Removed files left from previous gpoa version

2025-03-21 18:50:38 +03:00 · 2019-11-15 13:07:26 +04:00 · 2019-11-15 13:07:26 +04:00 · e461b684a3
commit e461b684a3
parent 859a41d481
17 changed files with 0 additions and 398 deletions
--- a/gpoa/init.py
+++ b/gpoa/init.py
--- a/gpoa/generator/gen.py
+++ b/gpoa/generator/gen.py
@ -1,2 +0,0 @@
-if __name__ == "__main__":
-    print("main here!")
--- a/gpoa/generator/requirements.txt
+++ b/gpoa/generator/requirements.txt
@ -1 +0,0 @@
-Jinja2
--- a/gpoa/policy/init.py
+++ b/gpoa/policy/init.py
@ -1,13 +0,0 @@
-import policy.firewall
-import policy.removable_devices_perms
-import policy.printers
-import policy.shortcuts
-import policy.applications
-from policy.common import Perms
-
-data_roots = {}
-data_roots.update(policy.firewall.data_roots)
-data_roots.update(policy.removable_devices_perms.data_roots)
-data_roots.update(policy.printers.data_roots)
-data_roots.update(policy.shortcuts.data_roots)
-data_roots.update(policy.applications.data_roots)
--- a/gpoa/policy/applications.py
+++ b/gpoa/policy/applications.py
@ -1,24 +0,0 @@
-from policy.common import Policy, Perms
-import os
-from pathlib import Path
-
-class Applications (Policy):
-    def __init__(self):
-        self._Policy__name = "Applications"
-        self._Policy__script_name = "applications.sh"
-        self._Policy__template = "applications.bash.j2"
-        self._Policy__perms = Perms.ROOT
-
-    def process(self, scope, path):
-        applications = []
-        print("{name} processing {path} ({scope})".format(name=self.name,path=path,scope=scope))
-        for p in os.listdir(path):
-            package_name = Path('{}/{}/packageName'.format(path, p)).read_text()
-            product_name = Path('{}/{}/productName'.format(path, p)).read_text()
-            applications.append({'uuid': p, 'package': package_name, 'name': product_name}) 
-
-        return ({'applications': applications})
-
-data_roots = {
-    "Applications": Applications
-}
--- a/gpoa/policy/common.py
+++ b/gpoa/policy/common.py
@ -1,44 +0,0 @@
-from enum import Enum
-
-class Perms (Enum):
-    USER = 1
-    ROOT = 2
-
-class Policy (object):
-    @property
-    def name(self):
-        try:
-            return self.__name
-        except AttributeError as e:
-            raise e
-
-    @property
-    def script_name(self):
-        try:
-            return self.__script_name
-        except AttributeError as e:
-            raise e
-
-    @property
-    def template(self):
-        try:
-            return self.__template
-        except AttributeError as e:
-            raise e
-
-    @property
-    def data_roots(self):
-        try:
-            return self.__data_roots
-        except AttributeError as e:
-            raise e
-
-    @property
-    def perms(self):
-        try:
-            return self.__perms
-        except AttributeError as e:
-            raise e
-
-    def process(self, scope, path):
-        raise "process must be implemented in child class"
--- a/gpoa/policy/firewall.py
+++ b/gpoa/policy/firewall.py
@ -1,46 +0,0 @@
-from policy.common import Policy, Perms
-import os
-from pathlib import Path
-
-class Firewall (Policy):
-    def __init__(self):
-        self._Policy__name = "Firewall"
-        self._Policy__script_name = "firewall.sh"
-        self._Policy__template = "firewall.bash.j2"
-        self._Policy__perms = Perms.ROOT  
-    
-    def process(self, scope, path):
-        print("{name} processing {path} ({scope})".format(name=self.name,path=path,scope=scope))
-        zoneRules = {}
-        for p in os.listdir(path):
-            if path.split('/')[-1:] == ["WindowsFirewall"]:
-                for zone in os.listdir(path):
-                    print("processing {} prifile".format(zone))
-                    zoneRules[zone] = self.__process_firewall_rules(zone, path)
-
-        return ({'zoneRules': zoneRules})
