Skip to content

J
jumpserver
Commit e0aaba2c authored by yumaojun's avatar yumaojun
Browse files
Options

no change...

parents 7cafbde5 f7c8ad6f
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 196 additions and 172 deletions
jperm/ansible_api.py
View file @ e0aaba2c
...@@ -285,10 +285,10 @@ class Tasks(Command): ...@@ -285,10 +285,10 @@ class Tasks(Command):
""" """
push the ssh authorized key to target. push the ssh authorized key to target.
""" """
module_args = 'user="%s" key="{{ lookup("file", "%s") }}"' % (user, key_path) module_args = 'user="%s" key="{{ lookup("file", "%s") }}" state=present' % (user, key_path)
self.__run(module_args, "authorized_key") self.__run(module_args, "authorized_key")
return {"status": "failed","msg": self.msg} if self.msg else {"status": "ok"} return {"status": "failed", "msg": self.msg} if self.msg else {"status": "ok"}
def push_multi_key(self, **user_info): def push_multi_key(self, **user_info):
""" """
...@@ -319,13 +319,17 @@ class Tasks(Command): ...@@ -319,13 +319,17 @@ class Tasks(Command):
return {"status": "failed", "msg": self.msg} if self.msg else {"status": "ok"} return {"status": "failed", "msg": self.msg} if self.msg else {"status": "ok"}
def add_user(self, username, password): def add_user(self, username, password=''):
""" """
add a host user. add a host user.
""" """
encrypt_pass = sha512_crypt.encrypt(password)
module_args = 'name=%s shell=/bin/bash password=%s' % (username, encrypt_pass) if password:
self.__run(module_args, "user", become=True) encrypt_pass = sha512_crypt.encrypt(password)
module_args = 'name=%s shell=/bin/bash password=%s' % (username, encrypt_pass)
else:
module_args = 'name=%s shell=/bin/bash' % username
self.__run(module_args, "user")
return {"status": "failed", "msg": self.msg} if self.msg else {"status": "ok"} return {"status": "failed", "msg": self.msg} if self.msg else {"status": "ok"}
...@@ -440,8 +444,21 @@ class Tasks(Command): ...@@ -440,8 +444,21 @@ class Tasks(Command):
:return: :return:
""" """
module_args1 = file_path module_args1 = file_path
result = self.__run(module_args1, "script") ret1 = self.__run(module_args1, "script")
print result module_args2 = 'visudo -c | grep "parsed OK" &> /dev/null && echo "ok" || echo "failed"'
ret2 = self.__run(module_args2, "shell")
ret2_status = [host_value.get("stdout") for host_value in ret2["result"]["contacted"].values()]
result = {}
if not ret1["msg"]:
result["step1"] = "ok"
else:
result["msg"] = ret1["msg"]
if not ret2["msg"] and "failed" not in ret2_status:
result["step2"] = "ok"
else:
result["msg"] = ret1["msg"]
return result return result
......
jperm/models.py
View file @ e0aaba2c
...@@ -13,16 +13,9 @@ class PermLog(models.Model): ...@@ -13,16 +13,9 @@ class PermLog(models.Model):
is_finish = models.BooleanField(default=False) is_finish = models.BooleanField(default=False)
class SysUser(models.Model):
username = models.CharField(max_length=100)
password = models.CharField(max_length=100)
comment = models.CharField(max_length=100, null=True, blank=True, default='')
class PermSudo(models.Model): class PermSudo(models.Model):
name = models.CharField(max_length=100, unique=True) name = models.CharField(max_length=100, unique=True)
date_added = models.DateTimeField(auto_now=True) date_added = models.DateTimeField(auto_now=True)
runas = models.CharField(max_length=200, default='root')
commands = models.TextField() commands = models.TextField()
comment = models.CharField(max_length=100, null=True, blank=True, default='') comment = models.CharField(max_length=100, null=True, blank=True, default='')
...@@ -57,10 +50,11 @@ class PermRule(models.Model): ...@@ -57,10 +50,11 @@ class PermRule(models.Model):
class PermPush(models.Model): class PermPush(models.Model):
date_added = models.DateTimeField(auto_now=True) asset = models.ForeignKey(Asset, related_name='perm_push')
