Module: check_mk
Branch: master
Commit: fdb39fea3a4c690e3e069de83bab2859dfa20507
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=fdb39fea3a4c69…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Mon Nov 19 08:35:28 2012 +0100
userdb: Moved authentication serials to single file in global configuration dir
---
web/htdocs/userdb.py | 13 +++++++++++--
web/htdocs/wato.py | 28 +++++++++++++++++++++-------
2 files changed, 32 insertions(+), 9 deletions(-)
diff --git a/web/htdocs/userdb.py b/web/htdocs/userdb.py
index 2ebd0e0..2d8dec9 100644
--- a/web/htdocs/userdb.py
+++ b/web/htdocs/userdb.py
@@ -178,7 +178,7 @@ def hook_sync(connector_id = None, add_to_changelog = False,
only_username = Non
if handler:
try:
handler(add_to_changelog, only_username)
- except:
+ except MKLDAPException, e:
if config.debug:
import traceback
html.show_error(
@@ -186,7 +186,16 @@ def hook_sync(connector_id = None, add_to_changelog = False,
only_username = Non
"<pre>%s</pre>" % (traceback.format_exc())
)
else:
- raise
+ html.show_error(
+ "<h3>" + _("Error executing sync hook")
+ "</h3>"
+ "<pre>%s</pre>" % (e)
+ )
+ except:
+ import traceback
+ html.show_error(
+ "<h3>" + _("Error executing sync hook") +
"</h3>"
+ "<pre>%s</pre>" % (traceback.format_exc())
+ )
# Hook function can be registered here to be executed during saving of the
# new user construct
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index 876d349..6012de8 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -133,7 +133,8 @@ replication_paths = [
( "dir", "check_mk", root_dir ),
( "dir", "multisite", multisite_dir ),
( "file", "htpasswd", defaults.htpasswd_file ),
- ( "file", "auth.secret", '%s/auth.secret' %
os.path.dirname(defaults.htpasswd_file) ),
+ ( "file", "auth.secret", '%s/auth.secret' %
os.path.dirname(defaults.htpasswd_file) ),
+ ( "file", "auth.serials", '%s/auth.serials' %
os.path.dirname(defaults.htpasswd_file) ),
# Also replicate the user-settings of Multisite? While the replication
# as such works pretty well, the count of pending changes will not
# know.
@@ -8396,6 +8397,17 @@ def load_users():
result[id] = new_user
# Other unknown entries will silently be dropped. Sorry...
+ # Now read the serials, only process for existing users
+ serials_file = '%s/auth.serials' % os.path.dirname(defaults.htpasswd_file)
+ if os.path.exists(serials_file):
+ for line in file(serials_file):
+ line = line.strip()
+ if ':' in line:
+ html.write(line)
+ user_id, serial = line.split(':')[:2]
+ if user_id in result:
+ result[user_id]['serial'] = saveint(serial)
+
# Now read the user specific files
dir = defaults.var_dir + "/web/"
for d in os.listdir(dir):
@@ -8415,12 +8427,6 @@ def load_users():
"automation_secret" : secret,
}
- # read the users serials, only process for existing users
- if id in result:
- serial_file = dir + d + '/serial.mk'
- if os.path.exists(serial_file):
- result[id]['serial'] =
saveint(file(serial_file).read().strip())
-
return result
def split_dict(d, keylist, positive):
@@ -8478,6 +8484,14 @@ def save_users(profiles):
# Execute user connector save hooks
userdb.hook_save(profiles)
+ # Write out the users serials
+ serials_file = '%s/auth.serials' % os.path.dirname(defaults.htpasswd_file)
+ out = create_user_file(serials_file, "w")
+ out.write('# Writtem by WATO\n')
+ for user_id, user in profiles.items():
+ out.write('%s:%d\n' % (user_id, user.get('serial', 0)))
+ out.close()
+
# Write user specific files
for id, user in profiles.items():
user_dir = defaults.var_dir + "/web/" + id