merge with dev

.gitignore

 *.py[cod]
 .idea
 test.py
-
+.DS_Store
+db.sqlite3
 # C extensions
 *.so
 
@@ -36,8 +37,9 @@ nosetests.xml
 .mr.developer.cfg
 .project
 .pydevproject
-node_modules
-logs
-keys
+*.log
+logs/*
+keys/*
 jumpserver.conf
 nohup.out
+tmp/*

README.md

 #欢迎使用Jumpserver
-**Jumpserver**是一款由python编写开源的跳板机(堡垒机)系统，实现了跳板机应有的功能
+**Jumpserver** 是一款由python编写开源的跳板机(堡垒机)系统，实现了跳板机应有的功能
 
+###截图：
 
+首页
  
-> **统计管理** 统一管理用户 
-> 
-> **授权** 授权用户登录特定主机
-> 
-> **审计** 审计用户操作
-> 
-> **web管理** 漂亮的web管理界面
+![webterminal](https://github.com/ibuler/static/raw/master/jumpserver3/index.jpeg)
 
-## 主要模块
-#### 用户管理 ####
-	负责用户管理，添加用户，编辑用户，建立部门，建立用户组等
-#### 资产管理 ####
-	负责资产管理，添加资产，编辑资产，建立IDC，建立用户组等
-#### 授权管理 ####
-	负责授权用户登录某些特定主机，授权sudo，查看授权申请
-#### 日志审计 ####
-	负责用户操作的审计，监控用户操作，统计用户操作记录，中断用户操作
-#### 上传下载 ####
-	负责用户文件上传下载
+WebTerminal:
 
-[官网](http://www.jumpserver.org)
+![webterminal](https://github.com/ibuler/static/raw/master/jumpserver3/webTerminal.gif)
+
+Web批量执行命令
+
+![WebExecCommand](https://github.com/ibuler/static/raw/master/jumpserver3/webExec.gif)
+
+录像回放
+
+![录像](https://github.com/ibuler/static/raw/master/jumpserver3/record.gif)
+
+跳转和批量命令
+
+![跳转](https://github.com/ibuler/static/raw/master/jumpserver3/connect.gif)
+
+命令统计
+
+![跳转](https://github.com/ibuler/static/raw/master/jumpserver3/command.png)
+
+### 文档
+
+* [访问wiki](https://github.com/ibuler/jumpserver/wiki)
+* [快速安装](https://github.com/ibuler/jumpserver/wiki/快速安装)
+* [名词解释](https://github.com/ibuler/jumpserver/wiki/名称解释)
+* [快速开始](https://github.com/ibuler/jumpserver/wiki/快速开始)
+
+### 特点
+
+* 完全真开源，GPL授权
+* Python编写，容易再次开发
+* 实现了跳板机基本功能，认证、授权、审计
+* 集成了Ansible，批量命令等
+* 支持WebTerminal
+* Bootstrap编写，界面美观
+* 自动收集硬件信息
+* 录像回放
+* 命令搜索
+* 实时监控
+* 批量上传下载
+
+### 其它
+
+[Jumpserver官网](http://www.jumpserver.org)
 
 [demo站点](http://demo.jumpserver.org)
 
-[更新log](http://laoguang.blog.51cto.com/6013350/1635853)
+### 团队
+
+* **广宏伟** ibuler
+* **王墉** halcyon
+* **陈尚委** 假想控
+* **喻茂峻** 紫川秀
+* **刘正** evanescunt
+* **柯连春** 遍地节操
+
 
-[部署文档](http://laoguang.blog.51cto.com/6013350/1636273)
 
 

docs/AddUserAsset.py

-#coding:utf-8
-import django
-import os
-import sys
-import random
-import datetime
-
-sys.path.append('../')
-os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings'
-#django.setup()
-
-
-from juser.views import db_add_user, md5_crypt, CRYPTOR, db_add_group
-from jasset.models import Asset, IDC, BisGroup
-from juser.models import UserGroup, DEPT, User
-from jperm.models import CmdGroup
-from jlog.models import Log
-
-
-def install():
-    IDC.objects.create(name='ALL', comment='ALL')
-    IDC.objects.create(name='默认', comment='默认')
-    DEPT.objects.create(name="默认", comment="默认部门")
-    DEPT.objects.create(name="超管部", comment="超级管理员部门")
-    dept = DEPT.objects.get(name='超管部')
-    dept2 = DEPT.objects.get(name='默认')
-    UserGroup.objects.create(name='ALL', dept=dept, comment='ALL')
-    UserGroup.objects.create(name='默认', dept=dept, comment='默认')
-
-    BisGroup.objects.create(name='ALL', dept=dept, comment='ALL')
-    BisGroup.objects.create(name='默认', dept=dept, comment='默认')
-
-    User(id=5000, username="admin", password=md5_crypt('admin'),
-         name='admin', email='admin@jumpserver.org', role='SU', is_active=True, dept=dept).save()
-    User(id=5001, username="group_admin", password=md5_crypt('group_admin'),
-         name='group_admin', email='group_admin@jumpserver.org', role='DA', is_active=True, dept=dept2).save()
-
-
-def test_add_idc():
-    for i in range(1, 20):
-        name = 'IDC' + str(i)
-        IDC.objects.create(name=name, comment='')
-        print 'Add: %s' % name
-
-
-def test_add_dept():
-    for i in range(1, 100):
-        name = 'DEPT' + str(i)
-        print "Add: %s" % name
-        DEPT.objects.create(name=name, comment=name)
-
-
-def test_add_group():
-    dept_all = DEPT.objects.all()
-    for i in range(1, 100):
-        name = 'UserGroup' + str(i)
-        UserGroup.objects.create(name=name, dept=random.choice(dept_all), comment=name)
-        print 'Add: %s' % name
-
-
-def test_add_cmd_group():
-    for i in range(1, 20):
-        name = 'CMD' + str(i)
-        cmd = '/sbin/ping%s, /sbin/ifconfig/' % str(i)
-        CmdGroup.objects.create(name=name, cmd=cmd, comment=name)
-        print 'Add: %s' % name
-
-
-def test_add_user():
-    for i in range(1, 500):
-        username = "test" + str(i)
-        dept_all = DEPT.objects.all()
-        group_all = UserGroup.objects.all()
-        group_all_id = [group.id for group in group_all]
-        db_add_user(username=username,
-                    password=md5_crypt(username),
-                    dept=random.choice(dept_all),
-                    name=username, email='%s@jumpserver.org' % username,
-                    groups=[random.choice(group_all_id) for i in range(1, 4)], role='CU',
-                    ssh_key_pwd=CRYPTOR.encrypt(username),
-                    ldap_pwd=CRYPTOR.encrypt(username),
-                    is_active=True,
-                    date_joined=datetime.datetime.now())
-        print "Add: %s" % username
-
-
-def test_add_asset_group():
-    dept = DEPT.objects.get(name='默认')
-    for i in range(1, 20):
-        name = 'AssetGroup' + str(i)
-        group = BisGroup(name=name, dept=dept, comment=name)
-        group.save()
-        print 'Add: %s' % name
-
-
-def test_add_asset():
-    idc_all = IDC.objects.all()
-    test_idc = random.choice(idc_all)
-    bis_group_all = BisGroup.objects.all()
-    dept_all = DEPT.objects.all()
-    for i in range(1, 500):
-        ip = '192.168.5.' + str(i)
-        asset = Asset(ip=ip, port=22, login_type='L', idc=test_idc, is_active=True, comment='test')
-        asset.save()
-        asset.bis_group = [random.choice(bis_group_all) for i in range(2)]
-        asset.dept = [random.choice(dept_all) for i in range(2)]
-        print "Add: %s" % ip
-
-
-def test_add_log():
-    li_date = []
-    today = datetime.date.today()
-    oneday = datetime.timedelta(days=1)
-    for i in range(0, 7):
-        today = today-oneday
-        li_date.append(today)
-    user_list = ['马云', '马化腾', '丁磊', '周鸿祎', '雷军', '柳传志', '陈天桥', '李彦宏', '李开复', '罗永浩']
-    for i in range(1, 1000):
-        user = random.choice(user_list)
-        ip = random.randint(1, 20)
-        start_time = random.choice(li_date)
-        end_time = datetime.datetime.now()
-        log_path = '/var/log/jumpserver/test.log'
-        host = '192.168.1.' + str(ip)
-        Log.objects.create(user=user, host=host, remote_ip='8.8.8.8', dept_name='运维部', log_path=log_path, pid=168, start_time=start_time,
-                           is_finished=1, log_finished=1, end_time=end_time)
-
-
-if __name__ == '__main__':
-    #install()
-    #test_add_dept()
-    #test_add_group()
-    #test_add_user()
-    #test_add_idc()
-    #test_add_asset_group()
-    test_add_asset()
-    #test_add_log()
-
-
-
-

