Skip to content

J
jumpserver
Commit 907c2c7e authored by ibuler's avatar ibuler
Browse files
Options

资产修改基本完成

parent 960e45d0
Show whitespace changes
Inline Side-by-side
Showing with 987 additions and 979 deletions
jasset/asset_api.py
View file @ 907c2c7e
...@@ -37,8 +37,15 @@ def db_asset_add(**kwargs): ...@@ -37,8 +37,15 @@ def db_asset_add(**kwargs):
add asset to db add asset to db
添加主机时数据库操作函数 添加主机时数据库操作函数
""" """
group_id_list = kwargs.pop('groups')
asset = Asset(**kwargs)
asset.save()
Asset(**kwargs).save() group_select = []
for group_id in group_id_list:
group = AssetGroup.objects.filter(id=group_id)
group_select.extend(group)
asset.group = group_select
# #
......
jasset/urls.py
View file @ 907c2c7e
...@@ -7,6 +7,7 @@ urlpatterns = patterns('', ...@@ -7,6 +7,7 @@ urlpatterns = patterns('',
# url(r"^host_add_multi/$", host_add_batch), # url(r"^host_add_multi/$", host_add_batch),
url(r'^group_add/$', group_add), url(r'^group_add/$', group_add),
url(r'^group_list/$', group_list), url(r'^group_list/$', group_list),
url(r'^group_del/$', group_del),
url(r'^asset_list/$', asset_list), url(r'^asset_list/$', asset_list),
url(r'^asset_del/$', asset_del), url(r'^asset_del/$', asset_del),
url(r"^asset_detail/$", asset_detail), url(r"^asset_detail/$", asset_detail),
...@@ -19,7 +20,7 @@ urlpatterns = patterns('', ...@@ -19,7 +20,7 @@ urlpatterns = patterns('',
# url(r'^group_list/$', group_list), # url(r'^group_list/$', group_list),
# url(r'^group_detail/$', group_detail), # url(r'^group_detail/$', group_detail),
# url(r'^group_del_host/$', group_del_host), # url(r'^group_del_host/$', group_del_host),
# url(r'^group_del/$', group_del),
# url(r'^host_edit/batch/$', host_edit_batch), # url(r'^host_edit/batch/$', host_edit_batch),
# url(r'^host_edit_common/batch/$', host_edit_common_batch), # url(r'^host_edit_common/batch/$', host_edit_common_batch),
) )
\ No newline at end of file
jasset/views.py
View file @ 907c2c7e
...@@ -57,12 +57,27 @@ def group_list(request): ...@@ -57,12 +57,27 @@ def group_list(request):
asset_group_list = AssetGroup.objects.all() asset_group_list = AssetGroup.objects.all()
if keyword: if keyword:
asset_groups = asset_group_list.filter(Q(name__contains=keyword) | Q(comment__contains=keyword)) asset_group_list = asset_group_list.filter(Q(name__contains=keyword) | Q(comment__contains=keyword))
asset_group_list, p, asset_groups, page_range, current_page, show_first, show_end = pages(asset_group_list, request) asset_group_list, p, asset_groups, page_range, current_page, show_first, show_end = pages(asset_group_list, request)
return my_render('jasset/group_list.html', locals(), request) return my_render('jasset/group_list.html', locals(), request)
@require_role('admin')
def group_del(request):
"""
del asset group
删除主机组
"""
group_ids = request.GET.get('id', '')
group_id_list = group_ids.split(',')
for group_id in group_id_list:
AssetGroup.objects.filter(id=group_id).delete()
return HttpResponse(u'删除成功')
@require_role('admin') @require_role('admin')
def asset_add(request): def asset_add(request):
""" """
...@@ -70,10 +85,11 @@ def asset_add(request): ...@@ -70,10 +85,11 @@ def asset_add(request):
添加资产 添加资产
""" """
header_title, path1, path2 = u'添加资产', u'资产管理', u'添加资产' header_title, path1, path2 = u'添加资产', u'资产管理', u'添加资产'
asset_group_all = AssetGroup.objects.all()
if request.method == 'POST': if request.method == 'POST':
ip = request.POST.get('ip') ip = request.POST.get('ip')
port = request.POST.get('port') port = request.POST.get('port')
group = request.POST.getlist('group') groups = request.POST.getlist('groups')
use_default_auth = True if request.POST.getlist('use_default_auth', []) else False use_default_auth = True if request.POST.getlist('use_default_auth', []) else False
is_active = True if request.POST.get('is_active') else False is_active = True if request.POST.get('is_active') else False
comment = request.POST.get('comment') comment = request.POST.get('comment')
...@@ -96,7 +112,7 @@ def asset_add(request): ...@@ -96,7 +112,7 @@ def asset_add(request):
else: else:
db_asset_add( db_asset_add(
ip=ip, port=port, use_default_auth=use_default_auth, is_active=is_active, comment=comment, ip=ip, port=port, use_default_auth=use_default_auth, is_active=is_active, comment=comment,
username=username, password=password_encode groups=groups, username=username, password=password_encode
) )
msg = u'主机 %s 添加成功' % ip msg = u'主机 %s 添加成功' % ip
...@@ -447,27 +463,7 @@ def asset_detail(request): ...@@ -447,27 +463,7 @@ def asset_detail(request):
# #
# return HttpResponseRedirect('/jasset/group_detail/?id=%s' % group.id) # return HttpResponseRedirect('/jasset/group_detail/?id=%s' % group.id)
# #
#
# @require_admin
# def group_del(request):
# """ 删除主机组 """
# offset = request.GET.get('id', '')
# if offset == 'multi':
# len_list = request.POST.get("len_list")
# for i in range(int(len_list)):
# key = "id_list[" + str(i) + "]"
# gid = request.POST.get(key)
# if is_group_admin(request) and not validate(request, asset_group=[gid]):
# return httperror(request, '删除失败, 您无权删除!')
# BisGroup.objects.filter(id=gid).delete()
# else:
# gid = int(offset)
# if is_group_admin(request) and not validate(request, asset_group=[gid]):
# return httperror(request, '删除失败, 您无权删除!')
# BisGroup.objects.filter(id=gid).delete()
# return HttpResponseRedirect('/jasset/group_list/')
#
#
# @require_admin # @require_admin
# def dept_host_ajax(request): # def dept_host_ajax(request):
# """ 添加主机组时, 部门联动主机异步 """ # """ 添加主机组时, 部门联动主机异步 """
......
jperm/models.py
View file @ 907c2c7e
import datetime import datetime
from uuidfield import UUIDField
from django.db import models from django.db import models
from juser.models import UserGroup from juser.models import User, UserGroup
from jasset.models import Asset, AssetGroup from jasset.models import Asset, AssetGroup
class Perm(models.Model): class UserPerm(models.Model):
user_group = models.ForeignKey(UserGroup) user = models.ForeignKey(User)
asset_group = models.ForeignKey(AssetGroup) asset = models.ForeignKey(Asset, null=True)
asset_group = models.ForeignKey(AssetGroup, null=True)
def __unicode__(self):
return '%s_%s' % (self.user_group.name, self.asset_group.name)
class CmdGroup(models.Model):
name = models.CharField(max_length=50, unique=True)
cmd = models.CharField(max_length=999)
comment = models.CharField(blank=True, null=True, max_length=50)
def __unicode__(self): def __unicode__(self):
return self.name return self.user.name
class SudoPerm(models.Model): class GroupPerm(models.Model):
user_group = models.ForeignKey(UserGroup) user_group = models.ForeignKey(UserGroup)
user_runas = models.CharField(max_length=100) asset = models.ForeignKey(Asset, null=True)
asset_group = models.ManyToManyField(AssetGroup) asset_group = models.ForeignKey(AssetGroup, null=True)
cmd_group = models.ManyToManyField(CmdGroup)
comment = models.CharField(max_length=30, null=True, blank=True)
def __unicode__(self):
return self.user_group.name
class Apply(models.Model):
uuid = UUIDField(auto=True)
applyer = models.CharField(max_length=20)
admin = models.CharField(max_length=20)
approver = models.CharField(max_length=20)
bisgroup = models.CharField(max_length=500)
asset = models.CharField(max_length=500)
comment = models.TextField(blank=True, null=True)
status = models.IntegerField(max_length=2)
date_add = models.DateTimeField(null=True)
date_end = models.DateTimeField(null=True)
read = models.IntegerField(max_length=2)
def __unicode__(self): def __unicode__(self):
return self.applyer return self.user.name
# class CmdGroup(models.Model):
# name = models.CharField(max_length=50, unique=True)
# cmd = models.CharField(max_length=999)
# comment = models.CharField(blank=True, null=True, max_length=50)
#
# def __unicode__(self):
# return self.name
#
#
# class SudoPerm(models.Model):
# user_group = models.ForeignKey(UserGroup)
# user_runas = models.CharField(max_length=100)
# asset_group = models.ManyToManyField(AssetGroup)
# cmd_group = models.ManyToManyField(CmdGroup)
# comment = models.CharField(max_length=30, null=True, blank=True)
#
# def __unicode__(self):
# return self.user_group.name
#
#
# class Apply(models.Model):
# uuid = UUIDField(auto=True)
# applyer = models.CharField(max_length=20)
# admin = models.CharField(max_length=20)
# approver = models.CharField(max_length=20)
# bisgroup = models.CharField(max_length=500)
# asset = models.CharField(max_length=500)
# comment = models.TextField(blank=True, null=True)
# status = models.IntegerField(max_length=2)
# date_add = models.DateTimeField(null=True)
# date_end = models.DateTimeField(null=True)
# read = models.IntegerField(max_length=2)
#
# def __unicode__(self):
# return self.applyer
jperm/urls.py
View file @ 907c2c7e
...@@ -3,31 +3,29 @@ from jperm.views import * ...@@ -3,31 +3,29 @@ from jperm.views import *
urlpatterns = patterns('jperm.views', urlpatterns = patterns('jperm.views',
# Examples: # Examples:
# url(r'^$', 'jumpserver.views.home', name='home'), (r'^user/$', user_perm),
# url(r'^blog/', include('blog.urls')), # (r'^dept_perm_edit/$', 'dept_perm_edit'),
# (r'^perm_list/$', view_splitter, {'su': perm_list, 'adm': perm_list_adm}),
# (r'^dept_perm_list/$', 'dept_perm_list'),
# (r'^perm_user_detail/$', 'perm_user_detail'),
# (r'^perm_detail/$', 'perm_detail'),
# (r'^perm_del/$', 'perm_del'),
# (r'^perm_asset_detail/$', 'perm_asset_detail'),
# (r'^sudo_list/$', view_splitter, {'su': sudo_list, 'adm': sudo_list_adm}),
# (r'^sudo_del/$', 'sudo_del'),
# (r'^sudo_edit/$', view_splitter, {'su': sudo_edit, 'adm': sudo_edit_adm}),
# (r'^sudo_refresh/$', 'sudo_refresh'),
# (r'^sudo_detail/$', 'sudo_detail'),
# (r'^cmd_add/$', view_splitter, {'su': cmd_add, 'adm': cmd_add_adm}),
# (r'^cmd_list/$', 'cmd_list'),
# (r'^cmd_del/$', 'cmd_del'),
# (r'^cmd_edit/$', 'cmd_edit'),
# (r'^cmd_detail/$', 'cmd_detail'),
# (r'^apply/$', 'perm_apply'),
# (r'^apply_show/(\w+)/$', 'perm_apply_log'),
# (r'^apply_exec/$', 'perm_apply_exec'),
# (r'^apply_info/$', 'perm_apply_info'),
# (r'^apply_del/$', 'perm_apply_del'),
# (r'^apply_search/$', 'perm_apply_search'),
(r'^perm_edit/$', view_splitter, {'su': perm_edit, 'adm': perm_edit_adm}),
(r'^dept_perm_edit/$', 'dept_perm_edit'),
(r'^perm_list/$', view_splitter, {'su': perm_list, 'adm': perm_list_adm}),
