def main(client_id, user_arguments_dict): """Main function used by front end""" (configuration, logger, output_objects, op_name) = \ initialize_main_variables(client_id) defaults = signature()[1] (validate_status, accepted) = validate_input_and_cert( user_arguments_dict, defaults, output_objects, client_id, configuration, allow_rejects=False, ) if not validate_status: return (accepted, returnvalues.CLIENT_ERROR) vgrid_name = accepted['vgrid_name'][-1] # Validity of user and vgrid names is checked in this init function so # no need to worry about illegal directory traversal through variables (ret_val, msg, ret_variables) = init_vgrid_script_list(vgrid_name, client_id, configuration) if not ret_val: output_objects.append({'object_type': 'error_text', 'text': msg}) return (output_objects, returnvalues.CLIENT_ERROR) # list (list_status, msg) = vgrid_list(vgrid_name, 'triggers', configuration, allow_missing=True) if not list_status: output_objects.append({ 'object_type': 'error_text', 'text': '%s' % msg }) return (output_objects, returnvalues.SYSTEM_ERROR) output_objects.append({'object_type': 'list', 'list': msg}) return (output_objects, returnvalues.OK)
def main(client_id, user_arguments_dict): """Main function used by front end""" (configuration, logger, output_objects, op_name) = \ initialize_main_variables(client_id) defaults = signature()[1] (validate_status, accepted) = validate_input_and_cert( user_arguments_dict, defaults, output_objects, client_id, configuration, allow_rejects=False, ) if not validate_status: return (accepted, returnvalues.CLIENT_ERROR) vgrid_name = accepted['vgrid_name'][-1] # Validity of user and vgrid names is checked in this init function so # no need to worry about illegal directory traversal through variables (ret_val, msg, ret_variables) = init_vgrid_script_list(vgrid_name, client_id, configuration) if not ret_val: output_objects.append({'object_type': 'error_text', 'text' : msg}) return (output_objects, returnvalues.CLIENT_ERROR) # list (status, msg) = vgrid_list(vgrid_name, 'triggers', configuration) if not status: output_objects.append({'object_type': 'error_text', 'text': '%s' % msg}) return (output_objects, returnvalues.SYSTEM_ERROR) output_objects.append({'object_type': 'list', 'list': msg}) return (output_objects, returnvalues.OK)
for path in (base_dir, public_base_dir, private_base_dir, vgrid_files_dir): try: os.mkdir(path) except Exception, exc: pass # Try entity creation or repair output_objects.append({ 'object_type': 'text', 'text': 'Participant update warnings:' }) for kind in ['owners', 'members', 'resources', 'triggers']: (list_status, id_list) = vgrid_list(vgrid_name, kind, configuration, recursive=False, allow_missing=False) logger.info("vgrid_list returned %s : %s" % (list_status, id_list)) if not list_status: if kind == 'owners': id_list = [client_id] else: id_list = [] (set_status, set_msg) = vgrid_set_entities(configuration, vgrid_name, kind, id_list, (kind != 'owners')) if not set_status: output_objects.append({ 'object_type': 'error_text',
def vgrid_add_remove_table(client_id, vgrid_name, item_string, script_suffix, configuration, extra_fields=[], optional_fields=[]): """Create a table of owners/members/resources/triggers (item_string), allowing to remove one item by selecting (radio button) and calling a script, and a form to add a new entry. Used from separate workflows page, too. Arguments: vgrid_name, the vgrid to operate on item_string, one of owner, member, resource, trigger script_suffix, will be prepended with "add" and "rm" for forms configuration, for loading the list of current items Returns: (Bool, list of output_objects) """ out = [] if not item_string in ['owner', 'member', 'resource', 'trigger']: out.append({'object_type': 'error_text', 'text': 'Internal error: Unknown item type %s.' % item_string }) return (False, out) optional = False