docs/__init__.py

-__author__ = 'Hudie'

docs/developer_doc.txt

-# coding: utf8
-
-Jumpserver开发者文档
-
-开发规范：
-  1. 遵守PE8规范  1) 命名规范  2) 导入模块规范 3) 空行规范 4) 长度规范
-  2. 缩进统一4个空格
-  3. 变量命名明了易懂多个单词下划线隔开
-  4. 注释到位
-
-
-框架说明：
-  1. 项目名称 Jumpserver
-  2. APP:
-       juser 			用户管理
-       jasset 			资产管理(设备管理)
-       jpermission 		授权管理
-       jlog				日志管理
-  3. connect.py 		用户登录入口程序
-  4. logs        		日志保存目录
-  5. jumpserver.conf 	配置文件
-  6. docs               文档目录
-  7. static             静态文件目录
-  8. templates          模板目录
-
-
-connect.py逻辑说明：
-  用户登录系统，运行该脚本，p调用get_user_host函数查看有权限的服务器ip
-  输入部分IP，verify_connect匹配该部分ip,如果是匹配到多个，就显示ip
-                                      匹配到0了就显示没有权限或者主机，
-                                      匹配到1个则继续
-  查询该服务器是否支持ldap 如果是，获得ldap用户密码登陆
-                         如果否，查询授权表，查看该服务器授权的角色，并返回对应账号密码，登陆
-  connect函数是登陆函数，采用paramiko 使用channel登陆，posix_shell 来完成交互，并记录日志
-  signal模块来完成窗口改变导致的tty大小随之改变
-  PyCrypt是对称加密类
\ No newline at end of file

docs/install.py

-#coding:utf-8
-import django
-import os
-import sys
-import random
-import datetime
-
-sys.path.append('../')
-os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings'
-#django.setup()
-
-
-from juser.views import db_add_user, md5_crypt, CRYPTOR, db_add_group
-from jasset.models import Asset, IDC, BisGroup
-from juser.models import UserGroup, DEPT, User
-from jasset.views import jasset_group_add
-from jperm.models import CmdGroup
-from jlog.models import Log
-
-
-def install():
-    IDC.objects.create(name='ALL', comment='ALL')
-    IDC.objects.create(name='默认', comment='默认')
-    DEPT.objects.create(name="默认", comment="默认部门")
-    DEPT.objects.create(name="超管部", comment="超级管理员部门")
-    dept = DEPT.objects.get(name='超管部')
-    dept2 = DEPT.objects.get(name='默认')
-    UserGroup.objects.create(name='ALL', dept=dept, comment='ALL')
-    UserGroup.objects.create(name='默认', dept=dept, comment='默认')
-
-    BisGroup.objects.create(name='ALL', dept=dept, comment='ALL')
-    BisGroup.objects.create(name='默认', dept=dept, comment='默认')
-
-    User(id=5000, username="admin", password=md5_crypt('admin'),
-         name='admin', email='admin@jumpserver.org', role='SU', is_active=True, dept=dept).save()
-    User(id=5001, username="group_admin", password=md5_crypt('group_admin'),
-         name='group_admin', email='group_admin@jumpserver.org', role='DA', is_active=True, dept=dept2).save()
-
-
-def test_add_idc():
-    for i in range(1, 20):
-        name = 'IDC' + str(i)
-        IDC.objects.create(name=name, comment='')
-        print 'Add: %s' % name
-
-
-def test_add_dept():
-    for i in range(1, 100):
-        name = 'DEPT' + str(i)
-        print "Add: %s" % name
-        DEPT.objects.create(name=name, comment=name)
-
-
-def test_add_group():
-    dept_all = DEPT.objects.all()
-    for i in range(1, 100):
-        name = 'UserGroup' + str(i)
-        UserGroup.objects.create(name=name, dept=random.choice(dept_all), comment=name)
-        print 'Add: %s' % name
-
-
-def test_add_cmd_group():
-    for i in range(1, 20):
-        name = 'CMD' + str(i)
-        cmd = '/sbin/ping%s, /sbin/ifconfig/' % str(i)
-        CmdGroup.objects.create(name=name, cmd=cmd, comment=name)
-        print 'Add: %s' % name
-
-
-def test_add_user():
-    for i in range(1, 500):
-        username = "test" + str(i)
-        dept_all = DEPT.objects.all()
-        group_all = UserGroup.objects.all()
-        group_all_id = [group.id for group in group_all]
-        db_add_user(username=username,
-                    password=md5_crypt(username),
-                    dept=random.choice(dept_all),
-                    name=username, email='%s@jumpserver.org' % username,
-                    groups=[random.choice(group_all_id) for i in range(1, 4)], role='CU',
-                    ssh_key_pwd=CRYPTOR.encrypt(username),
-                    ldap_pwd=CRYPTOR.encrypt(username),
-                    is_active=True,
-                    date_joined=datetime.datetime.now())
-        print "Add: %s" % username
-
-
-def test_add_asset_group():
-    dept = DEPT.objects.get(name='默认')
-    for i in range(1, 20):
-        name = 'AssetGroup' + str(i)
-        group = BisGroup(name=name, dept=dept, comment=name)
-        group.save()
-        print 'Add: %s' % name
-
-
-def test_add_asset():
-    idc_all = IDC.objects.all()
-    test_idc = random.choice(idc_all)
-    bis_group_all = BisGroup.objects.all()
-    dept_all = DEPT.objects.all()
-    for i in range(1, 500):
-        ip = '192.168.1.' + str(i)
-        asset = Asset(ip=ip, port=22, login_type='L', idc=test_idc, is_active=True, comment='test')
-        asset.save()
-        asset.bis_group = [random.choice(bis_group_all) for i in range(2)]
-        asset.dept = [random.choice(dept_all) for i in range(2)]
-        print "Add: %s" % ip
-
-
-def test_add_log():
-    li_date = []
-    today = datetime.date.today()
-    oneday = datetime.timedelta(days=1)
-    for i in range(0, 7):
-        today = today-oneday
-        li_date.append(today)
-    user_list = ['马云', '马化腾', '丁磊', '周鸿祎', '雷军', '柳传志', '陈天桥', '李彦宏', '李开复', '罗永浩']
-    for i in range(1, 1000):
-        user = random.choice(user_list)
-        ip = random.randint(1, 20)
-        start_time = random.choice(li_date)
-        end_time = datetime.datetime.now()
-        log_path = '/var/log/jumpserver/test.log'
-        host = '192.168.1.' + str(ip)
-        Log.objects.create(user=user, host=host, log_path=log_path, pid=168, start_time=start_time,
-                           is_finished=1, log_finished=1, end_time=end_time)
-
-
-if __name__ == '__main__':
-    install()
-
-
-
-

