Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
gjl2004yn
jumpserver
提交
01e50d59
J
jumpserver
项目概览
gjl2004yn
/
jumpserver
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jumpserver
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
01e50d59
编写于
3月 05, 2017
作者:
baltery
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
完成AdHoc JMSHost JMSInventory
上级
0524e8dd
变更
12
展开全部
隐藏空白更改
内联
并排
Showing
12 changed file
with
300 addition
and
833 deletion
+300
-833
apps/assets/models/asset.py
apps/assets/models/asset.py
+12
-0
apps/assets/models/user.py
apps/assets/models/user.py
+18
-3
apps/ops/api/serializers.py
apps/ops/api/serializers.py
+0
-61
apps/ops/api/views.py
apps/ops/api/views.py
+0
-72
apps/ops/models/__init__.py
apps/ops/models/__init__.py
+0
-2
apps/ops/models/cron.py
apps/ops/models/cron.py
+0
-61
apps/ops/models/sudo.py
apps/ops/models/sudo.py
+0
-321
apps/ops/models/utils.py
apps/ops/models/utils.py
+1
-4
apps/ops/urls/api_urls.py
apps/ops/urls/api_urls.py
+1
-15
apps/ops/urls/view_urls.py
apps/ops/urls/view_urls.py
+0
-12
apps/ops/utils/ansible_api.py
apps/ops/utils/ansible_api.py
+267
-236
apps/ops/views.py
apps/ops/views.py
+1
-46
未找到文件。
apps/assets/models/asset.py
浏览文件 @
01e50d59
...
...
@@ -87,6 +87,18 @@ class Asset(models.Model):
def
to_json
(
self
):
pass
def
_to_secret_json
(
self
):
"""Ansible use it create inventory"""
return
{
'hostname'
:
self
.
hostname
,
'ip'
:
self
.
ip
,
'port'
:
self
.
port
,
'groups'
:
[
group
.
name
for
group
in
self
.
groups
.
all
()],
'username'
:
self
.
admin_user
.
username
,
'password'
:
self
.
admin_user
.
password
,
'private_key'
:
self
.
admin_user
.
private_key
,
}
class
Meta
:
unique_together
=
(
'ip'
,
'port'
)
...
...
apps/assets/models/user.py
浏览文件 @
01e50d59
...
...
@@ -9,7 +9,7 @@ import logging
from
django.utils.translation
import
ugettext_lazy
as
_
from
django.core.exceptions
import
ValidationError
from
common.utils
import
signer
,
validate_ssh_private_key
from
common.utils
import
signer
,
validate_ssh_private_key
,
ssh_key_string_to_obj
__all__
=
[
'AdminUser'
,
'SystemUser'
,
'private_key_validator'
]
logger
=
logging
.
getLogger
(
__name__
)
...
...
@@ -24,12 +24,20 @@ def private_key_validator(value):
class
AdminUser
(
models
.
Model
):
BECOME_METHOD_CHOICES
=
(
(
'sudo'
,
'sudo'
),
(
'su'
,
'su'
),
)
name
=
models
.
CharField
(
max_length
=
128
,
unique
=
True
,
verbose_name
=
_
(
'Name'
))
username
=
models
.
CharField
(
max_length
=
16
,
verbose_name
=
_
(
'Username'
))
_password
=
models
.
CharField
(
max_length
=
256
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Password'
))
_private_key
=
models
.
CharField
(
max_length
=
4096
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'SSH private key'
),
validators
=
[
private_key_validator
,])
_public_key
=
models
.
CharField
(
max_length
=
4096
,
blank
=
True
,
verbose_name
=
_
(
'SSH public key'
))
become
=
models
.
BooleanField
(
default
=
True
)
become_method
=
models
.
CharField
(
choices
=
BECOME_METHOD_CHOICES
,
default
=
'sudo'
,
max_length
=
4
)
become_user
=
models
.
