The branch, master has been updated via 8e3bdb8e8b0014ce0d0d4d81e763c31bc0656011 (commit) via 5b273ab1ecaf19c40ce1ea3de05290d5a7fc46cf (commit) via 6dfb975d5022d3124329fb01e6cf2bb00be7228b (commit) via 23151c4e7770fed744369f21d9f3a3979ba0f18b (commit) via efadd7bc9a73ae99a0a537ec308a074666a085a0 (commit) via 96019c8aaf5c5cf2d6587314232411b523dc73fd (commit) from 83c2ca4146e9596397bd8da95d3acf369c18b4a2 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8e3bdb8e8b0014ce0d0d4d81e763c31bc0656011 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Mon Jan 28 06:04:04 2013 +0100 make sure that all default values appear in rendered session profiles commit 5b273ab1ecaf19c40ce1ea3de05290d5a7fc46cf Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Mon Jan 28 06:03:21 2013 +0100 X2Go Client uses the profile ID to initiate session start up (not the profile name) commit 6dfb975d5022d3124329fb01e6cf2bb00be7228b Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Mon Jan 28 06:02:11 2013 +0100 UTF-8 fix commit 23151c4e7770fed744369f21d9f3a3979ba0f18b Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Mon Jan 28 06:01:38 2013 +0100 change the data structure returned by broker.select_session method commit efadd7bc9a73ae99a0a537ec308a074666a085a0 Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Mon Jan 28 05:59:19 2013 +0100 UTF-8 fixes in ACL verification code, implement a basic select_session method for the inifile backend commit 96019c8aaf5c5cf2d6587314232411b523dc73fd Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> Date: Mon Jan 28 05:58:10 2013 +0100 fix comments still pointing to SafeConfigParser, slight change for DEFAULT value ----------------------------------------------------------------------- Summary of changes: x2gobroker/brokers/base_broker.py | 60 ++++++++++--------- x2gobroker/brokers/inifile_broker.py | 12 ++-- x2gobroker/brokers/zeroconf_broker.py | 5 +- x2gobroker/config.py | 28 ++++----- x2gobroker/defaults.py | 2 +- x2gobroker/tests/test_broker_inifile.py | 96 ++++++++++++++++++++++-------- x2gobroker/tests/test_broker_zeroconf.py | 7 ++- x2gobroker/web/plain.py | 13 ++-- 8 files changed, 141 insertions(+), 82 deletions(-) The diff of changes is: diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py index 4ab60c8..caaf85c 100644 --- a/x2gobroker/brokers/base_broker.py +++ b/x2gobroker/brokers/base_broker.py @@ -196,15 +196,14 @@ class X2GoBroker(object): _acls = self.get_acl_defaults() _acls.update(acls) - _order = {} - _order['users'] = _order['groups'] = _order['clients'] = _acls['acl-any-order'] + _order[u'users'] = _order[u'groups'] = _order[u'clients'] = _acls[u'acl-any-order'] - try: _order['users'] = _acls['acl-users-order'] + try: _order[u'users'] = _acls[u'acl-users-order'] except KeyError: pass - try: _order['groups'] = _acls['acl-groups-order'] + try: _order[u'groups'] = _acls[u'acl-groups-order'] except KeyError: pass - try: _order['clients'] = _acls['acl-clients-order'] + try: _order[u'clients'] = _acls[u'acl-clients-order'] except KeyError: pass # to pass an ACL test, all three keys in the dict below have to be set to True @@ -225,62 +224,62 @@ class X2GoBroker(object): ### clients access is granted first, if that fails then we return False here... # FIXME: provide code for client based access control - if not _grant_availability['by_client']: + if not _grant_availability[u'by_client']: return False ### no user/group ACLs are in use, allow access then... - if len(_acls['acl-users-allow'] + _acls['acl-users-deny'] + _acls['acl-groups-allow'] + _acls['acl-groups-deny']) == 0: + if len(_acls[u'acl-users-allow'] + _acls[u'acl-users-deny'] + _acls[u'acl-groups-allow'] + _acls[u'acl-groups-deny']) == 