-
-    def __process_firewall_rules(self, zone, path):
-        print("processing rules in {} zone".format(zone))
-        base = "{}/{}".format(path, zone)
-        openPortsPath = "GloballyOpenPorts"
-        rules = {}
-        if os.path.exists("{}/{}".format(base, openPortsPath)):
-            listPath = "{}/{}/List".format(base, openPortsPath)
-            openPorts = []
-            for r in os.listdir(listPath):
-                rule = Path('{}/{}'.format(listPath, r)).read_text()
-                [port, proto, srcs, enabled, name] = rule.split(':')
-                sources = srcs.split(',')
-                openPorts.append({'proto': proto, 'port': port, 'sources': sources})
-            rules['openPorts'] = openPorts
-            
-        return(rules)
-
-#        for r in os.listdir("{}/{}".format(path,zone)):
-#            print(r)
-
-data_roots = {
-    "Software/Microsoft/Windows/CurrentVersion/Policies/NetworkAccessProtection/ClientConfig": Firewall,
-    "Software/Microsoft/Windows/CurrentVersion/Policies/WindowsFirewall": Firewall
-}
--- a/gpoa/policy/printers.py
+++ b/gpoa/policy/printers.py
@ -1,40 +0,0 @@
-from policy.common import Policy, Perms
-import os
-
-class Printers (Policy):
-    def __init__(self):
-        self._Policy__name = "Printers"
-        self._Policy__script_name = "printers.sh"
-        self._Policy__template = "printers.bash.j2"
-        self._Policy__perms = Perms.ROOT
-    
-    def process(self, scope, path):
-        print("{name} processing {path} ({scope})".format(name=self.name,path=path,scope=scope))
-        shared_path = "{}/SharedPrinter".format(path)
-        port_path   = "{}/PortPrinter".format(path)
-        local_path  = "{}/LocalPrinter".format(path)
-        printers = []
-        if os.path.exists(shared_path):
-            print("SharedPrinters")
-        if os.path.exists(port_path):
-            print("PortPrinters")
-            for p in os.listdir(port_path):
-                with open("{}/{}/ipAddress".format(port_path,p)) as f:
-                    addr = f.read()
-                with open("{}/{}/localName".format(port_path,p)) as f:
-                    name = f.read()
-                prns = {'name': name, 'addr': addr}
-                printers.append(prns)
-
-        if os.path.exists(local_path):
-            print("LocalPrinters")
-
-        return ({'printers': printers})
-
-    @property
-    def data_roots(self):
-        return data_roots
-
-data_roots = {
-    "Preferences/Printers": Printers
-}
--- a/gpoa/policy/removable_devices_perms.py
+++ b/gpoa/policy/removable_devices_perms.py
@ -1,51 +0,0 @@
-from policy.common import Policy, Perms
-from enum import Enum
-import os
-
-class DevType (Enum):
-    CDDVD     = "{53f56308-b6bf-11d0-94f2-00a0c91efb8b}"
-    FLOPPY    = "{53f56311-b6bf-11d0-94f2-00a0c91efb8b}"
-    REMDISKS  = "{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}"
-    TAPEDRIVE = "{53f5630b-b6bf-11d0-94f2-00a0c91efb8b}"
-    WPDDEV1   = "{6AC27878-A6FA-4155-BA85-F98F491D4F33}"
-    WPDDEV2   = "{F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE}"
-
-class RemovableDevices (Policy):
-    def __init__(self):
-        self._Policy__name = "RemovebleDivicesPerms"
-        self._Policy__script_name = "removable_devices_perms.sh"
-        self._Policy__template = "removable_devices_perms.bash.j2"
-        self._Policy__perms = Perms.ROOT
-
-    def process(self, scope, path):
-        print("{name} processing {path} ({scope})".format(name=self.name,path=path,scope=scope))
-        perms = {}
-        for p in os.listdir(path):
-            if DevType(p) == DevType.REMDISKS:
-                perms['Removable'] = self.__parse_perms('{}/{}'.format(path,p))
-#            elif DevType(p) == DevType.CDDVD:
-
-        perms['CDDVD'] = {'deny_exec': True, 'deny_read': False, 'deny_write': True}
-        return (perms)
