Ȩ޹

a7800b9a · guanghongwei · 47550159 · a7800b9a · a7800b9a · a7800b9a
Commit a7800b9a authored Mar 12, 2015 by guanghongwei
14 changed files
--- a/jperm/views.py
+++ b/jperm/views.py
@@ -9,7 +9,7 @@ from jperm.models import Perm, SudoPerm, CmdGroup, DeptPerm
 from django.core.paginator import Paginator, EmptyPage, InvalidPage
 from django.db.models import Q
 from jumpserver.views import LDAP_ENABLE, ldap_conn, CONF, page_list_return, pages
-from jumpserver.api import user_perm_asset_api
+from jumpserver.api import user_perm_asset_api, require_admin, require_super_user, require_login
 if LDAP_ENABLE:
@@ -36,6 +36,7 @@ def user_asset_cmd_groups_get(user_groups_select='', asset_groups_select='', cmd
    return user_groups_select_list, asset_groups_select_list, cmd_groups_select_list
+@require_admin
 def perm_add(request):
    header_title, path1, path2 = u'主机授权添加', u'授权管理', u'授权添加'
@@ -79,6 +80,7 @@ def dept_add_asset(dept_id, asset_list):
            DeptPerm(dept=dept, asset=asset).save()
+@require_super_user
 def dept_perm_edit(request):
    header_title, path1, path2 = u'部门授权添加', u'授权管理', u'部门授权添加'
    if request.method == 'GET':
@@ -97,6 +99,7 @@ def dept_perm_edit(request):
    return render_to_response('jperm/dept_perm_edit.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def perm_list(request):
    header_title, path1, path2 = u'小组授权', u'授权管理', u'授权详情'
    keyword = request.GET.get('search', '')
@@ -109,6 +112,7 @@ def perm_list(request):
    return render_to_response('jperm/perm_list.html', locals(), context_instance=RequestContext(request))
+@require_super_user
 def dept_perm_list(request):
    header_title, path1, path2 = '查看部门', '授权管理', '部门授权'
    keyword = request.GET.get('search')
@@ -142,6 +146,7 @@ def perm_group_update(user_group_id, asset_groups_id_list):
            Perm(user_group=user_group, asset_group=asset_group).save()
+@require_super_user
 def perm_edit(request):
    if request.method == 'GET':
        header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权编辑'
@@ -161,6 +166,7 @@ def perm_edit(request):
    return render_to_response('jperm/perm_edit.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def perm_detail(request):
    header_title, path1, path2 = u'编辑授权', u'授权管理', u'授权详情'
    perm_id = request.GET.get('id')
@@ -181,6 +187,7 @@ def perm_detail(request):
    return render_to_response('jperm/perm_detail.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def perm_del(request):
    perm_id = request.GET.get('id')
    perm = Perm.objects.filter(id=perm_id)
@@ -190,6 +197,7 @@ def perm_del(request):
    return HttpResponseRedirect('/jperm/perm_list/')
+@require_admin
 def perm_asset_detail(request):
    header_title, path1, path2 = u'用户授权主机', u'权限管理', u'用户主机详情'
    user_id = request.GET.get('id')
@@ -273,6 +281,7 @@ def sudo_ldap_add(name, users_runas, user_groups_select, asset_groups_select,
    ldap_conn.add(sudo_dn, sudo_attr)
+@require_admin
 def sudo_add(request):
    header_title, path1, path2 = u'Sudo授权', u'权限管理', u'添加Sudo权限'
    user_groups = UserGroup.objects.filter(id__gt=2)
@@ -294,6 +303,7 @@ def sudo_add(request):
    return render_to_response('jperm/sudo_add.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def sudo_list(request):
    header_title, path1, path2 = u'Sudo授权', u'权限管理', u'Sudo权限详情'
    contact_list = SudoPerm.objects.all()
@@ -302,6 +312,7 @@ def sudo_list(request):
    return render_to_response('jperm/sudo_list.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def sudo_edit(request):
    header_title, path1, path2 = u'Sudo授权', u'授权管理', u'Sudo修改'
@@ -348,6 +359,7 @@ def sudo_edit(request):
    return render_to_response('jperm/sudo_edit.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def sudo_detail(request):
    header_title, path1, path2 = u'Sudo授权详情', u'授权管理', u'授权详情'
    sudo_perm_id = request.GET.get('id')
@@ -372,6 +384,7 @@ def sudo_detail(request):
        return render_to_response('jperm/sudo_detail.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def sudo_del(request):
    sudo_perm_id = request.GET.get('id', '0')
    sudo_perm = SudoPerm.objects.filter(id=int(sudo_perm_id))
@@ -383,6 +396,7 @@ def sudo_del(request):
    return HttpResponseRedirect('/jperm/sudo_list/')
+@require_admin
 def cmd_add(request):
    header_title, path1, path2 = u'sudo命令添加', u'授权管理', u'命令组添加'
@@ -399,6 +413,7 @@ def cmd_add(request):
