Skip to content

J
jumpserver
Commit 70cae93a authored by ibuler's avatar ibuler
Browse files
Options

Add user perm model and form

parent 627a5825
Hide whitespace changes
Inline Side-by-side
Showing with 283 additions and 95 deletions
apps/assets/api.py
View file @ 70cae93a
# ~*~ coding: utf-8 ~*~
from rest_framework import serializers
from .models import (
AssetGroup,Asset,IDC,AssetExtend
)
from rest_framework import viewsets,serializers
from rest_framework import viewsets, serializers
from .models import AssetGroup, Asset, IDC, AssetExtend
class AssetGroupSerializer(serializers.ModelSerializer):
class Meta:
model = AssetGroup
#exclude = [
#'password', 'first_name', 'last_name', 'secret_key_otp',
#'private_key', 'public_key', 'avatar',
#]
# exclude = [
# 'password', 'first_name', 'last_name', 'secret_key_otp',
# 'private_key', 'public_key', 'avatar',
# ]
class AssetSerializer(serializers.ModelSerializer):
class Meta:
model = Asset
#fields = ('id', 'title', 'code', 'linenos', 'language', 'style')
# fields = ('id', 'title', 'code', 'linenos', 'language', 'style')
class IDCSerializer(serializers.ModelSerializer):
class Meta:
model = IDC
#fields = ('id', 'title', 'code', 'linenos', 'language', 'style')
# fields = ('id', 'title', 'code', 'linenos', 'language', 'style')
class AssetGroupViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows AssetGroup to be viewed or edited.
""" API endpoint that allows AssetGroup to be viewed or edited.
some other comment
"""
queryset = AssetGroup.objects.all()
serializer_class = AssetGroupSerializer
......
apps/assets/hands.py
View file @ 70cae93a
......@@ -12,3 +12,4 @@
from users.utils import AdminUserRequiredMixin
from users.models import User, UserGroup
apps/assets/migrations/0001_initial.py
View file @ 70cae93a
# -*- coding: utf-8 -*-
# Generated by Django 1.10 on 2016-09-08 03:02
# Generated by Django 1.10 on 2016-09-10 16:40
from __future__ import unicode_literals
from django.db import migrations, models
......@@ -43,7 +43,7 @@ class Migration(migrations.Migration):
('port', models.IntegerField(blank=True, null=True, verbose_name='Port')),
('username', models.CharField(blank=True, max_length=16, null=True, verbose_name='Admin user')),
('password', models.CharField(blank=True, max_length=256, null=True, verbose_name='Admin password')),
('mac_addr', models.CharField(blank=True, max_length=20, null=True, verbose_name='Mac address')),
('mac_address', models.CharField(blank=True, max_length=20, null=True, verbose_name='Mac address')),
('brand', models.CharField(blank=True, max_length=64, null=True, verbose_name='Brand')),
('cpu', models.CharField(blank=True, max_length=64, null=True, verbose_name='CPU')),
('memory', models.CharField(blank=True, max_length=128, null=True, verbose_name='Memory')),
......@@ -57,7 +57,7 @@ class Migration(migrations.Migration):
('is_active', models.BooleanField(default=True, verbose_name='Is active')),
('date_created', models.DateTimeField(auto_now=True, null=True, verbose_name='Date added')),
('comment', models.CharField(blank=True, max_length=128, null=True, verbose_name='Comment')),
('admin_user', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to='assets.AdminUser', verbose_name='Admin user')),
('admin_user', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='assets', to='assets.AdminUser', verbose_name='Admin user')),
],
options={
'db_table': 'asset',
......@@ -129,21 +129,21 @@ class Migration(migrations.Migration):
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('name', models.CharField(max_length=128, unique=True, verbose_name='Name')),
('username', models.CharField(blank=True, max_length=16, verbose_name='Username')),
('password', models.CharField(blank=True, max_length=256, verbose_name='Password')),
('protocol', models.CharField(default='ssh', max_length=16, verbose_name='Protocol')),