CharField
(
default
=
'root'
,
max_length
=
64
)
become_password
=
models
.
CharField
(
default
=
''
,
max_length
=
128
)
comment
=
models
.
TextField
(
blank
=
True
,
verbose_name
=
_
(
'Comment'
))
date_created
=
models
.
DateTimeField
(
auto_now_add
=
True
,
null
=
True
)
created_by
=
models
.
CharField
(
max_length
=
32
,
null
=
True
,
verbose_name
=
_
(
'Created by'
))
...
...
@@ -41,7 +49,10 @@ class AdminUser(models.Model):
@
property
def
password
(
self
):
return
signer
.
unsign
(
self
.
_password
)
if
self
.
_password
:
return
signer
.
unsign
(
self
.
_password
)
else
:
return
''
@
password
.
setter
def
password
(
self
,
password_raw
):
...
...
@@ -49,7 +60,11 @@ class AdminUser(models.Model):
@
property
def
private_key
(
self
):
return
signer
.
unsign
(
self
.
_private_key
)
if
self
.
_private_key
:
key_str
=
signer
.
unsign
(
self
.
_private_key
)
return
ssh_key_string_to_obj
(
key_str
)
else
:
return
None
@
private_key
.
setter
def
private_key
(
self
,
private_key_raw
):
...
...
apps/ops/api/serializers.py
浏览文件 @
01e50d59
# ~*~ coding: utf-8 ~*~
from
__future__
import
unicode_literals
from
ops.models
import
*
from
rest_framework
import
serializers
class
HostAliaSerializer
(
serializers
.
ModelSerializer
):
class
Meta
:
model
=
HostAlia
class
CmdAliaSerializer
(
serializers
.
ModelSerializer
):
class
Meta
:
model
=
CmdAlia
class
UserAliaSerializer
(
serializers
.
ModelSerializer
):
class
Meta
:
model
=
UserAlia
class
RunasAliaSerializer
(
serializers
.
ModelSerializer
):
class
Meta
:
model
=
RunasAlia
class
ExtraconfSerializer
(
serializers
.
ModelSerializer
):
class
Meta
:
model
=
Extra_conf
class
PrivilegeSerializer
(
serializers
.
ModelSerializer
):
class
Meta
:
model
=
Privilege
class
SudoSerializer
(
serializers
.
ModelSerializer
):
class
Meta
:
model
=
Sudo
class
CronTableSerializer
(
serializers
.
ModelSerializer
):
class
Meta
:
model
=
CronTable
class
TaskSerializer
(
serializers
.
ModelSerializer
):
sub_tasks
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
read_only
=
True
)
class
Meta
:
model
=
Task
read_only_fields
=
(
'record'
,)
class
SubTaskSerializer
(
serializers
.
ModelSerializer
):
class
Meta
:
model
=
SubTask
apps/ops/api/views.py
浏览文件 @
01e50d59
...
...
@@ -5,75 +5,3 @@ from rest_framework import viewsets
from
serializers
import
*
from
permissions
import
*
__all__
=
[
"HostAliaViewSet"
,
"CmdAliaViewSet"
,
"UserAliaViewSet"
,
"RunasAliaViewSet"
,
"ExtraconfViewSet"
,
"PrivilegeViewSet"
,
"SudoViewSet"
,
"CronTableViewSet"
,
"TaskViewSet"
,
"SubTaskViewSet"
,
]
class
HostAliaViewSet
(
viewsets
.
ModelViewSet
):
queryset
=
HostAlia
.
objects
.
all
()
serializer_class
=
HostAliaSerializer
permission_classes
=
(
AdminUserRequired
,)
class
CmdAliaViewSet
(
viewsets
.
ModelViewSet
):
queryset
=
CmdAlia
.
objects
.
all
()
serializer_class
=
CmdAliaSerializer
permission_classes
=
(
AdminUserRequired
,)
class
UserAliaViewSet
(
viewsets
.
