Permalink
Browse files

added cumulus specific user tools

modified the service so that a callout to an admin nofication program can be made if the user goes over the quota on unpropagate
  • Loading branch information...
1 parent 9faa8e2 commit 078e82685571a5c09c0daed4f8c19316e46834cd BuzzTroll committed with timf May 28, 2010
View

Large diffs are not rendered by default.

Oops, something went wrong.
@@ -66,11 +66,13 @@ function help() {
echo ""
echo "$OPT_ALL_DNS Prints all active DNs"
echo ""
- echo "$OPT_AUTHZ_ON Enables the groupauthz plugin"
- echo ""
+# leave this option in for now in case we want to look back at pre-gridftp ways
+# but leave it out of the help message
+# echo "$OPT_AUTHZ_ON Enables the groupauthz plugin"
+# echo ""
echo "$OPT_CUMULUS_AUTHZ_ON Enables the groupauthz plugin with the cumulus database"
echo ""
- echo "$OPT_AUTHZ_OFF Disables the groupauthz plugin"
+ echo "$OPT_AUTHZ_OFF Disables the cumulus groupauthz plugin"
echo ""
echo "-h, --help This help output"
echo ""
@@ -339,7 +341,10 @@ function check_decision_file() {
echo ""
echo "----------"
-
+
+ return
+
+ # below is for the legacy gridftp repository management
QUESTION="When you add users on a regular basis, do you want this script to also create the appropriate directories at the cloud repository?"
get_y_n "$QUESTION"
@@ -4,4 +4,4 @@ dir=`dirname $0`
cd $dir/..
source env.sh
-./pycb/tools/add_user.py ${@}
+./pycb/tools/add_user.py "${@}"
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+dir=`dirname $0`
+cd $dir/..
+source env.sh
+
+./pycb/tools/list_users.py "${@}"
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+dir=`dirname $0`
+cd $dir/..
+source env.sh
+
+./pycb/tools/remove_user.py "${@}"
@@ -3,7 +3,7 @@ Cumulus Quickstart
1) Install the software:
- % ./install.sh
+ % ./install.sh <path to installation location>
Optionally you may provide a path where the software will be installed. If
no path is provided the source directory is used.
View
@@ -72,7 +72,7 @@ insert into user_alias_types(name) values ('unix');
create table user_alias(
id INTEGER PRIMARY KEY AUTOINCREMENT,
user_id char(36) REFERENCES users_canonical(id) NOT NULL,
- alias_name varchar(64),
+ alias_name varchar(64) UNIQUE,
friendly_name varchar(128),
alias_type INTEGER REFERENCES user_alias_types(id) NOT NULL,
alias_type_data varchar(1024),
@@ -45,6 +45,9 @@ def __init__(self, alias_name, con_str):
self.alias = a_list[0]
self.user = self.alias.get_canonical_user()
+ def get_canonical_id(self):
+ return self.user.get_id()
+
def get_password(self):
return self.alias.get_data()
@@ -78,6 +81,11 @@ def set_quota(self, max):
self.user.set_quota(max)
self.db_obj.commit()
+ def get_quota(self):
+ q = self.user.get_quota()
+ self.db_obj.commit()
+ return q
+
# return the permission string of the given object
def get_perms(self, bucketName, objectName=None):
global authed_user
@@ -308,7 +316,14 @@ def get_user_id_by_display(self, display_name):
alias = a_list[0]
return alias.get_name()
+ def find_user_id_by_display(self, pattern):
+ db_obj = DB(con_str=self.con_str)
+ a_it = UserAlias.find_all_alias_by_friendly(db_obj, pattern)
+ new_it = map(lambda r: r.get_name(), a_it)
+ return new_it
+def _convert_test_it(a):
+ return a.get_name()
def _convert_bucket_to_cbObject(user, file):
tm = file.get_creation_time()
@@ -326,6 +341,6 @@ def _convert_File_to_cbObject(user, file):
key = file.get_name()
display_name = file.get_name()
# should file meta info come from here or backend?
- obj = cbObject(tm, size, key, display_name, user, md5sum=mds)
+ bj = cbObject(tm, size, key, display_name, user, md5sum=mds)
return obj
@@ -0,0 +1,25 @@
+
+def report_options_to_string(opts, delim=","):
+ rc = ""
+ d = ""
+ for o in opts:
+ rc = rc + d + o
+ d = delim
+ return rc
+
+def print_report(report_obj, cols, opts):
