bugs

3bfe0e3c · halcyon · 4abf25ef · 3bfe0e3c · 3bfe0e3c · 3bfe0e3c
Commit 3bfe0e3c authored Apr 14, 2015 by halcyon
13 changed files
--- a/jasset/urls.py
+++ b/jasset/urls.py
@@ -18,7 +18,7 @@ urlpatterns = patterns('',
    url(r'^group_edit/$', group_edit),
    url(r'^group_list/$', group_list),
    url(r'^group_detail/$', group_detail),
-    url(r'^group_del_host/(\w+)/$', group_del_host),
+    url(r'^group_del_host/$', group_del_host),
    url(r'^group_del/$', group_del),
    url(r'^host_del/(\w+)/$', host_del),
    url(r'^host_edit/$', view_splitter, {'su': host_edit, 'adm': host_edit_adm}),

--- a/jasset/views.py
+++ b/jasset/views.py
@@ -184,31 +184,54 @@ def host_add(request):
 def host_add_batch(request):
    header_title, path1, path2 = u'批量添加主机', u'资产管理', u'批量添加主机'
    login_types = {'LDAP': 'L', 'MAP': 'M'}
+    active_types = {'激活': 1, '禁用': 0}
    dept_id = get_user_dept(request)
    if request.method == 'POST':
        multi_hosts = request.POST.get('j_multi').split('\n')
+        print multi_hosts
        for host in multi_hosts:
            if host == '':
                break
            j_ip, j_port, j_type, j_idc, j_groups, j_depts, j_active, j_comment = host.split()
            j_type = login_types[j_type]
+            j_active = active_types[str(j_active)]
            j_group = ast.literal_eval(j_groups)
            j_dept = ast.literal_eval(j_depts)
+            idc = IDC.objects.filter(name=j_idc)
+            if idc:
+                j_idc = idc[0].id
+            group_ids, dept_ids = [], []
+            for group_name in j_group:
+                group = BisGroup.objects.filter(name=group_name)
+                if group:
+                    group_id = group[0].id
+                group_ids.append(group_id)
+            for dept_name in j_dept:
+                dept = DEPT.objects.filter(name=dept_name)
+                if dept:
+                    dept_id = dept[0].id
+                dept_ids.append(dept_id)
+            if is_group_admin(request) and not verify(request, asset_group=group_ids, edept=dept_ids):
+                return httperror(request, '添加失败, 您无权添加!')
            if Asset.objects.filter(ip=str(j_ip)):
                emg = u'该IP %s 已存在!' % j_ip
                return render_to_response('jasset/host_add_multi.html', locals(),
                                          context_instance=RequestContext(request))
-            if j_type == 'M':
+            # if j_type == 'M':
-                j_user = request.POST.get('j_user')
+            #     j_user = request.POST.get('j_user')
-                j_password = cryptor.encrypt(request.POST.get('j_password'))
+            #     j_password = request.POST.get('j_password')
-                db_host_insert(j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment, j_user, j_password)
+            #     db_host_insert(j_ip, j_port, j_idc, j_type, group_ids, dept_ids, j_active, j_comment)
-            else:
+            # else:
-                db_host_insert(j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment)
+            db_host_insert(j_ip, j_port, j_idc, j_type, group_ids, dept_ids, j_active, j_comment)
        smg = u'批量添加添加成功'
-        return HttpResponseRedirect('/jasset/host_list/')
+        return render_to_response('jasset/host_add_multi.html', locals(), context_instance=RequestContext(request))
    return render_to_response('jasset/host_add_multi.html', locals(), context_instance=RequestContext(request))
@@ -450,7 +473,7 @@ def host_detail(request):
        return httperror(request, '您无权查看!')
    elif is_common_user(request):
-        username = get_session_user_info[1]
+        username = get_session_user_info(request)[1]
        user_permed_hosts = user_perm_asset_api(username)
        if post not in user_permed_hosts:
            return httperror(request, '您无权查看!')
@@ -576,7 +599,7 @@ def group_add(request):
        dept_id = get_user_dept(request)
        dept = DEPT.objects.get(id=dept_id)
        posts = Asset.objects.filter(dept=dept)
-        edept = DEPT.objects.get(id=dept_id)
+        edept = get_session_user_info(request)[5]
    if request.method == 'POST':
        j_group = request.POST.get('j_group', '')
