~azzar1/unity/add-show-desktop-key : contents of services/usrmgt-server at revision 1671

~azzar1/unity/add-show-desktop-key : (revision 1671)

#!/usr/bin/python

import os
import sys
import logging

import ivle.config
import ivle.database
import ivle.chat
import ivle.makeuser

config = ivle.config.Config()

# usage:
#   usrmgt-server <port> <magic>

# User management operations:
#   - Create local user
#   - [Re]Create jail for a user
#       - Create a svn repository for a user
#           - create repository
#           - svn config
#           - svn auth
#       - /etc/passwd entry
#   - Disable a user's account
#   - Enable a user's account
#   - Remove a user
#   - Rebuild svn config
#   - Rebuild svn auth file
#   - Rebuild passwd + push to nodes.

def activate_user(store, props, config):
    """Create the on-disk stuff for the given user.
       Sets the state of the user in the db from pending to enabled.
    @param config: An ivle.config.Config object.
       Expected properties:
        login       - the user name for the jail
                      STRING REQUIRED
    @return: None
    """

    if not os.path.exists(config['paths']['jails']['template']):
        return {
            'response': 'error',
            'message': 'Template jail has not been built -- '
                       'do you need to run ivle-buildjail?'}

    os.umask(0022) # Bad, but start_server sets it worse.

    login = props['login']

    # FIXME: check we're pending

    # Get the full User object from the db associated with this
    user = ivle.database.User.get_by_login(store, login)

    # make svn config/auth
    repopath = os.path.join(config['paths']['svn']['repo_path'],
                            'users', login)
    logging.debug("Creating user's Subversion repository")
    ivle.makeuser.make_svn_repo(repopath, throw_on_error=True)

    rebuild_svn_config(store, props, config)

    logging.debug("Adding Subversion authentication")
    passwd = ivle.makeuser.make_svn_auth(store, login, config,
                                         throw_on_error=True)

    logging.debug("Creating jail")
    ivle.makeuser.make_jail(user, config)

    logging.info("Enabling user")
    user.state = u'enabled'

    return {"response": "okay"}

def rebuild_svn_config(store, props, config):
    """Rebuilds the svn config file
    @param config: An ivle.config.Config object.
    @return: response (okay, failure)
    """
    try:
        ivle.makeuser.rebuild_svn_config(store, config)
    except Exception, e:
        logging.warning('Rebuild of Subversion authorization config failed!')
        return{'response': 'failure', 'msg': repr(e)}

    return {'response': 'okay'}

def rebuild_svn_group_config(store, props, config):
    """Rebuilds the svn group config file
    @param config: An ivle.config.Config object.
    @return: response (okay, failure)
    """
    try:
        ivle.makeuser.rebuild_svn_group_config(store, config)
    except Exception, e:
        logging.warning(
            'Rebuild of Subversion group authorization config failed!')
        return{'response': 'failure', 'msg': repr(e)}

    return {'response': 'okay'}

def create_group_repository(store, props, config):
    """Creates on disk repository for the given group
    @param config: An ivle.config.Config object.
    Expected properties:
        subj_short_name, year, semester, groupnm
    @return: response (okay, failure)
    """

    subj_short_name = props['subj_short_name']
    year = props['year']
    semester = props['semester']
    groupnm = props['groupnm']

    namespace = "_".join([subj_short_name, year, semester, groupnm])
    repopath = os.path.join(config['paths']['svn']['repo_path'],
                            'groups', namespace)
    logging.debug("Creating Subversion repository %s"%repopath)
    try:
        ivle.makeuser.make_svn_repo(repopath)
    except Exception, e:
        logging.error("Failed to create Subversion repository %s: %s"%
            (repopath,repr(e)))
        return {'response': 'failure', 'msg': repr(e)}

    return {'response': 'okay'}

actions = {
        'activate_user':activate_user,
        'create_group_repository':create_group_repository,
        'rebuild_svn_config':rebuild_svn_config,
        'rebuild_svn_group_config':rebuild_svn_group_config,
    }

def initializer():
    logging.basicConfig(filename="/var/log/usrmgt.log", level=logging.INFO)
    logging.info("Starting usrmgt server on port %d (pid = %d)" %
                 (config['usrmgt']['port'], pid))

    try:
        pidfile = open('/var/run/usrmgt-server.pid', 'w')
        pidfile.write('%d\n' % os.getpid())
        pidfile.close()
    except IOError, (errno, strerror):
        print "Couldn't write PID file. IO error(%s): %s" % (errno, strerror)
        sys.exit(1)

def dispatch(props):
    logging.debug(repr(props))

    store = ivle.database.get_store(config)
    action = props.keys()[0]
    res = actions[action](store, props[action], config)

    if res['response'] == 'okay':
        store.commit()
    else:
        store.rollback()
    store.close()
    return res

if __name__ == "__main__":
    pid = os.getpid()

    ivle.chat.start_server(config['usrmgt']['port'],config['usrmgt']['magic'],
                           True, dispatch, initializer)

