Skip to content

J
jumpserver
Commit 59414dad authored by guanghongwei's avatar guanghongwei
Browse files
Options

ˢsudosudoûȨ

parent 0c31968e
Show whitespace changes
Inline Side-by-side
Showing with 213 additions and 249 deletions
jperm/models.py
View file @ 59414dad
...@@ -22,12 +22,11 @@ class CmdGroup(models.Model): ...@@ -22,12 +22,11 @@ class CmdGroup(models.Model):
class SudoPerm(models.Model): class SudoPerm(models.Model):
name = models.CharField(max_length=20) user_group = models.ForeignKey(UserGroup)
user_runas = models.CharField(max_length=100) user_runas = models.CharField(max_length=100)
user_group = models.ManyToManyField(UserGroup)
asset_group = models.ManyToManyField(BisGroup) asset_group = models.ManyToManyField(BisGroup)
cmd_group = models.ManyToManyField(CmdGroup) cmd_group = models.ManyToManyField(CmdGroup)
comment = models.CharField(max_length=30, null=True, blank=True) comment = models.CharField(max_length=30, null=True, blank=True)
def __unicode__(self): def __unicode__(self):
return self.name return self.user_group.name
\ No newline at end of file \ No newline at end of file
jperm/urls.py
View file @ 59414dad
...@@ -16,9 +16,9 @@ urlpatterns = patterns('jperm.views', ...@@ -16,9 +16,9 @@ urlpatterns = patterns('jperm.views',
(r'^perm_del/$', 'perm_del'), (r'^perm_del/$', 'perm_del'),
(r'^perm_asset_detail/$', 'perm_asset_detail'), (r'^perm_asset_detail/$', 'perm_asset_detail'),
(r'^sudo_list/$', 'sudo_list'), (r'^sudo_list/$', 'sudo_list'),
(r'^sudo_add/$', view_splitter, {'su': sudo_add, 'adm': sudo_add_adm}),
(r'^sudo_del/$', 'sudo_del'), (r'^sudo_del/$', 'sudo_del'),
(r'^sudo_edit/$', 'sudo_edit'), (r'^sudo_edit/$', 'sudo_edit'),
(r'^sudo_refresh/$', 'sudo_refresh'),
(r'^sudo_detail/$', 'sudo_detail'), (r'^sudo_detail/$', 'sudo_detail'),
(r'^cmd_add/$', 'cmd_add'), (r'^cmd_add/$', 'cmd_add'),
(r'^cmd_list/$', 'cmd_list'), (r'^cmd_list/$', 'cmd_list'),
......
jperm/views.py
View file @ 59414dad
...@@ -12,21 +12,17 @@ from jumpserver.views import LDAP_ENABLE, ldap_conn, CONF, page_list_return, pag ...@@ -12,21 +12,17 @@ from jumpserver.views import LDAP_ENABLE, ldap_conn, CONF, page_list_return, pag
from jumpserver.api import * from jumpserver.api import *
def user_asset_cmd_groups_get(user_groups_select='', asset_groups_select='', cmd_groups_select=''): def asset_cmd_groups_get(asset_groups_select='', cmd_groups_select=''):
user_groups_select_list = []
asset_groups_select_list = [] asset_groups_select_list = []
cmd_groups_select_list = [] cmd_groups_select_list = []
for user_group_id in user_groups_select:
user_groups_select_list.append(UserGroup.objects.get(id=user_group_id))
for asset_group_id in asset_groups_select: for asset_group_id in asset_groups_select:
asset_groups_select_list.append(BisGroup.objects.get(id=asset_group_id)) asset_groups_select_list.extend(BisGroup.objects.filter(id=asset_group_id))
for cmd_group_id in cmd_groups_select: for cmd_group_id in cmd_groups_select:
cmd_groups_select_list.append(CmdGroup.objects.get(id=cmd_group_id)) cmd_groups_select_list.extend(CmdGroup.objects.filter(id=cmd_group_id))
return user_groups_select_list, asset_groups_select_list, cmd_groups_select_list return asset_groups_select_list, cmd_groups_select_list
@require_admin @require_admin
...@@ -230,179 +226,185 @@ def perm_asset_detail(request): ...@@ -230,179 +226,185 @@ def perm_asset_detail(request):
return render_to_response('jperm/perm_asset_detail.html', locals(), context_instance=RequestContext(request)) return render_to_response('jperm/perm_asset_detail.html', locals(), context_instance=RequestContext(request))
def sudo_db_add(name, user_runas, user_groups_select, asset_groups_select, cmd_groups_select, comment): # def sudo_db_add(name, user_runas, user_groups_select, asset_groups_select, cmd_groups_select, comment):
