Пример #1
0
 def group(self, **kw):
     activities = GroupActivity.all()
     activity_search = search_utility.GroupActivity.search
     search_bar = SearchBar(activity_search.create_complete_search_table(),
                            name='activitysearch',)
     return self._activities_grid(activities, search_bar, 'group',
         search_utility.GroupActivity, title='Group Activity', **kw)
Пример #2
0
    def removeUser(self, group_id=None, id=None, **kw):
        group = Group.by_id(group_id)

        if not group.can_modify_membership(identity.current.user):
            flash(_(u'You are not an owner of group %s' % group))
            redirect('../groups/mine')

        if not group.can_remove_member(identity.current.user, id):
            flash(_(u'Cannot remove member'))
            redirect('../groups/edit?group_id=%s' % group_id)

        groupUsers = group.users
        for user in groupUsers:
            if user.user_id == int(id):
                group.users.remove(user)
                removed = user
                activity = GroupActivity(identity.current.user, u'WEBUI',
                                         u'Removed', u'User',
                                         removed.user_name, u"")
                group.activity.append(activity)
                mail.group_membership_notify(user,
                                             group,
                                             agent=identity.current.user,
                                             action='Removed')
                flash(_(u"%s Removed" % removed.display_name))
                redirect("../groups/edit?group_id=%s" % group_id)
        flash(_(u"No user %s in group %s" % (id, removed.display_name)))
        raise redirect("../groups/edit?group_id=%s" % group_id)
Пример #3
0
    def save_user(self, **kw):
        user = User.by_user_name(kw['user']['text'])
        if user is None:
            flash(_(u"Invalid user %s" % kw['user']['text']))
            redirect("./edit?group_id=%s" % kw['group_id'])
        group = Group.by_id(kw['group_id'])

        if not group.can_modify_membership(identity.current.user):
            flash(_(u'You are not an owner of group %s' % group))
            redirect('../groups/mine')

        if user not in group.users:
            group.users.append(user)
            activity = GroupActivity(identity.current.user, u'WEBUI', u'Added',
                                     u'User', u"", user.user_name)
            group.activity.append(activity)
            mail.group_membership_notify(user,
                                         group,
                                         agent=identity.current.user,
                                         action='Added')
            flash(_(u"OK"))
            redirect("./edit?group_id=%s" % kw['group_id'])
        else:
            flash(
                _(u"User %s is already in Group %s" %
                  (user.user_name, group.group_name)))
            redirect("./edit?group_id=%s" % kw['group_id'])
Пример #4
0
    def _new_group(self, group_id, display_name, group_name, ldap,
                   root_password):
        user = identity.current.user
        if ldap and not user.is_admin():
            flash(_(u'Only admins can create LDAP groups'))
            redirect('.')
        try:
            Group.by_name(group_name)
        except NoResultFound:
            pass
        else:
            flash(_(u"Group %s already exists." % group_name))
            redirect(".")

        group = Group()
        session.add(group)
        group.record_activity(user=user,
                              service=u'WEBUI',
                              field=u'Group',
                              action=u'Created')
        group.display_name = display_name
        group.group_name = group_name
        group.ldap = ldap
        if group.ldap:
            group.refresh_ldap_members()
        group.root_password = root_password
        if not ldap:  # LDAP groups don't have owners
            group.user_group_assocs.append(UserGroup(user=user, is_owner=True))
            group.activity.append(
                GroupActivity(user,
                              service=u'WEBUI',
                              action=u'Added',
                              field_name=u'User',
                              old_value=None,
                              new_value=user.user_name))
            group.activity.append(
                GroupActivity(user,
                              service=u'WEBUI',
                              action=u'Added',
                              field_name=u'Owner',
                              old_value=None,
                              new_value=user.user_name))
        return group
Пример #5
0
    def setUp(self):
        self.distro = data_setup.create_distro()
        self.distro_tree1 = data_setup.create_distro_tree(distro=self.distro,
                                                          arch='x86_64')
        self.distro_tree2 = data_setup.create_distro_tree(distro=self.distro,
                                                          arch='i386')

        self.distro_tree1.activity.append(
            DistroTreeActivity(user=User.by_user_name(data_setup.ADMIN_USER),
                               service=u'testdata',
                               field_name=u'Nonesente',
                               old_value=u'sdfas',
                               new_value=u'sdfa',
                               action='Added'))
        self.distro_tree2.activity.append(
            DistroTreeActivity(user=User.by_user_name(data_setup.ADMIN_USER),
                               service=u'testdata',
                               field_name=u'Noneseonce',
                               old_value=u'bsdf',
                               new_value=u'sdfas',
                               action='Added'))

