def save_users(profiles):
# Add custom macros
core_custom_macros = [ k for k,o in user_attributes.items() if o.get('add_custom_macro') ]
for user in profiles.keys():
for macro in core_custom_macros:
if profiles[user].get(macro):
profiles[user]['_'+macro] = profiles[user][macro]
multisite_custom_values = [ k for k,v in user_attributes.items() if v["domain"] == "multisite" ]
# Keys not to put into contact definitions for Check_MK
non_contact_keys = [
"roles",
"password",
"locked",
"automation_secret",
"language",
"serial",
"connector",
"num_failed",
"enforce_pw_change",
"last_pw_change",
"last_seen",
] + multisite_custom_values
# Keys to put into multisite configuration
multisite_keys = [
"roles",
"locked",
"automation_secret",
"alias",
"language",
"connector",
] + multisite_custom_values
# Remove multisite keys in contacts.
contacts = dict(
e for e in
[ (id, split_dict(user, non_contact_keys + non_contact_attributes(user.get('connector')), False))
for (id, user)
in profiles.items() ])
# Only allow explicitely defined attributes to be written to multisite config
users = {}
for uid, profile in profiles.items():
users[uid] = dict([ (p, val)
for p, val in profile.items()
if p in multisite_keys + multisite_attributes(profile.get('connector'))])
# Check_MK's monitoring contacts
filename = root_dir + "contacts.mk.new"
out = create_user_file(filename, "w")
out.write("# Written by Multisite UserDB\n# encoding: utf-8\n\n")
out.write("contacts.update(\n%s\n)\n" % pprint.pformat(contacts))
out.close()
os.rename(filename, filename[:-4])
# Users with passwords for Multisite
filename = multisite_dir + "users.mk.new"
make_nagios_directory(multisite_dir)
out = create_user_file(filename, "w")
out.write("# Written by Multisite UserDB\n# encoding: utf-8\n\n")
out.write("multisite_users = \\\n%s\n" % pprint.pformat(users))
out.close()
os.rename(filename, filename[:-4])
# Execute user connector save hooks
hook_save(profiles)
# Write out the users serials
serials_file = '%s/auth.serials.new' % os.path.dirname(defaults.htpasswd_file)
rename_file = True
try:
out = create_user_file(serials_file, "w")
except:
rename_file = False
out = create_user_file(serials_file[:-4], "w")
def encode_utf8(value):
if type(value) == unicode:
value = value.encode("utf-8")
return value
for user_id, user in profiles.items():
out.write('%s:%d\n' % (encode_utf8(user_id), user.get('serial', 0)))
out.close()
if rename_file:
os.rename(serials_file, serials_file[:-4])
# Write user specific files
for id, user in profiles.items():
user_dir = defaults.var_dir + "/web/" + id
make_nagios_directory(user_dir)
# authentication secret for local processes
auth_file = user_dir + "/automation.secret"
if "automation_secret" in user:
create_user_file(auth_file, "w").write("%s\n" % user["automation_secret"])
elif os.path.exists(auth_file):
os.remove(auth_file)
# Write out user attributes which are written to dedicated files in the user
# profile directory. The primary reason to have separate files, is to reduce
# the amount of data to be loaded during regular page processing
save_custom_attr(id, 'serial', str(user.get('serial', 0)))
save_custom_attr(id, 'num_failed', str(user.get('num_failed', 0)))
save_custom_attr(id, 'enforce_pw_change', str(int(user.get('enforce_pw_change', False))))
save_custom_attr(id, 'last_pw_change', str(user.get('last_pw_change', int(time.time()))))
# Write out the last seent time
if 'last_seen' in user:
save_custom_attr(id, 'last_seen', repr(user['last_seen']))