asset = models.ManyToManyField(Asset, related_name='perm_push') role = models.ForeignKey(PermRole, related_name='perm_push')
asset_group = models.ManyToManyField(AssetGroup, related_name='perm_push')
role = models.ManyToManyField(PermRole, related_name='perm_push')
is_public_key = models.BooleanField(default=False) is_public_key = models.BooleanField(default=False)
is_password = models.BooleanField(default=False) is_password = models.BooleanField(default=False)
success = models.BooleanField(default=False)
result = models.TextField()
date_added = models.DateTimeField(auto_now=True)
jperm/perm_api.py
View file @ e0aaba2c
...@@ -6,8 +6,7 @@ import uuid ...@@ -6,8 +6,7 @@ import uuid
import re import re
from jumpserver.models import Setting from jumpserver.models import Setting
from jperm.models import PermRole from jperm.models import PermRole, PermPush, PermRule
from jperm.models import PermRule
def get_group_user_perm(ob): def get_group_user_perm(ob):
...@@ -268,37 +267,19 @@ def get_role_info(role_id, type="all"): ...@@ -268,37 +267,19 @@ def get_role_info(role_id, type="all"):
def get_role_push_host(role): def get_role_push_host(role):
""" """
get the role push host asset_pushed: {'success': push.success, 'key': push.is_public_key, 'password': push.is_password,
:return: the asset object 'result': push.result}
asset_no_push: set(asset1, asset2)
""" """
# 计算该role 所有push记录 总共推送的主机 # 计算该role 所有push记录 总共推送的主机
assets = [] pushs = PermPush.objects.filter(role=role)
asset_groups = [] asset_all = Asset.objects.all()
for push in role.perm_push.all(): asset_pushed = {}
assets.extend(push.asset.all()) for push in pushs:
asset_groups.extend(push.asset_group.all()) asset_pushed[push.asset] = {'success': push.success, 'key': push.is_public_key, 'password': push.is_password,
group_assets = [] 'result': push.result}
for asset_group in asset_groups: asset_no_push = set(asset_all) - set(asset_pushed.keys())
group_assets.extend(asset_group.asset_set.all()) return asset_pushed, asset_no_push
cacl_assets = set(assets) | set(group_assets)
# 计算所有主机 在push记录里面的 使用密码和使用秘钥状况
result = []
for asset in cacl_assets:
all_push = asset.perm_push.all()
if True in [push.is_password for push in all_push if role in push.role.all()]:
is_password = u"是"
else:
is_password = u"否"
if True in [push.is_public_key for push in all_push if role in push.role.all()]:
is_public_key = u"是"
else:
is_public_key = u"否"
result.append({"ip": asset.ip,
"group": ','.join([group.name for group in asset.group.all()]),
"password": is_password,
"pubkey": is_public_key})
return result
if __name__ == "__main__": if __name__ == "__main__":
print get_role_info(1) print get_role_info(1)
......
jperm/urls.py
View file @ e0aaba2c
...@@ -12,7 +12,7 @@ urlpatterns = patterns('jperm.views', ...@@ -12,7 +12,7 @@ urlpatterns = patterns('jperm.views',
(r'^role/perm_role_delete/$', perm_role_delete), (r'^role/perm_role_delete/$', perm_role_delete),
(r'^role/perm_role_detail/$', perm_role_detail), (r'^role/perm_role_detail/$', perm_role_detail),
(r'^role/perm_role_edit/$', perm_role_edit), (r'^role/perm_role_edit/$', perm_role_edit),
(r'^role/perm_role_push/$', perm_role_push), (r'^role/push/$', perm_role_push),
(r'^sudo/$', perm_sudo_list), (r'^sudo/$', perm_sudo_list),
(r'^sudo/perm_sudo_add/$', perm_sudo_add), (r'^sudo/perm_sudo_add/$', perm_sudo_add),
(r'^sudo/perm_sudo_delete/$', perm_sudo_delete), (r'^sudo/perm_sudo_delete/$', perm_sudo_delete),
......
jperm/views.py
View file @ e0aaba2c
This diff is collapsed.
jumpserver.conf
View file @ e0aaba2c
...@@ -9,7 +9,7 @@ log = debug ...@@ -9,7 +9,7 @@ log = debug
host = 127.0.0.1 host = 127.0.0.1
port = 3306 port = 3306
user = jumpserver user = jumpserver
password = mysql1234 password = mysql234
database = jumpserver database = jumpserver
[websocket] [websocket]
......
