def extend(directory):
for k, v in directory['parameters'].items():
if k == 'password':
directory['parameters'][k] = Password(v)
directory['status'] = lazy(self.dispatcher.call_sync, 'dscached.management.get_status', directory['id'])
return directory
def change_password(self, user_name, password):
user = self.datastore.get_one('users', ('username', '=', user_name))
if not user:
raise OSError(errno.ENOENT, os.strerror(errno.ENOENT))
self.context.client.call_task_sync('user.update', user['id'],
{'password': Password(password)})
def extend_query():
for i in self.datastore.query_stream('peers', ('type', '=', 'vmware')):
password = q.get(i, 'credentials.password')
if password:
q.set(i, 'credentials.password', Password(password))
i['status'] = lazy(self.get_status, i['id'])
yield i
def decode_hook(obj):
if len(obj) == 1:
if '$date' in obj:
return parse(obj['$date'])
if '$binary' in obj:
return base64.b64decode(obj['$binary'])
if '$regex' in obj:
return re.compile(obj['$regex'])
if '$password' in obj:
return Password(obj['$password'])
return obj
def extend(certificate):
if certificate['type'].startswith('CA_'):
cert_path = '/etc/certificates/CA'
else:
cert_path = '/etc/certificates'
if certificate.get('certificate'):
certificate['certificate_path'] = os.path.join(
cert_path, '{0}.crt'.format(certificate['name']))
if certificate.get('privatekey'):
certificate['privatekey'] = Password(certificate['privatekey'])
certificate['privatekey_path'] = os.path.join(
cert_path, '{0}.key'.format(certificate['name']))
if certificate.get('csr'):
certificate['csr_path'] = os.path.join(
cert_path, '{0}.csr'.format(certificate['name']))
return certificate
def run(self, context, args, kwargs, opargs):
if not kwargs.get('username') or not kwargs.get('password'):
raise CommandException(
'You have to provide a bug tracking system password and username in order to submit a ticket'
)
if not kwargs.get('subject'):
raise CommandException(
_('You have to provide a subject for a ticket'))
if not kwargs.get('description'):
raise CommandException(
_('You have to provide a description for a ticket'))
if not kwargs.get('type'):
raise CommandException(
_('You have to provide a type of the ticket: bug/feature'))
if not kwargs.get('category'):
raise CommandException(
_('You have to provide a category for the ticket'))
if not kwargs.get('attach_debug_data'):
kwargs['debug'] = True
else:
kwargs['debug'] = True if kwargs.pop(
'attach_debug_data') == 'yes' else False
if kwargs.get('attachments') and isinstance(kwargs['attachments'],
str):
kwargs['attachments'] = [kwargs['attachments']]
if not self.ticket_categories:
self.ticket_categories.update(
context.call_sync('support.categories', kwargs['username'],
kwargs['password']))
kwargs['category'] = self.ticket_categories[kwargs['category']]
kwargs['password'] = Password(kwargs['password'])
tid = context.submit_task('support.submit', kwargs)
return TaskPromise(context, tid)
def complete(self, context, **kwargs):
props = []
username = q.get(kwargs, 'kwargs.username')
password = q.get(kwargs, 'kwargs.password')
if username and password:
if not self.ticket_categories:
self.ticket_categories.update(
context.call_sync('support.categories', str(username),
Password(str(password))))
if self.ticket_categories:
props += [
EnumComplete('category=', list(self.ticket_categories.keys()))
]
props += [NullComplete('subject=')]
props += [NullComplete('description=')]
props += [EnumComplete('type=', ['bug', 'feature'])]
props += [EnumComplete('attach_debug_data=', ['yes', 'no'])]
props += [NullComplete('attachments=')]
return props + [
NullComplete('username='******'password='),
]
def get_config(self):
state = ConfigNode('service.ups', self.configstore).__getstate__()
state['monitor_password'] = Password(state['monitor_password'])
return state
def get_config(self):
state = ConfigNode('service.webdav', self.configstore).__getstate__()
state['password'] = Password(state['password'])
return state
def __init__(self, name, context):
super(UsersNamespace, self).__init__(name, context)
self.primary_key_name = 'username'
self.entity_subscriber_name = 'user'
self.create_task = 'user.create'
self.update_task = 'user.update'
self.delete_task = 'user.delete'
self.save_key_name = 'id'
self.required_props = ['name', ['password', 'password_disabled']]
self.extra_query_params = [[
'or', [('builtin', '=', False), ('username', '=', 'root')]
]]
if not UsersNamespace.shells:
UsersNamespace.shells = context.call_sync('shell.get_shells')
self.localdoc['CreateEntityCommand'] = ("""\
Usage: create <name> password=<password> <property>=<value> ...
