ids, dept_ids, j_active, j_comment] db_host_insert(host_info) smg = u'批量添加添加成功' return my_render('jasset/host_add_multi.html', locals(), request) return my_render('jasset/host_add_multi.html', locals(), request) @require_admin def host_edit_batch(request): """ 批量修改主机 """ if request.method == 'POST': len_table = request.POST.get('len_table') for i in range(int(len_table)): j_id = "editable[" + str(i) + "][j_id]" j_ip = "editable[" + str(i) + "][j_ip]" j_port = "editable[" + str(i) + "][j_port]" j_dept = "editable[" + str(i) + "][j_dept]" j_idc = "editable[" + str(i) + "][j_idc]" j_type = "editable[" + str(i) + "][j_type]" j_group = "editable[" + str(i) + "][j_group]" j_active = "editable[" + str(i) + "][j_active]" j_comment = "editable[" + str(i) + "][j_comment]" j_id = request.POST.get(j_id).strip() j_ip = request.POST.get(j_ip).strip() j_port = request.POST.get(j_port).strip() j_dept = request.POST.getlist(j_dept) j_idc = request.POST.get(j_idc).strip() j_type = request.POST.get(j_type).strip() j_group = request.POST.getlist(j_group) j_active = request.POST.get(j_active).strip() j_comment = request.POST.get(j_comment).strip() host_info = [j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment] batch_host_edit(host_info) return HttpResponseRedirect('/jasset/host_list/') @require_login def host_edit_common_batch(request): """ 普通用户批量修改主机别名 """ u = get_session_user_info(request)[2] if request.method == 'POST': len_table = request.POST.get('len_table') for i in range(int(len_table)): j_id = "editable[" + str(i) + "][j_id]" j_alias = "editable[" + str(i) + "][j_alias]" j_id = request.POST.get(j_id, '').strip() j_alias = request.POST.get(j_alias, '').strip() a = Asset.objects.get(id=j_id) asset_alias = AssetAlias.objects.filter(user=u, host=a) if asset_alias: asset_alias = asset_alias[0] asset_alias.alias = j_alias asset_alias.save() else: AssetAlias.objects.create(user=u, host=a, alias=j_alias) return my_render('jasset/host_list_common.html', locals(), request) @require_login def host_list(request): """ 列出主机 """ header_title, path1, path2 = u'查看主机', u'资产管理', u'查看主机' keyword = request.GET.get('keyword', '') dept_id = get_session_user_info(request)[3] dept = DEPT.objects.get(id=dept_id) did = request.GET.get('did', '') gid = request.GET.get('gid', '') sid = request.GET.get('sid', '') user_id = get_session_user_info(request)[0] post_all = Asset.objects.all().order_by('ip') post_keyword_all = Asset.objects.filter(Q(ip__contains=keyword) | Q(idc__name__contains=keyword) | Q(bis_group__name__contains=keyword) | Q(comment__contains=keyword)).distinct().order_by('ip') if did: if is_common_user(request): return httperror(request, u'您无权查看!') if is_group_admin(request): user, dept = get_session_user_dept(request) else: dept = DEPT.objects.get(id=did) posts = dept.asset_set.all() return my_render('jasset/host_list_nop.html', locals(), request) elif gid: if is_common_user(request): return httperror(request, u'您无权查看!') elif is_group_admin(request) and not validate(request, user_group=[gid]): return httperror(request, u'您无权查看!') posts = [] user_group = UserGroup.objects.filter(id=gid) if user_group: perms = Perm.objects.filter(user_group=user_group) for perm in perms: for post in perm.asset_group.asset_set.all(): posts.append(post) posts = list(set(posts)) else: return httperror(request, u'没有这个小组!') return my_render('jasset/host_list_nop.html', locals(), request) elif sid: if is_common_user(request): return httperror(request, u'您无权查看!') elif is_group_admin(request) and not validate(request, user_group=[sid]): return httperror(request, u'您无权查看!') posts, asset_groups = [], [] user_group = UserGroup.objects.filter(id=int(sid)) if user_group: user_group = user_group[0] for perm in user_group.sudoperm_set.all(): asset_groups.extend(perm.asset_group.all()) for