docs/requirements.txt

-sphinx-me==0.3
-django==1.6
-python-ldap==2.4.19
-pycrypto==2.6.1
-paramiko==1.15.2
-ecdsa==0.13
-MySQL-python==1.2.5
-django-uuidfield==0.5.0
-psutil==2.2.1
\ No newline at end of file

docs/zzjumpserver.sh

-#!/bin/bash
-
-if [ "$USER" == "admin" ] || [ "$USER" == "root" ] || [ "$USER" == "" ];then
-    echo ""
-else
-    python /opt/jumpserver/connect.py
-    if [ $USER == 'guanghongwei' ];then
-        echo
-    else
-        exit 3
-        echo
-    fi
-fi

jasset/models.py

+# coding: utf-8
+
 import datetime
 from django.db import models
-from juser.models import User, UserGroup, DEPT
+from juser.models import User, UserGroup
 
+ASSET_ENV = (
+    (1, U'生产环境'),
+    (2, U'测试环境')
+    )
 
-class IDC(models.Model):
-    name = models.CharField(max_length=40, unique=True)
-    comment = models.CharField(max_length=80, blank=True, null=True)
+ASSET_STATUS = (
+    (1, u"已使用"),
+    (2, u"未使用"),
+    (3, u"报废")
+    )
 
-    def __unicode__(self):
-        return self.name
+ASSET_TYPE = (
+    (1, u"物理机"),
+    (2, u"虚拟机"),
+    (3, u"交换机"),
+    (4, u"路由器"),
+    (5, u"防火墙"),
+    (6, u"Docker"),
+    (7, u"其他")
+    )
 
 
-class BisGroup(models.Model):
+class AssetGroup(models.Model):
     GROUP_TYPE = (
         ('P', 'PRIVATE'),
         ('A', 'ASSET'),
     )
     name = models.CharField(max_length=80, unique=True)
-    dept = models.ForeignKey(DEPT)
     comment = models.CharField(max_length=160, blank=True, null=True)
 
