def standalone(): if len(sys.argv) != 2: print USAGE return csv_filename = sys.argv[1] csv_filename_prefix = string.replace(csv_filename, ".csv", "") output_filename = "%s_prepared.csv" % (csv_filename_prefix) print "Preparing %s for bulk provisioning..." % (csv_filename) try: with open(csv_filename, 'rb') as csv_file, \ open(output_filename, 'w') as output_file: reader = csv.reader(csv_file) for row in reader: if len(row) >= 4: [public_id, private_id, realm, password] = row[0:4] # Hash and then encrypt the password. hash = utils.md5("%s:%s:%s" % (private_id, realm, password)) encrypted_hash = utils.encrypt_password( hash, settings.PASSWORD_ENCRYPTION_KEY) output_file.write("%s,%s,%s,%s,%s\n" % (public_id, private_id, encrypted_hash, SIMSERVS, INITIAL_FILTER_CRITERIA)) else: print 'Error: row "%s" contains <4 entries - ignoring' print "Bulk provisioning input created" print "- BulkProvision %s homer" % (output_filename) print "- BulkProvision %s homestead" % (output_filename) except IOError as e: print "Failed to read/write to %s:" % (e.filename, ) traceback.print_exc()
def standalone(): if len(sys.argv) != 2: print USAGE return csv_filename = sys.argv[1] csv_filename_prefix = string.replace(csv_filename, ".csv", "") output_filename = "%s_prepared.csv" % (csv_filename_prefix) print "Preparing %s for bulk provisioning..." % (csv_filename) try: with open(csv_filename, 'rb') as csv_file, \ open(output_filename, 'w') as output_file: reader = csv.reader(csv_file) for row in reader: if len(row) >= 4: [public_id, private_id, realm, password] = row[0:4] # Hash and then encrypt the password. hash = utils.md5("%s:%s:%s" % (private_id, realm, password)) encrypted_hash = utils.encrypt_password(hash, settings.PASSWORD_ENCRYPTION_KEY) output_file.write("%s,%s,%s,%s,%s\n" % (public_id, private_id, encrypted_hash, SIMSERVS, INITIAL_FILTER_CRITERIA)) else: print 'Error: row "%s" contains <4 entries - ignoring' print "Bulk provisioning input created" print "- BulkProvision %s homer" % (output_filename) print "- BulkProvision %s homestead" % (output_filename) except IOError as e: print "Failed to read/write to %s:" % (e.filename,) traceback.print_exc();
def put_password(private_id, password, callback): """ Posts a new password to Homestead for a given private id callback receives the HTTPResponse object. """ url = digest_url(private_id) digest = utils.md5("%s:%s:%s" % (private_id, settings.SIP_DIGEST_REALM, password)) body = json.dumps({"digest" : digest}) headers = {"Content-Type": "application/json"} fetch(url, callback, method='PUT', headers=headers, body=body)
def put_password(private_id, password, callback): """ Posts a new password to Homestead for a given private id callback receives the HTTPResponse object. """ url = _private_id_url(private_id) digest = utils.md5("%s:%s:%s" % (private_id, settings.SIP_DIGEST_REALM, password)) body = json.dumps({"digest_ha1": digest}) headers = {"Content-Type": "application/json"} if callback: _http_request(url, callback, method="PUT", headers=headers, body=body) else: return _sync_http_request(url, method="PUT", headers=headers, body=body)
def put(self, private_id): body = self.request.body if body: try: obj = json.loads(body) except ValueError: self.send_error(400, "Invalid JSON") return # There must be a digest_ha1 or plaintext_password (not both) # and there may be a realm plaintext_password = obj.get(JSON_PLAINTEXT_PASSWORD) digest_ha1 = obj.get(JSON_DIGEST_HA1) realm = obj.get(JSON_REALM) or settings.SIP_DIGEST_REALM if plaintext_password: # If there's a password then there mustn't be a digest. # Calculate the digest from the password if digest_ha1: self.send_error( 400, "Invalid JSON - both digest_ha1 and plaintext_password present" ) return else: digest_ha1 = utils.md5( "%s:%s:%s" % (private_id, realm, plaintext_password)) elif not digest_ha1: # There must be either the password or the digest self.send_error( 400, "Invalid JSON - neither digest_ha1 and plaintext_password present" ) return else: # Set the password to the empty string if it's not set so # that we can store this in Cassandra. We have to do this # so that we can invalidate passwords when we receive a # PUT that contains a digest. plaintext_password = "" yield PrivateID(private_id).put_digest(digest_ha1, plaintext_password, realm) self.finish() else: self.send_error(400, "Empty body")
