lots

docs/initial_data.yaml

-- model: IDC.person
+- model: juser.user
+  pk: 5000
+  fields:
+    username: admin
+    name: admin
+    password: pbkdf2_sha256$20000$jBIDGPB2j5JT$orxqGgzzjzykColYm1BswPjgHOiERjZkcgkuVIkD2Hc=
+    email: admin@jumpserver.org
+    role: SU
+    is_active: 1
+- model: juser.user
+  pk: 5001
+  fields:
+    username: group_admin
+    name: group_admin
+    password: pbkdf2_sha256$20000$ttObUWd15q10$NJoyZf2OZz9oiw2g4j2TkTh9zGgyVDRFdUkhn8X0nB0=
+    email: group_admin@jumpserver.org
+    role: DA
+    is_active: 1
+- model: juser.usergroup
   pk: 1
   fields:
-    first_name: John
-    last_name: Lennon
-- model: myapp.person
+    name: ALL
+    comment: ALL
+- model: juser.usergroup
   pk: 2
   fields:
-    first_name: Paul
-    last_name: McCartney
+    name: 默认
+    comment: 默认
\ No newline at end of file

jasset/models.py

@@ -65,7 +65,7 @@ class Asset(models.Model):
     username = models.CharField(max_length=20, blank=True, null=True)
     password = models.CharField(max_length=80, blank=True, null=True)
     use_default_auth = models.BooleanField(default=True)
-    date_added = models.DateTimeField(auto_now=True, default=datetime.datetime.now(), null=True)
+    date_added = models.DateTimeField(auto_now_add=True)
     is_active = models.BooleanField(default=True)
     comment = models.CharField(max_length=100, blank=True, null=True)
 

jlog/views.py

@@ -6,10 +6,8 @@ from django.shortcuts import render_to_response
 from jumpserver.api import *
 from jasset.views import httperror
 from django.http import HttpResponseNotFound
-
-CONF = ConfigParser()
-CONF.read('%s/jumpserver.conf' % BASE_DIR)
-
+from models import Log
+from jumpserver.settings import web_socket_host
 
 def get_user_info(request, offset):
     """ 获取用户信息及环境 """
@@ -58,7 +56,6 @@ def log_list(request, offset):
     """ 显示日志 """
     header_title, path1, path2 = u'查看日志', u'查看日志', u'在线用户'
     keyword = request.GET.get('keyword', '')
-    web_socket_host = CONF.get('websocket', 'web_socket_host')
     posts = get_user_log(get_user_info(request, offset))
     contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
 

jumpserver/api.py

 # coding: utf-8
 
 import os, sys, time
-from ConfigParser import ConfigParser
-import getpass
 from Crypto.Cipher import AES
 import crypt
 from binascii import b2a_hex, a2b_hex
@@ -11,14 +9,15 @@ import datetime
 import random
 import subprocess
 import paramiko
-import struct, fcntl, signal,socket, select, fnmatch
+import struct, fcntl, signal, socket, select, fnmatch
+from settings import JLOG_FILE, KEY, URL, log_dir, log_level
 
 from django.core.paginator import Paginator, EmptyPage, InvalidPage
 from django.http import HttpResponse, Http404
 from django.template import RequestContext
 from juser.models import User, UserGroup
 from jasset.models import Asset, AssetGroup
-from jlog.models import Log
+# from jlog.models import Log
 from jasset.models import AssetAlias
 from django.core.exceptions import ObjectDoesNotExist, MultipleObjectsReturned
 from django.http import HttpResponseRedirect
@@ -36,22 +35,6 @@ except ImportError:
     sys.exit()
 
 
-BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__)))
-CONF = ConfigParser()
-CONF.read(os.path.join(BASE_DIR, 'jumpserver.conf'))
-LOG_DIR = os.path.join(BASE_DIR, 'logs')
-JLOG_FILE = os.path.join(LOG_DIR, 'jumpserver.log')
-SSH_KEY_DIR = os.path.join(BASE_DIR, 'keys')
-# SERVER_KEY_DIR = os.path.join(SSH_KEY_DIR, 'server')
-KEY = CONF.get('base', 'key')
-LOGIN_NAME = getpass.getuser()
-# LDAP_ENABLE = CONF.getint('ldap', 'ldap_enable')
-URL = CONF.get('base', 'url')
-MAIL_ENABLE = CONF.get('mail', 'mail_enable')
-MAIL_FROM = CONF.get('mail', 'email_host_user')
-log_dir = os.path.join(BASE_DIR, 'logs')
-
-
 def set_log(level):
     """
     return a log file object
@@ -146,7 +129,7 @@ def page_list_return(total, current=1):
     min_page = current - 2 if current - 4 > 0 else 1
     max_page = min_page + 4 if min_page + 4 < total else total
 
