From bd2d7ce0077ea3221c936c99cf70cd0f0701d0c0 Mon Sep 17 00:00:00 2001 From: halcyon <864072399@qq.com> Date: Sat, 18 Apr 2015 18:04:03 +0800 Subject: [PATCH] hehe --- jasset/views.py | 37 ++++++++++++++++++++++--------------- jumpserver/api.py | 19 ++++++++----------- log_handler.py | 2 +- 3 files changed, 31 insertions(+), 27 deletions(-) diff --git a/jasset/views.py b/jasset/views.py index 430bf0a6f..d1c304691 100644 --- a/jasset/views.py +++ b/jasset/views.py @@ -140,6 +140,7 @@ def batch_host_edit(host_info, j_user='', j_password=''): def db_host_delete(request, host_id): """ 删除主机操作 """ + print host_id if is_group_admin(request) and not validate(request, asset=[host_id]): return httperror(request, '删除失败, 您无权删除!') @@ -187,10 +188,16 @@ def host_add(request): j_group = request.POST.getlist('j_group') j_active = request.POST.get('j_active') j_comment = request.POST.get('j_comment') - j_dept = request.POST.getlist('j_dept') - host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment] - if is_group_admin(request) and not verify(request, asset_group=j_group, edept=j_dept): + if is_super_user(request): + j_dept = request.POST.getlist('j_dept') + host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment] + elif is_group_admin(request): + j_dept = request.POST.get('j_dept') + host_info = [j_ip, j_port, j_idc, j_type, j_group, [j_dept], j_active, j_comment] + + if is_group_admin(request) and not validate(request, asset_group=j_group, edept=[j_dept]): + print j_dept return httperror(request, u'添加失败,您无权操作!') if Asset.objects.filter(ip=str(j_ip)): @@ -251,7 +258,7 @@ def host_add_batch(request): return httperror(request, '添加失败, 没有%s这个部门' % dept_name) dept_ids.append(dept_id) - if is_group_admin(request) and not verify(request, asset_group=group_ids, edept=dept_ids): + if is_group_admin(request) and not validate(request, asset_group=group_ids, edept=dept_ids): return httperror(request, '添加失败, 没有%s这个主机组' % group_name) if Asset.objects.filter(ip=str(j_ip)): @@ -349,7 +356,7 @@ def host_list(request): if is_common_user(request): return httperror(request, u'您无权查看!') - elif is_group_admin(request) and not verify(request, user_group=[gid]): + elif is_group_admin(request) and not validate(request, user_group=[gid]): return httperror(request, u'您无权查看!') posts = [] @@ -368,7 +375,7 @@ def host_list(request): if is_common_user(request): return httperror(request, u'您无权查看!') - elif is_group_admin(request) and not verify(request, user_group=[sid]): + elif is_group_admin(request) and not validate(request, user_group=[sid]): return httperror(request, u'您无权查看!') posts, asset_groups = [], [] @@ -499,7 +506,7 @@ def host_edit_adm(request): host_info = [j_ip, j_port, j_idc, j_type, j_group, j_dept, j_active, j_comment] - if not verify(request, asset_group=j_group, edept=j_dept): + if not validate(request, asset_group=j_group, edept=j_dept): emg = u'修改失败,您无权操作!' return my_render('jasset/host_edit.html', locals(), request) @@ -526,7 +533,7 @@ def host_detail(request): return httperror(request, '没有此主机!') post = post.first() - if is_group_admin(request) and not verify(request, asset=[host_id]): + if is_group_admin(request) and not validate(request, asset=[host_id]): return httperror(request, '您无权查看!') elif is_common_user(request): @@ -670,7 +677,7 @@ def group_add(request): j_comment = request.POST.get('j_comment', '') try: - if is_group_admin(request) and not verify(request, asset=j_hosts, edept=[j_dept]): + if is_group_admin(request) and not validate(request, asset=j_hosts, edept=[j_dept]): emg = u'添加失败, 您无权操作!' raise RaiseError @@ -705,7 +712,7 @@ def group_list(request): if is_common_user(request): return httperror(request, u'您无权查看!') - elif is_group_admin(request) and not verify(request, user_group=[gid]): + elif