103
103
os.rename(ivle.conf.svn_conf + ".new", ivle.conf.svn_conf)
104
104
chown_to_webserver(ivle.conf.svn_conf)
106
def rebuild_svn_group_config():
106
def rebuild_svn_group_config(store):
107
107
"""Build the complete SVN configuration file for groups
110
groups = conn.get_all('project_group',
111
['groupid', 'groupnm', 'projectsetid'])
112
109
f = open(ivle.conf.svn_group_conf + ".new", "w")
113
110
f.write("# IVLE SVN Group Repositories Configuration\n")
114
111
f.write("# Auto-generated on %s\n" % time.asctime())
117
projectsetid = g['projectsetid']
118
offeringinfo = conn.get_offering_info(projectsetid)
119
subj_short_name = offeringinfo['subj_short_name']
120
year = offeringinfo['year']
121
semester = offeringinfo['semester']
122
reponame = "_".join([subj_short_name, year, semester, g['groupnm']])
113
for group in store.find(ProjectGroup):
114
offering = group.project_set.offering
115
reponame = "_".join([offering.subject.short_name,
116
offering.semester.year,
117
offering.semester.semester,
123
119
f.write("[%s:/]\n"%reponame)
124
users = conn.get_projectgroup_members(g['groupid'])
126
f.write("%s = rw\n"%u['login'])
120
for user in group.members:
121
f.write("%s = rw\n" % user.login)
129
124
os.rename(ivle.conf.svn_group_conf + ".new", ivle.conf.svn_group_conf)
132
127
def make_svn_auth(store, login, throw_on_error=True):
133
128
"""Setup svn authentication for the given user.
134
129
Uses the given DB store object. Does not commit to the db.
135
FIXME: create local.auth entry
137
131
passwd = md5.new(uuid.uuid4().bytes).digest().encode('hex')
138
132
if os.path.exists(ivle.conf.svn_auth_ivle):
184
178
return (to_add, to_remove)
187
def make_jail(username, uid, force=True, svn_pass=None):
181
def make_jail(user, force=True):
188
182
"""Creates a new user's jail space, in the jail directory as configured in
196
190
Chowns the user's directory within the jail to the given UID.
198
Note: This takes separate username and uid arguments. The UID need not
199
*necessarily* correspond to a Unix username at all, if all you are
200
planning to do is setuid to it. This allows the caller the freedom of
201
deciding the binding between username and uid, if any.
203
192
force: If false, exception if jail already exists for this user.
204
193
If true (default), overwrites it, but preserves home directory.
206
svn_pass: If provided this will be a string, the randomly-generated
207
Subversion password for this user (if you happen to already have it).
208
If not provided, it will be read from the database.
210
195
# MUST run as root or some of this may fail
211
196
if os.getuid() != 0:
218
203
elif not os.path.isdir(tempdir):
219
204
os.unlink(tempdir)
220
205
os.mkdir(tempdir)
221
userdir = os.path.join(ivle.conf.jail_src_base, username)
206
userdir = os.path.join(ivle.conf.jail_src_base, user.login)
222
207
homedir = os.path.join(userdir, 'home')
223
userhomedir = os.path.join(homedir, username) # Return value
208
userhomedir = os.path.join(homedir, user.login) # Return value
225
210
if os.path.exists(userdir):
241
226
shutil.move(homebackup, homedir)
242
227
# Change the ownership of all the files to the right unixid
243
228
logging.debug("chown %s's home directory files to uid %d"
245
os.chown(userhomedir, uid, uid)
229
%(user.login, user.unixid))
230
os.chown(userhomedir, user.unixid, user.unixid)
246
231
for root, dirs, files in os.walk(userhomedir):
247
232
for fsobj in dirs + files:
248
os.chown(os.path.join(root, fsobj), uid, uid)
233
os.chown(os.path.join(root, fsobj), user.unixid, user.unixid)
250
235
# No user jail exists
251
236
# Set up the user's home directory
252
237
os.makedirs(userhomedir)
253
238
# Chown (and set the GID to the same as the UID).
254
os.chown(userhomedir, uid, uid)
239
os.chown(userhomedir, user.unixid, user.unixid)
255
240
# Chmod to rwxr-xr-x (755)
256
241
os.chmod(userhomedir, 0755)
258
# There are 2 special files which need to be generated specific to this
259
# user: ${python_site_packages}/lib/conf/conf.py and /etc/passwd.
260
# "__" username "__" users are exempt (special)
261
if not (username.startswith("__") and username.endswith("__")):
262
make_conf_py(username, userdir, ivle.conf.jail_system, svn_pass)
263
make_etc_passwd(username, userdir, ivle.conf.jail_system, uid)
243
make_conf_py(user.login, userdir, ivle.conf.jail_system, user.svn_pass)
244
make_etc_passwd(user.login, userdir, ivle.conf.jail_system, user.unixid)
265
246
return userhomedir
267
def make_conf_py(username, user_jail_dir, staging_dir, svn_pass=None):
248
def make_conf_py(username, user_jail_dir, staging_dir, svn_pass):
269
250
Creates (overwriting any existing file, and creating directories) a
270
251
file ${python_site_packages}/ivle/conf/conf.py in a given user's jail.
281
262
ivle.conf.python_site_packages[1:], "ivle/conf/conf.py")
282
263
os.makedirs(os.path.dirname(conf_path))
284
# If svn_pass isn't supplied, grab it from the DB
286
dbconn = ivle.db.DB()
287
svn_pass = dbconn.get_user(username).svn_pass
290
265
# Read the contents of the template conf file
292
267
template_conf_file = open(template_conf_path, "r")
329
304
% (username, unixid, unixid, username))
330
305
passwd_file.close()
332
def make_user_db(throw_on_error = True, **kwargs):
333
"""Creates a user's entry in the database, filling in all the fields.
334
All arguments must be keyword args. They are the fields in the table.
335
However, instead of supplying a "passhash", you must supply a
336
"password" argument, which will be hashed internally.
337
Also do not supply a state. All users are created in the "no_agreement"
339
Also pulls the user's subjects using the configured subject pulldown
340
module, and adds enrolments to the DB.
341
Throws an exception if the user already exists.
343
dbconn = ivle.db.DB()
344
dbconn.create_user(**kwargs)
347
if kwargs['password']:
348
if os.path.exists(ivle.conf.svn_auth_local):
352
res = os.system("htpasswd -%smb %s %s %s" % (create,
353
ivle.conf.svn_auth_local,
356
if res != 0 and throw_on_error:
357
raise Exception("Unable to create local-auth for %s" % kwargs['login'])
359
# Make sure the file is owned by the web server
361
chown_to_webserver(ivle.conf.svn_auth_local)
363
# Pulldown subjects and add enrolments
364
ivle.pulldown_subj.enrol_user(kwargs['login'])
366
307
def mount_jail(login):
367
308
# This is where we'll mount to...
368
309
destdir = os.path.join(ivle.conf.jail_base, login)