Merge branch 'feature/search' of github.com:eomsoft/teleport into feature/search

2018-05-18 03:04:44 +08:00 · 2018-05-18 03:04:44 +08:00 · f0715736a2
parent 30b0310a23 5e266fe32a
commit f0715736a2
7 changed files with 98 additions and 165 deletions
--- a/server/.idea/encodings.xml
+++ b/server/.idea/encodings.xml
@ -28,8 +28,10 @@
    <file url="file://$PROJECT_DIR$/tp_core/core/ts_session.h" charset="GBK" />
    <file url="file://$PROJECT_DIR$/tp_core/core/ts_web_rpc.cpp" charset="GBK" />
    <file url="file://$PROJECT_DIR$/tp_core/core/ts_web_rpc.h" charset="GBK" />
+    <file url="file://$PROJECT_DIR$/tp_core/protocol/rdp/rdp_conn.cpp" charset="GBK" />
    <file url="file://$PROJECT_DIR$/tp_core/protocol/rdp/rdp_conn.h" charset="GBK" />
    <file url="file://$PROJECT_DIR$/tp_core/protocol/rdp/rdp_package.cpp" charset="GBK" />
+    <file url="file://$PROJECT_DIR$/tp_core/protocol/rdp/rdp_package.h" charset="GBK" />
    <file url="file://$PROJECT_DIR$/tp_core/protocol/rdp/rdp_proxy.cpp" charset="GBK" />
    <file url="file://$PROJECT_DIR$/tp_core/protocol/rdp/rdp_session.cpp" charset="GBK" />
    <file url="file://$PROJECT_DIR$/tp_core/protocol/ssh/ssh_proxy.cpp" charset="GBK" />
--- a/server/www/teleport/static/js/asset/host-list.js
+++ b/server/www/teleport/static/js/asset/host-list.js
@ -3,6 +3,9 @@
 $app.on_init = function (cb_stack) {
    $app.dom = {
        // assist_ver: $('#tp-assist-ver'),
+        btn_sel_group: $('#btn-sel-group button'),
+        group_list_for_sel: $('#btn-sel-group ul'),
+
        btn_refresh_host: $('#btn-refresh-host'),
        btn_add_host: $('#btn-add-host'),
        chkbox_host_select_all: $('#table-host-select-all'),
@ -19,6 +22,27 @@ $app.on_init = function (cb_stack) {
        upload_file_message: $('#upload-file-message')
    };

+    console.log($app.options.host_groups);
+    // var i = 0;
+    // var html = [];
+    // html.push('<optioin value="0">所有分组</optioin>');
+    // html.push('<optioin value="-1">----------</optioin>');
+    // for(i = 0; i < $app.options.host_groups.length; ++i) {
+    //     html.push('<optioin value="'+$app.options.host_groups[i].id+'">'+$app.options.host_groups[i].name+'</optioin>');
+    // }
+    // $app.dom.sel_host_group.ap
+
+    var html = [];
+    $.each($app.options.host_groups, function (i, item) {
+        html.push('<li><a href="javascript:;" data-tp-selector="' + item.id + '" data-name="' + item.name + '"><i class="fa fa-caret-right fa-fw"></i> ' + item.name + '</a></li>');
+    });
+    $app.dom.group_list_for_sel.append($(html.join('')));
+    $app.dom.group_list_for_sel.find('a[data-tp-selector]').click(function () {
+        var obj = $(this);
+        //$app.set_selected_to_role(parseInt(obj.attr('data-tp-selector')), obj.attr('data-name'));
+    });
+
+
    // $tp.assist_checked = function () {
    //     console.log("---------");
    //     if ($tp.assist.running) {
--- a/server/www/teleport/view/asset/host-list.mako
+++ b/server/www/teleport/view/asset/host-list.mako
@ -6,11 +6,16 @@
 <%inherit file="../page_base.mako"/>

 <%block name="extend_js_file">
-##     <script type="text/javascript" src="${ static_url('js/tp-assist.js') }"></script>
    <script type="text/javascript" src="${ static_url('js/asset/host-list.js') }"></script>
    <script type="text/javascript" src="${ static_url('plugins/jquery/ajaxfileupload.js') }"></script>
 </%block>

+<%block name="embed_js">
+    <script type="text/javascript">
+        $app.add_options(${page_param});
+    </script>
+</%block>
+
 <%block name="embed_css">
    <style>
    </style>
@ -29,9 +34,20 @@

    <!-- begin box -->
    <div class="box">
+
+        <p>filter goes here...</p>
+        <div class="btn-group dropdown" id="btn-sel-group">
+            <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown"><i class="fa fa-edit fa-fw"></i> 所有分组 <i class="fa fa-caret-right"></i></button>
+            <ul class="dropdown-menu  dropdown-menu-sm"></ul>
+        </div>
+
+
+        <hr/>
+
        <div class="table-prefix-area">
            <div class="table-extend-cell">
                <span class="table-name"><i class="fa fa-list fa-fw"></i> 主机列表</span>
+
                <button id="btn-refresh-host" class="btn btn-sm btn-default"><i class="fa fa-redo fa-fw"></i> 刷新列表</button>
            </div>
            <div class="table-extend-cell table-extend-cell-right group-actions">
--- a/server/www/teleport/view/user/user-list.mako
+++ b/server/www/teleport/view/user/user-list.mako
@ -71,7 +71,7 @@


