def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) > 0:
u_pattern = args[0]
else:
u_pattern = ""
if opts.bya:
usa = User.find_alias(db_obj, u_pattern)
users = []
for ua in usa:
users.append(ua.get_canonical_user())
else:
users = User.find_user(db_obj, u_pattern)
if users == None:
pynimbusauthz.print_msg(opts, 0, "No users in list")
return 1
for u in users:
list_user(opts, u)
except AuthzException, ae:
print ae
return ae.get_rc()
def delete_user(o):
con_str = pycb.config.authzdb
db = DB(con_str)
# create canonical user
user = User.get_user_by_friendly(db, o.emailaddr)
if user == None:
raise CLIError('EUSER', "No such user %s" % (o.emailaddr))
o.canonical_id = user.get_id()
dnu = user.get_alias_by_friendly(o.emailaddr,
pynimbusauthz.alias_type_x509)
if dnu == None:
print "WARNING! there is no x509 alias for user %s" % (o.emailaddr)
else:
dn = dnu.get_name()
remove_gridmap(dn)
nh = get_nimbus_home()
groupauthz_dir = os.path.join(
nh, "services/etc/nimbus/workspace-service/group-authz/")
try:
remove_member(groupauthz_dir, dn)
except Exception, ex:
print "WARNING %s" % (ex)
if o.web:
if o.web_id == None:
o.web_id = o.emailaddr.split("@")[0]
remove_web(o)
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) != 3:
raise AuthzException(
'CLI_PARAMETER',
"You must specify a username filename and a datakey\nTry --help"
)
user_name = args[0]
object_name = args[1]
data = args[2]
user = User(db_obj, uu=user_name)
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS',
"parent %s not found" % (opts.parent))
File.create_file(db_obj,
object_name,
user,
data,
opts.type,
parent=parent)
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) > 0:
u_pattern = args[0]
else:
u_pattern = ""
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException(['FILE_EXISTS'],
"parent %s not found" % (opts.parent))
if opts.type == "all":
types = pynimbusauthz.object_types.keys()
else:
types = [opts.type]
for t in types:
files = File.find_files(db_obj, u_pattern, t, parent)
for f in files:
print_file(opts, f)
except AuthzException, ae:
print ae
return ae.get_rc()
def get_user_id_by_display(self, display_name):
db_obj = DB(con_str=self.con_str)
a_it = UserAlias.find_alias_by_friendly(db_obj, display_name)
a_list = list(a_it)
if len(a_list) < 1:
return None
alias = a_list[0]
return alias.get_name()
def setUp(self):
(osf, self.fname) = tempfile.mkstemp()
os.close(osf)
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
os.environ['NIMBUS_AUTHZ_DB'] = self.fname
pynimbusauthz.db.make_test_database(self.fname)
self.db = DB(con_str=self.fname)
self.user1 = User(self.db)
self.db.commit()
def setUp(self):
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
con = pynimbusauthz.db.make_test_database()
self.db = DB(con=con)
self.user1 = User(self.db)
self.name = "/file/name"
self.data = "/etc/group"
self.file1 = File.create_file(self.db, self.name, self.user1,
self.data, pynimbusauthz.object_type_s3)
self.uf = UserFile(self.file1)
def __init__(self, alias_name, con_str):
self.db_obj = DB(con_str=con_str)
alias = User.find_alias(self.db_obj, alias_name,
pynimbusauthz.alias_type_s3)
a_list = list(alias)
if len(a_list) < 1:
raise cbException('AccessDenied')
# pick the first one, hmmm XXX
self.alias = a_list[0]
self.user = self.alias.get_canonical_user()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
user_uu = None
if len(args) == 1:
user_uu = args[0]
if opts.new:
user = User(db_obj,
user_uu,
friendly=opts.friendlyname,
create=True)
pynimbusauthz.print_msg(opts, 0, "User %s added" % (user.get_id()))
else:
user = User(db_obj, user_uu)
pynimbusauthz.print_msg(opts, 0, "User %s" % (user.get_id()))
if opts.alias != None:
user_alias = user.get_alias(opts.alias, opts.type)
if user_alias == None:
user_alias = user.create_alias(opts.alias, opts.type,
opts.friendlyname)
pynimbusauthz.print_msg(
opts, 0,
"Creating new alias %s:%s" % (opts.type, opts.alias))
if opts.genkey:
data = pynimbusauthz.random_string_gen(42)
pynimbusauthz.print_msg(opts, 0, "Key generated %s" % (data))
user_alias.set_data(data)
elif opts.setkey != None:
data = opts.setkey
user_alias.set_data(data)
pynimbusauthz.print_msg(opts, 0, "updated the alias key")
if opts.remove_alias != None:
user_alias = user.get_alias(opts.remove_alias, opts.type)
user_alias.remove()
if opts.remove:
pynimbusauthz.print_msg(opts, 1,
"Removing user %s" % (user.get_id()))
if opts.force:
pynimbusauthz.print_msg(opts, 1, "Removing all references")
user.destroy_brutally()
else:
user.destroy()
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def get_user_object_by_access_id(self, access_id):
"""Get a new connection every time this is called to make sure it is cleaned up"""
db = DB(self._cumulus_db)
user_alias = User.find_alias(db, access_id)
if not user_alias:
