Skip to content

J
jumpserver
Commit 0e24ebdb authored by ibuler@qq.com's avatar ibuler@qq.com
Browse files
Options

merge with dev

parents d5bd2143 ac5ac5e0
Hide whitespace changes
Inline Side-by-side
Showing with 207 additions and 279 deletions
.gitignore
View file @ 0e24ebdb
*.py[cod]
.idea
test.py
.DS_Store
db.sqlite3
# C extensions
*.so
......
docs/initial_data.yaml 0 → 100644
View file @ 0e24ebdb
- model: juser.user
pk: 5000
fields:
username: admin
name: admin
password: pbkdf2_sha256$20000$jBIDGPB2j5JT$orxqGgzzjzykColYm1BswPjgHOiERjZkcgkuVIkD2Hc=
email: admin@jumpserver.org
role: SU
is_active: 1
- model: juser.user
pk: 5001
fields:
username: group_admin
name: group_admin
password: pbkdf2_sha256$20000$ttObUWd15q10$NJoyZf2OZz9oiw2g4j2TkTh9zGgyVDRFdUkhn8X0nB0=
email: group_admin@jumpserver.org
role: GA
is_active: 1
- model: juser.usergroup
pk: 1
fields:
name: ALL
comment: ALL
- model: juser.usergroup
pk: 2
fields:
name: 默认
comment: 默认
jasset/models.py
View file @ 0e24ebdb
......@@ -59,13 +59,13 @@ class AssetGroup(models.Model):
class Asset(models.Model):
ip = models.IPAddressField(unique=True)
port = models.IntegerField(max_length=6, blank=True, null=True)
ip = models.GenericIPAddressField(unique=True)
port = models.IntegerField()
group = models.ManyToManyField(AssetGroup)
username = models.CharField(max_length=20, blank=True, null=True)
password = models.CharField(max_length=80, blank=True, null=True)
use_default = models.BooleanField(default=True)
date_added = models.DateTimeField(auto_now=True, default=datetime.datetime.now(), null=True)
use_default_auth = models.BooleanField(default=True)
date_added = models.DateTimeField(auto_now_add=True)
is_active = models.BooleanField(default=True)
comment = models.CharField(max_length=100, blank=True, null=True)
......
jlog/models.py
View file @ 0e24ebdb
......@@ -7,7 +7,7 @@ class Log(models.Model):
remote_ip = models.CharField(max_length=100)
log_path = models.CharField(max_length=100)
start_time = models.DateTimeField(null=True)
pid = models.IntegerField(max_length=10)
pid = models.IntegerField()
is_finished = models.BooleanField(default=False)
end_time = models.DateTimeField(null=True)
......
jlog/views.py
View file @ 0e24ebdb
......@@ -5,39 +5,10 @@ from django.shortcuts import render_to_response
from jumpserver.api import *
from django.http import HttpResponseNotFound
CONF = ConfigParser()
CONF.read('%s/jumpserver.conf' % BASE_DIR)
from jlog.models import Log
from jlog.log_api import renderTemplate
# def get_user_info(request, offset):
# """ 获取用户信息及环境 """
# env_dic = {'online': 0, 'offline': 1}
# env = env_dic[offset]
# keyword = request.GET.get('keyword', '')
# user_info = get_session_user_info(request)
# user_id, username = user_info[0:2]
# dept_id, dept_name = user_info[3:5]
# ret = [request, keyword, env, username, dept_name]
#
# return ret
#
#
# def get_user_log(ret_list):
# """ 获取不同类型用户日志记录 """
# request, keyword, env, username, dept_name = ret_list
# post_all = Log.objects.filter(is_finished=env).order_by('-start_time')
# post_keyword_all = Log.objects.filter(Q(user__contains=keyword) |
# Q(host__contains=keyword)) \
# .filter(is_finished=env).order_by('-start_time')
#
# if keyword:
# posts = post_keyword_all
# else:
# posts = post_all
#
# return posts
from models import Log
from jumpserver.settings import web_socket_host
def log_list(request, offset):
......@@ -51,7 +22,6 @@ def log_list(request, offset):
cmd = request.GET.get('cmd', '')
print date_seven_day, date_now_str
if offset == 'online':
web_socket_host = CONF.get('websocket', 'web_socket_host')
posts = Log.objects.filter(is_finished=False).order_by('-start_time')
else:
posts = Log.objects.filter(is_finished=True).order_by('-start_time')
......@@ -79,6 +49,7 @@ def log_list(request, offset):
date_now = datetime.datetime.now()
date_now_str = date_now.strftime('%m/%d/%Y')
date_seven_day = (date_now + datetime.timedelta(days=-7)).strftime('%m/%d/%Y')
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
return render_to_response('jlog/log_%s.html' % offset, locals(), context_instance=RequestContext(request))
......