+ choices = cols.split(",")
+
+ out_line = ""
+ d = opts.delim
+ delim = ""
+ for c in choices:
+ v = getattr(report_obj, c)
+ v = str(v)
+ if opts.batch:
+ out_line = out_line + delim + v
+ delim = d
+ else:
+ print "%-15s : %s" % (c, v)
+
+ print out_line
@@ -1,5 +1,6 @@
#!/usr/bin/python
import getpass
+import traceback
import string
import random
import os
@@ -9,24 +10,25 @@
import pynimbusauthz
import shutil
import pycb.cbPosixSecurity
+from pycb.tools.cbToolsException import cbToolsException
from pynimbusauthz.cmd_opts import cbOpts
+g_report_options = ["ID", "password", "quota", "canonical_id"]
+
def setup_options(argv):
u = """[options] <display name>"""
(parser, all_opts) = pynimbusauthz.get_default_options(u)
- opt = cbOpts("password", "p", "set password. If not specified and we are not asked to generate one, the user will be prompted.", None)
- all_opts.append(opt)
- opt = cbOpts("new", "n", "This is a new user", False, flag=True)
+ opt = cbOpts("password", "p", "Set the secret key associated with this cumulus account. If not specified one will be generated.", None)
all_opts.append(opt)
- opt = cbOpts("genkey", "g", "Generate and echo a password", False, flag=False)
+ opt = cbOpts("exist", "e", "Update an existing user", False, flag=True)
all_opts.append(opt)
- opt = cbOpts("remove", "r", "Remove the user", False, flag=False)
+ opt = cbOpts("canonical_id", "c", "Use this canonical user ID. If not specified a new one will be generated. If you are not trying to tie the cumulus account with some other Nimbus account, then you probably do not need to specify this option.", None)
all_opts.append(opt)
- opt = cbOpts("force", "f", "Force the specified action to occur without warning", False, flag=False)
+ opt = cbOpts("report", "r", "Report the selected columns from the following: " + pycb.tools.report_options_to_string(g_report_options), pycb.tools.report_options_to_string(g_report_options))
all_opts.append(opt)
- opt = cbOpts("id", "i", "Use this user ID. If not specified one is generated.", None)
+ opt = cbOpts("delim", "d", "The column separater for the report.", ",")
all_opts.append(opt)
(o, args) = pynimbusauthz.parse_args(parser, all_opts, argv)
@@ -47,58 +49,48 @@ def main(argv=sys.argv[1:]):
(opts, args) = setup_options(argv)
if len(args) == 0:
- print "You must provide a display name. See --help for usage"
- return 1
+ raise cbToolsException('CMDLINE', ["You must provide a display name"])
display_name = args[0]
- if opts.genkey:
+ if opts.password == None:
opts.password = add_user_generate_pw(42)
- if opts.new:
+ if not opts.exist:
# make new user
- if opts.password == None:
- pw1 = getpass.getpass(prompt="Enter new password:").strip()
- pw2 = getpass.getpass(prompt="Retype new password:").strip()
- if pw1 != pw2:
- print "Sorry, passwords do not match"
- return 1
- opts.password = pw1
- if opts.id == None:
- opts.id = add_user_generate_pw(21)
-
- auth.create_user(display_name, opts.id, opts.password, opts)
- print "Created a new user with:"
- print "ID: %s Key: %s" % (opts.id, opts.password)
-
- else:
- try:
- user_id = auth.get_user_id_by_display(display_name)
- except:
- user_id = None
-
- if opts.id == None:
- opts.id = auth.get_user_id_by_display(display_name)
- if opts.id != user_id:
- print "WARNING: The provided user id does not match the display name"
+ if opts.canonical_id == None:
+ opts.canonical_id = add_user_generate_pw(21)
+
+ auth.create_user(display_name, opts.canonical_id, opts.password, opts)
+
+ try:
+ user_id = auth.get_user_id_by_display(display_name)
+ except Exception, ex:
+ raise cbToolsException('UNKNOWN_USER', [display_name], ex)
+
try:
- u = auth.get_user(opts.id)
+ u = auth.get_user(user_id)
except:
- u = None
- if u == None:
- print "The user with id: %s does not exist" % (opts.id)