-
-    def __parse_perms(self, path):
-        deny_exec = self.__read_perm('{}/Deny_Execute.dword'.format(path))
-        deny_read = self.__read_perm('{}/Deny_Read.dword'.format(path))
-        deny_write = self.__read_perm('{}/Deny_Write.dword'.format(path))
-        return ({'deny_exec': deny_exec, 'deny_read': deny_read, 'deny_write': deny_write})
-    
-    def __read_perm(self, path):
-        try:
-            f = open(path, 'r')
-        except FileNotFoundError:
-            return False
-        
-        p = f.read()
-        if p == "0x00000001":
-            return True
-        else:
-            return False
-
-data_roots = {
-    "Software/Microsoft/Windows/CurrentVersion/Policies/RemovableStorageDevices": RemovableDevices
-}
--- a/gpoa/policy/shortcuts.py
+++ b/gpoa/policy/shortcuts.py
@ -1,24 +0,0 @@
-from policy.common import Policy, Perms
-import os
-from pathlib import Path
-
-class Shortcuts (Policy):
-    def __init__(self):
-        self._Policy__name = "Shortcuts"
-        self._Policy__script_name = "shortcuts.sh"
-        self._Policy__template = "shortcuts.bash.j2"
-        self._Policy__perms = Perms.USER
-
-    def process(self, scope, path):
-        shortcuts = []
-        print("{name} processing {path} ({scope})".format(name=self.name,path=path,scope=scope))
-        for p in os.listdir(path):
-            target_path = Path('{}/{}/targetPath'.format(path, p)).read_text()
-            arguments = Path('{}/{}/arguments'.format(path, p)).read_text()
-            shortcuts.append({'name': p, 'target': target_path, 'args': arguments}) 
-
-        return ({'shortcuts': shortcuts})
-
-data_roots = {
-    "Preferences/Shortcuts": Shortcuts
-}
--- a/gpoa/templ.py
+++ b/gpoa/templ.py
@ -1,7 +0,0 @@
-from jinja2 import  Environment, PackageLoader, FileSystemLoader, StrictUndefined, select_autoescape
-
-templateLoader = FileSystemLoader(searchpath="./templates")
-env = Environment(loader=templateLoader, undefined=StrictUndefined)
-template = env.get_template('printers.bash.j2')
-
-print(template.render(printer_name="HP_via_script", printer_address="10.64.128.250", DEBUG=False))
--- a/gpoa/templates/applications.bash.j2
+++ b/gpoa/templates/applications.bash.j2
@ -1,9 +0,0 @@
-{% include "header.bash.j2" %}
-MODULE_NAME="Applications"
-
-{% for a in applications %}
-{%set app_name = a.name %}
-{%set pkg_name = a.package %}
-logI "Install {{ pkg_name }} via apt-get"
-apt-get install -y "${pkg_name}"
-{% endfor %}
--- a/gpoa/templates/firewall.bash.j2
+++ b/gpoa/templates/firewall.bash.j2
@ -1,22 +0,0 @@
-{% include 'header.bash.j2' %}
-MODULE_NAME="Firewall"
-
-on_exit() {
-    logI "on_exit in ${MODULE_NAME}"
-}
-
-{% for z,rs in zoneRules.items() %}
-logI "Processing rules in zone {{z}}"
-if ! firewall-cmd --permanent --list-all-zones | grep -ve '\(^[[:space:]]*$\|\ .*\)' | grep -q "{{z}}"; then
-firewall-cmd --permanent --new-zone="{{z}}"
-fi
-{% if "openPorts" in rs %}
-logI "Define opened ports"
-{% for p in rs['openPorts'] %}
-{% for s in p.sources %}
-firewall-cmd --permanent --zone="{{z}}" --add-source="{{s}}"
-{% endfor %}
-firewall-cmd --permanent --zone={{z}} --add-port={{p.port}}/{{p.proto | lower }}
-{% endfor %}
-{% endif %}
-{% endfor %}
--- a/gpoa/templates/header.bash.j2
+++ b/gpoa/templates/header.bash.j2
@ -1,63 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-{% if DEBUG %}
-set -x
-{% endif %}
-
-BASE_DIR="${TMP}/gpoA"
-LOG_DIR="${BASE_DIR}/log"
-#STDERR_TO="${LOG_DIR}/stderr.log"
-
-__log () {
-    local level="$1"
-    local msg="$2"
-    local mod_name="${MODULE_NAME}"
-    echo "${mod_name} [${level}] ${msg}"
-}
-
-logD () {
-    __log "DEBUG" "$1"
-}
-
-logI () {
-    __log "INFO" "$1"
-}
-
-logW () {
-    __log "WARNING" "$1"
-}
-
-logE () {
-    __log "ERROR" "$1"
-    exit 1
-}
-
-__if_func_exists() {
-    declare -f -F "$1" >/dev/null
-    return $?