     def __unicode__(self):
         return self.name
 
 
+class IDC(models.Model):
+    name = models.CharField(max_length=32, verbose_name=u'机房名称')
+    bandwidth = models.CharField(max_length=32, blank=True, null=True, default='', verbose_name=u'机房带宽')
+    linkman = models.CharField(max_length=16, blank=True, null=True, default='', verbose_name=u'联系人')
+    phone = models.CharField(max_length=32, blank=True, null=True, default='', verbose_name=u'联系电话')
+    address = models.CharField(max_length=128, blank=True, null=True, default='', verbose_name=u"机房地址")
+    network = models.TextField(blank=True, null=True, default='', verbose_name=u"IP地址段")
+    date_added = models.DateField(auto_now=True, null=True)
+    operator = models.CharField(max_length=32, blank=True, default='', null=True, verbose_name=u"运营商")
+    comment = models.CharField(max_length=128, blank=True, default='', null=True, verbose_name=u"备注")
+
+    def __unicode__(self):
+        return self.name
+
+    class Meta:
+        verbose_name = u"IDC机房"
+        verbose_name_plural = verbose_name
+
+
 class Asset(models.Model):
-    LOGIN_TYPE_CHOICES = (
-        ('L', 'LDAP'),
-        ('M', 'MAP'),
-    )
-    ip = models.IPAddressField(unique=True)
-    port = models.IntegerField(max_length=6)
-    idc = models.ForeignKey(IDC)
-    bis_group = models.ManyToManyField(BisGroup)
-    dept = models.ManyToManyField(DEPT)
-    login_type = models.CharField(max_length=1, choices=LOGIN_TYPE_CHOICES, default='L')
-    username = models.CharField(max_length=20, blank=True, null=True)
-    password = models.CharField(max_length=80, blank=True, null=True)
-    date_added = models.DateTimeField(auto_now=True, default=datetime.datetime.now(), null=True)
-    is_active = models.BooleanField(default=True)
-    comment = models.CharField(max_length=100, blank=True, null=True)
+    """
+    asset modle
+    """
+    ip = models.CharField(max_length=32, blank=True, null=True, verbose_name=u"主机IP")
+    other_ip = models.CharField(max_length=255, blank=True, null=True, verbose_name=u"其他IP")
+    hostname = models.CharField(unique=True, max_length=128, verbose_name=u"主机名")
+    port = models.IntegerField(blank=True, null=True, verbose_name=u"端口号")
+    group = models.ManyToManyField(AssetGroup, blank=True, verbose_name=u"所属主机组")
+    username = models.CharField(max_length=16, blank=True, null=True, verbose_name=u"管理用户名")
+    password = models.CharField(max_length=64, blank=True, null=True, verbose_name=u"密码")
+    use_default_auth = models.BooleanField(default=True, verbose_name=u"使用默认管理账号")
+    idc = models.ForeignKey(IDC, blank=True, null=True,  on_delete=models.SET_NULL, verbose_name=u'机房')
+    mac = models.CharField(max_length=20, blank=True, null=True, verbose_name=u"MAC地址")
+    remote_ip = models.CharField(max_length=16, blank=True, null=True, verbose_name=u'远控卡IP')
+    brand = models.CharField(max_length=64, blank=True, null=True, verbose_name=u'硬件厂商型号')
+    cpu = models.CharField(max_length=64, blank=True, null=True, verbose_name=u'CPU')
+    memory = models.CharField(max_length=128, blank=True, null=True, verbose_name=u'内存')
+    disk = models.CharField(max_length=128, blank=True, null=True, verbose_name=u'硬盘')
+    system_type = models.CharField(max_length=32, blank=True, null=True, verbose_name=u"系统类型")
+    system_version = models.CharField(max_length=8, blank=True, null=True, verbose_name=u"系统版本号")
+    system_arch = models.CharField(max_length=16, blank=True, null=True, verbose_name=u"系统平台")
+    cabinet = models.CharField(max_length=32, blank=True, null=True, verbose_name=u'机柜号')
+    position = models.IntegerField(blank=True, null=True, verbose_name=u'机器位置')
+    number = models.CharField(max_length=32, blank=True, null=True, verbose_name=u'资产编号')
+    status = models.IntegerField(choices=ASSET_STATUS, blank=True, null=True, default=1, verbose_name=u"机器状态")
+    asset_type = models.IntegerField(choices=ASSET_TYPE, blank=True, null=True, verbose_name=u"主机类型")
+    env = models.IntegerField(choices=ASSET_ENV, blank=True, null=True, verbose_name=u"运行环境")
+    sn = models.CharField(max_length=128, blank=True, null=True, verbose_name=u"SN编号")
+    date_added = models.DateTimeField(auto_now=True, null=True)
+    is_active = models.BooleanField(default=True, verbose_name=u"是否激活")
+    comment = models.CharField(max_length=128, blank=True, null=True, verbose_name=u"备注")
 
     def __unicode__(self):
         return self.ip
 
 
+class AssetRecord(models.Model):
+    asset = models.ForeignKey(Asset)
+    username = models.CharField(max_length=30, null=True)
+    alert_time = models.DateTimeField(auto_now_add=True)
+    content = models.TextField(null=True, blank=True)
+    comment = models.TextField(null=True, blank=True)
+
+
 class AssetAlias(models.Model):
     user = models.ForeignKey(User)
-    host = models.ForeignKey(Asset)
+    asset = models.ForeignKey(Asset)
     alias = models.CharField(max_length=100, blank=True, null=True)
 
     def __unicode__(self):
-        return self.comment
\ No newline at end of file
+        return self.alias

jasset/urls.py

@@ -3,26 +3,22 @@ from django.conf.urls import patterns, include, url
 from jasset.views import *
 
 urlpatterns = patterns('',
-    url(r'^host_add/$', host_add),
-    url(r"^host_add_multi/$", host_add_batch),
-    url(r'^host_list/$', host_list),
-    url(r'^search/$', host_search),
-    url(r"^host_detail/$", host_detail),
-    url(r"^dept_host_ajax/$", dept_host_ajax),
-    url(r"^show_all_ajax/$", show_all_ajax),
-    url(r'^idc_add/$', idc_add),
-    url(r'^idc_list/$', idc_list),
-    url(r'^idc_edit/$', idc_edit),
-    url(r'^idc_detail/$', idc_detail),
-    url(r'^idc_del/$', idc_del),
-    url(r'^group_add/$', group_add),
-    url(r'^group_edit/$', group_edit),
-    url(r'^group_list/$', group_list),
-    url(r'^group_detail/$', group_detail),
-    url(r'^group_del_host/$', group_del_host),
-    url(r'^group_del/$', group_del),
-    url(r'^host_del/(\w+)/$', host_del),
-    url(r'^host_edit/$', view_splitter, {'su': host_edit, 'adm': host_edit_adm}),
-    url(r'^host_edit/batch/$', host_edit_batch),
-    url(r'^host_edit_common/batch/$', host_edit_common_batch),
+    url(r'^asset/add/$', asset_add, name='asset_add'),
+    url(r"^asset/add_batch/$", asset_add_batch, name='asset_add_batch'),
+    url(r'^asset/list/$', asset_list, name='asset_list'),
+    url(r'^asset/del/$', asset_del, name='asset_del'),
+    url(r"^asset/detail/$", asset_detail, name='asset_detail'),
+    url(r'^asset/edit/$', asset_edit, name='asset_edit'),
+    url(r'^asset/edit_batch/$', asset_edit_batch, name='asset_edit_batch'),
+    url(r'^asset/update/$', asset_update, name='asset_update'),
+    url(r'^asset/update_batch/$', asset_update_batch, name='asset_update_batch'),
+    url(r'^asset/upload/$', asset_upload, name='asset_upload'),
+    url(r'^group/del/$', group_del, name='asset_group_del'),
+    url(r'^group/add/$', group_add, name='asset_group_add'),
+    url(r'^group/list/$', group_list, name='asset_group_list'),
+    url(r'^group/edit/$', group_edit, name='asset_group_edit'),
+    url(r'^idc/add/$', idc_add, name='idc_add'),
+    url(r'^idc/list/$', idc_list, name='idc_list'),
+    url(r'^idc/edit/$', idc_edit, name='idc_edit'),
+    url(r'^idc/del/$', idc_del, name='idc_del'),
 )
\ No newline at end of file

jlog/models.py

@@ -3,14 +3,13 @@ from django.db import models
 
 class Log(models.Model):
     user = models.CharField(max_length=20, null=True)
-    host = models.CharField(max_length=20, null=True)
+    host = models.CharField(max_length=200, null=True)
     remote_ip = models.CharField(max_length=100)
-    dept_name = models.CharField(max_length=20)
+    login_type = models.CharField(max_length=100)
     log_path = models.CharField(max_length=100)
     start_time = models.DateTimeField(null=True)
-    pid = models.IntegerField(max_length=10)
+    pid = models.IntegerField()
     is_finished = models.BooleanField(default=False)
-    log_finished = models.BooleanField(default=False)
     end_time = models.DateTimeField(null=True)
 