# Remove settings directories of non-existant users.
# Beware: we removed this since it leads to violent destructions
# if the user database is out of the scope of Check_MK. This is
# e.g. the case, if mod_ldap is used for user authentication.
# dir = defaults.var_dir + "/web"
# for e in os.listdir(dir):
# if e not in ['.', '..'] and e not in profiles:
# entry = dir + "/" + e
# if os.path.isdir(entry):
# shutil.rmtree(entry)
# But for the automation.secret this is ok, since automation users are not
# created by other sources in common cases
dir = defaults.var_dir + "/web"
for user_dir in os.listdir(defaults.var_dir + "/web"):
if user_dir not in ['.', '..'] and user_dir not in profiles:
entry = dir + "/" + user_dir
if os.path.isdir(entry) and os.path.exists(entry + '/automation.secret'):
os.unlink(entry + '/automation.secret')
# Release the lock to make other threads access possible again asap
# This lock is set by load_users() only in the case something is expected
# to be written (like during user syncs, wato, ...)
release_lock(root_dir + "contacts.mk")
# populate the users cache
html.set_cache('users', profiles)
# Call the users_saved hook
hooks.call("users-saved", profiles)
def save_users(profiles):
custom_values = user_attributes.keys()
# Keys not to put into contact definitions for Check_MK
non_contact_keys = [
"roles",
"password",
"locked",
"automation_secret",
"language",
"serial",
"connector",
] + custom_values
# Keys to put into multisite configuration
multisite_keys = [
"roles",
"locked",
"automation_secret",
"alias",
"language",
"connector",
] + custom_values
# Remove multisite keys in contacts.
contacts = dict(
e for e in
[ (id, split_dict(user, non_contact_keys + non_contact_attributes(user.get('connector')), False))
for (id, user)
in profiles.items() ])
# Only allow explicitely defined attributes to be written to multisite config
users = {}
for uid, profile in profiles.items():
users[uid] = dict([ (p, val)
for p, val in profile.items()
if p in multisite_keys + multisite_attributes(profile.get('connector'))])
filename = root_dir + "contacts.mk"
# Check_MK's monitoring contacts
out = create_user_file(filename, "w")
out.write("# Written by Multisite UserDB\n# encoding: utf-8\n\n")
out.write("contacts.update(\n%s\n)\n" % pprint.pformat(contacts))
out.close()
# Users with passwords for Multisite
make_nagios_directory(multisite_dir)
filename = multisite_dir + "users.mk"
out = create_user_file(filename, "w")
out.write("# Written by Multisite UserDB\n# encoding: utf-8\n\n")
out.write("multisite_users = \\\n%s\n" % pprint.pformat(users))
out.close()
# Execute user connector save hooks
hook_save(profiles)
# Write out the users serials
serials_file = '%s/auth.serials' % os.path.dirname(defaults.htpasswd_file)
out = create_user_file(serials_file, "w")
for user_id, user in profiles.items():
out.write('%s:%d\n' % (user_id, user.get('serial', 0)))
out.close()
# Write user specific files
for id, user in profiles.items():
user_dir = defaults.var_dir + "/web/" + id
make_nagios_directory(user_dir)
# authentication secret for local processes
auth_file = user_dir + "/automation.secret"
if "automation_secret" in user:
create_user_file(auth_file, "w").write("%s\n" % user["automation_secret"])
elif os.path.exists(auth_file):
os.remove(auth_file)
# Write out the users serial
serial_file = user_dir + '/serial.mk'
create_user_file(serial_file, 'w').write('%d\n' % user.get('serial', 0))
