From c113035d3da0de2de689a991004bcfc65e38040a Mon Sep 17 00:00:00 2001
From: guanghongwei <hongwei.guang@yolu-inc.com>
Date: Fri, 6 Feb 2015 18:39:20 +0800
Subject: [PATCH] sudo perm

---
 jperm/models.py        | 22 +++++++++++++++++-
 jumpserver/settings.py |  2 +-
 jumpserver/views.py    | 52 +++++++++++++++++++++++++++++++++++++++++
 juser/views.py         | 53 +-----------------------------------------
 4 files changed, 75 insertions(+), 54 deletions(-)

diff --git a/jperm/models.py b/jperm/models.py
index 75a4081f2..2232689cc 100644
--- a/jperm/models.py
+++ b/jperm/models.py
@@ -8,4 +8,24 @@ class Perm(models.Model):
     asset_group = models.ForeignKey(BisGroup)
 
     def __unicode__(self):
-        return '%s_%s' % (self.user_group.name, self.asset_group.name)
\ No newline at end of file
+        return '%s_%s' % (self.user_group.name, self.asset_group.name)
+
+
+class CMD(models.Model):
+    cmd = models.CharField(max_length=200)
+
+
+class CmdGroup(models.Model):
+    name = models.CharField(max_length=50)
+    cmd = models.ForeignKey(CMD)
+    comment = models.CharField(blank=True, null=True, max_length=50)
+
+
+class SudoPerm(models.Model):
+    user = models.CharField(max_length=100)
+    is_user_group = models.BooleanField(default=False)
+    asset = models.CharField(max_length=100)
+    is_asset_group = models.BooleanField(default=False)
+    cmd = models.CharField(max_length=200)
+    is_cmd_group = models.BooleanField(default=False)
+
diff --git a/jumpserver/settings.py b/jumpserver/settings.py
index 2a20aab9d..f935e347b 100644
--- a/jumpserver/settings.py
+++ b/jumpserver/settings.py
@@ -34,7 +34,7 @@ DEBUG = True
 
 TEMPLATE_DEBUG = True
 
-ALLOWED_HOSTS = []
+ALLOWED_HOSTS = ['0.0.0.0/8']
 
 
 # Application definition
diff --git a/jumpserver/views.py b/jumpserver/views.py
index 3349d8f49..b47035043 100644
--- a/jumpserver/views.py
+++ b/jumpserver/views.py
@@ -1,6 +1,8 @@
 #coding: utf-8
 
 import hashlib
+import ldap
+from ldap import modlist
 
 from django.http import HttpResponse
 from django.shortcuts import render_to_response
@@ -99,3 +101,53 @@ def logout(request):
     request.session.delete()
     return HttpResponseRedirect('/login/')
 
+
+class LDAPMgmt():
+    def __init__(self,
+                 host_url,
+                 base_dn,
+                 root_cn,
+                 root_pw):
+        self.ldap_host = host_url
+        self.ldap_base_dn = base_dn
+        self.conn = ldap.initialize(host_url)
+        self.conn.set_option(ldap.OPT_REFERRALS, 0)
+        self.conn.protocol_version = ldap.VERSION3
+        self.conn.simple_bind_s(root_cn, root_pw)
+
+    def list(self, filter, scope=ldap.SCOPE_SUBTREE, attr=None):
+        result = {}
+        try:
+            ldap_result = self.conn.search_s(self.ldap_base_dn, scope, filter, attr)
+            for entry in ldap_result:
+                name, data = entry
+                for k, v in data.items():
+                    print '%s: %s' % (k, v)
+                    result[k] = v
+            return result
+        except ldap.LDAPError, e:
+            print e
+
+    def add(self, dn, attrs):
+        try:
+            ldif = modlist.addModlist(attrs)
+            self.conn.add_s(dn, ldif)
+        except ldap.LDAPError, e:
+            print e
+
+    def modify(self, dn, attrs):
+        try:
+            attr_s = []
+            for k, v in attrs.items():
+                attr_s.append((2, k, v))
+            self.conn.modify_s(dn, attr_s)
+        except ldap.LDAPError, e:
+            print e
+
+    def delete(self, dn):
+        try:
+            self.conn.delete_s(dn)
+        except ldap.LDAPError, e:
+            print e
+
+
diff --git a/juser/views.py b/juser/views.py
index be12c67dc..933a0dca3 100644
--- a/juser/views.py
+++ b/juser/views.py
@@ -6,8 +6,6 @@ import time
 import os
 import random
 import subprocess
-import ldap
-from ldap import modlist
 from Crypto.PublicKey import RSA
 import crypt
 from django.http import HttpResponseRedirect
@@ -22,7 +20,7 @@ from juser.models import UserGroup, User
 from connect import PyCrypt, KEY
 from connect import BASE_DIR
 from connect import CONF
-from jumpserver.views import md5_crypt
+from jumpserver.views import md5_crypt,LDAPMgmt
 
 
 CRYPTOR = PyCrypt(KEY)
@@ -59,55 +57,6 @@ class AddError(Exception):
     pass
 
 
-class LDAPMgmt():
-    def __init__(self,
-                 host_url,
-                 base_dn,
-                 root_cn,
-                 root_pw):
-        self.ldap_host = host_url
-        self.ldap_base_dn = base_dn
-        self.conn = ldap.initialize(host_url)
-        self.conn.set_option(ldap.OPT_REFERRALS, 0)
-        self.conn.protocol_version = ldap.VERSION3
-        self.conn.simple_bind_s(root_cn, root_pw)
-
-    def list(self, filter, scope=ldap.SCOPE_SUBTREE, attr=None):
-        result = {}
-        try:
-            ldap_result = self.conn.search_s(self.ldap_base_dn, scope, filter, attr)
-            for entry in ldap_result:
-                name, data = entry
-                for k, v in data.items():
-                    print '%s: %s' % (k, v)
-                    result[k] = v
-            return result
-        except ldap.LDAPError, e:
-            print e
-
-    def add(self, dn, attrs):
-        try:
-            ldif = modlist.addModlist(attrs)
-            self.conn.add_s(dn, ldif)
-        except ldap.LDAPError, e:
-            print e
-
-    def modify(self, dn, attrs):
-        try:
-            attr_s = []
-            for k, v in attrs.items():
-                attr_s.append((2, k, v))
-            self.conn.modify_s(dn, attr_s)
-        except ldap.LDAPError, e:
-            print e
-
-    def delete(self, dn):
-        try:
-            self.conn.delete_s(dn)
-        except ldap.LDAPError, e:
-            print e
-
-
 def gen_sha512(salt, password):
     return crypt.crypt(password, '$6$%s$' % salt)