Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
J
jumpserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
jumpserver
Commits
fff9f319
Unverified
Commit
fff9f319
authored
Aug 12, 2019
by
老广
Committed by
GitHub
Aug 12, 2019
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #3108 from jumpserver/dev
Dev
parents
acc03f14
ef73469d
Hide whitespace changes
Inline
Side-by-side
Showing
11 changed files
with
59 additions
and
49 deletions
+59
-49
base.py
apps/assets/models/base.py
+0
-3
tasks.py
apps/assets/tasks.py
+1
-1
serializers.py
apps/common/mixins/serializers.py
+11
-5
csv.py
apps/common/parsers/csv.py
+2
-2
csv.py
apps/common/renders/csv.py
+10
-19
common.py
apps/common/utils/common.py
+1
-1
middleware.py
apps/jumpserver/middleware.py
+2
-1
settings.py
apps/jumpserver/settings.py
+3
-0
asset_permission.py
apps/perms/api/asset_permission.py
+10
-0
theme-gray.css
apps/static/plugins/elfinder/css/theme-gray.css
+4
-3
user.py
apps/users/api/user.py
+15
-14
No files found.
apps/assets/models/base.py
View file @
fff9f319
...
...
@@ -164,9 +164,6 @@ class AssetUser(OrgModelMixin):
def
set_asset_connectivity
(
self
,
asset
,
c
):
key
=
self
.
get_asset_connectivity_key
(
asset
)
Connectivity
.
set
(
key
,
c
)
# 当为某个系统用户或管理用户设置的的时候,失效掉他们的连接数量
amount_key
=
self
.
CONNECTIVITY_AMOUNT_CACHE_KEY
.
format
(
self
.
username
,
'*'
)
cache
.
delete_pattern
(
amount_key
)
def
get_asset_user
(
self
,
asset
):
from
..backends
import
AssetUserManager
...
...
apps/assets/tasks.py
View file @
fff9f319
...
...
@@ -94,7 +94,7 @@ def set_assets_hardware_info(assets, result, **kwargs):
break
else
:
___cpu_model
=
'Unknown'
___cpu_model
=
___cpu_model
[:
64
]
___cpu_model
=
___cpu_model
[:
48
]
___cpu_count
=
info
.
get
(
'ansible_processor_count'
,
0
)
___cpu_cores
=
info
.
get
(
'ansible_processor_cores'
,
None
)
or
\
len
(
info
.
get
(
'ansible_processor'
,
[]))
...
...
apps/common/mixins/serializers.py
View file @
fff9f319
# -*- coding: utf-8 -*-
#
from
django.core.exceptions
import
ObjectDoesNotExist
from
rest_framework.utils
import
html
from
rest_framework.settings
import
api_settings
from
rest_framework.exceptions
import
ValidationError
...
...
@@ -74,16 +75,21 @@ class BulkListSerializerMixin(object):
for
item
in
data
:
try
:
# prepare child serializer to only handle one instance
if
'id'
in
item
.
keys
():
self
.
child
.
instance
=
self
.
instance
.
get
(
id
=
item
[
'id'
])
if
self
.
instance
else
None
if
'pk'
in
item
.
keys
():
self
.
child
.
instance
=
self
.
instance
.
get
(
id
=
item
[
'pk'
])
if
self
.
instance
else
None
if
'id'
in
item
:
pk
=
item
[
"id"
]
elif
'pk'
in
item
:
pk
=
item
[
"pk"
]
else
:
raise
ValidationError
(
"id or pk not in data"
)
child
=
self
.
instance
.
get
(
id
=
pk
)
self
.
child
.
instance
=
child
self
.
child
.
initial_data
=
item
# raw
validated
=
self
.
child
.
run_validation
(
item
)
except
ValidationError
as
exc
:
errors
.
append
(
exc
.
detail
)
except
ObjectDoesNotExist
as
e
:
errors
.
append
(
e
)
else
:
ret
.
append
(
validated
)
errors
.
append
({})
...
...
apps/common/parsers/csv.py
View file @
fff9f319
...
...
@@ -40,7 +40,7 @@ class JMSCSVParser(BaseParser):
@staticmethod
def
_get_fields_map
(
serializer
):
fields_map
=
{}
fields
=
serializer
.
get_fields
()
fields
=
serializer
.
fields
fields_map
.
update
({
v
.
label
:
k
for
k
,
v
in
fields
.
items
()})
fields_map
.
update
({
k
:
k
for
k
,
_
in
fields
.
items
()})
return
fields_map
...
...
@@ -91,7 +91,7 @@ class JMSCSVParser(BaseParser):
header
=
next
(
rows
)
fields_map
=
self
.
_get_fields_map
(
serializer
)
header
=
[
fields_map
.
get
(
name
,
''
)
for
name
in
header
]
header
=
[
fields_map
.
get
(
name
.
strip
(
'*'
)
,
''
)
for
name
in
header
]
data
=
[]
for
row
in
rows
:
...