(r'^dept_perm_list/$', 'dept_perm_list'),
(r'^perm_user_detail/$', 'perm_user_detail'),
(r'^perm_detail/$', 'perm_detail'),
(r'^perm_del/$', 'perm_del'),
(r'^perm_asset_detail/$', 'perm_asset_detail'),
(r'^sudo_list/$', view_splitter, {'su': sudo_list, 'adm': sudo_list_adm}),
(r'^sudo_del/$', 'sudo_del'),
(r'^sudo_edit/$', view_splitter, {'su': sudo_edit, 'adm': sudo_edit_adm}),
(r'^sudo_refresh/$', 'sudo_refresh'),
(r'^sudo_detail/$', 'sudo_detail'),
(r'^cmd_add/$', view_splitter, {'su': cmd_add, 'adm': cmd_add_adm}),
(r'^cmd_list/$', 'cmd_list'),
(r'^cmd_del/$', 'cmd_del'),
(r'^cmd_edit/$', 'cmd_edit'),
(r'^cmd_detail/$', 'cmd_detail'),
(r'^apply/$', 'perm_apply'),
(r'^apply_show/(\w+)/$', 'perm_apply_log'),
(r'^apply_exec/$', 'perm_apply_exec'),
(r'^apply_info/$', 'perm_apply_info'),
(r'^apply_del/$', 'perm_apply_del'),
(r'^apply_search/$', 'perm_apply_search'),
) )
jperm/views.py
View file @ 907c2c7e
# coding: utf-8 # # coding: utf-8
import sys # import sys
#
reload(sys) # reload(sys)
sys.setdefaultencoding('utf8') # sys.setdefaultencoding('utf8')
#
from django.shortcuts import render_to_response # from django.shortcuts import render_to_response
from django.template import RequestContext # from django.template import RequestContext
from jperm.models import Perm, SudoPerm, CmdGroup, Apply # from jperm.models import Perm, SudoPerm, CmdGroup, Apply
from django.db.models import Q from django.db.models import Q
from jumpserver.api import * from jumpserver.api import *
def asset_cmd_groups_get(asset_groups_select='', cmd_groups_select=''): def user_perm(request):
asset_groups_select_list = [] return my_render('jperm/perm_add.html', locals(), request)
cmd_groups_select_list = []
for asset_group_id in asset_groups_select:
asset_groups_select_list.extend(BisGroup.objects.filter(id=asset_group_id))
for cmd_group_id in cmd_groups_select:
cmd_groups_select_list.extend(CmdGroup.objects.filter(id=cmd_group_id))
return asset_groups_select_list, cmd_groups_select_list
@require_admin
def perm_add(request):
header_title, path1, path2 = u'主机授权添加', u'授权管理', u'授权添加'
if request.method == 'GET':
user_groups = UserGroup.objects.filter(id__gt=2)
asset_groups = BisGroup.objects.all()
else:
name = request.POST.get('name', '')
user_groups_select = request.POST.getlist('user_groups_select')
asset_groups_select = request.POST.getlist('asset_groups_select')
comment = request.POST.get('comment', '')
user_groups, asset_groups = user_asset_cmd_groups_get(user_groups_select, asset_groups_select, '')[0:2]
perm = Perm(name=name, comment=comment)
perm.save()
perm.user_group = user_groups
perm.asset_group = asset_groups
msg = '添加成功'
return render_to_response('jperm/perm_add.html', locals(), context_instance=RequestContext(request))
def dept_add_asset(dept_id, asset_list):
dept = DEPT.objects.filter(id=dept_id)
if dept:
dept = dept[0]
new_perm_asset = []
for asset_id in asset_list:
asset = Asset.objects.filter(id=asset_id)
new_perm_asset.extend(asset)
dept.asset_set.clear()
dept.asset_set = new_perm_asset
@require_super_user
def dept_perm_edit(request):
header_title, path1, path2 = u'部门授权添加', u'授权管理', u'部门授权添加'
if request.method == 'GET':
dept_id = request.GET.get('id', '')
dept = DEPT.objects.filter(id=dept_id)
if dept:
dept = dept[0]
asset_all = Asset.objects.all()
asset_select = dept.asset_set.all()
assets = [asset for asset in asset_all if asset not in asset_select]
else:
dept_id = request.POST.get('dept_id')
asset_select = request.POST.getlist('asset_select')
dept_add_asset(dept_id, asset_select)
return HttpResponseRedirect('/jperm/dept_perm_list/')
return render_to_response('jperm/dept_perm_edit.html', locals(), context_instance=RequestContext(request))
@require_super_user
def perm_list(request):
header_title, path1, path2 = u'小组授权', u'授权管理', u'授权详情'
keyword = request.GET.get('search', '')
uid = request.GET.get('uid', '')
agid = request.GET.get('agid', '')
if keyword:
contact_list = UserGroup.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
else:
contact_list = UserGroup.objects.all().order_by('name')
if uid:
user = User.objects.filter(id=uid)
print user
if user:
user = user[0]
contact_list = contact_list.filter(user=user)
if agid:
contact_list_confirm = []
asset_group = BisGroup.objects.filter(id=agid)
if asset_group:
asset_group = asset_group[0]
for user_group in contact_list:
if asset_group in user_group_perm_asset_group_api(user_group):
contact_list_confirm.append(user_group)
contact_list = contact_list_confirm
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
return render_to_response('jperm/perm_list.html', locals(), context_instance=RequestContext(request))
@require_admin
def perm_list_adm(request):
header_title, path1, path2 = u'小组授权', u'授权管理', u'授权详情'
keyword = request.GET.get('search', '')
uid = request.GET.get('uid', '')
agid = request.GET.get('agid', '')
user, dept = get_session_user_dept(request)
contact_list = dept.usergroup_set.all().order_by('name')
if keyword:
contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
if uid:
user = User.objects.filter(id=uid)
print user
if user:
user = user[0]
contact_list = contact_list.filter(user=user)
if agid:
contact_list_confirm = []
asset_group = BisGroup.objects.filter(id=agid)
if asset_group:
asset_group = asset_group[0]
for user_group in contact_list:
if asset_group in user_group_perm_asset_group_api(user_group):
contact_list_confirm.append(user_group)
contact_list = contact_list_confirm
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
return render_to_response('jperm/perm_list.html', locals(), context_instance=RequestContext(request))
@require_super_user
def dept_perm_list(request):
header_title, path1, path2 = '查看部门', '授权管理', '部门授权'
keyword = request.GET.get('search')
if keyword:
contact_list = DEPT.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)).order_by('name')
else:
contact_list = DEPT.objects.filter(id__gt=2)
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
return render_to_response('jperm/dept_perm_list.html', locals(), context_instance=RequestContext(request))
def perm_group_update(user_group_id, asset_groups_id_list):
user_group = UserGroup.objects.filter(id=user_group_id)
if user_group:
user_group = user_group[0]
old_asset_group = [perm.asset_group for perm in user_group.perm_set.all()]
new_asset_group = []
for asset_group_id in asset_groups_id_list:
new_asset_group.extend(BisGroup.objects.filter(id=asset_group_id))
del_asset_group = [asset_group for asset_group in old_asset_group if asset_group not in new_asset_group]
add_asset_group = [asset_group for asset_group in new_asset_group if asset_group not in old_asset_group]
for asset_group in del_asset_group:
Perm.objects.filter(user_group=user_group, asset_group=asset_group).delete()
for asset_group in add_asset_group:
Perm(user_group=user_group, asset_group=asset_group).save()
@require_super_user # def asset_cmd_groups_get(asset_groups_select='', cmd_groups_select=''):
def perm_edit(request): # asset_groups_select_list = []
if request.method == 'GET': # cmd_groups_select_list = []
header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权编辑' #
user_group_id = request.GET.get('id', '') # for asset_group_id in asset_groups_select:
user_group = UserGroup.objects.filter(id=user_group_id) # asset_groups_select_list.extend(BisGroup.objects.filter(id=asset_group_id))
if user_group: #
user_group = user_group[0] # for cmd_group_id in cmd_groups_select:
asset_groups_all = BisGroup.objects.all() # cmd_groups_select_list.extend(CmdGroup.objects.filter(id=cmd_group_id))
asset_groups_select = [perm.asset_group for perm in user_group.perm_set.all()] #
asset_groups = [asset_group for asset_group in asset_groups_all if asset_group not in asset_groups_select] # return asset_groups_select_list, cmd_groups_select_list
else: #
user_group_id = request.POST.get('user_group_id') #
asset_group_id_list = request.POST.getlist('asset_groups_select') # @require_admin
perm_group_update(user_group_id, asset_group_id_list) # def perm_add(request):
# header_title, path1, path2 = u'主机授权添加', u'授权管理', u'授权添加'
return HttpResponseRedirect('/jperm/perm_list/') #
return render_to_response('jperm/perm_edit.html', locals(), context_instance=RequestContext(request)) # if request.method == 'GET':
# user_groups = UserGroup.objects.filter(id__gt=2)
# asset_groups = BisGroup.objects.all()
@require_admin
def perm_edit_adm(request):
if request.method == 'GET':
header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权编辑'
user_group_id = request.GET.get('id', '')
user_group = UserGroup.objects.filter(id=user_group_id)
user, dept = get_session_user_dept(request)
if user_group:
user_group = user_group[0]
asset_groups_all = dept.bisgroup_set.all()
asset_groups_select = [perm.asset_group for perm in user_group.perm_set.all()]
asset_groups = [asset_group for asset_group in asset_groups_all if asset_group not in asset_groups_select]
else:
user_group_id = request.POST.get('user_group_id')
asset_group_id_list = request.POST.getlist('asset_groups_select')
print user_group_id, asset_group_id_list
if not validate(request, user_group=[user_group_id], asset_group=asset_group_id_list):
return HttpResponseRedirect('/')
perm_group_update(user_group_id, asset_group_id_list)
return HttpResponseRedirect('/jperm/perm_list/')
return render_to_response('jperm/perm_edit.html', locals(), context_instance=RequestContext(request))
@require_admin
def perm_detail(request):
header_title, path1, path2 = u'授权管理', u'小组管理', u'授权详情'
group_id = request.GET.get('id')
user_group = UserGroup.objects.filter(id=group_id)
if user_group:
user_group = user_group[0]
users = user_group.user_set.all()
group_user_num = len(users)
perms = user_group.perm_set.all()
asset_groups = [perm.asset_group for perm in perms]
return render_to_response('jperm/perm_detail.html', locals(), context_instance=RequestContext(request))
@require_admin
def perm_del(request):
perm_id = request.GET.get('id')
perm = Perm.objects.filter(id=perm_id)
if perm:
perm = perm[0]
perm.delete()
return HttpResponseRedirect('/jperm/perm_list/')
@require_admin
def perm_asset_detail(request):
header_title, path1, path2 = u'用户授权主机', u'权限管理', u'用户主机详情'
user_id = request.GET.get('id')
user = User.objects.filter(id=user_id)
if user:
user = user[0]
assets_list = user_perm_asset_api(user.username)