ModelViewSet
):
queryset
=
UserAlia
.
objects
.
all
()
serializer_class
=
UserAliaSerializer
permission_classes
=
(
AdminUserRequired
,)
class
RunasAliaViewSet
(
viewsets
.
ModelViewSet
):
queryset
=
RunasAlia
.
objects
.
all
()
serializer_class
=
RunasAliaSerializer
permission_classes
=
(
AdminUserRequired
,)
class
ExtraconfViewSet
(
viewsets
.
ModelViewSet
):
queryset
=
Extra_conf
.
objects
.
all
()
serializer_class
=
ExtraconfSerializer
permission_classes
=
(
AdminUserRequired
,)
class
PrivilegeViewSet
(
viewsets
.
ModelViewSet
):
queryset
=
Privilege
.
objects
.
all
()
serializer_class
=
PrivilegeSerializer
permission_classes
=
(
AdminUserRequired
,)
class
SudoViewSet
(
viewsets
.
ModelViewSet
):
queryset
=
Sudo
.
objects
.
all
()
serializer_class
=
SudoSerializer
permission_classes
=
(
AdminUserRequired
,)
class
CronTableViewSet
(
viewsets
.
ModelViewSet
):
queryset
=
CronTable
.
objects
.
all
()
serializer_class
=
CronTableSerializer
permission_classes
=
(
AdminUserRequired
,)
class
TaskViewSet
(
viewsets
.
ModelViewSet
):
queryset
=
Task
.
objects
.
all
()
serializer_class
=
TaskSerializer
permission_classes
=
(
AdminUserRequired
,)
class
SubTaskViewSet
(
viewsets
.
ModelViewSet
):
queryset
=
SubTask
.
objects
.
all
()
serializer_class
=
SubTaskSerializer
permission_classes
=
(
AdminUserRequired
,)
apps/ops/models/__init__.py
浏览文件 @
01e50d59
from
ansible
import
*
from
cron
import
*
from
sudo
import
*
from
utils
import
*
from
task
import
*
apps/ops/models/cron.py
已删除
100644 → 0
浏览文件 @
0524e8dd
# ~*~ coding: utf-8 ~*~
from
__future__
import
unicode_literals
,
absolute_import
import
logging
from
django.db
import
models
from
assets.models
import
Asset
from
django.utils.translation
import
ugettext_lazy
as
_
logger
=
logging
.
getLogger
(
__name__
)
__all__
=
[
"CronTable"
]
class
CronTable
(
models
.
Model
):
name
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
unique
=
True
,
verbose_name
=
_
(
'Name'
),
help_text
=
_
(
"Description of a crontab entry"
))
month
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Month'
),
help_text
=
_
(
"Month of the year the job should run ( 1-12, *, */2, etc )"
))
weekday
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'WeekDay'
),
help_text
=
_
(
"Day of the week that the job should run"
" ( 0-6 for Sunday-Saturday, *, etc )"
))
day
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Day'
),
help_text
=
_
(
"Day of the month the job should run ( 1-31, *, */2, etc )"
))
hour
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Hour'
),
help_text
=
_
(
"Hour when the job should run ( 0-23, *, */2, etc )"
))
minute
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Minute'
),
help_text
=
_
(
"Minute when the job should run ( 0-59, *, */2, etc )"
))
job
=
models
.
CharField
(
max_length
=
4096
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Job'
),
help_text
=
_
(
"The command to execute or, if env is set, the value of "
"environment variable. Required if state=present."
))
user
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'User'
),
help_text
=
_
(
"The specific user whose crontab should be modified."
))
asset
=
models
.