def put_password(private_id, realm, password, callback, plaintext=False): """ Posts a new password to Homestead for a given private id callback receives the HTTPResponse object. """ url = _private_id_url(private_id) if plaintext: body = json.dumps({"plaintext_password": password, "realm": realm}) else: digest = utils.md5("%s:%s:%s" % (private_id, realm, password)) body = json.dumps({"digest_ha1": digest, "realm": realm}) headers = {"Content-Type": "application/json"} if callback: _http_request(url, callback, method='PUT', headers=headers, body=body) else: return _sync_http_request(url, method="PUT", headers=headers, body=body)
def put(self, private_id): body = self.request.body if body: try: obj = json.loads(body) except ValueError: self.send_error(400, "Invalid JSON") return # There must be a digest_ha1 or plaintext_password (not both) # and there may be a realm plaintext_password = obj.get(JSON_PLAINTEXT_PASSWORD) digest_ha1 = obj.get(JSON_DIGEST_HA1) realm = obj.get(JSON_REALM) or settings.SIP_DIGEST_REALM if plaintext_password: # If there's a password then there mustn't be a digest. # Calculate the digest from the password if digest_ha1: self.send_error(400, "Invalid JSON - both digest_ha1 and plaintext_password present") return else: digest_ha1 = utils.md5("%s:%s:%s" % (private_id, realm, plaintext_password)) elif not digest_ha1: # There must be either the password or the digest self.send_error(400, "Invalid JSON - neither digest_ha1 and plaintext_password present") return else: # Set the password to the empty string if it's not set so # that we can store this in Cassandra. We have to do this # so that we can invalidate passwords when we receive a # PUT that contains a digest. plaintext_password = "" yield PrivateID(private_id).put_digest(digest_ha1, plaintext_password, realm) self.finish() else: self.send_error(400, "Empty body")
def standalone(): if len(sys.argv) != 2: print USAGE return csv_filename = sys.argv[1] csv_filename_prefix = string.replace(csv_filename, ".csv", "") output_filename = "%s_prepared.csv" % (csv_filename_prefix) print "Preparing %s for bulk provisioning..." % (csv_filename) try: with open(csv_filename, 'rb') as csv_file, \ open(output_filename, 'w') as output_file: reader = csv.reader(csv_file) for row in reader: if len(row) >= 4: [public_id, private_id, realm, password] = row[0:4] # Hash the password and generate the IMSSubscriptionXML. hash = utils.md5("%s:%s:%s" % (private_id, realm, password)) publicidentity_xml = "<PublicIdentity><Identity>%s</Identity></PublicIdentity>" % public_id initial_filter_xml = ifcs.generate_ifcs(utils.sip_uri_to_domain(public_id)) ims_subscription_xml = create_imssubscription_xml(private_id, publicidentity_xml, initial_filter_xml) irs_uuid = uuid.uuid4(); sp_uuid = uuid.uuid4(); # Print a line for the user output_file.write("%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s\n" % (public_id, private_id, realm, hash, SIMSERVS, publicidentity_xml, initial_filter_xml, ims_subscription_xml, irs_uuid, sp_uuid, password)) else: print 'Error: row %s contains <4 entries - ignoring' % row print "Bulk provisioning input created" print "- BulkProvision homer %s" % (output_filename) print "- BulkProvision homestead-local %s" % (output_filename) print "- BulkProvision homestead-hss %s" % (output_filename) except IOError as e: print "Failed to read/write to %s:" % (e.filename,) traceback.print_exc();
