def _try_autocreate(user_name):
"""
If the necessary WSGI environment variables are populated, automatically
creates a new Beaker user account based on their values and returns it.
Otherwise returns None.
"""
from bkr.server.model import session, User
if not flask.request.environ.get('REMOTE_USER_FULLNAME'):
log.debug(
'User autocreation attempted for %r but '
'REMOTE_USER_FULLNAME env var was not populated', user_name)
return
if not flask.request.environ.get('REMOTE_USER_EMAIL'):
log.debug(
'User autocreation attempted for %r but '
'REMOTE_USER_EMAIL env var was not populated', user_name)
return
user = User()
user.user_name = user_name.decode('utf8')
user.display_name = flask.request.environ['REMOTE_USER_FULLNAME'].decode(
'utf8')
user.email_address = flask.request.environ['REMOTE_USER_EMAIL'].decode(
'utf8')
session.add(user)
session.flush()
log.debug('Autocreated user %s', user)
return user
def _try_autocreate(user_name):
"""
If the necessary WSGI environment variables are populated, automatically
creates a new Beaker user account based on their values and returns it.
Otherwise returns None.
"""
from bkr.server.model import session, User
if not flask.request.environ.get('REMOTE_USER_FULLNAME'):
log.debug('User autocreation attempted for %r but '
'REMOTE_USER_FULLNAME env var was not populated',
user_name)
return
if not flask.request.environ.get('REMOTE_USER_EMAIL'):
log.debug('User autocreation attempted for %r but '
'REMOTE_USER_EMAIL env var was not populated',
user_name)
return
user = User()
user.user_name = user_name.decode('utf8')
user.display_name = flask.request.environ['REMOTE_USER_FULLNAME'].decode('utf8')
user.email_address = flask.request.environ['REMOTE_USER_EMAIL'].decode('utf8')
session.add(user)
session.flush()
log.debug('Autocreated user %s', user)
return user
def save(self, **kw):
if kw.get('id'):
labcontroller = LabController.by_id(kw['id'])
else:
labcontroller = LabController()
session.add(labcontroller)
if labcontroller.fqdn != kw['fqdn']:
activity = LabControllerActivity(identity.current.user, 'WEBUI',
'Changed', 'FQDN',
labcontroller.fqdn, kw['fqdn'])
labcontroller.fqdn = kw['fqdn']
labcontroller.write_activity.append(activity)
# labcontroller.user is used by the lab controller to login here
try:
# pick up an existing user if it exists.
luser = User.query.filter_by(user_name=kw['lusername']).one()
except InvalidRequestError:
# Nope, create from scratch
luser = User()
if labcontroller.user != luser:
if labcontroller.user is None:
old_user_name = None
else:
old_user_name = labcontroller.user.user_name
activity = LabControllerActivity(identity.current.user, 'WEBUI',
'Changed', 'User', old_user_name,
unicode(kw['lusername']))
labcontroller.user = luser
labcontroller.write_activity.append(activity)
# Make sure user is a member of lab_controller group
group = Group.by_name(u'lab_controller')
if group not in luser.groups:
luser.groups.append(group)
luser.display_name = kw['fqdn']
luser.email_address = kw['email']
luser.user_name = kw['lusername']
if kw['lpassword']:
luser.password = kw['lpassword']
if labcontroller.disabled != kw['disabled']:
activity = LabControllerActivity(identity.current.user, 'WEBUI',
'Changed', 'Disabled',
unicode(labcontroller.disabled),
unicode(kw['disabled']))
labcontroller.disabled = kw['disabled']
labcontroller.write_activity.append(activity)
flash(_(u"%s saved" % labcontroller.fqdn))
redirect(".")
