def config_validator():
"""
config_validator() -> [ (config_variable, error_message) ]
Called by core check_config() view.
"""
from desktop.lib import i18n
res = [ ]
if not SECRET_KEY.get():
res.append((SECRET_KEY, unicode(_("Secret key should be configured as a random string."))))
# Validate SSL setup
if SSL_CERTIFICATE.get():
res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
if not SSL_PRIVATE_KEY.get():
res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
else:
res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))
# Validate encoding
if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))
# Validate kerberos
if KERBEROS.HUE_KEYTAB.get() is not None:
res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
# Keytab should not be world or group accessible
kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
if stat.S_IMODE(kt_stat.st_mode) & 0077:
res.append((KERBEROS.HUE_KEYTAB,
unicode(_("Keytab should have 0600 permissions (has %o).") %
stat.S_IMODE(kt_stat.st_mode))))
res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))
if LDAP.NT_DOMAIN.get() is not None or \
LDAP.LDAP_USERNAME_PATTERN.get() is not None:
if LDAP.LDAP_URL.get() is None:
res.append((LDAP.LDAP_URL,
unicode(_("LDAP is only partially configured. An LDAP URL must be provided."))))
if LDAP.LDAP_URL.get() is not None:
if LDAP.NT_DOMAIN.get() is None and \
LDAP.LDAP_USERNAME_PATTERN.get() is None:
res.append((LDAP.LDAP_URL,
unicode(_("LDAP is only partially configured. An NT Domain or username "
"search pattern must be provided."))))
if LDAP.LDAP_USERNAME_PATTERN.get() is not None and \
'<username>' not in LDAP.LDAP_USERNAME_PATTERN.get():
res.append(LDAP.LDAP_USERNAME_PATTERN,
unicode(_("The LDAP username pattern should contain the special"
"<username> replacement string for authentication.")))
return res
def config_validator(user):
"""
config_validator() -> [ (config_variable, error_message) ]
Called by core check_config() view.
"""
from desktop.lib import i18n
res = []
if not SECRET_KEY.get():
res.append(
(
SECRET_KEY,
unicode(_("Secret key should be configured as a random string. All sessions will be lost on restart")),
)
)
# Validate SSL setup
if SSL_CERTIFICATE.get():
res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
if not SSL_PRIVATE_KEY.get():
res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
else:
res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))
# Validate encoding
if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))
# Validate kerberos
if KERBEROS.HUE_KEYTAB.get() is not None:
res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
# Keytab should not be world or group accessible
kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
if stat.S_IMODE(kt_stat.st_mode) & 0077:
res.append(
(
KERBEROS.HUE_KEYTAB,
force_unicode(_("Keytab should have 0600 permissions (has %o).") % stat.S_IMODE(kt_stat.st_mode)),
)
)
res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))
if LDAP.LDAP_SERVERS.get():
for ldap_record_key in LDAP.LDAP_SERVERS.get():
res.extend(validate_ldap(user, LDAP.LDAP_SERVERS.get()[ldap_record_key]))
else:
res.extend(validate_ldap(user, LDAP))
# Validate MYSQL storage engine of all tables
res.extend(validate_mysql_storage())
return res
def config_validator(user):
"""
config_validator() -> [ (config_variable, error_message) ]
Called by core check_config() view.
"""
from desktop.lib import i18n
res = [ ]
if not SECRET_KEY.get():
res.append((SECRET_KEY, unicode(_("Secret key should be configured as a random string."))))
