diff --git a/jperm/views.py b/jperm/views.py index 52e394ff2..30e514373 100644 --- a/jperm/views.py +++ b/jperm/views.py @@ -120,7 +120,7 @@ def dept_perm_list(request): if keyword: contact_list = DEPT.objects.filter(Q(name__icontains=keyword) | Q(comment__icontains=keyword)).order_by('name') else: - contact_list = DEPT.objects.filter(id__gt=1) + contact_list = DEPT.objects.filter(id__gt=2) contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(contact_list, request) @@ -533,14 +533,23 @@ def cmd_add(request): dept_id = request.POST.get('dept_id') cmd = ','.join(request.POST.get('cmd').split()) comment = request.POST.get('comment') - dept = DEPT.objects.filter(id=dept_id) - if dept: + + try: + if CmdGroup.objects.filter(name=name): + error = '%s 命令组已存在' + raise ServerError(error) + + if not dept: + error = u"部门不能为空" + raise ServerError(error) + except ServerError, e: + pass + else: dept = dept[0] CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment) - else: - error = u"部门不能为空" - msg = u'命令组添加成功' + msg = u'命令组添加成功' + return HttpResponseRedirect('/jperm/cmd_list/') return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request)) @@ -555,8 +564,16 @@ def cmd_add_adm(request): cmd = ','.join(request.POST.get('cmd').split()) comment = request.POST.get('comment') - CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment) - msg = u'命令组添加成功' + try: + if CmdGroup.objects.filter(name=name): + error = '%s 命令组已存在' + raise ServerError(error) + except ServerError, e: + pass + else: + CmdGroup.objects.create(name=name, dept=dept, cmd=cmd, comment=comment) + return HttpResponseRedirect('/jperm/cmd_list/') + return HttpResponseRedirect('/jperm/cmd_list/') return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request)) @@ -568,10 +585,12 @@ def cmd_edit(request): cmd_group_id = request.GET.get('id') cmd_group = CmdGroup.objects.filter(id=cmd_group_id) + dept_all = DEPT.objects.all() if cmd_group: cmd_group = cmd_group[0] cmd_group_id = cmd_group.id + dept_id = cmd_group.dept.id name = cmd_group.name cmd = '\n'.join(cmd_group.cmd.split(',')) comment = cmd_group.comment @@ -579,12 +598,23 @@ def cmd_edit(request): if request.method == 'POST': cmd_group_id = request.POST.get('cmd_group_id') name = request.POST.get('name') + dept_id = request.POST.get('dept_id') cmd = ','.join(request.POST.get('cmd').split()) comment = request.POST.get('comment') - cmd_group = CmdGroup.objects.filter(id=cmd_group_id) - if cmd_group: - cmd_group.update(name=name, cmd=cmd, comment=comment) + + dept = DEPT.objects.filter(id=dept_id) + try: + if not dept: + error = '没有该部门' + raise ServerError(error) + + if not cmd_group: + error = '没有该命令组' + except ServerError, e: + pass + else: + cmd_group.update(name=name, cmd=cmd, dept=dept[0], comment=comment) return HttpResponseRedirect('/jperm/cmd_list/') return render_to_response('jperm/sudo_cmd_add.html', locals(), context_instance=RequestContext(request)) @@ -624,10 +654,22 @@ def cmd_del(request): @require_admin def cmd_detail(request): - cmd_id = request.GET.get('id') - cmd_group = CmdGroup.objects.filter(id=cmd_id) - if cmd_group: - cmd_group = cmd_group[0] + cmd_ids = request.GET.get('id').split(',') + cmds = [] + if len(cmd_ids) == 1: + cmd_group = CmdGroup.objects.filter(id=cmd_ids[0]) + if cmd_group: + cmd_group = cmd_group[0] + cmds.extend(cmd_group.cmd.split(',')) + cmd_group_name = cmd_group.name + else: + cmd_groups = [] + for cmd_id in cmd_ids: + cmd_groups.extend(CmdGroup.objects.filter(id=cmd_id)) + for cmd_group in cmd_groups: + cmds.extend(cmd_group.cmd.split(',')) + + cmds_str = ', '.join(cmds) return render_to_response('jperm/sudo_cmd_detail.html', locals(), context_instance=RequestContext(request)) diff --git a/jumpserver.conf b/jumpserver.conf index 618d76f14..40af3ba70 100644 --- a/jumpserver.conf +++ b/jumpserver.conf @@ -30,8 +30,8 @@ key = 88aaaf7ffe3c6c04 [mail] -email_host = mail.funshion.com +email_host = smtp.qq.com email_port = 25 -email_host_user = jkfunshion -email_host_password = jkmail% +email_host_user = jumpserver@qq.com +email_host_password = jumpserver.org email_use_tls = False diff --git a/jumpserver/api.py b/jumpserver/api.py index 688a7d446..9c88df59d 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -375,39 +375,38 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None, if user_group: dept_user_groups = dept.usergroup_set.all() - user_groups = [] - for user_group_id in user_group: - user_groups.extend(UserGroup.objects.filter(id=user_group_id)) - if not set(user_groups).issubset(set(dept_user_groups)): + user_group_ids = [] + for group in dept_user_groups: + user_group_ids.append(str(group.id)) + + if not set(user_group).issubset(set(user_group_ids)): return False if user: dept_users = dept.user_set.all() - users = [] - for user_id in user: - users.extend(User.objects.filter(id=user_id)) + user_ids = [] + for user in dept_users: + user_ids.append(str(user.id)) - if not set(users).issubset(set(dept_users)): + if not set(user).issubset(set(user_ids)): return False if asset_group: dept_asset_groups = dept.bisgroup_set.all() - asset_groups = [] - for group_id in asset_group: - asset_groups.extend(BisGroup.objects.filter(id=int(group_id))) + asset_group_ids = [] + for group in dept_asset_groups: + asset_group_ids.append(group.id) - if not set(asset_groups).issubset(set(dept_asset_groups)): + if not set(asset_group).issubset(set(asset_group_ids)): return False if asset: dept_assets = dept.asset_set.all() - assets, eassets = [], [] - for asset_id in dept_assets: - eassets.append(int(asset_id.id)) - for i in asset: - assets.append(int(i)) + asset_ids = [] + for asset in dept_assets: + asset_ids.append(str(asset.id)) - if not set(assets).issubset(eassets): + if not set(asset).issubset(set(asset_ids)): return False return True diff --git a/jumpserver/templatetags/mytags.py b/jumpserver/templatetags/mytags.py index 956375d24..dd9f2b63a 100644 --- a/jumpserver/templatetags/mytags.py +++ b/jumpserver/templatetags/mytags.py @@ -157,6 +157,18 @@ def ugrp_perm_agrp_count(user_group_id): return 0 +@register.filter(name='ugrp_sudo_agrp_count') +def ugrp_sudo_agrp_count(user_group_id): + user_group = UserGroup.objects.filter(id=user_group_id) + asset_groups = [] + if user_group: + user_group = user_group[0] + for perm in user_group.sudoperm_set.all(): + asset_groups.extend(perm.asset_group.all()) + return len(set(asset_groups)) + return 0 + + @register.filter(name='ugrp_perm_asset_count') def ugrp_perm_asset_count(user_group_id): user_group = UserGroup.objects.filter(id=user_group_id) @@ -169,6 +181,21 @@ def ugrp_perm_asset_count(user_group_id): return len(set(assets)) +@register.filter(name='ugrp_sudo_asset_count') +def ugrp_sudo_asset_count(user_group_id): + user_group = UserGroup.objects.filter(id=user_group_id) + asset_groups = [] + assets = [] + if user_group: + user_group = user_group[0] + for perm in