source: trunk/packages/sipb-xen-www/code/cache_acls.py @ 944

Last change on this file since 944 was 879, checked in by y_z, 16 years ago
  • further integration of invirt.config
File size: 1.8 KB
Line 
1#!/usr/bin/python
2from invirt.database import *
3from invirt.config import structs as config
4import sys
5import getafsgroups
6import subprocess
7
8def expandLocker(name):
9    groups = getafsgroups.getLockerAcl(name)
10    cell = getafsgroups.getCell(name)
11    ans = set()
12    for group in groups:
13        if ':' in group:
14            ans.update(getafsgroups.getAfsGroupMembers(group, cell))
15        else:
16            ans.add(group)
17    return ans
18
19def isUser(name):
20    p = subprocess.Popen(['vos', 'examine', 'user.'+name],
21                         stdout=subprocess.PIPE, stderr=subprocess.PIPE)
22    if p.wait():
23        return False
24    return True
25   
26
27def expandName(name):
28    if ':' not in name:
29        if isUser(name):
30            return [name]
31        return []
32    try:
33        return getafsgroups.getAfsGroupMembers(name, config.authz[0].cell)
34    except getafsgroups.AfsProcessError:
35        return []
36
37def accessList(m):
38    people = set()
39    people.update(expandLocker(m.owner))
40    people.update(expandName(m.administrator))
41    return people
42
43def refreshMachine(m):
44    people = accessList(m)
45    old_people = set(a.user for a in m.acl)
46    for removed in old_people - people:
47        ma = [x for x in m.acl if x.user == removed][0]
48        ctx.current.delete(ma)
49    for p in people - old_people:
50        ma = MachineAccess(user=p)
51        m.acl.append(ma)
52        ctx.current.save(ma)
53   
54def refreshCache():
55    transaction = ctx.current.create_transaction()
56
57    try:
58        machines = Machine.select()
59        for m in machines:
60            refreshMachine(m)
61        ctx.current.flush()
62           
63        # Atomically execute our changes
64        transaction.commit()
65    except:
66        # Failed! Rollback all the changes.
67        transaction.rollback()
68        raise
69
70if __name__ == '__main__':
71    connect()
72    refreshCache()
Note: See TracBrowser for help on using the repository browser.