def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts, args) = setup_options(argv) if len(args) > 0: u_pattern = args[0] else: u_pattern = "" if opts.bya: usa = User.find_alias(db_obj, u_pattern) users = [] for ua in usa: users.append(ua.get_canonical_user()) else: users = User.find_user(db_obj, u_pattern) if users == None: pynimbusauthz.print_msg(opts, 0, "No users in list") return 1 for u in users: list_user(opts, u) except AuthzException, ae: print ae return ae.get_rc()
def delete_user(o): con_str = pycb.config.authzdb db = DB(con_str) # create canonical user user = User.get_user_by_friendly(db, o.emailaddr) if user == None: raise CLIError('EUSER', "No such user %s" % (o.emailaddr)) o.canonical_id = user.get_id() dnu = user.get_alias_by_friendly(o.emailaddr, pynimbusauthz.alias_type_x509) if dnu == None: print "WARNING! there is no x509 alias for user %s" % (o.emailaddr) else: dn = dnu.get_name() remove_gridmap(dn) nh = get_nimbus_home() groupauthz_dir = os.path.join( nh, "services/etc/nimbus/workspace-service/group-authz/") try: remove_member(groupauthz_dir, dn) except Exception, ex: print "WARNING %s" % (ex) if o.web: if o.web_id == None: o.web_id = o.emailaddr.split("@")[0] remove_web(o)
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts, args) = setup_options(argv) if len(args) != 3: raise AuthzException( 'CLI_PARAMETER', "You must specify a username filename and a datakey\nTry --help" ) user_name = args[0] object_name = args[1] data = args[2] user = User(db_obj, uu=user_name) parent = None if opts.parent != None: parent = File.get_file(db_obj, opts.parent, opts.type) if parent == None: raise AuthzException('FILE_EXISTS', "parent %s not found" % (opts.parent)) File.create_file(db_obj, object_name, user, data, opts.type, parent=parent) db_obj.commit() except AuthzException, ae: print ae return ae.get_rc()
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts, args) = setup_options(argv) if len(args) > 0: u_pattern = args[0] else: u_pattern = "" parent = None if opts.parent != None: parent = File.get_file(db_obj, opts.parent, opts.type) if parent == None: raise AuthzException(['FILE_EXISTS'], "parent %s not found" % (opts.parent)) if opts.type == "all": types = pynimbusauthz.object_types.keys() else: types = [opts.type] for t in types: files = File.find_files(db_obj, u_pattern, t, parent) for f in files: print_file(opts, f) except AuthzException, ae: print ae return ae.get_rc()
def get_user_id_by_display(self, display_name): db_obj = DB(con_str=self.con_str) a_it = UserAlias.find_alias_by_friendly(db_obj, display_name) a_list = list(a_it) if len(a_list) < 1: return None alias = a_list[0] return alias.get_name()
def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.db.commit()
def setUp(self): # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1)
def __init__(self, alias_name, con_str): self.db_obj = DB(con_str=con_str) alias = User.find_alias(self.db_obj, alias_name, pynimbusauthz.alias_type_s3) a_list = list(alias) if len(a_list) < 1: raise cbException('AccessDenied') # pick the first one, hmmm XXX self.alias = a_list[0] self.user = self.alias.get_canonical_user()
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts, args) = setup_options(argv) user_uu = None if len(args) == 1: user_uu = args[0] if opts.new: user = User(db_obj, user_uu, friendly=opts.friendlyname, create=True) pynimbusauthz.print_msg(opts, 0, "User %s added" % (user.get_id())) else: user = User(db_obj, user_uu) pynimbusauthz.print_msg(opts, 0, "User %s" % (user.get_id())) if opts.alias != None: user_alias = user.get_alias(opts.alias, opts.type) if user_alias == None: user_alias = user.create_alias(opts.alias, opts.type, opts.friendlyname) pynimbusauthz.print_msg( opts, 0, "Creating new alias %s:%s" % (opts.type, opts.alias)) if opts.genkey: data = pynimbusauthz.random_string_gen(42) pynimbusauthz.print_msg(opts, 0, "Key generated %s" % (data)) user_alias.set_data(data) elif opts.setkey != None: data = opts.setkey user_alias.set_data(data) pynimbusauthz.print_msg(opts, 0, "updated the alias key") if opts.remove_alias != None: user_alias = user.get_alias(opts.remove_alias, opts.type) user_alias.remove() if opts.remove: pynimbusauthz.print_msg(opts, 1, "Removing user %s" % (user.get_id())) if opts.force: pynimbusauthz.print_msg(opts, 1, "Removing all references") user.destroy_brutally() else: user.destroy() db_obj.commit() except AuthzException, ae: print ae return ae.get_rc()
def get_user_object_by_access_id(self, access_id): """Get a new connection every time this is called to make sure it is cleaned up""" db = DB(self._cumulus_db) user_alias = User.find_alias(db, access_id) if not user_alias: raise PhantomAWSException('InvalidClientTokenId') l = list(user_alias) db.close() if l < 1: raise PhantomAWSException('InvalidClientTokenId') return PhantomUserObject(access_id, l[0].get_data(), l[0].get_friendly_name())
