Merge branch 'master' into dev

9fa7f876 · ibuler · 9ec457bf · b1768565 · 9fa7f876 · 9fa7f876
Commit 9fa7f876 authored Feb 23, 2016 by ibuler
10 changed files
--- a/.gitignore
+++ b/.gitignore
@@ -37,6 +37,7 @@ nosetests.xml
 .mr.developer.cfg
 .project
 .pydevproject
+.settings
 *.log
 logs/*
 keys/*

--- a/connect.py
+++ b/connect.py
@@ -582,12 +582,15 @@ class Nav(object):
                    role = role_check[int(role_id)]
            elif len(roles) == 1:  # 授权角色数为1
                role = roles[0]
+            else:
+                color_print('当前用户未被授予角色，无法执行任何操作，如有疑问请联系管理员。')
+                return
            assets = list(self.user_perm.get('role', {}).get(role).get('asset'))  # 获取该用户，角色授权主机
            print "授权包含该系统用户的所有主机"
            for asset in assets:
                print ' %s' % asset.hostname
            print
-            print "请输入主机名或ansile支持的pattern, 多个主机:分隔, q退出"
+            print "请输入主机名或ansible支持的pattern, 多个主机:分隔, q退出"
            pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
            if pattern == 'q':
                break
@@ -629,7 +632,7 @@ class Nav(object):
                self.user_perm = get_group_user_perm(self.user)
            try:
                print "进入批量上传模式"
-                print "请输入主机名或ansile支持的pattern, 多个主机:分隔 q退出"
+                print "请输入主机名或ansible支持的pattern, 多个主机:分隔 q退出"
                pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
                if pattern == 'q':
                    break
@@ -682,7 +685,7 @@ class Nav(object):
                self.user_perm = get_group_user_perm(self.user)
            try:
                print "进入批量下载模式"
-                print "请输入主机名或ansile支持的pattern, 多个主机:分隔,q退出"
+                print "请输入主机名或ansible支持的pattern, 多个主机:分隔,q退出"
                pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
                if pattern == 'q':
                    break

--- a/install/install.py
+++ b/install/install.py
@@ -101,6 +101,7 @@ class PreSetup(object):
        color_print('默认用户名: %s 默认密码: %s' % (self.db_user, self.db_pass), 'green')
        bash('yum -y install mysql-server')
        bash('service mysqld start')
+        bash('chkconfig mysqld on')
        bash('mysql -e "create database %s default charset=utf8"' % self.db)
        bash('mysql -e "grant all on %s.* to \'%s\'@\'%s\' identified by \'%s\'"' % (self.db,
                                                                                     self.db_user,

--- a/install/next.py
+++ b/install/next.py
@@ -18,7 +18,7 @@ if django.get_version() != '1.6':

 from juser.user_api import db_add_user, get_object, User
 from install import color_print
-from jumpserver.api import get_mac_address
+from jumpserver.api import get_mac_address, bash

 socket.setdefaulttimeout(2)

@@ -84,6 +84,7 @@ class Setup(object):
    def _cp_zzsh():
        os.chdir(os.path.join(jms_dir, 'install'))
        shutil.copy('zzjumpserver.sh', '/etc/profile.d/')
+        bash("sed -i 's#/opt/jumpserver#%s#g' /etc/profile.d/zzjumpserver.sh" % jms_dir)

    @staticmethod
    def _run_service():

--- a/jlog/log_api.py
+++ b/jlog/log_api.py
@@ -6,7 +6,10 @@ from contextlib import closing
 from io import open as copen
 from json import dumps
 from math import ceil
+import datetime
+import time
 import re
+import os
 from os.path import basename, dirname, exists, join
 from struct import unpack
 from subprocess import Popen
@@ -17,6 +20,7 @@ from jinja2 import FileSystemLoader, Template
 from jinja2.environment import Environment

 from jumpserver.api import BASE_DIR
+from jlog.models import Log


 DEFAULT_TEMPLATE = join(BASE_DIR, 'templates', 'jlog', 'static.jinja2')
@@ -75,3 +79,28 @@ def renderTemplate(script_path, time_file_path, dimensions=(24, 80), templatenam
    return rendered