jumpserver/api.py
View file @ 0e24ebdb
# coding: utf-8
import os, sys, time
from ConfigParser import ConfigParser
import getpass
import os, sys, time, re
from Crypto.Cipher import AES
import crypt
from binascii import b2a_hex, a2b_hex
......@@ -11,15 +9,15 @@ import datetime
import random
import subprocess
import paramiko
import struct, fcntl, signal,socket, select, fnmatch
import re
import struct, fcntl, signal, socket, select, fnmatch
from settings import JLOG_FILE, KEY, URL, log_dir, log_level
from django.core.paginator import Paginator, EmptyPage, InvalidPage
from django.http import HttpResponse, Http404
from django.template import RequestContext
from juser.models import User, UserGroup
from jasset.models import Asset, AssetGroup
from jasset.models import AssetAlias
# from jlog.models import Log
from jlog.models import Log, TtyLog
from django.core.exceptions import ObjectDoesNotExist, MultipleObjectsReturned
from django.http import HttpResponseRedirect
......@@ -37,22 +35,6 @@ except ImportError:
sys.exit()
BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__)))
CONF = ConfigParser()
CONF.read(os.path.join(BASE_DIR, 'jumpserver.conf'))
LOG_DIR = os.path.join(BASE_DIR, 'logs')
JLOG_FILE = os.path.join(LOG_DIR, 'jumpserver.log')
SSH_KEY_DIR = os.path.join(BASE_DIR, 'keys')
# SERVER_KEY_DIR = os.path.join(SSH_KEY_DIR, 'server')
KEY = CONF.get('base', 'key')
LOGIN_NAME = getpass.getuser()
# LDAP_ENABLE = CONF.getint('ldap', 'ldap_enable')
URL = CONF.get('base', 'url')
MAIL_ENABLE = CONF.get('mail', 'mail_enable')
MAIL_FROM = CONF.get('mail', 'email_host_user')
log_dir = os.path.join(BASE_DIR, 'logs')
def set_log(level):
"""
return a log file object
......@@ -78,7 +60,7 @@ def page_list_return(total, current=1):
min_page = current - 2 if current - 4 > 0 else 1
max_page = min_page + 4 if min_page + 4 < total else total
return range(min_page, max_page+1)
return range(min_page, max_page + 1)
def pages(post_objects, request):
......@@ -371,7 +353,7 @@ class PyCrypt(object):
symbol = '!@$%^&*()_'
salt_list = []
if especial:
for i in range(length-4):
for i in range(length - 4):
salt_list.append(random.choice(salt_key))
for i in range(4):
salt_list.append(random.choice(symbol))
......@@ -460,19 +442,24 @@ def require_role(role='user'):
decorator for require user role in ["super", "admin", "user"]
要求用户是某种角色 ["super", "admin", "user"]的装饰器
"""
def _deco(func):
def __deco(request, *args, **kwargs):
if role == 'user':
if not request.session.get('user_id'):
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/')
elif role == 'admin':
if request.session.get('role_id', 0) < 1:
# if request.session.get('role_id', 0) < 1:
if request.user.role == 'CU':
return HttpResponseRedirect('/')
elif role == 'super':
if request.session.get('role_id', 0) < 2:
# if request.session.get('role_id', 0) < 2:
if request.user.role in ['CU', 'GA']:
return HttpResponseRedirect('/')
return func(request, *args, **kwargs)
return __deco
return _deco
......@@ -481,8 +468,8 @@ def is_role_request(request, role='user'):
require this request of user is right
要求请求角色正确
"""
role_all = {'user': 0, 'admin': 1, 'super': 2}
if request.session.get('role_id') == role_all.get(role, 0):
role_all = {'user': 'CU', 'admin': 'GA', 'super': 'SU'}
if request.user.role == role_all.get(role, 'CU'):
return True
else:
return False
......@@ -493,13 +480,14 @@ def get_session_user_dept(request):
get department of the user in session
获取session中用户的部门
"""
user_id = request.session.get('user_id', 0)
print '#' * 20
print user_id
user = User.objects.filter(id=user_id)
if user:
user = user[0]
return user, None
# user_id = request.session.get('user_id', 0)
# print '#' * 20
# print user_id
# user = User.objects.filter(id=user_id)
# if user:
# user = user[0]
# return user, None
return request.user, None
@require_role
......@@ -508,18 +496,18 @@ def get_session_user_info(request):
get the user info of the user in session, for example id, username etc.
