def view_local_users(request):
return_dict = {}
try:
user_list, err = local_users.get_local_users()
if err:
raise Exception(err)
return_dict["user_list"] = user_list
if "action" in request.GET:
conf = ''
if request.GET["action"] == "saved":
conf = "Local user password successfully updated"
elif request.GET["action"] == "created":
conf = "Local user successfully created"
elif request.GET["action"] == "deleted":
conf = "Local user successfully deleted"
elif request.GET["action"] == "changed_password":
conf = "Successfully update password"
return_dict["conf"] = conf
return django.shortcuts.render_to_response('view_local_users.html', return_dict, context_instance=django.template.context.RequestContext(request))
except Exception, e:
return_dict['base_template'] = 'users-groups_base.html'
return_dict["page_title"] = 'Local users'
return_dict['tab'] = 'view_local_users_tab'
return_dict["error"] = 'Error loading local users list'
return_dict["error_details"] = str(e)
return django.shortcuts.render_to_response("logged_in_error.html", return_dict, context_instance=django.template.context.RequestContext(request))
def create_ftp_user_dirs(request):
return_dict = {}
try:
config, err = vsftp.get_ftp_config()
if err:
raise Exception(err)
if 'dataset' not in config:
raise Exception(
'No home dataset has been configured for the FTP service. Please do that before creating FTP home directories'
)
users, err = local_users.get_local_users()
if err:
raise Exception(err)
res, err = vsftp.create_ftp_user_dirs(config['dataset'], users)
if err:
raise Exception(err)
audit.audit("create_ftp_dir", 'Created FTP user directories',
request.META)
return django.http.HttpResponseRedirect(
'/view_ftp_configuration?ack=dirs_created')
except Exception, e:
return_dict['base_template'] = "services_base.html"
return_dict["page_title"] = 'Create FTP user directories'
return_dict['tab'] = 'ftp_service_settings'
return_dict["error"] = 'Error creating FTP user directories '
return_dict["error_details"] = str(e)
return django.shortcuts.render_to_response(
"logged_in_error.html",
return_dict,
context_instance=django.template.context.RequestContext(request))
def view_local_users(request):
return_dict = {}
try:
user_list, err = local_users.get_local_users()
if err:
raise Exception(err)
return_dict["user_list"] = user_list
if "ack" in request.GET:
if request.GET["ack"] == "saved":
return_dict[
'ack_message'] = "Local user password successfully updated"
elif request.GET["ack"] == "created":
return_dict['ack_message'] = "Local user successfully created"
elif request.GET["ack"] == "deleted":
return_dict['ack_message'] = "Local user successfully deleted"
elif request.GET["ack"] == "changed_password":
return_dict['ack_message'] = "Successfully update password"
return django.shortcuts.render_to_response(
'view_local_users.html',
return_dict,
context_instance=django.template.context.RequestContext(request))
except Exception, e:
return_dict['base_template'] = 'users-groups_base.html'
return_dict["page_title"] = 'Local users'
return_dict['tab'] = 'view_local_users_tab'
return_dict["error"] = 'Error loading local users list'
return_dict["error_details"] = str(e)
return django.shortcuts.render_to_response(
"logged_in_error.html",
return_dict,
context_instance=django.template.context.RequestContext(request))
def change_service_status(request):
return_dict = {}
try:
if request.method == "GET":
raise Exception("Invalid request. Please use the menus")
if 'service' not in request.POST:
raise Exception("Invalid request. Please use the menus")
if 'action' not in request.POST or request.POST['action'] not in [
'start', 'stop', 'restart', 'enable', 'disable'
]:
raise Exception("Invalid request. Please use the menus")
service = request.POST['service']
action = request.POST['action']
if 'action' == 'start' and service == 'vsftpd':
#Need to make sure that all local users have their directories created so do it..
