def Main(): cgiEnv = lib_common.CgiEnv() configNam = cgiEnv.GetId() nodeManager = survol_rabbitmq_manager.MakeUri(configNam) creds = lib_credentials.GetCredentials("RabbitMQ", configNam) # cl = Client('localhost:12345', 'guest', 'guest') cl = Client(configNam, creds[0], creds[1]) grph = cgiEnv.GetGraph() # cl.is_alive() #>>> cl.get_users() #[{u'hashing_algorithm': u'rabbit_password_hashing_sha256', u'name': u'guest', u'tags': u'administrator', u'password_hash': u'xxxxxx'}] try: # listUsers = cl.get_users() except: # exc = sys.exc_info()[1] lib_common.ErrorMessageHtml("Caught:" + str(exc)) for objUser in listUsers: namUser = objUser["name"] DEBUG("q=%s", namUser) nodeUser = survol_rabbitmq_user.MakeUri(configNam, namUser) try: grph.add((nodeUser, lib_common.MakeProp("Tags"), lib_common.NodeLiteral(objUser["tags"]))) except KeyError: pass try: grph.add((nodeUser, lib_common.MakeProp("Hashing algorithm"), lib_common.NodeLiteral(objUser["hashing_algorithm"]))) except KeyError: pass # http://127.0.0.1:12345/#/users/guest managementUrl = rabbitmq.ManagementUrlPrefix(configNam, "users", namUser) grph.add((nodeUser, lib_common.MakeProp("Management"), lib_common.NodeUrl(managementUrl))) grph.add((nodeManager, lib_common.MakeProp("User"), nodeUser)) cgiEnv.OutCgiRdf()
rabbitmq_url = args.rabbitmq_url rabbitmq_user = args.rabbitmq_username rabbitmq_password = args.rabbitmq_password user = args.username password = args.password vhost = args.vhostname cl = Client(rabbitmq_url, rabbitmq_user, rabbitmq_password) assert cl.is_alive() for queue in cl.get_queues(): if queue['vhost'] == vhost: cl.purge_queue(vhost, queue['name']) cl.delete_queue(vhost, queue['name']) for vhost_ in cl.get_all_vhosts(): if vhost_['name'] == vhost: while True: try: cl.delete_vhost(vhost_['name']) break except Exception: pass for user_ in cl.get_users(): if user_['name'] == user: cl.delete_user(user_['name']) cl.create_vhost(vhost) cl.create_user(user, password, tags='administrator') cl.set_vhost_permissions(vhost, user, '.*', '.*', '.*')
"tags": "cronio" }, { "username": "******", "password": "******", "tags": "cronio" }, { "username": "******", "password": "******", "tags": "cronio" }] cl = Client(AMQP_HOST_STOMP, AMQP_API_USERNAME, AMQP_API_PASSWORD) if cl.is_alive(): if DO_DELETE_ALL_USERS_EXCEPT_ADMIN: UsersFoundInRabbitMQ = cl.get_users() for x in UsersFoundInRabbitMQ: pprint.pprint(x) if ("cronio") in x["tags"]: cl.delete_user(x["name"]) print "User: "******"name"] + " - Deleted" # if AMQP_VHOST in cl.get_vhost_names(): # print "delete vhose: " # cl.delete_vhost(AMQP_VHOST) for user in users: print user cl.create_user(username=user["username"], password=user["password"], tags=user["tags"])
parser.add_argument("-rabbitmq_url", dest='rabbitmq_url', type=str, help="URL of using RabbitMQ", default='localhost:55672') parser.add_argument("-rabbitmq_username", dest='rabbitmq_username', type=str, help="Username for RabbitMQ auth", default='guest') parser.add_argument("-rabbitmq_password", dest='rabbitmq_password', type=str, help="Password for RabbitMQ auth", default='guest') parser.add_argument("-username", dest='username', type=str, help="Username", default='test') parser.add_argument("-password", dest='password', type=str, help="Password", default='swordfish') parser.add_argument("-vhostname", dest='vhostname', type=str, help="Vhost name", default='test') args = parser.parse_args() rabbitmq_url = args.rabbitmq_url rabbitmq_user = args.rabbitmq_username rabbitmq_password = args.rabbitmq_password user = args.username password = args.password vhost = args.vhostname cl = Client(rabbitmq_url, rabbitmq_user, rabbitmq_password) assert cl.is_alive() for i in cl.get_all_vhosts(): if i['name'] == vhost: cl.delete_vhost(i['name']) for i in cl.get_users(): if i['name'] == user: cl.delete_user(i['name']) cl.create_vhost(vhost) cl.create_user(user, password, tags='administrator') cl.set_vhost_permissions(vhost, user, '.*', '.*', '.*')