jumpserver/templatetags/mytags.py
View file @ e0aaba2c
...@@ -5,7 +5,7 @@ import ast ...@@ -5,7 +5,7 @@ import ast
import time import time
from django import template from django import template
# from jperm.models import CmdGroup from jperm.models import PermPush
from jumpserver.api import * from jumpserver.api import *
from jasset.models import AssetAlias from jasset.models import AssetAlias
...@@ -259,3 +259,16 @@ def role_contain_which_sudos(role): ...@@ -259,3 +259,16 @@ def role_contain_which_sudos(role):
sudo_names = [sudo.name for sudo in role.sudo.all()] sudo_names = [sudo.name for sudo in role.sudo.all()]
return ','.join(sudo_names) return ','.join(sudo_names)
@register.filter(name='get_push_info')
def get_push_info(push_id, arg):
push = get_object(PermPush, id=push_id)
if push and arg:
if arg == 'asset':
return [asset.hostname for asset in push.asset.all()]
if arg == 'asset_group':
return [asset_group.name for asset_group in push.asset_group.all()]
if arg == 'role':
return [role.name for role in push.role.all()]
else:
return []
juser/views.py
View file @ e0aaba2c
...@@ -146,7 +146,7 @@ def user_add(request): ...@@ -146,7 +146,7 @@ def user_add(request):
error = '' error = ''
msg = '' msg = ''
header_title, path1, path2 = '添加用户', '用户管理', '添加用户' header_title, path1, path2 = '添加用户', '用户管理', '添加用户'
user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'} user_role = {'SU': u'超级管理员', 'CU': u'普通用户'}
group_all = UserGroup.objects.all() group_all = UserGroup.objects.all()
if request.method == 'POST': if request.method == 'POST':
...@@ -349,7 +349,7 @@ def user_edit(request): ...@@ -349,7 +349,7 @@ def user_edit(request):
if not user_id: if not user_id:
return HttpResponseRedirect('/') return HttpResponseRedirect('/')
user_role = {'SU': u'超级管理员', 'GA': u'组管理员', 'CU': u'普通用户'} user_role = {'SU': u'超级管理员', 'CU': u'普通用户'}
user = get_object(User, id=user_id) user = get_object(User, id=user_id)
group_all = UserGroup.objects.all() group_all = UserGroup.objects.all()
if user: if user:
......
templates/index.html
View file @ e0aaba2c
...@@ -104,50 +104,48 @@ ...@@ -104,50 +104,48 @@
<div class="row"> <div class="row">
<div class="col-lg-4"> <div class="col-lg-4">
<div class="ibox float-e-margins"> {# <div class="ibox float-e-margins">#}
<div class="ibox-title"> {# <div class="ibox-title">#}
<h5>权限申请</h5> {# <h5>权限申请</h5>#}
<div class="ibox-tools"> {# <div class="ibox-tools">#}
<a class="collapse-link"> {# <a class="collapse-link">#}
<i class="fa fa-chevron-up"></i> {# <i class="fa fa-chevron-up"></i>#}
</a> {# </a>#}
<a class="dropdown-toggle" data-toggle="dropdown" href="#"> {# <a class="dropdown-toggle" data-toggle="dropdown" href="#">#}
<i class="fa fa-wrench"></i> {# <i class="fa fa-wrench"></i>#}
</a> {# </a>#}
<ul class="dropdown-menu dropdown-user"></ul> {# <ul class="dropdown-menu dropdown-user"></ul>#}
<a class="close-link"> {# <a class="close-link">#}
<i class="fa fa-times"></i> {# <i class="fa fa-times"></i>#}
</a> {# </a>#}
</div> {# </div>#}
</div> {# </div>#}
<div class="ibox-content ibox-heading"> {# <div class="ibox-content ibox-heading">#}
<h3><i class="fa fa-envelope-o"></i> 权限申请记录 </h3> {# <h3><i class="fa fa-envelope-o"></i> 权限申请记录 </h3>#}
<small><i class="fa fa-map-marker"></i> 最近十条权限申请记录信息.</small> {# <small><i class="fa fa-map-marker"></i> 最近十条权限申请记录信息.</small>#}
</div> {# </div>#}
<div class="ibox-content"> {# <div class="ibox-content">#}
<div class="feed-activity-list"> {# <div class="feed-activity-list">#}
{% if perm_apply_10 %} {# {% if perm_apply_10 %}#}
{% for perm in perm_apply_10 %} {# {% for perm in perm_apply_10 %}#}
<div class="feed-element"> {# <div class="feed-element">#}
<div> {# <div>#}
{% ifequal perm.status 0 %} {# {% ifequal perm.status 0 %}#}
<small class="pull-right text-navy">{{ perm.date_add|naturaltime }}</small> {# <small class="pull-right text-navy">{{ perm.date_add|naturaltime }}</small>#}
{% else %} {# {% else %}#}
<small class="pull-right">{{ perm.date_add|naturaltime }}</small> {# <small class="pull-right">{{ perm.date_add|naturaltime }}</small>#}
{% endifequal %} {# {% endifequal %}#}
<strong>{{ perm.applyer }}</strong> {# <strong>{{ perm.applyer }}</strong>#}
{# <div>申请 {{ perm.bisgroup|ast_to_list }} 主机组权限</div>#} {# <small class="text-muted">{{ perm.date_add }}</small>#}
{# <div>申请 {{ perm.asset|ast_to_list }} 主机权限</div>#} {# </div>#}
<small class="text-muted">{{ perm.date_add }}</small> {# </div>#}
</div> {# {% endfor %}#}
</div> {# {% else %}#}
{% endfor %} {# <p class="text-center">(暂无)</p>#}
{% else %} {# {% endif %}#}
<p class="text-center">(暂无)</p> {# </div>#}
{% endif %} {# </div>#}
</div> {# </div>#}
</div>
</div>
<div class="ibox float-e-margins"> <div class="ibox float-e-margins">
<div class="ibox-title"> <div class="ibox-title">
...@@ -306,7 +304,7 @@ ...@@ -306,7 +304,7 @@
</div> </div>
</div> </div>
</div> </div>
</div> {# </div>#}
</div> </div>
{% endblock %} {% endblock %}
......