('private_key', models.CharField(blank=True, max_length=4096, verbose_name='SSH private key')),
('public_key', models.CharField(blank=True, max_length=4096, verbose_name='SSH public key')),
('is_default', models.BooleanField(default=True, verbose_name='As default')),
('username', models.CharField(max_length=16, verbose_name='Username')),
('_password', models.CharField(blank=True, max_length=256, verbose_name='Password')),
('protocol', models.CharField(choices=[('ssh', 'ssh')], default='ssh', max_length=16, verbose_name='Protocol')),
('_private_key', models.CharField(blank=True, max_length=4096, verbose_name='SSH private key')),
('_public_key', models.CharField(blank=True, max_length=4096, verbose_name='SSH public key')),
('as_default', models.BooleanField(default=False, verbose_name='As default')),
('auto_push', models.BooleanField(default=True, verbose_name='Auto push')),
('auto_update', models.BooleanField(default=True, verbose_name='Auto update pass/key')),
('sudo', models.TextField(blank=True, max_length=4096, verbose_name='Sudo')),
('shell', models.CharField(blank=True, max_length=64, verbose_name='Shell')),
('sudo', models.TextField(default='/user/bin/whoami', max_length=4096, verbose_name='Sudo')),
('shell', models.CharField(default='/bin/bash', max_length=64, verbose_name='Shell')),
('home', models.CharField(blank=True, max_length=64, verbose_name='Home')),
('uid', models.IntegerField(blank=True, verbose_name='Uid')),
('date_created', models.DateTimeField(auto_now=True, null=True)),
('uid', models.IntegerField(blank=True, null=True, verbose_name='Uid')),
('date_created', models.DateTimeField(auto_now=True)),
('created_by', models.CharField(blank=True, max_length=32, verbose_name='Created by')),
('comment', models.CharField(blank=True, max_length=128, verbose_name='Comment')),
('comment', models.TextField(blank=True, max_length=128, verbose_name='Comment')),
],
options={
'db_table': 'system_user',
......@@ -177,7 +177,7 @@ class Migration(migrations.Migration):
migrations.AddField(
model_name='asset',
name='system_user',
field=models.ManyToManyField(blank=True, to='assets.SystemUser', verbose_name='System User'),
field=models.ManyToManyField(blank=True, related_name='assets', to='assets.SystemUser', verbose_name='System User'),
),
migrations.AddField(
model_name='asset',
......
apps/perms/models.py
View file @ 70cae93a
......@@ -2,22 +2,77 @@ from __future__ import unicode_literals, absolute_import
from django.db import models
from django.utils.translation import ugettext_lazy as _
from django.utils import timezone
from users.models import User, UserGroup
from assets.models import Asset, AssetGroup, SystemUser
from common.utils import date_expired_default
class UserAssetPerm(models.Model):
user = models.ForeignKey(User, related_name='asset_perm', on_delete=models.CASCADE)
assets = models.ManyToManyField(Asset, related_name='user_perms', blank=True)
asset_groups = models.ManyToManyField(AssetGroup, related_name='user_perm', blank=True)
system_users = models.ManyToManyField(SystemUser, related_name='user_perm', blank=True)
class PermUserAsset(models.Model):
ACTION_CHOICE = (
('1', 'Allow'),
('0', 'Deny'),
)
user = models.ForeignKey(User, on_delete=models.CASCADE)
action = models.CharField(choices=ACTION_CHOICE, max_length=8, default='1')
assets = models.ManyToManyField(Asset, blank=True)
asset_groups = models.ManyToManyField(AssetGroup, blank=True)
system_users = models.ManyToManyField(SystemUser, blank=True)
date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired'))
created_by = models.CharField(max_length=128, blank=True)
date_created = models.DateTimeField(auto_now=True)
comment = models.TextField(verbose_name=_('Comment'))
def __unicode__(self):
return '%(id)s: %(user)s %(action)s' % {
'id': self.id,