...
apps/common/renders/csv.py
View file @
fff9f319
...
...
@@ -20,26 +20,18 @@ class JMSCSVRender(BaseRenderer):
format
=
'csv'
@staticmethod
def
_get_header
(
fields
,
template
):
if
template
==
'import'
:
header
=
[
k
for
k
,
v
in
fields
.
items
()
if
not
v
.
read_only
and
k
!=
'org_id'
]
elif
template
==
'update'
:
header
=
[
k
for
k
,
v
in
fields
.
items
()
if
not
v
.
read_only
]
def
_get_show_fields
(
fields
,
template
):
if
template
in
(
'import'
,
'update'
):
return
[
v
for
k
,
v
in
fields
.
items
()
if
not
v
.
read_only
and
k
!=
"org_id"
]
else
:
# template in ['export']
header
=
[
k
for
k
,
v
in
fields
.
items
()
if
not
v
.
write_only
]
return
header
return
[
v
for
k
,
v
in
fields
.
items
()
if
not
v
.
write_only
and
k
!=
"org_id"
]
@staticmethod
def
_gen_table
(
data
,
header
,
labels
=
None
):
labels
=
labels
or
{}
yield
[
labels
.
get
(
k
,
k
)
for
k
in
header
]
def
_gen_table
(
data
,
fields
):
yield
[
'*{}'
.
format
(
f
.
label
)
if
f
.
required
else
f
.
label
for
f
in
fields
]
for
item
in
data
:
row
=
[
item
.
get
(
key
)
for
key
in
header
]
row
=
[
item
.
get
(
f
.
field_name
)
for
f
in
fields
]
yield
row
def
set_response_disposition
(
self
,
serializer
,
context
):
...
...
@@ -73,10 +65,9 @@ class JMSCSVRender(BaseRenderer):
logger
.
debug
(
e
,
exc_info
=
True
)
value
=
'The resource not support export!'
.
encode
(
'utf-8'
)
else
:
fields
=
serializer
.
get_fields
()
header
=
self
.
_get_header
(
fields
,
template
)
labels
=
{
k
:
v
.
label
for
k
,
v
in
fields
.
items
()
if
v
.
label
}
table
=
self
.
_gen_table
(
data
,
header
,
labels
)
fields
=
serializer
.
fields
show_fields
=
self
.
_get_show_fields
(
fields
,
template
)
table
=
self
.
_gen_table
(
data
,
show_fields
)
csv_buffer
=
BytesIO
()
csv_buffer
.
write
(
codecs
.
BOM_UTF8
)
...
...
apps/common/utils/common.py
View file @
fff9f319
...
...
@@ -106,7 +106,7 @@ def capacity_convert(size, expect='auto', rate=1000):
if
expect
==
'auto'
:
for
unit
,
rate_
in
rate_mapping
.
items
():
if
rate
>
std_size
/
rate_
>
1
:
if
rate
>
std_size
/
rate_
>
=
1
or
unit
==
"T"
:
expect
=
unit
break
...
...
apps/jumpserver/middleware.py
View file @
fff9f319
...
...
@@ -57,7 +57,8 @@ class RequestMiddleware:
def
__call__
(
self
,
request
):
set_current_request
(
request
)
response
=
self
.
get_response
(
request
)
if
not
settings
.
SESSION_EXPIRE_AT_BROWSER_CLOSE
:
is_request_api
=
request
.
path
.
startswith
(
'/api'
)
if
not
settings
.
SESSION_EXPIRE_AT_BROWSER_CLOSE
and
not
is_request_api
:
age
=
request
.
session
.
get_expiry_age
()
request
.
session
.
set_expiry
(
age
)
return
response
apps/jumpserver/settings.py
View file @
fff9f319
...
...
@@ -54,6 +54,9 @@ LOG_LEVEL = CONFIG.LOG_LEVEL
ALLOWED_HOSTS
=
[
'*'
]
# Max post update field num
DATA_UPLOAD_MAX_NUMBER_FIELDS
=
10000
# Application definition
INSTALLED_APPS
=
[
...
...
apps/perms/api/asset_permission.py
View file @
fff9f319
...
...
@@ -115,6 +115,7 @@ class AssetPermissionViewSet(viewsets.ModelViewSet):
def
filter_user
(
self
,
queryset
):
user_id
=
self
.
request
.
query_params
.
get
(
'user_id'
)
username
=
self
.
request
.
query_params
.
get
(
'username'
)
query_group
=
self
.
request
.
query_params
.
get
(
'all'
)
if
user_id
:
user
=
get_object_or_none
(
User
,
pk
=
user_id
)
elif
username
:
...
...
@@ -123,6 +124,14 @@ class AssetPermissionViewSet(viewsets.ModelViewSet):
return
queryset
if
not
user
:
return
queryset
.
none
()
kwargs
=
{}
args
=
[]
if
query_group
:
groups
=
user
.
groups
.
all
()
args
.
append
(
Q
(
users
=
user
)
|
Q
(
user_groups__in
=
groups
))
else
:
kwargs
[
"users"
]
=
user
return
queryset
.
filter
(
*
args
,
**
kwargs
)
.
distinct
()
def
filter_user_group
(
self
,
queryset
):
user_group_id
=
self
.
request
.
query_params
.
get
(
'user_group_id'
)
...