    return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def cmd_edit(request):
    header_title, path1, path2 = u'sudo命令修改', u'授权管理管理', u'命令组修改'
@@ -425,6 +440,7 @@ def cmd_edit(request):
    return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def cmd_list(request):
    header_title, path1, path2 = u'sudo命令查看', u'权限管理', u'Sudo命令添加'
@@ -443,6 +459,7 @@ def cmd_list(request):
    return render_to_response('jperm/sudo_cmd_list.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def cmd_del(request):
    cmd_group_id = request.GET.get('id')
    cmd_group = CmdGroup.objects.filter(id=cmd_group_id)

--- a/jumpserver/api.py
+++ b/jumpserver/api.py
-__author__ = 'guanghongwei'
+#coding: utf-8
+from django.http import HttpResponseRedirect
 from juser.models import User, UserGroup
 from jasset.models import Asset, BisGroup
@@ -46,3 +47,28 @@ def asset_perm_api(asset):
            user_permed_list.extend(user_group.user_set.all())
        return user_permed_list
+def require_login(func):
+    """要求登录的装饰器"""
+    def _deco(request, *args, **kwargs):
+        if not request.session.get('user_id'):
+            return HttpResponseRedirect('/login/')
+        return func(request, *args, **kwargs)
+    return _deco
+def require_super_user(func):
+    def _deco(request, *args, **kwargs):
+        if request.session.get('role_id', 0) != 2:
+            print "##########%s" % request.session.get('role_id', 0)
+            return HttpResponseRedirect('/')
+        return func(request, *args, **kwargs)
+    return _deco
+def require_admin(func):
+    def _deco(request, *args, **kwargs):
+        if request.session.get('role_id', 0) < 1:
+            return HttpResponseRedirect('/')
+        return func(request, *args, **kwargs)
+    return _deco
--- a/jumpserver/context_processors.py
+++ b/jumpserver/context_processors.py
@@ -3,10 +3,11 @@ from juser.models import User
 def name_proc(request):
    user_id = request.session.get('user_id')
-    role = request.session.get('role_id')
+    role_id = request.session.get('role_id')
    user_total_num = User.objects.all().count()
    user_active_num = User.objects.filter(is_active=True).count()
+    request.session.set_expiry(3600)
-    return {'session_user_id': user_id, 'session_role_id': role,
+    return {'session_user_id': user_id, 'session_role_id': role_id,
            'user_total_num': user_total_num, 'user_active_num': user_active_num}
--- a/jumpserver/settings.py
+++ b/jumpserver/settings.py
@@ -121,4 +121,3 @@ USE_TZ = False
 STATIC_URL = '/static/'
-SESSION_COOKIE_AGE = 3600
--- a/jumpserver/views.py
+++ b/jumpserver/views.py
@@ -21,6 +21,7 @@ from django.template import RequestContext
 from juser.models import User, UserGroup
 from jlog.models import Log
 from jasset.models import Asset, BisGroup, IDC
+from jumpserver.api import require_admin, require_super_user, require_login
 BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__)))
 CONF = ConfigParser()
@@ -52,10 +53,6 @@ def getDaysByNum(num):
    return t
-def base(request):
-    return render_to_response('base.html', context_instance=RequestContext(request))
 def get_data(data, items, option):
    dic = {}
    li_date, li_str = getDaysByNum(7)
@@ -74,6 +71,7 @@ def get_data(data, items, option):
    return dic
+@require_login
 def index(request):
    path1, path2 = u'仪表盘', 'Dashboard'
    users = User.objects.all()
@@ -87,6 +85,7 @@ def index(request):
    user_top_ten = week_data.values('user').annotate(times=Count('user')).order_by('-times')[:10]
    host_top_ten = week_data.values('host').annotate(times=Count('host')).order_by('-times')[:10]
    user_dic, host_dic = get_data(week_data, user_top_ten, 'user'), get_data(week_data, host_top_ten, 'host')
+    print "##############%s" % request.session.get('role_id')
    top = {'user': '活跃用户数', 'host': '活跃主机数', 'times': '登录次数'}
    top_dic = {}
@@ -207,7 +206,7 @@ def login(request):
                request.session['user_id'] = user.id
                if user.role == 'SU':
                    request.session['role_id'] = 2
-                elif user.role == 'GA':
+                elif user.role == 'DA':
                    request.session['role_id'] = 1
                else:
                    request.session['role_id'] = 0

--- a/juser/views.py
+++ b/juser/views.py
@@ -23,7 +23,7 @@ from connect import PyCrypt, KEY
 from connect import BASE_DIR
 from connect import CONF
