def modify(self, args, config, connection):
        name = args['name']
        kind = args['kind']
        privilege = Privilege(name, kind, connection=connection)
        if not privilege.exists():
            print("Error: Privilege does not exist: {0}".format(name))
            sys.exit(1)

        privilege.read()

        if args['json'] is not None:
            privilege = self._read(None,
                                   kind,
                                   None,
                                   args['json'],
                                   connection=connection)
            privilege.name = name

        self.roles = []
        self._properties(privilege, args)
        if len(self.roles) > 0:
            privilege.set_role_names(self.roles)

        print("Modify privilege {0}...".format(name))
        privilege.update(connection=connection)
Beispiel #2
0
    def get(self, args, config, connection):
        privilege = Privilege(args['name'], args['kind'], connection=connection)
        if not privilege.exists():
            print("Error: Privilege does not exist: {0}".format(args['name']))
            sys.exit(1)

        privilege.read()
        self.jprint(privilege)
    def get(self, args, config, connection):
        privilege = Privilege(args['name'],
                              args['kind'],
                              connection=connection)
        if not privilege.exists():
            print("Error: Privilege does not exist: {0}".format(args['name']))
            sys.exit(1)

        privilege.read()
        self.jprint(privilege)
    def readPrivileges(self):
        names = Privilege.list(self.connection)
        max_read = { "execute": 5, "uri": 5 }
        counts = { "execute": 0, "uri": 0 }
        for name in names:
            parts = name.split("|")
            kind = parts[0]
            pname = parts[1]

            counts[kind] = counts[kind] + 1

            if max_read[kind] > 0:
                rsrc = Privilege.lookup(self.connection, pname, kind)
                max_read[kind] = max_read[kind] - 1

        print("Execute privileges: {}".format(counts["execute"]))
        print("URI privileges: {}".format(counts["uri"]))
    def readPrivileges(self):
        names = Privilege.list(self.connection)
        max_read = {"execute": 5, "uri": 5}
        counts = {"execute": 0, "uri": 0}
        for name in names:
            parts = name.split("|")
            kind = parts[0]
            pname = parts[1]

            counts[kind] = counts[kind] + 1

            if max_read[kind] > 0:
                rsrc = Privilege.lookup(self.connection, pname, kind)
                max_read[kind] = max_read[kind] - 1

        print("Execute privileges: {}".format(counts["execute"]))
        print("URI privileges: {}".format(counts["uri"]))
    def create(self, args, config, connection):
        name = args['name']
        kind = args['kind']
        action = args['action']

        if args['json'] is not None:
            privilege = self._read(name,
                                   kind,
                                   action,
                                   args['json'],
                                   connection=connection)
            name = privilege.privilege_name()
            kind = privilege.kind()
            action = privilege.action()
        else:
            privilege = Privilege(name,
                                  kind,
                                  action=action,
                                  connection=connection)

        if privilege.exists():
            print("Error: Privilege already exists: {0}".format(name))
            sys.exit(1)

        self.roles = []
        self._properties(privilege, args)
        if len(self.roles) > 0:
            privilege.set_role_names(self.roles)

        print("Create privilege {0}...".format(name))
        privilege.create(connection)
    def delete(self, args, config, connection):
        privilege = Privilege.lookup(connection,
                                     name=args['name'],
                                     kind=args['kind'])
        if privilege is None:
            return

        print("Delete privilege {0}...".format(args['name']))
        privilege.delete(connection)
Beispiel #8
0
    def delete(self, args, config, connection):
        privilege = Privilege.lookup(connection,
                                     name=args['name'],
                                     kind=args['kind'])
        if privilege is None:
            return

        print("Delete privilege {0}...".format(args['name']))
        privilege.delete(connection)
Beispiel #9
0
    def create(self, args, config, connection):
        name = args['name']
        kind = args['kind']
        action = args['action']

        if args['json'] is not None:
            privilege = self._read(name, kind, action, args['json'],
                                   connection=connection)
            name = privilege.privilege_name()
            kind = privilege.kind()
            action = privilege.action()
        else:
            privilege = Privilege(name, kind, action=action,
                                  connection=connection)

        if privilege.exists():
            print("Error: Privilege already exists: {0}".format(name))
            sys.exit(1)

        self.roles = []
        self._properties(privilege, args)
        if len(self.roles) > 0:
            privilege.set_role_names(self.roles)

        print("Create privilege {0}...".format(name))
        privilege.create(connection)
Beispiel #10
0
    def _read(self, name, kind, action, jsonfile,
              connection=None, save_connection=True):
        jf = open(jsonfile).read()
        data = json.loads(jf)

        if name is not None:
            data['privilege-name'] = name
        if kind is not None:
            data['kind'] = kind
        if action is not None:
            data['action'] = action

        privilege = Privilege.unmarshal(data,
                                        connection=connection,
                                        save_connection=save_connection)
        return privilege
Beispiel #11
0
    def modify(self, args, config, connection):
        name = args['name']
        kind = args['kind']
        privilege = Privilege(name, kind, connection=connection)
        if not privilege.exists():
            print("Error: Privilege does not exist: {0}".format(name))
            sys.exit(1)

        privilege.read()

        if args['json'] is not None:
            privilege = self._read(None, kind, None, args['json'],
                                connection=connection)
            privilege.name = name

        self.roles = []
        self._properties(privilege, args)
        if len(self.roles) > 0:
            privilege.set_role_names(self.roles)

        print("Modify privilege {0}...".format(name))
        privilege.update(connection=connection)
    def _read(self,
              name,
              kind,
              action,
              jsonfile,
              connection=None,
              save_connection=True):
        jf = open(jsonfile).read()
        data = json.loads(jf)

        if name is not None:
            data['privilege-name'] = name
        if kind is not None:
            data['kind'] = kind
        if action is not None:
            data['action'] = action

        privilege = Privilege.unmarshal(data,
                                        connection=connection,
                                        save_connection=save_connection)
        return privilege
        print("Need to create role: {0}".format(name))
        role = Role(name)
        role.create(conn)

