Example #1
0
def view_cifs_share(request):
    return_dict = {}
    try:
        template = 'logged_in_error.html'

        if "ack" in request.GET:
            if request.GET["ack"] == "ace_deleted":
                return_dict['ack_message'] = "ACL entry successfully removed"
            elif request.GET["ack"] == "aces_added":
                return_dict['ack_message'] = "ACL entries successfully added"
            elif request.GET["ack"] == "aces_modified":
                return_dict['ack_message'] = "ACL entries successfully modified"

        if request.method != "GET":
            raise Exception("Incorrect access method. Please use the menus")

        if "index" not in request.GET or "access_mode" not in request.GET:
            raise Exception("Insufficient parameters. Please use the menus")

        access_mode = request.GET["access_mode"]
        index = request.GET["index"]

        if "ack" in request.GET and request.GET["ack"] == "saved":
            return_dict["ack_message"] = "Information updated successfully"

        valid_users_list = None
        share, err = cifs.get_share_info(access_mode, index)
        if err:
            raise Exception(err)
        if not share:
            raise Exception('Specified share not found')

        aces, err = acl.get_all_aces(share['path'])
        if err:
            raise Exception(err)
        minimal_aces, err = acl.get_minimal_aces(aces)
        if err:
            raise Exception(err)
        user_aces, err = acl.get_ug_aces(aces, None, 'user')
        if err:
            raise Exception(err)
        group_aces, err = acl.get_ug_aces(aces, None, 'group')
        if err:
            raise Exception(err)

        return_dict['aces'] = aces
        return_dict['minimal_aces'] = minimal_aces
        if user_aces:
            return_dict['user_aces'] = user_aces
        if group_aces:
            return_dict['group_aces'] = group_aces
        return_dict["share"] = share

        template = 'view_cifs_share.html'

        return django.shortcuts.render_to_response(template, return_dict, context_instance=django.template.context.RequestContext(request))
    except Exception, e:
        return_dict['base_template'] = "storage_access_base.html"
        return_dict["page_title"] = 'CIFS share details'
        return_dict['tab'] = 'view_cifs_shares_tab'
        return_dict["error"] = 'Error loading CIFS share details'
        return_dict["error_details"] = str(e)
        return django.shortcuts.render_to_response("logged_in_error.html", return_dict, context_instance=django.template.context.RequestContext(request))
def update_dir_permissions(request):
    return_dict = {}
    try:
        if not "error" in return_dict:
            if "ack" in request.GET:
                if request.GET["ack"] == "ace_deleted":
                    return_dict['ack_message'] = "ACL entry successfully removed"
                elif request.GET["ack"] == "aces_added":
                    return_dict['ack_message'] = "ACL entries successfully added"
                elif request.GET["ack"] == "aces_modified":
                    return_dict['ack_message'] = "ACL entries successfully modified"
                elif request.GET["ack"] == "created_dir":
                    return_dict['ack_message'] = "Directory successfully created"
                elif request.GET["ack"] == "deleted_dir":
                    return_dict['ack_message'] = "Directory successfully deleted"
        users, err = local_users.get_local_users()
        if err:
            raise Exception('Error retrieving local user list : %s' % err)
        if not users:
            raise Exception(
                'No local users seem to be created. Please create at least one local user before performing this operation.')

        groups, err = local_users.get_local_groups()
        if err:
            raise Exception('Error retrieving local group list : %s' % err)
        if not groups:
            raise Exception(
                'No local groups seem to be created. Please create at least one local group before performing this operation.')

        pools, err = zfs.get_pools()
        ds_list = []
        for pool in pools:
            for ds in pool["datasets"]:
                if ds['properties']['type']['value'] == 'filesystem':
                    ds_list.append(ds["name"])
        if not ds_list:
            raise Exception(
                'No ZFS datasets available. Please create a dataset before creating shares.')

        req_ret, err = django_utils.get_request_parameter_values(request, [
                                                                 'path'])
        if err:
            raise Exception(err)
        if 'path' not in req_ret:
            path = "/" + pools[0]["datasets"][0]["name"]
        else:
            path = req_ret['path']
        try:
            stat_info = os.stat(path)
        except Exception, e:
            raise Exception('Error accessing specified path : %s' % str(e))
        uid = stat_info.st_uid
        gid = stat_info.st_gid
        username = pwd.getpwuid(uid)[0]
        grpname = grp.getgrgid(gid)[0]
        return_dict["username"] = username
        return_dict["grpname"] = grpname

