def view_cifs_share(request):
return_dict = {}
try:
template = 'logged_in_error.html'
if "ack" in request.GET:
if request.GET["ack"] == "ace_deleted":
return_dict['ack_message'] = "ACL entry successfully removed"
elif request.GET["ack"] == "aces_added":
return_dict['ack_message'] = "ACL entries successfully added"
elif request.GET["ack"] == "aces_modified":
return_dict['ack_message'] = "ACL entries successfully modified"
if request.method != "GET":
raise Exception("Incorrect access method. Please use the menus")
if "index" not in request.GET or "access_mode" not in request.GET:
raise Exception("Insufficient parameters. Please use the menus")
access_mode = request.GET["access_mode"]
index = request.GET["index"]
if "ack" in request.GET and request.GET["ack"] == "saved":
return_dict["ack_message"] = "Information updated successfully"
valid_users_list = None
share, err = cifs.get_share_info(access_mode, index)
if err:
raise Exception(err)
if not share:
raise Exception('Specified share not found')
aces, err = acl.get_all_aces(share['path'])
if err:
raise Exception(err)
minimal_aces, err = acl.get_minimal_aces(aces)
if err:
raise Exception(err)
user_aces, err = acl.get_ug_aces(aces, None, 'user')
if err:
raise Exception(err)
group_aces, err = acl.get_ug_aces(aces, None, 'group')
if err:
raise Exception(err)
return_dict['aces'] = aces
return_dict['minimal_aces'] = minimal_aces
if user_aces:
return_dict['user_aces'] = user_aces
if group_aces:
return_dict['group_aces'] = group_aces
return_dict["share"] = share
template = 'view_cifs_share.html'
return django.shortcuts.render_to_response(template, return_dict, context_instance=django.template.context.RequestContext(request))
except Exception, e:
return_dict['base_template'] = "storage_access_base.html"
return_dict["page_title"] = 'CIFS share details'
return_dict['tab'] = 'view_cifs_shares_tab'
return_dict["error"] = 'Error loading CIFS share details'
return_dict["error_details"] = str(e)
return django.shortcuts.render_to_response("logged_in_error.html", return_dict, context_instance=django.template.context.RequestContext(request))
def update_dir_permissions(request):
return_dict = {}
try:
if not "error" in return_dict:
if "ack" in request.GET:
if request.GET["ack"] == "ace_deleted":
return_dict['ack_message'] = "ACL entry successfully removed"
elif request.GET["ack"] == "aces_added":
return_dict['ack_message'] = "ACL entries successfully added"
elif request.GET["ack"] == "aces_modified":
return_dict['ack_message'] = "ACL entries successfully modified"
elif request.GET["ack"] == "created_dir":
return_dict['ack_message'] = "Directory successfully created"
elif request.GET["ack"] == "deleted_dir":
return_dict['ack_message'] = "Directory successfully deleted"
users, err = local_users.get_local_users()
if err:
raise Exception('Error retrieving local user list : %s' % err)
if not users:
raise Exception(
'No local users seem to be created. Please create at least one local user before performing this operation.')
groups, err = local_users.get_local_groups()
if err:
raise Exception('Error retrieving local group list : %s' % err)
if not groups:
raise Exception(
'No local groups seem to be created. Please create at least one local group before performing this operation.')
pools, err = zfs.get_pools()
ds_list = []
for pool in pools:
for ds in pool["datasets"]:
if ds['properties']['type']['value'] == 'filesystem':
ds_list.append(ds["name"])
if not ds_list:
raise Exception(
'No ZFS datasets available. Please create a dataset before creating shares.')
