示例#1
0
文件: conf.py 项目: dizhu/hue
def config_validator():
  """
  config_validator() -> [ (config_variable, error_message) ]

  Called by core check_config() view.
  """
  from desktop.lib import i18n

  res = [ ]
  if not SECRET_KEY.get():
    res.append((SECRET_KEY, unicode(_("Secret key should be configured as a random string."))))

  # Validate SSL setup
  if SSL_CERTIFICATE.get():
    res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
    if not SSL_PRIVATE_KEY.get():
      res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
    else:
      res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))

  # Validate encoding
  if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
    res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))

  # Validate kerberos
  if KERBEROS.HUE_KEYTAB.get() is not None:
    res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
    # Keytab should not be world or group accessible
    kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
    if stat.S_IMODE(kt_stat.st_mode) & 0077:
      res.append((KERBEROS.HUE_KEYTAB,
                  unicode(_("Keytab should have 0600 permissions (has %o).") %
                  stat.S_IMODE(kt_stat.st_mode))))

    res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
    res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))

  if LDAP.NT_DOMAIN.get() is not None or \
      LDAP.LDAP_USERNAME_PATTERN.get() is not None:
    if LDAP.LDAP_URL.get() is None:
      res.append((LDAP.LDAP_URL,
                  unicode(_("LDAP is only partially configured. An LDAP URL must be provided."))))

  if LDAP.LDAP_URL.get() is not None:
    if LDAP.NT_DOMAIN.get() is None and \
        LDAP.LDAP_USERNAME_PATTERN.get() is None:
      res.append((LDAP.LDAP_URL,
                  unicode(_("LDAP is only partially configured. An NT Domain or username "
                  "search pattern must be provided."))))

  if LDAP.LDAP_USERNAME_PATTERN.get() is not None and \
      '<username>' not in LDAP.LDAP_USERNAME_PATTERN.get():
      res.append(LDAP.LDAP_USERNAME_PATTERN,
                 unicode(_("The LDAP username pattern should contain the special"
                 "<username> replacement string for authentication.")))


  return res
示例#2
0
文件: conf.py 项目: abhishek-ch/hue
def config_validator(user):
    """
  config_validator() -> [ (config_variable, error_message) ]

  Called by core check_config() view.
  """
    from desktop.lib import i18n

    res = []
    if not SECRET_KEY.get():
        res.append(
            (
                SECRET_KEY,
                unicode(_("Secret key should be configured as a random string. All sessions will be lost on restart")),
            )
        )

    # Validate SSL setup
    if SSL_CERTIFICATE.get():
        res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
        if not SSL_PRIVATE_KEY.get():
            res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
        else:
            res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))

    # Validate encoding
    if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
        res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))

    # Validate kerberos
    if KERBEROS.HUE_KEYTAB.get() is not None:
        res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
        # Keytab should not be world or group accessible
        kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
        if stat.S_IMODE(kt_stat.st_mode) & 0077:
            res.append(
                (
                    KERBEROS.HUE_KEYTAB,
                    force_unicode(_("Keytab should have 0600 permissions (has %o).") % stat.S_IMODE(kt_stat.st_mode)),
                )
            )

        res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
        res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))

    if LDAP.LDAP_SERVERS.get():
        for ldap_record_key in LDAP.LDAP_SERVERS.get():
            res.extend(validate_ldap(user, LDAP.LDAP_SERVERS.get()[ldap_record_key]))
    else:
        res.extend(validate_ldap(user, LDAP))

    # Validate MYSQL storage engine of all tables
    res.extend(validate_mysql_storage())

    return res
示例#3
0
文件: conf.py 项目: altoplano/hue
def config_validator(user):
  """
  config_validator() -> [ (config_variable, error_message) ]

  Called by core check_config() view.
  """
  from desktop.lib import i18n

  res = [ ]
  if not SECRET_KEY.get():
    res.append((SECRET_KEY, unicode(_("Secret key should be configured as a random string."))))

