def post(self):
ou_id = self.request.POST.get('ou_id')
node_id = self.request.POST.get('node_id')
ou = None
if ou_id:
ou = self.collection.find_one({'_id': ObjectId(ou_id), 'type': 'ou'})
else:
ou_availables = self.request.user.get('ou_availables')
if isinstance(ou_availables, list) and len(ou_availables) > 0:
ou = self.collection.find_one({'_id': {'$in': [ObjectId(ou_ava_id) for ou_ava_id in ou_availables]},
'type': 'ou',
'path': {'$ne': 'root'}})
if not ou:
return {'ok': False,
'message': 'Ou does not exists'}
settings = get_current_registry().settings
api = get_chef_api(settings, self.request.user)
computer_id = register_node(api, node_id, ou, self.collection)
if not computer_id:
return {'ok': False,
'message': 'Node does not exist (in chef)'}
elif computer_id == 'duplicated':
return {'ok': False,
'message': 'There is another node with this name (in gcc)'}
elif computer_id == 'duplicated-node-id':
return {'ok': False,
'message': 'There is another node with this node chef id (in gcc)'}
computer = self.collection.find_one({'_id': computer_id})
apply_policies_to_computer(self.collection, computer, self.request.user)
update_tree(computer['path'])
return {'ok': True}
def put(self):
node_id = self.request.POST.get('node_id')
computer = self.collection.find_one({'node_chef_id': node_id})
if not computer:
return {'ok': False, 'message': 'Computer does not exists'}
apply_policies_to_computer(self.collection, computer,
self.request.user)
invalidate_change(self.request, computer)
return {'ok': True}
def put(self):
node_id = self.request.POST.get('node_id')
computer = self.collection.find_one({'node_chef_id': node_id})
if not computer:
return {'ok': False,
'message': 'Computer does not exists'}
apply_policies_to_computer(self.collection, computer, self.request.user)
invalidate_change(self.request, computer)
return {'ok': True}
def post(self):
ou_id = self.request.POST.get('ou_id')
node_id = self.request.POST.get('node_id')
ou = None
if ou_id:
ou = self.collection.find_one({
'_id': ObjectId(ou_id),
'type': 'ou'
})
else:
ou_availables = self.request.user.get('ou_availables')
if isinstance(ou_availables, list) and len(ou_availables) > 0:
ou = self.collection.find_one({
'_id': {
'$in':
[ObjectId(ou_ava_id) for ou_ava_id in ou_availables]
},
'type': 'ou',
'path': {
'$ne': 'root'
}
})
if not ou:
return {'ok': False, 'message': 'Ou does not exists'}
settings = get_current_registry().settings
api = get_chef_api(settings, self.request.user)
computer_id = register_node(api, node_id, ou, self.collection)
if not computer_id:
return {'ok': False, 'message': 'Node does not exist (in chef)'}
elif computer_id == 'duplicated':
return {
'ok': False,
'message': 'There is another node with this name (in gcc)'
}
elif computer_id == 'duplicated-node-id':
return {
'ok': False,
'message':
'There is another node with this node chef id (in gcc)'
}
elif computer_id == 'path-err':
return {
'ok': False,
'message':
'Unable to add gecos path ids and names to chef node'
}
computer = self.collection.find_one({'_id': computer_id})
apply_policies_to_computer(self.collection, computer,
self.request.user)
update_tree(computer['path'])
return {'ok': True}
def command(self):
# Initialization
sanitized = False
computers = set()
self.api = _get_chef_api(self.settings.get('chef.url'),
toChefUsername(self.options.chef_username),
self.options.chef_pem, False,
self.settings.get('chef.version'))
self.auth_user = self.db.adminusers.find_one(
{'username': self.options.chef_username})
if self.auth_user is None:
logger.error('The administrator user must exist in MongoDB')
sys.exit(1)
self.db = self.pyramid.db
# Get local_admin_users_res (Local Administrators) policy
logger.info(
'Getting Local Administrators (local_admin_users_res) policy ...')
