sudo perm

c113035d · guanghongwei · 121b7628 · c113035d · c113035d · c113035d
Commit c113035d authored Feb 06, 2015 by guanghongwei
Hide whitespace changes
Inline Side-by-side

Showing with 75 additions and 55 deletions

models.py jperm/models.py +21 -2

settings.py jumpserver/settings.py +1 -1

views.py jumpserver/views.py +52 -0

views.py juser/views.py +1 -52

No files found.
--- a/jperm/models.py
+++ b/jperm/models.py
@@ -8,4 +8,24 @@ class Perm(models.Model):
    asset_group = models.ForeignKey(BisGroup)
    def __unicode__(self):
        return '%s_%s' % (self.user_group.name, self.asset_group.name)
\ No newline at end of file
+class CMD(models.Model):
+    cmd = models.CharField(max_length=200)
+class CmdGroup(models.Model):
+    name = models.CharField(max_length=50)
+    cmd = models.ForeignKey(CMD)
+    comment = models.CharField(blank=True, null=True, max_length=50)
+class SudoPerm(models.Model):
+    user = models.CharField(max_length=100)
+    is_user_group = models.BooleanField(default=False)
+    asset = models.CharField(max_length=100)
+    is_asset_group = models.BooleanField(default=False)
+    cmd = models.CharField(max_length=200)
+    is_cmd_group = models.BooleanField(default=False)
--- a/jumpserver/settings.py
+++ b/jumpserver/settings.py
@@ -34,7 +34,7 @@ DEBUG = True
 TEMPLATE_DEBUG = True
-ALLOWED_HOSTS = []
+ALLOWED_HOSTS = ['0.0.0.0/8']
 # Application definition

--- a/jumpserver/views.py
+++ b/jumpserver/views.py
 #coding: utf-8
 import hashlib
+import ldap
+from ldap import modlist
 from django.http import HttpResponse
 from django.shortcuts import render_to_response
@@ -99,3 +101,53 @@ def logout(request):
    request.session.delete()
    return HttpResponseRedirect('/login/')
+class LDAPMgmt():
+    def __init__(self,
+                 host_url,
+                 base_dn,
+                 root_cn,
+                 root_pw):
+        self.ldap_host = host_url
+        self.ldap_base_dn = base_dn
+        self.conn = ldap.initialize(host_url)
+        self.conn.set_option(ldap.OPT_REFERRALS, 0)
+        self.conn.protocol_version = ldap.VERSION3
+        self.conn.simple_bind_s(root_cn, root_pw)
+    def list(self, filter, scope=ldap.SCOPE_SUBTREE, attr=None):
+        result = {}
+        try:
+            ldap_result = self.conn.search_s(self.ldap_base_dn, scope, filter, attr)
+            for entry in ldap_result:
+                name, data = entry
+                for k, v in data.items():
+                    print '%s: %s' % (k, v)
+                    result[k] = v
+            return result
+        except ldap.LDAPError, e:
+            print e
+    def add(self, dn, attrs):
+        try:
+            ldif = modlist.addModlist(attrs)
+            self.conn.add_s(dn, ldif)
+        except ldap.LDAPError, e:
+            print e
+    def modify(self, dn, attrs):
+        try:
+            attr_s = []
+            for k, v in attrs.items():
+                attr_s.append((2, k, v))
+            self.conn.modify_s(dn, attr_s)
+        except ldap.LDAPError, e:
+            print e
+    def delete(self, dn):
+        try:
+            self.conn.delete_s(dn)
+        except ldap.LDAPError, e:
+            print e
--- a/juser/views.py
+++ b/juser/views.py
@@ -6,8 +6,6 @@ import time
 import os
 import random
 import subprocess
-import ldap
-from ldap import modlist
 from Crypto.PublicKey import RSA
 import crypt
 from django.http import HttpResponseRedirect
@@ -22,7 +20,7 @@ from juser.models import UserGroup, User
 from connect import PyCrypt, KEY
 from connect import BASE_DIR
 from connect import CONF
-from jumpserver.views import md5_crypt
+from jumpserver.views import md5_crypt,LDAPMgmt
 CRYPTOR = PyCrypt(KEY)
@@ -59,55 +57,6 @@ class AddError(Exception):
    pass
-class LDAPMgmt():
-    def __init__(self,
-                 host_url,
-                 base_dn,
-                 root_cn,
-                 root_pw):
-        self.ldap_host = host_url
-        self.ldap_base_dn = base_dn
-        self.conn = ldap.initialize(host_url)
-        self.conn.set_option(ldap.OPT_REFERRALS, 0)
-        self.conn.protocol_version = ldap.VERSION3
-        self.conn.simple_bind_s(root_cn, root_pw)
-    def list(self, filter, scope=ldap.SCOPE_SUBTREE, attr=None):
-        result = {}
-        try:
-            ldap_result = self.conn.search_s(self.ldap_base_dn, scope, filter, attr)
-            for entry in ldap_result:
-                name, data = entry
-                for k, v in data.items():
-                    print '%s: %s' % (k, v)
-                    result[k] = v
-            return result
-        except ldap.LDAPError, e:
-            print e
-    def add(self, dn, attrs):
-        try:
-            ldif = modlist.addModlist(attrs)
-            self.conn.add_s(dn, ldif)
-        except ldap.LDAPError, e:
-            print e
-    def modify(self, dn, attrs):
-        try:
-            attr_s = []
-            for k, v in attrs.items():
-                attr_s.append((2, k, v))
-            self.conn.modify_s(dn, attr_s)
-        except ldap.LDAPError, e:
-            print e
-    def delete(self, dn):
-        try:
-            self.conn.delete_s(dn)
-        except ldap.LDAPError, e:
-            print e
 def gen_sha512(salt, password):
    return crypt.crypt(password, '$6$%s$' % salt)