merge

9ab855fd · ibuler · c1d8de45 · f19b274f · 9ab855fd · 9ab855fd
Commit 9ab855fd authored Apr 18, 2015 by ibuler
Hide whitespace changes
Inline Side-by-side

Showing with 77 additions and 69 deletions

views.py jasset/views.py +69 -21

jumpserver.conf jumpserver.conf +1 -1

log_handler.py log_handler.py +1 -1

group_edit.html templates/jasset/group_edit.html +6 -46

No files found.
--- a/jasset/views.py
+++ b/jasset/views.py
@@ -220,11 +220,14 @@ def host_add_batch(request):
            if host == '':
                break
            j_ip, j_port, j_type, j_idc, j_groups, j_depts, j_active, j_comment = host.split()
-            j_type = login_types[j_type]
            j_active = active_types[str(j_active)]
            j_group = ast.literal_eval(j_groups)
            j_dept = ast.literal_eval(j_depts)
+            if j_type not in ['LDAP', 'MAP']:
+                return httperror(request, u'没有%s这种登录方式!' %j_type)
+            j_type = login_types[j_type]
            idc = IDC.objects.filter(name=j_idc)
            if idc:
                j_idc = idc[0].id
@@ -326,6 +329,7 @@ def host_list(request):
    dept = DEPT.objects.get(id=dept_id)
    did = request.GET.get('did', '')
    gid = request.GET.get('gid', '')
+    sid = request.GET.get('sid', '')
    user_id = get_session_user_info(request)[0]
    post_all = Asset.objects.all().order_by('ip')
@@ -360,6 +364,27 @@ def host_list(request):
            return httperror(request, u'没有这个小组!')
        return my_render('jasset/host_list_nop.html', locals(), request)
+    elif sid:
+        if is_common_user(request):
+            return httperror(request, u'您无权查看!')
+        elif is_group_admin(request) and not verify(request, user_group=[sid]):
+            return httperror(request, u'您无权查看!')
+        posts, asset_groups = [], []
+        user_group = UserGroup.objects.filter(id=int(sid))
+        if user_group:
+            user_group = user_group[0]
+            for perm in user_group.sudoperm_set.all():
+                asset_groups.extend(perm.asset_group.all())
+            for asset_group in asset_groups:
+                posts.extend(asset_group.asset_set.all())
+            posts = list(set(posts))
+        else:
+            return httperror(request, u'没有这个sudo授权!')
+        return my_render('jasset/host_list_nop.html', locals(), request)
    else:
        if is_super_user(request):
            if keyword:
@@ -619,7 +644,7 @@ def idc_del(request):
        for i in range(int(len_list)):
            key = "id_list[" + str(i) + "]"
            idc_id = request.POST.get(key)
-            db_idc_delete(request, idc_id)
+            db_idc_delete(request, int(idc_id))
    else:
        db_idc_delete(request, int(offset))
    return HttpResponseRedirect('/jasset/idc_list/')
@@ -677,18 +702,36 @@ def group_list(request):
    gid = request.GET.get('gid')
    sid = request.GET.get('sid')
    if gid:
+        if is_common_user(request):
+            return httperror(request, u'您无权查看!')
+        elif is_group_admin(request) and not verify(request, user_group=[gid]):
+            return httperror(request, u'您无权查看!')
        posts = []
-        user_group = UserGroup.objects.get(id=gid)
+        user_group = UserGroup.objects.filter(id=gid)
-        perms = Perm.objects.filter(user_group=user_group)
+        if user_group:
-        for perm in perms:
+            user_group = user_group[0]
-            posts.append(perm.asset_group)
+            perms = Perm.objects.filter(user_group=user_group)
+            for perm in perms:
+                posts.append(perm.asset_group)
    elif sid:
+        if is_common_user(request):
+            return httperror(request, u'您无权查看!')
+        elif is_group_admin(request) and not verify(request, user_group=[sid]):
+            return httperror(request, u'您无权查看!')
        posts = []
-        user_group = UserGroup.objects.get(id=sid)
+        user_group = UserGroup.objects.filter(id=sid)
-        perms = Perm.objects.filter(user_group=user_group)
+        if user_group:
-        for perm in perms:
+            user_group = user_group[0]
-            posts.append(perm.asset_group)
+            for perm in user_group.sudoperm_set.all():
+                posts.extend(perm.asset_group.all())
+            posts = list(set(posts))
+        else:
+            return httperror(request, u'没有此sudo授权!')
    else:
        if is_super_user(request):
@@ -712,21 +755,26 @@ def group_edit(request):
    """ 修改主机组 """
    header_title, path1, path2 = u'编辑主机组', u'资产管理', u'编辑主机组'
    group_id = request.GET.get('id', '')
-    group = BisGroup.objects.get(id=group_id)
+    group = BisGroup.objects.filter(id=group_id)
+    if group:
+        group = group.first()
+    else:
+        httperror(request, u'没有这个主机组!')
    host_all = Asset.objects.all()
-    dept_id = get_user_dept(request)
+    dept_id = get_session_user_info(request)[3]
    eposts = Asset.objects.filter(bis_group=group)
-    if is_super_user(request):
+    if is_group_admin(request) and not verify(request, asset_group=[group_id]):
-        edept = DEPT.objects.all()
+        return httperror(request, '编辑失败, 您无权操作!')
-        posts = [g for g in host_all if g not in eposts]
+    dept = DEPT.objects.filter(id=group.dept.id)
+    if dept:
+        dept = dept[0]
+    else:
+        return httperror(request, u'没有这个部门!')
-    elif is_group_admin(request):
+    all_dept = dept.asset_set.all()
-        if not verify(request, asset_group=[group_id]):
+    posts = [g for g in all_dept if g not in eposts]
-            return httperror(request, '编辑失败, 您无权操作!')
-        dept = DEPT.objects.get(id=dept_id)
-        all_dept = Asset.objects.filter(dept=dept)
-        posts = [g for g in all_dept if g not in eposts]
    if request.method == 'POST':
        j_group = request.POST.get('j_group', '')

