def get(self, args, config, connection): role = Role(args['name'], connection=connection) if not role.exists(): print("Error: Role does not exist: {0}".format(args['name'])) sys.exit(1) role.read() self.jprint(role)
def role(self, role_name, connection=None): if connection is None: connection = self.connection role = Role(role_name, connection) else: role = User(role_name, connection, False) return role.read(connection)
def delete(self, args, config, connection): role = Role.lookup(connection, args['name']) if role is None: return print("Delete role {0}...".format(args['name'])) role.delete(connection)
def roles(self, connection=None): """ Get a list of the roles in the local cluster. """ if connection is None: connection = self.connection return Role.list(connection)
def _read(self, name, jsonfile, connection=None, save_connection=True): jf = open(jsonfile).read() data = json.loads(jf) if name is not None: data['role-name'] = name role = Role.unmarshal(data, connection=connection, save_connection=save_connection) return role
def modify(self, args, config, connection): name = args['name'] role = Role(name, connection=connection) if not role.exists(): print("Error: Role does not exist: {0}".format(name)) sys.exit(1) if args['json'] is not None: role = self._read(None, args['json'], connection=connection) role.name = name self.roles = [] self._properties(role, args) if len(self.roles) > 0: role.set_role_names(self.roles) print("Modify role {0}...".format(name)) role.update(connection=connection)
def create(self, args, config, connection): role = Role(args['name'], connection=connection) if role.exists(): print("Error: Role already exists: {0}".format(args['name'])) sys.exit(1) if args['json'] is not None: role = self._read(args['name'], args['json']) self.roles = [] self._properties(role, args) if len(self.roles) > 0: role.set_role_names(self.roles) print("Create role {0}...".format(args['name'])) role.create(connection)
def modify(self, args, config, connection): role = Role(args['name'], connection=connection) if not role.exists(): print("Error: Role does not exist: {0}".format(args['name'])) sys.exit(1) if args['json'] is not None: role = self._read(args['name'], args['json']) self.roles = [] self._properties(role, args) if len(self.roles) > 0: role.set_role_names(self.roles) print("Modify role {0}...".format(args['name'])) role.update(connection=connection)
def _read(self, name, jsonfile): jf = open(jsonfile).read() data = json.loads(jf) data['role-name'] = name role = Role.unmarshal(data) return role
def list(self, args, config, connection): names = Role.list(connection) print(json.dumps(names,sort_keys=True, indent=2))
args = parser.parse_args() if args.debug: logging.basicConfig(level=logging.WARNING) logging.getLogger("requests").setLevel(logging.WARNING) logging.getLogger("marklogic").setLevel(logging.DEBUG) with open(args.json) as data_file: data = json.load(data_file) conn = Connection(args.host, HTTPDigestAuth(args.username, args.password)) # Create roles for config in data['roles']: name = config['role-name'] role = Role.lookup(conn, name) if role is None: print("Need to create role: {0}".format(name)) role = Role(name) role.create(conn) # Update privileges for config in data['roles']: name = config['role-name'] role = Role.unmarshal(config) print("Updating role: {0}".format(name)) role.update(conn) # Update privileges for config in data['privileges']: name = config['privilege-name']
def close(self, conn, group='Default'): closed = False while not closed: closed = True newitems = [] for key in self.servers: item = self.servers[key] if item is None: closed = False newitems.append(Server.lookup(conn, key, group)) for server in newitems: self._close_over_server(server) newitems = [] for key in self.databases: item = self.databases[key] if item is None: closed = False newitems.append(Database.lookup(conn, key)) for database in newitems: self._close_over_database(database) newitems = [] for key in self.forests: item = self.forests[key] if item is None: closed = False newitems.append(Forest.lookup(conn, key)) for forest in newitems: self._close_over_forest(forest) newitems = [] for key in self.users: item = self.users[key] if item is None: closed = False newitems.append(User.lookup(conn, key)) for user in newitems: self._close_over_user(user) newitems = [] for key in self.roles: item = self.roles[key] if item is None: closed = False newitems.append(Role.lookup(conn, key)) for role in newitems: self._close_over_role(role) delitems = [] newitems = [] for key in self.privileges: item = self.privileges[key] parts = key.split("|") kind = parts[0] name = parts[1] if isinstance(item, str): closed = False if "//" in key: # Assume it's an action priv = Privilege.lookup(conn, action=name, kind=kind) delitems.append(key) else: priv = Privilege.lookup(conn, name, kind) newitems.append(priv) for item in delitems: del self.privileges[item] for priv in newitems: self._close_over_privilege(priv)
server = Server.lookup(conn, name) closure.add_server(server) if args.database: for name in args.database: database = Database.lookup(conn, name) closure.add_database(database) if args.user: for name in args.user: user = User.lookup(conn, name) closure.add_user(user) if args.role: for name in args.role: role = Role.lookup(conn, name) closure.add_role(server) if args.execute_privilege: for name in args.execute_privilege: closure.add_privilege(name, "execute") if args.uri_privilege: for name in args.uri_privilege: closure.add_privilege(name, "uri") closure.close(conn) if args.json: print(json.dumps(closure.marshal())) else:
def close(self, conn, group='Default'): closed = False while not closed: closed = True newitems = [] for key in self.servers: item = self.servers[key] if item is None: closed = False newitems.append(Server.lookup(conn, key, group)) for server in newitems: self._close_over_server(server) newitems = [] for key in self.databases: item = self.databases[key] if item is None: closed = False newitems.append(Database.lookup(conn, key)) for database in newitems: self._close_over_database(database) newitems = [] for key in self.users: item = self.users[key] if item is None: closed = False newitems.append(User.lookup(conn, key)) for user in newitems: self._close_over_user(user) newitems = [] for key in self.roles: item = self.roles[key] if item is None: closed = False newitems.append(Role.lookup(conn, key)) for role in newitems: self._close_over_role(role) delitems = [] newitems = [] for key in self.privileges: item = self.privileges[key] parts = key.split("|") kind = parts[0] name = parts[1] if isinstance(item, str): closed = False if self.PRIVILEGES is None: self.PRIVILEGES = Privilege.list(conn) for priv in self.PRIVILEGES: parts = priv.split("|") if parts[0] == kind and parts[2] == name: delitems.append(key) name = parts[1] newitems.append(Privilege.lookup(conn, name, kind)) for item in delitems: del self.privileges[item] for priv in newitems: self._close_over_privilege(priv)
def roles(self, connection=None): if connection is None: connection = self.connection return Role.list(connection)
def list(self, args, config, connection): names = Role.list(connection) print(json.dumps(names, sort_keys=True, indent=2))