获取用户的信息
"""
user_id = request.session.get('user_id', 0)
user = get_object(User, id=user_id)
if user:
return [user.id, user.username, user]
# user_id = request.session.get('user_id', 0)
# user = get_object(User, id=user_id)
# if user:
# return [user.id, user.username, user]
return [request.user.id, request.user.username, request.user]
def get_user_dept(request):
"""
get the user dept id
获取用户的部门id
"""
user_id = request.session.get('user_id')
user_id = request.user.id
if user_id:
user_dept = User.objects.get(id=user_id).dept
return user_dept.id
......@@ -555,7 +543,7 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None,
if edept:
if dept.id != int(edept[0]):
return False
if user_group:
dept_user_groups = dept.usergroup_set.all()
user_group_ids = []
......@@ -672,6 +660,5 @@ def my_render(template, data, request):
CRYPTOR = PyCrypt(KEY)
logger = set_log(log_level)
log_level = CONF.get('base', 'log')
logger = set_log(log_level)
\ No newline at end of file
jumpserver/context_processors.py
View file @ 0e24ebdb
......@@ -4,8 +4,9 @@ from jumpserver.api import *
def name_proc(request):
user_id = request.session.get('user_id')
role_id = request.session.get('role_id')
user_id = request.user.id
# role_id = request.session.get('role_id')
role_id = {'SU':2,'GA':1,'CU':0}.get(request.user.role,0)
# if role_id == 2:
user_total_num = User.objects.all().count()
user_active_num = User.objects.filter().count()
......
jumpserver/settings.py
View file @ 0e24ebdb
......@@ -11,9 +11,8 @@ https://docs.djangoproject.com/en/1.7/ref/settings/
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
import os
import ConfigParser
import djcelery
import getpass
djcelery.setup_loader()
config = ConfigParser.ConfigParser()
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
......@@ -24,7 +23,7 @@ DB_PORT = config.getint('db', 'port')
DB_USER = config.get('db', 'user')
DB_PASSWORD = config.get('db', 'password')
DB_DATABASE = config.get('db', 'database')
AUTH_USER_MODEL = 'juser.User'
# mail config
EMAIL_HOST = config.get('mail', 'email_host')
EMAIL_PORT = config.get('mail', 'email_port')
......@@ -32,6 +31,22 @@ EMAIL_HOST_USER = config.get('mail', 'email_host_user')
EMAIL_HOST_PASSWORD = config.get('mail', 'email_host_password')
EMAIL_USE_TLS = config.getboolean('mail', 'email_use_tls')
# ======== Log ==========
LOG = False
LOG_DIR = os.path.join(BASE_DIR, 'logs')
JLOG_FILE = os.path.join(LOG_DIR, 'jumpserver.log')
SSH_KEY_DIR = os.path.join(BASE_DIR, 'keys')
# SERVER_KEY_DIR = os.path.join(SSH_KEY_DIR, 'server')
KEY = config.get('base', 'key')
LOGIN_NAME = getpass.getuser()
# LDAP_ENABLE = CONF.getint('ldap', 'ldap_enable')
URL = config.get('base', 'url')
MAIL_ENABLE = config.get('mail', 'mail_enable')
MAIL_FROM = config.get('mail', 'email_host_user')
log_dir = os.path.join(BASE_DIR, 'logs')
log_level = config.get('base', 'log')
web_socket_host = config.get('websocket', 'web_socket_host')
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.7/howto/deployment/checklist/
......@@ -45,7 +60,6 @@ TEMPLATE_DEBUG = True
ALLOWED_HOSTS = ['0.0.0.0/8']
BROKER_URL = 'django://'
# Application definition
INSTALLED_APPS = (
......@@ -56,8 +70,6 @@ INSTALLED_APPS = (
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.humanize',
'djcelery',
'kombu.transport.django',
'jumpserver',
'juser',
'jasset',
......@@ -68,9 +80,9 @@ INSTALLED_APPS = (
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
#'django.middleware.csrf.CsrfViewMiddleware',
# 'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
#'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
# 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
)
......@@ -94,6 +106,12 @@ DATABASES = {
}
}
# DATABASES = {
# 'default': {
# 'ENGINE': 'django.db.backends.sqlite3',
# 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
# }
# }
TEMPLATE_CONTEXT_PROCESSORS = (
'django.contrib.auth.context_processors.auth',
'django.core.context_processors.debug',
