mirror of https://github.com/jumpserver/jumpserver
902 lines
32 KiB
Python
902 lines
32 KiB
Python
# coding:utf-8
|
|
|
|
import ast
|
|
|
|
from django.db.models import Q
|
|
from django.template import RequestContext
|
|
from jperm.models import Perm
|
|
from jumpserver.api import *
|
|
|
|
cryptor = PyCrypt(KEY)
|
|
|
|
|
|
class RaiseError(Exception):
|
|
pass
|
|
|
|
|
|
def my_render(template, data, request):
|
|
return render_to_response(template, data, context_instance=RequestContext(request))
|
|
|
|
|
|
def get_host_groups(groups):
|
|
""" 获取主机所属的组类 """
|
|
ret = []
|
|
for group_id in groups:
|
|
group = BisGroup.objects.filter(id=group_id)
|
|
if group:
|
|
group = group[0]
|
|
ret.append(group)
|
|
return ret
|
|
|
|
|
|
def get_host_depts(depts):
|
|
""" 获取主机所属的部门类 """
|
|
ret = []
|
|
for dept_id in depts:
|
|
dept = DEPT.objects.filter(id=dept_id)
|
|
if dept:
|
|
dept = dept[0]
|
|
ret.append(dept)
|
|
return ret
|
|
|
|
|
|
def db_host_insert(host_info, username='', password=''):
|
|
""" 添加主机时数据库操作函数 """
|
|
ip, port, idc, jtype, group, dept, active, comment = host_info
|
|
idc = IDC.objects.filter(id=idc)
|
|
if idc:
|
|
idc = idc[0]
|
|
if jtype == 'M':
|
|
password = cryptor.encrypt(password)
|
|
a = Asset(ip=ip, port=port,
|
|
login_type=jtype, idc=idc,
|
|
is_active=int(active),
|
|
comment=comment,
|
|
username=username,
|
|
password=password)
|
|
else:
|
|
a = Asset(ip=ip, port=port,
|
|
login_type=jtype, idc=idc,
|
|
is_active=int(active),
|
|
comment=comment)
|
|
a.save()
|
|
|
|
all_group = BisGroup.objects.get(name='ALL')
|
|
groups = get_host_groups(group)
|
|
groups.append(all_group)
|
|
|
|
depts = get_host_depts(dept)
|
|
|
|
a.bis_group = groups
|
|
a.dept = depts
|
|
a.save()
|
|
|
|
|
|
def db_host_update(host_info, username='', password=''):
|
|
""" 修改主机时数据库操作函数 """
|
|
ip, port, idc, jtype, group, dept, active, comment, host = host_info
|
|
idc = IDC.objects.filter(id=idc)
|
|
if idc:
|
|
idc = idc[0]
|
|
groups = get_host_groups(group)
|
|
depts = get_host_depts(dept)
|
|
host.ip = ip
|
|
host.port = port
|
|
host.login_type = jtype
|
|
host.idc = idc
|
|
host.is_active = int(active)
|
|
host.comment = comment
|
|
|
|
if jtype == 'M':
|
|
if password != host.password:
|
|
password = cryptor.encrypt(password)
|
|
host.password = password
|
|
host.username = username
|
|
host.password = password
|
|
host.save()
|
|
host.bis_group = groups
|
|
host.dept = depts
|
|
host.save()
|
|
|
|
|
|
def batch_host_edit(host_info, j_user='', j_password=''):
|
|
""" 批量修改主机函数 """
|
|
j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment = host_info
|
|
groups, depts = [], []
|
|
is_active = {u'是': '1', u'否': '2'}
|
|
login_types = {'LDAP': 'L', 'MAP': 'M'}
|
|
for group in j_group[0].split():
|
|
c = BisGroup.objects.get(name=group.strip())
|
|
groups.append(c)
|
|
for d in j_dept[0].split():
|
|
p = DEPT.objects.get(name=d.strip())
|
|
depts.append(p)
|
|
j_type = login_types[j_type]
|
|
j_idc = IDC.objects.get(name=j_idc)
|
|
a = Asset.objects.get(id=j_id)
|
|
if j_type == 'M':
|
|
if a.password != j_password:
|
|
j_password = cryptor.decrypt(j_password)
|
|
a.ip = j_ip
|
|
a.port = j_port
|
|
a.login_type = j_type
|
|
a.idc = j_idc
|
|
a.is_active = j_active
|
|
a.comment = j_comment
|
|
a.username = j_user
|
|
a.password = j_password
|
|
else:
|
|
a.ip = j_ip
|
|
a.port = j_port
|
|
a.idc = j_idc
|
|
a.login_type = j_type
|
|
a.is_active = is_active[j_active]
|
|
a.comment = j_comment
|
|
a.save()
|
|
a.bis_group = groups
|
|
a.dept = depts
|
|
a.save()
|
|
|
|
|
|
def db_host_delete(request, host_id):
|
|
""" 删除主机操作 """
|
|
if is_group_admin(request) and not validate(request, asset=[host_id]):
|
|
return httperror(request, '删除失败, 您无权删除!')
