|
440
by drtomc
usrmgt: move the usrmgt sever to a better place. |
1 |
#!/usr/bin/python
|
2 |
||
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
3 |
import os |
|
440
by drtomc
usrmgt: move the usrmgt sever to a better place. |
4 |
import sys |
|
567
by drtomc
usrmgt: use proper logging. |
5 |
import logging |
|
440
by drtomc
usrmgt: move the usrmgt sever to a better place. |
6 |
|
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
7 |
import conf |
|
473
by drtomc
usrmgt: progress the skeleton a bit further. |
8 |
import common.db |
|
440
by drtomc
usrmgt: move the usrmgt sever to a better place. |
9 |
import common.chat |
10 |
import common.makeuser |
|
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
11 |
import common.studpath |
|
440
by drtomc
usrmgt: move the usrmgt sever to a better place. |
12 |
|
13 |
# usage:
|
|
14 |
# usrmgt-server <port> <magic>
|
|
15 |
||
|
452
by drtomc
usrmgt: checkpoint work on the usrmgt server. |
16 |
# User management operations:
|
17 |
# - Create local user
|
|
18 |
# - [Re]Create jail for a user
|
|
19 |
# - Create a svn repository for a user
|
|
20 |
# - create repository
|
|
21 |
# - svn config
|
|
22 |
# - svn auth
|
|
23 |
# - /etc/passwd entry
|
|
24 |
# - Disable a user's account
|
|
25 |
# - Enable a user's account
|
|
26 |
# - Remove a user
|
|
27 |
# - Rebuild svn config
|
|
28 |
# - Rebuild svn auth file
|
|
29 |
# - Rebuild passwd + push to nodes.
|
|
30 |
||
|
473
by drtomc
usrmgt: progress the skeleton a bit further. |
31 |
def activate_user(props): |
32 |
"""Create the on-disk stuff for the given user.
|
|
33 |
Sets the state of the user in the db from pending to enabled.
|
|
|
454
by drtomc
usrmgt-server: more work. |
34 |
Expected properties:
|
|
473
by drtomc
usrmgt: progress the skeleton a bit further. |
35 |
login - the user name for the jail
|
|
454
by drtomc
usrmgt-server: more work. |
36 |
STRING REQUIRED
|
|
456
by drtomc
usrmgt-server: a bit more work. |
37 |
Return Value: None
|
|
454
by drtomc
usrmgt-server: more work. |
38 |
"""
|
|
456
by drtomc
usrmgt-server: a bit more work. |
39 |
|
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
40 |
os.umask(0022) # Bad, but start_server sets it worse. |
41 |
||
|
473
by drtomc
usrmgt: progress the skeleton a bit further. |
42 |
login = props['login'] |
43 |
||
44 |
db = common.db.DB() |
|
45 |
||
46 |
try: |
|
47 |
||
48 |
# FIXME: check we're pending
|
|
49 |
||
50 |
details = db.get_user(login) |
|
51 |
||
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
52 |
# make svn config/auth
|
53 |
||
|
953
by wagrant
Add users/ to the front of all Subversion repositories, to clear the |
54 |
repopath = os.path.join(conf.svn_repo_path, 'users', login) |
|
937
by wagrant
common.makeuser: Generalise make_svn_repo() to take a path, not a login. |
55 |
logging.debug("Creating user's Subversion repository") |
56 |
common.makeuser.make_svn_repo(repopath, throw_on_error=False) |
|
57 |
||
|
989
by dcoles
Groups: Added userservice/assign_group call. This allows a user with the |
58 |
rebuild_svn_config(props) |
|
937
by wagrant
common.makeuser: Generalise make_svn_repo() to take a path, not a login. |
59 |
|
60 |
logging.debug("Adding Subversion authentication") |
|
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
61 |
passwd = common.makeuser.make_svn_auth(login, throw_on_error=False) |
|
571
by drtomc
usrmgt: improve the logging. Amazing what happens when you actually read |
62 |
logging.debug("passwd: %s" % passwd) |
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
63 |
|
|
571
by drtomc
usrmgt: improve the logging. Amazing what happens when you actually read |
64 |
logging.debug("Creating jail") |
|
767
by mattgiuca
Moved code to create user's jail version of conf.py from usrmgt server |
65 |
common.makeuser.make_jail(login, details.unixid, svn_pass=passwd) |
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
66 |
|
|
571
by drtomc
usrmgt: improve the logging. Amazing what happens when you actually read |
67 |
logging.info("Enabling user") |
|
473
by drtomc
usrmgt: progress the skeleton a bit further. |
68 |
db.update_user(login, state='enabled') |
69 |
||
|
478
by mattgiuca
scripts/usrmgr-server: Renamed actions from dashes to underscores. |
70 |
return {"response": "okay"} |
|
473
by drtomc
usrmgt: progress the skeleton a bit further. |
71 |
|
72 |
finally: |
|
73 |
db.close() |
|
|
440
by drtomc
usrmgt: move the usrmgt sever to a better place. |
74 |
|
|
989
by dcoles
Groups: Added userservice/assign_group call. This allows a user with the |
75 |
def rebuild_svn_config(props): |
76 |
"""Rebuilds the svn config file
|
|
77 |
Return value:
|
|
78 |
response (okay, failure)
|
|
79 |
"""
|
|
80 |
try: |
|
81 |
common.makeuser.rebuild_svn_config() |
|
82 |
except Exception, e: |
|
83 |
logging.warning('Rebuild of Subversion authorization config failed!') |
|
84 |
return{'response': 'failure', 'msg': repr(e)} |
|
85 |
||
86 |
return {'response': 'okay'} |
|
87 |
||
88 |
def rebuild_svn_group_config(props): |
|
89 |
"""Rebuilds the svn group config file
|
|
90 |
Return value:
|
|
91 |
response (okay, failure)
|
|
92 |
"""
|
|
93 |
try: |
|
94 |
common.makeuser.rebuild_svn_group_config() |
|
95 |
except Exception, e: |
|
96 |
logging.warning( |
|
97 |
'Rebuild of Subversion group authorization config failed!') |
|
98 |
return{'response': 'failure', 'msg': repr(e)} |
|
99 |
||
100 |
return {'response': 'okay'} |
|
101 |
||
|
986
by dcoles
Groups: Added userservice/create_group call. You can now create a project in |
102 |
def create_group_repository(props): |
103 |
"""Creates on disk repository for the given group
|
|
104 |
Expected properties:
|
|
105 |
subj_short_name, year, semester, groupnm
|
|
106 |
Return value:
|
|
107 |
response (okay, failure)
|
|
108 |
"""
|
|
109 |
||
110 |
subj_short_name = props['subj_short_name'] |
|
111 |
year = props['year'] |
|
112 |
semester = props['semester'] |
|
113 |
groupnm = props['groupnm'] |
|
114 |
||
115 |
namespace = "_".join([subj_short_name, year, semester, groupnm]) |
|
116 |
repopath = os.path.join(conf.svn_repo_path, 'groups', namespace) |
|
117 |
logging.debug("Creating Subversion repository %s"%repopath) |
|
118 |
try: |
|
119 |
common.makeuser.make_svn_repo(repopath) |
|
120 |
except Exception, e: |
|
121 |
logging.error("Failed to create Subversion repository %s: %s"% |
|
122 |
(repopath,repr(e))) |
|
123 |
return {'response': 'failure', 'msg': repr(e)} |
|
124 |
||
125 |
return {'response': 'okay'} |
|
126 |
||
|
452
by drtomc
usrmgt: checkpoint work on the usrmgt server. |
127 |
actions = { |
|
551
by mattgiuca
userservice/usrmgt-server: Added update_user action to both. |
128 |
'activate_user':activate_user, |
|
986
by dcoles
Groups: Added userservice/create_group call. You can now create a project in |
129 |
'create_group_repository':create_group_repository, |
|
989
by dcoles
Groups: Added userservice/assign_group call. This allows a user with the |
130 |
'rebuild_svn_config':rebuild_svn_config, |
131 |
'rebuild_svn_group_config':rebuild_svn_group_config, |
|
|
452
by drtomc
usrmgt: checkpoint work on the usrmgt server. |
132 |
}
|
133 |
||
|
684
by apeel
Added an initialisor to usrmgt-server which creates a PID file in /var/run. Needed for the /etc/init.d/ script. |
134 |
def initializer(): |
135 |
try: |
|
136 |
pidfile = open('/var/run/usrmgt-server.pid', 'w') |
|
137 |
pidfile.write('%d\n' % os.getpid()) |
|
138 |
pidfile.close() |
|
139 |
except IOError, (errno, strerror): |
|
140 |
print "Couldn't write PID file. IO error(%s): %s" % (errno, strerror) |
|
141 |
sys.exit(1) |
|
142 |
||
|
452
by drtomc
usrmgt: checkpoint work on the usrmgt server. |
143 |
def dispatch(props): |
|
571
by drtomc
usrmgt: improve the logging. Amazing what happens when you actually read |
144 |
logging.debug(repr(props)) |
|
452
by drtomc
usrmgt: checkpoint work on the usrmgt server. |
145 |
action = props.keys()[0] |
146 |
return actions[action](props[action]) |
|
147 |
||
|
440
by drtomc
usrmgt: move the usrmgt sever to a better place. |
148 |
if __name__ == "__main__": |
|
567
by drtomc
usrmgt: use proper logging. |
149 |
pid = os.getpid() |
150 |
||
|
764
by mattgiuca
usrmgt-server: Revert accidental change in previous commit: Logging level set |
151 |
logging.basicConfig(filename="/var/log/usrmgt.log", level=logging.INFO) |
|
973
by wagrant
usrmgt-server: Don't read the port and magic from argv. Use the config |
152 |
logging.info("Starting usrmgt server on port %d (pid = %d)" % |
153 |
(conf.usrmgt_port, pid)) |
|
|
567
by drtomc
usrmgt: use proper logging. |
154 |
|
|
973
by wagrant
usrmgt-server: Don't read the port and magic from argv. Use the config |
155 |
common.chat.start_server(conf.usrmgt_port, conf.usrmgt_magic, True, dispatch, initializer) |