def list_user(opts, user):
pynimbusauthz.print_msg(opts, 0, "User %s : %s" % (user.get_id(), user.get_friendly()))
if opts.alias:
alias_a = user.get_all_alias()
for a in alias_a:
pynimbusauthz.print_msg(opts, 0, "\t%s alias: %s" % (a.get_type(), a.get_name()))
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) > 0:
u_pattern = args[0]
else:
u_pattern = ""
if opts.bya:
usa = User.find_alias(db_obj, u_pattern)
users = []
for ua in usa:
users.append(ua.get_canonical_user())
else:
users = User.find_user(db_obj, u_pattern)
if users == None:
pynimbusauthz.print_msg(opts, 0, "No users in list")
return 1
for u in users:
list_user(opts, u)
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts,args) = setup_options(argv)
if len(args) > 0:
u_pattern = args[0]
else:
u_pattern = ""
if opts.bya:
usa = User.find_alias(db_obj, u_pattern)
users = []
for ua in usa:
users.append(ua.get_canonical_user())
else:
users = User.find_user(db_obj, u_pattern)
if users == None:
pynimbusauthz.print_msg(opts, 0, "No users in list")
return 1
for u in users:
list_user(opts, u)
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts,args) = setup_options(argv)
if len(args) != 3:
raise AuthzException('CLI_PARAMETER', "You must specify a username filename permssions")
user_name = args[0]
object_name = args[1]
requested_perms = args[2]
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS', "parent %s not found" % (opts.parent))
file1 = File.get_file(db_obj, object_name, opts.type, parent=parent)
if file1 == None:
raise AuthzException('FILE_EXISTS', "file %s:%s not found" % (opts.type, object_name))
user = User(db_obj, uu=user_name)
uf = UserFile(file1) # create a uesrfile with owner so we can chmod
uf.chmod(requested_perms, user=user)
pynimbusauthz.print_msg(opts, 0, "changed %s to %s for %s" % (str(file1), requested_perms, str(user)))
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def stat_print_uf(opts, uf, n, t):
f = uf.get_file()
o = f.get_owner().get_id()
u = uf.get_user()
p = format_perms(uf.get_perms(force=True))
msg = "%10s\t%10s\t%10s\t%10s\t%10s" % (n, t, o, u, p)
pynimbusauthz.print_msg(opts, 1, msg)
def stat_print_uf(opts, uf, n, t):
f = uf.get_file()
o = f.get_owner().get_id()
u = uf.get_user()
p = format_perms(uf.get_perms(force=True))
msg = "%10s\t%10s\t%10s\t%10s\t%10s" % (n, t, o, u, p)
pynimbusauthz.print_msg(opts, 1, msg)
def list_user(opts, user):
pynimbusauthz.print_msg(
opts, 0, "User %s : %s" % (user.get_id(), user.get_friendly()))
if opts.alias:
alias_a = user.get_all_alias()
for a in alias_a:
pynimbusauthz.print_msg(
opts, 0, "\t%s alias: %s" % (a.get_type(), a.get_name()))
def main(argv=sys.argv[1:]):
"""
This program allows a file to be requested from the lantorrent system. The
file will be sent out of band. When the file has been delived the
database entry for this request will be updated. This program will
block until that entry is update.
As options, the program takes the source file, the
target file location, the group_id and the group count.
The lantorrent config file must have the ip and port that the requester
is using for lantorrent delivery.
"""
pylantorrent.log(logging.INFO, "enter")
random.seed()
(o, args, p) = setup_options(argv)
con_str = pylantorrent.config.dbfile
con = sqlite3.connect(con_str, isolation_level="EXCLUSIVE")
rc = 0
sz = -1
done = False
message = ""
if o.reattach == None:
(rid, sz) = request(args, con)
try:
(done, rc, message) = is_done(con, rid)
except:
done = False
rc = 0
message = "Check on status later, db not ready for polling"
else:
rid = o.reattach
(done, rc, message) = is_done(con, rid)
if not o.nonblock and not done:
(rc, message) = wait_until_sent(con, rid)
done = True
if done:
delete_rid(con, rid)
msg = "%d,%s,%s" % (rc, str(done), message)
pynimbusauthz.print_msg(o, 0, msg)
return rc
def main(argv=sys.argv[1:]):
"""
This program allows a file to be requested from the lantorrent system. The
file will be sent out of band. When the file has been delived the
database entry for this request will be updated. This program will
block until that entry is update.