# Remove settings directories of non-existant users.
# Beware: we removed this since it leads to violent destructions
# if the user database is out of the scope of Check_MK. This is
# e.g. the case, if mod_ldap is used for user authentication.
# dir = defaults.var_dir + "/web"
# for e in os.listdir(dir):
# if e not in ['.', '..'] and e not in profiles:
# entry = dir + "/" + e
# if os.path.isdir(entry):
# shutil.rmtree(entry)
# But for the automation.secret this is ok, since automation users are not
# created by other sources in common cases
dir = defaults.var_dir + "/web"
for user_dir in os.listdir(defaults.var_dir + "/web"):
if user_dir not in ['.', '..'] and user_dir not in profiles:
entry = dir + "/" + user_dir
if os.path.isdir(entry) and os.path.exists(entry + '/automation.secret'):
os.unlink(entry + '/automation.secret')
# Call the users_saved hook
hooks.call("users-saved", users)
def save_users(profiles):
custom_values = user_attributes.keys()
# Keys not to put into contact definitions for Check_MK
non_contact_keys = [
"roles",
"password",
"locked",
"automation_secret",
"language",
"serial",
"connector",
] + custom_values
# Keys to put into multisite configuration
multisite_keys = [
"roles",
"locked",
"automation_secret",
"alias",
"language",
"connector",
] + custom_values
# Remove multisite keys in contacts.
contacts = dict(
e for e in
[ (id, split_dict(user, non_contact_keys + non_contact_attributes(user.get('connector')), False))
for (id, user)
in profiles.items() ])
# Only allow explicitely defined attributes to be written to multisite config
users = {}
for uid, profile in profiles.items():
users[uid] = dict([ (p, val)
for p, val in profile.items()
if p in multisite_keys + multisite_attributes(profile.get('connector'))])
filename = root_dir + "contacts.mk"
# Check_MK's monitoring contacts
out = create_user_file(filename, "w")
out.write("# Written by Multisite UserDB\n# encoding: utf-8\n\n")
out.write("contacts.update(\n%s\n)\n" % pprint.pformat(contacts))
out.close()
# Users with passwords for Multisite
make_nagios_directory(multisite_dir)
filename = multisite_dir + "users.mk"
out = create_user_file(filename, "w")
out.write("# Written by Multisite UserDB\n# encoding: utf-8\n\n")
out.write("multisite_users = \\\n%s\n" % pprint.pformat(users))
out.close()
# Execute user connector save hooks
hook_save(profiles)
# Write out the users serials
serials_file = '%s/auth.serials' % os.path.dirname(defaults.htpasswd_file)
out = create_user_file(serials_file, "w")
for user_id, user in profiles.items():
out.write('%s:%d\n' % (user_id, user.get('serial', 0)))
out.close()
# Write user specific files
for id, user in profiles.items():
user_dir = defaults.var_dir + "/web/" + id
make_nagios_directory(user_dir)
# authentication secret for local processes
auth_file = user_dir + "/automation.secret"
if "automation_secret" in user:
create_user_file(auth_file, "w").write("%s\n" % user["automation_secret"])
elif os.path.exists(auth_file):
os.remove(auth_file)
# Write out the users serial
serial_file = user_dir + '/serial.mk'
create_user_file(serial_file, 'w').write('%d\n' % user.get('serial', 0))
# Remove settings directories of non-existant users.
# Beware: we removed this since it leads to violent destructions
# if the user database is out of the scope of Check_MK. This is
# e.g. the case, if mod_ldap is used for user authentication.
# dir = defaults.var_dir + "/web"
# for e in os.listdir(dir):
# if e not in ['.', '..'] and e not in profiles:
# entry = dir + "/" + e
# if os.path.isdir(entry):
# shutil.rmtree(entry)
# Call the users_saved hook
hooks.call("users-saved", users)
def save_users(profiles):
# Add custom macros
core_custom_macros = [
k for k, o in user_attributes.items() if o.get('add_custom_macro')
]
for user in profiles.keys():
for macro in core_custom_macros:
if macro in profiles[user]:
profiles[user]['_' + macro] = profiles[user][macro]
multisite_custom_values = [
k for k, v in user_attributes.items() if v["domain"] == "multisite"
]
