def _do_traverse(self, path): objs, unresolved_path = self.traverse_full(path) if not objs or unresolved_path: self.write('No such object: %s\n' % path) return if not IContainer.providedBy(objs[-1]): self.write('Cannot cd to a non-container\n') return # Fixes #41. if os.path.isabs(path): objs.insert(0, db.deref(self.obj_path[0])) # Handle '//foo/bar//fee' path_components = path.split('/') path_components[1:] = [ comp for comp in path_components[1:] if comp != '' ] oms_root = self.obj_path[0] if path_components[0] == '': del self.obj_path[:] del self.path[:] for obj, name in zip(objs, path_components): ref = db.ref(obj) if name == '.' or (ref == oms_root and oms_root in self.obj_path): continue self.obj_path.append(ref) self.path.append(name)
def traverse_level_get(self, container, attrs, recursive=False, maxlevel=5, level=0, add_full_paths=False): container_data = {} for element in container.listcontent(): data = self._do_cat(element, attrs=attrs) if IContainer.providedBy(element): if recursive and level < maxlevel: children = self.traverse_level_get( element, attrs, recursive=recursive, maxlevel=maxlevel, level=level + 1, add_full_paths=add_full_paths) if children: data.update({'children': children}) if not data: continue container_data[data['__name__']] = data return container_data
def _do_traverse(self, path): objs, unresolved_path = self.traverse_full(path) if not objs or unresolved_path: self.write('No such object: %s\n' % path) return if not IContainer.providedBy(objs[-1]): self.write('Cannot cd to a non-container\n') return # Fixes #41. if os.path.isabs(path): objs.insert(0, db.deref(self.obj_path[0])) # Handle '//foo/bar//fee' path_components = path.split('/') path_components[1:] = [comp for comp in path_components[1:] if comp != ''] oms_root = self.obj_path[0] if path_components[0] == '': del self.obj_path[:] del self.path[:] for obj, name in zip(objs, path_components): ref = db.ref(obj) if name == '.' or (ref == oms_root and oms_root in self.obj_path): continue self.obj_path.append(ref) self.path.append(name)
def traverse_level_set(self, data, container, attrs, recursive=False, maxlevel=5, level=0): def import_cls(module, name): mod = __import__(module) for comp in module.split('.')[1:]: mod = getattr(mod, comp) return getattr(mod, name) for name, di in data.iteritems(): self.write('%s%s\n' % (' ' * level, name)) element = container[name] if di['__classname__'] in self.type_blacklist: continue obj = import_cls(di['__module__'], di['__classname__']) if not element else element if obj.__transient__: continue cobj = self._do_create_or_set(di, obj, attrs=attrs, marker=getattr(container, '__contains__', None)) if cobj is None: continue if not element: container.add(cobj) if IContainer.providedBy(cobj) and recursive and level < maxlevel: chdata = di.get('children') if chdata is not None: self.traverse_level_set(chdata, cobj, attrs, recursive=recursive, maxlevel=maxlevel, level=level + 1)
def pretty_name(item): if IContainer.providedBy(item): return self.protocol.colorize(BLUE, '%s/' % (item.__name__,)) elif ICommand.providedBy(item): return self.protocol.colorize(GREEN, '%s*' % (item.__name__,)) elif isinstance(item, Symlink): return self.protocol.colorize(CYAN, '%s@' % (item.__name__,)) else: return item.__name__
def pretty_name(item): if IContainer.providedBy(item): return self.protocol.colorize(BLUE, '%s/' % (item.__name__, )) elif ICommand.providedBy(item): return self.protocol.colorize(GREEN, '%s*' % (item.__name__, )) elif isinstance(item, Symlink): return self.protocol.colorize(CYAN, '%s@' % (item.__name__, )) else: return item.__name__
def suffix(obj): if IContainer.providedBy(follow_symlinks(obj)): return '/' elif ICommand.providedBy(follow_symlinks(obj)): return '*' elif isinstance(obj, Symlink): return '@' else: return ''
