def new_system_user(user_full_name, username, raw_password, joomla_password, access_level, email,
project_group, organisation, approved_by, created_by, massive_account, vm_id, vm_ip):
"""
Create a new user (in Joomla) *and* add them to a given VM.
FIXME Is there no way to create a user without assigning them to a VM?
"""
# Create an SSH keypair for the new user.
temp_dir = tempfile.mkdtemp()
private_key_filename = username
public_key_filename = username + '.pub'
private_key_path = os.path.join(temp_dir, private_key_filename)
public_key_path = os.path.join(temp_dir, public_key_filename)
exit_code, stdout, stderr = run_shell_command("ssh-keygen -f {private_key_path} -N ''".format(private_key_path=private_key_path))
private_key = b64encode(open(private_key_path, 'r').read())
public_key = b64encode(open(public_key_path, 'r').read())
os.remove(private_key_path)
os.remove(public_key_path)
if access_level == enums.UserAccess.Administrator:
group_access_id = Cvl_usergroups.select(sqlobject.AND(Cvl_usergroups.q.title=='Administrator', Cvl_usergroups.q.parentID==2)).getOne().id # FIXME magic value 2?
else:
group_access_id = Cvl_usergroups.select(sqlobject.AND(Cvl_usergroups.q.title=='User', Cvl_usergroups.q.parentID==2)).getOne().id # FIXME magic value 2?
encrypted_unix_password = crypt.crypt(raw_password, 'CvlEncryption')
driver_id = 0 # FIXME this is not supported
activation = '0'
send_email = 0
register_date = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
logging.debug('Create VM user account .....')
# FIXME Is OperationState used?
# FIXME all public and private keys have the same name - this is ok?
user_record, user_vm_record, user_group_map_record = cvlsql.sql_add_user(user_full_name, username, joomla_password, email, enums.OperationState.Idle,
public_key, cvl_config.PUBLIC_KEY_NAME, private_key, cvl_config.PRIVATE_KEY_NAME,
massive_account, project_group, group_access_id, approved_by, created_by,
driver_id, activation, send_email, register_date, organisation, encrypted_unix_password)
# FIXME This ought to be a celery task, otherwise a dead VM will stop the process?
cvlfabric.env.hosts = [vm_ip]
cvlfabric.execute(cvlfabric.new_user, username=username, password=encrypted_unix_password, public_key=public_key)
cvlsql.add_user_to_vm(user_record, Cvl_cvl_vm.select(Cvl_cvl_vm.q.vmIp==vm_ip).getOne())
return user_record.id
from utils import nova_client, get_vm_info
from cvlsql import Cvl_cvl_vm
nc = nova_client()
db_vms = list(Cvl_cvl_vm.select())
nova_vms = nc.servers.list()
db_ips = [x.vmIp for x in db_vms]
nova_ips = [get_vm_info(x.name)['ip'] for x in nova_vms]
# VMs with the same name?
duplicate_db_names = [x.vmServerName for x in db_vms if len([y for y in db_vms if y.vmServerName == x]) > 1]
duplicate_nova_names = [x.name for x in nova_vms if len([y for y in nova_vms if y.name == x]) > 1]
if len(duplicate_db_names) > 0:
print 'Multiple VMs exist in the database with the following names:', duplicate_db_names
if len(duplicate_nova_names) > 0:
print 'Multiple VMs exist in Nectar with the following names:', duplicate_nova_names
# Unmanaged VMs?
unmanaged_vms = [x for x in nova_vms if get_vm_info(x.name)['ip'] not in db_ips]
if len(unmanaged_vms) > 0:
print 'VMs in Nectar tenancy %s that are not managed by by the User Management system:' % (nc.project_id,)
for x in unmanaged_vms:
print get_vm_info(x.name)['ip'], x.name
print
# Orphaned VM records?