config, err = vsftp.get_ftp_config()
if err:
raise Exception(err)
users, err = local_users.get_local_users()
if err:
raise Exception(err)
ret, err = create_ftp_user_dirs(config['dataset'], users)
if err:
raise Exception(err)
audit_str = "Service status change of %s initiated to %s state." % (
service, action)
audit.audit("change_service_status", audit_str, request.META)
out, err = services_management.change_service_status(service, action)
if err:
raise Exception(err)
if out:
return django.http.HttpResponseRedirect(
'/view_services?&service_change_status=%s' % ','.join(out))
else:
return django.http.HttpResponseRedirect(
'/view_services?service_change_status=none')
except Exception, e:
return_dict['base_template'] = "services_base.html"
return_dict["page_title"] = 'Modify system service state'
return_dict['tab'] = 'view_services_tab'
return_dict["error"] = 'Error modifying system services state'
return_dict["error_details"] = str(e)
return django.shortcuts.render_to_response(
"logged_in_error.html",
return_dict,
context_instance=django.template.context.RequestContext(request))
def _get_user_or_group_list(type):
ret = None
try:
d, err = cifs_common.load_auth_settings()
if err:
raise Exception(err)
if not d:
raise Exception("Unspecified authentication method. Could not retrieve users")
elif d["security"] == "users":
if type and type == "users":
l, err = local_users.get_local_users()
if err:
raise Exception(err)
if l:
ret = []
for ld in l:
ret.append(ld["username"])
else:
l, err = local_users.get_local_groups()
if err:
raise Exception(err)
if l:
ret = []
for ld in l:
ret.append(ld["grpname"])
elif d["security"] == "ads":
if type and type == "users":
ret, err = cifs_common._get_ad_users_or_groups("users")
if err:
raise Exception(err)
elif type and type == "groups":
ret, err = cifs_common._get_ad_users_or_groups("groups")
if err:
raise Exception(err)
else:
raise Exception("Unsupported authentication method. Could not retrieve users")
except Exception, e:
return None, 'Error retrieving user of group list : %s'%str(e)
def modify_dir_owner(request):
return_dict = {}
try:
users, err = local_users.get_local_users()
if err:
raise Exception('Error retrieving local user list : %s'%err)
if not users:
raise Exception('No local users seem to be created. Please create at least one local user before performing this operation.')
groups, err = local_users.get_local_groups()
if err:
raise Exception('Error retrieving local group list : %s'%err)
if not groups:
raise Exception('No local groups seem to be created. Please create at least one local group before performing this operation.')
if request.method == "GET":
if 'path' not in request.GET:
raise Exception('Invalid request. Please use the menus.')
path = request.GET['path']
try:
stat_info = os.stat(path)
except Exception, e:
raise Exception('Error accessing specified path : %s'%str(e))
uid = stat_info.st_uid
gid = stat_info.st_gid
user_name = pwd.getpwuid(uid)[0]
group_name = grp.getgrgid(gid)[0]
initial = {}
initial['path'] = path
initial['uid'] = uid
initial['gid'] = gid
initial['user_name'] = user_name
initial['group_name'] = group_name
form = folder_management_forms.ModifyOwnershipForm(initial=initial, user_list = users, group_list = groups)
return_dict["form"] = form
return django.shortcuts.render_to_response('modify_dir_ownership.html', return_dict, context_instance=django.template.context.RequestContext(request))
else:
def modify_group_membership(request):
return_dict = {}
try:
if "ack" in request.GET:
if request.GET["ack"] == "created":
return_dict['ack_message'] = "Local group successfully created"
if "grpname" not in request.REQUEST:
raise Exception("Invalid request. No group name specified.")
gd, err = local_users.get_local_group(request.REQUEST['grpname'])
if err or (not gd):
if err:
raise Exception(err)
else:
raise Exception("Could not retrieve group information")
print 'gd - ', gd
user_list, err = local_users.get_local_users()
if err:
raise Exception(err)
print 'user_list', user_list
users = []
primary_users = []
permitted_users = []
for u in user_list:
if u['gid'] != gd['gid']:
permitted_users.append(u)
else:
primary_users.append(u['username'])
if u['username'] in gd['members']:
users.append(u['username'])
print 'users', users
#return_dict['primary_users'] = primary_users
if request.method == "GET":
#Return the form
initial = {}
initial['grpname'] = request.GET['grpname']
initial['users'] = users
form = local_user_forms.ModifyGroupMembershipForm(
initial=initial, user_list=permitted_users)
return_dict['form'] = form
return django.shortcuts.render_to_response(
"modify_group_membership.html",
return_dict,
context_instance=django.template.context.RequestContext(
request))
else:
form = local_user_forms.ModifyGroupMembershipForm(
request.POST, user_list=permitted_users)
return_dict["form"] = form
if form.is_valid():
cd = form.cleaned_data
users = cd['users']
print users
audit_str = 'Modified group membership for group "%s". ' % cd[
'grpname']
deleted_users = []
for existing_user in gd['members']:
if existing_user not in users and existing_user not in primary_users:
deleted_users.append(existing_user)
print 'delete user %s' % existing_user
added_users = []
for user in users:
if user not in gd['members'] and user not in primary_users:
added_users.append(user)
print 'add user %s' % user
if added_users:
audit_str += 'Added user(s) %s. ' % (','.join(added_users))
if deleted_users:
audit_str += 'Removed user(s) %s.' % (
','.join(deleted_users))
print audit_str
#assert False
ret, err = local_users.set_group_membership(
cd['grpname'], cd['users'])
if err:
raise Exception('Error setting group membership: %s' % err)
#assert False
audit.audit("set_group_membership", audit_str, request.META)
url = '/view_local_group?grpname=%s&searchby=grpname&ack=set_membership' % cd[
'grpname']
return django.http.HttpResponseRedirect(url)
else:
return django.shortcuts.render_to_response(
"modify_group_membership.html",
return_dict,
context_instance=django.template.context.RequestContext(
request))
except Exception, e:
return_dict['base_template'] = 'users-groups_base.html'
return_dict["page_title"] = 'Modify group membership'
return_dict['tab'] = 'view_local_groups_tab'
return_dict["error"] = 'Error modifying group membership'
return_dict["error_details"] = str(e)
return django.shortcuts.render_to_response(
"logged_in_error.html",
return_dict,
context_instance=django.template.context.RequestContext(request))
def configure_ftp(request):
return_dict = {}
try:
config, err = vsftp.get_ftp_config()
if err:
raise Exception(err)
pools, err = zfs.get_pools()
ds_list = []
for pool in pools:
for ds in pool["datasets"]:
if ds['properties']['type']['value'] == 'filesystem':
ds_list.append(ds["name"])
cert_list, err = certificates.get_certificates()
if err:
raise Exception(err)
cert_name_list = []
for cert in cert_list:
cert_name_list.append(cert['name'])
#print ds_list
if not ds_list:
raise Exception(
'No ZFS datasets available. Please create a dataset before configuring the FTP service.'
)
if request.method == 'GET':
initial = {}
if config:
for key in config.keys():
initial[key] = config[key]
form = ftp_management_forms.ConfigureFTPForm(
datasets=ds_list, cert_names=cert_name_list, initial=initial)
return_dict['form'] = form
return django.shortcuts.render_to_response(
'configure_ftp.html',
return_dict,
context_instance=django.template.context.RequestContext(
request))
else:
form = ftp_management_forms.ConfigureFTPForm(
request.POST, cert_names=cert_name_list, datasets=ds_list)
return_dict['form'] = form
if not form.is_valid():
return django.shortcuts.render_to_response(
"configure_ftp.html",
return_dict,
context_instance=django.template.context.RequestContext(
request))
cd = form.cleaned_data
ret, err = vsftp.update_ftp_config(cd)
if err:
raise Exception(err)
users, err = local_users.get_local_users()
if err:
raise Exception(err)
ret, err = vsftp.create_ftp_user_dirs(cd['dataset'], users)
if err:
raise Exception(err)
audit_str = 'Updated FTP configuration.'
if cd['ssl_enabled']:
audit_str = audit_str + ' SSL enabled with certificate %s' % cd[
'cert_name']
else:
audit_str = audit_str + ' SSL disabled.'
ret, err = audit.audit("update_ftp_config", audit_str,
request.META)
return django.http.HttpResponseRedirect(
'/view_ftp_configuration?ack=saved')
except Exception, e:
return_dict['base_template'] = "services_base.html"
return_dict["page_title"] = 'Configure FTP service'
return_dict['tab'] = 'ftp_service_settings'
return_dict["error"] = 'Error configuring the FTP service '
return_dict["error_details"] = str(e)
return django.shortcuts.render_to_response(
"logged_in_error.html",
return_dict,
context_instance=django.template.context.RequestContext(request))
def modify_dir_permissions(request):
return_dict = {}
try:
if not "error" in return_dict:
if "ack" in request.GET:
if request.GET["ack"] == "ace_deleted":
return_dict['ack_message'] = "ACL entry successfully removed"
elif request.GET["ack"] == "aces_added":
return_dict['ack_message'] = "ACL entries successfully added"
elif request.GET["ack"] == "aces_modified":
return_dict['ack_message'] = "ACL entries successfully modified"
elif request.GET["ack"] == "created_dir":
return_dict['ack_message'] = "Directory successfully created"
elif request.GET["ack"] == "deleted_dir":
return_dict['ack_message'] = "Directory successfully deleted"
users, err = local_users.get_local_users()
if err:
raise Exception('Error retrieving local user list : %s'%err)
if not users:
raise Exception('No local users seem to be created. Please create at least one local user before performing this operation.')
groups, err = local_users.get_local_groups()
if err:
raise Exception('Error retrieving local group list : %s'%err)
if not groups:
raise Exception('No local groups seem to be created. Please create at least one local group before performing this operation.')
pools, err = zfs.get_pools()
ds_list = []
for pool in pools:
for ds in pool["datasets"]:
if ds['properties']['type']['value'] == 'filesystem':
ds_list.append(ds["name"])
if not ds_list:
raise Exception('No ZFS datasets available. Please create a dataset before creating shares.')
if 'path' not in request.REQUEST:
path = "/"+pools[0]["datasets"][0]["name"]
else:
path = request.REQUEST['path']
try:
stat_info = os.stat(path)
except Exception, e:
raise Exception('Error accessing specified path : %s'%str(e))
uid = stat_info.st_uid
gid = stat_info.st_gid
username = pwd.getpwuid(uid)[0]
grpname = grp.getgrgid(gid)[0]
return_dict["username"] = username
return_dict["grpname"] = grpname
aces, err = acl.get_all_aces(path)
if err:
raise Exception(err)
minimal_aces, err = acl.get_minimal_aces(aces)
if err:
raise Exception(err)
user_aces, err = acl.get_ug_aces(aces, None, 'user')
if err:
raise Exception(err)
group_aces, err = acl.get_ug_aces(aces, None, 'group')
if err:
raise Exception(err)
return_dict['aces'] = aces
return_dict['minimal_aces'] = minimal_aces
if user_aces:
return_dict['user_aces'] = user_aces
if group_aces:
return_dict['group_aces'] = group_aces
return_dict['path'] = path
return_dict["dataset"] = ds_list
if request.method == "GET":
# Shd be an edit request
# Set initial form values
initial = {}
initial['path'] = path
initial['owner_read'] = _owner_readable(stat_info)
initial['owner_write'] = _owner_writeable(stat_info)
initial['owner_execute'] = _owner_executeable(stat_info)
initial['group_read'] = _group_readable(stat_info)
initial['group_write'] = _group_writeable(stat_info)
initial['group_execute'] = _group_executeable(stat_info)
initial['other_read'] = _other_readable(stat_info)
initial['other_write'] = _other_writeable(stat_info)
initial['other_execute'] = _other_executeable(stat_info)
if 'dataset' in request.GET:
initial['dataset'] = request.GET['dataset']
form = folder_management_forms.SetFileOwnerAndPermissionsForm(initial = initial, user_list = users, group_list = groups)
return_dict["form"] = form
return django.shortcuts.render_to_response('modify_dir_permissions.html', return_dict, context_instance=django.template.context.RequestContext(request))
elif request.method == "POST":
path = request.POST.get("path")
# Shd be an save request
if request.POST.get("action") == "add_folder":
folder_name = request.POST.get("new_folder_name")
directory = path +"/"+folder_name
if not os.path.exists(directory):
os.makedirs(directory)
audit_str = "Creating %s" %directory
audit.audit("modify_dir_owner_permissions", audit_str, request.META)
elif request.POST.get("action") == "delete_folder":
delete = "false"
if len(path.split("/")) > 2:
delete = "true"
# Need to also check if the path is a share or not. If share, dont delete again.
# Checking NFS
exports,err = nfs.load_exports_list()
if exports:
for export in exports:
print id(export["path"]),id(path)
if export["path"] == path:
delete = "false"
break
else:
delete = "true"
if delete:
print delete
#shutil.rmtree(path,ignore_errors=True)
audit_str = "Deleting directory %s" %path
audit.audit("modify_dir_owner_permissions", audit_str, request.META)
else:
raise Exception("Cannot delete folder. It is either a dataset of a share")
else:
form = common_forms.SetFileOwnerAndPermissionsForm(request.POST, user_list = users, group_list = groups)
return_dict["form"] = form
if form.is_valid():
cd = form.cleaned_data
ret, err = file_processing.set_dir_ownership_and_permissions(cd)
if not ret:
if err:
raise Exception(err)
else:
raise Exception("Error setting directory ownership/permissions.")
audit_str = "Modified directory ownsership/permissions for %s"%cd["path"]
audit.audit("modify_dir_owner_permissions", audit_str, request.META)
return django.http.HttpResponseRedirect('/modify_dir_permissions/?ack=set_permissions')
else:
return django.shortcuts.render_to_response('modify_dir_permissions.html', return_dict, context_instance=django.template.context.RequestContext(request))
def set_file_owner_and_permissions(request):
return_dict = {}
try:
if 'path' not in request.REQUEST:
raise Exception('Path not specified')
path = request.REQUEST['path']
users, err = local_users.get_local_users()
if err:
raise Exception('Error retrieving local user list : %s'%err)
if not users:
raise Exception('No local users seem to be created. Please create at least one local user before performing this operation.')
groups, err = local_users.get_local_groups()
if err:
raise Exception('Error retrieving local group list : %s'%err)
if not groups:
raise Exception('No local groups seem to be created. Please create at least one local group before performing this operation.')
try:
stat_info = os.stat(path)
except Exception, e:
raise Exception('Error accessing specified path : %s'%str(e))
uid = stat_info.st_uid
gid = stat_info.st_gid
username = pwd.getpwuid(uid)[0]
grpname = grp.getgrgid(gid)[0]
return_dict["username"] = username
return_dict["grpname"] = grpname
if request.method == "GET":
# Shd be an edit request
# Set initial form values
initial = {}
initial['path'] = path
initial['owner_read'] = _owner_readable(stat_info)
initial['owner_write'] = _owner_writeable(stat_info)
initial['owner_execute'] = _owner_executeable(stat_info)
initial['group_read'] = _group_readable(stat_info)
initial['group_write'] = _group_writeable(stat_info)
initial['group_execute'] = _group_executeable(stat_info)
initial['other_read'] = _other_readable(stat_info)
initial['other_write'] = _other_writeable(stat_info)
initial['other_execute'] = _other_executeable(stat_info)
form = common_forms.SetFileOwnerAndPermissionsForm(initial = initial, user_list = users, group_list = groups)
return_dict["form"] = form
return django.shortcuts.render_to_response('set_file_owner_and_permissions.html', return_dict, context_instance=django.template.context.RequestContext(request))
else:
# Shd be an save request
form = common_forms.SetFileOwnerAndPermissionsForm(request.POST, user_list = users, group_list = groups)
return_dict["form"] = form
if form.is_valid():
cd = form.cleaned_data
ret, err = file_processing.set_dir_ownership_and_permissions(cd)
if not ret:
if err:
raise Exception(err)
else:
raise Exception("Error setting directory ownership/permissions.")
audit_str = "Modified directory ownsership/permissions for %s"%cd["path"]
audit.audit("modify_dir_owner_permissions", audit_str, request.META["REMOTE_ADDR"])
return django.http.HttpResponseRedirect('/view_zfs_pools?action=set_permissions')
else:
#Invalid form
return django.shortcuts.render_to_response('set_file_owner_and_permissions.html', return_dict, context_instance=django.template.context.RequestContext(request))