Examples: create myuser password=mypassword home=/mnt/mypool/myuserhome
create someuser group=somegroup password_disabled=true
Creates a user account. For a list of properties, see 'help properties'."""
)
self.entity_localdoc['SetEntityCommand'] = ("""\
Usage: set <property>=<value> ...
Examples: set group=users
set password_disabled=True
set groups=wheel, ftp, operator
Sets a user property. For a list of properties, see 'help properties'."""
)
self.entity_localdoc['DeleteEntityCommand'] = ("""\
Usage: delete <property>=<value> ...
Examples: delete
delete delete_home_directory=yes delete_own_group=yes
Deletes the specified user.
Note that built-in user accounts can not be deleted.""")
self.localdoc['ListCommand'] = ("""\
Usage: show
Lists all users. Optionally, filter or sort by property.
Use 'help account user properties' to list available properties.
Examples:
show
show | search username == root
show | search uid > 1000
show | search fullname~=John | sort fullname""")
self.entity_localdoc['GetEntityCommand'] = ("""\
Usage: get <field>
Examples:
get username
get uid
get fullname
Display value of specified field.""")
self.entity_localdoc['EditEntityCommand'] = ("""\
Usage: edit <field>
Examples: edit username
Opens the default editor for the specified property. The default editor
is inherited from the shell's $EDITOR which can be set from the shell.
For a list of properties for the current namespace, see 'help properties'."""
)
self.entity_localdoc['ShowEntityCommand'] = ("""\
Usage: show
Examples: show
Display the property values for user.""")
self.skeleton_entity = {'username': None, 'group': None}
self.createable = lambda entity: not entity['builtin']
self.add_property(
width=5,
descr='User ID',
name='uid',
get='uid',
list=True,
usage=_("An unused number greater than 1000 and less than 65535."),
type=ValueType.NUMBER)
self.add_property(width=15,
descr='User name',
name='name',
get='username',
usage=_("""\
Maximum 16 characters, though a maximum of 8 is recommended for
interoperability. Can not begin with a hyphen or contain a space,
a tab, a double quote, or any of these characters:
, : + & # % ^ & ( ) ! @ ~ * ? < > =
If a $ is used, it can only be the last character."""),
list=True)
self.add_property(
width=20,
descr='Full name',
name='fullname',
get='full_name',
usage=_("Place within double quotes if contains a space."),
list=True)
self.add_property(width=20,
descr='Primary group',
name='group',
get_name='group',
get=self.display_group,
usage=_("""\
By default when a user is created, a primary group
with the same name as the user is also created.