user_groups_select_list, asset_groups_select_list, cmd_groups_select_list = \ # user_groups_select_list, asset_groups_select_list, cmd_groups_select_list = \
user_asset_cmd_groups_get(user_groups_select, asset_groups_select, cmd_groups_select) # user_asset_cmd_groups_get(user_groups_select, asset_groups_select, cmd_groups_select)
#
sudo_perm = SudoPerm(name=name, user_runas=user_runas, comment=comment) # sudo_perm = SudoPerm(name=name, user_runas=user_runas, comment=comment)
sudo_perm.save() # sudo_perm.save()
sudo_perm.user_group = user_groups_select_list # sudo_perm.user_group = user_groups_select_list
sudo_perm.asset_group = asset_groups_select_list # sudo_perm.asset_group = asset_groups_select_list
sudo_perm.cmd_group = cmd_groups_select_list # sudo_perm.cmd_group = cmd_groups_select_list
def sudo_db_update(sudo_perm_id, name, user_runas, user_groups_select, asset_groups_select, cmd_groups_select, comment):
user_groups_select_list, asset_groups_select_list, cmd_groups_select_list = \
user_asset_cmd_groups_get(user_groups_select, asset_groups_select, cmd_groups_select)
sudo_perm = SudoPerm.objects.filter(id=sudo_perm_id)
if sudo_perm:
sudo_perm.update(name=name, user_runas=user_runas, comment=comment)
sudo_perm = sudo_perm[0]
sudo_perm.user_group = user_groups_select_list
sudo_perm.asset_group = asset_groups_select_list
sudo_perm.cmd_group = cmd_groups_select_list
def unicode2str(unicode_list): def unicode2str(unicode_list):
return [str(i) for i in unicode_list] return [str(i) for i in unicode_list]
def sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select, def sudo_ldap_add(user_group, user_runas, asset_groups_select,
cmd_groups_select, update=False, old_name=''): cmd_groups_select):
user_groups_select_list, asset_groups_select_list, cmd_groups_select_list = \
user_asset_cmd_groups_get(user_groups_select, asset_groups_select, cmd_groups_select)
if not LDAP_ENABLE: if not LDAP_ENABLE:
return True return True
users = []
assets = [] assets = []
cmds = [] cmds = []
users_runas = users_runas.split(',') user_runas = user_runas.split(',')
asset_all = False if len(asset_groups_select) == 1 and asset_groups_select[0].name == 'ALL':
for user_group in user_groups_select_list:
users.extend(user_group.user_set.all())
for asset_group in asset_groups_select_list:
if u'ALL' in asset_group.name:
asset_all = True asset_all = True
break
else: else:
asset_all = False
for asset_group in asset_groups_select:
assets.extend(asset_group.asset_set.all()) assets.extend(asset_group.asset_set.all())
for cmd_group in cmd_groups_select_list: if user_group.name == 'ALL':
user_all = True
users = []
else:
user_all = False
users = user_group.user_set.all()
for cmd_group in cmd_groups_select:
cmds.extend(cmd_group.cmd.split(',')) cmds.extend(cmd_group.cmd.split(','))
users_name = [user.username for user in users] if user_all:
users_name = ['ALL']
else:
users_name = list(set([user.username for user in users]))
if asset_all: if asset_all:
assets_ip = ['ALL'] assets_ip = ['ALL']
else: else:
assets_ip = [asset.ip for asset in assets] assets_ip = list(set([asset.ip for asset in assets]))
name = 'sudo%s' % user_group.id
sudo_dn = 'cn=%s,ou=Sudoers,%s' % (name, LDAP_BASE_DN) sudo_dn = 'cn=%s,ou=Sudoers,%s' % (name, LDAP_BASE_DN)
sudo_attr = {'objectClass': ['top', 'sudoRole'], sudo_attr = {'objectClass': ['top', 'sudoRole'],
'cn': ['%s' % str(name)], 'cn': ['%s' % name],
'sudoCommand': unicode2str(cmds), 'sudoCommand': unicode2str(cmds),
'sudoHost': unicode2str(assets_ip), 'sudoHost': unicode2str(assets_ip),
'sudoOption': ['!authenticate'], 'sudoOption': ['!authenticate'],
'sudoRunAsUser': unicode2str(users_runas), 'sudoRunAsUser': unicode2str(user_runas),
'sudoUser': unicode2str(users_name)} 'sudoUser': unicode2str(users_name)}
print sudo_dn
if update: ldap_conn.delete(sudo_dn)
old_sudo_dn = 'cn=%s,ou=Sudoers,%s' % (old_name, LDAP_BASE_DN)
