예제 #1
0
 def put(self):
     node_id = self.request.POST.get('node_id')
     computer = self.collection.find_one({'node_chef_id': node_id})
     if not computer:
         return {'ok': False, 'message': 'Computer does not exists'}
     apply_policies_to_computer(self.collection, computer,
                                self.request.user)
     invalidate_change(self.request, computer)
     return {'ok': True}
예제 #2
0
 def put(self):
     node_id = self.request.POST.get('node_id')
     computer = self.collection.find_one({'node_chef_id': node_id})
     if not computer:
         return {'ok': False,
                 'message': 'Computer does not exists'}
     apply_policies_to_computer(self.collection, computer, self.request.user)
     invalidate_change(self.request, computer)
     return {'ok': True}
예제 #3
0
 def notify_refresh_policies(self, obj):
     object_refresh_policies.delay(self.request.user, self.objtype, obj)
     invalidate_change(self.request, obj)
예제 #4
0
 def notify_changed(self, obj, old_obj):
     if obj['path'] != old_obj['path']:
         object_moved.delay(self.request.user, self.objtype, obj, old_obj)
     else:
         object_changed.delay(self.request.user, self.objtype, obj, old_obj)
         invalidate_change(self.request, obj)
예제 #5
0
 def notify_refresh_policies(self, obj):
     object_refresh_policies.delay(self.request.user, self.objtype, obj)
     invalidate_change(self.request, obj)
예제 #6
0
 def notify_changed(self, obj, old_obj):
     if obj['path'] != old_obj['path']:
         object_moved.delay(self.request.user, self.objtype, obj, old_obj)
     else:
         object_changed.delay(self.request.user, self.objtype, obj, old_obj)
         invalidate_change(self.request, obj)
예제 #7
0
    def check_users(self, chef_node, api):
        node_collection = self.request.db.nodes

        users_old = self.get_attr(chef_node, USERS_OLD)
        users = self.get_attr(chef_node, USERS_OHAI)
        node_id = chef_node.name
        node = node_collection.find_one({'node_chef_id': node_id,
                                         'type': 'computer'})
        if not node:
            return {'ok': False,
                    'message': 'This node does not exist (mongodb)'}

        users_recalculate_policies = []
        reload_clients = False
        for chef_user in users:
            username = chef_user['username']
            if chef_user in users_old or chef_user.get('sudo', False):
                continue
            user = node_collection.find_one({'name': username,
                                             'type': 'user',
                                             'path': get_filter_in_domain(node)})
            if not user:
                user_model = User()
                user = user_model.serialize({'name': username,
                                             'path': node.get('path', ''),
                                             'type': 'user',
                                             'lock': node.get('lock', ''),
                                             'source': node.get('source', '')})

                user = update_computers_of_user(self.request.db, user, api)

                del user['_id']
                user_id = node_collection.insert(user)
                user = node_collection.find_one({'_id': user_id})
                reload_clients = True
                users_recalculate_policies.append(user)
            else:
                computers = user.get('computers', [])
                if node['_id'] not in computers:
                    computers.append(node['_id'])
                    node_collection.update({'_id': user['_id']}, {'$set': {'computers': computers}})
                    users_recalculate_policies.append(user)
                    add_computer_to_user(node['_id'], user['_id'])
                    invalidate_change(self.request, user)

        users_remove_policies = []

        for chef_user in users_old:
            username = chef_user['username']
            if chef_user in users or chef_user.get('sudo', False):
                continue
            user = node_collection.find_one({'name': username,
                                             'type': 'user',
                                             'path': get_filter_in_domain(node)})
            computers = user['computers'] if user else []
            if node['_id'] in computers:
                users_remove_policies.append(deepcopy(user))
                computers.remove(node['_id'])
                node_collection.update({'_id': user['_id']}, {'$set': {'computers': computers}})
                invalidate_change(self.request, user)

        if reload_clients:
            update_tree(node.get('path', ''))

        chef_node.normal.set_dotted(USERS_OLD, users)
        save_node_and_free(chef_node)

        for user in users_recalculate_policies:
            apply_policies_to_user(node_collection, user, self.request.user)

        for user in users_remove_policies:
            remove_policies_of_computer(user, node, self.request.user)

        return {'ok': True}
예제 #8
0
    def check_users(self, chef_node):
        node_collection = self.request.db.nodes

        users_old = self.get_attr(chef_node, USERS_OLD)
        users = self.get_attr(chef_node, USERS_OHAI)
        node_id = chef_node.name
        node = node_collection.find_one({'node_chef_id': node_id,
                                         'type': 'computer'})
        if not node:
            return {'ok': False,
                    'message': 'This node does not exist (mongodb)'}

        users_recalculate_policies = []
        reload_clients = False
        for chef_user in users:
            username = chef_user['username']
            if chef_user in users_old or chef_user.get('sudo', False):
                continue
            user = node_collection.find_one({'name': username,
                                             'type': 'user',
                                             'path': get_filter_in_domain(node)})
            if not user:
                user_model = User()
                user = user_model.serialize({'name': username,
                                             'path': node.get('path', ''),
                                             'type': 'user',
                                             'lock': node.get('lock', ''),
                                             'source': node.get('source', '')})
                user['computers'].append(node['_id'])
                del user['_id']
                user_id = node_collection.insert(user)
                user = node_collection.find_one({'_id': user_id})
                reload_clients = True
                users_recalculate_policies.append(user)
            else:
                computers = user.get('computers', [])
                if node['_id'] not in computers:
                    computers.append(node['_id'])
                    node_collection.update({'_id': user['_id']}, {'$set': {'computers': computers}})
                    users_recalculate_policies.append(user)
                    add_computer_to_user(node['_id'], user['_id'])
                    invalidate_change(self.request, user)

        users_remove_policies = []

        for chef_user in users_old:
            username = chef_user['username']
            if chef_user in users or chef_user.get('sudo', False):
                continue
            user = node_collection.find_one({'name': username,
                                             'type': 'user',
                                             'path': get_filter_in_domain(node)})
            computers = user['computers']
            if node['_id'] in computers:
                users_remove_policies.append(deepcopy(user))
                computers.remove(node['_id'])
                node_collection.update({'_id': user['_id']}, {'$set': {'computers': computers}})
                invalidate_change(self.request, user)

        if reload_clients:
            update_tree(node.get('path', ''))

        chef_node.normal.set_dotted('ohai_gecos.users_old', users)
        save_node_and_free(chef_node)

        for user in users_recalculate_policies:
            apply_policies_to_user(node_collection, user, self.request.user)

        for user in users_remove_policies:
            remove_policies_of_computer(user, node, self.request.user)

        return {'ok': True}