......@@ -102,14 +120,14 @@ TEMPLATE_CONTEXT_PROCESSORS = (
'django.core.context_processors.static',
'django.core.context_processors.tz',
'django.contrib.messages.context_processors.messages',
'jumpserver.context_processors.name_proc'
'jumpserver.context_processors.name_proc',
)
TEMPLATE_DIRS = (
os.path.join(BASE_DIR, 'templates'),
)
#STATIC_ROOT = os.path.join(BASE_DIR, 'static')
# STATIC_ROOT = os.path.join(BASE_DIR, 'static')
STATICFILES_DIRS = (
os.path.join(BASE_DIR, "static"),
......@@ -132,5 +150,3 @@ USE_TZ = False
# https://docs.djangoproject.com/en/1.7/howto/static-files/
STATIC_URL = '/static/'
jumpserver/urls.py
View file @ 0e24ebdb
......@@ -8,8 +8,8 @@ urlpatterns = patterns('',
(r'^skin_config/$', 'jumpserver.views.skin_config'),
(r'^install/$', 'jumpserver.views.install'),
(r'^base/$', 'jumpserver.views.base'),
(r'^login/$', 'jumpserver.views.login'),
(r'^logout/$', 'jumpserver.views.logout'),
(r'^login/$', 'jumpserver.views.Login'),
(r'^logout/$', 'jumpserver.views.Logout'),
(r'^file/upload/$', 'jumpserver.views.upload'),
(r'^file/download/$', 'jumpserver.views.download'),
(r'^setting', 'jumpserver.views.setting'),
......
jumpserver/views.py
View file @ 0e24ebdb
......@@ -13,6 +13,10 @@ from django.http import HttpResponse
import paramiko
from jumpserver.api import *
from jumpserver.models import Setting
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import login_required
from settings import BASE_DIR
from jlog.models import Log
def getDaysByNum(num):
......@@ -49,7 +53,7 @@ def get_data(data, items, option):
@require_role(role='user')
def index_cu(request):
user_id = request.session.get('user_id')
user_id = request.user.id
user = get_object(User, id=user_id)
login_types = {'L': 'LDAP', 'M': 'MAP'}
username = user.username
......@@ -64,7 +68,6 @@ def index_cu(request):
new_posts.append(post_five)
post_five = []
new_posts.append(post_five)
return render_to_response('index_cu.html', locals(), context_instance=RequestContext(request))
......@@ -193,40 +196,49 @@ def is_latest():
pass
def login(request):
def Login(request):
"""登录界面"""
if request.session.get('username'):
if request.user.is_authenticated():
return HttpResponseRedirect('/')
if request.method == 'GET':
return render_to_response('login.html')
else:
username = request.POST.get('username')
password = request.POST.get('password')
user_filter = User.objects.filter(username=username)
if user_filter:
user = user_filter[0]
if PyCrypt.md5_crypt(password) == user.password:
request.session['user_id'] = user.id
user_filter.update(last_login=datetime.datetime.now())
if user.role == 'SU':
request.session['role_id'] = 2
elif user.role == 'GA':
request.session['role_id'] = 1
else:
request.session['role_id'] = 0
response = HttpResponseRedirect('/', )
response.set_cookie('username', username, expires=604800)
response.set_cookie('seed', PyCrypt.md5_crypt(password), expires=604800)
return response
else:
error = '密码错误,请重新输入。'
if username and password:
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
login(request, user)
# c = {}
# c.update(csrf(request))
# request.session['csrf_token'] = str(c.get('csrf_token'))
# user_filter = User.objects.filter(username=username)
# if user_filter:
# user = user_filter[0]
# if PyCrypt.md5_crypt(password) == user.password:
# request.session['user_id'] = user.id
# user_filter.update(last_login=datetime.datetime.now())
if user.role == 'SU':
request.session['role_id'] = 2
elif user.role == 'GA':
request.session['role_id'] = 1
else:
request.session['role_id'] = 0
return HttpResponseRedirect('/', )
# response.set_cookie('username', username, expires=604800)
# response.set_cookie('seed', PyCrypt.md5_crypt(password), expires=604800)
# return response
# else:
# error = '密码错误,请重新输入。'
else:
error = '用户不存在。'
error = '用户名或密码错误'
return render_to_response('login.html', {'error': error})
def logout(request):
def Logout(request):
request.session.delete()
logout(request)
return HttpResponseRedirect('/login/')
......
