Infrastructure/fedora-infrastructure
1
0
Fork 0
Code Issues 70 Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of ssh://git.fedorahosted.org/git/fedora-infrastructure

Browse source
This commit is contained in:
Toshio Kuratomi 2008-03-03 14:34:35 -08:00
commit 353f67a436
6 changed files with 110 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

13
fas/client/fas.conf Normal file
View file

@ -0,0 +1,13 @@
[global]
url = http://localhost:8088/fas/
temp = /var/db
login = admin
password = admin
[host]
groups = accounts,fedorabugs
[users]
# default user info
shell = /bin/bash
home = /home/fedora

134
fas/client/fasClient.py
View file

@ -30,8 +30,7 @@ from optparse import OptionParser
from shutil import move, rmtree
from rhpl.translate import _
FAS_URL = 'http://localhost:8088/fas/'
import ConfigParser
parser = OptionParser()
@ -40,6 +39,11 @@ parser.add_option('-i', '--install',
default = False,
action = 'store_true',
help = _('Download and sync most recent content'))
parser.add_option('-c', '--config',
dest = 'CONFIG_FILE',
default = '/etc/fas.conf',
metavar = 'CONFIG_FILE',
help = _('Specify config file (default "%default")'))
parser.add_option('--nogroup',
dest = 'no_group',
default = False,
@ -57,9 +61,9 @@ parser.add_option('--noshadow',
help = _('Do not sync shadow information'))
parser.add_option('-s', '--server',
dest = 'FAS_URL',
default = FAS_URL,
default = None,
metavar = 'FAS_URL',
help = _('Specify URL of fas server (default "%default")'))
help = _('Specify URL of fas server.'))
parser.add_option('-e', '--enable',
dest = 'enable',
default = False,
@ -71,17 +75,35 @@ parser.add_option('-d', '--disable',
action = 'store_true',
help = _('Disable FAS synced shell accounts'))
(opts, args) = parser.parse_args()
try:
config = ConfigParser.ConfigParser()
if os.path.exists(opts.CONFIG_FILE):
config.read(opts.CONFIG_FILE)
elif os.path.exists('fas.conf'):
config.read('fas.conf')
print >> sys.stderr, "Could not open %s, defaulting to ./fas.conf" % opts.CONFIG_FILE
else:
print >> sys.stderr, "Could not open %s." % opts.CONFIG_FILE
sys.exit(5)
except ConfigParser.MissingSectionHeaderError, e:
print >> sys.stderr, "Config file does not have proper formatting - %s" % e
sys.exit(6)
FAS_URL = config.get('global', 'url')
class MakeShellAccounts(BaseClient):
temp = None
groups = None
People = None
def mk_tempdir(self):
self.temp = tempfile.mkdtemp('-tmp', 'fas-', '/var/db')
self.temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
def rm_tempdir(self):
rmtree(self.temp)
def shadow_text(self, people=None):
i = 0
@ -102,18 +124,20 @@ class MakeShellAccounts(BaseClient):
def passwd_text(self, people=None):
i = 0
file = open(self.temp + '/passwd.txt', 'w')
if not people:
if not self.people:
people = self.people_list()
for person in people:
uid = person['id']
username = person['username']
human_name = person['human_name']
home_dir = "/home/fedora/%s" % username
shell = "/bin/bash"
file.write("=%s %s:x:%i:%i:%s:%s:%s\n" % (uid, username, uid, uid, human_name, home_dir, shell))
file.write("0%i %s:x:%i:%i:%s:%s:%s\n" % (i, username, uid, uid, human_name, home_dir, shell))
file.write(".%s %s:x:%i:%i:%s:%s:%s\n" % (username, username, uid, uid, human_name, home_dir, shell))
i = i + 1
local_groups = config.get('host', 'groups')
for group in local_groups.split(','):
for person in people:
uid = person['id']
username = person['username']
human_name = person['human_name']
home_dir = "%s/%s" % (config.get('users', 'home'), username)
shell = config.get('users', 'shell')
file.write("=%s %s:x:%i:%i:%s:%s:%s\n" % (uid, username, uid, uid, human_name, home_dir, shell))
