def dump(obj, path, protocol=0): """Dump a binary representation of obj to the file, path""" contents = dumps(obj) fd = LocalFile(path, "w") fd.write(contents) fd.close()
def dump(obj, path, protocol=0): """Dump a binary representation of obj to the file, path""" contents = dumps(obj) fd = LocalFile(path, 'w') fd.write(contents) fd.close()
def dump(obj, path, protocol=0): """Dump a binary representation of obj to the file, path""" contents = dumps(obj) fd = distfile.DistFile(path, 'w') fd.lock(LOCK_EX) fd.write(contents) fd.flush() fd.unlock() fd.close()
def save_access_request(configuration, request_dir, request): """Save the request dictionary as a pickle in request_dir with random filename stem and predefined request file extension. Returns the nameof the file on success. """ request['created_timestamp'] = datetime.datetime.now() try: (filehandle, tmpfile) = make_temp_file(suffix=request_ext, prefix=request_prefix, dir=request_dir) # Prevent exotic characters causing trouble between scripts request['request_name'] = os.path.basename(tmpfile) os.write(filehandle, dumps(request)) os.close(filehandle) except Exception, err: configuration.logger.error("could not save request %s in %s: %s" % \ (request, request_dir, err)) return False
def main(client_id, user_arguments_dict): """Main function used by front end""" (configuration, logger, output_objects, op_name) = \ initialize_main_variables(client_id, op_header=False, op_menu=False) defaults = signature()[1] (validate_status, accepted) = validate_input(user_arguments_dict, defaults, output_objects, allow_rejects=False) if not validate_status: logger.warning('%s invalid input: %s' % (op_name, accepted)) return (accepted, returnvalues.CLIENT_ERROR) if not correct_handler('POST'): output_objects.append( {'object_type': 'error_text', 'text' : 'Only accepting POST requests to prevent unintended updates'}) return (output_objects, returnvalues.CLIENT_ERROR) title_entry = find_entry(output_objects, 'title') title_entry['text'] = '%s certificate request' % configuration.short_title title_entry['skipmenu'] = True output_objects.append({'object_type': 'header', 'text' : '%s certificate request' % \ configuration.short_title }) admin_email = configuration.admin_email smtp_server = configuration.smtp_server user_pending = os.path.abspath(configuration.user_pending) # force name to capitalized form (henrik karlsen -> Henrik Karlsen) # please note that we get utf8 coded bytes here and title() treats such # chars as word termination. Temporarily force to unicode. raw_name = accepted['cert_name'][-1].strip() try: cert_name = force_utf8(force_unicode(raw_name).title()) except Exception: cert_name = raw_name.title() country = accepted['country'][-1].strip().upper() state = accepted['state'][-1].strip().title() org = accepted['org'][-1].strip() # lower case email address email = accepted['email'][-1].strip().lower() password = accepted['password'][-1] verifypassword = accepted['verifypassword'][-1] # keep comment to a single line comment = accepted['comment'][-1].replace('\n', ' ') # single quotes break command line format - remove comment = comment.replace("'", ' ') if password != verifypassword: output_objects.append({'object_type': 'error_text', 'text' : 'Password and verify password are not identical!' }) return (output_objects, returnvalues.CLIENT_ERROR) # TODO: move this check to conf? if not forced_org_email_match(org, email, configuration): output_objects.append({'object_type': 'error_text', 'text' : '''Illegal email and organization combination: Please read and follow the instructions in red on the request page! If you are a student with only a @*.ku.dk address please just use KU as organization. As long as you state that you want the certificate for course purposes in the comment field, you will be given access to the necessary resources anyway. '''}) return (output_objects, returnvalues.CLIENT_ERROR) user_dict = { 'full_name': cert_name, 'organization': org, 'state': state, 'country': country, 'email': email, 'comment': comment, 'password': base64.b64encode(password), 'expire': int(time.time() + cert_valid_days * 24 * 60 * 60), 'openid_names': [], } fill_distinguished_name(user_dict) user_id = user_dict['distinguished_name'] user_dict['authorized'] = (user_id == client_id) if configuration.user_openid_providers and configuration.user_openid_alias: user_dict['openid_names'] += \ [user_dict[configuration.user_openid_alias]] logger.info('got reqcert request: %s' % user_dict) # For testing only if cert_name.upper().find('DO NOT SEND') != -1: output_objects.append({'object_type': 'text', 'text' : "Test request ignored!"}) return (output_objects, returnvalues.OK) req_path = None try: (os_fd, req_path) = tempfile.mkstemp(dir=user_pending) os.write(os_fd, dumps(user_dict)) os.close(os_fd) except Exception, err: logger.error('Failed to write certificate request to %s: %s' % (req_path, err)) output_objects.append({'object_type': 'error_text', 'text' : 'Request could not be sent to grid administrators. Please contact them manually on %s if this error persists.' % admin_email}) return (output_objects, returnvalues.SYSTEM_ERROR)