 from jumpserver.views import md5_crypt, LDAPMgmt, LDAP_ENABLE, ldap_conn, page_list_return, pages
-from jumpserver.api import user_perm_group_api
+from jumpserver.api import user_perm_group_api, require_login, require_super_user, require_admin
 if LDAP_ENABLE:
    LDAP_HOST_URL = CONF.get('ldap', 'host_url')
@@ -204,6 +204,7 @@ def ldap_del_user(username):
    ldap_conn.delete(sudo_dn)
+@require_super_user
 def dept_add(request):
    header_title, path1, path2 = '添加部门', '用户管理', '添加部门'
    if request.method == 'POST':
@@ -224,6 +225,7 @@ def dept_add(request):
    return render_to_response('juser/dept_add.html', locals(), context_instance=RequestContext(request))
+@require_super_user
 def dept_list(request):
    header_title, path1, path2 = '查看部门', '用户管理', '查看部门'
    keyword = request.GET.get('search')
@@ -237,6 +239,7 @@ def dept_list(request):
    return render_to_response('juser/dept_list.html', locals(), context_instance=RequestContext(request))
+@require_super_user
 def dept_detail(request):
    dept_id = request.GET.get('id', None)
    if not dept_id:
@@ -248,6 +251,7 @@ def dept_detail(request):
    return render_to_response('juser/dept_detail.html', locals(), context_instance=RequestContext(request))
+@require_super_user
 def dept_del(request):
    dept_id = request.GET.get('id', None)
    if not dept_id or dept_id in ['1', '2']:
@@ -285,6 +289,7 @@ def dept_member_update(dept, users_id_list):
        user.save()
+@require_super_user
 def dept_del_ajax(request):
    dept_ids = request.POST.get('dept_ids')
    for dept_id in dept_ids.split(','):
@@ -292,6 +297,7 @@ def dept_del_ajax(request):
    return HttpResponse("删除成功")
+@require_super_user
 def dept_edit(request):
    header_title, path1, path2 = '部门编辑', '用户管理', '部门编辑'
    if request.method == 'GET':
@@ -323,6 +329,7 @@ def dept_edit(request):
    return render_to_response('juser/dept_edit.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def group_add(request):
    error = ''
    msg = ''
@@ -358,6 +365,7 @@ def group_add(request):
    return render_to_response('juser/group_add.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def group_list(request):
    header_title, path1, path2 = '查看小组', '用户管理', '查看小组'
    keyword = request.GET.get('search', '')
@@ -370,6 +378,7 @@ def group_list(request):
    return render_to_response('juser/group_list.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def group_detail(request):
    group_id = request.GET.get('id', None)
    if not group_id:
@@ -379,6 +388,7 @@ def group_detail(request):
    return render_to_response('juser/group_detail.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def group_del(request):
    group_id = request.GET.get('id', '')
    if not group_id:
@@ -387,6 +397,7 @@ def group_del(request):
    return HttpResponseRedirect('/juser/group_list/')
+@require_admin
 def group_del_ajax(request):
    group_ids = request.POST.get('group_ids')
    for group_id in group_ids.split(','):
@@ -404,6 +415,7 @@ def group_update_member(group_id, users_id_list):
            group.user_set.add(user)
+@require_admin
 def group_edit(request):
    error = ''
    msg = ''
@@ -436,6 +448,7 @@ def group_edit(request):
        return HttpResponseRedirect('/juser/group_list/')
+@require_admin
 def user_add(request):
    error = ''
    msg = ''
@@ -502,6 +515,7 @@ def user_add(request):
    return render_to_response('juser/user_add.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def user_list(request, option=""):
    user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'}
    header_title, path1, path2 = '查看用户', '用户管理', '用户列表'
@@ -533,6 +547,7 @@ def user_list(request, option=""):
    return render_to_response('juser/user_list.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def user_detail(request):
    user_id = request.GET.get('id', '')
    if not user_id:
@@ -545,6 +560,7 @@ def user_detail(request):
    return render_to_response('juser/user_detail.html', locals(), context_instance=RequestContext(request))
+@require_admin
 def user_del(request):
    user_id = request.GET.get('id', '')
    if not user_id:
@@ -559,6 +575,7 @@ def user_del(request):
    return HttpResponseRedirect('/juser/user_list/')
+@require_admin
 def user_del_ajax(request):
    user_ids = request.POST.get('ids')
    for user_id in user_ids.split(','):
@@ -573,6 +590,7 @@ def user_del_ajax(request):
    return HttpResponse('删除成功')
