Ejemplo n.º 1
0
    def group_create(self, name, description,
                     expire_date=None, visibility='A'):
        """Create a group.

        :type name: str
        :param name: The groups name.

        :type description: str
        :param description: The groups description.

        :type expire_date: DateTime
        :param expire_date: The groups expiration date.

        :type visibility: str
        :param visibility: The groups visibility. Can one of:
            'A'  All
            'I'  Internal
            'N'  None
        """
        # Perform auth-check
        self.ba.can_create_group(self.operator_id, groupname=name)

        # Check if group exists
        if Utils.get_group(self.db, 'name', name):
            raise Errors.CerebrumRPCException('Group already exists.')

        co = Factory.get('Constants')(self.db)
        gr = Factory.get('Group')(self.db)

        # Test if visibility is sane
        vis = co.GroupVisibility(visibility)
        try:
            int(vis)
        except (Errors.NotFoundError, TypeError):
            raise Errors.CerebrumRPCException('Invalid visibility.')

        # Create the group
        # TODO: Moar try/except?
        GroupAPI.group_create(gr, self.operator_id, vis, name,
                              description, expire_date)

        # Set moderator if appropriate.
        # TODO: use the commented version when we pass the config as a dict.
        if getattr(self.config, 'GROUP_OWNER_OPSET', None):
            # Fetch operator.
            en = Utils.get_entity_by_id(self.db, self.operator_id)
            # Grant auth
            GroupAPI.grant_auth(en, gr, getattr(self.config,
                                'GROUP_OWNER_OPSET'))
        return gr.entity_id
Ejemplo n.º 2
0
    def in_system(self, id_type, entity_id, system):
        """Check if a user is represented in a system.

        :type id_type: basestring
        :param id_type: The id-type to look-up by.

        :type entity_id: basestring
        :param entity_id: The entitys id.

        :type system: basestring
        :param system: The system to check."""
        co = Factory.get('Constants')(self.db)

        # Fetch entity
        e = Utils.get(self.db, 'entity', id_type, entity_id)
        if not e:
            # TODO: Should this be raised in the Utils-module/class/whatever?
            raise Errors.CerebrumRPCException('Entity does not exist')

        try:
            sys = co.Spread(system)
            int(sys)
        except Errors.NotFoundError:
            raise Errors.CerebrumRPCException('System does not exist')

        try:
            return bool(e.get_subclassed_object().has_spread(sys))
        except AttributeError:
            # If we wind up here, the entity does not have the EntitySpread
            # class mixed into itself. When the EntitySpread-class is not mixed
            # in, we get an AttributeError since has_spread() is not defined.
            # TBD: Return false, or raise something?
            return False
Ejemplo n.º 3
0
    def in_system(self, id_type, entity_id, system):
        """Check if a user is represented in a system.

        :type id_type: basestring
        :param id_type: The id-type to look-up by.

        :type entity_id: basestring
        :param entity_id: The entitys id.

        :type system: basestring
        :param system: The system to check."""
        co = Factory.get('Constants')(self.db)

        # Fetch entity
        e = Utils.get(self.db, 'entity', id_type, entity_id)
        if not e:
            # TODO: Should this be raised in the Utils-module/class/whatever?
            raise Errors.CerebrumRPCException('Entity does not exist')

        try:
            sys = co.Spread(system)
            int(sys)
        except Errors.NotFoundError:
            raise Errors.CerebrumRPCException('System does not exist')

        try:
            return bool(e.get_subclassed_object().has_spread(sys))
        except AttributeError:
            # If we wind up here, the entity does not have the EntitySpread
            # class mixed into itself. When the EntitySpread-class is not mixed
            # in, we get an AttributeError since has_spread() is not defined.
            # TBD: Return false, or raise something?
            return False
Ejemplo n.º 4
0
    def group_remove_member(self, group_id_type, group_id,
                            member_id_type, member_id):
        """Remove a member from a group.

        :type group_id_type: str
        :param group_id_type: Group identifier type, 'id' or 'group_name'

        :type group_id: str
        :param group_id: Group identifier

        :type member_id_type: str
        :param member_id_type: Member identifier type, 'id' or 'account_name'

        :type member_id: str
        :param member_id: Member identifier

        :rtype: boolean
        """
        # Get the group
        gr = Utils.get(self.db, 'group', group_id_type, group_id)

        if not gr:
            raise Errors.CerebrumRPCException(
                'Group %s:%s does not exist.' % (group_id_type, group_id))

        # Perform auth check
        self.ba.can_alter_group(self.operator_id, gr)

        # Get the member we want to add
        member = Utils.get(self.db, 'entity', member_id_type, member_id)

        if not member:
            raise Errors.CerebrumRPCException(
                'Entity %s:%s does not exist.' % (member_id_type, member_id))

        if not gr.has_member(member.entity_id):
            return False

        GroupAPI.remove_member(gr, member.entity_id)
        return True
Ejemplo n.º 5
0
    def active_in_system(self, id_type, entity_id, system):
        """Check if a user is represented and active in a system.