req_ret, err = django_utils.get_request_parameter_values(request, [
'path'])
if err:
raise Exception(err)
if 'path' not in req_ret:
path = "/" + pools[0]["datasets"][0]["name"]
else:
path = req_ret['path']
try:
stat_info = os.stat(path)
except Exception, e:
raise Exception('Error accessing specified path : %s' % str(e))
uid = stat_info.st_uid
gid = stat_info.st_gid
username = pwd.getpwuid(uid)[0]
grpname = grp.getgrgid(gid)[0]
return_dict["username"] = username
return_dict["grpname"] = grpname
aces, err = acl.get_all_aces(path)
if err:
raise Exception(err)
minimal_aces, err = acl.get_minimal_aces(aces)
if err:
raise Exception(err)
user_aces, err = acl.get_ug_aces(aces, None, 'user')
if err:
raise Exception(err)
group_aces, err = acl.get_ug_aces(aces, None, 'group')
if err:
raise Exception(err)
return_dict['aces'] = aces
return_dict['minimal_aces'] = minimal_aces
if user_aces:
return_dict['user_aces'] = user_aces
if group_aces:
return_dict['group_aces'] = group_aces
return_dict['path'] = path
return_dict["dataset"] = ds_list
if request.method == "GET":
# Shd be an edit request
# Set initial form values
initial = {}
initial['path'] = path
initial['owner_read'] = _owner_readable(stat_info)
initial['owner_write'] = _owner_writeable(stat_info)
initial['owner_execute'] = _owner_executeable(stat_info)
initial['group_read'] = _group_readable(stat_info)
initial['group_write'] = _group_writeable(stat_info)
initial['group_execute'] = _group_executeable(stat_info)
initial['other_read'] = _other_readable(stat_info)
initial['other_write'] = _other_writeable(stat_info)
initial['other_execute'] = _other_executeable(stat_info)
if 'dataset' in request.GET:
initial['dataset'] = request.GET['dataset']
form = folder_management_forms.SetFileOwnerAndPermissionsForm(
initial=initial, user_list=users, group_list=groups)
return_dict["form"] = form
return django.shortcuts.render_to_response('update_dir_permissions.html', return_dict, context_instance=django.template.context.RequestContext(request))
elif request.method == "POST":
path = request.POST.get("path")
# Shd be an save request
if request.POST.get("action") == "add_folder":
folder_name = request.POST.get("new_folder_name")
directory = path + "/" + folder_name
if not os.path.exists(directory):
os.makedirs(directory)
audit_str = "Creating %s" % directory
audit.audit("modify_dir_owner_permissions",
audit_str, request)
elif request.POST.get("action") == "delete_folder":
delete = "false"
if len(path.split("/")) > 2:
delete = "true"
# Need to also check if the path is a share or not. If share, dont delete again.
# Checking NFS
exports, err = nfs.load_exports_list()
if exports:
for export in exports:
print id(export["path"]), id(path)
if export["path"] == path:
delete = "false"
break
else:
delete = "true"
if delete:
print delete
# shutil.rmtree(path,ignore_errors=True)
audit_str = "Deleting directory %s" % path
audit.audit("modify_dir_owner_permissions",
audit_str, request)
else:
raise Exception(
"Cannot delete folder. It is either a dataset of a share")
else:
form = folder_management_forms.SetFileOwnerAndPermissionsForm(
request.POST, user_list=users, group_list=groups)
return_dict["form"] = form
if form.is_valid():
cd = form.cleaned_data
ret, err = file_processing.update_dir_ownership_and_permissions(
cd)
if not ret:
if err:
raise Exception(err)
else:
raise Exception(
"Error setting directory ownership/permissions.")
audit_str = "Modified directory ownsership/permissions for %s" % cd["path"]
audit.audit("modify_dir_owner_permissions",
audit_str, request)
return django.http.HttpResponseRedirect('/storage/update_dir_permissions/?ack=set_permissions')
else:
return django.shortcuts.render_to_response('update_dir_permissions.html', return_dict, context_instance=django.template.context.RequestContext(request))
username = '******'
try:
grpname = grp.getgrgid(gid)[0]
except Exception, e:
grpname = 'Unknown'
sticky_bit_enabled, err = _sticky_bit_enabled(path)
if err:
raise Exception(err)
return_dict["user_name"] = username
return_dict["grp_name"] = grpname
return_dict["sticky_bit_enabled"] = sticky_bit_enabled
aces, err = acl.get_all_aces(path)
if err:
raise Exception(err)
minimal_aces, err = acl.get_minimal_aces(aces)
if err:
raise Exception(err)
user_aces, err = acl.get_ug_aces(aces, None, 'user')
if err:
raise Exception(err)
group_aces, err = acl.get_ug_aces(aces, None, 'group')
if err:
raise Exception(err)
return_dict['aces'] = aces
return_dict['minimal_aces'] = minimal_aces
if user_aces:
return_dict['user_aces'] = user_aces
if group_aces:
return_dict['group_aces'] = group_aces
def update_aces(request):
return_dict = {}
try:
for_share = False
share_index = None
share_name = None
path = None
req_ret, err = django_utils.get_request_parameter_values(
request, ['for', 'path', 'share_index', 'share_name'])
if err:
raise Exception(err)
if 'for' in req_ret and req_ret['for'] == 'share':
for_share = True
if for_share:
return_dict['base_template'] = "storage_base.html"
return_dict['tab'] = 'view_cifs_shares_tab'
else:
return_dict['base_template'] = "storage_base.html"
return_dict['tab'] = 'dir_permissions_tab'
if 'path' not in req_ret:
raise Exception(
'Invalid request, please use the menus.')
if for_share:
if 'share_index' not in req_ret or 'share_name' not in req_ret:
raise Exception('Invalid request. Please use the menus.')
share_index = req_ret['share_index']
share_name = req_ret['share_name']
return_dict["share_index"] = share_index
return_dict["share_name"] = share_name
path = req_ret['path']
return_dict["path"] = path
aces, err = acl.get_all_aces(path)
if err:
raise Exception(err)
minimal_aces, err = acl.get_minimal_aces(aces)
if err:
raise Exception(err)
user_list, err = acl.get_ug_aces(aces, None, 'user')
if err:
raise Exception(err)
group_list, err = acl.get_ug_aces(aces, None, 'group')
if err:
raise Exception(err)
if request.method == "GET":
initial = {}
initial["path"] = path
if for_share:
initial["share_index"] = share_index
initial["share_name"] = share_name
form = samba_shares_forms.EditShareAcesForm(
initial=initial, user_list=user_list, group_list=group_list)
else:
form = folder_management_forms.EditAcesForm(
initial=initial, user_list=user_list, group_list=group_list)
return_dict["form"] = form
for ace in minimal_aces:
if ace[0] == 'user':
if ace[2][0] != '-':
form.initial['ou_r'] = True
if ace[2][1] != '-':
form.initial['ou_w'] = True
if ace[2][2] != '-':
form.initial['ou_x'] = True
if ace[0] == 'group':
if ace[2][0] != '-':
form.initial['og_r'] = True
if ace[2][1] != '-':
form.initial['og_w'] = True
if ace[2][2] != '-':
form.initial['og_x'] = True
if ace[0] == 'other':
if ace[2][0] != '-':
form.initial['ot_r'] = True
if ace[2][1] != '-':
form.initial['ot_w'] = True
if ace[2][2] != '-':
form.initial['ot_x'] = True
user_form_fields = {}
for user in user_list:
user_name = user[2]
user_form_fields[user_name] = (
form['user_%s_r' % user_name], form['user_%s_w' % user_name], form['user_%s_x' % user_name])
if user[3][0] != '-':
form.initial['user_%s_r' % user_name] = True
if user[3][1] != '-':
form.initial['user_%s_w' % user_name] = True
if user[3][2] != '-':
form.initial['user_%s_x' % user_name] = True
group_form_fields = {}
for group in group_list:
group_name = group[2]
group_form_fields[group_name] = (
form['group_%s_r' % group_name], form['group_%s_w' % group_name], form['group_%s_x' % group_name])
if group[3][0] != '-':
form.initial['group_%s_r' % group_name] = True
if group[3][1] != '-':
form.initial['group_%s_w' % group_name] = True
if group[3][2] != '-':
form.initial['group_%s_x' % group_name] = True
return_dict['user_form_fields'] = user_form_fields
return_dict['group_form_fields'] = group_form_fields
if for_share:
return django.shortcuts.render_to_response("update_cifs_aces.html", return_dict, context_instance=django.template.context.RequestContext(request))
else:
return django.shortcuts.render_to_response("update_dir_aces.html", return_dict, context_instance=django.template.context.RequestContext(request))
else:
if for_share:
form = samba_shares_forms.EditShareAcesForm(
request.POST, user_list=user_list, group_list=group_list)
else:
form = folder_management_forms.EditAcesForm(
request.POST, user_list=user_list, group_list=group_list)
return_dict["form"] = form
user_form_fields = {}
for user in user_list:
user_name = user[2]
user_form_fields[user_name] = (
form['user_%s_r' % user_name], form['user_%s_w' % user_name], form['user_%s_x' % user_name])
group_form_fields = {}
for group in group_list:
group_name = group[2]
group_form_fields[group_name] = (
form['group_%s_r' % group_name], form['group_%s_w' % group_name], form['group_%s_x' % group_name])
