diff --git a/apps/applications/api.py b/apps/applications/api.py index 9cc75ca8a26a45263359ae81ceca30aed8f75e4a..75487bbba311bbf7024d111517341d430b481008 100644 --- a/apps/applications/api.py +++ b/apps/applications/api.py @@ -6,7 +6,7 @@ from django.core.cache import cache from django.conf import settings from django.utils import timezone import copy -from rest_framework.generics import ListCreateAPIView, RetrieveUpdateDestroyAPIView +from rest_framework.generics import ListCreateAPIView from rest_framework import viewsets from rest_framework.views import APIView, Response from rest_framework.permissions import AllowAny @@ -15,7 +15,8 @@ from rest_framework.decorators import api_view from .models import Terminal, TerminalHeatbeat from .serializers import TerminalSerializer, TerminalHeatbeatSerializer -from .hands import IsSuperUserOrAppUser, IsAppUser, User, ProxyLog +from .hands import IsSuperUserOrAppUser, IsAppUser, ProxyLog, \ + IsSuperUserOrAppUserOrUserReadonly from common.utils import get_object_or_none @@ -55,7 +56,7 @@ class TerminalRegisterView(ListCreateAPIView): class TerminalViewSet(viewsets.ModelViewSet): queryset = Terminal.objects.all() serializer_class = TerminalSerializer - permission_classes = (IsSuperUserOrAppUser,) + permission_classes = (IsSuperUserOrAppUserOrUserReadonly,) def create(self, request, *args, **kwargs): return Response({'msg': 'Use register view except that'}, status=404) @@ -102,5 +103,4 @@ class TerminateConnectionView(APIView): tasks[terminal_id] = [{'name': 'kill_proxy', 'proxy_log_id': proxy_log_id}] - print(tasks) return Response({'msg': 'get it'}) diff --git a/apps/applications/hands.py b/apps/applications/hands.py index cf5b643dac558f376650bc52474d6e399d6015d4..23a93691d73a86acdd7377027fe8250c1fbb0858 100644 --- a/apps/applications/hands.py +++ b/apps/applications/hands.py @@ -2,5 +2,7 @@ # from users.models import User -from users.permissions import IsSuperUserOrAppUser, IsAppUser -from audits.models import ProxyLog \ No newline at end of file +from users.permissions import IsSuperUserOrAppUser, IsAppUser, \ + IsSuperUserOrAppUserOrUserReadonly +from audits.models import ProxyLog +from users.utils import AdminUserRequiredMixin \ No newline at end of file diff --git a/apps/applications/templates/applications/terminal_list.html b/apps/applications/templates/applications/terminal_list.html index 9574d72d5a2f4ad492b06af2e20a629906c00d78..b6cb70635316e334f8958f1353f6bf20d20ac120 100644 --- a/apps/applications/templates/applications/terminal_list.html +++ b/apps/applications/templates/applications/terminal_list.html @@ -68,19 +68,20 @@ $(document).ready(function(){ } }}, {targets: 7, createdCell: function (td, cellData, rowData) { - console.log(rowData.name); var update_btn = '{% trans "Update" %}' .replace('99991937', cellData); - var delete_btn = '{% trans "Delete" %}' + var delete_btn = '{% trans "Delete" %}' .replace('99991937', cellData) .replace('99991938', rowData.name); var accept_btn = '{% trans "Accept" %} ' .replace('99991937', cellData); - var reject_btn = '{% trans "Reject" %}' + var reject_btn = '{% trans "Reject" %}' .replace('99991937', cellData) .replace('99991938', rowData.name); + var connect_btn = '{% trans "Connect" %} ' + .replace('99991937', cellData); if (rowData.is_accepted) { - $(td).html(update_btn + delete_btn) + $(td).html(connect_btn + update_btn + delete_btn) } else { $(td).html(accept_btn + reject_btn) } @@ -105,11 +106,11 @@ $(document).ready(function(){ $form.ajaxSubmit({success: success}); }) -}).on('click', '.btn_delete', function(){ +}).on('click', '.btn-del', function(){ var $this = $(this); - var uid = $this.data('uid'); + var id = $this.data('id'); var name = $(this).data('name'); - var the_url = '{% url "api-applications:terminal-detail" pk=99991937 %}'.replace('99991937', uid); + var the_url = '{% url "api-applications:terminal-detail" pk=99991937 %}'.replace('99991937', id); objectDelete($this, name, the_url) }).on('click', '.btn-accept', function () { @@ -133,6 +134,10 @@ $(document).ready(function(){ $('#modal_terminal_accept').modal({ show: true }); +}).on('click', '.btn-connect', function () { + var $this = $(this); + var id = $this.data('id'); + console.log(id) }) {% endblock %} diff --git a/apps/applications/urls/views_urls.py b/apps/applications/urls/views_urls.py index 717234aa30da0552deaafb7213e4d443930285f9..4f7dcdb910c182c8b0bebc003321d8d9b5838dae 100644 --- a/apps/applications/urls/views_urls.py +++ b/apps/applications/urls/views_urls.py @@ -9,9 +9,11 @@ from .. import views app_name = 'applications' urlpatterns = [ - url(r'^terminal$', views.TerminalListView.as_view(), name='terminal-list'), + url(r'^terminal/$', views.TerminalListView.as_view(), name='terminal-list'), url(r'^terminal/(?P\d+)/$', views.TerminalDetailView.as_view(), name='terminal-detail'), + url(r'^terminal/(?P\d+)/connect/$', views.TerminalConnectView.as_view(), + name='terminal-connect'), url(r'^terminal/(?P\d+)/update$', views.TerminalUpdateView.as_view(), name='terminal-update'), url(r'^terminal/(?P\d+)/modal/accept$', views.TerminalModelAccept.as_view(), diff --git a/apps/applications/views.py b/apps/applications/views.py index dcf1f182c5ca23202272241763f78fdf84cb52a0..1cd70a86534272676665defc4e5aba43422f9d4d 100644 --- a/apps/applications/views.py +++ b/apps/applications/views.py @@ -1,18 +1,19 @@ # ~*~ coding: utf-8 ~*~ # -from django.views.generic import ListView, UpdateView, DeleteView, DetailView -from django.views.generic.edit import BaseUpdateView +from django.views.generic import ListView, UpdateView, DeleteView, \ + DetailView, TemplateView +from django.contrib.auth.mixins import LoginRequiredMixin from django.utils.translation import ugettext as _ -from django.urls import reverse_lazy +from django.urls import reverse_lazy, reverse -from .models import Terminal -from users.utils import AdminUserRequiredMixin from common.mixins import JSONResponseMixin +from .models import Terminal from .forms import TerminalForm +from .hands import AdminUserRequiredMixin -class TerminalListView(ListView): +class TerminalListView(LoginRequiredMixin, ListView): model = Terminal template_name = 'applications/terminal_list.html' form_class = TerminalForm @@ -27,11 +28,11 @@ class TerminalListView(ListView): return context -class TerminalUpdateView(UpdateView): +class TerminalUpdateView(AdminUserRequiredMixin, UpdateView): model = Terminal form_class = TerminalForm template_name = 'applications/terminal_update.html' - success_url = reverse_lazy('applications:applications-list') + success_url = reverse_lazy('applications:terminal-list') def get_context_data(self, **kwargs): context = super(TerminalUpdateView, self).get_context_data(**kwargs) @@ -39,7 +40,7 @@ class TerminalUpdateView(UpdateView): return context -class TerminalDetailView(DetailView): +class