When specifying a different group name, that group
must already exist."""),
set=self.set_group)
self.add_property(descr='Auxiliary groups',
name='groups',
get=self.display_aux_groups,
get_name='groups',
usage=_("""\
List of additional groups the user is a member of. To add
the user to other groups, enclose a space delimited list
between double quotes and ensure the groups already exist."""),
set=self.set_aux_groups,
type=ValueType.SET,
list=False)
self.add_property(descr='Login shell',
name='shell',
get='shell',
usage=_("""\
Default is "/bin/sh". Can be set to full path of an
existing shell. Type 'shells' to see the list of
available shells."""),
list=False,
enum=UsersNamespace.shells)
self.add_property(descr='Home directory',
name='home',
get='home',
usage=_("""\
By default when a user is created, their home
directory is not created. To create one, specify the
full path to an existing dataset between double quotes."""),
list=False)
self.add_property(descr='Password',
name='password',
type=ValueType.PASSWORD,
get=lambda o: Password(''),
set='password',
usage=_("""\
Mandatory unless "password_disabled=true" is
specified when creating the user. Passwords
cannot contain a question mark."""),
list=False)
self.add_property(width=20,
descr='Password Disabled',
name='password_disabled',
get='password_disabled',
set='password_disabled',
usage=_("""\
Can be set to true or false. When set
to true, disables password logins and
authentication to CIFS shares but still
allows key-based logins."""),
type=ValueType.BOOLEAN)
self.add_property(descr='Locked',
name='locked',
get='locked',
usage=_("""\
Can be set to true or false. While set
to true, the account is disabled."""),
list=False,
type=ValueType.BOOLEAN)
self.add_property(descr='Email address',
name='email',
get='email',
usage=_("""\
Specify email address, enclosed between double quotes,
to send that user's notifications to."""),
list=False)
self.add_property(descr='Administrator privileges',
name='administrator',
get='sudo',
usage=_("""\
Can be set to true or false. When set to true, the
user is allowed to use sudo to run commands
with administrative permissions."""),
list=False,
type=ValueType.BOOLEAN)
self.add_property(descr='SSH public key',
name='pubkey',
get='sshpubkey',
usage=_("""\
To configure key-based authentication, use the 'set' command
to paste the user's SSH public key."""),
type=ValueType.STRING,
list=False)
self.add_property(width=20,
descr='Domain',
name='domain',
get='origin.domain',
set=None,
type=ValueType.STRING,
list=True)
self.add_property(descr='Delete own group',
name='delete_own_group',
get=None,
list=False,
set='0.delete_own_group',
delete_arg=True,
type=ValueType.BOOLEAN)
self.add_property(descr='Delete home directory',
name='delete_home_directory',
get=None,
list=False,
set='0.delete_home_directory',
delete_arg=True,
type=ValueType.BOOLEAN)
self.primary_key = self.get_mapping('name')
self.extra_commands = {'shells': ShellsCommand()}
def read_value(value, tv=ValueType.STRING):
if value is None:
if tv == ValueType.ARRAY:
return []
if tv == ValueType.DICT:
return {}
if tv == ValueType.SET:
return set()
if tv == ValueType.BOOLEAN:
return False
return value
if tv in (ValueType.STRING, ValueType.TEXT_FILE):
return str(value)
if tv in (ValueType.NUMBER, ValueType.SIZE):
return int(value)
if tv == ValueType.BOOLEAN:
if type(value) is bool:
return value
if str(value).lower() in ('true', 'yes', 'on', '1'):
return True
if str(value).lower() in ('false', 'no', 'off', '0'):
return False
if tv == ValueType.SET:
if type(value) is list:
return set(value)
else:
return {value}
if tv == ValueType.ARRAY:
if type(value) is list:
return value
else:
return [value]
if tv == ValueType.DICT:
if type(value) is dict:
return value
if tv == ValueType.OCTNUMBER:
return int(value)
if tv == ValueType.PERMISSIONS:
if isinstance(value, str):
value = string_to_int(value)
else:
if value > 0o777:
raise ValueError(
'Invalid permissions format - use octal notation with maximum value of 0o777'
)
return get_unix_permissions(value)
if tv == ValueType.PASSWORD:
return Password(str(value))
raise ValueError(
_("Invalid value '{0}', expected {1} value".format(
value,
str(tv).split('ValueType.')[-1].lower())))
def get_config(self) -> AlertEmitterEmail:
node = ConfigNode('mail', self.configstore).__getstate__()
node['password'] = Password(node['password'])
return AlertEmitterEmail(node)