'user': self.user.username,
'action': self.action,
}
@property
def is_expired(self):
if self.date_expired > timezone.now():
return False
else:
return True
class Meta:
db_table = 'perm_user_asset'
class PermUserGroupAsset(models.Model):
ACTION_CHOICES = (
('0', 'Deny'),
('1', 'Allow'),
)
user_group = models.ForeignKey(User, on_delete=models.CASCADE)
action = models.CharField(choices=ACTION_CHOICES, max_length=8, default='1')
assets = models.ManyToManyField(Asset, blank=True)
asset_groups = models.ManyToManyField(AssetGroup, blank=True)
system_users = models.ManyToManyField(SystemUser, blank=True)
date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired'))
created_by = models.CharField(max_length=128)
date_created = models.DateTimeField(auto_now=True)
comment = models.TextField(verbose_name=_('Comment'))
def __unicode__(self):
return '%(id)s: %(user)s %(action)s' % {
'id': self.id,
'user': self.user_group.name,
'action': self.action,
}
@property
def is_expired(self):
if self.date_expired > timezone.now():
return False
else:
return True
class Meta:
db_table = 'perm_user_group_asset'
class UserGroupAssetPerm(models.Model):
pass
apps/perms/templates/perms/perm_user_list.html 0 → 100644
View file @ 70cae93a
{% extends '_list_base.html' %}
{% load i18n %}
{% load common_tags %}
{% block content_left_head %}
{% endblock %}
{% block table_head %}
<th class="text-center">
<input type="checkbox" id="check_all" onclick="checkAll('check_all', 'checked')">
</th>
<th class="text-center"><a href="{% url 'users:user-list' %}?sort=name">{% trans 'Name' %}</a></th>
<th class="text-center"><a href="{% url 'users:user-list' %}?sort=username">{% trans 'Username' %}</a></th>
<th class="text-center">{% trans 'User group' %}</th>
<th class="text-center">{% trans 'Asset available' %}</th>
<th class="text-center">{% trans 'Asset unavailable' %}</th>
<th class="text-center">{% trans 'Asset group' %}</th>
<th class="text-center">{% trans 'System user' %}</th>
<th class="text-center"><a href="{% url 'users:user-list' %}?sort=date_expired">{% trans 'Active' %}</a></th>
<th class="text-center"></th>
{% endblock %}
{% block table_body %}
{% for user in user_list %}
<tr class="gradeX">
<td class="text-center">
<input type="checkbox" name="checked" value="{{ user.id }}">
</td>
<td class="text-center">
<a href="{% url 'users:user-detail' pk=user.id %}">
{{ user.name }}
</a>
</td>
<td class="text-center">{{ user.username }}</td>
<td class="text-center">{{ user.get_role_display }}</td>
<td class="text-center" title="{% for user_group in user.group.all %} {{ user_group.name }} {% endfor %}"> {{ user.groups.all|join_queryset_attr:"name" }} </td>
<th class="text-center">{{ user.name }}</th>
<td class="text-center">
{% if user.is_expired and user.is_active %}
<i class="fa fa-times text-danger"></i>
{% else %}
<i class="fa fa-check text-navy"></i>
{% endif %}
</td>
<td class="text-center">
<a href="{% url 'users:user-update' pk=user.id %}" class="btn btn-xs btn-info">{% trans 'Update' %}</a>
<a href="{% url 'users:user-delete' pk=user.id %}" class="btn btn-xs btn-danger del {% if user.id == request.user.id or user.username == 'admin' %} disabled {% endif %}">{% trans 'Delete' %}</a>
</td>
</tr>
{% endfor %}
{% endblock %}
{% block content_bottom_left %}
<form id="" method="get" action="" class=" mail-search">
<div class="input-group">
<select class="form-control m-b" style="width: auto">
<option>{% trans 'Delete selected' %}</option>
<option>{% trans 'Update selected' %}</option>
<option>{% trans 'Deactive selected' %}</option>
<option>{% trans 'Export selected' %}</option>
</select>
<div class="input-group-btn pull-left" style="padding-left: 5px;">
<button id='search_btn' type="submit" style="height: 32px;" class="btn btn-sm btn-primary">
{% trans 'Submit' %}
</button>
</div>
</div>
</form>
{% endblock %}
