def _get_users(self, context): """Return all non-system Postgres users on the instance.""" results = pgutil.query( pgutil.UserQuery.list(ignore=cfg.get_ignored_users()), timeout=30, ) return [self._build_user(context, row[0].strip()) for row in results]
def _get_users(self, context): """Return all non-system Postgres users on the instance.""" results = pgutil.query( pgutil.UserQuery.list(ignore=cfg.get_ignored_users()), timeout=30, ) return [self._build_user(context, row[0].strip()) for row in results]
def list_users( self, context, limit=None, marker=None, include_marker=False, ): """List all users on the instance along with their access permissions. Return value is a list of dictionaries in the following form: [{"_name": "", "_password": None, "_host": None, "_databases": [{"_name": ""}, ...]}, ...] """ results = pgutil.query( pgutil.UserQuery.list(ignore=cfg.get_ignored_users( manager='postgresql')), timeout=30, ) # Convert results into dictionaries. results = ( { '_name': r[0].strip(), '_password': None, '_host': None, '_databases': self.list_access(context, r[0], None), } for r in results ) # Force __iter__ of generator until marker found. if marker is not None: try: item = results.next() while item['_name'] != marker: item = results.next() except StopIteration: pass remainder = None if limit is not None: remainder = results results = itertools.islice(results, limit) results = tuple(results) next_marker = None if remainder is not None: try: next_marker = remainder.next() except StopIteration: pass return results, next_marker
def list_users( self, context, limit=None, marker=None, include_marker=False, ): """List all users on the instance along with their access permissions. Return value is a list of dictionaries in the following form: [{"_name": "", "_password": None, "_host": None, "_databases": [{"_name": ""}, ...]}, ...] """ results = pgutil.query( pgutil.UserQuery.list(ignore=cfg.get_ignored_users( manager='postgresql')), timeout=30, ) # Convert results into dictionaries. results = ( { '_name': r[0].strip(), '_password': None, '_host': None, '_databases': self.list_access(context, r[0], None), } for r in results ) # Force __iter__ of generator until marker found. if marker is not None: try: item = next(results) while item['_name'] != marker: item = next(results) except StopIteration: pass remainder = None if limit is not None: remainder = results results = itertools.islice(results, limit) results = tuple(results) next_marker = None if remainder is not None: try: next_marker = next(remainder) except StopIteration: pass return results, next_marker
def list_users(self, limit=None, marker=None, include_marker=False): """Get a list of all users.""" users = [] with MongoDBClient(self._admin_user()) as admin_client: for user_info in admin_client.admin.system.users.find(): user = models.MongoDBUser(name=user_info['_id']) user.roles = user_info['roles'] if user.name not in cfg.get_ignored_users(manager='mongodb'): users.append(user.serialize()) LOG.debug('users = ' + str(users)) return pagination.paginate_list(users, limit, marker, include_marker)
def is_root_enabled(self, context): """Return True if there is a superuser account enabled. This ignores the built-in superuser of postgres and the potential system administration superuser of os_admin. """ results = pgutil.query( pgutil.UserQuery.list_root(ignore=cfg.get_ignored_users()), timeout=30, ) # Reduce iter of iters to iter of single values. results = (r[0] for r in results) return len(tuple(results)) > 0
def load_with_client(cls, client, limit, marker, include_marker): user_list, next_marker = client.list_users( limit=limit, marker=marker, include_marker=include_marker) model_users = [] for user in user_list: mysql_user = guest_models.MySQLUser.deserialize(user, verify=False) if mysql_user.name in cfg.get_ignored_users(): continue # TODO(hub-cap): databases are not being returned in the # reference agent dbs = [] for db in mysql_user.databases: dbs.append({'name': db['_name']}) model_users.append( User(mysql_user.name, mysql_user.host, mysql_user.password, dbs)) return model_users, next_marker
