mirror of https://github.com/jumpserver/jumpserver
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
513 lines
18 KiB
513 lines
18 KiB
# coding:utf-8
|
|
|
|
import ast
|
|
|
|
from django.db.models import Q
|
|
from django.template import RequestContext
|
|
from django.shortcuts import get_object_or_404
|
|
|
|
from jasset.asset_api import *
|
|
from jumpserver.api import *
|
|
|
|
|
|
@require_role('admin')
|
|
def group_add(request):
|
|
"""
|
|
Add asset group
|
|
添加资产组
|
|
"""
|
|
header_title, path1, path2 = u'添加资产组', u'资产管理', u'添加资产组'
|
|
asset_all = Asset.objects.all()
|
|
|
|
if request.method == 'POST':
|
|
name = request.POST.get('name', '')
|
|
asset_select = request.POST.getlist('asset_select', [])
|
|
comment = request.POST.get('comment', '')
|
|
|
|
try:
|
|
if not name:
|
|
error = u'组名不能为空'
|
|
raise ServerError(error)
|
|
|
|
asset_group_test = get_object(AssetGroup, name=name)
|
|
if asset_group_test:
|
|
error = u"该组名 %s 已存在" % name
|
|
raise ServerError(error)
|
|
|
|
except ServerError:
|
|
pass
|
|
else:
|
|
db_add_group(name=name, comment=comment, asset_select=asset_select)
|
|
msg = u"主机组 %s 添加成功" % name
|
|
|
|
return my_render('jasset/group_add.html', locals(), request)
|
|
|
|
|
|
@require_role('admin')
|
|
def group_list(request):
|
|
"""
|
|
list asset group
|
|
列出资产组
|
|
"""
|
|
header_title, path1, path2 = u'查看资产组', u'资产管理', u'查看资产组'
|
|
keyword = request.GET.get('keyword', '')
|
|
gid = request.GET.get('gid')
|
|
sid = request.GET.get('sid')
|
|
asset_group_list = AssetGroup.objects.all()
|
|
|
|
if keyword:
|
|
asset_group_list = asset_group_list.filter(Q(name__contains=keyword) | Q(comment__contains=keyword))
|
|
|
|
asset_group_list, p, asset_groups, page_range, current_page, show_first, show_end = pages(asset_group_list, request)
|
|
return my_render('jasset/group_list.html', locals(), request)
|
|
|
|
|
|
@require_role('admin')
|
|
def group_del(request):
|
|
"""
|
|
del asset group
|
|
删除主机组
|
|
"""
|
|
group_ids = request.GET.get('id', '')
|
|
group_id_list = group_ids.split(',')
|
|
|
|
for group_id in group_id_list:
|
|
AssetGroup.objects.filter(id=group_id).delete()
|
|
|
|
return HttpResponse(u'删除成功')
|
|
|
|
|
|
@require_role('admin')
|
|
def asset_add(request):
|
|
"""
|
|
Asset add view
|
|
添加资产
|
|
"""
|
|
header_title, path1, path2 = u'添加资产', u'资产管理', u'添加资产'
|
|
asset_group_all = AssetGroup.objects.all()
|
|
if request.method == 'POST':
|
|
ip = request.POST.get('ip')
|
|
port = request.POST.get('port')
|
|
groups = request.POST.getlist('groups')
|
|
use_default_auth = True if request.POST.getlist('use_default_auth', []) else False
|
|
is_active = True if request.POST.get('is_active') else False
|
|
comment = request.POST.get('comment')
|
|
|
|
if not use_default_auth:
|
|
username = request.POST.get('username')
|
|
password = request.POST.get('password')
|
|
password_encode = CRYPTOR.encrypt(password)
|
|
else:
|
|
username = None
|
|
password_encode = None
|
|
|
|
try:
|
|
if Asset.objects.filter(ip=str(ip)):
|
|
error = u'该IP %s 已存在!' % ip
|
|
raise ServerError(error)
|
|
|
|
except ServerError:
|
|
pass
|
|
else:
|
|
db_asset_add(
|
|
ip=ip, port=port, use_default_auth=use_default_auth, is_active=is_active, comment=comment,
|
|
groups=groups, username=username, password=password_encode
|
|
)
|
|
|
|
msg = u'主机 %s 添加成功' % ip