0: return True ### CHECKING on a per-user basis... _allow_user_override = False _explicitly_deny_user = False - if len( _acls['acl-users-allow'] + _acls['acl-users-deny'] ) > 0: + if len( _acls[u'acl-users-allow'] + _acls[u'acl-users-deny'] ) > 0: _allow_user = False _deny_user = False - if username in _acls['acl-users-allow'] or 'ALL' in _acls['acl-users-allow']: + if username in _acls[u'acl-users-allow'] or u'ALL' in _acls[u'acl-users-allow']: _allow_user_override = True _allow_user = True - if username in _acls['acl-users-deny']: + if username in _acls[u'acl-users-deny']: _explicitly_deny_user = True - if _explicitly_deny_user or ('ALL' in _acls['acl-users-deny']): + if _explicitly_deny_user or (u'ALL' in _acls[u'acl-users-deny']): _deny_user = True - if _order['users'] == 'allow-deny': - _grant_availability['by_user'] = (_allow_user or _deny_user) and (_allow_user and (not _deny_user)) + if _order[u'users'] == 'allow-deny': + _grant_availability[u'by_user'] = (_allow_user or _deny_user) and (_allow_user and (not _deny_user)) else: - _grant_availability['by_user'] = (_allow_user or _deny_user) and ((not _deny_user) or _allow_user) + _grant_availability[u'by_user'] = (_allow_user or _deny_user) and ((not _deny_user) or _allow_user) # if a user has been granted access directly, then the corresponding session profile(s) # will be provided to him/her, it does not matter what the group acl will have to say to this... - if _grant_availability['by_user']: + if _grant_availability[u'by_user']: return True ### CHECKING on a per-group basis... - if len(_acls['acl-groups-allow'] + _acls['acl-groups-deny']) > 0: + if len(_acls[u'acl-groups-allow'] + _acls[u'acl-groups-deny']) > 0: _allow_group = False _deny_group = False - _user_groups = ['ALL'] + self.get_user_groups(username, primary_groups=True) + _user_groups = [u'ALL'] + self.get_user_groups(username, primary_groups=True) - _allow_group = bool(len(set(_user_groups).intersection( set(_acls['acl-groups-allow']) ))) - _deny_group = bool(len(set(_user_groups).intersection( set(_acls['acl-groups-deny']) ))) + _allow_group = bool(len(set(_user_groups).intersection( set(_acls[u'acl-groups-allow']) ))) + _deny_group = bool(len(set(_user_groups).intersection( set(_acls[u'acl-groups-deny']) ))) - if _order['groups'] == 'allow-deny': - _grant_availability['by_group'] = (_allow_group or _deny_group) and (_allow_group and (not _deny_group)) + if _order[u'groups'] == 'allow-deny': + _grant_availability[u'by_group'] = (_allow_group or _deny_group) and (_allow_group and (not _deny_group)) else: - _grant_availability['by_group'] = (_allow_group or _deny_group) and (not _deny_group) or _allow_group + _grant_availability[u'by_group'] = (_allow_group or _deny_group) and (not _deny_group) or _allow_group # if a group has been granted access, with one exception: if the thread model for users is # allow-deny, then we presume that the acl-users-deny entry has precendence over # acl-groups-allow/acl-groups-deny. - if (_grant_availability['by_group'] and not _explicitly_deny_user) or _allow_user_override: + if (_grant_availability[u'by_group'] and not _explicitly_deny_user) or _allow_user_override: return True return False @@ -583,18 +582,25 @@ class X2GoBroker(object): return list_of_profiles - def select_profile(self, profile_name='DEFAULT'): + def select_session(self, profile_id): """\ Start/resume a session by selecting a profile name offered by the X2Go client. The X2Go server that the session is launched on is selected automatically by the X2Go session broker. - @param profile_name: a dictionary object containing information on a selected session profile - @type profile_name: C{dict} + @param profile_id: the selected profile ID. This matches one of the dictionary keys offered by the C{list_profiles} method + @type profile_id: C{dict} """ - return {} + profile = self.get_profile(profile_id) + + selected_session = { + 'server': profile[u'host'], + 'port': profile[u'sshport'], + } + + return selected_session def change_password(self, new='', old=''): """\ diff --git a/x2gobroker/brokers/inifile_broker.py b/x2gobroker/brokers/inifile_broker.py index 1ef5418..af33bf2 100644 --- a/x2gobroker/brokers/inifile_broker.py +++ b/x2gobroker/brokers/inifile_broker.py @@ -69,6 +69,10 @@ class X2GoBroker(base.X2GoBroker): def get_profile(self, profile_id): profile = self.session_profiles.get_section(profile_id) + profile_defaults = self.get_profile_defaults() + for key in profile_defaults.keys(): + if key not in profile.keys(): + profile.update({ key: profile_defaults[key] }) for key in profile.keys(): if key.startswith('acl-'): del profile[key] @@ -82,11 +86,7 @@ class X2GoBroker(base.X2GoBroker): for key in profile.keys(): if not key.startswith('acl-'): del profile[key] + if key.startswith('acl-') and (profile[key] == '' or profile[key] == ['']): + del profile[key] return profile - def select_profile(self, profile_name): - - selectprofile_output = { - 'server': 'localhost:22', - } - return selectprofile_output diff --git a/x2gobroker/brokers/zeroconf_broker.py b/x2gobroker/brokers/zeroconf_broker.py index 2d513b3..c2d05e7 100644 --- a/x2gobroker/brokers/zeroconf_broker.py +++ b/x2gobroker/brokers/zeroconf_broker.py @@ -76,9 +76,10 @@ class X2GoBroker(base.X2GoBroker): } return list_of_profiles - def select_profile(self, profile_name): + def select_session(self, profile_name): selectprofile_output = { - 'server': 'localhost:22', + 'server': 'localhost', + 'port': 22, } return selectprofile_output diff --git a/x2gobroker/config.py b/x2gobroker/config.py index 90adbf8..c441a12 100644 --- a/x2gobroker/config.py +++ b/x2gobroker/config.py @@ -52,10 +52,10 @@ class X2GoBrokerConfigFile(object): """ defaultValues = { - 'none': { - 'none': 'empty', - }, - } + 'DEFAULT': { + 'none': 'empty', + }, + } write_user_config = False user_config_file = None @@ -77,10 +77,10 @@ class X2GoBrokerConfigFile(object): if x2gobroker.utils._checkConfigFileDefaults(defaults): self.defaultValues = defaults - # we purposefully do not inherit the ConfigParser class + # we purposefully do not inherit the C{ConfigParser} class # here as we do not want to run into name conflicts between # X2GoBroker config file options and method / property names in - # SafeConfigParser... This is a pre-cautious approach... + # C{ConfigParser}... This is a pre-cautious approach... self.iniConfig = ConfigParser.ConfigParser(self.defaultValues) self.iniConfig.optionxform = str @@ -126,7 +126,7 @@ class X2GoBrokerConfigFile(object): """\ Stores a value for a given section and key. - This methods affects a SafeConfigParser object held in + This methods affects a ConfigParser object held in RAM. No configuration file is affected by this method. To write the configuration to disk use the L{write()} method. @@ -150,17 +150,17 @@ class X2GoBrokerConfigFile(object): def _fill_defaults(self): """\ - Fills a C{SafeConfigParser} object with the default config file - values as pre-defined in Python X2GoBroker or. This SafeConfigParser + Fills a C{ConfigParser} object with the default config file + values as pre-defined in Python X2GoBroker or. This ConfigParser object is held in RAM. No configuration file is affected by this method. """ - for section, sectionvalue in [ (key, value) for (key, value) in self.defaultValues.items() if key.upper() != 'DEFAULT' ]: - for key, value in sectionvalue.items(): + for section, sectiondict in self.defaultValues.items(): + if section != 'DEFAULT' and not self.iniConfig.has_section(section): + self.iniConfig.add_section(section) + for key, value in sectiondict.items(): if self.iniConfig.has_option(section, key): continue - if not self.iniConfig.has_section(section): - self.iniConfig.add_section(section) self._storeValue(section, key, value) def update_value(self, section, key, value): @@ -183,7 +183,7 @@ class X2GoBrokerConfigFile(object): def write(self): """\ - Write the ini file modifications (SafeConfigParser object) from RAM to disk. + Write the ini file modifications (ConfigParser object) from RAM to disk. For writing the first of the C{config_files} specified on instance construction that is writable will be used. diff --git a/x2gobroker/defaults.py b/x2gobroker/defaults.py index 0769f8e..f2b67e4 100644 --- a/x2gobroker/defaults.py +++ b/x2gobroker/defaults.py @@ -91,7 +91,7 @@ X2GOBROKER_CONFIG_DEFAULTS = { # defaults for X2Go Sessino Broker session profiles file X2GOBROKER_SESSIONPROFILE_DEFAULTS = { - 'DEFAULT': { + u'DEFAULT': { u'defsndport': True, u'useiconv': False, u'iconvfrom': u'UTF-8', diff --git a/x2gobroker/tests/test_broker_inifile.py b/x2gobroker/tests/test_broker_inifile.py index 0129d4d..dda93b1 100644 --- a/x2gobroker/tests/test_broker_inifile.py +++ b/x2gobroker/tests/test_broker_inifile.py @@ -85,37 +85,41 @@ fullscreen = true user = bar cmd = KDE fullscreen = true -acl-users-denied = ALL -acl-users-allowed = foo,bar +acl-users-deny = ALL +acl-users-allow = foo,bar acl-users-order = deny-allow """ tf = tempfile.NamedTemporaryFile() print >> tf, _session_profiles tf.seek(0) inifile_backend = inifile.X2GoBroker(profile_config_file=tf.name) - _expected_defaults = { - 'exports': '', - 'fullscreen': False, - 'width': 800, - 'height': 600, - 'applications': ['TERMINAL','WWWBROWSER',] - } + _expected_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_SESSIONPROFILE_DEFAULTS['DEFAULT']) + for key in copy.deepcopy(_expected_defaults).keys(): + if key.startswith('acl-'): + del _expected_defaults[key] + _expected_defaults.update( { + u'exports': '', + u'fullscreen': False, + u'width': 800, + u'height': 600, + u'applications': ['TERMINAL','WWWBROWSER',] + } ) _expected_profile1 = copy.deepcopy(_expected_defaults) _expected_profile1.update({ - 'user': 'foo', - 'cmd': 'GNOME', + u'user': 'foo', + u'cmd': 'GNOME', }) _expected_profile2 = copy.deepcopy(_expected_defaults) _expected_profile2.update({ - 'user': 'bar', - 'cmd': 'KDE', - 'fullscreen': True, + u'user': 'bar', + u'cmd': 'KDE', + u'fullscreen': True, }) _expected_profile3 = copy.deepcopy(_expected_defaults) _expected_profile3.update({ - 'user': 'bar', - 'cmd': 'KDE', - 'fullscreen': True, + u'user': 'bar', + u'cmd': 'KDE', + u'fullscreen': True, }) _profile1 = inifile_backend.get_profile('testprofile1') for key in _expected_profile1.keys(): @@ -172,17 +176,20 @@ acl-users-order = deny-allow _expected_acl_defaults = { 'acl-clients-deny': ['ALL'], 'acl-clients-allow': ['10.0.0.0/16','10.1.0.0/16','admin-1.intern','admin-2.intern'], + 'acl-any-order': 'deny-allow', } _expected_acls_profile1 = copy.deepcopy(_expected_acl_defaults) _expected_acls_profile2 = copy.deepcopy(_expected_acl_defaults) _expected_acls_profile2.update({ 'acl-clients-deny': ['10.0.2.0/24','ALL'], + 'acl-any-order': 'deny-allow', }) _expected_acls_profile3 = copy.deepcopy(_expected_acl_defaults) _expected_acls_profile3.update({ 'acl-users-deny': ['ALL'], 'acl-users-allow': ['foo','bar'], 'acl-users-order': 'deny-allow', + 'acl-any-order': 'deny-allow', }) _acls_profile1 = inifile_backend.get_profile_acls('testprofile1') for key in _expected_acls_profile1.keys(): @@ -329,14 +336,55 @@ fullscreen = true self.assertEqual(list_of_profiles['testprofile2']['cmd'], 'XFCE') self.assertEqual(list_of_profiles['testprofile3']['cmd'], 'KDE') - ### TEST: select_profile() method + ### TEST: select_session() method + + def test_sessionselection(self): + _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS) + _config = """ +[global] +default-user-db = testsuite +default-group-db = testsuite -# def test_profileselection(self): -# _output = { -# 'server': 'localhost:22', -# } -# zeroconf_backend = x2gobroker.brokers.zeroconf.X2GoBroker() -# self.assertEqual(zeroconf_backend.select_profile('profile_bar'), _output) +[inifile] +enable = true +""" + tfc = tempfile.NamedTemporaryFile() + print >> tfc, _config + tfc.seek(0) + + _session_profiles = """ +[testprofile1] +name = TEST-1 +host = test-1.local + +[testprofile2] +name = TEST-2 +host = test-2.local + +[testprofile3] +name = TEST-3 +host = test-3.local +sshport = 44566 +""" + tfs = tempfile.NamedTemporaryFile() + print >> tfs, _session_profiles + tfs.seek(0) + inifile_backend = inifile.X2GoBroker(config_file=tfc.name, config_defaults=_config_defaults, profile_config_file=tfs.name) + _expected_result_1 = { + 'server': 'test-1.local', + 'port': 22, + } + _expected_result_2 = { + 'server': 'test-2.local', + 'port': 22, + } + _expected_result_3 = { + 'server': 'test-3.local', + 'port': 44566, + } + self.assertEqual(inifile_backend.select_session('TEST-1'), _expected_result_1) + self.assertEqual(inifile_backend.select_session('TEST-2'), _expected_result_2) + self.assertEqual(inifile_backend.select_session('TEST-3'), _expected_result_3) def test_suite(): diff --git a/x2gobroker/tests/test_broker_zeroconf.py b/x2gobroker/tests/test_broker_zeroconf.py index 1c08d6c..5f0832a 100644 --- a/x2gobroker/tests/test_broker_zeroconf.py +++ b/x2gobroker/tests/test_broker_zeroconf.py @@ -77,12 +77,13 @@ class TestX2GoBrokerBackendZeroconf(unittest.TestCase): ### TEST: select_profile() method - def test_profileselection(self): + def test_sessionselection(self): _output = { - 'server': 'localhost:22', + 'server': 'localhost', + 'port': 22, } zeroconf_backend = x2gobroker.brokers.zeroconf_broker.X2GoBroker() - self.assertEqual(zeroconf_backend.select_profile('profile_bar'), _output) + self.assertEqual(zeroconf_backend.select_session('profile_bar'), _output) def test_suite(): diff --git a/x2gobroker/web/plain.py b/x2gobroker/web/plain.py index cc93fc9..36afe63 100644 --- a/x2gobroker/web/plain.py +++ b/x2gobroker/web/plain.py @@ -69,8 +69,8 @@ class X2GoBrokerWebPlain: except AttributeError: authid = '' try: task = data.task except AttributeError: task = '' - try: profile_name = data.sid - except AttributeError: profile_name = '' + try: profile_id = data.sid + except AttributeError: profile_id = '' try: new_password = data.newpass except AttributeError: new_password = '' @@ -128,12 +128,15 @@ class X2GoBrokerWebPlain: elif task == 'selectsession': - if profile_name: + if profile_id: - profile_info = broker_backend.select_profile(profile_name=profile_name) + profile_info = broker_backend.select_session(profile_id=profile_id) if profile_info.has_key('server'): output += "SERVER:" - output += profile_info['server'] + "\n" + output += profile_info['server'] + if profile_info.has_key('port'): + output += ":{port}".format(port=profile_info['port']) + output += "\n" if profile_info.has_key('authentication_key'): output += "" if profile_info.has_key('session_info'): hooks/post-receive -- x2gobroker.git (HTTP(S) Session broker for X2Go) This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).