source: trunk/packages/sipb-xen-www/code/cache_acls.py @ 1115

Last change on this file since 1115 was 1095, checked in by broder, 16 years ago

Fix a SQLAlchemy bug in the web ACL caching code

File size: 1.8 KB
RevLine 
[249]1#!/usr/bin/python
[863]2from invirt.database import *
[879]3from invirt.config import structs as config
[249]4import sys
5import getafsgroups
6import subprocess
7
8def expandLocker(name):
9    groups = getafsgroups.getLockerAcl(name)
10    cell = getafsgroups.getCell(name)
11    ans = set()
12    for group in groups:
13        if ':' in group:
14            ans.update(getafsgroups.getAfsGroupMembers(group, cell))
15        else:
16            ans.add(group)
17    return ans
18
19def isUser(name):
20    p = subprocess.Popen(['vos', 'examine', 'user.'+name],
21                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
22    if p.wait():
23        return False
24    return True
25   
26
27def expandName(name):
28    if ':' not in name:
29        if isUser(name):
30            return [name]
[434]31        return []
[413]32    try:
[879]33        return getafsgroups.getAfsGroupMembers(name, config.authz[0].cell)
[413]34    except getafsgroups.AfsProcessError:
35        return []
[249]36
[410]37def accessList(m):
[263]38    people = set()
39    people.update(expandLocker(m.owner))
40    people.update(expandName(m.administrator))
[410]41    return people
42
43def refreshMachine(m):
44    people = accessList(m)
[263]45    old_people = set(a.user for a in m.acl)
46    for removed in old_people - people:
47        ma = [x for x in m.acl if x.user == removed][0]
[1013]48        session.delete(ma)
[263]49    for p in people - old_people:
[589]50        ma = MachineAccess(user=p)
51        m.acl.append(ma)
[1013]52        session.save_or_update(ma)
[263]53   
[262]54def refreshCache():
[1013]55    session.begin()
[257]56
57    try:
[1095]58        machines = Machine.query().all()
[257]59        for m in machines:
[263]60            refreshMachine(m)
[1013]61        session.flush()
[257]62           
63        # Atomically execute our changes
[1013]64        session.commit()
[257]65    except:
66        # Failed! Rollback all the changes.
[1013]67        session.rollback()
[257]68        raise
[262]69
70if __name__ == '__main__':
[863]71    connect()
[262]72    refreshCache()
Note: See TracBrowser for help on using the repository browser.