hobo: refactor in multiple functions (#5838)
This commit is contained in:
parent
bcd975ed37
commit
f9f6d3d4c7
|
|
@ -29,145 +29,118 @@ from qommon.storage import atomic_write
|
|||
class CmdCheckHobos(Command):
|
||||
name = 'check-hobos'
|
||||
|
||||
def __init__(self):
|
||||
Command.__init__(self, [
|
||||
make_option('--site-url', metavar='URL', dest='site_url'),
|
||||
])
|
||||
|
||||
|
||||
def execute(self, base_options, sub_options, args):
|
||||
import publisher
|
||||
|
||||
publisher.WcsPublisher.configure(self.config, sub_options.extra)
|
||||
pub = publisher.WcsPublisher.create_publisher()
|
||||
if sub_options.site_url:
|
||||
self.site_url = sub_options.site_url
|
||||
|
||||
global_app_dir = pub.app_dir
|
||||
hobos_services = []
|
||||
|
||||
if args:
|
||||
hobos = []
|
||||
for arg in args:
|
||||
try:
|
||||
hobos.extend(json.load(urllib2.urlopen(arg.strip('/') + '/hobos.json')))
|
||||
except (urllib2.URLError, urllib2.HTTPError), e:
|
||||
print >> sys.stderr, 'failed to get URL', arg, e
|
||||
continue
|
||||
# get environment definition from stdin
|
||||
self.all_services = json.load(sys.stdin)
|
||||
|
||||
for hobo in hobos:
|
||||
try:
|
||||
hobos_services.append(json.load(
|
||||
urllib2.urlopen(hobo + 'environment/installed_services.json')))
|
||||
except (urllib2.URLError, urllib2.HTTPError), e:
|
||||
print >> sys.stderr, 'failed to get URL', hobo, e
|
||||
continue
|
||||
else:
|
||||
# get environment definition from stdin
|
||||
hobos_services = [json.load(sys.stdin)]
|
||||
services = [x for x in self.all_services.get('services', []) if \
|
||||
x.get('service-id') == 'wcs']
|
||||
|
||||
for all_services in hobos_services:
|
||||
services = [x for x in all_services.get('services', []) if \
|
||||
x.get('service-id') == 'wcs']
|
||||
# initialize all instances of w.c.s.
|
||||
for service in services:
|
||||
pub.app_dir = os.path.join(global_app_dir,
|
||||
self.get_instance_path(service))
|
||||
if not os.path.exists(pub.app_dir):
|
||||
print 'initializing instance in', pub.app_dir
|
||||
os.mkdir(pub.app_dir)
|
||||
pub.initialize_app_dir()
|
||||
else:
|
||||
print 'updating instance in', pub.app_dir
|
||||
pub.set_config()
|
||||
|
||||
if self.site_url:
|
||||
services = [x for x in services if x.get('base_url') == self.site_url]
|
||||
if not services:
|
||||
continue
|
||||
self.configure_site_options(service, pub)
|
||||
self.update_configuration(service, pub)
|
||||
self.configure_authentication_methods(service, pub)
|
||||
|
||||
hobo_timestamp = all_services.get('timestamp')
|
||||
def update_configuration(self, service, pub):
|
||||
if not pub.cfg.get('misc'):
|
||||
pub.cfg['misc'] = {}
|
||||
pub.cfg['misc']['sitename'] = service.get('title').encode('utf-8')
|
||||
pub.write_cfg()