|
|
|
|
asset = Asset.objects.filter(id=host_id)
|
|
if asset:
|
|
asset.delete()
|
|
else:
|
|
return httperror(request, '删除失败, 没有此主机!')
|
|
|
|
|
|
def db_idc_delete(request, idc_id):
|
|
""" 删除IDC操作 """
|
|
if idc_id == 1:
|
|
return httperror(request, '删除失败, 默认IDC不能删除!')
|
|
|
|
default_idc = IDC.objects.get(id=1)
|
|
|
|
idc = IDC.objects.filter(id=idc_id)
|
|
if idc:
|
|
idc_class = idc.first()
|
|
idc_class.asset_set.update(idc=default_idc)
|
|
idc.delete()
|
|
else:
|
|
return httperror(request, '删除失败, 没有这个IDC!')
|
|
|
|
|
|
@require_admin
|
|
def host_add(request):
|
|
""" 添加主机 """
|
|
header_title, path1, path2 = u'添加主机', u'资产管理', u'添加主机'
|
|
login_types = {'L': 'LDAP', 'M': 'MAP'}
|
|
eidc = IDC.objects.exclude(name='ALL')
|
|
if is_super_user(request):
|
|
edept = DEPT.objects.all()
|
|
egroup = BisGroup.objects.exclude(name='ALL')
|
|
elif is_group_admin(request):
|
|
dept = get_session_user_info(request)[5]
|
|
egroup = dept.bisgroup_set.all()
|
|
|
|
if request.method == 'POST':
|
|
j_ip = request.POST.get('j_ip')
|
|
j_idc = request.POST.get('j_idc')
|
|
j_port = request.POST.get('j_port')
|
|
j_type = request.POST.get('j_type')
|
|
j_group = request.POST.getlist('j_group')
|
|
j_active = request.POST.get('j_active')
|
|
j_comment = request.POST.get('j_comment')
|
|
j_dept = request.POST.getlist('j_dept')
|
|
|
|
host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment]
|
|
if is_group_admin(request) and not verify(request, asset_group=j_group, edept=j_dept):
|
|
return httperror(request, u'添加失败,您无权操作!')
|
|
|
|
if Asset.objects.filter(ip=str(j_ip)):
|
|
emg = u'该IP %s 已存在!' % j_ip
|
|
return my_render('jasset/host_add.html', locals(), request)
|
|
if j_type == 'M':
|
|
j_user = request.POST.get('j_user')
|
|
j_password = request.POST.get('j_password', '')
|
|
db_host_insert(host_info, j_user, j_password)
|
|
else:
|
|
db_host_insert(host_info)
|
|
smg = u'主机 %s 添加成功' % j_ip
|
|
|
|
return my_render('jasset/host_add.html', locals(), request)
|
|
|
|
|
|
@require_admin
|
|
def host_add_batch(request):
|
|
""" 批量添加主机 """
|
|
header_title, path1, path2 = u'批量添加主机', u'资产管理', u'批量添加主机'
|
|
login_types = {'LDAP': 'L', 'MAP': 'M'}
|
|
active_types = {'激活': 1, '禁用': 0}
|
|
dept_id = get_user_dept(request)
|
|
if request.method == 'POST':
|
|
multi_hosts = request.POST.get('j_multi').split('\n')
|
|
for host in multi_hosts:
|
|
if host == '':
|
|
break
|
|
j_ip, j_port, j_type, j_idc, j_groups, j_depts, j_active, j_comment = host.split()
|
|
j_active = active_types[str(j_active)]
|
|
j_group = ast.literal_eval(j_groups)
|
|
j_dept = ast.literal_eval(j_depts)
|
|
|
|
if j_type not in ['LDAP', 'MAP']:
|
|
return httperror(request, u'没有%s这种登录方式!' %j_type)
|
|
|
|
j_type = login_types[j_type]
|
|
idc = IDC.objects.filter(name=j_idc)
|
|
if idc:
|
|
j_idc = idc[0].id
|
|
else:
|
|
return httperror(request, '添加失败, 没有%s这个IDC' % j_idc)
|
|
|
|
group_ids, dept_ids = [], []
|
|
for group_name in j_group:
|
|
group = BisGroup.objects.filter(name=group_name)
|
|
if group:
|
|
group_id = group[0].id
|
|
else:
|
|
return httperror(request, '添加失败, 没有%s这个主机组' % group_name)
|
|
group_ids.append(group_id)
|
|
|
|
for dept_name in j_dept:
|
|
dept = DEPT.objects.filter(name=dept_name)
|
|
if dept:
|
|
dept_id = dept[0].id
|
|
else:
|
|
return httperror(request, '添加失败, 没有%s这个部门' % dept_name)
|
|