@@ -652,15 +675,17 @@ def group_edit(request):
    header_title, path1, path2 = u'编辑主机组', u'资产管理', u'编辑主机组'
    group_id = request.GET.get('id', '')
    group = BisGroup.objects.get(id=group_id)
-    all = Asset.objects.all()
+    host_all = Asset.objects.all()
    dept_id = get_user_dept(request)
-    eposts = Asset.objects.filter(bis_group=group).order_by('ip')
+    eposts = Asset.objects.filter(bis_group=group)
    if is_super_user(request):
        edept = DEPT.objects.all()
-        posts = [g for g in all if g not in eposts]
+        posts = [g for g in host_all if g not in eposts]
    elif is_group_admin(request):
+        if not verify(request, asset_group=[group_id]):
+            return httperror(request, '编辑失败, 您无权操作!')
        dept = DEPT.objects.get(id=dept_id)
        all_dept = Asset.objects.filter(dept=dept)
        posts = [g for g in all_dept if g not in eposts]
@@ -688,42 +713,44 @@ def group_edit(request):
 @require_admin
 def group_detail(request):
    header_title, path1, path2 = u'主机组详情', u'资产管理', u'主机组详情'
-    login_types = {'L': 'LDAP', 'S': 'SSH_KEY', 'P': 'PASSWORD', 'M': 'MAP'}
+    login_types = {'L': 'LDAP', 'M': 'MAP'}
-    dept_id = get_user_dept(request)
+    dept = get_session_user_info(request)[5]
-    dept = DEPT.objects.get(id=dept_id)
+    group_id = request.GET.get('id', '')
-    group_id = request.GET.get('id')
+    group = BisGroup.objects.get(id=group_id)
-    group_name = BisGroup.objects.get(id=group_id).name
-    b = BisGroup.objects.get(id=group_id)
    if is_super_user(request):
-        posts = Asset.objects.filter(bis_group=b).order_by('ip')
+        posts = Asset.objects.filter(bis_group=group).order_by('ip')
-        contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
    elif is_group_admin(request):
-        posts = Asset.objects.filter(bis_group=b).filter(dept=dept).order_by('ip')
+        if not verify(request, asset_group=[group_id]):
+            return httperror(request, '您无权查看!')
+        posts = Asset.objects.filter(bis_group=group).filter(dept=dept).order_by('ip')
    contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
    return render_to_response('jasset/group_detail.html', locals(), context_instance=RequestContext(request))
 @require_admin
-def group_del_host(request, offset):
+def group_del_host(request):
    if request.method == 'POST':
-        group_name = request.POST.get('group_name')
+        group_id = request.POST.get('group_id')
+        offset = request.GET.get('id', '')
+        group = BisGroup.objects.get(id=group_id)
        if offset == 'group':
-            group = BisGroup.objects.get(name=group_name)
-        elif offset == 'idc':
-            group = IDC.objects.get(name=group_name)
            len_list = request.POST.get("len_list")
            for i in range(int(len_list)):
                key = "id_list[" + str(i) + "]"
                jid = request.POST.get(key)
                g = Asset.objects.get(id=jid)
-            if offset == 'group':
                group.asset_set.remove(g)
-            elif offset == 'idc':
-                Asset.objects.filter(id=jid).delete()
-                BisGroup.objects.filter(name=g.ip).delete()
-        return HttpResponseRedirect('/jasset/%s_detail/?id=%s' % (offset, group.id))
+    else:
+        offset = request.GET.get('id', '')
+        group_id = request.GET.get('gid', '')
+        group = BisGroup.objects.get(id=group_id)
+        g = Asset.objects.get(id=offset)
+        group.asset_set.remove(g)
+    return HttpResponseRedirect('/jasset/group_detail/?id=%s' % group.id)
 @require_admin
@@ -734,9 +761,13 @@ def group_del(request):
        for i in range(int(len_list)):
            key = "id_list[" + str(i) + "]"
            gid = request.POST.get(key)
+            if not verify(request, asset_group=[gid]):
+                return httperror(request, '删除失败, 您无权删除!')
            BisGroup.objects.filter(id=gid).delete()
    else:
        gid = int(offset)
+        if not verify(request, asset_group=[gid]):
+            return httperror(request, '删除失败, 您无权删除!')
        BisGroup.objects.filter(id=gid).delete()
    return HttpResponseRedirect('/jasset/group_list/')