def save(self, **kw):
if kw.get('id'):
labcontroller = LabController.by_id(kw['id'])
else:
labcontroller = LabController()
session.add(labcontroller)
if labcontroller.fqdn != kw['fqdn']:
activity = LabControllerActivity(identity.current.user,
'WEBUI', 'Changed', 'FQDN', labcontroller.fqdn, kw['fqdn'])
labcontroller.fqdn = kw['fqdn']
labcontroller.write_activity.append(activity)
# labcontroller.user is used by the lab controller to login here
try:
# pick up an existing user if it exists.
luser = User.query.filter_by(user_name=kw['lusername']).one()
except InvalidRequestError:
# Nope, create from scratch
luser = User()
if labcontroller.user != luser:
if labcontroller.user is None:
old_user_name = None
else:
old_user_name = labcontroller.user.user_name
activity = LabControllerActivity(identity.current.user, 'WEBUI',
'Changed', 'User', old_user_name, unicode(kw['lusername']))
labcontroller.user = luser
labcontroller.write_activity.append(activity)
# Make sure user is a member of lab_controller group
group = Group.by_name(u'lab_controller')
if group not in luser.groups:
luser.groups.append(group)
luser.display_name = kw['fqdn']
luser.email_address = kw['email']
luser.user_name = kw['lusername']
if kw['lpassword']:
luser.password = kw['lpassword']
if labcontroller.disabled != kw['disabled']:
activity = LabControllerActivity(identity.current.user, 'WEBUI',
'Changed', 'Disabled', unicode(labcontroller.disabled),
unicode(kw['disabled']))
labcontroller.disabled = kw['disabled']
labcontroller.write_activity.append(activity)
flash( _(u"%s saved" % labcontroller.fqdn) )
redirect(".")
def save(self, **kw):
if kw.get('user_id'):
user = User.by_id(kw['user_id'])
else:
user = User()
session.add(user)
user.display_name = kw['display_name']
user.user_name = kw['user_name']
user.email_address = kw['email_address']
if kw.get('disabled') != user.disabled:
user.disabled = kw.get('disabled')
if user.disabled:
self._disable(user, method="WEBUI")
if kw['password'] != user.password:
user.password = kw['password']
flash(_(u"%s saved" % user.display_name))
redirect(".")
def save(self, **kw):
if kw.get('user_id'):
user = User.by_id(kw['user_id'])
else:
user = User()
session.add(user)
user.display_name = kw['display_name']
user.user_name = kw['user_name']
user.email_address = kw['email_address']
if kw.get('disabled') != user.disabled:
user.disabled = kw.get('disabled')
if user.disabled:
self._disable(user, method="WEBUI")
if kw['password'] != user.password:
user.password = kw['password']
flash( _(u"%s saved" % user.display_name) )
redirect(".")
def init_db(user_name=None, password=None, user_display_name=None, user_email_address=None):
get_engine()
metadata.create_all()
session.begin()
try:
admin = Group.by_name(u'admin')
except InvalidRequestError:
admin = Group(group_name=u'admin',display_name=u'Admin')
session.add(admin)
try:
lab_controller = Group.by_name(u'lab_controller')
except InvalidRequestError:
lab_controller = Group(group_name=u'lab_controller',
display_name=u'Lab Controller')
session.add(lab_controller)
#Setup User account
if user_name:
if password:
user = User(user_name=user_name.decode('utf8'), password=password.decode('utf8'))
if user_display_name:
user.display_name = user_display_name.decode('utf8')
if user_email_address:
user.email_address = user_email_address.decode('utf8')
admin.users.append(user)
else:
print "Password must be provided with username"
elif len(admin.users) == 0:
print "No admin account exists, please create one with --user"
sys.exit(1)
# Create distro_expire perm if not present
try:
distro_expire_perm = Permission.by_name(u'distro_expire')
except NoResultFound:
distro_expire_perm = Permission(u'distro_expire')
session.add(distro_expire_perm)
# Create proxy_auth perm if not present
try:
proxy_auth_perm = Permission.by_name(u'proxy_auth')
except NoResultFound:
proxy_auth_perm = Permission(u'proxy_auth')
