def host_policy_list(self, operator, dns_owner_id): """List all roles/atoms associated to a given host.""" self.ba.assert_dns_superuser(operator.get_entity_id()) host = self._get_host(dns_owner_id) policy = PolicyComponent(self.db) ret = [] for row in policy.search_hostpolicies(dns_owner_id=host.entity_id): policy.clear() policy.find(row['policy_id']) ret.append({'policy_name': row['policy_name'], 'desc': policy.description}) return sorted(ret, key=lambda r: r['policy_name'])
def host_policy_list(self, operator, dns_owner_id): """List all roles/atoms associated to a given host.""" self.ba.assert_dns_superuser(operator.get_entity_id()) host = self._get_host(dns_owner_id) policy = PolicyComponent(self.db) ret = [] for row in policy.search_hostpolicies(dns_owner_id=host.entity_id): policy.clear() policy.find(row['policy_id']) ret.append({ 'policy_name': row['policy_name'], 'desc': policy.description }) return sorted(ret, key=lambda r: r['policy_name'])
def terminate(self): """Remove all of a project, except its project ID and name (acronym). The project's entities are deleted by this method, so use with care! For the OU object, it does almost the same as L{delete} except from deleting the entity itself. """ self.write_db() ent = EntityTrait(self._db) ac = Factory.get('Account')(self._db) pu = Factory.get('PosixUser')(self._db) # Delete PosixUsers for row in ac.list_accounts_by_type(ou_id=self.entity_id, filter_expired=False): try: pu.clear() pu.find(row['account_id']) pu.delete_posixuser() except Errors.NotFoundError: # not a PosixUser continue # Remove all project's groups gr = Factory.get('Group')(self._db) for row in gr.list_traits(code=self.const.trait_project_group, target_id=self.entity_id): gr.clear() gr.find(row['entity_id']) gr.delete() # Delete all users for row in ac.list_accounts_by_type(ou_id=self.entity_id): ac.clear() ac.find(row['account_id']) ac.delete() # Remove every trace of person affiliations to the project: pe = Factory.get('Person')(self._db) for row in pe.list_affiliations(ou_id=self.entity_id, include_deleted=True): pe.clear() pe.find(row['person_id']) pe.nuke_affiliation(ou_id=row['ou_id'], affiliation=row['affiliation'], source=row['source_system'], status=row['status']) pe.write_db() # Remove all project's DnsOwners (hosts): dnsowner = dns.DnsOwner.DnsOwner(self._db) policy = PolicyComponent(self._db) update_helper = dns.IntegrityHelper.Updater(self._db) for row in ent.list_traits(code=self.const.trait_project_host, target_id=self.entity_id): # TODO: Could we instead update the Subnet classes to use # Factory.get('Entity'), and make use of EntityTrait there to # handle this? owner_id = row['entity_id'] ent.clear() ent.find(owner_id) ent.delete_trait(row['code']) ent.write_db() # Remove the links to policies if hostpolicy is used for prow in policy.search_hostpolicies(dns_owner_id=owner_id): policy.clear() policy.find(prow['policy_id']) policy.remove_from_host(owner_id) # delete the DNS owner update_helper.full_remove_dns_owner(owner_id) # Delete all subnets subnet = dns.Subnet.Subnet(self._db) subnet6 = dns.IPv6Subnet.IPv6Subnet(self._db) for row in ent.list_traits(code=(self.const.trait_project_subnet6, self.const.trait_project_subnet), target_id=self.entity_id): ent.clear() ent.find(row['entity_id']) ent.delete_trait(row['code']) ent.write_db() if row['code'] == self.const.trait_project_subnet: subnet.clear() subnet.find(row['entity_id']) subnet.delete() if row['code'] == self.const.trait_project_subnet6: subnet6.clear() subnet6.find(row['entity_id']) subnet6.delete() # Remove all data from the OU except for: # The project ID and project name for tr in tuple(self.get_traits()): self.delete_trait(tr) for row in self.get_spread(): self.delete_spread(row['spread']) for row in self.get_contact_info(): self.delete_contact_info(row['source_system'], row['contact_type']) for row in self.get_entity_address(): self.delete_entity_address(row['source_system'], row['address_type']) for row in self.search_name_with_language(entity_id=self.entity_id): # The project name must not be removed, to avoid reuse if row['name_variant'] == self.const.ou_name_acronym: continue self.delete_name_with_language(row['name_variant']) self.write_db()