file.write("0%i %s:x:%i:%i:%s:%s:%s\n" % (i, username, uid, uid, human_name, home_dir, shell))
file.write(".%s %s:x:%i:%i:%s:%s:%s\n" % (username, username, uid, uid, human_name, home_dir, shell))
i = i + 1
file.close()
def groups_text(self, groups=None, people=None):
@ -157,18 +181,18 @@ class MakeShellAccounts(BaseClient):
def group_list(self, search='*'):
params = {'search' : search}
data = self.send_request('group/list', auth=True, input=params)
return data
self.groups = self.send_request('group/list', auth=True, input=params)
return self.groups
def people_list(self, search='*'):
params = {'search' : search}
data = self.send_request('user/list', auth=True, input=params)
return data['people']
self.people = self.send_request('user/list', auth=True, input=params)['people']
return self.people
def make_group_db(self):
self.groups_text()
os.system('makedb -o %s/group.db %s/group.txt' % (self.temp, self.temp))
def make_passwd_db(self):
self.passwd_text()
os.system('makedb -o %s/passwd.db %s/passwd.txt' % (self.temp, self.temp))
@ -197,46 +221,56 @@ class MakeShellAccounts(BaseClient):
print "ERROR: Could not write group db - %s" % e
def enable():
old = open('/etc/nsswitch.conf', 'r')
new = open('/tmp/.fas.nsswitch.conf', 'w')
temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
old = open('/etc/sysconfig/authconfig', 'r')
new = open(temp + '/authconfig', 'w')
for line in old:
if line.startswith('passwd') or line.startswith('shadow') or line.startswith('group'):
parts = line.split()
if 'db' in parts:
print "%s already has db enabled" % parts[0].split(':')[0]
else:
line = line.strip('\n')
line += ' db\n'
new.write(line)
if line.startswith("USEDB"):
new.write("USEDB=yes\n")
else:
new.write(line)
new.close()
old.close()
try:
move('/tmp/.fas.nsswitch.conf', '/etc/nsswitch.conf')
move(temp + '/authconfig', '/etc/sysconfig/authconfig')
except IOError, e:
print "ERROR: Could not write nsswitch.conf - %s" % e
print "ERROR: Could not write /etc/sysconfig/authconfig - %s" % e
sys.exit(5)
os.system('/usr/sbin/authconfig --enablepamaccess --updateall')
rmtree(temp)
def disable():
old = open('/etc/nsswitch.conf', 'r')
new = open('/tmp/.fas.nsswitch.conf', 'w')
temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
old = open('/etc/sysconfig/authconfig', 'r')
new = open(temp + '/authconfig', 'w')
for line in old:
if line.startswith('passwd') or line.startswith('shadow') or line.startswith('group'):
parts = line.split()
if 'db' in parts:
line = line.replace(' db', '')
else:
print "%s already has db disabled" % parts[0].split(':')[0]
new.write(line)
if line.startswith("USEDB"):
new.write("USEDB=no\n")
else:
new.write(line)
old.close()
new.close()
try:
move('/tmp/.fas.nsswitch.conf', '/etc/nsswitch.conf')
move(temp + '/authconfig', '/etc/sysconfig/authconfig')
except IOError, e:
print "ERROR: Could not write nsswitch.conf - %s" % e
print "ERROR: Could not write /etc/sysconfig/authconfig - %s" % e
sys.exit(5)
os.system('/usr/sbin/authconfig --disablepamaccess --updateall')
rmtree(temp)
if __name__ == '__main__':
if opts.enable:
enable()
if opts.disable:
disable()
if opts.install:
try:
fas = MakeShellAccounts(FAS_URL, 'admin', 'admin', False)
fas = MakeShellAccounts(FAS_URL, config.get('global', 'login'), config.get('global', 'password'), False)
except AuthError, e:
print e
print >> sys.stderr, e
sys.exit(1)
fas.mk_tempdir()
fas.make_group_db()
@ -249,9 +283,5 @@ if __name__ == '__main__':
if not opts.no_shadow:
fas.install_shadow_db()
fas.rm_tempdir()
if opts.enable:
enable()
if opts.disable:
disable()
if not (opts.install or opts.enable or opts.disable):
parser.print_help()

