import os @app.route("/roles") @login_required def roles(): env = "prod" host = os.uname()[1] roles = client.run("pillar.items",client="local", tgt=host)[host]["roles"] print(roles) #add servers that have each role dname = "/srv/salt/" + env + "/pillars/servers/roles/server/" for role in roles: roles[role]["servers"]=[] for fname in os.listdir(dname): f = open(dname+fname,"r") lines = f.readlines() f.close() sname = os.path.splitext(fname)[0] print(sname) for line in lines: role = line.replace("-","").replace("\n","").strip() if role != "roles:" and role != "grains:": roles[role]["servers"].append(sname) print(roles) usr = session.get('username') from subprocess import check_output grpstr = check_output(["groups", usr]) groups = grpstr.split(" : ")[1].split() maintainers = [usr] for grp in groups: maintainers.append("%"+grp+"%") print(maintainers) return render_template('roles.html', roles=roles, mnts=maintainers) @app.route("/role_add/") @login_required def role_add(role): env = "prod" #we need to create a file at pillars/maintainer/roles/[role].sls for this page. it should have the current user as initial maintainer #Only do if file doesn't already exist fname = "/srv/salt/" + env + "/pillars/roles/maintainer/" + role + ".sls" if not (os.path.exists(fname)): f = open(fname,"w") f.write("roles:\n") f.write(" "+role+":\n") f.write(" maintainer:\n") user = session.get('username') f.write(" - "+user+"\n") f.close() #We need to add role to pillars/maintainer/roles/init.sls fname = "/srv/salt/" + env + "/pillars/roles/maintainer/init.sls" if (os.path.exists(fname)): f = open(fname,"a") f.write(" - roles.maintainer." + role + "\n") f.close() return redirect("/roles",302) @app.route("/role_del/") @login_required def role_del(role): if is_role_maintainer(role): env = "prod" #We need to remove role from pillars/maintainer/roles/init.sls fname = "/srv/salt/" + env + "/pillars/roles/maintainer/init.sls" if (os.path.exists(fname)): f = open(fname,"r") lines = f.readlines() f.close() f = open(fname,"w") for line in lines: if line != " - roles.maintainer." + role + "\n": f.write(line) f.close() #we need to remove maintainer file for the role if it exists fname = "/srv/salt/" + env + "/pillars/roles/maintainer/" + role + ".sls" if (os.path.exists(fname)): os.remove(fname) #We need to remove references to the role next dname = "/srv/salt/" + env + "/pillars/servers/roles/server/" for fname in os.listdir(dname): f = open(dname+fname,"r") lines = f.readlines() f.close() f = open(dname+fname,"w") for line in lines: if line != " - " + role + "\n": f.write(line) f.close() return redirect("/roles",302) @app.route("/role/") @login_required def role_display(role): #build json object env = "prod" rjson = {} dname = "/srv/salt/" + env + "/pillars/roles/" for folder in os.listdir(dname): print(folder) if os.path.isdir(dname + folder): #grab matching file fname = dname + folder + "/" + role + ".sls" rjson[folder]=[] if os.path.exists(fname): f = open(fname,"r") lines = f.readlines() f.close() for line in lines: #add maintainers if folder == "maintainer": item = line.replace("-","").replace("\n","").strip() if item != "roles:" and item != role+":" and item != "maintainer:": rjson[folder].append(item) else: #add everything else line=line.rstrip() rjson[folder].append(line) dname = "/srv/salt/" + env + "/pillars/servers/roles/server/" rjson["servers"]=[] for fname in os.listdir(dname): f = open(dname+fname,"r") lines = f.readlines() f.close() sname = os.path.splitext(fname)[0] print(sname) for line in lines: thisrole = line.replace("-","").replace("\n","").strip() if role == thisrole: rjson["servers"].append(sname) rjson["name"] = role print(rjson) return render_template('role_display.html', rjson=rjson, is_mnt=is_role_maintainer(rjson["name"])) @app.route("/role_add_server//") @login_required def role_add_server(role, server): if is_server_maintainer(server): env = "prod" #We need to add role to pillars/servers/roles/server/.sls fname = "/srv/salt/" + env + "/pillars/servers/roles/server/" + server + ".sls" print(fname) print(server) print(role) if (os.path.exists(fname)): f = open(fname,"a") f.write(" - " + role + "\n") f.close() return redirect("/role/" + role,302) @app.route("/role_rem_server//") @login_required def role_rem_server(role, server): if is_server_maintainer(server): env = "prod" #We need to remove role from pillars/servers/roles/server/.sls fname = "/srv/salt/" + env + "/pillars/servers/roles/server/" + server + ".sls" print(fname) print(server) print(role) if (os.path.exists(fname)): f = open(fname,"r") lines = f.readlines() f.close() f = open(fname,"w") for line in lines: if line != " - " + role + "\n": f.write(line) f.close() return redirect("/role/" + role,302) def is_role_maintainer(role): host = os.uname()[1] maintainers = client.run("pillar.items",client="local", tgt=host)[host]["roles"][role]["maintainer"] usr = session.get('username') from subprocess import check_output grpstr = check_output(["groups", usr]) groups = grpstr.split(" : ")[1].split() is_maintainer = False if usr in maintainers: is_maintainer = True else: for grp in groups: if "%"+grp+"%" in maintainers: is_maintainer = True break return is_maintainer