Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos.core
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Nicolas Wavrant
slapos.core
Commits
40bbe00f
Commit
40bbe00f
authored
May 06, 2016
by
Alain Takoudjou
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
slapos_erp5: add constraint to check CertificateAuthorityTool and SlapOS Pluggable Auth Service
parent
ae1beab9
Changes
10
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
438 additions
and
0 deletions
+438
-0
master/bt5/slapos_erp5/PortalTypePropertySheetTemplateItem/property_sheet_list.xml
...rtalTypePropertySheetTemplateItem/property_sheet_list.xml
+3
-0
master/bt5/slapos_erp5/PropertySheetTemplateItem/portal_property_sheets/CertificateAuthorityToolConsistencyConstraint.xml
..._sheets/CertificateAuthorityToolConsistencyConstraint.xml
+66
-0
master/bt5/slapos_erp5/PropertySheetTemplateItem/portal_property_sheets/CertificateAuthorityToolConsistencyConstraint/acl_users_check_slapos_pas_constraint.xml
...tencyConstraint/acl_users_check_slapos_pas_constraint.xml
+80
-0
master/bt5/slapos_erp5/PropertySheetTemplateItem/portal_property_sheets/CertificateAuthorityToolConsistencyConstraint/certificate_authority_consistency_constraint_constraint.xml
...rtificate_authority_consistency_constraint_constraint.xml
+80
-0
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/CertificateAuthorityTool_checkCertificateAuthorityConsistency.py
...cateAuthorityTool_checkCertificateAuthorityConsistency.py
+29
-0
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/CertificateAuthorityTool_checkCertificateAuthorityConsistency.xml
...ateAuthorityTool_checkCertificateAuthorityConsistency.xml
+62
-0
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/CertificateAuthorityTool_checkSlapOSPASConsistency.py
...rp5/CertificateAuthorityTool_checkSlapOSPASConsistency.py
+54
-0
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/CertificateAuthorityTool_checkSlapOSPASConsistency.xml
...p5/CertificateAuthorityTool_checkSlapOSPASConsistency.xml
+62
-0
master/bt5/slapos_erp5/bt/template_portal_type_property_sheet_list
...5/slapos_erp5/bt/template_portal_type_property_sheet_list
+1
-0
master/bt5/slapos_erp5/bt/template_property_sheet_id_list
master/bt5/slapos_erp5/bt/template_property_sheet_id_list
+1
-0
No files found.
master/bt5/slapos_erp5/PortalTypePropertySheetTemplateItem/property_sheet_list.xml
View file @
40bbe00f
...
...
@@ -2,6 +2,9 @@
<portal_type
id=
"Business Configuration Module"
>
<item>
SlapOSModuleIdGeneratorConstraint
</item>
</portal_type>
<portal_type
id=
"Certificate Authority Tool"
>
<item>
CertificateAuthorityToolConsistencyConstraint
</item>
</portal_type>
<portal_type
id=
"Delivery Node Module"
>
<item>
SlapOSModuleIdGeneratorConstraint
</item>
</portal_type>
...
...
master/bt5/slapos_erp5/PropertySheetTemplateItem/portal_property_sheets/CertificateAuthorityToolConsistencyConstraint.xml
0 → 100644
View file @
40bbe00f
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"Property Sheet"
module=
"erp5.portal_type"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
_count
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAI=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
_mt_index
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAM=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
_tree
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAQ=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
CertificateAuthorityToolConsistencyConstraint
</string>
</value>
</item>
<item>
<key>
<string>
portal_type
</string>
</key>
<value>
<string>
Property Sheet
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"2"
aka=
"AAAAAAAAAAI="
>
<pickle>
<global
name=
"Length"
module=
"BTrees.Length"
/>
</pickle>
<pickle>
<int>
0
</int>
</pickle>
</record>
<record
id=
"3"
aka=
"AAAAAAAAAAM="
>
<pickle>
<global
name=
"OOBTree"
module=
"BTrees.OOBTree"
/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
<record
id=
"4"
aka=
"AAAAAAAAAAQ="
>
<pickle>
<global
name=
"OOBTree"
module=
"BTrees.OOBTree"
/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
</ZopeData>
master/bt5/slapos_erp5/PropertySheetTemplateItem/portal_property_sheets/CertificateAuthorityToolConsistencyConstraint/acl_users_check_slapos_pas_constraint.xml
0 → 100644
View file @
40bbe00f
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"Script Constraint"
module=
"erp5.portal_type"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
_identity_criterion
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAI=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
_range_criterion
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAM=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
categories
</string>
</key>
<value>
<tuple>
<string>
constraint_type/post_upgrade
</string>
</tuple>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
acl_users_check_slapos_pas_constraint
</string>
</value>
