예제 #1
0
파일: forms.py 프로젝트: Emergya/gecoscc-ui
 def save(self, admin_user):
     self.collection.insert(admin_user)
     admin_user['plain_password'] = self.cstruct['password']
     settings = get_current_registry().settings
     user = self.request.user
     api = get_chef_api(settings, user)
     try:
         create_chef_admin_user(api, settings, admin_user['username'])
         self.created_msg(_('User created successfully'))
         return True
     except ChefServerError as e:
         self.created_msg(e.message, 'danger')
         self.collection.remove({'username': admin_user['username']})
         raise e
예제 #2
0
파일: forms.py 프로젝트: n1mh/gecoscc-ui
 def save(self, admin_user):
     self.collection.insert(admin_user)
     admin_user['plain_password'] = self.cstruct['password']
     settings = get_current_registry().settings
     user = self.request.user
     api = get_chef_api(settings, user)
     try:
         create_chef_admin_user(api, settings, admin_user['username'])
         self.created_msg(_('User created successfully'))
         return True
     except ChefServerError as e:
         self.created_msg(e.message, 'danger')
         self.collection.remove({'username': admin_user['username']})
         raise e
    def command(self):
        api = _get_chef_api(self.settings.get('chef.url'),
                            toChefUsername(self.options.chef_username),
                            self.options.chef_pem)
        try:
            api['/users/%s' % toChefUsername(self.options.username)]
            print "The username %s already exists in the chef sever" % toChefUsername(self.options.username)
            sys.exit(1)
        except ChefServerNotFoundError:
            pass

        chef_password = self.create_password("Insert the chef password, the spaces will be stripped",
                                             "The generated password to chef server is: {0}")
        try:
            create_chef_admin_user(api, self.settings, toChefUsername(self.options.username), chef_password)
        except ChefServerError, e:
            print "User not created in chef, error was: %s" % e
            sys.exit(1)
예제 #4
0
    def command(self):
        api = _get_chef_api(self.settings.get('chef.url'),
                            toChefUsername(self.options.chef_username),
                            self.options.chef_pem)
        try:
            api['/users/%s' % toChefUsername(self.options.username)]
            print "The username %s already exists in the chef sever" % toChefUsername(
                self.options.username)
            sys.exit(1)
        except ChefServerNotFoundError:
            pass

        chef_password = self.create_password(
            "Insert the chef password, the spaces will be stripped",
            "The generated password to chef server is: {0}")
        try:
            create_chef_admin_user(api, self.settings,
                                   toChefUsername(self.options.username),
                                   chef_password)
        except ChefServerError, e:
            print "User not created in chef, error was: %s" % e
            sys.exit(1)
예제 #5
0
    def command(self):
        api = _get_chef_api(self.settings.get('chef.url'),
                            toChefUsername(self.options.chef_username),
                            self.options.chef_pem,
                            self.settings.get('chef.ssl.verify'),
                            self.settings.get('chef.version'))
        try:
            api['/users/%s' % toChefUsername(self.options.username)]
            print("The username %s already exists in the chef sever" %
                  (toChefUsername(self.options.username)))
            sys.exit(1)
        except ChefServerNotFoundError:
            pass

        chef_password = self.create_password(
            "Insert the chef password, the spaces will be stripped",
            "The generated password to chef server is: {0}")
        try:
            create_chef_admin_user(api, self.settings,
                                   toChefUsername(self.options.username),
                                   chef_password, self.options.email)
        except ChefServerError as e:
            print("User not created in chef, error was: %s" % e)
            sys.exit(1)

        print("User %s created in chef server" %
              toChefUsername(self.options.username))

        if int(self.settings.get('chef.version').split('.')[0]) >= 12:
            if os.path.isfile('/opt/opscode/bin/chef-server-ctl') is True:
                # Include the user in the "server-admins" group
                cmd = [
                    '/opt/opscode/bin/chef-server-ctl',
                    'grant-server-admin-permissions',
                    toChefUsername(self.options.username)
                ]
                if subprocess.call(cmd) != 0:
                    print('ERROR: error adding the administrator to '
                          '"server-admins" chef group')
                    sys.exit(1)
            else:
                # Chef 12 /opt/opscode/bin/chef-server-ctl does not exists
                # in the system
                # This usually is because Chef and GECOS CC are installed in
                # different machines
                print("NOTICE: Please remember to grant server admin "
                      "permissions to this user by executing the following "
                      "command in Chef 12 server:")
                print("%s %s %s" % ('/opt/opscode/bin/chef-server-ctl',
                                    'grant-server-admin-permissions',
                                    toChefUsername(self.options.username)))