juser/models.py
View file @ 0e24ebdb
# coding: utf-8
from django.db import models
from django.contrib.auth.models import AbstractUser
from jasset.models import Asset, AssetGroup
class UserGroup(models.Model):
name = models.CharField(max_length=80, unique=True)
# assets = models.TextField(max_length=1000, verbose_name="Assets", default='')
# asset_groups = models.CharField(max_length=1000, verbose_name="Asset Groups", default='')
comment = models.CharField(max_length=160, blank=True, null=True)
asset = models.ManyToManyField(Asset)
asset_group = models.ManyToManyField(AssetGroup)
......@@ -16,123 +15,22 @@ class UserGroup(models.Model):
def __unicode__(self):
return self.name
# def get_user(self):
# return self.user_set.all()
#
# def update(self, **kwargs):
# for key, value in kwargs.items():
# self.__setattr__(key, value)
# self.save()
class User(models.Model):
class User(AbstractUser):
USER_ROLE_CHOICES = (
('SU', 'SuperUser'),
('GA', 'GroupAdmin'),
('CU', 'CommonUser'),
)
username = models.CharField(max_length=80, unique=True)
password = models.CharField(max_length=100)
name = models.CharField(max_length=80)
email = models.EmailField(max_length=75)
role = models.CharField(max_length=2, choices=USER_ROLE_CHOICES, default='CU')
uuid = models.CharField(max_length=100)
role = models.CharField(max_length=2, choices=USER_ROLE_CHOICES, default='CU')
group = models.ManyToManyField(UserGroup)
ssh_key_pwd = models.CharField(max_length=200)
is_active = models.BooleanField(default=True)
last_login = models.DateTimeField(null=True)
date_joined = models.DateTimeField(null=True)
asset = models.ManyToManyField(Asset)
asset_group = models.ManyToManyField(AssetGroup)
def __unicode__(self):