return render_to_response('jperm/perm_asset_detail.html', locals(), context_instance=RequestContext(request))
def unicode2str(unicode_list):
return [str(i) for i in unicode_list]
# def sudo_ldap_add(user_group, user_runas, asset_groups_select,
# cmd_groups_select):
# if not LDAP_ENABLE:
# return True
# #
# assets = []
# cmds = []
# user_runas = user_runas.split(',')
# if len(asset_groups_select) == 1 and asset_groups_select[0].name == 'ALL':
# asset_all = True
# else: # else:
# asset_all = False # name = request.POST.get('name', '')
# for asset_group in asset_groups_select: # user_groups_select = request.POST.getlist('user_groups_select')
# assets.extend(asset_group.asset_set.all()) # asset_groups_select = request.POST.getlist('asset_groups_select')
# comment = request.POST.get('comment', '')
#
# user_groups, asset_groups = user_asset_cmd_groups_get(user_groups_select, asset_groups_select, '')[0:2]
#
# perm = Perm(name=name, comment=comment)
# perm.save()
#
# perm.user_group = user_groups
# perm.asset_group = asset_groups
# msg = '添加成功'
# return render_to_response('jperm/perm_add.html', locals(), context_instance=RequestContext(request))
#
# #
# if user_group.name == 'ALL': # def dept_add_asset(dept_id, asset_list):
# user_all = True # dept = DEPT.objects.filter(id=dept_id)
# users = [] # if dept:
# dept = dept[0]
# new_perm_asset = []
# for asset_id in asset_list:
# asset = Asset.objects.filter(id=asset_id)
# new_perm_asset.extend(asset)
#
# dept.asset_set.clear()
# dept.asset_set = new_perm_asset
#
#
# @require_super_user
# def dept_perm_edit(request):
# header_title, path1, path2 = u'部门授权添加', u'授权管理', u'部门授权添加'
# if request.method == 'GET':
# dept_id = request.GET.get('id', '')
# dept = DEPT.objects.filter(id=dept_id)
# if dept:
# dept = dept[0]
# asset_all = Asset.objects.all()
# asset_select = dept.asset_set.all()
# assets = [asset for asset in asset_all if asset not in asset_select]
# else: # else:
# user_all = False # dept_id = request.POST.get('dept_id')
# asset_select = request.POST.getlist('asset_select')
# dept_add_asset(dept_id, asset_select)
# return HttpResponseRedirect('/jperm/dept_perm_list/')
# return render_to_response('jperm/dept_perm_edit.html', locals(), context_instance=RequestContext(request))
#
#
# @require_super_user
# def perm_list(request):
# header_title, path1, path2 = u'小组授权', u'授权管理', u'授权详情'
# keyword = request.GET.get('search', '')
# uid = request.GET.get('uid', '')
# agid = request.GET.get('agid', '')
# if keyword:
# contact_list = UserGroup.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
# else:
# contact_list = UserGroup.objects.all().order_by('name')
#
# if uid:
# user = User.objects.filter(id=uid)
# print user
# if user:
# user = user[0]
# contact_list = contact_list.filter(user=user)
#
# if agid:
# contact_list_confirm = []
# asset_group = BisGroup.objects.filter(id=agid)
# if asset_group:
# asset_group = asset_group[0]
# for user_group in contact_list:
# if asset_group in user_group_perm_asset_group_api(user_group):
# contact_list_confirm.append(user_group)
# contact_list = contact_list_confirm
#
# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
# return render_to_response('jperm/perm_list.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def perm_list_adm(request):
# header_title, path1, path2 = u'小组授权', u'授权管理', u'授权详情'
# keyword = request.GET.get('search', '')
# uid = request.GET.get('uid', '')
# agid = request.GET.get('agid', '')
# user, dept = get_session_user_dept(request)
# contact_list = dept.usergroup_set.all().order_by('name')
# if keyword:
# contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
#
# if uid:
# user = User.objects.filter(id=uid)
# print user
# if user:
# user = user[0]
# contact_list = contact_list.filter(user=user)
#
# if agid:
# contact_list_confirm = []
# asset_group = BisGroup.objects.filter(id=agid)
# if asset_group:
# asset_group = asset_group[0]
# for user_group in contact_list:
# if asset_group in user_group_perm_asset_group_api(user_group):
# contact_list_confirm.append(user_group)
# contact_list = contact_list_confirm
#
# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
# return render_to_response('jperm/perm_list.html', locals(), context_instance=RequestContext(request))
#
#
# @require_super_user
# def dept_perm_list(request):
# header_title, path1, path2 = '查看部门', '授权管理', '部门授权'
# keyword = request.GET.get('search')
# if keyword:
# contact_list = DEPT.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)).order_by('name')
# else:
# contact_list = DEPT.objects.filter(id__gt=2)
#
# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
#
# return render_to_response('jperm/dept_perm_list.html', locals(), context_instance=RequestContext(request))
#
#
# def perm_group_update(user_group_id, asset_groups_id_list):
# user_group = UserGroup.objects.filter(id=user_group_id)
# if user_group:
# user_group = user_group[0]
# old_asset_group = [perm.asset_group for perm in user_group.perm_set.all()]
# new_asset_group = []
#
# for asset_group_id in asset_groups_id_list:
# new_asset_group.extend(BisGroup.objects.filter(id=asset_group_id))
#
# del_asset_group = [asset_group for asset_group in old_asset_group if asset_group not in new_asset_group]
# add_asset_group = [asset_group for asset_group in new_asset_group if asset_group not in old_asset_group]
#
# for asset_group in del_asset_group:
# Perm.objects.filter(user_group=user_group, asset_group=asset_group).delete()
#
# for asset_group in add_asset_group:
# Perm(user_group=user_group, asset_group=asset_group).save()
#
#
# @require_super_user
# def perm_edit(request):
# if request.method == 'GET':
# header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权编辑'
# user_group_id = request.GET.get('id', '')
# user_group = UserGroup.objects.filter(id=user_group_id)
# if user_group:
# user_group = user_group[0]
# asset_groups_all = BisGroup.objects.all()
# asset_groups_select = [perm.asset_group for perm in user_group.perm_set.all()]
# asset_groups = [asset_group for asset_group in asset_groups_all if asset_group not in asset_groups_select]
# else:
# user_group_id = request.POST.get('user_group_id')
# asset_group_id_list = request.POST.getlist('asset_groups_select')
# perm_group_update(user_group_id, asset_group_id_list)
#
# return HttpResponseRedirect('/jperm/perm_list/')
# return render_to_response('jperm/perm_edit.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def perm_edit_adm(request):
# if request.method == 'GET':
# header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权编辑'
# user_group_id = request.GET.get('id', '')
# user_group = UserGroup.objects.filter(id=user_group_id)
# user, dept = get_session_user_dept(request)
# if user_group:
# user_group = user_group[0]
# asset_groups_all = dept.bisgroup_set.all()
# asset_groups_select = [perm.asset_group for perm in user_group.perm_set.all()]
# asset_groups = [asset_group for asset_group in asset_groups_all if asset_group not in asset_groups_select]
# else:
# user_group_id = request.POST.get('user_group_id')
# asset_group_id_list = request.POST.getlist('asset_groups_select')
# print user_group_id, asset_group_id_list
# if not validate(request, user_group=[user_group_id], asset_group=asset_group_id_list):
# return HttpResponseRedirect('/')
# perm_group_update(user_group_id, asset_group_id_list)
#
# return HttpResponseRedirect('/jperm/perm_list/')
# return render_to_response('jperm/perm_edit.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def perm_detail(request):
# header_title, path1, path2 = u'授权管理', u'小组管理', u'授权详情'
# group_id = request.GET.get('id')
# user_group = UserGroup.objects.filter(id=group_id)
# if user_group:
# user_group = user_group[0]
# users = user_group.user_set.all() # users = user_group.user_set.all()
# group_user_num = len(users)
# perms = user_group.perm_set.all()
# asset_groups = [perm.asset_group for perm in perms]
# return render_to_response('jperm/perm_detail.html', locals(), context_instance=RequestContext(request))
# #
# for cmd_group in cmd_groups_select:
# cmds.extend(cmd_group.cmd.split(','))
# #
# if user_all: # @require_admin
# users_name = ['ALL'] # def perm_del(request):
# perm_id = request.GET.get('id')
# perm = Perm.objects.filter(id=perm_id)
# if perm:
# perm = perm[0]
# perm.delete()
# return HttpResponseRedirect('/jperm/perm_list/')
#
#
# @require_admin
# def perm_asset_detail(request):
# header_title, path1, path2 = u'用户授权主机', u'权限管理', u'用户主机详情'
# user_id = request.GET.get('id')
# user = User.objects.filter(id=user_id)
# if user:
# user = user[0]
# assets_list = user_perm_asset_api(user.username)
# return render_to_response('jperm/perm_asset_detail.html', locals(), context_instance=RequestContext(request))
#
#
# def unicode2str(unicode_list):
# return [str(i) for i in unicode_list]
#
#
# # def sudo_ldap_add(user_group, user_runas, asset_groups_select,
# # cmd_groups_select):
# # if not LDAP_ENABLE:
# # return True
# #
# # assets = []
# # cmds = []
# # user_runas = user_runas.split(',')
# # if len(asset_groups_select) == 1 and asset_groups_select[0].name == 'ALL':
# # asset_all = True
# # else:
# # asset_all = False
# # for asset_group in asset_groups_select:
# # assets.extend(asset_group.asset_set.all())
# #
# # if user_group.name == 'ALL':
# # user_all = True
# # users = []
# # else:
# # user_all = False
# # users = user_group.user_set.all()
# #
# # for cmd_group in cmd_groups_select:
# # cmds.extend(cmd_group.cmd.split(','))
# #
# # if user_all:
# # users_name = ['ALL']
# # else:
# # users_name = list(set([user.username for user in users]))
# #
# # if asset_all:
# # assets_ip = ['ALL']
# # else:
# # assets_ip = list(set([asset.ip for asset in assets]))
# #
# # name = 'sudo%s' % user_group.id
# # sudo_dn = 'cn=%s,ou=Sudoers,%s' % (name, LDAP_BASE_DN)
# # sudo_attr = {'objectClass': ['top', 'sudoRole'],
# # 'cn': ['%s' % name],
# # 'sudoCommand': unicode2str(cmds),
# # 'sudoHost': unicode2str(assets_ip),
# # 'sudoOption': ['!authenticate'],
# # 'sudoRunAsUser': unicode2str(user_runas),
# # 'sudoUser': unicode2str(users_name)}
# # ldap_conn.delete(sudo_dn)
# # ldap_conn.add(sudo_dn, sudo_attr)
#
# #
# # def sudo_update(user_group, user_runas, asset_groups_select, cmd_groups_select, comment):
# # asset_groups_select_list, cmd_groups_select_list = \
# # asset_cmd_groups_get(asset_groups_select, cmd_groups_select)
# # sudo_perm = user_group.sudoperm_set.all()
# # if sudo_perm:
# # sudo_perm.update(user_runas=user_runas, comment=comment)
# # sudo_perm = sudo_perm[0]
# # sudo_perm.asset_group = asset_groups_select_list
# # sudo_perm.cmd_group = cmd_groups_select_list
# # else:
# # sudo_perm = SudoPerm(user_group=user_group, user_runas=user_runas, comment=comment)
# # sudo_perm.save()
# # sudo_perm.asset_group = asset_groups_select_list
# # sudo_perm.cmd_group = cmd_groups_select_list
# #
# # sudo_ldap_add(user_group, user_runas, asset_groups_select_list, cmd_groups_select_list)
#
#
# @require_super_user
# def sudo_list(request):
# header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情'
# keyword = request.GET.get('search', '')
# contact_list = UserGroup.objects.all().order_by('name')
# if keyword:
# contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
#
# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