--- a/jperm/views.py
+++ b/jperm/views.py
@@ -722,7 +722,7 @@ def get_apply_posts(request, status, username, dept_name, keyword=None):
            posts = Apply.objects.filter(Q(applyer__contains=keyword) | Q(approver__contains=keyword)) \
                .filter(status=status).filter(dept=dept_name).order_by('-date_add')
        else:
-            posts = Log.objects.filter(status=status).filter(dept=dept_name).order_by('-date_add')
+            posts = Apply.objects.filter(status=status).filter(dept=dept_name).order_by('-date_add')
    elif is_common_user(request):
        if keyword:

--- a/jumpserver.conf
+++ b/jumpserver.conf
@@ -15,14 +15,14 @@ database = jumpserver
 [ldap]
 ldap_enable = 1
-host_url = ldap://192.168.8.230:389
+host_url = ldap://192.168.8.220:389
-base_dn = dc=jumpserver, dc=org
+base_dn = dc=fun, dc=tv
-root_dn = cn=admin,dc=jumpserver,dc=org
+root_dn = cn=admin,dc=fun,dc=tv
 root_pw = secret234
 [websocket]
-web_socket_host = 192.168.173.129:3000
+web_socket_host = 192.168.8.220:3000
 [web]

--- a/templates/error.html
+++ b/templates/error.html
@@ -21,8 +21,8 @@
    <div class="middle-box text-center animated fadeInDown">
        <h1>Error</h1>
-        <h3 class="font-bold">{{ message }}</h3>
+        <h3 class="font-bold text-danger">{{ message }}</h3>
+        <h3 id="jumpTo" class="font-bold text-info"></h3>
        <div class="error-desc">
            The server encountered something unexpected that didn't allow it to complete the request. We apologize.<br/>
            You can go back to main page: <br/><a href="/" class="btn btn-primary m-t">Dashboard</a>
@@ -34,6 +34,18 @@
    <script src="/static/js/bootstrap.min.js"></script>
 </body>
+<script>
+    function countDown(secs,surl){
+         var jumpTo = document.getElementById('jumpTo');
+         jumpTo.innerHTML= secs + '秒' + '后返回上一页';
+         if(--secs>0){
+             setTimeout("countDown("+secs+",'"+surl+"')",1000);
+             }
+         else{
+             location.href=surl;
+             }
+         }
+    countDown(5,document.referrer);
+</script>
 </html>
--- a/templates/index.html
+++ b/templates/index.html
@@ -62,7 +62,7 @@
        </div>
    </div>
    <div class="row">
-        <div class="col-lg-3 border-bottom white-bg dashboard-header" style="margin-left:15px;">
+        <div class="col-lg-3 border-bottom white-bg dashboard-header" style="margin-left:15px;height: 346px">
            <h2>活跃用户TOP5</h2>
            <small>过去一周共有<span class="text-info">{{ week_users }}</span>位用户登录<span class="text-success">{{ week_hosts }}</span>次服务器.</small>
            <ul class="list-group clear-list m-t">

--- a/templates/jasset/group_add.html
+++ b/templates/jasset/group_add.html
@@ -8,6 +8,23 @@
            <div class="ibox float-e-margins">
                <div id="ibox-content" class="ibox-title">
                    <h5> 填写主机组基本信息 </h5>
+                    <div class="ibox-tools">
+                        <a class="collapse-link">
+                            <i class="fa fa-chevron-up"></i>
+                        </a>
+                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                            <i class="fa fa-wrench"></i>
+                        </a>
+                        <ul class="dropdown-menu dropdown-user">
+                            <li><a href="#">未启用 1</a>
+                            </li>
+                            <li><a href="#">未启用 2</a>
+                            </li>
+                        </ul>
+                        <a class="close-link">
+                            <i class="fa fa-times"></i>
+                        </a>
+                    </div>
                </div>
                <div class="ibox-content">
                    {% if emg %}
@@ -124,8 +141,7 @@
        }
    $('#search').keyup(function() {
-        var $rows = $('#groups option');
+        var $rows = $('#hosts option');
-        console.log($rows);
        var val = $.trim($(this).val()).replace(/ +/g, ' ').toLowerCase();
        $rows.show().filter(function() {

