X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/python-afs.git/blobdiff_plain/62df45819cdcbd21b579a471c821f0876743b2a4..8d2728f99cd4e073aac44163f608145c88f0f695:/afs/_pts.pyx?ds=sidebyside diff --git a/afs/_pts.pyx b/afs/_pts.pyx index c4e4dcf..85395bd 100644 --- a/afs/_pts.pyx +++ b/afs/_pts.pyx @@ -1,9 +1,51 @@ from afs cimport * +cdef import from "afs/ptuser.h": + enum: + PR_MAXNAMELEN + PRGRP + ANONYMOUSID + + ctypedef char prname[PR_MAXNAMELEN] + + struct namelist: + unsigned int namelist_len + prname *namelist_val + + struct idlist: + unsigned int idlist_len + afs_int32 *idlist_val + + int ubik_PR_NameToID(ubik_client *, afs_int32, namelist *, idlist *) + int ubik_PR_IDToName(ubik_client *, afs_int32, idlist *, namelist *) + int ubik_PR_INewEntry(ubik_client *, afs_int32, char *, afs_int32, afs_int32) + int ubik_PR_NewEntry(ubik_client *, afs_int32, char *, afs_int32, afs_int32, afs_int32 *) + int ubik_PR_Delete(ubik_client *, afs_int32, afs_int32) + +cdef import from "afs/pterror.h": + enum: + PRNOENT + + void initialize_PT_error_table() + cdef class PTS: cdef ubik_client * client def __cinit__(self, cell=None, sec=1): + """ + Open a connection to the protection server. A PTS object is + essentially a handle to talk to the server in a given cell. + + cell defaults to None. If no argument is passed for cell, PTS + connects to the home cell. + + sec is the security level, an integer from 0 to 3: + - 0: unauthenticated connection + - 1: try authenticated, then fall back to unauthenticated + - 2: fail if an authenticated connection can't be established + - 3: same as 2, plus encrypt all traffic to the protection + server + """ cdef afs_int32 code cdef afsconf_dir *cdir cdef afsconf_cell info @@ -14,6 +56,8 @@ cdef class PTS: cdef rx_connection *serverconns[MAXSERVERS] cdef int i + initialize_PT_error_table() + if cell is None: c_cell = NULL else: @@ -76,3 +120,104 @@ cdef class PTS: def __dealloc__(self): ubik_ClientDestroy(self.client) rx_Finalize() + + def NameToId(self, name): + """ + Converts a user or group to an AFS ID. + """ + cdef namelist lnames + cdef idlist lids + cdef afs_int32 code, id + name = name.lower() + + lids.idlist_len = 0 + lids.idlist_val = NULL + lnames.namelist_len = 1 + lnames.namelist_val = malloc(PR_MAXNAMELEN) + strncpy(lnames.namelist_val[0], name, PR_MAXNAMELEN) + code = ubik_PR_NameToID(self.client, 0, &lnames, &lids) + if lids.idlist_val is not NULL: + id = lids.idlist_val[0] + free(lids.idlist_val) + if id == ANONYMOUSID: + code = PRNOENT + if code != 0: + raise Exception("Failed to lookup PTS name: %s" % afs_error_message(code)) + return id + + def IdToName(self, id): + """ + Convert an AFS ID to the name of a user or group. + """ + cdef namelist lnames + cdef idlist lids + cdef afs_int32 code + cdef char name[PR_MAXNAMELEN] + + lids.idlist_len = 1 + lids.idlist_val = malloc(sizeof(afs_int32)) + lids.idlist_val[0] = id + lnames.namelist_len = 0 + lnames.namelist_val = NULL + code = ubik_PR_IDToName(self.client, 0, &lids, &lnames) + if lnames.namelist_val is not NULL: + strncpy(name, lnames.namelist_val[0], sizeof(name)) + free(lnames.namelist_val) + if lids.idlist_val is not NULL: + free(lids.idlist_val) + if name == str(id): + code = PRNOENT + if code != 0: + raise Exception("Failed to lookup PTS ID: %s" % afs_error_message(code)) + return name + + def CreateUser(self, name, id=None): + """ + Create a new user in the protection database. If an ID is + provided, that one will be used. + """ + cdef afs_int32 code + cdef afs_int32 cid + name = name[:PR_MAXNAMELEN].lower() + + if id is not None: + cid = id + + if id is not None: + code = ubik_PR_INewEntry(self.client, 0, name, cid, 0) + else: + code = ubik_PR_NewEntry(self.client, 0, name, 0, 0, &cid) + + if code != 0: + raise Exception("Failed to create user: %s" % afs_error_message(code)) + return cid + + def CreateGroup(self, name, owner, id=None): + """ + Create a new group in the protection database. If an ID is + provided, that one will be used. + """ + cdef afs_int32 code, cid + + name = name[:PR_MAXNAMELEN].lower() + oid = self.NameToId(owner) + + if id is not None: + cid = id + code = ubik_PR_INewEntry(self.client, 0, name, cid, oid) + else: + code = ubik_PR_NewEntry(self.client, 0, name, PRGRP, oid, &cid) + + if code != 0: + raise Exception("Failed to create group: %s" % afs_error_message(code)) + return cid + + def Delete(self, id): + """ + Delete the protection database entry with the provided ID. + """ + cdef afs_int32 code + + code = ubik_PR_Delete(self.client, 0, id) + if code != 0: + raise Exception("Failed to delete user: %s" % afs_error_message(code))