# return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def sudo_list_adm(request):
# header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情'
# keyword = request.GET.get('search', '')
# user, dept = get_session_user_dept(request)
# contact_list = dept.usergroup_set.all().order_by('name')
# if keyword:
# contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
#
# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
# return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request))
#
#
# @require_super_user
# def sudo_edit(request):
# header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo授权'
#
# if request.method == 'GET':
# user_group_id = request.GET.get('id', '0')
# user_group = UserGroup.objects.filter(id=user_group_id)
# asset_group_all = BisGroup.objects.filter()
# cmd_group_all = CmdGroup.objects.all()
# if user_group:
# user_group = user_group[0]
# sudo_perm = user_group.sudoperm_set.all()
# if sudo_perm:
# sudo_perm = sudo_perm[0]
# asset_group_permed = sudo_perm.asset_group.all()
# cmd_group_permed = sudo_perm.cmd_group.all()
# user_runas = sudo_perm.user_runas
# comment = sudo_perm.comment
# else: # else:
# users_name = list(set([user.username for user in users])) # asset_group_permed = []
# cmd_group_permed = []
#
# asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed]
# cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed]
# #
# if asset_all:
# assets_ip = ['ALL']
# else: # else:
# assets_ip = list(set([asset.ip for asset in assets])) # user_group_id = request.POST.get('user_group_id', '')
# # users_runas = request.POST.get('runas') if request.POST.get('runas') else 'root'
# name = 'sudo%s' % user_group.id # asset_groups_select = request.POST.getlist('asset_groups_select')
# sudo_dn = 'cn=%s,ou=Sudoers,%s' % (name, LDAP_BASE_DN) # cmd_groups_select = request.POST.getlist('cmd_groups_select')
# sudo_attr = {'objectClass': ['top', 'sudoRole'], # comment = request.POST.get('comment', '')
# 'cn': ['%s' % name], # user_group = UserGroup.objects.filter(id=user_group_id)
# 'sudoCommand': unicode2str(cmds), # if user_group:
# 'sudoHost': unicode2str(assets_ip), # user_group = user_group[0]
# 'sudoOption': ['!authenticate'], # if LDAP_ENABLE:
# 'sudoRunAsUser': unicode2str(user_runas), # sudo_update(user_group, users_runas, asset_groups_select, cmd_groups_select, comment)
# 'sudoUser': unicode2str(users_name)} # msg = '修改成功'
# ldap_conn.delete(sudo_dn) #
# ldap_conn.add(sudo_dn, sudo_attr) # return HttpResponseRedirect('/jperm/sudo_list/')
# #
# def sudo_update(user_group, user_runas, asset_groups_select, cmd_groups_select, comment): # return render_to_response('jperm/sudo_edit.html', locals(), context_instance=RequestContext(request))
# asset_groups_select_list, cmd_groups_select_list = \ #
# asset_cmd_groups_get(asset_groups_select, cmd_groups_select) #
# @require_admin
# def sudo_edit_adm(request):
# header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo授权'
# user, dept = get_session_user_dept(request)
# if request.method == 'GET':
# user_group_id = request.GET.get('id', '0')
# if not validate(request, user_group=[user_group_id]):
# return render_to_response('/jperm/sudo_list/')
# user_group = UserGroup.objects.filter(id=user_group_id)
# asset_group_all = dept.bisgroup_set.all()
# cmd_group_all = dept.cmdgroup_set.all()
# if user_group:
# user_group = user_group[0]
# sudo_perm = user_group.sudoperm_set.all() # sudo_perm = user_group.sudoperm_set.all()
# if sudo_perm: # if sudo_perm:
# sudo_perm.update(user_runas=user_runas, comment=comment)
# sudo_perm = sudo_perm[0] # sudo_perm = sudo_perm[0]
# sudo_perm.asset_group = asset_groups_select_list # asset_group_permed = sudo_perm.asset_group.all()
# sudo_perm.cmd_group = cmd_groups_select_list # cmd_group_permed = sudo_perm.cmd_group.all()
# user_runas = sudo_perm.user_runas
# comment = sudo_perm.comment
# else: # else:
# sudo_perm = SudoPerm(user_group=user_group, user_runas=user_runas, comment=comment) # asset_group_permed = []
# sudo_perm.save() # cmd_group_permed = []
# sudo_perm.asset_group = asset_groups_select_list #
# sudo_perm.cmd_group = cmd_groups_select_list # asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed]
# cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed]
#
# else:
# user_group_id = request.POST.get('user_group_id', '')
# users_runas = request.POST.get('runas', 'root')
# asset_groups_select = request.POST.getlist('asset_groups_select')
# cmd_groups_select = request.POST.getlist('cmd_groups_select')
# comment = request.POST.get('comment', '')
# user_group = UserGroup.objects.filter(id=user_group_id)
# if not validate(request, user_group=[user_group_id], asset_group=asset_groups_select):
# return render_to_response('/jperm/sudo_list/')
# if user_group:
# user_group = user_group[0]
# if LDAP_ENABLE:
# sudo_update(user_group, users_runas, asset_groups_select, cmd_groups_select, comment)
# msg = '修改成功'
#
# return HttpResponseRedirect('/jperm/sudo_list/')
# return render_to_response('jperm/sudo_edit.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def sudo_detail(request):
# header_title, path1, path2 = u'Sudo授权详情', u'授权管理', u'授权详情'
# user_group_id = request.GET.get('id')
# user_group = UserGroup.objects.filter(id=user_group_id)
# if user_group:
# asset_groups = []
# cmd_groups = []
# user_group = user_group[0]
# users = user_group.user_set.all()
# group_user_num = len(users)
#
# for perm in user_group.sudoperm_set.all():
# asset_groups.extend(perm.asset_group.all())
# cmd_groups.extend(perm.cmd_group.all())
#
# print asset_groups
# return render_to_response('jperm/sudo_detail.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def sudo_refresh(request):
# sudo_perm_all = SudoPerm.objects.all()
# for sudo_perm in sudo_perm_all:
# user_group = sudo_perm.user_group
# user_runas = sudo_perm.user_runas
# asset_groups_select = sudo_perm.asset_group.all()
# cmd_groups_select = sudo_perm.cmd_group.all()
# sudo_ldap_add(user_group, user_runas, asset_groups_select, cmd_groups_select)
# return HttpResponse('刷新sudo授权成功')
#
#
# @require_super_user
# def cmd_add(request):
# header_title, path1, path2 = u'sudo命令添加', u'授权管理', u'命令组添加'
# dept_all = DEPT.objects.all()
#
# if request.method == 'POST':
# name = request.POST.get('name')
# dept_id = request.POST.get('dept_id')
# cmd = ','.join(request.POST.get('cmd').split('\n'))
# comment = request.POST.get('comment')
# dept = DEPT.objects.filter(id=dept_id)
#
# try:
# if CmdGroup.objects.filter(name=name):
# error = '%s 命令组已存在'
# raise ServerError(error)
#
# if not dept:
# error = u"部门不能为空"
# raise ServerError(error)
# except ServerError, e:
# pass
# else:
# dept = dept[0]
# CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment)
# msg = u'命令组添加成功'
# return HttpResponseRedirect('/jperm/cmd_list/')
#
# return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def cmd_add_adm(request):
# header_title, path1, path2 = u'sudo命令添加', u'授权管理', u'命令组添加'
# user, dept = get_session_user_dept(request)
#
# if request.method == 'POST':
# name = request.POST.get('name')
# cmd = ','.join(request.POST.get('cmd').split('\n'))
# comment = request.POST.get('comment')
#
# try:
# if CmdGroup.objects.filter(name=name):
# error = '%s 命令组已存在'
# raise ServerError(error)
# except ServerError, e:
# pass
# else:
# CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment)
# return HttpResponseRedirect('/jperm/cmd_list/')
#
# return HttpResponseRedirect('/jperm/cmd_list/')
#
# return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def cmd_edit(request):
# header_title, path1, path2 = u'sudo命令修改', u'授权管理管理', u'命令组修改'
#
# cmd_group_id = request.GET.get('id')
# cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
# dept_all = DEPT.objects.all()
#
# if cmd_group:
# cmd_group = cmd_group[0]
# cmd_group_id = cmd_group.id
# dept_id = cmd_group.dept.id
# name = cmd_group.name
# cmd = '\n'.join(cmd_group.cmd.split(','))
# comment = cmd_group.comment
#
# if request.method == 'POST':
# cmd_group_id = request.POST.get('cmd_group_id')
# name = request.POST.get('name')
# dept_id = request.POST.get('dept_id')
# cmd = ','.join(request.POST.get('cmd').split())
# comment = request.POST.get('comment')
# cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
#
# dept = DEPT.objects.filter(id=dept_id)
# try:
# if not dept:
# error = '没有该部门'
# raise ServerError(error)
#
# if not cmd_group:
# error = '没有该命令组'
# except ServerError, e:
# pass
# else:
# cmd_group.update(name=name, cmd=cmd, dept=dept[0], comment=comment)
# return HttpResponseRedirect('/jperm/cmd_list/')
# return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def cmd_list(request):
# header_title, path1, path2 = u'sudo命令查看', u'权限管理', u'Sudo命令添加'
#
# if is_super_user(request):
# cmd_groups = contact_list = CmdGroup.objects.all()
# else:
# user, dept = get_session_user_dept(request)
# cmd_groups = contact_list = dept.cmdgroup_set.all()
# p = paginator = Paginator(contact_list, 10)
#
# try:
# page = int(request.GET.get('page', '1'))
# except ValueError:
# page = 1
#
# try:
# contacts = paginator.page(page)
# except (EmptyPage, InvalidPage):
# contacts = paginator.page(paginator.num_pages)
# return render_to_response('jperm/sudo_cmd_list.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def cmd_del(request):