return self.username
# def get_asset_group(self):
# """
# Get user host_groups.
# 获取用户有权限的主机组
# """
# host_group_list = []
# perm_list = []
# user_group_all = self.group.all()
# for user_group in user_group_all:
# perm_list.extend(user_group.perm_set.all())
#
# for perm in perm_list:
# host_group_list.append(perm.asset_group)
#
# return host_group_list
#
# def get_asset_group_info(self, printable=False):
# """
# Get or print asset group info
# 获取或打印用户授权资产组
# """
# asset_groups_info = {}
# asset_groups = self.get_asset_group()
#
# for asset_group in asset_groups:
# asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment]
#
# if printable:
# for group_id in asset_groups_info:
# if asset_groups_info[group_id][1]:
# print "[%3s] %s -- %s" % (group_id,
# asset_groups_info[group_id][0],
# asset_groups_info[group_id][1])
# else:
# print "[%3s] %s" % (group_id, asset_groups_info[group_id][0])
# print ''
# else:
# return asset_groups_info
#
# def get_asset(self):
# """
# Get the assets of under the user control.
# 获取主机列表
# """
# assets = []
# asset_groups = self.get_asset_group()
#
# for asset_group in asset_groups:
# assets.extend(asset_group.asset_set.all())
#
# return assets
#
# def get_asset_info(self, printable=False):
# """
# Get or print the user asset info
# 获取或打印用户资产信息
# """
# from jasset.models import AssetAlias
# assets_info = {}
# assets = self.get_asset()
#
# for asset in assets:
# asset_alias = AssetAlias.objects.filter(user=self, asset=asset)
# if asset_alias and asset_alias[0].alias != '':
# assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)]
# else:
# assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)]
#
# if printable:
# ips = assets_info.keys()
# ips.sort()
# for ip in ips:
# if assets_info[ip][2]:
# print '%-15s -- %s' % (ip, assets_info[ip][2])
# else:
# print '%-15s' % ip
# print ''
# else:
# return assets_info
#
# def update(self, **kwargs):
# for key, value in kwargs.items():
# self.__setattr__(key, value)
# self.save()
class AdminGroup(models.Model):
"""
......@@ -145,5 +43,3 @@ class AdminGroup(models.Model):
def __unicode__(self):
return '%s: %s' % (self.user.username, self.group.name)
juser/urls.py
View file @ 0e24ebdb
......@@ -22,6 +22,6 @@ urlpatterns = patterns('juser.views',
(r'^profile/$', 'profile'),
(r'^change_info/$', 'change_info'),
(r'^regen_ssh_key/$', 'regen_ssh_key'),
(r'^chg_role/$', 'chg_role'),
(r'^change_role/$', 'chg_role'),
(r'^down_key/$', 'down_key'),
)
juser/user_api.py
View file @ 0e24ebdb
......@@ -5,7 +5,7 @@ from subprocess import call
from juser.models import AdminGroup
from jumpserver.api import *
from jumpserver.settings import BASE_DIR
def group_add_user(group, user_id=None, username=None):
"""
......@@ -60,6 +60,7 @@ def db_add_user(**kwargs):
admin_groups = kwargs.pop('admin_groups')
role = kwargs.get('role', 'CU')
user = User(**kwargs)
user.set_password(kwargs.get('password'))
user.save()
if groups_post:
group_select = []
......@@ -84,10 +85,10 @@ def db_update_user(**kwargs):
groups_post = kwargs.pop('groups')
admin_groups_post = kwargs.pop('admin_groups')
user_id = kwargs.pop('user_id')
user = User.objects.filter(id=user_id)
user = User.objects.get(id=user_id)
if user:
user.update(**kwargs)
user = user[0]
user.set_password(kwargs.pop('password'))
user.save()
else:
return None
......
juser/views.py
View file @ 0e24ebdb
......@@ -2,25 +2,24 @@
# Author: Guanghongwei
# Email: ibuler@qq.com
import random
from Crypto.PublicKey import RSA
# import random
# from Crypto.PublicKey import RSA
import uuid as uuid_r
from django.db.models import Q
from django.template import RequestContext
from django.db.models import ObjectDoesNotExist
from jumpserver.settings import MAIL_FROM, MAIL_ENABLE
from juser.user_api import *
from jperm.perm_api import _public_perm_api, perm_user_api, user_permed
def chg_role(request):
role = {'SU': 2, 'DA': 1, 'CU': 0}
user, dept = get_session_user_dept(request)
role = {'SU': 2, 'GA': 1, 'CU': 0}
if request.session['role_id'] > 0:
request.session['role_id'] = 0
elif request.session['role_id'] == 0:
request.session['role_id'] = role.get(user.role, 0)
request.session['role_id'] = role.get(request.user.role, 0)
return HttpResponseRedirect('/')
......@@ -168,8 +167,8 @@ def user_add(request):
if '' in [username, password, ssh_key_pwd, name, role]:
