diff options
Diffstat (limited to 'cobbler/modules/authz_configfile.py')
-rw-r--r-- | cobbler/modules/authz_configfile.py | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/cobbler/modules/authz_configfile.py b/cobbler/modules/authz_configfile.py new file mode 100644 index 0000000..c183721 --- /dev/null +++ b/cobbler/modules/authz_configfile.py @@ -0,0 +1,64 @@ +""" +Authorization module that allow users listed in +/etc/cobbler/users.conf to be permitted to access resources. +For instance, when using authz_ldap, you want to use authn_configfile, +not authz_allowall, which will most likely NOT do what you want. + +This software may be freely redistributed under the terms of the GNU +general public license. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +""" + +import distutils.sysconfig +import ConfigParser +import sys +import os +from rhpl.translate import _, N_, textdomain, utf8 + +plib = distutils.sysconfig.get_python_lib() +mod_path="%s/cobbler" % plib +sys.path.insert(0, mod_path) + +import cexceptions +import utils + +CONFIG_FILE='/etc/cobbler/users.conf' + +def register(): + """ + The mandatory cobbler module registration hook. + """ + return "authz" + +def __parse_config(): + if not os.path.exists(CONFIG_FILE): + return [] + config = ConfigParser.SafeConfigParser() + config.read(CONFIG_FILE) + alldata = {} + groups = config.sections() + for g in groups: + alldata[str(g)] = {} + opts = config.options(g) + for o in opts: + alldata[g][o] = 1 + return alldata + + +def authorize(api_handle,user,resource,arg1=None,arg2=None): + """ + Validate a user against a resource. + All users in the file are permitted by this module. + """ + + data = __parse_config() + for g in data: + if user in data[g]: + return 1 + return 0 + +if __name__ == "__main__": + print __parse_config() |