def write_homestead_scripts(csv_filename, write_plaintext_password): csv_filename_prefix = string.replace(csv_filename, ".csv", "") homestead_filename = "%s.create_homestead.sh" % (csv_filename_prefix) homestead_prov_casscli_filename = "%s.create_homestead_provisioning.casscli" % (csv_filename_prefix) homestead_cache_casscli_filename = "%s.create_homestead_cache.casscli" % (csv_filename_prefix) with open(homestead_filename, 'w') as homestead_file, \ open(homestead_cache_casscli_filename, 'w') as homestead_cache_casscli_file, \ open(homestead_prov_casscli_filename, 'w') as homestead_prov_casscli_file: # Write Homestead/cassandra-cli header homestead_file.write("#!/bin/bash\n") homestead_file.write("# Homestead bulk provisioning script for users in %s\n" % (csv_filename)) homestead_file.write("# Run this script on any node in your Homestead deployment to create the users\n") homestead_file.write("# The %s and %s files must also be present on this system\n" % (homestead_cache_casscli_filename, homestead_prov_casscli_filename)) homestead_file.write("\n") homestead_file.write("[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (homestead_cache_casscli_filename, homestead_cache_casscli_filename)) homestead_file.write("[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (homestead_prov_casscli_filename, homestead_prov_casscli_filename)) homestead_file.write("cassandra-cli -B -f %s\n" % (homestead_cache_casscli_filename)) homestead_file.write("cassandra-cli -B -f %s\n" % (homestead_prov_casscli_filename)) homestead_cache_casscli_file.write("USE homestead_cache;\n") homestead_prov_casscli_file.write("USE homestead_provisioning;\n") i=0 #count user info for public_id, private_id, realm, password in csv_iterator(csv_filename): print str(public_id) + ':' + str(i) # Generate the user-specific data hash = utils.md5("%s:%s:%s" % (private_id, realm, password)) public_identity_xml = "<PublicIdentity><BarringIndication>1</BarringIndication><Identity>%s</Identity></PublicIdentity>" % public_id initial_filter_xml = ifcs.generate_ifcs(utils.sip_uri_to_domain(public_id)) # if i % 2 == 1: print 'Receiver add VSIF iFC.' initial_filter_xml = '<?xml version="1.0" encoding="UTF-8"?><ServiceProfile><InitialFilterCriteria><Priority>0</Priority><TriggerPoint><ConditionTypeCNF>0</ConditionTypeCNF><SPT><ConditionNegated>0</ConditionNegated><Group>0</Group><Method>INVITE</Method><Extension/></SPT></TriggerPoint><ApplicationServer><ServerName>sip:vsif.clearwater:5060</ServerName><DefaultHandling>1</DefaultHandling></ApplicationServer></InitialFilterCriteria></ServiceProfile>' ims_subscription_xml = create_imssubscription_xml(private_id, public_identity_xml, initial_filter_xml) irs_uuid = str(uuid.uuid4()) sp_uuid = str(uuid.uuid4()) # Add the user to the optimized cassandra cache. homestead_cache_casscli_file.write( create_row_command("impi", private_id)) homestead_cache_casscli_file.write( "SET impi['%s']['digest_ha1'] = '%s';\n" % (private_id, hash)) homestead_cache_casscli_file.write( "SET impi['%s']['digest_realm'] = '%s';\n" % (private_id, realm)) homestead_cache_casscli_file.write( "SET impi['%s']['public_id_%s'] = '';\n" % (private_id, public_id)) homestead_cache_casscli_file.write( create_row_command("impu", public_id)) homestead_cache_casscli_file.write( "SET impu['%s']['ims_subscription_xml'] = '%s';\n" % ( public_id, ims_subscription_xml.replace("'", "\\'"))) # Populate the provisioning tables for the user. homestead_prov_casscli_file.write( create_row_command("implicit_registration_sets", irs_uuid)) homestead_prov_casscli_file.write( "SET implicit_registration_sets['%s']['service_profile_%s'] = lexicaluuid('%s');\n" % (irs_uuid, sp_uuid, sp_uuid)) homestead_prov_casscli_file.write( "SET