[X2Go-Commits] x2gobroker.git - build-main (branch) updated: a0d62e0be475fa27152decbc15b009cdd937bb1d
X2Go dev team
git-admin at x2go.org
Sun May 19 13:04:36 CEST 2013
The branch, build-main has been updated
via a0d62e0be475fa27152decbc15b009cdd937bb1d (commit)
from 3626ac1dc3c22b870e7d337bf71179ff44977402 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
x2gobroker/backends/base.py | 109 +++++++++++++++++++-
x2gobroker/{backends => nameservices}/__init__.py | 0
.../{backends/ldap.py => nameservices/base.py} | 30 ++++--
.../{backends/ldap.py => nameservices/libnss.py} | 33 ++++--
x2gobroker/tests/test_backend_base.py | 57 ++++++++--
5 files changed, 201 insertions(+), 28 deletions(-)
copy x2gobroker/{backends => nameservices}/__init__.py (100%)
copy x2gobroker/{backends/ldap.py => nameservices/base.py} (58%)
copy x2gobroker/{backends/ldap.py => nameservices/libnss.py} (52%)
The diff of changes is:
diff --git a/x2gobroker/backends/base.py b/x2gobroker/backends/base.py
index 1bde0e7..f6f0dd6 100644
--- a/x2gobroker/backends/base.py
+++ b/x2gobroker/backends/base.py
@@ -48,6 +48,7 @@ class X2GoBroker(object):
"""
backend_name = 'base'
+ service_module = None
def __init__(self, config_file=None, config_defaults=None):
"""\
@@ -329,12 +330,12 @@ class X2GoBroker(object):
return unicode(_auth_mech) or unicode(_default_auth_mech)
- def get_userdb_backend(self):
+ def get_userdb_service(self):
"""\
Get the name of the backend being used for retrieving user information from the
system.
- @return: user database backend name
+ @return: user service name
@rtype: C{unicode}
"""
@@ -347,12 +348,12 @@ class X2GoBroker(object):
return unicode(_user_db)
- def get_groupdb_backend(self):
+ def get_groupdb_service(self):
"""\
Get the name of the backend being used for retrieving group information from the
system.
- @return: group database backend name
+ @return: group service name
@rtype: C{unicode}
"""
@@ -365,6 +366,104 @@ class X2GoBroker(object):
return unicode(_group_db)
+ def _import_service_module(self, service='libnss'):
+ try:
+ if self.service_module is None:
+ exec("import x2gobroker.nameservices.{service} as _service_module".format(service=service))
+ self.service_module = _service_module
+ return True
+ except ImportError:
+ return False
+
+ def has_user(self, username):
+ """\
+ Test if the broker knows user C{<username>}.
+
+ @param username: test for existence of this user
+ @type username: C{unicode}
+
+ @return: returns C{True} if a user exists
+ @rtype: C{bool}
+
+ """
+ if self._import_service_module(service=self.get_userdb_service()):
+ return self.service_module.X2GoBrokerNameService().has_user(username=username)
+ else:
+ return False
+
+ def get_users(self):
+ """\
+ Get list of known users.
+
+ @return: returns list of known users
+ @rtype: C{list}
+
+ """
+ if self._import_service_module(service=self.get_userdb_service()):
+ return self.service_module.X2GoBrokerNameService().get_users()
+ else:
+ return False
+
+ def has_group(self, group):
+ """\
+ Test if the broker knows group C{<group>}.
+
+ @param group: test for existence of this group
+ @type group: C{unicode}
+
+ @return: returns C{True} if a group exists
+ @rtype: C{bool}
+
+ """
+ if self._import_service_module(service=self.get_groupdb_service()):
+ return self.service_module.X2GoBrokerNameService().has_group(group=group)
+ else:
+ return False
+
+ def get_groups(self):
+ """\
+ Get list of known groups.
+
+ @return: returns list of known groups
+ @rtype: C{list}
+
+ """
+ if self._import_service_module(service=self.get_groupdb_service()):
+ return self.service_module.X2GoBrokerNameService().get_groups()
+ else:
+ return False
+
+ def is_group_member(self, username, group, primary_groups=False):
+ """\
+ Check if a user is member of a given group.
+
+ @return: returns C{True} if the user is member of the given group
+ @rtype: C{bool}
+
+ """
+ if self._import_service_module(service=self.get_groupdb_service()):
+ return self.service_module.X2GoBrokerNameService().is_group_member(username=username, group=group, primary_groups=primary_groups)
+ else:
+ return []
+
+ def get_group_members(self, group, primary_groups=False):
+ """\
+ Get the list of members in group C{<group>}.
+
+ @param group: valid group name
+ @type group: C{unicode}
+ @param primary_groups: include primary groups found with the user db service
+ @type primary_groups: C{bool}
+
+ @return: list of users belonging to the given group
+ @rtype: C{list}
+
+ """
+ if self._import_service_module(service=self.get_groupdb_service()):
+ return self.service_module.X2GoBrokerNameService().get_group_members(group=group, primary_groups=primary_groups)
+ else:
+ return []
+
def check_access(self, username='', password='', authid=None, ):
"""\
Check if a given user with a given password may gain access to the
@@ -391,6 +490,8 @@ class X2GoBroker(object):
access = False
access = self._do_authenticate(username=username, password=password)
+ ### HANDLING OF DYNAMIC AUTHENTICATION ID HASHES
+
# using authid as extra security?
if self.config.get_value('global', 'use-authid'):
diff --git a/x2gobroker/backends/__init__.py b/x2gobroker/nameservices/__init__.py
similarity index 100%
copy from x2gobroker/backends/__init__.py
copy to x2gobroker/nameservices/__init__.py
diff --git a/x2gobroker/backends/ldap.py b/x2gobroker/nameservices/base.py
similarity index 58%
copy from x2gobroker/backends/ldap.py
copy to x2gobroker/nameservices/base.py
index 62b9801..48ac244 100644
--- a/x2gobroker/backends/ldap.py
+++ b/x2gobroker/nameservices/base.py
@@ -18,16 +18,28 @@
# Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
-"""\
-X2goBrokerLDAP class - a production X2GoBroker implementations that uses LDAP as configuration backend
+class X2GoBrokerNameService(object):
-"""
-__NAME__ = 'x2gobroker-pylib'
+ def has_user(self, username):
+ return username in self.get_users()
-# modules
-import x2gobroker.base
+ def get_users(self):
+ return []
-class X2GoBroker(x2gobroker.base.X2GoBroker):
- """\
+ def get_primary_group(self, username):
+ return []
- """
+ def has_group(self, group):
+ return group in self.get_groups()
+
+ def get_groups(self):
+ return []
+
+ def is_group_member(self, username, group, primary_groups=False):
+ _groups = self.get_group_members(group)
+ if primary_groups:
+ _groups.extend(self.get_primary_group(username))
+ return username in _groups
+
+ def get_group_members(self, group, primary_groups=False):
+ return []
diff --git a/x2gobroker/backends/ldap.py b/x2gobroker/nameservices/libnss.py
similarity index 52%
copy from x2gobroker/backends/ldap.py
copy to x2gobroker/nameservices/libnss.py
index 62b9801..4636a13 100644
--- a/x2gobroker/backends/ldap.py
+++ b/x2gobroker/nameservices/libnss.py
@@ -18,16 +18,31 @@
# Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
-"""\
-X2goBrokerLDAP class - a production X2GoBroker implementations that uses LDAP as configuration backend
+# modules
+import pwd
+import grp
-"""
-__NAME__ = 'x2gobroker-pylib'
+# Python X2GoBroker modules
+import base
-# modules
-import x2gobroker.base
-class X2GoBroker(x2gobroker.base.X2GoBroker):
- """\
+class X2GoBrokerNameService(base.X2GoBrokerNameService):
+
+ def get_users(self):
+ return [ p.pw_name for p in pwd.getpwall() ]
+
+ def get_primary_group(self, username):
+ prim_gid_number = [ p.pw_gid for p in pwd.getpwall() if p.pw_name == username ]
+ return [ g.gr_name for g in grp.getgrall() if g.gr_gid in prim_gid_number ]
+
+ def get_groups(self):
+ return [ g.gr_name for g in grp.getgrall() ]
+
+ def get_group_members(self, group, primary_groups=False):
+ _members_from_primgroups = []
+ if primary_groups:
+ for username in self.get_users():
+ if group in self.get_primary_group(username):
+ _members_from_primgroups.append(group)
+ return grp.getgrnam(group).gr_mem + _members_from_primgroups
- """
diff --git a/x2gobroker/tests/test_backend_base.py b/x2gobroker/tests/test_backend_base.py
index a00765b..d08538d 100644
--- a/x2gobroker/tests/test_backend_base.py
+++ b/x2gobroker/tests/test_backend_base.py
@@ -95,7 +95,7 @@ auth-mech = bar-auth-mech
### TEST CONFIGURATION: user DB backend (default-user-db vs. user-db in backend config)
- def test_getuserdbbackend(self):
+ def test_getuserdbservice(self):
_config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS)
_config_defaults.update({'base': {'enable': True, }, })
_config = """
@@ -109,7 +109,7 @@ enable = true
print >> tf, _config
tf.seek(0)
base_backend = x2gobroker.backends.base.X2GoBroker(config_file=tf.name)
- self.assertEqual(base_backend.get_userdb_backend(), 'foo-user-db')
+ self.assertEqual(base_backend.get_userdb_service(), 'foo-user-db')
_config = """
[global]
default-user-db = foo-user-db
@@ -122,12 +122,12 @@ user-db = bar-user-db
print >> tf, _config
tf.seek(0)
base_backend = x2gobroker.backends.base.X2GoBroker(config_file=tf.name, config_defaults=_config_defaults)
- self.assertEqual(base_backend.get_userdb_backend(), 'bar-user-db')
+ self.assertEqual(base_backend.get_userdb_service(), 'bar-user-db')
tf.close()
### TEST CONFIGURATION: group DB backend (default-group-db vs. group-db in backend config)
- def test_getgroupdbbackend(self):
+ def test_getgroupdbservice(self):
_config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS)
_config_defaults.update({'base': {'enable': True, }, })
_config = """
@@ -141,7 +141,7 @@ enable = true
print >> tf, _config
tf.seek(0)
base_backend = x2gobroker.backends.base.X2GoBroker(config_file=tf.name)
- self.assertEqual(base_backend.get_groupdb_backend(), 'foo-group-db')
+ self.assertEqual(base_backend.get_groupdb_service(), 'foo-group-db')
_config = """
[global]
default-group-db = foo-group-db
@@ -154,9 +154,54 @@ group-db = bar-group-db
print >> tf, _config
tf.seek(0)
base_backend = x2gobroker.backends.base.X2GoBroker(config_file=tf.name, config_defaults=_config_defaults)
- self.assertEqual(base_backend.get_groupdb_backend(), 'bar-group-db')
+ self.assertEqual(base_backend.get_groupdb_service(), 'bar-group-db')
tf.close()
+ def test_nameservicebase(self):
+ _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS)
+ _config_defaults.update({'base': {'enable': True, }, })
+ _config = """
+[global]
+default-user-db = base
+default-group-db = base
+
+[base]
+enable = true
+"""
+ tf = tempfile.NamedTemporaryFile()
+ print >> tf, _config
+ tf.seek(0)
+ base_backend = x2gobroker.backends.base.X2GoBroker(config_file=tf.name)
+ self.assertEqual(base_backend.get_users(), [])
+ self.assertEqual(base_backend.has_user('any-user'), False)
+ self.assertEqual(base_backend.get_groups(), [])
+ self.assertEqual(base_backend.has_group('any-group'), False)
+ self.assertEqual(base_backend.is_group_member('any-user', 'any-group'), False)
+ self.assertEqual(base_backend.get_group_members('any-group'), [])
+
+ def test_nameservicelibnss(self):
+ _config_defaults = copy.deepcopy(x2gobroker.defaults.X2GOBROKER_CONFIG_DEFAULTS)
+ _config_defaults.update({'base': {'enable': True, }, })
+ _config = """
+[global]
+default-user-db = libnss
+default-group-db = libnss
+
+[base]
+enable = true
+"""
+ tf = tempfile.NamedTemporaryFile()
+ print >> tf, _config
+ tf.seek(0)
+ base_backend = x2gobroker.backends.base.X2GoBroker(config_file=tf.name)
+ self.assertTrue( ( 'root' in base_backend.get_users() ) )
+ self.assertEqual(base_backend.has_user('root'), True)
+ self.assertTrue( ( 'root' in base_backend.get_groups() ) )
+ self.assertEqual(base_backend.has_group('root'), True)
+ self.assertEqual(base_backend.is_group_member('root', 'root'), False)
+ self.assertEqual(base_backend.is_group_member('root', 'root', primary_groups=True), True)
+ self.assertTrue( ( 'root' not in base_backend.get_group_members('root') ) )
+ self.assertTrue( ( 'root' in base_backend.get_group_members('root', primary_groups=True) ) )
### TEST CONFIGURATION: global >> check-credentials = false
hooks/post-receive
--
x2gobroker.git (HTTP(S) Session broker for X2Go)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).
More information about the x2go-commits
mailing list