policy = self.db.policies.find_one({'slug': 'local_admin_users_res'})
schema = policy['schema']
policyId = policy['_id']
logger.info('schema = %s' % str(schema))
logger.info('Id.policy = %s' % str(policyId))
# Searching nodes with the Local Administrators policy
# Query Fields of an Embedded Document (Mongo documentation)
# Example:
# db.nodes.find({"policies.58c8122a0dfd425b0894d5b6":{$exists:true}})
logger.info('Searching nodes with the Local Administrators policy...')
field = 'policies.' + str(policyId)
filters = {field: {'$exists': True}}
nodes = self.db.nodes.find(filters)
# Validating data and, where appropiate, fixing
for node in nodes:
instance = node['policies'][unicode(policyId)]
logger.info('Node name = %s, _id = %s' %
(node['name'], str(node['_id'])))
logger.info('Instance before validate method: %s' % str(instance))
while True:
try:
validate(instance, schema)
break
except ValidationError as e:
logger.warning('Validation error on instance = %s' %
str(e.message))
# Sanitize instance
self.sanitize(e, instance)
sanitized = True
if sanitized:
# Setting false sanitized for next iteration
sanitized = False
logger.info('Sanitized instance: %s' % str(instance))
# Update mongo
self.db.nodes.update({'_id': node['_id']},
{'$set': {
field: instance
}})
# Affected nodes
if node['type'] == 'ou':
result = list(
self.db.nodes.find(
{
'path': get_filter_nodes_belonging_ou(
node['_id']),
'type': 'computer'
}, {'_id': 1}))
logger.info('OU computers = %s' % str(result))
elif node['type'] == 'group':
result = list(
self.db.nodes.find(
{
'_id': {
'$in': node['members']
},
'type': 'computer'
}, {'_id': 1}))
logger.info('GROUP computers = %s' % str(result))
elif node['type'] == 'computer':
result = [node]
logger.info('COMPUTER computers = %s' % str(result))
[computers.add(str(n['_id'])) for n in result]
# Removing unused local_admin_remove_list attribute in chef nodes
for node_id in ChefNode.list():
node = ChefNode(node_id, self.api)
logger.info('Checking node: %s' % (node_id))
attr_dotted = policy['path'] + '.local_admin_remove_list'
logger.info('Atttribute dotted path: %s' % (attr_dotted))
if node.attributes.has_dotted(attr_dotted):
logger.info("Remove 'local_admin_remove_list' attribute!")
try:
logger.info(
"node.attributes = %s" %
str(node.attributes['gecos_ws_mgmt']['misc_mgmt']
['local_admin_users_res'].to_dict()))
delete_dotted(node.attributes, attr_dotted)
node.save()
except:
logger.warn(
"Problem deleting local_admin_remove_list value from node: %s"
% (node_id))
logger.warn(
"You may be trying to delete a default attribute instead normal attribute: %s"
% (node_id))
for computer in computers:
logger.info('computer = %s' % str(computer))
computer = self.db.nodes.find_one({'_id': ObjectId(computer)})
apply_policies_to_computer(self.db.nodes,
computer,
self.auth_user,
api=self.api,
initialize=False,
use_celery=False)
logger.info('Finished.')
def command(self):
# Initialization
sanitized = False
computers = set()
self.api = _get_chef_api(self.settings.get('chef.url'),
toChefUsername(self.options.chef_username),
self.options.chef_pem, False, self.settings.get('chef.version'))
self.auth_user = self.db.adminusers.find_one({'username': self.options.chef_username})
if self.auth_user is None:
logger.error('The administrator user must exist in MongoDB')
sys.exit(1)
self.db = self.pyramid.db
# Get local_groups (Local groups) policy
logger.info('Getting Local Groups (local_groups_res) policy ...')
policy = self.db.policies.find_one({'name':'Local groups'})
schema = policy['schema']
policyId = policy['_id']
logger.debug('schema = %s'%str(schema))
logger.debug('Id.policy = %s'%str(policyId))
# Searching nodes with the Local Groups policy
# Query Fields of an Embedded Document (Mongo documentation)
# Example:
# db.nodes.find({"policies.58c8122a0dfd425b0894d5b6":{$exists:true}})
logger.info('Searching nodes with the Local Groups policy...')