        self.distro.activity.append(
            DistroActivity(user=User.by_user_name(data_setup.ADMIN_USER),
                           service=u'testdata',
                           action=u'Nothing',
                           field_name=u'Nonsense',
                           old_value=u'asdf',
                           new_value=u'omgwtfbbq'))
        self.system = data_setup.create_system()
        self.system.activity.append(
            SystemActivity(user=User.by_user_name(data_setup.ADMIN_USER),
                           service=u'testdata',
                           action=u'Nothing',
                           field_name=u'Nonsense',
                           old_value=u'asdf',
                           new_value=u'omgwtfbbq'))
        self.group2 = data_setup.create_group()
        self.group = data_setup.create_group()
        self.group.activity.append(
            GroupActivity(user=User.by_user_name(data_setup.ADMIN_USER),
                          service=u'testdata',
                          action=u'Nothing',
                          field_name=u'Nonsense',
                          old_value=u'asdf',
                          new_value=u'omgwtfbbq'))
        self.browser = self.get_browser()
Пример #6
0
    def removeSystem(self, group_id=None, id=None, **kw):
        group = Group.by_id(group_id)
        system = System.by_id(id, identity.current.user)

        # A group owner can remove a system from their group.
        # A system owner can remove their system from a group.
        # But note this is not symmetrical with adding systems.
        if not (group.can_edit(identity.current.user)
                or system.can_edit(identity.current.user)):
            flash(_(u'Not permitted to remove %s from %s') % (system, group))
            redirect('../groups/mine')

        group.systems.remove(system)
        activity = GroupActivity(identity.current.user, u'WEBUI', u'Removed',
                                 u'System', system.fqdn, u"")
        group.activity.append(activity)
        system.record_activity(user=identity.current.user,
                               service=u'WEBUI',
                               action=u'Removed',
                               field=u'Group',
                               old=group.display_name,
                               new=u"")
        flash(_(u"%s Removed" % system.fqdn))
        raise redirect("./edit?group_id=%s" % group_id)
Пример #7
0
    def modify(self, group_name, kw):
        """
        Modifies an existing group. You must be an owner of a group to modify any details.

        :param group_name: An existing group name
        :type group_name: string

        The *kw* argument must be an XML-RPC structure (dict)
        specifying the following keys:

            'group_name'
                 New group name (maximum 16 characters)
            'display_name'
                 New group display name
            'add_member'
                 Add user (username) to the group
            'remove_member'
                 Remove an existing user (username) from the group
            'root_password'
                 Change the root password of this group.

        Returns a message whether the group was successfully modified or
        raises an exception on failure.

        """
        # if not called from the bkr group-modify
        if not kw:
            raise BX(_('Please specify an attribute to modify.'))

        try:
            group = Group.by_name(group_name)
        except NoResultFound:
            raise BX(_(u'Group does not exist: %s.' % group_name))

        if group.ldap:
            if not identity.current.user.is_admin():
                raise BX(_(u'Only admins can modify LDAP groups'))
            if kw.get('add_member', None) or kw.get('remove_member', None):
                raise BX(_(u'Cannot edit membership of an LDAP group'))

        user = identity.current.user
        if not group.can_edit(user):
            raise BX(_('You are not an owner of group %s' % group_name))

        group_name = kw.get('group_name', None)
        if group_name:
            try:
                Group.by_name(group_name)
            except NoResultFound:
                pass
            else:
                if group_name != group.group_name:
                    raise BX(
                        _(u'Failed to update group %s: Group name already exists: %s'
                          % (group.group_name, group_name)))

            GroupFormSchema.fields['group_name'].to_python(group_name)
            group.set_name(user, u'XMLRPC', kw.get('group_name', None))

        display_name = kw.get('display_name', None)
        if display_name:
            GroupFormSchema.fields['display_name'].to_python(display_name)
            group.set_display_name(user, u'XMLRPC', display_name)

        root_password = kw.get('root_password', None)
        if root_password:
            group.set_root_password(user, u'XMLRPC', root_password)

        if kw.get('add_member', None):
            username = kw.get('add_member')
            user = User.by_user_name(username)
            if user is None:
                raise BX(_(u'User does not exist %s' % username))