As options, the program takes the source file, the
target file location, the group_id and the group count.
The lantorrent config file must have the ip and port that the requester
is using for lantorrent delivery.
"""
pylantorrent.log(logging.INFO, "enter")
random.seed()
(o, args, p) = setup_options(argv)
con_str = pylantorrent.config.dbfile
con = sqlite3.connect(con_str, isolation_level="EXCLUSIVE")
rc = 0
sz = -1
done = False
message = ""
if o.reattach == None:
(rid, sz) = request(args, con)
try:
(done, rc, message) = is_done(con, rid)
except:
done = False
rc = 0
message = "Check on status later, db not ready for polling"
else:
rid = o.reattach
(done, rc, message) = is_done(con, rid)
if not o.nonblock and not done:
(rc, message) = wait_until_sent(con, rid)
done = True
if done:
delete_rid(con, rid)
msg = "%d,%s,%s" % (rc, str(done), message)
pynimbusauthz.print_msg(o, 0, msg)
return rc
def print_report(report_obj, cols, opts):
choices = cols.split(",")
out_line = ""
d = opts.delim
delim = ""
for c in choices:
v = getattr(report_obj, c)
v = str(v)
if opts.batch:
out_line = out_line + delim + v
delim = d
else:
c = c.replace('_', " ")
pynimbusauthz.print_msg(opts, 0, "%-15s : %s" % (c, v))
pynimbusauthz.print_msg(opts, 0, out_line)
def new_user(user, opts):
args = ['-s', user['dn'], '-i', user['canonical_id'], '-a', user['access_id'],
'-p', user['access_secret'], '-g', _fix_group(user['group']),
'-P', '-q', user['display_name']]
pynimbusauthz.print_msg(opts, 2, "Calling nimbus-new-user with args: " +
str(args))
if opts.dryrun:
return "ADDED"
ok = False
try:
ok = nimbus_new_user.main(args) == 0
except:
pynimbusauthz.print_msg(opts, 2, "Error: " + traceback.format_exc())
return ok and "ADDED" or "ADD_FAILED"
def print_report(report_obj, cols, opts):
choices = cols.split(",")
out_line = ""
d = opts.delim
delim = ""
for c in choices:
v = getattr(report_obj, c)
v = str(v)
if opts.batch:
out_line = out_line + delim + v
delim = d
else:
c = c.replace('_', " ")
pynimbusauthz.print_msg(opts, 0, "%-15s : %s" % (c, v))
pynimbusauthz.print_msg(opts, 0, out_line)
def new_user(user, opts):
args = [
'-s', user['dn'], '-i', user['canonical_id'], '-a', user['access_id'],
'-p', user['access_secret'], '-g',
_fix_group(user['group']), '-P', '-q', user['display_name']
]
pynimbusauthz.print_msg(opts, 2,
"Calling nimbus-new-user with args: " + str(args))
if opts.dryrun:
return "ADDED"
ok = False
try:
ok = nimbus_new_user.main(args) == 0
except:
pynimbusauthz.print_msg(opts, 2, "Error: " + traceback.format_exc())
return ok and "ADDED" or "ADD_FAILED"
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) == 0:
raise AuthzException('CLI_PARAMETER',
"You must specify a filename")
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS',
"bucket %s not found" % (opts.parent))
object_name = args[0]
file1 = File.get_file(db_obj, object_name, opts.type, parent=parent)
if file1 == None:
pynimbusauthz.print_msg(opts, 0, "File not found")
return
uf = UserFile(file1)
msg = "%10s\t%10s\t%10s\t%10s\t%10s" % ("file", "type", "owner",
"user", "perms")
pynimbusauthz.print_msg(opts, 1, msg)
n = uf.get_file().get_name()
t = uf.get_file().get_object_type()
stat_print_uf(opts, uf, n, t)
if opts.all:
user_list = uf.get_file().get_all_users()
for u in user_list:
