def RequestAndGrantClientApproval(client_id, token=None, approver="approver", reason="testing"): token = token or GetToken() ApprovalRequest(client_id, token=token, approver=approver, reason=reason) user = aff4.FACTORY.Create("aff4:/users/%s" % approver, users.GRRUser, token=token.SetUID()) user.Flush() approver_token = access_control.ACLToken(username=approver) security.ClientApprovalGrantor(reason=reason, delegate=token.username, subject_urn=rdf_client.ClientURN(client_id), token=approver_token).Grant()
def ApprovalGrant(token=None): """Iterate through requested access approving or not.""" user = getpass.getuser() notifications = GetNotifications(user=user, token=token) requests = [n for n in notifications if n.type == "GrantAccess"] for request in requests: _, client_id, user, reason = rdfvalue.RDFURN(request.subject).Split() reason = utils.DecodeReasonString(reason) print request print "Reason: %s" % reason if raw_input("Do you approve this request? [y/N] ").lower() == "y": security.ClientApprovalGrantor(subject_urn=client_id, reason=reason, delegate=user, token=token).Grant() # TODO(user): Remove the notification. else: print "skipping request" print "Approval sent"