-    return range(min_page, max_page+1)
+    return range(min_page, max_page + 1)
 
 
 def pages(post_objects, request):
@@ -186,6 +169,7 @@ class Jtty(object):
     A virtual tty class
     一个虚拟终端类，实现连接ssh和记录日志
     """
+
     def __init__(self, user, asset):
         self.chan = None
         self.username = user.username
@@ -404,7 +388,7 @@ class PyCrypt(object):
         symbol = '!@$%^&*()_'
         salt_list = []
         if especial:
-            for i in range(length-4):
+            for i in range(length - 4):
                 salt_list.append(random.choice(salt_key))
             for i in range(4):
                 salt_list.append(random.choice(symbol))
@@ -489,6 +473,7 @@ def require_role(role='user'):
     decorator for require user role in ["super", "admin", "user"]
     要求用户是某种角色 ["super", "admin", "user"]的装饰器
     """
+
     def _deco(func):
         def __deco(request, *args, **kwargs):
             if role == 'user':
@@ -501,7 +486,9 @@ def require_role(role='user'):
                 if request.session.get('role_id', 0) < 2:
                     return HttpResponseRedirect('/')
             return func(request, *args, **kwargs)
+
         return __deco
+
     return _deco
 
 
@@ -584,7 +571,7 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None,
     if edept:
         if dept.id != int(edept[0]):
             return False
-        
+
     if user_group:
         dept_user_groups = dept.usergroup_set.all()
         user_group_ids = []
@@ -710,6 +697,4 @@ CRYPTOR = PyCrypt(KEY)
 #     ldap_conn = LDAPMgmt(LDAP_HOST_URL, LDAP_BASE_DN, LDAP_ROOT_DN, LDAP_ROOT_PW)
 # else:
 #     ldap_conn = None
-
-log_level = CONF.get('base', 'log')
-logger = set_log(log_level)
+logger = set_log(log_level)
\ No newline at end of file

jumpserver/settings.py

@@ -11,6 +11,7 @@ https://docs.djangoproject.com/en/1.7/ref/settings/
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 import os
 import ConfigParser
+import getpass
 
 config = ConfigParser.ConfigParser()
 
@@ -22,7 +23,7 @@ DB_PORT = config.getint('db', 'port')
 DB_USER = config.get('db', 'user')
 DB_PASSWORD = config.get('db', 'password')
 DB_DATABASE = config.get('db', 'database')
-AUTH_USER_MODEL = 'juser.CustomUser'
+AUTH_USER_MODEL = 'juser.User'
 # mail config
 EMAIL_HOST = config.get('mail', 'email_host')
 EMAIL_PORT = config.get('mail', 'email_port')
@@ -30,6 +31,24 @@ EMAIL_HOST_USER = config.get('mail', 'email_host_user')
 EMAIL_HOST_PASSWORD = config.get('mail', 'email_host_password')
 EMAIL_USE_TLS = config.getboolean('mail', 'email_use_tls')
 
+# ======== Log ==========
+LOG = False
+LOG_DIR = os.path.join(BASE_DIR, 'logs')
+JLOG_FILE = os.path.join(LOG_DIR, 'jumpserver.log')
+SSH_KEY_DIR = os.path.join(BASE_DIR, 'keys')
+# SERVER_KEY_DIR = os.path.join(SSH_KEY_DIR, 'server')
+KEY = config.get('base', 'key')
+LOGIN_NAME = getpass.getuser()
+# LDAP_ENABLE = CONF.getint('ldap', 'ldap_enable')
+URL = config.get('base', 'url')
+MAIL_ENABLE = config.get('mail', 'mail_enable')
+MAIL_FROM = config.get('mail', 'email_host_user')
+log_dir = os.path.join(BASE_DIR, 'logs')
+
+log_level = config.get('base', 'log')
+
+web_socket_host = config.get('websocket', 'web_socket_host')
+
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/1.7/howto/deployment/checklist/
 