+@require_admin
 def user_edit(request):
    header_title, path1, path2 = '编辑用户', '用户管理', '用户编辑'
    if request.method == 'GET':

--- a/templates/jperm/sudo_add.html
+++ b/templates/jperm/sudo_add.html
@@ -28,7 +28,22 @@
                    </div>
                </div>
-                <div class="ibox-content">
+                <div class="panel blank-panel">
+                        <div class="panel-heading">
+                            <div class="panel-options">
+                                <ul class="nav nav-tabs">
+                                    <li id="tab1" class=""><a href="/jperm/sudo_list/">查看Sudo授权</a></li>
+                                    <li id="tab2" class="active"><a href="/jperm/sudo_add/">Sudo授权添加</a></li>
+                                    <li id="tab3" class=""><a href="/jperm/cmd_list/">查看命令组</a></li>
+                                    <li id="tab4" class=""><a href="/jperm/cmd_add/">添加命令组</a></li>
+                                </ul>
+                            </div>
+                        </div>
+                <div class="panel-body">
+                <div class="tab-content">
+                <div id="tab-1" class="tab-pane active">
                    <form id="sudoPerm" method="post" class="form-horizontal" action="">
                        {% if error %}
                            <div class="alert alert-warning text-center">{{ error }}</div>
@@ -163,6 +178,9 @@
                            </div>
                        </div>
                    </form>
+                    </div>
+                </div>
+                </div>
                </div>
            </div>
@@ -187,24 +205,6 @@ $('#sudoPerm').validator({
            tip: "输入sudoas用户",
            ok: "",
            msg: {required: "必须填写!"}
-        },
-        "user_groups_select": {
-            rule: "required",
-            tip: "选择用户组",
-            ok: "",
-            msg: {checked: "至少选择一个用户组"}
-        },
-        "asset_groups_select": {
-            rule: "required",
-            tip: "选择主机组",
-            ok: "",
-            msg: {checked: "至少选择一个主机组"}
-        },
-        "cmd_groups_select": {
-            rule: "required",
-            tip: "选择命令组",
-            ok: "",
-            msg: {checked: "至少选择一个命令组"}
        }
    },
@@ -216,7 +216,7 @@ $('#sudoPerm').validator({
 $(document).ready(function(){
    $("#submit_button").click(function(){
-        $('#users_selected option').each(function(){
+        $('#sudoPerm option').each(function(){
            $(this).prop('selected', true)
        })
    })

--- a/templates/jperm/sudo_cmd_add.html
+++ b/templates/jperm/sudo_cmd_add.html
@@ -27,6 +27,22 @@
                        </div>
                    </div>
                    <div class="ibox-content">
+                     <div class="panel blank-panel">
+                        <div class="panel-heading">
+                            <div class="panel-options">
+                                <ul class="nav nav-tabs">
+                                    <li id="tab1" class=""><a href="/jperm/sudo_list/">查看Sudo授权</a></li>
+                                    <li id="tab2" class=""><a href="/jperm/sudo_add/">Sudo授权添加</a></li>
+                                    <li id="tab3" class=""><a href="/jperm/cmd_list/">查看命令组</a></li>
+                                    <li id="tab4" class="active"><a href="/jperm/cmd_add/">添加命令组</a></li>
+                                </ul>
+                            </div>
+                        </div>
+                        <div class="panel-body">
+                        <div class="tab-content">
+                        <div id="tab-1" class="tab-pane active">
                        <form id="cmdForm" method="post" class="form-horizontal" action="">
                            {% if error %}
                                <div class="alert alert-warning text-center">{{ error }}</div>
@@ -68,6 +84,10 @@
                            </div>
                        </form>
+                     </div>
+                     </div>
+                     </div>
+                     </div>
                    </div>
                </div>
            </div>

--- a/templates/jperm/sudo_cmd_list.html
+++ b/templates/jperm/sudo_cmd_list.html
@@ -29,9 +29,21 @@
                </div>
                <div class="ibox-content">
-                    <div class="">