implicit_registration_sets['%s']['associated_private_%s'] = utf8('%s');\n" % (irs_uuid, private_id, private_id)) homestead_prov_casscli_file.write( create_row_command("service_profiles", sp_uuid)) homestead_prov_casscli_file.write( "SET service_profiles['%s']['irs'] = '%s';\n" % (sp_uuid, irs_uuid)) homestead_prov_casscli_file.write( "SET service_profiles['%s']['initialfiltercriteria'] = '%s';\n" % (sp_uuid, initial_filter_xml)) homestead_prov_casscli_file.write( "SET service_profiles['%s']['public_id_%s'] = utf8('%s');\n" % (sp_uuid, public_id, public_id)) homestead_prov_casscli_file.write( create_row_command("public", public_id)) homestead_prov_casscli_file.write( "SET public['%s']['publicidentity'] = '%s';\n" % (public_id, public_identity_xml)) homestead_prov_casscli_file.write( "SET public['%s']['service_profile'] = '%s';\n" % (public_id, sp_uuid)) password_to_write = password if write_plaintext_password else "" homestead_prov_casscli_file.write( create_row_command("private", private_id)) homestead_prov_casscli_file.write( "SET private['%s']['digest_ha1'] = '%s';\n" % (private_id, hash)) homestead_prov_casscli_file.write( "SET private['%s']['plaintext_password'] = '******';\n" % (private_id, password_to_write)) homestead_prov_casscli_file.write( "SET private['%s']['realm'] = '%s';\n" % (private_id, realm)) homestead_prov_casscli_file.write( "SET private['%s']['associated_irs_%s'] = lexicaluuid('%s');\n" % (private_id, irs_uuid, irs_uuid)) i=i+1 # Make the created .sh files executable permissions = stat.S_IEXEC | stat.S_IREAD | stat.S_IWRITE os.chmod(homestead_filename, permissions) print "Generated homestead bulk provisioning scripts" print "- %-46s - run this script on Homestead" % (homestead_filename) print "- %-46s - copy this file onto Homestead" % (homestead_cache_casscli_filename) print "- %-46s - copy this file onto Homestead" % (homestead_prov_casscli_filename)
def standalone(): if len(sys.argv) != 2: print USAGE return csv_filename = sys.argv[1] csv_filename_prefix = string.replace(csv_filename, ".csv", "") homestead_filename = "%s.create_homestead.sh" % (csv_filename_prefix, ) homestead_casscli_filename = "%s.create_homestead.casscli" % ( csv_filename_prefix, ) xdm_filename = "%s.create_xdm.sh" % (csv_filename_prefix, ) xdm_cqlsh_filename = "%s.create_xdm.cqlsh" % (csv_filename_prefix, ) print "Generating bulk provisioning scripts for users in %s..." % ( csv_filename, ) try: with open(csv_filename, 'rb') as csv_file, \ open(homestead_filename, 'w') as homestead_file, \ open(homestead_casscli_filename, 'w') as homestead_casscli_file, \ open(xdm_filename, 'w') as xdm_file, \ open(xdm_cqlsh_filename, 'w') as xdm_cqlsh_file: # Write Homestead/CQL header homestead_file.write("#!/bin/bash\n") homestead_file.write( "# Homestead bulk provisioning script for users in %s\n" % (csv_filename, )) homestead_file.write( "# Run this script on any node in your Homestead deployment to create the users\n" ) homestead_file.write( "# The %s file must also be present on this system\n" % (homestead_casscli_filename, )) homestead_file.write( "# You must also run %s on any node in your Homer deployment\n" % (xdm_filename, )) homestead_file.write("\n") homestead_file.write( "[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (homestead_casscli_filename, homestead_casscli_filename)) homestead_file.write("cassandra-cli -B -f %s\n" % (homestead_casscli_filename, )) homestead_casscli_file.write("USE homestead;\n") # Write Homer/CQL header xdm_file.write("#!