7
fas/fas/cla.py
View file

@ -46,6 +46,11 @@ class CLA(controllers.Controller):
'''View CLA'''
username = turbogears.identity.current.user_name
person = People.by_username(username)
if not person.telephone or \
not person.postal_address or \
not person.gpg_keyid:
turbogears.flash(_('To sign the CLA we must have your telephone number, postal address and gpg key id. Please ensure they have been filled out'))
turbogears.redirect('/user/edit/%s' % username)
if type == 'click':
if signedCLAPrivs(person):
@ -82,7 +87,7 @@ class CLA(controllers.Controller):
'''Sign CLA'''
username = turbogears.identity.current.user_name
person = People.by_username(username)
if signedCLAPrivs(person):
turbogears.flash(_('You have already signed the CLA.'))
turbogears.redirect('/cla/')

11
fas/fas/templates/cla/index.html
View file

@ -11,10 +11,13 @@
<p>
${Markup(_('There are two ways to sign the CLA. Most users will want to do a signed CLA as it will promote them to a full contributor in Fedora. The click-through CLA only grants partial access but may be preferred for those with special legal considerations. See: &lt;a href="http://fedoraproject.org/wiki/Legal/CLAAcceptanceHierarchies"&gt;CLA Acceptance Hierarchies&lt;/a&gt; for more information.'))}
</p>
<ul py:if="not signedCLA">
<li><a href="${tg.url('/cla/view/sign')}">${_('Signed CLA')}</a></li>
<li py:if="not clickedCLA"><a href="${tg.url('/cla/view/click')}">${_('Click-through CLA')}</a></li>
</ul>
<br/>
<p>
<ul py:if="not signedCLA">
<li><a href="${tg.url('/cla/view/sign')}">${_('Sign Contributor License Agreement (CLA)')}</a></li>
<!--<li py:if="not clickedCLA"><a href="${tg.url('/cla/view/click')}">${_('Click-through CLA')}</a></li>-->
</ul>
</p>
<p py:if="signedCLA">
${Markup(_('You have already sucessfully signed the &lt;a href="%s"&gt;CLA&lt;/a&gt;.') % tg.url('/cla/view'))}
</p>

3
fas/fas/templates/user/new.html
View file

@ -26,7 +26,6 @@
<label for="fedoraPersonBugzillaMail">${_('Bugzilla Email:')}</label>
<input type="text" id="mail" name="fedoraPersonBugzillaMail" />
</div>
-->
<div class="field">
<label for="telephone">${_('Telephone Number:')}</label>
<input type="text" id="telephone" name="telephone" />
@ -34,7 +33,7 @@
<div class="field">
<label for="postal_address">${_('Postal Address:')}</label>
<textarea id="postal_address" name="postal_address"></textarea>
</div>
</div>-->
<div class="field">
<input type="submit" value="${_('Sign up!')}" />
</div>

2
fas/fas/user.py
View file

@ -255,7 +255,7 @@ class User(controllers.Controller):
@validate(validators=UserCreate())
@error_handler(error)
@expose(template='fas.templates.new')
def create(self, username, human_name, email, telephone, postal_address):
def create(self, username, human_name, email, telephone=None, postal_address=None):
# TODO: Ensure that e-mails are unique?
# Also, perhaps implement a timeout- delete account
# if the e-mail is not verified (i.e. the person changes