+def kill_invalid_connection():
+    long_time_logs = []
+    unfinished_logs = Log.objects.filter(is_finished=False)
+    now = datetime.datetime.now()
+    now_timestamp = int(time.mktime(now.timetuple()))
+    for log in unfinished_logs:
+        if (now - log.start_time).days > 1:
+            long_time_logs.append(log)
+
+    for log in long_time_logs:
+        try:
+            log_file_mtime = int(os.stat(log.log_path).st_mtime)
+        except OSError:
+            log_file_mtime = 0
+
+        if (now_timestamp - log_file_mtime) > 3600:
+            try:
+                os.kill(int(log.pid), 9)
+            except OSError:
+                pass
+
+            log.is_finished = True
+            log.end_time = now
+            log.save()
+
--- a/jumpserver/settings.py
+++ b/jumpserver/settings.py
@@ -152,5 +152,6 @@ STATIC_URL = '/static/'
 BOOTSTRAP_COLUMN_COUNT = 10

 CRONJOBS = [
-    ('0 1 * * *', 'jasset.asset_api.asset_ansible_update_all')
+    ('0 1 * * *', 'jasset.asset_api.asset_ansible_update_all'),
+    ('1 * * * *', 'jlog.log_api.kill_invalid_connection'),
 ]
--- a/templates/jasset/asset_list.html
+++ b/templates/jasset/asset_list.html
@@ -243,8 +243,9 @@
                            area: ['628px', '420px'],
                            content: new_url+data
                        });
+                        window.open(new_url+data, '_blank', 'toolbar=yes, location=yes, scrollbars=yes, resizable=yes, copyhistory=yes, width=628, height=400')
                        */
-                        window.open(new_url+data, '', 'width=628px, height=380px')
+                        window.open(new_url+data, '', 'width=628px, height=380px');
                    }  else if (dataArray.length == 1 && data != 'error'){
                       /*layer.open({
                            type: 2,
@@ -255,7 +256,7 @@
                            content: new_url+data
                        });
                        */
-                        window.open(new_url+data, '', 'width=628px, height=440px')
+                        window.open(new_url+data, '_blank', 'toolbar=yes, location=yes, copyhistory=yes, scrollbars=yes, width=628, height=410');

                    }
                    else {
@@ -292,7 +293,7 @@
            content: new_url
            });
            */
-            window.open(new_url, '', 'height=628px, width=380px')
+            window.open(new_url, '_blank', 'toolbar=yes, location=yes, copyhistory=yes, scrollbars=yes, width=628, height=400')

        } else {
            /*
@@ -305,7 +306,7 @@
            content: new_url
            });
            */
-            window.open(new_url, '', 'height=628px, width=452px')
+            window.open(new_url, '_blank', 'toolbar=yes, location=yes, copyhistory=yes, scrollbars=yes, width=628, height=410');
        }

        return false

--- a/templates/jlog/web_terminal.html
+++ b/templates/jlog/web_terminal.html
@@ -117,7 +117,7 @@
                $('.terminal').css('width', window.innerWidth-25);
                console.log(window.innerWidth);
                console.log(window.innerWidth-10);
-                var rows = Math.floor(window.innerHeight/rowHeight) - 1;
+                var rows = Math.floor(window.innerHeight/rowHeight) - 2;
                var cols = Math.floor(window.innerWidth/colWidth) - 1;

                return {rows: rows, cols: cols};

--- a/templates/jperm/perm_role_add.html
+++ b/templates/jperm/perm_role_add.html
@@ -93,7 +93,7 @@ $('#roleForm').validator({
    theme: "yellow_right_effect",
    rules: {
        check_name: [/(?!^root$)^[\w.]{2,20}$/i, '大小写字母数字和下划线小数点,2-20位,并且非root'],
-        check_begin: [/^[\-]+BEGIN RSA PRIVATE KEY[\-]+/gm, 'RSA Key填写有误，请检查'],
+        check_begin: [/^[\-]+BEGIN R|DSA PRIVATE KEY[\-]+/gm, 'RSA|DSA Key填写有误，请检查']

    },

@@ -108,7 +108,7 @@ $('#roleForm').validator({
            rule: "check_begin",
            ok: "",
            empty: true
-        },
+        }

    },
    valid: function(form) {

--- a/templates/jperm/role_sudo.j2
+++ b/templates/jperm/role_sudo.j2
@@ -46,7 +46,7 @@ add_role_chosen() {


 check_syntax(){
-    visudo -c -f $1
+    /usr/sbin/visudo -c -f $1
 }

 cp $real_file $tmp_file && add_cmd_alias $tmp_file && add_role_chosen $tmp_file || exit 1