|
|
|
|
return my_render('jasset/asset_add.html', locals(), request)
|
|
#
|
|
#
|
|
# @require_admin
|
|
# def host_add_batch(request):
|
|
# """ 批量添加主机 """
|
|
# header_title, path1, path2 = u'批量添加主机', u'资产管理', u'批量添加主机'
|
|
# login_types = {'LDAP': 'L', 'MAP': 'M'}
|
|
# active_types = {'激活': 1, '禁用': 0}
|
|
# dept_id = get_user_dept(request)
|
|
# if request.method == 'POST':
|
|
# multi_hosts = request.POST.get('j_multi').split('\n')
|
|
# for host in multi_hosts:
|
|
# if host == '':
|
|
# break
|
|
# j_ip, j_port, j_type, j_idc, j_groups, j_depts, j_active, j_comment = host.split()
|
|
# j_active = active_types[str(j_active)]
|
|
# j_group = ast.literal_eval(j_groups)
|
|
# j_dept = ast.literal_eval(j_depts)
|
|
#
|
|
# if j_type not in ['LDAP', 'MAP']:
|
|
# return httperror(request, u'没有%s这种登录方式!' %j_type)
|
|
#
|
|
# j_type = login_types[j_type]
|
|
# idc = IDC.objects.filter(name=j_idc)
|
|
# if idc:
|
|
# j_idc = idc[0].id
|
|
# else:
|
|
# return httperror(request, '添加失败, 没有%s这个IDC' % j_idc)
|
|
#
|
|
# group_ids, dept_ids = [], []
|
|
# for group_name in j_group:
|
|
# group = BisGroup.objects.filter(name=group_name)
|
|
# if group:
|
|
# group_id = group[0].id
|
|
# else:
|
|
# return httperror(request, '添加失败, 没有%s这个主机组' % group_name)
|
|
# group_ids.append(group_id)
|
|
#
|
|
# for dept_name in j_dept:
|
|
# dept = DEPT.objects.filter(name=dept_name)
|
|
# if dept:
|
|
# dept_id = dept[0].id
|
|
# else:
|
|
# return httperror(request, '添加失败, 没有%s这个部门' % dept_name)
|
|
# dept_ids.append(dept_id)
|
|
#
|
|
# if is_group_admin(request) and not validate(request, asset_group=group_ids, edept=dept_ids):
|
|
# return httperror(request, '添加失败, 没有%s这个主机组' % group_name)
|
|
#
|
|
# if Asset.objects.filter(ip=str(j_ip)):
|
|
# return httperror(request, '添加失败, 改IP%s已存在' % j_ip)
|
|
#
|
|
# host_info = [j_ip, j_port, j_idc, j_type, group_ids, dept_ids, j_active, j_comment]
|
|
# db_host_insert(host_info)
|
|
#
|
|
# smg = u'批量添加添加成功'
|
|
# return my_render('jasset/host_add_multi.html', locals(), request)
|
|
#
|
|
# return my_render('jasset/host_add_multi.html', locals(), request)
|
|
#
|
|
#
|
|
# @require_admin
|
|
# def host_edit_batch(request):
|
|
# """ 批量修改主机 """
|
|
# if request.method == 'POST':
|
|
# len_table = request.POST.get('len_table')
|
|
# for i in range(int(len_table)):
|
|
# j_id = "editable[" + str(i) + "][j_id]"
|
|
# j_ip = "editable[" + str(i) + "][j_ip]"
|
|
# j_port = "editable[" + str(i) + "][j_port]"
|
|
# j_dept = "editable[" + str(i) + "][j_dept]"
|
|
# j_idc = "editable[" + str(i) + "][j_idc]"
|
|
# j_type = "editable[" + str(i) + "][j_type]"
|
|
# j_group = "editable[" + str(i) + "][j_group]"
|
|
# j_active = "editable[" + str(i) + "][j_active]"
|
|
# j_comment = "editable[" + str(i) + "][j_comment]"
|
|
#
|
|
# j_id = request.POST.get(j_id).strip()
|
|
# j_ip = request.POST.get(j_ip).strip()
|
|
# j_port = request.POST.get(j_port).strip()
|
|
# j_dept = request.POST.getlist(j_dept)
|
|
# j_idc = request.POST.get(j_idc).strip()
|
|
# j_type = request.POST.get(j_type).strip()
|
|
# j_group = request.POST.getlist(j_group)
|
|
# j_active = request.POST.get(j_active).strip()
|
|
# j_comment = request.POST.get(j_comment).strip()
|
|
#
|
|
# host_info = [j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment]
|
|
# batch_host_edit(host_info)
|