dept_ids.append(dept_id)
|
|
|
|
if is_group_admin(request) and not verify(request, asset_group=group_ids, edept=dept_ids):
|
|
return httperror(request, '添加失败, 没有%s这个主机组' % group_name)
|
|
|
|
if Asset.objects.filter(ip=str(j_ip)):
|
|
return httperror(request, '添加失败, 改IP%s已存在' % j_ip)
|
|
|
|
host_info = [j_ip, j_port, j_idc, j_type, group_ids, dept_ids, j_active, j_comment]
|
|
db_host_insert(host_info)
|
|
|
|
smg = u'批量添加添加成功'
|
|
return my_render('jasset/host_add_multi.html', locals(), request)
|
|
|
|
return my_render('jasset/host_add_multi.html', locals(), request)
|
|
|
|
|
|
@require_admin
|
|
def host_edit_batch(request):
|
|
""" 批量修改主机 """
|
|
if request.method == 'POST':
|
|
len_table = request.POST.get('len_table')
|
|
for i in range(int(len_table)):
|
|
j_id = "editable[" + str(i) + "][j_id]"
|
|
j_ip = "editable[" + str(i) + "][j_ip]"
|
|
j_port = "editable[" + str(i) + "][j_port]"
|
|
j_dept = "editable[" + str(i) + "][j_dept]"
|
|
j_idc = "editable[" + str(i) + "][j_idc]"
|
|
j_type = "editable[" + str(i) + "][j_type]"
|
|
j_group = "editable[" + str(i) + "][j_group]"
|
|
j_active = "editable[" + str(i) + "][j_active]"
|
|
j_comment = "editable[" + str(i) + "][j_comment]"
|
|
|
|
j_id = request.POST.get(j_id).strip()
|
|
j_ip = request.POST.get(j_ip).strip()
|
|
j_port = request.POST.get(j_port).strip()
|
|
j_dept = request.POST.getlist(j_dept)
|
|
j_idc = request.POST.get(j_idc).strip()
|
|
j_type = request.POST.get(j_type).strip()
|
|
j_group = request.POST.getlist(j_group)
|
|
j_active = request.POST.get(j_active).strip()
|
|
j_comment = request.POST.get(j_comment).strip()
|
|
|
|
host_info = [j_id, j_ip, j_idc, j_port, j_type, j_group, j_dept, j_active, j_comment]
|
|
batch_host_edit(host_info)
|
|
|
|
return HttpResponseRedirect('/jasset/host_list/')
|
|
|
|
|
|
@require_login
|
|
def host_edit_common_batch(request):
|
|
""" 普通用户批量修改主机别名 """
|
|
u = get_session_user_info(request)[2]
|
|
if request.method == 'POST':
|
|
len_table = request.POST.get('len_table')
|
|
for i in range(int(len_table)):
|
|
j_id = "editable[" + str(i) + "][j_id]"
|
|
j_alias = "editable[" + str(i) + "][j_alias]"
|
|
j_id = request.POST.get(j_id, '').strip()
|
|
j_alias = request.POST.get(j_alias, '').strip()
|
|
a = Asset.objects.get(id=j_id)
|
|
asset_alias = AssetAlias.objects.filter(user=u, host=a)
|
|
if asset_alias:
|
|
asset_alias = asset_alias[0]
|
|
asset_alias.alias = j_alias
|
|
asset_alias.save()
|
|
else:
|
|
AssetAlias.objects.create(user=u, host=a, alias=j_alias)
|
|
return my_render('jasset/host_list_common.html')
|
|
|
|
|
|
@require_login
|
|
def host_list(request):
|
|
""" 列出主机 """
|
|
header_title, path1, path2 = u'查看主机', u'资产管理', u'查看主机'
|
|
keyword = request.GET.get('keyword', '')
|
|
dept_id = get_session_user_info(request)[3]
|
|
dept = DEPT.objects.get(id=dept_id)
|
|
did = request.GET.get('did', '')
|
|
gid = request.GET.get('gid', '')
|
|
sid = request.GET.get('sid', '')
|
|
user_id = get_session_user_info(request)[0]
|
|
|
|
post_all = Asset.objects.all().order_by('ip')
|
|
post_keyword_all = Asset.objects.filter(Q(ip__contains=keyword) |
|
|
Q(idc__name__contains=keyword) |
|
|
Q(bis_group__name__contains=keyword) |
|
|
Q(comment__contains=keyword)).distinct().order_by('ip')
|
|
if did:
|
|
if is_common_user(request) or is_group_admin(request):
|
|
return httperror(request, u'您无权查看!')