</item>
<item>
<key>
<string>
portal_type
</string>
</key>
<value>
<string>
Script Constraint
</string>
</value>
</item>
<item>
<key>
<string>
script_id
</string>
</key>
<value>
<string>
CertificateAuthorityTool_checkSlapOSPASConsistency
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"2"
aka=
"AAAAAAAAAAI="
>
<pickle>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
data
</string>
</key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"3"
aka=
"AAAAAAAAAAM="
>
<pickle>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
data
</string>
</key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
master/bt5/slapos_erp5/PropertySheetTemplateItem/portal_property_sheets/CertificateAuthorityToolConsistencyConstraint/certificate_authority_consistency_constraint_constraint.xml
0 → 100644
View file @
40bbe00f
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"Script Constraint"
module=
"erp5.portal_type"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
_identity_criterion
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAI=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
_range_criterion
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAM=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
categories
</string>
</key>
<value>
<tuple>
<string>
constraint_type/post_upgrade
</string>
</tuple>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
certificate_authority_consistency_constraint_constraint
</string>
</value>
</item>
<item>
<key>
<string>
portal_type
</string>
</key>
<value>
<string>
Script Constraint
</string>
</value>
</item>
<item>
<key>
<string>
script_id
</string>
</key>
<value>
<string>
CertificateAuthorityTool_checkCertificateAuthorityConsistency
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"2"
aka=
"AAAAAAAAAAI="
>
<pickle>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
data
</string>
</key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"3"
aka=
"AAAAAAAAAAM="
>
<pickle>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
data
</string>
</key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/CertificateAuthorityTool_checkCertificateAuthorityConsistency.py
0 → 100644
View file @
40bbe00f
portal
=
context
.
getPortalObject
()
error_list
=
[]
portal_certificate_authority
=
getattr
(
portal
,
'portal_certificate_authority'
,
None
)
promise_ca_path
=
portal
.
getPromiseParameter
(
'portal_certificate_authority'
,
'certificate_authority_path'
)
def
installCertificateAuthority
():
portal_certificate_authority
=
getattr
(
portal
,
'portal_certificate_authority'
,
None
)
if
portal_certificate_authority
is
None
:
portal
.
manage_addProduct
[
'ERP5'
].
manage_addTool
(
'ERP5 Certificate Authority Tool'
,
None
)
portal_certificate_authority
=
getattr
(
portal
,
'portal_certificate_authority'
)
portal_certificate_authority
.
manage_editCertificateAuthorityTool
(
certificate_authority_path
=
promise_ca_path
)
if
promise_ca_path
is
not
None
:
if
portal_certificate_authority
is
None
:
error_list
.
append
(
"Certificate Authority Tool is not present"
)
elif
portal_certificate_authority
.
certificate_authority_path
!=
promise_ca_path
:
error_list
.
append
(
"Certificate Authority Tool (OpenSSL)is not configured as Expected: %s"
%
"Expect %s
\
n
Got %s"
%
(
portal_certificate_authority
.
certificate_authority_path
,
promise_ca_path
))
if
len
(
error_list
)
>
0
and
fixit
:
installCertificateAuthority
()
return
[]
return
error_list
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/CertificateAuthorityTool_checkCertificateAuthorityConsistency.xml
0 → 100644
View file @
40bbe00f
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"PythonScript"
module=
"Products.PythonScripts.PythonScript"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
Script_magic
</string>
</key>
<value>
<int>
3
</int>
</value>
</item>
<item>
<key>
<string>
_bind_names
</string>
</key>
<value>
<object>
<klass>
<global
name=
"NameAssignments"
module=
"Shared.DC.Scripts.Bindings"
/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key>
<string>
_asgns
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
name_container
</string>
</key>
<value>
<string>
container
</string>
</value>
</item>
<item>
<key>
<string>
name_context
</string>
</key>
<value>
<string>
context
</string>
</value>
</item>
<item>
<key>
<string>
name_m_self
</string>
</key>
<value>
<string>
script
</string>
</value>
</item>
<item>
<key>
<string>
name_subpath
</string>
</key>
<value>
<string>
traverse_subpath
</string>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key>
<string>
_params
</string>
</key>
<value>
<string>
fixit=False, activate_kw={}, **kw
</string>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
CertificateAuthorityTool_checkCertificateAuthorityConsistency
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/CertificateAuthorityTool_checkSlapOSPASConsistency.py
0 → 100644
View file @
40bbe00f
portal
=
context
.