uf = UserFile(uf.get_file(), u)
stat_print_uf(opts, uf, " ", " ")
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
if len(args) != 3:
raise AuthzException(
'CLI_PARAMETER',
"You must specify a username filename permssions")
user_name = args[0]
object_name = args[1]
requested_perms = args[2]
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS',
"parent %s not found" % (opts.parent))
file1 = File.get_file(db_obj, object_name, opts.type, parent=parent)
if file1 == None:
raise AuthzException(
'FILE_EXISTS',
"file %s:%s not found" % (opts.type, object_name))
user = User(db_obj, uu=user_name)
uf = UserFile(file1) # create a uesrfile with owner so we can chmod
uf.chmod(requested_perms, user=user)
pynimbusauthz.print_msg(
opts, 0, "changed %s to %s for %s" %
(str(file1), requested_perms, str(user)))
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts,args) = setup_options(argv)
if len(args) == 0:
raise AuthzException('CLI_PARAMETER', "You must specify a filename")
parent = None
if opts.parent != None:
parent = File.get_file(db_obj, opts.parent, opts.type)
if parent == None:
raise AuthzException('FILE_EXISTS', "bucket %s not found" % (opts.parent))
object_name = args[0]
file1 = File.get_file(db_obj, object_name, opts.type, parent=parent)
if file1 == None:
pynimbusauthz.print_msg(opts, 0, "File not found")
return
uf = UserFile(file1)
msg = "%10s\t%10s\t%10s\t%10s\t%10s" % ("file", "type", "owner", "user", "perms")
pynimbusauthz.print_msg(opts, 1, msg)
n = uf.get_file().get_name()
t = uf.get_file().get_object_type()
stat_print_uf(opts, uf, n, t)
if opts.all:
user_list = uf.get_file().get_all_users()
for u in user_list:
uf = UserFile(uf.get_file(), u)
stat_print_uf(opts, uf, " ", " ")
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
(opts, args, p) = setup_options(argv)
file_users = read_users(args, delimiter=opts.delim)
file,path = tempfile.mkstemp()
pynimbusauthz.print_msg(opts, 2, "Using temp file: " + path)
try:
nimbus_list_users.main(['-b', '-D', opts.delim, '-r', _fields_csv,
'-O', path, '%'])
current_users = read_users(path, delimiter=opts.delim)
finally:
os.remove(path)
if not walk_users(current_users, file_users, opts):
return 1
except CLIError, clie:
print clie
return clie.get_rc()
def main(argv=sys.argv[1:]):
try:
(opts, args, p) = setup_options(argv)
file_users = read_users(args, delimiter=opts.delim)
file, path = tempfile.mkstemp()
pynimbusauthz.print_msg(opts, 2, "Using temp file: " + path)
try:
nimbus_list_users.main(
['-b', '-D', opts.delim, '-r', _fields_csv, '-O', path, '%'])
current_users = read_users(path, delimiter=opts.delim)
finally:
os.remove(path)
if not walk_users(current_users, file_users, opts):
return 1
except CLIError, clie:
print clie
return clie.get_rc()
def update_user(current, desired, opts):
args = []
if current['dn'] != desired['dn']:
args.extend(['-s', desired['dn']])
if current['access_id'] != desired['access_id']:
args.extend(['-a', desired['access_id']])
if current['access_secret'] != desired['access_secret']:
args.extend(['-p', desired['access_secret']])
if current['group'] != desired['group']:
args.extend(['-g', _fix_group(desired['group'])])
if current['canonical_id'] != desired['canonical_id']:
# canonical ID cannot be updated (is used in cumulus paths)
return "CANNOT_UPDATE"
if args:
name = current['display_name']
args.extend(['-q', name])
if not opts.update:
pynimbusauthz.print_msg(
opts, 2,
"Not updating mismatched user %s: --update is not specified" %
name)
return "MISMATCHED"
pynimbusauthz.print_msg(
opts, 2, "Calling nimbus-edit-user with args: " + str(args))
if opts.dryrun:
return "UPDATED"
ok = False
try:
ok = nimbus_edit_user.main(args) == 0
except:
pynimbusauthz.print_msg(opts, 2,
"Error: " + traceback.format_exc())
return ok and "UPDATED" or "UPDATE_FAILED"
return "UNCHANGED"
def remove_user(user_name, opts):
args = [user_name]
if not opts.remove:
pynimbusauthz.print_msg(opts, 2,
"Not removing extra user %s: --remove is not specified" %
user_name)
return "EXTRA"
pynimbusauthz.print_msg(opts, 2, "Calling nimbus-remove-user with args: " +
str(args))
if opts.dryrun:
return "REMOVED"
ok = False
try:
ok = nimbus_remove_user.main(args) == 0
except:
pynimbusauthz.print_msg(opts, 2, "Error: " + traceback.format_exc())
return ok and "REMOVED" or "REMOVE_FAILED"
def remove_user(user_name, opts):
args = [user_name]
if not opts.remove:
pynimbusauthz.print_msg(
opts, 2, "Not removing extra user %s: --remove is not specified" %
user_name)
return "EXTRA"
pynimbusauthz.print_msg(
opts, 2, "Calling nimbus-remove-user with args: " + str(args))
if opts.dryrun:
return "REMOVED"
ok = False
try:
ok = nimbus_remove_user.main(args) == 0
except:
pynimbusauthz.print_msg(opts, 2, "Error: " + traceback.format_exc())
return ok and "REMOVED" or "REMOVE_FAILED"
def update_user(current, desired, opts):
args = []
if current['dn'] != desired['dn']:
args.extend(['-s', desired['dn']])
if current['access_id'] != desired['access_id']:
args.extend(['-a', desired['access_id']])
if current['access_secret'] != desired['access_secret']:
args.extend(['-p', desired['access_secret']])
if current['group'] != desired['group']:
args.extend(['-g', _fix_group(desired['group'])])
if current['canonical_id'] != desired['canonical_id']:
# canonical ID cannot be updated (is used in cumulus paths)
return "CANNOT_UPDATE"
if args:
name = current['display_name']
args.extend(['-q', name])
if not opts.update:
pynimbusauthz.print_msg(opts, 2,
"Not updating mismatched user %s: --update is not specified" %
name)
return "MISMATCHED"
pynimbusauthz.print_msg(opts, 2, "Calling nimbus-edit-user with args: " +
str(args))
if opts.dryrun:
return "UPDATED"
ok = False
try:
ok = nimbus_edit_user.main(args) == 0
except:
pynimbusauthz.print_msg(opts, 2, "Error: " + traceback.format_exc())
return ok and "UPDATED" or "UPDATE_FAILED"
return "UNCHANGED"
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
user_uu = None
if len(args) == 1:
user_uu = args[0]
if opts.new:
user = User(db_obj,
user_uu,
friendly=opts.friendlyname,
create=True)
pynimbusauthz.print_msg(opts, 0, "User %s added" % (user.get_id()))
else:
user = User(db_obj, user_uu)
pynimbusauthz.print_msg(opts, 0, "User %s" % (user.get_id()))
if opts.alias != None:
user_alias = user.get_alias(opts.alias, opts.type)
if user_alias == None:
user_alias = user.create_alias(opts.alias, opts.type,
opts.friendlyname)
pynimbusauthz.print_msg(
opts, 0,
"Creating new alias %s:%s" % (opts.type, opts.alias))
if opts.genkey:
data = pynimbusauthz.random_string_gen(42)