ldap_conn.delete(old_sudo_dn)
ldap_conn.add(sudo_dn, sudo_attr) ldap_conn.add(sudo_dn, sudo_attr)
@require_super_user def sudo_update(user_group, user_runas, asset_groups_select, cmd_groups_select, comment):
def sudo_add(request): asset_groups_select_list, cmd_groups_select_list = \
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'添加Sudo权限' asset_cmd_groups_get(asset_groups_select, cmd_groups_select)
user_groups = UserGroup.objects.filter(id__gt=2) sudo_perm = user_group.sudoperm_set.all()
asset_groups = BisGroup.objects.all() if sudo_perm:
cmd_groups = CmdGroup.objects.all() sudo_perm.update(user_runas=user_runas, comment=comment)
sudo_perm = sudo_perm[0]
if request.method == 'POST': sudo_perm.asset_group = asset_groups_select_list
name = request.POST.get('name') sudo_perm.cmd_group = cmd_groups_select_list
users_runas = request.POST.get('runas', 'root') else:
user_groups_select = request.POST.getlist('user_groups_select') sudo_perm = SudoPerm(user_group=user_group, user_runas=user_runas, comment=comment)
asset_groups_select = request.POST.getlist('asset_groups_select') sudo_perm.save()
cmd_groups_select = request.POST.getlist('cmd_groups_select') sudo_perm.asset_group = asset_groups_select_list
comment = request.POST.get('comment', '') sudo_perm.cmd_group = cmd_groups_select_list
if LDAP_ENABLE:
sudo_db_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select, comment)
sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select)
msg = '添加成功'
return render_to_response('jperm/sudo_add.html', locals(), context_instance=RequestContext(request))
@require_admin
def sudo_add_adm(request):
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'添加Sudo权限'
user, dept = get_session_user_dept(request)
user_groups = dept.usergroup_set.filter(id__gt=2)
asset_groups = dept.bisgroup_set.all()
cmd_groups = CmdGroup.objects.all()
if request.method == 'POST':
name = request.POST.get('name')
users_runas = request.POST.get('runas', 'root')
user_groups_select = request.POST.getlist('user_groups_select')
asset_groups_select = request.POST.getlist('asset_groups_select')
cmd_groups_select = request.POST.getlist('cmd_groups_select')
comment = request.POST.get('comment', '')
if LDAP_ENABLE:
sudo_db_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select, comment)
sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select)
msg = '添加成功' sudo_ldap_add(user_group, user_runas, asset_groups_select_list, cmd_groups_select_list)
return render_to_response('jperm/sudo_add.html', locals(), context_instance=RequestContext(request))
# @require_super_user
# def sudo_add(request):
# header_title, path1, path2 = u'Sudo授权', u'权限管理', u'添加Sudo权限'
# user_groups = UserGroup.objects.filter(id__gt=2)
# asset_groups = BisGroup.objects.all()
# cmd_groups = CmdGroup.objects.all()
#
# if request.method == 'POST':
# name = request.POST.get('name')
# users_runas = request.POST.get('runas', 'root')
# user_groups_select = request.POST.getlist('user_groups_select')
# asset_groups_select = request.POST.getlist('asset_groups_select')
# cmd_groups_select = request.POST.getlist('cmd_groups_select')
# comment = request.POST.get('comment', '')
#
# if LDAP_ENABLE:
# sudo_db_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select, comment)
# sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select)
#
# msg = '添加成功'
# return render_to_response('jperm/sudo_add.html', locals(), context_instance=RequestContext(request))
# @require_admin
# def sudo_add_adm(request):
# header_title, path1, path2 = u'Sudo授权', u'权限管理', u'添加Sudo权限'
# user, dept = get_session_user_dept(request)
# user_groups = dept.usergroup_set.filter(id__gt=2)
# asset_groups = dept.bisgroup_set.all()
# cmd_groups = CmdGroup.objects.all()
#
# if request.method == 'POST':
# name = request.POST.get('name')
# users_runas = request.POST.get('runas', 'root')
# user_groups_select = request.POST.getlist('user_groups_select')
# asset_groups_select = request.POST.getlist('asset_groups_select')
# cmd_groups_select = request.POST.getlist('cmd_groups_select')
# comment = request.POST.get('comment', '')
#
# if LDAP_ENABLE:
# sudo_db_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select, comment)
# sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select, cmd_groups_select)
#
# msg = '添加成功'
# return render_to_response('jperm/sudo_add.html', locals(), context_instance=RequestContext(request))
@require_admin @require_admin