raise PhantomAWSException('InvalidClientTokenId')
l = list(user_alias)
db.close()
if l < 1:
raise PhantomAWSException('InvalidClientTokenId')
return PhantomUserObject(access_id, l[0].get_data(),
l[0].get_friendly_name())
def main(argv=sys.argv[1:]):
try:
(o, args, p) = setup_options(argv)
con_str = pycb.config.authzdb
db = DB(con_str)
o.emailaddr = args[0]
edit_user(o, db)
report_results(o, db)
except CLIError, clie:
print clie
return clie.get_rc()
def setUp(self):
(osf, self.fname) = tempfile.mkstemp()
os.close(osf)
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
os.environ['NIMBUS_AUTHZ_DB'] = self.fname
pynimbusauthz.db.make_test_database(self.fname)
self.db = DB(con_str=self.fname)
self.user1 = User(self.db)
self.name = "/file/name"
self.data = "/etc/group"
self.file1 = File.create_file(self.db, self.name, self.user1,
self.data, pynimbusauthz.object_type_s3)
self.uf = UserFile(self.file1)
self.db.commit()
def main(argv=sys.argv[1:]):
try:
(o, args, p) = setup_options(argv)
search_pattern = args[0]
con_str = pycb.config.authzdb
db = DB(con_str)
user_list = User.find_user_by_friendly(db, search_pattern)
for u in user_list:
report_results(db, u, o)
db.commit()
except CLIError, clie:
print clie
return clie.get_rc()
def main(argv=sys.argv[1:]):
try:
(o, args, p) = setup_options(argv)
con_str = pycb.config.authzdb
db = DB(con_str)
o.emailaddr = args[0]
create_user(o, db)
report_results(o, db)
db.close()
except CLIError, clie:
if DEBUG:
traceback.print_exc(file=sys.stdout)
print clie
return clie.get_rc()
def main(argv=sys.argv[1:]):
try:
repo_dir = argv[0]
repo_dir = str(repo_dir).strip()
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
user = User(db_obj, uu="CumulusPublicUser")
if user == None:
raise Exception("No public user")
File.create_file(db_obj, repo_dir, user, repo_dir,
pynimbusauthz.alias_type_s3)
db_obj.commit()
except:
raise
return 0
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) == 0:
raise AuthzException('CLI_PARAMETER',
"You must specify a filename")
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS',
"bucket %s not found" % (opts.parent))
object_name = args[0]
file1 = File.get_file(db_obj, object_name, opts.type, parent=parent)
if file1 == None:
pynimbusauthz.print_msg(opts, 0, "File not found")
return
uf = UserFile(file1)
msg = "%10s\t%10s\t%10s\t%10s\t%10s" % ("file", "type", "owner",
"user", "perms")
pynimbusauthz.print_msg(opts, 1, msg)
n = uf.get_file().get_name()
t = uf.get_file().get_object_type()
stat_print_uf(opts, uf, n, t)
if opts.all:
user_list = uf.get_file().get_all_users()
for u in user_list:
uf = UserFile(uf.get_file(), u)
stat_print_uf(opts, uf, " ", " ")
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) != 3:
raise AuthzException(
'CLI_PARAMETER',
"You must specify a username filename permssions")
user_name = args[0]
object_name = args[1]
requested_perms = args[2]
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS',
"parent %s not found" % (opts.parent))
file1 = File.get_file(db_obj, object_name, opts.type, parent=parent)
if file1 == None:
raise AuthzException(
'FILE_EXISTS',
"file %s:%s not found" % (opts.type, object_name))
user = User(db_obj, uu=user_name)
uf = UserFile(file1) # create a uesrfile with owner so we can chmod
uf.chmod(requested_perms, user=user)
pynimbusauthz.print_msg(
opts, 0, "changed %s to %s for %s" %
(str(file1), requested_perms, str(user)))
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts,args) = setup_options(argv)
old_path = args[0]
new_path = args[1]
pattern = old_path + "%"
files = list(File.find_files_from_data(db_obj, pattern))
for f in files:
old_key = f.get_data_key()
new_key = old_key.replace(old_path, new_path, 1)
f.set_data_key(new_key)
db_obj.commit()
print "done - %d files rebased" % len(files)
except AuthzException, ae:
print ae
return ae.get_rc()
def setUp(self):
# os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql"
con = pynimbusauthz.db.make_test_database()
self.db = DB(con=con)
self.user = User(self.db)
def setUp(self):
(osf, self.fname) = tempfile.mkstemp()
os.close(osf)
os.environ['NIMBUS_AUTHZ_DB'] = self.fname
pynimbusauthz.db.make_test_database(self.fname)
self.db = DB(con_str=self.fname)
def create_user(self, display_name, id, pw, opts):
db_obj = DB(con_str=self.con_str)
user = User(db_obj, friendly=display_name)
user_alias = user.create_alias(id, "s3", display_name, alias_data=pw)
db_obj.commit()
db_obj.close()
def find_user_id_by_display(self, pattern):
db_obj = DB(con_str=self.con_str)
a_it = UserAlias.find_all_alias_by_friendly(db_obj, pattern)
new_it = map(lambda r: r.get_name(), a_it)
return new_it
def setUp(self):
con = pynimbusauthz.db.make_test_database()
self.db = DB(con=con)
def get_db():
db_obj = DB(con_str=self.con_str)
return db_obj
