Skip to content
Normal view History Permalink
cc-addaccount 2.16 KiB
Newer Older
Antoine Millet's avatar
Added cc-addaccount, binary used to create accounts on the server.
Antoine Millet committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 
#!/usr/bin/env python
#coding=utf8

'''
Script used to create an account on cc-server account directory.
'''

import os
from getpass import getpass
from pwd import getpwnam
from grp import getgrnam
from optparse import OptionParser
from ccserver.conf import CCConf

DEFAULT_ACCOUNT_DIRECTORY = '/var/lib/cc-server/'
DEFAULT_ROLE = 'cli'
UMASK = 0o0177
CHOWN_USER = 'cc-server'
CHOWN_GROUP = 'cc-server'

if __name__ == '__main__':
    op = OptionParser(usage='%prog [options] login')
    op.add_option('-d', '--directory', default=DEFAULT_ACCOUNT_DIRECTORY,
                  help='account directory')
    op.add_option('-p', '--password', action='store_true',
                  help='ask for the password')
    op.add_option('-g', '--god', action='store_true', default=False,
                  help='add a rule to allow all actions')
    op.add_option('-c', '--copy', default=None,
                  help='copy this already existing account')
    op.add_option('-r', '--role', default=None, choices=('cli', 'hv', 'host'),
                  help='specify the role (default %default)')

    options, args = op.parse_args()

    if len(args) != 1:
        op.error('a login must be provided')

    if options.role is not None and options.copy is not None:
        op.error('you can\'t specify a role for a copy')

    if options.role is None:
        role = DEFAULT_ROLE
    else:
        role = options.role

    conf = CCConf(options.directory)

    if options.password:
        password = getpass('Password: ')
        password_again = getpass('Password (again): ')
        if password != password_again:
            op.error('password mismatch')
        elif not password:
            op.error('no password provided')
    else:
        password = None

    os.umask(UMASK)

    if options.copy is None:
        conf.create_account(args[0], role, password)
    else:
        conf.copy_account(options.copy, args[0], password)

    if options.god:
        conf.add_right(args[0], '', '*', 'allow', 0)
        
    # Chown the files:
    uid = getpwnam(CHOWN_USER).pw_uid
    gid = getgrnam(CHOWN_GROUP).gr_gid
    filename = os.path.join(options.directory, '%s.json' % args[0])
    os.chown(filename, uid, gid)