diff --git a/jasset/views.py b/jasset/views.py index a33c6cfa9..e61617eaa 100644 --- a/jasset/views.py +++ b/jasset/views.py @@ -3,15 +3,11 @@ import ast from django.db.models import Q -from django.http import Http404 -from django.http import HttpResponseRedirect from django.template import RequestContext from django.shortcuts import render_to_response from models import IDC, Asset, BisGroup from juser.models import UserGroup, DEPT -from connect import PyCrypt, KEY -from jlog.models import Log from jumpserver.views import jasset_host_edit, pages from jumpserver.api import * diff --git a/jumpserver/api.py b/jumpserver/api.py index 08d131476..7737f1e7e 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -281,6 +281,7 @@ def user_perm_asset_api(username): asset_list.extend(asset_group.asset_set.all()) return asset_list + return [] def asset_perm_api(asset): diff --git a/jumpserver/settings.py b/jumpserver/settings.py index c3c4ad509..50b6ae0db 100644 --- a/jumpserver/settings.py +++ b/jumpserver/settings.py @@ -108,7 +108,6 @@ TEMPLATE_DIRS = ( STATICFILES_DIRS = ( os.path.join(BASE_DIR, "static"), - os.path.join(BASE_DIR, "keys"), ) # Internationalization # https://docs.djangoproject.com/en/1.7/topics/i18n/ diff --git a/jumpserver/urls.py b/jumpserver/urls.py index 86773da4f..d086d4303 100644 --- a/jumpserver/urls.py +++ b/jumpserver/urls.py @@ -12,9 +12,12 @@ urlpatterns = patterns('', (r'^base/$', 'jumpserver.views.base'), (r'^login/$', 'jumpserver.views.login'), (r'^logout/$', 'jumpserver.views.logout'), + (r'^upload/$', 'jumpserver.views.upload'), + (r'^download/$', 'jumpserver.views.download'), (r'^juser/', include('juser.urls')), (r'^jasset/', include('jasset.urls')), (r'^jlog/', include('jlog.urls')), (r'^jperm/', include('jperm.urls')), + ) diff --git a/jumpserver/views.py b/jumpserver/views.py index 2a6fdd037..194bff712 100644 --- a/jumpserver/views.py +++ b/jumpserver/views.py @@ -44,6 +44,25 @@ def get_data(data, items, option): @require_login def index_cu(request): + user_id = request.session.get('user_id') + user = User.objects.filter(id=user_id) + if user: + user = user[0] + login_types = {'L': 'LDAP', 'M': 'MAP'} + user_id = request.session.get('user_id') + username = User.objects.get(id=user_id).name + posts = user_perm_asset_api(username) + host_count = len(posts) + new_posts = [] + post_five = [] + for post in posts: + if len(post_five) < 5: + post_five.append(post) + else: + new_posts.append(post_five) + post_five = [] + new_posts.append(post_five) + return render_to_response('index_cu.html', locals(), context_instance=RequestContext(request)) @@ -237,3 +256,6 @@ def install(request): name='group_admin', email='group_admin@jumpserver.org', role='DA', is_active=True, dept=dept2).save() return HttpResponse('Ok') + +def upload(request): + pass diff --git a/juser/urls.py b/juser/urls.py index 71bc09ee7..cbaba7bb0 100644 --- a/juser/urls.py +++ b/juser/urls.py @@ -29,4 +29,5 @@ urlpatterns = patterns('juser.views', (r'^profile/$', 'profile'), (r'^chg_info/$', 'chg_info'), (r'^chg_role/$', 'chg_role'), + (r'^down_key/$', 'down_key'), ) diff --git a/juser/views.py b/juser/views.py index 987ecdd4a..a4f39076a 100644 --- a/juser/views.py +++ b/juser/views.py @@ -6,7 +6,6 @@ import random import subprocess from Crypto.PublicKey import RSA import crypt -import datetime from django.shortcuts import render_to_response from django.core.exceptions import ObjectDoesNotExist @@ -32,9 +31,10 @@ def bash(cmd): return subprocess.call(cmd, shell=True) -def is_dir(dir_name, mode=0755): +def is_dir(dir_name, username='root', mode=0755): if not os.path.isdir(dir_name): os.makedirs(dir_name) + bash("chown %s:%s '%s'" % (username, username, dir_name)) os.chmod(dir_name, mode) @@ -113,7 +113,7 @@ def gen_ssh_key(username, password=None, length=2048): public_key_dir = '/home/%s/.ssh/' % username public_key_file = os.path.join(public_key_dir, 'authorized_keys') is_dir(private_key_dir) - is_dir(public_key_dir, mode=0700) + is_dir(public_key_dir, username, mode=0700) key = RSA.generate(length) with open(private_key_file, 'w') as pri_f: @@ -128,7 +128,7 @@ def gen_ssh_key(username, password=None, length=2048): def server_add_user(username, password, ssh_key_pwd): - bash('useradd %s; echo %s | passwd --stdin %s' % (username, password, username)) + bash("useradd '%s'; echo '%s' | passwd --stdin '%s'" % (username, password, username)) gen_ssh_key(username, ssh_key_pwd) @@ -883,6 +883,7 @@ def user_edit(request): password = md5_crypt(password) if ssh_key_pwd != user.ssh_key_pwd: + gen_ssh_key(user.username, ssh_key_pwd) ssh_key_pwd = CRYPTOR.encrypt(ssh_key_pwd) db_update_user(user_id=user_id, @@ -991,9 +992,42 @@ def chg_info(request): password = md5_crypt(password) if ssh_key_pwd != user.ssh_key_pwd: + gen_ssh_key(user.username, ssh_key_pwd) ssh_key_pwd = md5_crypt(ssh_key_pwd) + user_set.update(name=name, password=password, ssh_key_pwd=ssh_key_pwd, email=email) msg = '修改成功' return render_to_response('juser/chg_info.html', locals(), context_instance=RequestContext(request)) + +@require_login +def down_key(request): + user_id = '' + if is_super_user(request): + user_id = request.GET.get('id') + + if is_group_admin(request): + user_id = request.GET.get('id') + if not validate(request, user=[user_id]): + user_id = request.session.get('user_id') + + if is_common_user(request): + user_id = request.session.get('user_id') + + if user_id: + user = User.objects.filter(id=user_id) + if user: + user = user[0] + username = user.username + private_key_dir = os.path.join(BASE_DIR, 'keys/jumpserver/') + private_key_file = os.path.join(private_key_dir, username+".pem") + if os.path.isfile(private_key_file): + f = open(private_key_file) + data = f.read() + f.close() + response = HttpResponse(data, content_type='application/octet-stream') + response['Content-Disposition'] = 'attachment; filename=%s' % os.path.basename(private_key_file) + return response + + return HttpResponse('No Key File. Contact Admin.') \ No newline at end of file diff --git a/templates/index_cu.html b/templates/index_cu.html index b1a602230..116613fab 100644 --- a/templates/index_cu.html +++ b/templates/index_cu.html @@ -1,8 +1,9 @@ {% extends 'base.html' %} +{% load mytags %} {% block content %} {% include 'nav_cat_bar.html' %} -
+
@@ -27,9 +28,132 @@
-
- helo +
+ 迎使用Jumpserver跳板机系统, + 首先需要 下载 登录跳板机的SSH密钥文件,然后导入到工具或者ssh命令指定密钥文件(确保密钥文件权限600),输入收到的密钥密码,登录跳板机。 + 登录后根据提示进行操作。跳板机web界面支持修改密码、个人信息和上传下载文件等功能,可以向管理员申请权限。
+
+ +
+
+
已授权主机
+
+
总共:{{ host_count }}
+ + + + + + + + + + +
+
+ +
+ + {% for host_five in new_posts %} + + {% for host in host_five %} + + {% endfor %} + + {% endfor %} +
{{ host.ip }}
+ {% ifequal host_count 0 %} + (空) + {% endifequal %} +
+
+
+ +
+
+
+ {{ user.name }} +
+ + + + + + +
    +
  • +
    • +
  • +
    • +
+ + + +
+
+
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ID{{ user.id }}
用户名{{ user.username }}
姓名{{ user.name }}
角色{{ user.id | get_role }}
部门{{ user.dept.name }}
Email{{ user.email }}
激活{{ user.is_active|bool2str }}
添加日期{{ user.date_joined|date:"Y-m-d H:i:s" }}
最后登录{{ user.last_login|date:"Y-m-d H:i:s" }}
所在用户组 + + {% for group in user.group.all %} + + + + {% endfor %} +
{{ group.name }}
+
+
+
+
+
diff --git a/templates/juser/chg_info.html b/templates/juser/chg_info.html index 0832f3ef2..1658d6a4b 100644 --- a/templates/juser/chg_info.html +++ b/templates/juser/chg_info.html @@ -63,7 +63,7 @@
- 登陆 Jumpserver 使用的SSH密钥的密码 + 登陆 Jumpserver 使用的SSH密钥的密码,更改密钥密码需要重新下载密钥
diff --git a/templates/juser/user_detail.html b/templates/juser/user_detail.html index 89218b115..811076921 100644 --- a/templates/juser/user_detail.html +++ b/templates/juser/user_detail.html @@ -136,6 +136,9 @@ {% endfor %} + {% if not user|get_user_asset_group %} + (无) + {% endif %} @@ -164,6 +167,9 @@ {% endfor %} + {% if not logs_last %} + (无) + {% endif %} diff --git a/templates/juser/user_edit.html b/templates/juser/user_edit.html index ee30e9c36..c8ad656a3 100644 --- a/templates/juser/user_edit.html +++ b/templates/juser/user_edit.html @@ -59,7 +59,7 @@
- 登陆 Jumpserver 使用的SSH密钥的密码 + 登陆 Jumpserver 使用的SSH密钥的密码,更改密钥密码需要重新下载密钥
diff --git a/templates/juser/user_list.html b/templates/juser/user_list.html index 43b45c70b..bd2a81bea 100644 --- a/templates/juser/user_list.html +++ b/templates/juser/user_list.html @@ -72,7 +72,7 @@ {{ user.group.all | group_str2 }} {{ user.id | get_role }} {{ user.is_active|bool2str }} - 下载 + 下载 详情 {% ifequal session_role_id 2 %} diff --git a/templates/nav.html b/templates/nav.html index b4d0b0a93..002cd3130 100644 --- a/templates/nav.html +++ b/templates/nav.html @@ -136,7 +136,7 @@
  • 仪表盘
    • -
  • +
  • 个人信息
  • @@ -156,13 +156,10 @@
  • 上传下载
    • -
  • - 使用说明 -
  • 访问官网