     def __unicode__(self):
@@ -21,3 +20,30 @@ class Alert(models.Model):
     msg = models.CharField(max_length=20)
     time = models.DateTimeField(null=True)
     is_finished = models.BigIntegerField(default=False)
+
+
+class TtyLog(models.Model):
+    log = models.ForeignKey(Log)
+    datetime = models.DateTimeField(auto_now=True)
+    cmd = models.CharField(max_length=200)
+
+
+class ExecLog(models.Model):
+    user = models.CharField(max_length=100)
+    host = models.TextField()
+    cmd = models.TextField()
+    remote_ip = models.CharField(max_length=100)
+    result = models.TextField(default='')
+    datetime = models.DateTimeField(auto_now=True)
+
+
+class FileLog(models.Model):
+    user = models.CharField(max_length=100)
+    host = models.TextField()
+    filename = models.TextField()
+    type = models.CharField(max_length=20)
+    remote_ip = models.CharField(max_length=100)
+    result = models.TextField(default='')
+    datetime = models.DateTimeField(auto_now=True)
+
+

jlog/urls.py

@@ -3,9 +3,9 @@ from django.conf.urls import patterns, include, url
 from jlog.views import *
 
 urlpatterns = patterns('',
-    url(r'^$', log_list),
-    url(r'^log_list/(\w+)/$', log_list),
-    url(r'^log_kill/', log_kill),
-    url(r'^history/$', log_history),
-    url(r'^search/$', log_search),
-)
\ No newline at end of file
+                       url(r'^list/(\w+)/$', log_list, name='log_list'),
+                       url(r'^detail/(\w+)/$', log_detail, name='log_detail'),
+                       url(r'^history/$', log_history, name='log_history'),
+                       url(r'^log_kill/', log_kill, name='log_kill'),
+                       url(r'^record/$', log_record, name='log_record'),
+                      )
\ No newline at end of file

jlog/views.py

@@ -4,78 +4,93 @@ from django.template import RequestContext
 from django.shortcuts import render_to_response
 
 from jumpserver.api import *
-from jasset.views import httperror
+from jperm.perm_api import user_have_perm
 from django.http import HttpResponseNotFound
+from jlog.log_api import renderTemplate
 
-CONF = ConfigParser()
-CONF.read('%s/jumpserver.conf' % BASE_DIR)
+from jlog.models import Log, ExecLog, FileLog
+from jumpserver.settings import WEB_SOCKET_HOST
 
 
-def get_user_info(request, offset):
-    """ 获取用户信息及环境 """
-    env_dic = {'online': 0, 'offline': 1}
-    env = env_dic[offset]
+@require_role('admin')
+def log_list(request, offset):
+    """ 显示日志 """
+    header_title, path1 = u'审计', u'操作审计'
+    date_seven_day = request.GET.get('start', '')
+    date_now_str = request.GET.get('end', '')
+    username_list = request.GET.getlist('username', [])
+    host_list = request.GET.getlist('host', [])
+    cmd = request.GET.get('cmd', '')
+
+    if offset == 'online':
         keyword = request.GET.get('keyword', '')
-    user_info = get_session_user_info(request)
-    user_id, username = user_info[0:2]
-    dept_id, dept_name = user_info[3:5]
-    ret = [request, keyword, env, username, dept_name]
-
-    return ret
-
-
-def get_user_log(ret_list):
-    """ 获取不同类型用户日志记录 """
-    request, keyword, env, username, dept_name = ret_list
-    post_all = Log.objects.filter(is_finished=env).order_by('-start_time')
-    post_keyword_all = Log.objects.filter(Q(user__contains=keyword) |
-                                          Q(host__contains=keyword)) \
-        .filter(is_finished=env).order_by('-start_time')
-
-    if is_super_user(request):
+        posts = Log.objects.filter(is_finished=False).order_by('-start_time')
         if keyword:
-            posts = post_keyword_all
-        else:
-            posts = post_all
+            posts = posts.filter(Q(user__icontains=keyword) | Q(host__icontains=keyword) |
+                                 Q(login_type_icontains=keyword))
 
-    elif is_group_admin(request):
+    elif offset == 'exec':
+        posts = ExecLog.objects.all().order_by('-id')
+        keyword = request.GET.get('keyword', '')
         if keyword:
-            posts = post_keyword_all.filter(dept_name=dept_name)
-        else:
-            posts = post_all.filter(dept_name=dept_name)
-
-    elif is_common_user(request):
+            posts = posts.filter(Q(user__icontains=keyword)|Q(host__icontains=keyword)|Q(cmd__icontains=keyword))
+    elif offset == 'file':
+        posts = FileLog.objects.all().order_by('-id')
+        keyword = request.GET.get('keyword', '')
         if keyword:
-            posts = post_keyword_all.filter(user=username)
+            posts = posts.filter(Q(user__icontains=keyword)|Q(host__icontains=keyword)|Q(filename__icontains=keyword))
     else:
-            posts = post_all.filter(user=username)
+        posts = Log.objects.filter(is_finished=True).order_by('-start_time')
+        username_all = set([log.user for log in Log.objects.all()])
+        ip_all = set([log.host for log in Log.objects.all()])
 
-    return posts
+        if date_seven_day and date_now_str:
+            datetime_start = datetime.datetime.strptime(date_seven_day + ' 00:00:01', '%m/%d/%Y %H:%M:%S')
+            datetime_end = datetime.datetime.strptime(date_now_str + ' 23:59:59', '%m/%d/%Y %H:%M:%S')
+            posts = posts.filter(start_time__gte=datetime_start).filter(start_time__lte=datetime_end)
 
+        if username_list:
+            posts = posts.filter(user__in=username_list)
+
+        if host_list:
+            posts = posts.filter(host__in=host_list)
+
+        if cmd:
+            log_id_list = set([log.log_id for log in TtyLog.objects.filter(cmd__contains=cmd)])
+            posts = posts.filter(id__in=log_id_list)
+
+        if not date_seven_day:
+            date_now = datetime.datetime.now()
+            date_now_str = date_now.strftime('%m/%d/%Y')
+            date_seven_day = (date_now + datetime.timedelta(days=-7)).strftime('%m/%d/%Y')
 
-@require_login
-def log_list(request, offset):
-    """ 显示日志 """
-    header_title, path1, path2 = u'查看日志', u'查看日志', u'在线用户'
-    keyword = request.GET.get('keyword', '')
-    web_socket_host = CONF.get('websocket', 'web_socket_host')
-    posts = get_user_log(get_user_info(request, offset))
     contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
 
+    web_monitor_uri = 'ws://%s/monitor' % WEB_SOCKET_HOST
+    web_kill_uri = 'http://%s/kill' % WEB_SOCKET_HOST
+    session_id = request.session.session_key
     return render_to_response('jlog/log_%s.html' % offset, locals(), context_instance=RequestContext(request))
 
 
-@require_admin
+@require_role('admin')
+def log_detail(request):
+    return my_render('jlog/exec_detail.html', locals(), request)
+
+
+@require_role('admin')
 def log_kill(request):
     """ 杀掉connect进程 """
     pid = request.GET.get('id', '')
     log = Log.objects.filter(pid=pid)
     if log:
         log = log[0]
+<<<<<<< HEAD
         dept_name = log.dept_name
         deptname = get_session_user_info(request)[4]
         if is_group_admin(request) and dept_name != deptname:
             return httperror(request, u'Kill失败, 您无权操作!')
+=======
+>>>>>>> dev
         try:
             os.kill(int(pid), 9)
         except OSError:
@@ -86,35 +101,56 @@ def log_kill(request):
         return HttpResponseNotFound(u'没有此进程!')
 
 
-@require_login
+@require_role('admin')
 def log_history(request):
     """ 命令历史记录 """
     log_id = request.GET.get('id', 0)
-    log = Log.objects.filter(id=int(log_id))
+    log = Log.objects.filter(id=log_id)
     if log:
         log = log[0]
-        dept_name = log.dept_name
-        deptname = get_session_user_info(request)[4]
-        if is_group_admin(request) and dept_name != deptname:
-            return httperror(request, '查看失败, 您无权查看!')
+        tty_logs = log.ttylog_set.all()
+
+        if tty_logs:
+            content = ''
+            for tty_log in tty_logs:
+                content += '%s: %s\n' % (tty_log.datetime.strftime('%Y-%m-%d %H:%M:%S'), tty_log.cmd)
+            return HttpResponse(content)
+
+    return HttpResponse('无日志记录!')
 
-        elif is_common_user(request):
-            return httperror(request, '查看失败, 您无权查看!')
 
-        log_his = "%s.his" % log.log_path
-        if os.path.isfile(log_his):
-            f = open(log_his)
-            content = f.read()
+@require_role('admin')
+def log_record(request):
+    log_id = request.GET.get('id', 0)
+    log = Log.objects.filter(id=int(log_id))
+    if log:
+        log = log[0]
+        log_file = log.log_path + '.log'
+        log_time = log.log_path + '.time'
+        if os.path.isfile(log_file) and os.path.isfile(log_time):
+            content = renderTemplate(log_file, log_time)
             return HttpResponse(content)
         else:
-            return httperror(request, '无日志记录, 请查看日志处理脚本是否开启!')
+            return HttpResponse('无日志记录!')
 
 
-@require_login
-def log_search(request):
-    """ 日志搜索 """
-    offset = request.GET.get('env', '')
-    keyword = request.GET.get('keyword', '')
-    posts = get_user_log(get_user_info(request, offset))
-    contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request)
-    return render_to_response('jlog/log_search.html', locals(), context_instance=RequestContext(request))
+@require_role('admin')
+def log_detail(request, offset):
+    log_id = request.GET.get('id')
+    if offset == 'exec':
+        log = get_object(ExecLog, id=log_id)
+        assets_hostname = log.host.split(' ')
+        try:
+            result = eval(str(log.result))
+        except (SyntaxError, NameError):
+            result = {}
+        return my_render('jlog/exec_detail.html', locals(), request)
+    elif offset == 'file':
+        log = get_object(FileLog, id=log_id)
+        assets_hostname = log.host.split(' ')
+        file_list = log.filename.split(' ')
+        try:
+            result = eval(str(log.result))
+        except (SyntaxError, NameError):
+            result = {}
+        return my_render('jlog/file_detail.html', locals(), request)

jperm/models.py

 import datetime
 
-from uuidfield import UUIDField
-
 from django.db import models
-from juser.models import UserGroup, DEPT
-from jasset.models import Asset, BisGroup
+from jasset.models import Asset, AssetGroup
+from juser.models import User, UserGroup
+
 
+class PermLog(models.Model):
+    datetime = models.DateTimeField(auto_now_add=True)
+    action = models.CharField(max_length=100, null=True, blank=True, default='')
+    results = models.CharField(max_length=1000, null=True, blank=True, default='')
+    is_success = models.BooleanField(default=False)
+    is_finish = models.BooleanField(default=False)
 
-class Perm(models.Model):
-    user_group = models.ForeignKey(UserGroup)
-    asset_group = models.ForeignKey(BisGroup)
+
+class PermSudo(models.Model):
+    name = models.CharField(max_length=100, unique=True)
+    date_added = models.DateTimeField(auto_now=True)
+    commands = models.TextField()
+    comment = models.CharField(max_length=100, null=True, blank=True, default='')
 
     def __unicode__(self):
-        return '%s_%s' % (self.user_group.name, self.asset_group.name)
+        return self.name
 
 
-class CmdGroup(models.Model):
-    name = models.CharField(max_length=50, unique=True)
-    cmd = models.CharField(max_length=999)
-    dept = models.ForeignKey(DEPT)
-    comment = models.CharField(blank=True, null=True, max_length=50)
+class PermRole(models.Model):
+    name = models.CharField(max_length=100, unique=True)
+    comment = models.CharField(max_length=100, null=True, blank=True, default='')
+    password = models.CharField(max_length=100)
+    key_path = models.CharField(max_length=100)
+    date_added = models.DateTimeField(auto_now=True)
+    sudo = models.ManyToManyField(PermSudo, related_name='perm_role')
 
     def __unicode__(self):
         return self.name
 
 
-class SudoPerm(models.Model):
-    user_group = models.ForeignKey(UserGroup)
-    user_runas = models.CharField(max_length=100)
-    asset_group = models.ManyToManyField(BisGroup)
-    cmd_group = models.ManyToManyField(CmdGroup)
-    comment = models.CharField(max_length=30, null=True, blank=True)
+class PermRule(models.Model):
+    date_added = models.DateTimeField(auto_now=True)
+    name = models.CharField(max_length=100, unique=True)
+    comment = models.CharField(max_length=100)
+    asset = models.ManyToManyField(Asset, related_name='perm_rule')
+    asset_group = models.ManyToManyField(AssetGroup, related_name='perm_rule')
+    user = models.ManyToManyField(User, related_name='perm_rule')
+    user_group = models.ManyToManyField(UserGroup, related_name='perm_rule')
+    role = models.ManyToManyField(PermRole, related_name='perm_rule')
 