@@ -64,9 +83,9 @@ INSTALLED_APPS = (
 MIDDLEWARE_CLASSES = (
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
-    #'django.middleware.csrf.CsrfViewMiddleware',
+    # 'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
-    #'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
+    # 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 )
@@ -79,17 +98,23 @@ WSGI_APPLICATION = 'jumpserver.wsgi.application'
 # Database
 # https://docs.djangoproject.com/en/1.7/ref/settings/#databases
 
+# DATABASES = {
+#     'default': {
+#         'ENGINE': 'django.db.backends.mysql',
+#         'NAME': DB_DATABASE,
+#         'USER': DB_USER,
+#         'PASSWORD': DB_PASSWORD,
+#         'HOST': DB_HOST,
+#         'PORT': DB_PORT,
+#     }
+# }
+
 DATABASES = {
     'default': {
-        'ENGINE': 'django.db.backends.mysql',
-        'NAME': DB_DATABASE,
-        'USER': DB_USER,
-        'PASSWORD': DB_PASSWORD,
-        'HOST': DB_HOST,
-        'PORT': DB_PORT,
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
     }
 }
-
 TEMPLATE_CONTEXT_PROCESSORS = (
     'django.contrib.auth.context_processors.auth',
     'django.core.context_processors.debug',
@@ -105,7 +130,7 @@ TEMPLATE_DIRS = (
     os.path.join(BASE_DIR, 'templates'),
 )
 
-#STATIC_ROOT = os.path.join(BASE_DIR, 'static')
+# STATIC_ROOT = os.path.join(BASE_DIR, 'static')
 
 STATICFILES_DIRS = (
     os.path.join(BASE_DIR, "static"),
@@ -128,5 +153,3 @@ USE_TZ = False
 # https://docs.djangoproject.com/en/1.7/howto/static-files/
 
 STATIC_URL = '/static/'
-
-

jumpserver/views.py

@@ -14,7 +14,7 @@ import paramiko
 from jumpserver.api import *
 from django.contrib.auth import authenticate, login, logout
 from django.contrib.auth.decorators import login_required
-
+from settings import BASE_DIR
 
 def getDaysByNum(num):
     today = datetime.date.today()

juser/models.py

@@ -21,7 +21,7 @@ class UserGroup(models.Model):
 
 from django.contrib.auth.models import AbstractUser
 
-class CustomUser(AbstractUser):
+class User(AbstractUser):
     USER_ROLE_CHOICES = (
         ('SU', 'SuperUser'),
         ('GA', 'GroupAdmin'),
@@ -34,113 +34,6 @@ class CustomUser(AbstractUser):
     ssh_key_pwd = models.CharField(max_length=200)
 