if item_string == 'resource': id_field = 'unique_resource_name' optional = True elif item_string == 'trigger': id_field = 'rule_id' optional = True else: id_field = 'cert_id' # read list of current items and create form to remove one (status, inherit) = vgrid_list(vgrid_name, '%ss' % item_string, configuration, recursive=True, allow_missing=optional) if not status: out.append({'object_type': 'error_text', 'text': inherit }) return (False, out) (status, direct) = vgrid_list(vgrid_name, '%ss' % item_string, configuration, recursive=False, allow_missing=optional) if not status: out.append({'object_type': 'error_text', 'text': direct }) return (False, out) extra_titles_html = '' for (field, _) in extra_fields + optional_fields: extra_titles_html += '<th>%s</th>' % field.replace('_', ' ').title() # success, so direct and inherit are lists of unique user/res/trigger IDs extras = [i for i in inherit if not i in direct] if extras: table = ''' <br /> Inherited %(item)ss of %(vgrid)s: <table class="vgrid%(item)s"> <thead><tr><th></th><th>%(item)s</th>%(extra_titles)s</thead> <tbody> ''' % {'item': item_string, 'vgrid': vgrid_name, 'extra_titles': extra_titles_html} for elem in extras: extra_fields_html = '' if isinstance(elem, dict) and elem.has_key(id_field): for (field, _) in extra_fields + optional_fields: val = elem.get(field, '') if not isinstance(val, basestring): val = ' '.join(val) extra_fields_html += '<td>%s</td>' % val table += \ """ <tr><td></td><td>%s</td>%s</tr>""" % (elem[id_field], extra_fields_html) elif elem: table += \ " <tr><td></td><td>%s</td></tr>"\ % elem table += ''' </tbody></table> ''' out.append({'object_type': 'html_form', 'text': table}) if direct: form = ''' <form method="post" action="rm%(scriptname)s.py"> <input type="hidden" name="vgrid_name" value="%(vgrid)s" /> Current %(item)ss of %(vgrid)s: <table class="vgrid%(item)s"> <thead><tr><th>Remove</th><th>%(item)s</th>%(extra_titles)s</thead> <tbody> ''' % {'item': item_string, 'scriptname': script_suffix, 'vgrid': vgrid_name, 'extra_titles': extra_titles_html} for elem in direct: extra_fields_html = '' if isinstance(elem, dict) and elem.has_key(id_field): for (field, _) in extra_fields + optional_fields: val = elem.get(field, '') if isinstance(val, bool): val = str(val) elif not isinstance(val, basestring): val = ' '.join(val) extra_fields_html += '<td>%s</td>' % val form += \ """ <tr><td><input type=radio name='%s' value='%s' /></td> <td>%s</td>%s</tr>""" % (id_field, elem[id_field], elem[id_field], extra_fields_html) elif elem: form += \ """ <tr><td><input type=radio name='%s' value='%s' /></td> <td>%s</td></tr>""" % (id_field, elem, elem) form += ''' </tbody></table> <input type="submit" value="Remove %s" /> </form> ''' % item_string out.append({'object_type': 'html_form', 'text': form}) # form to add a new item extra_fields_html = '' for (field, limit) in extra_fields + optional_fields: extra_fields_html += '<tr><td>%s</td><td>' % \ field.replace('_', ' ').title() if isinstance(limit, basestring): add_html = '%s' % limit elif limit == None: add_html = '<input type="text" size=70 name="%s" />' % field else: multiple = '' if keyword_all in limit: multiple = 'multiple' add_html = '<select %s name="%s">' % (multiple, field) for val in limit: add_html += '<option value="%s">%s</option>' % (val, val) add_html += '</select>' extra_fields_html += add_html + '</td></tr>' out.append({'object_type': 'html_form', 'text': ''' <form method="post" action="add%(script)s.py"> <fieldset> <legend>Add %(_label)s %(item)s</legend> <input type="hidden" name="vgrid_name" value="%(vgrid)s" /> <table> <tr> <td>ID</td><td><input type="text" size=70 name="%(id_field)s" /></td> </tr> %(extra_fields)s <tr> <td colspan="2"><input type="submit" value="Add %(item)s" /></td> </tr> </table> </fieldset> </form> ''' % {'vgrid': vgrid_name, 'item': item_string, 'script': script_suffix, 'id_field': id_field, 'extra_fields': extra_fields_html, '_label': configuration.site_vgrid_label} }) return (True, out)