field = 'policies.' + str(policyId)
filters = {field:{'$exists':True}}
nodes = self.db.nodes.find(filters).sort([('path',1),('name',1)])
# Validating data and, where appropiate, fixing
for node in nodes:
instance = node['policies'][unicode(policyId)]
logger.info('Node name = %s, _id = %s)'%(node['name'],str(node['_id'])))
logger.info('Instance before validate method: %s'%str(instance))
while True:
try:
validate(instance, schema)
break
except ValidationError as e:
logger.warning('Validation error on instance = %s'%str(e.message))
# Sanitize instance
self.sanitize(e, instance)
sanitized = True
if sanitized:
# Setting false sanitized for next iteration
sanitized = False
logger.info('Sanitized instance: %s'%str(instance))
# Update mongo
self.db.nodes.update({'_id': node['_id']},{'$set':{field:instance}})
# Affected nodes
if node['type'] == 'ou':
result = list(self.db.nodes.find({'path': get_filter_nodes_belonging_ou(node['_id']),'type': 'computer'},{'_id':1}))
logger.info('OU computers = %s'%str(result))
elif node['type'] == 'group':
result = list(self.db.nodes.find({'_id':{'$in':node['members']},'type':'computer'},{'_id':1}))
logger.info('GROUP computers = %s'%str(result))
elif node['type'] == 'computer':
result = [node]
logger.info('COMPUTER computers = %s'%str(result))
[computers.add(str(n['_id'])) for n in result]
for computer in computers:
logger.info('computer = %s'%str(computer))
computer = self.db.nodes.find_one({'_id': ObjectId(computer)})
apply_policies_to_computer(self.db.nodes, computer, self.auth_user, api=self.api, initialize=False, use_celery=False)
logger.info('Finished.')
def command(self):
# Initialization
sanitized = False
computers = set()
self.api = _get_chef_api(self.settings.get('chef.url'),
toChefUsername(self.options.chef_username),
self.options.chef_pem, False, self.settings.get('chef.version'))
self.auth_user = self.db.adminusers.find_one({'username': self.options.chef_username})
if self.auth_user is None:
logger.error('The administrator user must exist in MongoDB')
sys.exit(1)
self.db = self.pyramid.db
# Get local_admin_users_res (Local Administrators) policy
logger.info('Getting Local Administrators (local_admin_users_res) policy ...')
policy = self.db.policies.find_one({'slug':'local_admin_users_res'})
schema = policy['schema']
policyId = policy['_id']
logger.info('schema = %s'%str(schema))
logger.info('Id.policy = %s'%str(policyId))
# Searching nodes with the Local Administrators policy
# Query Fields of an Embedded Document (Mongo documentation)
# Example:
# db.nodes.find({"policies.58c8122a0dfd425b0894d5b6":{$exists:true}})
logger.info('Searching nodes with the Local Administrators policy...')
field = 'policies.' + str(policyId)
filters = {field:{'$exists':True}}
nodes = self.db.nodes.find(filters)
# Validating data and, where appropiate, fixing
for node in nodes:
instance = node['policies'][unicode(policyId)]
logger.info('Node name = %s, _id = %s'%(node['name'],str(node['_id'])))
logger.info('Instance before validate method: %s'%str(instance))
while True:
try:
validate(instance, schema)
break
except ValidationError as e:
logger.warning('Validation error on instance = %s'%str(e.message))
# Sanitize instance
self.sanitize(e, instance)
sanitized = True
if sanitized:
# Setting false sanitized for next iteration
sanitized = False
logger.info('Sanitized instance: %s'%str(instance))
# Update mongo
self.db.nodes.update({'_id': node['_id']},{'$set':{field:instance}})
# Affected nodes
if node['type'] == 'ou':
result = list(self.db.nodes.find({'path': get_filter_nodes_belonging_ou(node['_id']),'type': 'computer'},{'_id':1}))
logger.info('OU computers = %s'%str(result))
elif node['type'] == 'group':
result = list(self.db.nodes.find({'_id':{'$in':node['members']},'type':'computer'},{'_id':1}))
logger.info('GROUP computers = %s'%str(result))
elif node['type'] == 'computer':
result = [node]
logger.info('COMPUTER computers = %s'%str(result))
[computers.add(str(n['_id'])) for n in result]
# Removing unused local_admin_remove_list attribute in chef nodes
for node_id in ChefNode.list():
node = ChefNode(node_id, self.api)
logger.info('Checking node: %s'%(node_id))
attr_dotted = policy['path'] + '.local_admin_remove_list'
logger.info('Atttribute dotted path: %s'%(attr_dotted))
if node.attributes.has_dotted(attr_dotted):
logger.info("Remove 'local_admin_remove_list' attribute!")
