Skip to content

J
jumpserver
Commit 9f0620f9 authored by Guang's avatar Guang
Browse files
Options

调整User,UserGroup类

parent 9e52e6a3
Show whitespace changes
Inline Side-by-side
Showing with 416 additions and 271 deletions
connect.py
View file @ 9f0620f9
...@@ -26,20 +26,19 @@ os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings' ...@@ -26,20 +26,19 @@ os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings'
if django.get_version() != '1.6': if django.get_version() != '1.6':
django.setup() django.setup()
from jlog.models import Log from jlog.models import Log
from jumpserver.api import CONF, BASE_DIR, ServerError, Juser, Jasset, JassetGroup from jumpserver.api import CONF, BASE_DIR, ServerError, User, UserGroup, Asset, BisGroup
from jumpserver.api import CRYPTOR, logger, is_dir from jumpserver.api import CRYPTOR, logger, is_dir
try: try:
import termios import termios
import tty import tty
except ImportError: except ImportError:
print '\033[1;31mOnly unix like supported.\033[0m' print '\033[1;31m仅支持类Unix系统 Only unix like supported.\033[0m'
time.sleep(3) time.sleep(3)
sys.exit() sys.exit()
CONF.read(os.path.join(BASE_DIR, 'jumpserver.conf'))
log_dir = os.path.join(BASE_DIR, 'logs') log_dir = os.path.join(BASE_DIR, 'logs')
login_user = Juser(username=getpass.getuser()) login_user = User(username=getpass.getuser())
def color_print(msg, color='red', exits=False): def color_print(msg, color='red', exits=False):
...@@ -265,7 +264,7 @@ def verify_connect(user, option): ...@@ -265,7 +264,7 @@ def verify_connect(user, option):
elif len(ip_matched) < 1: elif len(ip_matched) < 1:
color_print('No Permission or No host.', 'red') color_print('No Permission or No host.', 'red')
else: else:
asset = Jasset(ip=ip_matched[0]).asset asset = Asset(ip=ip_matched[0]).asset
jtty = Jtty(user, asset) jtty = Jtty(user, asset)
jtty.connect() jtty.connect()
......
docs/AddUserAsset.py
View file @ 9f0620f9
...@@ -127,14 +127,14 @@ def test_add_log(): ...@@ -127,14 +127,14 @@ def test_add_log():
if __name__ == '__main__': if __name__ == '__main__':
#install() install()
#test_add_dept() test_add_dept()
#test_add_group() test_add_group()
#test_add_user() test_add_user()
#test_add_idc() test_add_idc()
#test_add_asset_group() test_add_asset_group()
test_add_asset() test_add_asset()
#test_add_log() test_add_log()
......
jasset/models.py
View file @ 9f0620f9
...@@ -23,6 +23,45 @@ class BisGroup(models.Model): ...@@ -23,6 +23,45 @@ class BisGroup(models.Model):
def __unicode__(self): def __unicode__(self):
return self.name return self.name
def get_asset(self):
return self.asset_set.all()
def get_asset_info(self, printable=False):
assets = self.get_asset()
for asset in assets:
if asset.comment:
print '%-15s -- %s' % (asset.ip, asset.comment)
else:
print '%-15s' % asset.ip
print ''
def get_asset_num(self):
return len(self.get_asset())
def get_user_group(self):
perm_list = self.perm_set.all()
user_group_list = []
for perm in perm_list:
user_group_list.append(perm.user_group)
return user_group_list
def get_user(self):
user_list = []
user_group_list = self.get_user_group()
for user_group in user_group_list:
user_list.extend(user_group.user_set.all())
return user_list
def is_permed(self, user=None, user_group=None):
if user:
if user in self.get_user():
return True
if user_group:
if user_group in self.get_user_group():
return True
return False
class Asset(models.Model): class Asset(models.Model):
LOGIN_TYPE_CHOICES = ( LOGIN_TYPE_CHOICES = (
...@@ -44,6 +83,22 @@ class Asset(models.Model): ...@@ -44,6 +83,22 @@ class Asset(models.Model):
def __unicode__(self): def __unicode__(self):
return self.ip return self.ip
def get_user(self):
perm_list = []
asset_group_all = self.bis_group.all()
for asset_group in asset_group_all:
perm_list.extend(asset_group.perm_set.all())
user_group_list = []
for perm in perm_list:
user_group_list.append(perm.user_group)
user_permed_list = []
for user_group in user_group_list:
user_permed_list.extend(user_group.user_set.all())
user_permed_list = list(set(user_permed_list))
return user_permed_list
class AssetAlias(models.Model): class AssetAlias(models.Model):
user = models.ForeignKey(User) user = models.ForeignKey(User)
......