+                    <div class="panel blank-panel">
-                    <a target="_blank" href="/jperm/cmd_add/" class="btn btn-sm btn-primary "> 添加 </a>
+                        <div class="panel-heading">
-                    </div>
+                            <div class="panel-options">
+                                <ul class="nav nav-tabs">
+                                    <li id="tab1" class=""><a href="/jperm/sudo_list/">查看Sudo授权</a></li>
+                                    <li id="tab2" class=""><a href="/jperm/sudo_add/">Sudo授权添加</a></li>
+                                    <li id="tab3" class="active"><a href="/jperm/cmd_list/">查看命令组</a></li>
+                                    <li id="tab4" class=""><a href="/jperm/cmd_add/">添加命令组</a></li>
+                                </ul>
+                            </div>
+                        </div>
+                    <div class="panel-body">
+                    <div class="tab-content">
+                    <div id="tab-1" class="tab-pane active">
                    <table class="table table-striped table-bordered table-hover " id="editable" >
                        <thead>
@@ -57,6 +69,10 @@
                        {% endfor %}
                        </tbody>
                    </table>
+                    </div>
+                    </div>
+                    </div>
+                    </div>
                    <div class="row">
                        <div class="col-sm-6">
                            <div class="dataTables_info" id="editable_info" role="status" aria-live="polite">

--- a/templates/jperm/sudo_edit.html
+++ b/templates/jperm/sudo_edit.html
@@ -29,6 +29,19 @@
                </div>
                <div class="ibox-content">
+                    <div class="panel blank-panel">
+                        <div class="panel-heading">
+                            <div class="panel-options">
+                                <ul class="nav nav-tabs">
+                                    <li id="tab1" class="active"><a href="/jperm/sudo_list/">查看Sudo授权</a></li>
+                                    <li id="tab2" class=""><a href="/jperm/sudo_add/">Sudo授权添加</a></li>
+                                    <li id="tab3" class=""><a href="/jperm/cmd_list/">查看命令组</a></li>
+                                    <li id="tab4" class=""><a href="/jperm/cmd_add/">添加命令组</a></li>
+                                </ul>
+                            </div>
+                        </div>
+                    <div class="panel-body">
                    <form id="sudoPerm" method="post" class="form-horizontal" action="">
                        {% if error %}
                            <div class="alert alert-warning text-center">{{ error }}</div>
@@ -173,6 +186,7 @@
                            </div>
                        </div>
                    </form>
+                    </div>
                </div>
            </div>
@@ -180,5 +194,3 @@
    </div>
 </div>
-{% endblock %}
\ No newline at end of file
--- a/templates/jperm/sudo_list.html
+++ b/templates/jperm/sudo_list.html
@@ -29,30 +29,15 @@
                </div>
                <div class="ibox-content">
-{#                    <div class="" style="margin-left: 15px;">#}
-{#                        <a target="_blank" href="/jperm/cmd_add/" class="btn btn-sm btn-primary "> 添加命令组 </a>#}
-{#                        <a target="_blank" href="/jperm/cmd_list/" class="btn btn-sm btn-warning "> 查看命令组 </a>#}
-{#                        <a target="_blank" href="/jperm/sudo_add/" class="btn btn-sm btn-danger "> Sudo授权添加 </a>#}
-{#                    </div>#}
                    <div class="panel blank-panel">
                        <div class="panel-heading">
                            <div class="panel-options">
                                <ul class="nav nav-tabs">
-                                    <li id="tab1" class="active"><a data-toggle="tab" href="#tab-1">查看授权</a></li>
+                                    <li id="tab1" class="active"><a href="/jperm/sudo_list/">查看Sudo授权</a></li>
-{#                                    <li id="tab2" class=""><a data-toggle="tab" href="#tab-2">用户授权详情</a></li>#}
+                                    <li id="tab2" class=""><a href="/jperm/sudo_add/">Sudo授权添加</a></li>
-                                    <li style="float: right">