pynimbusauthz.print_msg(opts, 0, "Key generated %s" % (data))
user_alias.set_data(data)
elif opts.setkey != None:
data = opts.setkey
user_alias.set_data(data)
pynimbusauthz.print_msg(opts, 0, "updated the alias key")
if opts.remove_alias != None:
user_alias = user.get_alias(opts.remove_alias, opts.type)
user_alias.remove()
if opts.remove:
pynimbusauthz.print_msg(opts, 1,
"Removing user %s" % (user.get_id()))
if opts.force:
pynimbusauthz.print_msg(opts, 1, "Removing all references")
user.destroy_brutally()
else:
user.destroy()
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts,args) = setup_options(argv)
user_uu = None
if len(args) == 1:
user_uu = args[0]
if opts.new:
user = User(db_obj, user_uu, friendly=opts.friendlyname, create=True)
pynimbusauthz.print_msg(opts, 0, "User %s added" % (user.get_id()))
else:
user = User(db_obj, user_uu)
pynimbusauthz.print_msg(opts, 0, "User %s" % (user.get_id()))
if opts.alias != None:
user_alias = user.get_alias(opts.alias, opts.type)
if user_alias == None:
user_alias = user.create_alias(opts.alias, opts.type, opts.friendlyname)
pynimbusauthz.print_msg(opts, 0, "Creating new alias %s:%s" % (opts.type,opts.alias))
if opts.genkey:
data = pynimbusauthz.random_string_gen(42)
pynimbusauthz.print_msg(opts, 0, "Key generated %s" % (data))
user_alias.set_data(data)
elif opts.setkey != None:
data = opts.setkey
user_alias.set_data(data)
pynimbusauthz.print_msg(opts, 0, "updated the alias key")
if opts.remove_alias != None:
user_alias = user.get_alias(opts.remove_alias, opts.type)
user_alias.remove()
if opts.remove:
pynimbusauthz.print_msg(opts, 1, "Removing user %s" % (user.get_id()))
if opts.force:
pynimbusauthz.print_msg(opts, 1, "Removing all references")
user.destroy_brutally()
else:
user.destroy()
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def main(argv=sys.argv[1:]):
try:
con_str = pynimbusauthz.get_db_connection_string()
db_obj = DB(con_str=con_str)
(opts, args) = setup_options(argv)
user = User(db_obj, args[0], create=False)
if opts.quota != None:
q = opts.quota
if opts.quota == "UNLIMITED":
q = User.UNLIMITED
user.set_quota(q, object_type=opts.type)
if opts.report:
q = user.get_quota(object_type=opts.type)
u = user.get_quota_usage(object_type=opts.type)
if q != User.UNLIMITED:
r = q - u
rstr = pynimbusauthz.pretty_number(r)
qstr = pynimbusauthz.pretty_number(q)
ustr = pynimbusauthz.pretty_number(u)
pynimbusauthz.print_msg(opts, 0, "%-10s %s" % ("Quota", qstr))
pynimbusauthz.print_msg(opts, 0, "%-10s %s" % ("Usage", ustr))
pynimbusauthz.print_msg(opts, 0, "%-10s %s" % ("Remaining", rstr))
if r < 0:
pynimbusauthz.print_msg(opts, 0, "OVER LIMIT!")
elif r == 0:
pynimbusauthz.print_msg(opts, 0, "At Limit")
else:
p = (float(r) / float(q)) * 100.0
pynimbusauthz.print_msg(opts, 0, "%-10s %5.1f%%" % ("Available", p))
else:
pynimbusauthz.print_msg(opts, 0, "Quota UNLIMITED")
db_obj.commit()
except AuthzException, ae:
print ae
return ae.get_rc()
def print_file(opts, f):
msg = "%s:%s\t%s\t%s\t%s" % (f.get_object_type(), f.get_name(),
f.get_owner(), f.get_data_key(),
str(f.get_parent()))
pynimbusauthz.print_msg(opts, 0, msg)
def print_file(opts, f):
msg = "%s:%s\t%s\t%s\t%s" % (f.get_object_type(), f.get_name(), f.get_owner(), f.get_data_key(), str(f.get_parent()))
pynimbusauthz.print_msg(opts, 0, msg)
