Example #1
0
    def __init__(self,
                 host      = 'gangamd.cern.ch',
                 port      = 8822,
                 login     = '******',
                 password  = '',
                 keepalive = False,
                 reqSSL    = True,
                 **kwds):
        
        self._client = MDClient(host = host,
                                port = port,
                                login = login,
                                password = password,
                                keepalive = keepalive)

        if reqSSL:
            fn = getGridProxyPath()
            key = kwds.get('key')
            if not key:
                key = fn
            cert = kwds.get('cert')
            if not cert:
                cert = fn

            self._client.requireSSL(key, cert)
            self._client.connect()
Example #2
0
class Groups:
    """Represents interface for manipulating user groups"""

    def __init__(self,
                 host      = 'gangamd.cern.ch',
                 port      = 8822,
                 login     = '******',
                 password  = '',
                 keepalive = False,
                 reqSSL    = True,
                 **kwds):
        
        self._client = MDClient(host = host,
                                port = port,
                                login = login,
                                password = password,
                                keepalive = keepalive)

        if reqSSL:
            fn = getGridProxyPath()
            key = kwds.get('key')
            if not key:
                key = fn
            cert = kwds.get('cert')
            if not cert:
                cert = fn

            self._client.requireSSL(key, cert)
            self._client.connect()
        
    #-----------------------------------------------------------------------
    def grpCreate(self, groupname):
        """Creates a new group with name groupname.
        It is not possible to create groups beloning to others."""
        res = []
        cmd = 'grp_create ' + groupname
        self._client.execute(cmd)
        
    #-----------------------------------------------------------------------
    def grpDelete(self, groupname):
        """Deletes a group with name groupname (user:groupname).
        Only root can delete groups of other users"""
        cmd = 'grp_delete ' + groupname
        self._client.execute(cmd)

    #-----------------------------------------------------------------------
    def grpShow(self, groupname):
        """Shows all the members belonging to group gropname."""
        res = []
        cmd = 'grp_show ' + groupname
        self._client.execute(cmd)
        while not self._client.eot():
            row = self._client.fetchRow()
            if DEBUG:
                print row
            res.append(row)
        return res

    #-----------------------------------------------------------------------
    def grpAddUser(self, groupname, user):
        """Adds a user to a group.
        Only owners of a group or root can change group membership"""
        cmd = 'grp_adduser ' + groupname + ' ' + user
        self._client.execute(cmd)

    #-----------------------------------------------------------------------
    def grpRemoveUser(self, groupname, user):
        """Removes a user from a group.
        Only owners of a group or root can change group membership"""
        cmd = 'grp_removeuser ' + groupname + ' ' + user
        self._client.execute(cmd)

    #-----------------------------------------------------------------------
    def grpMember(self, user = ''):
        """Shows to which groups a user belongs"""
        res = []
        cmd = 'grp_member'
        if user:
            cmd += ' ' + user
        self._client.execute(cmd)
        while not self._client.eot():
            row = self._client.fetchRow()
            if DEBUG:
                print row
            res.append(row)
        return res

    #-----------------------------------------------------------------------
    def grpList(self, user = ''):
        """Shows the groups owned by user, by default the current user"""
        res = []
        cmd = 'grp_list'
        if user:
            cmd += ' ' + user
        self._client.execute(cmd)
        while not self._client.eot():
            row = self._client.fetchRow()
            if DEBUG:
                print row
            res.append(row)
        return res
Example #3
0
class Collections:
    """Represents interface for manipulating collections (directories)"""

    def __init__(self,
                 host      = 'gangamd.cern.ch',
                 port      = 8822,
                 login     = '******',
                 password  = '',
                 keepalive = False,
                 reqSSL    = True,
                 **kwds):
        
        self._client = MDClient(host = host,
                                port = port,
                                login = login,
                                password = password,
                                keepalive = keepalive)

        if reqSSL:
            fn = getGridProxyPath()
            key = kwds.get('key')
            if not key:
                key = fn
            cert = kwds.get('cert')
            if not cert:
                cert = fn

            self._client.requireSSL(key, cert)
            self._client.connect()

    #-----------------------------------------------------------------------
    def createDir(self, dir):
        """Creates the directory dir if it does not yet exist but parent dir
        already exist"""
        self._client.createDir(dir)
        
    #-----------------------------------------------------------------------
    def listDir(self, dir):
        """Returns names of all subdirectories in the directory dir"""
        res = []
        self._client.listEntries(dir)
        while not self._client.eot():
            d, t = self._client.getEntry()
            if DEBUG:
                print d, t[0]
            if t[0] == 'collection':
                res.append(d)
        return res

    #-----------------------------------------------------------------------
    def statDir(self, dir):
        """Returns owner and owner-permissions for the directory dir"""
        res = []
        cmd = 'stat ' + dir
        self._client.execute(cmd)
        while not self._client.eot():
            row = self._client.fetchRow()
            if DEBUG:
                print row
            res.append(row)
        return res

    #-----------------------------------------------------------------------
    def removeDir(self, dir):
        """Removes all directories matching path. Directories are only deleted
        if they are empty and they have no attributes defined"""
        self._client.removeDir(dir)

    #-----------------------------------------------------------------------
    def pwd(self):
        """Returns the current directory"""
        return self._client.pwd()

    #-----------------------------------------------------------------------
    def cd(self, dir):
        """Changes the current directory to the given directory"""
        self._client.cd(dir)
    
    #-----------------------------------------------------------------------
    def chown(self, dir, new_owner):
        """Changes the owner of the directory"""
        cmd = 'chown ' + dir + ' ' + new_owner
        self._client.execute(cmd)