            if user not in group.users:
                group.users.append(user)
                activity = GroupActivity(identity.current.user,
                                         u'XMLRPC',
                                         action=u'Added',
                                         field_name=u'User',
                                         old_value=u"",
                                         new_value=username)
                group.activity.append(activity)
                mail.group_membership_notify(user,
                                             group,
                                             agent=identity.current.user,
                                             action='Added')
            else:
                raise BX(
                    _(u'User %s is already in group %s' %
                      (username, group.group_name)))

        if kw.get('remove_member', None):
            username = kw.get('remove_member')
            user = User.by_user_name(username)

            if user is None:
                raise BX(_(u'User does not exist %s' % username))

            if user not in group.users:
                raise BX(
                    _(u'No user %s in group %s' %
                      (username, group.group_name)))
            else:
                if not group.can_remove_member(identity.current.user,
                                               user.user_id):
                    raise BX(_(u'Cannot remove member'))

                groupUsers = group.users
                for usr in groupUsers:
                    if usr.user_id == user.user_id:
                        group.users.remove(usr)
                        removed = user
                        activity = GroupActivity(identity.current.user,
                                                 u'XMLRPC',
                                                 action=u'Removed',
                                                 field_name=u'User',
                                                 old_value=removed.user_name,
                                                 new_value=u"")
                        group.activity.append(activity)
                        mail.group_membership_notify(
                            user,
                            group,
                            agent=identity.current.user,
                            action='Removed')
                        break

        #dummy success return value
        return ['1']
Пример #8
0
    def create(self, kw):
        """
        Creates a new group.

        The *kw* argument must be an XML-RPC structure (dict)
        specifying the following keys:

            'group_name'
                 Group name (maximum 16 characters)
            'display_name'
                 Group display name
            'ldap'
                 Populate users from LDAP (True/False)

        Returns a message whether the group was successfully created or
        raises an exception on failure.

        """
        display_name = kw.get('display_name')
        group_name = kw.get('group_name')
        ldap = kw.get('ldap')
        password = kw.get('root_password')

        if ldap and not identity.current.user.is_admin():
            raise BX(_(u'Only admins can create LDAP groups'))
        try:
            group = Group.by_name(group_name)
        except NoResultFound:
            #validate
            GroupFormSchema.fields['group_name'].to_python(group_name)
            GroupFormSchema.fields['display_name'].to_python(display_name)

            group = Group()
            session.add(group)
            group.record_activity(user=identity.current.user,
                                  service=u'XMLRPC',
                                  field=u'Group',
                                  action=u'Created')
            group.display_name = display_name
            group.group_name = group_name
            group.ldap = ldap
            group.root_password = password
            user = identity.current.user

            if not ldap:
                group.user_group_assocs.append(
                    UserGroup(user=user, is_owner=True))
                group.activity.append(
                    GroupActivity(user,
                                  service=u'XMLRPC',
                                  action=u'Added',
                                  field_name=u'User',
                                  old_value=None,
                                  new_value=user.user_name))
                group.activity.append(
                    GroupActivity(user,
                                  service=u'XMLRPC',
                                  action=u'Added',
                                  field_name=u'Owner',
                                  old_value=None,
                                  new_value=user.user_name))

            if group.ldap:
                group.refresh_ldap_members()
            return 'Group created: %s.' % group_name
        else:
            raise BX(_(u'Group already exists: %s.' % group_name))
Пример #9
0
            flash(unicode(e))
            redirect("./edit?group_id=%s" % kw['group_id'])
        # A system owner can add their system to a group, but a group owner
        # *cannot* add an arbitrary system to their group because that would
        # grant them extra privileges over it.
        if not system.can_edit(identity.current.user):
            flash(_(u'You do not have permission to edit system %s' % system))
            redirect('edit?group_id=%s' % kw['group_id'])
        group = Group.by_id(kw['group_id'])
        if group in system.groups:
            flash(
                _(u"System '%s' is already in group '%s'" %
                  (system.fqdn, group.group_name)))
            redirect("./edit?group_id=%s" % kw['group_id'])
        group.systems.append(system)
        activity = GroupActivity(identity.current.user, u'WEBUI', u'Added',
                                 u'System', u"", system.fqdn)
        group.activity.append(activity)
        system.record_activity(user=identity.current.user,
                               service=u'WEBUI',
                               action=u'Added',
                               field=u'Group',
                               old=u"",
                               new=group.display_name)
        flash(_(u"OK"))
        redirect("./edit?group_id=%s" % kw.get('group_id'))

    @identity.require(identity.in_group("admin"))
    @expose(format='json')
    def save_group_permissions(self, **kw):
        try:
            permission_name = kw['permissions']['text']