templates/jasset/asset_add.html
View file @ e0aaba2c
...@@ -48,7 +48,6 @@ ...@@ -48,7 +48,6 @@
{{ af.ip|bootstrap_horizontal }} {{ af.ip|bootstrap_horizontal }}
<p class="col-sm-offset-2">Tips: 如果IP地址不填写, IP默认会设置与主机名一致</p> <p class="col-sm-offset-2">Tips: 如果IP地址不填写, IP默认会设置与主机名一致</p>
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
<div class="form-group"> <div class="form-group">
<label for="j_group" class="col-sm-2 control-label">管理账号<span class="red-fonts"> *</span></label> <label for="j_group" class="col-sm-2 control-label">管理账号<span class="red-fonts"> *</span></label>
...@@ -60,7 +59,7 @@ ...@@ -60,7 +59,7 @@
</div> </div>
</div> </div>
</div> </div>
<p class="col-sm-offset-2">Tips: 管理用户为root或用户拥有NOPASSWD:ALL sudo权限的用户</p>
<div class="form-group" id="admin_account" style="display: none"> <div class="form-group" id="admin_account" style="display: none">
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
<label class="col-sm-2 control-label"> 管理用户名<span class="red-fonts">*</span> </label> <label class="col-sm-2 control-label"> 管理用户名<span class="red-fonts">*</span> </label>
......
templates/jperm/perm_role_detail.html
View file @ e0aaba2c
...@@ -6,7 +6,7 @@ ...@@ -6,7 +6,7 @@
{% include 'nav_cat_bar.html' %} {% include 'nav_cat_bar.html' %}
<div class="wrapper wrapper-content animated fadeInRight"> <div class="wrapper wrapper-content animated fadeInRight">
<div class="row"> <div class="row">
<div class="col-lg-4"> <div class="col-sm-4">
<div class="ibox float-e-margins"> <div class="ibox float-e-margins">
<div class="ibox-title"> <div class="ibox-title">
<span class="label label-primary"><b>授权规则</b></span> <span class="label label-primary"><b>授权规则</b></span>
...@@ -52,7 +52,7 @@ ...@@ -52,7 +52,7 @@
</div> </div>
</div> </div>
</div> </div>
<div class="col-lg-4"> <div class="col-sm-4">
<div class="ibox float-e-margins"> <div class="ibox float-e-margins">
<div class="ibox-title"> <div class="ibox-title">
<span class="label label-primary"><b>授权用户/用户组</b></span> <span class="label label-primary"><b>授权用户/用户组</b></span>
...@@ -98,7 +98,7 @@ ...@@ -98,7 +98,7 @@
</div> </div>
</div> </div>
</div> </div>
<div class="col-lg-4"> <div class="col-sm-4">
<div class="ibox float-e-margins"> <div class="ibox float-e-margins">
<div class="ibox-title"> <div class="ibox-title">
<span class="label label-primary"><b>授权主机/主机组</b></span> <span class="label label-primary"><b>授权主机/主机组</b></span>
...@@ -146,7 +146,7 @@ ...@@ -146,7 +146,7 @@
</div> </div>
</div> </div>
<div class="row"> <div class="row">
<div class="col-lg-12"> <div class="col-sm-4">
<div class="ibox float-e-margins"> <div class="ibox float-e-margins">
<div class="ibox-title"> <div class="ibox-title">
<span class="label label-primary"><b>推送主机</b></span> <span class="label label-primary"><b>推送主机</b></span>
...@@ -175,18 +175,64 @@ ...@@ -175,18 +175,64 @@
<thead> <thead>
<tr> <tr>
<th class="text-center">主机</th> <th class="text-center">主机</th>
<th class="text-center">主机组</th> <th class="text-center">密钥</th>
<th class="text-center">使用密码</th> <th class="text-center">密码</th>
<th class="text-center">使用秘钥</th> <th class="text-center">结果</th>
</tr>
</thead>
<tbody>
{% for asset, info in pushed_asset.items %}
<tr class="gradeX">
<td class="text-center"> {{ asset.hostname }} </td>
<td class="text-center"> {{ info.key | yesno:"是,否,未知" }} </td>
<td class="text-center"> {{ info.password | yesno:"是,否,未知" }} </td>
{% if info.success %}
<td class="text-center" style="color: #1ab394;" >{{ info.success | yesno:"成功,失败,未知" }} </td>
{% else %}
<td class="text-center" style="color: #ec4758;cursor: help" title="{{ info.result }}" >{{ info.success | yesno:"成功,失败,未知" }} </td>
{% endif %}
</tr>
{% endfor %}
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
<div class="col-sm-4">
<div class="ibox float-e-margins">
<div class="ibox-title">
