干掉ldap前

jumpserver.conf

@@ -29,8 +29,8 @@ web_socket_host = 192.168.40.140:3000
 
 [mail]
 mail_enable = 1
-email_host = smtp.qq.com
+email_host = smtp.exmail.qq.com
 email_port = 25
-email_host_user = xxxxxxxxxx@qq.com
-email_host_password = xxxxxxxxx
+email_host_user = noreply@jumpserver.org
+email_host_password = jumpserver1234
 email_use_tls = False

juser/urls.py

@@ -11,8 +11,8 @@ urlpatterns = patterns('juser.views',
     (r'^group_list/$', group_list),
     (r'^group_del/$', group_del),
     (r'^group_del_ajax', group_del_ajax),
-    (r'^group_edit/$',group_edit),
-    (r'^user_add/$', view_splitter, {'su': user_add, 'adm': user_add_adm}),
+    (r'^group_edit/$', group_edit),
+    (r'^user_add/$', user_add),
     (r'^user_list/$', view_splitter, {'su': user_list, 'adm': user_list_adm}),
     (r'^user_detail/$', 'user_detail'),
     (r'^user_del/$', 'user_del'),

juser/user_api.py

@@ -111,8 +111,9 @@ def db_del_user(username):
 def gen_ssh_key(username, password=None, length=2048):
     """
     generate a user ssh key in a property dir
-    生成一个用户密钥
+    生成一个用户ssh密钥对
     """
+    print "gen_ssh_key" + str(time.time())
     private_key_dir = os.path.join(BASE_DIR, 'keys/jumpserver/')
     private_key_file = os.path.join(private_key_dir, username+".pem")
     public_key_dir = '/home/%s/.ssh/' % username
@@ -124,12 +125,13 @@ def gen_ssh_key(username, password=None, length=2048):
     with open(private_key_file, 'w') as pri_f:
         pri_f.write(key.exportKey('PEM', password))
     os.chmod(private_key_file, 0600)
-
+    print "gen_ssh_pub_key" + str(time.time())
     pub_key = key.publickey()
     with open(public_key_file, 'w') as pub_f:
         pub_f.write(pub_key.exportKey('OpenSSH'))
     os.chmod(public_key_file, 0600)
     bash('chown %s:%s %s' % (username, username, public_key_file))
+    print "gen_ssh_key_end" + str(time.time())
 
 
 def server_add_user(username, password, ssh_key_pwd):
@@ -146,7 +148,6 @@ def user_add_mail(user, kwargs):
     add user send mail
     发送用户添加邮件
     """
-    print kwargs
     user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
     mail_title = u'恭喜你的跳板机用户 %s 添加成功 Jumpserver' % user.name
     mail_msg = u"""
@@ -177,7 +178,7 @@ def ldap_add_user(username, ldap_pwd):
     """
     user_dn = "uid=%s,ou=People,%s" % (username, LDAP_BASE_DN)
     password_sha512 = PyCrypt.gen_sha512(PyCrypt.random_pass(6), ldap_pwd)
-    user = get_object(UserGroup, username=username)
+    user = get_object(User, username=username)
     if not user:
         raise ServerError(u'用户 %s 不存在' % username)
 

juser/views.py

@@ -232,12 +232,12 @@ def user_add(request):
         password = PyCrypt.random_pass(16)
         name = request.POST.get('name', '')
         email = request.POST.get('email', '')
-        dept_id = request.POST.get('dept_id')
         groups = request.POST.getlist('groups', [])
         admin_groups = request.POST.getlist('admin_groups', [])
         role = request.POST.get('role', 'CU')
         ssh_key_pwd = PyCrypt.random_pass(16)
-        is_active = True if request.POST.get('is_active', '1') == '1' else False
+        extra = request.POST.getlist('extra', [])
+        is_active = True if '0' in extra else False
         ldap_pwd = PyCrypt.random_pass(32, especial=True)
 
         try:
@@ -261,12 +261,10 @@ def user_add(request):
                                    ldap_pwd=CRYPTOR.encrypt(ldap_pwd),
                                    is_active=is_active,
                                    date_joined=datetime.datetime.now())
-
-                server_add_user(username, password, ssh_key_pwd)
                 if LDAP_ENABLE:
                     ldap_add_user(username, ldap_pwd)
 