--- a/templates/jasset/group_detail.html
+++ b/templates/jasset/group_detail.html
@@ -8,7 +8,7 @@
        <div class="col-lg-12">
            <div class="ibox float-e-margins" id="all">
                <div class="ibox-title">
-                    <h5> 主机组<span class="text-info">{{ group_name }}</span>详细信息列表 </h5>
+                    <h5> 主机组<span class="text-info">{{ group.name }}</span>详细信息列表</h5>
                    <div class="ibox-tools">
                        <a class="collapse-link">
                            <i class="fa fa-chevron-up"></i>
@@ -30,7 +30,7 @@
                <div class="ibox-content">
                    <div class="">
-                    <a target="_blank" href="/jasset/host_add" class="btn btn-sm btn-primary "> 添加主机 </a>
+                        <a target="_blank" href="/jasset/host_add" class="btn btn-sm btn-primary"> 添加主机 </a>
                    </div>
                    <form id="contents_form" name="contents_form">
@@ -42,7 +42,7 @@
                                <th class="text-center"> 端口号 </th>
                                <th class="text-center" name="j_type"> 登录方式 </th>
                                <th class="text-center" name="j_idc"> 所属IDC </th>
-                                <th class="text-center" id="j_group_name" value="{{ group_name }}"> 所属业务组 </th>
+                                <th class="text-center" id="group_id" value="{{ group.id }}"> 所属业务组 </th>
                                <th class="text-center"> 是否激活 </th>
                                <th class="text-center" name="j_time"> 添加时间 </th>
                                <th class="text-center" name="j_comment"> 备注 </th>
@@ -64,7 +64,7 @@
                                <td class="text-center" data-editable='false'>
                                    <a value="/jasset/{{ post.ip }}/" class="iframe btn btn-xs btn-primary">详情</a>
                                    <a href="/jasset/host_edit/?id={{ post.id }}" class="btn btn-xs btn-info">编辑</a>
-                                    <a href="/jasset/host_del/{{ post.id }}/" class="btn btn-xs btn-danger">删除</a>
+                                    <a href="/jasset/group_del_host/?id={{ post.id }}&gid={{ group.id }}" class="btn btn-xs btn-danger">删除</a>
                                </td>
                            </tr>
                        {% endfor %}
@@ -89,21 +89,6 @@
        $('#editable').editableTableWidget();
    });
-    $(".iframe").on('click', function(){
-        var url= $(this).attr("value");
-        $.layer({
-            type: 2,
-            title: 'JumpServer主机详情',
-            maxmin: true,
-            shift: 'top',
-            border: [2, 0.3, '#1AB394'],
-            shade: [0.5, '#000000'],
-            shadeClose: true,
-            area : ['800px' , '600px'],
-            iframe: {src: url}
-        });
-    });
    function alter(form) {
        selectData = GetTableDataBox();
        if (selectData[1] != 0) {
@@ -122,8 +107,7 @@
    function del(form) {
        var checkboxes = document.getElementById(form);
        var id_list = {};
-        var group_name = $('#j_group_name').attr("value");
+        var group_id = $('#group_id').attr("value");
-        console.log(group_name);
        var j = 0;
        for (var i = 0; i < checkboxes.elements.length; i++) {
            if (checkboxes.elements[i].type == "checkbox" && checkboxes.elements[i].checked == true && checkboxes.elements[i].value != "checkall") {
@@ -134,8 +118,8 @@
        if (confirm("确定从主机组中删除")) {
            $.ajax({
                type: "POST",
-                url: "/jasset/group_del_host/group/",
+                url: "/jasset/group_del_host/?id=group",
-                data: {"id_list": id_list, "len_list": j, "group_name": group_name},
+                data: {"id_list": id_list, "len_list": j, "group_id": group_id},
                success: function (data) {
                    window.open(window.location.href, "_self");
                }

--- a/templates/jasset/group_list.html
+++ b/templates/jasset/group_list.html
@@ -7,6 +7,26 @@
    <div class="row">
        <div class="col-lg-10">
            <div class="ibox float-e-margins">
+                <div class="ibox-title">
+                    <h5> 主机组详细信息列表</h5>
+                    <div class="ibox-tools">
+                        <a class="collapse-link">
+                            <i class="fa fa-chevron-up"></i>
+                        </a>
+                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                            <i class="fa fa-wrench"></i>
+                        </a>
+                        <ul class="dropdown-menu dropdown-user">
+                            <li><a href="#">未启用 1</a>
+                            </li>
+                            <li><a href="#">未启用 2</a>
+                            </li>
+                        </ul>
+                        <a class="close-link">
+                            <i class="fa fa-times"></i>
+                        </a>
+                    </div>
+                </div>
                <div class="ibox-content">
                    <div class="">
                    <a target="_blank" href="/jasset/group_add" class="btn btn-sm btn-primary "> 添加主机组 </a>