     def __unicode__(self):
-        return self.user_group.name
-
-
-class Apply(models.Model):
-    uuid = UUIDField(auto=True)
-    applyer = models.CharField(max_length=20)
-    admin = models.CharField(max_length=20)
-    approver = models.CharField(max_length=20)
-    dept = models.CharField(max_length=20)
-    bisgroup = models.CharField(max_length=500)
-    asset = models.CharField(max_length=500)
-    comment = models.TextField(blank=True, null=True)
-    status = models.IntegerField(max_length=2)
-    date_add = models.DateTimeField(null=True)
-    date_end = models.DateTimeField(null=True)
-    read = models.IntegerField(max_length=2)
+        return self.name
+
+
+class PermPush(models.Model):
+    asset = models.ForeignKey(Asset, related_name='perm_push')
+    role = models.ForeignKey(PermRole, related_name='perm_push')
+    is_public_key = models.BooleanField(default=False)
+    is_password = models.BooleanField(default=False)
+    success = models.BooleanField(default=False)
+    result = models.TextField(default='')
+    date_added = models.DateTimeField(auto_now=True)
 
-    def __unicode__(self):
-        return self.applyer

jperm/urls.py

@@ -2,32 +2,21 @@ from django.conf.urls import patterns, include, url
 from jperm.views import *
 
 urlpatterns = patterns('jperm.views',
-    # Examples:
-    # url(r'^$', 'jumpserver.views.home', name='home'),
-    # url(r'^blog/', include('blog.urls')),
-
-    (r'^perm_edit/$', view_splitter, {'su': perm_edit, 'adm': perm_edit_adm}),
-    (r'^dept_perm_edit/$', 'dept_perm_edit'),
-    (r'^perm_list/$', view_splitter, {'su': perm_list, 'adm': perm_list_adm}),
-    (r'^dept_perm_list/$', 'dept_perm_list'),
-    (r'^perm_user_detail/$', 'perm_user_detail'),
-    (r'^perm_detail/$', 'perm_detail'),
-    (r'^perm_del/$', 'perm_del'),
-    (r'^perm_asset_detail/$', 'perm_asset_detail'),
-    (r'^sudo_list/$', view_splitter, {'su': sudo_list, 'adm': sudo_list_adm}),
-    (r'^sudo_del/$', 'sudo_del'),
-    (r'^sudo_edit/$', view_splitter, {'su': sudo_edit, 'adm': sudo_edit_adm}),
-    (r'^sudo_refresh/$', 'sudo_refresh'),
-    (r'^sudo_detail/$', 'sudo_detail'),
-    (r'^cmd_add/$', view_splitter, {'su': cmd_add, 'adm': cmd_add_adm}),
-    (r'^cmd_list/$', 'cmd_list'),
-    (r'^cmd_del/$', 'cmd_del'),
-    (r'^cmd_edit/$', 'cmd_edit'),
-    (r'^cmd_detail/$', 'cmd_detail'),
-    (r'^apply/$', 'perm_apply'),
-    (r'^apply_show/(\w+)/$', 'perm_apply_log'),
-    (r'^apply_exec/$', 'perm_apply_exec'),
-    (r'^apply_info/$', 'perm_apply_info'),
-    (r'^apply_del/$', 'perm_apply_del'),
-    (r'^apply_search/$', 'perm_apply_search'),
-)
+                       url(r'^rule/list/$', perm_rule_list, name='rule_list'),
+                       url(r'^rule/add/$', perm_rule_add, name='rule_add'),
+                       url(r'^rule/detail/$', perm_rule_detail, name='rule_detail'),
+                       url(r'^rule/edit/$', perm_rule_edit, name='rule_edit'),
+                       url(r'^rule/del/$', perm_rule_delete, name='rule_del'),
+                       url(r'^role/list/$', perm_role_list, name='role_list'),
+                       url(r'^role/add/$', perm_role_add, name='role_add'),
+                       url(r'^role/del/$', perm_role_delete, name='role_del'),
+                       url(r'^role/detail/$', perm_role_detail, name='role_detail'),
+                       url(r'^role/edit/$', perm_role_edit, name='role_edit'),
+                       url(r'^role/push/$', perm_role_push, name='role_push'),
+                       url(r'^role/recycle/$', perm_role_recycle, name='role_recycle'),
+                       url(r'^role/get/$', perm_role_get, name='role_get'),
+                       url(r'^sudo/list/$', perm_sudo_list, name='sudo_list'),
+                       url(r'^sudo/add/$', perm_sudo_add, name='sudo_add'),
+                       url(r'^sudo/del/$', perm_sudo_delete, name='sudo_del'),
+                       url(r'^sudo/edit/$', perm_sudo_edit, name='sudo_edit'),
+                       )

jumpserver.conf

-#coding: utf8
-
 [base]
-ip = 192.168.20.209
-port = 80
+url = http://192.168.244.129
 key = 88aaaf7ffe3c6c04
-
+log = debug
 
 [db]
 host = 127.0.0.1
@@ -13,22 +10,20 @@ user = jumpserver
 password = mysql234
 database = jumpserver
 
-
-[ldap]
-ldap_enable = 1
-host_url = ldap://127.0.0.1:389
-base_dn = dc=jumpserver, dc=org
-root_dn = cn=admin,dc=jumpserver,dc=org
-root_pw = secret234
-
-
 [websocket]
-web_socket_host = 192.168.40.140:3000
-
+web_socket_host = 192.168.244.129:3000
 
 [mail]
+mail_enable = 1
 email_host = smtp.qq.com
 email_port = 25
+<<<<<<< HEAD
 email_host_user = 1152704203@qq.com
 email_host_password = Hudie117...
 email_use_tls = False
+=======
+email_host_user = ibuler@qq.com
+email_host_password = Hudie117...qq
+email_use_tls = True
+
+>>>>>>> dev

jumpserver/context_processors.py

 from juser.models import User
 from jasset.models import Asset
 from jumpserver.api import *
-from jperm.models import Apply
 
 
 def name_proc(request):
-    user_id = request.session.get('user_id')
-    role_id = request.session.get('role_id')
-    if role_id == 2:
+    user_id = request.user.id
+    role_id = {'SU': 2, 'GA': 1, 'CU': 0}.get(request.user.role, 0)
+    # role_id = 'SU'
     user_total_num = User.objects.all().count()
     user_active_num = User.objects.filter().count()
     host_total_num = Asset.objects.all().count()
     host_active_num = Asset.objects.filter(is_active=True).count()
-    else:
-        user, dept = get_session_user_dept(request)
-        user_total_num = dept.user_set.all().count()
-        user_active_num = dept.user_set.filter(is_active=True).count()
-        host_total_num = dept.asset_set.all().count()
-        host_active_num = dept.asset_set.all().filter(is_active=True).count()
-
-    username = User.objects.get(id=user_id).name
-    apply_info = Apply.objects.filter(admin=username, status=0, read=0)
     request.session.set_expiry(3600)
 
