def clean_netgroup(): group = Group.Group(db) group2 = Group.Group(db) for g in group.search(spread=co.spread_uio_machine_netgroup): group.clear() group.find(g['group_id']) for g2 in group.search(member_id=g["group_id"], indirect_members=False): group2.clear() group2.find(g2['group_id']) group2.remove_member(g['group_id']) group.delete() db.commit()
def delete(self): for r in self.list_srv_records(owner_id=self.entity_id): self.delete_srv_record(r['service_owner_id'], r['pri'], r['weight'], r['port']) g = Group.Group(self._db) for row in g.search(member_id=self.entity_id, indirect_members=False): g.clear() g.find(row['group_id']) g.remove_member(self.entity_id) binds = {'dns_owner_id': self.entity_id} exists_stmt = """ SELECT EXISTS ( SELECT 1 FROM [:table schema=cerebrum name=dns_owner] WHERE dns_owner_id=:dns_owner_id ) """ if self.query_1(exists_stmt, binds): # True positive delete_stmt = """ DELETE FROM [:table schema=cerebrum name=dns_owner] WHERE dns_owner_id=:dns_owner_id""" self.execute(delete_stmt, binds) self._db.log_change(self.entity_id, self.clconst.dns_owner_del, None) self.__super.delete()
def make_inital_users(db): print("Creating initial entities.") from Cerebrum import Constants from Cerebrum import Group from Cerebrum import Account from Cerebrum import Entity co = Constants.Constants() eg = Entity.Entity(db) eg.populate(co.entity_group) eg.write_db() ea = Entity.Entity(db) ea.populate(co.entity_account) ea.write_db() def false(*args): return False # TODO: These should have a permanent quarantine and be non-visible # Use Account.Account to avoid getting the wrong Account Mixins # fiddling with the bootstrap account. Every instance may use this # account as they see fit, but have to append functionality # manually afterwards. makedb an account that can be created with # a fully populated cereconf, but an empty database(which may # break a lot of Mixins). a = Account.Account(db) a.illegal_name = false a.populate( name=cereconf.INITIAL_ACCOUNTNAME, owner_type=co.entity_group, owner_id=eg.entity_id, np_type=int(co.account_program), creator_id=ea.entity_id, expire_date=None, description=None, parent=ea, ) # Get rid of errors because of missing prerequisites for password # mechanisms not needed for initial setup. # # TBD: implement cereconf.INITIAL_PASSWORD_MECHANISM? method = co.auth_type_md5_crypt a.affect_auth_types(method) enc = a.encrypt_password(method, cereconf.INITIAL_ACCOUNTNAME_PASSWORD) a.populate_authentication_type(method, enc) a.write_db() g = Group.Group(db) g.illegal_name = false g.populate(creator_id=a.entity_id, visibility=co.group_visibility_all, name=cereconf.INITIAL_GROUPNAME, group_type=co.group_type_internal, parent=eg) g.write_db() g.add_member(a.entity_id) db.commit()
def _import_netgroups(self): netgroups = self._parse_netgroups() account = Account.Account(db) account.find_by_name(cereconf.INITIAL_ACCOUNTNAME) creator_id = account.entity_id group = Group.Group(db) # First define all netgroups groupname2id = {} for k in netgroups.keys(): sys.stdout.write('g') sys.stdout.flush() names = [k] names.extend(netgroups[k]['netgroups']) for n in names: if groupname2id.has_key(n): continue group.clear() group.populate( creator_id=creator_id, visibility=co.group_visibility_all, name=n, description='machine netgroup %s' % n, # TODO: This should *probably* be marked as an automatic # group, but members are not really *synced*, simply added # if they are missing group_type=co.group_type_unknown, ) group.write_db() group.add_spread(co.spread_uio_machine_netgroup) groupname2id[n] = group.entity_id # Then populate members dns_owner2id = {} for row in dnsowner.list(): dns_owner2id[row['name']] = int(row['dns_owner_id']) for k in groupname2id.keys(): sys.stdout.write('.') sys.stdout.flush() # Add group members group.clear() group.find(groupname2id[k]) if not netgroups.has_key(k): print "Warning, no members for %s" % k continue for n in netgroups[k]['netgroups']: group.add_member(groupname2id[n]) # Add machine memebers machines = {} for n in netgroups[k]['machines']: n = self._ng_machine_filter(n) machines[n] = True for n in machines.keys(): if not dns_owner2id.has_key(n): print "Warning, unknown member: %s" % n continue group.add_member(dns_owner2id[n]) db.commit()
def delete(self): for r in self.list_srv_records(owner_id=self.entity_id): self.delete_srv_record(r['service_owner_id'], r['pri'], r['weight'], r['port']) g = Group.Group(self._db) for row in g.search(member_id=self.entity_id, indirect_members=False): g.clear() g.find(row['group_id']) g.remove_member(self.entity_id) self.execute( """ DELETE FROM [:table schema=cerebrum name=dns_owner] WHERE dns_owner_id=:dns_owner_id""", {'dns_owner_id': self.entity_id}) self._db.log_change(self.entity_id, self.const.dns_owner_del, None) self.__super.delete()
def fetch_data(drgrad_file, fritak_kopiavg_file, sysname, person_file, autostud): """Finner alle personer som rammes av kvoteordningen ved å: - finne alle som har en student-affiliation (0.1) - ta bort ansatte (1.2.1) - ta bort dr-grads stipendiater (1.2.2) I.e. vi fjerner alle som har fullstendig fritak fra ordningen. De som kun har fritak fra kopiavgiften er ikke fjernet. Finner alle gruppe-medlemskap, enten via person eller account for de som rammes av ordningen. Finner fritak fra kopiavgift (1.2.3 og 1.2.4) """ logger.debug("Prefetching data") betaling_fritak = get_bet_fritak_utv_data(sysname, person_file) logger.debug("Fritak for: %r", betaling_fritak) # Finn alle som skal rammes av kvoteregimet quota_victim = {} for pid in get_students(): quota_victim[pid] = True # Ta bort de som ikke har konto account = Account.Account(db) account_id2pid = {} has_account = {} for row in account.list_accounts_by_type(fetchall=False): account_id2pid[int(row['account_id'])] = int(row['person_id']) has_account[int(row['person_id'])] = True for p_id in quota_victim.keys(): if p_id not in has_account: del (quota_victim[p_id]) logger.debug("after removing non-account people: %i" % len(quota_victim)) # Ansatte har fritak for row in pe.list_affiliations(affiliation=co.affiliation_ansatt, status=( co.affiliation_status_ansatt_bil, co.affiliation_status_ansatt_vit, co.affiliation_status_ansatt_tekadm, ), source_system=co.system_sap, include_deleted=False, fetchall=False): if int(row['person_id']) in quota_victim: del (quota_victim[int(row['person_id'])]) logger.debug("removed employees: %i" % len(quota_victim)) # Alle personer som har disse typer tilknyttet affiliation skal ha fritak for row in pe.list_affiliations( affiliation=co.affiliation_tilknyttet, status=( co.affiliation_tilknyttet_bilag, co.affiliation_tilknyttet_ekst_forsker, co.affiliation_tilknyttet_ekst_partner, co.affiliation_tilknyttet_ekst_stip, co.affiliation_tilknyttet_emeritus, co.affiliation_tilknyttet_gjesteforsker, co.affiliation_tilknyttet_innkjoper, ), source_system=co.system_sap, include_deleted=False, fetchall=False): if int(row['person_id']) in quota_victim: del (quota_victim[int(row['person_id'])]) logger.debug("removed tilknyttet people: %i" % len(quota_victim)) # Mappe fødselsnummer til person-id fnr2pid = {} for p in pe.search_external_ids(source_system=co.system_fs, id_type=co.externalid_fodselsnr, fetchall=False): fnr2pid[p['external_id']] = int(p['entity_id']) # Dr.grads studenter har fritak for row in GeneralDataParser(drgrad_file, "drgrad"): fnr = fodselsnr.personnr_ok( "%06d%05d" % (int(row['fodselsdato']), int(row['personnr']))) pid = fnr2pid.get(fnr, None) if not pid: continue if pid in quota_victim: del (quota_victim[pid]) logger.debug("removed drgrad: %i" % len(quota_victim)) # map person-id til gruppemedlemskap. Hvis gruppe-medlemet er av # typen konto henter vi ut owner_id. person_id_member = {} group = Group.Group(db) count = [0, 0] groups = autostud.pc.group_defs.keys() logger.debug("Finding members in %s" % groups) for g in groups: group.clear() group.find(g) for m in set([ int(row["member_id"]) for row in group.search_members(group_id=group.entity_id, indirect_members=True, member_type=co.entity_account) ]): if m in account_id2pid: person_id_member.setdefault(account_id2pid[m], []).append(g) count[0] += 1 else: person_id_member.setdefault(m, []).append(g) count[1] += 1 logger.debug("memberships: persons:%i, p_m=%i, a_m=%i", len(person_id_member), count[1], count[0]) # Fetch any affiliations used as select criteria person_id_affs = {} for sm in autostud.pc.select_tool.select_map_defs.values(): if not isinstance(sm, AutoStud.Select.SelectMapPersonAffiliation): continue for aff_attrs in sm._select_map.keys(): affiliation = aff_attrs[0] for row in pe.list_affiliations(affiliation=affiliation, include_deleted=False, fetchall=False): person_id_affs.setdefault(int(row['person_id']), []).append( (int(row['ou_id']), int(row['affiliation']), int(row['status']))) # fritak fra selve kopiavgiften (1.2.3 og 1.2.4) kopiavgift_fritak = {} for row in GeneralDataParser(fritak_kopiavg_file, "betfritak"): fnr = fodselsnr.personnr_ok( "%06d%05d" % (int(row['fodselsdato']), int(row['personnr']))) pid = fnr2pid.get(fnr, None) if not pid: continue kopiavgift_fritak[pid] = True logger.debug("%i personer har kopiavgiftsfritak" % len(kopiavgift_fritak)) logger.debug("Prefetch returned %i students" % len(quota_victim)) n = 0 for pid in betaling_fritak.keys(): if pid in quota_victim: n += 1 logger.debug("%i av disse har betaling_fritak" % n) return (fnr2pid, quota_victim, person_id_member, person_id_affs, kopiavgift_fritak, betaling_fritak)