From 2035a49c40026f686d3426c8ab774003953ffc3c Mon Sep 17 00:00:00 2001
From: guanghongwei <hongwei.guang@yolu-inc.com>
Date: Wed, 8 Apr 2015 17:32:56 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=AF=86=E9=92=A5=E5=AF=86?=
 =?UTF-8?q?=E7=A0=81=E5=90=8E=E9=87=8D=E6=96=B0=E7=94=9F=E6=88=90key,=20?=
 =?UTF-8?q?=E6=99=AE=E9=80=9A=E7=94=A8=E6=88=B7=E9=A6=96=E9=A1=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 jasset/views.py                  |   4 -
 jumpserver/api.py                |   1 +
 jumpserver/settings.py           |   1 -
 jumpserver/urls.py               |   3 +
 jumpserver/views.py              |  22 ++++++
 juser/urls.py                    |   1 +
 juser/views.py                   |  42 +++++++++-
 templates/index_cu.html          | 130 ++++++++++++++++++++++++++++++-
 templates/juser/chg_info.html    |   2 +-
 templates/juser/user_detail.html |   6 ++
 templates/juser/user_edit.html   |   2 +-
 templates/juser/user_list.html   |   2 +-
 templates/nav.html               |   9 +--
 13 files changed, 204 insertions(+), 21 deletions(-)

diff --git a/jasset/views.py b/jasset/views.py
index a33c6cfa9..e61617eaa 100644
--- a/jasset/views.py
+++ b/jasset/views.py
@@ -3,15 +3,11 @@
 import ast
 
 from django.db.models import Q
-from django.http import Http404
-from django.http import HttpResponseRedirect
 from django.template import RequestContext
 from django.shortcuts import render_to_response
 
 from models import IDC, Asset, BisGroup
 from juser.models import UserGroup, DEPT
-from connect import PyCrypt, KEY
-from jlog.models import Log
 from jumpserver.views import jasset_host_edit, pages
 from jumpserver.api import *
 
diff --git a/jumpserver/api.py b/jumpserver/api.py
index 08d131476..7737f1e7e 100644
--- a/jumpserver/api.py
+++ b/jumpserver/api.py
@@ -281,6 +281,7 @@ def user_perm_asset_api(username):
             asset_list.extend(asset_group.asset_set.all())
 
         return asset_list
+    return []
 
 
 def asset_perm_api(asset):
diff --git a/jumpserver/settings.py b/jumpserver/settings.py
index c3c4ad509..50b6ae0db 100644
--- a/jumpserver/settings.py
+++ b/jumpserver/settings.py
@@ -108,7 +108,6 @@ TEMPLATE_DIRS = (
 
 STATICFILES_DIRS = (
     os.path.join(BASE_DIR, "static"),
-    os.path.join(BASE_DIR, "keys"),
 )
 # Internationalization
 # https://docs.djangoproject.com/en/1.7/topics/i18n/
diff --git a/jumpserver/urls.py b/jumpserver/urls.py
index 86773da4f..d086d4303 100644
--- a/jumpserver/urls.py
+++ b/jumpserver/urls.py
@@ -12,9 +12,12 @@ urlpatterns = patterns('',
     (r'^base/$', 'jumpserver.views.base'),
     (r'^login/$', 'jumpserver.views.login'),
     (r'^logout/$', 'jumpserver.views.logout'),
+    (r'^upload/$', 'jumpserver.views.upload'),
+    (r'^download/$', 'jumpserver.views.download'),
     (r'^juser/', include('juser.urls')),
     (r'^jasset/', include('jasset.urls')),
     (r'^jlog/', include('jlog.urls')),
     (r'^jperm/', include('jperm.urls')),
 
+
 )
diff --git a/jumpserver/views.py b/jumpserver/views.py
index 2a6fdd037..194bff712 100644
--- a/jumpserver/views.py
+++ b/jumpserver/views.py
@@ -44,6 +44,25 @@ def get_data(data, items, option):
 
 @require_login
 def index_cu(request):
+    user_id = request.session.get('user_id')
+    user = User.objects.filter(id=user_id)
+    if user:
+        user = user[0]
+    login_types = {'L': 'LDAP', 'M': 'MAP'}
+    user_id = request.session.get('user_id')
+    username = User.objects.get(id=user_id).name
+    posts = user_perm_asset_api(username)
+    host_count = len(posts)
+    new_posts = []
+    post_five = []
+    for post in posts:
+        if len(post_five) < 5:
+            post_five.append(post)
+        else:
+            new_posts.append(post_five)
+            post_five = []
+    new_posts.append(post_five)
+
     return render_to_response('index_cu.html', locals(), context_instance=RequestContext(request))
 
