--broken encoding: IBM420_ltr

3424bef5 · guanghongwei · 6a565d0a · 3424bef5 · 3424bef5 · 3424bef5
Commit 3424bef5 authored Apr 15, 2015 by guanghongwei
14 changed files
--- a/jperm/views.py
+++ b/jperm/views.py
@@ -120,7 +120,7 @@ def dept_perm_list(request):
    if keyword:
        contact_list = DEPT.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)).order_by('name')
    else:
-        contact_list = DEPT.objects.filter(id__gt=1)
+        contact_list = DEPT.objects.filter(id__gt=2)

    contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)

@@ -533,14 +533,23 @@ def cmd_add(request):
        dept_id = request.POST.get('dept_id')
        cmd = ','.join(request.POST.get('cmd').split())
        comment = request.POST.get('comment')
-
        dept = DEPT.objects.filter(id=dept_id)
-        if dept:
+
+        try:
+            if CmdGroup.objects.filter(name=name):
+                error = '%s 命令组已存在'
+                raise ServerError(error)
+
+            if not dept:
+                error = u"部门不能为空"
+                raise ServerError(error)
+        except ServerError, e:
+            pass
+        else:
            dept = dept[0]
            CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment)
-        else:
-            error = u"部门不能为空"
-        msg = u'命令组添加成功'
+            msg = u'命令组添加成功'
+            return HttpResponseRedirect('/jperm/cmd_list/')

    return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))

@@ -555,8 +564,16 @@ def cmd_add_adm(request):
        cmd = ','.join(request.POST.get('cmd').split())
        comment = request.POST.get('comment')

-        CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment)
-        msg = u'命令组添加成功'
+        try:
+            if CmdGroup.objects.filter(name=name):
+                error = '%s 命令组已存在'
+                raise ServerError(error)
+        except ServerError, e:
+            pass
+        else:
+            CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment)
+            return HttpResponseRedirect('/jperm/cmd_list/')
+
        return HttpResponseRedirect('/jperm/cmd_list/')

    return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
@@ -568,10 +585,12 @@ def cmd_edit(request):

    cmd_group_id = request.GET.get('id')
    cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
+    dept_all = DEPT.objects.all()

    if cmd_group:
        cmd_group = cmd_group[0]
        cmd_group_id = cmd_group.id
+        dept_id = cmd_group.dept.id
        name = cmd_group.name
        cmd = '\n'.join(cmd_group.cmd.split(','))
        comment = cmd_group.comment
@@ -579,12 +598,23 @@ def cmd_edit(request):
    if request.method == 'POST':
        cmd_group_id = request.POST.get('cmd_group_id')
        name = request.POST.get('name')
+        dept_id = request.POST.get('dept_id')
        cmd = ','.join(request.POST.get('cmd').split())
        comment = request.POST.get('comment')
-
        cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
-        if cmd_group:
-            cmd_group.update(name=name, cmd=cmd, comment=comment)
+
+        dept = DEPT.objects.filter(id=dept_id)
+        try:
+            if not dept:
+                error = '没有该部门'
+                raise ServerError(error)
+
+            if not cmd_group:
+                error = '没有该命令组'
+        except ServerError, e:
+            pass
+        else:
+            cmd_group.update(name=name, cmd=cmd, dept=dept[0], comment=comment)
            return HttpResponseRedirect('/jperm/cmd_list/')
    return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))

@@ -624,10 +654,22 @@ def cmd_del(request):

 @require_admin
 def cmd_detail(request):
-    cmd_id = request.GET.get('id')
-    cmd_group = CmdGroup.objects.filter(id=cmd_id)
-    if cmd_group:
-        cmd_group = cmd_group[0]
+    cmd_ids = request.GET.get('id').split(',')
+    cmds = []
+    if len(cmd_ids) == 1:
+        cmd_group = CmdGroup.objects.filter(id=cmd_ids[0])
+        if cmd_group:
+            cmd_group = cmd_group[0]
+            cmds.extend(cmd_group.cmd.split(','))
+            cmd_group_name = cmd_group.name
+    else:
+        cmd_groups = []
+        for cmd_id in cmd_ids:
+            cmd_groups.extend(CmdGroup.objects.filter(id=cmd_id))
+        for cmd_group in cmd_groups:
+            cmds.extend(cmd_group.cmd.split(','))
+
+    cmds_str = ', '.join(cmds)

    return render_to_response('jperm/sudo_cmd_detail.html', locals(), context_instance=RequestContext(request))


