def index(self): """Handle the front-page.""" remote_addr = request.environ.get("REMOTE_ADDR", "unknown addr") try: ip = IPAddress(remote_addr) except: ip = None pass if request.identity == None: flash(_("Only logged in users can access this site")) raise HTTPUnauthorized(_("Only logged in users can access this site")) userid = request.identity["repoze.who.userid"] user = User.by_user_name(userid) if not user: log.warn("User %s is not in the database, adding" % userid) newUser = User() newUser.user_name = userid newUser.display_name = request.identity["cn"][0] DBSession.add(newUser) user = newUser for network in excluded_networks: if ip in network: return dict(page="index", remote_addr=remote_addr, isHome=False, isExcluded=ip in network) if remote_addr != user.home_addr: user.travel_addr = remote_addr user.travel_updated = datetime.now() try: # if the task is already running just piggy back on the next # run add_single_task(action=sync_entries, taskname="sync", initialdelay=5) except ValueError: pass return dict(page="index", remote_addr=remote_addr, isHome=remote_addr == user.home_addr, isExcluded=False)
def setup(self): try: new_attrs = {} new_attrs.update(self.attrs) new_attrs.update(self.do_get_dependencies()) self.obj = self.klass(**new_attrs) DBSession.add(self.obj) DBSession.flush() return self.obj except: DBSession.rollback() raise
def export_dns(self, types=None): domain = tg.config.get("netgroups.domain", "travel.addrs") home_netgroup = tg.config.get("netgroups.home", "home") travel_netgroup = tg.config.get("netgroups.travel", "travel") home_timeout = tg.config.get("netgroups.timeout.%s" % home_netgroup) travel_timeout = tg.config.get("netgroups.timeout.%s" % travel_netgroup) res = [] if not types: users = DBSession.query(User) for user in users: if user.home_addr: hostname = "%s.%s.%s" % (user.user_name, home_netgroup, domain) res.append("+%s:%s:15" % (hostname, user.home_addr)) if user.travel_addr: hostname = "%s.%s.%s" % (user.user_name, travel_netgroup, domain) res.append("+%s:%s:15" % (hostname, user.travel_addr)) else: pass return dict(data=res)
def test_query_obj(self): obj = DBSession.query(self.klass).one() for key, value in self.attrs.iteritems(): assert_equals(getattr(obj, key), value)
def tearDown(self): DBSession.rollback()
def admin(self, **kw): remote_addr = request.environ.get("REMOTE_ADDR", "unknown addr") users = DBSession.query(User) """Illustrate how a page for managers only works.""" return dict(page="admin", grid=user_grid, users=users)
def sync_entries(): log.debug("sync_entries: Starting") enabled = asbool(tg.config.get('netgroups.sync_ldap')) if not enabled: scheduler.rename_task("sync", "sync-completed") log.info("LDAP synchronization disabled") return from bastion.model.auth import User users = DBSession.query(User) db_home_entries = [] db_travel_entries = [] ldap_home_entries = [] ldap_travel_entries = [] use_ip = asbool(tg.config.get('netgroups.store_ip')) log.debug(use_ip) domain = tg.config.get('netgroups.domain', 'travel.addrs') home_netgroup = tg.config.get('netgroups.home', 'home') travel_netgroup = tg.config.get('netgroups.travel', 'travel') netgroup_dn = tg.config.get('netgroups.base_dn') netgroups = [ home_netgroup, travel_netgroup ] log.debug("sync_entries: Getting db entries") for user in users: if user.home_addr: timeout = tg.config.get('netgroups.timeout.%s' % home_netgroup) if use_ip: hostname = user.home_addr else: hostname = "%s.%s.%s" % (user.user_name, home_netgroup, domain) entry = (hostname, user.user_name, user.home_updated.strftime("%Y%m%d%H%M")) db_home_entries.append(entry) if user.travel_addr: timeout = tg.config.get('netgroups.timeout.%s' % travel_netgroup) if use_ip: hostname = user.travel_addr else: hostname = "%s.%s.%s" % (user.user_name, travel_netgroup, domain) entry = (hostname, user.user_name, user.travel_updated.strftime("%Y%m%d%H%M")) db_travel_entries.append(entry) log.debug("sync_entries: Getting ldap entries") con = get_connection() netgroup = tg.config.get('netgroups.search.format', "(cn=%s)") % home_netgroup timeout = tg.config.get('netgroups.timeout.%s' % home_netgroup) netgroup, ldap_home_entries = get_current_entries(con, netgroup_dn, netgroup) db_home_entries, to_prune = prune_expired_entries(db_home_entries, timeout) ldap_home_entries, to_prune = prune_expired_entries(ldap_home_entries, timeout) # now we only have valid entries in both db_*_entries and ldap_*_entries log.debug(db_home_entries) db_home_lookup = dict([(entry[1], entry) for entry in db_home_entries]) to_modify = [] for entry in ldap_home_entries: if ( entry[1] not in db_home_lookup ): to_prune.append(entry) continue db_entry = db_home_lookup[entry[1]] if ( db_entry != entry ): to_modify.append(db_entry) del db_home_lookup[entry[1]] actions = [format_remove_entry(entry[0], entry[1], entry[2]) for entry in to_prune] [actions.append(format_mod_entry(entry[0], entry[1], entry[2])) for entry in to_modify] [actions.append(format_add_entry(entry[0], entry[1], entry[2])) for username, entry in db_home_lookup.iteritems()] if len(actions) > 0: log.info("Synchronizing %d home hosts" % len(actions)) log.debug(netgroup) log.debug(actions) res = con.modify(netgroup, actions) res, result = con.result(res) else: log.debug("No entries to change for home hosts") netgroup = tg.config.get('netgroups.search.format', "(cn=%s)") % travel_netgroup timeout = tg.config.get('netgroups.timeout.%s' % travel_netgroup) netgroup, ldap_travel_entries = get_current_entries(con, netgroup_dn, netgroup) db_travel_entries, to_prune = prune_expired_entries(db_travel_entries, timeout) ldap_travel_entries, to_prune = prune_expired_entries(ldap_travel_entries, timeout) # now we only have valid entries in both db_*_entries and ldap_*_entries db_user_lookup = dict([(entry[1], entry) for entry in db_travel_entries]) log.debug(db_user_lookup) log.debug(db_travel_entries) to_modify = [] for entry in ldap_travel_entries: if ( entry[1] not in db_user_lookup ): to_prune.append(entry) continue db_entry = db_user_lookup[entry[1]] if ( db_entry != entry ): to_modify.append(db_entry) del db_user_lookup[entry[1]] actions = [format_add_entry(entry[0], entry[1], entry[2]) for username, entry in db_user_lookup.iteritems()] [actions.append(format_mod_entry(entry[0], entry[1], entry[2])) for entry in to_modify] [actions.append(format_remove_entry(entry[0], entry[1], entry[2])) for entry in to_prune] if len(actions) > 0: log.info("Synchronizing %d travel hosts" % len(actions)) log.debug(netgroup) log.debug(actions) res = con.modify(netgroup, actions) res, result = con.result(res) else: log.debug("No entries to change for travel hosts") # determine common entries con.unbind() # rename the task after it completes so we can run it again scheduler.rename_task("sync", "sync-completed")