/bin/bash\n") xdm_file.write( "# Homer bulk provisioning script for users in %s\n" % (csv_filename, )) xdm_file.write( "# Run this script on any node in your Homer deployment to create the users\n" ) xdm_file.write( "# The %s file must also be present on this system\n" % (xdm_cqlsh_filename, )) xdm_file.write( "# You must also run %s on any node in your Homestead deployment\n" % (homestead_filename, )) xdm_file.write("\n") xdm_file.write( "[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (xdm_cqlsh_filename, xdm_cqlsh_filename)) xdm_file.write("cqlsh -3 -f %s\n" % (xdm_cqlsh_filename, )) xdm_cqlsh_file.write("USE homer;\n") reader = csv.reader(csv_file) for row in reader: if len(row) >= 4: [public_id, private_id, realm, password] = row[0:4] # Hash and then encrypt the password. hash = utils.md5("%s:%s:%s" % (private_id, realm, password)) encrypted_hash = utils.encrypt_password( hash, settings.PASSWORD_ENCRYPTION_KEY) # Add the user to the SIP digest, associated IDs and filter criteria tables on Homestead. homestead_casscli_file.write( "SET sip_digests['%s']['private_id'] = '%s';\n" % (private_id, private_id)) homestead_casscli_file.write( "SET sip_digests['%s']['digest'] = '%s';\n" % (private_id, encrypted_hash)) homestead_casscli_file.write( "SET public_ids['%s']['%s'] = '%s';\n" % (private_id, public_id, public_id)) homestead_casscli_file.write( "SET private_ids['%s']['%s'] = '%s';\n" % (public_id, private_id, private_id)) homestead_casscli_file.write( "SET filter_criteria['%s']['public_id'] = '%s';\n" % (public_id, public_id)) homestead_casscli_file.write( "SET filter_criteria['%s']['value'] = '%s';\n" % (public_id, INITIAL_FILTER_CRITERIA)) # Add the simservs document for the user to the documents table on Homer xdm_cqlsh_file.write( "INSERT INTO simservs (user, value) VALUES ('%s', '%s');\n" % (public_id, SIMSERVS)) else: print 'Error: row "%s" contains <4 entries - ignoring' print "Generated bulk provisioning scripts written to" print "- %-46s - run this script on Homestead" % (homestead_filename, ) print "- %-46s - copy this file onto Homestead" % ( homestead_casscli_filename, ) print "- %-46s - run this script on Homer" % (xdm_filename, ) print "- %-46s - copy this file onto Homer" % (xdm_cqlsh_filename, ) except IOError as e: print "Failed to read/write to %s:" % (e.filename, ) traceback.print_exc()
def write_homestead_scripts(csv_filename, write_plaintext_password): csv_filename_prefix = string.replace(csv_filename, ".csv", "") homestead_filename = "%s.create_homestead.sh" % (csv_filename_prefix) homestead_prov_casscli_filename = "%s.create_homestead_provisioning.casscli" % ( csv_filename_prefix) homestead_cache_casscli_filename = "%s.create_homestead_cache.casscli" % ( csv_filename_prefix) with open(homestead_filename, 'w') as homestead_file, \ open(homestead_cache_casscli_filename, 'w') as homestead_cache_casscli_file, \ open(homestead_prov_casscli_filename, 'w') as homestead_prov_casscli_file: # Write Homestead/cassandra-cli header homestead_file.write("#!/bin/bash\n") homestead_file.write( "# Homestead bulk provisioning script for users in %s\n" % (csv_filename)) homestead_file.write( "# Run this script on any node in your Homestead deployment to create the users\n" ) homestead_file.write( "# The %s and %s files must also be present on this system\n" % (homestead_cache_casscli_filename, homestead_prov_casscli_filename)) homestead_file.write("\n") homestead_file.write( "[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (homestead_cache_casscli_filename, homestead_cache_casscli_filename)) homestead_file.write( "[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (homestead_prov_casscli_filename, homestead_prov_casscli_filename)) homestead_file.write("cassandra-cli -B -f %s\n" % (homestead_cache_casscli_filename)) homestead_file.write("cassandra-cli -B -f %s\n" % (homestead_prov_casscli_filename)) homestead_cache_casscli_file.write("USE homestead_cache;\n") homestead_prov_casscli_file.write("USE homestead_provisioning;\n") for public_id, private_id, realm, password in csv_iterator( csv_filename): # Generate the user-specific data hash = utils.md5("%s:%s:%s" % (private_id, realm, password)) public_identity_xml = "<PublicIdentity><Identity>%s</Identity></PublicIdentity>" % public_id initial_filter_xml = ifcs.generate_ifcs( utils.sip_uri_to_domain(public_id)) ims_subscription_xml = create_imssubscription_xml( private_id, public_identity_xml, initial_filter_xml) irs_uuid = str(uuid.uuid4()) sp_uuid = str(uuid.uuid4()) # Add the user to the optimized cassandra cache. homestead_cache_casscli_file.write( create_row_command("impi", private_id)) homestead_cache_casscli_file.write( "SET impi['%s']['digest_ha1'] = '%s';\n" % (private_id, hash)) homestead_cache_casscli_file.write( "SET impi['%s']['digest_realm'] = '%s';\n" % (private_id, realm)) homestead_cache_casscli_file.write( "SET impi['%s']['public_id_%s'] = '';\n" % (private_id, public_id)) homestead_cache_casscli_file.write( create_row_command("impu", public_id)) homestead_cache_casscli_file.write( "SET impu['%s']['ims_subscription_xml'] = '%s';\n" % (public_id, ims_subscription_xml.replace("'", "\\'"))) # Populate the provisioning tables for the user. homestead_prov_casscli_file.write( create_row_command("implicit_registration_sets", irs_uuid)) homestead_prov_casscli_file.write( "SET implicit_registration_sets['%s']['service_profile_%s'] = lexicaluuid('%s');\n" % (irs_uuid, sp_uuid, sp_uuid)) homestead_prov_casscli_file.write( "SET implicit_registration_sets['%s']['associated_private_%s'] = utf8('%s');\n" % (irs_uuid, private_id, private_id)) homestead_prov_casscli_file.write( create_row_command("service_profiles", sp_uuid)) homestead_prov_casscli_file.write( "SET service_profiles['%s']['irs'] = '%s';\n" % (sp_uuid, irs_uuid)) homestead_prov_casscli_file.write( "SET service_profiles['%s']['initialfiltercriteria'] = '%s';\n" % (sp_uuid, initial_filter_xml)) homestead_prov_casscli_file.write( "SET service_profiles['%s']['public_id_%s'] = utf8('%s');\n" % (sp_uuid, public_id, public_id)) homestead_prov_casscli_file.write( create_row_command("public", public_id)) homestead_prov_casscli_file.write( "SET public['%s']['publicidentity'] = '%s';\n" % (public_id, public_identity_xml)) homestead_prov_casscli_file.write( "SET public['%s']['service_profile'] = '%s';\n" % (public_id, sp_uuid)) password_to_write = password if write_plaintext_password else "" homestead_prov_casscli_file.write( create_row_command("private", private_id)) homestead_prov_casscli_file.write( "SET private['%s']['digest_ha1'] = '%s';\n" % (private_id, hash)) homestead_prov_casscli_file.write( "SET private['%s']['plaintext_password'] = '******';\n" % (private_id, password_to_write)) homestead_prov_casscli_file.write( "SET private['%s']['realm'] = '%s';\n" % (private_id, realm)) homestead_prov_casscli_file.write( "SET private['%s']['associated_irs_%s'] = lexicaluuid('%s');\n" % (private_id, irs_uuid, irs_uuid)) # Make the created .sh files executable permissions = stat.S_IEXEC | stat.S_IREAD | stat.S_IWRITE os.chmod(homestead_filename, permissions) print "Generated homestead bulk provisioning scripts" print "- %-46s - run this script on Homestead" % (homestead_filename) print "- %-46s - copy this file onto Homestead" % ( homestead_cache_casscli_filename) print "- %-46s - copy this file onto Homestead" % ( homestead_prov_casscli_filename)
def standalone(): if len(sys.argv) != 2: print USAGE return csv_filename = sys.argv[1] csv_filename_prefix = string.replace(csv_filename, ".csv", "") homestead_filename = "%s.create_homestead.sh" % (csv_filename_prefix,) homestead_cqlsh_filename = "%s.create_homestead.cqlsh" % (csv_filename_prefix,) xdm_filename = "%s.create_xdm.sh" % (csv_filename_prefix,) xdm_cqlsh_filename = "%s.create_xdm.cqlsh" % (csv_filename_prefix,) print "Generating bulk provisioning scripts for users in %s..." % (csv_filename,) try: with open(csv_filename, 'rb') as csv_file, \ open(homestead_filename, 'w') as homestead_file, \ open(homestead_cqlsh_filename, 'w') as homestead_cqlsh_file, \ open(xdm_filename, 'w') as xdm_file, \ open(xdm_cqlsh_filename, 'w') as xdm_cqlsh_file: # Write Homestead/CQL header homestead_file.write("#!