def main(argv=sys.argv[1:]): try: (o, args, p) = setup_options(argv) con_str = pycb.config.authzdb db = DB(con_str) o.emailaddr = args[0] edit_user(o, db) report_results(o, db) except CLIError, clie: print clie return clie.get_rc()
def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname) self.user1 = User(self.db) self.name = "/file/name" self.data = "/etc/group" self.file1 = File.create_file(self.db, self.name, self.user1, self.data, pynimbusauthz.object_type_s3) self.uf = UserFile(self.file1) self.db.commit()
def main(argv=sys.argv[1:]): try: (o, args, p) = setup_options(argv) search_pattern = args[0] con_str = pycb.config.authzdb db = DB(con_str) user_list = User.find_user_by_friendly(db, search_pattern) for u in user_list: report_results(db, u, o) db.commit() except CLIError, clie: print clie return clie.get_rc()
def main(argv=sys.argv[1:]): try: (o, args, p) = setup_options(argv) con_str = pycb.config.authzdb db = DB(con_str) o.emailaddr = args[0] create_user(o, db) report_results(o, db) db.close() except CLIError, clie: if DEBUG: traceback.print_exc(file=sys.stdout) print clie return clie.get_rc()
def main(argv=sys.argv[1:]): try: repo_dir = argv[0] repo_dir = str(repo_dir).strip() con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) user = User(db_obj, uu="CumulusPublicUser") if user == None: raise Exception("No public user") File.create_file(db_obj, repo_dir, user, repo_dir, pynimbusauthz.alias_type_s3) db_obj.commit() except: raise return 0
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts, args) = setup_options(argv) if len(args) == 0: raise AuthzException('CLI_PARAMETER', "You must specify a filename") parent = None if opts.parent != None: parent = File.get_file(db_obj, opts.parent, opts.type) if parent == None: raise AuthzException('FILE_EXISTS', "bucket %s not found" % (opts.parent)) object_name = args[0] file1 = File.get_file(db_obj, object_name, opts.type, parent=parent) if file1 == None: pynimbusauthz.print_msg(opts, 0, "File not found") return uf = UserFile(file1) msg = "%10s\t%10s\t%10s\t%10s\t%10s" % ("file", "type", "owner", "user", "perms") pynimbusauthz.print_msg(opts, 1, msg) n = uf.get_file().get_name() t = uf.get_file().get_object_type() stat_print_uf(opts, uf, n, t) if opts.all: user_list = uf.get_file().get_all_users() for u in user_list: uf = UserFile(uf.get_file(), u) stat_print_uf(opts, uf, " ", " ") except AuthzException, ae: print ae return ae.get_rc()
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts, args) = setup_options(argv) if len(args) != 3: raise AuthzException( 'CLI_PARAMETER', "You must specify a username filename permssions") user_name = args[0] object_name = args[1] requested_perms = args[2] parent = None if opts.parent != None: parent = File.get_file(db_obj, opts.parent, opts.type) if parent == None: raise AuthzException('FILE_EXISTS', "parent %s not found" % (opts.parent)) file1 = File.get_file(db_obj, object_name, opts.type, parent=parent) if file1 == None: raise AuthzException( 'FILE_EXISTS', "file %s:%s not found" % (opts.type, object_name)) user = User(db_obj, uu=user_name) uf = UserFile(file1) # create a uesrfile with owner so we can chmod uf.chmod(requested_perms, user=user) pynimbusauthz.print_msg( opts, 0, "changed %s to %s for %s" % (str(file1), requested_perms, str(user))) db_obj.commit() except AuthzException, ae: print ae return ae.get_rc()
def main(argv=sys.argv[1:]): try: con_str = pynimbusauthz.get_db_connection_string() db_obj = DB(con_str=con_str) (opts,args) = setup_options(argv) old_path = args[0] new_path = args[1] pattern = old_path + "%" files = list(File.find_files_from_data(db_obj, pattern)) for f in files: old_key = f.get_data_key() new_key = old_key.replace(old_path, new_path, 1) f.set_data_key(new_key) db_obj.commit() print "done - %d files rebased" % len(files) except AuthzException, ae: print ae return ae.get_rc()
def setUp(self): # os.environ['CUMULUS_AUTHZ_DDL'] = "/home/bresnaha/Dev/Nimbus/nimbus/cumulus/authz/etc/acl.sql" con = pynimbusauthz.db.make_test_database() self.db = DB(con=con) self.user = User(self.db)
def setUp(self): (osf, self.fname) = tempfile.mkstemp() os.close(osf) os.environ['NIMBUS_AUTHZ_DB'] = self.fname pynimbusauthz.db.make_test_database(self.fname) self.db = DB(con_str=self.fname)
def create_user(self, display_name, id, pw, opts): db_obj = DB(con_str=self.con_str) user = User(db_obj, friendly=display_name) user_alias = user.create_alias(id, "s3", display_name, alias_data=pw) db_obj.commit() db_obj.close()
def find_user_id_by_display(self, pattern): db_obj = DB(con_str=self.con_str) a_it = UserAlias.find_all_alias_by_friendly(db_obj, pattern) new_it = map(lambda r: r.get_name(), a_it) return new_it
def setUp(self): con = pynimbusauthz.db.make_test_database() self.db = DB(con=con)
def get_db(): db_obj = DB(con_str=self.con_str) return db_obj