From ca75484eb8d14f93915f7d22366ad529c7ff2da3 Mon Sep 17 00:00:00 2001
From: yumaojun <719118794@qq.com>
Date: Wed, 16 Mar 2016 22:30:39 +0800
Subject: [PATCH] =?UTF-8?q?fix=20(jperm):=20=20=20=E7=BB=9F=E4=B8=80?=
 =?UTF-8?q?=E8=B0=83=E6=95=B4=E7=B3=BB=E7=BB=9F=E7=94=A8=E6=88=B7=20?=
 =?UTF-8?q?=E4=BB=85=E4=BD=BF=E7=94=A8=E7=A7=98=E9=92=A5=E8=BF=9B=E8=A1=8C?=
 =?UTF-8?q?=E9=80=9A=E4=BF=A1=EF=BC=8C=20=E5=B7=B2=E5=AD=98=E5=9C=A8?=
 =?UTF-8?q?=E7=9A=84=E7=94=A8=E6=88=B7=E4=B8=8D=E4=BC=9A=E4=BF=AE=E6=94=B9?=
 =?UTF-8?q?=E5=AF=86=E7=A0=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

1. perm_role_push 模板取消密码选项，但是为了 那么留下秘钥推送可勾选，允许空推送
2. perm_role_add 同上 取消 密码选项
3. perm_role_edit 同上 取消 密码选项
4. views 调整role push add edit 相关视图
5. perm_api，调整 gen_resource，仅支持秘钥认证（是否需要支持密码认证，我觉得没必要，如果需要请提出)

close #100
close #127
---
 jperm/perm_api.py                   |  3 ++-
 jperm/views.py                      |  8 ++++----
 jumpserver.conf                     | 12 ++++++------
 templates/jperm/perm_role_add.html  | 14 +++++++-------
 templates/jperm/perm_role_edit.html | 14 +++++++-------
 templates/jperm/perm_role_push.html | 10 ----------
 6 files changed, 26 insertions(+), 35 deletions(-)

diff --git a/jperm/perm_api.py b/jperm/perm_api.py
index de5cbcdb7..fb020ea07 100644
--- a/jperm/perm_api.py
+++ b/jperm/perm_api.py
@@ -182,8 +182,9 @@ def gen_resource(ob, perm=None):
                 info = {'hostname': asset.hostname,
                         'ip': asset.ip,
                         'port': asset_info.get('port', 22),
+                        'ansible_ssh_private_key_file': role_key,
                         'username': role.name,
-                        'password': CRYPTOR.decrypt(role.password)
+                        # 'password': CRYPTOR.decrypt(role.password)
                        }
 
                 if os.path.isfile(role_key):
diff --git a/jperm/views.py b/jperm/views.py
index b4eb6a1c1..7ff572bcf 100644
--- a/jperm/views.py
+++ b/jperm/views.py
@@ -519,12 +519,12 @@ def perm_role_push(request):
             ret["pass_push"] = task.add_user(role.name)
             ret["key_push"] = task.push_key(role.name, os.path.join(role.key_path, 'id_rsa.pub'))
 
-        # 2. 推送账号密码
-        elif password_push:
-            ret["pass_push"] = task.add_user(role.name, CRYPTOR.decrypt(role.password))
+        # 2. 推送账号密码 <为了安全 系统用户统一使用秘钥进行通信， 不再提供密码方式的推送>
+        # elif password_push:
+        #     ret["pass_push"] = task.add_user(role.name, CRYPTOR.decrypt(role.password))
 
         # 3. 推送sudo配置文件
-        if password_push or key_push:
+        if key_push:
             sudo_list = set([sudo for sudo in role.sudo.all()])  # set(sudo1, sudo2, sudo3)
             if sudo_list:
                 ret['sudo'] = task.push_sudo_file([role], sudo_list)
diff --git a/jumpserver.conf b/jumpserver.conf
index cee5fd8e5..9f16edfc9 100644
--- a/jumpserver.conf
+++ b/jumpserver.conf
@@ -1,6 +1,6 @@
 [base]
-url = http://192.168.244.129
-key = i6k2zeu8x6mncl76
+url = http://192.168.10.165
+key = 941enj9neshd1wes
 ip = 0.0.0.0
 port = 80
 log = debug
@@ -14,9 +14,9 @@ database = jumpserver
 