ForeignKey
(
Asset
,
null
=
True
,
blank
=
True
,
related_name
=
'crontables'
)
@
property
def
describe
(
self
):
return
"http://docs.ansible.com/ansible/cron_module.html"
@
classmethod
def
generate_fake
(
cls
,
count
=
20
):
from
random
import
seed
,
choice
import
forgery_py
seed
()
for
i
in
range
(
count
):
cron
=
cls
(
name
=
forgery_py
.
name
.
full_name
(),
month
=
str
(
choice
(
range
(
1
,
13
))),
weekday
=
str
(
choice
(
range
(
0
,
7
))),
day
=
str
(
choice
(
range
(
1
,
32
))),
hour
=
str
(
choice
(
range
(
0
,
24
))),
minute
=
str
(
choice
(
range
(
0
,
60
))),
job
=
forgery_py
.
lorem_ipsum
.
sentence
(),
user
=
forgery_py
.
name
.
first_name
(),
)
try
:
cron
.
save
()
logger
.
debug
(
'Generate fake cron: %s'
%
cron
.
name
)
except
Exception
as
e
:
print
(
'Error: %s, continue...'
%
e
.
message
)
continue
\ No newline at end of file
apps/ops/models/sudo.py
已删除
100644 → 0
浏览文件 @
0524e8dd
# ~*~ coding: utf-8 ~*~
from
__future__
import
unicode_literals
,
absolute_import
import
logging
from
jinja2
import
Template
from
django.db
import
models
from
django.utils.timezone
import
now
from
assets.models
import
Asset
,
AssetGroup
from
django.utils.translation
import
ugettext_lazy
as
_
logger
=
logging
.
getLogger
(
__name__
)
__all__
=
[
"HostAlia"
,
"UserAlia"
,
"CmdAlia"
,
"RunasAlia"
,
"Privilege"
,
"Extra_conf"
,
"Sudo"
]
class
HostAlia
(
models
.
Model
):
name
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
unique
=
True
,
verbose_name
=
_
(
'Host_Alias'
))
host_items
=
models
.
TextField
(
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Host_Items'
))
def
__unicode__
(
self
):
return
self
.
name
@
classmethod
def
generate_fake
(
cls
,
count
=
20
):
from
random
import
seed
import
forgery_py
seed
()
for
i
in
range
(
count
):
hostA
=
cls
(
name
=
forgery_py
.
name
.
full_name
(),
host_items
=
forgery_py
.
lorem_ipsum
.
sentence
(),
)
try
:
hostA
.
save
()
logger
.
debug
(
'Generate fake host alia: %s'
%
hostA
.
name
)
except
Exception
as
e
:
print
(
'Error: %s, continue...'
%
e
.
message
)
continue
class
UserAlia
(
models
.
Model
):
name
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
unique
=
True
,
verbose_name
=
_
(
'User_Alias'
))
user_items
=
models
.
TextField
(
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Host_Items'
))
def
__unicode__
(
self
):
return
self
.
name
@
classmethod
def
generate_fake
(
cls
,
count
=
20
):
from
random
import
seed
import
forgery_py
seed
()
for
i
in
range
(
count
):
userA
=
cls
(
name
=
forgery_py
.
name
.
full_name
(),
user_items
=
forgery_py
.
lorem_ipsum
.
sentence
(),
)
try
:
userA
.
save
()
logger
.
debug
(
'Generate fake host alia: %s'
%
userA
.
name
)
except
Exception
as
e
:
print
(
'Error: %s, continue...'
%
e
.
message
)
continue
class
CmdAlia
(
models
.
Model
):
name
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
unique
=
True
,
verbose_name
=
_
(
'Command_Alias'
))
cmd_items
=
models
.
TextField
(
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Host_Items'
))
def
__unicode__
(
self
):
return
self
.
name
@
classmethod
def
generate_fake
(
cls
,
count
=
20
):
from
random
import
seed
import
forgery_py
seed
()
for
i
in
range
(
count
):
cmdA
=
cls
(
name
=
forgery_py
.
name
.
full_name
(),
cmd_items
=
forgery_py
.
lorem_ipsum
.
sentence
(),
)
try
:
cmdA
.
save
()
logger
.
debug
(
'Generate fake command alia: %s'
%
cmdA
.
name
)
except
Exception
as
e
:
print
(
'Error: %s, continue...'
