187 lines
6.6 KiB
Python
Executable file
187 lines
6.6 KiB
Python
Executable file
import os
|
|
|
|
@app.route("/roles")
|
|
@login_required
|
|
def roles():
|
|
env = "prod"
|
|
host = os.uname()[1]
|
|
roles = client.run("pillar.items",client="local", tgt=host)[host]["roles"]
|
|
print(roles)
|
|
#add servers that have each role
|
|
dname = "/srv/salt/" + env + "/pillars/servers/roles/server/"
|
|
for role in roles:
|
|
roles[role]["servers"]=[]
|
|
for fname in os.listdir(dname):
|
|
f = open(dname+fname,"r")
|
|
lines = f.readlines()
|
|
f.close()
|
|
sname = os.path.splitext(fname)[0]
|
|
print(sname)
|
|
for line in lines:
|
|
role = line.replace("-","").replace("\n","").strip()
|
|
if role != "roles:" and role != "grains:":
|
|
roles[role]["servers"].append(sname)
|
|
print(roles)
|
|
|
|
usr = session.get('username')
|
|
from subprocess import check_output
|
|
grpstr = check_output(["groups", usr])
|
|
groups = grpstr.split(" : ")[1].split()
|
|
maintainers = [usr]
|
|
for grp in groups:
|
|
maintainers.append("%"+grp+"%")
|
|
print(maintainers)
|
|
return render_template('roles.html', roles=roles, mnts=maintainers)
|
|
|
|
@app.route("/role_add/<role>")
|
|
@login_required
|
|
def role_add(role):
|
|
env = "prod"
|
|
#we need to create a file at pillars/maintainer/roles/[role].sls for this page. it should have the current user as initial maintainer
|
|
#Only do if file doesn't already exist
|
|
fname = "/srv/salt/" + env + "/pillars/roles/maintainer/" + role + ".sls"
|
|
if not (os.path.exists(fname)):
|
|
f = open(fname,"w")
|
|
f.write("roles:\n")
|
|
f.write(" "+role+":\n")
|
|
f.write(" maintainer:\n")
|
|
user = session.get('username')
|
|
f.write(" - "+user+"\n")
|
|
f.close()
|
|
#We need to add role to pillars/maintainer/roles/init.sls
|
|
fname = "/srv/salt/" + env + "/pillars/roles/maintainer/init.sls"
|
|
if (os.path.exists(fname)):
|
|
f = open(fname,"a")
|
|
f.write(" - roles.maintainer." + role + "\n")
|
|
f.close()
|
|
return redirect("/roles",302)
|
|
|
|
@app.route("/role_del/<role>")
|
|
@login_required
|
|
def role_del(role):
|
|
if is_role_maintainer(role):
|
|
env = "prod"
|
|
#We need to remove role from pillars/maintainer/roles/init.sls
|
|
fname = "/srv/salt/" + env + "/pillars/roles/maintainer/init.sls"
|
|
if (os.path.exists(fname)):
|
|
f = open(fname,"r")
|
|
lines = f.readlines()
|
|
f.close()
|
|
f = open(fname,"w")
|
|
for line in lines:
|
|
if line != " - roles.maintainer." + role + "\n":
|
|
f.write(line)
|
|
f.close()
|
|
#we need to remove maintainer file for the role if it exists
|
|
fname = "/srv/salt/" + env + "/pillars/roles/maintainer/" + role + ".sls"
|
|
if (os.path.exists(fname)):
|
|
os.remove(fname)
|
|
#We need to remove references to the role next
|
|
dname = "/srv/salt/" + env + "/pillars/servers/roles/server/"
|
|
for fname in os.listdir(dname):
|
|
f = open(dname+fname,"r")
|
|
lines = f.readlines()
|
|
f.close()
|
|
f = open(dname+fname,"w")
|
|
for line in lines:
|
|
if line != " - " + role + "\n":
|
|
f.write(line)
|
|
f.close()
|
|