error = u'带*内容不能为空'
raise ServerError
user_test = get_object(User, username=username)
if user_test:
check_user_is_exist = User.objects.filter(username=username)
if check_user_is_exist:
error = u'用户 %s 已存在' % username
raise ServerError
......@@ -178,10 +177,10 @@ def user_add(request):
else:
try:
user = db_add_user(username=username, name=name,
password=CRYPTOR.md5_crypt(password),
password=password,
email=email, role=role, uuid=uuid,
groups=groups, admin_groups=admin_groups,
ssh_key_pwd=CRYPTOR.md5_crypt(ssh_key_pwd),
ssh_key_pwd=ssh_key_pwd,
is_active=is_active,
date_joined=datetime.datetime.now())
server_add_user(username, password, ssh_key_pwd, ssh_key_login_need)
......@@ -233,10 +232,10 @@ def user_list(request):
@require_role(role='user')
def user_detail(request):
header_title, path1, path2 = '用户详情', '用户管理', '用户详情'
if request.session.get('role_id') == 0:
user_id = request.session.get('user_id')
else:
user_id = request.GET.get('id', '')
# if request.session.get('role_id') == 0:
# user_id = request.user.id
# else:
# user_id = request.GET.get('id', '')
# if request.session.get('role_id') == 1:
# user, dept = get_session_user_dept(request)
# if not validate(request, user=[user_id]):
......@@ -244,9 +243,9 @@ def user_detail(request):
# if not user_id:
# return HttpResponseRedirect('/juser/user_list/')
user = get_object(User, id=user_id)
if user:
pass
# user = get_object(User, id=user_id)
# if user:
# pass
# asset_group_permed = user.get_asset_group()
# logs_last = Log.objects.filter(user=user.name).order_by('-start_time')[0:10]
# logs_all = Log.objects.filter(user=user.name).order_by('-start_time')
......@@ -257,8 +256,14 @@ def user_detail(request):
@require_role(role='admin')
def user_del(request):
user_ids = request.GET.get('id', '')
user_id_list = user_ids.split(',')
if request.method == "GET":
user_ids = request.GET.get('id', '')
user_id_list = user_ids.split(',')
elif request.method == "POST":
user_ids = request.POST.get('id', '')
user_id_list = user_ids.split(',')
else:
return HttpResponse('错误请求')
for user_id in user_id_list:
user = get_object(User, id=user_id)
if user:
......@@ -370,11 +375,11 @@ def user_edit(request):
else:
return HttpResponseRedirect('/juser/user_list/')
if password != user.password:
password_decode = password
password = CRYPTOR.md5_crypt(password)
else:
password_decode = None
# if password != user.password:
# password_decode = password
# password = CRYPTOR.md5_crypt(password)
# else:
# password_decode = None
db_update_user(user_id=user_id,
password=password,
......@@ -409,7 +414,10 @@ def user_edit_adm(request):
def profile(request):
user_id = request.session.get('user_id')
a = request.user.id
a = request.user.groups
user_id = request.user.id
if not user_id:
return HttpResponseRedirect('/')
user = User.objects.get(id=user_id)
......@@ -418,7 +426,7 @@ def profile(request):
def change_info(request):
header_title, path1, path2 = '修改信息', '用户管理', '修改个人信息'
user_id = request.session.get('user_id')
user_id = request.user.id
user = get_object(User, id=user_id)
error = ''
if not user:
......@@ -436,10 +444,11 @@ def change_info(request):
error = '密码须大于6位'
if not error:
if password != user.password:
password = CRYPTOR.md5_crypt(password)
# if password != user.password:
# password = CRYPTOR.md5_crypt(password)
user.update(name=name, password=password, email=email)
user.update(name=name, email=email)
user.set_password(password)
msg = '修改成功'
return render_to_response('juser/change_info.html', locals(), context_instance=RequestContext(request))
......@@ -465,7 +474,7 @@ def down_key(request):
user_id = request.GET.get('id')
if is_role_request(request, 'user'):
user_id = request.session.get('user_id')
user_id = request.user.id
if user_id:
user = get_object(User, id=user_id)
......
templates/index_cu.html
View file @ 0e24ebdb
......@@ -72,7 +72,7 @@
<div class="col-lg-4">
<div class="ibox float-e-margins">
<div class="ibox-title">
<span class="label label-primary"><b>{{ user.name }}</b></span>
<span class="label label-primary"><b>{{ user.username }}</b></span>
<div class="ibox-tools">
<a class="collapse-link">
<i class="fa fa-chevron-up"></i>
......@@ -109,7 +109,7 @@
</tr>
<tr>
<td class="text-navy">角色</td>
<td>{{ user.id | get_role }}</td>
<td>{{ user.role }}</td>
</tr>
<tr>
<td class="text-navy">Email</td>
......
