burmatovan/openuds
1
0
Fork 0
forked from shaba/openuds
Code Issues Pull Requests Projects Releases Wiki Activity

Uptated tag 1.1

Browse Source
This commit is contained in:
Adolfo Gómez 2013-03-12 00:20:14 +00:00
commit eaf210a7bf
11 changed files with 300 additions and 149 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/src/uds/core/auths/GroupsManager.py
View File

@ -93,11 +93,11 @@ class GroupsManager(object):
lst += (g['group'].dbGroup().id,)
yield g['group']
# Now, get metagroups and also return them
for g in dbGroup.objects.filter(manager__id=self._dbAuthenticator.id, is_meta=False):
for g in dbGroup.objects.filter(manager__id=self._dbAuthenticator.id, is_meta=True):
gn = g.groups.filter(id__in=lst, state=State.ACTIVE).count()
if gn == g.groups.count(): # If a meta group is empty, all users belongs to it. we can use gn != 0 to check that if it is empty, is not valid
# This group matches
yield g
yield Group(g)
def hasValidGroups(self):

5
server/src/uds/core/auths/User.py
View File

@ -74,13 +74,14 @@ class User(object):
if self._groups == None:
if self._manager.isExternalSource == True:
self._manager.getGroups(self._dbUser.name, self._groupsManager())
self._groups = self._groupsManager().getValidGroups()
self._groups = list(self._groupsManager().getValidGroups())
logger.debug(self._groups)
# This is just for updating "cached" data of this user, we only get real groups at login and at modify user operation
usr = DbUser.objects.get(pk=self._dbUser.id)
lst = ()
for g in self._groups:
if g.dbGroup().is_meta == False:
lst += (g.id,)
lst += (g.dbGroup().id,)
usr.groups = lst
else:
# From db

5
server/src/uds/core/ui/UserInterface.py
View File

@ -777,9 +777,8 @@ class UserInterface(object):
# Set all values to defaults ones
for k in self._gui.iterkeys():
if self._gui[k].isType(gui.InputField.HIDDEN_TYPE) and self._gui[k].isSerializable() is False:
logger.debug('Field {0} is not unserializable'.format(k))
#logger.debug('Field {0} is not unserializable'.format(k))
continue
self._gui[k].value = self._gui[k].defValue
for txt in values.decode('zip').split('\002'):
@ -793,7 +792,7 @@ class UserInterface(object):
except:
val = ''
self._gui[k].value = val
logger.debug('Value for {0}:{1}'.format(k, val))
#logger.debug('Value for {0}:{1}'.format(k, val))
@classmethod
def guiDescription(cls, obj = None):

5
server/src/uds/osmanagers/WindowsOsManager/WinDomainOsManager.py
View File

@ -99,9 +99,11 @@ class WinDomainOsManager(WindowsOsManager):
l.protocol_version = ldap.VERSION3
account = self._account
if account.find('@') is False:
if account.find('@') == -1:
account += '@' + self._domain
logger.debug('Account data: {0}, {1}, {2}, {3}'.format(self._account, self._domain, account, self._password))
l.simple_bind_s(who = account, cred = self._password)
return l
@ -123,6 +125,7 @@ class WinDomainOsManager(WindowsOsManager):
logger.warn('Could not find _ldap._tcp.'+self._domain)
log.doLog(service, log.WARN, "Could not remove machine from domain (_ldap._tcp.{0} not found)".format(self._domain), log.OSMANAGER);
except ldap.LDAPError as e:
logger.exception('Ldap Exception caught')
log.doLog(service, log.WARN, "Could not remove machine from domain (invalid credentials for {0})".format(self._account), log.OSMANAGER);
#_filter = '(&(objectClass=computer)(sAMAccountName=%s$))' % service.friendly_name

2
server/src/uds/web/views.py
View File

@ -152,7 +152,7 @@ def index(request):
java = request.session['java']
# We look for services for this authenticator groups. User is logged in in just 1 authenticator, so his groups must coincide with those assigned to ds
groups = request.user.getGroups()
groups = list(request.user.getGroups())
availServices = DeployedService.getDeployedServicesForGroups(groups)
availUserServices = UserService.getUserAssignedServices(request.user)