        aces, err = acl.get_all_aces(path)
        if err:
            raise Exception(err)
        minimal_aces, err = acl.get_minimal_aces(aces)
        if err:
            raise Exception(err)
        user_aces, err = acl.get_ug_aces(aces, None, 'user')
        if err:
            raise Exception(err)
        group_aces, err = acl.get_ug_aces(aces, None, 'group')
        if err:
            raise Exception(err)

        return_dict['aces'] = aces
        return_dict['minimal_aces'] = minimal_aces
        if user_aces:
            return_dict['user_aces'] = user_aces
        if group_aces:
            return_dict['group_aces'] = group_aces

        return_dict['path'] = path
        return_dict["dataset"] = ds_list
        if request.method == "GET":
            # Shd be an edit request

            # Set initial form values
            initial = {}
            initial['path'] = path
            initial['owner_read'] = _owner_readable(stat_info)
            initial['owner_write'] = _owner_writeable(stat_info)
            initial['owner_execute'] = _owner_executeable(stat_info)
            initial['group_read'] = _group_readable(stat_info)
            initial['group_write'] = _group_writeable(stat_info)
            initial['group_execute'] = _group_executeable(stat_info)
            initial['other_read'] = _other_readable(stat_info)
            initial['other_write'] = _other_writeable(stat_info)
            initial['other_execute'] = _other_executeable(stat_info)
            if 'dataset' in request.GET:
                initial['dataset'] = request.GET['dataset']

            form = folder_management_forms.SetFileOwnerAndPermissionsForm(
                initial=initial, user_list=users, group_list=groups)

            return_dict["form"] = form
            return django.shortcuts.render_to_response('update_dir_permissions.html', return_dict, context_instance=django.template.context.RequestContext(request))

        elif request.method == "POST":
            path = request.POST.get("path")
            # Shd be an save request
            if request.POST.get("action") == "add_folder":
                folder_name = request.POST.get("new_folder_name")
                directory = path + "/" + folder_name
                if not os.path.exists(directory):
                    os.makedirs(directory)
                    audit_str = "Creating %s" % directory
                    audit.audit("modify_dir_owner_permissions",
                                audit_str, request)
            elif request.POST.get("action") == "delete_folder":
                delete = "false"
                if len(path.split("/")) > 2:
                    delete = "true"
                # Need to also check if the path is a share or not. If share, dont delete again.
                # Checking NFS
                exports, err = nfs.load_exports_list()
                if exports:
                    for export in exports:
                        print id(export["path"]), id(path)
                        if export["path"] == path:
                            delete = "false"
                            break
                        else:
                            delete = "true"

                if delete:
                    print delete
                    # shutil.rmtree(path,ignore_errors=True)
                    audit_str = "Deleting directory %s" % path
                    audit.audit("modify_dir_owner_permissions",
                                audit_str, request)
                else:
                    raise Exception(
                        "Cannot delete folder. It is either a dataset of a share")
            else:
                form = folder_management_forms.SetFileOwnerAndPermissionsForm(
                    request.POST, user_list=users, group_list=groups)
                return_dict["form"] = form
                if form.is_valid():
                    cd = form.cleaned_data
                    ret, err = file_processing.update_dir_ownership_and_permissions(
                        cd)
                    if not ret:
                        if err:
                            raise Exception(err)
                        else:
                            raise Exception(
                                "Error setting directory ownership/permissions.")

                    audit_str = "Modified directory ownsership/permissions for %s" % cd["path"]
                    audit.audit("modify_dir_owner_permissions",
                                audit_str, request)

            return django.http.HttpResponseRedirect('/storage/update_dir_permissions/?ack=set_permissions')

        else:
            return django.shortcuts.render_to_response('update_dir_permissions.html', return_dict, context_instance=django.template.context.RequestContext(request))
        except Exception, e:
            grpname = 'Unknown'
        sticky_bit_enabled, err = _sticky_bit_enabled(path)
        if err:
            raise Exception(err)
        return_dict["user_name"] = username
        return_dict["grp_name"] = grpname
        return_dict["sticky_bit_enabled"] = sticky_bit_enabled

        aces, err = acl.get_all_aces(path)
        if err:
            raise Exception(err)
        minimal_aces, err = acl.get_minimal_aces(aces)
        if err:
            raise Exception(err)
        user_aces, err = acl.get_ug_aces(aces, None, 'user')
        if err:
            raise Exception(err)
        group_aces, err = acl.get_ug_aces(aces, None, 'group')
        if err:
            raise Exception(err)

