def modify(self, args, config, connection): name = args['name'] kind = args['kind'] privilege = Privilege(name, kind, connection=connection) if not privilege.exists(): print("Error: Privilege does not exist: {0}".format(name)) sys.exit(1) privilege.read() if args['json'] is not None: privilege = self._read(None, kind, None, args['json'], connection=connection) privilege.name = name self.roles = [] self._properties(privilege, args) if len(self.roles) > 0: privilege.set_role_names(self.roles) print("Modify privilege {0}...".format(name)) privilege.update(connection=connection)
def get(self, args, config, connection): privilege = Privilege(args['name'], args['kind'], connection=connection) if not privilege.exists(): print("Error: Privilege does not exist: {0}".format(args['name'])) sys.exit(1) privilege.read() self.jprint(privilege)
def readPrivileges(self): names = Privilege.list(self.connection) max_read = { "execute": 5, "uri": 5 } counts = { "execute": 0, "uri": 0 } for name in names: parts = name.split("|") kind = parts[0] pname = parts[1] counts[kind] = counts[kind] + 1 if max_read[kind] > 0: rsrc = Privilege.lookup(self.connection, pname, kind) max_read[kind] = max_read[kind] - 1 print("Execute privileges: {}".format(counts["execute"])) print("URI privileges: {}".format(counts["uri"]))
def readPrivileges(self): names = Privilege.list(self.connection) max_read = {"execute": 5, "uri": 5} counts = {"execute": 0, "uri": 0} for name in names: parts = name.split("|") kind = parts[0] pname = parts[1] counts[kind] = counts[kind] + 1 if max_read[kind] > 0: rsrc = Privilege.lookup(self.connection, pname, kind) max_read[kind] = max_read[kind] - 1 print("Execute privileges: {}".format(counts["execute"])) print("URI privileges: {}".format(counts["uri"]))
def create(self, args, config, connection): name = args['name'] kind = args['kind'] action = args['action'] if args['json'] is not None: privilege = self._read(name, kind, action, args['json'], connection=connection) name = privilege.privilege_name() kind = privilege.kind() action = privilege.action() else: privilege = Privilege(name, kind, action=action, connection=connection) if privilege.exists(): print("Error: Privilege already exists: {0}".format(name)) sys.exit(1) self.roles = [] self._properties(privilege, args) if len(self.roles) > 0: privilege.set_role_names(self.roles) print("Create privilege {0}...".format(name)) privilege.create(connection)
def delete(self, args, config, connection): privilege = Privilege.lookup(connection, name=args['name'], kind=args['kind']) if privilege is None: return print("Delete privilege {0}...".format(args['name'])) privilege.delete(connection)
def _read(self, name, kind, action, jsonfile, connection=None, save_connection=True): jf = open(jsonfile).read() data = json.loads(jf) if name is not None: data['privilege-name'] = name if kind is not None: data['kind'] = kind if action is not None: data['action'] = action privilege = Privilege.unmarshal(data, connection=connection, save_connection=save_connection) return privilege
print("Need to create role: {0}".format(name)) role = Role(name) role.create(conn) # Update privileges for config in data['roles']: name = config['role-name'] role = Role.unmarshal(config) print("Updating role: {0}".format(name)) role.update(conn) # Update privileges for config in data['privileges']: name = config['privilege-name'] kind = config['kind'] priv = Privilege.lookup(conn, name, kind) if priv is None: verb = "Creating" priv = Privilege.unmarshal(config) print("{0} privilege: {1}".format(verb, name)) priv.create(conn) else: verb = "Updating" priv = Privilege.unmarshal(config) print("{0} {1} privilege: {2}".format(verb, kind, name)) priv.update(conn) # Update users for config in data['users']: name = config['user-name'] user = User.lookup(conn, name)
def close(self, conn, group='Default'): closed = False while not closed: closed = True newitems = [] for key in self.servers: item = self.servers[key] if item is None: closed = False newitems.append(Server.lookup(conn, key, group)) for server in newitems: self._close_over_server(server) newitems = [] for key in self.databases: item = self.databases[key] if item is None: closed = False newitems.append(Database.lookup(conn, key)) for database in newitems: self._close_over_database(database) newitems = [] for key in self.forests: item = self.forests[key] if item is None: closed = False newitems.append(Forest.lookup(conn, key)) for forest in newitems: self._close_over_forest(forest) newitems = [] for key in self.users: item = self.users[key] if item is None: closed = False newitems.append(User.lookup(conn, key)) for user in newitems: self._close_over_user(user) newitems = [] for key in self.roles: item = self.roles[key] if item is None: closed = False newitems.append(Role.lookup(conn, key)) for role in newitems: self._close_over_role(role) delitems = [] newitems = [] for key in self.privileges: item = self.privileges[key] parts = key.split("|") kind = parts[0] name = parts[1] if isinstance(item, str): closed = False if "//" in key: # Assume it's an action priv = Privilege.lookup(conn, action=name, kind=kind) delitems.append(key) else: priv = Privilege.lookup(conn, name, kind) newitems.append(priv) for item in delitems: del self.privileges[item] for priv in newitems: self._close_over_privilege(priv)
def close(self, conn, group='Default'): closed = False while not closed: closed = True newitems = [] for key in self.servers: item = self.servers[key] if item is None: closed = False newitems.append(Server.lookup(conn, key, group)) for server in newitems: self._close_over_server(server) newitems = [] for key in self.databases: item = self.databases[key] if item is None: closed = False newitems.append(Database.lookup(conn, key)) for database in newitems: self._close_over_database(database) newitems = [] for key in self.users: item = self.users[key] if item is None: closed = False newitems.append(User.lookup(conn, key)) for user in newitems: self._close_over_user(user) newitems = [] for key in self.roles: item = self.roles[key] if item is None: closed = False newitems.append(Role.lookup(conn, key)) for role in newitems: self._close_over_role(role) delitems = [] newitems = [] for key in self.privileges: item = self.privileges[key] parts = key.split("|") kind = parts[0] name = parts[1] if isinstance(item, str): closed = False if self.PRIVILEGES is None: self.PRIVILEGES = Privilege.list(conn) for priv in self.PRIVILEGES: parts = priv.split("|") if parts[0] == kind and parts[2] == name: delitems.append(key) name = parts[1] newitems.append(Privilege.lookup(conn, name, kind)) for item in delitems: del self.privileges[item] for priv in newitems: self._close_over_privilege(priv)
def list(self, args, config, connection): ptype = args['kind'] names = Privilege.list(connection, kind=ptype) print(json.dumps(names, sort_keys=True, indent=2))
def list(self, args, config, connection): ptype = args['kind'] names = Privilege.list(connection, kind=ptype) print(json.dumps(names,sort_keys=True, indent=2))