# cmd_group_id = request.GET.get('id')
# cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
#
# if cmd_group:
# cmd_group[0].delete()
# return HttpResponseRedirect('/jperm/cmd_list/')
#
#
# @require_admin
# def cmd_detail(request):
# cmd_ids = request.GET.get('id').split(',')
# cmds = []
# if len(cmd_ids) == 1:
# if cmd_ids[0]:
# cmd_id = cmd_ids[0]
# else:
# cmd_id = 1
# cmd_group = CmdGroup.objects.filter(id=cmd_id)
# if cmd_group:
# cmd_group = cmd_group[0]
# cmds.extend(cmd_group.cmd.split(','))
# cmd_group_name = cmd_group.name
# else:
# cmd_groups = []
# for cmd_id in cmd_ids:
# cmd_groups.extend(CmdGroup.objects.filter(id=cmd_id))
# for cmd_group in cmd_groups:
# cmds.extend(cmd_group.cmd.split(','))
#
# cmds_str = ', '.join(cmds)
#
# return render_to_response('jperm/sudo_cmd_detail.html', locals(), context_instance=RequestContext(request))
#
#
# @require_login
# def perm_apply(request):
# """ 权限申请 """
# header_title, path1, path2 = u'主机权限申请', u'权限管理', u'申请主机'
# user_id, username = get_session_user_info(request)[0:2]
# name = User.objects.get(id=user_id).username
# dept_id, deptname, dept = get_session_user_info(request)[3:6]
# perm_host = user_perm_asset_api(username)
# all_host = Asset.objects.filter(dept=dept)
#
# perm_group = user_perm_group_api(username)
# all_group = dept.bisgroup_set.all()
#
# posts = [g for g in all_host if g not in perm_host]
# egroup = [d for d in all_group if d not in perm_group]
#
# dept_da = User.objects.filter(dept_id=dept_id, role='DA')
# admin = User.objects.get(name='admin')
#
# if request.method == 'POST':
# applyer = request.POST.get('applyer')
# dept = request.POST.get('dept')
# da = request.POST.get('da')
# group = request.POST.getlist('group')
# hosts = request.POST.getlist('hosts')
# comment = request.POST.get('comment')
# if not da:
# return httperror(request, u'请选择管理员!')
# da = User.objects.get(id=da)
# mail_address = da.email
# mail_title = '%s - 权限申请' % username
# group_lis = ', '.join(group)
# hosts_lis = ', '.join(hosts)
# time_now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
# a = Apply.objects.create(applyer=applyer, admin=da, dept=dept, bisgroup=group, date_add=datetime.datetime.now(),
# asset=hosts, status=0, comment=comment, read=0)
# uuid = a.uuid
# url = "http://%s:%s/jperm/apply_exec/?uuid=%s" % (SEND_IP, SEND_PORT, uuid)
# mail_msg = """
# Hi,%s:
# 有新的权限申请, 详情如下:
# 申请人: %s
# 申请主机组: %s
# 申请的主机: %s
# 申请时间: %s
# 申请说明: %s
# 请及时审批, 审批完成后, 点击以下链接或登录授权管理-权限审批页面点击确认键,告知申请人。
#
# %s
# """ % (da.username, applyer, group_lis, hosts_lis, time_now, comment, url)
#
# send_mail(mail_title, mail_msg, MAIL_FROM, [mail_address], fail_silently=False)
# smg = "提交成功,已发邮件至 %s 通知部门管理员。" % mail_address
# return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request))
# return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def perm_apply_exec(request):
# """ 确认权限 """
# header_title, path1, path2 = u'主机权限申请', u'权限管理', u'审批完成'
# uuid = request.GET.get('uuid')
# user_id = request.session.get('user_id')
# approver = User.objects.get(id=user_id).name
# if uuid:
# p_apply = Apply.objects.filter(uuid=str(uuid))
# q_apply = Apply.objects.get(uuid=str(uuid))
# if q_apply.status == 1:
# smg = '此权限已经审批完成, 请勿重复审批, 十秒钟后返回首页'
# return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request))
# else:
# user = User.objects.get(username=q_apply.applyer)
# mail_address = user.email
# time_now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
# p_apply.update(status=1, approver=approver, date_end=time_now)
# mail_title = '%s - 权限审批完成' % q_apply.applyer
# mail_msg = """
# Hi,%s:
# 您所申请的权限已由 %s 在 %s 审批完成, 请登录验证。
# """ % (q_apply.applyer, q_apply.approver, time_now)
# send_mail(mail_title, mail_msg, MAIL_FROM, [mail_address], fail_silently=False)
# smg = '授权完成, 已邮件通知申请人, 十秒钟后返回首页'
# return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request))
# else:
# smg = '没有此授权记录, 十秒钟后返回首页'
# return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request))
#
#
# def get_apply_posts(request, status, username, dept_name, keyword=None):
# """ 获取申请记录 """
# post_all = Apply.objects.filter(status=status).order_by('-date_add')
# post_keyword_all = Apply.objects.filter(Q(applyer__contains=keyword) |
# Q(approver__contains=keyword)) \
# .filter(status=status).order_by('-date_add')
#
# if is_super_user(request):
# if keyword:
# posts = post_keyword_all
# else:
# posts = post_all
# elif is_group_admin(request):
# if keyword:
# posts = post_keyword_all.filter(dept=dept_name)
# else:
# posts = post_all.filter(dept=dept_name)
# elif is_common_user(request):
# if keyword:
# posts = post_keyword_all.filter(applyer=username)
# else:
# posts = post_all.filter(applyer=username)
#
# return posts
#
#
# @require_login
# def perm_apply_log(request, offset):
# """ 申请记录 """
# header_title, path1, path2 = u'权限申请记录', u'权限管理', u'申请记录'
# keyword = request.GET.get('keyword', '')
# user_id = get_session_user_info(request)[0]
# username = User.objects.get(id=user_id).name
# dept_name = get_session_user_info(request)[4]
# status_dic = {'online': 0, 'offline': 1}
# status = status_dic[offset]
# posts = get_apply_posts(request, status, username, dept_name, keyword)
# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
# return render_to_response('jperm/perm_log_%s.html' % offset, locals(), context_instance=RequestContext(request))
#
#
# @require_login
# def perm_apply_info(request):
# """ 申请信息详情 """
# uuid = request.GET.get('uuid', '')
# post = Apply.objects.filter(uuid=uuid)
# username = get_session_user_info(request)[1]
# if post:
# post = post[0]
# if post.read == 0 and post.applyer != username:
# post.read = 1
# post.save()
# else:
# return httperror(request, u'没有这个申请记录!')
#
# return render_to_response('jperm/perm_apply_info.html', locals(), context_instance=RequestContext(request))
#
#
# @require_admin
# def perm_apply_del(request):
# """ 删除日志记录 """
# uuid = request.GET.get('uuid')
# u_apply = Apply.objects.filter(uuid=uuid)
# if u_apply:
# u_apply.delete()
# return HttpResponseRedirect('/jperm/apply_show/online/')
#
#
# @require_login
# def perm_apply_search(request):
# """ 申请搜索 """
# keyword = request.GET.get('keyword')
# offset = request.GET.get('env')
# username = get_session_user_info(request)[1]
# dept_name = get_session_user_info(request)[3]
# status_dic = {'online': 0, 'offline': 1}
# status = status_dic[offset]
# posts = get_apply_posts(request, status, username, dept_name, keyword)
# contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
# return render_to_response('jperm/perm_apply_search.html', locals(), context_instance=RequestContext(request))
#
#
#
#
#
#
#
#
#
#
#
#
#
# #
# sudo_ldap_add(user_group, user_runas, asset_groups_select_list, cmd_groups_select_list)
@require_super_user
def sudo_list(request):
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情'
keyword = request.GET.get('search', '')
contact_list = UserGroup.objects.all().order_by('name')
if keyword:
contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request))
@require_admin
def sudo_list_adm(request):
header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情'
keyword = request.GET.get('search', '')
user, dept = get_session_user_dept(request)
contact_list = dept.usergroup_set.all().order_by('name')
if keyword:
contact_list = contact_list.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword))
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request)
return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request))
@require_super_user
def sudo_edit(request):
header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo授权'
if request.method == 'GET':
user_group_id = request.GET.get('id', '0')
user_group = UserGroup.objects.filter(id=user_group_id)
asset_group_all = BisGroup.objects.filter()
cmd_group_all = CmdGroup.objects.all()
if user_group:
user_group = user_group[0]
sudo_perm = user_group.sudoperm_set.all()
if sudo_perm:
sudo_perm = sudo_perm[0]
asset_group_permed = sudo_perm.asset_group.all()
cmd_group_permed = sudo_perm.cmd_group.all()
user_runas = sudo_perm.user_runas
comment = sudo_perm.comment
else:
asset_group_permed = []
cmd_group_permed = []
asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed]
cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed]
else:
user_group_id = request.POST.get('user_group_id', '')
users_runas = request.POST.get('runas') if request.POST.get('runas') else 'root'
asset_groups_select = request.POST.getlist('asset_groups_select')
cmd_groups_select = request.POST.getlist('cmd_groups_select')
comment = request.POST.get('comment', '')
user_group = UserGroup.objects.filter(id=user_group_id)
if user_group:
user_group = user_group[0]
if LDAP_ENABLE:
sudo_update(user_group, users_runas, asset_groups_select, cmd_groups_select, comment)
msg = '修改成功'
return HttpResponseRedirect('/jperm/sudo_list/')
return render_to_response('jperm/sudo_edit.html', locals(), context_instance=RequestContext(request))
@require_admin
def sudo_edit_adm(request):
header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo授权'
user, dept = get_session_user_dept(request)
if request.method == 'GET':
user_group_id = request.GET.get('id', '0')
if not validate(request, user_group=[user_group_id]):
return render_to_response('/jperm/sudo_list/')
user_group = UserGroup.objects.filter(id=user_group_id)
asset_group_all = dept.bisgroup_set.all()
cmd_group_all = dept.cmdgroup_set.all()
if user_group:
user_group = user_group[0]
sudo_perm = user_group.sudoperm_set.all()
if sudo_perm:
sudo_perm = sudo_perm[0]
asset_group_permed = sudo_perm.asset_group.all()
cmd_group_permed = sudo_perm.cmd_group.all()
user_runas = sudo_perm.user_runas
comment = sudo_perm.comment
else:
asset_group_permed = []
cmd_group_permed = []
asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed]
cmd_groups = [cmd_group for cmd_group in cmd_group_all if cmd_group not in cmd_group_permed]
else:
user_group_id = request.POST.get('user_group_id', '')
users_runas = request.POST.get('runas', 'root')
asset_groups_select = request.POST.getlist('asset_groups_select')
cmd_groups_select = request.POST.getlist('cmd_groups_select')
comment = request.POST.get('comment', '')
user_group = UserGroup.objects.filter(id=user_group_id)
if not validate(request, user_group=[user_group_id], asset_group=asset_groups_select):
return render_to_response('/jperm/sudo_list/')
if user_group:
user_group = user_group[0]
if LDAP_ENABLE:
sudo_update(user_group, users_runas, asset_groups_select, cmd_groups_select, comment)
msg = '修改成功'
return HttpResponseRedirect('/jperm/sudo_list/')
return render_to_response('jperm/sudo_edit.html', locals(), context_instance=RequestContext(request))
@require_admin
def sudo_detail(request):
header_title, path1, path2 = u'Sudo授权详情', u'授权管理', u'授权详情'
user_group_id = request.GET.get('id')
user_group = UserGroup.objects.filter(id=user_group_id)
if user_group:
asset_groups = []
cmd_groups = []
user_group = user_group[0]
users = user_group.user_set.all()
group_user_num = len(users)
for perm in user_group.sudoperm_set.all():
asset_groups.extend(perm.asset_group.all())
cmd_groups.extend(perm.cmd_group.all())
print asset_groups
return render_to_response('jperm/sudo_detail.html', locals(), context_instance=RequestContext(request))
@require_admin
def sudo_refresh(request):
sudo_perm_all = SudoPerm.objects.all()
for sudo_perm in sudo_perm_all:
user_group = sudo_perm.user_group
user_runas = sudo_perm.user_runas
asset_groups_select = sudo_perm.asset_group.all()
cmd_groups_select = sudo_perm.cmd_group.all()
sudo_ldap_add(user_group, user_runas, asset_groups_select, cmd_groups_select)
return HttpResponse('刷新sudo授权成功')
@require_super_user
def cmd_add(request):
header_title, path1, path2 = u'sudo命令添加', u'授权管理', u'命令组添加'
dept_all = DEPT.objects.all()
if request.method == 'POST':
name = request.POST.get('name')
dept_id = request.POST.get('dept_id')
cmd = ','.join(request.POST.get('cmd').split('\n'))
comment = request.POST.get('comment')
dept = DEPT.objects.filter(id=dept_id)
try:
if CmdGroup.objects.filter(name=name):
error = '%s 命令组已存在'
raise ServerError(error)
if not dept:
error = u"部门不能为空"
raise ServerError(error)
except ServerError, e:
pass
else:
dept = dept[0]
CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment)
msg = u'命令组添加成功'
return HttpResponseRedirect('/jperm/cmd_list/')
return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
@require_admin
def cmd_add_adm(request):
header_title, path1, path2 = u'sudo命令添加', u'授权管理', u'命令组添加'
user, dept = get_session_user_dept(request)
if request.method == 'POST':
name = request.POST.get('name')
cmd = ','.join(request.POST.get('cmd').split('\n'))
comment = request.POST.get('comment')
try:
if CmdGroup.objects.filter(name=name):
error = '%s 命令组已存在'
raise ServerError(error)
except ServerError, e:
pass
else:
CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment)
return HttpResponseRedirect('/jperm/cmd_list/')
return HttpResponseRedirect('/jperm/cmd_list/')
return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
@require_admin
def cmd_edit(request):
header_title, path1, path2 = u'sudo命令修改', u'授权管理管理', u'命令组修改'
cmd_group_id = request.GET.get('id')
cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
dept_all = DEPT.objects.all()
if cmd_group:
cmd_group = cmd_group[0]
cmd_group_id = cmd_group.id
dept_id = cmd_group.dept.id
name = cmd_group.name
cmd = '\n'.join(cmd_group.cmd.split(','))
comment = cmd_group.comment
if request.method == 'POST':
cmd_group_id = request.POST.get('cmd_group_id')
name = request.POST.get('name')
dept_id = request.POST.get('dept_id')
cmd = ','.join(request.POST.get('cmd').split())
comment = request.POST.get('comment')
cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
dept = DEPT.objects.filter(id=dept_id)
try:
if not dept:
error = '没有该部门'
raise ServerError(error)
if not cmd_group:
error = '没有该命令组'
except ServerError, e:
pass
else:
cmd_group.update(name=name, cmd=cmd, dept=dept[0], comment=comment)
return HttpResponseRedirect('/jperm/cmd_list/')
return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
@require_admin
def cmd_list(request):
header_title, path1, path2 = u'sudo命令查看', u'权限管理', u'Sudo命令添加'
if is_super_user(request):
cmd_groups = contact_list = CmdGroup.objects.all()
else:
user, dept = get_session_user_dept(request)
cmd_groups = contact_list = dept.cmdgroup_set.all()
p = paginator = Paginator(contact_list, 10)
try:
page = int(request.GET.get('page', '1'))
except ValueError:
page = 1
try:
contacts = paginator.page(page)
except (EmptyPage, InvalidPage):
contacts = paginator.page(paginator.num_pages)
return render_to_response('jperm/sudo_cmd_list.html', locals(), context_instance=RequestContext(request))
@require_admin
def cmd_del(request):
cmd_group_id = request.GET.get('id')
cmd_group = CmdGroup.objects.filter(id=cmd_group_id)
if cmd_group:
cmd_group[0].delete()
return HttpResponseRedirect('/jperm/cmd_list/')
@require_admin
def cmd_detail(request):
cmd_ids = request.GET.get('id').split(',')
cmds = []
if len(cmd_ids) == 1:
if cmd_ids[0]:
cmd_id = cmd_ids[0]
else:
cmd_id = 1
cmd_group = CmdGroup.objects.filter(id=cmd_id)
if cmd_group:
cmd_group = cmd_group[0]
cmds.extend(cmd_group.cmd.split(','))
cmd_group_name = cmd_group.name
else:
cmd_groups = []
for cmd_id in cmd_ids:
cmd_groups.extend(CmdGroup.objects.filter(id=cmd_id))
for cmd_group in cmd_groups:
cmds.extend(cmd_group.cmd.split(','))
cmds_str = ', '.join(cmds)
return render_to_response('jperm/sudo_cmd_detail.html', locals(), context_instance=RequestContext(request))
@require_login
def perm_apply(request):
""" 权限申请 """
header_title, path1, path2 = u'主机权限申请', u'权限管理', u'申请主机'
user_id, username = get_session_user_info(request)[0:2]
name = User.objects.get(id=user_id).username
dept_id, deptname, dept = get_session_user_info(request)[3:6]
perm_host = user_perm_asset_api(username)
all_host = Asset.objects.filter(dept=dept)
perm_group = user_perm_group_api(username)
all_group = dept.bisgroup_set.all()
posts = [g for g in all_host if g not in perm_host]
egroup = [d for d in all_group if d not in perm_group]
dept_da = User.objects.filter(dept_id=dept_id, role='DA')
admin = User.objects.get(name='admin')
if request.method == 'POST':
applyer = request.POST.get('applyer')
dept = request.POST.get('dept')
da = request.POST.get('da')
group = request.POST.getlist('group')
hosts = request.POST.getlist('hosts')
comment = request.POST.get('comment')
if not da:
return httperror(request, u'请选择管理员!')