%
e
.
message
)
continue
class
RunasAlia
(
models
.
Model
):
name
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
null
=
True
,
unique
=
True
,
verbose_name
=
_
(
'Runas_Alias'
))
runas_items
=
models
.
TextField
(
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Host_Items'
))
def
__unicode__
(
self
):
return
self
.
name
@
classmethod
def
generate_fake
(
cls
,
count
=
20
):
from
random
import
seed
import
forgery_py
seed
()
for
i
in
range
(
count
):
runas
=
cls
(
name
=
forgery_py
.
name
.
full_name
(),
runas_items
=
forgery_py
.
lorem_ipsum
.
sentence
(),
)
try
:
runas
.
save
()
logger
.
debug
(
'Generate fake RunAs alia: %s'
%
runas
.
name
)
except
Exception
as
e
:
print
(
'Error: %s, continue...'
%
e
.
message
)
continue
class
Privilege
(
models
.
Model
):
name
=
models
.
CharField
(
max_length
=
128
,
unique
=
True
,
verbose_name
=
_
(
'Name'
))
user
=
models
.
ForeignKey
(
UserAlia
,
blank
=
True
,
null
=
True
,
related_name
=
'privileges'
)
host
=
models
.
ForeignKey
(
HostAlia
,
blank
=
True
,
null
=
True
,
related_name
=
'privileges'
)
runas
=
models
.
ForeignKey
(
RunasAlia
,
blank
=
True
,
null
=
True
,
related_name
=
'privileges'
)
command
=
models
.
ForeignKey
(
CmdAlia
,
blank
=
True
,
null
=
True
,
related_name
=
'privileges'
)
nopassword
=
models
.
BooleanField
(
default
=
True
,
verbose_name
=
_
(
'Is_NoPassword'
))
comment
=
models
.
TextField
(
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Comment'
))
def
__unicode__
(
self
):
return
"[%s %s %s %s %s]"
%
(
self
.
user
.
name
,
self
.
host
.
name
,
self
.
runas
.
name
,
self
.
command
.
name
,
self
.
nopassword
)
def
to_tuple
(
self
):
return
self
.
user
.
name
,
self
.
host
.
name
,
self
.
runas
.
name
,
self
.
command
.
name
,
self
.
nopassword
@
classmethod
def
generate_fake
(
cls
,
count
=
20
):
from
random
import
seed
,
choice
import
forgery_py
seed
()
for
i
in
range
(
count
):
pri
=
cls
(
name
=
forgery_py
.
name
.
full_name
(),
comment
=
forgery_py
.
lorem_ipsum
.
sentence
(),
)
try
:
pri
.
user
=
choice
(
UserAlia
.
objects
.
all
())
pri
.
host
=
choice
(
HostAlia
.
objects
.
all
())
pri
.
runas
=
choice
(
RunasAlia
.
objects
.
all
())
pri
.
command
=
choice
(
CmdAlia
.
objects
.
all
())
pri
.
save
()
logger
.
debug
(
'Generate fake privileges: %s'
%
pri
.
name
)
except
Exception
as
e
:
print
(
'Error: %s, continue...'
%
e
.
message
)
continue
class
Extra_conf
(
models
.
Model
):
line
=
models
.
TextField
(
blank
=
True
,
null
=
True
,
verbose_name
=
_
(
'Extra_Item'
),
help_text
=
_
(
'The extra sudo config line.'
))
def
__unicode__
(
self
):
return
self
.
line
class
Sudo
(
models
.
Model
):
"""
Sudo配置文件对象, 用于配置sudo的配置文件
:param extra_lines: <list> [<line1>, <line2>,...]
:param privileges: <list> [(user, host, runas, command, nopassword),]
"""
name
=
models
.
CharField
(
max_length
=
128
,
unique
=
True
,
verbose_name
=
_
(
'Name'
),
help_text
=
_
(
'Name for this sudo'
))
created_time
=
models
.
