|
1072
by matt.giuca
Renamed scripts to services. |
1 |
#!/usr/bin/python
|
2 |
||
3 |
import os |
|
4 |
import sys |
|
5 |
import logging |
|
6 |
||
|
1203
by William Grant
Give get_store() a config in usrmgt-server as well. |
7 |
import ivle.config |
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
8 |
import ivle.conf |
|
1080.1.7
by matt.giuca
The new ivle.database.User class is now used in Request and usrmgt, which |
9 |
import ivle.database |
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
10 |
import ivle.chat |
11 |
import ivle.makeuser |
|
|
1072
by matt.giuca
Renamed scripts to services. |
12 |
|
13 |
# usage:
|
|
14 |
# usrmgt-server <port> <magic>
|
|
15 |
||
16 |
# User management operations:
|
|
17 |
# - Create local user
|
|
18 |
# - [Re]Create jail for a user
|
|
19 |
# - Create a svn repository for a user
|
|
20 |
# - create repository
|
|
21 |
# - svn config
|
|
22 |
# - svn auth
|
|
23 |
# - /etc/passwd entry
|
|
24 |
# - Disable a user's account
|
|
25 |
# - Enable a user's account
|
|
26 |
# - Remove a user
|
|
27 |
# - Rebuild svn config
|
|
28 |
# - Rebuild svn auth file
|
|
29 |
# - Rebuild passwd + push to nodes.
|
|
30 |
||
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
31 |
def activate_user(store, props): |
|
1072
by matt.giuca
Renamed scripts to services. |
32 |
"""Create the on-disk stuff for the given user.
|
33 |
Sets the state of the user in the db from pending to enabled.
|
|
34 |
Expected properties:
|
|
35 |
login - the user name for the jail
|
|
36 |
STRING REQUIRED
|
|
37 |
Return Value: None
|
|
38 |
"""
|
|
39 |
||
40 |
os.umask(0022) # Bad, but start_server sets it worse. |
|
41 |
||
42 |
login = props['login'] |
|
43 |
||
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
44 |
# FIXME: check we're pending
|
45 |
||
46 |
# Get the full User object from the db associated with this
|
|
47 |
user = ivle.database.User.get_by_login(store, login) |
|
48 |
||
49 |
# make svn config/auth
|
|
50 |
repopath = os.path.join(ivle.conf.svn_repo_path, 'users', login) |
|
51 |
logging.debug("Creating user's Subversion repository") |
|
52 |
ivle.makeuser.make_svn_repo(repopath, throw_on_error=True) |
|
53 |
||
54 |
rebuild_svn_config(store, props) |
|
55 |
||
56 |
logging.debug("Adding Subversion authentication") |
|
57 |
passwd = ivle.makeuser.make_svn_auth(store, login, |
|
58 |
throw_on_error=True) |
|
59 |
||
60 |
logging.debug("Creating jail") |
|
|
1080.1.19
by me at id
ivle.makeuser.make_jail: Just take an ivle.database.User, rather than some |
61 |
ivle.makeuser.make_jail(user) |
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
62 |
|
63 |
logging.info("Enabling user") |
|
64 |
user.state = u'enabled' |
|
65 |
||
66 |
return {"response": "okay"} |
|
67 |
||
68 |
def rebuild_svn_config(store, props): |
|
|
1072
by matt.giuca
Renamed scripts to services. |
69 |
"""Rebuilds the svn config file
|
70 |
Return value:
|
|
71 |
response (okay, failure)
|
|
72 |
"""
|
|
73 |
try: |
|
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
74 |
ivle.makeuser.rebuild_svn_config(store) |
|
1072
by matt.giuca
Renamed scripts to services. |
75 |
except Exception, e: |
76 |
logging.warning('Rebuild of Subversion authorization config failed!') |
|
77 |
return{'response': 'failure', 'msg': repr(e)} |
|
78 |
||
79 |
return {'response': 'okay'} |
|
80 |
||
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
81 |
def rebuild_svn_group_config(store, props): |
|
1072
by matt.giuca
Renamed scripts to services. |
82 |
"""Rebuilds the svn group config file
|
83 |
Return value:
|
|
84 |
response (okay, failure)
|
|
85 |
"""
|
|
86 |
