diff --git a/jasset/views.py b/jasset/views.py index 64d5b848c..a33c6cfa9 100644 --- a/jasset/views.py +++ b/jasset/views.py @@ -13,9 +13,7 @@ from juser.models import UserGroup, DEPT from connect import PyCrypt, KEY from jlog.models import Log from jumpserver.views import jasset_host_edit, pages -from jumpserver.api import asset_perm_api, validate -from jumpserver.api import require_login, require_super_user, \ - require_admin, is_group_admin, is_super_user, is_common_user, get_user_dept +from jumpserver.api import * cryptor = PyCrypt(KEY) @@ -201,7 +199,11 @@ def list_host(request): contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) elif is_common_user(request): - pass + user_id = request.session.get('user_id') + username = User.objects.get(id=user_id).name + posts = user_perm_asset_api(username) + contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) + print posts, username return render_to_response('jasset/host_list.html', locals(), context_instance=RequestContext(request)) @@ -212,6 +214,7 @@ def host_del(request, offset): for i in range(int(len_list)): key = "id_list[" + str(i) + "]" jid = request.POST.get(key) + print jid if is_group_admin(request) and not validate(request, asset=[jid]): emg = u'删除失败,您无权操作!' return HttpResponseRedirect('/jasset/host_list/') diff --git a/jlog/views.py b/jlog/views.py index 59a448b93..33d32b83c 100644 --- a/jlog/views.py +++ b/jlog/views.py @@ -45,7 +45,12 @@ def log_list_online(request): contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) elif is_common_user(request): - posts = Log.objects.filter(is_finished=0).filter(user=username).order_by('-start_time') + if keyword: + posts = Log.objects.filter(user=username).filter(Q(user__contains=keyword) | Q(host__contains=keyword))\ + .filter(is_finished=0).order_by('-start_time') + else: + posts = Log.objects.filter(is_finished=0).filter(user=username).order_by('-start_time') + contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return render_to_response('jlog/log_online.html', locals(), context_instance=RequestContext(request)) @@ -75,8 +80,12 @@ def log_list_offline(request): contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) elif is_common_user(request): - posts = Log.objects.filter(is_finished=1).filter(user=username).order_by('-start_time') - + if keyword: + posts = Log.objects.filter(user=username).filter(Q(user__contains=keyword) | Q(host__contains=keyword))\ + .filter(is_finished=1).order_by('-start_time') + else: + posts = Log.objects.filter(is_finished=1).filter(user=username).order_by('-start_time') + contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return render_to_response('jlog/log_offline.html', locals(), context_instance=RequestContext(request)) @@ -105,6 +114,8 @@ def log_search(request): env = request.GET.get('env') dept_id = get_user_dept(request) dept_name = DEPT.objects.get(id=dept_id).name + user_id = request.session.get('user_id') + username = User.objects.get(id=user_id).username if is_super_user(request): if env == 'online': posts = contact_list = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \ @@ -122,4 +133,13 @@ def log_search(request): posts = contact_list = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \ .filter(is_finished=1).filter(dept_name=dept_name).order_by('-start_time') contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) + + elif is_common_user(request): + if env == 'online': + posts = contact_list = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \ + .filter(is_finished=0).filter(user=username).order_by('-start_time') + elif env == 'offline': + posts = contact_list = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \ + .filter(is_finished=1).filter(user=username).order_by('-start_time') + contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) return render_to_response('jlog/log_search.html', locals(), context_instance=RequestContext(request)) diff --git a/jperm/models.py b/jperm/models.py index 624df9743..6cfcceb76 100644 --- a/jperm/models.py +++ b/jperm/models.py @@ -1,3 +1,5 @@ +import datetime + from django.db import models from juser.models import UserGroup, DEPT from jasset.models import Asset, BisGroup @@ -30,4 +32,18 @@ class SudoPerm(models.Model): comment = models.CharField(max_length=30, null=True, blank=True) def __unicode__(self): - return self.name \ No newline at end of file + return self.name + + +class Apply(models.Model): + applyer = models.CharField(max_length=20) + approver = models.CharField(max_length=20) + dept = models.CharField(max_length=20) + bisgroup = models.CharField(max_length=500) + asset = models.CharField(max_length=500) + comment = models.TextField(blank=True, null=True) + date_add = models.DateTimeField(default=datetime.datetime.now(), null=True) + date_end = models.DateTimeField(null=True) + + def __unicode__(self): + return self.applyer diff --git a/jperm/urls.py b/jperm/urls.py index 624f0bcca..9a840afe4 100644 --- a/jperm/urls.py +++ b/jperm/urls.py @@ -24,4 +24,6 @@ urlpatterns = patterns('jperm.views', (r'^cmd_list/$', 'cmd_list'), (r'^cmd_del/$', 'cmd_del'), (r'^cmd_edit/$', 'cmd_edit'), + (r'^apply/$', 'perm_apply'), + (r'^apply/online/$', 'perm_apply_log'), ) diff --git a/jperm/views.py b/jperm/views.py index 99a39f33b..0308af278 100644 --- a/jperm/views.py +++ b/jperm/views.py @@ -5,7 +5,7 @@ from django.http import HttpResponseRedirect, HttpResponse from django.template import RequestContext from juser.models import User, UserGroup, DEPT from jasset.models import Asset, BisGroup -from jperm.models import Perm, SudoPerm, CmdGroup +from jperm.models import Perm, SudoPerm, CmdGroup, Apply from django.core.paginator import Paginator, EmptyPage, InvalidPage from django.db.models import Q from jumpserver.views import LDAP_ENABLE, ldap_conn, CONF, page_list_return, pages @@ -525,3 +525,60 @@ def cmd_del(request): if cmd_group: cmd_group[0].delete() return HttpResponseRedirect('/jperm/cmd_list/') + + +@require_login +def perm_apply(request): + header_title, path1, path2 = u'主机权限申请', u'权限管理', u'申请主机' + user_id = request.session.get('user_id') + username = User.objects.get(id=user_id).username + dept_id = get_user_dept(request) + deptname = DEPT.objects.get(id=dept_id).name + dept = DEPT.objects.get(id=dept_id) + posts = Asset.objects.filter(dept=dept) + egroup = dept.bisgroup_set.all() + + if request.method == 'POST': + applyer = request.POST.get('applyer') + dept = request.POST.get('dept') + group = request.POST.getlist('group') + hosts = request.POST.getlist('hosts') + comment = request.POST.get('comment') + + Apply.objects.create(applyer=applyer, dept=dept, bisgroup=group, asset=hosts, comment=comment) + print applyer, dept, group, hosts, comment + return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request)) + return render_to_response('jperm/perm_apply.html', locals(), context_instance=RequestContext(request)) + + +def perm_apply_log(request): + header_title, path1, path2 = u'权限申请记录', u'权限管理', u'申请记录' + keyword = request.GET.get('keyword') + dept_id = get_user_dept(request) + dept_name = DEPT.objects.get(id=dept_id).name + user_id = request.session.get('user_id') + username = User.objects.get(id=user_id).username + if is_super_user(request): + if keyword: + posts = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \ + .filter(is_finished=1).order_by('-start_time') + else: + posts = Log.objects.filter(is_finished=1).order_by('-start_time') + contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) + + elif is_group_admin(request): + if keyword: + posts = Log.objects.filter(Q(user__contains=keyword) | Q(host__contains=keyword)) \ + .filter(is_finished=1).filter(dept_name=dept_name).order_by('-start_time') + else: + posts = Log.objects.filter(is_finished=1).filter(dept_name=dept_name).order_by('-start_time') + contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) + + elif is_common_user(request): + if keyword: + posts = Apply.objects.filter(applyer=username).filter(Q(applyer__contains=keyword) | Q(asset__contains=keyword))\ + .order_by('-date_add') + else: + posts = Apply.objects.filter(applyer=username).order_by('-date_add') + contact_list, p, contacts, page_range, current_page, show_first, show_end = pages(posts, request) + return render_to_response('jperm/perm_log.html', locals(), context_instance=RequestContext(request)) diff --git a/templates/jasset/host_list.html b/templates/jasset/host_list.html index cb75b3c3d..c57546abf 100644 --- a/templates/jasset/host_list.html +++ b/templates/jasset/host_list.html @@ -76,8 +76,10 @@ {{ post.comment }} 详情 - 编辑 - 删除 + {% ifnotequal session_role_id 0 %} + 编辑 + 删除 + {% endifnotequal %} {% endfor %} diff --git a/templates/jlog/log_offline.html b/templates/jlog/log_offline.html index 970f8ac6d..c859024d0 100644 --- a/templates/jlog/log_offline.html +++ b/templates/jlog/log_offline.html @@ -80,7 +80,9 @@ 所属部门 登录主机 来源IP - 命令统计 + {% ifnotequal session_role_id 0 %} + 命令统计 + {% endifnotequal %} 登录时间 结束时间 @@ -93,7 +95,9 @@ {{ post.dept_name }} {{ post.host }} {{ post.remote_ip }} - 命令统计 + {% ifnotequal session_role_id 0 %} + 命令统计 + {% endifnotequal %} {{ post.start_time|date:"Y-m-d H:i:s"}} {{ post.end_time|date:"Y-m-d H:i:s" }} diff --git a/templates/jlog/log_online.html b/templates/jlog/log_online.html index 6945e60b3..c63408ac2 100644 --- a/templates/jlog/log_online.html +++ b/templates/jlog/log_online.html @@ -80,8 +80,10 @@ 所属部门 登录主机 来源IP - 实时监控 - 阻断 + {% ifnotequal session_role_id 0 %} + 实时监控 + 阻断 + {% endifnotequal %} 登录时间 @@ -93,8 +95,10 @@ {{ post.dept_name }} {{ post.host }} {{ post.remote_ip }} - 监控 - + {% ifnotequal session_role_id 0 %} + 监控 + + {% endifnotequal %} {{ post.start_time|date:"Y-m-d H:i:s" }} {% endfor %} diff --git a/templates/jlog/user_history.html b/templates/jlog/user_history.html new file mode 100644 index 000000000..4e166b52e --- /dev/null +++ b/templates/jlog/user_history.html @@ -0,0 +1,163 @@ +{% extends 'base.html' %} +{% block content %} +{% include 'nav_cat_bar.html' %} + + +
+
+
+
+
+
用户{{ username }}日志详细信息列表
+
+ + + + + + + + + + +
+
+ +
+
+
    +
  • + +
    • +
+
+
+
+ + + + + + + + + + + + + + + {% for post in contacts.object_list %} + + + + + + + + + + {% endfor %} + +
用户名 所属部门 登录主机 来源IP 登录时间 结束时间
{{ post.user }} {{ post.dept_name }} {{ post.host }} {{ post.remote_ip }} {{ post.start_time|date:"Y-m-d H:i:s"}} {{ post.end_time|date:"Y-m-d H:i:s" }}
+
+
+
+ {% include 'paginator.html' %} +
+
+
+
+
+
+
+ + +{##} + +{% endblock %} \ No newline at end of file diff --git a/templates/jperm/perm_apply.html b/templates/jperm/perm_apply.html new file mode 100644 index 000000000..181e176cf --- /dev/null +++ b/templates/jperm/perm_apply.html @@ -0,0 +1,127 @@ +{% extends 'base.html' %} +{% block content %} +{% include 'nav_cat_bar.html' %} + +
+
+
+
+
+
填写要申请主机的基本信息
+
+ + + + + + + + + + +
+
+ +
+ {% if emg %} +
{{ emg }}
+ {% endif %} + {% if smg %} +
{{ smg }}
+ {% endif %} +
+ {% csrf_token %} +
+
+
+ +
+
+
+
+ + +
+
+ +
+ +
+
+ +
+
+
+ +
+ +
+ +
+ +
+
+
+ + +
+
+
+

已选中主机

+
+ +
+
+
+
+ + +
+
+
+
+ +
+
+
+ +
+
+
+
+
+
+
+
+ +{% endblock content %} \ No newline at end of file diff --git a/templates/jperm/perm_log.html b/templates/jperm/perm_log.html new file mode 100644 index 000000000..3b71002e6 --- /dev/null +++ b/templates/jperm/perm_log.html @@ -0,0 +1,93 @@ +{% extends 'base.html' %} +{% block content %} +{% include 'nav_cat_bar.html' %} +
+
+
+
+
+
用户权限申请详细信息列表
+
+ + + + + + + + + + +
+
+ +
+
+ +
+
+
+ + + + + + + + + + + + + + + {% for post in contacts.object_list %} + + + + + + + + + + + + + {% endfor %} + +
申请人 所属部门 申请主机组 申请主机 申请时间 批准时间 备注
{{ post.applyer }} {{ post.dept }} {{ post.bisgroup }} {{ post.asset }} {{ post.date_add|date:"Y-m-d H:i:s"}} {{ post.date_end|date:"Y-m-d H:i:s" }} {{ post.comment }}
+
+
+
+ {% include 'paginator.html' %} +
+
+
+
+
+
+
+ +{% endblock %} \ No newline at end of file diff --git a/templates/nav.html b/templates/nav.html index b3aecd104..93cb66523 100644 --- a/templates/nav.html +++ b/templates/nav.html @@ -137,14 +137,18 @@
  • 个人信息
    • -
  • - 查看主机 +
  • + 查看主机
    • -
  • - 申请主机 +
  • + 权限申请 +
    • -
  • - 登录历史 +
  • + 登录历史