getPortalObject
()
slapos_plugin_dict
=
{
'IExtractionPlugin'
:
[
'SlapOS Machine Authentication Plugin'
,
'ERP5 Access Token Extraction Plugin'
,
],
'IAuthenticationPlugin'
:
[
'SlapOS Machine Authentication Plugin'
,
'SlapOS Shadow Authentication Plugin'
,
],
'IGroupsPlugin'
:
[
'SlapOS Machine Authentication Plugin'
,
'SlapOS Shadow Authentication Plugin'
,
],
'IUserEnumerationPlugin'
:
[
'SlapOS Machine Authentication Plugin'
,
'SlapOS Shadow Authentication Plugin'
,
]
}
def
mergePASDictDifference
(
portal
,
d
,
fixit
):
plugins
=
portal
.
acl_users
.
plugins
plugin_type_info
=
plugins
.
listPluginTypeInfo
()
error_list
=
[]
for
plugin
,
active_list
in
d
.
iteritems
():
plugin_info
=
[
q
for
q
in
plugin_type_info
if
q
[
'id'
]
==
plugin
][
0
]
found_list
=
plugins
.
listPlugins
(
plugin_info
[
'interface'
])
meta_type_list
=
[
q
[
1
].
meta_type
for
q
in
found_list
]
for
expected
in
active_list
:
if
expected
not
in
meta_type_list
:
error
=
'Plugin %s missing %s.'
%
(
plugin
,
expected
)
if
fixit
:
existing
=
[
q
for
q
in
portal
.
acl_users
.
objectValues
()
if
q
.
meta_type
==
expected
]
if
len
(
existing
)
==
0
:
error_list
.
append
(
'%s not found'
%
expected
)
else
:
plugins
.
activatePlugin
(
plugin_info
[
'interface'
],
existing
[
0
].
getId
())
error
+=
' Fixed.'
error_list
.
append
(
error
)
return
error_list
pas_difference
=
mergePASDictDifference
(
portal
,
slapos_plugin_dict
,
fixit
)
if
len
(
pas_difference
)
!=
0
:
message
=
"PAS not configured as expected"
if
fixit
:
message
+=
' (fixed). '
else
:
message
+=
". "
message
+=
"Difference:
\
n
%s"
%
(
'
\
n
'
.
join
(
pas_difference
),
)
return
[
message
]
return
[]
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/CertificateAuthorityTool_checkSlapOSPASConsistency.xml
0 → 100644
View file @
40bbe00f
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"PythonScript"
module=
"Products.PythonScripts.PythonScript"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
Script_magic
</string>
</key>
<value>
<int>
3
</int>
</value>
</item>
<item>
<key>
<string>
_bind_names
</string>
</key>
<value>
<object>
<klass>
<global
name=
"NameAssignments"
module=
"Shared.DC.Scripts.Bindings"
/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key>
<string>
_asgns
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
name_container
</string>
</key>
<value>
<string>
container
</string>
</value>
</item>
<item>
<key>
<string>
name_context
</string>
</key>
<value>
<string>
context
</string>
</value>
</item>
<item>
<key>
<string>
name_m_self
</string>
</key>
<value>
<string>
script
</string>
</value>
</item>
<item>
<key>
<string>
name_subpath
</string>
</key>
<value>
<string>
traverse_subpath
</string>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key>
<string>
_params
</string>
</key>
<value>
<string>
fixit=False, activate_kw={}, **kw
</string>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
CertificateAuthorityTool_checkSlapOSPASConsistency
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
master/bt5/slapos_erp5/bt/template_portal_type_property_sheet_list
View file @
40bbe00f
Business Configuration Module | SlapOSModuleIdGeneratorConstraint
Certificate Authority Tool | CertificateAuthorityToolConsistencyConstraint
Delivery Node Module | SlapOSModuleIdGeneratorConstraint
Workflow Module | SlapOSModuleIdGeneratorConstraint
\ No newline at end of file
master/bt5/slapos_erp5/bt/template_property_sheet_id_list
View file @
40bbe00f
PreferenceToolSlapOSConstraintPreference
CertificateAuthorityToolConsistencyConstraint
SlapOSModuleIdGeneratorConstraint
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment