usermodle

79c79432 · liuzheng712 · d32ea9f9 · 79c79432 · 79c79432 · 79c79432
Commit 79c79432 authored Sep 15, 2015 by liuzheng712
Showing with 129 additions and 26 deletions

settings.py jumpserver/settings.py +2 -2

urls.py jumpserver/urls.py +2 -2

views.py jumpserver/views.py +107 -17

models.py juser/models.py +16 -3

index_cu.html templates/index_cu.html +2 -2

No files found.
--- a/jumpserver/settings.py
+++ b/jumpserver/settings.py
@@ -22,7 +22,7 @@ DB_PORT = config.getint('db', 'port')
 DB_USER = config.get('db', 'user')
 DB_PASSWORD = config.get('db', 'password')
 DB_DATABASE = config.get('db', 'database')
-
+AUTH_USER_MODEL = 'juser.CustomUser'
 # mail config
 EMAIL_HOST = config.get('mail', 'email_host')
 EMAIL_PORT = config.get('mail', 'email_port')
@@ -98,7 +98,7 @@ TEMPLATE_CONTEXT_PROCESSORS = (
    'django.core.context_processors.static',
    'django.core.context_processors.tz',
    'django.contrib.messages.context_processors.messages',
-    'jumpserver.context_processors.name_proc'
+    'jumpserver.context_processors.name_proc',
 )

 TEMPLATE_DIRS = (

--- a/jumpserver/urls.py
+++ b/jumpserver/urls.py
@@ -8,8 +8,8 @@ urlpatterns = patterns('',
    (r'^skin_config/$', 'jumpserver.views.skin_config'),
    (r'^install/$', 'jumpserver.views.install'),
    (r'^base/$', 'jumpserver.views.base'),
-    (r'^login/$', 'jumpserver.views.login'),
-    (r'^logout/$', 'jumpserver.views.logout'),
+    (r'^login/$', 'jumpserver.views.Login'),
+    (r'^logout/$', 'jumpserver.views.Logout'),
    (r'^file/upload/$', 'jumpserver.views.upload'),
    (r'^file/download/$', 'jumpserver.views.download'),
    (r'^error/$', 'jumpserver.views.httperror'),

--- a/jumpserver/views.py
+++ b/jumpserver/views.py
@@ -12,7 +12,8 @@ from django.http import HttpResponse
 # from jperm.models import Apply
 import paramiko
 from jumpserver.api import *
-
+from django.contrib.auth import authenticate, login, logout
+from django.contrib.auth.decorators import login_required


 def getDaysByNum(num):
@@ -46,13 +47,105 @@ def get_data(data, items, option):
        dic[name] = li
    return dic

+class CustomUser(object):
+    def __init__(self,request):
+        self.requset = request
+
+    def __unicode__(self):
+        return self.requset.user.username
+
+    def get_asset_group(self):
+        """
+        Get user host_groups.
+        获取用户有权限的主机组
+        """
+        host_group_list = []
+        perm_list = []
+        user_group_all = self.requset.user.group.all()
+        for user_group in user_group_all:
+            perm_list.extend(user_group.perm_set.all())
+
+        for perm in perm_list:
+            host_group_list.append(perm.asset_group)
+
+        return host_group_list
+
+    def get_asset_group_info(self, printable=False):
+        """
+        Get or print asset group info
+        获取或打印用户授权资产组
+        """
+        asset_groups_info = {}
+        asset_groups = self.get_asset_group()
+
+        for asset_group in asset_groups:
+            asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment]
+
+        if printable:
+            for group_id in asset_groups_info:
+                if asset_groups_info[group_id][1]:
+                    print "[%3s] %s -- %s" % (group_id,
+                                              asset_groups_info[group_id][0],
+                                              asset_groups_info[group_id][1])
+                else:
+                    print "[%3s] %s" % (group_id, asset_groups_info[group_id][0])
+                print ''
+        else:
+            return asset_groups_info
+
+    def get_asset(self):
+        """
+        Get the assets of under the user control.
+        获取主机列表
+        """
+        assets = []
+        asset_groups = self.get_asset_group()
+
+        for asset_group in asset_groups:
+            assets.extend(asset_group.asset_set.all())
+
+        return assets
+
+    def get_asset_info(self, printable=False):
+        """
+        Get or print the user asset info
+        获取或打印用户资产信息
+        """
+        from jasset.models import AssetAlias
+        assets_info = {}
+        assets = self.get_asset()
+
+        for asset in assets:
+            asset_alias = AssetAlias.objects.filter(user=self, asset=asset)
+            if asset_alias and asset_alias[0].alias != '':
+                assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)]
+            else:
+                assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)]
+
+        if printable:
+            ips = assets_info.keys()
+            ips.sort()
+            for ip in ips:
+                if assets_info[ip][2]:
+                    print '%-15s -- %s' % (ip, assets_info[ip][2])
+                else:
+                    print '%-15s' % ip
+            print ''
+        else:
+            return assets_info
+