DateTimeField
(
verbose_name
=
_
(
'Created Time'
),
auto_created
=
True
,
help_text
=
_
(
'The create time of this sudo'
))
modify_time
=
models
.
DateTimeField
(
auto_now
=
True
,
verbose_name
=
_
(
'Modify Time'
),
help_text
=
_
(
'The recent modify time of this sudo'
))
assets
=
models
.
ManyToManyField
(
Asset
,
blank
=
True
,
related_name
=
'sudos'
)
asset_groups
=
models
.
ManyToManyField
(
AssetGroup
,
blank
=
True
,
related_name
=
'sudos'
)
extra_lines
=
models
.
ManyToManyField
(
Extra_conf
,
related_name
=
'sudos'
,
blank
=
True
)
privilege_items
=
models
.
ManyToManyField
(
Privilege
,
related_name
=
'sudos'
,
blank
=
True
)
@
property
def
all_assets
(
self
):
assets
=
list
(
self
.
assets
.
all
())
for
group
in
self
.
asset_groups
.
all
():
for
asset
in
group
.
assets
.
all
():
if
asset
not
in
assets
:
assets
.
append
(
asset
)
return
assets
@
property
def
users
(
self
):
return
{
privilege
.
user
.
name
:
privilege
.
user
.
user_items
.
split
(
','
)
for
privilege
in
self
.
privilege_items
.
all
()}
@
property
def
commands
(
self
):
return
{
privilege
.
command
.
name
:
privilege
.
command
.
cmd_items
.
split
(
','
)
for
privilege
in
self
.
privilege_items
.
all
()}
@
property
def
hosts
(
self
):
return
{
privilege
.
host
.
name
:
privilege
.
host
.
host_items
.
split
(
','
)
for
privilege
in
self
.
privilege_items
.
all
()}
@
property
def
runas
(
self
):
return
{
privilege
.
runas
.
name
:
privilege
.
runas
.
runas_items
.
split
(
','
)
for
privilege
in
self
.
privilege_items
.
all
()}
@
property
def
extras
(
self
):
return
[
extra
.
line
for
extra
in
self
.
extra_lines
.
all
()]
@
property
def
privileges
(
self
):
return
[
privilege
.
to_tuple
()
for
privilege
in
self
.
privilege_items
.
all
()]
@
property
def
content
(
self
):
template
=
Template
(
self
.
__sudoers_jinja2_tmp__
)
context
=
{
"User_Alias"
:
self
.
users
,
"Cmnd_Alias"
:
self
.
commands
,
"Host_Alias"
:
self
.
hosts
,
"Runas_Alias"
:
self
.
runas
,
"Extra_Lines"
:
self
.
extras
,
"Privileges"
:
self
.
privileges
}
return
template
.
render
(
context
)
@
property
def
__sudoers_jinja2_tmp__
(
self
):
return
"""# management by JumpServer
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# JumpServer Generate Other Configure is here