try:
logger.info("node.attributes = %s" % str(node.attributes['gecos_ws_mgmt']['misc_mgmt']['local_admin_users_res'].to_dict()))
delete_dotted(node.attributes, attr_dotted)
node.save()
except:
logger.warn("Problem deleting local_admin_remove_list value from node: %s"%(node_id))
logger.warn("You may be trying to delete a default attribute instead normal attribute: %s"%(node_id))
for computer in computers:
logger.info('computer = %s'%str(computer))
computer = self.db.nodes.find_one({'_id': ObjectId(computer)})
apply_policies_to_computer(self.db.nodes, computer, self.auth_user, api=self.api, initialize=False, use_celery=False)
logger.info('Finished.')
def command(self):
# Initialization
logger.info("MIGRATION SCRIPT FOR FILES LIST POLICY")
logger.info("######################################")
# Disabling InsecureRequestWarning Unverified HTTPS request
requests.packages.urllib3.disable_warnings()
sanitized = False
computers = set()
self.api = _get_chef_api(self.settings.get('chef.url'),
toChefUsername(self.options.chef_username),
self.options.chef_pem, False, self.settings.get('chef.version'))
self.auth_user = self.db.adminusers.find_one({'username': self.options.chef_username})
if self.auth_user is None:
logger.error('The administrator user must exist in MongoDB')
sys.exit(1)
self.db = self.pyramid.db
# Get local_file (File list) policy
logger.info('Getting policy schema (local_file_res) ...')
policy = self.db.policies.find_one({'slug':'local_file_res'})
schema = policy['schema']
policyId = policy['_id']
logger.info('schema = %s'%str(schema))
logger.debug('policyId = %s'%str(policyId))
# Searching nodes with the File List policy
# Query Fields of an Embedded Document (Mongo documentation)
# Example:
# db.nodes.find({"policies.58c8122a0dfd425b0894d5b6":{$exists:true}})
logger.info('Searching for nodes with applied policy...')
field = 'policies.' + str(policyId)
filters = {field:{'$exists':True}}
nodes = self.db.nodes.find(filters)
# Validating data and, where appropiate, fixing
for node in nodes:
instance = node['policies'][unicode(policyId)]
logger.debug("node = %s" % str(node))
logger.info('-----------------------------------------------')
logger.info('Node name = %s, mongo_id = %s'%(node['name'],str(node['_id'])))
logger.info('Instance of the policy on the node: %s'%str(instance))
while True:
try:
validate(instance, schema)
break
except ValidationError as e:
logger.warn('Validation error on instance: instance = %s'%str(instance))
logger.warn('Validation error on instance: message error = %s'%str(e.message))
# Sanitize instance
self.sanitize(e, instance)
sanitized = True
if sanitized:
# Setting false sanitized for next iteration
sanitized = False
logger.info('Sanitized instance of the policy on the node AFTER calling the validate method: %s'%str(instance))
# Update mongo
logger.info('Updating instance in database (mongo) ...')
self.db.nodes.update({'_id': node['_id']},{'$set':{field:instance}})
logger.info('Recalculating policies in the node.')
