Merge pull request #129 from jumpserver/bug_fix_100_and_127

fix (jperm): 统一调整系统用户仅使用秘钥进行通信，已存在的用户不会修改密码

Merge pull request #129 from jumpserver/bug_fix_100_and_127
fix (jperm): 统一调整系统用户仅使用秘钥进行通信，已存在的用户不会修改密码
0e5fd68e · ibuler · f11016f5 · c0e8ff86 · 0e5fd68e · 0e5fd68e
Commit 0e5fd68e authored Mar 19, 2016 by ibuler
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 21 deletions

perm_api.py jperm/perm_api.py +2 -1

views.py jperm/views.py +4 -4

jumpserver.conf jumpserver.conf +6 -6

perm_role_push.html templates/jperm/perm_role_push.html +0 -10

No files found.
--- a/jperm/perm_api.py
+++ b/jperm/perm_api.py
@@ -182,8 +182,9 @@ def gen_resource(ob, perm=None):
                info = {'hostname': asset.hostname,
                        'ip': asset.ip,
                        'port': asset_info.get('port', 22),
+                        'ansible_ssh_private_key_file': role_key,
                        'username': role.name,
-                        'password': CRYPTOR.decrypt(role.password)
+                        # 'password': CRYPTOR.decrypt(role.password)
                       }
                if os.path.isfile(role_key):

--- a/jperm/views.py
+++ b/jperm/views.py
@@ -519,12 +519,12 @@ def perm_role_push(request):
            ret["pass_push"] = task.add_user(role.name)
            ret["key_push"] = task.push_key(role.name, os.path.join(role.key_path, 'id_rsa.pub'))
-        # 2. 推送账号密码
+        # 2. 推送账号密码 <为了安全 系统用户统一使用秘钥进行通信， 不再提供密码方式的推送>
-        elif password_push:
+        # elif password_push:
-            ret["pass_push"] = task.add_user(role.name, CRYPTOR.decrypt(role.password))
+        #     ret["pass_push"] = task.add_user(role.name, CRYPTOR.decrypt(role.password))
        # 3. 推送sudo配置文件
-        if password_push or key_push:
+        if key_push:
            sudo_list = set([sudo for sudo in role.sudo.all()])  # set(sudo1, sudo2, sudo3)
            if sudo_list:
                ret['sudo'] = task.push_sudo_file([role], sudo_list)

--- a/jumpserver.conf
+++ b/jumpserver.conf
 [base]
-url = http://192.168.244.129
+url = http://192.168.10.165
-key = i6k2zeu8x6mncl76
+key = 941enj9neshd1wes
 ip = 0.0.0.0
 port = 80
 log = debug
@@ -14,9 +14,9 @@ database = jumpserver
 [mail]
 mail_enable = 1
-email_host = smtp.exmail.qq.com
+email_host = 
-email_port = 25
+email_port = 587
-email_host_user = noreply@jumpserver.org
+email_host_user = 
-email_host_password = xxxxxxxxxx
+email_host_password = 
 email_use_tls = True
--- a/templates/jperm/perm_role_push.html
+++ b/templates/jperm/perm_role_push.html
@@ -74,16 +74,6 @@
                                        </div>
                                    </div>
                                </div>
-                                <div class="form-group">
-                                    <label for="j_group" class="col-sm-2 control-label">使用密码</label>
-                                    <div class="col-sm-1">
-                                        <div class="radio i-checks">
-                                            <label>
-                                                <input type="checkbox" value="1" id="use_password" name="use_password">
-                                            </label>
-                                        </div>
-                                    </div>
-                                </div>
                            </div>
                            <div class="hr-line-dashed"></div>
                            <div class="form-group">