1072 by matt.giuca Renamed scripts to services.	1	#!/usr/bin/python
	2
	3	import os
	4	import sys
	5	import logging
	6
1203 by William Grant Give get_store() a config in usrmgt-server as well.	7	import ivle.config
1080.1.7 by matt.giuca The new ivle.database.User class is now used in Request and usrmgt, which	8	import ivle.database
1079 by William Grant Merge setup-refactor branch. This completely breaks existing installations;	9	import ivle.chat
	10	import ivle.makeuser
1072 by matt.giuca Renamed scripts to services.	11
1235 by Matt Giuca usrmgt-server: Removed all references to ivle.conf. Now uses the config	12	config = ivle.config.Config()
	13
1072 by matt.giuca Renamed scripts to services.	14	# usage:
	15	# usrmgt-server <port> <magic>
	16
	17	# User management operations:
	18	# - Create local user
	19	# - [Re]Create jail for a user
	20	# - Create a svn repository for a user
	21	# - create repository
	22	# - svn config
	23	# - svn auth
	24	# - /etc/passwd entry
	25	# - Disable a user's account
	26	# - Enable a user's account
	27	# - Remove a user
	28	# - Rebuild svn config
	29	# - Rebuild svn auth file
	30	# - Rebuild passwd + push to nodes.
	31
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	32	def activate_user(store, props, config):
1072 by matt.giuca Renamed scripts to services.	33	"""Create the on-disk stuff for the given user.
1072 by matt.giuca Renamed scripts to services.	34	Sets the state of the user in the db from pending to enabled.
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	35	@param config: An ivle.config.Config object.
1072 by matt.giuca Renamed scripts to services.	36	Expected properties:
	37	login - the user name for the jail
	38	STRING REQUIRED
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	39	@return: None
1072 by matt.giuca Renamed scripts to services.	40	"""
1072 by matt.giuca Renamed scripts to services.	41
1490 by William Grant Display an informative error message if a user activation attempt fails because ivle-buildjail has not been run.	42	if not os.path.exists(config['paths']['jails']['template']):
	43	return {
	44	'response': 'error',
	45	'message': 'Template jail has not been built -- '
	46	'do you need to run ivle-buildjail?'}
	47
1072 by matt.giuca Renamed scripts to services.	48	os.umask(0022) # Bad, but start_server sets it worse.
	49
	50	login = props['login']
	51
1080.1.17 by me at id ivle.makeuser: svn auth manipulation functions now use storm as much as	52	# FIXME: check we're pending
	53
	54	# Get the full User object from the db associated with this
	55	user = ivle.database.User.get_by_login(store, login)
	56
	57	# make svn config/auth
1235 by Matt Giuca usrmgt-server: Removed all references to ivle.conf. Now uses the config	58	repopath = os.path.join(config['paths']['svn']['repo_path'],
	59	'users', login)
1080.1.17 by me at id ivle.makeuser: svn auth manipulation functions now use storm as much as	60	logging.debug("Creating user's Subversion repository")
	61	ivle.makeuser.make_svn_repo(repopath, throw_on_error=True)
	62
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	63	rebuild_svn_config(store, props, config)
1080.1.17 by me at id ivle.makeuser: svn auth manipulation functions now use storm as much as	64
	65	logging.debug("Adding Subversion authentication")
1230 by Matt Giuca ivle.makeuser: make_svn_auth now requires a config argument.	66	passwd = ivle.makeuser.make_svn_auth(store, login, config,
1080.1.17 by me at id ivle.makeuser: svn auth manipulation functions now use storm as much as	67	throw_on_error=True)
	68
	69	logging.debug("Creating jail")
1231 by Matt Giuca ivle.makeuser: make_jail now requires a config argument.	70	ivle.makeuser.make_jail(user, config)
1080.1.17 by me at id ivle.makeuser: svn auth manipulation functions now use storm as much as	71
	72	logging.info("Enabling user")
	73	user.state = u'enabled'
	74
	75	return {"response": "okay"}
	76
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	77	def rebuild_svn_config(store, props, config):
1072 by matt.giuca Renamed scripts to services.	78	"""Rebuilds the svn config file
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	79	@param config: An ivle.config.Config object.
	80	@return: response (okay, failure)
1072 by matt.giuca Renamed scripts to services.	81	"""
1072 by matt.giuca Renamed scripts to services.	82	try:
1229 by Matt Giuca ivle.makeuser: rebuild_svn_config and rebuild_svn_group_config now require a	83	ivle.makeuser.rebuild_svn_config(store, config)
1072 by matt.giuca Renamed scripts to services.	84	except Exception, e:
	85	logging.warning('Rebuild of Subversion authorization config failed!')