da = User.objects.get(id=da)
mail_address = da.email
mail_title = '%s - 权限申请' % username
group_lis = ', '.join(group)
hosts_lis = ', '.join(hosts)
time_now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
a = Apply.objects.create(applyer=applyer, admin=da, dept=dept, bisgroup=group, date_add=datetime.datetime.now(),
asset=hosts, status=0, comment=comment, read=0)
uuid = a.uuid
url = "http://%s:%s/jperm/apply_exec/?uuid=%s" % (SEND_IP, SEND_PORT, uuid)
mail_msg = """
Hi,%s:
有新的权限申请, 详情如下:
申请人: %s
申请主机组: %s
申请的主机: %s
申请时间: %s
申请说明: %s
请及时审批, 审批完成后, 点击以下链接或登录授权管理-权限审批页面点击确认键,告知申请人。
%s
""" % (da.username, applyer, group_lis, hosts_lis, time_now, comment, url)
send_mail(mail_title, mail_msg, MAIL_FROM, [mail_address], fail_silently=False)
smg = "提交成功,已发邮件至 %s 通知部门管理员。" % mail_address
return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request))
return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request))
@require_admin
def perm_apply_exec(request):
""" 确认权限 """
header_title, path1, path2 = u'主机权限申请', u'权限管理', u'审批完成'
uuid = request.GET.get('uuid')
user_id = request.session.get('user_id')
approver = User.objects.get(id=user_id).name
if uuid:
p_apply = Apply.objects.filter(uuid=str(uuid))
q_apply = Apply.objects.get(uuid=str(uuid))
if q_apply.status == 1:
smg = '此权限已经审批完成, 请勿重复审批, 十秒钟后返回首页'
return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request))
else:
user = User.objects.get(username=q_apply.applyer)
mail_address = user.email
time_now = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
p_apply.update(status=1, approver=approver, date_end=time_now)
mail_title = '%s - 权限审批完成' % q_apply.applyer
mail_msg = """
Hi,%s:
您所申请的权限已由 %s 在 %s 审批完成, 请登录验证。
""" % (q_apply.applyer, q_apply.approver, time_now)
send_mail(mail_title, mail_msg, MAIL_FROM, [mail_address], fail_silently=False)
smg = '授权完成, 已邮件通知申请人, 十秒钟后返回首页'
return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request))
else:
smg = '没有此授权记录, 十秒钟后返回首页'
return render_to_response('jperm/perm_apply_exec.html', locals(), context_instance=RequestContext(request))
def get_apply_posts(request, status, username, dept_name, keyword=None):
""" 获取申请记录 """
post_all = Apply.objects.filter(status=status).order_by('-date_add')
post_keyword_all = Apply.objects.filter(Q(applyer__contains=keyword) |
Q(approver__contains=keyword)) \
.filter(status=status).order_by('-date_add')
if is_super_user(request):
if keyword:
posts = post_keyword_all
else:
posts = post_all
elif is_group_admin(request):
if keyword:
posts = post_keyword_all.filter(dept=dept_name)
else:
posts = post_all.filter(dept=dept_name)
elif is_common_user(request):
if keyword:
posts = post_keyword_all.filter(applyer=username)
else:
posts = post_all.filter(applyer=username)
return posts
@require_login
def perm_apply_log(request, offset):
""" 申请记录 """
header_title, path1, path2 = u'权限申请记录', u'权限管理', u'申请记录'
keyword = request.GET.get('keyword', '')
user_id = get_session_user_info(request)[0]
username = User.objects.get(id=user_id).name
dept_name = get_session_user_info(request)[4]
status_dic = {'online': 0, 'offline': 1}
status = status_dic[offset]
posts = get_apply_posts(request, status, username, dept_name, keyword)
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
return render_to_response('jperm/perm_log_%s.html' % offset, locals(), context_instance=RequestContext(request))
@require_login
def perm_apply_info(request):
""" 申请信息详情 """
uuid = request.GET.get('uuid', '')
post = Apply.objects.filter(uuid=uuid)
username = get_session_user_info(request)[1]
if post:
post = post[0]
if post.read == 0 and post.applyer != username:
post.read = 1
post.save()
else:
return httperror(request, u'没有这个申请记录!')
return render_to_response('jperm/perm_apply_info.html', locals(), context_instance=RequestContext(request))
@require_admin
def perm_apply_del(request):
""" 删除日志记录 """
uuid = request.GET.get('uuid')
u_apply = Apply.objects.filter(uuid=uuid)
if u_apply:
u_apply.delete()
return HttpResponseRedirect('/jperm/apply_show/online/')
@require_login
def perm_apply_search(request):
""" 申请搜索 """
keyword = request.GET.get('keyword')
offset = request.GET.get('env')
username = get_session_user_info(request)[1]
dept_name = get_session_user_info(request)[3]
status_dic = {'online': 0, 'offline': 1}
status = status_dic[offset]
posts = get_apply_posts(request, status, username, dept_name, keyword)
contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
return render_to_response('jperm/perm_apply_search.html', locals(), context_instance=RequestContext(request))
jumpserver/urls.py
View file @ 907c2c7e
...@@ -16,7 +16,7 @@ urlpatterns = patterns('', ...@@ -16,7 +16,7 @@ urlpatterns = patterns('',
(r'^juser/', include('juser.urls')), (r'^juser/', include('juser.urls')),
(r'^jasset/', include('jasset.urls')), (r'^jasset/', include('jasset.urls')),
# (r'^jlog/', include('jlog.urls')), # (r'^jlog/', include('jlog.urls')),
# (r'^jperm/', include('jperm.urls')), (r'^jperm/', include('jperm.urls')),
(r'^node_auth/', 'jumpserver.views.node_auth'), (r'^node_auth/', 'jumpserver.views.node_auth'),
) )
juser/urls.py
View file @ 907c2c7e
...@@ -10,7 +10,6 @@ urlpatterns = patterns('juser.views', ...@@ -10,7 +10,6 @@ urlpatterns = patterns('juser.views',
(r'^group_add/$', group_add), (r'^group_add/$', group_add),
(r'^group_list/$', group_list), (r'^group_list/$', group_list),
(r'^group_del/$', group_del), (r'^group_del/$', group_del),
(r'^group_del_ajax', group_del_ajax),
(r'^group_edit/$', group_edit), (r'^group_edit/$', group_edit),
(r'^user_add/$', user_add), (r'^user_add/$', user_add),
(r'^user_list/$', user_list), (r'^user_list/$', user_list),
...@@ -19,8 +18,7 @@ urlpatterns = patterns('juser.views', ...@@ -19,8 +18,7 @@ urlpatterns = patterns('juser.views',
(r'^forget_password/$', forget_password), (r'^forget_password/$', forget_password),
(r'^user_detail/$', 'user_detail'), (r'^user_detail/$', 'user_detail'),
(r'^user_del/$', 'user_del'), (r'^user_del/$', 'user_del'),
(r'^user_del_ajax/$', 'user_del_ajax'), (r'^user_edit/$', user_edit),
(r'^user_edit/$', view_splitter, {'su': user_edit, 'adm': user_edit_adm}),
(r'^profile/$', 'profile'), (r'^profile/$', 'profile'),
(r'^change_info/$', 'change_info'), (r'^change_info/$', 'change_info'),
(r'^regen_ssh_key/$', 'regen_ssh_key'), (r'^regen_ssh_key/$', 'regen_ssh_key'),
......
juser/views.py
View file @ 907c2c7e
...@@ -81,21 +81,14 @@ def group_del(request): ...@@ -81,21 +81,14 @@ def group_del(request):
del a group del a group
删除用户组 删除用户组
""" """
group_id = request.GET.get('id', '') group_ids = request.GET.get('id', '')
if not group_id: group_id_list = group_ids.split(',')
return HttpResponseRedirect('/') for group_id in group_id_list:
UserGroup.objects.filter(id=group_id).delete() UserGroup.objects.filter(id=group_id).delete()
return HttpResponseRedirect('/juser/group_list/')
@require_role(role='super')
def group_del_ajax(request):
group_ids = request.POST.get('group_ids')
group_ids = group_ids.split(',')
for group_id in group_ids:
UserGroup.objects.filter(id=group_id).delete()
return HttpResponse('删除成功') return HttpResponse('删除成功')
# @require_role(role='admin') # @require_role(role='admin')
# def group_list_adm(request): # def group_list_adm(request):
# header_title, path1, path2 = '查看部门小组', '用户管理', '查看小组' # header_title, path1, path2 = '查看部门小组', '用户管理', '查看小组'
...@@ -424,30 +417,10 @@ def user_detail(request): ...@@ -424,30 +417,10 @@ def user_detail(request):
@require_role(role='admin') @require_role(role='admin')
def user_del(request): def user_del(request):
user_id = request.GET.get('id', '') user_ids = request.GET.get('id', '')
if not user_id: user_id_list = user_ids.split(',')
return HttpResponseRedirect('/juser/user_list/') for user_id in user_id_list:
User.objects.filter(id=user_id).delete()
user = get_object(User, id=user_id)
if user and user.username != 'admin':
user.delete()
server_del_user(user.username)
return HttpResponseRedirect('/juser/user_list/')
@require_role(role='admin')
def user_del_ajax(request):
user_ids = request.POST.get('ids')
user_ids = user_ids.split(',')
if request.session.get('role_id', '') == 1:
if not validate(request, user=user_ids):
return "error"
for user_id in user_ids:
user = get_object(User, id=user_id)
if user and user.username != 'admin':
user.delete()
server_del_user(user.username)
return HttpResponse('删除成功') return HttpResponse('删除成功')
......
templates/jasset/asset_add.html
View file @ 907c2c7e
...@@ -80,8 +80,8 @@ ...@@ -80,8 +80,8 @@
<label for="groups" class="col-sm-2 control-label">所属主机组</label> <label for="groups" class="col-sm-2 control-label">所属主机组</label>
<div class="col-sm-8"> <div class="col-sm-8">
<select id="groups" name="groups" class="form-control m-b" multiple size="10"> <select id="groups" name="groups" class="form-control m-b" multiple size="10">
{% for g in egroup %} {% for asset_group in asset_group_all %}
<option type="checkbox" value="{{ g.id }}">{{ g.name }} {% if g.comment %} --- {{ g.comment }} {% endif %}</option> <option type="checkbox" value="{{ asset_group.id }}">{{ asset_group.name }} {% if asset_group.comment %} --- {{ asset_group.comment }} {% endif %}</option>
{% endfor %} {% endfor %}
</select> </select>
</div> </div>
......
