mlamalle
/
mtes-scripts
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update authorize_user_group

This commit is contained in:
Matthieu Lamalle 2021-07-09 15:04:17 +02:00
parent bc53733bf7
commit db53a99881
2 changed files with 100 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

122
scripts/zephir/authorize_user_group.py
View File

@ -6,6 +6,7 @@ from pyeole.ihm import print_line
from pyeole.ansiprint import print_orange, print_red
from creole.client import CreoleClient
from collections import OrderedDict
from zephir.backend.lib_backend import CxPool
try:
@ -22,14 +23,14 @@ from zephir.lib_zephir import flushed_input
def display_help():
print("Autorise une connexion ssh d'un utilisateur sur un groupe de serveur")
print("{} [numero du groupe] [--user utilisateur]".format(sys.argv[0]))
print("{} [numero du groupe] [--user utilisateur] [--key chemin_de_la_clé]".format(sys.argv[0]))
print("--key : si ce paramètre est défini, la clé sera envoyé aux serveurs")
def argparser():
# récupère l'ID du groupe
arglen = len(sys.argv)
if arglen == 1:
return None, None
return None, None, None
if sys.argv[1] in ['-h', '--help']:
display_help()
sys.exit(0)
@ -40,16 +41,20 @@ def argparser():
display_help()
sys.exit(1)
if sys.argv[2] in ['-v', '--var']:
varc = sys.argv[3]
return server_id, user
if sys.argv[2] in ['-u', '--user']:
user = sys.argv[3]
return server_id, user, None
return group_id, None
if sys.argv[4] in ['-k', '--key']:
keypath = sys.argv[5]
return server_id, user, keypath
return group_id, None, None
def main():
# import des fonctions communes de Zéphir client
group_id, user = argparser()
group_id, user, keypath = argparser()
authentified, proxy = get_pwd(adresse_zephir, 7080)
if authentified == False:
@ -68,33 +73,104 @@ def main():
print('Liste des groupes :')
for grp_id, group_infos in groups.items():
print(' - ' + str(grp_id) + ' : ' + group_infos[0])
print( ' - N : Créer un nouveau groupe')
while group_id is None:
tmp_group_id = flushed_input("Numéro du groupe : ")
try:
group_id = int(tmp_group_id)
except Exception as err:
print(err)
continue
if not group_id in groups:
print_red('Groupe inconnu')
group_id = None
elif not group_id in groups:
print_red('Le groupe "{}" est inconnu'.format(group_id))
sys.exit(1)
if tmp_group_id == 'N':
group_id = 'N'
liste_serveurs = make_group()
else:
try:
group_id = int(tmp_group_id)
except Exception as err:
print(err)
continue
if not group_id in groups:
print_red('Groupe inconnu')
group_id = None
sys.exit(1)
liste_serveurs = groups[group_id][1]
if user is None:
user = flushed_input("Utilisateur : ")
liste_serveurs = groups[group_id][1]
if keypath is not None:
keyssh = None
with open(keypath) as f:
keyssh = f.read()
clef_ssh = base64.encodestring(keyssh).decode()
os.chdir("/etc/postgresql/")
cmd="""sudo -u postgres psql -c "update users set cle='{}' where login='{}';" zephir""".format(clef_ssh,user)
output = os.popen(cmd)
res = output.read().strip()
output.close()
if res == "UPDATE 1":
print('Clé ssh de utilisateur {} mise à jour'.format(user))
else:
print("Erreur : ", str(res))
sys.exit(1)
ret = proxy.serveurs.authorize_user(user,liste_serveurs)
# on affiche les erreurs si nécessaire
if ret[1]:
print_orange('Erreur : ' + str(ret[1]))
print('Utilisateur {} autorisé à accéder en ssh aux serveurs {}'.format(user, liste_serveurs))
def make_group():
cx_pool = CxPool()
cu = cx_pool.create()
cu.execute("""select libelle,id from modules""")
infos = {}
variante_infos = {}
filename = 'exportation'
server_infos = []
for module_name in cu.fetchall():
module, version = module_name[0].rsplit('-', 1)
infos.setdefault(version, {})[module] = module_name[1]
versions = infos.keys()
versions.sort()
print('Choix de la version :')
for idx, version in enumerate(versions):
print('{}: {}'.format(idx, version))
idx = input('> ')
version = versions[int(idx)]
filename += '-' + version
print
print('Choix du module :')
modules = infos[version].keys()
modules.sort()
for idx, module in enumerate(modules):
print('{}: {}'.format(idx, module))
idx = input('> ')
module = modules[int(idx)]
filename += '-' + module
print
cu.execute("select libelle,id from variantes where module = " + str(infos[version][module]))
for variante_obj in cu.fetchall():
variante_infos[variante_obj[0]] = variante_obj[1]
print('Choix de la variante :')
variantes = variante_infos.keys()
variantes.sort()
for idx, variante in enumerate(variantes):
print('{}: {}'.format(idx, variante))
idx_all = idx + 1
print('{}: toutes les variantes'.format(idx_all))
idx = input('> ')
if idx == idx_all:
variantes = variante_infos.values()
else:
filename += '-' + variantes[idx]
variantes = [variante_infos[variantes[idx]]]
print
for variante in variantes:
cu.execute('select id,ip_publique,rne,libelle from serveurs where variante=' + str(variante))
print("Liste des serveurs : ")
for server in cu.fetchall():
print('{} - {} - {} - {}'.format(server[0], server[1], server[2], server[3]))
server_infos.append(server[0])
return server_infos
def get_pwd(addr, port):
"""lecture d'un login/passwd pour l'application zephir

1
scripts/zephir/set_timeout_servers_group.py
View File

@ -98,6 +98,7 @@ def main():
print_orange('Erreur : ' + str(ret[1]))
sys.exit(1)
print('Polling mis à jour sur les serveurs {}'.format(liste_serveurs))
def make_group():
cx_pool = CxPool()
cu = cx_pool.create()