            # Add the user to the default organization
            try:
                data = {"user": toChefUsername(self.options.username)}
                response = api.api_request(
                    'POST',
                    '/organizations/default/association_requests',
                    data=data)
                association_id = response["uri"].split("/")[-1]

                api.api_request(
                    'PUT',
                    '/users/%s/association_requests/%s' %
                    (toChefUsername(self.options.username), association_id),
                    data={"response": 'accept'})

            except ChefServerError as e:
                print("User not added to default organization in chef,",
                      "error was: %s" % e)
                sys.exit(1)

            # Add the user to the default organization's admins group
            try:
                admins_group = api['/organizations/default/groups/admins']
                admins_group['users'].append(
                    toChefUsername(self.options.username))
                api.api_request('PUT',
                                '/organizations/default/groups/admins',
                                data={
                                    "groupname": admins_group["groupname"],
                                    "actors": {
                                        "users": admins_group['users'],
                                        "groups": admins_group["groups"]
                                    }
                                })

            except ChefServerError as e:
                print("User not added to default organization's admins group"\
                      " in chef, error was: %s" % e)
                sys.exit(1)

            print("User %s set as administrator in the default organization"\
                  " chef server" % toChefUsername(self.options.username))

        gcc_password = self.create_password(
            "Insert the GCC password, the spaces will be stripped",
            "The generated password to GCC is: {0}")
        try:
            self.pyramid.userdb.create_user(
                self.options.username, gcc_password, self.options.email,
                {'is_superuser': self.options.is_superuser})
        except UserAlreadyExists:
            print("The user already exists in mongo")
        else:
            print("User %s created in mongo" % self.options.username)
예제 #6
0
    def command(self):
        api = _get_chef_api(self.settings.get('chef.url'),
                            toChefUsername(self.options.chef_username),
                            self.options.chef_pem, False, self.settings.get('chef.version'))
                            
        print '============ CHECKING ADMINISTRATOR USERS ============='                  
        # Check if all the GECOS CC administrators
        # are properly created in Chef 12
        admin_users = self.pyramid.userdb.list_users()
        for admin_user in admin_users:
            print 'Checking admin user: %s'%(admin_user['username'])
            
            # The email must be unique
            users_with_email = self.pyramid.userdb.list_users({'email': admin_user['email']})
            if users_with_email.count() > 1:
                print "ERROR: more than one user with this email: %s"%(admin_user['email'])

            # Get the Chef user
            chef_user = None
            try:
                chef_user = api['/users/%s' % toChefUsername(admin_user['username'])]
            except ChefServerNotFoundError:
                pass            
                            
            if chef_user is None:
                # No chef user found
                print "WARNING: No Chef user found. We will try to create it!"
                
                chef_password = password_generator()
                try:
                    create_chef_admin_user(api, self.settings, toChefUsername(admin_user['username']), chef_password, admin_user['email'])
                except ChefServerError, e:
                    print "ERROR: User not created in chef, error was: %s" % e
                    print "(Check /opt/opscode/embedded/service/opscode-erchef/log/requests.log* for more info)"
                    sys.exit(1)                
                            
                chef_user = api['/users/%s' % toChefUsername(admin_user['username'])]

            # Check the email of the chef user
            if chef_user['email'] != admin_user['email']:
                print "WARNING: The chef user email and the GECOS CC user email doesn't match!"
                print "Try to change the chef user email!"
                chef_user['email'] = admin_user['email']
                api.api_request('PUT', '/users/%s'%(toChefUsername(admin_user['username'])), data=chef_user)                
            
            # Check if the administrator belongs to the "admins" group in the "default" organization
            admins_group = None
            try:
                admins_group = api['/organizations/default/groups/admins']
            except ChefServerNotFoundError:
                pass             
                
            if not toChefUsername(admin_user['username']) in admins_group['users']:
                print "WARNING: GECOS administrator is not a chef administrator for the default organization. We will try to change this!"
                