templates/jasset/dept_host_ajax.html deleted 100644 → 0
View file @ 960e45d0
{% for host in hosts %}
<option value="{{ host.id }}">{{ host.ip }}</option>
{% endfor %}
\ No newline at end of file
templates/jasset/group_list.html
View file @ 907c2c7e
...@@ -24,6 +24,7 @@ ...@@ -24,6 +24,7 @@
<div class="ibox-content"> <div class="ibox-content">
<div class=""> <div class="">
<a target="_blank" href="/jasset/group_add/" class="btn btn-sm btn-primary "> 添加主机组 </a> <a target="_blank" href="/jasset/group_add/" class="btn btn-sm btn-primary "> 添加主机组 </a>
<a target="_blank" class="btn btn-sm btn-danger" id="del_check"> 删除所选 </a>
<form id="search_form" method="get" action="" class="pull-right mail-search"> <form id="search_form" method="get" action="" class="pull-right mail-search">
<div class="input-group"> <div class="input-group">
<input type="text" class="form-control input-sm" id="search_input" name="keyword" placeholder="Search"> <input type="text" class="form-control input-sm" id="search_input" name="keyword" placeholder="Search">
...@@ -54,15 +55,15 @@ ...@@ -54,15 +55,15 @@
{% for asset_group in asset_groups.object_list %} {% for asset_group in asset_groups.object_list %}
<tr class="gradeX"> <tr class="gradeX">
<td class="text-center" name="id" value="{{ asset_group.id }}" data-editable='false'> <td class="text-center" name="id" value="{{ asset_group.id }}" data-editable='false'>
<input name="id" value="{{ post.id }}" type="checkbox" class="i-checks"> <input name="id" value="{{ asset_group.id }}" type="checkbox" class="i-checks">
</td> </td>
<td class="text-center"> {{ asset_group.name }} </td> <td class="text-center"> {{ asset_group.name }} </td>
<td class="text-center"> <a href="/jasset/group_detail/?id={{ post.id }}">{{ asset_group.asset_set.count }}</a> </td> <td class="text-center"> <a href="/jasset/group_detail/?id={{ asset_group.id }}">{{ asset_group.asset_set.count }}</a> </td>
<td class="text-center"> {{ asset_group.comment }} </td> <td class="text-center"> {{ asset_group.comment }} </td>
<td class="text-center"> <td class="text-center">
<a href="/jasset/group_detail/?id={{ post.id }}" class="btn btn-xs btn-info">详情</a> <a href="/jasset/group_detail/?id={{ asset_group.id }}" class="btn btn-xs btn-info">详情</a>
<a href="/jasset/group_edit/?id={{ post.id }}" class="btn btn-xs btn-info">编辑</a> <a href="/jasset/group_edit/?id={{ asset_group.id }}" class="btn btn-xs btn-info">编辑</a>
<a href="/jasset/group_del/?id={{ post.id }}" class="btn btn-xs btn-danger">删除</a> <a value="/jasset/group_del/?id={{ asset_group.id }}" id="del" class="btn btn-xs btn-danger">删除</a>
</td> </td>
</tr> </tr>
{% endfor %} {% endfor %}
...@@ -70,8 +71,9 @@ ...@@ -70,8 +71,9 @@
</table> </table>
<div class="row"> <div class="row">
<div class="col-sm-6"> <div class="col-sm-6">
<input type="button" id="del_button" class="btn btn-danger btn-sm" name="del_button" value="删除" onclick="del('contents_form')" /> <div class="dataTables_info" id="editable_info" role="status" aria-live="polite">
<!--<input type="button" id="alter_button" class="btn btn-warning btn-sm" name="alter_button" value="修改" onclick="alter('contents_form')" />--> Showing {{ asset_groups.start_index }} to {{ asset_groups.end_index }} of {{ p.count }} entries
</div>
</div> </div>
{% include 'paginator.html' %} {% include 'paginator.html' %}
</div> </div>
...@@ -81,29 +83,43 @@ ...@@ -81,29 +83,43 @@
</div> </div>
</div> </div>
</div> </div>
{% endblock %}
{% block self_footer_js %}
<script> <script>
function del(form) { $(document).ready(function(){
var checkboxes = document.getElementById(form); $('#del').click(function(){
var id_list = {}; var row = $(this).closest('tr');
var j = 0; $.get(
for (var i = 0; i < checkboxes.elements.length; i++) { $(this).attr('value'),
if (checkboxes.elements[i].type == "checkbox" && checkboxes.elements[i].checked == true && checkboxes.elements[i].value != "checkall") { {},
id_list[j] = checkboxes.elements[i].value; function(data){
j++; row.remove();
} alert(data)
}
if (confirm("确定删除")) {
$.ajax({
type: "POST",
url: "/jasset/group_del/?id=multi",
data: {"id_list": id_list, "len_list": j},
success: function (data) {
window.open("/jasset/group_list/", "_self");
} }
)
});
$('#del_check').click(function(){
var check_array = [];
if (confirm('确定删除')){
$('tr.gradeX input:checked').each(function(){
check_array.push($(this).attr('value'))
}); });
$.get(
'/jasset/group_del/',
{id: check_array.join(',')},
function(data){
$('tr.gradeX input:checked').closest('tr').remove();
alert(data);
} }
)
} }
})
});
</script> </script>
{% endblock %} {% endblock %}
templates/juser/group_list.html
View file @ 907c2c7e
...@@ -26,7 +26,7 @@ ...@@ -26,7 +26,7 @@
<div class="ibox-content"> <div class="ibox-content">
<div class=""> <div class="">
<a target="_blank" href="/juser/group_add/" class="btn btn-sm btn-primary "> 添加用户组 </a> <a target="_blank" href="/juser/group_add/" class="btn btn-sm btn-primary "> 添加用户组 </a>
<a id="del_btn" class="btn btn-sm btn-danger "> 删除所选 </a> <a id="del_btn" class="btn btn-sm btn-danger "> 删除所选 </a>
<form id="search_form" method="get" action="" class="pull-right mail-search"> <form id="search_form" method="get" action="" class="pull-right mail-search">
<div class="input-group"> <div class="input-group">
<input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search"> <input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search">
...@@ -62,7 +62,7 @@ ...@@ -62,7 +62,7 @@
<td class="text-center"> {{ group.comment }} </td> <td class="text-center"> {{ group.comment }} </td>
<td class="text-center"> <td class="text-center">
<a href="../group_edit/?id={{ group.id }}" class="btn btn-xs btn-info">编辑</a> <a href="../group_edit/?id={{ group.id }}" class="btn btn-xs btn-info">编辑</a>
<a href="../group_del/?id={{ group.id }}" class="btn btn-xs btn-danger">删除</a> <a value="../group_del/?id={{ group.id }}" class="btn btn-xs btn-danger del">删除</a>
</td> </td>
</tr> </tr>
{% endfor %} {% endfor %}
...@@ -71,7 +71,7 @@ ...@@ -71,7 +71,7 @@
<div class="row"> <div class="row">
<div class="col-sm-6"> <div class="col-sm-6">
<div class="dataTables_info" id="editable_info" role="status" aria-live="polite"> <div class="dataTables_info" id="editable_info" role="status" aria-live="polite">
Showing {{ contacts.start_index }} to {{ contacts.end_index }} of {{ p.count }} entries Showing {{ user_groups.start_index }} to {{ user_groups.end_index }} of {{ p.count }} entries
</div> </div>
</div> </div>
{% include 'paginator.html' %} {% include 'paginator.html' %}
...@@ -86,14 +86,27 @@ ...@@ -86,14 +86,27 @@
{% block self_footer_js %} {% block self_footer_js %}
<script> <script>
$(document).ready(function(){ $(document).ready(function(){
var check_array = []; $('.del').click(function(){
var row = $(this).closest('tr');
$.get(
$(this).attr('value'),
{},
function(data){
row.remove();
alert(data);
}
)
});
$('#del_btn').click(function(){ $('#del_btn').click(function(){
var check_array = [];
if (confirm("确定删除")) { if (confirm("确定删除")) {
$(".gradeX input:checked").each(function() { $(".gradeX input:checked").each(function() {
check_array.push($(this).attr("value")) check_array.push($(this).attr("value"))
}); });
$.post("/juser/group_del_ajax/", $.get("/juser/group_del/",
{group_ids: check_array.join(",")}, {id: check_array.join(",")},
function(result){ function(result){
alert(result); alert(result);
$(".gradeX input:checked").closest("tr").remove(); $(".gradeX input:checked").closest("tr").remove();
......
templates/juser/user_list.html
View file @ 907c2c7e
...@@ -69,7 +69,7 @@ ...@@ -69,7 +69,7 @@
<a href="../user_detail/?id={{ user.id }}" class="btn btn-xs btn-primary">详情</a> <a href="../user_detail/?id={{ user.id }}" class="btn btn-xs btn-primary">详情</a>
<a href="../user_edit/?id={{ user.id }}" class="btn btn-xs btn-info">编辑</a> <a href="../user_edit/?id={{ user.id }}" class="btn btn-xs btn-info">编辑</a>
<a value="{{ user.uuid }}" class="btn btn-xs btn-warning email">Email</a> <a value="{{ user.uuid }}" class="btn btn-xs btn-warning email">Email</a>
<a href="../user_del/?id={{ user.id }}" class="btn btn-xs btn-danger {% if user.username == 'admin' %} disabled {% endif %}">删除</a> <a value="../user_del/?id={{ user.id }}" class="btn btn-xs btn-danger del {% if user.username == 'admin' %} disabled {% endif %}">删除</a>
</td> </td>
</tr> </tr>
{% endfor %} {% endfor %}
...@@ -93,32 +93,29 @@ ...@@ -93,32 +93,29 @@
{% block self_head_css_js %} {% block self_head_css_js %}
<script> <script>
$(document).ready(function(){ $(document).ready(function(){
{# $(".iframe").on('click', function() {#} $('.del').click(function(){
{# var url = $(this).attr("value");#} var row = $(this).closest('tr');
{# $.layer({#} $.get(
{# type: 2,#} $(this).attr('value'),
{# title: '用户详情',#} {},
{# maxmin: true,#} function(data){
{# shift: 'top',#} row.remove();
{# border: [2, 0.3, '#1AB394'],#} alert(data);
{# shade: [0.5, '#000000'],#} }
{# shadeClose: true,#} )
{# area: ['800px', '600px'],#} });
{# iframe: {src: url}#}
{# })#}
{# });#}
var check_array = [];
$('#del_btn').click(function(){ $('#del_btn').click(function(){
var check_array = [];
if (confirm("确定删除")) { if (confirm("确定删除")) {
$(".gradeX input:checked").each(function() { $(".gradeX input:checked").each(function() {
check_array.push($(this).attr("value")) check_array.push($(this).attr("value"))
}); });
$.post("/juser/user_del_ajax/", $.post("/juser/user_del/",
{ids: check_array.join(",")}, {id: check_array.join(",")},
function(data){ function(data){
$(".gradeX input:checked").closest("tr").remove(); $(".gradeX input:checked").closest("tr").remove();
window.open("/juser/user_list/", "_self"); alert(data);
} }
) )
} }
......
templates/nav.html
View file @ 907c2c7e
...@@ -28,15 +28,15 @@ ...@@ -28,15 +28,15 @@
<a href="#"><i class="fa fa-edit"></i> <span class="nav-label">授权管理</span><span class="fa arrow"></span></a> <a href="#"><i class="fa fa-edit"></i> <span class="nav-label">授权管理</span><span class="fa arrow"></span></a>
<ul class="nav nav-second-level"> <ul class="nav nav-second-level">
<li class="dept_perm_list dept_perm_edit"> <li class="dept_perm_list dept_perm_edit">
<a href="/jperm/dept_perm_list/">部门授权</a> <a href="/jperm/user/">用户授权</a>
</li> </li>
<li class="perm_list perm_edit perm_detail"> <li class="perm_list perm_edit perm_detail">
<a href="/jperm/perm_list/">组授权</a> <a href="/jperm/perm_list/">用户组授权</a>
</li> </li>
<li class="sudo_list sudo_edit sudo_add cmd_list cmd_edit cmd_add sudo_detail"> <li class="sudo_list sudo_edit sudo_add cmd_list cmd_edit cmd_add sudo_detail">
<a href="/jperm/sudo_list/">Sudo授权</a> <a href="/jperm/sudo_list/">命令授权</a>
</li> </li>
<li class="apply_show online"><a href="/jperm/apply_show/online/">权限审批</a></li> <li class="apply_show online"><a href="/jperm/apply_show/online/">权限审批</a></li>
</ul> </ul>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment