コード例 #1
0
def _get_last_website_login(username):
    """ Retrieve from FAS the last time this user has been seen.

    :arg username, the fas username from who we would like to see the
        last connection in FAS.
    """
    from fedora.client import AccountSystem
    fasclient = AccountSystem()

    log.debug('Querying FAS for user: {0}'.format(username))
    try:
        import fedora_cert
        fasusername = fedora_cert.read_user_cert()
    except Exception:
        log.debug('Could not read Fedora cert, using login name')
        if PY3:
            fasusername = input('FAS username: '******'FAS username: '******'FAS password for %s: ' % fasusername)
    fasclient.username = fasusername
    fasclient.password = password
    person = fasclient.person_by_username(username)
    print('Last login in FAS:')
    print('   %s %s' % (username, person['last_seen'].split(' ')[0]))
    print()
def validateFedoraUser(request):
    # Setup FAS client
    fasclient = AccountSystem()
    try:
        fasusername = fedora_cert.read_user_cert()
        print " * FAS username: %s" % fasusername
    except:
        fasusername = raw_input(' * FAS username: '******' * FAS password: ')
    fasclient.username = fasusername
    fasclient.password = password

    # Query user
    fasid = request["fasid"]
    email = request["email"]
    person = fasclient.person_by_username(fasid)

    # Validate user
    if not person:
        raise Exception("Request submitter %s does not match a known FAS username" % fasid)

    if not person["bugzilla_email"] == email:
        raise Exception("Email %s of request submitter does not match email of specified FAS user %s" % (email, fasid))

    if "cla_fpca" not in person["group_roles"] or person["group_roles"]["cla_fpca"]["role_status"] != "approved":
        raise Exception("Request submitter %s has not signed the Fedora Project Contributor Agreement" % fasid)

    if "packager" not in person["group_roles"] or person["group_roles"]["packager"]["role_status"] != "approved":
        if request["branches"].difference(set(["master"])):
            raise Exception("Request contains patches for stable-release branches, but user %s is not a packager" % fasid)

    print " => User %s successfully validated" % fasid
コード例 #3
0
ファイル: utils.py プロジェクト: ferdnyc/rfpkgdb-cli
def _get_fas(url=rfpkgdb2client.FAS_URL, insecure=False):
    ''' Return a bugzilla object. '''
    global FASCLIENT
    if not FASCLIENT or FASCLIENT.base_url != url:
        FASCLIENT = AccountSystem(url, username=USERNAME)

    FASCLIENT.insecure = insecure

    return FASCLIENT
コード例 #4
0
ファイル: utils.py プロジェクト: fedora-infra/packagedb-cli
def _get_fas(url=pkgdb2client.FAS_URL, insecure=False):
    ''' Return a bugzilla object. '''
    global FASCLIENT
    if not FASCLIENT or FASCLIENT.base_url != url:
        FASCLIENT = AccountSystem(
            url, username=USERNAME)

    FASCLIENT.insecure = insecure

    return FASCLIENT
コード例 #5
0
 def group_users(self, group_name):
     group_json = dict()
     account = AccountSystem(username=self.username, password=self.password)
     try:
         group_json = account.group_members(group_name)
     except AuthError:
         print("[*] Invalid Username / Password")
         return 1
     userlist = [user_desc.values()[0] for user_desc in group_json]
     return userlist
コード例 #6
0
 def group_users(self, group_name):
     group_json = dict()
     account = AccountSystem(username=self.username,
                         password=self.password)
     try:
         group_json = account.group_members(group_name)
     except AuthError:
         print("[*] Invalid Username / Password")
         return 1
     userlist = [user_desc.values()[0] for user_desc in group_json]
     return userlist
コード例 #7
0
 def group_users(self, group_name):
     userlist = list()
     group_json = {}
     account = AccountSystem(username=self.username,
                         password=self.password)
     try:
         group_json = account.group_members(group_name)
     except AuthError:
         print("[*] Invalid Username / Password")
     for user_desc in group_json:
         userlist.append(user_desc.values()[0])
     return userlist
コード例 #8
0
 def user_active(self, name):
     user_json = dict()
     account = AccountSystem(username=self.username, password=self.password)
     try:
         user_json = account.person_by_username(name)
     except AuthError:
         print("[*] Invalid Username / Password")
         return 1
     try:
         if user_json['status'] == 'active':
             return True
         else:
             return False
     except KeyError:
         return False
コード例 #9
0
 def user_active(self, name):
     user_json = dict()
     account = AccountSystem(username=self.username,
                         password=self.password)
     try:
         user_json = account.person_by_username(name)
     except AuthError:
         print("[*] Invalid Username / Password")
         return 1
     try:
         if user_json['status'] == 'active':
             return True
         else:
             return False
     except KeyError:
         return False
コード例 #10
0
def _get_last_website_login(username):
    """ Retrieve from FAS the last time this user has been seen.

