--- /dev/null
+#!/usr/bin/python
+from sipb_xen_database import *
+import sys
+import getafsgroups
+import subprocess
+
+def expandLocker(name):
+ groups = getafsgroups.getLockerAcl(name)
+ cell = getafsgroups.getCell(name)
+ ans = set()
+ for group in groups:
+ if ':' in group:
+ ans.update(getafsgroups.getAfsGroupMembers(group, cell))
+ else:
+ ans.add(group)
+ return ans
+
+def isUser(name):
+ p = subprocess.Popen(['vos', 'examine', 'user.'+name],
+ stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+ if p.wait():
+ return False
+ return True
+
+
+def expandName(name):
+ if ':' not in name:
+ if isUser(name):
+ return [name]
+ name = 'system:'+name
+ return getafsgroups.getAfsGroupMembers(name, 'athena.mit.edu')
+
+def refreshMachine(m):
+ people = set()
+ people.update(expandLocker(m.owner))
+ people.update(expandName(m.administrator))
+ old_people = set(a.user for a in m.acl)
+ for removed in old_people - people:
+ ma = [x for x in m.acl if x.user == removed][0]
+ ctx.current.delete(ma)
+ for p in people - old_people:
+ ma = MachineAccess(machine_id=m.machine_id, user=p)
+ ctx.current.save(ma)
+
+def refreshCache():
+ transaction = ctx.current.create_transaction()
+
+ try:
+ machines = Machine.select()
+ for m in machines:
+ refreshMachine(m)
+ ctx.current.flush()
+
+ # Atomically execute our changes
+ transaction.commit()
+ except:
+ # Failed! Rollback all the changes.
+ transaction.rollback()
+ raise
+
+if __name__ == '__main__':
+ connect('postgres://sipb-xen@sipb-xen-dev/sipb_xen')
+ refreshCache()
projects / invirt/packages/invirt-web.git / blobdiff