            <div class="table-extend-cell group-actions">
-                <div class="btn-group" role="group">
+                <div class="btn-group">
                    <div class="btn-group dropup" id="btn-set-role" role="group">
                        <button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown"><i class="fa fa-edit fa-fw"></i> 设置角色 <i class="fa fa-caret-right"></i></button>
                        <ul class="dropdown-menu  dropdown-menu-sm"></ul>
--- a/server/www/teleport/webroot/app/controller/host.py
+++ b/server/www/teleport/webroot/app/controller/host.py
@ -24,7 +24,13 @@ class HostListHandler(TPBaseHandler):
        ret = self.check_privilege(TP_PRIVILEGE_ASSET_CREATE | TP_PRIVILEGE_ASSET_DELETE | TP_PRIVILEGE_ASSET_GROUP)
        if ret != TPE_OK:
            return
-        self.render('asset/host-list.mako')
+
+        err, groups = group.get_host_groups_for_user(self.current_user['id'], self.current_user['privilege'])
+        param = {
+            'host_groups': groups
+        }
+
+        self.render('asset/host-list.mako', page_param=json.dumps(param))


 class DoGetHostsHandler(TPBaseJsonHandler):
--- a/server/www/teleport/webroot/app/controller/user.py
+++ b/server/www/teleport/webroot/app/controller/user.py
@ -711,10 +711,8 @@ class DoResetPasswordHandler(TPBaseJsonHandler):
        if mode == 1 or mode == 3:
            err, email, token = user.generate_reset_password_token(self, user_id)

-            # 生成一个密码重置链接，24小时有效
-            # token = tp_generate_random(16)
+            # generate an URL for reset password, valid in 24hr.
            reset_url = '{}://{}/user/reset-password?token={}'.format(self.request.protocol, self.request.host, token)
-            # reset_url = 'http://127.0.0.1/user/validate-password-reset-token?token=G66LXH0EOJ47OXTH7O5KBQ0PHXRSBXBVVFALI6JBJ8HNWUALWI35QECPJ8UV8DEQ'

            err, msg = yield mail.tp_send_mail(
                email,
@ -793,159 +791,6 @@ class DoUpdateUsersHandler(TPBaseJsonHandler):
        self.write_json(err)