--- a/jumpserver.conf
+++ b/jumpserver.conf
@@ -30,8 +30,8 @@ key = 88aaaf7ffe3c6c04


 [mail]
-email_host = mail.funshion.com
+email_host = smtp.qq.com
 email_port = 25
-email_host_user = jkfunshion
-email_host_password = jkmail%
+email_host_user = jumpserver@qq.com
+email_host_password = jumpserver.org
 email_use_tls = False
--- a/jumpserver/api.py
+++ b/jumpserver/api.py
@@ -375,39 +375,38 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None,

    if user_group:
        dept_user_groups = dept.usergroup_set.all()
-        user_groups = []
-        for user_group_id in user_group:
-            user_groups.extend(UserGroup.objects.filter(id=user_group_id))
-        if not set(user_groups).issubset(set(dept_user_groups)):
+        user_group_ids = []
+        for group in dept_user_groups:
+            user_group_ids.append(str(group.id))
+
+        if not set(user_group).issubset(set(user_group_ids)):
            return False

    if user:
        dept_users = dept.user_set.all()
-        users = []
-        for user_id in user:
-            users.extend(User.objects.filter(id=user_id))
+        user_ids = []
+        for user in dept_users:
+            user_ids.append(str(user.id))

-        if not set(users).issubset(set(dept_users)):
+        if not set(user).issubset(set(user_ids)):
            return False

    if asset_group:
        dept_asset_groups = dept.bisgroup_set.all()
-        asset_groups = []
-        for group_id in asset_group:
-            asset_groups.extend(BisGroup.objects.filter(id=int(group_id)))
+        asset_group_ids = []
+        for group in dept_asset_groups:
+            asset_group_ids.append(group.id)

-        if not set(asset_groups).issubset(set(dept_asset_groups)):
+        if not set(asset_group).issubset(set(asset_group_ids)):
            return False

    if asset:
        dept_assets = dept.asset_set.all()
-        assets, eassets = [], []
-        for asset_id in dept_assets:
-            eassets.append(int(asset_id.id))
-        for i in asset:
-            assets.append(int(i)) 
+        asset_ids = []
+        for asset in dept_assets:
+            asset_ids.append(str(asset.id))

-        if not set(assets).issubset(eassets):
+        if not set(asset).issubset(set(asset_ids)):
            return False

    return True

--- a/jumpserver/templatetags/mytags.py
+++ b/jumpserver/templatetags/mytags.py
@@ -157,6 +157,18 @@ def ugrp_perm_agrp_count(user_group_id):
    return 0


+@register.filter(name='ugrp_sudo_agrp_count')
+def ugrp_sudo_agrp_count(user_group_id):
+    user_group = UserGroup.objects.filter(id=user_group_id)
+    asset_groups = []
+    if user_group:
+        user_group = user_group[0]
+        for perm in user_group.sudoperm_set.all():
+            asset_groups.extend(perm.asset_group.all())
+        return len(set(asset_groups))
+    return 0
+
+
 @register.filter(name='ugrp_perm_asset_count')
 def ugrp_perm_asset_count(user_group_id):
    user_group = UserGroup.objects.filter(id=user_group_id)
@@ -169,6 +181,21 @@ def ugrp_perm_asset_count(user_group_id):
    return len(set(assets))