def load_with_client(cls, client, limit, marker, include_marker): user_list, next_marker = client.list_users( limit=limit, marker=marker, include_marker=include_marker) model_users = [] for user in user_list: mysql_user = guest_models.MySQLUser() mysql_user.deserialize(user) if mysql_user.name in cfg.get_ignored_users(): continue # TODO(hub-cap): databases are not being returned in the # reference agent dbs = [] for db in mysql_user.databases: dbs.append({'name': db['_name']}) model_users.append(User(mysql_user.name, mysql_user.host, mysql_user.password, dbs)) return model_users, next_marker
def _is_modifiable_user(self, name): if name in cfg.get_ignored_users(): return False elif name == system.COUCHDB_ADMIN_NAME: return False return True
def ignored_users(self): if self._is_root: return [] return cfg.get_ignored_users()
def list_users(self, limit=None, marker=None, include_marker=False): LOG.debug( "List all users for all the databases in a DB2 server instance.") users = [] user_map = {} next_marker = None count = 0 databases, marker = self.list_databases() for database in databases: db2_db = models.DatastoreSchema.deserialize(database) out = None try: out, err = run_command( system.LIST_DB_USERS % {'dbname': db2_db.name}) except exception.ProcessExecutionError: LOG.debug( "There was an error while listing users for database: %s." % db2_db.name) continue userlist = [] for item in out.split('\n'): LOG.debug("item = %r" % item) user = item.split() if item != "" else None LOG.debug("user = %r" % (user)) if (user is not None and (user[0] not in cfg.get_ignored_users() and user[1] == 'Y')): userlist.append(user[0]) result = iter(userlist) if marker is not None: try: item = next(result) while item != marker: item = next(result) if item == marker: marker = None except StopIteration: pass try: item = next(result) while item: ''' Check if the user has already been discovered. If so, add this database to the database list for this user. ''' if item in user_map: db2user = user_map.get(item) db2user.databases = db2_db.name item = next(result) continue ''' If this user was not previously discovered, then add this to the user's list. ''' count = count + 1 if (limit and count <= limit) or limit is None: db2_user = models.DatastoreUser(name=item, databases=db2_db.name) users.append(db2_user.serialize()) user_map.update({item: db2_user}) item = next(result) else: next_marker = None break except StopIteration: next_marker = None if count == limit: break return users, next_marker
def _is_modifiable_user(self, name): if ((name in cfg.get_ignored_users()) or name == system.MONGO_ADMIN_NAME): return False return True
def ignore_users(self): return cfg.get_ignored_users()
def ignore_users(self): return cfg.get_ignored_users(manager=MANAGER)
def is_reserved_id(self, user_id): user_id = self._to_canonical(user_id) return user_id in cfg.get_ignored_users()
def list_users(self, limit=None, marker=None, include_marker=False): """List users that have access to the database.""" ''' SELECT User, Host, Marker FROM (SELECT User, Host, CONCAT(User, '@', Host) as Marker FROM mysql.user ORDER BY 1, 2) as innerquery WHERE Marker > :marker ORDER BY Marker LIMIT :limit; ''' LOG.debug("---Listing Users---") ignored_user_names = "'%s'" % "', '".join(cfg.get_ignored_users()) LOG.debug( "The following user names are on ignore list and will " "be omitted from the listing: %s", ignored_user_names) users = [] with self.local_sql_client(self.mysql_app.get_engine()) as client: iq = sql_query.Query() # Inner query. iq.columns = ['User', 'Host', "CONCAT(User, '@', Host) as Marker"] iq.tables = ['mysql.user'] iq.order = ['User', 'Host'] innerquery = str(iq).rstrip(';') oq = sql_query.Query() # Outer query. oq.columns = ['User', 'Host', 'Marker'] oq.tables = ['(%s) as innerquery' % innerquery] oq.where = [ "Host != 'localhost'", "User NOT IN (" + ignored_user_names + ")" ] oq.order = ['Marker'] if marker: oq.where.append( "Marker %s '%s'" % (INCLUDE_MARKER_OPERATORS[include_marker], marker)) if limit: oq.limit = limit + 1 t = text(str(oq)) result = client.execute(t) next_marker = None LOG.debug("result = %s", str(result)) for count, row in enumerate(result): if limit is not None and count >= limit: break LOG.debug("user = %s", str(row)) mysql_user = models.MySQLUser(name=row['User'], host=row['Host']) mysql_user.check_reserved() self._associate_dbs(mysql_user) next_marker = row['Marker'] users.append(mysql_user.serialize()) if limit is not None and result.rowcount <= limit: next_marker = None LOG.debug("users = %s", str(users)) return users, next_marker