|
||||
|
||||
# initialize all instances of w.c.s.
|
||||
for service in services:
|
||||
parsed_url = urllib2.urlparse.urlsplit(service.get('base_url'))
|
||||
instance_path = parsed_url.netloc
|
||||
if parsed_url.path:
|
||||
instance_path = '%s+' % parsed_url.path.replace('/', '+')
|
||||
pub.app_dir = os.path.join(global_app_dir, instance_path)
|
||||
if not os.path.exists(pub.app_dir):
|
||||
print 'initializing instance in', pub.app_dir
|
||||
os.mkdir(pub.app_dir)
|
||||
pub.initialize_app_dir()
|
||||
else:
|
||||
print 'updating instance in', pub.app_dir
|
||||
pub.set_config()
|
||||
def configure_authentication_methods(self, service, pub):
|
||||
# look for an identity provider
|
||||
idps = [x for x in self.all_services.get('services', []) if x.get('service-id') == 'authentic']
|
||||
if not pub.cfg.get('identification'):
|
||||
pub.cfg['identification'] = {}
|
||||
methods = pub.cfg['identification'].get('methods', [])
|
||||
if idps and not 'idp' in methods:
|
||||
methods.append('idp')
|
||||
elif not idps and not 'password' in methods:
|
||||
methods.append('password')
|
||||
pub.cfg['identification']['methods'] = methods
|
||||
pub.write_cfg()
|
||||
|
||||
# configure site-options.cfg
|
||||
config = ConfigParser.RawConfigParser()
|
||||
site_options_filepath = os.path.join(pub.app_dir, 'site-options.cfg')
|
||||
if os.path.exists(site_options_filepath):
|
||||
config.read(site_options_filepath)
|
||||
try:
|
||||
if config.getint('hobo', 'timestamp') == hobo_timestamp:
|
||||
print >> sys.stderr, ' same timestamp, skip'
|
||||
continue
|
||||
except ConfigParser.NoSectionError:
|
||||
pass
|
||||
if not idps:
|
||||
return
|
||||
|
||||
if not 'hobo' in config.sections():
|
||||
config.add_section('hobo')
|
||||
config.set('hobo', 'timestamp', hobo_timestamp)
|
||||
# initialize service provider side
|
||||
if not pub.cfg.get('sp', {}).get('publickey'):
|
||||
from qommon.ident.idp import MethodAdminDirectory
|
||||
if not pub.cfg.get('sp'):
|
||||
pub.cfg['sp'] = {}
|
||||
spconfig = pub.cfg['sp']
|
||||
spconfig['base_url'] = str(service.get('base_url')) + '/liberty'
|
||||
spconfig['saml2_base_url'] = str(service.get('base_url')) + '/saml'
|
||||
spconfig['providerid'] = spconfig['base_url'] + '/metadata'
|
||||
spconfig['saml2_providerid'] = spconfig['saml2_base_url'] + '/metadata'
|
||||
MethodAdminDirectory().generate_rsa_keypair()
|
||||
|
||||
if all_services.get('variables'):
|
||||
if not 'variables' in config.sections():
|
||||
config.add_section('variables')
|
||||
for key, value in all_services.get('variables').items():
|
||||
config.set('variables', key, value)
|
||||
for idp in idps:
|
||||
metadata_url = '%s/idp/saml2/metadata' % idp['base_url']
|
||||
try:
|
||||
rfd = urllib2.urlopen(metadata_url)
|
||||
except (urllib2.HTTPError, urllib2.URLError), e:
|
||||
print >> sys.stderr, 'failed to get metadata URL', metadata_url, e
|
||||
continue
|
||||
except Exception, e:
|
||||
print >> sys.stderr, 'failed to get metadata URL', metadata_url, e
|
||||
continue
|
||||
|
||||
with open(site_options_filepath, 'wb') as site_options:
|
||||
config.write(site_options)
|
||||
s = rfd.read()
|
||||
(bfd, metadata_pathname) = tempfile.mkstemp('.metadata')
|
||||
atomic_write(metadata_pathname, s)
|
||||
|
||||
# update configuration
|
||||
if not pub.cfg.get('misc'):
|
||||
pub.cfg['misc'] = {}
|
||||
pub.cfg['misc']['sitename'] = service.get('title').encode('utf-8')