+@register.filter(name='ugrp_sudo_asset_count')
+def ugrp_sudo_asset_count(user_group_id):
+    user_group = UserGroup.objects.filter(id=user_group_id)
+    asset_groups = []
+    assets = []
+    if user_group:
+        user_group = user_group[0]
+        for perm in user_group.sudoperm_set.all():
+            asset_groups.extend(perm.asset_group.all())
+
+        for asset_group in asset_groups:
+            assets.extend(asset_group.asset_set.all())
+    return len(set(assets))
+
+
 @register.filter(name='get_user_alias')
 def get_user_alias(post, user_id):
    user = User.objects.get(id=user_id)
@@ -298,8 +325,52 @@ def sudo_cmd_list(cmd_group_id):


 @register.filter(name='sudo_cmd_count')
-def sudo_cmd_count(cmd_group_id):
-    cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
-    if cmd_group:
-        cmd_group = cmd_group[0]
-        return len(cmd_group.cmd.split(','))
+def sudo_cmd_count(user_group_id):
+    user_group = UserGroup.objects.filter(id=user_group_id)
+    cmds = []
+    if user_group:
+        user_group = user_group[0]
+        cmd_groups = []
+
+        for perm in user_group.sudoperm_set.all():
+            cmd_groups.extend(perm.cmd_group.all())
+
+        for cmd_group in cmd_groups:
+            cmds.extend(cmd_group.cmd.split(','))
+        return len(set(cmds))
+
+    else:
+        return 0
+
+
+@register.filter(name='sudo_cmd_count')
+def sudo_cmd_count(user_group_id):
+    user_group = UserGroup.objects.filter(id=user_group_id)
+    cmds = []
+    if user_group:
+        user_group = user_group[0]
+        cmd_groups = []
+        for perm in user_group.sudoperm_set.all():
+            cmd_groups.extend(perm.cmd_group.all())
+
+        for cmd_group in cmd_groups:
+            cmds.extend(cmd_group.cmd.split(','))
+        return len(set(cmds))
+    else:
+        return 0
+
+
+@register.filter(name='sudo_cmd_ids')
+def sudo_cmd_ids(user_group_id):
+    user_group = UserGroup.objects.filter(id=user_group_id)
+    if user_group:
+        user_group = user_group[0]
+        cmd_groups = []
+        for perm in user_group.sudoperm_set.all():
+            cmd_groups.extend(perm.cmd_group.all())
+        cmd_ids = [str(cmd_group.id) for cmd_group in cmd_groups]
+        return ','.join(cmd_ids)
+    else:
+        return '0'
+
+
--- a/jumpserver/views.py
+++ b/jumpserver/views.py
@@ -242,11 +242,12 @@ def login(request):
    else:
        username = request.POST.get('username')
        password = request.POST.get('password')
-        user = User.objects.filter(username=username)
-        if user:
-            user = user[0]
+        user_filter = User.objects.filter(username=username)
+        if user_filter:
+            user = user_filter[0]
            if md5_crypt(password) == user.password:
                request.session['user_id'] = user.id
+                user_filter.update(last_login=datetime.datetime.now())
                if user.role == 'SU':
                    request.session['role_id'] = 2
                elif user.role == 'DA':

--- a/juser/views.py
+++ b/juser/views.py
@@ -71,6 +71,7 @@ def db_add_user(**kwargs):


 def db_update_user(**kwargs):
+    print kwargs
    groups_post = kwargs.pop('groups')
    user_id = kwargs.pop('user_id')
    user = User.objects.filter(id=user_id)
@@ -354,11 +355,16 @@ def group_add(request):
                error = u'组名 或 部门 不能为空'
                raise AddError(error)

