Infrastructure/fedora-infrastructure
1
0
Fork 0
Code Issues 70 Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of ssh://git.fedorahosted.org/git/fedora-infrastructure

Browse source
This commit is contained in:
Toshio Kuratomi 2008-03-03 14:34:35 -08:00
commit 353f67a436
6 changed files with 110 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

13
fas/client/fas.conf Normal file
View file

@ -0,0 +1,13 @@
[global]
url = http://localhost:8088/fas/
temp = /var/db
login = admin
password = admin
[host]
groups = accounts,fedorabugs
[users]
# default user info
shell = /bin/bash
home = /home/fedora

106
fas/client/fasClient.py
View file

@ -30,8 +30,7 @@ from optparse import OptionParser
from shutil import move, rmtree from shutil import move, rmtree
from rhpl.translate import _ from rhpl.translate import _
FAS_URL = 'http://localhost:8088/fas/' import ConfigParser
parser = OptionParser() parser = OptionParser()
@ -40,6 +39,11 @@ parser.add_option('-i', '--install',
default = False, default = False,
action = 'store_true', action = 'store_true',
help = _('Download and sync most recent content')) help = _('Download and sync most recent content'))
parser.add_option('-c', '--config',
dest = 'CONFIG_FILE',
default = '/etc/fas.conf',
metavar = 'CONFIG_FILE',
help = _('Specify config file (default "%default")'))
parser.add_option('--nogroup', parser.add_option('--nogroup',
dest = 'no_group', dest = 'no_group',
default = False, default = False,
@ -57,9 +61,9 @@ parser.add_option('--noshadow',
help = _('Do not sync shadow information')) help = _('Do not sync shadow information'))
parser.add_option('-s', '--server', parser.add_option('-s', '--server',
dest = 'FAS_URL', dest = 'FAS_URL',
default = FAS_URL, default = None,
metavar = 'FAS_URL', metavar = 'FAS_URL',
help = _('Specify URL of fas server (default "%default")')) help = _('Specify URL of fas server.'))
parser.add_option('-e', '--enable', parser.add_option('-e', '--enable',
dest = 'enable', dest = 'enable',
default = False, default = False,
@ -71,18 +75,36 @@ parser.add_option('-d', '--disable',
action = 'store_true', action = 'store_true',
help = _('Disable FAS synced shell accounts')) help = _('Disable FAS synced shell accounts'))
(opts, args) = parser.parse_args() (opts, args) = parser.parse_args()
try:
config = ConfigParser.ConfigParser()
if os.path.exists(opts.CONFIG_FILE):
config.read(opts.CONFIG_FILE)
elif os.path.exists('fas.conf'):
config.read('fas.conf')
print >> sys.stderr, "Could not open %s, defaulting to ./fas.conf" % opts.CONFIG_FILE
else:
print >> sys.stderr, "Could not open %s." % opts.CONFIG_FILE
sys.exit(5)
except ConfigParser.MissingSectionHeaderError, e:
print >> sys.stderr, "Config file does not have proper formatting - %s" % e
sys.exit(6)
FAS_URL = config.get('global', 'url')
class MakeShellAccounts(BaseClient): class MakeShellAccounts(BaseClient):
temp = None temp = None
groups = None
People = None
def mk_tempdir(self): def mk_tempdir(self):
self.temp = tempfile.mkdtemp('-tmp', 'fas-', '/var/db') self.temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
def rm_tempdir(self): def rm_tempdir(self):
rmtree(self.temp) rmtree(self.temp)
def shadow_text(self, people=None): def shadow_text(self, people=None):
i = 0 i = 0
file = open(self.temp + '/shadow.txt', 'w') file = open(self.temp + '/shadow.txt', 'w')
@ -102,14 +124,16 @@ class MakeShellAccounts(BaseClient):
def passwd_text(self, people=None): def passwd_text(self, people=None):
i = 0 i = 0
file = open(self.temp + '/passwd.txt', 'w') file = open(self.temp + '/passwd.txt', 'w')
if not people: if not self.people:
people = self.people_list() people = self.people_list()
local_groups = config.get('host', 'groups')
for group in local_groups.split(','):
for person in people: for person in people:
uid = person['id'] uid = person['id']
username = person['username'] username = person['username']
human_name = person['human_name'] human_name = person['human_name']
home_dir = "/home/fedora/%s" % username home_dir = "%s/%s" % (config.get('users', 'home'), username)
shell = "/bin/bash" shell = config.get('users', 'shell')
file.write("=%s %s:x:%i:%i:%s:%s:%s\n" % (uid, username, uid, uid, human_name, home_dir, shell)) file.write("=%s %s:x:%i:%i:%s:%s:%s\n" % (uid, username, uid, uid, human_name, home_dir, shell))