	86	return{'response': 'failure', 'msg': repr(e)}
	87
	88	return {'response': 'okay'}
	89
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	90	def rebuild_svn_group_config(store, props, config):
1072 by matt.giuca Renamed scripts to services.	91	"""Rebuilds the svn group config file
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	92	@param config: An ivle.config.Config object.
	93	@return: response (okay, failure)
1072 by matt.giuca Renamed scripts to services.	94	"""
1072 by matt.giuca Renamed scripts to services.	95	try:
1229 by Matt Giuca ivle.makeuser: rebuild_svn_config and rebuild_svn_group_config now require a	96	ivle.makeuser.rebuild_svn_group_config(store, config)
1072 by matt.giuca Renamed scripts to services.	97	except Exception, e:
	98	logging.warning(
	99	'Rebuild of Subversion group authorization config failed!')
	100	return{'response': 'failure', 'msg': repr(e)}
	101
	102	return {'response': 'okay'}
	103
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	104	def create_group_repository(store, props, config):
1072 by matt.giuca Renamed scripts to services.	105	"""Creates on disk repository for the given group
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	106	@param config: An ivle.config.Config object.
1072 by matt.giuca Renamed scripts to services.	107	Expected properties:
1072 by matt.giuca Renamed scripts to services.	108	subj_short_name, year, semester, groupnm
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	109	@return: response (okay, failure)
1072 by matt.giuca Renamed scripts to services.	110	"""
	111
	112	subj_short_name = props['subj_short_name']
	113	year = props['year']
	114	semester = props['semester']
	115	groupnm = props['groupnm']
	116
	117	namespace = "_".join([subj_short_name, year, semester, groupnm])
1235 by Matt Giuca usrmgt-server: Removed all references to ivle.conf. Now uses the config	118	repopath = os.path.join(config['paths']['svn']['repo_path'],
	119	'groups', namespace)
1072 by matt.giuca Renamed scripts to services.	120	logging.debug("Creating Subversion repository %s"%repopath)
1072 by matt.giuca Renamed scripts to services.	121	try:
1079 by William Grant Merge setup-refactor branch. This completely breaks existing installations;	122	ivle.makeuser.make_svn_repo(repopath)
1072 by matt.giuca Renamed scripts to services.	123	except Exception, e:
	124	logging.error("Failed to create Subversion repository %s: %s"%
	125	(repopath,repr(e)))
	126	return {'response': 'failure', 'msg': repr(e)}
	127
	128	return {'response': 'okay'}
	129
	130	actions = {
	131	'activate_user':activate_user,
	132	'create_group_repository':create_group_repository,
	133	'rebuild_svn_config':rebuild_svn_config,
	134	'rebuild_svn_group_config':rebuild_svn_group_config,
	135	}
	136
	137	def initializer():
1099.1.177 by William Grant usrmgt-server now starts logging once it's daemonised.	138	logging.basicConfig(filename="/var/log/usrmgt.log", level=logging.INFO)
	139	logging.info("Starting usrmgt server on port %d (pid = %d)" %
1235 by Matt Giuca usrmgt-server: Removed all references to ivle.conf. Now uses the config	140	(config['usrmgt']['port'], pid))
1099.1.177 by William Grant usrmgt-server now starts logging once it's daemonised.	141
1072 by matt.giuca Renamed scripts to services.	142	try:
	143	pidfile = open('/var/run/usrmgt-server.pid', 'w')
	144	pidfile.write('%d\n' % os.getpid())
	145	pidfile.close()
	146	except IOError, (errno, strerror):
	147	print "Couldn't write PID file. IO error(%s): %s" % (errno, strerror)
	148	sys.exit(1)
	149
	150	def dispatch(props):
	151	logging.debug(repr(props))
1080.1.17 by me at id ivle.makeuser: svn auth manipulation functions now use storm as much as	152
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	153	store = ivle.database.get_store(config)
1072 by matt.giuca Renamed scripts to services.	154	action = props.keys()[0]
1228 by Matt Giuca usrmgt-server: Pass a Config object through all of the "actions".	155	res = actions[action](store, props[action], config)
1080.1.17 by me at id ivle.makeuser: svn auth manipulation functions now use storm as much as	156
	157	if res['response'] == 'okay':
	158	store.commit()
	159	else:
	160	store.rollback()
	161	store.close()
	162	return res
1072 by matt.giuca Renamed scripts to services.	163
	164	if __name__ == "__main__":
	165	pid = os.getpid()
	166
1235 by Matt Giuca usrmgt-server: Removed all references to ivle.conf. Now uses the config	167	ivle.chat.start_server(config['usrmgt']['port'],config['usrmgt']['magic'],
1079 by William Grant Merge setup-refactor branch. This completely breaks existing installations;	168	True, dispatch, initializer)