user_group.sudoperm_set.all(): + asset_groups.extend(perm.asset_group.all()) + + for asset_group in asset_groups: + assets.extend(asset_group.asset_set.all()) + return len(set(assets)) + + @register.filter(name='get_user_alias') def get_user_alias(post, user_id): user = User.objects.get(id=user_id) @@ -298,8 +325,52 @@ def sudo_cmd_list(cmd_group_id): @register.filter(name='sudo_cmd_count') -def sudo_cmd_count(cmd_group_id): - cmd_group = CmdGroup.objects.filter(id=cmd_group_id) - if cmd_group: - cmd_group = cmd_group[0] - return len(cmd_group.cmd.split(',')) +def sudo_cmd_count(user_group_id): + user_group = UserGroup.objects.filter(id=user_group_id) + cmds = [] + if user_group: + user_group = user_group[0] + cmd_groups = [] + + for perm in user_group.sudoperm_set.all(): + cmd_groups.extend(perm.cmd_group.all()) + + for cmd_group in cmd_groups: + cmds.extend(cmd_group.cmd.split(',')) + return len(set(cmds)) + + else: + return 0 + + +@register.filter(name='sudo_cmd_count') +def sudo_cmd_count(user_group_id): + user_group = UserGroup.objects.filter(id=user_group_id) + cmds = [] + if user_group: + user_group = user_group[0] + cmd_groups = [] + for perm in user_group.sudoperm_set.all(): + cmd_groups.extend(perm.cmd_group.all()) + + for cmd_group in cmd_groups: + cmds.extend(cmd_group.cmd.split(',')) + return len(set(cmds)) + else: + return 0 + + +@register.filter(name='sudo_cmd_ids') +def sudo_cmd_ids(user_group_id): + user_group = UserGroup.objects.filter(id=user_group_id) + if user_group: + user_group = user_group[0] + cmd_groups = [] + for perm in user_group.sudoperm_set.all(): + cmd_groups.extend(perm.cmd_group.all()) + cmd_ids = [str(cmd_group.id) for cmd_group in cmd_groups] + return ','.join(cmd_ids) + else: + return '0' + + diff --git a/jumpserver/views.py b/jumpserver/views.py index 1b7348508..f2bdcad0b 100644 --- a/jumpserver/views.py +++ b/jumpserver/views.py @@ -242,11 +242,12 @@ def login(request): else: username = request.POST.get('username') password = request.POST.get('password') - user = User.objects.filter(username=username) - if user: - user = user[0] + user_filter = User.objects.filter(username=username) + if user_filter: + user = user_filter[0] if md5_crypt(password) == user.password: request.session['user_id'] = user.id + user_filter.update(last_login=datetime.datetime.now()) if user.role == 'SU': request.session['role_id'] = 2 elif user.role == 'DA': diff --git a/juser/views.py b/juser/views.py index ad3bf4405..2c5257d97 100644 --- a/juser/views.py +++ b/juser/views.py @@ -71,6 +71,7 @@ def db_add_user(**kwargs): def db_update_user(**kwargs): + print kwargs groups_post = kwargs.pop('groups') user_id = kwargs.pop('user_id') user = User.objects.filter(id=user_id) @@ -354,11 +355,16 @@ def group_add(request): error = u'组名 或 部门 不能为空' raise AddError(error) + if UserGroup.objects.filter(name=group_name): + error = u'组名已存在' + raise AddError(error) + dept = DEPT.objects.filter(id=dept_id) if dept: dept = dept[0] else: - AddError(u'部门不存在') + error = u'部门不存在' + raise AddError(error) db_add_group(name=group_name, users=users_selected, dept=dept, comment=comment) except AddError: @@ -843,7 +849,7 @@ def user_edit(request): groups_str = ' '.join([str(group.id) for group in user.group.all()]) else: - user_id = request.GET.get('user_id', '') + user_id = request.POST.get('user_id', '') password = request.POST.get('password', '') name = request.POST.get('name', '') email = request.POST.get('email', '') @@ -858,7 +864,7 @@ def user_edit(request): if dept: dept = dept[0] else: - dept = DEPT.objects.get(id='1') + dept = DEPT.objects.get(id='2') if user_id: user = User.objects.filter(id=user_id) diff --git a/log_handler.py b/log_handler.py index f64445cd4..a3942a288 100755 --- a/log_handler.py +++ b/log_handler.py @@ -1,5 +1,5 @@ #!/usr/bin/python -#coding: utf-8 +# coding: utf-8 import os import re diff --git a/service.sh b/service.sh new file mode 100644 index 000000000..fbac87af4 --- /dev/null +++ b/service.sh @@ -0,0 +1,24 @@ +#!/bin/bash +# Date: 2015-04-12 +# Version: 2.0.0 +# Site: http://www.jumpserver.org +# Author: jumpserver group + +. /etc/init.d/functions +export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/node/bin + +base_dir=$(dirname $0) + +case $1 in +start) + daemon $base_dir/manage.py runserver 0.0.0.0:80 & + daemon $base_dir/log_handler.py & + cd $base_dir/websocket/; daemon node index.js & + ;; + +stop) + pkill -15 python + pkill -15 node + ;; + +esac diff --git a/templates/jperm/dept_perm_edit.html b/templates/jperm/dept_perm_edit.html index 10c2d7fae..889a991f0 100644 --- a/templates/jperm/dept_perm_edit.html +++ b/templates/jperm/dept_perm_edit.html @@ -16,8 +16,6 @@ function search_ip(text, noselect, total){ }) } - -
@@ -118,8 +116,6 @@ function search_ip(text, noselect, total){
- -
@@ -172,14 +168,11 @@ $('#sudoPerm').validator({ $(document).ready(function(){ $("#submit_button").click(function(){ - $('#users_selected option').each(function(){ + $('#sudoPerm option').each(function(){ $(this).prop('selected', true) }) }); - - - }) diff --git a/templates/jperm/sudo_cmd_add.html b/templates/jperm/sudo_cmd_add.html index 603600201..9f9e8990e 100644 --- a/templates/jperm/sudo_cmd_add.html +++ b/templates/jperm/sudo_cmd_add.html @@ -63,7 +63,12 @@
diff --git a/templates/jperm/sudo_cmd_detail.html b/templates/jperm/sudo_cmd_detail.html index 215961585..26a7b8e72 100644 --- a/templates/jperm/sudo_cmd_detail.html +++ b/templates/jperm/sudo_cmd_detail.html @@ -14,10 +14,13 @@
+ {% if cmd_group_name %}

{{ cmd_group.name }} 命令详情

+ {% endif %}
+ {% if cmd_group_name %} @@ -31,10 +34,11 @@ + {% endif %}
ID{{ cmd_group.name }} {{ cmd_group.dept.name }}
命令: - {{ cmd_group.cmd }} + {{ cmds_str }}
diff --git a/templates/jperm/sudo_cmd_list.html b/templates/jperm/sudo_cmd_list.html index 73e8b77de..f7c2d9652 100644 --- a/templates/jperm/sudo_cmd_list.html +++ b/templates/jperm/sudo_cmd_list.html @@ -49,6 +49,7 @@ 组名 命令 + 部门 备注 操作 @@ -58,9 +59,10 @@ {{ group.name }} {{ group.cmd | string_length:50 }} + {{ group.dept.name }} {{ group.comment }} -{# 详情#} + 详情 编辑 删除 @@ -117,8 +119,21 @@
diff --git a/templates/jperm/sudo_list.html b/templates/jperm/sudo_list.html index 6dde473a7..9335119a1 100644 --- a/templates/jperm/sudo_list.html +++ b/templates/jperm/sudo_list.html @@ -67,9 +67,9 @@ {{ group.name }} {{ group.dept.name }} {{ group.id | member_count }} - {{ group.id | ugrp_perm_agrp_count }} - {{ group.id | ugrp_perm_asset_count }} - {{ group.id | sudo_cmd_count }} + {{ group.id | ugrp_sudo_agrp_count }} + {{ group.id | ugrp_sudo_asset_count }} + {{ group.id | sudo_cmd_count }} {{ group.comment }} sudo授权 diff --git a/templates/upload.html b/templates/upload.html index c2a19ebcb..a235d11b2 100644 --- a/templates/upload.html +++ b/templates/upload.html @@ -56,7 +56,7 @@ uploadMultiple: true, parallelUploads: 100, maxFiles: 100, - url: '/upload/', + url: '/file/upload/', // Dropzone settings init: function() {