def set_acl(self, obj, inherit, allow_perms, deny_perms, del_perms, recursive=False): prinrole = IPrincipalRoleManager(obj) auth = getUtility(IAuthentication, context=None) obj.inherit_permissions = inherit def mod_perm(what, setter, p): kind, principal, perms = p.split(':') if not perms: return prin = auth.getPrincipal(principal) if isinstance(prin, Group) and kind == 'u': self.write( "No such user '%s', it's a group, perhaps you mean 'g:%s:%s'\n" % (principal, principal, perms)) return elif type(prin) is User and kind == 'g': self.write( "No such group '%s', it's a user (%s), perhaps you mean 'u:%s:%s'\n" % (principal, prin, principal, perms)) return for perm in perms.strip(): if perm not in Role.nick_to_role: raise NoSuchPermission(perm) role = Role.nick_to_role[perm].id self.write("%s permission '%s', principal '%s'\n" % (what, role, principal)) setter(role, principal) def apply_perms(prinrole): for p in allow_perms or []: mod_perm("Allowing", prinrole.assignRoleToPrincipal, p) for p in deny_perms or []: mod_perm("Denying", prinrole.removeRoleFromPrincipal, p) for p in del_perms or []: mod_perm("Unsetting", prinrole.unsetRoleForPrincipal, p) apply_perms(prinrole) seen = [obj] if recursive and IContainer.providedBy(obj): for sobj in obj.listcontent(): if follow_symlinks(sobj) not in seen: prinrole = IPrincipalRoleManager(sobj) sobj.inherit_permissions = inherit seen.append(follow_symlinks(sobj)) apply_perms(prinrole)
def _do_print_acl(self, obj, verbose, recursive, seen): prinrole = IPrincipalRoleManager(obj) auth = getUtility(IAuthentication, context=None) user_allow = collections.defaultdict(list) user_deny = collections.defaultdict(list) users = set() for role, principal, setting in prinrole.getPrincipalsAndRoles(): users.add(principal) if setting.getName() == 'Allow': user_allow[principal].append(role) else: user_deny[principal].append(role) for principal in users: def formatted_perms(perms): prin = auth.getPrincipal(principal) typ = 'group' if isinstance(prin, Group) else 'user' if verbose: def grants(i): return ','.join( '@%s' % i[0] for i in rolePermissionManager.getPermissionsForRole(i) if i[0] != 'oms.nothing') return (typ, principal, ''.join( '%s{%s}' % (Role.role_to_nick.get(i, '(%s)' % i), grants(i)) for i in sorted(perms))) else: return (typ, principal, ''.join( Role.role_to_nick.get(i, '(%s)' % i) for i in sorted(perms))) if principal in user_allow: self.write("%s:%s:+%s\n" % formatted_perms(user_allow[principal])) if principal in user_deny: self.write("%s:%s:-%s\n" % formatted_perms(user_deny[principal])) if recursive and IContainer.providedBy(follow_symlinks(obj)): for sobj in follow_symlinks(obj).listcontent(): if follow_symlinks(sobj) not in seen: seen.append(sobj) self.write('%s:\n' % canonical_path(sobj)) self._do_print_acl(sobj, verbose, recursive, seen)
def set_owner(path): target = self.traverse(path) if not target: self.write('Not found: %s\n' % path) return if target.__transient__: self.write("Transient object %s cannot have its owner changed\n" % path) return target.__owner__ = principal if IContainer.providedBy(target) and args.recursive: for item in target.listcontent(): set_owner(os.path.join(path, item.__name__))
def set_acl(self, obj, inherit, allow_perms, deny_perms, del_perms, recursive=False): prinrole = IPrincipalRoleManager(obj) auth = getUtility(IAuthentication, context=None) obj.inherit_permissions = inherit def mod_perm(what, setter, p): kind, principal, perms = p.split(':') if not perms: return prin = auth.getPrincipal(principal) if isinstance(prin, Group) and kind == 'u': self.write("No such user '%s', it's a group, perhaps you mean 'g:%s:%s'\n" % (principal, principal, perms)) return elif type(prin) is User and kind == 'g': self.write("No such group '%s', it's a user (%s), perhaps you mean 'u:%s:%s'\n" % (principal, prin, principal, perms)) return for perm in perms.strip(): if perm not in Role.nick_to_role: raise NoSuchPermission(perm) role = Role.nick_to_role[perm].id self.write("%s permission '%s', principal '%s'\n" % (what, role, principal)) setter(role, principal) def apply_perms(prinrole): for p in allow_perms or []: mod_perm("Allowing", prinrole.assignRoleToPrincipal, p) for p in deny_perms or []: mod_perm("Denying", prinrole.removeRoleFromPrincipal, p) for p in del_perms or []: mod_perm("Unsetting", prinrole.unsetRoleForPrincipal, p) apply_perms(prinrole) seen = [obj] if recursive and IContainer.providedBy(obj): for sobj in obj.listcontent(): if follow_symlinks(sobj) not in seen: prinrole = IPrincipalRoleManager(sobj) sobj.inherit_permissions = inherit seen.append(follow_symlinks(sobj)) apply_perms(prinrole)