+            if UserGroup.objects.filter(name=group_name):
+                error = u'组名已存在'
+                raise AddError(error)
+
            dept = DEPT.objects.filter(id=dept_id)
            if dept:
                dept = dept[0]
            else:
-                AddError(u'部门不存在')
+                error = u'部门不存在'
+                raise AddError(error)

            db_add_group(name=group_name, users=users_selected, dept=dept, comment=comment)
        except AddError:
@@ -843,7 +849,7 @@ def user_edit(request):
            groups_str = ' '.join([str(group.id) for group in user.group.all()])

    else:
-        user_id = request.GET.get('user_id', '')
+        user_id = request.POST.get('user_id', '')
        password = request.POST.get('password', '')
        name = request.POST.get('name', '')
        email = request.POST.get('email', '')
@@ -858,7 +864,7 @@ def user_edit(request):
        if dept:
            dept = dept[0]
        else:
-            dept = DEPT.objects.get(id='1')
+            dept = DEPT.objects.get(id='2')

        if user_id:
            user = User.objects.filter(id=user_id)

--- a/log_handler.py
+++ b/log_handler.py
 #!/usr/bin/python
-#coding: utf-8
+# coding: utf-8

 import os
 import re

--- a/service.sh
+++ b/service.sh
+#!/bin/bash
+# Date: 2015-04-12
+# Version: 2.0.0
+# Site: http://www.jumpserver.org
+# Author: jumpserver group
+
+. /etc/init.d/functions
+export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/node/bin
+
+base_dir=$(dirname $0)
+
+case $1 in
+start)
+    daemon $base_dir/manage.py runserver 0.0.0.0:80 &
+    daemon $base_dir/log_handler.py &
+    cd $base_dir/websocket/; daemon node index.js &
+    ;;
+
+stop)
+    pkill -15 python
+    pkill -15 node
+    ;;
+
+esac
--- a/templates/jperm/dept_perm_edit.html
+++ b/templates/jperm/dept_perm_edit.html
@@ -16,8 +16,6 @@ function search_ip(text, noselect, total){
        })
 }

-
-
 </script>

 <div class="wrapper wrapper-content animated fadeInRight">
@@ -118,8 +116,6 @@ function search_ip(text, noselect, total){
                                    </div>
                                </div>
                            </div>
-
-
                        </div>

                        <div class="row">
@@ -172,14 +168,11 @@ $('#sudoPerm').validator({

 $(document).ready(function(){
    $("#submit_button").click(function(){
-        $('#users_selected option').each(function(){
+        $('#sudoPerm option').each(function(){
            $(this).prop('selected', true)
        })
    });

-
-
-
 })
 </script>


--- a/templates/jperm/sudo_cmd_add.html
+++ b/templates/jperm/sudo_cmd_add.html
@@ -63,7 +63,12 @@
                                <div class="col-sm-8">
                                    <select id="dept_id" name="dept_id" class="form-control m-b">
                                        {% for dept in dept_all %}
-                                            <option value="{{ dept.id }}" selected>{{ dept.name }}</option>
+                                            {% ifequal dept_id dept.id %}
+                                                <option value="{{ dept.id }}" selected>{{ dept.name }}</option>
+                                            {% else %}
+                                                <option value="{{ dept.id }}">{{ dept.name }}</option>
+                                            {% endifequal %}
+
                                        {% endfor %}
                                    </select>
                                </div>

--- a/templates/jperm/sudo_cmd_detail.html
+++ b/templates/jperm/sudo_cmd_detail.html
@@ -14,10 +14,13 @@
    <body>
        <div class="row">
            <div class="contact-box">
+                {% if cmd_group_name %}
                <h2 class="text-center">{{ cmd_group.name }} 命令详情</h2>
+                {% endif %}
                <div class="ibox-content">

                    <table class="table table-striped table-bordered table-hover " id="editable" >
+                        {% if cmd_group_name %}
                        <thead>
                            <tr>
                                <td class="text-center" width="120">ID</td>
@@ -31,10 +34,11 @@
                            <td class="text-center">{{ cmd_group.name }}</td>
                            <td class="text-center">{{ cmd_group.dept.name }}</td>
                        </tr>
+                        {% endif %}
                        <tr>
                            <td colspan="1" class="text-center">命令：</td>
                            <td colspan="6" class="text-center">
-                                    <b>{{ cmd_group.cmd }}</b>
+                                    <b>{{ cmds_str }}</b>
                            </td>
                        </tr>
                    </table>