session.add(proxy_auth_perm)
# Create tag_distro perm if not present
try:
tag_distro_perm = Permission.by_name(u'tag_distro')
except NoResultFound:
tag_distro_perm = Permission(u'tag_distro')
admin.permissions.append(tag_distro_perm)
# Create stop_task perm if not present
try:
stop_task_perm = Permission.by_name(u'stop_task')
except NoResultFound:
stop_task_perm = Permission(u'stop_task')
lab_controller.permissions.append(stop_task_perm)
admin.permissions.append(stop_task_perm)
# Create secret_visible perm if not present
try:
secret_visible_perm = Permission.by_name(u'secret_visible')
except NoResultFound:
secret_visible_perm = Permission(u'secret_visible')
lab_controller.permissions.append(secret_visible_perm)
admin.permissions.append(secret_visible_perm)
#Setup Hypervisors Table
if Hypervisor.query.count() == 0:
for h in [u'KVM', u'Xen', u'HyperV', u'VMWare']:
session.add(Hypervisor(hypervisor=h))
#Setup kernel_type Table
if KernelType.query.count() == 0:
for type in [u'default', u'highbank', u'imx', u'omap', u'tegra']:
session.add(KernelType(kernel_type=type, uboot=False))
for type in [u'mvebu']:
session.add(KernelType(kernel_type=type, uboot=True))
#Setup base Architectures
if Arch.query.count() == 0:
for arch in [u'i386', u'x86_64', u'ia64', u'ppc', u'ppc64',
u's390', u's390x', u'armhfp']:
session.add(Arch(arch))
#Setup base power types
if PowerType.query.count() == 0:
for power_type in [u'apc_snmp', u'apc_snmp_then_etherwake',
u'bladecenter', u'bladepap', u'drac', u'ether_wake', u'hyper-v',
u'ilo', u'integrity', u'ipmilan', u'ipmitool', u'lpar', u'rsa',
u'virsh', u'wti']:
session.add(PowerType(power_type))
#Setup key types
if Key.query.count() == 0:
session.add(Key(u'DISKSPACE',True))
session.add(Key(u'COMMENT'))
session.add(Key(u'CPUFAMILY',True))
session.add(Key(u'CPUFLAGS'))
session.add(Key(u'CPUMODEL'))
session.add(Key(u'CPUMODELNUMBER', True))
session.add(Key(u'CPUSPEED',True))
session.add(Key(u'CPUVENDOR'))
session.add(Key(u'DISK',True))
session.add(Key(u'FORMFACTOR'))
session.add(Key(u'HVM'))
session.add(Key(u'MEMORY',True))
session.add(Key(u'MODEL'))
session.add(Key(u'MODULE'))
session.add(Key(u'NETWORK'))
session.add(Key(u'NR_DISKS',True))
session.add(Key(u'NR_ETH',True))
session.add(Key(u'NR_IB',True))
session.add(Key(u'PCIID'))
session.add(Key(u'PROCESSORS',True))
session.add(Key(u'RTCERT'))
session.add(Key(u'SCRATCH'))
session.add(Key(u'STORAGE'))
session.add(Key(u'USBID'))
session.add(Key(u'VENDOR'))
session.add(Key(u'XENCERT'))
session.add(Key(u'NETBOOT_METHOD'))
#Setup ack/nak reposnses
if Response.query.count() == 0:
session.add(Response(response=u'ack'))
session.add(Response(response=u'nak'))
if RetentionTag.query.count() == 0:
session.add(RetentionTag(tag=u'scratch', is_default=1, expire_in_days=30))
session.add(RetentionTag(tag=u'60days', needs_product=False, expire_in_days=60))
session.add(RetentionTag(tag=u'120days', needs_product=False, expire_in_days=120))
session.add(RetentionTag(tag=u'active', needs_product=True))
session.add(RetentionTag(tag=u'audit', needs_product=True))
config_items = [
# name, description, numeric
(u'root_password', u'Plaintext root password for provisioned systems', False),
(u'root_password_validity', u"Maximum number of days a user's root password is valid for", True),
(u'default_guest_memory', u"Default memory (MB) for dynamic guest provisioning", True),
(u'default_guest_disk_size', u"Default disk size (GB) for dynamic guest provisioning", True),
(u'guest_name_prefix', u'Prefix for names of dynamic guests in oVirt', False),
]
for name, description, numeric in config_items:
ConfigItem.lazy_create(name=name, description=description, numeric=numeric)
if ConfigItem.by_name(u'root_password').current_value() is None:
ConfigItem.by_name(u'root_password').set(u'beaker', user=admin.users[0])
session.commit()
session.close()