|
|
|
|
dept = DEPT.objects.get(id=did)
|
|
posts = dept.asset_set.all()
|
|
return my_render('jasset/host_list_nop.html', locals(), request)
|
|
|
|
elif gid:
|
|
if is_common_user(request):
|
|
return httperror(request, u'您无权查看!')
|
|
|
|
elif is_group_admin(request) and not verify(request, user_group=[gid]):
|
|
return httperror(request, u'您无权查看!')
|
|
|
|
posts = []
|
|
user_group = UserGroup.objects.filter(id=gid)
|
|
if user_group:
|
|
perms = Perm.objects.filter(user_group=user_group)
|
|
for perm in perms:
|
|
for post in perm.asset_group.asset_set.all():
|
|
posts.append(post)
|
|
posts = list(set(posts))
|
|
else:
|
|
return httperror(request, u'没有这个小组!')
|
|
return my_render('jasset/host_list_nop.html', locals(), request)
|
|
|
|
elif sid:
|
|
if is_common_user(request):
|
|
return httperror(request, u'您无权查看!')
|
|
|
|
elif is_group_admin(request) and not verify(request, user_group=[sid]):
|
|
return httperror(request, u'您无权查看!')
|
|
|
|
posts, asset_groups = [], []
|
|
user_group = UserGroup.objects.filter(id=int(sid))
|
|
if user_group:
|
|
user_group = user_group[0]
|
|
for perm in user_group.sudoperm_set.all():
|
|
asset_groups.extend(perm.asset_group.all())
|
|
|
|
for asset_group in asset_groups:
|
|
posts.extend(asset_group.asset_set.all())
|
|
posts = list(set(posts))
|
|
else:
|
|
return httperror(request, u'没有这个sudo授权!')
|
|
return my_render('jasset/host_list_nop.html', locals(), request)
|
|
|
|
else:
|
|
if is_super_user(request):
|
|
if keyword:
|
|
posts = post_keyword_all
|
|
else:
|
|
posts = post_all
|
|
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
|
|
return my_render('jasset/host_list.html', locals(), request)
|
|
|
|
elif is_group_admin(request):
|
|
if keyword:
|
|
posts = post_keyword_all.filter(dept=dept)
|
|
else:
|
|
posts = post_all.filter(dept=dept)
|
|
|
|
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
|
|
return my_render('jasset/host_list.html', locals(), request)
|
|
|
|
elif is_common_user(request):
|
|
user_id, username = get_session_user_info(request)[0:2]
|
|
posts = user_perm_asset_api(username)
|
|
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
|
|
return my_render('jasset/host_list_common.html', locals(), request)
|
|
|
|
|
|
@require_admin
|
|
def host_del(request, offset):
|
|
""" 删除主机 """
|
|
if offset == 'multi':
|
|
len_list = request.POST.get("len_list")
|
|
for i in range(int(len_list)):
|
|
key = "id_list[" + str(i) + "]"
|
|
host_id = request.POST.get(key)
|
|
db_host_delete(request, host_id)
|
|
else:
|
|
host_id = int(offset)
|
|
db_host_delete(request, host_id)
|
|
|
|
return HttpResponseRedirect('/jasset/host_list/')
|
|
|
|
|
|
@require_super_user
|
|
def host_edit(request):
|
|
""" 修改主机 """
|
|
header_title, path1, path2 = u'修改主机', u'资产管理', u'修改主机'
|
|
actives = {1: u'激活', 0: u'禁用'}
|
|
login_types = {'L': 'LDAP', 'M': 'MAP'}
|
|
eidc = IDC.objects.all()
|
|
egroup = BisGroup.objects.exclude(name='ALL')
|
|
edept = DEPT.objects.all()
|
|
host_id = request.GET.get('id', '')
|
|
post = Asset.objects.filter(id=int(host_id))
|
|
if post:
|
|
post = post[0]
|
|
else:
|
|
return httperror(request, '没有此主机!')