asset_group in asset_groups: posts.extend(asset_group.asset_set.all()) posts = list(set(posts)) else: return httperror(request, u'没有这个sudo授权!') return my_render('jasset/host_list_nop.html', locals(), request) else: if is_super_user(request): if keyword: posts = post_keyword_all else: posts = post_all contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return my_render('jasset/host_list.html', locals(), request) elif is_group_admin(request): if keyword: posts = post_keyword_all.filter(dept=dept) else: posts = post_all.filter(dept=dept) contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return my_render('jasset/host_list.html', locals(), request) elif is_common_user(request): user_id, username = get_session_user_info(request)[0:2] posts = user_perm_asset_api(username) contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return my_render('jasset/host_list_common.html', locals(), request) @require_admin def host_del(request, offset): """ 删除主机 """ if offset == 'multi': len_list = request.POST.get("len_list") for i in range(int(len_list)): key = "id_list[" + str(i) + "]" host_id = request.POST.get(key) db_host_delete(request, host_id) else: db_host_delete(request, offset) return HttpResponseRedirect('/jasset/host_list/') @require_super_user def host_edit(request): """ 修改主机 """ header_title, path1, path2 = u'修改主机', u'资产管理', u'修改主机' actives = {1: u'激活', 0: u'禁用'} login_types = {'L': 'LDAP', 'M': 'MAP'} eidc = IDC.objects.all() egroup = BisGroup.objects.exclude(name='ALL') edept = DEPT.objects.all() host_id = request.GET.get('id', '') post = Asset.objects.filter(id=int(host_id)) if post: post = post[0] else: return httperror(request, '没有此主机!') e_group = post.bis_group.all() e_dept = post.dept.all() if request.method == 'POST': j_ip = request.POST.get('j_ip', '') j_idc = request.POST.get('j_idc', '') j_port = request.POST.get('j_port', '') j_type = request.POST.get('j_type', '') j_dept = request.POST.getlist('j_dept', '') j_group = request.POST.getlist('j_group', '') j_active = request.POST.get('j_active', '') j_comment = request.POST.get('j_comment', '') host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment, post] if j_type == 'M': j_user = request.POST.get('j_user') j_password = request.POST.get('j_password') db_host_update(host_info, j_user, j_password) else: db_host_update(host_info) smg = u'主机 %s 修改成功' % j_ip return HttpResponseRedirect('/jasset/host_detail/?id=%s' % host_id) return my_render('jasset/host_edit.html', locals(), request) @require_admin def host_edit_adm(request): """ 部门管理员修改主机 """ header_title, path1, path2 = u'修改主机', u'资产管理', u'修改主机' actives = {1: u'激活', 0: u'禁用'} login_types = {'L': 'LDAP', 'M': 'MAP'} eidc = IDC.objects.all() dept = get_session_user_info(request)[5] egroup = BisGroup.objects.exclude(name='ALL').filter(dept=dept) host_id = request.GET.get('id', '') post = Asset.objects.filter(id=int(host_id)) if post: post = post[0] else: return httperror(request, '没有此主机!') e_group = post.bis_group.all() if request.method == 'POST': j_ip = request.POST.get('j_ip') j_idc = request.POST.get('j_idc') j_port = request.POST.get('j_port') j_type = request.POST.get('j_type') j_dept = request.POST.getlist('j_dept') j_group = request.POST.getlist('j_group') j_active = request.POST.get('j_active') j_comment = request.POST.get('j_comment') host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment] if not validate(request, asset_group=j_group, edept=j_dept): emg = u'修改失败,您无权操作!' return my_render('jasset/host_edit.html', locals(), request) if j_type == 'M': j_user = request.POST.get('j_user') j_password = request.POST.get('j_password') db_host_update(host_info, j_user, j_password, post) else: db_host_update(host_info, post) smg = u'主机 %s 修改成功' % j_ip return