def __init__(self): self._name = None self._host = None self._password = None self._databases = [] self._ignore_users = cfg.get_ignored_users()
def ignore_users(self): return cfg.get_ignored_users(manager=MANAGER)
def ignore_users(self): return cfg.get_ignored_users()
def ignored_users(self): if self._is_root: return [] return cfg.get_ignored_users()
def list_users(self, limit=None, marker=None, include_marker=False): LOG.debug( "List all users for all the databases in a DB2 server instance.") users = [] user_map = {} next_marker = None count = 0 databases, marker = self.list_databases() for database in databases: db2_db = models.MySQLDatabase() db2_db.deserialize(database) out = None try: out, err = run_command(system.LIST_DB_USERS % {'dbname': db2_db.name}) except exception.ProcessExecutionError: LOG.debug( "There was an error while listing users for database: %s." % db2_db.name) continue userlist = [] for item in out.split('\n'): LOG.debug("item = %r" % item) user = item.split() if item != "" else None LOG.debug("user = %r" % (user)) if (user is not None and (user[0] not in cfg.get_ignored_users(manager='db2') and user[1] == 'Y')): userlist.append(user[0]) result = iter(userlist) if marker is not None: try: item = next(result) while item != marker: item = next(result) if item == marker: marker = None except StopIteration: pass try: item = next(result) db2db = models.MySQLDatabase() db2db.name = db2_db.name while item: ''' Check if the user has already been discovered. If so, add this database to the database list for this user. ''' if item in user_map: db2user = user_map.get(item) db2user.databases.append(db2db.serialize()) item = next(result) continue ''' If this user was not previously discovered, then add this to the user's list. ''' count = count + 1 if (limit and count <= limit) or limit is None: db2_user = models.MySQLUser() db2_user.name = item db2_user.databases.append(db2db.serialize()) users.append(db2_user.serialize()) user_map.update({item: db2_user}) item = next(result) else: next_marker = None break except StopIteration: next_marker = None if count == limit: break return users, next_marker
def _is_modifiable_user(self, name): if name in cfg.get_ignored_users(manager=MANAGER): return False elif name == system.COUCHDB_ADMIN_NAME: return False return True
def __init__(self): self._name = None self._host = None self._password = None self._databases = [] self._ignore_users = cfg.get_ignored_users()
def is_reserved_id(self, user_id): return user_id in cfg.get_ignored_users()
def _is_modifiable_user(self, name): if ((name in cfg.get_ignored_users()) or name == system.MONGO_ADMIN_NAME): return False return True
def list_users(self, limit=None, marker=None, include_marker=False): """List users that have access to the database.""" ''' SELECT User, Host, Marker FROM (SELECT User, Host, CONCAT(User, '@', Host) as Marker FROM mysql.user ORDER BY 1, 2) as innerquery WHERE Marker > :marker ORDER BY Marker LIMIT :limit; ''' LOG.debug("---Listing Users---") ignored_user_names = "'%s'" % "', '".join(cfg.get_ignored_users()) LOG.debug("The following user names are on ignore list and will " "be omitted from the listing: %s" % ignored_user_names) users = [] with self.local_sql_client(self.mysql_app.get_engine()) as client: iq = sql_query.Query() # Inner query. iq.columns = ['User', 'Host', "CONCAT(User, '@', Host) as Marker"] iq.tables = ['mysql.user'] iq.order = ['User', 'Host'] innerquery = str(iq).rstrip(';') oq = sql_query.Query() # Outer query. oq.columns = ['User', 'Host', 'Marker'] oq.tables = ['(%s) as innerquery' % innerquery] oq.where = [ "Host != 'localhost'", "User NOT IN (" + ignored_user_names + ")"] oq.order = ['Marker'] if marker: oq.where.append("Marker %s '%s'" % (INCLUDE_MARKER_OPERATORS[include_marker], marker)) if limit: oq.limit = limit + 1 t = text(str(oq)) result = client.execute(t) next_marker = None LOG.debug("result = " + str(result)) for count, row in enumerate(result): if limit is not None and count >= limit: break LOG.debug("user = "******"users = " + str(users)) return users, next_marker