specified in the configuation for the '%s' resource unit. Please contact the %s owner and ask if you can be included in the %s.""" % \ (vgrid_label, vgrid_name, res_unit['name'], vgrid_label, vgrid_label)) # save dictionary to a file if outfile == 'AUTOMATIC': # save configuration as python dictionary in the resource' private directory filename = configuration.resource_home + unique_resource_name\ + '/config' elif outfile: # outfile specified (DumpConfig) filename = outfile else: return (True, 'Everything ok') try: fsock = open(filename, 'w') st = dumps(conf, 0) fsock.write(st) fsock.close() except Exception, err: return (False, "Fatal error: could not open '" + filename + "' for writing!" + '\n Msg: ' + str(err)) return (True, 'Everything ok, config updated')
output_objects.append({ 'object_type': 'text', 'text': '''Created the user account for you: Please use the navigation menu to the left to proceed using it. ''' }) return (output_objects, returnvalues.OK) # Without auto add we end here and go through the mail-to-admins procedure req_path = None try: (os_fd, req_path) = tempfile.mkstemp(dir=user_pending) os.write(os_fd, dumps(user_dict)) os.close(os_fd) except Exception, err: logger.error('Failed to write existing certificate request to %s: %s' % (req_path, err)) output_objects.append( {'object_type': 'error_text', 'text' : """Request could not be sent to grid administrators. Please contact them manually on %s if this error persists.""" % \ admin_email}) return (output_objects, returnvalues.SYSTEM_ERROR) logger.info('Wrote existing certificate sign up request to %s' % req_path) tmp_id = req_path.replace(user_pending, '') user_dict['tmp_id'] = tmp_id
def main(client_id, user_arguments_dict): """Main function used by front end""" (configuration, logger, output_objects, op_name) = initialize_main_variables( client_id, op_header=False, op_menu=False ) defaults = signature()[1] logger.debug("in extoidaction: %s" % user_arguments_dict) (validate_status, accepted) = validate_input(user_arguments_dict, defaults, output_objects, allow_rejects=False) if not validate_status: return (accepted, returnvalues.CLIENT_ERROR) # Unfortunately OpenID does not use POST # if not correct_handler('GET'): # output_objects.append( # {'object_type': 'error_text', 'text' # : 'Only accepting POST requests to prevent unintended updates'}) # return (output_objects, returnvalues.CLIENT_ERROR) title_entry = find_entry(output_objects, "title") title_entry["text"] = "%s OpenID sign up" % configuration.short_title title_entry["skipmenu"] = True output_objects.append({"object_type": "header", "text": "%s OpenID sign up" % configuration.short_title}) admin_email = configuration.admin_email smtp_server = configuration.smtp_server user_pending = os.path.abspath(configuration.user_pending) # force name to capitalized form (henrik karlsen -> Henrik Karlsen) id_url = os.environ["REMOTE_USER"].strip() openid_prefix = configuration.user_openid_providers[0].rstrip("/") + "/" raw_login = id_url.replace(openid_prefix, "") full_name = accepted["openid.sreg.full_name"][-1].strip().title() country = accepted["openid.sreg.country"][-1].strip().upper() state = accepted["state"][-1].strip().title() organization = accepted["openid.sreg.organization"][-1].strip() organizational_unit = accepted["openid.sreg.organizational_unit"][-1].strip() locality = accepted["openid.sreg.locality"][-1].strip() # lower case email address email = accepted["openid.sreg.email"][-1].strip().lower() password = accepted["password"][-1] # verifypassword = accepted['verifypassword'][-1] # keep comment to a single line comment = accepted["comment"][-1].replace("\n", " ") # single quotes break command line format - remove comment = comment.replace("'", " ") user_dict = { "full_name": full_name, "organization": organization, "organizational_unit": organizational_unit, "locality": locality, "state": state, "country": country, "email": email, "password": password, "comment": comment, "expire": int(time.time() + oid_valid_days * 24 * 60 * 60), "openid_names": [raw_login], } fill_distinguished_name(user_dict) user_id = user_dict["distinguished_name"] if configuration.user_openid_providers and configuration.user_openid_alias: user_dict["openid_names"].append(user_dict[configuration.user_openid_alias]) req_path = None try: (os_fd, req_path) = tempfile.mkstemp(dir=user_pending) os.write(os_fd, dumps(user_dict)) os.close(os_fd) except Exception, err: logger.error("Failed to write certificate request to %s: %s" % (req_path, err)) output_objects.append( { "object_type": "error_text", "text": "Request could not be sent to grid administrators. Please contact them manually on %s if this error persists." % admin_email, } ) return (output_objects, returnvalues.SYSTEM_ERROR)
