Python EnforcePermission 예제들

예제 #1

파일: ensure_dirs.py 프로젝트: nh2/ganeti-test-1

def RecursiveEnsure(path, uid, gid, dir_perm, file_perm):
    """Ensures permissions recursively down a directory.

  This functions walks the path and sets permissions accordingly.

  @param path: The absolute path to walk
  @param uid: The uid used as owner
  @param gid: The gid used as group
  @param dir_perm: The permission bits set for directories
  @param file_perm: The permission bits set for files

  """
    assert os.path.isabs(path), "Path %s is not absolute" % path
    assert os.path.isdir(path), "Path %s is not a dir" % path

    logging.debug("Recursively processing %s", path)

    for root, dirs, files in os.walk(path):
        for subdir in dirs:
            utils.EnforcePermission(os.path.join(root, subdir),
                                    dir_perm,
                                    uid=uid,
                                    gid=gid)

        for filename in files:
            utils.EnforcePermission(os.path.join(root, filename),
                                    file_perm,
                                    uid=uid,
                                    gid=gid)

예제 #2

파일: ganeti.utils.io_unittest.py 프로젝트: sajalcody/ganeti

 def testEnforcePermissionChangeMode(self):
     utils.EnforcePermission("/ganeti-qa-non-test",
                             0o444,
                             _stat_fn=_MockStatResult(None, 0o600, 0, 0),
                             _chmod_fn=self._ChmodWrapper(None),
                             _chown_fn=self._FakeChown)
     self.assertEqual(self._chmod_calls.pop(0),
                      ("/ganeti-qa-non-test", 0o444))

예제 #3

    def testGroupCanRead(self):
        target = utils.PathJoin(self.tmpdir, "target2")
        f = open(target, "w")
        f.close()
        utils.EnforcePermission(target,
                                0o040,
                                uid=self.confdUid,
                                gid=self.masterdGid)
        self.assertFalse(utils.CanRead(constants.CONFD_USER, target))
        if constants.CONFD_USER != constants.MASTERD_USER:
            self.assertTrue(utils.CanRead(constants.MASTERD_USER, target))

        utils.EnforcePermission(target,
                                0o040,
                                uid=self.masterdUid + 1,
                                gid=self.masterdGid)
        self.assertTrue(utils.CanRead(constants.MASTERD_USER, target))

예제 #4

파일: ganeti.utils.io_unittest.py 프로젝트: sajalcody/ganeti

 def testEnforcePermissionNoEntMustNotExist(self):
     utils.EnforcePermission("/ganeti-qa-non-test",
                             0o600,
                             must_exist=False,
                             _chmod_fn=NotImplemented,
                             _chown_fn=NotImplemented,
                             _stat_fn=_MockStatResult(
                                 _RaiseNoEntError, 0, 0, 0))

예제 #5

파일: ganeti.utils.io_unittest.py 프로젝트: sajalcody/ganeti

 def testEnforcePermissionSetUidGid(self):
     utils.EnforcePermission("/ganeti-qa-non-test",
                             0o600,
                             uid=self.UID_B,
                             gid=self.GID_B,
                             _stat_fn=_MockStatResult(
                                 None, 0o600, self.UID_A, self.GID_A),
                             _chmod_fn=self._ChmodWrapper(None),
                             _chown_fn=self._FakeChown)
     self.assertEqual(self._chown_calls.pop(0),
                      ("/ganeti-qa-non-test", self.UID_B, self.GID_B))

예제 #6

파일: ensure_dirs.py 프로젝트: kawamuray/ganeti

def EnsureQueueDir(path, mode, uid, gid):
  """Sets the correct permissions on all job files in the queue.

  @param path: Directory path
  @param mode: Wanted file mode
  @param uid: Wanted user ID
  @param gid: Wanted group ID

  """
  for filename in utils.ListVisibleFiles(path):
    if constants.JOB_FILE_RE.match(filename):
      utils.EnforcePermission(utils.PathJoin(path, filename), mode, uid=uid,
                              gid=gid)

예제 #7

파일: ensure_dirs.py 프로젝트: kawamuray/ganeti

def ProcessPath(path):
  """Processes a path component.

  @param path: A tuple of the path component to process

  """
  (pathname, pathtype, mode, uid, gid) = path[0:5]

  assert pathtype in ALL_TYPES

  if pathtype in (DIR, QUEUE_DIR):
    # No additional parameters
    assert len(path) == 5
    if pathtype == DIR:
      utils.MakeDirWithPerm(pathname, mode, uid, gid)
    elif pathtype == QUEUE_DIR:
      EnsureQueueDir(pathname, mode, uid, gid)
  elif pathtype == FILE:
    (must_exist, ) = path[5:]
    utils.EnforcePermission(pathname, mode, uid=uid, gid=gid,
                            must_exist=must_exist)

예제 #8

파일: ganeti.utils.io_unittest.py 프로젝트: sajalcody/ganeti

 def testEnforcePermissionNoChanges(self):
     utils.EnforcePermission("/ganeti-qa-non-test",
                             0o600,
                             _stat_fn=_MockStatResult(None, 0o600, 0, 0),
                             _chmod_fn=self._ChmodWrapper(None),
                             _chown_fn=self._FakeChown)