<span class="label label-primary"><b>未推送主机</b></span>
<div class="ibox-tools">
<a class="collapse-link">
<i class="fa fa-chevron-up"></i>
</a>
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
<i class="fa fa-wrench"></i>
</a>
<a class="close-link">
<i class="fa fa-times"></i>
</a>
</div>
</div>
<div class="ibox-content">
<div>
<div class="text-left">
<table class="table table-striped" id="ugedit" >
<thead>
<tr>
<th class="text-center">主机</th>
<th class="text-center">IP</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
{% for host in push_info %} {% for asset in need_push_asset %}
<tr class="gradeX"> <tr class="gradeX">
<td class="text-center"> {{ host.ip }} </td> <td class="text-center"> {{ asset.hostname }} </td>
<td class="text-center"> {{ host.group }} </td> <td class="text-center"> {{ asset.ip }} </td>
<td class="text-center"> {{ host.password }} </td>
<td class="text-center"> {{ host.pubkey }} </td>
</tr> </tr>
{% endfor %} {% endfor %}
</tbody> </tbody>
......
templates/jperm/perm_role_list.html
View file @ e0aaba2c
...@@ -29,11 +29,10 @@ ...@@ -29,11 +29,10 @@
</a> </a>
</div> </div>
</div> </div>
<div class="ibox-content"> <div class="ibox-content">
<div class=""> <div class="">
<a href="/jperm/role/perm_role_add/" class="btn btn-sm btn-primary "> 添加角色 </a> <a href="/jperm/role/perm_role_add/" class="btn btn-sm btn-primary "> 添加角色 </a>
<a href="/jperm/role/perm_role_push/" class="btn btn-sm btn-danger "> 推送角色 </a> {# <a href="/jperm/role/perm_role_push/" class="btn btn-sm btn-danger "> 推送角色 </a>#}
<form id="search_form" method="get" action="" class="pull-right mail-search"> <form id="search_form" method="get" action="" class="pull-right mail-search">
<div class="input-group"> <div class="input-group">
<input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search"> <input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search">
...@@ -45,14 +44,13 @@ ...@@ -45,14 +44,13 @@
</div> </div>
</form> </form>
</div> </div>
<table class="table table-striped table-bordered table-hover " id="editable" > <table class="table table-striped table-bordered table-hover " id="editable" >
<thead> <thead>
<tr> <tr>
<th class="text-center">名称 </th> <th class="text-center">名称 </th>
<th class="text-center">备注</th>
<th class="text-center">创建时间</th>
<th class="text-center">sudo别名</th> <th class="text-center">sudo别名</th>
<th class="text-center">创建时间</th>
<th class="text-center">备注</th>
<th class="text-center">操作</th> <th class="text-center">操作</th>
</tr> </tr>
</thead> </thead>
...@@ -60,12 +58,13 @@ ...@@ -60,12 +58,13 @@
{% for role in roles %} {% for role in roles %}
<tr class="gradeX" id={{ role.id }}> <tr class="gradeX" id={{ role.id }}>
<td class="text-center"> {{ role.name }} </td> <td class="text-center"> {{ role.name }} </td>
<td class="text-center"> {{ role.comment }} </td>
<td class="text-center"> {{ role.date_added | date:"Y-m-d H:i:s"}} </td>
<td class="text-center"> {{ role | role_contain_which_sudos }} </td> <td class="text-center"> {{ role | role_contain_which_sudos }} </td>
<td class="text-center"> {{ role.date_added | date:"Y-m-d H:i:s"}} </td>
<td class="text-center"> {{ role.comment }} </td>
<td class="text-center"> <td class="text-center">
<a href="/jperm/role/perm_role_detail/?id={{ role.id }}" class="btn btn-xs btn-primary">详情</a> <a href="/jperm/role/perm_role_detail/?id={{ role.id }}" class="btn btn-xs btn-primary">详情</a>
<a href="/jperm/role/perm_role_edit/?id={{ role.id }}" class="btn btn-xs btn-info">编辑</a> <a href="/jperm/role/perm_role_edit/?id={{ role.id }}" class="btn btn-xs btn-info">编辑</a>
<a href="/jperm/role/push/?id={{ role.id }}" class="btn btn-xs btn-warning">推送</a>
<button onclick="remove_role({{ role.id }})" class="btn btn-xs btn-danger">删除</button> <button onclick="remove_role({{ role.id }})" class="btn btn-xs btn-danger">删除</button>
</td> </td>
</tr> </tr>
......