--- a/jumpserver.conf
+++ b/jumpserver.conf
 #coding: utf8
 [base]
-ip = 192.168.20.209
+ip = 192.168.0.129
 port = 80
 key = 88aaaf7ffe3c6c04

--- a/log_handler.py
+++ b/log_handler.py
@@ -16,7 +16,7 @@ from jlog.models import Log
 def log_hanler(id):
    log = Log.objects.get(id=id)
-    pattern = re.compile(r'\[.*@.*\][\$#].*')
+    pattern = re.compile(r'(\[.*@.*\][\$#].*) | (mysql>.*)')
    if log:
        filename = log.log_path
        if os.path.isfile(filename):

--- a/templates/jasset/group_edit.html
+++ b/templates/jasset/group_edit.html
@@ -66,32 +66,12 @@
                            <div class="col-sm-8" name="group_id" value="{{ post.id }}"><input type="text" value="{{ group.name }}" placeholder="网站" name="j_group" class="form-control"></div>
                        </div>
-                        {% ifequal session_role_id 2 %}
+                        <div class="hr-line-dashed"></div>
-                            <div class="hr-line-dashed"></div>
+                        <div class="form-group">
-                            <div class="form-group">
+                            <label for="j_dept" class="col-lg-2 control-label">所属部门<span class="red-fonts" style="">*</span></label>
-                                <label for="j_dept" class="col-lg-2 control-label">所属部门<span class="red-fonts">*</span></label>
+                                <input type="text" name="j_dept" value="{{  group.dept.id }}" style="display: none">
-                                <div class="col-sm-8">
+                                <div class="col-sm-8"><input type="text"  value="{{  group.dept.name }}" class="form-control" readonly="readonly"></div>
-                                    <select id="j_dept" name="j_dept" class="form-control m-b" onchange="change_dept(this.value)">
+                        </div>
-                                        {% for d in edept %}
-                                            {% ifequal group.dept d %}
-                                                <option type="checkbox" value="{{ d.id }}" selected>{{ d.name }}</option>
-                                            {% else %}
-                                                <option type="checkbox" value="{{ d.id }}">{{ d.name }}</option>
-                                            {% endifequal %}
-                                        {% endfor %}
-                                    </select>
-                                </div>
-                            </div>
-                        {% endifequal %}
-                        {% ifequal session_role_id 1 %}
-                            <div class="hr-line-dashed"></div>
-                            <div class="form-group">
-                                <label for="j_dept" class="col-lg-2 control-label">所属部门<span class="red-fonts" style="">*</span></label>
-                                    <input type="text" name="j_dept" value="{{  group.dept.id }}" style="display: none">
-                                    <div class="col-sm-8"><input type="text"  value="{{  group.dept.name }}" class="form-control" readonly="readonly"></div>
-                            </div>
-                        {% endifequal %}
                       <div class="hr-line-dashed"></div>
                        <div class="form-group">
@@ -189,25 +169,6 @@
                $(this).prop('selected', true)
            })
        }
-//    $('#search').keyup(function() {
-//        var $rows = $('#hosts option');
-//        console.log($rows);
-//        var val = $.trim($(this).val()).replace(/ +/g, ' ').toLowerCase();
-//
-//        $rows.show().filter(function() {
-//            var text = $(this).text().replace(/\s+/g, ' ').toLowerCase();
-//            return !~text.indexOf(val);
-//        }).hide();
-//    });
-    function change_dept(dept_id){
-    $.get('/jasset/dept_host_ajax/',
-            {'id': dept_id},
-            function(data){
-                $('#assets').html(data)
-            })
-    }
 </script>
 {% endblock %}
\ No newline at end of file