-}
-__on_exit() {
-    __if_func_exists "on_exit" && on_exit
-    logI "Finalizyng..."
-}
-
-__on_error() {
-    __if_func_exists "on_error" && on_exit
-    logE "Error..."
-}
-
-__init() {
-    [[ -d "${BASE_DIR}" ]] || mkdir "${BASE_DIR}"
-    [[ -d "${LOG_DIR}"  ]] || mkdir "${LOG_DIR}"
-#    exec 2> ${STDERR_TO}
-}
-
-for sig in SIGINT SIGTERM SIGHUP SIGQUIT EXIT RETURN; do
-    trap __on_exit $sig
-done
-
-#for sig in ERR; do
-#    trap __on_error $sig
-#done
-
-__init
--- a/gpoa/templates/printers.bash.j2
+++ b/gpoa/templates/printers.bash.j2
@ -1,16 +0,0 @@
-{% include "header.bash.j2" %}
-MODULE_NAME="Printers"
-
-{% for p in printers %}
-{%set printer_name = p.name | replace(" ", "_")  %}
-{%set printer_address = p.addr %}
-logI "Search if {{ printer_name }} is already defined"
-URI=$(LC_ALL="C" lpstat -v | awk '$3 ~ /{{ printer_name }}:/ { print $4;}')
-if [[ -z "$URI" ]]; then
-    logI "Register {{ printer_name }} on {{ printer_address }}"
-    lpadmin -p "{{ printer_name }}" -E -v "ipp://{{ printer_address }}/ipp/print" -m everywhere
-    logI "Done"
-else
-    logI "{{ printer_name }} is already defined as ${URI}. Nothing to do."
-fi
-{% endfor %}
--- a/gpoa/templates/removable_devices_perms.bash.j2
+++ b/gpoa/templates/removable_devices_perms.bash.j2
@ -1,25 +0,0 @@
-{% include "header.bash.j2" %}
-MODULE_NAME="Removable Devices Perms"
-
-mk_udisk2_rules() {
-    local allow="$1"
-    cat <<EOF >/etc/polkit-1/rules.d/60-udisks2.rules
-polkit.addRule(function(action, subject) {
-    var YES = polkit.Result.YES;
-    var NO  = polkit.Result.NO;
-    var perms = {
-        "org.freedesktop.udisks2.filesystem-mount": ${allow},
-        "org.freedesktop.udisks2.filesystem-mount-system": ${allow},
-        "org.freedesktop.udisks2.filesystem-mount-other-seat": ${allow},
-   
-    };
-//    if (!subject.isInGroup("wheel")) {
-        return permission[action.id];
-//    }
-});
-EOF
-}
-
-{% if Removable is defined and (Removable.deny_exec or Removable.deny_read or Removable.deny_write) %}
-mk_udisk2_rules "NO"
-{% endif %}
--- a/gpoa/templates/shortcuts.bash.j2
+++ b/gpoa/templates/shortcuts.bash.j2
@ -1,11 +0,0 @@
-{% include "header.bash.j2" %}
-MODULE_NAME="Shortcuts"
-DESKTOP_DIR=$(xdg-user-dir DESKTOP)
-
-{% for s in shortcuts %}
-cat <<EOF >"${DESKTOP_DIR}/{{s.name}}.desktop"
-[Desktop Entry]
-Name={{s.name}}
-Exec={{s.target}} {{s.args}}
-EOF
-{% endfor %}