templates/jperm/perm_role_push.html
View file @ e0aaba2c
...@@ -33,12 +33,19 @@ ...@@ -33,12 +33,19 @@
{% if msg %} {% if msg %}
<div class="alert alert-success text-center">{{ msg }}</div> <div class="alert alert-success text-center">{{ msg }}</div>
{% endif %} {% endif %}
<div class="form-group">
<label for="role" class="col-sm-2 control-label">角色</label>
<div class="col-sm-8">
<input name="id" type="text" class="form-control" disabled value="{{ role.name }}">
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group"> <div class="form-group">
<label for="asset" class="col-sm-2 control-label">资产</label> <label for="asset" class="col-sm-2 control-label">资产</label>
<div class="col-sm-8"> <div class="col-sm-8">
<select name="assets" id="assets" data-placeholder="请选择资产" class="chosen-select form-control m-b" multiple tabindex="2"> <select name="assets" id="assets" data-placeholder="请选择资产" class="chosen-select form-control m-b" multiple tabindex="2">
{% for asset in assets %} {% for asset in assets %}
<option value="{{ asset.id }}">{{ asset.ip }}</option> <option value="{{ asset.id }}" {% if asset in pushed_assets %}selected{% endif %}>{{ asset.hostname }}</option>
{% endfor %} {% endfor %}
</select> </select>
</div> </div>
...@@ -49,23 +56,13 @@ ...@@ -49,23 +56,13 @@
<div class="col-sm-8"> <div class="col-sm-8">
<select name="asset_groups" data-placeholder="请选择资产组" class="chosen-select form-control m-b" multiple tabindex="2"> <select name="asset_groups" data-placeholder="请选择资产组" class="chosen-select form-control m-b" multiple tabindex="2">
{% for asset_group in asset_groups %} {% for asset_group in asset_groups %}
<option value="{{ asset_group.id }}">{{ asset_group.name }}</option> <option value="{{ asset_group.id }}"{% if asset_group in pushed_asset_groups %}selected{% endif %}>{{ asset_group.name }}</option>
{% endfor %}
</select>
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group">
<label for="role" class="col-sm-2 control-label">角色<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<select name="roles" data-placeholder="请选择角色" class="chosen-select form-control m-b" multiple tabindex="2">
{% for role in roles %}
<option value="{{ role.id }}">{{ role.name }}</option>
{% endfor %} {% endfor %}
</select> </select>
</div> </div>
</div> </div>
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
<div class="row"> <div class="row">
<div class="form-group"> <div class="form-group">
<label for="j_group" class="col-sm-2 control-label">使用密钥</label> <label for="j_group" class="col-sm-2 control-label">使用密钥</label>
......
