From mboxrd@z Thu Jan 1 00:00:00 1970 From: rmccabe@sourceware.org Date: 2 Aug 2006 23:29:29 -0000 Subject: [Cluster-devel] conga/luci/utils luci_admin Message-ID: <20060802232929.11961.qmail@sourceware.org> List-Id: To: cluster-devel.redhat.com MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit CVSROOT: /cvs/cluster Module name: conga Changes by: rmccabe at sourceware.org 2006-08-02 23:29:27 Modified files: luci/utils : luci_admin Log message: almost complete rewrite. thanks, zope! Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/utils/luci_admin.diff?cvsroot=cluster&r1=1.32&r2=1.33 --- conga/luci/utils/luci_admin 2006/08/02 20:52:23 1.32 +++ conga/luci/utils/luci_admin 2006/08/02 23:29:27 1.33 @@ -106,6 +106,9 @@ import ImageFile import Products.PluggableAuthService.plugins.ZODBUserManager import BTrees.OOBTree + # Zope wants to open a www/ok.gif and images/error.gif + # when you initialize the application object. This keeps + # the AppInitializer(app).initialize() call below from failing. ImageFile.ImageFile.__init__ = lambda x,y,z:None sys.stderr = orig_stderr @@ -143,11 +146,13 @@ try: pwd_scheme = SSHADigestScheme pwd_hash = '{SSHA}' + pwd_scheme.encrypt(SSHADigestScheme(), passwd) - acl_users = app.unrestrictedTraverse('/acl_users/users/') - len(acl_users) - acl_users.__dict__['_user_passwords'][user] = pwd_hash - transaction.commit() - ret = 0 + acl_users = app.acl_users.users + if len(acl_users): + acl_users._user_passwords[user] = pwd_hash + transaction.commit() + ret = 0 + else: + raise except: sys.stderr.write('Unable to set the password for user \"' + user + '\"\n') conn.close() @@ -232,6 +237,7 @@ return None def luci_restore(argv): + sys.stderr = null import ZODB from ZODB.FileStorage import FileStorage from ZODB.DB import DB @@ -240,18 +246,19 @@ import OFS.Folder import AccessControl import AccessControl.User + from AccessControl.AuthEncoding import SSHADigestScheme from AccessControl.SecurityManagement import newSecurityManager import transaction - sys.stderr = null import Products.CMFCore - sys.stderr = orig_stderr import Products.CMFCore.MemberDataTool import ImageFile - + import Products.PluggableAuthService.plugins.ZODBUserManager + import BTrees.OOBTree # Zope wants to open a www/ok.gif and images/error.gif # when you initialize the application object. This keeps # the AppInitializer(app).initialize() call below from failing. ImageFile.ImageFile.__init__ = lambda x,y,z:None + sys.stderr = orig_stderr if len(argv) > 0: dbfn = argv[0] @@ -311,12 +318,13 @@ sys.stderr.write('An error occurred while initializing the Luci installation for restoration from backup\n') return -1 - if True: - portal_mem = app.unrestrictedTraverse('/luci/portal_membership') - portal_reg = app.unrestrictedTraverse('/luci/portal_registration') - if not portal_mem or not portal_reg: + try: + acl_users = app.acl_users.users + portal_mem = app.luci.portal_membership + portal_reg = app.luci.portal_registration + if not (acl_users and len(acl_users) and portal_mem and portal_reg): raise - else: + except: sys.stderr.write('Your Luci installation appears to be corrupt.\n') return -1 @@ -344,7 +352,12 @@ passwd = str(passwd) if id == 'admin': - save_password('admin', passwd) + try: + acl_users._user_passwords['admin'] = passwd + transaction.commit() + except: + sys.stderr.write('Unable to restore admin password.') + continue else: email = u.getAttribute('email') if not email: @@ -368,8 +381,11 @@ return -1 try: - aclu = app.unrestrictedTraverse('/luci/acl_users/Users/acl_users/') - aclu.__dict__['data'][id].