def bind(session_id,uid,encrypted_passwd):
	global sessions,um
	session_id=pload(session_id)
	encrypted_passwd=pload(encrypted_passwd)
	uid=pload(uid)

	if not has_perm(uid,'access.soap.bind'):
		return pdump(-9999) # Access denied

	if not sessions.session_exists(session_id):
		return pdump(False)
	if not sessions.has_session_variable(session_id,'nonce'):
		return pdump(False)
	
	nonce = sessions.get_session_variable(session_id,'nonce')[1]
	sessions.unset_session_variable(session_id,'nonce')
	plain = p2_decrypt(encrypted_passwd,nonce)
	
	#if plain==conf.get('SOAP_SERVICE','passwd'):
	if um.authenticate(uid,plain)==0:
		sessions.set_session_variable(session_id,'uid',uid)
		sessions.set_session_variable(session_id,'authenticated',True)
		return pdump(True)

	sessions.set_session_variable(session_id,'authenticated',False)
	return pdump(False)
def kill_session(session_id):
	global sessions
	session_id=pload(session_id)
	if not sessions.session_exists(session_id):
		return pdump(None)
	sessions.remove_session(session_id)
	return pdump(True)
def test_binded(session_id):
	global sessions
	session_id=pload(session_id)
	if sessions.session_exists(session_id):
		if sessions.has_session_variable(session_id,'authenticated'):
			return pdump(sessions.get_session_variable(session_id,'authenticated')[1])
	return pdump(False)
def list_users(session_id,usertype_id,uid):
	global um
	if not session_valid(pload(session_id)):
		return pdump(False)
	usertype_id = pload(usertype_id)
	uid = pload(uid)
	return pdump(um.list_users(usertype_id,uid))
def getconf(session_id,dist_codename,hwaddr,context,context_only):
	global hm
	dist_codename = pload(dist_codename)
	context = pload(context)
	context_only = pload(context_only)
	
	if context == 'update-hosts' and context_only:
		pass
	elif not session_valid(pload(session_id)):
		return pdump(False)

	hwaddr = pload(hwaddr)
	hinfo = hm.host_info(hwaddr)
	if not hinfo:
		return pdump([-1,'']) # Only registered hosts can ask for configurations
	
	hosttype_id = hostdef.hosttype_as_text(hinfo['hostType'][0])
	if not hosttype_id:
		return pdump([-2,'']) # The host is registered with an invalid host type id
	
	print "Configuration requested by host: %s" % hwaddr
	cb = ConfigBuilder(hosttype_id,dist_codename,hwaddr,context,context_only)
	f = open('%s/conf.tgz' % cb.tempdir ,'rb')
	o = f.read()
	f.close()
	
	return pdump([1,o])
def list_groups(session_id,usertype_id,groupname):
	global gm
	if not session_valid(pload(session_id)):
		return pdump(False)
	usertype_id = pload(usertype_id)
	groupname = pload(groupname)

	return pdump(gm.list_groups(usertype_id,groupname))
def list_members(session_id,groupname):
	"""
	List members of a certain group "groupname"
	"""
	global gm
	if not session_valid(pload(session_id)):
		return pdump(False)
	groupname = pload(groupname)
	return pdump(gm.list_members(groupname))
def test_session_id(session_id):
	"""
	Test if the given session ID is still valid
	"""
	global sessions
	session_id=pload(session_id)
	if sessions.session_exists(session_id):
		return pdump(True)
	return pdump(False)
def list_usergroups(session_id,uid):
	"""
	List groups of a certain user "uid"
	"""
	global um
	if not session_valid(pload(session_id)):
		return pdump(False)
	uid = pload(uid)
	return pdump(um.list_usergroups(uid))
Beispiel #10
0
def list_access_identifiers(session_id):
	"""
	Fetch all access identities for the domain
	"""
	global am
	if not session_valid(pload(session_id)):
		return pdump(False)


	return pdump(am.list_access_identifiers())
Beispiel #11
0
def user_exists(session_id,uid):
	"""
	Do a quick lookup in the mainserver LDAP to see if a 
	certain uid exists.
	"""
	global um
	if not session_valid(pload(session_id)):
		return pdump(False)
	uid=pload(uid)
	return pdump(um.user_exists(uid))
Beispiel #12
0
def register_host(session_id,hostname,hosttype_id,hwaddr):
	global hm
	if not session_valid(pload(session_id)):
		return pdump(False)

	hostname = pload(hostname)
	hosttype_id = pload(hosttype_id)
	hwaddr = pload(hwaddr)

	return pdump(hm.register_host(hwaddr,hostname,hosttype_id))
Beispiel #13
0
def removefiles(session_id,files):
	global fm
	if not session_valid(pload(session_id)):
		return pdump(False)

	if not has_perm(session_uid(pload(session_id)),'file.remove'):
		return pdump(-9999) # Access denied

	files = pload(files)
	return pdump(fm.removefiles(files))
Beispiel #14
0
def listhosts(session_id,hosttype_id):
	"""
	Fetch a list og registered hosts
	"""
	global hm
	if not session_valid(pload(session_id)):
		return pdump(False)

	hosttype_id = pload(hosttype_id)

	return pdump(hm.list_hosts(hosttype_id))
Beispiel #15
0
def hostname_exists(session_id,hostname):
	"""
	Check if a certain hostname is already registered
	"""
	global hm
	if not session_valid(pload(session_id)):
		return pdump(False)

	hostname = pload(hostname)