/bin/bash\n") homestead_file.write("# Homestead bulk provisioning script for users in %s\n" % (csv_filename,)) homestead_file.write("# Run this script on any node in your Homestead deployment to create the users\n") homestead_file.write("# The %s file must also be present on this system\n" % (homestead_cqlsh_filename,)) homestead_file.write("# You must also run %s on any node in your Homer deployment\n" % (xdm_filename,)) homestead_file.write("\n") homestead_file.write("[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (homestead_cqlsh_filename, homestead_cqlsh_filename)) homestead_file.write("cqlsh -3 -f %s\n" % (homestead_cqlsh_filename,)) homestead_cqlsh_file.write("USE homestead;\n"); # Write Homer/CQL header xdm_file.write("#!/bin/bash\n") xdm_file.write("# Homer bulk provisioning script for users in %s\n" % (csv_filename,)) xdm_file.write("# Run this script on any node in your Homer deployment to create the users\n") xdm_file.write("# The %s file must also be present on this system\n" % (xdm_cqlsh_filename,)) xdm_file.write("# You must also run %s on any node in your Homestead deployment\n" % (homestead_filename,)) xdm_file.write("\n") xdm_file.write("[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (xdm_cqlsh_filename, xdm_cqlsh_filename)) xdm_file.write("cqlsh -3 -f %s\n" % (xdm_cqlsh_filename,)) xdm_cqlsh_file.write("USE homer;\n") reader = csv.reader(csv_file) for row in reader: if len(row) >= 4: [public_id, private_id, realm, password] = row[0:4] # Hash and then encrypt the password. hash = utils.md5("%s:%s:%s" % (private_id, realm, password)) encrypted_hash = utils.encrypt_password(hash, settings.PASSWORD_ENCRYPTION_KEY) # Add the user to the SIP digests and filter criteria tables on Homestead. homestead_cqlsh_file.write("INSERT INTO sip_digests (private_id, digest) VALUES ('%s', '%s');\n" % (private_id, encrypted_hash)) homestead_cqlsh_file.write("INSERT INTO filter_criteria (public_id, value) VALUES ('%s', '%s');\n" % (public_id, INITIAL_FILTER_CRITERIA)) # Add the simservs document for the user to the documents table on Homer xdm_cqlsh_file.write("INSERT INTO simservs (user, value) VALUES ('%s', '%s');\n" % (public_id, SIMSERVS)) else: print 'Error: row "%s" contains <4 entries - ignoring' print "Generated bulk provisioning scripts written to" print "- %-46s - run this script on Homestead" % (homestead_filename,) print "- %-46s - copy this file onto Homestead" % (homestead_cqlsh_filename,) print "- %-46s - run this script on Homer" % (xdm_filename,) print "- %-46s - copy this file onto Homer" % (xdm_cqlsh_filename,) except IOError as e: print "Failed to read/write to %s:" % (e.filename,) traceback.print_exc();
def write_homestead_scripts(csv_filename, write_plaintext_password): csv_filename_prefix = string.replace(csv_filename, ".csv", "") homestead_filename = "%s.create_homestead.sh" % (csv_filename_prefix) homestead_prov_casscli_filename = "%s.create_homestead_provisioning.casscli" % (csv_filename_prefix) homestead_cache_casscli_filename = "%s.create_homestead_cache.casscli" % (csv_filename_prefix) with open(homestead_filename, 'w') as homestead_file, \ open(homestead_cache_casscli_filename, 'w') as homestead_cache_casscli_file, \ open(homestead_prov_casscli_filename, 'w') as homestead_prov_casscli_file: # Write Homestead/cassandra-cli header homestead_file.write("#!/bin/bash\n") homestead_file.write("# Homestead bulk provisioning script for users in %s\n" % (csv_filename)) homestead_file.write("# Run this script on any node in your Homestead deployment to create the users\n") homestead_file.write("# The %s and %s files must also be present on this system\n" % (homestead_cache_casscli_filename, homestead_prov_casscli_filename)) homestead_file.write("\n") homestead_file.write("[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (homestead_cache_casscli_filename, homestead_cache_casscli_filename)) homestead_file.write("[ -f %s ] || echo \"The %s file must be present on this system.