2
server/src/uds/xmlrpc/auths/Authenticators.py
View File

@ -152,7 +152,7 @@ def createAuthenticator(credentials, type, data):
auth = None
try:
auth = Authenticator.objects.create(name = dict_['name'], comments = dict_['comments'],
data_type = type, priority=int(dict_['priority'], small_name=dict_['smallName']))
data_type = type, priority=int(dict_['priority']), small_name=dict_['smallName'])
auth.data = auth.getInstance(dict_).serialize()
auth.save()
except auths.Authenticator.ValidationException as e:

8
server/src/uds/xmlrpc/auths/Users.py
View File

@ -34,7 +34,7 @@
from django.db import IntegrityError
from uds.models import User as DbUser, Group as DbGroup, Authenticator as DbAuthenticator, State
from uds.core.managers.CryptoManager import CryptoManager
from ..util.Exceptions import DuplicateEntryException, InsertException
from ..util.Exceptions import DuplicateEntryException, InsertException, ParametersException
from uds.core.auths.Exceptions import AuthenticatorException, InvalidUserException
from AdminAuth import needs_credentials
from Groups import dictFromGroup
@ -72,13 +72,17 @@ def getUsers(credentials, idParent):
def getUser(credentials, id):
'''
'''
try:
usr = User(DbUser.objects.get(pk=id))
grps = []
for g in usr.groups():
logger.debug(g)
grps.append(dictFromGroup(g.dbGroup()))
logger.debug(grps)
return dictFromUser(usr.dbUser(), grps)
except Exception as e:
logger.exception('Unhandled exception')
raise ParametersException(str(e))
@needs_credentials
def createUser(credentials, usr):