# Validate SSL setup
if SSL_CERTIFICATE.get():
res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
if not SSL_PRIVATE_KEY.get():
res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
else:
res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))
# Validate encoding
if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))
# Validate kerberos
if KERBEROS.HUE_KEYTAB.get() is not None:
res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
# Keytab should not be world or group accessible
kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
if stat.S_IMODE(kt_stat.st_mode) & 0077:
res.append((KERBEROS.HUE_KEYTAB,
unicode(_("Keytab should have 0600 permissions (has %o).") %
stat.S_IMODE(kt_stat.st_mode))))
res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))
if LDAP.LDAP_URL.get() is None:
res.append((LDAP.LDAP_URL,
unicode(_("LDAP is only partially configured. An LDAP URL must be provided."))))
if LDAP.BIND_DN.get():
if LDAP.BIND_PASSWORD.get() is None:
res.append((LDAP.BIND_PASSWORD,
unicode(_("If you set bind_dn, then you must set bind_password."))))
return res
def config_validator(user):
"""
config_validator() -> [ (config_variable, error_message) ]
Called by core check_config() view.
"""
from desktop.lib import i18n
res = []
if not get_secret_key():
res.append((SECRET_KEY, unicode(_("Secret key should be configured as a random string. All sessions will be lost on restart"))))
# Validate SSL setup
if SSL_CERTIFICATE.get():
res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
if not SSL_PRIVATE_KEY.get():
res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
else:
res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))
# Validate encoding
if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))
# Validate kerberos
if KERBEROS.HUE_KEYTAB.get() is not None:
res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
# Keytab should not be world or group accessible
kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
if stat.S_IMODE(kt_stat.st_mode) & 0077:
res.append((KERBEROS.HUE_KEYTAB,
force_unicode(_("Keytab should have 0600 permissions (has %o).") %
stat.S_IMODE(kt_stat.st_mode))))
res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))
if LDAP.LDAP_SERVERS.get():
for ldap_record_key in LDAP.LDAP_SERVERS.get():
res.extend(validate_ldap(user, LDAP.LDAP_SERVERS.get()[ldap_record_key]))
else:
res.extend(validate_ldap(user, LDAP))
# Validate MYSQL storage engine of all tables
res.extend(validate_database())
return res
def config_validator(user):
"""
config_validator() -> [ (config_variable, error_message) ]
Called by core check_config() view.
"""
from desktop.lib import i18n
res = [ ]
if not SECRET_KEY.get():
res.append((SECRET_KEY, unicode(_("Secret key should be configured as a random string."))))
# Validate SSL setup
if SSL_CERTIFICATE.get():
res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
if not SSL_PRIVATE_KEY.get():
res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
else:
res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))
# Validate encoding
if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))
# Validate kerberos
if KERBEROS.HUE_KEYTAB.get() is not None:
res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
# Keytab should not be world or group accessible
kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
if stat.S_IMODE(kt_stat.st_mode) & 0077:
res.append((KERBEROS.HUE_KEYTAB,
unicode(_("Keytab should have 0600 permissions (has %o).") %
stat.S_IMODE(kt_stat.st_mode))))
res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))
if LDAP.LDAP_URL.get() is None:
res.append((LDAP.LDAP_URL,
unicode(_("LDAP is only partially configured. An LDAP URL must be provided."))))
if LDAP.BIND_DN.get():
if LDAP.BIND_PASSWORD.get() is None:
res.append((LDAP.BIND_PASSWORD,
unicode(_("If you set bind_dn, then you must set bind_password."))))
return res
def config_validator():
"""
config_validator() -> [ (config_variable, error_message) ]
Called by core check_config() view.
"""
from desktop.lib import i18n
res = []
if not SECRET_KEY.get():
res.append((SECRET_KEY,
"Secret key should be configured as a random string."))
# Validate SSL setup
if SSL_CERTIFICATE.get():
res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
if not SSL_PRIVATE_KEY.get():
res.append((SSL_PRIVATE_KEY,
"SSL private key file should be set to enable HTTPS."))
else:
res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))
# Validate encoding
if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
res.append((DEFAULT_SITE_ENCODING, "Encoding not supported."))