jumpserver/api.py
View file @ 9f0620f9
...@@ -219,6 +219,7 @@ def require_login(func): ...@@ -219,6 +219,7 @@ def require_login(func):
def require_super_user(func): def require_super_user(func):
"""要求是超级管理员"""
def _deco(request, *args, **kwargs): def _deco(request, *args, **kwargs):
if not request.session.get('user_id'): if not request.session.get('user_id'):
return HttpResponseRedirect('/login/') return HttpResponseRedirect('/login/')
...@@ -230,6 +231,7 @@ def require_super_user(func): ...@@ -230,6 +231,7 @@ def require_super_user(func):
def require_admin(func): def require_admin(func):
"""要求是管理员"""
def _deco(request, *args, **kwargs): def _deco(request, *args, **kwargs):
if not request.session.get('user_id'): if not request.session.get('user_id'):
return HttpResponseRedirect('/login/') return HttpResponseRedirect('/login/')
...@@ -241,6 +243,7 @@ def require_admin(func): ...@@ -241,6 +243,7 @@ def require_admin(func):
def is_super_user(request): def is_super_user(request):
"""要求请求是超级管理员"""
if request.session.get('role_id') == 2: if request.session.get('role_id') == 2:
return True return True
else: else:
...@@ -248,6 +251,7 @@ def is_super_user(request): ...@@ -248,6 +251,7 @@ def is_super_user(request):
def is_group_admin(request): def is_group_admin(request):
"""要求请求是组管理员"""
if request.session.get('role_id') == 1: if request.session.get('role_id') == 1:
return True return True
else: else:
...@@ -255,6 +259,7 @@ def is_group_admin(request): ...@@ -255,6 +259,7 @@ def is_group_admin(request):
def is_common_user(request): def is_common_user(request):
"""要求用户是普通用户"""
if request.session.get('role_id') == 0: if request.session.get('role_id') == 0:
return True return True
else: else:
...@@ -313,267 +318,267 @@ def api_user(request): ...@@ -313,267 +318,267 @@ def api_user(request):
# return asset_group_list # return asset_group_list
class Juser(object): # class Juser(object):
""" # """
Jumpserver user class # Jumpserver user class
用户类 # 用户类
""" # """
#
def __init__(self, username=None, uid=None): # def __init__(self, username=None, uid=None):
if username: # if username:
user = User.objects.filter(username=username) # user = User.objects.filter(username=username)
elif uid: # elif uid:
user = User.objects.filter(id=uid) # user = User.objects.filter(id=uid)
else: # else:
user = '' # user = ''
#
if user: # if user:
user = user[0] # user = user[0]
self.user = user # self.user = user
self.id = user.id # self.id = user.id
# self.id = user.id # # self.id = user.id
# self.username = user.username # # self.username = user.username
# self.name = user.name # # self.name = user.name
self.group = user.group.all() # self.group = user.group.all()
else: # else:
self.id = None # self.id = None
#
def __repr__(self): # def __repr__(self):
if self.id: # if self.id:
return '<%s Juser instance>' % getattr(self.user, 'username') # return '<%s Juser instance>' % getattr(self.user, 'username')
else: # else:
return 'None' # return 'None'
#
def __getattr__(self, item): # def __getattr__(self, item):
if self.id: # if self.id:
return getattr(self.user, item) # return getattr(self.user, item)
else: # else:
return None # return None
#
def validate(self): # def validate(self):
""" # """
Validate is or not a true user # Validate is or not a true user
鉴定用户 # 鉴定用户
""" # """
if self.id: # if self.id:
return True # return True
else: # else:
return False # return False
#
def get_asset_group(self): # def get_asset_group(self):
""" # """
Get user host_groups. # Get user host_groups.