|
|
|
|
e_group = post.bis_group.all()
|
|
e_dept = post.dept.all()
|
|
|
|
if request.method == 'POST':
|
|
j_ip = request.POST.get('j_ip', '')
|
|
j_idc = request.POST.get('j_idc', '')
|
|
j_port = request.POST.get('j_port', '')
|
|
j_type = request.POST.get('j_type', '')
|
|
j_dept = request.POST.getlist('j_dept', '')
|
|
j_group = request.POST.getlist('j_group', '')
|
|
j_active = request.POST.get('j_active', '')
|
|
j_comment = request.POST.get('j_comment', '')
|
|
|
|
host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment, post]
|
|
if j_type == 'M':
|
|
j_user = request.POST.get('j_user')
|
|
j_password = request.POST.get('j_password')
|
|
db_host_update(host_info, j_user, j_password)
|
|
else:
|
|
db_host_update(host_info)
|
|
|
|
smg = u'主机 %s 修改成功' % j_ip
|
|
return HttpResponseRedirect('/jasset/host_detail/?id=%s' % host_id)
|
|
|
|
return my_render('jasset/host_edit.html', locals(), request)
|
|
|
|
|
|
@require_admin
|
|
def host_edit_adm(request):
|
|
""" 部门管理员修改主机 """
|
|
header_title, path1, path2 = u'修改主机', u'资产管理', u'修改主机'
|
|
actives = {1: u'激活', 0: u'禁用'}
|
|
login_types = {'L': 'LDAP', 'M': 'MAP'}
|
|
eidc = IDC.objects.all()
|
|
dept = get_session_user_info(request)[5]
|
|
egroup = BisGroup.objects.exclude(name='ALL').filter(dept=dept)
|
|
host_id = request.GET.get('id', '')
|
|
post = Asset.objects.filter(id=int(host_id))
|
|
if post:
|
|
post = post[0]
|
|
else:
|
|
return httperror(request, '没有此主机!')
|
|
|
|
e_group = post.bis_group.all()
|
|
|
|
if request.method == 'POST':
|
|
j_ip = request.POST.get('j_ip')
|
|
j_idc = request.POST.get('j_idc')
|
|
j_port = request.POST.get('j_port')
|
|
j_type = request.POST.get('j_type')
|
|
j_dept = request.POST.getlist('j_dept')
|
|
j_group = request.POST.getlist('j_group')
|
|
j_active = request.POST.get('j_active')
|
|
j_comment = request.POST.get('j_comment')
|
|
|
|
host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment]
|
|
|
|
if not verify(request, asset_group=j_group, edept=j_dept):
|
|
emg = u'修改失败,您无权操作!'
|
|
return my_render('jasset/host_edit.html', locals(), request)
|
|
|
|
if j_type == 'M':
|
|
j_user = request.POST.get('j_user')
|
|
j_password = request.POST.get('j_password')
|
|
db_host_update(host_info, j_user, j_password, post)
|
|
else:
|
|
db_host_update(host_info, post)
|
|
|
|
smg = u'主机 %s 修改成功' % j_ip
|
|
return HttpResponseRedirect('/jasset/host_detail/?id=%s' % host_id)
|
|
|
|
return my_render('jasset/host_edit.html', locals(), request)
|
|
|
|
|
|
@require_login
|
|
def host_detail(request):
|
|
""" 主机详情 """
|
|
header_title, path1, path2 = u'主机详细信息', u'资产管理', u'主机详情'
|
|
host_id = request.GET.get('id', '')
|
|
post = Asset.objects.filter(id=host_id)
|
|
if not post:
|
|
return httperror(request, '没有此主机!')
|
|
post = post.first()
|
|
|
|
if is_group_admin(request) and not verify(request, asset=[host_id]):
|
|
return httperror(request, '您无权查看!')
|
|
|
|
elif is_common_user(request):
|
|
username = get_session_user_info(request)[1]
|
|
user_permed_hosts = user_perm_asset_api(username)
|
|
if post not in user_permed_hosts:
|
|
return httperror(request, '您无权查看!')
|
|
else:
|
|
log_all = Log.objects.filter(host=post.ip)
|
|
log, log_more = log_all[:10], log_all[10:]
|
|
user_permed_list = asset_perm_api(post)
|
|
|
|
return my_render('jasset/host_detail.html', locals(), request)
|
|
|
|
|
|
@require_super_user
|
|
def idc_add(request):
|
|
""" 添加IDC """
|
|
header_title, path1, path2 = u'添加IDC', u'资产管理', u'添加IDC'
|
|
if request.method == 'POST':
|
|
j_idc = request.POST.get('j_idc')
|
|
j_comment = request.POST.get('j_comment')
|
|
if IDC.objects.filter(name=j_idc):
|
|
emg = u'该IDC已存在!'
|
|
return my_render('jasset/idc_add.html', locals(), request)
|
|
else:
|
|
smg = u'IDC:%s添加成功' % j_idc
|
|
IDC.objects.create(name=j_idc, comment=j_comment)
|
|
|
|
return my_render('jasset/idc_add.html', locals(), request)
|
|
|
|
|
|
@require_admin
|
|
def idc_list(request):
|
|
""" 列出IDC """
|
|
header_title, path1, path2 = u'查看IDC', u'资产管理', u'查看IDC'
|
|
dept_id = get_user_dept(request)
|
|
dept = DEPT.objects.get(id=dept_id)
|
|
keyword = request.GET.get('keyword', '')
|
|
if keyword:
|
|
posts = IDC.objects.filter(Q(name__contains=keyword) | Q(comment__contains=keyword))
|
|
else:
|
|
posts = IDC.objects.exclude(name='ALL').order_by('id')
|
|
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
|
|
return my_render('jasset/idc_list.html', locals(), request)
|
|
|
|
|
|
@require_super_user
|
|
def idc_edit(request):
|
|
""" 修改IDC """
|
|
header_title, path1, path2 = u'编辑IDC', u'资产管理', u'编辑IDC'
|
|
idc_id = request.GET.get('id', '')
|
|
idc = IDC.objects.filter(id=idc_id)
|
|
if int(idc_id) == 1:
|
|
return httperror(request, u'默认IDC不能编辑!')