TerminalDetailView(LoginRequiredMixin, DetailView): model = Terminal template_name = 'applications/terminal_detail.html' context_object_name = 'terminal' @@ -53,7 +54,7 @@ class TerminalDetailView(DetailView): return context -class TerminalDeleteView(DeleteView): +class TerminalDeleteView(AdminUserRequiredMixin, DeleteView): model = Terminal template_name = 'assets/delete_confirm.html' success_url = reverse_lazy('applications:applications-list') @@ -88,3 +89,26 @@ class TerminalModelAccept(AdminUserRequiredMixin, JSONResponseMixin, UpdateView) return self.render_json_response(data) +class TerminalConnectView(LoginRequiredMixin, DetailView): + template_name = 'flash_message_standalone.html' + model = Terminal + + def get_context_data(self, **kwargs): + if self.object.type == 'Web': + context = { + 'title': _('Redirect to web terminal'), + 'messages': _('Redirect to web terminal: {}'.format(self.object.url)), + 'auto_redirect': True, + 'interval': 3, + 'redirect_url': self.object.url + } + else: + context = { + 'title': _('Connect ssh terminal'), + 'messages': _('You should use your ssh client tools ' + 'connect terminal: {}

' + '{}'.format(self.object.name, self.object.url)), + } + + kwargs.update(context) + return super(TerminalConnectView, self).get_context_data(**kwargs) diff --git a/apps/assets/hands.py b/apps/assets/hands.py index 61d432db2591eae56ac7207084a27045d4a48e54..a504019e5458f1d52eab76c301dc388435eafed6 100644 --- a/apps/assets/hands.py +++ b/apps/assets/hands.py @@ -6,7 +6,7 @@ Other module of this app shouldn't connect with other app. - :copyright: (c) 2014-2016 by Jumpserver Team. + :copyright: (c) 2014-2017 by Jumpserver Team. :license: GPL v2, see LICENSE for more details. """ diff --git a/apps/assets/templates/assets/asset_detail.html b/apps/assets/templates/assets/asset_detail.html index 9878e1f0dcd9b40d6b7229ac2ff878af0616ce41..ee75e3e986e9304b6ac7b81a9e4baf4287356bd8 100644 --- a/apps/assets/templates/assets/asset_detail.html +++ b/apps/assets/templates/assets/asset_detail.html @@ -16,11 +16,13 @@
@@ -134,6 +136,7 @@
+ {% if user.is_superuser %}
@@ -222,6 +225,7 @@
+ {% endif %}
diff --git a/apps/assets/views.py b/apps/assets/views.py index f71285efb85ddf1bbce513b76a84a8ea56ac1a3c..1e112405d5255474fc0657af6ebdf207ac582c33 100644 --- a/apps/assets/views.py +++ b/apps/assets/views.py @@ -125,7 +125,7 @@ class AssetUpdateView(AdminUserRequiredMixin, UpdateView): return super(AssetUpdateView, self).form_invalid(form) -class AssetDeleteView(DeleteView): +class AssetDeleteView(AdminUserRequiredMixin, DeleteView): model = Asset template_name = 'assets/delete_confirm.html' success_url = reverse_lazy('assets:asset-list') diff --git a/apps/templates/_nav_user.html b/apps/templates/_nav_user.html index 48d7be8b15ba9d6d696b481eb24c98d7da951d0e..77206f1c2f975bf957612f818df285a9d39a3abc 100644 --- a/apps/templates/_nav_user.html +++ b/apps/templates/_nav_user.html @@ -15,7 +15,7 @@
  • - + {% trans 'Terminal' %}
    • diff --git a/apps/templates/flash_message_standalone.html b/apps/templates/flash_message_standalone.html index e7cb481f7eaaca4e0e881885f695e2657e20196b..c5d489b5f2d07f8de6e76cff8795efa12b738045 100644 --- a/apps/templates/flash_message_standalone.html +++ b/apps/templates/flash_message_standalone.html @@ -34,7 +34,7 @@ {% if messages %}

    - {{ messages }} + {{ messages|safe }}

    {% endif %} @@ -52,16 +52,21 @@ Copyright Jumpserver.org
    - 2014-2016 + 2014-2017