apps/perms/urls.py
View file @ 70cae93a
# coding:utf-8
from django.conf.urls import url
import views
app_name = 'perms'
urlpatterns = [
# Resource asset url
url(r'^user$', views.PermUserAssetListView.as_view(), name='perm-user-list'),
# url(r'^user/(?P<user>[0-9]+)/perm-asset/$', views.AssetListView.as_view(), name='perm-user-asset-list'),
# url(r'^user/(?P<user>[0-9]+)/perm-asset/$', views.AssetListView.as_view(), name='perm-user-asset-list'),
# url(r'^user/(?P<user>[0-9]+)$', views.AssetListView.as_view(), name='asset-list'),
# url(r'^asset/create$', views.AssetCreateView.as_view(), name='asset-create'),
# url(r'^asset/(?P<pk>[0-9]+)$', views.AssetDetailView.as_view(), name='asset-detail'),
# url(r'^asset/(?P<pk>[0-9]+)/update', views.AssetUpdateView.as_view(), name='asset-update'),
# url(r'^asset/(?P<pk>[0-9]+)/delete$', views.AssetDeleteView.as_view(), name='asset-delete'),
]
apps/perms/views.py
View file @ 70cae93a
......@@ -2,31 +2,38 @@
from __future__ import unicode_literals, absolute_import
from django.views.generic.list import ListView
from django.utils.translation import ugettext as _
from django.conf import settings
from django.db.models import Q
from django.views.generic import TemplateView, ListView
from django.views.generic.edit import CreateView, DeleteView, FormView, UpdateView
from django.urls import reverse_lazy
from django.contrib.messages.views import SuccessMessageMixin
from django.views.generic.detail import DetailView, SingleObjectMixin
from .hands import AdminUserRequiredMixin
from .models import UserAssetPerm, UserGroupAssetPerm
from .hands import AdminUserRequiredMixin, User, UserGroup
from .models import PermUserAsset, PermUserGroupAsset
from .forms import UserAssetPermForm
class SystemUserListView(AdminUserRequiredMixin, ListView):
model = UserAssetPerm
class PermUserListView(AdminUserRequiredMixin, ListView):
model = User
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
context_object_name = 'system_user_list'
template_name = 'assets/system_user_list.html'
context_object_name = 'user_list'
template_name = 'perms/perm_user_list.html'
def get_context_data(self, **kwargs):
context = {
'app': _('Assets'),
'action': _('System user list'),
'app': _('Perms'),
'action': _('Perms user list'),
'keyword': self.request.GET.get('keyword', '')
}
kwargs.update(context)
return super(SystemUserListView, self).get_context_data(**kwargs)
return super(PermUserListView, self).get_context_data(**kwargs)
def get_queryset(self):
# Todo: Default order by lose asset connection num
self.queryset = super(SystemUserListView, self).get_queryset()
self.queryset = super(PermUserListView, self).get_queryset()
self.keyword = keyword = self.request.GET.get('keyword', '')
self.sort = sort = self.request.GET.get('sort', '-date_created')
......@@ -39,62 +46,92 @@ class SystemUserListView(AdminUserRequiredMixin, ListView):
return self.queryset
class SystemUserCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView):
model = SystemUser
form_class = SystemUserForm
template_name = 'assets/system_user_create_update.html'
success_url = reverse_lazy('assets:system-user-list')
success_message = _('Create system user <a href="%s">%s</a> successfully.')
def get_context_data(self, **kwargs):
context = {
'app': _('Assets'),
'action': _('Create system user'),
}
kwargs.update(context)
return super(SystemUserCreateView, self).get_context_data(**kwargs)
def get_success_message(self, cleaned_data):
return self.success_message % (
reverse_lazy('assets:system-user-detail', kwargs={'pk': self.object.pk}),
self.object.name,
)
class SystemUserUpdateView(AdminUserRequiredMixin, UpdateView):
model = SystemUser
form_class = SystemUserForm
template_name = 'assets/system_user_create_update.html'
success_message = _('Update system user <a href="%s">%s</a> successfully.')