{% if Extra_Lines -%}
{% for line in Extra_Lines -%}
{{ line }}
{% endfor %}
{%- endif %}
# Host alias specification
{% if Host_Alias -%}
{% for flag, items in Host_Alias.iteritems() -%}
Host_Alias {{ flag }} = {{ items|join(', ') }}
{% endfor %}
{%- endif %}
# User alias specification
{% if User_Alias -%}
{% for flag, items in User_Alias.iteritems() -%}
User_Alias {{ flag }} = {{ items|join(', ') }}
{% endfor %}
{%- endif %}
# Cmnd alias specification
{% if Cmnd_Alias -%}
{% for flag, items in Cmnd_Alias.iteritems() -%}
Cmnd_Alias {{ flag }} = {{ items|join(', ') }}
{% endfor %}
{%- endif %}
# Run as alias specification
{% if Runas_Alias -%}
{% for flag, items in Runas_Alias.iteritems() -%}
Runas_Alias {{ flag }} = {{ items|join(', ') }}
{% endfor %}
{%- endif %}
# User privilege specification
root ALL=(ALL:ALL) ALL
# JumpServer Generate User privilege is here.
# Note privileges is a tuple list like [(user, host, runas, command, nopassword),]
{% if Privileges -%}
{% for User_Flag, Host_Flag, Runas_Flag, Command_Flag, NopassWord in Privileges -%}
{% if NopassWord -%}
{{ User_Flag }} {{ Host_Flag }}=({{ Runas_Flag }}) NOPASSWD: {{ Command_Flag }}
{%- else -%}
{{ User_Flag }} {{ Host_Flag }}=({{ Runas_Flag }}) {{ Command_Flag }}
{%- endif %}
{% endfor %}
{%- endif %}
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
"""
@
classmethod
def
generate_fake
(
cls
,
count
=
20
):
from
random
import
seed
,
choice
import
forgery_py
seed
()
for
i
in
range
(
count
):
sudo
=
cls
(
name
=
forgery_py
.
name
.
full_name
(),
created_time
=
now
()
)
try
:
sudo
.
save
()
sudo
.
privilege_items
=
[
choice
(
Privilege
.
objects
.
all
())]
sudo
.
save
()
logger
.
debug
(
'Generate fake cron: %s'
%
sudo
.
name
)
except
Exception
as
e
:
print
(
'Error: %s, continue...'
%
e
.
message
)
continue
\ No newline at end of file
apps/ops/models/utils.py
浏览文件 @
01e50d59
...
...
@@ -2,13 +2,10 @@
from
__future__
import
unicode_literals
from
ansible
import
*
from
cron
import
*
from
sudo
import
*
__all__
=
[
"generate_fake"
]
def
generate_fake
():
for
cls
in
(
TaskRecord
,
AnsiblePlay
,
AnsibleTask
,
AnsibleHostResult
,
CronTable
,
HostAlia
,
UserAlia
,
CmdAlia
,
RunasAlia
,
Privilege
,
Sudo
):
for
cls
in
(
TaskRecord
,
AnsiblePlay
,
AnsibleTask
,
AnsibleHostResult
):
cls
.
generate_fake
()
\ No newline at end of file
apps/ops/urls/api_urls.py
浏览文件 @
01e50d59
...
...
@@ -2,20 +2,6 @@
from
__future__
import
unicode_literals
from
rest_framework.routers
import
DefaultRouter
from
ops
import
api
as
v1_api
__all__
=
[
"urlpatterns"
]
api_router
=
DefaultRouter
()
api_router
.
register
(
r
'v1/host_alia'
,
v1_api
.
HostAliaViewSet
)
api_router
.
register
(
r
'v1/user_alia'
,
v1_api
.
UserAliaViewSet
)
api_router
.
register
(
r
'v1/cmd_alia'
,
v1_api
.
CmdAliaViewSet
)
api_router
.
register
(
r
'v1/runas_alia'
,
v1_api
.
RunasAliaViewSet
)
api_router
.
register
(
r
'v1/extra_conf'
,
v1_api
.
ExtraconfViewSet
)
api_router
.
register
(
r
'v1/privilege'
,
v1_api
.
PrivilegeViewSet
)
api_router
.
register
(
r
'v1/sudo'
,
v1_api
.
SudoViewSet
)
api_router
.
register
(
r
'v1/cron'
,
v1_api
.
CronTableViewSet
)
api_router
.
register
(
r
'v1/task'
,
v1_api
.
TaskViewSet
)
api_router
.
register
(
r
'v1/subtask'
,
v1_api
.
SubTaskViewSet
)
urlpatterns
=
api_router
.
urls
\ No newline at end of file
urlpatterns
=
[]
\ No newline at end of file
apps/ops/urls/view_urls.py
浏览文件 @
01e50d59
...
...