templates/jperm/perm_rule_add.html
View file @ e0aaba2c
...@@ -68,7 +68,7 @@ ...@@ -68,7 +68,7 @@
<div class="col-sm-8"> <div class="col-sm-8">
<select name="asset" id="asset" data-placeholder="请选择资产" class="chosen-select form-control m-b" multiple tabindex="2"> <select name="asset" id="asset" data-placeholder="请选择资产" class="chosen-select form-control m-b" multiple tabindex="2">
{% for asset in assets %} {% for asset in assets %}
<option value="{{ asset.id }}">{{ asset.ip }}</option> <option value="{{ asset.id }}">{{ asset.hostname }}</option>
{% endfor %} {% endfor %}
</select> </select>
<span class="help-block m-b-none">资产和资产组必选一个</span> <span class="help-block m-b-none">资产和资产组必选一个</span>
...@@ -136,25 +136,21 @@ $('#ruleForm').validator({ ...@@ -136,25 +136,21 @@ $('#ruleForm').validator({
"rulename": { "rulename": {
rule: "required;check_name", rule: "required;check_name",
tip: "输入规则名称", tip: "输入规则名称",
ok: "",
msg: {required: "规则名称必填"} msg: {required: "规则名称必填"}
}, },
"usergroup": { "usergroup": {
rule: "required(check_user)", rule: "required(check_user)",
tip: "请选择用户组", tip: "请选择用户组",
ok: "",
msg: {required: "用户和用户组必选一个!"} msg: {required: "用户和用户组必选一个!"}
}, },
"assetgroup": { "assetgroup": {
rule: "required(check_asset)", rule: "required(check_asset)",
tip: "输入资产组", tip: "输入资产组",
ok: "",
msg: {required: "资产和资产组必选一个!"} msg: {required: "资产和资产组必选一个!"}
}, },
"role": { "role": {
rule: "required", rule: "required",
tip: "请选择角色", tip: "请选择角色",
ok: "",
msg: {required: "必须选择角色"} msg: {required: "必须选择角色"}
} }
}, },
......
templates/jperm/perm_sudo_add.html
View file @ e0aaba2c
...@@ -35,13 +35,6 @@ ...@@ -35,13 +35,6 @@
</div> </div>
</div> </div>
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
<div class="form-group">
<label for="sudo_runas" class="col-sm-2 control-label">RunAs<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="sudo_runas" name="sudo_runas" placeholder="Sudo RunAs User" type="text" class="form-control">
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group"> <div class="form-group">
<label for="sudo_commands" class="col-sm-2 control-label">系统命令<span class="red-fonts">*</span></label> <label for="sudo_commands" class="col-sm-2 control-label">系统命令<span class="red-fonts">*</span></label>
<div class="col-sm-8"> <div class="col-sm-8">
......
templates/jperm/perm_sudo_edit.html
View file @ e0aaba2c
...@@ -40,13 +40,6 @@ ...@@ -40,13 +40,6 @@
</div> </div>
</div> </div>
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
<div class="form-group">
<label for="sudo_runas" class="col-sm-2 control-label">RunAs<span class="red-fonts">*</span></label>
<div class="col-sm-8">
<input id="sudo_runas" name="sudo_runas" placeholder="Sudo RunAs User" type="text" class="form-control" value="{{ sudo.runas }}">
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group"> <div class="form-group">
<label for="sudo_commands_label" class="col-sm-2 control-label">系统命令<span class="red-fonts">*</span></label> <label for="sudo_commands_label" class="col-sm-2 control-label">系统命令<span class="red-fonts">*</span></label>
<div class="col-sm-8"> <div class="col-sm-8">
......
templates/jperm/perm_sudo_list.html
View file @ e0aaba2c
...@@ -33,7 +33,6 @@ ...@@ -33,7 +33,6 @@
<div class="ibox-content"> <div class="ibox-content">
<div class=""> <div class="">
<a href="/jperm/sudo/perm_sudo_add/" class="btn btn-sm btn-primary "> 添加别名 </a> <a href="/jperm/sudo/perm_sudo_add/" class="btn btn-sm btn-primary "> 添加别名 </a>
<a id="del_btn" class="btn btn-sm btn-danger "> 删除所选 </a>
<form id="search_form" method="get" action="" class="pull-right mail-search"> <form id="search_form" method="get" action="" class="pull-right mail-search">
<div class="input-group"> <div class="input-group">
<input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search"> <input type="text" class="form-control input-sm" id="search_input" name="search" placeholder="Search">
......
templates/jperm/role_sudo.j2
View file @ e0aaba2c
...@@ -22,14 +22,12 @@ add_cmd_alias() { ...@@ -22,14 +22,12 @@ add_cmd_alias() {
# Add Command Aliases to role # Add Command Aliases to role
add_role_chosen() { add_role_chosen() {
{% for role, sudos in role_chosen_aliase.items %} {% for role, alias in role_chosen_aliase.items %}
{% for sudo in sudos %} if $(grep '^{{ role }}.*' ${sudo_file} &> /dev/null); then
if $(grep '^{{ role }}.*{{ sudo.name }}' ${sudo_file} &> /dev/null); then sed -i 's@^{{ role }}.*@{{ role }} ALL = NOPASSWD: {{ alias }}@g' ${sudo_file}
sed -i 's@^{{ role }}.*{{ sudo.name }}@{{ role }} ALL = NOPASSWD: {{ sudo.name }}@g' ${sudo_file}
else else
echo "{{ role }} ALL = NOPASSWD: {{ sudo.name }}" >> ${sudo_file} echo "{{ role }} ALL = NOPASSWD: {{ alias }}" >> ${sudo_file}
fi fi
{% endfor %}
{% endfor %} {% endfor %}
} }
......