+                                    <li id="tab3" class=""><a href="/jperm/cmd_list/">查看命令组</a></li>
-{#                                        <form method="get" action="" class="pull-right mail-search">#}
+                                    <li id="tab4" class=""><a href="/jperm/cmd_add/">添加命令组</a></li>
-{#                                            <div class="input-group">#}
-{#                                                <input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search">#}
-{#                                                <div class="input-group-btn">#}
-{#                                                    <button id='search_btn' type="button" class="btn btn-sm btn-primary">#}
-{#                                                        Search#}
-{#                                                    </button>#}
-{#                                                </div>#}
-{#                                            </div>#}
-{#                                        </form>#}
-                                    </li>
                                </ul>
                            </div>
                        </div>

--- a/templates/juser/user_list.html
+++ b/templates/juser/user_list.html
@@ -32,9 +32,9 @@
                    <div class="">
                    <a target="_blank" href="/juser/user_add/" class="btn btn-sm btn-primary "> 添加用户 </a>
                    <a id="del_btn" class="btn btn-sm btn-danger "> 删除所选 </a>
-                    <form id="search_form" method="get" action="" class="pull-right mail-search">
+                    <form id="search_form" method="get" action="./search/" class="pull-right mail-search">
                        <div class="input-group">
-                            <input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search">
+                            <input type="text" class="form-control input-sm" id="search_input" name="keyword" placeholder="Search">
                            <div class="input-group-btn">
                                <button id='search_btn' type="submit" class="btn btn-sm btn-primary">
                                    Search
@@ -68,7 +68,7 @@
                                <td class="text-center"> {{ user.username }} </td>
                                <td class="text-center"> {{ user.name }} </td>
                                <td class="text-center"> {{ user.dept.name }} </td>
-                                <td class="text-center"> {{ user.group.all | group_str2  }} </td>
+                                <td class="text-center" title="{% for user_group in user.group.all %} {{ user_group.name }} {% endfor %}"> {{ user.group.all | group_str2  }} </td>
                                <td class="text-center"> {{ user.id | get_role }}</td>
                                <td class="text-center">{{ user.is_active|bool2str }}</td>
                                <td class="text-center">

--- a/templates/nav.html
+++ b/templates/nav.html
@@ -45,19 +45,8 @@
                    </li>
                    <li id="sudo_add">
-                        <a href="/jperm/sudo_add/">Sudo添加</a>
+                        <a href="/jperm/sudo_list/">Sudo授权</a>
                    </li>
-                    <li id="sudo_list">
-                        <a href="/jperm/sudo_list/">Sudo查看</a>
-                    </li>
-                     <li id="cmd_add">
-                        <a href="/jperm/cmd_add/">命令组添加</a>
-                    </li>
-                    <li id="cmd_list">
-                        <a href="/jperm/cmd_list/">命令组查看</a>
-                    </li>
                </ul>
            </li>
            <li id="jlog">

--- a/templates/nav_li_profile.html
+++ b/templates/nav_li_profile.html
@@ -6,7 +6,7 @@
         </span>
        <a data-toggle="dropdown" class="dropdown-toggle" href="#">
        <span class="clear"> <span class="block m-t-xs"> <strong class="font-bold">{{ session_user_id | to_name}}</strong>
-         </span> <span class="text-muted text-xs block">{{ role_id | to_role_name }} <b class="caret"></b></span> </span> </a>
+         </span> <span class="text-muted text-xs block">{{ session_role_id | to_role_name }} <b class="caret"></b></span> </span> </a>
        <ul class="dropdown-menu animated fadeInRight m-t-xs">
            <li><a href="/juser/profile/">个人信息</a></li>
            <li><a href="/juser/chg_pass/">修改密码</a></li>