Python run_iadmin 예제들, ids.utils.run_iadmin Python 예제들

예제 #1

0

파일 보기

파일: zones.py 프로젝트: INCF/ids-tools

def make_zone(zone_name, endpoint, comment=None):
    """
    This function calls iadmin mkzone to create a new
    remote zone definition. The endpoint is of the
    form hostname:port. It will also make sure that the
    zone path /zone_name is readable by the public
    group and (if it's configured) the anonymous user.

    On success make_zone will return a dict representing
    the new zone details. On failure, None will be returned.
    """

    if not zone_name or not endpoint:
        return None

    mkzone_args = [ zone_name, 'remote', endpoint ]
    if comment:
        mkzone_args.append(comment)
    if run_iadmin('mkzone', mkzone_args):
        return None

    # add the zone read ACLs.
    if run_iadmin('modzonecollacl', ['read', 'public', '/%s' % zone_name]):
        print('could not add "read" permission to "public" on zone %s' % zone_name)
    # ignore an error for the anonymous user, as this user is only optionally defined
    run_iadmin('modzonecollacl', ['read', 'anonymous', '/%s' % zone_name])

    newzone = get_zone_details(zone_name)

    return newzone[0]

예제 #2

0

파일 보기

파일: zones.py 프로젝트: INCF/ids-tools

def remove_zone(zone_name):
    """
    This function will remove a zone definition from icat.

    Returns 0 on success and -1 on error.
    """
    if not zone_name:
        return 0

    return run_iadmin('rmzone', [zone_name,])

예제 #3

0

파일 보기

파일: zones.py 프로젝트: INCF/ids-tools

def modify_zone(zone_name, endpoint=None, comment=None):
    """
    This function calls iadmin modzone to update a
    remote zone definition (endpoint or comment). The
    endpoint is of the form hostname:port. At this
    time, mod_zone will not support changing the zone name.

    On success mod_zone will return a dict representing
    the new zone details. On failure, None will be returned.
    """

    if not zone_name:
        return None

    if comment and run_iadmin('modzone', [zone_name, 'comment', comment]):
        return None

    if endpoint and run_iadmin('modzone', [zone_name, 'conn', endpoint]):
        return None

    zone = get_zone_details(zone_name)

    return zone[0]

예제 #4

0

파일 보기

파일: users.py 프로젝트: INCF/ids-tools

def synchronize_user_db(source_groups, dest_groups, remove=False, verbose=False):
    """
    This function compares the source of users/groups to the destination
    and makes any changes to the destination iRODS instance to make them
    the same.

    Takes as input two dictionaries that are indexed by group name. Each
    dictionary entry is a list of users that are members of the group.

    The remove flag indicates that items that don't exist in the source zone
    should be removed from the destination. Make sure this is false if you
    want to make sure that local changes to the user DB are retained.

    The verbose flag causes messages to be printed to indicate what
    synchronization stage is being performed.
    """

    if not source_groups or dest_groups == None:
        return None

    # remove groups locally that don't exist in IDS
    if remove:
        if verbose:
            print('Removing groups no longer defined in the source zone...')
        for group in dest_groups:
            if group not in source_groups:
                if run_iadmin('rmgroup', [ group, ], verbose=verbose):
                    if verbose:
                        print('\terror removing group %s' % (group,))
                    else:
                        if verbose:
                            print('\tremoved group %s' % (group,))

    # remove users that don't exist in IDS's ids-user group
    if remove:
        if verbose:
            print('Removing users that have been removed from \'ids-user\'...')
        if 'ids-user' in dest_groups:
            for user in dest_groups['ids-user']:
                if user not in source_groups['ids-user']:
                    zone_user = user + '#incf'
                    if run_iadmin('rmuser', [ zone_user, ], verbose=verbose):
                        if verbose:
                            print('\terror removing user %s' % (zone_user,))
                            print('\tThey might still own files in iRODS.')
                        else:
                            if verbose:
                                print('\tremoved user %s' % (zone_user,))


    # Additions

    # add groups from IDS that don't exist locally
    if verbose:
        print('Adding new source zone groups...')
    for group in source_groups:
        if group not in dest_groups:
            if run_iadmin('mkgroup', [ group, ], verbose=verbose):
                if verbose:
                    print('\terror adding new group %s' % (group,))
            else:
                dest_groups[group] = []
                if verbose:
                    print('\tadded new group %s' % (group,))

    # can happen on initial sync if there is an error adding ids-user above
    if 'ids-user' not in dest_groups:
        if verbose:
            print("\tCannot synchronize group 'ids-user'. It does not exist locally!")
        return None


    # add users from ids-user that don't exist locally
    if verbose:
        print('Adding new users from \'ids-user\'...')
    for user in source_groups['ids-user']:
        if user not in dest_groups['ids-user']:
            zone_user = user + '#incf'
            if run_iadmin('mkuser', [ zone_user, 'rodsuser' ], verbose=verbose):
                if verbose:
                    print('\terror adding new user %s' % (zone_user,))
            else:
                if verbose:
                    print('\tadded new user %s' % (zone_user,))
                if run_iadmin('atg', [ 'ids-user', zone_user ], verbose=verbose):
                    if verbose:
                        print('\terror adding %s to \'ids-user\' group' % (zone_user,))
                else:
                    if verbose:
                        print('\tadded %s to group \'ids-user\'' % (zone_user,))



    # Synchronize group membership (except for ids-user which has
    # already been processed)
    if verbose:
        print('Synchronizing group membership...')
    for group in source_groups:
        if group == 'ids-user':
            continue

        if group not in dest_groups:
            if verbose:
                print('\tCannot synchronize group %s. It does not exist locally.' % (group,))
            continue

        # remove user from group
        for user in dest_groups[group]:
            if remove and user not in source_groups[group]:
                zone_user = user + '#incf'
                if run_iadmin('rfg', [group, zone_user], verbose=verbose):
                    if verbose:
                        print('\terror removing %s from group %s' % (zone_user, group))
                else:
                    if verbose:
                        print('\tremoved user %s from group %s' % (zone_user, group))
                    
        # add users to group
        for user in source_groups[group]:
            if user not in dest_groups[group]:
                zone_user = user + '#incf'
                if run_iadmin('atg', [ group, zone_user], verbose=verbose):
                    if verbose:
                        print('\terror adding %s to group %s' % (zone_user, group))
                else:
                    if verbose:
                        print('\tadded user %s to group %s' % (zone_user, group))

    return 1