__dict__['__'] = passwd + aclu = app.luci.acl_users.source_users + if aclu and len(aclu): + acl_users._user_passwords[id] = passwd + else: + raise except: transaction.abort() sys.stderr.write('An error occurred while restoring the password for user \"' + id + '\"\n') @@ -377,7 +393,7 @@ transaction.commit() try: - x = app.unrestrictedTraverse('/luci/systems/storage') + x = app.luci.systems.storage if not x: raise except: @@ -407,7 +423,7 @@ x.manage_addFolder(id, title) try: - new_system = app.unrestrictedTraverse('/luci/systems/storage/' + id) + new_system = eval('app.luci.systems.storage.' + id) if not new_system: raise new_system.manage_acquiredPermissions([]) @@ -436,7 +452,7 @@ transaction.commit() try: - x = app.unrestrictedTraverse('/luci/systems/cluster') + x = app.luci.systems.cluster if not x: raise except: @@ -468,7 +484,8 @@ try: x.manage_addFolder(id, title) - new_cluster = app.unrestrictedTraverse('/luci/systems/cluster/'+ id) + new_cluster = eval('app.luci.systems.cluster.' + id) + if not new_cluster: raise new_cluster.manage_acquiredPermissions([]) @@ -515,7 +532,7 @@ try: new_cluster.manage_addFolder(newsys, stitle) - newcs = app.unrestrictedTraverse('/luci/systems/cluster/' + id + '/' + newsys) + newcs = eval('app.luci.systems.cluster.' + id + '.' + newsys) if not newcs: raise newcs.manage_acquiredPermissions([]) @@ -581,19 +598,39 @@ return node.cloneNode(True) def luci_backup(argv): + sys.stderr = null import ZODB from ZODB.FileStorage import FileStorage from ZODB.DB import DB import OFS + from OFS.Application import AppInitializer import OFS.Folder import AccessControl import AccessControl.User + from AccessControl.AuthEncoding import SSHADigestScheme + from AccessControl.SecurityManagement import newSecurityManager + import transaction + import Products.CMFCore + import Products.CMFCore.MemberDataTool + import ImageFile + import Products.PluggableAuthService.plugins.ZODBUserManager + import BTrees.OOBTree + # Zope wants to open a www/ok.gif and images/error.gif + # when you initialize the application object. This keeps + # the AppInitializer(app).initialize() call below from failing. + ImageFile.ImageFile.__init__ = lambda x,y,z:None + sys.stderr = orig_stderr if len(argv) > 0: dbfn = argv[0] else: dbfn = LUCI_DB_PATH + if len(argv) > 1: + backupfn = argv[1] + else: + backupfn = LUCI_BACKUP_PATH + try: fs = FileStorage(dbfn) db = DB(fs) @@ -602,130 +639,122 @@ except IOError, e: if e[0] == 11: sys.stderr.write('It appears that Luci is running. Please stop Luci before attempting to backup your installation.\n') - return None + return -1 else: sys.stderr.write('Unable to open the Luci database \"' + dbfn + '\":' + str(e) + '\n') - return None + return -1 except Exception, e: sys.stderr.write('Unable to open the Luci database \"' + dbfn + '\":' + str(e) + '\n') - return None + return -1 + + try: + sys.stderr = null + tempuser = AccessControl.User.UnrestrictedUser('admin', '', + ('manage','Manager', 'Owner', 'View', 'Authenticated'), []) - examine_classes = [ - 'OFS.Folder.Folder', - 'AccessControl.User.User', - 'Products.CMFCore.MemberDataTool.MemberData' - ] + newSecurityManager(None, tempuser) + app = conn.root()['Application'] + AppInitializer(app).initialize() + sys.stderr = orig_stderr + except: + sys.stderr = orig_stderr + sys.stderr.write('An error occurred while initializing the Luci installation for restoration from backup\n') + return -1 + + try: + acl_users = app.acl_users.users + portal_mem = app.luci.portal_membership + portal_reg = app.luci.portal_registration + if not (acl_users and len(acl_users) and portal_mem and portal_reg): + raise + except: + sys.stderr.write('Your Luci installation appears to be corrupt.\n') + return -1 + + users = {} systems = {} clusters = {} - users = {} - # To suppress some useless zope error messages. - sys.stderr = null + try: + acl_users = app.acl_users.users + if len(acl_users) < 1: + raise + users['admin'] = { + 'id': 'admin', + 'name': 'admin', + 'passwd': app.acl_users.users._user_passwords['admin'] + } + except: + sys.stderr.write('Unable to find the admin user.