def main(client_id, user_arguments_dict): """Main function used by front end""" (configuration, logger, output_objects, op_name) = \ initialize_main_variables(client_id, op_header=False) defaults = signature()[1] (validate_status, accepted) = validate_input_and_cert( user_arguments_dict, defaults, output_objects, client_id, configuration, allow_rejects=False, ) if not validate_status: return (accepted, returnvalues.CLIENT_ERROR) if not correct_handler('POST'): output_objects.append( {'object_type': 'error_text', 'text' : 'Only accepting POST requests to prevent unintended updates'}) return (output_objects, returnvalues.CLIENT_ERROR) title_entry = find_entry(output_objects, 'title') title_entry['text'] = '%s send request' % \ configuration.short_title output_objects.append({'object_type': 'header', 'text' : '%s send request' % \ configuration.short_title}) target_id = client_id vgrid_name = accepted['vgrid_name'][-1].strip() visible_user_name = accepted['cert_id'][-1].strip() visible_res_name = accepted['unique_resource_name'][-1].strip() request_type = accepted['request_type'][-1].strip().lower() request_text = accepted['request_text'][-1].strip() protocols = [proto.strip() for proto in accepted['protocol']] use_any = False if any_protocol in protocols: use_any = True protocols = configuration.notify_protocols protocols = [proto.lower() for proto in protocols] valid_request_types = ['resourceowner', 'resourceaccept', 'vgridowner', 'vgridmember','vgridresource', 'vgridaccept', 'plain'] if not request_type in valid_request_types: output_objects.append({ 'object_type': 'error_text', 'text' : '%s is not a valid request_type (valid types: %s)!' % (request_type.lower(), valid_request_types)}) return (output_objects, returnvalues.CLIENT_ERROR) if not protocols: output_objects.append({ 'object_type': 'error_text', 'text': 'No protocol specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) user_map = get_user_map(configuration) reply_to = user_map[client_id][USERID] if request_type == "plain": if not visible_user_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No user ID specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) user_id = visible_user_name anon_map = anon_to_real_user_map(configuration.user_home) if anon_map.has_key(visible_user_name): user_id = anon_map[visible_user_name] if not user_map.has_key(user_id): output_objects.append({'object_type': 'error_text', 'text': 'No such user: %s' % \ visible_user_name }) return (output_objects, returnvalues.CLIENT_ERROR) target_name = user_id user_dict = user_map[user_id] allow_vgrids = user_allowed_vgrids(configuration, client_id) vgrids_allow_email = user_dict[CONF].get('VGRIDS_ALLOW_EMAIL', []) vgrids_allow_im = user_dict[CONF].get('VGRIDS_ALLOW_IM', []) if any_vgrid in vgrids_allow_email: email_vgrids = allow_vgrids else: email_vgrids = set(vgrids_allow_email).intersection(allow_vgrids) if any_vgrid in vgrids_allow_im: im_vgrids = allow_vgrids else: im_vgrids = set(vgrids_allow_im).intersection(allow_vgrids) if use_any: # Do not try disabled protocols if ANY was requested if not email_vgrids: protocols = [proto for proto in protocols \ if proto not in email_keyword_list] if not im_vgrids: protocols = [proto for proto in protocols \ if proto in email_keyword_list] if not email_vgrids and [proto for proto in protocols \ if proto in email_keyword_list]: output_objects.append({ 'object_type': 'error_text', 'text' : 'You are not allowed to send emails to %s!' % \ visible_user_name }) return (output_objects, returnvalues.CLIENT_ERROR) if not im_vgrids and [proto for proto in protocols \ if proto not in email_keyword_list]: output_objects.append({ 'object_type': 'error_text', 'text' : 'You are not allowed to