Context Navigation

cache_acls.py @ 257

Last change on this file since 257 was 257, checked in by ecprice, 16 years ago
Do entire ACL update in a transaction, not for each machine.
File size: 1.7 KB

Line
1	#!/usr/bin/python
2	from sipb_xen_database import *
3	import sys
4	import getafsgroups
5	import subprocess
6
7	def expandLocker(name):
8	groups = getafsgroups.getLockerAcl(name)
9	cell = getafsgroups.getCell(name)
10	ans = set()
11	for group in groups:
12	if ':' in group:
13	ans.update(getafsgroups.getAfsGroupMembers(group, cell))
14	else:
15	ans.add(group)
16	return ans
17
18	def isUser(name):
19	p = subprocess.Popen(['vos', 'examine', 'user.'+name],
20	stdout=subprocess.PIPE, stderr=subprocess.PIPE)
21	if p.wait():
22	return False
23	return True
24
25
26	def expandName(name):
27	if ':' not in name:
28	if isUser(name):
29	return [name]
30	name = 'system:'+name
31	return getafsgroups.getAfsGroupMembers(name, 'athena.mit.edu')
32
33	if __name__ == '__main__':
34	connect('postgres://sipb-xen@sipb-xen-dev/sipb_xen')
35
36	transaction = ctx.current.create_transaction()
37
38	print repr(ctx), repr(ctx.current), repr(transaction)
39	# Remove existing machine access entries
40	machine_access_table.delete()
41	ctx.current.flush()
42
43	try:
44	machines = Machine.select()
45	for m in machines:
46	people = set()
47	people.update(expandLocker(m.owner))
48	people.update(expandName(m.administrator))
49	print '%s: %s' % (m.name, ' '.join(people))
50	for p in people:
51	ma = MachineAccess(machine_id=m.machine_id, user=p)
52	ctx.current.save(ma)
53	ctx.current.flush()
54
55	# Atomically execute our changes
56	transaction.commit()
57	except:
58	# Failed! Rollback all the changes.
59	transaction.rollback()
60	raise

Note: See TracBrowser for help on using the repository browser.