# Affected nodes
if node['type'] == 'ou':
result = list(self.db.nodes.find({'path': get_filter_nodes_belonging_ou(node['_id']),'type': 'computer'},{'_id':1}))
logger.info('OU computers = %s'%str(result))
elif node['type'] == 'group':
result = list(self.db.nodes.find({'_id':{'$in':node['members']},'type':'computer'},{'_id':1}))
logger.info('GROUP computers = %s'%str(result))
elif node['type'] == 'computer':
result = [node]
logger.info('COMPUTER computers = %s'%str(result))
[computers.add(str(n['_id'])) for n in result]
for computer in computers:
logger.info('Applying policies to COMPUTER. For more information, see "gecosccui-celery.log" file')
computer = self.db.nodes.find_one({'_id': ObjectId(computer)})
apply_policies_to_computer(self.db.nodes, computer, self.auth_user, api=self.api, initialize=False, use_celery=True)
# Removing unused attributes (copy_files, delete_files) in chef nodes
logger.info('\n')
attrs = ["%s.copy_files" % (policy['path']), "%s.delete_files" % (policy['path'])]
logger.info('Removing unused attributes %s in chef nodes ...' % attrs)
logger.info('\n')
for node_id in ChefNode.list():
node = ChefNode(node_id, self.api)
logger.info('Checking node: %s'%(node_id))
for attr in attrs:
try:
if node.attributes.has_dotted(attr):
logger.warn("Remove %s attribute!" % attr)
delete_dotted(node.attributes, attr)
node.save()
except:
logger.warn("Problem deleting attribute %s value from node: %s"%(attr, node_id))
logger.warn("You may be trying to delete a default attribute instead normal attribute: %s"%(node_id))
logger.info('Finished.')
def command(self):
# Initialization
logger.info("MIGRATION SCRIPT FOR FILES LIST POLICY")
logger.info("######################################")
# Disabling InsecureRequestWarning Unverified HTTPS request
requests.packages.urllib3.disable_warnings()
sanitized = False
computers = set()
self.api = _get_chef_api(self.settings.get('chef.url'),
toChefUsername(self.options.chef_username),
self.options.chef_pem, False,
self.settings.get('chef.version'))
self.auth_user = self.db.adminusers.find_one(
{'username': self.options.chef_username})
if self.auth_user is None:
logger.error('The administrator user must exist in MongoDB')
sys.exit(1)
self.db = self.pyramid.db
# Get local_file (File list) policy
logger.info('Getting policy schema (local_file_res) ...')
policy = self.db.policies.find_one({'slug': 'local_file_res'})
schema = policy['schema']
policyId = policy['_id']
logger.info('schema = %s' % str(schema))
logger.debug('policyId = %s' % str(policyId))
# Searching nodes with the File List policy
# Query Fields of an Embedded Document (Mongo documentation)
# Example:
# db.nodes.find({"policies.58c8122a0dfd425b0894d5b6":{$exists:true}})
logger.info('Searching for nodes with applied policy...')
field = 'policies.' + str(policyId)
filters = {field: {'$exists': True}}
nodes = self.db.nodes.find(filters)
# Validating data and, where appropiate, fixing
for node in nodes:
instance = node['policies'][unicode(policyId)]
logger.debug("node = %s" % str(node))
logger.info('-----------------------------------------------')
logger.info('Node name = %s, mongo_id = %s' %
(node['name'], str(node['_id'])))
logger.info('Instance of the policy on the node: %s' %
str(instance))
while True:
try:
validate(instance, schema)
break
except ValidationError as e:
logger.warn('Validation error on instance: instance = %s' %
str(instance))
logger.warn(
'Validation error on instance: message error = %s' %
str(e.message))
# Sanitize instance
self.sanitize(e, instance)
sanitized = True
if sanitized:
# Setting false sanitized for next iteration
sanitized = False
logger.info(
'Sanitized instance of the policy on the node AFTER calling the validate method: %s'
% str(instance))
# Update mongo
logger.info('Updating instance in database (mongo) ...')
self.db.nodes.update({'_id': node['_id']},
{'$set': {
field: instance
}})
logger.info('Recalculating policies in the node.')