    :arg username, the fas username from who we would like to see the
        last connection in FAS.
    """
    from fedora.client import AccountSystem
    fasclient = AccountSystem()

    log.debug('Querying FAS for user: {0}'.format(username))
    try:
        fasusername = fedora_cert.read_user_cert()
    except Exception:
        log.debug('Could not read Fedora cert, using login name')
        fasusername = raw_input('FAS username: '******'FAS password for %s: ' % fasusername)
    fasclient.username = fasusername
    fasclient.password = password
    person = fasclient.person_by_username(username)
    print('Last login in FAS:')
    print('   %s %s' % (username, person['last_seen'].split(' ')[0]))
コード例 #11
0
import logging
log = logging.getLogger('turbogears.identity.jsonfasprovider')

if config.get('identity.ssl', False):
    fas_user = config.get('fas.username', None)
    fas_password = config.get('fas.password', None)
    if not (fas_user and fas_password):
        raise identity.IdentityConfigurationException(
            'Cannot enable ssl certificate auth via identity.ssl'
            ' without setting fas.usernamme and fas.password for'
            ' authorization')
    __url = config.get('fas.url', None)
    if __url:
        fas = AccountSystem(__url,
                            username=config.get('fas.username'),
                            password=config.get('fas.password'),
                            retries=3)


class JsonFasIdentity(BaseClient):
    '''Associate an identity with a person in the auth system.
    '''
    cookie_name = config.get('visit.cookie.name', 'tg-visit')
    fas_url = config.get('fas.url',
                         'https://admin.fedoraproject.org/accounts/')
    useragent = 'JsonFasIdentity/%s' % __version__
    cache_session = False

    def __init__(self,
                 visit_key=None,
                 user=None,
コード例 #12
0
"""

import argparse
import fedora_cert
import getpass
import koji
import logging
import re
import sys
import time
import urllib
from fedora.client import AppError, ServerError, AccountSystem
from bugzilla.rhbugzilla import RHBugzilla3

kojiclient = koji.ClientSession('http://koji.fedoraproject.org/kojihub', {})
fasclient = AccountSystem()
bzclient = RHBugzilla3(url='https://bugzilla.redhat.com/xmlrpc.cgi')

# Initial simple logging stuff
logging.basicConfig()
log = logging.getLogger("pkgdb")
if '--debug' in sys.argv:
    log.setLevel(logging.DEBUG)
    #pkgdbclient.debug = True
elif '--verbose' in sys.argv:
    log.setLevel(logging.INFO)

_table_keys = {
    'user_perms': ['user_id', 'perm_id'],
    'user_groups': ['user_id', 'group_id'],
    'tag_inheritance': ['tag_id', 'parent_id'],
コード例 #13
0
    if verbose:
        print('Adding the following keys:')
        print(to_add)
    for key in to_add:
        add_key(openshift_host, openshift_user, openshift_pass, '%(prefix)s%(username)s' % {'prefix': prefix, 'username': key['username']}, key['type'], key['contents'], verbose=verbose)
    if verbose:
        print('Done')

if __name__ == '__main__':
    parser = ArgumentParser()
    parser.add_argument('-config_file', help='The configuration file to use', default='/etc/sync-openshift-keys.conf')
    parser.add_argument('--verbose', '-v', help='Make the script more verbose', action='store_true')
    args = parser.parse_args()
    config = ConfigParser.ConfigParser()
    config.read(args.config_file)
    fas = AccountSystem(config.get('fas', 'url'), username=config.get('fas', 'user'), password=config.get('fas', 'pass'))
    fas.insecure = True
    if args.verbose:
        print('Getting users...')
    users = get_users_to_have_access(fas, string.split(config.get('general', 'groups'), ','))
    if args.verbose:
        print('Done: %s' % users)
        print('Getting keys in FAS...')
    keys_fas = get_users_ssh_keys(fas, users)
    if args.verbose:
        print('Done: %s')
        print('Getting keys in Openshift...')
    keys_openshift = get_keys(config.get('openshift', 'host'), config.get('openshift', 'user'), config.get('openshift', 'pass'))
    if args.verbose:
        print('Done')
        print('Getting keys to remove...')
コード例 #14
0
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# vim: noai:ts=4:sw=4:expandtab

from fedora.client import AuthError, AccountSystem
from six.moves import configparser
import bugzilla
import datetime
import getpass
import os
import six

DAYS_AGO = 60
client = AccountSystem()
bz = bugzilla.Bugzilla(url='https://bugzilla.redhat.com/xmlrpc.cgi')

# cache mapping of user id to name
map_id_to_name = {}


def convert_id_to_name(user_id):
    if user_id not in map_id_to_name:
        map_id_to_name[user_id] = client.person_by_id(user_id).username
    return map_id_to_name[user_id]


def process_user(username):
    fas_user = client.person_by_username(username)
    if fas_user.status != u'active':
        return None
    human_name = bz.getuser(fas_user.bugzilla_email).real_name
コード例 #15
0
if args.site == None:
    args.site = 'https://admin.fedoraproject.org/accounts/'

if args.verbose:
    print 'Using site: %(site)s' % {'site': args.site}

if args.verbose:
    if args.gpg_home == None:
        print 'Using default gpg_home'
    else:
        print 'Using gpg_home: %(gpghome)s' % {'gpghome': args.gpg_home}

if args.gpg_home != None:
    os.putenv('GNUPGHOME', args.gpg_home)

fas = AccountSystem(args.site, username=args.admin_user, password=args.admin_pass, insecure=args.insecure)

if args.verbose:
    print 'Getting user details...'
try:
    details = fas.person_by_username(args.target_user)
except AuthError:
    print 'Failed to login to FAS. Please check admin_user and admin_pass!'
    sys.exit(2)
except ServerError:
    print 'Failed to retrieve user details: the server reported an error!'
    sys.exit(3)

if not 'username' in details.keys():
    print 'Error: user %(username)s is not known on this FAS site!' % {'username': args.target_user}
    sys.exit(4)
コード例 #16
0
ファイル: burn-key.py プロジェクト: echevemaster/fas
    print _('''Please run this program as root as it will need to write
directly to the yubikey usb''')
    sys.exit(5)

print _('''
Attention: You are about to reprogram your yubikey!  Please ensure it is
plugged in to your USB slot before continuing.  The secret key currently on
your yubikey will be destroyed as part of this operation!

''')

print 'Contacting %s' % opts.url
password = getpass('Password for %s: ' % opts.username)

fas = AccountSystem(username=opts.username,
                    password=password,
                    base_url=opts.url)
try:
    new_key = fas.send_request('yubikey/genkey', auth=True)
except AuthError, e:
    print e
    sys.exit(1)

print
print _('New key generated in FAS, attempting to burn to yubikey')
print

opts = new_key['key'].split()

try:
    retcode = subprocess.call([
コード例 #17
0
import xmlrpclib

from bugzilla import Bugzilla
from fedora.client import AccountSystem, AuthError

import pkgdb2client

try:
    USERNAME = fedora_cert.read_user_cert()
except fedora_cert.fedora_cert_error:
    pkgdb2client.LOG.debug('Could not read Fedora cert, asking for username')
    USERNAME = None

RH_BZ_API = 'https://bugzilla.redhat.com/xmlrpc.cgi'
BZCLIENT = None
FASCLIENT = AccountSystem('https://admin.fedoraproject.org/accounts',
                          username=USERNAME)


def _get_bz(url=RH_BZ_API, insecure=False):
    ''' Return a bugzilla object. '''
    global BZCLIENT
    if not BZCLIENT:
        BZCLIENT = Bugzilla(url=url)
    elif BZCLIENT.url != url:
        BZCLIENT.url = url

    BZCLIENT._sslverify = not insecure

    try:
        BZCLIENT.logged_in
    except xmlrpclib.Error:
コード例 #18
0
    args.site = 'https://admin.fedoraproject.org/accounts/'

if args.verbose:
    print('Using site: %(site)s' % {'site': args.site})

if args.verbose:
    if args.gpg_home == None:
        print('Using default gpg_home')
    else:
        print('Using gpg_home: %(gpghome)s' % {'gpghome': args.gpg_home})

if args.gpg_home != None:
    os.putenv('GNUPGHOME', args.gpg_home)

fas = AccountSystem(args.site,
                    username=args.admin_user,
                    password=args.admin_pass,
                    insecure=args.insecure)

if args.verbose:
    print('Getting user details...')
try:
    details = fas.person_by_username(args.target_user)
except AuthError:
    print('Failed to login to FAS. Please check admin_user and admin_pass!')
    sys.exit(2)
except ServerError:
    print('Failed to retrieve user details: the server reported an error!')
    sys.exit(3)

if not 'username' in list(details.keys()):
    print('Error: user %(username)s is not known on this FAS site!' %
コード例 #19
0
    print _('''Please run this program as root as it will need to write
directly to the yubikey usb''')
    sys.exit(5)

print _(
'''
Attention: You are about to reprogram your yubikey!  Please ensure it is
plugged in to your USB slot before continuing.  The secret key currently on
your yubikey will be destroyed as part of this operation!

''')

print 'Contacting %s' % opts.url
password = getpass('Password for %s: ' % opts.username)

fas = AccountSystem(username=opts.username, password=password, base_url=opts.url)
try:
    new_key = fas.send_request('yubikey/genkey', auth=True)
except AuthError, e:
    print e
    sys.exit(1)

print
print _('New key generated in FAS, attempting to burn to yubikey')
print

opts = new_key['key'].split()

try:
    retcode = subprocess.call(['/usr/bin/ykpersonalize', 
                            '-ofixed=%s' % opts[0],
コード例 #20
0
	json_in = open(sys.argv[1], 'r').readlines()
	if os.path.isfile(sys.argv[1]) == False:
	 	print "[Error] - Please check the file name and/or path."
 		exit()
except IndexError, error:
	print "[Error] - File name is missing on the first parameter"
	exit()

senderAddr = "*****@*****.**"
senderName = "Fedora Infrastructure"

username = raw_input('FAS Username: '******'\n', ''))

	user = report['user']
	url = report['url']
	error = report['error']

	user_data = fas2.person_by_username(user)
	user_realname = user_data.human_name
	user_email = user_data.email

	if user_realname == None:
		# Some users don't set the real name on FAS