try: |
|
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
87 |
ivle.makeuser.rebuild_svn_group_config(store) |
|
1072
by matt.giuca
Renamed scripts to services. |
88 |
except Exception, e: |
89 |
logging.warning( |
|
90 |
'Rebuild of Subversion group authorization config failed!') |
|
91 |
return{'response': 'failure', 'msg': repr(e)} |
|
92 |
||
93 |
return {'response': 'okay'} |
|
94 |
||
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
95 |
def create_group_repository(store, props): |
|
1072
by matt.giuca
Renamed scripts to services. |
96 |
"""Creates on disk repository for the given group
|
97 |
Expected properties:
|
|
98 |
subj_short_name, year, semester, groupnm
|
|
99 |
Return value:
|
|
100 |
response (okay, failure)
|
|
101 |
"""
|
|
102 |
||
103 |
subj_short_name = props['subj_short_name'] |
|
104 |
year = props['year'] |
|
105 |
semester = props['semester'] |
|
106 |
groupnm = props['groupnm'] |
|
107 |
||
108 |
namespace = "_".join([subj_short_name, year, semester, groupnm]) |
|
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
109 |
repopath = os.path.join(ivle.conf.svn_repo_path, 'groups', namespace) |
|
1072
by matt.giuca
Renamed scripts to services. |
110 |
logging.debug("Creating Subversion repository %s"%repopath) |
111 |
try: |
|
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
112 |
ivle.makeuser.make_svn_repo(repopath) |
|
1072
by matt.giuca
Renamed scripts to services. |
113 |
except Exception, e: |
114 |
logging.error("Failed to create Subversion repository %s: %s"% |
|
115 |
(repopath,repr(e))) |
|
116 |
return {'response': 'failure', 'msg': repr(e)} |
|
117 |
||
118 |
return {'response': 'okay'} |
|
119 |
||
120 |
actions = { |
|
121 |
'activate_user':activate_user, |
|
122 |
'create_group_repository':create_group_repository, |
|
123 |
'rebuild_svn_config':rebuild_svn_config, |
|
124 |
'rebuild_svn_group_config':rebuild_svn_group_config, |
|
125 |
}
|
|
126 |
||
127 |
def initializer(): |
|
|
1099.1.177
by William Grant
usrmgt-server now starts logging once it's daemonised. |
128 |
logging.basicConfig(filename="/var/log/usrmgt.log", level=logging.INFO) |
129 |
logging.info("Starting usrmgt server on port %d (pid = %d)" % |
|
130 |
(ivle.conf.usrmgt_port, pid)) |
|
131 |
||
|
1072
by matt.giuca
Renamed scripts to services. |
132 |
try: |
133 |
pidfile = open('/var/run/usrmgt-server.pid', 'w') |
|
134 |
pidfile.write('%d\n' % os.getpid()) |
|
135 |
pidfile.close() |
|
136 |
except IOError, (errno, strerror): |
|
137 |
print "Couldn't write PID file. IO error(%s): %s" % (errno, strerror) |
|
138 |
sys.exit(1) |
|
139 |
||
140 |
def dispatch(props): |
|
141 |
logging.debug(repr(props)) |
|
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
142 |
|
|
1203
by William Grant
Give get_store() a config in usrmgt-server as well. |
143 |
store = ivle.database.get_store(ivle.config.Config()) |
|
1072
by matt.giuca
Renamed scripts to services. |
144 |
action = props.keys()[0] |
|
1080.1.17
by me at id
ivle.makeuser: svn auth manipulation functions now use storm as much as |
145 |
res = actions[action](store, props[action]) |
146 |
||
147 |
if res['response'] == 'okay': |
|
148 |
store.commit() |
|
149 |
else: |
|
150 |
store.rollback() |
|
151 |
store.close() |
|
152 |
return res |
|
|
1072
by matt.giuca
Renamed scripts to services. |
153 |
|
154 |
if __name__ == "__main__": |
|
155 |
pid = os.getpid() |
|
156 |
||
|
1079
by William Grant
Merge setup-refactor branch. This completely breaks existing installations; |
157 |
ivle.chat.start_server(ivle.conf.usrmgt_port, ivle.conf.usrmgt_magic, |
158 |
True, dispatch, initializer) |