 
@@ -237,3 +256,6 @@ def install(request):
          name='group_admin', email='group_admin@jumpserver.org', role='DA', is_active=True, dept=dept2).save()
     return HttpResponse('Ok')
 
+
+def upload(request):
+    pass
diff --git a/juser/urls.py b/juser/urls.py
index 71bc09ee7..cbaba7bb0 100644
--- a/juser/urls.py
+++ b/juser/urls.py
@@ -29,4 +29,5 @@ urlpatterns = patterns('juser.views',
     (r'^profile/$', 'profile'),
     (r'^chg_info/$', 'chg_info'),
     (r'^chg_role/$', 'chg_role'),
+    (r'^down_key/$', 'down_key'),
 )
diff --git a/juser/views.py b/juser/views.py
index 987ecdd4a..a4f39076a 100644
--- a/juser/views.py
+++ b/juser/views.py
@@ -6,7 +6,6 @@ import random
 import subprocess
 from Crypto.PublicKey import RSA
 import crypt
-import datetime
 
 from django.shortcuts import render_to_response
 from django.core.exceptions import ObjectDoesNotExist
@@ -32,9 +31,10 @@ def bash(cmd):
     return subprocess.call(cmd, shell=True)
 
 
-def is_dir(dir_name, mode=0755):
+def is_dir(dir_name, username='root', mode=0755):
     if not os.path.isdir(dir_name):
         os.makedirs(dir_name)
+        bash("chown %s:%s '%s'" % (username, username, dir_name))
     os.chmod(dir_name, mode)
 
 
@@ -113,7 +113,7 @@ def gen_ssh_key(username, password=None, length=2048):
     public_key_dir = '/home/%s/.ssh/' % username
     public_key_file = os.path.join(public_key_dir, 'authorized_keys')
     is_dir(private_key_dir)
-    is_dir(public_key_dir, mode=0700)
+    is_dir(public_key_dir, username, mode=0700)
 
     key = RSA.generate(length)
     with open(private_key_file, 'w') as pri_f:
@@ -128,7 +128,7 @@ def gen_ssh_key(username, password=None, length=2048):
 
 
 def server_add_user(username, password, ssh_key_pwd):
-    bash('useradd %s; echo %s | passwd --stdin %s' % (username, password, username))
+    bash("useradd '%s'; echo '%s' | passwd --stdin '%s'" % (username, password, username))
     gen_ssh_key(username, ssh_key_pwd)
 
 
@@ -883,6 +883,7 @@ def user_edit(request):
             password = md5_crypt(password)
 
         if ssh_key_pwd != user.ssh_key_pwd:
+            gen_ssh_key(user.username, ssh_key_pwd)
             ssh_key_pwd = CRYPTOR.encrypt(ssh_key_pwd)
 
         db_update_user(user_id=user_id,
@@ -991,9 +992,42 @@ def chg_info(request):
                 password = md5_crypt(password)
 
             if ssh_key_pwd != user.ssh_key_pwd:
+                gen_ssh_key(user.username, ssh_key_pwd)
                 ssh_key_pwd = md5_crypt(ssh_key_pwd)
+
             user_set.update(name=name, password=password, ssh_key_pwd=ssh_key_pwd, email=email)
             msg = '修改成功'
 
     return render_to_response('juser/chg_info.html', locals(), context_instance=RequestContext(request))
 
+
+@require_login
+def down_key(request):
+    user_id = ''
+    if is_super_user(request):
+        user_id = request.GET.get('id')
+
+    if is_group_admin(request):
+        user_id = request.GET.get('id')
+        if not validate(request, user=[user_id]):
+            user_id = request.session.get('user_id')
+
+    if is_common_user(request):
+        user_id = request.session.get('user_id')
+
+    if user_id:
+        user = User.objects.filter(id=user_id)
+        if user:
+            user = user[0]
+            username = user.username
+            private_key_dir = os.path.join(BASE_DIR, 'keys/jumpserver/')
+            private_key_file = os.path.join(private_key_dir, username+".pem")
+            if os.path.isfile(private_key_file):
+                f = open(private_key_file)
+                data = f.read()
+                f.close()
+                response = HttpResponse(data, content_type='application/octet-stream')
+                response['Content-Disposition'] = 'attachment; filename=%s' % os.path.basename(private_key_file)
+                return response
+
+    return HttpResponse('No Key File. Contact Admin.')
\ No newline at end of file
diff --git a/templates/index_cu.html b/templates/index_cu.html
index b1a602230..116613fab 100644
--- a/templates/index_cu.html
+++ b/templates/index_cu.html
@@ -1,8 +1,9 @@
 {% extends 'base.html' %}
+{% load mytags %}
 {% block content %}
 {% include 'nav_cat_bar.html' %}
 