class AMQPManager(object): RABBITMQ_MANAGEMENT_PORT = 15672 VHOST_NAME_PATTERN = 'rabbitmq_vhost_{0}' USERNAME_PATTERN = 'rabbitmq_user_{0}' def __init__(self, host, username, password): host_str = '{0}:{1}'.format(host, self.RABBITMQ_MANAGEMENT_PORT) self._client = Client(host_str, username, password) self._storage_manager = get_storage_manager() def create_tenant_vhost_and_user(self, tenant): """ Create a new RabbitMQ vhost and user, and grant the user permissions on the vhost :param tenant: An SQLAlchemy Tenant object :return: The updated tenant object """ vhost = tenant.rabbitmq_vhost or \ self.VHOST_NAME_PATTERN.format(tenant.name) username = tenant.rabbitmq_username or \ self.USERNAME_PATTERN.format(tenant.name) password = (tenant.rabbitmq_password or AMQPManager._generate_user_password()) self._client.create_vhost(vhost) self._client.create_user(username, password) self._client.set_vhost_permissions(vhost, username, '.*', '.*', '.*') # TODO: Maybe won't be necessary in the future self._client.set_vhost_permissions('/', username, '.*', '.*', '.*') tenant.rabbitmq_vhost = vhost tenant.rabbitmq_username = username tenant.rabbitmq_password = password return tenant def sync_metadata(self): """Synchronize database tenants with rabbitmq metadata""" tenants = self._storage_manager.list(Tenant) self._clear_extra_vhosts(tenants) self._clear_extra_users(tenants) self._add_missing_vhosts_and_users(tenants) def _add_missing_vhosts_and_users(self, tenants): """Create vhosts and users present in the database""" for tenant in tenants: t = self.create_tenant_vhost_and_user(tenant) self._storage_manager.update(t) def _clear_extra_vhosts(self, tenants): """Remove vhosts in rabbitmq not present in the database""" expected_vhosts = set(tenant.rabbitmq_vhost for tenant in tenants if tenant.rabbitmq_vhost # Ignore None values ) current_vhosts = set(vhost for vhost in self._client.get_vhost_names() if vhost.startswith(self.VHOST_NAME_PATTERN[:-3])) extra_vhosts = current_vhosts - expected_vhosts for vhost in extra_vhosts: self._client.delete_vhost(vhost) def _clear_extra_users(self, tenants): """Remove users in rabbitmq not present in the database""" expected_usernames = set( tenant.rabbitmq_username for tenant in tenants if tenant.rabbitmq_username # Ignore None values ) current_usernames = set( user['name'] for user in self._client.get_users() if user['name'].startswith(self.USERNAME_PATTERN[:-3])) extra_usernames = current_usernames - expected_usernames for username in extra_usernames: self._client.delete_user(username) @staticmethod def _generate_user_password(password_length=32): """Generate random string to use as user password.""" system_random = random.SystemRandom() allowed_characters = (string.letters + string.digits + '-_') password = ''.join( system_random.choice(allowed_characters) for _ in xrange(password_length)) return password @ignore_not_found def _delete_vhost(self, vhost): self._client.delete_vhost(vhost) @ignore_not_found def _delete_user(self, username): self._client.delete_user(username) def remove_tenant_vhost_and_user(self, tenant_name): """ Delete the vhost and user associated with a tenant name """ vhost = self.VHOST_NAME_PATTERN.format(tenant_name) username = self.USERNAME_PATTERN.format(tenant_name) self._delete_vhost(vhost) self._delete_user(username)