def main(client_id, user_arguments_dict): """Main function used by front end""" (configuration, logger, output_objects, op_name) = \ initialize_main_variables(client_id, op_header=False, op_menu=False) defaults = signature()[1] logger.debug('in extoidaction: %s' % user_arguments_dict) (validate_status, accepted) = validate_input(user_arguments_dict, defaults, output_objects, allow_rejects=False) if not validate_status: return (accepted, returnvalues.CLIENT_ERROR) # Unfortunately OpenID does not use POST #if not safe_handler(configuration, 'post', op_name, client_id, # get_csrf_limit(configuration), accepted): # output_objects.append( # {'object_type': 'error_text', 'text': '''Only accepting #CSRF-filtered POST requests to prevent unintended updates''' # }) # return (output_objects, returnvalues.CLIENT_ERROR) title_entry = find_entry(output_objects, 'title') title_entry['text'] = '%s OpenID account sign up' % configuration.short_title title_entry['skipmenu'] = True output_objects.append({'object_type': 'header', 'text' : '%s OpenID account sign up' % \ configuration.short_title }) admin_email = configuration.admin_email smtp_server = configuration.smtp_server user_pending = os.path.abspath(configuration.user_pending) # force name to capitalized form (henrik karlsen -> Henrik Karlsen) id_url = os.environ['REMOTE_USER'].strip() openid_prefix = configuration.user_ext_oid_provider.rstrip('/') + '/' raw_login = id_url.replace(openid_prefix, '') full_name = accepted['openid.sreg.full_name'][-1].strip().title() country = accepted['openid.sreg.country'][-1].strip().upper() state = accepted['state'][-1].strip().title() organization = accepted['openid.sreg.organization'][-1].strip() organizational_unit = accepted['openid.sreg.organizational_unit'][-1].strip() locality = accepted['openid.sreg.locality'][-1].strip() # lower case email address email = accepted['openid.sreg.email'][-1].strip().lower() password = accepted['password'][-1] #verifypassword = accepted['verifypassword'][-1] # keep comment to a single line comment = accepted['comment'][-1].replace('\n', ' ') # single quotes break command line format - remove comment = comment.replace("'", ' ') user_dict = { 'full_name': full_name, 'organization': organization, 'organizational_unit': organizational_unit, 'locality': locality, 'state': state, 'country': country, 'email': email, 'password': password, 'comment': comment, 'expire': int(time.time() + oid_valid_days * 24 * 60 * 60), 'openid_names': [raw_login], 'auth': ['extoid'], } fill_distinguished_name(user_dict) user_id = user_dict['distinguished_name'] if configuration.user_openid_providers and configuration.user_openid_alias: user_dict['openid_names'].append( user_dict[configuration.user_openid_alias]) req_path = None try: (os_fd, req_path) = tempfile.mkstemp(dir=user_pending) os.write(os_fd, dumps(user_dict)) os.close(os_fd) except Exception, err: logger.error('Failed to write OpenID account request to %s: %s' % (req_path, err)) output_objects.append({'object_type': 'error_text', 'text' : 'Request could not be sent to grid administrators. Please contact them manually on %s if this error persists.' % admin_email}) return (output_objects, returnvalues.SYSTEM_ERROR)
: '''Could not create the user account for you: Please report this problem to the grid administrators (%s).''' % \ admin_email}) return (output_objects, returnvalues.SYSTEM_ERROR) output_objects.append({'object_type': 'text', 'text' : '''Created the user account for you: Please use the navigation menu to the left to proceed using it. '''}) return (output_objects, returnvalues.OK) # Without auto add we end here and go through the mail-to-admins procedure req_path = None try: (os_fd, req_path) = tempfile.mkstemp(dir=user_pending) os.write(os_fd, dumps(user_dict)) os.close(os_fd) except Exception, err: logger.error('Failed to write existing certificate request to %s: %s' % (req_path, err)) output_objects.append( {'object_type': 'error_text', 'text' : """Request could not be sent to grid administrators. Please contact them manually on %s if this error persists.""" % \ admin_email}) return (output_objects, returnvalues.SYSTEM_ERROR) logger.info('Wrote existing certificate sign up request to %s' % req_path) tmp_id = req_path.replace(user_pending, '') user_dict['tmp_id'] = tmp_id
"Your resource is not allowed in the vgrid '%s' specified in the configuation for the '%s' execution unit. Please contact the vgrid owner and ask if you can be included in the vgrid." % (vgrid_name, exe['name'])) # save dictionary to a file if outfile == 'AUTOMATIC': # save configuration as python dictionary in the resource' private directory filename = configuration.resource_home + unique_resource_name\ + '/config' elif outfile: # outfile specified (DumpConfig) filename = outfile else: return (True, 'Everything ok') try: fsock = open(filename, 'w') st = dumps(conf, 0) fsock.write(st) fsock.close() except Exception, err: return (False, "Fatal error: could not open '" + filename + "' for writing!" + '\n Msg: ' + str(err)) return (True, 'Everything ok, config updated')