send instant messages to %s!' % \ visible_user_name }) return (output_objects, returnvalues.CLIENT_ERROR) for proto in protocols: if not user_dict[CONF].get(proto.upper(), False): if use_any: # Remove missing protocols if ANY protocol was requested protocols = [i for i in protocols if i != proto] else: output_objects.append({ 'object_type': 'error_text', 'text' : 'User %s does not accept %s messages!' % \ (visible_user_name, proto) }) return (output_objects, returnvalues.CLIENT_ERROR) if not protocols: output_objects.append({ 'object_type': 'error_text', 'text': 'User %s does not accept requested protocol(s) messages!' % \ visible_user_name}) return (output_objects, returnvalues.CLIENT_ERROR) target_list = [user_id] elif request_type == "vgridaccept": # Always allow accept messages but only between vgrid members/owners user_id = visible_user_name if not vgrid_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No vgrid_name specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) if vgrid_name.upper() == default_vgrid.upper(): output_objects.append({ 'object_type': 'error_text', 'text' : 'No requests for %s are not allowed!' % \ default_vgrid }) return (output_objects, returnvalues.CLIENT_ERROR) if not vgrid_is_owner(vgrid_name, client_id, configuration): output_objects.append({ 'object_type': 'error_text', 'text' : 'You are not an owner of %s or a parent %s!' % \ (vgrid_name, configuration.site_vgrid_label)}) return (output_objects, returnvalues.CLIENT_ERROR) allow_vgrids = user_allowed_vgrids(configuration, client_id) if not vgrid_name in allow_vgrids: output_objects.append({ 'object_type': 'error_text', 'text': 'Invalid %s message! (%s sv %s)' % (request_type, user_id, allow_vgrids)}) return (output_objects, returnvalues.CLIENT_ERROR) target_id = '%s %s owners' % (vgrid_name, configuration.site_vgrid_label) target_name = vgrid_name target_list = [user_id] elif request_type == "resourceaccept": # Always allow accept messages between actual resource owners user_id = visible_user_name if not visible_res_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No resource ID specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) unique_resource_name = visible_res_name target_name = unique_resource_name res_map = get_resource_map(configuration) if not res_map.has_key(unique_resource_name): output_objects.append({'object_type': 'error_text', 'text': 'No such resource: %s' % \ unique_resource_name }) return (output_objects, returnvalues.CLIENT_ERROR) owners_list = res_map[unique_resource_name][OWNERS] if not client_id in owners_list or not user_id in owners_list: output_objects.append({ 'object_type': 'error_text', 'text' : 'Invalid resource owner accept message!'}) return (output_objects, returnvalues.CLIENT_ERROR) target_id = '%s resource owners' % unique_resource_name target_name = unique_resource_name target_list = [user_id] elif request_type == "resourceowner": if not visible_res_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No resource ID specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) unique_resource_name = visible_res_name anon_map = anon_to_real_res_map(configuration.resource_home) if anon_map.has_key(visible_res_name): unique_resource_name = anon_map[visible_res_name] target_name = unique_resource_name res_map = get_resource_map(configuration) if not res_map.has_key(unique_resource_name): output_objects.append({'object_type': 'error_text', 'text': 'No such resource: %s' % \ visible_res_name }) return (output_objects, returnvalues.CLIENT_ERROR) target_list = res_map[unique_resource_name][OWNERS] if client_id in target_list: output_objects.append({ 'object_type': 'error_text', 'text' : 'You are already an owner of %s!' % unique_resource_name }) return (output_objects, returnvalues.CLIENT_ERROR) elif request_type in ["vgridmember", "vgridowner", "vgridresource"]: unique_resource_name = visible_res_name if not vgrid_name: output_objects.append({ 'object_type': 'error_text', 'text': 'No vgrid_name specified!'