|
|
if idc:
|
|
idc = idc[0]
|
|
default = IDC.objects.get(id=1).asset_set.all()
|
|
eposts = Asset.objects.filter(idc=idc).order_by('ip')
|
|
posts = [g for g in default if g not in eposts]
|
|
else:
|
|
return httperror(request, u'此IDC不存在')
|
|
|
|
if request.method == 'POST':
|
|
idc_id = request.POST.get('id')
|
|
j_idc = request.POST.get('j_idc')
|
|
j_hosts = request.POST.getlist('j_hosts')
|
|
j_comment = request.POST.get('j_comment')
|
|
idc_default = request.POST.getlist('idc_default')
|
|
|
|
idc = IDC.objects.filter(id=idc_id)
|
|
if idc:
|
|
idc.update(name=j_idc, comment=j_comment)
|
|
for host_id in j_hosts:
|
|
Asset.objects.filter(id=host_id).update(idc=idc[0])
|
|
|
|
i = IDC.objects.get(id=1)
|
|
for host in idc_default:
|
|
g = Asset.objects.filter(id=host).update(idc=i)
|
|
else:
|
|
return httperror(request, u'此IDC不存在')
|
|
|
|
return HttpResponseRedirect('/jasset/idc_list/?id=%s' % idc_id)
|
|
|
|
return my_render('jasset/idc_edit.html', locals(), request)
|
|
|
|
|
|
@require_admin
|
|
def idc_detail(request):
|
|
""" IDC详情 """
|
|
header_title, path1, path2 = u'IDC详情', u'资产管理', u'IDC详情'
|
|
login_types = {'L': 'LDAP', 'M': 'MAP'}
|
|
idc_id = request.GET.get('id', '')
|
|
idc_filter = IDC.objects.filter(id=idc_id)
|
|
if idc_filter:
|
|
idc = idc_filter[0]
|
|
else:
|
|
return httperror(request, '没有此IDC')
|
|
dept = get_session_user_info(request)[5]
|
|
if is_super_user(request):
|
|
posts = Asset.objects.filter(idc=idc).order_by('ip')
|
|
elif is_group_admin(request):
|
|
posts = Asset.objects.filter(idc=idc, dept=dept).order_by('ip')
|
|
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
|
|
|
|
return my_render('jasset/idc_detail.html', locals(), request)
|
|
|
|
|
|
@require_super_user
|
|
def idc_del(request):
|
|
""" 删除IDC """
|
|
offset = request.GET.get('id', '')
|
|
if offset == 'multi':
|
|
len_list = request.POST.get("len_list")
|
|
for i in range(int(len_list)):
|
|
key = "id_list[" + str(i) + "]"
|
|
idc_id = request.POST.get(key)
|
|
db_idc_delete(request, int(idc_id))
|
|
else:
|
|
db_idc_delete(request, int(offset))
|
|
return HttpResponseRedirect('/jasset/idc_list/')
|
|
|
|
|
|
@require_admin
|
|
def group_add(request):
|
|
""" 添加主机组 """
|
|
header_title, path1, path2 = u'添加主机组', u'资产管理', u'添加主机组'
|
|
if is_super_user(request):
|
|
posts = Asset.objects.all()
|
|
edept = DEPT.objects.all()
|
|
elif is_group_admin(request):
|
|
dept_id = get_user_dept(request)
|
|
dept = DEPT.objects.get(id=dept_id)
|
|
posts = Asset.objects.filter(dept=dept)
|
|
edept = get_session_user_info(request)[5]
|
|
|
|
if request.method == 'POST':
|
|
j_group = request.POST.get('j_group', '')
|
|
j_dept = request.POST.get('j_dept', '')
|
|
j_hosts = request.POST.getlist('j_hosts', '')
|
|
j_comment = request.POST.get('j_comment', '')
|
|
|
|
try:
|
|
if is_group_admin(request) and not verify(request, asset=j_hosts, edept=[j_dept]):
|
|
emg = u'添加失败, 您无权操作!'
|
|
raise RaiseError
|
|
|
|
elif BisGroup.objects.filter(name=j_group):
|
|
emg = u'添加失败, 该主机组已存在!'
