Context Navigation

cache_acls.py @ 258

Last change on this file since 258 was 257, checked in by ecprice, 17 years ago
Do entire ACL update in a transaction, not for each machine.
File size: 1.7 KB

Rev	Line
[249]	1	#!/usr/bin/python
	2	from sipb_xen_database import *
	3	import sys
	4	import getafsgroups
	5	import subprocess
	6
	7	def expandLocker(name):
	8	groups = getafsgroups.getLockerAcl(name)
	9	cell = getafsgroups.getCell(name)
	10	ans = set()
	11	for group in groups:
	12	if ':' in group:
	13	ans.update(getafsgroups.getAfsGroupMembers(group, cell))
	14	else:
	15	ans.add(group)
	16	return ans
	17
	18	def isUser(name):
	19	p = subprocess.Popen(['vos', 'examine', 'user.'+name],
	20	stdout=subprocess.PIPE, stderr=subprocess.PIPE)
	21	if p.wait():
	22	return False
	23	return True
	24
	25
	26	def expandName(name):
	27	if ':' not in name:
	28	if isUser(name):
	29	return [name]
	30	name = 'system:'+name
	31	return getafsgroups.getAfsGroupMembers(name, 'athena.mit.edu')
	32
	33	if __name__ == '__main__':
	34	connect('postgres://sipb-xen@sipb-xen-dev/sipb_xen')
	35
[257]	36	transaction = ctx.current.create_transaction()
	37
	38	print repr(ctx), repr(ctx.current), repr(transaction)
	39	# Remove existing machine access entries
	40	machine_access_table.delete()
	41	ctx.current.flush()
	42
	43	try:
	44	machines = Machine.select()
	45	for m in machines:
	46	people = set()
	47	people.update(expandLocker(m.owner))
	48	people.update(expandName(m.administrator))
	49	print '%s: %s' % (m.name, ' '.join(people))
	50	for p in people:
	51	ma = MachineAccess(machine_id=m.machine_id, user=p)
	52	ctx.current.save(ma)
	53	ctx.current.flush()
	54
	55	# Atomically execute our changes
[249]	56	transaction.commit()
[257]	57	except:
	58	# Failed! Rollback all the changes.
	59	transaction.rollback()
	60	raise

Note: See TracBrowser for help on using the repository browser.