@@ -8,18 +8,6 @@ from ops import views as page_view
__all__
=
[
"urlpatterns"
]
urlpatterns
=
[
# Resource Sudo url
url
(
r
'^sudo/list$'
,
page_view
.
SudoListView
.
as_view
(),
name
=
'page-sudo-list'
),
url
(
r
'^sudo/create$'
,
page_view
.
SudoCreateView
.
as_view
(),
name
=
'page-sudo-create'
),
url
(
r
'^sudo/(?P<pk>[0-9]+)/detail$'
,
page_view
.
SudoDetailView
.
as_view
(),
name
=
'page-sudo-detail'
),
url
(
r
'^sudo/(?P<pk>[0-9]+)/update$'
,
page_view
.
SudoUpdateView
.
as_view
(),
name
=
'page-sudo-update'
),
# Resource Cron url
url
(
r
'^cron/list$'
,
page_view
.
CronListView
.
as_view
(),
name
=
'page-cron-list'
),
url
(
r
'^cron/create$'
,
page_view
.
CronCreateView
.
as_view
(),
name
=
'page-cron-create'
),
url
(
r
'^cron/(?P<pk>[0-9]+)/detail$'
,
page_view
.
CronDetailView
.
as_view
(),
name
=
'page-cron-detail'
),
url
(
r
'^cron/(?P<pk>[0-9]+)/update$'
,
page_view
.
CronUpdateView
.
as_view
(),
name
=
'page-cron-update'
),
# TResource Task url
url
(
r
'^task/list$'
,
page_view
.
TaskListView
.
as_view
(),
name
=
'page-task-list'
),
url
(
r
'^task/create$'
,
page_view
.
TaskCreateView
.
as_view
(),
name
=
'page-task-create'
),
...
...
apps/ops/utils/ansible_api.py
浏览文件 @
01e50d59
此差异已折叠。
点击以展开。
apps/ops/views.py
浏览文件 @
01e50d59
...
...
@@ -8,54 +8,9 @@ from django.views.generic.detail import DetailView, SingleObjectMixin
from
users.utils
import
AdminUserRequiredMixin
from
ops.utils.mixins
import
CreateSudoPrivilegesMixin
,
ListSudoPrivilegesMixin
from
ops.models
import
*
from
.models
import
Task
class
SudoListView
(
AdminUserRequiredMixin
,
ListSudoPrivilegesMixin
,
ListView
):
paginate_by
=
settings
.
CONFIG
.
DISPLAY_PER_PAGE
model
=
Sudo
context_object_name
=
'sudos'
template_name
=
'sudo/list.html'
class
SudoCreateView
(
AdminUserRequiredMixin
,
CreateSudoPrivilegesMixin
,
CreateView
):
model
=
Sudo
template_name
=
'sudo/create.html'
class
SudoUpdateView
(
AdminUserRequiredMixin
,
UpdateView
):
model
=
Sudo
template_name
=
'sudo/update.html'
class
SudoDetailView
(
DetailView
):
model
=
Sudo
context_object_name
=
'sudo'
template_name
=
'sudo/detail.html'
class
CronListView
(
AdminUserRequiredMixin
,
ListView
):
paginate_by
=
settings
.
CONFIG
.
DISPLAY_PER_PAGE
model
=
CronTable
context_object_name
=
'crons'
template_name
=
'cron/list.html'
class
CronCreateView
(
AdminUserRequiredMixin
,
CreateView
):
model
=
CronTable
template_name
=
'cron/create.html'
class
CronUpdateView
(
AdminUserRequiredMixin
,
UpdateView
):
model
=
CronTable
template_name
=
'cron/update.html'
class
CronDetailView
(
DetailView
):
model
=
CronTable
context_object_name
=
'cron'
template_name
=
'cron/detail.html'
class
TaskListView
(
AdminUserRequiredMixin
,
ListView
):
paginate_by
=
settings
.
CONFIG
.
DISPLAY_PER_PAGE
model
=
Task
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录