return_dict['user_form_fields'] = user_form_fields
return_dict['group_form_fields'] = group_form_fields
if form.is_valid():
cd = form.cleaned_data
if for_share:
share_index = cd['share_index']
share_name = cd['share_name']
ret, err = acl.update_ace_entries(path, cd)
if err:
raise Exception(err)
else:
if for_share:
return django.shortcuts.render_to_response("update_cifs_aces.html", return_dict, context_instance=django.template.context.RequestContext(request))
else:
return django.shortcuts.render_to_response("update_dir_aces.html", return_dict, context_instance=django.template.context.RequestContext(request))
if for_share:
audit_str = 'Modified ACL entries for CIFS share %s: ' % share_name
else:
audit_str = 'Modified ACL entries for directory %s: ' % path
audit.audit("edit_aces", audit_str, request)
if for_share:
return django.http.HttpResponseRedirect('/storage_access/view_cifs_share?access_mode=by_id&index=%s&ack=aces_modified' % share_index)
else:
return django.http.HttpResponseRedirect('/storage/view_dir_ownership_permissions?path=%s&ack=aces_modified' % path)
except Exception, e:
return_dict["page_title"] = 'Modify ACL entries'
return_dict["error"] = 'Error modifying ACL entries'
return_dict["error_details"] = str(e)
return django.shortcuts.render_to_response("logged_in_error.html", return_dict, context_instance=django.template.context.RequestContext(request))
def view_cifs_share(request):
return_dict = {}
try:
template = 'logged_in_error.html'
if "ack" in request.GET:
if request.GET["ack"] == "ace_deleted":
return_dict['ack_message'] = "ACL entry successfully removed"
elif request.GET["ack"] == "aces_added":
return_dict['ack_message'] = "ACL entries successfully added"
elif request.GET["ack"] == "aces_modified":
return_dict['ack_message'] = "ACL entries successfully modified"
if request.method != "GET":
raise Exception("Incorrect access method. Please use the menus")
if "index" not in request.GET or "access_mode" not in request.GET:
raise Exception("Insufficient parameters. Please use the menus")
access_mode = request.GET["access_mode"]
index = request.GET["index"]
if "ack" in request.GET and request.GET["ack"] == "saved":
return_dict["ack_message"] = "Information updated successfully"
valid_users_list = None
share, err = cifs.get_share_info(access_mode, index)
if err:
raise Exception(err)
if not share:
raise Exception('Specified share not found')
aces, err = acl.get_all_aces(share['path'])
if err:
raise Exception(err)
minimal_aces, err = acl.get_minimal_aces(aces)
if err:
raise Exception(err)
user_aces, err = acl.get_ug_aces(aces, None, 'user')
if err:
raise Exception(err)
group_aces, err = acl.get_ug_aces(aces, None, 'group')
if err:
raise Exception(err)
return_dict['aces'] = aces
return_dict['minimal_aces'] = minimal_aces
if user_aces:
return_dict['user_aces'] = user_aces
if group_aces:
return_dict['group_aces'] = group_aces
return_dict["share"] = share
template = 'view_cifs_share.html'
return django.shortcuts.render_to_response(template, return_dict, context_instance=django.template.context.RequestContext(request))
except Exception, e:
return_dict['base_template'] = "storage_access_base.html"
return_dict["page_title"] = 'CIFS share details'
return_dict['tab'] = 'view_cifs_shares_tab'
return_dict["error"] = 'Error loading CIFS share details'
return_dict["error_details"] = str(e)
return django.shortcuts.render_to_response("logged_in_error.html", return_dict, context_instance=django.template.context.RequestContext(request))
