source: trunk/packages/sipb-xen-www/code/cache_acls.py @ 699

Last change on this file since 699 was 589, checked in by ecprice, 17 years ago

Set machine_access to be a private attribute of machine, so the acl is
deleted automatically when the machine is destroyed.

File size: 1.8 KB
RevLine 
[249]1#!/usr/bin/python
2from sipb_xen_database import *
3import sys
4import getafsgroups
5import subprocess
6
7def expandLocker(name):
8    groups = getafsgroups.getLockerAcl(name)
9    cell = getafsgroups.getCell(name)
10    ans = set()
11    for group in groups:
12        if ':' in group:
13            ans.update(getafsgroups.getAfsGroupMembers(group, cell))
14        else:
15            ans.add(group)
16    return ans
17
18def isUser(name):
19    p = subprocess.Popen(['vos', 'examine', 'user.'+name],
20                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
21    if p.wait():
22        return False
23    return True
24   
25
26def expandName(name):
27    if ':' not in name:
28        if isUser(name):
29            return [name]
[434]30        return []
[413]31    try:
32        return getafsgroups.getAfsGroupMembers(name, 'athena.mit.edu')
33    except getafsgroups.AfsProcessError:
34        return []
[249]35
[410]36def accessList(m):
[263]37    people = set()
38    people.update(expandLocker(m.owner))
39    people.update(expandName(m.administrator))
[410]40    return people
41
42def refreshMachine(m):
43    people = accessList(m)
[263]44    old_people = set(a.user for a in m.acl)
45    for removed in old_people - people:
46        ma = [x for x in m.acl if x.user == removed][0]
47        ctx.current.delete(ma)
48    for p in people - old_people:
[589]49        ma = MachineAccess(user=p)
50        m.acl.append(ma)
[263]51        ctx.current.save(ma)
52   
[262]53def refreshCache():
[257]54    transaction = ctx.current.create_transaction()
55
56    try:
57        machines = Machine.select()
58        for m in machines:
[263]59            refreshMachine(m)
60        ctx.current.flush()
[257]61           
62        # Atomically execute our changes
[249]63        transaction.commit()
[257]64    except:
65        # Failed! Rollback all the changes.
66        transaction.rollback()
67        raise
[262]68
69if __name__ == '__main__':
70    connect('postgres://sipb-xen@sipb-xen-dev/sipb_xen')
71    refreshCache()
Note: See TracBrowser for help on using the repository browser.