-<div class="wrapper wrapper-content">
+<div class="wrapper wrapper-content" xmlns="http://www.w3.org/1999/html">
     <div class="row">
         <div class="col-lg-8">
             <div class="ibox float-e-margins">
@@ -27,9 +28,132 @@
                     </div>
                 </div>
 
-                <div class="ibox-content">
-                    helo
+                <div class="ibox-content" style="line-height: 26px">
+                    <span style="font-size: large">欢</span>迎使用<span class="text-navy"><b>Jumpserver</b></span>跳板机系统，
+                    首先需要 <b><a href="/juser/down_key/?id={{ user.id }}">下载</a></b> 登录跳板机的SSH密钥文件，然后导入到工具或者ssh命令指定密钥文件(确保密钥文件权限600)，输入收到的密钥密码，登录跳板机。
+                    登录后根据提示进行操作。跳板机web界面支持修改密码、个人信息和上传下载文件等功能，可以向管理员申请权限。
                 </div>
+            </div>
+
+            <div class="ibox float-e-margins">
+                <div class="ibox-title">
+                    <h5> 已授权主机 </h5>
+                    <div class="ibox-tools">
+                        <div class="label label-primary float-left"><b>总共：{{ host_count }}</b></div>
+                        <a class="collapse-link">
+                            <i class="fa fa-chevron-up"></i>
+                        </a>
+                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                            <i class="fa fa-wrench"></i>
+                        </a>
+                        <ul class="dropdown-menu dropdown-user">
+                            <li><a href="#">未启用 1</a>
+                            </li>
+                            <li><a href="#">未启用 2</a>
+                            </li>
+                        </ul>
+                        <a class="close-link">
+                            <i class="fa fa-times"></i>
+                        </a>
+                    </div>
+                </div>
+
+                <div class="ibox-content">
+                    <table class="table table-striped">
+                        {% for host_five in new_posts %}
+                        <tr>
+                            {% for host in host_five %}
+                            <td>{{ host.ip }}</td>
+                            {% endfor %}
+                        </tr>
+                        {% endfor %}
+                    </table>
+                    {% ifequal host_count 0 %}
+                        (空)
+                    {% endifequal %}
+                </div>
+            </div>
+        </div>
+
+        <div class="col-lg-4">
+            <div class="ibox float-e-margins">
+                <div class="ibox-title">
+                    <span class="label label-primary"><b>{{ user.name }}</b></span>
+                    <div class="ibox-tools">
+                        <a class="collapse-link">
+                            <i class="fa fa-chevron-up"></i>
+                        </a>
+                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">
+                            <i class="fa fa-wrench"></i>
+                        </a>
+                        <ul class="dropdown-menu dropdown-user">
+                            <li><a href="#"></a>
+                            </li>
+                            <li><a href="#"></a>
+                            </li>
+                        </ul>
+                        <a class="close-link">
+                            <i class="fa fa-times"></i>
+                        </a>
+                    </div>
+                </div>
+                <div class="ibox-content">
+                    <div>
+                        <div class="text-left">
+                            <table class="table">
+                                <tr>
+                                    <td class="text-navy">ID</td>
+                                    <td>{{ user.id }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">用户名</td>
+                                    <td>{{ user.username }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">姓名</td>
+                                    <td>{{ user.name }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">角色</td>
+                                    <td>{{ user.id | get_role }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">部门</td>
+                                    <td>{{ user.dept.name }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">Email</td>
+                                    <td>{{ user.email }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">激活</td>
+                                    <td>{{ user.is_active|bool2str }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">添加日期</td>
+                                    <td>{{ user.date_joined|date:"Y-m-d H:i:s" }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">最后登录</td>
+                                    <td>{{ user.last_login|date:"Y-m-d H:i:s" }}</td>
+                                </tr>
+                                <tr>
+                                    <td class="text-navy">所在用户组</td>
+                                    <td>
+                                         <table class="table">
+                                             {% for group in user.group.all %}
+                                                <tr>
+                                                    <td>{{ group.name }}</td>
+                                                </tr>
+                                             {% endfor %}
+                                         </table>
+                                    </td>
+                                </tr>
+                            </table>
+                        </div>
+                    </div>
+                </div>
+            </div>
         </div>
     </div>
 </div>
diff --git a/templates/juser/chg_info.html b/templates/juser/chg_info.html
index 0832f3ef2..1658d6a4b 100644
--- a/templates/juser/chg_info.html
+++ b/templates/juser/chg_info.html
@@ -63,7 +63,7 @@
                                 <div class="col-sm-8">
                                     <input id="ssh_key_pwd" name="ssh_key_pwd" placeholder="SSH Key Password" type="password" class="form-control" value="{{ user.ssh_key_pwd }}">
                                     <span class="help-block m-b-none">
-                                        登陆 Jumpserver 使用的SSH密钥的密码
+                                        登陆 Jumpserver 使用的SSH密钥的密码,更改密钥密码需要重新下载密钥
                                     </span>
                                 </div>
                             </div>
diff --git a/templates/juser/user_detail.html b/templates/juser/user_detail.html
index 89218b115..811076921 100644
--- a/templates/juser/user_detail.html
+++ b/templates/juser/user_detail.html
@@ -136,6 +136,9 @@
                                 </div>
                             </div>
                         {% endfor %}
+                        {% if not user|get_user_asset_group %}
+                            (无)
+                        {% endif %}
                     </div>
                 </div>
             </div>
@@ -164,6 +167,9 @@
                                             </div>
                                         </div>
                                     {% endfor %}
+                                    {% if not logs_last %}
+                                        (无)
+                                    {% endif %}
                                 </div>
 