\"\n" % (homestead_prov_casscli_filename, homestead_prov_casscli_filename)) homestead_file.write("cassandra-cli -B -f %s\n" % (homestead_cache_casscli_filename)) homestead_file.write("cassandra-cli -B -f %s\n" % (homestead_prov_casscli_filename)) homestead_cache_casscli_file.write("USE homestead_cache;\n") homestead_prov_casscli_file.write("USE homestead_provisioning;\n") for public_id, private_id, realm, password in csv_iterator(csv_filename): # Generate the user-specific data hash = utils.md5("%s:%s:%s" % (private_id, realm, password)) public_identity_xml = "<PublicIdentity><Identity>%s</Identity></PublicIdentity>" % public_id initial_filter_xml = ifcs.generate_ifcs(utils.sip_uri_to_domain(public_id)) ims_subscription_xml = create_imssubscription_xml(private_id, public_identity_xml, initial_filter_xml) irs_uuid = str(uuid.uuid4()) sp_uuid = str(uuid.uuid4()) # Add the user to the optimized cassandra cache. homestead_cache_casscli_file.write( create_row_command("impi", private_id)) homestead_cache_casscli_file.write( "SET impi['%s']['digest_ha1'] = '%s';\n" % (private_id, hash)) homestead_cache_casscli_file.write( "SET impi['%s']['digest_realm'] = '%s';\n" % (private_id, realm)) homestead_cache_casscli_file.write( "SET impi['%s']['public_id_%s'] = '';\n" % (private_id, public_id)) homestead_cache_casscli_file.write( create_row_command("impu", public_id)) homestead_cache_casscli_file.write( "SET impu['%s']['ims_subscription_xml'] = '%s';\n" % ( public_id, ims_subscription_xml.replace("'", "\\'"))) # Populate the provisioning tables for the user. homestead_prov_casscli_file.write( create_row_command("implicit_registration_sets", irs_uuid)) homestead_prov_casscli_file.write( "SET implicit_registration_sets['%s']['service_profile_%s'] = lexicaluuid('%s');\n" % (irs_uuid, sp_uuid, sp_uuid)) homestead_prov_casscli_file.write( "SET implicit_registration_sets['%s']['associated_private_%s'] = utf8('%s');\n" % (irs_uuid, private_id, private_id)) homestead_prov_casscli_file.write( create_row_command("service_profiles", sp_uuid)) homestead_prov_casscli_file.write( "SET service_profiles['%s']['irs'] = '%s';\n" % (sp_uuid, irs_uuid)) homestead_prov_casscli_file.write( "SET service_profiles['%s']['initialfiltercriteria'] = '%s';\n" % (sp_uuid, initial_filter_xml)) homestead_prov_casscli_file.write( "SET service_profiles['%s']['public_id_%s'] = utf8('%s');\n" % (sp_uuid, public_id, public_id)) homestead_prov_casscli_file.write( create_row_command("public", public_id)) homestead_prov_casscli_file.write( "SET public['%s']['publicidentity'] = '%s';\n" % (public_id, public_identity_xml)) homestead_prov_casscli_file.write( "SET public['%s']['service_profile'] = '%s';\n" % (public_id, sp_uuid)) password_to_write = password if write_plaintext_password else "" homestead_prov_casscli_file.write( create_row_command("private", private_id)) homestead_prov_casscli_file.write( "SET private['%s']['digest_ha1'] = '%s';\n" % (private_id, hash)) homestead_prov_casscli_file.write( "SET private['%s']['plaintext_password'] = '******';\n" % (private_id, password_to_write)) homestead_prov_casscli_file.write( "SET private['%s']['realm'] = '%s';\n" % (private_id, realm)) homestead_prov_casscli_file.write( "SET private['%s']['associated_irs_%s'] = lexicaluuid('%s');\n" % (private_id, irs_uuid, irs_uuid)) # Make the created .sh files executable permissions = stat.S_IEXEC | stat.S_IREAD | stat.S_IWRITE os.chmod(homestead_filename, permissions) print "Generated homestead bulk provisioning scripts" print "- %-46s - run this script on Homestead" % (homestead_filename) print "- %-46s - copy this file onto Homestead" % (homestead_cache_casscli_filename) print "- %-46s - copy this file onto Homestead" % (homestead_prov_casscli_filename)