def sudo_list(request): def sudo_list(request):
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情' header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情'
contact_list = SudoPerm.objects.all() keyword = request.GET.get('search', '')
if keyword:
contact_list = UserGroup.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
else:
contact_list = UserGroup.objects.all().order_by('name')
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request)) return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request))
@require_admin @require_super_user
def sudo_edit(request): def sudo_edit(request):
header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo修改' header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo授权'
if request.method == 'GET': if request.method == 'GET':
sudo_perm_id = request.GET.get('id', '0') user_group_id = request.GET.get('id', '0')
sudo_perm = SudoPerm.objects.filter(id=int(sudo_perm_id)) user_group = UserGroup.objects.filter(id=user_group_id)
if sudo_perm:
user_group_all = UserGroup.objects.filter(id__gt=2)
asset_group_all = BisGroup.objects.filter() asset_group_all = BisGroup.objects.filter()
cmd_group_all = CmdGroup.objects.all() cmd_group_all = CmdGroup.objects.all()
if user_group:
user_group = user_group[0]
sudo_perm = user_group.sudoperm_set.all()
if sudo_perm:
sudo_perm = sudo_perm[0] sudo_perm = sudo_perm[0]
user_group_permed = sudo_perm.user_group.all()
asset_group_permed = sudo_perm.asset_group.all() asset_group_permed = sudo_perm.asset_group.all()
cmd_group_permed = sudo_perm.cmd_group.all() cmd_group_permed = sudo_perm.cmd_group.all()
user_runas = sudo_perm.user_runas
comment = sudo_perm.comment
else:
asset_group_permed = []
cmd_group_permed = []
user_groups = [user_group for user_group in user_group_all if user_group not in user_group_permed]
asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed] asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed]
cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed] cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed]
name = sudo_perm.name
user_runas = sudo_perm.user_runas
comment = sudo_perm.comment
else: else:
sudo_perm_id = request.POST.get('sudo_perm_id') user_group_id = request.POST.get('user_group_id', '')
name = request.POST.get('name')
users_runas = request.POST.get('runas', 'root') users_runas = request.POST.get('runas', 'root')
user_groups_select = request.POST.getlist('user_groups_select')
asset_groups_select = request.POST.getlist('asset_groups_select') asset_groups_select = request.POST.getlist('asset_groups_select')
cmd_groups_select = request.POST.getlist('cmd_groups_select') cmd_groups_select = request.POST.getlist('cmd_groups_select')
comment = request.POST.get('comment', '') comment = request.POST.get('comment', '')
user_group = UserGroup.objects.filter(id=user_group_id)
sudo_perm = SudoPerm.objects.get(id=sudo_perm_id) if user_group:
old_name = sudo_perm.name user_group = user_group[0]
if LDAP_ENABLE: if LDAP_ENABLE:
sudo_db_update(sudo_perm_id, name, users_runas, user_groups_select, sudo_update(user_group, users_runas, asset_groups_select, cmd_groups_select, comment)
asset_groups_select, cmd_groups_select, comment)
sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select,