}) return (output_objects, returnvalues.CLIENT_ERROR) # default vgrid is read-only if vgrid_name.upper() == default_vgrid.upper(): output_objects.append({ 'object_type': 'error_text', 'text' : 'No requests for %s are not allowed!' % \ default_vgrid }) return (output_objects, returnvalues.CLIENT_ERROR) # stop owner or member request if already an owner if request_type != 'vgridresource': if vgrid_is_owner(vgrid_name, client_id, configuration): output_objects.append({ 'object_type': 'error_text', 'text' : 'You are already an owner of %s or a parent %s!' % \ (vgrid_name, configuration.site_vgrid_label)}) return (output_objects, returnvalues.CLIENT_ERROR) # only ownership requests are allowed for existing members if request_type == 'vgridmember': if vgrid_is_member(vgrid_name, client_id, configuration): output_objects.append({ 'object_type': 'error_text', 'text' : 'You are already a member of %s or a parent %s.' % \ (vgrid_name, configuration.site_vgrid_label)}) return (output_objects, returnvalues.CLIENT_ERROR) # set target to resource and prevent repeated resource access requests if request_type == 'vgridresource': target_id = unique_resource_name if vgrid_is_resource(vgrid_name, unique_resource_name, configuration): output_objects.append({ 'object_type': 'error_text', 'text' : 'You already have access to %s or a parent %s.' % \ (vgrid_name, configuration.site_vgrid_label)}) return (output_objects, returnvalues.CLIENT_ERROR) # Find all VGrid owners target_name = vgrid_name (status, target_list) = vgrid_list(vgrid_name, 'owners', configuration) if not status: output_objects.append({ 'object_type': 'error_text', 'text' : 'Could not load list of current owners for %s %s!' % (vgrid_name, configuration.site_vgrid_label)}) return (output_objects, returnvalues.CLIENT_ERROR) else: output_objects.append({ 'object_type': 'error_text', 'text': 'Invalid request type: %s' % \ request_type}) return (output_objects, returnvalues.CLIENT_ERROR) # Now send request to all targets in turn # TODO: inform requestor if no owners have mail/IM set in their settings for target in target_list: # USER_CERT entry is destination notify = [] for proto in protocols: notify.append('%s: SETTINGS' % proto) job_dict = {'NOTIFY': notify, 'JOB_ID': 'NOJOBID', 'USER_CERT': target} notifier = notify_user_thread( job_dict, [target_id, target_name, request_type, request_text, reply_to], 'SENDREQUEST', logger, '', configuration, ) # Try finishing delivery but do not block forever on one message notifier.join(30) output_objects.append({'object_type': 'text', 'text': 'Sent %s message to %d people' % \ (request_type, len(target_list))}) output_objects.append({'object_type': 'text', 'text': """Please make sure you have notifications configured on your Setings page if you expect a reply to this message"""}) return (output_objects, returnvalues.OK)
(configuration.site_vgrid_label, vgrid_name)}) # Try to create all base directories used for vgrid files for path in (base_dir, public_base_dir, private_base_dir, vgrid_files_dir): try: os.mkdir(path) except Exception, exc: pass # Try entity creation or repair output_objects.append({'object_type': 'text', 'text' : 'Participant update warnings:'}) for kind in ['owners', 'members', 'resources', 'triggers']: (status, id_list) = vgrid_list(vgrid_name, kind, configuration, recursive=False, allow_missing = False) logger.info("vgrid_list returned %s : %s" % (status, id_list)) if not status: if kind == 'owners': id_list = [client_id] else: id_list = [] (set_status, set_msg) = vgrid_set_entities(configuration, vgrid_name, kind, id_list, (kind != 'owners')) if not set_status: output_objects.append({'object_type': 'error_text', 'text': 'Could not create missing %s list: %s' % (kind, set_msg)})