 
-class User(models.Model):
-    USER_ROLE_CHOICES = (
-        ('SU', 'SuperUser'),
-        ('GA', 'GroupAdmin'),
-        ('CU', 'CommonUser'),
-    )
-    username = models.CharField(max_length=80, unique=True)
-    password = models.CharField(max_length=100)
-    name = models.CharField(max_length=80)
-    email = models.EmailField(max_length=75)
-    role = models.CharField(max_length=2, choices=USER_ROLE_CHOICES, default='CU')
-    uuid = models.CharField(max_length=100)
-    group = models.ManyToManyField(UserGroup)
-    ssh_key_pwd = models.CharField(max_length=200)
-    is_active = models.BooleanField(default=True)
-    last_login = models.DateTimeField(null=True)
-    date_joined = models.DateTimeField(null=True)
-
-    def __unicode__(self):
-        return self.username
-
-    def get_asset_group(self):
-        """
-        Get user host_groups.
-        获取用户有权限的主机组
-        """
-        host_group_list = []
-        perm_list = []
-        user_group_all = self.group.all()
-        for user_group in user_group_all:
-            perm_list.extend(user_group.perm_set.all())
-
-        for perm in perm_list:
-            host_group_list.append(perm.asset_group)
-
-        return host_group_list
-
-    def get_asset_group_info(self, printable=False):
-        """
-        Get or print asset group info
-        获取或打印用户授权资产组
-        """
-        asset_groups_info = {}
-        asset_groups = self.get_asset_group()
-
-        for asset_group in asset_groups:
-            asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment]
-
-        if printable:
-            for group_id in asset_groups_info:
-                if asset_groups_info[group_id][1]:
-                    print "[%3s] %s -- %s" % (group_id,
-                                              asset_groups_info[group_id][0],
-                                              asset_groups_info[group_id][1])
-                else:
-                    print "[%3s] %s" % (group_id, asset_groups_info[group_id][0])
-                print ''
-        else:
-            return asset_groups_info
-
-    def get_asset(self):
-        """
-        Get the assets of under the user control.
-        获取主机列表
-        """
-        assets = []
-        asset_groups = self.get_asset_group()
-
-        for asset_group in asset_groups:
-            assets.extend(asset_group.asset_set.all())
-
-        return assets
-
-    def get_asset_info(self, printable=False):
-        """
-        Get or print the user asset info
-        获取或打印用户资产信息
-        """
-        from jasset.models import AssetAlias
-        assets_info = {}
-        assets = self.get_asset()
-
-        for asset in assets:
-            asset_alias = AssetAlias.objects.filter(user=self, asset=asset)
-            if asset_alias and asset_alias[0].alias != '':
-                assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)]
-            else:
-                assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)]
-
-        if printable:
-            ips = assets_info.keys()
-            ips.sort()
-            for ip in ips:
-                if assets_info[ip][2]:
-                    print '%-15s -- %s' % (ip, assets_info[ip][2])
-                else:
-                    print '%-15s' % ip
-            print ''
-        else:
-            return assets_info
-
-    def update(self, **kwargs):
-        for key, value in kwargs.items():
-            self.__setattr__(key, value)
-            self.save()
-
-
 class AdminGroup(models.Model):
     """
     under the user control group

juser/user_api.py

@@ -59,6 +59,7 @@ def db_add_user(**kwargs):
     admin_groups = kwargs.pop('admin_groups')
     role = kwargs.get('role', 'CU')
     user = User(**kwargs)
+    user.set_password(kwargs.get('password'))
     user.save()
     if groups_post:
         group_select = []

juser/views.py

@@ -9,7 +9,7 @@ import uuid as uuid_r
 from django.db.models import Q
 from django.template import RequestContext
 from django.db.models import ObjectDoesNotExist
-
+from jumpserver.settings import MAIL_FROM, MAIL_ENABLE
 from juser.user_api import *
 
 
@@ -240,8 +240,8 @@ def user_add(request):
             if '' in [username, password, ssh_key_pwd, name, role]:
                 error = u'带*内容不能为空'
                 raise ServerError
-            user_test = get_object(User, username=username)
-            if user_test:
+            check_user_is_exist = User.objects.filter(username=username)
+            if check_user_is_exist:
                 error = u'用户 %s 已存在' % username
                 raise ServerError
 
@@ -250,10 +250,10 @@ def user_add(request):
         else:
             try:
                 user = db_add_user(username=username, name=name,
-                                   password=CRYPTOR.md5_crypt(password),
+                                   password=password,
                                    email=email, role=role, uuid=uuid,
                                    groups=groups, admin_groups=admin_groups,
-                                   ssh_key_pwd=CRYPTOR.md5_crypt(ssh_key_pwd),
+                                   ssh_key_pwd=ssh_key_pwd,
                                    is_active=is_active,
                                    date_joined=datetime.datetime.now())
                 server_add_user(username, password, ssh_key_pwd, ssh_key_login_need)
@@ -417,8 +417,14 @@ def user_detail(request):
 
 @require_role(role='admin')
 def user_del(request):
-    user_ids = request.GET.get('id', '')
-    user_id_list = user_ids.split(',')
+    if request.method == "GET":
+        user_ids = request.GET.get('id', '')
+        user_id_list = user_ids.split(',')
+    elif request.method == "POST":
+        user_ids = request.POST.get('id', '')
+        user_id_list = user_ids.split(',')
+    else:
+        return HttpResponse('错误请求')
     for user_id in user_id_list:
         User.objects.filter(id=user_id).delete()