|
|
raise RaiseError
|
|
|
|
except RaiseError:
|
|
pass
|
|
|
|
else:
|
|
j_dept = DEPT.objects.filter(id=j_dept).first()
|
|
group = BisGroup.objects.create(name=j_group, dept=j_dept, comment=j_comment)
|
|
for host in j_hosts:
|
|
g = Asset.objects.get(id=host)
|
|
group.asset_set.add(g)
|
|
smg = u'主机组 %s 添加成功' % j_group
|
|
|
|
return my_render('jasset/group_add.html', locals(), request)
|
|
|
|
|
|
@require_admin
|
|
def group_list(request):
|
|
""" 列出主机组 """
|
|
header_title, path1, path2 = u'查看主机组', u'资产管理', u'查看主机组'
|
|
dept_id = get_user_dept(request)
|
|
dept = DEPT.objects.get(id=dept_id)
|
|
keyword = request.GET.get('keyword', '')
|
|
gid = request.GET.get('gid')
|
|
sid = request.GET.get('sid')
|
|
if gid:
|
|
if is_common_user(request):
|
|
return httperror(request, u'您无权查看!')
|
|
|
|
elif is_group_admin(request) and not verify(request, user_group=[gid]):
|
|
return httperror(request, u'您无权查看!')
|
|
|
|
posts = []
|
|
user_group = UserGroup.objects.filter(id=gid)
|
|
if user_group:
|
|
user_group = user_group[0]
|
|
perms = Perm.objects.filter(user_group=user_group)
|
|
for perm in perms:
|
|
posts.append(perm.asset_group)
|
|
|
|
elif sid:
|
|
if is_common_user(request):
|
|
return httperror(request, u'您无权查看!')
|
|
|
|
elif is_group_admin(request) and not verify(request, user_group=[sid]):
|
|
return httperror(request, u'您无权查看!')
|
|
|
|
posts = []
|
|
user_group = UserGroup.objects.filter(id=sid)
|
|
if user_group:
|
|
user_group = user_group[0]
|
|
for perm in user_group.sudoperm_set.all():
|
|
posts.extend(perm.asset_group.all())
|
|
posts = list(set(posts))
|
|
else:
|
|
return httperror(request, u'没有此sudo授权!')
|
|
|
|
else:
|
|
if is_super_user(request):
|
|
if keyword:
|
|
posts = BisGroup.objects.exclude(name='ALL').filter(
|
|
Q(name__contains=keyword) | Q(comment__contains=keyword))
|
|
else:
|
|
posts = BisGroup.objects.exclude(name='ALL').order_by('id')
|
|
elif is_group_admin(request):
|
|
if keyword:
|
|
posts = BisGroup.objects.filter(Q(name__contains=keyword) | Q(comment__contains=keyword)).filter(
|
|
dept=dept)
|
|
else:
|
|
posts = BisGroup.objects.filter(dept=dept).order_by('id')
|
|
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
|
|
return my_render('jasset/group_list.html', locals(), request)
|
|
|
|
|
|
@require_admin
|
|
def group_edit(request):
|
|
""" 修改主机组 """
|
|
header_title, path1, path2 = u'编辑主机组', u'资产管理', u'编辑主机组'
|
|
group_id = request.GET.get('id', '')
|
|
group = BisGroup.objects.filter(id=group_id)
|
|
if group:
|
|
group = group.first()
|
|
else:
|
|
httperror(request, u'没有这个主机组!')
|
|
|
|
host_all = Asset.objects.all()
|
|
dept_id = get_session_user_info(request)[3]
|
|
eposts = Asset.objects.filter(bis_group=group)
|
|
|
|
if is_group_admin(request) and not verify(request, asset_group=[group_id]):
|
|
return httperror(request, '编辑失败, 您无权操作!')
|
|
dept = DEPT.objects.filter(id=group.dept.id)
|
|
if dept:
|
|
dept = dept[0]
|
|
else:
|
|
return httperror(request, u'没有这个部门!')