# Keys not to put into contact definitions for Check_MK
non_contact_keys = [
"roles",
"password",
"locked",
"automation_secret",
"language",
"serial",
"connector",
"num_failed",
"enforce_pw_change",
"last_pw_change",
"last_seen",
] + multisite_custom_values
# Keys to put into multisite configuration
multisite_keys = [
"roles",
"locked",
"automation_secret",
"alias",
"language",
"connector",
] + multisite_custom_values
# Remove multisite keys in contacts.
contacts = dict(
e for e in [(id,
split_dict(
user, non_contact_keys +
non_contact_attributes(user.get('connector')), False))
for (id, user) in profiles.items()])
# Only allow explicitely defined attributes to be written to multisite config
users = {}
for uid, profile in profiles.items():
users[uid] = dict([(p, val) for p, val in profile.items()
if p in multisite_keys +
multisite_attributes(profile.get('connector'))])
# Check_MK's monitoring contacts
filename = root_dir + "contacts.mk.new"
out = create_user_file(filename, "w")
out.write("# Written by Multisite UserDB\n# encoding: utf-8\n\n")
out.write("contacts.update(\n%s\n)\n" % pprint.pformat(contacts))
out.close()
os.rename(filename, filename[:-4])
# Users with passwords for Multisite
filename = multisite_dir + "users.mk.new"
make_nagios_directory(multisite_dir)
out = create_user_file(filename, "w")
out.write("# Written by Multisite UserDB\n# encoding: utf-8\n\n")
out.write("multisite_users = \\\n%s\n" % pprint.pformat(users))
out.close()
os.rename(filename, filename[:-4])
# Execute user connector save hooks
hook_save(profiles)
# Write out the users serials
serials_file = '%s/auth.serials.new' % os.path.dirname(
defaults.htpasswd_file)
rename_file = True
try:
out = create_user_file(serials_file, "w")
except:
rename_file = False
out = create_user_file(serials_file[:-4], "w")
for user_id, user in profiles.items():
out.write('%s:%d\n' % (make_utf8(user_id), user.get('serial', 0)))
out.close()
if rename_file:
os.rename(serials_file, serials_file[:-4])
# Write user specific files
for user_id, user in profiles.items():
user_dir = defaults.var_dir + "/web/" + user_id
make_nagios_directory(user_dir)
# authentication secret for local processes
auth_file = user_dir + "/automation.secret"
if "automation_secret" in user:
create_user_file(auth_file,
"w").write("%s\n" % user["automation_secret"])
else:
remove_user_file(auth_file)
# Write out user attributes which are written to dedicated files in the user
# profile directory. The primary reason to have separate files, is to reduce
# the amount of data to be loaded during regular page processing
save_custom_attr(user_id, 'serial', str(user.get('serial', 0)))
save_custom_attr(user_id, 'num_failed', str(user.get('num_failed', 0)))
save_custom_attr(user_id, 'enforce_pw_change',
str(int(user.get('enforce_pw_change', False))))
save_custom_attr(user_id, 'last_pw_change',
str(user.get('last_pw_change', int(time.time()))))
# Write out the last seent time
if 'last_seen' in user:
save_custom_attr(user_id, 'last_seen', repr(user['last_seen']))
# During deletion of users we don't delete files which might contain user settings
# and e.g. customized views which are not easy to reproduce. We want to keep the
# files which are the result of a lot of work even when e.g. the LDAP sync deletes
# a user by accident. But for some internal files it is ok to delete them.
#
# Be aware: The user_exists() function relies on these files to be deleted.
profile_files_to_delete = [
"automation.secret",
"transids.mk",
"serial.mk",
]
dir = defaults.var_dir + "/web"
for user_dir in os.listdir(defaults.var_dir + "/web"):
if user_dir not in ['.', '..'
] and user_dir.decode("utf-8") not in profiles:
entry = dir + "/" + user_dir
if not os.path.isdir(entry):
continue
for to_delete in profile_files_to_delete:
if os.path.exists(entry + '/' + to_delete):
os.unlink(entry + '/' + to_delete)
# Release the lock to make other threads access possible again asap
# This lock is set by load_users() only in the case something is expected
# to be written (like during user syncs, wato, ...)
release_lock(root_dir + "contacts.mk")
# populate the users cache
html.set_cache('users', profiles)
# Call the users_saved hook
hooks.call("users-saved", profiles)