        :type id_type: basestring
        :param id_type: The id-type to look-up by.

        :type entity_id: basestring
        :param entity_id: The entitys id.

        :type system: basestring
        :param system: The system to check."""
        # Check for existing quarantines on the entity that are locking the
        # entity out (if the quarantine is active), and also check if the
        # entity is in the system.
        # TODO: Should this evaluate the shell set by quarantine rules? Some
        #       quarantines does not result in a locked-status, but has
        #       nologin-shells associated with them..
        import mx
        from Cerebrum.QuarantineHandler import QuarantineHandler

        co = Factory.get('Constants')(self.db)
        # q[i] = {quarantine_type: int, creator_id: int, description: string,
        #         create_date: DateTime, start_date: DateTime,
        #         disable_until: DateTime, DateTime: end_date}
        e = Utils.get(self.db, 'entity', id_type, entity_id)

        # Fetch quarantines if applicable
        try:
            quars = e.get_entity_quarantine()
        except AttributeError:
            quars = []

        now = mx.DateTime.now()

        locked = False
        for q in quars:
            # Use code string for quarantine type
            qt = q['quarantine_type']
            qtype = co.map_const(qt)
            qhandler = QuarantineHandler(self.db, [qtype])
            if (qhandler.is_locked() and
                    (q['start_date'] <= now and
                     (q['end_date'] is None or
                      q['end_date'] > now) and
                     (q['disable_until'] is None or
                      q['disable_until'] <= now))):
                locked = True
        if (locked or not self.in_system(id_type, entity_id, system)):
            return False
        else:
            return True
Ejemplo n.º 6
0
    def active_in_system(self, id_type, entity_id, system):
        """Check if a user is represented and active in a system.

        :type id_type: basestring
        :param id_type: The id-type to look-up by.

        :type entity_id: basestring
        :param entity_id: The entitys id.

        :type system: basestring
        :param system: The system to check."""
        # Check for existing quarantines on the entity that are locking the
        # entity out (if the quarantine is active), and also check if the
        # entity is in the system.
        # TODO: Should this evaluate the shell set by quarantine rules? Some
        #       quarantines does not result in a locked-status, but has
        #       nologin-shells associated with them..
        import mx
        from Cerebrum.QuarantineHandler import QuarantineHandler

        co = Factory.get('Constants')(self.db)
        # q[i] = {quarantine_type: int, creator_id: int, description: string,
        #         create_date: DateTime, start_date: DateTime,
        #         disable_until: DateTime, DateTime: end_date}
        e = Utils.get(self.db, 'entity', id_type, entity_id)

        # Fetch quarantines if applicable
        try:
            quars = e.get_entity_quarantine()
        except AttributeError:
            quars = []

        now = mx.DateTime.now()

        locked = False
        for q in quars:
            # Use code string for quarantine type
            qt = q['quarantine_type']
            qtype = co.map_const(qt)
            qhandler = QuarantineHandler(self.db, [qtype])
            if (qhandler.is_locked() and
                (q['start_date'] <= now and
                 (q['end_date'] is None or q['end_date'] > now) and
                 (q['disable_until'] is None or q['disable_until'] <= now))):
                locked = True
        if (locked or not self.in_system(id_type, entity_id, system)):
            return False
        else:
            return True
Ejemplo n.º 7
0
    def group_info(self, group_id_type, group_id):
        """Get information about a group.

        :type group_id_type: str
        :param group_id_type: Group identifier type, 'id' or 'group_name'

        :type group_id: str
        :param group_id: Group identifier
        """
        gr = Utils.get(self.db, 'group', group_id_type, group_id)

        # Check if group exists
        if not gr:
            raise Errors.CerebrumRPCException(
                'Group %s:%s does not exist.' % (group_id_type, group_id))

        return GroupAPI.group_info(gr)
Ejemplo n.º 8
0
    def spread_list(self, id_type, entity_id):
        """List account's spreads.

        :type id_type: basestring
        :param id_type: The id-type to look-up by.

        :type entity_id: basestring
        :param entity_id: The entitys id."""
        co = Factory.get('Constants')(self.db)
        e = Utils.get(self.db, 'entity', id_type, entity_id)
        spreads = dict()

        def fixer(id):
            if id[0] in spreads:
                return str(spreads[id[0]])
            s = spreads[id[0]] = co.map_const(id[0])
            return str(s)
        try:
            return map(fixer, e.get_subclassed_object().get_spread())
        except NameError:
            raise Errors.CerebrumRPCException("No spreads in entity")
Ejemplo n.º 9
0
    def group_list(self, group_id_type, group_id):
        """Get list of group members

        :type group_id_type: str
        :param group_id_type: Group identifier type, 'id' or 'group_name'

        :type group_id: unicode or str
        :param group_id: Group identifier

        :rtype: list(dict{'name': name or id, 'type': type})
        """
        gr = Utils.get(self.db, 'group', group_id_type, group_id)

        # Check if group exists
        if not gr:
            raise Errors.CerebrumRPCException(
                'Group %s:%s does not exist.' % (group_id_type, group_id))

        lst = [{'name': x[1], 'type': x[0]} for x in
               map(Utils.get_entity_designator, GroupAPI.group_list(gr))]
        return lst
Ejemplo n.º 10
0
    def spread_list(self, id_type, entity_id):
        """List account's spreads.

        :type id_type: basestring
        :param id_type: The id-type to look-up by.

        :type entity_id: basestring
        :param entity_id: The entitys id."""
        co = Factory.get('Constants')(self.db)
        e = Utils.get(self.db, 'entity', id_type, entity_id)
        spreads = dict()

        def fixer(id):
            if id[0] in spreads:
                return str(spreads[id[0]])
            s = spreads[id[0]] = co.map_const(id[0])
            return str(s)

        try:
            return map(fixer, e.get_subclassed_object().get_spread())
        except NameError:
            raise Errors.CerebrumRPCException("No spreads in entity")
Ejemplo n.º 11
0
    def add_to_system(self, id_type, entity_id, system):
        """Add an entity to a system.

        :type id_type: basestring
        :param id_type: The id-type to look-up by.

        :type entity_id: basestring
        :param entity_id: The entitys id.

        :type system: basestring
        :param system: The system the entity should be added to."""
        # Fetch entity
        en = Utils.get(self.db, 'entity', id_type, entity_id)
        if not en:
            # TODO: Should this be raised in the Utils-module/class/whatever?
            raise Errors.CerebrumRPCException('Entity does not exist')

        co = Factory.get('Constants')(self.db)

        try:
            sys = co.Spread(system)
            int(sys)
        except Errors.NotFoundError:
            raise Errors.CerebrumRPCException('System does not exist')

        self.ba.can_add_spread(self.operator_id, en, sys)

        try:
            if en.get_subclassed_object().has_spread(sys):
                return

            en.get_subclassed_object().add_spread(sys)
        except AttributeError:
            raise Errors.CerebrumRPCException('Can\'t add entity to system.')
        except self.db.IntegrityError:
            # TODO: This seems correct?
            raise Errors.CerebrumRPCException(
                'Entity not applicable for system.')
Ejemplo n.º 12
0
    def add_to_system(self, id_type, entity_id, system):
        """Add an entity to a system.

        :type id_type: basestring
        :param id_type: The id-type to look-up by.

        :type entity_id: basestring
        :param entity_id: The entitys id.

        :type system: basestring
        :param system: The system the entity should be added to."""
        # Fetch entity
        en = Utils.get(self.db, 'entity', id_type, entity_id)
        if not en:
            # TODO: Should this be raised in the Utils-module/class/whatever?
            raise Errors.CerebrumRPCException('Entity does not exist')

        co = Factory.get('Constants')(self.db)

        try:
            sys = co.Spread(system)
            int(sys)
        except Errors.NotFoundError:
            raise Errors.CerebrumRPCException('System does not exist')

        self.ba.can_add_spread(self.operator_id, en, sys)

        try:
            if en.get_subclassed_object().has_spread(sys):
                return

            en.get_subclassed_object().add_spread(sys)
        except AttributeError:
            raise Errors.CerebrumRPCException('Can\'t add entity to system.')
        except self.db.IntegrityError:
            # TODO: This seems correct?
            raise Errors.CerebrumRPCException(
                'Entity not applicable for system.')
Ejemplo n.º 13
0
    def group_set_expire(self, group_id_type, group_id, expire_date=None):
        """Set an expire-date on a group.

        :type group_id_type: str
        :param group_id_type: Group identifier type, 'id' or 'group_name'

        :type group_id: str
        :param group_id: Group identifier

        :type expire_date: <mx.DateTime>
        :param expire_date: The expire-date to set, or None.
        """
        # Get group
        gr = Utils.get(self.db, 'group', group_id_type, group_id)

        if not gr:
            raise Errors.CerebrumRPCException(
                'Group %s:%s does not exist.' % (group_id_type, group_id))

        # Perform auth check
        self.ba.can_alter_group(self.operator_id, gr)

        GroupAPI.set_expire_date(gr, expire_date)