获取用户有权限的主机组 # 获取用户有权限的主机组
""" # """
host_group_list = [] # host_group_list = []
perm_list = [] # perm_list = []
user_group_all = self.user.group.all() # user_group_all = self.user.group.all()
for user_group in user_group_all: # for user_group in user_group_all:
perm_list.extend(user_group.perm_set.all()) # perm_list.extend(user_group.perm_set.all())
#
for perm in perm_list: # for perm in perm_list:
host_group_list.append(perm.asset_group) # host_group_list.append(perm.asset_group)
#
return host_group_list # return host_group_list
#
def get_asset_group_info(self, printable=False): # def get_asset_group_info(self, printable=False):
""" # """
Get or print asset group info # Get or print asset group info
获取或打印用户授权资产组 # 获取或打印用户授权资产组
""" # """
asset_groups_info = {} # asset_groups_info = {}
asset_groups = self.get_asset_group() # asset_groups = self.get_asset_group()
#
for asset_group in asset_groups: # for asset_group in asset_groups:
asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment] # asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment]
#
if printable: # if printable:
for group_id in asset_groups_info: # for group_id in asset_groups_info:
if asset_groups_info[group_id][1]: # if asset_groups_info[group_id][1]:
print "[%3s] %s -- %s" % (group_id, # print "[%3s] %s -- %s" % (group_id,
asset_groups_info[group_id][0], # asset_groups_info[group_id][0],
asset_groups_info[group_id][1]) # asset_groups_info[group_id][1])
else: # else:
print "[%3s] %s" % (group_id, asset_groups_info[group_id][0]) # print "[%3s] %s" % (group_id, asset_groups_info[group_id][0])
print '' # print ''
else: # else:
return asset_groups_info # return asset_groups_info
#
def get_asset(self): # def get_asset(self):
""" # """
Get the assets of under the user control. # Get the assets of under the user control.
获取主机列表 # 获取主机列表
""" # """
assets = [] # assets = []
asset_groups = self.get_asset_group() # asset_groups = self.get_asset_group()
#
for asset_group in asset_groups: # for asset_group in asset_groups:
assets.extend(asset_group.asset_set.all()) # assets.extend(asset_group.asset_set.all())
#
return assets # return assets
#
def get_asset_info(self, printable=False): # def get_asset_info(self, printable=False):
""" # """
Get or print the user asset info # Get or print the user asset info
获取或打印用户资产信息 # 获取或打印用户资产信息
""" # """
assets_info = {} # assets_info = {}
assets = self.get_asset() # assets = self.get_asset()
#
for asset in assets: # for asset in assets:
asset_alias = AssetAlias.objects.filter(user=self.user, asset=asset) # asset_alias = AssetAlias.objects.filter(user=self.user, asset=asset)
if asset_alias and asset_alias[0].alias != '': # if asset_alias and asset_alias[0].alias != '':
assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)] # assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)]
else: # else:
assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)] # assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)]
#
if printable: # if printable:
ips = assets_info.keys() # ips = assets_info.keys()
ips.sort() # ips.sort()
for ip in ips: # for ip in ips:
if assets_info[ip][2]: # if assets_info[ip][2]:
print '%-15s -- %s' % (ip, assets_info[ip][2]) # print '%-15s -- %s' % (ip, assets_info[ip][2])
else: # else:
print '%-15s' % ip # print '%-15s' % ip
print '' # print ''
else: # else:
return assets_info # return assets_info
#
class Jasset(object):
"""
Jumpserver asset class
Jumpserver资产类
"""
def __init__(self, ip=None, id=None):
if ip:
asset = Asset.objects.filter(ip=ip)
elif id:
asset = Asset.objects.filter(id=id)
else:
asset = ''
if asset:
asset = asset[0]
self.asset = asset
self.id = asset.id
else:
self.id = None
def __repr__(self):
if self.id:
return '<%s Jasset instance>' % self.asset.ip
else:
return 'None'
def __getattr__(self, item):
if self.id:
return getattr(self.asset, item)
else:
return None
def validate(self):
"""
Validate is or not a true asset
判断是否存在
"""
if self.id:
return True
else:
return False
def get_user(self):
perm_list = []
asset_group_all = self.asset.bis_group.all()
for asset_group in asset_group_all:
perm_list.extend(asset_group.perm_set.all())
user_group_list = []
for perm in perm_list:
user_group_list.append(perm.user_group)
user_permed_list = []
for user_group in user_group_list:
user_permed_list.extend(user_group.user_set.all())