                                 <button id="show" class="btn btn-primary btn-block m-t"><i class="fa fa-arrow-down"></i> Show All</button>
diff --git a/templates/juser/user_edit.html b/templates/juser/user_edit.html
index ee30e9c36..c8ad656a3 100644
--- a/templates/juser/user_edit.html
+++ b/templates/juser/user_edit.html
@@ -59,7 +59,7 @@
                                 <div class="col-sm-8">
                                     <input id="ssh_key_pwd" name="ssh_key_pwd" placeholder="SSH Key Password" type="password" class="form-control" value="{{ user.ssh_key_pwd }}">
                                     <span class="help-block m-b-none">
-                                        登陆 Jumpserver 使用的SSH密钥的密码
+                                        登陆 Jumpserver 使用的SSH密钥的密码，更改密钥密码需要重新下载密钥
                                     </span>
                                 </div>
                             </div>
diff --git a/templates/juser/user_list.html b/templates/juser/user_list.html
index 43b45c70b..bd2a81bea 100644
--- a/templates/juser/user_list.html
+++ b/templates/juser/user_list.html
@@ -72,7 +72,7 @@
                                 <td class="text-center" title="{% for user_group in user.group.all %} {{ user_group.name }} {% endfor %}"> {{ user.group.all | group_str2  }} </td>
                                 <td class="text-center"> {{ user.id | get_role }}</td>
                                 <td class="text-center">{{ user.is_active|bool2str }}</td>
-                                <td class="text-center"><a href="/static/jumpserver/{{ user.username }}.pem">下载</a></td>
+                                <td class="text-center"><a href="/juser/down_key/?id={{ user.id }}">下载</a></td>
                                 <td class="text-center">
                                     <a href="../user_detail/?id={{ user.id }}" class="btn btn-xs btn-primary">详情</a>
                                     {% ifequal session_role_id 2 %}
diff --git a/templates/nav.html b/templates/nav.html
index b4d0b0a93..002cd3130 100644
--- a/templates/nav.html
+++ b/templates/nav.html
@@ -136,7 +136,7 @@
             <li>
                <a href="/"><i class="fa fa-th-large"></i> <span class="nav-label">仪表盘</span><span class="label label-info pull-right"></span></a>
             </li>
-            <li>
+            <li class="user_detail">
                <a href="/juser/user_detail/?id={{ session_user_id }}"><i class="fa fa-rebel"></i> <span class="nav-label">个人信息</span><span class="label label-info pull-right"></span></a>
             </li>
             <li id="jasset">
@@ -156,13 +156,10 @@
             <li>
                 <a href="#"><i class="fa fa-download"></i> <span class="nav-label">上传下载</span><span class="fa arrow"></span></a>
                 <ul class="nav nav-second-level">
-                    <li><a href="/file/upload/">文件上传</a></li>
-                    <li><a href="/file/download/">文件下载</a></li>
+                    <li><a href="/upload/">文件上传</a></li>
+                    <li><a href="/download/">文件下载</a></li>
                 </ul>
             </li>
-            <li>
-               <a href="/"><i class="fa fa-files-o"></i> <span class="nav-label">使用说明</span><span class="label label-info pull-right"></span></a>
-            </li>
 
             <li class="special_link">
                 <a href="http://www.jumpserver.org" target="_blank"><i class="fa fa-database"></i> <span class="nav-label">访问官网</span></a>