github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-10-22 00:09:14 +00:00
Code Issues Projects Releases Wiki Activity

merge update...

Browse Source
This commit is contained in:
yumaojun
2015-11-14 23:07:08 +08:00
parent 83c2704d53 4ae36d319c
commit 012950cb68
71 changed files with 11586 additions and 1228 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
juser/models.py
View File

@@ -1,39 +1,27 @@
# coding: utf-8
from django.db import models
from django.contrib.auth.models import AbstractUser
class UserGroup(models.Model):
name = models.CharField(max_length=80, unique=True)
# assets = models.TextField(max_length=1000, verbose_name="Assets", default='')
# asset_groups = models.CharField(max_length=1000, verbose_name="Asset Groups", default='')
comment = models.CharField(max_length=160, blank=True, null=True)
def __unicode__(self):
return self.name
# def get_user(self):
# return self.user_set.all()
#
# def update(self, **kwargs):
# for key, value in kwargs.items():
# self.__setattr__(key, value)
# self.save()
class User(models.Model):
class User(AbstractUser):
USER_ROLE_CHOICES = (
('SU', 'SuperUser'),
('GA', 'GroupAdmin'),
('CU', 'CommonUser'),
)
username = models.CharField(max_length=80, unique=True)
password = models.CharField(max_length=100)
name = models.CharField(max_length=80)
email = models.EmailField(max_length=75)
role = models.CharField(max_length=2, choices=USER_ROLE_CHOICES, default='CU')
uuid = models.CharField(max_length=100)
role = models.CharField(max_length=2, choices=USER_ROLE_CHOICES, default='CU')
group = models.ManyToManyField(UserGroup)
ssh_key_pwd = models.CharField(max_length=200)
is_active = models.BooleanField(default=True)
@@ -41,94 +29,10 @@ class User(models.Model):
date_joined = models.DateTimeField(null=True)
def __unicode__(self):
return self.username
# def get_asset_group(self):
# """
# Get user host_groups.
# 获取用户有权限的主机组
# """
# host_group_list = []
# perm_list = []
# user_group_all = self.group.all()
# for user_group in user_group_all:
# perm_list.extend(user_group.perm_set.all())
#
# for perm in perm_list:
# host_group_list.append(perm.asset_group)
#
# return host_group_list
#
# def get_asset_group_info(self, printable=False):
# """
# Get or print asset group info
# 获取或打印用户授权资产组
# """
# asset_groups_info = {}
# asset_groups = self.get_asset_group()
#
# for asset_group in asset_groups:
# asset_groups_info[asset_group.id] = [asset_group.name, asset_group.comment]
#
# if printable:
# for group_id in asset_groups_info:
# if asset_groups_info[group_id][1]:
# print "[%3s] %s -- %s" % (group_id,
# asset_groups_info[group_id][0],
# asset_groups_info[group_id][1])
# else:
# print "[%3s] %s" % (group_id, asset_groups_info[group_id][0])
# print ''
# else:
# return asset_groups_info
#
# def get_asset(self):
# """
# Get the assets of under the user control.
# 获取主机列表
# """
# assets = []
# asset_groups = self.get_asset_group()
#
# for asset_group in asset_groups:
# assets.extend(asset_group.asset_set.all())
#
# return assets
#
# def get_asset_info(self, printable=False):
# """
# Get or print the user asset info
# 获取或打印用户资产信息
# """
# from jasset.models import AssetAlias
# assets_info = {}
# assets = self.get_asset()
#
# for asset in assets:
# asset_alias = AssetAlias.objects.filter(user=self, asset=asset)
# if asset_alias and asset_alias[0].alias != '':
# assets_info[asset.ip] = [asset.id, asset.ip, str(asset_alias[0].alias)]
# else:
# assets_info[asset.ip] = [asset.id, asset.ip, str(asset.comment)]
#
# if printable:
# ips = assets_info.keys()
# ips.sort()
# for ip in ips:
# if assets_info[ip][2]:
# print '%-15s -- %s' % (ip, assets_info[ip][2])
# else:
# print '%-15s' % ip
# print ''
# else:
# return assets_info
#
# def update(self, **kwargs):
# for key, value in kwargs.items():
# self.__setattr__(key, value)
# self.save()
class AdminGroup(models.Model):
"""
@@ -141,5 +45,3 @@ class AdminGroup(models.Model):
def __unicode__(self):
return '%s: %s' % (self.user.username, self.group.name)

2
juser/urls.py
View File

@@ -22,6 +22,6 @@ urlpatterns = patterns('juser.views',
(r'^profile/$', 'profile'),
(r'^change_info/$', 'change_info'),
(r'^regen_ssh_key/$', 'regen_ssh_key'),
(r'^chg_role/$', 'chg_role'),
(r'^change_role/$', 'chg_role'),
(r'^down_key/$', 'down_key'),
)

6
juser/user_api.py
View File

@@ -5,6 +5,7 @@ from subprocess import call
from juser.models import AdminGroup
from jumpserver.api import *
from jumpserver.settings import BASE_DIR, EMAIL_HOST_USER as MAIL_FROM
def group_add_user(group, user_id=None, username=None):
@@ -60,6 +61,7 @@ def db_add_user(**kwargs):
admin_groups = kwargs.pop('admin_groups')
role = kwargs.get('role', 'CU')
user = User(**kwargs)
user.set_password(kwargs.get('password'))
user.save()
if groups_post:
group_select = []
@@ -84,10 +86,10 @@ def db_update_user(**kwargs):
groups_post = kwargs.pop('groups')
admin_groups_post = kwargs.pop('admin_groups')
user_id = kwargs.pop('user_id')
user = User.objects.filter(id=user_id)
user = User.objects.get(id=user_id)
if user:
user.update(**kwargs)
user = user[0]
user.set_password(kwargs.pop('password'))
user.save()
else:
return None