return redirect("/roles",302)
|
|
|
|
@app.route("/role/<role>")
|
|
@login_required
|
|
def role_display(role):
|
|
#build json object
|
|
env = "prod"
|
|
rjson = {}
|
|
dname = "/srv/salt/" + env + "/pillars/roles/"
|
|
for folder in os.listdir(dname):
|
|
print(folder)
|
|
if os.path.isdir(dname + folder):
|
|
#grab matching file
|
|
fname = dname + folder + "/" + role + ".sls"
|
|
rjson[folder]=[]
|
|
if os.path.exists(fname):
|
|
f = open(fname,"r")
|
|
lines = f.readlines()
|
|
f.close()
|
|
for line in lines:
|
|
#add maintainers
|
|
if folder == "maintainer":
|
|
item = line.replace("-","").replace("\n","").strip()
|
|
if item != "roles:" and item != role+":" and item != "maintainer:":
|
|
rjson[folder].append(item)
|
|
else:
|
|
#add everything else
|
|
line=line.rstrip()
|
|
rjson[folder].append(line)
|
|
dname = "/srv/salt/" + env + "/pillars/servers/roles/server/"
|
|
rjson["servers"]=[]
|
|
for fname in os.listdir(dname):
|
|
f = open(dname+fname,"r")
|
|
lines = f.readlines()
|
|
f.close()
|
|
sname = os.path.splitext(fname)[0]
|
|
print(sname)
|
|
for line in lines:
|
|
thisrole = line.replace("-","").replace("\n","").strip()
|
|
if role == thisrole:
|
|
rjson["servers"].append(sname)
|
|
rjson["name"] = role
|
|
print(rjson)
|
|
return render_template('role_display.html', rjson=rjson, is_mnt=is_role_maintainer(rjson["name"]))
|
|
|
|
@app.route("/role_add_server/<role>/<server>")
|
|
@login_required
|
|
def role_add_server(role, server):
|
|
if is_server_maintainer(server):
|
|
env = "prod"
|
|
#We need to add role to pillars/servers/roles/server/<server>.sls
|
|
fname = "/srv/salt/" + env + "/pillars/servers/roles/server/" + server + ".sls"
|
|
print(fname)
|
|
print(server)
|
|
print(role)
|
|
if (os.path.exists(fname)):
|
|
f = open(fname,"a")
|
|
f.write(" - " + role + "\n")
|
|
f.close()
|
|
return redirect("/role/" + role,302)
|
|
|
|
@app.route("/role_rem_server/<role>/<server>")
|
|
@login_required
|
|
def role_rem_server(role, server):
|
|
if is_server_maintainer(server):
|
|
env = "prod"
|
|
#We need to remove role from pillars/servers/roles/server/<server>.sls
|
|
fname = "/srv/salt/" + env + "/pillars/servers/roles/server/" + server + ".sls"
|
|
print(fname)
|
|
print(server)
|
|
print(role)
|
|
if (os.path.exists(fname)):
|
|
f = open(fname,"r")
|
|
lines = f.readlines()
|
|
f.close()
|
|
f = open(fname,"w")
|
|
for line in lines:
|
|
if line != " - " + role + "\n":
|
|
f.write(line)
|
|
f.close()
|
|
return redirect("/role/" + role,302)
|
|
|
|
def is_role_maintainer(role):
|
|
host = os.uname()[1]
|
|
maintainers = client.run("pillar.items",client="local", tgt=host)[host]["roles"][role]["maintainer"]
|
|
usr = session.get('username')
|
|
from subprocess import check_output
|
|
grpstr = check_output(["groups", usr])
|
|
groups = grpstr.split(" : ")[1].split()
|
|
is_maintainer = False
|
|
if usr in maintainers:
|
|
is_maintainer = True
|
|
else:
|
|
for grp in groups:
|
|
if "%"+grp+"%" in maintainers:
|
|
is_maintainer = True
|
|
break
|
|
return is_maintainer
|