102
udsService/rpc/Operation.cs
View File

@ -4,6 +4,7 @@ using System.Linq;
using System.Text;
using log4net;
using System.Runtime.InteropServices;
using System.Threading;
namespace uds
{
@ -22,6 +23,20 @@ namespace uds
[DllImport("kernel32.dll", ExactSpelling = true)]
internal static extern IntPtr GetCurrentProcess();
const uint FORMAT_MESSAGE_ALLOCATE_BUFFER = 0x00000100;
const uint FORMAT_MESSAGE_IGNORE_INSERTS = 0x00000200;
const uint FORMAT_MESSAGE_FROM_SYSTEM = 0x00001000;
const uint FORMAT_MESSAGE_ARGUMENT_ARRAY = 0x00002000;
const uint FORMAT_MESSAGE_FROM_HMODULE = 0x00000800;
const uint FORMAT_MESSAGE_FROM_STRING = 0x00000400;
[DllImport("Kernel32.dll", SetLastError = true)]
static extern uint FormatMessage(uint dwFlags, IntPtr lpSource, uint dwMessageId, uint dwLanguageId, ref IntPtr lpBuffer,
uint nSize, IntPtr pArguments);
[DllImport("kernel32.dll", SetLastError = true)]
static extern IntPtr LocalFree(IntPtr hMem);
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
@ -59,7 +74,7 @@ namespace uds
NETSETUP_DEFER_SPN_SET = 0x10000000
}
[DllImport("netapi32.dll", CharSet = CharSet.Unicode)]
[DllImport("netapi32.dll", CharSet = CharSet.Unicode, SetLastError=true)]
static extern uint NetJoinDomain(string lpServer, string lpDomain, string lpAccountOU, string lpAccount, string lpPassword, JoinOptions NameType);
enum COMPUTER_NAME_FORMAT
@ -73,7 +88,7 @@ namespace uds
ComputerNamePhysicalDnsDomain,
ComputerNamePhysicalDnsFullyQualified,
}
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
[DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError=true)]
static extern bool SetComputerNameEx(COMPUTER_NAME_FORMAT NameType, string lpBuffer);
internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
@ -92,7 +107,6 @@ namespace uds
public static bool Reboot(int flg = EWX_FORCEIFHUNG|EWX_REBOOT)
{
logger.Debug("Rebooting computer");
bool ok;
TokPriv1Luid tp;
IntPtr hproc = GetCurrentProcess();
@ -105,12 +119,30 @@ namespace uds
ok = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
ok = ExitWindowsEx(flg, 0);
logger.Debug("Result: " + ok.ToString());
if (ok)
logger.Info("Rebooting computer");
else
logger.Error("Could not reboot machine. (Error " + ok.ToString() + ")");
return ok;
}
private static bool waitAfterError(string op, bool useGetLastError, ManualResetEvent waitEvent, TimeSpan retryDelay)
{
if (useGetLastError)
logger.Error("Error at " + op + ": " + GetLastErrorStr() + ". Retrying in " + retryDelay.Seconds.ToString() + " secs");
else
logger.Error("Error at " + op + ". Retrying in " + retryDelay.Seconds.ToString() + " secs");
if (waitEvent.WaitOne(retryDelay))
return false;
return true;
}
public static bool RenameComputer(string newName)
{
logger.Debug("Renaming computer to \"" + newName + "\"");
logger.Info("Renaming computer to \"" + newName + "\"");
try
{
return SetComputerNameEx(COMPUTER_NAME_FORMAT.ComputerNamePhysicalDnsHostname, newName);
@ -121,6 +153,16 @@ namespace uds
}
}
public static bool RenameComputer(string newName, ManualResetEvent waitEvent, TimeSpan retryDelay)
{
while (RenameComputer(newName) == false)
{
if (waitAfterError("Rename", true, waitEvent, retryDelay) == false)
return false;
}
return true;
}
public static bool JoinDomain(string domain, string ou, string account, string password, bool oneStep = false)
{
if (account.Contains('@') == false && account.Contains('\\') == false)
@ -130,7 +172,7 @@ namespace uds
else
account = domain + "\\" + account;
}
logger.Debug("Joining domain: \"" + domain + "\", \"" + ou + "\", \"" + account + "\", \"" + password + "\"" + ", oneStep = " + oneStep.ToString());
logger.Info("Joining domain: \"" + domain + "\", \"" + ou + "\", \"" + account + "\", \"" + "*****" + "\"" + ", oneStep = " + oneStep.ToString());
// Flag NETSETUP_JOIN_WITH_NEW_NAME not supported on win xp/2000
JoinOptions flags = JoinOptions.NETSETUP_ACCT_CREATE | JoinOptions.NETSETUP_DOMAIN_JOIN_IF_JOINED | JoinOptions.NETSETUP_JOIN_DOMAIN;
@ -142,6 +184,18 @@ namespace uds
try
{
uint res = NetJoinDomain(null, domain, ou, account, password, flags);
if (res == 2224)
{
flags = JoinOptions.NETSETUP_DOMAIN_JOIN_IF_JOINED | JoinOptions.NETSETUP_JOIN_DOMAIN;
logger.Info("Existing account for machine found, reusing it");
res = NetJoinDomain(null, domain, null, account, password, flags);
}
if (res != 0)
{
logger.Error("Error joining domain:" + GetLastErrorStr((int)res));
}
else
logger.Info("Successfully joined domain");
logger.Debug("Result of join: " + res);
return res == 0;
}
@ -153,6 +207,16 @@ namespace uds
}
public static bool JoinDomain(string domain, string ou, string account, string password, bool oneStep, ManualResetEvent waitEvent, TimeSpan retryDelay)
{
while (JoinDomain(domain, ou, account, password, oneStep) == false)
{
if (waitAfterError("Join domain", true, waitEvent, retryDelay) == false)
return false;
}
return true;
}
public static bool ChangeUserPassword(string user, string oldPass, string newPass)
{
try {
@ -175,5 +239,33 @@ namespace uds
return false;
}
}
private static string GetLastErrorStr(int nLastError=-1)
{
if(nLastError == -1)
nLastError = Marshal.GetLastWin32Error();
IntPtr lpMsgBuf = IntPtr.Zero;
uint dwChars = FormatMessage(
FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
IntPtr.Zero,
(uint)nLastError,
0, // Default language
ref lpMsgBuf,
0,
IntPtr.Zero);
if (dwChars == 0)
{
return "(unknown)";
}
string sRet = Marshal.PtrToStringAnsi(lpMsgBuf);
// Free the buffer.
lpMsgBuf = LocalFree(lpMsgBuf);
return sRet;
}
}
}

15
udsService/rpc/rpc.cs
View File

@ -161,7 +161,7 @@ namespace uds
bool ok = false;
if (rpc.Manager != null)
{
logger.Debug("Informing broker of ready state");
logger.Info("Machine is Ready");
try
{
List<Info.Computer.InterfaceInfo> interfaces = Info.Computer.GetInterfacesInfo();
@ -205,9 +205,21 @@ namespace uds
}
}
public static void FlushLoggers()
{
log4net.Repository.ILoggerRepository rep = LogManager.GetRepository();
foreach (log4net.Appender.IAppender appender in rep.GetAppenders())
{
var buffered = appender as log4net.Appender.BufferingAppenderSkeleton;
if (buffered != null)
buffered.Flush();
}
}
public static void ResetId()
{
logger.Debug("Reseting ID of rpc");
FlushLoggers();
if (rpc.Manager != null)
rpc.Manager._id = null;
}
@ -215,6 +227,7 @@ namespace uds
public static void ResetManager()
{
logger.Debug("Disabling rpc");
FlushLoggers();
rpc._manager = null;
}
}

31
udsService/udsService/RPCAppender.cs Normal file
View File

@ -0,0 +1,31 @@
using System;
using System.Collections.Generic;
using log4net;
namespace uds
{
public class RPCAppender : log4net.Appender.AppenderSkeleton
{
/// <summary>
/// Sends the logging event to UDS
/// </summary>
override protected void Append(log4net.Core.LoggingEvent lEvent)
{
string message = RenderLoggingEvent(lEvent);
// Filters out messages that are FATAL or DEBUG
if (lEvent.Level == log4net.Core.Level.Critical || lEvent.Level == log4net.Core.Level.Fatal || lEvent.Level == log4net.Core.Level.Debug)
return;
rpc.Log(message, lEvent.Level.Name);
}
/// <summary>
/// This appender requires a <see cref="Layout"/> to be set.
/// </summary>
override protected bool RequiresLayout
{
get { return true; }
}
}
}

32
udsService/udsService/Service.cs
View File

@ -13,10 +13,12 @@ namespace uds.Services
{
private static ILog logger = LogManager.GetLogger(typeof(Service));
const int secsDelay = 5;
const int retrySecsDelay = 60;
private Thread _thread;
private ManualResetEvent _stopEvent;
private TimeSpan _delay;
private TimeSpan _retryDelay;
private bool _reboot;
private static void SensLogon_Logon(string userName)
@ -71,6 +73,7 @@ namespace uds.Services
_thread = null;
_stopEvent = null;
_delay = new TimeSpan(0, 0, 0, secsDelay, 0);
_retryDelay = new TimeSpan(0, 0, 0, retrySecsDelay, 0);
_reboot = false;
}
@ -113,6 +116,10 @@ namespace uds.Services
{
logger.Debug("Initiated Service main");
Dictionary<string, string> knownIps = new Dictionary<string, string>();
try
{
// We have to wait till we have ip
List<Info.Computer.InterfaceInfo> interfaces = null;
while (interfaces == null)
@ -226,7 +233,6 @@ namespace uds.Services
}
logger.Debug("Main loop waiting for ip change");
// Now, every secs delay, get if the interfaces ips changes and notify service
Dictionary<string, string> knownIps = new Dictionary<string, string>();
try
{
foreach (Info.Computer.InterfaceInfo i in Info.Computer.GetInterfacesInfo())
@ -237,6 +243,11 @@ namespace uds.Services
logger.Error("Could not accesss ip adresses!!", e);
return;
}
}
catch (Exception e)
{
logger.Error(e);
}
while (true)
{
@ -273,13 +284,12 @@ namespace uds.Services
private void Rename(string name, string user, string oldPass, string newPass)
{
logger.Info("Requested renaming of computer to \"" + name + "\"");
// name and newName can be different case, but still same
Info.DomainInfo info = Info.Computer.GetDomainInfo();
if ( string.Equals(info.ComputerName, name, StringComparison.CurrentCultureIgnoreCase))
{
logger.Info("Computer do not needs to be renamed");
logger.Info("Computer name is " + info.ComputerName);
rpc.SetReady();
return;
}
@ -296,7 +306,7 @@ namespace uds.Services
}
}
if (Operation.RenameComputer(name) == false)
if (Operation.RenameComputer(name, _stopEvent, _retryDelay) == false)
{
logger.Error("Could not rename machine to \"" + name + "\"");
rpc.ResetManager();
@ -310,7 +320,6 @@ namespace uds.Services
private void OneStepJoin(string name, string domain, string ou, string account, string pass)
{
logger.Info("Requested one step join of computer to \"" + domain + "\" with name \"" + name + "\" under ou \"" + ou + "\"" );
// name and newName can be different case, but still same
Info.DomainInfo info = Info.Computer.GetDomainInfo();
if (string.Equals(info.ComputerName, name, StringComparison.CurrentCultureIgnoreCase))
@ -318,7 +327,7 @@ namespace uds.Services
// We should be already in the domain, if not, will try second step of "multiStepJoin"
if(info.Status == Info.DomainInfo.NetJoinStatus.NetSetupDomainName ) // Already in domain
{
logger.Debug("Machine already in the domain");
logger.Info("Machine " + name + " in domain " + domain);
rpc.SetReady();
return;
}
@ -327,14 +336,14 @@ namespace uds.Services
return;
}
// Needs to rename + join
if (Operation.RenameComputer(name) == false)
if (Operation.RenameComputer(name, _stopEvent, _retryDelay) == false)
{
logger.Error("Could not rename machine to \"" + name + "\"");
rpc.ResetManager();
return;
}
// Now try to join domain
if (Operation.JoinDomain(domain, ou, account, pass, true) == false)
if (Operation.JoinDomain(domain, ou, account, pass, true, _stopEvent, _retryDelay) == false)
{
logger.Error("Could not join domain \"" + domain + "\", ou \"" + ou + "\"");
rpc.ResetManager();
@ -346,19 +355,18 @@ namespace uds.Services
private void MultiStepJoin(string name, string domain, string ou, string account, string pass)
{
logger.Info("Requested two step join of computer to \"" + domain + "\" with name \"" + name + "\" under ou \"" + ou + "\"");
Info.DomainInfo info = Info.Computer.GetDomainInfo();
if (string.Equals(info.ComputerName, name, StringComparison.CurrentCultureIgnoreCase))
{
// Name already, now see if already in domain
if (info.Status == Info.DomainInfo.NetJoinStatus.NetSetupDomainName) // Already in domain
{
logger.Debug("Machine already in the domain");
logger.Info("Machine " + name + " in domain " + domain);
rpc.SetReady();
return;
}
// Now try to join domain
if (Operation.JoinDomain(domain, ou, account, pass, true) == false)
if (Operation.JoinDomain(domain, ou, account, pass, false, _stopEvent, _retryDelay) == false)
{
logger.Error("Could not join domain \"" + domain + "\", ou \"" + ou + "\"");
rpc.ResetManager();
@ -368,7 +376,7 @@ namespace uds.Services
else
{
// Try to rename machine
if (Operation.RenameComputer(name) == false)
if (Operation.RenameComputer(name, _stopEvent, _retryDelay) == false)
{
logger.Error("Could not rename machine to \"" + name + "\"");
rpc.ResetManager();