--- a/templates/jperm/sudo_cmd_list.html
+++ b/templates/jperm/sudo_cmd_list.html
@@ -49,6 +49,7 @@
                            <tr>
                                <th class="text-center">组名</th>
                                <th class="text-center">命令</th>
+                                <th class="text-center">部门</th>
                                <th class="text-center">备注</th>
                                <th class="text-center">操作</th>
                            </tr>
@@ -58,9 +59,10 @@
                            <tr class="gradeX">
                                <td class="text-center"> {{ group.name }} </td>
                                <td class="text-center" title="{{ group.cmd }}"> {{ group.cmd | string_length:50 }} </td>
+                                <td class="text-center"> {{ group.dept.name }} </td>
                                <td class="text-center"> {{ group.comment }} </td>
                                <td class="text-center">
-{#                                    <a href="../cmd_detail/?id={{ group.id }}" class="btn btn-xs btn-info">详情</a>#}
+                                    <a value="../cmd_detail/?id={{ group.id }}" class="btn btn-xs btn-primary iframe">详情</a>
                                    <a href="../cmd_edit/?id={{ group.id }}" class="btn btn-xs btn-info">编辑</a>
                                    <a href="../cmd_del/?id={{ group.id }}" class="btn btn-xs btn-danger">删除</a>
                                </td>
@@ -117,8 +119,21 @@
 </div>

 <script>
-    $(document).ready(function(){
-        $(".iframe").colorbox({iframe:true, width:"70%", height:"70%"});
+    $(document).ready(function() {
+        $(".iframe").on('click', function () {
+            var url = $(this).attr("value");
+            $.layer({
+                type: 2,
+                title: '命令详情',
+                maxmin: true,
+                shift: 'top',
+                border: [2, 0.3, '#1AB394'],
+                shade: [0.5, '#000000'],
+                shadeClose: true,
+                area: ['800px', '600px'],
+                iframe: {src: url}
+            });
+        });
    });
 </script>


--- a/templates/jperm/sudo_list.html
+++ b/templates/jperm/sudo_list.html
@@ -67,9 +67,9 @@
                                                <td class="text-center"> {{ group.name }} </td>
                                                <td class="text-center"> {{ group.dept.name }} </td>
                                                <td class="text-center"><a href="/juser/user_list/?gid={{ group.id }}">{{ group.id | member_count }} </a> </td>
-                                                <td class="text-center"><a href="/jasset/group_list/?sid={{ group.id }}">{{ group.id | ugrp_perm_agrp_count }} </a> </td>
-                                                <td class="text-center"><a href="/jasset/host_list/?sid={{ group.id }}"> {{ group.id | ugrp_perm_asset_count }} </a> </td>
-                                                <td class="text-center"><a value="/jperm/cmd_detail/?id={{ group.id }}"  class="iframe">{{ group.id | sudo_cmd_count }}</a> </td>
+                                                <td class="text-center"><a href="/jasset/group_list/?sid={{ group.id }}">{{ group.id | ugrp_sudo_agrp_count }} </a> </td>
+                                                <td class="text-center"><a href="/jasset/host_list/?sid={{ group.id }}"> {{ group.id | ugrp_sudo_asset_count }} </a> </td>
+                                                <td class="text-center"><a value="/jperm/cmd_detail/?id={{ group.id | sudo_cmd_ids }}"  class="iframe">{{ group.id | sudo_cmd_count }}</a> </td>
                                                <td class="text-center"> {{ group.comment }} </td>
                                                <td class="text-center">
                                                    <a href="../sudo_edit/?id={{ group.id }}" class="btn btn-xs btn-danger">sudo授权</a>

--- a/templates/upload.html
+++ b/templates/upload.html
@@ -56,7 +56,7 @@
            uploadMultiple: true,
            parallelUploads: 100,
            maxFiles: 100,
-            url: '/upload/',
+            url: '/file/upload/',

            // Dropzone settings
            init: function() {