# Affected nodes
if node['type'] == 'ou':
result = list(
self.db.nodes.find(
{
'path': get_filter_nodes_belonging_ou(
node['_id']),
'type': 'computer'
}, {'_id': 1}))
logger.info('OU computers = %s' % str(result))
elif node['type'] == 'group':
result = list(
self.db.nodes.find(
{
'_id': {
'$in': node['members']
},
'type': 'computer'
}, {'_id': 1}))
logger.info('GROUP computers = %s' % str(result))
elif node['type'] == 'computer':
result = [node]
logger.info('COMPUTER computers = %s' % str(result))
[computers.add(str(n['_id'])) for n in result]
for computer in computers:
logger.info(
'Applying policies to COMPUTER. For more information, see "gecosccui-celery.log" file'
)
computer = self.db.nodes.find_one({'_id': ObjectId(computer)})
apply_policies_to_computer(self.db.nodes,
computer,
self.auth_user,
api=self.api,
initialize=False,
use_celery=True)
# Removing unused attributes (copy_files, delete_files) in chef nodes
logger.info('\n')
attrs = [
"%s.copy_files" % (policy['path']),
"%s.delete_files" % (policy['path'])
]
logger.info('Removing unused attributes %s in chef nodes ...' % attrs)
logger.info('\n')
for node_id in ChefNode.list():
node = ChefNode(node_id, self.api)
logger.info('Checking node: %s' % (node_id))
for attr in attrs:
try:
if node.attributes.has_dotted(attr):
logger.warn("Remove %s attribute!" % attr)
delete_dotted(node.attributes, attr)
node.save()
except:
logger.warn(
"Problem deleting attribute %s value from node: %s" %
(attr, node_id))
logger.warn(
"You may be trying to delete a default attribute instead normal attribute: %s"
% (node_id))
logger.info('Finished.')
def command(self):
# Initialization
sanitized = False
computers = set()
self.api = _get_chef_api(self.settings.get('chef.url'),
toChefUsername(self.options.chef_username),
self.options.chef_pem, False,
self.settings.get('chef.version'))
self.auth_user = self.db.adminusers.find_one(
{'username': self.options.chef_username})
if self.auth_user is None:
logger.error('The administrator user must exist in MongoDB')
sys.exit(1)
self.db = self.pyramid.db
# Get local_users (Users) policy
logger.info('Getting Users (local_users_res) policy ...')
policy = self.db.policies.find_one({'name': 'Users'})
schema = policy['schema']
policyId = policy['_id']
logger.debug('schema = %s' % str(schema))
logger.debug('Id.policy = %s' % str(policyId))
# Searching nodes with the Users policy
# Query Fields of an Embedded Document (Mongo documentation)
# Example:
# db.nodes.find({"policies.58c8122a0dfd425b0894d5b6":{$exists:true}})
logger.info('Searching nodes with the Users policy...')
field = 'policies.' + str(policyId)
filters = {field: {'$exists': True}}
nodes = self.db.nodes.find(filters).sort([('path', 1), ('name', 1)])
# Validating data and, where appropiate, fixing
for node in nodes:
instance = node['policies'][unicode(policyId)]
logger.info('Node name = %s, _id = %s' %
(node['name'], str(node['_id'])))
logger.info('Instance before validate method: %s' % str(instance))
while True:
try:
validate(instance, schema)
break
except ValidationError as e:
logger.warning('Validation error on instance = %s' %
str(e.message))
# Sanitize instance
self.sanitize(e, instance)
sanitized = True
if sanitized:
# Setting false sanitized for next iteration
sanitized = False
logger.info('Sanitized instance: %s' % str(instance))
# Update mongo
self.db.nodes.update({'_id': node['_id']},
{'$set': {
field: instance
}})
# Affected nodes
if node['type'] == 'ou':
result = list(
self.db.nodes.find(
{
'path': get_filter_nodes_belonging_ou(
node['_id']),
'type': 'computer'
}, {'_id': 1}))
logger.info('OU computers = %s' % str(result))
elif node['type'] == 'group':
result = list(
self.db.nodes.find(
{
'_id': {
'$in': node['members']
},
'type': 'computer'
}, {'_id': 1}))
logger.info('GROUP computers = %s' % str(result))
elif node['type'] == 'computer':
result = [node]
logger.info('COMPUTER computers = %s' % str(result))
[computers.add(str(n['_id'])) for n in result]
for computer in computers:
logger.info('computer = %s' % str(computer))
computer = self.db.nodes.find_one({'_id': ObjectId(computer)})
apply_policies_to_computer(self.db.nodes,
computer,
self.auth_user,
api=self.api,
initialize=False,
use_celery=False)
logger.info('Finished.')