cmd_groups_select, update=True, old_name=str(old_name))
msg = '修改成功' msg = '修改成功'
return HttpResponseRedirect('/jperm/sudo_list/') return HttpResponseRedirect('/jperm/sudo_list/')
...@@ -411,40 +413,51 @@ def sudo_edit(request): ...@@ -411,40 +413,51 @@ def sudo_edit(request):
@require_admin @require_admin
def sudo_detail(request): def sudo_refresh(request):
header_title, path1, path2 = u'Sudo授权详情', u'授权管理', u'授权详情' sudo_perm_all = SudoPerm.objects.all()
sudo_perm_id = request.GET.get('id') for sudo_perm in sudo_perm_all:
sudo_perm = SudoPerm.objects.filter(id=sudo_perm_id) user_group = sudo_perm.user_group
if sudo_perm: user_runas = sudo_perm.user_runas
sudo_perm = sudo_perm[0] asset_groups_select = sudo_perm.asset_group.all()
user_groups = sudo_perm.user_group.all() cmd_groups_select = sudo_perm.cmd_group.all()
asset_groups = sudo_perm.asset_group.all() sudo_ldap_add(user_group, user_runas, asset_groups_select, cmd_groups_select)
cmd_groups = sudo_perm.cmd_group.all() return HttpResponse('ok')
users_list = [] # @require_admin
assets_list = [] # def sudo_detail(request):
cmds_list = [] # header_title, path1, path2 = u'Sudo授权详情', u'授权管理', u'授权详情'
# sudo_perm_id = request.GET.get('id')
for user_group in user_groups: # sudo_perm = SudoPerm.objects.filter(id=sudo_perm_id)
users_list.extend(user_group.user_set.all()) # if sudo_perm:
for asset_group in asset_groups: # sudo_perm = sudo_perm[0]
assets_list.extend(asset_group.asset_set.all()) # user_groups = sudo_perm.user_group.all()
for cmd_group in cmd_groups: # asset_groups = sudo_perm.asset_group.all()
cmds_list.append({cmd_group.name: cmd_group.cmd.split(',')}) # cmd_groups = sudo_perm.cmd_group.all()
#
return render_to_response('jperm/sudo_detail.html', locals(), context_instance=RequestContext(request)) # users_list = []
# assets_list = []
# cmds_list = []
@require_admin #
def sudo_del(request): # for user_group in user_groups:
sudo_perm_id = request.GET.get('id', '0') # users_list.extend(user_group.user_set.all())
sudo_perm = SudoPerm.objects.filter(id=int(sudo_perm_id)) # for asset_group in asset_groups:
if sudo_perm: # assets_list.extend(asset_group.asset_set.all())
name = sudo_perm[0].name # for cmd_group in cmd_groups:
sudo_perm.delete() # cmds_list.append({cmd_group.name: cmd_group.cmd.split(',')})
sudo_dn = 'cn=%s,ou=Sudoers,%s' % (name, LDAP_BASE_DN) #
ldap_conn.delete(sudo_dn) # return render_to_response('jperm/sudo_detail.html', locals(), context_instance=RequestContext(request))
return HttpResponseRedirect('/jperm/sudo_list/')
# @require_admin
# def sudo_del(request):
# sudo_perm_id = request.GET.get('id', '0')
# sudo_perm = SudoPerm.objects.filter(id=int(sudo_perm_id))
# if sudo_perm:
# name = sudo_perm[0].name
# sudo_perm.delete()
# sudo_dn = 'cn=%s,ou=Sudoers,%s' % (name, LDAP_BASE_DN)
# ldap_conn.delete(sudo_dn)
# return HttpResponseRedirect('/jperm/sudo_list/')
@require_admin @require_admin
......
templates/jperm/perm_list.html
View file @ 59414dad
...@@ -60,7 +60,7 @@ ...@@ -60,7 +60,7 @@
<tr class="gradeX"> <tr class="gradeX">
<td class="text-center"> {{ group.name }} </td> <td class="text-center"> {{ group.name }} </td>
<td class="text-center"> {{ group.dept.name }} </td> <td class="text-center"> {{ group.dept.name }} </td>
<td class="text-center"><a href="/juser/user_list/?did={{ group.id }}">{{ group.id | member_count }} </a> </td> <td class="text-center"><a href="/juser/user_list/?gid={{ group.id }}">{{ group.id | member_count }} </a> </td>
<td class="text-center"> {{ group.id | ugrp_perm_agrp_count }} </td> <td class="text-center"> {{ group.id | ugrp_perm_agrp_count }} </td>
<td class="text-center"> {{ group.id | ugrp_perm_asset_count }} </td> <td class="text-center"> {{ group.id | ugrp_perm_asset_count }} </td>
<td class="text-center"> {{ group.comment }} </td> <td class="text-center"> {{ group.comment }} </td>
......
