source: trunk/packages/invirt-web/code/cache_acls.py @ 3030

Last change on this file since 3030 was 2981, checked in by iannucci, 15 years ago

Made cache_acls use invirt.authz.

  • Property svn:executable set to *
File size: 1.5 KB
Line 
1#!/usr/bin/python
2from invirt.database import *
3from invirt.config import structs as config
4from invirt import authz
5
6def accessList(m):
7    people = set()
8    people.update(authz.expandOwner(m.owner))
9    if m.administrator is not None:
10        people.update(authz.expandAdmin(m.administrator))
11    return people
12
13def refreshMachine(m):
14    people = accessList(m)
15    old_people = set(a.user for a in m.acl)
16    for removed in old_people - people:
17        ma = [x for x in m.acl if x.user == removed][0]
18        session.delete(ma)
19    for p in people - old_people:
20        ma = MachineAccess(user=p)
21        m.acl.append(ma)
22        session.save_or_update(ma)
23
24def refreshCache():
25    session.begin()
26
27    try:
28        machines = Machine.query().all()
29        for m in machines:
30            refreshMachine(m)
31        session.flush()
32
33        # Update the admin ACL as well
34        admin_acl = set(authz.expandAdmin(config.adminacl))
35        old_admin_acl = set(a.user for a in Admin.query())
36        for removed in old_admin_acl - admin_acl:
37            old = Admin.query.filter_by(user=removed).first()
38            session.delete(old)
39        for added in admin_acl - old_admin_acl:
40            a = Admin(user=added)
41            session.save_or_update(a)
42        session.flush()
43   
44        # Atomically execute our changes
45        session.commit()
46    except:
47        # Failed! Rollback all the changes.
48        session.rollback()
49        raise
50
51if __name__ == '__main__':
52    connect()
53    refreshCache()
Note: See TracBrowser for help on using the repository browser.