is_group_admin(request) and not validate(request, user_group=[gid]): return httperror(request, u'您无权查看!') posts = [] @@ -720,7 +727,7 @@ def group_list(request): if is_common_user(request): return httperror(request, u'您无权查看!') - elif is_group_admin(request) and not verify(request, user_group=[sid]): + elif is_group_admin(request) and not validate(request, user_group=[sid]): return httperror(request, u'您无权查看!') posts = [] @@ -765,7 +772,7 @@ def group_edit(request): dept_id = get_session_user_info(request)[3] eposts = Asset.objects.filter(bis_group=group) - if is_group_admin(request) and not verify(request, asset_group=[group_id]): + if is_group_admin(request) and not validate(request, asset_group=[group_id]): return httperror(request, '编辑失败, 您无权操作!') dept = DEPT.objects.filter(id=group.dept.id) if dept: @@ -808,7 +815,7 @@ def group_detail(request): posts = Asset.objects.filter(bis_group=group).order_by('ip') elif is_group_admin(request): - if not verify(request, asset_group=[group_id]): + if not validate(request, asset_group=[group_id]): return httperror(request, u'您无权查看!') posts = Asset.objects.filter(bis_group=group).filter(dept=dept).order_by('ip') @@ -850,12 +857,12 @@ def group_del(request): for i in range(int(len_list)): key = "id_list[" + str(i) + "]" gid = request.POST.get(key) - if is_group_admin(request) and not verify(request, asset_group=[gid]): + if is_group_admin(request) and not validate(request, asset_group=[gid]): return httperror(request, '删除失败, 您无权删除!') BisGroup.objects.filter(id=gid).delete() else: gid = int(offset) - if is_group_admin(request) and not verify(request, asset_group=[gid]): + if is_group_admin(request) and not validate(request, asset_group=[gid]): return httperror(request, '删除失败, 您无权删除!') BisGroup.objects.filter(id=gid).delete() return HttpResponseRedirect('/jasset/group_list/') diff --git a/jumpserver/api.py b/jumpserver/api.py index 048031312..f549962b9 100644 --- a/jumpserver/api.py +++ b/jumpserver/api.py @@ -416,9 +416,9 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None, if asset: dept_assets = dept.asset_set.all() asset_ids = [] - for asset in dept_assets: - asset_ids.append(str(asset.id)) - + for a in dept_assets: + asset_ids.append(str(a.id)) + print asset, asset_ids if not set(asset).issubset(set(asset_ids)): return False @@ -428,7 +428,6 @@ def validate(request, user_group=None, user=None, asset_group=None, asset=None, def verify(request, user_group=None, user=None, asset_group=None, asset=None, edept=None): dept = get_session_user_dept(request)[1] if edept: - print dept.id, edept[0] if dept.id != int(edept[0]): return False @@ -453,20 +452,18 @@ def verify(request, user_group=None, user=None, asset_group=None, asset=None, ed dept_asset_groups = dept.bisgroup_set.all() asset_group_ids = [] for group in dept_asset_groups: - asset_group_ids.append(group.id) + asset_group_ids.append(str(group.id)) if not set(asset_group).issubset(set(asset_group_ids)): return False if asset: dept_assets = dept.asset_set.all() - assets_id, dept_assets_id = [], [] + asset_ids = [] for a in dept_assets: - dept_assets_id.append(int(a.id)) - for i in asset: - assets_id.append(int(i)) - print assets_id, dept_assets_id - if not set(assets_id).issubset(dept_assets_id): + asset_ids.append(str(a.id)) + print asset, asset_ids + if not set(asset).issubset(set(asset_ids)): return False return True diff --git a/log_handler.py b/log_handler.py index b1ec0fccc..590d77bdb 100755 --- a/log_handler.py +++ b/log_handler.py @@ -16,7 +16,7 @@ from jlog.models import Log def log_hanler(id): log = Log.objects.get(id=id) - pattern = re.compile(r'(\[.*@.*\][\$#].*) | (mysql>.*)') + pattern = re.compile(r'([\[.*@.*\][\$#].* | mysql>.*])') if log: filename = log.log_path if os.path.isfile(filename):