user_permed_list = list(set(user_permed_list))
return user_permed_list
class JassetGroup(object):
"""
Jumpserver AssetGroup class
Jumpserver 资产组类
"""
def __init__(self, name=None, id=None):
if id:
asset_group = BisGroup.objects.filter(id=int(id))
elif name:
asset_group = BisGroup.objects.filter(name=name)
else:
asset_group = ''
if asset_group:
asset_group = asset_group[0]
self.asset_group = asset_group
# self.name = asset_group.name
self.id = asset_group.id
else:
self.id = None
def __repr__(self):
if self.id:
return '<%s JassetGroup instance>' % self.name
else:
return 'None'
def validate(self):
"""
Validate it is a true asset group or not
鉴定是否为真是存在的组
"""
if self.id:
return True
else:
return False
def get_asset(self): # class Jasset(object):
return self.asset_group.asset_set.all() # """
# Jumpserver asset class
# Jumpserver资产类
# """
# def __init__(self, ip=None, id=None):
# if ip:
# asset = Asset.objects.filter(ip=ip)
# elif id:
# asset = Asset.objects.filter(id=id)
# else:
# asset = ''
#
# if asset:
# asset = asset[0]
# self.asset = asset
# self.id = asset.id
# else:
# self.id = None
#
# def __repr__(self):
# if self.id:
# return '<%s Jasset instance>' % self.asset.ip
# else:
# return 'None'
#
# def __getattr__(self, item):
# if self.id:
# return getattr(self.asset, item)
# else:
# return None
#
# def validate(self):
# """
# Validate is or not a true asset
# 判断是否存在
# """
# if self.id:
# return True
# else:
# return False
#
# def get_user(self):
# perm_list = []
# asset_group_all = self.bis_group.all()
# for asset_group in asset_group_all:
# perm_list.extend(asset_group.perm_set.all())
#
# user_group_list = []
# for perm in perm_list:
# user_group_list.append(perm.user_group)
#
# user_permed_list = []
# for user_group in user_group_list:
# user_permed_list.extend(user_group.user_set.all())
# user_permed_list = list(set(user_permed_list))
# return user_permed_list
def get_asset_info(self, printable=False):
assets = self.get_asset()
for asset in assets:
if asset.comment:
print '%-15s -- %s' % (asset.ip, asset.comment)
else:
print '%-15s' % asset.ip
print ''
def get_asset_num(self):
return len(self.get_asset())
def get_user_group(self):
perm_list = self.asset_group.perm_set.all()
user_group_list = []
for perm in perm_list:
user_group_list.append(perm.user_group)
return user_group_list
def get_user(self):
user_list = []
user_group_list = self.get_user_group()
for user_group in user_group_list:
user_list.extend(user_group.user_set.all())
return user_list
def is_permed(self, user=None, user_group=None):
if user:
if user in self.get_user():
return True
if user_group: # class JassetGroup(object):
if user_group in self.get_user_group(): # """
return True # Jumpserver AssetGroup class
return False # Jumpserver 资产组类
# """
# def __init__(self, name=None, id=None):
# if id:
# asset_group = BisGroup.objects.filter(id=int(id))
# elif name:
# asset_group = BisGroup.objects.filter(name=name)
# else:
# asset_group = ''
#
# if asset_group:
# asset_group = asset_group[0]
# self.asset_group = asset_group
# # self.name = asset_group.name
# self.id = asset_group.id
# else:
# self.id = None
#
# def __repr__(self):
# if self.id:
# return '<%s JassetGroup instance>' % self.name
# else:
# return 'None'
#
# def validate(self):
# """
# Validate it is a true asset group or not
# 鉴定是否为真是存在的组
# """
# if self.id:
# return True
# else:
# return False
#
# def get_asset(self):
# return self.asset_group.asset_set.all()
#
# def get_asset_info(self, printable=False):
# assets = self.get_asset()
# for asset in assets:
# if asset.comment:
# print '%-15s -- %s' % (asset.ip, asset.comment)
# else:
# print '%-15s' % asset.ip
# print ''
#
# def get_asset_num(self):
# return len(self.get_asset())
#
# def get_user_group(self):
# perm_list = self.asset_group.perm_set.all()
# user_group_list = []
# for perm in perm_list:
# user_group_list.append(perm.user_group)
# return user_group_list
#
# def get_user(self):
# user_list = []
# user_group_list = self.get_user_group()
# for user_group in user_group_list:
# user_list.extend(user_group.user_set.all())
# return user_list
#
# def is_permed(self, user=None, user_group=None):
# if user:
# if user in self.get_user():
# return True
#
# if user_group:
# if user_group in self.get_user_group():
# return True
# return False
# def asset_perm_api(asset): # def asset_perm_api(asset):
......
