class Groups: """Represents interface for manipulating user groups""" def __init__(self, host = 'gangamd.cern.ch', port = 8822, login = '******', password = '', keepalive = False, reqSSL = True, **kwds): self._client = MDClient(host = host, port = port, login = login, password = password, keepalive = keepalive) if reqSSL: fn = getGridProxyPath() key = kwds.get('key') if not key: key = fn cert = kwds.get('cert') if not cert: cert = fn self._client.requireSSL(key, cert) self._client.connect() #----------------------------------------------------------------------- def grpCreate(self, groupname): """Creates a new group with name groupname. It is not possible to create groups beloning to others.""" res = [] cmd = 'grp_create ' + groupname self._client.execute(cmd) #----------------------------------------------------------------------- def grpDelete(self, groupname): """Deletes a group with name groupname (user:groupname). Only root can delete groups of other users""" cmd = 'grp_delete ' + groupname self._client.execute(cmd) #----------------------------------------------------------------------- def grpShow(self, groupname): """Shows all the members belonging to group gropname.""" res = [] cmd = 'grp_show ' + groupname self._client.execute(cmd) while not self._client.eot(): row = self._client.fetchRow() if DEBUG: print row res.append(row) return res #----------------------------------------------------------------------- def grpAddUser(self, groupname, user): """Adds a user to a group. Only owners of a group or root can change group membership""" cmd = 'grp_adduser ' + groupname + ' ' + user self._client.execute(cmd) #----------------------------------------------------------------------- def grpRemoveUser(self, groupname, user): """Removes a user from a group. Only owners of a group or root can change group membership""" cmd = 'grp_removeuser ' + groupname + ' ' + user self._client.execute(cmd) #----------------------------------------------------------------------- def grpMember(self, user = ''): """Shows to which groups a user belongs""" res = [] cmd = 'grp_member' if user: cmd += ' ' + user self._client.execute(cmd) while not self._client.eot(): row = self._client.fetchRow() if DEBUG: print row res.append(row) return res #----------------------------------------------------------------------- def grpList(self, user = ''): """Shows the groups owned by user, by default the current user""" res = [] cmd = 'grp_list' if user: cmd += ' ' + user self._client.execute(cmd) while not self._client.eot(): row = self._client.fetchRow() if DEBUG: print row res.append(row) return res
class Collections: """Represents interface for manipulating collections (directories)""" def __init__(self, host = 'gangamd.cern.ch', port = 8822, login = '******', password = '', keepalive = False, reqSSL = True, **kwds): self._client = MDClient(host = host, port = port, login = login, password = password, keepalive = keepalive) if reqSSL: fn = getGridProxyPath() key = kwds.get('key') if not key: key = fn cert = kwds.get('cert') if not cert: cert = fn self._client.requireSSL(key, cert) self._client.connect() #----------------------------------------------------------------------- def createDir(self, dir): """Creates the directory dir if it does not yet exist but parent dir already exist""" self._client.createDir(dir) #----------------------------------------------------------------------- def listDir(self, dir): """Returns names of all subdirectories in the directory dir""" res = [] self._client.listEntries(dir) while not self._client.eot(): d, t = self._client.getEntry() if DEBUG: print d, t[0] if t[0] == 'collection': res.append(d) return res #----------------------------------------------------------------------- def statDir(self, dir): """Returns owner and owner-permissions for the directory dir""" res = [] cmd = 'stat ' + dir self._client.execute(cmd) while not self._client.eot(): row = self._client.fetchRow() if DEBUG: print row res.append(row) return res #----------------------------------------------------------------------- def removeDir(self, dir): """Removes all directories matching path. Directories are only deleted if they are empty and they have no attributes defined""" self._client.removeDir(dir) #----------------------------------------------------------------------- def pwd(self): """Returns the current directory""" return self._client.pwd() #----------------------------------------------------------------------- def cd(self, dir): """Changes the current directory to the given directory""" self._client.cd(dir) #----------------------------------------------------------------------- def chown(self, dir, new_owner): """Changes the owner of the directory""" cmd = 'chown ' + dir + ' ' + new_owner self._client.execute(cmd) #----------------------------------------------------------------------- def chmod(self, dir, new_permissions): """Changes owner permidssions for the directory. The format of new_permissions is rwx, where "-" signs can be substituted for the letters if certain priviledges have to be ommitted""" cmd = 'chmod ' + dir + ' ' + new_permissions self._client.execute(cmd) #----------------------------------------------------------------------- def aclAdd(self, dir, group, rights): """Adds group rights to the dir ACL. The format of the group user:groupname. The format of rights is rwx""" cmd = 'acl_add ' + dir + ' ' + group + ' ' + rights self._client.execute(cmd) #----------------------------------------------------------------------- def aclRemove(self, dir, group): """Removes group from the dir ACL. The format of the group user:groupname""" cmd = 'acl_remove ' + dir + ' ' + group self._client.execute(cmd) #----------------------------------------------------------------------- def aclShow(self, dir): """Shows the dir ACL""" res = [] cmd = 'acl_show ' + dir self._client.execute(cmd) while not self._client.eot(): row = self._client.fetchRow() if DEBUG: print row res.append(row.split(' ')) return res
class UserDB: """Represents db interface for user management""" def __init__(self, host = 'gangamd.cern.ch', port = 8822, login = '******', password = '', keepalive = False, reqSSL = True, **kwds): self._client = MDClient(host = host, port = port, login = login, password = password, keepalive = keepalive) if reqSSL: fn = getGridProxyPath() key = kwds.get('key') if not key: key = fn cert = kwds.get('cert') if not cert: cert = fn self._client.requireSSL(key, cert) self._client.connect() #----------------------------------------------------------------------- def userList(self): """Lists all users known to the authentication subsustem""" res = [] cmd = 'user_list' self._client.execute(cmd) while not self._client.eot(): row = self._client.fetchRow() if DEBUG: print row res.append(row) return res #----------------------------------------------------------------------- def userListCred(self, user): """Lists the credentials with which the user can be authenticated""" res = [] cmd = 'user_listcred ' + user self._client.execute(cmd) while not self._client.eot(): row = self._client.fetchRow() if DEBUG: print row res.append(row) return res #----------------------------------------------------------------------- def userCreate(self, user, password = ''): """Creates a new user and assigns a password if given.""" cmd = 'user_create ' + user if password: cmd += ' ' + password self._client.execute(cmd) #----------------------------------------------------------------------- def userRemove(self, user): """Deletes a user""" cmd = 'user_remove ' + user self._client.execute(cmd) #----------------------------------------------------------------------- def userPasswordChange(self, user, password): """Changes the password of a user""" cmd = 'user_password_change ' + user + ' ' + password self._client.execute(cmd) #----------------------------------------------------------------------- def userSubjectAdd(self, user, subject): """Adds a certificate identified by its subject line to be used to authenticate a user""" cmd = 'user_subject_add ' + user + ' ' + '\'' + subject + '\'' self._client.execute(cmd)
class BackUp: """Represents interface to back up user directories, users and groups""" def __init__( self, host="gangamd.cern.ch", port=8822, login="******", password="", keepalive=False, reqSSL=True, **kwds ): self._client = MDClient(host=host, port=port, login=login, password=password, keepalive=keepalive) if reqSSL: fn = getGridProxyPath() key = kwds.get("key") if not key: key = fn cert = kwds.get("cert") if not cert: cert = fn self._client.requireSSL(key, cert) self._client.connect() # ----------------------------------------------------------------------- def dump(self, dir): """Returns list of commands needed to resore directory dir""" res = [] cmd = "dump " + dir self._client.execute(cmd) while not self._client.eot(): row = self._client.fetchRow() if DEBUG: print row res.append(row) return res # ----------------------------------------------------------------------- def dumpToFile(self, dir, filename): """Dumps directory dir to a file filename""" res = self.dump(dir) ff = file(filename, "w") try: for cmd in res: cmd = cmd + "\n" ff.write(cmd) finally: ff.close() if DEBUG: ff = file(filename, "r") try: cmds = ff.readlines() finally: ff.close() for cmd in cmds: print cmd[:-1] # ----------------------------------------------------------------------- def restoreFromFile(self, dir, filename): """Restores content of a directory dir from a file""" ff = file(filename, "r") try: cmds = ff.readlines() finally: ff.close() pwd = self._client.pwd() self._client.cd(dir) try: for cmd in cmds: try: cmd = cmd[:-1] # remove newline character if DEBUG: print "executing command:\n" + cmd + "\n" self._client.execute(cmd) except Exception, e: print str(e) finally: self._client.cd(pwd)