|
|
|
|
all_dept = dept.asset_set.all()
|
|
posts = [g for g in all_dept if g not in eposts]
|
|
|
|
if request.method == 'POST':
|
|
j_group = request.POST.get('j_group', '')
|
|
j_hosts = request.POST.getlist('j_hosts', '')
|
|
j_dept = request.POST.get('j_dept', '')
|
|
j_comment = request.POST.get('j_comment', '')
|
|
|
|
j_dept = DEPT.objects.filter(id=int(j_dept))
|
|
j_dept = j_dept[0]
|
|
|
|
group.asset_set.clear()
|
|
for host in j_hosts:
|
|
g = Asset.objects.get(id=host)
|
|
group.asset_set.add(g)
|
|
BisGroup.objects.filter(id=group_id).update(name=j_group, dept=j_dept, comment=j_comment)
|
|
smg = u'主机组%s修改成功' % j_group
|
|
return HttpResponseRedirect('/jasset/group_list')
|
|
|
|
return my_render('jasset/group_edit.html', locals(), request)
|
|
|
|
|
|
@require_admin
|
|
def group_detail(request):
|
|
""" 主机组详情 """
|
|
header_title, path1, path2 = u'主机组详情', u'资产管理', u'主机组详情'
|
|
login_types = {'L': 'LDAP', 'M': 'MAP'}
|
|
dept = get_session_user_info(request)[5]
|
|
group_id = request.GET.get('id', '')
|
|
group = BisGroup.objects.get(id=group_id)
|
|
if is_super_user(request):
|
|
posts = Asset.objects.filter(bis_group=group).order_by('ip')
|
|
|
|
elif is_group_admin(request):
|
|
if not verify(request, asset_group=[group_id]):
|
|
return httperror(request, u'您无权查看!')
|
|
posts = Asset.objects.filter(bis_group=group).filter(dept=dept).order_by('ip')
|
|
|
|
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
|
|
return my_render('jasset/group_detail.html', locals(), request)
|
|
|
|
|
|
@require_admin
|
|
def group_del_host(request):
|
|
""" 主机组中剔除主机, 并不删除真实主机 """
|
|
if request.method == 'POST':
|
|
group_id = request.POST.get('group_id')
|
|
offset = request.GET.get('id', '')
|
|
group = BisGroup.objects.get(id=group_id)
|
|
if offset == 'group':
|
|
len_list = request.POST.get("len_list")
|
|
for i in range(int(len_list)):
|
|
key = "id_list[" + str(i) + "]"
|
|
jid = request.POST.get(key)
|
|
g = Asset.objects.get(id=jid)
|
|
group.asset_set.remove(g)
|
|
|
|
else:
|
|
offset = request.GET.get('id', '')
|
|
group_id = request.GET.get('gid', '')
|
|
group = BisGroup.objects.get(id=group_id)
|
|
g = Asset.objects.get(id=offset)
|
|
group.asset_set.remove(g)
|
|
|
|
return HttpResponseRedirect('/jasset/group_detail/?id=%s' % group.id)
|
|
|
|
|
|
@require_admin
|
|
def group_del(request):
|
|
""" 删除主机组 """
|
|
offset = request.GET.get('id', '')
|
|
if offset == 'multi':
|
|
len_list = request.POST.get("len_list")
|
|
for i in range(int(len_list)):
|
|
key = "id_list[" + str(i) + "]"
|
|
gid = request.POST.get(key)
|
|
if is_group_admin(request) and not verify(request, asset_group=[gid]):
|
|
return httperror(request, '删除失败, 您无权删除!')
|
|
BisGroup.objects.filter(id=gid).delete()
|
|
else:
|
|
gid = int(offset)
|
|
if is_group_admin(request) and not verify(request, asset_group=[gid]):
|
|
return httperror(request, '删除失败, 您无权删除!')
|
|
BisGroup.objects.filter(id=gid).delete()
|
|
return HttpResponseRedirect('/jasset/group_list/')
|
|
|
|
|
|
@require_admin
|
|
def dept_host_ajax(request):
|
|
""" 添加主机组时, 部门联动主机异步 """
|
|
dept_id = request.GET.get('id', '')
|
|
if dept_id not in ['1', '2']:
|
|
dept = DEPT.objects.filter(id=dept_id)
|
|
if dept:
|
|
dept = dept[0]
|
|
hosts = dept.asset_set.all()
|
|
else:
|
|
hosts = Asset.objects.all()
|
|
|
|
return my_render('jasset/dept_host_ajax.html', locals(), request)
|
|
|
|
|
|
@require_login
|
|
def host_search(request):
|
|
""" 搜索主机 """
|
|
keyword = request.GET.get('keyword')
|
|
login_types = {'L': 'LDAP', 'M': 'MAP'}
|
|
dept = get_session_user_info(request)[5]
|
|
post_all = Asset.objects.filter(Q(ip__contains=keyword) |
|
|
Q(idc__name__contains=keyword) |
|
|
Q(bis_group__name__contains=keyword) |
|
|
Q(comment__contains=keyword)).distinct().order_by('ip')
|
|
if is_super_user(request):
|
|
posts = post_all
|
|
|
|
elif is_group_admin(request):
|
|
posts = post_all.filter(dept=dept)
|
|
|
|
elif is_common_user(request):
|
|
username = get_session_user_info(request)[2]
|
|
post_perm = user_perm_asset_api(username)
|
|
posts = list(set(post_all) & set(post_perm))
|
|
|
|
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
|
|
|
|
return my_render('jasset/host_search.html', locals(), request) |