+# @login_required
 @require_role(role='user')
 def index_cu(request):
-    user_id = request.session.get('user_id')
-    user = get_object(User, id=user_id)
+    # user_id = request.session.get('user_id')
+    # user = get_object(User, id=user_id)
+    # user = {}
+    # user.name = request.user.username
+    # user.username = request.user.username
+    # user.id = request.user.id
    login_types = {'L': 'LDAP', 'M': 'MAP'}
-    username = user.username
+    user = CustomUser(request)
    posts = user.get_asset()
    host_count = len(posts)
    new_posts = []
@@ -64,7 +157,6 @@ def index_cu(request):
            new_posts.append(post_five)
            post_five = []
    new_posts.append(post_five)
-
    return render_to_response('index_cu.html', locals(), context_instance=RequestContext(request))


@@ -193,7 +285,7 @@ def is_latest():
        pass


-def login(request):
+def Login(request):
    """登录界面"""
    if request.session.get('username'):
        return HttpResponseRedirect('/')
@@ -202,22 +294,20 @@ def login(request):
    else:
        username = request.POST.get('username')
        password = request.POST.get('password')
-        user_filter = User.objects.filter(username=username)
-        if user_filter:
-            user = user_filter[0]
-            if PyCrypt.md5_crypt(password) == user.password:
+        user = authenticate(username=username, password=password)
+        if user is not None:
+            if user.is_active:
+                login(request, user)
                request.session['user_id'] = user.id
-                user_filter.update(last_login=datetime.datetime.now())
                if user.role == 'SU':
                    request.session['role_id'] = 2
                elif user.role == 'GA':
                    request.session['role_id'] = 1
                else:
                    request.session['role_id'] = 0
-                response = HttpResponseRedirect('/', )
-                response.set_cookie('username', username, expires=604800)
-                response.set_cookie('seed', PyCrypt.md5_crypt(password), expires=604800)
-                return response
+                # response.set_cookie('username', username, expires=604800)
+                # response.set_cookie('seed', PyCrypt.md5_crypt(password), expires=604800)
+                return HttpResponseRedirect('/', )
            else:
                error = '密码错误，请重新输入。'
        else:
@@ -225,8 +315,8 @@ def login(request):
    return render_to_response('login.html', {'error': error})


-def logout(request):
-    request.session.delete()
+def Logout(request):
+    logout(request)
    return HttpResponseRedirect('/login/')

 #

--- a/juser/models.py
+++ b/juser/models.py
-#coding: utf-8
+# coding: utf-8

 from django.db import models

@@ -19,6 +19,21 @@ class UserGroup(models.Model):
            self.save()


+from django.contrib.auth.models import AbstractUser
+
+class CustomUser(AbstractUser):
+    USER_ROLE_CHOICES = (
+        ('SU', 'SuperUser'),
+        ('GA', 'GroupAdmin'),
+        ('CU', 'CommonUser'),
+    )
+    name = models.CharField(max_length=80)
+    uuid = models.CharField(max_length=100)
+    role = models.CharField(max_length=2, choices=USER_ROLE_CHOICES, default='CU')
+    group = models.ManyToManyField(UserGroup)
+    ssh_key_pwd = models.CharField(max_length=200)
+
+
 class User(models.Model):
    USER_ROLE_CHOICES = (
        ('SU', 'SuperUser'),
@@ -137,5 +152,3 @@ class AdminGroup(models.Model):

    def __unicode__(self):
        return '%s: %s' % (self.user.username, self.group.name)
-
-
--- a/templates/index_cu.html
+++ b/templates/index_cu.html
@@ -72,7 +72,7 @@
        <div class="col-lg-4">
            <div class="ibox float-e-margins">
                <div class="ibox-title">
-                    <span class="label label-primary"><b>{{ user.name }}</b></span>
+                    <span class="label label-primary"><b>{{ user.username }}</b></span>
                    <div class="ibox-tools">
                        <a class="collapse-link">
                            <i class="fa fa-chevron-up"></i>
@@ -109,7 +109,7 @@
                                </tr>
                                <tr>
                                    <td class="text-navy">角色</td>
-                                    <td>{{ user.id | get_role }}</td>
+                                    <td>{{ user.role }}</td>
                                </tr>
                                <tr>
                                    <td class="text-navy">Email</td>