templates/jperm/sudo_cmd_add.html
View file @ 59414dad
...@@ -32,9 +32,8 @@ ...@@ -32,9 +32,8 @@
<div class="panel-options"> <div class="panel-options">
<ul class="nav nav-tabs"> <ul class="nav nav-tabs">
<li id="tab1" class=""><a href="/jperm/sudo_list/">查看Sudo授权</a></li> <li id="tab1" class=""><a href="/jperm/sudo_list/">查看Sudo授权</a></li>
<li id="tab2" class=""><a href="/jperm/sudo_add/">Sudo授权添加</a></li> <li id="tab2" class=""><a href="/jperm/cmd_list/">查看命令组</a></li>
<li id="tab3" class=""><a href="/jperm/cmd_list/">查看命令组</a></li> <li id="tab3" class="active"><a href="/jperm/cmd_add/">添加命令组</a></li>
<li id="tab4" class="active"><a href="/jperm/cmd_add/">添加命令组</a></li>
</ul> </ul>
</div> </div>
</div> </div>
......
templates/jperm/sudo_cmd_list.html
View file @ 59414dad
...@@ -34,9 +34,8 @@ ...@@ -34,9 +34,8 @@
<div class="panel-options"> <div class="panel-options">
<ul class="nav nav-tabs"> <ul class="nav nav-tabs">
<li id="tab1" class=""><a href="/jperm/sudo_list/">查看Sudo授权</a></li> <li id="tab1" class=""><a href="/jperm/sudo_list/">查看Sudo授权</a></li>
<li id="tab2" class=""><a href="/jperm/sudo_add/">Sudo授权添加</a></li> <li id="tab2" class="active"><a href="/jperm/cmd_list/">查看命令组</a></li>
<li id="tab3" class="active"><a href="/jperm/cmd_list/">查看命令组</a></li> <li id="tab3" class=""><a href="/jperm/cmd_add/">添加命令组</a></li>
<li id="tab4" class=""><a href="/jperm/cmd_add/">添加命令组</a></li>
</ul> </ul>
</div> </div>
</div> </div>
......
templates/jperm/sudo_edit.html
View file @ 59414dad
...@@ -33,10 +33,9 @@ ...@@ -33,10 +33,9 @@
<div class="panel-heading"> <div class="panel-heading">
<div class="panel-options"> <div class="panel-options">
<ul class="nav nav-tabs"> <ul class="nav nav-tabs">
<li id="tab1" class="active"><a href="/jperm/sudo_list/">查看Sudo授权</a></li> <li id="tab1" class="active"><a href="/jperm/sudo_list/">编辑Sudo授权</a></li>
<li id="tab2" class=""><a href="/jperm/sudo_add/">Sudo授权添加</a></li> <li id="tab2" class=""><a href="/jperm/cmd_list/">查看命令组</a></li>
<li id="tab3" class=""><a href="/jperm/cmd_list/">查看命令组</a></li> <li id="tab3" class=""><a href="/jperm/cmd_add/">添加命令组</a></li>
<li id="tab4" class=""><a href="/jperm/cmd_add/">添加命令组</a></li>
</ul> </ul>
</div> </div>
</div> </div>
...@@ -51,64 +50,23 @@ ...@@ -51,64 +50,23 @@
{% endif %} {% endif %}
<div class="row"> <div class="row">
<div class="form-group"> <div class="form-group">
<label for="name" class="col-sm-2 control-label">授权名</label> <label for="runas" class="col-sm-2 control-label">RunAsUser<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="name" name="name" placeholder="OnlyForEnglish" type="text" class="form-control" value="{{ name }}">
<input id="sudo_perm_id" name="sudo_perm_id" type="text" class="form-control" value="{{ sudo_perm_id }}" style="display: none">
<span class="help-block m-b-none">取个名字方便辨识,只支持英文</span>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="runas" class="col-sm-2 control-label">RunAsUser</label>
<div class="col-sm-8"> <div class="col-sm-8">
<input id="runas" name="runas" placeholder="RunAsUser" type="text" class="form-control" value="{{ user_runas }}"> <input id="runas" name="runas" placeholder="RunAsUser" type="text" class="form-control" value="{{ user_runas }}">
<input id="user_group_id" name="user_group_id" type="text" value="{{ user_group.id }}" style="display: none">
<span class="help-block m-b-none"> <span class="help-block m-b-none">
允许以哪个用户允许sudo,逗号分隔,默认root 允许以哪个用户允许sudo,逗号分隔,默认root
</span> </span>
</div> </div>
</div> </div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="" class="col-sm-2 control-label">用户组</label>
<div class="col-sm-4">
<div>