-# class DoRemoveGroupHandler(TPBaseJsonHandler):
-#     def post(self):
-#         ret = self.check_privilege(TP_PRIVILEGE_USER_GROUP)
-#         if ret != TPE_OK:
-#             return
-#
-#         args = self.get_argument('args', None)
-#         if args is None:
-#             return self.write_json(TPE_PARAM)
-#         try:
-#             args = json.loads(args)
-#         except:
-#             return self.write_json(TPE_JSON_FORMAT)
-#
-#         try:
-#             group_list = args['group_list']
-#         except:
-#             return self.write_json(TPE_PARAM)
-#
-#         err = user.remove_group(self, group_list)
-#         self.write_json(err)
-
-
-# class AuthHandler(TPBaseAdminAuthHandler):
-#     def get(self, user_name):
-#         group_list = host.get_group_list()
-#         cert_list = host.get_cert_list()
-#         self.render('user/auth.mako',
-#                     group_list=group_list,
-#                     cert_list=cert_list, user_name=user_name)
-#
-#
-# class GetListHandler(TPBaseAdminAuthJsonHandler):
-#     def post(self):
-#         user_list = user.get_user_list(with_admin=False)
-#         ret = dict()
-#         ret['page_index'] = 10
-#         ret['total'] = len(user_list)
-#         ret['data'] = user_list
-#         self.write_json(0, data=ret)
-#
-#
-# class DeleteUser(TPBaseUserAuthJsonHandler):
-#     def post(self):
-#         args = self.get_argument('args', None)
-#         if args is not None:
-#             args = json.loads(args)
-#         else:
-#             return self.write_json(-1, 'invalid param')
-#
-#         user_id = args['user_id']
-#         try:
-#             ret = user.delete_user(user_id)
-#             if ret:
-#                 return self.write_json(0)
-#             else:
-#                 return self.write_json(-2, 'database op failed.')
-#         except:
-#             log.e('delete user failed.\n')
-#             return self.write_json(-3, 'got exception.')
-#
-#
-# class ModifyUser(TPBaseUserAuthJsonHandler):
-#     def post(self):
-#         args = self.get_argument('args', None)
-#         if args is not None:
-#             args = json.loads(args)
-#         else:
-#             return self.write_json(-1, 'invalid param.')
-#
-#         user_id = args['user_id']
-#         user_desc = args['user_desc']
-#
-#         try:
-#             ret = user.modify_user(user_id, user_desc)
-#             if ret:
-#                 self.write_json(0)
-#             else:
-#                 self.write_json(-2, 'database op failed.')
-#             return
-#         except:
-#             log.e('modify user failed.\n')
-#             self.write_json(-3, 'got exception.')
-#
-#
-# class AddUser(TPBaseUserAuthJsonHandler):
-#     def post(self):
-#         args = self.get_argument('args', None)
-#         if args is not None:
-#             args = json.loads(args)
-#         else:
-#             return self.write_json(-1, 'invalid param.')
-#
-#         user_name = args['user_name']
-#         user_pwd = '123456'
-#         user_desc = args['user_desc']
-#         if user_desc is None:
-#             user_desc = ''
-#         try:
-#             ret = user.add_user(user_name, user_pwd, user_desc)
-#             if 0 == ret:
-#                 return self.write_json(0)
-#             else:
-#                 return self.write_json(ret, 'database op failed. errcode={}'.format(ret))
-#         except:
-#             log.e('add user failed.\n')
-#             return self.write_json(-3, 'got exception.')
-#
-#
-# class LockUser(TPBaseUserAuthJsonHandler):
-#     def post(self):
-#         args = self.get_argument('args', None)
-#         if args is not None:
-#             args = json.loads(args)
-#         else:
-#             return self.write_json(-1, 'invalid param.')
-#
-#         user_id = args['user_id']
-#         lock_status = args['lock_status']
-#
-#         try:
-#             ret = user.lock_user(user_id, lock_status)
-#             if ret:
-#                 return self.write_json(0)
-#             else:
-#                 return self.write_json(-2, 'database op failed.')
-#         except:
-#             log.e('lock user failed.\m')
-#             return self.write_json(-3, 'got exception.')
-#
-#
-# class ResetUser(TPBaseUserAuthJsonHandler):
-#     def post(self):
-#         args = self.get_argument('args', None)
-#         if args is not None:
-#             args = json.loads(args)
-#         else:
-#             return self.write_json(-1, 'invalid param.')
-#
-#         user_id = args['user_id']
-#         # lock_status = args['lock_status']
-#
-#         try:
-#             ret = user.reset_user(user_id)
-#             if ret:
-#                 return self.write_json(0)
-#             else:
-#                 return self.write_json(-2, 'database op failed.')
-#         except:
-#             log.e('reset user failed.\n')
-#             return self.write_json(-3, 'got exception.')
-#
-
 class DoGetGroupWithMemberHandler(TPBaseJsonHandler):
    def post(self):
        ret = self.check_privilege(TP_PRIVILEGE_USER_GROUP)
--- a/server/www/teleport/webroot/app/model/group.py
+++ b/server/www/teleport/webroot/app/model/group.py
@ -361,9 +361,49 @@ def get_groups(sql_filter, sql_order, sql_limit, sql_restrict, sql_exclude):
    return err, s.total_count, s.page_index, s.recorder


-def get_host_groups_for_user(handler):
-    # 获取当前用户能查看的主机分组列表
-    pass
+def get_host_groups_for_user(user_id, user_privilege):
+    # get all host-groups for current logged in user.
+
+    db = get_db()
+
+    # step 0. return all host-groups if user have all host-group access privilege
+    if (user_privilege & (TP_PRIVILEGE_ASSET_CREATE | TP_PRIVILEGE_ASSET_DELETE | TP_PRIVILEGE_ASSET_GROUP)) != 0:
+        s = SQL(get_db())
+        s.select_from('group', ['id', 'name'], alt_name='g')
+        s.where('g.type={}'.format(TP_GROUP_HOST))
+        s.order_by('g.name')
+        err = s.query()
+
+        return err, s.recorder
+
+    # step 1. get all hosts which could be access by this user.
+    sql = 'SELECT `h_id` FROM `{dbtp}ops_map` WHERE `u_id`={dbph} GROUP BY `h_id`;'.format(dbtp=db.table_prefix, dbph=db.place_holder)
+    db_ret = db.query(sql, (user_id, ))
+    if db_ret is None or len(db_ret) == 0:
+        return TPE_NOT_EXISTS, None
+
+    hosts = []
+    for db_item in db_ret:
+        hosts.append(str(db_item[0]))
+
+    # step 2. get groups which include those hosts.
+    sql = 'SELECT `gid` FROM `{dbtp}group_map` WHERE (`type`={dbph} AND `mid` IN ({dbph})) GROUP BY `gid`;'.format(dbtp=db.table_prefix, dbph=db.place_holder, hosts=','.join(hosts))
+    db_ret = db.query(sql, (TP_GROUP_HOST, ','.join(hosts)))
+    if db_ret is None or len(db_ret) == 0:
+        return TPE_NOT_EXISTS, None
+
+    groups = []
+    for db_item in db_ret:
+        groups.append(str(db_item[0]))
+
+    # step 3. get those groups id and name.
+    s = SQL(get_db())
+    s.select_from('group', ['id', 'name'], alt_name='g')
+    s.where('g.id IN ({})'.format(','.join(groups)))
+    s.order_by('g.name')
+    err = s.query()
+
+    return err, s.recorder


 def get_acc_groups_for_user(handler):