                # Check if exists an association request for this user
                assoc_requests = None
                try:
                    assoc_requests = api['/organizations/default/association_requests']
                except ChefServerNotFoundError:
                    pass                    
                
                association_id = None
                for req in assoc_requests:
                    if req["username"] == toChefUsername(admin_user['username']):
                        association_id = req["id"]
                
                if association_id is None:
                    # Set an association request for the user in that organization
                    try:
                        data = {"user": toChefUsername(admin_user['username'])}
                        response = api.api_request('POST', '/organizations/default/association_requests', data=data) 
                        association_id = response["uri"].split("/")[-1]
                    except ChefServerError:
                        # Association already exists?
                        pass                    

                if association_id is not None:
                    # Accept the association request
                    api.api_request('PUT', '/users/%s/association_requests/%s'%(toChefUsername(admin_user['username']), association_id),  data={ "response": 'accept' }) 

                # Add the user to the group
                admins_group['users'].append(toChefUsername(admin_user['username']))
                api.api_request('PUT', '/organizations/default/groups/admins', data={ "groupname": admins_group["groupname"], 
                    "actors": {
                        "users": admins_group['users'],
                        "groups": admins_group["groups"]
                    }
                    }) 
예제 #7
0
    def command(self):
        api = _get_chef_api(self.settings.get('chef.url'),
                            toChefUsername(self.options.chef_username),
                            self.options.chef_pem, False,
                            self.settings.get('chef.version'))

        print '============ CHECKING ADMINISTRATOR USERS ============='
        # Check if all the GECOS CC administrators
        # are properly created in Chef 12
        admin_users = self.pyramid.userdb.list_users()
        for admin_user in admin_users:
            print 'Checking admin user: %s' % (admin_user['username'])

            # The email must be unique
            users_with_email = self.pyramid.userdb.list_users(
                {'email': admin_user['email']})
            if users_with_email.count() > 1:
                print "ERROR: more than one user with this email: %s" % (
                    admin_user['email'])

            # Get the Chef user
            chef_user = None
            try:
                chef_user = api['/users/%s' %
                                toChefUsername(admin_user['username'])]
            except ChefServerNotFoundError:
                pass

            if chef_user is None:
                # No chef user found
                print "WARNING: No Chef user found. We will try to create it!"

                chef_password = password_generator()
                try:
                    create_chef_admin_user(
                        api, self.settings,
                        toChefUsername(admin_user['username']), chef_password,
                        admin_user['email'])
                except ChefServerError, e:
                    print "ERROR: User not created in chef, error was: %s" % e
                    print "(Check /opt/opscode/embedded/service/opscode-erchef/log/requests.log* for more info)"
                    sys.exit(1)

                chef_user = api['/users/%s' %
                                toChefUsername(admin_user['username'])]

            # Check the email of the chef user
            if chef_user['email'] != admin_user['email']:
                print "WARNING: The chef user email and the GECOS CC user email doesn't match!"
                print "Try to change the chef user email!"
                chef_user['email'] = admin_user['email']
                api.api_request('PUT',
                                '/users/%s' %
                                (toChefUsername(admin_user['username'])),
                                data=chef_user)

            # Check if the administrator belongs to the "admins" group in the "default" organization
            admins_group = None
            try:
                admins_group = api['/organizations/default/groups/admins']
            except ChefServerNotFoundError:
                pass

            if not toChefUsername(
                    admin_user['username']) in admins_group['users']:
                print "WARNING: GECOS administrator is not a chef administrator for the default organization. We will try to change this!"

                # Check if exists an association request for this user
                assoc_requests = None
                try:
                    assoc_requests = api[
                        '/organizations/default/association_requests']
                except ChefServerNotFoundError:
                    pass

                association_id = None
                for req in assoc_requests:
                    if req["username"] == toChefUsername(
                            admin_user['username']):
                        association_id = req["id"]

                if association_id is None:
                    # Set an association request for the user in that organization
                    try:
                        data = {"user": toChefUsername(admin_user['username'])}
                        response = api.api_request(
                            'POST',
                            '/organizations/default/association_requests',
                            data=data)
                        association_id = response["uri"].split("/")[-1]
                    except ChefServerError:
                        # Association already exists?
                        pass

                if association_id is not None:
                    # Accept the association request
                    api.api_request(
                        'PUT',
                        '/users/%s/association_requests/%s' % (toChefUsername(
                            admin_user['username']), association_id),
                        data={"response": 'accept'})

                # Add the user to the group
                admins_group['users'].append(
                    toChefUsername(admin_user['username']))
                api.api_request('PUT',
                                '/organizations/default/groups/admins',
                                data={
                                    "groupname": admins_group["groupname"],
                                    "actors": {
                                        "users": admins_group['users'],
                                        "groups": admins_group["groups"]
                                    }
                                })