    #-----------------------------------------------------------------------
    def chmod(self, dir, new_permissions):
        """Changes owner permidssions for the directory.
        The format of new_permissions is rwx, where "-" signs can be
        substituted for the letters if certain priviledges have to be
        ommitted"""
        cmd = 'chmod ' + dir + ' ' + new_permissions
        self._client.execute(cmd)

    #-----------------------------------------------------------------------
    def aclAdd(self, dir, group, rights):
        """Adds group rights to the dir ACL.
        The format of the group user:groupname.
        The format of rights is rwx"""
        cmd = 'acl_add ' + dir + ' ' + group + ' ' + rights
        self._client.execute(cmd)        
        
    #-----------------------------------------------------------------------
    def aclRemove(self, dir, group):
        """Removes group from the dir ACL.
        The format of the group user:groupname"""
        cmd = 'acl_remove ' + dir + ' ' + group
        self._client.execute(cmd)

    #-----------------------------------------------------------------------
    def aclShow(self, dir):
        """Shows the dir ACL"""
        res = []
        cmd = 'acl_show ' + dir
        self._client.execute(cmd)
        while not self._client.eot():
            row = self._client.fetchRow()
            if DEBUG:
                print row
            res.append(row.split(' '))
        return res
Example #4
0
class UserDB:
    """Represents db interface for user management"""

    def __init__(self,
                 host      = 'gangamd.cern.ch',
                 port      = 8822,
                 login     = '******',
                 password  = '',
                 keepalive = False,
                 reqSSL    = True,
                 **kwds):
        
        self._client = MDClient(host = host,
                                port = port,
                                login = login,
                                password = password,
                                keepalive = keepalive)

        if reqSSL:
            fn = getGridProxyPath()
            key = kwds.get('key')
            if not key:
                key = fn
            cert = kwds.get('cert')
            if not cert:
                cert = fn

            self._client.requireSSL(key, cert)
            self._client.connect()
    
    #-----------------------------------------------------------------------
    def userList(self):
        """Lists all users known to the authentication subsustem"""
        res = []
        cmd = 'user_list'
        self._client.execute(cmd)
        while not self._client.eot():
            row = self._client.fetchRow()
            if DEBUG:
                print row
            res.append(row)
        return res
        
    #-----------------------------------------------------------------------
    def userListCred(self, user):
        """Lists the credentials with which the user can be authenticated"""
        res = []
        cmd = 'user_listcred ' + user
        self._client.execute(cmd)
        while not self._client.eot():
            row = self._client.fetchRow()
            if DEBUG:
                print row
            res.append(row)
        return res

    #-----------------------------------------------------------------------
    def userCreate(self, user, password = ''):
        """Creates a new user and assigns a password if given."""
        cmd = 'user_create ' + user
        if password:
            cmd += ' ' + password
        self._client.execute(cmd)

        
    #-----------------------------------------------------------------------
    def userRemove(self, user):
        """Deletes a user"""
        cmd = 'user_remove ' + user
        self._client.execute(cmd)


    #-----------------------------------------------------------------------
    def userPasswordChange(self, user, password):
        """Changes the password of a user"""
        cmd = 'user_password_change ' + user + ' ' + password
        self._client.execute(cmd)

    #-----------------------------------------------------------------------
    def userSubjectAdd(self, user, subject):
        """Adds a certificate identified by its subject line to be used to
        authenticate a user"""
        cmd = 'user_subject_add ' + user + ' ' + '\'' + subject + '\''
        self._client.execute(cmd)
Example #5
0
class BackUp:
    """Represents interface to back up user directories, users and groups"""

    def __init__(
        self, host="gangamd.cern.ch", port=8822, login="******", password="", keepalive=False, reqSSL=True, **kwds
    ):

        self._client = MDClient(host=host, port=port, login=login, password=password, keepalive=keepalive)

        if reqSSL:
            fn = getGridProxyPath()
            key = kwds.get("key")
            if not key:
                key = fn
            cert = kwds.get("cert")
            if not cert:
                cert = fn

            self._client.requireSSL(key, cert)
            self._client.connect()

    # -----------------------------------------------------------------------
    def dump(self, dir):
        """Returns list of commands needed to resore directory dir"""
        res = []
        cmd = "dump " + dir
        self._client.execute(cmd)
        while not self._client.eot():
            row = self._client.fetchRow()
            if DEBUG:
                print row
            res.append(row)
        return res

    # -----------------------------------------------------------------------
    def dumpToFile(self, dir, filename):
        """Dumps directory dir to a file filename"""
        res = self.dump(dir)
        ff = file(filename, "w")
        try:
            for cmd in res:
                cmd = cmd + "\n"
                ff.write(cmd)
        finally:
            ff.close()

        if DEBUG:
            ff = file(filename, "r")
            try:
                cmds = ff.readlines()
            finally:
                ff.close()
            for cmd in cmds:
                print cmd[:-1]

    # -----------------------------------------------------------------------
    def restoreFromFile(self, dir, filename):
        """Restores content of a directory dir from a file"""
        ff = file(filename, "r")
        try:
            cmds = ff.readlines()
        finally:
            ff.close()
        pwd = self._client.pwd()
        self._client.cd(dir)
        try:
            for cmd in cmds:
                try:
                    cmd = cmd[:-1]  # remove newline character
                    if DEBUG:
                        print "executing command:\n" + cmd + "\n"
                    self._client.execute(cmd)
                except Exception, e:
                    print str(e)
        finally:
            self._client.cd(pwd)