def group_del_priv(self,name,dir):
if name in self.group_dict.keys():
svn_logger.info("Group(%s) del priv on dir (%s) " % (name,dir))
self.group_dict[name].del_privilege(dir)
else:
svn_logger.warn("Group %s not exist,can not del priv" % name)
return False
def get_group_priv(self,name):
if name in self.group_dict.keys():
svn_logger.info("Group(%s) get priv " % name )
return self.group_dict[name]
else:
svn_logger.warn("Group %s not exist" % name)
return None
def write_authfile(self,authfile):
svn_logger.info("write svnauth into authfile file(%s)" % authfile)
try:
authfh = open(authfile,"w")
#print group and user list
authfh.write("[groups]\n")
for group_name in sorted(self.group_dict.keys()):
group = self.group_dict[group_name]
userlist = group.get_idlist_as_string()
authfh.write("%-20s = %s\n" % (group_name,userlist) )
authfh.write("\n")
authfh.write ("##########group privilege start #############\n")
for group_name in sorted(self.group_dict.keys()):
group = self.group_dict[group_name]
for dir,mode in group.privilege.items():
authfh.write("[%s]\n" % dir )
authfh.write("@%s = %s\n" %(group_name,mode))
authfh.write("\n")
authfh.write ("##########group privilege end #############\n")
authfh.write("\n")
authfh.write ("##########user privilege start #############\n")
for id_name,id in self.id_dict.items():
#authfh.write ("##########%s #############\n" % id_name)
for dir,mode in id.privilege.items():
authfh.write("[%s]\n" % dir)
authfh.write("%s = %s\n" %(id_name,mode))
if id.privilege.keys():
authfh.write("\n")
authfh.write ("##########user privilege end #############\n")
except IOError:
svn_logger.error("can not open (%s)" % authfile)
finally:
authfh.close()
def group_add_priv(self,name,dir,mode="rw"):
if name in self.group_dict.keys():
svn_logger.info("Group(%s) add mode(%s) priv on dir (%s) " % (name,mode,dir))
self.group_dict[name].add_privilege(dir,mode)
else:
svn_logger.warn("Group %s not exist,can not add priv" % name)
return False
def id_del(self,name):
svn_logger.info("Id(%s) deleted in idlist of svnauth" % name)
if name not in self.id_dict.keys():
svn_logger.warn("Id %s is not exist,can not be deleted " % name )
return
for group_name in self.group_dict.keys():
self.group_dict[group_name].del_id(self.id_dict[name])
del self.id_dict[name]
def __init__(self,passwdfile=None,authfile=None):
self.x = 1
self.id_dict={}
self.group_dict = {}
svn_logger.info("create svnauth")
if passwdfile:
self.read_passwdfile(passwdfile)
if authfile:
self.read_authfile(authfile)
def group_del_id(self,group_name,id_name):
if group_name not in self.group_dict.keys():
svn_logger.warn("Group (%s) not exist" % group_name)
return
if id_name not in self.id_dict.keys():
svn_logger.warn("Id (%s) not exist" % id_name)
return
svn_logger.info("Group(%s) del Id(%s)" % (group_name,id_name))
self.group_dict[group_name].del_id(self.id_dict[id_name])
def refresh(self,passwdfile=None,authfile=None):
self.id_dict={}
self.group_dict = {}
svn_logger.info("refresh svnauth from file(%s),(%s)" % (passwdfile,authfile))
if passwdfile:
self.read_passwdfile(passwdfile)
else:
svn_logger.debug("passwdfile is None ")
if authfile:
self.read_authfile(authfile)
else:
svn_logger.debug("authfile is None ")
def get_id_priv(self,name):
priv_dict={}
if name in sorted(self.id_dict.keys()):
svn_logger.info("Id(%s) get priv " % name )
priv_dict = self.id_dict[name].get_privilege()
for group in self.group_dict.values():
if group.has_id(self.id_dict[name]):
svn_logger.debug("group(%s) contain priv for id(%s)" %( group.name, name) )
priv_dict.update(group.privilege)
return priv_dict
else:
svn_logger.warn("Id %s not exist" % name)
return None
def write_passwdfile(self,passwdfile):
svn_logger.info("write svnauth into passwd file(%s)" % passwdfile)
try:
passfh = open(passwdfile,'w')
passfh.write("[users]\n")
for id_name in sorted(self.id_dict.keys()):
id = self.id_dict[id_name]
passfh.write("%s = %s\n" % (id.name, id.passwd))
passfh.close()
except IOError:
svn_logger.error("can not open (%s)" % passwdfile)
finally:
passfh.close()
def read_passwdfile(self,passwdfile):
svn_logger.info("read passwd from file(%s)" % passwdfile)
try:
