def apply_policies_to_user(nodes_collection,
user,
auth_user,
api=None,
initialize=False):
from gecoscc.tasks import object_changed, object_created
computers = get_computer_of_user(nodes_collection, user)
if api and initialize:
user = visibility_group(nodes_collection.database, user)
user = visibility_object_related(nodes_collection.database, user)
remove_chef_user_data(user, computers, api)
if not computers:
return
ous = nodes_collection.find(get_filter_ous_from_path(user['path']))
for ou in ous:
if ou.get('policies', {}):
object_changed.delay(auth_user, 'ou', ou, {}, computers=computers)
groups = nodes_collection.find({'_id': {'$in': user.get('memberof', [])}})
for group in groups:
if group.get('policies', {}):
object_changed.delay(auth_user,
'group',
group, {},
computers=computers)
object_created.delay(auth_user, 'user', user, computers=computers)
def apply_policies_to_computer(nodes_collection, computer, auth_user, api=None, initialize=False):
from gecoscc.tasks import object_changed, object_created
if api and initialize:
computer = visibility_group(nodes_collection.database, computer)
computer = visibility_object_related(nodes_collection.database, computer)
remove_chef_computer_data(computer, api)
ous = nodes_collection.find(get_filter_ous_from_path(computer['path']))
for ou in ous:
if ou.get('policies', {}):
object_changed.delay(auth_user, 'ou', ou, {}, computers=[computer])
groups = nodes_collection.find({'_id': {'$in': computer.get('memberof', [])}})
for group in groups:
if group.get('policies', {}):
object_changed.delay(auth_user, 'group', group, {}, computers=[computer])
object_created.delay(auth_user, 'computer', computer, computers=[computer])
def post_save(self, obj, old_obj=None):
if self.request.method == 'DELETE':
newmemberof = []
else:
newmemberof = obj.get('memberof', [])
if old_obj is not None:
oldmemberof = old_obj.get('memberof', [])
else:
oldmemberof = []
adds = [n for n in newmemberof if n not in oldmemberof]
removes = [n for n in oldmemberof if n not in newmemberof]
for group_id in removes:
group = self.request.db.nodes.find_one({'_id': group_id})
self.request.db.nodes.update({
'_id': group_id
}, {
'$pull': {
'members': obj['_id']
}
}, multi=False)
group_without_policies = self.request.db.nodes.find_one({'_id': group_id})
group_without_policies['policies'] = {}
computers = self.computers_to_group(obj)
object_changed.delay(self.request.user, 'group', group_without_policies, group, 'changed', computers)
for group_id in adds:
# Add newmember to new group
self.request.db.nodes.update({
'_id': group_id
}, {
'$push': {
'members': obj['_id']
}
}, multi=False)
group = self.request.db.nodes.find_one({'_id': group_id})
computers = self.computers_to_group(obj)
object_changed.delay(self.request.user, 'group', group, {}, 'changed', computers)
return super(TreeLeafResourcePaginated, self).post_save(obj, old_obj)
def post_save(self, obj, old_obj=None):
if self.request.method == 'DELETE':
newmemberof = []
else:
newmemberof = obj.get('memberof', [])
if old_obj is not None:
oldmemberof = old_obj.get('memberof', [])
else:
oldmemberof = []
adds = [n for n in newmemberof if n not in oldmemberof]
removes = [n for n in oldmemberof if n not in newmemberof]
for group_id in removes:
group = self.request.db.nodes.find_one({'_id': group_id})
self.request.db.nodes.update({'_id': group_id},
{'$pull': {
'members': obj['_id']
}},
multi=False)
group_without_policies = self.request.db.nodes.find_one(
{'_id': group_id})
group_without_policies['policies'] = {}
computers = self.computers_to_group(obj)
object_changed.delay(self.request.user, 'group',
group_without_policies, group, 'changed',
computers)
for group_id in adds:
# Add newmember to new group
self.request.db.nodes.update({'_id': group_id},
{'$push': {
'members': obj['_id']
}},
multi=False)
group = self.request.db.nodes.find_one({'_id': group_id})
computers = self.computers_to_group(obj)
object_changed.delay(self.request.user, 'group', group, {},
'changed', computers)
return super(TreeLeafResourcePaginated, self).post_save(obj, old_obj)
def notify_changed(self, obj, old_obj):
if obj['path'] != old_obj['path']:
object_moved.delay(self.request.user, self.objtype, obj, old_obj)
else:
object_changed.delay(self.request.user, self.objtype, obj, old_obj)
invalidate_change(self.request, obj)
def _saveMongoADObject(self, node, old_node):
admin_user = self.request.user
result = self.collection.update({'adObjectGUID': node['adObjectGUID']}, node)
object_changed.delay(admin_user, node['type'], node, old_node)
return result
def notify_changed(self, obj, old_obj):
result = object_changed.delay(self.objtype, obj, old_obj)
params = self._job_params(obj, 'changed')
self.request.jobs.create(result.task_id, **params)
def notify_changed(self, obj, old_obj):
if obj['path'] != old_obj['path']:
object_moved.delay(self.request.user, self.objtype, obj, old_obj)
else:
object_changed.delay(self.request.user, self.objtype, obj, old_obj)
invalidate_change(self.request, obj)