 [mail]
 mail_enable = 1
-email_host = smtp.exmail.qq.com
-email_port = 25
-email_host_user = noreply@jumpserver.org
-email_host_password = xxxxxxxxxx
+email_host = 
+email_port = 587
+email_host_user = 
+email_host_password = 
 email_use_tls = True
 
diff --git a/templates/jperm/perm_role_add.html b/templates/jperm/perm_role_add.html
index 59ec3b3b6..e2af64104 100644
--- a/templates/jperm/perm_role_add.html
+++ b/templates/jperm/perm_role_add.html
@@ -40,13 +40,13 @@
                                 </div>
                             </div>
                             <div class="hr-line-dashed"></div>
-                            <div class="form-group">
-                                <label for="role_password" class="col-sm-2 control-label">用户密码</label>
-                                <div class="col-sm-8">
-                                    <input id="role_password" name="role_password" placeholder="Role Password" type="password" class="form-control">
-                                    <span class="help-block m-b-none">如果不添加密码，会自动生成</span>
-                                </div>
-                            </div>
+{#                            <div class="form-group">#}
+{#                                <label for="role_password" class="col-sm-2 control-label">用户密码</label>#}
+{#                                <div class="col-sm-8">#}
+{#                                    <input id="role_password" name="role_password" placeholder="Role Password" type="password" class="form-control">#}
+{#                                    <span class="help-block m-b-none">如果不添加密码，会自动生成</span>#}
+{#                                </div>#}
+{#                            </div>#}
                             <div class="form-group">
                                 <label for="role_key" class="col-sm-2 control-label">用户密钥</label>
                                 <div class="col-sm-8">
diff --git a/templates/jperm/perm_role_edit.html b/templates/jperm/perm_role_edit.html
index 420eb300a..00ff59eda 100644
--- a/templates/jperm/perm_role_edit.html
+++ b/templates/jperm/perm_role_edit.html
@@ -40,13 +40,13 @@
                                 </div>
                             </div>
                             <div class="hr-line-dashed"></div>
-                            <div class="form-group">
-                                <label for="role_password" class="col-sm-2 control-label">用户密码</label>
-                                <div class="col-sm-8">
-                                    <input id="role_password" name="role_password" type="password" class="form-control">
-                                    <span class="help-block m-b-none">不修改请留空</span>
-                                </div>
-                            </div>
+{#                            <div class="form-group">#}
+{#                                <label for="role_password" class="col-sm-2 control-label">用户密码</label>#}
+{#                                <div class="col-sm-8">#}
+{#                                    <input id="role_password" name="role_password" type="password" class="form-control">#}
+{#                                    <span class="help-block m-b-none">不修改请留空</span>#}
+{#                                </div>#}
+{#                            </div>#}
                             <div class="hr-line-dashed"></div>
                             <div class="form-group">
                                 <label for="role_key" class="col-sm-2 control-label">用户密钥</label>
diff --git a/templates/jperm/perm_role_push.html b/templates/jperm/perm_role_push.html
index 7e0541cc0..c8dfd0e63 100644
--- a/templates/jperm/perm_role_push.html
+++ b/templates/jperm/perm_role_push.html
@@ -74,16 +74,6 @@
                                         </div>
                                     </div>
                                 </div>
-                                <div class="form-group">
-                                    <label for="j_group" class="col-sm-2 control-label">使用密码</label>
-                                    <div class="col-sm-1">
-                                        <div class="radio i-checks">
-                                            <label>
-                                                <input type="checkbox" value="1" id="use_password" name="use_password">
-                                            </label>
-                                        </div>
-                                    </div>
-                                </div>
                             </div>
                             <div class="hr-line-dashed"></div>
                             <div class="form-group">