import os
@app.route("/roles")
@login_required
def roles():
env = "prod"
host = os.uname()[1]
roles = client.run("pillar.items",client="local", tgt=host)[host]["roles"]
print(roles)
#add servers that have each role
dname = "/srv/salt/" + env + "/pillars/servers/roles/server/"
for role in roles:
roles[role]["servers"]=[]
for fname in os.listdir(dname):
f = open(dname+fname,"r")
lines = f.readlines()
f.close()
sname = os.path.splitext(fname)[0]
print(sname)
for line in lines:
role = line.replace("-","").replace("\n","").strip()
if role != "roles:" and role != "grains:":
roles[role]["servers"].append(sname)
print(roles)
usr = session.get('username')
from subprocess import check_output
grpstr = check_output(["groups", usr])
groups = grpstr.split(" : ")[1].split()
maintainers = [usr]
for grp in groups:
maintainers.append("%"+grp+"%")
print(maintainers)
return render_template('roles.html', roles=roles, mnts=maintainers)
@app.route("/role_add/<role>")
@login_required
def role_add(role):
env = "prod"
#we need to create a file at pillars/maintainer/roles/[role].sls for this page. it should have the current user as initial maintainer
#Only do if file doesn't already exist
fname = "/srv/salt/" + env + "/pillars/roles/maintainer/" + role + ".sls"
if not (os.path.exists(fname)):
f = open(fname,"w")
f.write("roles:\n")
f.write(" "+role+":\n")
f.write(" maintainer:\n")
user = session.get('username')
f.write(" - "+user+"\n")
f.close()
#We need to add role to pillars/maintainer/roles/init.sls
fname = "/srv/salt/" + env + "/pillars/roles/maintainer/init.sls"
if (os.path.exists(fname)):
f = open(fname,"a")
f.write(" - roles.maintainer." + role + "\n")
f.close()
return redirect("/roles",302)
@app.route("/role_del/<role>")
@login_required
def role_del(role):
if is_role_maintainer(role):
env = "prod"
#We need to remove role from pillars/maintainer/roles/init.sls
fname = "/srv/salt/" + env + "/pillars/roles/maintainer/init.sls"
if (os.path.exists(fname)):
f = open(fname,"r")
lines = f.readlines()
f.close()
f = open(fname,"w")
for line in lines:
if line != " - roles.maintainer." + role + "\n":
f.write(line)
f.close()
#we need to remove maintainer file for the role if it exists
fname = "/srv/salt/" + env + "/pillars/roles/maintainer/" + role + ".sls"
if (os.path.exists(fname)):
os.remove(fname)
#We need to remove references to the role next
dname = "/srv/salt/" + env + "/pillars/servers/roles/server/"
for fname in os.listdir(dname):
f = open(dname+fname,"r")
lines = f.readlines()
f.close()
f = open(dname+fname,"w")
for line in lines:
if line != " - " + role + "\n":
f.write(line)
f.close()
return redirect("/roles",302)
@app.route("/role/<role>")
@login_required
def role_display(role):
#build json object
env = "prod"
rjson = {}
dname = "/srv/salt/" + env + "/pillars/roles/"
for folder in os.listdir(dname):
print(folder)
if os.path.isdir(dname + folder):
#grab matching file
fname = dname + folder + "/" + role + ".sls"
rjson[folder]=[]
if os.path.exists(fname):
f = open(fname,"r")
lines = f.readlines()
f.close()
for line in lines:
#add maintainers
if folder == "maintainer":
item = line.replace("-","").replace("\n","").strip()
if item != "roles:" and item != role+":" and item != "maintainer:":
rjson[folder].append(item)
else:
#add everything else
line=line.rstrip()
rjson[folder].append(line)
dname = "/srv/salt/" + env + "/pillars/servers/roles/server/"
rjson["servers"]=[]
for fname in os.listdir(dname):
f = open(dname+fname,"r")
lines = f.readlines()
f.close()
sname = os.path.splitext(fname)[0]
print(sname)
for line in lines:
thisrole = line.replace("-","").replace("\n","").strip()
if role == thisrole:
rjson["servers"].append(sname)
rjson["name"] = role
print(rjson)
return render_template('role_display.html', rjson=rjson, is_mnt=is_role_maintainer(rjson["name"]))
@app.route("/role_add_server/<role>/<server>")
@login_required
def role_add_server(role, server):
if is_server_maintainer(server):
env = "prod"
#We need to add role to pillars/servers/roles/server/<server>.sls
fname = "/srv/salt/" + env + "/pillars/servers/roles/server/" + server + ".sls"
print(fname)
print(server)
print(role)
if (os.path.exists(fname)):
f = open(fname,"a")
f.write(" - " + role + "\n")
f.close()
return redirect("/role/" + role,302)
@app.route("/role_rem_server/<role>/<server>")
@login_required
def role_rem_server(role, server):
if is_server_maintainer(server):
env = "prod"
#We need to remove role from pillars/servers/roles/server/<server>.sls
fname = "/srv/salt/" + env + "/pillars/servers/roles/server/" + server + ".sls"
print(fname)
print(server)
print(role)
if (os.path.exists(fname)):
f = open(fname,"r")
lines = f.readlines()
f.close()
f = open(fname,"w")
for line in lines:
if line != " - " + role + "\n":
f.write(line)
f.close()
return redirect("/role/" + role,302)
def is_role_maintainer(role):
host = os.uname()[1]
maintainers = client.run("pillar.items",client="local", tgt=host)[host]["roles"][role]["maintainer"]
usr = session.get('username')
from subprocess import check_output
grpstr = check_output(["groups", usr])
groups = grpstr.split(" : ")[1].split()
is_maintainer = False
if usr in maintainers:
is_maintainer = True
else:
for grp in groups:
if "%"+grp+"%" in maintainers:
is_maintainer = True
break
return is_maintainer