modifications to platform utilities that enable resetting group members

e536f7ab · sveseli · f31f93fc · e536f7ab · e536f7ab
Commit e536f7ab authored 9 years ago by sveseli
--- a/src/python/dm/common/utility/ldapLinuxPlatformUtility.py
+++ b/src/python/dm/common/utility/ldapLinuxPlatformUtility.py
@@ -164,6 +164,31 @@ class LdapLinuxPlatformUtility:
            logger.error('Could not add user %s to group %s: %s' % (username, groupName, ex))
            raise InternalError(exception=ex)

+    def setGroupUsers(self, groupName, usernameList):
+        """ Set list of users for a given group. """
+        logger = self.getLogger()
+        ldapClient = self.getLdapClient()
+        groupName = str(groupName)
+        try:
+            groupDn = self.groupDnFormat % groupName
+            resultList = ldapClient.search_s(groupDn, ldap.SCOPE_BASE)
+            groupTuple = resultList[0]
+            groupAttrs = groupTuple[1]
+        except Exception, ex:
+            raise InternalError(exception=ex)
+        logger.debug('Setting users %s for group %s' % (usernameList, groupName))
+        memberUidList = []
+        for username in usernameList:
+            memberUidList.append(str(username))
+        groupAttrs2 = copy.copy(groupAttrs)
+        groupAttrs2['memberUid'] = memberUidList
+        try:
+            groupLdif = ldap.modlist.modifyModlist(groupAttrs, groupAttrs2)
+            ldapClient.modify_s(groupDn, groupLdif)
+        except Exception, ex:
+            logger.error('Could not set users %s for group %s: %s' % (usernameList, groupName, ex))
+            raise InternalError(exception=ex)
+
    @classmethod
    def setPathReadExecutePermissionsForGroup(cls, path, groupName):
        """ Set path permissions for the given group. """
@@ -184,7 +209,5 @@ class LdapLinuxPlatformUtility:

 if __name__ == '__main__':
    utility = LdapLinuxPlatformUtility('ldaps://dmid-vm.xray.aps.anl.gov:636', 'uid=dmadmin,ou=People,o=aps.anl.gov,dc=aps,dc=anl,dc=gov', '/tmp/ldapPassword', groupDnFormat='cn=%s,ou=DM,ou=Group,o=aps.anl.gov,dc=aps,dc=anl,dc=gov', minGidNumber=66000)
-    utility.createGroup(u'exp9')
-    #utility.createGroup('dmgp000001_TOF')
-    utility.addUserToGroup(u'rs1', u'exp9')
+    utility.setGroupUsers(u'exp9', ['sveseli', 'bfrosik'])

--- a/src/python/dm/common/utility/linuxUtility.py
+++ b/src/python/dm/common/utility/linuxUtility.py
@@ -11,6 +11,7 @@ class LinuxUtility:
    USERMOD_CMD = '/usr/sbin/usermod'
    SETFACL_CMD = '/usr/bin/setfacl'
    CHOWN_CMD = '/bin/chown'
+    GPASSWD_CMD = '/usr/bin/gpasswd'

    @classmethod
    def getLogger(cls):
@@ -45,6 +46,14 @@ class LinuxUtility:
        cmd = '%s -a -G %s %s' % (cls.USERMOD_CMD, groupName, username)
        cls.executeSudoCommand(cmd)

+    @classmethod
+    def setGroupUsers(cls, groupName, usernameList):
+        """ Set list of users for a given group. """
+        logger = cls.getLogger()
+        logger.debug('Setting group %s users to: %s' % (groupName, username))
+        cmd = '%s -M "%s" %s' % (cls.GPASSWD_CMD, ','.join(usernameList), groupName)
+        cls.executeSudoCommand(cmd)
+
    @classmethod
    def setPathReadExecutePermissionsForGroup(cls, path, groupName):
        """ Set path permissions for the given group. """