        return_dict['aces'] = aces
        return_dict['minimal_aces'] = minimal_aces
        if user_aces:
            return_dict['user_aces'] = user_aces
        if group_aces:
            return_dict['group_aces'] = group_aces

        return django.shortcuts.render_to_response('view_dir_ownership_permissions.html', return_dict, context_instance=django.template.context.RequestContext(request))
    except Exception, e:
def update_aces(request):
    return_dict = {}
    try:
        for_share = False
        share_index = None
        share_name = None
        path = None
        req_ret, err = django_utils.get_request_parameter_values(
            request, ['for', 'path', 'share_index', 'share_name'])
        if err:
            raise Exception(err)
        if 'for' in req_ret and req_ret['for'] == 'share':
            for_share = True

        if for_share:
            return_dict['base_template'] = "storage_base.html"
            return_dict['tab'] = 'view_cifs_shares_tab'
        else:
            return_dict['base_template'] = "storage_base.html"
            return_dict['tab'] = 'dir_permissions_tab'

        if 'path' not in req_ret:
            raise Exception(
                'Invalid request, please use the menus.')
        if for_share:
            if 'share_index' not in req_ret or 'share_name' not in req_ret:
                raise Exception('Invalid request. Please use the menus.')
            share_index = req_ret['share_index']
            share_name = req_ret['share_name']
            return_dict["share_index"] = share_index
            return_dict["share_name"] = share_name

        path = req_ret['path']
        return_dict["path"] = path

        aces, err = acl.get_all_aces(path)
        if err:
            raise Exception(err)

        minimal_aces, err = acl.get_minimal_aces(aces)
        if err:
            raise Exception(err)

        user_list, err = acl.get_ug_aces(aces, None, 'user')
        if err:
            raise Exception(err)
        group_list, err = acl.get_ug_aces(aces, None, 'group')
        if err:
            raise Exception(err)

        if request.method == "GET":
            initial = {}
            initial["path"] = path
            if for_share:
                initial["share_index"] = share_index
                initial["share_name"] = share_name
                form = samba_shares_forms.EditShareAcesForm(
                    initial=initial, user_list=user_list, group_list=group_list)
            else:
                form = folder_management_forms.EditAcesForm(
                    initial=initial, user_list=user_list, group_list=group_list)
            return_dict["form"] = form

            for ace in minimal_aces:
                if ace[0] == 'user':
                    if ace[2][0] != '-':
                        form.initial['ou_r'] = True
                    if ace[2][1] != '-':
                        form.initial['ou_w'] = True
                    if ace[2][2] != '-':
                        form.initial['ou_x'] = True
                if ace[0] == 'group':
                    if ace[2][0] != '-':
                        form.initial['og_r'] = True
                    if ace[2][1] != '-':
                        form.initial['og_w'] = True
                    if ace[2][2] != '-':
                        form.initial['og_x'] = True
                if ace[0] == 'other':
                    if ace[2][0] != '-':
                        form.initial['ot_r'] = True
                    if ace[2][1] != '-':
                        form.initial['ot_w'] = True
                    if ace[2][2] != '-':
                        form.initial['ot_x'] = True
            user_form_fields = {}
            for user in user_list:
                user_name = user[2]
                user_form_fields[user_name] = (
                    form['user_%s_r' % user_name], form['user_%s_w' % user_name], form['user_%s_x' % user_name])
                if user[3][0] != '-':
                    form.initial['user_%s_r' % user_name] = True
                if user[3][1] != '-':
                    form.initial['user_%s_w' % user_name] = True
                if user[3][2] != '-':
                    form.initial['user_%s_x' % user_name] = True
            group_form_fields = {}
            for group in group_list:
                group_name = group[2]
                group_form_fields[group_name] = (
                    form['group_%s_r' % group_name], form['group_%s_w' % group_name], form['group_%s_x' % group_name])
                if group[3][0] != '-':
                    form.initial['group_%s_r' % group_name] = True
                if group[3][1] != '-':
                    form.initial['group_%s_w' % group_name] = True
                if group[3][2] != '-':
                    form.initial['group_%s_x' % group_name] = True

            return_dict['user_form_fields'] = user_form_fields
            return_dict['group_form_fields'] = group_form_fields

            if for_share:
                return django.shortcuts.render_to_response("update_cifs_aces.html", return_dict, context_instance=django.template.context.RequestContext(request))
            else:
                return django.shortcuts.render_to_response("update_dir_aces.html", return_dict, context_instance=django.template.context.RequestContext(request))

