class RightsModule(MigrationModule): CONF_PATH = 'etc/migration/rights.conf' CATEGORY = 'RIGHTS' def __init__( self, actions_path=None, users_path=None, roles_path=None, *args, **kwargs ): super(RightsModule, self).__init__(*args, **kwargs) self.logger = Logger.get('migrationtool', MigrationModule.LOG_PATH) self.config = Configuration.load(RightsModule.CONF_PATH, Ini) conf = self.config.get(self.CATEGORY, {}) self.manager = Rights() if actions_path is not None: actions_path = actions_path else: actions_path = conf.get('actions_path', DEFAULT_ACTIONS_PATH) self.actions_path = os.path.expanduser(actions_path) if users_path is not None: users_path = users_path else: users_path = conf.get('users_path', DEFAULT_USERS_PATH) self.users_path = os.path.expanduser(users_path) if roles_path is not None: roles_path = roles_path else: roles_path = conf.get('roles_path', DEFAULT_ROLES_PATH) self.roles_path = os.path.expanduser(roles_path) def init(self, clear=True, yes=False): self.add_actions(self.load(self.actions_path), clear) self.add_users(self.load(self.users_path), clear) self.add_roles(self.load(self.roles_path), clear) def update(self, yes=False): self.init(clear=False) def load(self, path): try: loaded = [] for fpath in os.listdir(path): if fpath.endswith('.json'): fullpath = os.path.join(path, fpath) with open(fullpath) as f: data = ensure_iterable(json.load(f)) loaded += data except Exception as err: self.logger.error(u'Unable to load JSON files "{0}": {1}'.format( path, err )) loaded = [] return loaded def add_actions(self, data, clear): for action in data: for aid in action: if self.manager.get_action(aid) is None or clear: self.logger.info(u'Initialize action: {0}'.format(aid)) self.manager.add( aid, action[aid].get('desc', 'Empty description') ) def add_users(self, data, clear): for user in data: if self.manager.get_user(user['_id']) is None or clear: self.logger.info(u'Initialize user: {0}'.format(user['_id'])) self.manager.create_user( user['_id'], user.get('role', None), rights=user.get('rights', None), contact=user.get('contact', None), groups=user.get('groups', None) ) self.manager.update_fields( user['_id'], 'user', { 'external': user.get('external', False), 'enable': user.get('enable', True), 'shadowpasswd': user.get('shadowpass', None), 'mail': user.get('mail', None), 'authkey': user.get('authkey', str(uuid1())) } ) def add_roles(self, data, clear): for role in data: if self.manager.get_role(role['_id']) is None or clear: self.logger.info(u'Initialize role: {0}'.format(role['_id'])) self.manager.create_role( role['_id'], role.get('profile', None) ) self.logger.info(u'Updating role: {0}'.format(role['_id'])) record = self.manager.get_role(role['_id']) rights = record.get('rights', {}) groups = record.get('groups', []) rights.update(role.get('rights', {})) groups += role.get('groups', []) groups = list(set(groups)) # make groups unique self.manager.update_rights(role['_id'], 'role', rights, record) self.manager.update_group(role['_id'], 'role', groups, record) self.manager.update_fields(role['_id'], 'role', {"defaultview": role.get("defaultview", None)})
class RightsModule(MigrationModule): CONF_PATH = 'etc/migration/rights.conf' CATEGORY = 'RIGHTS' def __init__(self, actions_path=None, users_path=None, roles_path=None, *args, **kwargs): super(RightsModule, self).__init__(*args, **kwargs) self.logger = Logger.get('migrationtool', MigrationModule.LOG_PATH) self.config = Configuration.load(RightsModule.CONF_PATH, Ini) conf = self.config.get(self.CATEGORY, {}) self.manager = Rights() if actions_path is not None: actions_path = actions_path else: actions_path = conf.get('actions_path', DEFAULT_ACTIONS_PATH) self.actions_path = os.path.expanduser(actions_path) if users_path is not None: users_path = users_path else: users_path = conf.get('users_path', DEFAULT_USERS_PATH) self.users_path = os.path.expanduser(users_path) if roles_path is not None: roles_path = roles_path else: roles_path = conf.get('roles_path', DEFAULT_ROLES_PATH) self.roles_path = os.path.expanduser(roles_path) def init(self, clear=True, yes=False): self.add_actions(self.load(self.actions_path), clear) self.add_users(self.load(self.users_path), clear) self.add_roles(self.load(self.roles_path), clear) def update(self, yes=False): self.init(clear=False) def load(self, path): try: loaded = [] for fpath in os.listdir(path): if fpath.endswith('.json'): fullpath = os.path.join(path, fpath) with open(fullpath) as f: data = ensure_iterable(json.load(f)) loaded += data except Exception as err: self.logger.error(u'Unable to load JSON files "{0}": {1}'.format( path, err)) loaded = [] return loaded def add_actions(self, data, clear): for action in data: for aid in action: if self.manager.get_action(aid) is None or clear: self.logger.info(u'Initialize action: {0}'.format(aid)) self.manager.add( aid, action[aid].get('desc', 'Empty description')) def add_users(self, data, clear): for user in data: if self.manager.get_user(user['_id']) is None or clear: self.logger.info(u'Initialize user: {0}'.format(user['_id'])) self.manager.create_user(user['_id'], user.get('role', None), rights=user.get('rights', None), contact=user.get('contact', None), groups=user.get('groups', None)) self.manager.update_fields( user['_id'], 'user', { 'external': user.get('external', False), 'enable': user.get('enable', True), 'shadowpasswd': user.get('shadowpass', None), 'mail': user.get('mail', None), 'authkey': user.get('authkey', str(uuid1())) }) def add_roles(self, data, clear): for role in data: if self.manager.get_role(role['_id']) is None or clear: self.logger.info(u'Initialize role: {0}'.format(role['_id'])) self.manager.create_role(role['_id'], role.get('profile', None)) self.logger.info(u'Updating role: {0}'.format(role['_id'])) record = self.manager.get_role(role['_id']) rights = record.get('rights', {}) groups = record.get('groups', []) rights.update(role.get('rights', {})) groups += role.get('groups', []) groups = list(set(groups)) # make groups unique self.manager.update_rights(role['_id'], 'role', rights, record) self.manager.update_group(role['_id'], 'role', groups, record) self.manager.update_fields( role['_id'], 'role', {"defaultview": role.get("defaultview", None)})
class RightsModule(MigrationModule): @property def actions_path(self): if not hasattr(self, '_actions_path'): self.actions_path = None return self._actions_path @actions_path.setter def actions_path(self, value): if value is None: value = '~/opt/mongodb/load.d/rights/actions_ids' self._actions_path = os.path.expanduser(value) @property def users_path(self): if not hasattr(self, '_users_path'): self.users_path = None return self._users_path @users_path.setter def users_path(self, value): if value is None: value = '~/opt/mongodb/load.d/rights/default_users' self._users_path = os.path.expanduser(value) @property def roles_path(self): if not hasattr(self, '_roles_path'): self.roles_path = None return self._roles_path @roles_path.setter def roles_path(self, value): if value is None: value = '~/opt/mongodb/load.d/rights/default_roles' self._roles_path = os.path.expanduser(value) def __init__( self, actions_path=None, users_path=None, roles_path=None, *args, **kwargs ): super(RightsModule, self).__init__(*args, **kwargs) self.manager = Rights() if actions_path is not None: self.actions_path = actions_path if users_path is not None: self.users_path = users_path if roles_path is not None: self.roles_path = roles_path def init(self, clear=True): self.add_actions(self.load(self.actions_path), clear) self.add_users(self.load(self.users_path), clear) self.add_roles(self.load(self.roles_path), clear) def update(self): self.init(clear=False) def load(self, path): try: loaded = [] for fpath in os.listdir(path): if fpath.endswith('.json'): fullpath = os.path.join(path, fpath) with open(fullpath) as f: data = ensure_iterable(json.load(f)) loaded += data except Exception as err: self.logger.error(u'Unable to load JSON files "{0}": {1}'.format( path, err )) loaded = [] return loaded def add_actions(self, data, clear): for action in data: for aid in action: if self.manager.get_action(aid) is None or clear: self.logger.info(u'Initialize action: {0}'.format(aid)) self.manager.add( aid, action[aid].get('desc', 'Empty description') ) def add_users(self, data, clear): for user in data: if self.manager.get_user(user['_id']) is None or clear: self.logger.info(u'Initialize user: {0}'.format(user['_id'])) self.manager.create_user( user['_id'], user.get('role', None), rights=user.get('rights', None), contact=user.get('contact', None), groups=user.get('groups', None) ) self.manager.update_fields( user['_id'], 'user', { 'external': user.get('external', False), 'enable': user.get('enable', True), 'shadowpasswd': user.get('shadowpass', None), 'mail': user.get('mail', None), 'authkey': user.get('authkey', str(uuid1())) } ) def add_roles(self, data, clear): for role in data: if self.manager.get_role(role['_id']) is None or clear: self.logger.info(u'Initialize role: {0}'.format(role['_id'])) self.manager.create_role( role['_id'], role.get('profile', None) ) self.logger.info(u'Updating role: {0}'.format(role['_id'])) record = self.manager.get_role(role['_id']) rights = record.get('rights', {}) groups = record.get('groups', []) rights.update(role.get('rights', {})) groups += role.get('groups', []) groups = list(set(groups)) # make groups unique self.manager.update_rights(role['_id'], 'role', rights, record) self.manager.update_group(role['_id'], 'role', groups, record)