--- a/templates/jasset/host_add_multi.html
+++ b/templates/jasset/host_add_multi.html
@@ -42,9 +42,10 @@
                                {% if smg %}
                                    <div class="alert alert-success text-center">{{ smg }}</div>
                                {% endif %}
-                                <h4>按照文本框内主机信息格式填写, 多台主机回车换行</h4>
+                                <p>请严格按照文本框内主机信息格式填写, 多台主机回车换行, 具体格式如下: </p>
+                                <p class="text-info">IP地址  端口号  登录方式  IDC名  所属主机组  所属部门  激活/禁用  备注 </p>
                                    <form id="assetMulti" method="post" class="form-horizontal">
-                                        <div><textarea id="j_multi" name="j_multi" type="text" placeholder="192.168.1.1 22 LDAP 北京联通 [网站,数据库] 运维部 1 网站服务器" class="form-control" style="width:700px;height:500px">192.168.1.1 22 LDAP 北京联通 ['网站','数据库'] ['运维部'] 1 网站服务器</textarea></div>
+                                        <div><textarea id="j_multi" name="j_multi" type="text" placeholder="192.168.1.1 22 LDAP 北京联通 [网站,数据库] 运维部 激活 网站服务器" class="form-control" style="width:700px;height:500px">192.168.1.1 22 LDAP 北京联通 ['网站','数据库'] ['运维部','测试部'] 激活 网站服务器</textarea></div>
                                        <div class="hr-line-dashed"></div>
                                        <div class="form-group">
                                            <div class="col-sm-4 col-sm-offset-4">

--- a/templates/jasset/host_list_common.html
+++ b/templates/jasset/host_list_common.html
@@ -73,7 +73,7 @@
                                <td class="text-center" name="j_alias"> {{  post|get_user_alias:user_id }} </td>
                                <td class="text-center" data-editable='false' name="j_comment"> {{ post.comment }} </td>
                                <td class="text-center" data-editable='false'>
-                                    <a value="/jasset/{{ post.ip }}/" class="iframe btn btn-xs btn-primary">详情</a>
+                                    <a href="/jasset/host_detail/?id={{ post.id }}" class="iframe btn btn-xs btn-primary">详情</a>
                                </td>
                            </tr>
                        {% endfor %}