|
#
|
|
# return HttpResponseRedirect('/jasset/host_list/')
|
|
#
|
|
#
|
|
# @require_role(role='user')
|
|
# def host_edit_common_batch(request):
|
|
# """ 普通用户批量修改主机别名 """
|
|
# u = get_session_user_info(request)[2]
|
|
# if request.method == 'POST':
|
|
# len_table = request.POST.get('len_table')
|
|
# for i in range(int(len_table)):
|
|
# j_id = "editable[" + str(i) + "][j_id]"
|
|
# j_alias = "editable[" + str(i) + "][j_alias]"
|
|
# j_id = request.POST.get(j_id, '').strip()
|
|
# j_alias = request.POST.get(j_alias, '').strip()
|
|
# a = Asset.objects.get(id=j_id)
|
|
# asset_alias = AssetAlias.objects.filter(user=u, host=a)
|
|
# if asset_alias:
|
|
# asset_alias = asset_alias[0]
|
|
# asset_alias.alias = j_alias
|
|
# asset_alias.save()
|
|
# else:
|
|
# AssetAlias.objects.create(user=u, host=a, alias=j_alias)
|
|
# return my_render('jasset/host_list_common.html', locals(), request)
|
|
|
|
|
|
@require_role(role='user')
|
|
def asset_list(request):
|
|
"""
|
|
list assets
|
|
列出资产表
|
|
"""
|
|
header_title, path1, path2 = u'查看主机', u'资产管理', u'查看主机'
|
|
keyword = request.GET.get('keyword', '')
|
|
gid = request.GET.get('gid', '') # asset group id
|
|
sid = request.GET.get('sid', '')
|
|
assets_list = Asset.objects.all().order_by('ip')
|
|
|
|
if keyword:
|
|
assets_list = assets_list.filter(Q(ip__contains=keyword) |
|
|
Q(comment__contains=keyword)).distinct().order_by('ip')
|
|
|
|
assets_list, p, assets, page_range, current_page, show_first, show_end = pages(assets_list, request)
|
|
return my_render('jasset/asset_list.html', locals(), request)
|
|
|
|
|
|
@require_role('admin')
|
|
def asset_del(request):
|
|
"""
|
|
del a asset
|
|
删除主机
|
|
"""
|
|
asset_id = request.GET.get('id', '')
|
|
if asset_id:
|
|
Asset.objects.filter(id=asset_id).delete()
|
|
return HttpResponse(u'删除成功')
|
|
return Http404
|
|
|
|
|
|
@require_role(role='super')
|
|
def asset_edit(request):
|
|
""" 修改主机 """
|
|
header_title, path1, path2 = u'修改资产', u'资产管理', u'修改资产'
|
|
|
|
asset_id = request.GET.get('id', '')
|
|
if not asset_id:
|
|
return HttpResponse('没有该主机')
|
|
asset = get_object(Asset, id=asset_id)
|
|
|
|
if request.method == 'POST':
|
|
ip = request.POST.get('ip')
|
|
port = request.POST.get('port')
|
|
groups = request.POST.getlist('groups')
|
|
use_default_auth = True if request.POST.getlist('use_default_auth', []) else False
|
|
is_active = True if request.POST.get('is_active') else False
|
|
comment = request.POST.get('comment')
|
|
|
|
if not use_default_auth:
|
|
username = request.POST.get('username')
|
|
password = request.POST.get('password')
|
|
if password == asset.password:
|
|
password_encode = password
|
|
else:
|
|
password_encode = CRYPTOR.encrypt(password)
|
|
else:
|
|
username = None
|
|
password_encode = None
|
|
|
|
try:
|
|
asset_test = get_object(Asset, ip=ip)
|
|
if asset_test and asset_id != str(asset_test.id):
|
|
error = u'该IP %s 已存在!' % ip
|
|
raise ServerError(error)
|
|
except ServerError:
|
|
pass
|
|
else:
|
|
db_asset_update(id=asset_id, ip=ip, port=port, use_default_auth=use_default_auth,
|
|
username=username, password=password_encode,
|
|
is_active=is_active, comment=comment)
|
|
msg = u'主机 %s 修改成功' % ip
|
|
return HttpResponseRedirect('/jasset/asset_detail/?id=%s' % asset_id)
|
|
|
|
return my_render('jasset/asset_edit.html', locals(), request)
|
|
|
|
|
|
# @require_role(role='admin')
|
|
# def host_edit_adm(request):
|
|
# """ 部门管理员修改主机 """
|
|
# header_title, path1, path2 = u'修改主机', u'资产管理', u'修改主机'
|
|
# actives = {1: u'激活', 0: u'禁用'}
|
|
# login_types = {'L': 'LDAP', 'M': 'MAP'}
|
|
# eidc = IDC.objects.all()
|
|
# dept = get_session_user_info(request)[5]
|
|
# egroup = BisGroup.objects.exclude(name='ALL').filter(dept=dept)
|
|
# host_id = request.GET.get('id', '')
|
|
# post = Asset.objects.filter(id=int(host_id))
|
|
# if post:
|
|
# post = post[0]
|
|
# else:
|
|
# return httperror(request, '没有此主机!')
|
|
#
|
|
# e_group = post.bis_group.all()
|
|
#
|
|
# if request.method == 'POST':
|
|
# j_ip = request.POST.get('j_ip')
|
|
# j_idc = request.POST.get('j_idc')
|
|
# j_port = request.POST.get('j_port')
|
|
# j_type = request.POST.get('j_type')
|
|
# j_dept = request.POST.getlist('j_dept')
|
|
# j_group = request.POST.getlist('j_group')
|
|
# j_active = request.POST.get('j_active')
|
|
# j_comment = request.POST.get('j_comment')
|
|
#
|
|
# host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment]
|
|
#
|
|
# if not validate(request, asset_group=j_group, edept=j_dept):
|
|
# emg = u'修改失败,您无权操作!'
|
|
# return my_render('jasset/asset_edit.html', locals(), request)
|
|
#
|
|
# if j_type == 'M':
|
|
# j_user = request.POST.get('j_user')
|
|
# j_password = request.POST.get('j_password')
|
|
# db_host_update(host_info, j_user, j_password, post)
|
|
# else:
|
|
# db_host_update(host_info, post)
|
|
#
|
|
# smg = u'主机 %s 修改成功' % j_ip
|
|
# return HttpResponseRedirect('/jasset/host_detail/?id=%s' % host_id)
|
|
#
|
|
# return my_render('jasset/asset_edit.html', locals(), request)
|
|
|
|
|
|
@require_role('admin')
|
|
def asset_detail(request):
|
|
""" 主机详情 """
|
|
header_title, path1, path2 = u'主机详细信息', u'资产管理', u'主机详情'
|
|
asset_id = request.GET.get('id', '')
|
|
asset = get_object(Asset, id=asset_id)
|
|
|
|
return my_render('jasset/asset_detail.html', locals(), request)
