From 6c49d8034f6df531ca7825bf43c26f7c2297615e Mon Sep 17 00:00:00 2001
From: Michael DeHaan <mdehaan@mdehaan.rdu.redhat.com>
Date: Mon, 10 Sep 2007 17:27:24 -0400
Subject: Allow for configuration for RW xmlrpc users in
 /etc/cobbler/auth.conf.

---
 CHANGELOG           |  1 +
 MANIFEST.in         |  1 +
 cobbler.spec        |  2 ++
 cobbler/cobblerd.py |  1 +
 cobbler/remote.py   | 25 +++++++++++++++++++++----
 setup.py            |  1 +
 6 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 48f2920..1f9a4c3 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -13,6 +13,7 @@ Cobbler CHANGELOG
 - added --dhcp-tag section for better DHCP customization (esp with multiple subnets)
 - added Apache proxying around XMLRPC port for wider network access
 - refactor XMLRPC API and provide for a read-write API
+- allow for configuring of read-write XMLRPC users in /etc/cobbler/auth.conf
  
 * Thu Aug 30 2007 - 0.6.1
 - re enable --resolve in yumdownloader (cobbler repo mgmt feature)
diff --git a/MANIFEST.in b/MANIFEST.in
index c549f91..38dabf4 100644
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -7,6 +7,7 @@ include config/cobblerd
 include config/cobblerd_rotate
 include config/cobbler_hosts
 include config/modules.conf
+include config/auth.conf
 recursive-include templates *.template
 recursive-include kickstarts *.ks
 include docs/cobbler.1.gz
diff --git a/cobbler.spec b/cobbler.spec
index 822e702..9db884a 100644
--- a/cobbler.spec
+++ b/cobbler.spec
@@ -137,6 +137,8 @@ test "x$RPM_BUILD_ROOT" != "x" && rm -rf $RPM_BUILD_ROOT
 %config(noreplace) /var/lib/cobbler/snippets/partition_select
 /var/lib/cobbler/elilo-3.6-ia64.efi
 /var/lib/cobbler/menu.c32
+%defattr(2660,root,root)
+%config(noreplace) /etc/cobbler/auth.conf 
 %defattr(2755,root,root)
 %config(noreplace) /var/lib/cobbler/cobbler_hosts
 %defattr(-,root,root)
diff --git a/cobbler/cobblerd.py b/cobbler/cobblerd.py
index 74570dc..d69cc57 100644
--- a/cobbler/cobblerd.py
+++ b/cobbler/cobblerd.py
@@ -25,6 +25,7 @@ import utils
 import sub_process
 import remote
 
+
 def main():
    core(logger=None)
 
diff --git a/cobbler/remote.py b/cobbler/remote.py
index 7fb73a3..ea11506 100644
--- a/cobbler/remote.py
+++ b/cobbler/remote.py
@@ -23,6 +23,7 @@ from rhpl.translate import _, N_, textdomain, utf8
 import xmlrpclib
 import logging
 import base64
+import ConfigParser
 
 import api as cobbler_api
 import yaml # Howell Clark version
@@ -30,6 +31,14 @@ import utils
 from cexceptions import *
 import sub_process
 
+config_parser = ConfigParser.ConfigParser()
+auth_conf = open("/etc/cobbler/auth.conf")
+config_parser.readfp(auth_conf)
+auth_conf.close()
+
+user_database = config_parser.items("xmlrpc_service_users")
+
+
 # FIXME: make configurable?
 TOKEN_TIMEOUT = 60*60 # 60 minutes
 
@@ -281,10 +290,15 @@ class CobblerReadWriteXMLRPCInterface:
         Returns whether this user/pass combo should be given
         access to the cobbler read-write API.
 
-        FIXME: always returns True, implement this.
+        FIXME: currently looks for users in /etc/cobbler/auth.conf
+        Would be very nice to allow for PAM and/or just Kerberos.
         """
-        if user == "exampleuser":
-            return True
+        for x in user_database:
+            (db_user,db_password) = x
+            db_user     = db_user.strip()
+            db_password = db_password.strip()
+            if db_user == user and db_password == password and db_password.lower() != "disabled":
+                return True
         else:
             return False
 
@@ -334,6 +348,9 @@ class CobblerReadWriteXMLRPCServer(SimpleXMLRPCServer.SimpleXMLRPCServer):
 
 if __name__ == "__main__":
 
+    testuser = "mdehaan"
+    testpass = "llamas2007"
+
     logger = logging.getLogger("cobbler.cobblerd")
     logger.setLevel(logging.DEBUG)
     ch = logging.FileHandler("/var/log/cobbler/cobblerd.log")
@@ -344,7 +361,7 @@ if __name__ == "__main__":
     api = cobbler_api.BootAPI()
 
     remote = CobblerReadWriteXMLRPCInterface(api,logger)
-    token = remote.login("exampleuser","examplepass")
+    token = remote.login(testuser,testpass)
     print token
     rc = remote.test(token)
     print "test result: %s" % rc
diff --git a/setup.py b/setup.py
index e095d93..c99ccfc 100644
--- a/setup.py
+++ b/setup.py
@@ -68,6 +68,7 @@ if __name__ == "__main__":
 				(etcpath,  ['templates/pxesystem_ia64.template']),
 				(etcpath,  ['templates/pxeprofile.template']),
                                 (etcpath,  ['config/modules.conf']),
+                                (etcpath,  ['config/auth.conf']),
                                 (snippets, ['snippets/partition_select']),
                                 (manpath,  ['docs/cobbler.1.gz']),
                                 (etcpath,  ['config/rsync.exclude']),
-- 
cgit