def terminate(self): """Remove all of a project, except its project ID and name (acronym). The project's entities are deleted by this method, so use with care! For the OU object, it does almost the same as L{delete} except from deleting the entity itself. """ self.write_db() ent = EntityTrait(self._db) ac = Factory.get('Account')(self._db) pu = Factory.get('PosixUser')(self._db) # Delete PosixUsers for row in ac.list_accounts_by_type(ou_id=self.entity_id, filter_expired=False): try: pu.clear() pu.find(row['account_id']) pu.delete_posixuser() except Errors.NotFoundError: # not a PosixUser continue # Remove all project's groups gr = Factory.get('Group')(self._db) for row in gr.list_traits(code=self.const.trait_project_group, target_id=self.entity_id): gr.clear() gr.find(row['entity_id']) gr.delete() # Delete all users for row in ac.list_accounts_by_type(ou_id=self.entity_id): ac.clear() ac.find(row['account_id']) ac.delete() # Remove every trace of person affiliations to the project: pe = Factory.get('Person')(self._db) for row in pe.list_affiliations(ou_id=self.entity_id, include_deleted=True): pe.clear() pe.find(row['person_id']) pe.nuke_affiliation(ou_id=row['ou_id'], affiliation=row['affiliation'], source=row['source_system'], status=row['status']) pe.write_db() # Remove all project's DnsOwners (hosts): dnsowner = DnsOwner.DnsOwner(self._db) policy = PolicyComponent(self._db) update_helper = IntegrityHelper.Updater(self._db) for row in ent.list_traits(code=self.const.trait_project_host, target_id=self.entity_id): # TODO: Could we instead update the Subnet classes to use # Factory.get('Entity'), and make use of EntityTrait there to # handle this? owner_id = row['entity_id'] ent.clear() ent.find(owner_id) ent.delete_trait(row['code']) ent.write_db() # Remove the links to policies if hostpolicy is used for prow in policy.search_hostpolicies(dns_owner_id=owner_id): policy.clear() policy.find(prow['policy_id']) policy.remove_from_host(owner_id) # delete the DNS owner update_helper.full_remove_dns_owner(owner_id) # Delete all subnets subnet = Subnet.Subnet(self._db) subnet6 = IPv6Subnet.IPv6Subnet(self._db) for row in ent.list_traits(code=(self.const.trait_project_subnet6, self.const.trait_project_subnet), target_id=self.entity_id): ent.clear() ent.find(row['entity_id']) ent.delete_trait(row['code']) ent.write_db() if row['code'] == self.const.trait_project_subnet: subnet.clear() subnet.find(row['entity_id']) subnet.delete() if row['code'] == self.const.trait_project_subnet6: subnet6.clear() subnet6.find(row['entity_id']) subnet6.delete() # Remove all data from the OU except for: # The project ID and project name for tr in tuple(self.get_traits()): self.delete_trait(tr) for row in self.get_spread(): self.delete_spread(row['spread']) for row in self.get_contact_info(): self.delete_contact_info(row['source_system'], row['contact_type']) for row in self.get_entity_address(): self.delete_entity_address(row['source_system'], row['address_type']) for row in self.search_name_with_language(entity_id=self.entity_id): # The project name must not be removed, to avoid reuse if row['name_variant'] == self.const.ou_name_acronym: continue self.delete_name_with_language(row['name_variant']) self.write_db()