useradmin.py

监控大型网络的软件。能够自动发现拓扑结构

        del req.session['statusMessage']

    return page

def group(req, id=None):
    """Display all relevant data about an Account in an editable form"""
    # Sanitary work on arguments
    page = GroupPage()
    page.path[-1] = ("Edit group", False)
    if id is not None:
        try:
            id = int(id)
        except TypeError:
            return "%s is not a valid group id" % repr(id)

        group = navprofiles.Accountgroup(id)
        try:
            group.load()
        except forgetSQL.NotFound:
            return "no such group %s" % id

        page.newGroup = False
        page.information = "Editing group \"%s\" (#%s)" % (group.name, group.id)
        page.group = _groupsToTemplate([group])[0]
        page.editable = True
        page.group['members'] = _accountsToTemplate(group.getMembers())
        page.group['privileges'] = _getGroupPrivileges(id)
    else:
        page.newGroup = True
        page.information = "Creating a new group"
        page.editable = True
        page.group = {'id': None,
                      'name': 'New group',
                      'description': 'New group',
                      'members': [],
                      'privileges': []}

    page.title = page.information
    page.current = "group"
    # We've filled out most of the details of the group and its
    # members, now we need to fill out the list of non-members so that
    # we may add new members to this group on this form.
    memberIds = [ member['id'] for member in page.group['members'] ]
    page.group['nonmembers'] = _getAccounts(excludeIds=memberIds)
    page.privileges = _getPrivileges()

    if req.session.has_key('statusMessage'):
        page.statusMessage = req.session['statusMessage']
        del req.session['statusMessage']
        req.session.save()

    return page

def link(req, uid=None, gid=None, source=None):
    """Associates an account and a group."""
    return _linkOp(req, uid, gid, source,
                   _link,
                   "Linked %s to %s" % (uid, gid),
                   "%s is already a member of %s" % (uid, gid)
                   )

def unlink(req, uid=None, gid=None, source=None):
    """Disassociates an account and a group."""
    return _linkOp(req, uid, gid, source,
                   _unlink,
                   "Unlinked %s from %s" % (uid, gid),
                   "Unlink failed"
                   )

def groupsubmit(req, id=None, name=None, description=None):
    """Receives and stores information submitted from the group
    form."""
    if id is not None:
        # We are attempting to submit data for an existing group
        redir = 'group?id=%s' % id
        try:
            id = int(id)
        except TypeError:
            return "%s is not a valid group id" % id

        group = navprofiles.Accountgroup(id)
        try:
            group.load()
        except forgetSQL.NotFound:
            return "Group id %s does not exist" % id
    else:
        redir = 'group'
        group = navprofiles.Accountgroup()

    if name != group.name:
        group.name = name
    if description != group.descr:
        group.descr = description

    try:
        group.save()
        redir = 'group?id=%s' % group.id
        req.session['statusMessage'] = "Group successfully stored"
    except psycopg.IntegrityError:
        req.session['statusMessage'] = "A database integrity error prevented us from storing the Group"

    web.redirect(req, redir, seeOther=True)

def accountsubmit(req, id=None, login=None, name=None, password=None, passwordConfirm=None):
    """Receives and stores information submitted from the account
    form."""
    if id is not None:
        # We are attempting to submit data for an existing account
        redir = 'account?id=%s' % id
        try:
            id = int(id)
        except TypeError:
            return "%s is not a valid account id" % id

        account = navprofiles.Account(id)
        try:
            account.load()
        except forgetSQL.NotFound:
            return "Account id %s does not exist" % id

    else:
        redir = 'account'
        account = navprofiles.Account()
    
    if password != passwordConfirm:
        req.session['statusMessage'] = "Passwords do not match"
        account.reset()
    elif login is None or len(login) == 0:
        req.session['statusMessage'] = "Login name was empty"
        account.reset()
    else:
        if login != account.login:
            account.login = login
        if name != account.name:
            account.name = name
        if password:
            account.setPassword(password)
            
        try:
            account.save()
        except psycopg.IntegrityError:
            req.session['statusMessage'] = "A database integrity error prevented us from storing the Account"
        else:
            redir = 'account?id=%s' % account.id
            req.session['statusMessage'] = "Account successfully stored"

    req.session.save()
    web.redirect(req, redir, seeOther=True)

def accountdel(req, id=None, confirm=False):
    """Delete an account and redirect to the account list"""
    try:
        id = int(id)
    except TypeError:
        return "%s is not a valid account id" % id

    account = navprofiles.Account(id)
    try:
        account.load()
        name = account.name
    except forgetSQL.NotFound:
        return "No such account id %s" % id

    if id < 1000:
        req.session['statusMessage'] = "System account '%s' (#%s) cannot be deleted" % (name, id)
        web.redirect(req, "account?id=%s" % id, seeOther=True)
    elif not confirm:
        page = ConfirmPage()
        page.path[-1] = ("Delete an account", False)
        page.title = "Delete an account"
        page.current = "account"
        page.confirmation = "You are about to delete the account '%s' (#%s).  Are you sure?" % (name, id)
        page.yestarget = "accountdel?id=%s&confirm=1" % id
        page.notarget = "account?id=%s" % id
        return page
    else:
        account.delete()
        req.session['statusMessage'] = "Account '%s' (#%s) successfully deleted" % (name, id)
        web.redirect(req, "accountlist", seeOther=True)