|
||||
from qommon.ident.idp import AdminIDPDir
|
||||
admin_dir = AdminIDPDir()
|
||||
key_provider_id = admin_dir.submit_new_remote(
|
||||
metadata_pathname, None, metadata_url, None)
|
||||
pub.cfg['idp'][key_provider_id]['admin-attributes'] = \
|
||||
{'role': 'admin::%s' % str(service.get('slug'))}
|
||||
pub.write_cfg()
|
||||
|
||||
# configure authentication methods
|
||||
idps = [x for x in all_services.get('services', []) if x.get('service-id') == 'authentic']
|
||||
if not pub.cfg.get('identification'):
|
||||
pub.cfg['identification'] = {}
|
||||
methods = pub.cfg['identification'].get('methods', [])
|
||||
if not methods:
|
||||
methods = ['idp']
|
||||
elif not 'idp' in methods:
|
||||
methods.append('idp')
|
||||
pub.cfg['identification']['methods'] = methods
|
||||
pub.write_cfg()
|
||||
def get_instance_path(self, service):
|
||||
parsed_url = urllib2.urlparse.urlsplit(service.get('base_url'))
|
||||
instance_path = parsed_url.netloc
|
||||
if parsed_url.path:
|
||||
instance_path = '%s+' % parsed_url.path.replace('/', '+')
|
||||
return instance_path
|
||||
|
||||
if idps and not pub.cfg.get('sp', {}).get('publickey'):
|
||||
from qommon.ident.idp import MethodAdminDirectory
|
||||
if not pub.cfg.get('sp'):
|
||||
pub.cfg['sp'] = {}
|
||||
spconfig = pub.cfg['sp']
|
||||
spconfig['base_url'] = str(service.get('base_url')) + '/liberty'
|
||||
spconfig['saml2_base_url'] = str(service.get('base_url')) + '/saml'
|
||||
spconfig['providerid'] = spconfig['base_url'] + '/metadata'
|
||||
spconfig['saml2_providerid'] = spconfig['saml2_base_url'] + '/metadata'
|
||||
MethodAdminDirectory().generate_rsa_keypair()
|
||||
def configure_site_options(self, service, pub):
|
||||
# configure site-options.cfg
|
||||
config = ConfigParser.RawConfigParser()
|
||||
site_options_filepath = os.path.join(pub.app_dir, 'site-options.cfg')
|
||||
if os.path.exists(site_options_filepath):
|
||||
config.read(site_options_filepath)
|
||||
|
||||
for idp in idps:
|
||||
metadata_url = '%s/idp/saml2/metadata' % idp['base_url']
|
||||
try:
|
||||
rfd = urllib2.urlopen(metadata_url)
|
||||
except (urllib2.HTTPError, urllib2.URLError), e:
|
||||
print >> sys.stderr, 'failed to get metadata URL', metadata_url, e
|
||||
continue
|
||||
except Exception, e:
|
||||
print >> sys.stderr, 'failed to get metadata URL', metadata_url, e
|
||||
continue
|
||||
if not 'hobo' in config.sections():
|
||||
config.add_section('hobo')
|
||||
config.set('hobo', 'timestamp', self.all_services.get('timestamp'))
|
||||
|
||||
s = rfd.read()
|
||||
(bfd, metadata_pathname) = tempfile.mkstemp('.metadata')
|
||||
atomic_write(metadata_pathname, s)
|
||||
if self.all_services.get('variables'):
|
||||
if not 'variables' in config.sections():
|
||||
config.add_section('variables')
|
||||
for key, value in self.all_services.get('variables').items():
|
||||
config.set('variables', key, value)
|
||||
|
||||
from qommon.ident.idp import AdminIDPDir
|
||||
admin_dir = AdminIDPDir()
|
||||
key_provider_id = admin_dir.submit_new_remote(
|
||||
metadata_pathname, None, metadata_url, None)
|
||||
pub.cfg['idp'][key_provider_id]['admin-attributes'] = \
|
||||
{'role': 'admin::%s' % str(service.get('slug'))}
|
||||
pub.write_cfg()
|
||||
|
||||
pub.write_cfg()
|
||||
with open(site_options_filepath, 'wb') as site_options:
|
||||
config.write(site_options)
|
||||
|
||||
CmdCheckHobos.register()
|
||||
|
|
|
|||
Loading…
Reference in New Issue