HttpResponseRedirect('/jasset/host_detail/?id=%s' % host_id) return my_render('jasset/host_edit.html', locals(), request) @require_login def host_detail(request): """ 主机详情 """ header_title, path1, path2 = u'主机详细信息', u'资产管理', u'主机详情' host_id = request.GET.get('id', '') post = Asset.objects.filter(id=host_id) if not post: return httperror(request, '没有此主机!') post = post[0] if is_group_admin(request) and not validate(request, asset=[host_id]): return httperror(request, '您无权查看!') elif is_common_user(request): username = get_session_user_info(request)[1] user_permed_hosts = user_perm_asset_api(username) if post not in user_permed_hosts: return httperror(request, '您无权查看!') else: log_all = Log.objects.filter(host=post.ip) log, log_more = log_all[:10], log_all[10:] user_permed_list = asset_perm_api(post) return my_render('jasset/host_detail.html', locals(), request) @require_super_user def idc_add(request): """ 添加IDC """ header_title, path1, path2 = u'添加IDC', u'资产管理', u'添加IDC' if request.method == 'POST': j_idc = request.POST.get('j_idc') j_comment = request.POST.get('j_comment') if IDC.objects.filter(name=j_idc): emg = u'该IDC已存在!' return my_render('jasset/idc_add.html', locals(), request) else: smg = u'IDC:%s添加成功' % j_idc IDC.objects.create(name=j_idc, comment=j_comment) return my_render('jasset/idc_add.html', locals(), request) @require_admin def idc_list(request): """ 列出IDC """ header_title, path1, path2 = u'查看IDC', u'资产管理', u'查看IDC' dept_id = get_user_dept(request) dept = DEPT.objects.get(id=dept_id) keyword = request.GET.get('keyword', '') if keyword: posts = IDC.objects.filter(Q(name__contains=keyword) | Q(comment__contains=keyword)) else: posts = IDC.objects.exclude(name='ALL').order_by('id') contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return my_render('jasset/idc_list.html', locals(), request) @require_super_user def idc_edit(request): """ 修改IDC """ header_title, path1, path2 = u'编辑IDC', u'资产管理', u'编辑IDC' idc_id = request.GET.get('id', '') idc = IDC.objects.filter(id=idc_id) if int(idc_id) == 1: return httperror(request, u'默认IDC不能编辑!') if idc: idc = idc[0] default = IDC.objects.get(id=1).asset_set.all() eposts = Asset.objects.filter(idc=idc).order_by('ip') posts = [g for g in default if g not in eposts] else: return httperror(request, u'此IDC不存在') if request.method == 'POST': idc_id = request.POST.get('id') j_idc = request.POST.get('j_idc') j_hosts = request.POST.getlist('j_hosts') j_comment = request.POST.get('j_comment') idc_default = request.POST.getlist('idc_default') idc = IDC.objects.filter(id=idc_id) if idc: idc.update(name=j_idc, comment=j_comment) for host_id in j_hosts: Asset.objects.filter(id=host_id).update(idc=idc[0]) i = IDC.objects.get(id=1) for host in idc_default: g = Asset.objects.filter(id=host).update(idc=i) else: return httperror(request, u'此IDC不存在') return HttpResponseRedirect('/jasset/idc_list/?id=%s' % idc_id) return my_render('jasset/idc_edit.html', locals(), request) @require_admin def idc_detail(request): """ IDC详情 """ header_title, path1, path2 = u'IDC详情', u'资产管理', u'IDC详情' login_types = {'L': 'LDAP', 'M': 'MAP'} idc_id = request.GET.get('id', '') idc_filter = IDC.objects.filter(id=idc_id) if idc_filter: idc = idc_filter[0] else: return httperror(request, '没有此IDC') dept = get_session_user_info(request)[5] if is_super_user(request): posts = Asset.objects.filter(idc=idc).order_by('ip') elif is_group_admin(request): posts = Asset.objects.filter(idc=idc, dept=dept).order_by('ip') contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return my_render('jasset/idc_detail.html', locals(), request) @require_super_user def idc_del(request): """ 删除IDC """ offset = request.GET.get('id', '') if offset == 'multi': len_list = request.POST.get("len_list") for i in range(int(len_list)): key = "id_list[" + str(i) + "]" idc_id = request.POST.get(key) db_idc_delete(request, int(idc_id)) else: db_idc_delete(request, int(offset)) return HttpResponseRedirect('/jasset/idc_list/') @require_admin def group_add(request): """ 添加主机组 """ header_title, path1, path2 = u'添加主机组', u'资产管理', u'添加主机组' if is_super_user(request): posts = Asset.objects.all() edept = DEPT.objects.all() elif is_group_admin(request): dept_id = get_user_dept(request) dept = DEPT.objects.get(id=dept_id) posts = Asset.objects.filter(dept=dept) edept = get_session_user_info(request)[5] if request.method == 'POST': j_group = request.POST.get('j_group', '') j_dept = request.POST.get('j_dept', '') j_hosts = request.POST.getlist('j_hosts', '') j_comment = request.POST.get('j_comment', '') try: if is_group_admin(request) and not validate(request, asset=j_hosts, edept=[j_dept]): emg = u'添加失败, 您无权操作!' raise RaiseError elif BisGroup.objects.filter(name=j_group): emg = u'添加失败, 该主机组已存在!' raise RaiseError except RaiseError: pass else: j_dept = DEPT.objects.filter(id=j_dept)[0] group = BisGroup.objects.create(name=j_group, dept=j_dept, comment=j_comment) for host in j_hosts: g = Asset.objects.get(id=host) group.asset_set.add(g) smg = u'主机组 %s 添加成功' % j_group return my_render('jasset/group_add.html', locals(), request) @require_admin def group_list(request): """ 列出主机组 """ header_title, path1, path2 = u'查看主机组', u'资产管理', u'查看主机组' dept_id = get_user_dept(request) dept = DEPT.objects.get(id=dept_id) keyword = request.GET.get('keyword', '') gid = request.GET.get('gid') sid = request.GET.get('sid') if gid: if is_common_user(request): return httperror(request, u'您无权查看!') elif is_group_admin(request) and not validate(request, user_group=[gid]): return httperror(request, u'您无权查看!') posts = [] user_group = UserGroup.objects.filter(id=gid) if user_group: user_group = user_group[0] perms = Perm.objects.filter(user_group=user_group) for perm in perms: posts.append(perm.asset_group) elif sid: if is_common_user(request): return httperror(request, u'您无权查看!') elif is_group_admin(request) and not validate(request, user_group=[sid]): return httperror(request, u'您无权查看!') posts = [] user_group = UserGroup.objects.filter(id=sid) if user_group: user_group = user_group[0] for perm in user_group.sudoperm_set.all(): posts.extend(perm.asset_group.all()) posts = list(set(posts)) else: return httperror(request, u'没有此sudo授权!') else: if is_super_user(request): if keyword: posts = BisGroup.objects.exclude(name='ALL').filter( Q(name__contains=keyword) | Q(comment__contains=keyword)) else: posts = BisGroup.objects.exclude(name='ALL').order_by('id') elif is_group_admin(request): if keyword: posts = BisGroup.objects.filter(Q(name__contains=keyword) | Q(comment__contains=keyword)).filter( dept=dept) else: posts = BisGroup.objects.filter(dept=dept).order_by('id') contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return my_render('jasset/group_list.html', locals(), request) @require_admin def group_edit(request): """ 修改主机组 """ header_title, path1, path2 = u'编辑主机组', u'资产管理', u'编辑主机组' group_id = request.GET.get('id', '') group = BisGroup.objects.filter(id=group_id) if group: group = group[0] else: httperror(request, u'没有这个主机组!') host_all = Asset.objects.all() dept_id = get_session_user_info(request)[3] eposts = Asset.objects.filter(bis_group=group) if is_group_admin(request) and not validate(request, asset_group=[group_id]): return httperror(request, '编辑失败, 您无权操作!') dept = DEPT.objects.filter(id=group.dept.id) if dept: dept = dept[0] else: return httperror(request, u'没有这个部门!') all_dept = dept.asset_set.all() posts = [g for g in all_dept if g not in eposts] if request.method == 'POST': j_group = request.POST.get('j_group', '') j_hosts = request.POST.getlist('j_hosts', '') j_dept = request.POST.get('j_dept', '') j_comment = request.POST.get('j_comment', '') j_dept = DEPT.objects.filter(id=int(j_dept)) j_dept = j_dept[0] group.asset_set.clear() for host in j_hosts: g = Asset.objects.get(id=host) group.asset_set.add(g) BisGroup.objects.filter(id=group_id).update(name=j_group, dept=j_dept, comment=j_comment) smg = u'主机组%s修改成功' % j_group return HttpResponseRedirect('/jasset/group_list') return my_render('jasset/group_edit.html', locals(), request) @require_admin def group_detail(request): """ 主机组详情 """ header_title, path1, path2 = u'主机组详情', u'资产管理', u'主机组详情' login_types = {'L': 'LDAP', 'M': 'MAP'} dept = get_session_user_info(request)[5] group_id = request.GET.get('id', '') group = BisGroup.objects.get(id=group_id) if is_super_user(request): posts = Asset.objects.filter(bis_group=group).order_by('ip') elif is_group_admin(request): if not validate(request, asset_group=[group_id]): return httperror(request, u'您无权查看!') posts = Asset.objects.filter(bis_group=group).filter(dept=dept).order_by('ip') contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return my_render('jasset/group_detail.html', locals(), request) @require_admin def group_del_host(request): """ 主机组中剔除主机, 并不删除真实主机 """ if request.method == 'POST': group_id = request.POST.get('group_id') offset = request.GET.get('id', '') group = BisGroup.objects.get(id=group_id) if offset == 'group': len_list = request.POST.get("len_list") for i in range(int(len_list)): key = "id_list[" + str(i) + "]" jid = request.POST.get(key) g = Asset.objects.get(id=jid) group.asset_set.remove(g) else: offset = request.GET.get('id', '') group_id = request.GET.get('gid', '') group = BisGroup.objects.get(id=group_id) g = Asset.objects.get(id=offset) group.asset_set.remove(g) return HttpResponseRedirect('/jasset/group_detail/?id=%s' % group.id) @require_admin def group_del(request): """ 删除主机组 """ offset = request.GET.get('id', '') if offset == 'multi': len_list = request.POST.get("len_list") for i in range(int(len_list)): key = "id_list[" + str(i) + "]" gid = request.POST.get(key) if is_group_admin(request) and not validate(request, asset_group=[gid]): return httperror(request, '删除失败, 您无权删除!') BisGroup.objects.filter(id=gid).delete() else: gid = int(offset) if is_group_admin(request) and not validate(request, asset_group=[gid]): return httperror(request, '删除失败, 您无权删除!') BisGroup.objects.filter(id=gid).delete() return HttpResponseRedirect('/jasset/group_list/') @require_admin def dept_host_ajax(request): """ 添加主机组时, 部门联动主机异步 """ dept_id = request.GET.get('id', '') if dept_id not in ['1', '2']: dept = DEPT.objects.filter(id=dept_id) if dept: dept = dept[0] hosts = dept.asset_set.all() else: hosts = Asset.objects.all() return my_render('jasset/dept_host_ajax.html', locals(), request) def show_all_ajax(request): """ 批量修改主机时, 部门和组全部显示 """ env = request.GET.get('env', '') get_id = request.GET.get('id', '') host = Asset.objects.filter(id=get_id) if host: host = host[0] return my_render('jasset/show_all_ajax.html', locals(), request) @require_login def host_search(request): """ 搜索主机 """ keyword = request.GET.get('keyword') login_types = {'L': 'LDAP', 'M': 'MAP'} dept = get_session_user_info(request)[5] post_all = Asset.objects.filter(Q(ip__contains=keyword) | Q(idc__name__contains=keyword) | Q(bis_group__name__contains=keyword) | Q(comment__contains=keyword)).distinct().order_by('ip') if is_super_user(request): posts = post_all elif is_group_admin(request): posts = post_all.filter(dept=dept) elif is_common_user(request): user_id, username = get_session_user_info(request)[0:2] post_perm = user_perm_asset_api(username) posts = list(set(post_all) & set(post_perm)) contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return my_render('jasset/host_search.html', locals(), request)