<select id="user_groups" name="user_groups" class="form-control" size="5" multiple>
{% for user_group in user_groups %}
<option value="{{ user_group.id }}">{{ user_group.name }}</option>
{% endfor %}
</select>
</div>
</div>
<div class="col-sm-1">
<div class="btn-group" style="margin-top: 12px;">
<button type="button" class="btn btn-white" onclick="move('user_groups', 'user_groups_select')"><i class="fa fa-chevron-right"></i></button>
<button type="button" class="btn btn-white" onclick="move('user_groups_select', 'user_groups')"><i class="fa fa-chevron-left"></i> </button>
</div>
</div>
<div class="col-sm-3">
<div>
<select id="user_groups_select" name="user_groups_select" class="form-control m-b" size="5" multiple>
{% for user_group in user_group_permed %}
<option value="{{ user_group.id }}">{{ user_group.name }}</option>
{% endfor %}
</select>
</div>
</div>
</div>
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
<div class="form-group"> <div class="form-group">
<label for="" class="col-sm-2 control-label">主机组</label> <label for="" class="col-sm-2 control-label">主机组<span class="red-fonts">*</span></label>
<div class="col-sm-4"> <div class="col-sm-4">
<div> <div>
<select id="asset_groups" name="asset_groups" class="form-control m-b" size="5" multiple> <select id="asset_groups" name="asset_groups" class="form-control m-b" size="10" multiple>
{% for asset_group in asset_groups %} {% for asset_group in asset_groups %}
<option value="{{ asset_group.id }}">{{ asset_group.name }}</option> <option value="{{ asset_group.id }}">{{ asset_group.name }}</option>
{% endfor %} {% endfor %}
...@@ -125,7 +83,7 @@ ...@@ -125,7 +83,7 @@
<div class="col-sm-3"> <div class="col-sm-3">
<div> <div>
<select id="asset_groups_select" name="asset_groups_select" class="form-control m-b" size="5" multiple> <select id="asset_groups_select" name="asset_groups_select" class="form-control m-b" size="10" multiple>
{% for asset_group in asset_group_permed %} {% for asset_group in asset_group_permed %}
<option value="{{ asset_group.id }}">{{ asset_group.name }}</option> <option value="{{ asset_group.id }}">{{ asset_group.name }}</option>
{% endfor %} {% endfor %}
...@@ -137,10 +95,10 @@ ...@@ -137,10 +95,10 @@
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
<div class="form-group"> <div class="form-group">
<label for="" class="col-sm-2 control-label">命令组</label> <label for="" class="col-sm-2 control-label">命令组<span class="red-fonts">*</span></label>
<div class="col-sm-4"> <div class="col-sm-4">
<div> <div>
<select id="cmd_groups" name="cmd_groups" class="form-control m-b" size="5" multiple> <select id="cmd_groups" name="cmd_groups" class="form-control m-b" size="10" multiple>
{% for cmd_group in cmd_groups %} {% for cmd_group in cmd_groups %}
<option value="{{ cmd_group.id }}">{{ cmd_group.name }}</option> <option value="{{ cmd_group.id }}">{{ cmd_group.name }}</option>
{% endfor %} {% endfor %}
...@@ -157,7 +115,7 @@ ...@@ -157,7 +115,7 @@
<div class="col-sm-3"> <div class="col-sm-3">
<div> <div>
<select id="cmd_groups_select" name="cmd_groups_select" class="form-control m-b" size="5" multiple> <select id="cmd_groups_select" name="cmd_groups_select" class="form-control m-b" size="10" multiple>
{% for cmd_group in cmd_group_permed %} {% for cmd_group in cmd_group_permed %}
<option value="{{ cmd_group.id }}">{{ cmd_group.name }}</option> <option value="{{ cmd_group.id }}">{{ cmd_group.name }}</option>
{% endfor %} {% endfor %}
...@@ -187,10 +145,11 @@ ...@@ -187,10 +145,11 @@
</div> </div>
</form> </form>
</div> </div>
</div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
{% endblock %}
templates/jperm/sudo_list.html
View file @ 59414dad
...@@ -35,9 +35,11 @@ ...@@ -35,9 +35,11 @@
