def add(request):
if request.method == 'POST':
form = UserForm(request.POST)
if form.is_valid():
data = form.cleaned_data
userapi = UserAPI()
roleapi = RoleAPI()
try:
userapi.create(data['login'],
password=data['password'],
name=data['name'])
messages.success(request,
"Created user %s (%s)" %
(data['name'], data['login']))
except ServerRequestError, err:
messages.error(request,
"Failed to create user %s (%s): %s" %
(data['name'], data['login'], err[1]))
return dict(form=form)
for role in data['roles']:
try:
roleapi.add_user(role, data['login'])
messages.success(request,
"Added role %s to user %s" %
(role, data['name']))
except ServerRequestError, err:
messages.error(request,
"Failed to add role %s to user %s: %s" %
(role, data['name'], err[1]))
return HttpResponseRedirect(reverse('sponge.views.users.list'))
class PulpAuthentication():
""" Authenticates against the Pulp server in the Pulp client
config (/etc/pulp/client.conf) """
supports_object_permissions = False
supports_anonymous_user = False
supports_inactive_user = False
def __init__(self):
self.server = get_pulp_server()
self.userapi = UserAPI()
def authenticate(self, username, password=None):
""" authenticate a user """
try:
self.server.set_basic_auth_credentials(username, password)
logging.info("Successfully logged in with password")
cert = self.userapi.admin_certificate()
bundle = SpongeBundle(username)
bundle.write(cert)
self.server = get_pulp_server(new=True)
self.server.set_ssl_credentials(bundle.crtpath())
udata = self.userapi.user(username)
logger.info("%s logged in successfully" % username)
except server.ServerRequestError, err:
logger.warning("Login failure for %s: %s" % (username, err[1]))
return None
except Exception, err:
logger.warning(traceback.format_exc())
return None
def view(request, login=None):
userapi = UserAPI()
user = user_utils.get_user(login)
if request.method == 'POST':
form = UserForm(request.POST, user=user)
if form.is_valid():
success = True
delta = dict(name=form.cleaned_data['name'])
if form.cleaned_data['password']:
delta['password'] = form.cleaned_data['password']
try:
userapi.update(login, delta)
messages.success(request,
"Updated user information for %s" %
user['name'])
except ServerRequestError, err:
success = False
messages.error(request,
"Failed to update user information for %s: %s" %
(user['name'], err[1]))
roleapi = RoleAPI()
orig = [r
for r in form.cleaned_data['orig_roles'].splitlines()
if r]
new = [r for r in form.cleaned_data['roles'] if r]
to_remove = [r for r in orig if r not in new]
for role in to_remove:
try:
roleapi.remove_user(role, login)
messages.success(request,
"Removed role %s from user %s" %
(role, user['name']))
except ServerRequestError, err:
success = False
messages.error(request,
"Failed to remove role %s from user %s: %s"
% (role, user['name'], err[1]))
to_add = [r for r in new if r not in orig]
for role in to_add:
try:
roleapi.add_user(role, login)
messages.success(request,
"Added role %s to user %s" %
(role, user['name']))
except ServerRequestError, err:
success = False
messages.error(request,
"Failed to add role %s to user %s: %s" %
(role, user['name'], err[1]))
def delete(request, login=None):
userapi = UserAPI()
user = userapi.user(login)
if request.method == 'POST':
form = DeleteOkayForm(request.POST)
if form.is_valid():
try:
userapi.delete(login=login)
messages.success(request,
"Deleted user %s (%s)" %
(user['name'], user['login']))
return \
HttpResponseRedirect(reverse('sponge.views.users.list'))
except ServerRequestError, err:
messages.error(request,
"Failed to delete user %s (%s): %s"
(user['name'], user['login'], err[1]))
def setup_pulp(self):
""" instantiate pulp server object and log in """
config = ConsumerConfig()
userapi = UserAPI()
serveropts = config.server
pulpserver = server.PulpServer(serveropts['host'],
int(serveropts['port']),
serveropts['scheme'],
serveropts['path'])
server.set_active_server(pulpserver)
bundle = SpongeBundle(SpongeConfig.get("scheduler_username"))
try:
server.active_server.set_basic_auth_credentials(SpongeConfig.get("scheduler_username"),
SpongeConfig.get("scheduler_password"))
crt = userapi.admin_certificate()
bundle.write(crt)
except server.ServerRequestError, err:
self.stderr.write("Could not authenticate to Pulp: %s\n" % err[1])
self.stderr.write("Ensure that the scheduler username and password are set properly in Sponge\n")
raise SystemExit(1)
def list_users():
users = getattr(threading.local(), "users", None)
if users is None:
users = dict()
userapi = UserAPI()
consumerapi = ConsumerAPI()
for user in userapi.users():
if user['roles'] == ['consumer-users']:
# this might be a consumer, but the only way to know
# for sure is to try to load it as a consumer
try:
consumerapi.consumer(user['login'])
# yes, this is a consumer. ignore it.
continue
except ServerRequestError:
pass
if 'name' not in user or not user['name']:
user['name'] = user['login']
elif 'name' in user and isinstance(user['name'], list):
user['name'] = user['name'][0]
users[user['login']] = user
setattr(threading.local(), "users", users)
return users
def get_pulp_server(user=None, new=False):
""" set up a pulp client server instance """
if new or not isinstance(server.active_server, server.Server):
config = ConsumerConfig()
pulpserver = server.PulpServer(config.server['host'],
int(config.server['port']),
config.server['scheme'],
config.server['path'])
server.set_active_server(pulpserver)
if user:
bundle = SpongeBundle(user)
if os.path.exists(bundle.crtpath()):
server.active_server.set_ssl_credentials(bundle.crtpath())
else:
raise IOError("No Pulp certificate found for %s at %s" %
(user, bundle.crtpath()))
# make a quick and easy API call to verify that the session is
# still active
userapi = UserAPI()
userapi.user(user)
return server.active_server
def __init__(self):
self.server = get_pulp_server()
self.userapi = UserAPI()
