def post(self):
ou_id = self.request.POST.get('ou_id')
node_id = self.request.POST.get('node_id')
ou = None
if ou_id:
ou = self.collection.find_one({'_id': ObjectId(ou_id), 'type': 'ou'})
else:
ou_availables = self.request.user.get('ou_availables')
if isinstance(ou_availables, list) and len(ou_availables) > 0:
ou = self.collection.find_one({'_id': {'$in': [ObjectId(ou_ava_id) for ou_ava_id in ou_availables]},
'type': 'ou',
'path': {'$ne': 'root'}})
if not ou:
return {'ok': False,
'message': 'Ou does not exists'}
settings = get_current_registry().settings
api = get_chef_api(settings, self.request.user)
computer_id = register_node(api, node_id, ou, self.collection)
if not computer_id:
return {'ok': False,
'message': 'Node does not exist (in chef)'}
elif computer_id == 'duplicated':
return {'ok': False,
'message': 'There is another node with this name (in gcc)'}
elif computer_id == 'duplicated-node-id':
return {'ok': False,
'message': 'There is another node with this node chef id (in gcc)'}
computer = self.collection.find_one({'_id': computer_id})
apply_policies_to_computer(self.collection, computer, self.request.user)
update_tree(computer['path'])
return {'ok': True}
def post(self):
ou_id = self.request.POST.get('ou_id')
node_id = self.request.POST.get('node_id')
ou = None
if ou_id:
ou = self.collection.find_one({
'_id': ObjectId(ou_id),
'type': 'ou'
})
else:
ou_availables = self.request.user.get('ou_availables')
if isinstance(ou_availables, list) and len(ou_availables) > 0:
ou = self.collection.find_one({
'_id': {
'$in':
[ObjectId(ou_ava_id) for ou_ava_id in ou_availables]
},
'type': 'ou',
'path': {
'$ne': 'root'
}
})
if not ou:
return {'ok': False, 'message': 'Ou does not exists'}
settings = get_current_registry().settings
api = get_chef_api(settings, self.request.user)
computer_id = register_node(api, node_id, ou, self.collection)
if not computer_id:
return {'ok': False, 'message': 'Node does not exist (in chef)'}
elif computer_id == 'duplicated':
return {
'ok': False,
'message': 'There is another node with this name (in gcc)'
}
elif computer_id == 'duplicated-node-id':
return {
'ok': False,
'message':
'There is another node with this node chef id (in gcc)'
}
elif computer_id == 'path-err':
return {
'ok': False,
'message':
'Unable to add gecos path ids and names to chef node'
}
computer = self.collection.find_one({'_id': computer_id})
apply_policies_to_computer(self.collection, computer,
self.request.user)
update_tree(computer['path'])
return {'ok': True}
def check_users(self, chef_node, api):
node_collection = self.request.db.nodes
users_old = self.get_attr(chef_node, USERS_OLD)
users = self.get_attr(chef_node, USERS_OHAI)
node_id = chef_node.name
node = node_collection.find_one({'node_chef_id': node_id,
'type': 'computer'})
if not node:
return {'ok': False,
'message': 'This node does not exist (mongodb)'}
users_recalculate_policies = []
reload_clients = False
for chef_user in users:
username = chef_user['username']
if chef_user in users_old or chef_user.get('sudo', False):
continue
user = node_collection.find_one({'name': username,
'type': 'user',
'path': get_filter_in_domain(node)})
if not user:
user_model = User()
user = user_model.serialize({'name': username,
'path': node.get('path', ''),
'type': 'user',
'lock': node.get('lock', ''),
'source': node.get('source', '')})
user = update_computers_of_user(self.request.db, user, api)
del user['_id']
user_id = node_collection.insert(user)
user = node_collection.find_one({'_id': user_id})
reload_clients = True
users_recalculate_policies.append(user)
else:
computers = user.get('computers', [])
if node['_id'] not in computers:
computers.append(node['_id'])
node_collection.update({'_id': user['_id']}, {'$set': {'computers': computers}})
users_recalculate_policies.append(user)
add_computer_to_user(node['_id'], user['_id'])
invalidate_change(self.request, user)
users_remove_policies = []
for chef_user in users_old:
username = chef_user['username']
if chef_user in users or chef_user.get('sudo', False):
continue
user = node_collection.find_one({'name': username,
'type': 'user',
'path': get_filter_in_domain(node)})
computers = user['computers'] if user else []
if node['_id'] in computers:
users_remove_policies.append(deepcopy(user))
computers.remove(node['_id'])
node_collection.update({'_id': user['_id']}, {'$set': {'computers': computers}})
invalidate_change(self.request, user)
if reload_clients:
update_tree(node.get('path', ''))
chef_node.normal.set_dotted(USERS_OLD, users)
save_node_and_free(chef_node)
for user in users_recalculate_policies:
apply_policies_to_user(node_collection, user, self.request.user)
for user in users_remove_policies:
remove_policies_of_computer(user, node, self.request.user)
return {'ok': True}
def check_users(self, chef_node):
node_collection = self.request.db.nodes
users_old = self.get_attr(chef_node, USERS_OLD)
users = self.get_attr(chef_node, USERS_OHAI)
node_id = chef_node.name
node = node_collection.find_one({'node_chef_id': node_id,
'type': 'computer'})
if not node:
return {'ok': False,
'message': 'This node does not exist (mongodb)'}
users_recalculate_policies = []
reload_clients = False
for chef_user in users:
username = chef_user['username']
if chef_user in users_old or chef_user.get('sudo', False):
continue
user = node_collection.find_one({'name': username,
'type': 'user',
'path': get_filter_in_domain(node)})
if not user:
user_model = User()
user = user_model.serialize({'name': username,
'path': node.get('path', ''),
'type': 'user',
'lock': node.get('lock', ''),
'source': node.get('source', '')})
user['computers'].append(node['_id'])
del user['_id']
user_id = node_collection.insert(user)
user = node_collection.find_one({'_id': user_id})
reload_clients = True
users_recalculate_policies.append(user)
else:
computers = user.get('computers', [])
if node['_id'] not in computers:
computers.append(node['_id'])
node_collection.update({'_id': user['_id']}, {'$set': {'computers': computers}})
users_recalculate_policies.append(user)
add_computer_to_user(node['_id'], user['_id'])
invalidate_change(self.request, user)
users_remove_policies = []
for chef_user in users_old:
username = chef_user['username']
if chef_user in users or chef_user.get('sudo', False):
continue
user = node_collection.find_one({'name': username,
'type': 'user',
'path': get_filter_in_domain(node)})
computers = user['computers']
if node['_id'] in computers:
users_remove_policies.append(deepcopy(user))
computers.remove(node['_id'])
node_collection.update({'_id': user['_id']}, {'$set': {'computers': computers}})
invalidate_change(self.request, user)
if reload_clients:
update_tree(node.get('path', ''))
chef_node.normal.set_dotted('ohai_gecos.users_old', users)
save_node_and_free(chef_node)
for user in users_recalculate_policies:
apply_policies_to_user(node_collection, user, self.request.user)
for user in users_remove_policies:
remove_policies_of_computer(user, node, self.request.user)
return {'ok': True}