templates/juser/group_list.html
View file @ e0aaba2c
...@@ -55,11 +55,12 @@ ...@@ -55,11 +55,12 @@
{% for group in user_groups.object_list %} {% for group in user_groups.object_list %}
<tr class="gradeX"> <tr class="gradeX">
<td class="text-center"> <td class="text-center">
<input class="shiftCheckbox" <input class="shiftCheckbox" type="checkbox" name="selected" value="{{ group.id }}">
type="checkbox" name="selected" value="{{ group.id }}">
</td> </td>
<td class="text-center"> {{ group.name }} </td> <td class="text-center"> {{ group.name }} </td>
<td class="text-center"><a href="/juser/user_list/?gid={{ group.id }}"> {{ group.id | members_count }}</a> </td> <td class="text-center">
<a href="/juser/user_list/?gid={{ group.id }}"> {{ group.id | members_count }}</a>
</td>
<td class="text-center"> {{ group.comment }} </td> <td class="text-center"> {{ group.comment }} </td>
<td class="text-center"> <td class="text-center">
<a href="../group_edit/?id={{ group.id }}" class="btn btn-xs btn-info">编辑</a> <a href="../group_edit/?id={{ group.id }}" class="btn btn-xs btn-info">编辑</a>
......
templates/juser/user_add.html
View file @ e0aaba2c
...@@ -61,7 +61,7 @@ ...@@ -61,7 +61,7 @@
{% ifequal session_role_id 2 %} {% ifequal session_role_id 2 %}
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
<div class="form-group"> <div class="form-group">
<label for="role" class="col-sm-2 control-label">角色<span class="red-fonts">*</span></label> <label for="role" class="col-sm-2 control-label">权限<span class="red-fonts">*</span></label>
<div class="col-sm-8"> <div class="col-sm-8">
{% for r, role_name in user_role.items %} {% for r, role_name in user_role.items %}
<div class="col-sm-3"> <div class="col-sm-3">
......
templates/nav.html
View file @ e0aaba2c
...@@ -24,7 +24,7 @@ ...@@ -24,7 +24,7 @@
<li id="jperm"> <li id="jperm">
<a href="#"><i class="fa fa-edit"></i> <span class="nav-label">授权管理</span><span class="fa arrow"></span></a> <a href="#"><i class="fa fa-edit"></i> <span class="nav-label">授权管理</span><span class="fa arrow"></span></a>
<ul class="nav nav-second-level"> <ul class="nav nav-second-level">
<li class="rule "> <li class="rule perm_rule_add">
<a href="/jperm/rule/">授权规则</a> <a href="/jperm/rule/">授权规则</a>
</li> </li>
......
templates/setting.html
View file @ e0aaba2c
...@@ -49,7 +49,7 @@ ...@@ -49,7 +49,7 @@
<input name="setting" value="default" style="display: none"> <input name="setting" value="default" style="display: none">
<div class="col-sm-8"> <div class="col-sm-8">
<input id="username" name="username" placeholder="Username" type="text" value="{{ setting_default.field1 }}" class="form-control"> <input id="username" name="username" placeholder="Username" type="text" value="{{ setting_default.field1 }}" class="form-control">
<span class="help-block m-b-none">该用户为root或用户NOPASS:ALL sudo权限的用户</span> <span class="help-block m-b-none"> 管理用户为root或用户拥有NOPASSWD:ALL sudo权限的用户</span>
</div> </div>
</div> </div>
<div class="hr-line-dashed"></div> <div class="hr-line-dashed"></div>
...@@ -128,13 +128,13 @@ ...@@ -128,13 +128,13 @@
tip: "输入端口号", tip: "输入端口号",
ok: "", ok: "",
msg: {required: "端口号必填"} msg: {required: "端口号必填"}
},
"key": {
rule: "required(either)",
tip: "输入密钥",
ok: "",
msg: {required: "密码和密钥必填一个!"}
} }
{# "key": {#}
{# rule: "required(either)",#}
{# tip: "输入密钥",#}
{# ok: "",#}
{# msg: {required: "密码和密钥必填一个!"}#}
{# }#}
}, },
valid: function(form) { valid: function(form) {
form.submit(); form.submit();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment