update authorize_user_group
This commit is contained in:
parent
bc53733bf7
commit
db53a99881
@ -6,6 +6,7 @@ from pyeole.ihm import print_line
|
||||
from pyeole.ansiprint import print_orange, print_red
|
||||
from creole.client import CreoleClient
|
||||
from collections import OrderedDict
|
||||
from zephir.backend.lib_backend import CxPool
|
||||
|
||||
|
||||
try:
|
||||
@ -22,14 +23,14 @@ from zephir.lib_zephir import flushed_input
|
||||
|
||||
def display_help():
|
||||
print("Autorise une connexion ssh d'un utilisateur sur un groupe de serveur")
|
||||
print("{} [numero du groupe] [--user utilisateur]".format(sys.argv[0]))
|
||||
|
||||
print("{} [numero du groupe] [--user utilisateur] [--key chemin_de_la_clé]".format(sys.argv[0]))
|
||||
print("--key : si ce paramètre est défini, la clé sera envoyé aux serveurs")
|
||||
|
||||
def argparser():
|
||||
# récupère l'ID du groupe
|
||||
arglen = len(sys.argv)
|
||||
if arglen == 1:
|
||||
return None, None
|
||||
return None, None, None
|
||||
if sys.argv[1] in ['-h', '--help']:
|
||||
display_help()
|
||||
sys.exit(0)
|
||||
@ -40,16 +41,20 @@ def argparser():
|
||||
display_help()
|
||||
sys.exit(1)
|
||||
|
||||
if sys.argv[2] in ['-v', '--var']:
|
||||
varc = sys.argv[3]
|
||||
return server_id, user
|
||||
if sys.argv[2] in ['-u', '--user']:
|
||||
user = sys.argv[3]
|
||||
return server_id, user, None
|
||||
|
||||
return group_id, None
|
||||
if sys.argv[4] in ['-k', '--key']:
|
||||
keypath = sys.argv[5]
|
||||
return server_id, user, keypath
|
||||
|
||||
return group_id, None, None
|
||||
|
||||
|
||||
def main():
|
||||
# import des fonctions communes de Zéphir client
|
||||
group_id, user = argparser()
|
||||
group_id, user, keypath = argparser()
|
||||
|
||||
authentified, proxy = get_pwd(adresse_zephir, 7080)
|
||||
if authentified == False:
|
||||
@ -68,8 +73,13 @@ def main():
|
||||
print('Liste des groupes :')
|
||||
for grp_id, group_infos in groups.items():
|
||||
print(' - ' + str(grp_id) + ' : ' + group_infos[0])
|
||||
print( ' - N : Créer un nouveau groupe')
|
||||
while group_id is None:
|
||||
tmp_group_id = flushed_input("Numéro du groupe : ")
|
||||
if tmp_group_id == 'N':
|
||||
group_id = 'N'
|
||||
liste_serveurs = make_group()
|
||||
else:
|
||||
try:
|
||||
group_id = int(tmp_group_id)
|
||||
except Exception as err:
|
||||
@ -78,23 +88,89 @@ def main():
|
||||
if not group_id in groups:
|
||||
print_red('Groupe inconnu')
|
||||
group_id = None
|
||||
elif not group_id in groups:
|
||||
print_red('Le groupe "{}" est inconnu'.format(group_id))
|
||||
sys.exit(1)
|
||||
liste_serveurs = groups[group_id][1]
|
||||
|
||||
if user is None:
|
||||
user = flushed_input("Utilisateur : ")
|
||||
|
||||
liste_serveurs = groups[group_id][1]
|
||||
if keypath is not None:
|
||||
keyssh = None
|
||||
with open(keypath) as f:
|
||||
keyssh = f.read()
|
||||
|
||||
clef_ssh = base64.encodestring(keyssh).decode()
|
||||
os.chdir("/etc/postgresql/")
|
||||
cmd="""sudo -u postgres psql -c "update users set cle='{}' where login='{}';" zephir""".format(clef_ssh,user)
|
||||
output = os.popen(cmd)
|
||||
res = output.read().strip()
|
||||
output.close()
|
||||
|
||||
if res == "UPDATE 1":
|
||||
print('Clé ssh de utilisateur {} mise à jour'.format(user))
|
||||
else:
|
||||
print("Erreur : ", str(res))
|
||||
sys.exit(1)
|
||||
|
||||
ret = proxy.serveurs.authorize_user(user,liste_serveurs)
|
||||
# on affiche les erreurs si nécessaire
|
||||
if ret[1]:
|
||||
print_orange('Erreur : ' + str(ret[1]))
|
||||
|
||||
print('Utilisateur {} autorisé à accéder en ssh aux serveurs {}'.format(user, liste_serveurs))
|
||||
|
||||
|
||||
def make_group():
|
||||
cx_pool = CxPool()
|
||||
cu = cx_pool.create()
|
||||
cu.execute("""select libelle,id from modules""")
|
||||
infos = {}
|
||||
variante_infos = {}
|
||||
filename = 'exportation'
|
||||
server_infos = []
|
||||
for module_name in cu.fetchall():
|
||||
module, version = module_name[0].rsplit('-', 1)
|
||||
infos.setdefault(version, {})[module] = module_name[1]
|
||||
|
||||
versions = infos.keys()
|
||||
versions.sort()
|
||||
print('Choix de la version :')
|
||||
for idx, version in enumerate(versions):
|
||||
print('{}: {}'.format(idx, version))
|
||||
idx = input('> ')
|
||||
version = versions[int(idx)]
|
||||
filename += '-' + version
|
||||
print
|
||||
print('Choix du module :')
|
||||
modules = infos[version].keys()
|
||||
modules.sort()
|
||||
for idx, module in enumerate(modules):
|
||||
print('{}: {}'.format(idx, module))
|
||||
idx = input('> ')
|
||||
module = modules[int(idx)]
|
||||
filename += '-' + module
|
||||
print
|
||||
cu.execute("select libelle,id from variantes where module = " + str(infos[version][module]))
|
||||
for variante_obj in cu.fetchall():
|
||||
variante_infos[variante_obj[0]] = variante_obj[1]
|
||||
print('Choix de la variante :')
|
||||
variantes = variante_infos.keys()
|
||||
variantes.sort()
|
||||
for idx, variante in enumerate(variantes):
|
||||
print('{}: {}'.format(idx, variante))
|
||||
idx_all = idx + 1
|
||||
print('{}: toutes les variantes'.format(idx_all))
|
||||
idx = input('> ')
|
||||
if idx == idx_all:
|
||||
variantes = variante_infos.values()
|
||||
else:
|
||||
filename += '-' + variantes[idx]
|
||||
variantes = [variante_infos[variantes[idx]]]
|
||||
print
|
||||
for variante in variantes:
|
||||
cu.execute('select id,ip_publique,rne,libelle from serveurs where variante=' + str(variante))
|
||||
print("Liste des serveurs : ")
|
||||
for server in cu.fetchall():
|
||||
print('{} - {} - {} - {}'.format(server[0], server[1], server[2], server[3]))
|
||||
server_infos.append(server[0])
|
||||
return server_infos
|
||||
|
||||
def get_pwd(addr, port):
|
||||
"""lecture d'un login/passwd pour l'application zephir
|
||||
|
@ -98,6 +98,7 @@ def main():
|
||||
print_orange('Erreur : ' + str(ret[1]))
|
||||
sys.exit(1)
|
||||
print('Polling mis à jour sur les serveurs {}'.format(liste_serveurs))
|
||||
|
||||
def make_group():
|
||||
cx_pool = CxPool()
|
||||
cu = cx_pool.create()
|
||||
|
Loading…
Reference in New Issue
Block a user