templates/jasset/asset_list.html
View file @ 0e24ebdb
......@@ -24,7 +24,9 @@
<div class="ibox-content">
<div>
{% if session_role_id > 0 %}
<a target="_blank" href="/jasset/asset_add/" class="btn btn-sm btn-primary "> 添加 </a>
{% endif %}
<form id="search_form" method="get" action="" class="pull-right mail-search">
<div class="input-group">
<input type="text" class="form-control input-sm" id="search_input" name="keyword" placeholder="Search">
......
templates/nav.html
View file @ 0e24ebdb
{% ifequal session_role_id 2 %}
{% if request.session.role_id == 2 %}
<nav class="navbar-default navbar-static-side" role="navigation">
<div class="sidebar-collapse">
<ul class="nav" id="side-menu">
......@@ -55,8 +55,8 @@
</div>
</nav>
{% endifequal %}
{% ifequal session_role_id 1 %}
{% endif %}
{% if request.session.role_id == 1 %}
<nav class="navbar-default navbar-static-side" role="navigation">
<div class="sidebar-collapse">
<ul class="nav" id="side-menu">
......@@ -77,8 +77,8 @@
<li id="jasset">
<a><i class="fa fa-cube"></i> <span class="nav-label">资产管理</span><span class="fa arrow"></span></a>
<ul class="nav nav-second-level">
<li class="host_add host_add_multi"><a href="/jasset/host_add/">添加资产</a></li>
<li class="host_list host_detail host_edit"><a href="/jasset/host_list/">查看资产<span class="label label-info pull-right">{{ host_active_num }}/{{ host_total_num}}</span></a></li>
{# <li class="host_add host_add_multi"><a href="/jasset/host_add/">添加资产</a></li>#}
<li class="host_list host_detail host_edit"><a href="/jasset/asset_list/">查看资产<span class="label label-info pull-right">{{ host_active_num }}/{{ host_total_num}}</span></a></li>
<li class="idc_list idc_detail idc_edit"><a href="/jasset/idc_list/">查看IDC</a></li>
<li class="group_add"><a href="/jasset/group_add/">添加主机组</a></li>
<li class="group_list group_detail group_edit"><a href="/jasset/group_list/">查看主机组</a></li>
......@@ -107,9 +107,9 @@
</ul>
</div>
</nav>
{% endifequal %}
{% endif %}
{% ifequal session_role_id 0 %}
{% if request.session.role_id == 0 %}
<nav class="navbar-default navbar-static-side" role="navigation">
<div class="sidebar-collapse">
<ul class="nav" id="side-menu">
......@@ -121,7 +121,7 @@
<a href="/juser/user_detail/?id={{ session_user_id }}"><i class="fa fa-rebel"></i> <span class="nav-label">个人信息</span><span class="label label-info pull-right"></span></a>
</li>
<li id="jasset">
<a href="/jasset/host_list/"><i class="fa fa-cube"></i> <span class="nav-label">查看主机</span><span class="label label-info pull-right"></span></a>
<a href="/jasset/asset_list/"><i class="fa fa-cube"></i> <span class="nav-label">查看主机</span><span class="label label-info pull-right"></span></a>
</li>
<li id="jperm">
<a><i class="fa fa-cube"></i> <span class="nav-label">权限申请</span><span class="fa arrow"></span></a>
......@@ -148,4 +148,4 @@
</ul>
</div>
</nav>
{% endifequal %}
\ No newline at end of file
{% endif %}
\ No newline at end of file
templates/nav_li_profile.html
View file @ 0e24ebdb
......@@ -17,8 +17,13 @@
<ul class="dropdown-menu animated fadeInRight m-t-xs">
<li><a value="/juser/profile/?id={{ session_user_id }}" class="iframe_user">个人信息</a></li>
<li><a href="/juser/change_info/">修改信息</a></li>
<li><a href="/juser/change_role/">切换角色</a></li>
{% if not user.role == 'CU' %}
{% if request.session.role_id == 0 %}
<li><a href="/juser/change_role/">系统后台</a></li>
{% else %}
<li><a href="/juser/change_role/">主机控制台</a></li>
{% endif %}
{% endif %}
<li class="divider"></li>
<li><a href="/logout/">注销</a></li>
</ul>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment