def _load_file(self, lock: bool = False) -> dict[str, _T]: return store.load_from_mk_file( "%s" % self._config_file_path, key=self._config_variable, default={}, lock=lock, )
def _read_sitespecific_mknotifyd_config() -> dict[str, Any]: return store.load_from_mk_file( path=Path(cmk.utils.paths.default_config_dir, "mknotifyd.d", "wato", "sitespecific.mk"), key="notification_spooler_config", default={}, )
def load_roles(): # type: () -> Roles roles = store.load_from_mk_file( os.path.join(_multisite_dir(), "roles.mk"), "roles", default=_get_builtin_roles(), ) # Make sure that "general." is prefixed to the general permissions # (due to a code change that converted "use" into "general.use", etc. # TODO: Can't we drop this? This seems to be from very early days of the GUI for role in roles.values(): for pname, pvalue in role["permissions"].items(): if "." not in pname: del role["permissions"][pname] role["permissions"]["general." + pname] = pvalue # Reflect the data in the roles dict kept in the config module needed # for instant changes in current page while saving modified roles. # Otherwise the hooks would work with old data when using helper # functions from the config module # TODO: load_roles() should not update global structures config.roles.update(roles) return roles
def _load_file(self, lock=False): return store.load_from_mk_file( "%s" % self._config_file_path, key=self._config_variable, default={}, lock=lock, )
def load_connection_config(lock=False): # type: (bool) -> List[UserConnectionSpec] filename = os.path.join(_multisite_dir(), "user_connections.mk") return store.load_from_mk_file(filename, "user_connections", default=[], lock=lock)
def load_timeperiods() -> TimeperiodSpecs: if "timeperiod_information" in g: return g.timeperiod_information timeperiods = store.load_from_mk_file(wato_root_dir() + "timeperiods.mk", "timeperiods", {}) timeperiods.update(builtin_timeperiods()) g.timeperiod_information = timeperiods return timeperiods
def _load_file(self, lock: bool = False) -> TagConfigSpec: cfg = store.load_from_mk_file( self._config_file_path, key=self._config_variable, default={}, lock=lock, ) if not cfg: # Initialize with empty default config return {"tag_groups": [], "aux_tags": []} return cfg
def load_notification_rules(lock=False): filename = wato_root_dir() + "notifications.mk" notification_rules = store.load_from_mk_file(filename, "notification_rules", [], lock=lock) # Convert to new plugin configuration format for rule in notification_rules: if "notify_method" in rule: method = rule["notify_method"] plugin = rule["notify_plugin"] del rule["notify_method"] rule["notify_plugin"] = (plugin, method) return notification_rules
def _load_file(self, lock: bool = False) -> dict[str, Password]: """The actual passwords are stored in a separate file for special treatment Have a look at `cmk.utils.password_store` for further information""" return join_password_specs( store.load_from_mk_file( self._config_file_path, key=self._config_variable, default={}, lock=lock, ), password_store.load(), )
def load_sites(cls) -> SiteConfigurations: if not os.path.exists(cls._sites_mk()): return config.default_single_site_configuration() raw_sites = store.load_from_mk_file(cls._sites_mk(), "sites", {}) if not raw_sites: return config.default_single_site_configuration() sites = config.migrate_old_site_config(raw_sites) for site in sites.values(): if site["proxy"] is not None: site["proxy"] = cls.transform_old_connection_params(site["proxy"]) return sites
def _read_passwords_mk() -> dict[str, password_store.Password]: return store.load_from_mk_file( Path(cmk.utils.paths.check_mk_config_dir, "wato", "passwords.mk"), key="stored_passwords", default={}, )
def load_users(lock: bool = False) -> Users: filename = _root_dir() + "contacts.mk" if lock: # Note: the lock will be released on next save_users() call or at # end of page request automatically. store.aquire_lock(filename) if 'users' in g: return g.users # First load monitoring contacts from Check_MK's world. If this is # the first time, then the file will be empty, which is no problem. # Execfile will the simply leave contacts = {} unchanged. contacts = store.load_from_mk_file(filename, "contacts", {}) # Now load information about users from the GUI config world filename = _multisite_dir() + "users.mk" users = store.load_from_mk_file(_multisite_dir() + "users.mk", "multisite_users", {}) # Merge them together. Monitoring users not known to Multisite # will be added later as normal users. result = {} for uid, user in users.items(): # Transform user IDs which were stored with a wrong type uid = ensure_str(uid) profile = contacts.get(uid, {}) profile.update(user) result[uid] = profile # Convert non unicode mail addresses if "email" in profile: profile["email"] = ensure_str(profile["email"]) # This loop is only neccessary if someone has edited # contacts.mk manually. But we want to support that as # far as possible. for uid, contact in contacts.items(): # Transform user IDs which were stored with a wrong type uid = ensure_str(uid) if uid not in result: result[uid] = contact result[uid]["roles"] = ["user"] result[uid]["locked"] = True result[uid]["password"] = "" # Passwords are read directly from the apache htpasswd-file. # That way heroes of the command line will still be able to # change passwords with htpasswd. Users *only* appearing # in htpasswd will also be loaded and assigned to the role # they are getting according to the multisite old-style # configuration variables. def readlines(f): try: return Path(f).open(encoding="utf-8") except IOError: return [] # FIXME TODO: Consolidate with htpasswd user connector filename = cmk.utils.paths.htpasswd_file for line in readlines(filename): line = line.strip() if ':' in line: uid, password = line.strip().split(":")[:2] uid = ensure_str(uid) if password.startswith("!"): locked = True password = password[1:] else: locked = False if uid in result: result[uid]["password"] = password result[uid]["locked"] = locked else: # Create entry if this is an admin user new_user = { "roles": config.roles_of_user(uid), "password": password, "locked": False, } result[uid] = new_user # Make sure that the user has an alias result[uid].setdefault("alias", uid) # Other unknown entries will silently be dropped. Sorry... # Now read the serials, only process for existing users serials_file = '%s/auth.serials' % os.path.dirname( cmk.utils.paths.htpasswd_file) for line in readlines(serials_file): line = line.strip() if ':' in line: user_id, serial = line.split(':')[:2] user_id = ensure_str(user_id) if user_id in result: result[user_id]['serial'] = utils.saveint(serial) # Now read the user specific files directory = cmk.utils.paths.var_dir + "/web/" for d in os.listdir(directory): if d[0] != '.': uid = ensure_str(d) # read special values from own files if uid in result: for attr, conv_func in [ ('num_failed_logins', utils.saveint), ('last_pw_change', utils.saveint), ('last_seen', utils.savefloat), ('enforce_pw_change', lambda x: bool(utils.saveint(x))), ('idle_timeout', _convert_idle_timeout), ('session_id', _convert_session_info), ]: val = load_custom_attr(uid, attr, conv_func) if val is not None: result[uid][attr] = val # read automation secrets and add them to existing # users or create new users automatically try: user_secret_path = Path(directory) / d / "automation.secret" with user_secret_path.open(encoding="utf-8") as f: secret: Optional[str] = ensure_str(f.read().strip()) except IOError: secret = None if secret: if uid in result: result[uid]["automation_secret"] = secret else: result[uid] = { "roles": ["guest"], "automation_secret": secret, } # populate the users cache g.users = result return result
def load_timeperiods() -> TimeperiodSpecs: timeperiods = store.load_from_mk_file(wato_root_dir() + "timeperiods.mk", "timeperiods", {}) timeperiods.update(builtin_timeperiods()) return timeperiods
def load_contacts() -> Dict[str, Any]: return store.load_from_mk_file(_contacts_filepath(), "contacts", {})