-            except Exception, e:
+            except IndexError, e:
                 error = u'添加用户 %s 失败 %s ' % (username, e)
                 try:
                     db_del_user(username)
@@ -282,76 +280,76 @@ def user_add(request):
     return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request))
 
 
-@require_role(role='admin')
-def user_add_adm(request):
-    error = ''
-    msg = ''
-    header_title, path1, path2 = '添加用户', '用户管理', '添加用户'
-    user, dept = get_session_user_dept(request)
-    group_all = dept.usergroup_set.all()
-
-    if request.method == 'POST':
-        username = request.POST.get('username', '')
-        password = PyCrypt.gen_rand_pwd(16)
-        name = request.POST.get('name', '')
-        email = request.POST.get('email', '')
-        groups = request.POST.getlist('groups', [])
-        ssh_key_pwd = PyCrypt.gen_rand_pwd(16)
-        is_active = True if request.POST.get('is_active', '1') == '1' else False
-        ldap_pwd = PyCrypt.gen_rand_pwd(16)
-
-        try:
-            if '' in [username, password, ssh_key_pwd, name, groups, is_active]:
-                error = u'带*内容不能为空'
-                raise ServerError
-            user = User.objects.filter(username=username)
-            if user:
-                error = u'用户 %s 已存在' % username
-                raise ServerError
-
-        except ServerError:
-            pass
-        else:
-            try:
-                user = db_add_user(username=username,
-                                   password=CRYPTOR.md5_crypt(password),
-                                   name=name, email=email, dept=dept,
-                                   groups=groups, role='CU',
-                                   ssh_key_pwd=CRYPTOR.md5_crypt(ssh_key_pwd),
-                                   ldap_pwd=CRYPTOR.encrypt(ldap_pwd),
-                                   is_active=is_active,
-                                   date_joined=datetime.datetime.now())
-
-                server_add_user(username, password, ssh_key_pwd)
-                if LDAP_ENABLE:
-                    ldap_add_user(username, ldap_pwd)
-
-            except Exception, e:
-                error = u'添加用户 %s 失败 %s ' % (username, e)
-                try:
-                    db_del_user(username)
-                    server_del_user(username)
-                    if LDAP_ENABLE:
-                        ldap_del_user(username)
-                except Exception:
-                    pass
-            else:
-                mail_title = u'恭喜你的跳板机用户添加成功 Jumpserver'
-                mail_msg = """
-                Hi, %s
-                    您的用户名： %s
-                    您的部门: %s
-                    您的角色： %s
-                    您的web登录密码： %s
-                    您的ssh密钥文件密码： %s
-                    密钥下载地址： http://%s:%s/juser/down_key/?id=%s
-                    说明： 请登陆后再下载密钥！
-                """ % (name, username, dept.name, '普通用户',
-                       password, ssh_key_pwd, SEND_IP, SEND_PORT, user.id)
-                send_mail(mail_title, mail_msg, MAIL_FROM, [email], fail_silently=False)
-                msg = u'添加用户 %s 成功！ 用户密码已发送到 %s 邮箱！' % (username, email)
-
-    return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request))
+# @require_role(role='admin')
+# def user_add_adm(request):
+#     error = ''
+#     msg = ''
+#     header_title, path1, path2 = '添加用户', '用户管理', '添加用户'
+#     user, dept = get_session_user_dept(request)
+#     group_all = dept.usergroup_set.all()
+#
+#     if request.method == 'POST':
+#         username = request.POST.get('username', '')
+#         password = PyCrypt.gen_rand_pwd(16)
+#         name = request.POST.get('name', '')
+#         email = request.POST.get('email', '')
+#         groups = request.POST.getlist('groups', [])
+#         ssh_key_pwd = PyCrypt.gen_rand_pwd(16)
+#         is_active = True if request.POST.get('is_active', '1') == '1' else False
+#         ldap_pwd = PyCrypt.gen_rand_pwd(16)
+#
+#         try:
+#             if '' in [username, password, ssh_key_pwd, name, groups, is_active]:
+#                 error = u'带*内容不能为空'
+#                 raise ServerError
+#             user = User.objects.filter(username=username)
+#             if user:
+#                 error = u'用户 %s 已存在' % username
+#                 raise ServerError
+#
+#         except ServerError:
+#             pass
+#         else:
+#             try:
+#                 user = db_add_user(username=username,
+#                                    password=CRYPTOR.md5_crypt(password),
+#                                    name=name, email=email, dept=dept,
+#                                    groups=groups, role='CU',
+#                                    ssh_key_pwd=CRYPTOR.md5_crypt(ssh_key_pwd),
+#                                    ldap_pwd=CRYPTOR.encrypt(ldap_pwd),
+#                                    is_active=is_active,
+#                                    date_joined=datetime.datetime.now())
+#
+#                 server_add_user(username, password, ssh_key_pwd)
+#                 if LDAP_ENABLE:
+#                     ldap_add_user(username, ldap_pwd)
+#
+#             except Exception, e:
+#                 error = u'添加用户 %s 失败 %s ' % (username, e)
+#                 try:
+#                     db_del_user(username)
+#                     server_del_user(username)
+#                     if LDAP_ENABLE:
+#                         ldap_del_user(username)
+#                 except Exception:
+#                     pass
+#             else:
+#                 mail_title = u'恭喜你的跳板机用户添加成功 Jumpserver'
+#                 mail_msg = """
+#                 Hi, %s
+#                     您的用户名： %s
+#                     您的部门: %s
+#                     您的角色： %s
+#                     您的web登录密码： %s
+#                     您的ssh密钥文件密码： %s
+#                     密钥下载地址： http://%s:%s/juser/down_key/?id=%s
+#                     说明： 请登陆后再下载密钥！
+#                 """ % (name, username, dept.name, '普通用户',
+#                        password, ssh_key_pwd, SEND_IP, SEND_PORT, user.id)
+#                 send_mail(mail_title, mail_msg, MAIL_FROM, [email], fail_silently=False)
+#                 msg = u'添加用户 %s 成功！ 用户密码已发送到 %s 邮箱！' % (username, email)
+#
+#     return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request))
 
 
 @require_role(role='super')

templates/juser/user_add.html

@@ -93,13 +93,20 @@
                                 </div>
                             </div>
                             <div class="hr-line-dashed"></div>
-                            <div class="form-group"><label class="col-sm-2 control-label">是否启用</label>
-                                <div class="col-sm-8">
-                                    <div class="radio i-checks">
-                                        <label><input type="radio" value="1" name="is_active" checked>启用 </label>
+                            <div class="form-group"><label class="col-sm-2 control-label">额外</label>
+                                <div class="col-sm-2">
+                                    <div class="checkbox i-checks">
+                                        <label><input type="checkbox" value="0" name="extra" checked>禁用 </label>
                                     </div>
-                                    <div class="radio i-checks">
-                                        <label><input type="radio" value="0" name="is_active">禁用 </label>
+                                </div>
+                                <div class="col-sm-2">
+                                    <div class="checkbox i-checks">
+                                        <label><input type="checkbox" value="1" name="extra">ssh key登录 </label>
+                                    </div>
+                                </div>
+                                <div class="col-sm-2">
+                                    <div class="checkbox i-checks">
+                                        <label><input type="checkbox" value="1" name="extra">发送邮件 </label>
                                     </div>
                                 </div>
                             </div>