--- a/templates/jasset/idc_detail.html
+++ b/templates/jasset/idc_detail.html
@@ -63,13 +63,16 @@
                                <td class="text-center" name="j_port"> {{ post.port }} </td>
                                <td class="text-center" name="j_type"> {{ post.login_type|get_login_type }} </td>
                                <td class="text-center" name="j_idc"> {{ post.idc.name }} </td>
-                                <td class="text-center" name="j_group">{{ post.bis_group.all | group_str2 }}</td>
+                                <td class="text-center" name="j_dept">{{ post.dept.all | group_str2 }}</td>
+                                <td class="text-center" name="j_group">{{ post.bis_group.all | group_str2_all }}</td>
                                <td class="text-center" name="j_active"> {{ post.is_active|bool2str }} </td>
-                                <td class="text-center"> {{ post.date_added|date:"Y-m-d H:i:s" }} </td>
                                <td class="text-center" name="j_comment"> {{ post.comment }} </td>
                                <td class="text-center" data-editable='false'>
-                                    <a value="/jasset/{{ post.ip }}/" class="iframe btn btn-xs btn-primary">详情</a>
+                                    <a href="/jasset/host_detail/?id={{ post.id }}" class="btn btn-xs btn-primary">详情</a>
+                                    {% ifnotequal session_role_id 0 %}
+                                        <a href="/jasset/host_edit/?id={{ post.id }}" class="btn btn-xs btn-info">编辑</a>
                                        <a href="/jasset/host_del/{{ post.id }}" class="btn btn-xs btn-danger">删除</a>
+                                    {% endifnotequal %}
                                </td>
                            </tr>
                        {% endfor %}
@@ -80,38 +83,7 @@
                            <input type="button" id="del_button" class="btn btn-danger btn-sm"  name="del_button" value="删除" onclick="del('contents_form')" />
                            <input type="button" id="alter_button" class="btn btn-warning btn-sm" name="alter_button" value="修改" onclick="alter('contents_form')" />
                        </div>
-                        <div class="col-sm-6">
+                        {% include 'paginator.html' %}
-                            <div class="dataTables_paginate paging_simple_numbers" id="editable_paginate">
-                                <ul class="pagination" style="margin-top: 0; float: right">
-                                    {% if contacts.has_previous %}
-                                        <li class="paginate_button previous" aria-controls="editable" tabindex="0" id="editable_previous">
-                                            <a href="?id={{ idc_id }}&page={{ contacts.previous_page_number }}">Previous</a>
-                                        </li>
-                                    {% else %}
-                                        <li class="paginate_button previous disabled" aria-controls="editable" tabindex="0" id="editable_previous">
-                                             <a href="#">Previous</a>
-                                        </li>
-                                    {% endif %}
-                                    {% for page in page_range %}
-                                        {% ifequal current_page page %}
-                                            <li class="paginate_button active"  aria-controls="editable" tabindex="0"><a href="?id={{ idc_id }}&page={{ page }}"  title="第{{ page }}页">{{ page }}</a></li>
-                                        {% else %}
-                                            <li class="paginate_button" aria-controls="editable" tabindex="0"><a href="?id={{ idc_id }}&page={{ page }}"  title="第{{ page }}页">{{ page }}</a></li>
-                                        {% endifequal %}
-                                    {% endfor %}
-                                    {% if contacts.has_next %}
-                                        <li class="paginate_button next" aria-controls="editable" tabindex="0" id="editable_next">
-                                            <a href="?id={{ idc_id }}&page={{ contacts.next_page_number }}">Next</a>
-                                        </li>
-                                    {% else %}
-                                        <li class="paginate_button next disabled" aria-controls="editable" tabindex="0" id="editable_next">
-                                            <a href="#">Next</a>
-                                        </li>
-                                    {% endif %}
-                                </ul>
-                            </div>
-                        </div>
                    </div>
                    </form>
                </div>
@@ -125,21 +97,6 @@
        $('#editable').editableTableWidget();
    });
-     $(".iframe").on('click', function(){
-        var url= $(this).attr("value");
-        $.layer({
-            type: 2,
-            title: 'JumpServer主机详情',
-            maxmin: true,
-            shift: 'top',
-            border: [2, 0.3, '#1AB394'],
-            shade: [0.5, '#000000'],
-            shadeClose: true,
-            area : ['800px' , '600px'],
-            iframe: {src: url}
-        });
-    });
    function alter(form) {
        selectData = GetTableDataBox();
        if (selectData[1] != 0) {
@@ -170,7 +127,7 @@
        if (confirm("确定从该IDC中删除")) {
            $.ajax({
                type: "POST",
-                url: "/jasset/group_del_host/idc/",
+                url: "/jasset/host_del/multi/",
                data: {"id_list": id_list, "len_list": j, "group_name": group_name},
                success: function (data) {
                    window.open(window.location.href, "_self");

--- a/templates/jasset/idc_list.html
+++ b/templates/jasset/idc_list.html
@@ -7,6 +7,26 @@
    <div class="row">
        <div class="col-lg-10">
            <div class="ibox float-e-margins">
+                <div class="ibox-title">
+                    <h5> IDC详细信息列表</h5>
+                    <div class="ibox-tools">
+                        <a class="collapse-link">
+                            <i class="fa fa-chevron-up"></i>
+                        </a>
+                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                            <i class="fa fa-wrench"></i>
+                        </a>
+                        <ul class="dropdown-menu dropdown-user">
+                            <li><a href="#">未启用 1</a>
+                            </li>
+                            <li><a href="#">未启用 2</a>
+                            </li>
+                        </ul>
+                        <a class="close-link">
+                            <i class="fa fa-times"></i>
+                        </a>
+                    </div>
+                </div>
                <div class="ibox-content">
                    <div class="">
                    {% ifequal session_role_id 2 %}
@@ -66,7 +86,7 @@
                        <div class="col-sm-6">
                            {% ifequal session_role_id 2 %}
                                <input type="button" id="del_button" class="btn btn-danger btn-sm"  name="del_button" value="删除" onclick="del('contents_form')" />
-                                <input type="button" id="alter_button" class="btn btn-warning btn-sm" name="alter_button" value="修改" onclick="alter('contents_form')" />
+                                <!--<input type="button" id="alter_button" class="btn btn-warning btn-sm" name="alter_button" value="修改" onclick="alter('contents_form')" />-->
                            {% endifequal %}
                        </div>
                        {% include 'paginator.html' %}