# Validate kerberos
if KERBEROS.HUE_KEYTAB.get() is not None:
res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
# Keytab should not be world or group accessible
kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
if stat.S_IMODE(kt_stat.st_mode) & 0077:
res.append((KERBEROS.HUE_KEYTAB,
"Keytab should have 0600 permissions (has %o)" %
stat.S_IMODE(kt_stat.st_mode)))
res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))
for broken_app in appmanager.BROKEN_APPS:
res.append(('Working Hadoop',
'App %s requires Hadoop but Hadoop is not present.' %
(broken_app, )))
return res
def config_validator():
"""
config_validator() -> [ (config_variable, error_message) ]
Called by core check_config() view.
"""
from desktop.lib import i18n
res = [ ]
if not SECRET_KEY.get():
res.append((SECRET_KEY, "Secret key should be configured as a random string."))
# Validate SSL setup
if SSL_CERTIFICATE.get():
res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
if not SSL_PRIVATE_KEY.get():
res.append((SSL_PRIVATE_KEY, "SSL private key file should be set to enable HTTPS."))
else:
res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))
# Validate encoding
if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
res.append((DEFAULT_SITE_ENCODING, "Encoding not supported."))
# Validate kerberos
if KERBEROS.HUE_KEYTAB.get() is not None:
res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
# Keytab should not be world or group accessible
kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
if stat.S_IMODE(kt_stat.st_mode) & 0077:
res.append((KERBEROS.HUE_KEYTAB,
"Keytab should have 0600 permissions (has %o)" %
stat.S_IMODE(kt_stat.st_mode)))
res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))
for broken_app in appmanager.BROKEN_APPS:
res.append(('Working Hadoop', 'App %s requires Hadoop but Hadoop is not present.' % (broken_app,)))
return res
def config_validator(user):
"""
config_validator() -> [ (config_variable, error_message) ]
Called by core check_config() view.
"""
from desktop.lib import i18n
res = [ ]
if not SECRET_KEY.get():
res.append((SECRET_KEY, unicode(_("Secret key should be configured as a random string."))))
# Validate SSL setup
if SSL_CERTIFICATE.get():
res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
if not SSL_PRIVATE_KEY.get():
res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
else:
res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))
# Validate encoding
if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))
# Validate kerberos
if KERBEROS.HUE_KEYTAB.get() is not None:
res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
# Keytab should not be world or group accessible
kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
if stat.S_IMODE(kt_stat.st_mode) & 0077:
res.append((KERBEROS.HUE_KEYTAB,
force_unicode(_("Keytab should have 0600 permissions (has %o).") %
stat.S_IMODE(kt_stat.st_mode))))
res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))
if LDAP.SEARCH_BIND_AUTHENTICATION.get():
if LDAP.LDAP_URL.get() is not None and bool(LDAP.BIND_DN.get()) != bool(LDAP.BIND_PASSWORD.get()):
if LDAP.BIND_DN.get() == None:
res.append((LDAP.BIND_DN,
unicode(_("If you set bind_password, then you must set bind_dn."))))
else:
res.append((LDAP.BIND_PASSWORD,
unicode(_("If you set bind_dn, then you must set bind_password."))))
else:
if LDAP.NT_DOMAIN.get() is not None or \
LDAP.LDAP_USERNAME_PATTERN.get() is not None:
if LDAP.LDAP_URL.get() is None:
res.append((LDAP.LDAP_URL,
unicode(_("LDAP is only partially configured. An LDAP URL must be provided."))))
if LDAP.LDAP_URL.get() is not None:
if LDAP.NT_DOMAIN.get() is None and \
LDAP.LDAP_USERNAME_PATTERN.get() is None:
res.append((LDAP.LDAP_URL,
unicode(_("LDAP is only partially configured. An NT Domain or username "
"search pattern must be provided."))))
if LDAP.LDAP_USERNAME_PATTERN.get() is not None and \
'<username>' not in LDAP.LDAP_USERNAME_PATTERN.get():
res.append((LDAP.LDAP_USERNAME_PATTERN,
unicode(_("The LDAP username pattern should contain the special"
"<username> replacement string for authentication."))))
return res