     info_dic = {'session_user_id': user_id,
@@ -29,7 +19,7 @@ def name_proc(request):
                 'user_active_num': user_active_num,
                 'host_total_num': host_total_num,
                 'host_active_num': host_active_num,
-                'apply_info': apply_info}
+                }
 
     return info_dic
 

jumpserver/urls.py

 from django.conf.urls import patterns, include, url
 
 
-urlpatterns = patterns('',
+urlpatterns = patterns('jumpserver.views',
     # Examples:
-    (r'^$', 'jumpserver.views.index'),
-    (r'^api/user/$', 'jumpserver.api.api_user'),
-    (r'^skin_config/$', 'jumpserver.views.skin_config'),
-    (r'^install/$', 'jumpserver.views.install'),
-    (r'^base/$', 'jumpserver.views.base'),
-    (r'^login/$', 'jumpserver.views.login'),
-    (r'^logout/$', 'jumpserver.views.logout'),
-    (r'^file/upload/$', 'jumpserver.views.upload'),
-    (r'^file/download/$', 'jumpserver.views.download'),
-    (r'^error/$', 'jumpserver.views.httperror'),
-    (r'^juser/', include('juser.urls')),
-    (r'^jasset/', include('jasset.urls')),
-    (r'^jlog/', include('jlog.urls')),
-    (r'^jperm/', include('jperm.urls')),
-    (r'^node_auth/', 'jumpserver.views.node_auth'),
-
+    url(r'^$', 'index', name='index'),
+    # url(r'^api/user/$', 'api_user'),
+    url(r'^skin_config/$', 'skin_config', name='skin_config'),
+    url(r'^login/$', 'Login', name='login'),
+    url(r'^logout/$', 'Logout', name='logout'),
+    url(r'^exec_cmd/$', 'exec_cmd', name='exec_cmd'),
+    url(r'^file/upload/$', 'upload', name='file_upload'),
+    url(r'^file/download/$', 'download', name='file_download'),
+    url(r'^setting', 'setting', name='setting'),
+    url(r'^terminal/$', 'web_terminal', name='terminal'),
+    url(r'^juser/', include('juser.urls')),
+    url(r'^jasset/', include('jasset.urls')),
+    url(r'^jlog/', include('jlog.urls')),
+    url(r'^jperm/', include('jperm.urls')),
 )

juser/tests.py

-from django.test import TestCase
-
-# Create your tests here.

juser/urls.py

@@ -6,28 +6,20 @@ urlpatterns = patterns('juser.views',
                        # Examples:
                        # url(r'^$', 'jumpserver.views.home', name='home'),
                        # url(r'^blog/', include('blog.urls')),
-
-    (r'^dept_list/$', view_splitter, {'su': dept_list, 'adm': dept_list_adm}),
-    (r'^dept_add/$', 'dept_add'),
-    (r'^dept_del/$', 'dept_del'),
-    (r'^dept_detail/$', 'dept_detail'),
-    (r'^dept_del_ajax/$', 'dept_del_ajax'),
-    (r'^dept_edit/$', 'dept_edit'),
-    (r'^dept_user_ajax/$', 'dept_user_ajax'),
-    (r'^group_add/$', view_splitter, {'su': group_add, 'adm': group_add_adm}),
-    (r'^group_list/$', view_splitter, {'su': group_list, 'adm': group_list_adm}),
-    (r'^group_detail/$', 'group_detail'),
-    (r'^group_del/$', view_splitter, {'su': group_del, 'adm': group_del_adm}),
-    (r'^group_del_ajax/$', 'group_del_ajax'),
-    (r'^group_edit/$', view_splitter, {'su': group_edit, 'adm': group_edit_adm}),
-    (r'^user_add/$', view_splitter, {'su': user_add, 'adm': user_add_adm}),
-    (r'^user_list/$', view_splitter, {'su': user_list, 'adm': user_list_adm}),
-    (r'^user_detail/$', 'user_detail'),
-    (r'^user_del/$', 'user_del'),
-    (r'^user_del_ajax/$', 'user_del_ajax'),
-    (r'^user_edit/$', view_splitter, {'su': user_edit, 'adm': user_edit_adm}),
-    (r'^profile/$', 'profile'),
-    (r'^chg_info/$', 'chg_info'),
-    (r'^chg_role/$', 'chg_role'),
-    (r'^down_key/$', 'down_key'),
-)
+                       url(r'^group/add/$', 'group_add', name='user_group_add'),
+                       url(r'^group/list/$', 'group_list', name='user_group_list'),
+                       url(r'^group/del/$', 'group_del', name='user_group_del'),
+                       url(r'^group/edit/$', 'group_edit', name='user_group_edit'),
+                       url(r'^user/add/$', 'user_add', name='user_add'),
+                       url(r'^user/del/$', 'user_del', name='user_del'),
+                       url(r'^user/list/$', 'user_list', name='user_list'),
+                       url(r'^user/edit/$', 'user_edit', name='user_edit'),
+                       url(r'^user/detail/$', 'user_detail', name='user_detail'),
+                       url(r'^user/profile/$', 'profile', name='user_profile'),
+                       url(r'^user/update/$', 'change_info', name='user_update'),
+                       url(r'^mail/retry/$', 'send_mail_retry', name='mail_retry'),
+                       url(r'^password/reset/$', 'reset_password', name='password_reset'),
+                       url(r'^password/forget/$', 'forget_password', name='password_forget'),
+                       url(r'^key/gen/$', 'regen_ssh_key', name='key_gen'),
+                       url(r'^key/down/$', 'down_key', name='key_down'),
+                       )

static/js/dropzone/dropzone.js

@@ -662,7 +662,7 @@
                         this.element.setAttribute("enctype", "multipart/form-data");
                     }
                     if (this.element.classList.contains("dropzone") && !this.element.querySelector(".dz-message")) {
-                        this.element.appendChild(Dropzone.createElement("<div class=\"dz-default dz-message\"><span>" + this.options.dictDefaultMessage + "</span></div>"));
+                        this.element.appendChild(Dropzone.createElement("<div class=\"dz-default dz-message\" style=\"z-index:1;\"><span>" + this.options.dictDefaultMessage + "</span></div>"));
                     }
                     if (this.clickableElements.length) {
                         setupHiddenFileInput = (function(_this) {