|
|
|
|
|
|
|
|
|
|
#
|
|
#
|
|
# @require_admin
|
|
# def group_edit(request):
|
|
# """ 修改主机组 """
|
|
# header_title, path1, path2 = u'编辑主机组', u'资产管理', u'编辑主机组'
|
|
# group_id = request.GET.get('id', '')
|
|
# group = BisGroup.objects.filter(id=group_id)
|
|
# if group:
|
|
# group = group[0]
|
|
# else:
|
|
# httperror(request, u'没有这个主机组!')
|
|
#
|
|
# host_all = Asset.objects.all()
|
|
# dept_id = get_session_user_info(request)[3]
|
|
# eposts = Asset.objects.filter(bis_group=group)
|
|
#
|
|
# if is_group_admin(request) and not validate(request, asset_group=[group_id]):
|
|
# return httperror(request, '编辑失败, 您无权操作!')
|
|
# dept = DEPT.objects.filter(id=group.dept.id)
|
|
# if dept:
|
|
# dept = dept[0]
|
|
# else:
|
|
# return httperror(request, u'没有这个部门!')
|
|
#
|
|
# all_dept = dept.asset_set.all()
|
|
# posts = [g for g in all_dept if g not in eposts]
|
|
#
|
|
# if request.method == 'POST':
|
|
# j_group = request.POST.get('j_group', '')
|
|
# j_hosts = request.POST.getlist('j_hosts', '')
|
|
# j_dept = request.POST.get('j_dept', '')
|
|
# j_comment = request.POST.get('j_comment', '')
|
|
#
|
|
# j_dept = DEPT.objects.filter(id=int(j_dept))
|
|
# j_dept = j_dept[0]
|
|
#
|
|
# group.asset_set.clear()
|
|
# for host in j_hosts:
|
|
# g = Asset.objects.get(id=host)
|
|
# group.asset_set.add(g)
|
|
# BisGroup.objects.filter(id=group_id).update(name=j_group, dept=j_dept, comment=j_comment)
|
|
# smg = u'主机组%s修改成功' % j_group
|
|
# return HttpResponseRedirect('/jasset/group_list')
|
|
#
|
|
# return my_render('jasset/group_edit.html', locals(), request)
|
|
#
|
|
#
|
|
# @require_admin
|
|
# def group_detail(request):
|
|
# """ 主机组详情 """
|
|
# header_title, path1, path2 = u'主机组详情', u'资产管理', u'主机组详情'
|
|
# login_types = {'L': 'LDAP', 'M': 'MAP'}
|
|
# dept = get_session_user_info(request)[5]
|
|
# group_id = request.GET.get('id', '')
|
|
# group = BisGroup.objects.get(id=group_id)
|
|
# if is_super_user(request):
|
|
# posts = Asset.objects.filter(bis_group=group).order_by('ip')
|
|
#
|
|
# elif is_group_admin(request):
|
|
# if not validate(request, asset_group=[group_id]):
|
|
# return httperror(request, u'您无权查看!')
|
|
# posts = Asset.objects.filter(bis_group=group).filter(dept=dept).order_by('ip')
|
|
#
|
|
# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
|
|
# return my_render('jasset/group_detail.html', locals(), request)
|
|
#
|
|
#
|
|
# @require_admin
|
|
# def group_del_host(request):
|
|
# """ 主机组中剔除主机, 并不删除真实主机 """
|
|
# if request.method == 'POST':
|
|
# group_id = request.POST.get('group_id')
|
|
# offset = request.GET.get('id', '')
|
|
# group = BisGroup.objects.get(id=group_id)
|
|
# if offset == 'group':
|
|
# len_list = request.POST.get("len_list")
|
|
# for i in range(int(len_list)):
|
|
# key = "id_list[" + str(i) + "]"
|
|
# jid = request.POST.get(key)
|
|
# g = Asset.objects.get(id=jid)
|
|
# group.asset_set.remove(g)
|
|
#
|
|
# else:
|
|
# offset = request.GET.get('id', '')
|
|
# group_id = request.GET.get('gid', '')
|
|
# group = BisGroup.objects.get(id=group_id)
|
|
# g = Asset.objects.get(id=offset)
|
|
# group.asset_set.remove(g)
|
|
#
|
|
# return HttpResponseRedirect('/jasset/group_detail/?id=%s' % group.id)
|
|
#
|
|
|
|
# @require_admin
|
|
# def dept_host_ajax(request):
|
|
# """ 添加主机组时, 部门联动主机异步 """
|
|
# dept_id = request.GET.get('id', '')
|
|
# if dept_id not in ['1', '2']:
|
|
# dept = DEPT.objects.filter(id=dept_id)
|
|
# if dept:
|
|
# dept = dept[0]
|
|
# hosts = dept.asset_set.all()
|
|
# else:
|
|
# hosts = Asset.objects.all()
|
|
#
|
|
# return my_render('jasset/dept_host_ajax.html', locals(), request)
|
|
#
|
|
#
|
|
# def show_all_ajax(request):
|
|
# """ 批量修改主机时, 部门和组全部显示 """
|
|
# env = request.GET.get('env', '')
|
|
# get_id = request.GET.get('id', '')
|
|
# host = Asset.objects.filter(id=get_id)
|
|
# if host:
|
|
# host = host[0]
|
|
# return my_render('jasset/show_all_ajax.html', locals(), request)
|
|
#
|
|
#
|
|
# @require_login
|
|
# def host_search(request):
|
|
# """ 搜索主机 """
|
|
# keyword = request.GET.get('keyword')
|
|
# login_types = {'L': 'LDAP', 'M': 'MAP'}
|
|
# dept = get_session_user_info(request)[5]
|
|
# post_all = Asset.objects.filter(Q(ip__contains=keyword) |
|
|
# Q(idc__name__contains=keyword) |
|
|
# Q(bis_group__name__contains=keyword) |
|
|
# Q(comment__contains=keyword)).distinct().order_by('ip')
|
|
# if is_super_user(request):
|
|
# posts = post_all
|
|
#
|
|
# elif is_group_admin(request):
|
|
# posts = post_all.filter(dept=dept)
|
|
#
|
|
# elif is_common_user(request):
|
|
# user_id, username = get_session_user_info(request)[0:2]
|
|
# post_perm = user_perm_asset_api(username)
|
|
# posts = list(set(post_all) & set(post_perm))
|
|
# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
|
|
#
|
|
# return my_render('jasset/host_search.html', locals(), request) |