<div class="panel-options"> <div class="panel-options">
<ul class="nav nav-tabs"> <ul class="nav nav-tabs">
<li id="tab1" class="active"><a href="/jperm/sudo_list/">查看Sudo授权</a></li> <li id="tab1" class="active"><a href="/jperm/sudo_list/">查看Sudo授权</a></li>
<li id="tab2" class=""><a href="/jperm/sudo_add/">Sudo授权添加</a></li> <li id="tab2" class=""><a href="/jperm/cmd_list/">查看命令组</a></li>
<li id="tab3" class=""><a href="/jperm/cmd_list/">查看命令组</a></li> <li id="tab3" class=""><a href="/jperm/cmd_add/">添加命令组</a></li>
<li id="tab4" class=""><a href="/jperm/cmd_add/">添加命令组</a></li> <button class="btn btn-primary btn-sm pull-right" style="margin-right: 20px;" data-toggle="tooltip" data-placement="left" title="" data-original-title="Refresh inbox">
<i class="fa fa-refresh"></i> 刷新
</button>
</ul> </ul>
</div> </div>
</div> </div>
...@@ -49,34 +51,28 @@ ...@@ -49,34 +51,28 @@
<table class="table table-striped table-bordered table-hover " id="editable" > <table class="table table-striped table-bordered table-hover " id="editable" >
<thead> <thead>
<tr> <tr>
<th class="text-center">授权名</th> <th class="text-center">组名</th>
<th class="text-center">UserRunAs</th> <th class="text-center">所属部门</th>
<th class="text-center">用户组</th> <th class="text-center">成员数目</th>
<th class="text-center">主机组</th> <th class="text-center">授权主机组数目</th>
<th class="text-center">命令组</th> <th class="text-center">授权主机数目</th>
<th class="text-center">sudo命令</th>
<th class="text-center">备注</th>
<th class="text-center">操作</th> <th class="text-center">操作</th>
</tr> </tr>
</thead> </thead>
<tbody id="perm_list"> <tbody>
{% for sudo_perm in contacts.object_list %} {% for group in contacts.object_list %}
<tr class="gradeX"> <tr class="gradeX">
<td class="text-center"> {{ sudo_perm.name }} </td> <td class="text-center"> {{ group.name }} </td>
<td class="text-center"> {{ sudo_perm.user_runas }} </td> <td class="text-center"> {{ group.dept.name }} </td>
<td class="text-center"><a href="/juser/user_list/?did={{ group.id }}">{{ group.id | member_count }} </a> </td>
<td class="text-center"> {{ group.id | ugrp_perm_agrp_count }} </td>
<td class="text-center"> {{ group.id | ugrp_perm_asset_count }} </td>
<td class="text-center"> {{ group.id | ugrp_perm_asset_count }} </td>
<td class="text-center"> {{ group.comment }} </td>
<td class="text-center"> <td class="text-center">
{{ sudo_perm.user_group.all | group_str2 }} <a href="../sudo_edit/?id={{ group.id }}" class="btn btn-xs btn-danger">sudo授权</a>
</td>
<td class="text-center">
{{ sudo_perm.asset_group.all | group_str2 }}
</td>
<td class="text-center">
{{ sudo_perm.cmd_group.all | group_str2 }}
</td>
<td class="text-center">
<a title="[ {{ sudo_perm.name }} 授权详情 ]" href="../sudo_detail/?id={{ sudo_perm.id }}" class="btn btn-xs btn-primary">详情</a>
<a href="../sudo_edit/?id={{ sudo_perm.id }}" class="btn btn-xs btn-info">编辑</a>
<a href="../sudo_del/?id={{ sudo_perm.id }}" class="btn btn-xs btn-danger">删除</a>
</td> </td>
</tr> </tr>
{% endfor %} {% endfor %}
...@@ -85,13 +81,12 @@ ...@@ -85,13 +81,12 @@
<div class="row"> <div class="row">
<div class="col-sm-6"> <div class="col-sm-6">
<div class="dataTables_info" id="editable_info" role="status" aria-live="polite"> <div class="dataTables_info" id="editable_info" role="status" aria-live="polite">
Showing {{ contacts1.start_index }} to {{ contacts1.end_index }} of {{ p1.count }} entries Showing {{ contacts.start_index }} to {{ contacts.end_index }} of {{ p.count }} entries
</div> </div>
</div> </div>
{% include 'paginator.html' %} {% include 'paginator.html' %}
</div> </div>
</div> </div>
</div>
</div> </div>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment