From ccad74bbd266fa0f6554765b6ab2ef50fc7858b2 Mon Sep 17 00:00:00 2001 From: Apex Liu Date: Wed, 16 May 2018 13:20:40 +0800 Subject: [PATCH 1/2] tmp. --- .../www/teleport/static/js/asset/host-list.js | 28 ++++++++++- server/www/teleport/view/asset/host-list.mako | 20 +++++++- server/www/teleport/view/user/user-list.mako | 2 +- .../teleport/webroot/app/controller/host.py | 8 +++- .../www/teleport/webroot/app/model/group.py | 46 +++++++++++++++++-- 5 files changed, 95 insertions(+), 9 deletions(-) diff --git a/server/www/teleport/static/js/asset/host-list.js b/server/www/teleport/static/js/asset/host-list.js index cd2e17c..6194274 100644 --- a/server/www/teleport/static/js/asset/host-list.js +++ b/server/www/teleport/static/js/asset/host-list.js @@ -3,6 +3,9 @@ $app.on_init = function (cb_stack) { $app.dom = { // assist_ver: $('#tp-assist-ver'), + btn_sel_group: $('#btn-sel-group button'), + group_list_for_sel: $('#btn-sel-group ul'), + btn_refresh_host: $('#btn-refresh-host'), btn_add_host: $('#btn-add-host'), chkbox_host_select_all: $('#table-host-select-all'), @@ -19,6 +22,27 @@ $app.on_init = function (cb_stack) { upload_file_message: $('#upload-file-message') }; + console.log($app.options.host_groups); + // var i = 0; + // var html = []; + // html.push('所有分组'); + // html.push('----------'); + // for(i = 0; i < $app.options.host_groups.length; ++i) { + // html.push(''+$app.options.host_groups[i].name+''); + // } + // $app.dom.sel_host_group.ap + + var html = []; + $.each($app.options.host_groups, function (i, item) { + html.push('
  • ' + item.name + '
    • '); + }); + $app.dom.group_list_for_sel.append($(html.join(''))); + $app.dom.group_list_for_sel.find('a[data-tp-selector]').click(function () { + var obj = $(this); + //$app.set_selected_to_role(parseInt(obj.attr('data-tp-selector')), obj.attr('data-name')); + }); + + // $tp.assist_checked = function () { // console.log("---------"); // if ($tp.assist.running) { @@ -1537,9 +1561,9 @@ $app.create_dlg_edit_account = function () { dlg.dom.block_sshkey.hide(); if (dlg.field_protocol === TP_PROTOCOL_TYPE_TELNET) { dlg.dom.block_prompt.show(); - if(dlg.dom.prompt_username.val().length === 0 && dlg.account.username_prompt.length === 0) + if (dlg.dom.prompt_username.val().length === 0 && dlg.account.username_prompt.length === 0) dlg.dom.prompt_username.val('ogin:'); - if(dlg.dom.prompt_password.val().length === 0 && dlg.account.password_prompt.length === 0) + if (dlg.dom.prompt_password.val().length === 0 && dlg.account.password_prompt.length === 0) dlg.dom.prompt_password.val('assword:'); } } else if (dlg.field_auth === TP_AUTH_TYPE_PRIVATE_KEY) { diff --git a/server/www/teleport/view/asset/host-list.mako b/server/www/teleport/view/asset/host-list.mako index 9ea874f..87689f4 100644 --- a/server/www/teleport/view/asset/host-list.mako +++ b/server/www/teleport/view/asset/host-list.mako @@ -6,11 +6,16 @@ <%inherit file="../page_base.mako"/> <%block name="extend_js_file"> -## +<%block name="embed_js"> + + + <%block name="embed_css"> @@ -18,7 +23,7 @@ <%block name="breadcrumb_extra">
      -##
    1. 服务器时间:-
      2. + ##
    2. 服务器时间:-
      3. ##
    3. 助手版本:
    @@ -29,9 +34,20 @@
    + +

    filter goes here...

    + + + +
    +
    主机列表 +
    diff --git a/server/www/teleport/view/user/user-list.mako b/server/www/teleport/view/user/user-list.mako index fc45446..55a10de 100644 --- a/server/www/teleport/view/user/user-list.mako +++ b/server/www/teleport/view/user/user-list.mako @@ -71,7 +71,7 @@
    -
    +
      diff --git a/server/www/teleport/webroot/app/controller/host.py b/server/www/teleport/webroot/app/controller/host.py index c3047f9..2c8c9d4 100644 --- a/server/www/teleport/webroot/app/controller/host.py +++ b/server/www/teleport/webroot/app/controller/host.py @@ -24,7 +24,13 @@ class HostListHandler(TPBaseHandler): ret = self.check_privilege(TP_PRIVILEGE_ASSET_CREATE | TP_PRIVILEGE_ASSET_DELETE | TP_PRIVILEGE_ASSET_GROUP) if ret != TPE_OK: return - self.render('asset/host-list.mako') + + err, groups = group.get_host_groups_for_user(self.current_user['id'], self.current_user['privilege']) + param = { + 'host_groups': groups + } + + self.render('asset/host-list.mako', page_param=json.dumps(param)) class DoGetHostsHandler(TPBaseJsonHandler): diff --git a/server/www/teleport/webroot/app/model/group.py b/server/www/teleport/webroot/app/model/group.py index 8c62940..46022e8 100644 --- a/server/www/teleport/webroot/app/model/group.py +++ b/server/www/teleport/webroot/app/model/group.py @@ -361,9 +361,49 @@ def get_groups(sql_filter, sql_order, sql_limit, sql_restrict, sql_exclude): return err, s.total_count, s.page_index, s.recorder -def get_host_groups_for_user(handler): - # 获取当前用户能查看的主机分组列表 - pass +def get_host_groups_for_user(user_id, user_privilege): + # get all host-groups for current logged in user. + + db = get_db() + + # step 0. return all host-groups if user have all host-group access privilege + if (user_privilege & (TP_PRIVILEGE_ASSET_CREATE | TP_PRIVILEGE_ASSET_DELETE | TP_PRIVILEGE_ASSET_GROUP)) != 0: + s = SQL(get_db()) + s.select_from('group', ['id', 'name'], alt_name='g') + s.where('g.type={}'.format(TP_GROUP_HOST)) + s.order_by('g.name') + err = s.query() + + return err, s.recorder + + # step 1. get all hosts which could be access by this user. + sql = 'SELECT `h_id` FROM `{dbtp}ops_map` WHERE `u_id`={dbph} GROUP BY `h_id`;'.format(dbtp=db.table_prefix, dbph=db.place_holder) + db_ret = db.query(sql, (user_id, )) + if db_ret is None or len(db_ret) == 0: + return TPE_NOT_EXISTS, None + + hosts = [] + for db_item in db_ret: + hosts.append(str(db_item[0])) + + # step 2. get groups which include those hosts. + sql = 'SELECT `gid` FROM `{dbtp}group_map` WHERE (`type`={dbph} AND `mid` IN ({dbph})) GROUP BY `gid`;'.format(dbtp=db.table_prefix, dbph=db.place_holder, hosts=','.join(hosts)) + db_ret = db.query(sql, (TP_GROUP_HOST, ','.join(hosts))) + if db_ret is None or len(db_ret) == 0: + return TPE_NOT_EXISTS, None + + groups = [] + for db_item in db_ret: + groups.append(str(db_item[0])) + + # step 3. get those groups id and name. + s = SQL(get_db()) + s.select_from('group', ['id', 'name'], alt_name='g') + s.where('g.id IN ({})'.format(','.join(groups))) + s.order_by('g.name') + err = s.query() + + return err, s.recorder def get_acc_groups_for_user(handler): From 5e266fe32a34363e869a078b96b7368ecb0c3f3e Mon Sep 17 00:00:00 2001 From: Apex Liu Date: Wed, 16 May 2018 18:50:34 +0800 Subject: [PATCH 2/2] tmp --- server/.idea/encodings.xml | 2 + .../teleport/webroot/app/controller/user.py | 157 +----------------- 2 files changed, 3 insertions(+), 156 deletions(-) diff --git a/server/.idea/encodings.xml b/server/.idea/encodings.xml index 585231a..ab92e64 100644 --- a/server/.idea/encodings.xml +++ b/server/.idea/encodings.xml @@ -28,8 +28,10 @@ + + diff --git a/server/www/teleport/webroot/app/controller/user.py b/server/www/teleport/webroot/app/controller/user.py index 1b3ab0c..57a2302 100644 --- a/server/www/teleport/webroot/app/controller/user.py +++ b/server/www/teleport/webroot/app/controller/user.py @@ -711,10 +711,8 @@ class DoResetPasswordHandler(TPBaseJsonHandler): if mode == 1 or mode == 3: err, email, token = user.generate_reset_password_token(self, user_id) - # 生成一个密码重置链接,24小时有效 - # token = tp_generate_random(16) + # generate an URL for reset password, valid in 24hr. reset_url = '{}://{}/user/reset-password?token={}'.format(self.request.protocol, self.request.host, token) - # reset_url = 'http://127.0.0.1/user/validate-password-reset-token?token=G66LXH0EOJ47OXTH7O5KBQ0PHXRSBXBVVFALI6JBJ8HNWUALWI35QECPJ8UV8DEQ' err, msg = yield mail.tp_send_mail( email, @@ -793,159 +791,6 @@ class DoUpdateUsersHandler(TPBaseJsonHandler): self.write_json(err) -# class DoRemoveGroupHandler(TPBaseJsonHandler): -# def post(self): -# ret = self.check_privilege(TP_PRIVILEGE_USER_GROUP) -# if ret != TPE_OK: -# return -# -# args = self.get_argument('args', None) -# if args is None: -# return self.write_json(TPE_PARAM) -# try: -# args = json.loads(args) -# except: -# return self.write_json(TPE_JSON_FORMAT) -# -# try: -# group_list = args['group_list'] -# except: -# return self.write_json(TPE_PARAM) -# -# err = user.remove_group(self, group_list) -# self.write_json(err) - - -# class AuthHandler(TPBaseAdminAuthHandler): -# def get(self, user_name): -# group_list = host.get_group_list() -# cert_list = host.get_cert_list() -# self.render('user/auth.mako', -# group_list=group_list, -# cert_list=cert_list, user_name=user_name) -# -# -# class GetListHandler(TPBaseAdminAuthJsonHandler): -# def post(self): -# user_list = user.get_user_list(with_admin=False) -# ret = dict() -# ret['page_index'] = 10 -# ret['total'] = len(user_list) -# ret['data'] = user_list -# self.write_json(0, data=ret) -# -# -# class DeleteUser(TPBaseUserAuthJsonHandler): -# def post(self): -# args = self.get_argument('args', None) -# if args is not None: -# args = json.loads(args) -# else: -# return self.write_json(-1, 'invalid param') -# -# user_id = args['user_id'] -# try: -# ret = user.delete_user(user_id) -# if ret: -# return self.write_json(0) -# else: -# return self.write_json(-2, 'database op failed.') -# except: -# log.e('delete user failed.\n') -# return self.write_json(-3, 'got exception.') -# -# -# class ModifyUser(TPBaseUserAuthJsonHandler): -# def post(self): -# args = self.get_argument('args', None) -# if args is not None: -# args = json.loads(args) -# else: -# return self.write_json(-1, 'invalid param.') -# -# user_id = args['user_id'] -# user_desc = args['user_desc'] -# -# try: -# ret = user.modify_user(user_id, user_desc) -# if ret: -# self.write_json(0) -# else: -# self.write_json(-2, 'database op failed.') -# return -# except: -# log.e('modify user failed.\n') -# self.write_json(-3, 'got exception.') -# -# -# class AddUser(TPBaseUserAuthJsonHandler): -# def post(self): -# args = self.get_argument('args', None) -# if args is not None: -# args = json.loads(args) -# else: -# return self.write_json(-1, 'invalid param.') -# -# user_name = args['user_name'] -# user_pwd = '123456' -# user_desc = args['user_desc'] -# if user_desc is None: -# user_desc = '' -# try: -# ret = user.add_user(user_name, user_pwd, user_desc) -# if 0 == ret: -# return self.write_json(0) -# else: -# return self.write_json(ret, 'database op failed. errcode={}'.format(ret)) -# except: -# log.e('add user failed.\n') -# return self.write_json(-3, 'got exception.') -# -# -# class LockUser(TPBaseUserAuthJsonHandler): -# def post(self): -# args = self.get_argument('args', None) -# if args is not None: -# args = json.loads(args) -# else: -# return self.write_json(-1, 'invalid param.') -# -# user_id = args['user_id'] -# lock_status = args['lock_status'] -# -# try: -# ret = user.lock_user(user_id, lock_status) -# if ret: -# return self.write_json(0) -# else: -# return self.write_json(-2, 'database op failed.') -# except: -# log.e('lock user failed.\m') -# return self.write_json(-3, 'got exception.') -# -# -# class ResetUser(TPBaseUserAuthJsonHandler): -# def post(self): -# args = self.get_argument('args', None) -# if args is not None: -# args = json.loads(args) -# else: -# return self.write_json(-1, 'invalid param.') -# -# user_id = args['user_id'] -# # lock_status = args['lock_status'] -# -# try: -# ret = user.reset_user(user_id) -# if ret: -# return self.write_json(0) -# else: -# return self.write_json(-2, 'database op failed.') -# except: -# log.e('reset user failed.\n') -# return self.write_json(-3, 'got exception.') -# - class DoGetGroupWithMemberHandler(TPBaseJsonHandler): def post(self): ret = self.check_privilege(TP_PRIVILEGE_USER_GROUP)