def traverse_level_set(self, data, container, attrs, recursive=False, maxlevel=5, level=0): def import_cls(module, name): mod = __import__(module) for comp in module.split('.')[1:]: mod = getattr(mod, comp) return getattr(mod, name) for name, di in data.iteritems(): self.write('%s%s\n' % (' ' * level, name)) element = container[name] if di['__classname__'] in self.type_blacklist: continue obj = import_cls(di['__module__'], di['__classname__']) if not element else element if obj.__transient__: continue cobj = self._do_create_or_set(di, obj, attrs=attrs, marker=getattr( container, '__contains__', None)) if cobj is None: continue if not element: container.add(cobj) if IContainer.providedBy(cobj) and recursive and level < maxlevel: chdata = di.get('children') if chdata is not None: self.traverse_level_set(chdata, cobj, attrs, recursive=recursive, maxlevel=maxlevel, level=level + 1)
def set_owner(path, level): target = self.traverse(path) if not target: self.write('Not found: %s\n' % path) return if target.__transient__: if args.verbose: self.write( "Transient object %s cannot have its owner changed\n" % path) return target.__owner__ = principal if IContainer.providedBy( target) and args.recursive and level < args.limit: for item in target.listcontent(): set_owner(os.path.join(path, item.__name__), level + 1)
def traverse_level_get(self, container, attrs, recursive=False, maxlevel=5, level=0, add_full_paths=False): container_data = {} for element in container.listcontent(): data = self._do_cat(element, attrs=attrs) if IContainer.providedBy(element): if recursive and level < maxlevel: children = self.traverse_level_get(element, attrs, recursive=recursive, maxlevel=maxlevel, level=level + 1, add_full_paths=add_full_paths) if children: data.update({'children': children}) if not data: continue container_data[data['__name__']] = data return container_data
def _do_print_acl(self, obj, verbose, recursive, seen): prinrole = IPrincipalRoleManager(obj) auth = getUtility(IAuthentication, context=None) user_allow = collections.defaultdict(list) user_deny = collections.defaultdict(list) users = set() for role, principal, setting in prinrole.getPrincipalsAndRoles(): users.add(principal) if setting.getName() == 'Allow': user_allow[principal].append(role) else: user_deny[principal].append(role) for principal in users: def formatted_perms(perms): prin = auth.getPrincipal(principal) typ = 'group' if isinstance(prin, Group) else 'user' if verbose: def grants(i): return ','.join('@%s' % i[0] for i in rolePermissionManager.getPermissionsForRole(i) if i[0] != 'oms.nothing') return (typ, principal, ''.join('%s{%s}' % (Role.role_to_nick.get(i, '(%s)' % i), grants(i)) for i in sorted(perms))) else: return (typ, principal, ''.join(Role.role_to_nick.get(i, '(%s)' % i) for i in sorted(perms))) if principal in user_allow: self.write("%s:%s:+%s\n" % formatted_perms(user_allow[principal])) if principal in user_deny: self.write("%s:%s:-%s\n" % formatted_perms(user_deny[principal])) if recursive and IContainer.providedBy(follow_symlinks(obj)): for sobj in follow_symlinks(obj).listcontent(): if follow_symlinks(sobj) not in seen: seen.append(sobj) self.write('%s:\n' % canonical_path(sobj)) self._do_print_acl(sobj, verbose, recursive, seen)
def execute(self, args): src_path, dest_path = args.paths src = self.traverse(src_path) dest = self.traverse(dest_path) rename = None # move and rename if not dest: dest = self.traverse(os.path.dirname(dest_path)) rename = os.path.basename(dest_path) if not IContainer.providedBy(dest): self.write("Destination %s has to be a container.\n" % dest) return # `add` will take care of removing the old parent. dest.add(src) if rename: dest.rename(src.__name__, rename)
def complete(self, token, parsed, parser, **kwargs): # If there is still any positional option to complete: if self.expected_action(parsed, parser): base_path = os.path.dirname(token) container = self.context.traverse(base_path) if IContainer.providedBy(container): def suffix(obj): if IContainer.providedBy(follow_symlinks(obj)): return '/' elif ICommand.providedBy(follow_symlinks(obj)): return '*' elif isinstance(obj, Symlink): return '@' else: return '' def name(obj): return os.path.join(base_path, obj.__name__) return [name(obj) + suffix(obj) for obj in container.listcontent() if name(obj).startswith(token)]
def _do_ls(self, obj, path='.', recursive=False): assert obj not in self.visited self.visited.append(obj) def pretty_name(item): if IContainer.providedBy(item): return self.protocol.colorize(BLUE, '%s/' % (item.__name__,)) elif ICommand.providedBy(item): return self.protocol.colorize(GREEN, '%s*' % (item.__name__,)) elif isinstance(item, Symlink): return self.protocol.colorize(CYAN, '%s@' % (item.__name__,)) else: return item.__name__ def make_long_lines(container): def get_symlink_nicknames(item): for method in (lambda item: [canonical_path(item)], lambda item: getattr(follow_symlinks(item), 'nicknames', [])): try: for n in method(item): yield n except Unauthorized: log.err(system='security') def nick(item): return (get_symlink_nicknames(item) if isinstance(item, Symlink) else getattr(item, 'nicknames', [])) def owner(item): return item.__owner__ or 'root' return [(('%s %s %s\t%s\t%s\n' % (pretty_effective_perms(self.protocol.interaction, follow_symlinks(subobj)), owner(subobj), datetime.datetime.fromtimestamp(subobj.mtime).isoformat() if not subobj.__transient__ else ' <transient> ', pretty_name(subobj), ' : '.join(nick(subobj)))).encode('utf-8')) for subobj in container] def make_short_lines(container): return columnize([pretty_name(subobj) for subobj in container], displaywidth=self.protocol.width) def filter_by_permission(i): try: return self.protocol.interaction.checkPermission('view', i) except Exception as e: log.msg('Error accessing %s' % i, system='ls') log.err(e) container = (sorted(filter(filter_by_permission, obj.listcontent()), key=lambda o: o.__name__) if IContainer.providedBy(obj) and not self.opts_dir else [obj]) for line in (make_long_lines(container) if self.opts_long else make_short_lines(container)): self.write(line) if recursive and IContainer.providedBy(obj) and not self.opts_dir: for ch in container: child_obj = obj[ch.__name__] if (IContainer.providedBy(child_obj) and not isinstance(child_obj, Symlink) and child_obj not in self.visited): self.write("\n%s:\n" % os.path.join(path, ch.__name__.encode('utf8'))) self._do_ls(child_obj, os.path.join(path, ch.__name__), recursive=True)
def _do_ls(self, obj, path='.', recursive=False): assert obj not in self.visited self.visited.append(obj) def pretty_name(item): if IContainer.providedBy(item): return self.protocol.colorize(BLUE, '%s/' % (item.__name__, )) elif ICommand.providedBy(item): return self.protocol.colorize(GREEN, '%s*' % (item.__name__, )) elif isinstance(item, Symlink): return self.protocol.colorize(CYAN, '%s@' % (item.__name__, )) else: return item.__name__ def make_long_lines(container): def get_symlink_nicknames(item): for method in (lambda item: [canonical_path(item)], lambda item: getattr(follow_symlinks(item), 'nicknames', [])): try: for n in method(item): yield n except Unauthorized: log.err(system='security') def nick(item): return (get_symlink_nicknames(item) if isinstance( item, Symlink) else getattr(item, 'nicknames', [])) def owner(item): return item.__owner__ or 'root' return [ (('%s %s %s\t%s\t%s\n' % (pretty_effective_perms(self.protocol.interaction, follow_symlinks(subobj)), owner(subobj), datetime.datetime.fromtimestamp( subobj.mtime).isoformat() if not subobj.__transient__ else ' <transient> ', pretty_name(subobj), ' : '.join(nick(subobj)))).encode('utf-8')) for subobj in container ] def make_short_lines(container): return columnize([pretty_name(subobj) for subobj in container], displaywidth=self.protocol.width) def filter_by_permission(i): try: return self.protocol.interaction.checkPermission('view', i) except Exception as e: log.msg('Error accessing %s' % i, system='ls') log.err(e) container = (sorted(filter(filter_by_permission, obj.listcontent()), key=lambda o: o.__name__) if IContainer.providedBy(obj) and not self.opts_dir else [obj]) for line in (make_long_lines(container) if self.opts_long else make_short_lines(container)): self.write(line) if recursive and IContainer.providedBy(obj) and not self.opts_dir: for ch in container: child_obj = obj[ch.__name__] if (IContainer.providedBy(child_obj) and not isinstance(child_obj, Symlink) and child_obj not in self.visited): self.write("\n%s:\n" % os.path.join(path, ch.__name__.encode('utf8'))) self._do_ls(child_obj, os.path.join(path, ch.__name__), recursive=True)
def collect(container): for item in container.listcontent(): if ICompute.providedBy(item): computes[item.__name__] = Symlink(item.__name__, item) if IContainer.providedBy(item): collect(item)