# Update privileges
for config in data['roles']:
    name = config['role-name']
    role = Role.unmarshal(config)
    print("Updating role: {0}".format(name))
    role.update(conn)

# Update privileges
for config in data['privileges']:
    name = config['privilege-name']
    kind = config['kind']
    priv = Privilege.lookup(conn, name, kind)
    if priv is None:
        verb = "Creating"
        priv = Privilege.unmarshal(config)
        print("{0} privilege: {1}".format(verb, name))
        priv.create(conn)
    else:
        verb = "Updating"
        priv = Privilege.unmarshal(config)
        print("{0} {1} privilege: {2}".format(verb, kind, name))
        priv.update(conn)

# Update users
for config in data['users']:
    name = config['user-name']
    user = User.lookup(conn, name)
    def close(self, conn, group='Default'):
        closed = False
        while not closed:
            closed = True

            newitems = []
            for key in self.servers:
                item = self.servers[key]
                if item is None:
                    closed = False
                    newitems.append(Server.lookup(conn, key, group))

            for server in newitems:
                self._close_over_server(server)

            newitems = []
            for key in self.databases:
                item = self.databases[key]
                if item is None:
                    closed = False
                    newitems.append(Database.lookup(conn, key))

            for database in newitems:
                self._close_over_database(database)

            newitems = []
            for key in self.forests:
                item = self.forests[key]
                if item is None:
                    closed = False
                    newitems.append(Forest.lookup(conn, key))

            for forest in newitems:
                self._close_over_forest(forest)

            newitems = []
            for key in self.users:
                item = self.users[key]
                if item is None:
                    closed = False
                    newitems.append(User.lookup(conn, key))

            for user in newitems:
                self._close_over_user(user)

            newitems = []
            for key in self.roles:
                item = self.roles[key]
                if item is None:
                    closed = False
                    newitems.append(Role.lookup(conn, key))

            for role in newitems:
                self._close_over_role(role)

            delitems = []
            newitems = []
            for key in self.privileges:
                item = self.privileges[key]
                parts = key.split("|")
                kind = parts[0]
                name = parts[1]
                if isinstance(item, str):
                    closed = False
                    if "//" in key:
                        # Assume it's an action
                        priv = Privilege.lookup(conn, action=name, kind=kind)
                        delitems.append(key)
                    else:
                        priv = Privilege.lookup(conn, name, kind)
                    newitems.append(priv)

            for item in delitems:
                del self.privileges[item]

            for priv in newitems:
                self._close_over_privilege(priv)
    def close(self, conn, group='Default'):
        closed = False
        while not closed:
            closed = True

            newitems = []
            for key in self.servers:
                item = self.servers[key]
                if item is None:
                    closed = False
                    newitems.append(Server.lookup(conn, key, group))

            for server in newitems:
                self._close_over_server(server)

            newitems = []
            for key in self.databases:
                item = self.databases[key]
                if item is None:
                    closed = False
                    newitems.append(Database.lookup(conn, key))

            for database in newitems:
                self._close_over_database(database)

            newitems = []
            for key in self.users:
                item = self.users[key]
                if item is None:
                    closed = False
                    newitems.append(User.lookup(conn, key))

            for user in newitems:
                self._close_over_user(user)

            newitems = []
            for key in self.roles:
                item = self.roles[key]
                if item is None:
                    closed = False
                    newitems.append(Role.lookup(conn, key))

            for role in newitems:
                self._close_over_role(role)

            delitems = []
            newitems = []
            for key in self.privileges:
                item = self.privileges[key]
                parts = key.split("|")
                kind = parts[0]
                name = parts[1]
                if isinstance(item, str):
                    closed = False

                    if self.PRIVILEGES is None:
                        self.PRIVILEGES = Privilege.list(conn)

                    for priv in self.PRIVILEGES:
                        parts = priv.split("|")
                        if parts[0] == kind and parts[2] == name:
                            delitems.append(key)
                            name = parts[1]

                    newitems.append(Privilege.lookup(conn, name, kind))

            for item in delitems:
                del self.privileges[item]

            for priv in newitems:
                self._close_over_privilege(priv)
 def list(self, args, config, connection):
     ptype = args['kind']
     names = Privilege.list(connection, kind=ptype)
     print(json.dumps(names, sort_keys=True, indent=2))
Beispiel #17
0
 def list(self, args, config, connection):
     ptype = args['kind']
     names = Privilege.list(connection, kind=ptype)
     print(json.dumps(names,sort_keys=True, indent=2))