class PermUserAssetListView(AdminUserRequiredMixin, ListView):
model = PermUserAsset
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
context_object_name = 'system_user_list'
template_name = 'assets/system_user_list.html'
def get_context_data(self, **kwargs):
context = {
'app': _('Assets'),
'action': _('Update system user')
'action': _('System user list'),
'keyword': self.request.GET.get('keyword', '')
}
kwargs.update(context)
return super(SystemUserUpdateView, self).get_context_data(**kwargs)
return super(PermUserAssetListView, self).get_context_data(**kwargs)
def get_success_url(self):
success_url = reverse_lazy('assets:system-user-detail', pk=self.object.pk)
return success_url
class SystemUserDetailView(AdminUserRequiredMixin, DetailView):
template_name = 'assets/system_user_detail.html'
context_object_name = 'system_user'
model = SystemUser
def get_context_data(self, **kwargs):
context = {
'app': _('Assets'),
'action': _('System user detail')
}
kwargs.update(context)
return super(SystemUserDetailView, self).get_context_data(**kwargs)
def get_queryset(self):
# Todo: Default order by lose asset connection num
self.queryset = super(PermUserAssetListView, self).get_queryset()
self.keyword = keyword = self.request.GET.get('keyword', '')
self.sort = sort = self.request.GET.get('sort', '-date_created')
if keyword:
self.queryset = self.queryset.filter(Q(name__icontains=keyword) |
Q(comment__icontains=keyword))
class SystemUserDeleteView(AdminUserRequiredMixin, DeleteView):
model = SystemUser
template_name = 'assets/delete_confirm.html'
success_url = 'assets:system-user-list'
if sort:
self.queryset = self.queryset.order_by(sort)
return self.queryset
#
#
# class PermUserAssetCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView):
# model = PermUserAsset
# form_class = PermUserAssetForm
# template_name = 'assets/system_user_create_update.html'
# success_url = reverse_lazy('assets:system-user-list')
# success_message = _('Create system user <a href="%s">%s</a> successfully.')
#
# def get_context_data(self, **kwargs):
# context = {
# 'app': _('Assets'),
# 'action': _('Create system user'),
# }
# kwargs.update(context)
# return super(PermUserAssetCreateView, self).get_context_data(**kwargs)
#
# def get_success_message(self, cleaned_data):
# return self.success_message % (
# reverse_lazy('assets:system-user-detail', kwargs={'pk': self.object.pk}),
# self.object.name,
# )
#
#
# class PermUserAssetUpdateView(AdminUserRequiredMixin, UpdateView):
# model = PermUserAsset
# form_class = PermUserAssetForm
# template_name = 'assets/system_user_create_update.html'
# success_message = _('Update system user <a href="%s">%s</a> successfully.')
#
# def get_context_data(self, **kwargs):
# context = {
# 'app': _('Assets'),
# 'action': _('Update system user')
# }
# kwargs.update(context)
# return super(PermUserAssetUpdateView, self).get_context_data(**kwargs)
#
# def get_success_url(self):
# success_url = reverse_lazy('assets:system-user-detail', pk=self.object.pk)
# return success_url
#
#
# class PermUserAssetDetailView(AdminUserRequiredMixin, DetailView):
# template_name = 'assets/system_user_detail.html'
# context_object_name = 'system_user'
# model = PermUserAsset
#
# def get_context_data(self, **kwargs):
# context = {
# 'app': _('Assets'),
# 'action': _('System user detail')
# }
# kwargs.update(context)
# return super(PermUserAssetDetailView, self).get_context_data(**kwargs)
#
#
# class PermUserAssetDeleteView(AdminUserRequiredMixin, DeleteView):
# model = PermUserAsset
# template_name = 'assets/delete_confirm.html'
# success_url = 'assets:system-user-list'
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment