|
1072
by matt.giuca
Renamed scripts to services. |
1 |
#!/usr/bin/python
|
2 |
||
3 |
import os |
|
4 |
import sys |
|
5 |
import logging |
|
6 |
||
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
7 |
import ivle.conf |
|
1080.1.7
by matt.giuca
The new ivle.database.User class is now used in Request and usrmgt, which |
8 |
import ivle.database |
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
9 |
import ivle.chat |
10 |
import ivle.makeuser |
|
|
1072
by matt.giuca
Renamed scripts to services. |
11 |
|
12 |
# usage:
|
|
13 |
# usrmgt-server <port> <magic>
|
|
14 |
||
15 |
# User management operations:
|
|
16 |
# - Create local user
|
|
17 |
# - [Re]Create jail for a user
|
|
18 |
# - Create a svn repository for a user
|
|
19 |
# - create repository
|
|
20 |
# - svn config
|
|
21 |
# - svn auth
|
|
22 |
# - /etc/passwd entry
|
|
23 |
# - Disable a user's account
|
|
24 |
# - Enable a user's account
|
|
25 |
# - Remove a user
|
|
26 |
# - Rebuild svn config
|
|
27 |
# - Rebuild svn auth file
|
|
28 |
# - Rebuild passwd + push to nodes.
|
|
29 |
||
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
30 |
def activate_user(store, props): |
|
1072
by matt.giuca
Renamed scripts to services. |
31 |
"""Create the on-disk stuff for the given user.
|
32 |
Sets the state of the user in the db from pending to enabled.
|
|
33 |
Expected properties:
|
|
34 |
login - the user name for the jail
|
|
35 |
STRING REQUIRED
|
|
36 |
Return Value: None
|
|
37 |
"""
|
|
38 |
||
39 |
os.umask(0022) # Bad, but start_server sets it worse. |
|
40 |
||
41 |
login = props['login'] |
|
42 |
||
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
43 |
# FIXME: check we're pending
|
44 |
||
45 |
# Get the full User object from the db associated with this
|
|
46 |
user = ivle.database.User.get_by_login(store, login) |
|
47 |
||
48 |
# make svn config/auth
|
|
49 |
repopath = os.path.join(ivle.conf.svn_repo_path, 'users', login) |
|
50 |
logging.debug("Creating user's Subversion repository") |
|
51 |
ivle.makeuser.make_svn_repo(repopath, throw_on_error=True) |
|
52 |
||
53 |
rebuild_svn_config(store, props) |
|
54 |
||
55 |
logging.debug("Adding Subversion authentication") |
|
56 |
passwd = ivle.makeuser.make_svn_auth(store, login, |
|
57 |
throw_on_error=True) |
|
58 |
||
59 |
logging.debug("Creating jail") |
|
|
1080.1.19
by me at id
ivle.makeuser.make_jail: Just take an ivle.database.User, rather than some |
60 |
ivle.makeuser.make_jail(user) |
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
61 |
|
62 |
logging.info("Enabling user") |
|
63 |
user.state = u'enabled' |
|
64 |
||
65 |
return {"response": "okay"} |
|
66 |
||
67 |
def rebuild_svn_config(store, props): |
|
|
1072
by matt.giuca
Renamed scripts to services. |
68 |
"""Rebuilds the svn config file
|
69 |
Return value:
|
|
70 |
response (okay, failure)
|
|
71 |
"""
|
|
72 |
try: |
|
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
73 |
ivle.makeuser.rebuild_svn_config(store) |
|
1072
by matt.giuca
Renamed scripts to services. |
74 |
except Exception, e: |
75 |
logging.warning('Rebuild of Subversion authorization config failed!') |
|
76 |
return{'response': 'failure', 'msg': repr(e)} |
|
77 |
||
78 |
return {'response': 'okay'} |
|
79 |
||
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
80 |
def rebuild_svn_group_config(store, props): |
|
1072
by matt.giuca
Renamed scripts to services. |
81 |
"""Rebuilds the svn group config file
|
82 |
Return value:
|
|
83 |
response (okay, failure)
|
|
84 |
"""
|
|
85 |
try: |
|
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
86 |
ivle.makeuser.rebuild_svn_group_config(store) |
|
1072
by matt.giuca
Renamed scripts to services. |
87 |
except Exception, e: |
88 |
logging.warning( |
|
89 |
'Rebuild of Subversion group authorization config failed!') |
|
90 |
return{'response': 'failure', 'msg': repr(e)} |
|
91 |
||
92 |
return {'response': 'okay'} |
|
93 |
||
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
94 |
def create_group_repository(store, props): |
|
1072
by matt.giuca
Renamed scripts to services. |
95 |
"""Creates on disk repository for the given group
|
96 |
Expected properties:
|
|
97 |
subj_short_name, year, semester, groupnm
|
|
98 |
Return value:
|
|
99 |
response (okay, failure)
|
|
100 |
"""
|
|
101 |
||
102 |
subj_short_name = props['subj_short_name'] |
|
103 |
year = props['year'] |
|
104 |
semester = props['semester'] |
|
105 |
groupnm = props['groupnm'] |
|
106 |
||
107 |
namespace = "_".join([subj_short_name, year, semester, groupnm]) |
|
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
108 |
repopath = os.path.join(ivle.conf.svn_repo_path, 'groups', namespace) |
|
1072
by matt.giuca
Renamed scripts to services. |
109 |
logging.debug("Creating Subversion repository %s"%repopath) |
110 |
try: |
|
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
111 |
ivle.makeuser.make_svn_repo(repopath) |
|
1072
by matt.giuca
Renamed scripts to services. |
112 |
except Exception, e: |
113 |
logging.error("Failed to create Subversion repository %s: %s"% |
|
114 |
(repopath,repr(e))) |
|
115 |
return {'response': 'failure', 'msg': repr(e)} |
|
116 |
||
117 |
return {'response': 'okay'} |
|
118 |
||
119 |
actions = { |
|
120 |
'activate_user':activate_user, |
|
121 |
'create_group_repository':create_group_repository, |
|
122 |
'rebuild_svn_config':rebuild_svn_config, |
|
123 |
'rebuild_svn_group_config':rebuild_svn_group_config, |
|
124 |
}
|
|
125 |
||
126 |
def initializer(): |
|
127 |
try: |
|
128 |
pidfile = open('/var/run/usrmgt-server.pid', 'w') |
|
129 |
pidfile.write('%d\n' % os.getpid()) |
|
130 |
pidfile.close() |
|
131 |
except IOError, (errno, strerror): |
|
132 |
print "Couldn't write PID file. IO error(%s): %s" % (errno, strerror) |
|
133 |
sys.exit(1) |
|
134 |
||
135 |
def dispatch(props): |
|
136 |
logging.debug(repr(props)) |
|
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
137 |
|
138 |
store = ivle.database.get_store() |
|
|
1072
by matt.giuca
Renamed scripts to services. |
139 |
action = props.keys()[0] |
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
140 |
res = actions[action](store, props[action]) |
141 |
||
142 |
if res['response'] == 'okay': |
|
143 |
store.commit() |
|
144 |
else: |
|
145 |
store.rollback() |
|
146 |
store.close() |
|
147 |
return res |
|
|
1072
by matt.giuca
Renamed scripts to services. |
148 |
|
149 |
if __name__ == "__main__": |
|
150 |
pid = os.getpid() |
|
151 |
||
152 |
logging.basicConfig(filename="/var/log/usrmgt.log", level=logging.INFO) |
|
153 |
logging.info("Starting usrmgt server on port %d (pid = %d)" % |
|
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
154 |
(ivle.conf.usrmgt_port, pid)) |
|
1072
by matt.giuca
Renamed scripts to services. |
155 |
|
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
156 |
ivle.chat.start_server(ivle.conf.usrmgt_port, ivle.conf.usrmgt_magic, |
157 |
True, dispatch, initializer) |