- return 2
+ raise cbToolsException('UNKNOWN_USER', [user_id], ex)
- if opts.password != None:
- opts.id = u.set_user_pw(opts.password)
- if opts.remove:
- u.remove_user()
+ opts.ID = user_id
+ opts.canonical_id = u.get_canonical_id()
+ opts.quota = u.get_quota()
+ opts.id = u.set_user_pw(opts.password)
+
+ pycb.tools.print_report(opts, opts.report, opts)
return 0
if __name__ == "__main__":
- rc = main()
+ try:
+ rc = main()
+ except cbToolsException, tex:
+ print tex
+ rc = tex.get_rc()
+ except SystemExit:
+ rc = 127
+ except:
+ traceback.print_exc(file=sys.stdout)
+ print 'An unknown error occurred'
+ rc = 128
sys.exit(rc)
-
-
-
-
@@ -42,6 +42,8 @@ def get_default_options(u):
all_opts = []
+ opt = cbOpts("batch", "b", "Set to batch mode for machine parsing", False, flag=True)
+ all_opts.append(opt)
opt = cbOpts("quiet", "q", "Display no output", False, flag=True)
all_opts.append(opt)
opt = cbOpts("verbose", "V", "Display much output", 1, count=True)
@@ -54,10 +56,14 @@ def get_default_options(u):
return (parser, all_opts)
def print_msg(opts, level, msg):
- if opts.quiet:
- return
- if level > opts.verbose:
+ if opts.batch and level != 0:
return
+
+ if not opts.batch or level != 0:
+ if opts.quiet:
+ return
+ if level > opts.verbose:
+ return
opts.out_file.write(msg)
opts.out_file.write('\n')
opts.out_file.flush()
@@ -92,8 +92,12 @@ def get_description(self):
def add_opt(self, parser):
if self.flag != None:
+ if self.default:
+ a = "store_false"
+ else:
+ a = "store_true"
parser.add_option(self.short, self.long, dest=self.dest, default=self.default,
- action="store_true",
+ action=a,
help=self.get_description())
return
@@ -315,6 +315,15 @@ def find_alias_by_friendly(db_obj, fn, type=pynimbusauthz.alias_type_s3):
return c
find_alias_by_friendly = staticmethod(find_alias_by_friendly)
+ def find_all_alias_by_friendly(db_obj, fn, type=pynimbusauthz.alias_type_s3):
+ at = pynimbusauthz.alias_types[type]
+ s = "select "+ UserAlias.get_select_str()+" from user_alias where friendly_name LIKE '%s' and alias_type = ?" % (fn)
+ data = (at,)
+ c = db_obj._run_fetch_iterator(s, data, _convert_alias_row_to_UserAlias)
+ return c
+ find_all_alias_by_friendly = staticmethod(find_all_alias_by_friendly)
+
+
def __str__(self):
return str(self.alias_name) + ":" + str(self.alias_type)
@@ -29,6 +29,7 @@
private static final String GET_USER_USAGE = "SELECT SUM(object_size) FROM objects where owner_id = ? and object_type = ?";
private static final String GET_USER_QUOTA = "SELECT quota from object_quota where user_id = ? and object_type = ?";
private static final String GET_FILE_SIZE = "SELECT object_size FROM objects WHERE id = ?";
+ private static final String GET_FILE_OWNER = "SELECT owner_id FROM objects WHERE id = ?";
public static final int ALIAS_TYPE_S3 = 1;
public static final int ALIAS_TYPE_DN = 2;
@@ -111,6 +112,52 @@ public long getFileSize(
}
}
+ public String getFileOwner(
+ int fileId)
+ throws WorkspaceDatabaseException
+ {
+ Connection c = null;
+ PreparedStatement pstmt = null;
+ ResultSet rs = null;
+
+ try
+ {
+ c = getConnection();
+ pstmt = c.prepareStatement(GET_FILE_OWNER);
+ pstmt.setInt(1, fileId);
+ rs = pstmt.executeQuery();
+ if(!rs.next())
+ {
+ throw new WorkspaceDatabaseException("no such file id found " + fileId);
+ }
+ String owner = rs.getString(1);
+ return owner;
+ }
+ catch(SQLException e)
+ {
+ logger.error("",e);
+ throw new WorkspaceDatabaseException(e);
+ }
+ finally
+ {
+ try
+ {
+ if (pstmt != null)
+ {
+ pstmt.close();
+ }
+ if (c != null)
+ {
+ returnConnection(c);
+ }
+ }
+ catch (SQLException sql)
+ {
+ logger.error("SQLException in finally cleanup", sql);
+ }
+ }
+ }
+
public boolean canStore(
long fileSize,
String canUser,
Oops, something went wrong.

0 comments on commit 078e826

Please sign in to comment.