def groupdel(req, id=None, confirm=False):
    """Delete a group and redirect to the group list"""
    try:
        id = int(id)
    except TypeError:
        return "%s is not a valid account id" % id

    group = navprofiles.Accountgroup(id)
    try:
        group.load()
        name = group.name
    except forgetSQL.NotFound:
        return "No such group id %s" % id

    if id < 1000:
        req.session['statusMessage'] = "System group '%s' (#%s) cannot be deleted" % (name, id)
        web.redirect(req, "group?id=%s" % id, seeOther=True)
    elif not confirm:
        page = ConfirmPage()
        page.path[-1] = ("Delete a group", False)
        page.title = "Delete a group"
        page.current = "group"
        page.confirmation = "You are about to delete the group '%s' (#%s).  Are you sure?" % (name, id)
        page.yestarget = "groupdel?id=%s&confirm=1" % id
        page.notarget = "group?id=%s" % id
        return page
    else:
        group.delete()
        req.session['statusMessage'] = "Group '%s' (#%s) successfully deleted" % (name, id)
        web.redirect(req, "grouplist", seeOther=True)

def grant(req, gid=None, pid=None, target=None):
    """Grant a privilege to a group."""
    if pid is None:
        req.session['statusMessage'] = "You must select a privilege to grant first"
        web.redirect(req, "group?id=%s" % gid)
        
    try:
        gid = int(gid)
        pid = int(pid)
    except TypeError:
        return "Invalid arguments"
    if target is None:
        return "Missing target"

    group = navprofiles.Accountgroup(gid)
    try:
        group.load()
    except forgetSQL.NotFound:
        return "No such group id %s" % gid
    
    privilege = navprofiles.Privilege(pid)
    try:
        privilege.load()
    except forgetSQL.NotFound:
        return "No such privilege id %s" % pid

    privrow = navprofiles.Accountgroupprivilege()
    privrow.privilege = privilege.id
    privrow.accountgroup = group.id
    privrow.target = target
    try:
        if privrow.save():
            req.session['statusMessage'] = "Successfully granted privilege '%s' for '%s'" % (privilege.name, target)
        else:
            req.session['statusMessage'] = "Failed to grant privilege '%s' for '%s'" % (privilege.name, target)
    except psycopg.IntegrityError:
        req.session['statusMessage'] = "Privilege '%s' is already granted for '%s'" % (privilege.name, target)
    web.redirect(req, "group?id=%s" % gid)
    
def revoke(req, gid=None, pid=None, target=None):
    """Revoke a privilege from a group."""
    try:
        gid = int(gid)
        pid = int(pid)
    except TypeError:
        return "Invalid arguments"
    if target is None:
        return "Missing target"

    privrow = navprofiles.Accountgroupprivilege(gid, pid, target)
    try:
        privrow.load()
        privrow.delete()
        privilege = navprofiles.Privilege(pid)
        req.session['statusMessage'] = "Successfully revoked privilege '%s' for '%s'" % (privilege.name, target)
    except forgetSQL.NotFound:
        return "No such privilege has previously been granted"
    
    web.redirect(req, "group?id=%s" % gid)

def orglink(req, uid=None, orgid=None):
    """Add a user to one or more organizations"""
    # First, sanitize arguments
    if type(orgid) is str:
        orgid = [orgid]
    elif type(orgid) is not list:
        return "Invalid arguments"
    try:
        uid = int(uid)
    except TypeError:
        return "Invalid arguments"

    # Check the the account id is valid
    try:
        account = navprofiles.Account(uid)
        account.load()
    except forgetSQL.NotFound:
        return "No such account id %s" % uid

    # Check that all orgids are valid
    for id in orgid:
        org = manage.Org(id)
        try:
            org.load()
        except forgetSQL.NotFound:
            return "No such organization %s" % repr(id)

    # Then, make the user member of all organizations
    successful = []
    for id in orgid:
        link = navprofiles.Accountorg()
        link.account = uid
        link.orgid = id
        try:
            link.save()
            successful.append(id)
        except psycopg.IntegrityError:
            pass

    if len(successful) > 0:
        req.session['statusMessage'] = "Successfully added %s to the following organizations: %s" % (
            account.login, ",".join(successful))
    else:
        req.session['statusMessage'] = "%s was not added to any organizations" % account.login
    web.redirect(req, "account?id=%s" % uid, seeOther=True)
    

def orgunlink(req, uid=None, orgid=None):
    """Remove a user from one or more organizations"""
    # First, sanitize arguments
    if type(orgid) is str:
        orgid = [orgid]
    elif type(orgid) is not list:
        return "Invalid arguments"
    try:
        uid = int(uid)
    except TypeError:
        return "Invalid arguments"

    # Check the the account id is valid
    try:
        account = navprofiles.Account(uid)
        account.load()
    except forgetSQL.NotFound:
        return "No such account id %s" % uid

    # Then, remove the user from each organizations
    successful = []
    for id in orgid:
        link = navprofiles.Accountorg(uid, id)
        try:
            link.load()
            link.delete()
            successful.append(id)
        except forgetSQL.NotFound:
            pass

    if len(successful) > 0:
        req.session['statusMessage'] = "Successfully removed %s from the following organizations: %s" % (
            account.login, ",".join(successful))
    else:
        req.session['statusMessage'] = "%s was not removed from any organizations" % account.login
    web.redirect(req, "account?id=%s" % uid, seeOther=True)
    

def index(req):
    """Default useradmin index page, shows the accountlist."""
    return accountlist(req)