	return pdump(hm.host_exists(hostname=hostname))
Beispiel #16
0
def remove_host_by_hostname(session_id,hostname):
	"""
	Remove host registered on the Mainserver by hostname
	"""
	global hm
	if not session_valid(pload(session_id)):
		return pdump(False)

	hostname = pload(hostname)

	return pdump(hm.remove_host(hostname=hostname))
Beispiel #17
0
def remove_host_by_hwaddr(session_id,hwaddr):
	"""
	Remove host registered on the Mainserver by hwaddr
	"""
	global hm
	if not session_valid(pload(session_id)):
		return pdump(False)

	hwaddr = pload(hwaddr)

	return pdump(hm.remove_host(hwaddr=hwaddr))
Beispiel #18
0
def list_groupservices(session_id,groupname):
	"""
	Fetch a simple list of group service names.
	"""
	global gm
	if not session_valid(pload(session_id)):
		return pdump(False)

	groupname = pload(groupname)

	return pdump(gm.list_services(groupname))
Beispiel #19
0
def group_exists(session_id,groupname):
	"""
	Do a quick lookup in the mainserver LDAP to see if a 
	certain groupname exists.
	"""
	global gm
	if not session_valid(pload(session_id)):
		return pdump(False)

	groupname=pload(groupname)
	return pdump(gm.group_exists(groupname))
Beispiel #20
0
def hwaddr_exists(session_id,hwaddr):
	"""
	Check if a certain hwaddr (mac-address) is already registered
	"""
	global hm
	if not session_valid(pload(session_id)):
		return pdump(False)

	hwaddr = pload(hwaddr)

	return pdump(hm.host_exists(hwaddr=hwaddr))
Beispiel #21
0
def hostinfo_by_hostname(session_id,hostname):
	"""
	Fetch the registration info of a certain host by hwaddr
	"""
	global hm
	if not session_valid(pload(session_id)):
		return pdump(False)

	hostname = pload(hostname)

	return pdump(hm.host_info(hostname=hostname))
Beispiel #22
0
def list_my_permissions(session_id):
	"""
	Fetch user's permissions as a list of access identities 
	"""
	global am
	if not session_valid(pload(session_id)):
		return pdump(False)

	binded_uid = sessions.get_session_variable(pload(session_id),'uid')[1]

	return pdump(am.list_permissions(binded_uid))
Beispiel #23
0
def check_my_permission(session_id,access_ident):
	"""
	Fetch user's permissions as a list of access identities 
	"""
	global am
	if not session_valid(pload(session_id)):
		return pdump(False)

	access_ident = pload(access_ident)
	binded_uid = sessions.get_session_variable(pload(session_id),'uid')[1]

	return pdump(am.check_permission(binded_uid,access_ident))
Beispiel #24
0
def groupdel(session_id,uid,groupname):
	global um
	if not session_valid(pload(session_id)):
		return pdump(False)

	if not has_perm(session_uid(pload(session_id)),'membership.remove'):
		return pdump(-9999) # Access denied

	uid=pload(uid)
	groupname=pload(groupname)

	return pdump(um.groupdel(uid,groupname))
Beispiel #25
0
def changegroup(session_id,groupname,description):
	global gm
	if not session_valid(pload(session_id)):
		return pdump(False)

	if not has_perm(session_uid(pload(session_id)),'group.modify'):
		return pdump(-9999) # Access denied

	groupname=pload(groupname)
	description=pload(description)

	return pdump(gm.changegroup(groupname,description))
Beispiel #26
0
def get_groupservice_option_values(session_id,groupname,servicename):
	global gm
	if not session_valid(pload(session_id)):
		return pdump(False)

	if not has_perm(session_uid(pload(session_id)),'service.group.property.read'):
		return pdump(-9999) # Access denied

	groupname = pload(groupname)
	servicename = pload(servicename)
	
	return pdump(gm.get_service_option_values(groupname,servicename))
Beispiel #27
0
def removeuser(session_id,uid,backup_home,remove_home):
	global um
	if not session_valid(pload(session_id)):
		return pdump(False)

	if not has_perm(session_uid(pload(session_id)),'user.remove'):
		return pdump(-9999) # Access denied

	uid=pload(uid)
	backup_home=pload(backup_home)
	remove_home=pload(remove_home)
	
	return pdump(um.deluser(uid,backup_home,remove_home))
Beispiel #28
0
def removegroup(session_id,groupname,backup_home,remove_home):
	global gm
	if not session_valid(pload(session_id)):
		return pdump(False)

	if not has_perm(session_uid(pload(session_id)),'group.remove'):
		return pdump(-9999) # Access denied

	groupname=pload(groupname)
	backup_home=pload(backup_home)
	remove_home=pload(remove_home)
	
	return pdump(gm.removegroup(groupname,backup_home,remove_home))
Beispiel #29
0
def unset_groupservice_option(session_id,groupname,servicename,variable):
	global gm
	if not session_valid(pload(session_id)):
		return pdump(False)

	if not has_perm(session_uid(pload(session_id)),'service.group.property.set'):
		return pdump(-9999) # Access denied

	groupname = pload(groupname)
	servicename = pload(servicename)
	variable = pload(variable)
	
	return pdump(gm.unset_service_option(groupname,servicename,variable))
Beispiel #30
0
def update_permissions(session_id,users,groups):
	"""
	Fetch all access identities for the domain
	"""
	if not session_valid(pload(session_id)):
		return pdump(False)

	#if not has_perm(session_uid(pload(session_id)),''):
	#	return pdump(-9999) # Access denied
	
	users = pload(users)
	groups = pload(groups)
		
	return pdump(skolesys.tools.admintools.update_permissions(users,groups))