passfh = open(passwdfile,"r")
re1 = r"^(\w+)\s*=\s*(\w+)"
pattern = re.compile(re1)
for line in passfh:
match = pattern.match(line)
if match:
name = match.group(1)
passwd = match.group(2)
self.id_add(name,passwd)
else:
svn_logger.debug("line(%s) did not match id=passwd ;ignore this line" % line )
except IOError:
svn_logger.error("The file(%s) do not exist" % passwdfile)
exit()
finally:
passfh.close()
def id_set_pass(self,name,passwd):
if name not in self.id_dict.keys():
svn_logger.warn("Id %s is not exist,can not be changed password " % name )
return
svn_logger.info("Id(%s) will be changed password" % passwd)
self.id_dict[name].set_pass(passwd)
def group_create(self,name):
if name not in self.group_dict.keys():
self.group_dict[name] = SvnGroup(name)
svn_logger.info("create group(%s)",name)
else:
svn_logger.warn("Group %s exist , don't create again" % name)
def id_add_priv(self,name,dir,mode="rw"):
if name in self.id_dict.keys():
svn_logger.info("Id(%s) add priv(%s) mode(%s)" % (name,dir,mode))
self.id_dict[name].add_privilege(dir,mode)
else:
svn_logger.warn("ID %s not exist,can not add priv" % name)
def id_add(self,name,passwd):
if name not in self.id_dict.keys():
svn_logger.info("Id(%s) add in idlist of svnauth " % (name))
self.id_dict[name] =SvnId(name,passwd)
else:
svn_logger.warn("Id %s have been exist " % name)
def group_destroy(self,name):
if name not in self.group_dict.keys():
svn_looger.warn("Group %s not exist, can not be destoried " % name)
else:
svn_logger.info("destory group(%s)",name)
del self.group_dict[name]
def id_del_priv(self,name,dir):
svn_logger.info("ID(%s) will be deleted priv(%s)" % (name,dir))
if name in self.id_dict.keys():
self.id_dict[name].del_privilege(dir)
else:
print("ID %s not exist,can not add priv" % name)
def read_authfile(self,authfile):
svn_logger.info("read line from file(%s)" % authfile)
try:
authfh = open(authfile,'r')#,encoding='utf-8')
group_flag_re=r"\[groups\]"
pattern_group_flag=re.compile(group_flag_re)
#组名 和成员列表
group_userlist_re=r"^(\w+)\s*=\s*(.*)$"
pattern_userlist=re.compile(group_userlist_re)
#权限路径
path_re = r"^\[(\w+:)?(/\S*)\]"
pattern_path=re.compile(path_re)
#成员名称和权限
user_priv_re=r"^(\w+)\s*=\s*(\w+)"
pattern_user_priv=re.compile(user_priv_re)
#组名称和权限
group_priv_re=r"^@(\w+)\s*=\s*(\w+)"
pattern_group_priv=re.compile(group_priv_re)
tmp_status = 0
tmp_dir = ''
# 状态0 为初始状态
# 状态1 遇到[group]标志之后
# 状态2 遇到[/dir] 目录之后 ,并记录目录名称
for line in authfh:
svn_logger.debug("read line from file(%s)" % line)
if tmp_status == 0:
match = pattern_group_flag.match(line)
if match:
tmp_status = 1
svn_logger.debug("match group flag")
elif tmp_status == 1:
match = pattern_userlist.match(line)
if match:
#匹配到
svn_logger.debug("match userlist in group")
group_name = match.group(1)
self.group_create(group_name)
userlist_string = match.group(2)
userlist_string = userlist_string.replace(' ','')
userlist = userlist_string.split(',')
svn_logger.debug("group(%s) will add userlist(%s)" % (group_name,userlist))
for id_name in userlist:
if id_name == "":
continue
self.group_add_id(group_name,id_name)
elif pattern_path.match(line):
#匹配到目录
match = pattern_path.match(line)
if match.group(1):
tmp_dir = match.group(1) + match.group(2)
else:
tmp_dir = match.group(2)
svn_logger.debug("match diretory(%s)" % tmp_dir)
tmp_status = 2
else:
pass
elif tmp_status == 2:
if pattern_group_priv.match(line):
svn_logger.debug("match group priv")
match = pattern_group_priv.match(line)
group_name = match.group(1)
mode = match.group(2)
self.group_add_priv(group_name,tmp_dir,mode)
elif pattern_user_priv.match(line):
svn_logger.debug("match user priv")
match = pattern_user_priv.match(line)
name = match.group(1)
mode = match.group(2)
# print("(%s) add (%s)" % (name,tmp_dir))
self.id_add_priv(name,tmp_dir,mode)
# print("(%s) add (%s)" % (name,tmp_dir))
elif pattern_path.match(line):
#匹配到目录
match = pattern_path.match(line)
if match.group(1):
tmp_dir = match.group(1) + match.group(2)
else:
tmp_dir = match.group(2)
svn_logger.debug("match diretory(%s)" % tmp_dir)
else:
pass
except IOError:
svn_logger.error("The file(%s) do not exist" % authfile)
exit()
authfh.close()
return
