From a864c382383140d54d89dd7d92f3d914f8b23f18 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=B4=AB=E5=B7=9D=E7=A7=80?= <719118794@qq.com>
Date: Wed, 16 Nov 2016 10:10:04 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dsudo=E5=88=AB=E5=90=8D?=
 =?UTF-8?q?=E5=8F=96=E6=B6=88=E5=90=8E=E4=B8=8D=E5=9B=9E=E6=94=B6bug=20(#3?=
 =?UTF-8?q?22)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 jperm/ansible_api.py | 11 +++++++++++
 jperm/views.py       |  2 ++
 2 files changed, 13 insertions(+)

diff --git a/jperm/ansible_api.py b/jperm/ansible_api.py
index b51b29c61..f07a212ff 100644
--- a/jperm/ansible_api.py
+++ b/jperm/ansible_api.py
@@ -409,6 +409,17 @@ class MyTask(MyRunner):
         self.run("script", module_args1, become=True)
         return self.results
 
+    def recyle_cmd_alias(self, role_name):
+        """
+        recyle sudo cmd alias
+        :return:
+        """
+        if role_name == 'root':
+            return {"status": "failed", "msg": "can't recyle root privileges"}
+        module_args = "sed -i 's/^%s.*//' /etc/sudoers" % role_name
+        self.run("command", module_args, become=True)
+        return self.results
+
 
 class CustomAggregateStats(callbacks.AggregateStats):
     """                                                                             
diff --git a/jperm/views.py b/jperm/views.py
index 6d31a4bf6..d943a084a 100644
--- a/jperm/views.py
+++ b/jperm/views.py
@@ -533,6 +533,8 @@ def perm_role_push(request):
             sudo_list = set([sudo for sudo in role.sudo.all()])  # set(sudo1, sudo2, sudo3)
             if sudo_list:
                 ret['sudo'] = task.push_sudo_file([role], sudo_list)
+            else:
+                ret['sudo'] = task.recyle_cmd_alias(role.name)
 
         logger.debug('推送role结果: %s' % ret)
         success_asset = {}