70
juser/views.py
View File

@@ -2,25 +2,25 @@
# Author: Guanghongwei
# Email: ibuler@qq.com
import random
from Crypto.PublicKey import RSA
# import random
# from Crypto.PublicKey import RSA
import uuid as uuid_r
from django.db.models import Q
from django.template import RequestContext
from django.db.models import ObjectDoesNotExist
from jumpserver.settings import EMAIL_HOST_USER
from juser.user_api import *
from jperm.perm_api import _public_perm_api, perm_user_api, user_permed
MAIL_FROM = EMAIL_HOST_USER
def chg_role(request):
role = {'SU': 2, 'DA': 1, 'CU': 0}
user, dept = get_session_user_dept(request)
role = {'SU': 2, 'GA': 1, 'CU': 0}
if request.session['role_id'] > 0:
request.session['role_id'] = 0
elif request.session['role_id'] == 0:
request.session['role_id'] = role.get(user.role, 0)
request.session['role_id'] = role.get(request.user.role, 0)
return HttpResponseRedirect('/')
@@ -168,8 +168,8 @@ def user_add(request):
if '' in [username, password, ssh_key_pwd, name, role]:
error = u'带*内容不能为空'
raise ServerError
user_test = get_object(User, username=username)
if user_test:
check_user_is_exist = User.objects.filter(username=username)
if check_user_is_exist:
error = u'用户 %s 已存在' % username
raise ServerError
@@ -178,10 +178,10 @@ def user_add(request):
else:
try:
user = db_add_user(username=username, name=name,
password=CRYPTOR.md5_crypt(password),
password=password,
email=email, role=role, uuid=uuid,
groups=groups, admin_groups=admin_groups,
ssh_key_pwd=CRYPTOR.md5_crypt(ssh_key_pwd),
ssh_key_pwd=ssh_key_pwd,
is_active=is_active,
date_joined=datetime.datetime.now())
server_add_user(username, password, ssh_key_pwd, ssh_key_login_need)
@@ -233,10 +233,10 @@ def user_list(request):
@require_role(role='user')
def user_detail(request):
header_title, path1, path2 = '用户详情', '用户管理', '用户详情'
if request.session.get('role_id') == 0:
user_id = request.session.get('user_id')
else:
user_id = request.GET.get('id', '')
# if request.session.get('role_id') == 0:
# user_id = request.user.id
# else:
# user_id = request.GET.get('id', '')
# if request.session.get('role_id') == 1:
# user, dept = get_session_user_dept(request)
# if not validate(request, user=[user_id]):
@@ -244,9 +244,9 @@ def user_detail(request):
# if not user_id:
# return HttpResponseRedirect('/juser/user_list/')
user = get_object(User, id=user_id)
if user:
pass
# user = get_object(User, id=user_id)
# if user:
# pass
# asset_group_permed = user.get_asset_group()
# logs_last = Log.objects.filter(user=user.name).order_by('-start_time')[0:10]
# logs_all = Log.objects.filter(user=user.name).order_by('-start_time')
@@ -257,8 +257,14 @@ def user_detail(request):
@require_role(role='admin')
def user_del(request):
user_ids = request.GET.get('id', '')
user_id_list = user_ids.split(',')
if request.method == "GET":
user_ids = request.GET.get('id', '')
user_id_list = user_ids.split(',')
elif request.method == "POST":
user_ids = request.POST.get('id', '')
user_id_list = user_ids.split(',')
else:
return HttpResponse('错误请求')
for user_id in user_id_list:
user = get_object(User, id=user_id)
if user:
@@ -370,11 +376,11 @@ def user_edit(request):
else:
return HttpResponseRedirect('/juser/user_list/')
if password != user.password:
password_decode = password
password = CRYPTOR.md5_crypt(password)
else:
password_decode = None
# if password != user.password:
# password_decode = password
# password = CRYPTOR.md5_crypt(password)
# else:
# password_decode = None
db_update_user(user_id=user_id,
password=password,
@@ -409,7 +415,10 @@ def user_edit_adm(request):
def profile(request):
user_id = request.session.get('user_id')
a = request.user.id
a = request.user.groups
user_id = request.user.id
if not user_id:
return HttpResponseRedirect('/')
user = User.objects.get(id=user_id)
@@ -418,7 +427,7 @@ def profile(request):
def change_info(request):
header_title, path1, path2 = '修改信息', '用户管理', '修改个人信息'
user_id = request.session.get('user_id')
user_id = request.user.id
user = get_object(User, id=user_id)
error = ''
if not user:
@@ -436,10 +445,11 @@ def change_info(request):
error = '密码须大于6位'
if not error:
if password != user.password:
password = CRYPTOR.md5_crypt(password)
# if password != user.password:
# password = CRYPTOR.md5_crypt(password)
user.update(name=name, password=password, email=email)
user.update(name=name, email=email)
user.set_password(password)
msg = '修改成功'
return render_to_response('juser/change_info.html', locals(), context_instance=RequestContext(request))
@@ -465,7 +475,7 @@ def down_key(request):
user_id = request.GET.get('id')
if is_role_request(request, 'user'):
user_id = request.session.get('user_id')
user_id = request.user.id
if user_id:
user = get_object(User, id=user_id)