  # Validate SSL setup
  if SSL_CERTIFICATE.get():
    res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
    if not SSL_PRIVATE_KEY.get():
      res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
    else:
      res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))

  # Validate encoding
  if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
    res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))

  # Validate kerberos
  if KERBEROS.HUE_KEYTAB.get() is not None:
    res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
    # Keytab should not be world or group accessible
    kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
    if stat.S_IMODE(kt_stat.st_mode) & 0077:
      res.append((KERBEROS.HUE_KEYTAB,
                  unicode(_("Keytab should have 0600 permissions (has %o).") %
                  stat.S_IMODE(kt_stat.st_mode))))

    res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
    res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))

  if LDAP.LDAP_URL.get() is None:
    res.append((LDAP.LDAP_URL,
                unicode(_("LDAP is only partially configured. An LDAP URL must be provided."))))

  if LDAP.BIND_DN.get():
    if LDAP.BIND_PASSWORD.get() is None:
      res.append((LDAP.BIND_PASSWORD,
                  unicode(_("If you set bind_dn, then you must set bind_password."))))

  return res
示例#4
0
def config_validator(user):
  """
  config_validator() -> [ (config_variable, error_message) ]

  Called by core check_config() view.
  """
  from desktop.lib import i18n

  res = []
  if not get_secret_key():
    res.append((SECRET_KEY, unicode(_("Secret key should be configured as a random string. All sessions will be lost on restart"))))

  # Validate SSL setup
  if SSL_CERTIFICATE.get():
    res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
    if not SSL_PRIVATE_KEY.get():
      res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
    else:
      res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))

  # Validate encoding
  if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
    res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))

  # Validate kerberos
  if KERBEROS.HUE_KEYTAB.get() is not None:
    res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
    # Keytab should not be world or group accessible
    kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
    if stat.S_IMODE(kt_stat.st_mode) & 0077:
      res.append((KERBEROS.HUE_KEYTAB,
                  force_unicode(_("Keytab should have 0600 permissions (has %o).") %
                  stat.S_IMODE(kt_stat.st_mode))))

    res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
    res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))

  if LDAP.LDAP_SERVERS.get():
    for ldap_record_key in LDAP.LDAP_SERVERS.get():
      res.extend(validate_ldap(user, LDAP.LDAP_SERVERS.get()[ldap_record_key]))
  else:
    res.extend(validate_ldap(user, LDAP))

  # Validate MYSQL storage engine of all tables
  res.extend(validate_database())

  return res
示例#5
0
def config_validator(user):
  """
  config_validator() -> [ (config_variable, error_message) ]

  Called by core check_config() view.
  """
  from desktop.lib import i18n

  res = [ ]
  if not SECRET_KEY.get():
    res.append((SECRET_KEY, unicode(_("Secret key should be configured as a random string."))))

  # Validate SSL setup
  if SSL_CERTIFICATE.get():
    res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
    if not SSL_PRIVATE_KEY.get():
      res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
    else:
      res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))

  # Validate encoding
  if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
    res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))

  # Validate kerberos
  if KERBEROS.HUE_KEYTAB.get() is not None:
    res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
    # Keytab should not be world or group accessible
    kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
    if stat.S_IMODE(kt_stat.st_mode) & 0077:
      res.append((KERBEROS.HUE_KEYTAB,
                  unicode(_("Keytab should have 0600 permissions (has %o).") %
                  stat.S_IMODE(kt_stat.st_mode))))

    res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
    res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))

  if LDAP.LDAP_URL.get() is None:
    res.append((LDAP.LDAP_URL,
                unicode(_("LDAP is only partially configured. An LDAP URL must be provided."))))

  if LDAP.BIND_DN.get():
    if LDAP.BIND_PASSWORD.get() is None:
      res.append((LDAP.BIND_PASSWORD,
                  unicode(_("If you set bind_dn, then you must set bind_password."))))

  return res
示例#6
0
def config_validator():
    """
  config_validator() -> [ (config_variable, error_message) ]

  Called by core check_config() view.
  """
    from desktop.lib import i18n

    res = []
    if not SECRET_KEY.get():
        res.append((SECRET_KEY,
                    "Secret key should be configured as a random string."))

    # Validate SSL setup
    if SSL_CERTIFICATE.get():
        res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
        if not SSL_PRIVATE_KEY.get():
            res.append((SSL_PRIVATE_KEY,
                        "SSL private key file should be set to enable HTTPS."))
        else:
            res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))

    # Validate encoding
    if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
        res.append((DEFAULT_SITE_ENCODING, "Encoding not supported."))

    # Validate kerberos
    if KERBEROS.HUE_KEYTAB.get() is not None:
        res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
        # Keytab should not be world or group accessible
        kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
        if stat.S_IMODE(kt_stat.st_mode) & 0077:
            res.append((KERBEROS.HUE_KEYTAB,
                        "Keytab should have 0600 permissions (has %o)" %
                        stat.S_IMODE(kt_stat.st_mode)))

        res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
        res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))

    for broken_app in appmanager.BROKEN_APPS:
        res.append(('Working Hadoop',
                    'App %s requires Hadoop but Hadoop is not present.' %
                    (broken_app, )))

    return res
示例#7
0
文件: conf.py 项目: abayer/hue
def config_validator():
  """
  config_validator() -> [ (config_variable, error_message) ]

  Called by core check_config() view.
  """
  from desktop.lib import i18n

  res = [ ]
  if not SECRET_KEY.get():
    res.append((SECRET_KEY, "Secret key should be configured as a random string."))

  # Validate SSL setup
  if SSL_CERTIFICATE.get():
    res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
    if not SSL_PRIVATE_KEY.get():
      res.append((SSL_PRIVATE_KEY, "SSL private key file should be set to enable HTTPS."))
    else:
      res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))

  # Validate encoding
  if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
    res.append((DEFAULT_SITE_ENCODING, "Encoding not supported."))

  # Validate kerberos
  if KERBEROS.HUE_KEYTAB.get() is not None:
    res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
    # Keytab should not be world or group accessible
    kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
    if stat.S_IMODE(kt_stat.st_mode) & 0077:
      res.append((KERBEROS.HUE_KEYTAB,
                  "Keytab should have 0600 permissions (has %o)" %
                  stat.S_IMODE(kt_stat.st_mode)))

    res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
    res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))

  for broken_app in appmanager.BROKEN_APPS:
    res.append(('Working Hadoop', 'App %s requires Hadoop but Hadoop is not present.' % (broken_app,)))

  return res
示例#8
0
文件: conf.py 项目: VarunRaj05/hue
def config_validator(user):
  """
  config_validator() -> [ (config_variable, error_message) ]

  Called by core check_config() view.
  """
  from desktop.lib import i18n

  res = [ ]
  if not SECRET_KEY.get():
    res.append((SECRET_KEY, unicode(_("Secret key should be configured as a random string."))))

  # Validate SSL setup
  if SSL_CERTIFICATE.get():
    res.extend(validate_path(SSL_CERTIFICATE, is_dir=False))
    if not SSL_PRIVATE_KEY.get():
      res.append((SSL_PRIVATE_KEY, unicode(_("SSL private key file should be set to enable HTTPS."))))
    else:
      res.extend(validate_path(SSL_PRIVATE_KEY, is_dir=False))

  # Validate encoding
  if not i18n.validate_encoding(DEFAULT_SITE_ENCODING.get()):
    res.append((DEFAULT_SITE_ENCODING, unicode(_("Encoding not supported."))))

  # Validate kerberos
  if KERBEROS.HUE_KEYTAB.get() is not None:
    res.extend(validate_path(KERBEROS.HUE_KEYTAB, is_dir=False))
    # Keytab should not be world or group accessible
    kt_stat = os.stat(KERBEROS.HUE_KEYTAB.get())
    if stat.S_IMODE(kt_stat.st_mode) & 0077:
      res.append((KERBEROS.HUE_KEYTAB,
                  force_unicode(_("Keytab should have 0600 permissions (has %o).") %
                  stat.S_IMODE(kt_stat.st_mode))))

    res.extend(validate_path(KERBEROS.KINIT_PATH, is_dir=False))
    res.extend(validate_path(KERBEROS.CCACHE_PATH, is_dir=False))

  if LDAP.SEARCH_BIND_AUTHENTICATION.get():
    if LDAP.LDAP_URL.get() is not None and bool(LDAP.BIND_DN.get()) != bool(LDAP.BIND_PASSWORD.get()):
      if LDAP.BIND_DN.get() == None:
        res.append((LDAP.BIND_DN,
                  unicode(_("If you set bind_password, then you must set bind_dn."))))
      else:
        res.append((LDAP.BIND_PASSWORD,
                    unicode(_("If you set bind_dn, then you must set bind_password."))))
  else:
    if LDAP.NT_DOMAIN.get() is not None or \
        LDAP.LDAP_USERNAME_PATTERN.get() is not None:
      if LDAP.LDAP_URL.get() is None:
        res.append((LDAP.LDAP_URL,
                    unicode(_("LDAP is only partially configured. An LDAP URL must be provided."))))

    if LDAP.LDAP_URL.get() is not None:
      if LDAP.NT_DOMAIN.get() is None and \
          LDAP.LDAP_USERNAME_PATTERN.get() is None:
        res.append((LDAP.LDAP_URL,
                    unicode(_("LDAP is only partially configured. An NT Domain or username "
                    "search pattern must be provided."))))

    if LDAP.LDAP_USERNAME_PATTERN.get() is not None and \
        '<username>' not in LDAP.LDAP_USERNAME_PATTERN.get():
        res.append((LDAP.LDAP_USERNAME_PATTERN,
                   unicode(_("The LDAP username pattern should contain the special"
                   "<username> replacement string for authentication."))))

  return res