|
Last change
on this file was
2981,
checked in by iannucci, 16 years ago
|
|
Made cache_acls use invirt.authz.
|
-
Property svn:executable set to
*
|
|
File size:
1.5 KB
|
| Rev | Line | |
|---|
| [249] | 1 | #!/usr/bin/python |
|---|
| [863] | 2 | from invirt.database import * |
|---|
| [879] | 3 | from invirt.config import structs as config |
|---|
| [2981] | 4 | from invirt import authz |
|---|
| [249] | 5 | |
|---|
| [410] | 6 | def accessList(m): |
|---|
| [263] | 7 | people = set() |
|---|
| [2981] | 8 | people.update(authz.expandOwner(m.owner)) |
|---|
| [1709] | 9 | if m.administrator is not None: |
|---|
| [2981] | 10 | people.update(authz.expandAdmin(m.administrator)) |
|---|
| [410] | 11 | return people |
|---|
| 12 | |
|---|
| 13 | def refreshMachine(m): |
|---|
| 14 | people = accessList(m) |
|---|
| [263] | 15 | old_people = set(a.user for a in m.acl) |
|---|
| 16 | for removed in old_people - people: |
|---|
| 17 | ma = [x for x in m.acl if x.user == removed][0] |
|---|
| [1013] | 18 | session.delete(ma) |
|---|
| [263] | 19 | for p in people - old_people: |
|---|
| [589] | 20 | ma = MachineAccess(user=p) |
|---|
| 21 | m.acl.append(ma) |
|---|
| [1013] | 22 | session.save_or_update(ma) |
|---|
| [2981] | 23 | |
|---|
| [262] | 24 | def refreshCache(): |
|---|
| [1013] | 25 | session.begin() |
|---|
| [257] | 26 | |
|---|
| 27 | try: |
|---|
| [1095] | 28 | machines = Machine.query().all() |
|---|
| [257] | 29 | for m in machines: |
|---|
| [263] | 30 | refreshMachine(m) |
|---|
| [1013] | 31 | session.flush() |
|---|
| [2981] | 32 | |
|---|
| [2223] | 33 | # Update the admin ACL as well |
|---|
| [2981] | 34 | admin_acl = set(authz.expandAdmin(config.adminacl)) |
|---|
| [2223] | 35 | old_admin_acl = set(a.user for a in Admin.query()) |
|---|
| 36 | for removed in old_admin_acl - admin_acl: |
|---|
| [2226] | 37 | old = Admin.query.filter_by(user=removed).first() |
|---|
| 38 | session.delete(old) |
|---|
| [2223] | 39 | for added in admin_acl - old_admin_acl: |
|---|
| 40 | a = Admin(user=added) |
|---|
| 41 | session.save_or_update(a) |
|---|
| 42 | session.flush() |
|---|
| 43 | |
|---|
| [257] | 44 | # Atomically execute our changes |
|---|
| [1013] | 45 | session.commit() |
|---|
| [257] | 46 | except: |
|---|
| 47 | # Failed! Rollback all the changes. |
|---|
| [1013] | 48 | session.rollback() |
|---|
| [257] | 49 | raise |
|---|
| [262] | 50 | |
|---|
| 51 | if __name__ == '__main__': |
|---|
| [863] | 52 | connect() |
|---|
| [262] | 53 | refreshCache() |
|---|
Note: See
TracBrowser
for help on using the repository browser.