\n') + return -1 + + acl_users = app.luci.acl_users.source_users + if acl_users and len(acl_users): + for i in app.luci.acl_users.source_users._user_passwords.items(): + try: + users[i[0]] = { + 'id': i[0], + 'name': i[0], + 'passwd': i[1] + } + except: + try: + sys.stderr.write('An error occurred while saving details for user \"' + i[0] + '\"\n') + except: + sys.stderr.write('An error occurred while saving user information.') + return -1 - next_oid = None - while True: - oid, tid, data, next_oid = fs.record_iternext(next_oid) + try: + storagedir = app.luci.systems.storage + clusterdir = app.luci.systems.cluster + except: + sys.stderr.write('Your Luci installation appears to be corrupt.') + return -1 - try: - obj = conn.get(oid) - obj_class = str(type(obj)).split('\'')[1] - except: - if next_oid is None: break - else: continue + if storagedir and len(storagedir): + for i in storagedir.objectItems(): + systems[i[0]] = { 'id': i[0], 'name': i[0] } + if hasattr(i[1], 'title'): + systems[i[0]]['title'] = getattr(i[1], 'title') + else: + systems[i[0]]['title'] = '__luci__:system' - if not obj_class in examine_classes: - if next_oid is None: break - else: continue + if hasattr(i[1], '__ac_local_roles__'): + roles = getattr(i[1], '__ac_local_roles__') + systems[i[0]]['permList'] = map(lambda x: x[0], filter(lambda x: len(x) > 1 and 'View' in x[1], roles.items())) + else: + systems[i[0]]['permList'] = {} + + if clusterdir and len(clusterdir): + for i in clusterdir.objectItems(): + cluster_name = i[0] + clusters[cluster_name] = { 'id': cluster_name, 'csystemList': {} } + if hasattr(i[1], 'title'): + clusters[cluster_name]['title'] = getattr(i[1], 'title') + else: + clusters[cluster_name]['title'] = '__luci__:cluster' - try: - conn.setstate(obj) - except: - if next_oid is None: break - else: continue + if hasattr(i[1], '__ac_local_roles__'): + roles = getattr(i[1], '__ac_local_roles__') + clusters[cluster_name]['permList'] = map(lambda x: x[0], filter(lambda x: len(x) > 1 and 'View' in x[1], roles.items())) + else: + clusters[cluster_name]['permList'] = {} - dict = obj.__dict__ + for csystem in i[1].objectItems(): + csystem_hash = { 'id': csystem[0] } - if obj_class == 'OFS.Folder.Folder': - if not 'title' in dict or not dict['title'] or dict['title'][0:9] != '__luci__:': - if next_oid is None: break - else: continue - title = dict['title'].split(':') - cur = None - - if title[1] == 'cluster': - if not dict['id'] in clusters: - clusters[dict['id']] = { - 'id': dict['id'], - 'title': dict['title'], - 'permList': [], - 'csystemList': {} - } - cur = clusters[dict['id']] + if hasattr(csystem[1], 'title'): + csystem_hash['title'] = getattr(csystem[1], 'title') else: - cur = clusters[dict['id']] - cur['id'] = dict['id'] - cur['title'] = dict['title'] - elif title[1] == 'csystem': - if len(title) > 2: - clusterName = title[2] - if not clusterName in clusters: - clusters[clusterName] = { - 'id': clusterName, - 'csystemList': {}, - 'permList': [] - } - clusters[clusterName]['csystemList'][dict['id']] = { - 'id': dict['id'], - 'title': '__luci__:csystem:' + clusterName, - } - elif title[1] == 'system': - systems[dict['id']] = { - 'id': dict['id'], - 'title': dict['title'], - 'permList': [] - } - cur = systems[dict['id']] - else: - # we don't care - if next_oid is None: break - else: continue - - if cur and '__ac_local_roles__' in dict: - roles = dict['__ac_local_roles__'] - for i in roles: - if not i in users: - users[i] = { 'id': i, 'name': i } - if 'View' in roles[i]: - cur['permList'].append(i) - elif obj_class == 'AccessControl.User.User': - try: - cur_user = users[dict['name']] - except: - try: - cur_user = users[dict['id']] - except: - users[dict['name']] = { 'id': dict['name'] } - cur_user = users[dict['name']] - cur_user['name'] = dict['name'] - cur_user['passwd'] = dict['__'] - elif obj_class == 'Products.CMFCore.MemberDataTool.MemberData': - if not 'id' in dict and not 'name' in dict: - if next_oid is None: break - else: continue + csystem_hash['title'] = '__luci__:csystem:' + cluster_name - try: - cur_user = users[dict['id']] - except: - try: - cur_user = users[dict['name']] - except: - users[dict['id']] = { 'name': dict['id'] } - cur_user = users[dict['id']] - for i in dict: - cur_user[i] = dict[i] - if next_oid is None: - break + if hasattr(csystem[1], '__ac_local_roles__'): + roles = getattr(csystem[1], '__ac_local_roles__') + csystem_hash['permList'] = map(lambda x: x[0], filter(lambda x: len(x) > 1 and 'View' in x[1], roles.items())) + else: + csystem_hash['permList'] = {} + clusters[cluster_name]['csystemList'][csystem[0]] = csystem_hash sys.stderr = orig_stderr conn.close()