juser/models.py
View file @ 9f0620f9
#coding: utf-8
from django.db import models from django.db import models
...@@ -32,10 +34,90 @@ class User(models.Model): ...@@ -32,10 +34,90 @@ class User(models.Model):
dept = models.ForeignKey(DEPT) dept = models.ForeignKey(DEPT)
group = models.ManyToManyField(UserGroup) group = models.ManyToManyField(UserGroup)
ldap_pwd = models.CharField(max_length=128) ldap_pwd = models.CharField(max_length=128)
ssh_key_pwd = models.CharField(max_length=100) ssh_key_pwd = models.CharField(max_length=200)
is_active = models.BooleanField(default=True) is_active = models.BooleanField(default=True)
last_login = models.DateTimeField(null=True) last_login = models.DateTimeField(null=True)
date_joined = models.DateTimeField(null=True) date_joined = models.DateTimeField(null=True)
def __unicode__(self): def __unicode__(self):
return self.username return self.username
def get_asset_group(self):
"""
Get user host_groups.
获取用户有权限的主机组
"""
host_group_list = []
perm_list = []
user_group_all = self.group.all()
for user_group in user_group_all:
perm_list.extend(user_group.perm_set.all())
for perm in perm_list:
host_group_list.append(perm.asset_group)
return host_group_list
def get_asset_group_info(self, printable=False):
"""
Get or print asset group info
获取或打印用户授权资产组
"""
asset_groups_info = {}
asset_groups = self.get_asset_group()
for asset_group in asset_groups:
asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment]
if printable:
for group_id in asset_groups_info:
if asset_groups_info[group_id][1]:
print "[%3s] %s -- %s" % (group_id,
asset_groups_info[group_id][0],
asset_groups_info[group_id][1])
else:
print "[%3s] %s" % (group_id, asset_groups_info[group_id][0])
print ''
else:
return asset_groups_info
def get_asset(self):
"""
Get the assets of under the user control.
获取主机列表
"""
assets = []
asset_groups = self.get_asset_group()
for asset_group in asset_groups:
assets.extend(asset_group.asset_set.all())
return assets
def get_asset_info(self, printable=False):
"""
Get or print the user asset info
获取或打印用户资产信息
"""
from jasset.models import AssetAlias
assets_info = {}
assets = self.get_asset()
for asset in assets:
asset_alias = AssetAlias.objects.filter(user=self.user, asset=asset)
if asset_alias and asset_alias[0].alias != '':
assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)]
else:
assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)]
if printable:
ips = assets_info.keys()
ips.sort()
for ip in ips:
if assets_info[ip][2]:
print '%-15s -- %s' % (ip, assets_info[ip][2])
else:
print '%-15s' % ip
print ''
else:
return assets_info
juser/views.py
View file @ 9f0620f9
...@@ -13,6 +13,10 @@ from django.db.models import ObjectDoesNotExist ...@@ -13,6 +13,10 @@ from django.db.models import ObjectDoesNotExist
from jumpserver.api import * from jumpserver.api import *
def md5_crypt(string):
return hashlib.new("md5", string).hexdigest()
def gen_rand_pwd(num): def gen_rand_pwd(num):
""" """
generate random password generate random password
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment