[Cluster-devel] conga/luci/utils luci_manage

rmccabe at sourceware.org rmccabe at sourceware.org
Mon Jan 8 19:27:35 UTC 2007 

CVSROOT:	/cvs/cluster
Module name:	conga
Branch: 	RHEL5
Changes by:	rmccabe at sourceware.org	2007-01-08 19:27:35

Added files:
	luci/utils     : luci_manage 

Log message:
	script to disable and enable access to view the management screens
	related to bz212445

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/utils/luci_manage.diff?cvsroot=cluster&only_with_tag=RHEL5&r1=NONE&r2=1.1.2.1

/cvs/cluster/conga/luci/utils/luci_manage,v  -->  standard output
revision 1.1.2.1
--- conga/luci/utils/luci_manage
+++ -	2007-01-08 19:27:35.703817000 +0000
@@ -0,0 +1,150 @@
+#!/usr/bin/python
+
+import sys, os, pwd
+import types
+
+sys.path.extend((
+	'/usr/lib/luci/zope/lib/python',
+	'/usr/lib/luci/zope/lib/python/Products',
+	'/usr/lib64/luci/zope/lib/python',
+	'/usr/lib64/luci/zope/lib/python/Products',
+	'/usr/lib64/luci/zope/lib64/python',
+	'/usr/lib64/luci/zope/lib64/python/Products',
+	'/usr/lib64/zope/lib64/python',
+	'/usr/lib64/zope/lib/python',
+	'/usr/lib/zope/lib/python',
+	'/usr/lib64/zope/lib/python/Products',
+	'/usr/lib64/zope/lib64/python/Products',
+	'/usr/lib/zope/lib/python/Products'
+))
+
+from Products import __path__
+for i in [	'/usr/lib/luci/zope/lib/python/Products',
+			'/usr/lib64/luci/zope/lib/python/Products',
+			'/usr/lib64/luci/zope/lib64/python/Products',
+			'/usr/lib64/zope/lib/python/Products',
+			'/usr/lib64/zope/lib64/python/Products',
+			'/usr/lib/zope/lib/python/Products' ]:
+	if os.path.isdir(i):
+		__path__.append(i)
+
+LUCI_USER = 'luci'
+LUCI_GROUP = 'luci'
+
+LUCI_BACKUP_DIR = '/var/lib/luci/var'
+LUCI_DB_PATH = '/var/lib/luci/var/Data.fs'
+
+null = file(os.devnull, 'rwb+', 0)
+orig_stderr = sys.stderr
+
+def restore_luci_db_fsattr():
+	try:
+		luci = pwd.getpwnam(LUCI_USER)[2:4]
+		if not luci or len(luci) != 2:
+			raise
+	except:
+		sys.stderr.write('Cannot find the \"' + LUCI_USER + '\" user.\n')
+		return -1
+
+	try:
+		os.chown(LUCI_DB_PATH, luci[0], luci[1])
+		os.chmod(LUCI_DB_PATH, 0600)
+		for i in [ '.tmp', '.old', '.index', '.lock' ]:
+			try:
+				os.chown(LUCI_DB_PATH + i, luci[0], luci[1])
+				os.chmod(LUCI_DB_PATH + i, 0600)
+			except: pass
+	except:
+		sys.stderr.write('Unable to change ownership of the Luci database back to user \"' + LUCI_USER + '\"\n')
+		return -1
+
+def luci_set_mgmt(set_state):
+	sys.stderr = null
+	import ZODB
+	from ZODB.FileStorage import FileStorage
+	from ZODB.DB import DB
+	import OFS
+	from OFS.Application import AppInitializer
+	import OFS.Folder
+	from Acquisition import Implicit, aq_base, aq_parent, aq_acquire
+	import AccessControl
+	import AccessControl.User
+	from AccessControl.SecurityManagement import newSecurityManager
+	import transaction
+	import Products.CMFCore
+	import Products.CMFCore.MemberDataTool
+	from CMFPlone.utils import getToolByName
+	import ImageFile
+	import Products.PluggableAuthService.plugins.ZODBUserManager
+	import Products.PlonePAS.Extensions
+	from Products.PlonePAS import config
+	from Products.PlonePAS.interfaces.plugins import IUserManagement
+	import BTrees.OOBTree
+	ImageFile.ImageFile.__init__ = lambda x,y,z:None
+	sys.stderr = orig_stderr
+
+	try:
+		fs = FileStorage(LUCI_DB_PATH)
+		db = DB(fs)
+		db.pack()
+		conn = db.open()
+	except IOError, e:
+		if e[0] == 11:
+			sys.stderr.write('It appears that Luci is running. Please stop Luci before running this program.\n')
+			return -1
+		else:
+			sys.stderr.write('Unable to open the Luci database \"' + LUCI_DB_PATH + '\":' + str(e) + '\n')
+			return -1
+	except Exception, e:
+		sys.stderr.write('Unable to open the Luci database \"' + LUCI_DB_PATH + '\":' + str(e) + '\n')
+		return -1
+
+	try:
+		sys.stderr = null
+		tempuser = AccessControl.User.UnrestrictedUser('admin', '',
+					('manage','Manager', 'Owner', 'View', 'Authenticated'), [])
+
+		newSecurityManager(None, tempuser)
+
+		app = conn.root()['Application']
+		AppInitializer(app).initialize()
+		sys.stderr = orig_stderr
+	except:
+		sys.stderr = orig_stderr
+		sys.stderr.write('An error occurred while initializing the Luci environment.\n')
+		return -1
+
+	try:
+		acl_users = app.acl_users.users
+		portal_mem = app.luci.portal_membership
+		portal_reg = app.luci.portal_registration
+		if not (acl_users and len(acl_users) and portal_mem and portal_reg):
+			raise
+	except:
+		sys.stderr.write('Your Luci installation appears to be corrupt.\n')
+		return -1
+
+	if set_state is True:
+		role_set = ( 'Manager', )
+	else:
+		role_set = ('',)
+
+	app._View_management_screens_Permission = role_set
+
+	transaction.commit()
+	conn.close()
+	db.pack()
+	db.close()
+	fs.close()
+
+	if restore_luci_db_fsattr():
+		return -1
+
+def main(argv):
+	if len(argv) > 1 and argv[1].lower() == 'enable':
+		luci_set_mgmt(True)
+	else:
+		luci_set_mgmt(False)
+
+if __name__ == '__main__':
+	main(sys.argv)

More information about the Cluster-devel mailing list