file.write("0%i %s:x:%i:%i:%s:%s:%s\n" % (i, username, uid, uid, human_name, home_dir, shell)) file.write("0%i %s:x:%i:%i:%s:%s:%s\n" % (i, username, uid, uid, human_name, home_dir, shell))
file.write(".%s %s:x:%i:%i:%s:%s:%s\n" % (username, username, uid, uid, human_name, home_dir, shell)) file.write(".%s %s:x:%i:%i:%s:%s:%s\n" % (username, username, uid, uid, human_name, home_dir, shell))
@ -157,13 +181,13 @@ class MakeShellAccounts(BaseClient):
def group_list(self, search='*'): def group_list(self, search='*'):
params = {'search' : search} params = {'search' : search}
data = self.send_request('group/list', auth=True, input=params) self.groups = self.send_request('group/list', auth=True, input=params)
return data return self.groups
def people_list(self, search='*'): def people_list(self, search='*'):
params = {'search' : search} params = {'search' : search}
data = self.send_request('user/list', auth=True, input=params) self.people = self.send_request('user/list', auth=True, input=params)['people']
return data['people'] return self.people
def make_group_db(self): def make_group_db(self):
self.groups_text() self.groups_text()
@ -197,46 +221,56 @@ class MakeShellAccounts(BaseClient):
print "ERROR: Could not write group db - %s" % e print "ERROR: Could not write group db - %s" % e
def enable(): def enable():
old = open('/etc/nsswitch.conf', 'r') temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
new = open('/tmp/.fas.nsswitch.conf', 'w')
old = open('/etc/sysconfig/authconfig', 'r')
new = open(temp + '/authconfig', 'w')
for line in old: for line in old:
if line.startswith('passwd') or line.startswith('shadow') or line.startswith('group'): if line.startswith("USEDB"):
parts = line.split() new.write("USEDB=yes\n")
if 'db' in parts:
print "%s already has db enabled" % parts[0].split(':')[0]
else: else:
line = line.strip('\n')
line += ' db\n'
new.write(line) new.write(line)
new.close() new.close()
old.close()
try: try:
move('/tmp/.fas.nsswitch.conf', '/etc/nsswitch.conf') move(temp + '/authconfig', '/etc/sysconfig/authconfig')
except IOError, e: except IOError, e:
print "ERROR: Could not write nsswitch.conf - %s" % e print "ERROR: Could not write /etc/sysconfig/authconfig - %s" % e
sys.exit(5)
os.system('/usr/sbin/authconfig --enablepamaccess --updateall')
rmtree(temp)
def disable(): def disable():
old = open('/etc/nsswitch.conf', 'r') temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
new = open('/tmp/.fas.nsswitch.conf', 'w') old = open('/etc/sysconfig/authconfig', 'r')
new = open(temp + '/authconfig', 'w')
for line in old: for line in old:
if line.startswith('passwd') or line.startswith('shadow') or line.startswith('group'): if line.startswith("USEDB"):
parts = line.split() new.write("USEDB=no\n")
if 'db' in parts:
line = line.replace(' db', '')
else: else:
print "%s already has db disabled" % parts[0].split(':')[0]
new.write(line) new.write(line)
old.close()
new.close() new.close()
try: try:
move('/tmp/.fas.nsswitch.conf', '/etc/nsswitch.conf') move(temp + '/authconfig', '/etc/sysconfig/authconfig')
except IOError, e: except IOError, e:
print "ERROR: Could not write nsswitch.conf - %s" % e print "ERROR: Could not write /etc/sysconfig/authconfig - %s" % e
sys.exit(5)
os.system('/usr/sbin/authconfig --disablepamaccess --updateall')
rmtree(temp)
if __name__ == '__main__': if __name__ == '__main__':
if opts.enable:
enable()
if opts.disable:
disable()
if opts.install: if opts.install:
try: try:
fas = MakeShellAccounts(FAS_URL, 'admin', 'admin', False) fas = MakeShellAccounts(FAS_URL, config.get('global', 'login'), config.get('global', 'password'), False)
except AuthError, e: except AuthError, e:
print e print >> sys.stderr, e
sys.exit(1) sys.exit(1)
fas.mk_tempdir() fas.mk_tempdir()
fas.make_group_db() fas.make_group_db()
@ -249,9 +283,5 @@ if __name__ == '__main__':
if not opts.no_shadow: if not opts.no_shadow:
fas.install_shadow_db() fas.install_shadow_db()
fas.rm_tempdir() fas.rm_tempdir()
if opts.enable:
enable()
if opts.disable:
disable()
if not (opts.install or opts.enable or opts.disable): if not (opts.install or opts.enable or opts.disable):
parser.print_help() parser.print_help()

5
fas/fas/cla.py
View file

@ -46,6 +46,11 @@ class CLA(controllers.Controller):
'''View CLA''' '''View CLA'''
username = turbogears.identity.current.user_name username = turbogears.identity.current.user_name
person = People.by_username(username) person = People.by_username(username)
if not person.telephone or \
not person.postal_address or \
not person.gpg_keyid:
turbogears.flash(_('To sign the CLA we must have your telephone number, postal address and gpg key id. Please ensure they have been filled out'))
turbogears.redirect('/user/edit/%s' % username)
if type == 'click': if type == 'click':
if signedCLAPrivs(person): if signedCLAPrivs(person):

7
fas/fas/templates/cla/index.html
View file

@ -11,10 +11,13 @@
<p> <p>
${Markup(_('There are two ways to sign the CLA. Most users will want to do a signed CLA as it will promote them to a full contributor in Fedora. The click-through CLA only grants partial access but may be preferred for those with special legal considerations. See: &lt;a href="http://fedoraproject.org/wiki/Legal/CLAAcceptanceHierarchies"&gt;CLA Acceptance Hierarchies&lt;/a&gt; for more information.'))} ${Markup(_('There are two ways to sign the CLA. Most users will want to do a signed CLA as it will promote them to a full contributor in Fedora. The click-through CLA only grants partial access but may be preferred for those with special legal considerations. See: &lt;a href="http://fedoraproject.org/wiki/Legal/CLAAcceptanceHierarchies"&gt;CLA Acceptance Hierarchies&lt;/a&gt; for more information.'))}
</p> </p>
<br/>
<p>
<ul py:if="not signedCLA"> <ul py:if="not signedCLA">
<li><a href="${tg.url('/cla/view/sign')}">${_('Signed CLA')}</a></li> <li><a href="${tg.url('/cla/view/sign')}">${_('Sign Contributor License Agreement (CLA)')}</a></li>
<li py:if="not clickedCLA"><a href="${tg.url('/cla/view/click')}">${_('Click-through CLA')}</a></li> <!--<li py:if="not clickedCLA"><a href="${tg.url('/cla/view/click')}">${_('Click-through CLA')}</a></li>-->
</ul> </ul>
</p>
<p py:if="signedCLA"> <p py:if="signedCLA">
${Markup(_('You have already sucessfully signed the &lt;a href="%s"&gt;CLA&lt;/a&gt;.') % tg.url('/cla/view'))} ${Markup(_('You have already sucessfully signed the &lt;a href="%s"&gt;CLA&lt;/a&gt;.') % tg.url('/cla/view'))}
</p> </p>

3
fas/fas/templates/user/new.html
View file

@ -26,7 +26,6 @@
<label for="fedoraPersonBugzillaMail">${_('Bugzilla Email:')}</label> <label for="fedoraPersonBugzillaMail">${_('Bugzilla Email:')}</label>
<input type="text" id="mail" name="fedoraPersonBugzillaMail" /> <input type="text" id="mail" name="fedoraPersonBugzillaMail" />
</div> </div>
-->
<div class="field"> <div class="field">
<label for="telephone">${_('Telephone Number:')}</label> <label for="telephone">${_('Telephone Number:')}</label>
<input type="text" id="telephone" name="telephone" /> <input type="text" id="telephone" name="telephone" />
@ -34,7 +33,7 @@
<div class="field"> <div class="field">
<label for="postal_address">${_('Postal Address:')}</label> <label for="postal_address">${_('Postal Address:')}</label>
<textarea id="postal_address" name="postal_address"></textarea> <textarea id="postal_address" name="postal_address"></textarea>
</div> </div>-->
<div class="field"> <div class="field">
<input type="submit" value="${_('Sign up!')}" /> <input type="submit" value="${_('Sign up!')}" />
</div> </div>

2
fas/fas/user.py
View file

@ -255,7 +255,7 @@ class User(controllers.Controller):
@validate(validators=UserCreate()) @validate(validators=UserCreate())
@error_handler(error) @error_handler(error)
@expose(template='fas.templates.new') @expose(template='fas.templates.new')
def create(self, username, human_name, email, telephone, postal_address): def create(self, username, human_name, email, telephone=None, postal_address=None):
# TODO: Ensure that e-mails are unique? # TODO: Ensure that e-mails are unique?
# Also, perhaps implement a timeout- delete account # Also, perhaps implement a timeout- delete account
# if the e-mail is not verified (i.e. the person changes # if the e-mail is not verified (i.e. the person changes