        else:
            if for_share:
                form = samba_shares_forms.EditShareAcesForm(
                    request.POST, user_list=user_list, group_list=group_list)
            else:
                form = folder_management_forms.EditAcesForm(
                    request.POST, user_list=user_list, group_list=group_list)
            return_dict["form"] = form

            user_form_fields = {}
            for user in user_list:
                user_name = user[2]
                user_form_fields[user_name] = (
                    form['user_%s_r' % user_name], form['user_%s_w' % user_name], form['user_%s_x' % user_name])
            group_form_fields = {}
            for group in group_list:
                group_name = group[2]
                group_form_fields[group_name] = (
                    form['group_%s_r' % group_name], form['group_%s_w' % group_name], form['group_%s_x' % group_name])

            return_dict['user_form_fields'] = user_form_fields
            return_dict['group_form_fields'] = group_form_fields

            if form.is_valid():
                cd = form.cleaned_data
                if for_share:
                    share_index = cd['share_index']
                    share_name = cd['share_name']
                ret, err = acl.update_ace_entries(path, cd)
                if err:
                    raise Exception(err)
            else:
                if for_share:
                    return django.shortcuts.render_to_response("update_cifs_aces.html", return_dict, context_instance=django.template.context.RequestContext(request))
                else:
                    return django.shortcuts.render_to_response("update_dir_aces.html", return_dict, context_instance=django.template.context.RequestContext(request))

            if for_share:
                audit_str = 'Modified ACL entries for CIFS share %s: ' % share_name
            else:
                audit_str = 'Modified ACL entries for directory %s: ' % path
            audit.audit("edit_aces", audit_str, request)
            if for_share:
                return django.http.HttpResponseRedirect('/storage_access/view_cifs_share?access_mode=by_id&index=%s&ack=aces_modified' % share_index)
            else:
                return django.http.HttpResponseRedirect('/storage/view_dir_ownership_permissions?path=%s&ack=aces_modified' % path)
    except Exception, e:
        return_dict["page_title"] = 'Modify ACL entries'
        return_dict["error"] = 'Error modifying ACL entries'
        return_dict["error_details"] = str(e)
        return django.shortcuts.render_to_response("logged_in_error.html", return_dict, context_instance=django.template.context.RequestContext(request))
def view_cifs_share(request):
    return_dict = {}
    try:
        template = 'logged_in_error.html'

        if "ack" in request.GET:
            if request.GET["ack"] == "ace_deleted":
                return_dict['ack_message'] = "ACL entry successfully removed"
            elif request.GET["ack"] == "aces_added":
                return_dict['ack_message'] = "ACL entries successfully added"
            elif request.GET["ack"] == "aces_modified":
                return_dict['ack_message'] = "ACL entries successfully modified"

        if request.method != "GET":
            raise Exception("Incorrect access method. Please use the menus")

        if "index" not in request.GET or "access_mode" not in request.GET:
            raise Exception("Insufficient parameters. Please use the menus")

        access_mode = request.GET["access_mode"]
        index = request.GET["index"]

        if "ack" in request.GET and request.GET["ack"] == "saved":
            return_dict["ack_message"] = "Information updated successfully"

        valid_users_list = None
        share, err = cifs.get_share_info(access_mode, index)
        if err:
            raise Exception(err)
        if not share:
            raise Exception('Specified share not found')

        aces, err = acl.get_all_aces(share['path'])
        if err:
            raise Exception(err)
        minimal_aces, err = acl.get_minimal_aces(aces)
        if err:
            raise Exception(err)
        user_aces, err = acl.get_ug_aces(aces, None, 'user')
        if err:
            raise Exception(err)
        group_aces, err = acl.get_ug_aces(aces, None, 'group')
        if err:
            raise Exception(err)

        return_dict['aces'] = aces
        return_dict['minimal_aces'] = minimal_aces
        if user_aces:
            return_dict['user_aces'] = user_aces
        if group_aces:
            return_dict['group_aces'] = group_aces
        return_dict["share"] = share

        template = 'view_cifs_share.html'

        return django.shortcuts.render_to_response(template, return_dict, context_instance=django.template.context.RequestContext(request))
    except Exception, e:
        return_dict['base_template'] = "storage_access_base.html"
        return_dict["page_title"] = 'CIFS share details'
        return_dict['tab'] = 'view_cifs_shares_tab'
        return_dict["error"] = 'Error loading CIFS share details'
        return_dict["error_details"] = str(e)
        return django.shortcuts.render_to_response("logged_in_error.html", return_dict, context_instance=django.template.context.RequestContext(request))