...
@@ -148,6 +157,7 @@ class AssetPermissionViewSet(viewsets.ModelViewSet):
def
filter_queryset
(
self
,
queryset
):
queryset
=
super
()
.
filter_queryset
(
queryset
)
queryset
=
self
.
filter_valid
(
queryset
)
queryset
=
self
.
filter_user
(
queryset
)
queryset
=
self
.
filter_keyword
(
queryset
)
queryset
=
self
.
filter_asset
(
queryset
)
queryset
=
self
.
filter_node
(
queryset
)
...
...
apps/static/plugins/elfinder/css/theme-gray.css
View file @
fff9f319
...
...
@@ -1280,7 +1280,8 @@ div.elfinder-cwd-wrapper-list .ui-icon-grip-dotted-vertical {
}
.elfinder-cwd-file.ui-selected
{
background
:
#455158
;
color
:
#555
;
/*color: #555;*/
color
:
#ddd
;
width
:
120px
!important
;
}
.elfinder-cwd-filename
input
,
...
...
@@ -1309,10 +1310,10 @@ div.elfinder-cwd-wrapper-list .ui-icon-grip-dotted-vertical {
padding
:
0
;
}
.elfinder-cwd
table
tr
:nth-child
(
odd
)
{
background-color
:
transparent
;
/*background-color: transparent;*/
}
.elfinder-cwd
table
tr
:nth-child
(
odd
)
.ui-state-hover
{
background-color
:
#4c5961
;
/*background-color: #4c5961;*/
}
#elfinder-elfinder-cwd-thead
td
{
background
:
#353b42
;
...
...
apps/users/api/user.py
View file @
fff9f319
...
...
@@ -5,10 +5,10 @@ from django.core.cache import cache
from
django.contrib.auth
import
logout
from
django.utils.translation
import
ugettext
as
_
from
rest_framework
import
status
from
rest_framework
import
generics
from
rest_framework.response
import
Response
from
rest_framework.permissions
import
IsAuthenticated
from
rest_framework.serializers
import
ValidationError
from
rest_framework_bulk
import
BulkModelViewSet
from
rest_framework.pagination
import
LimitOffsetPagination
...
...
@@ -69,9 +69,7 @@ class UserViewSet(IDInCacheFilterMixin, BulkModelViewSet):
check current user has permission to handle instance
(update, destroy, bulk_update, bulk destroy)
"""
if
not
self
.
request
.
user
.
is_superuser
and
instance
.
is_superuser
:
return
True
if
self
.
request
.
user
==
instance
:
if
instance
.
is_superuser
and
not
self
.
request
.
user
.
is_superuser
:
return
True
return
False
...
...
@@ -87,16 +85,14 @@ class UserViewSet(IDInCacheFilterMixin, BulkModelViewSet):
return
False
return
qs
.
count
()
!=
filtered
.
count
()
def
bulk_update
(
self
,
request
,
*
args
,
**
kwargs
):
"""
rewrite because limit org_admin update superuser
"""
# restrict the update to the filtered queryset
queryset
=
self
.
filter_queryset
(
self
.
get_queryset
())
if
self
.
_bulk_deny_permission
(
queryset
):
data
=
{
'msg'
:
_
(
"You do not have permission."
)}
return
Response
(
data
=
data
,
status
=
status
.
HTTP_403_FORBIDDEN
)
return
super
()
.
bulk_update
(
request
,
*
args
,
**
kwargs
)
def
perform_bulk_update
(
self
,
serializer
):
users_ids
=
[
d
.
get
(
"id"
)
or
d
.
get
(
"pk"
)
for
d
in
serializer
.
validated_data
]
users
=
User
.
objects
.
filter
(
id__in
=
users_ids
)
deny_instances
=
[
str
(
i
.
id
)
for
i
in
users
if
self
.
_deny_permission
(
i
)]
if
deny_instances
:
msg
=
"{} can't be update"
.
format
(
deny_instances
)
raise
ValidationError
({
"id"
:
msg
})
return
super
()
.
perform_bulk_update
(
serializer
)
class
UserChangePasswordApi
(
generics
.
RetrieveUpdateAPIView
):
...
...
@@ -179,6 +175,11 @@ class UserProfileApi(generics.RetrieveAPIView):
def
get_object
(
self
):
return
self
.
request
.
user
def
retrieve
(
self
,
request
,
*
args
,
**
kwargs
):
age
=
request
.
session
.
get_expiry_age
()
request
.
session
.
set_expiry
(
age
)
return
super
()
.
retrieve
(
request
,
*
args
,
**
kwargs
)
class
UserResetOTPApi
(
generics
.
RetrieveAPIView
):
queryset
=
User
.
objects
.
all
()
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment