Make it possible to change pool with Pony

Author: miriam-rittenberg

scripts/keytab.py

@@ -4,15 +4,15 @@
 from datetime import datetime, timedelta
 
 KEYTAB_FILE = None
-principle = None
+principal = None
 
 
 def set(name):
     """Tells the keytab module to look for the daemon/NAME.mit.edu
     keytab in ~/Private/NAME.keytab"""
-    global KEYTAB_FILE, principle
+    global KEYTAB_FILE, principal
     KEYTAB_FILE = os.path.expanduser("~/Private/%s.keytab" % name)
-    principle = "daemon/%s.mit.edu" % name
+    principal = "daemon/%s.mit.edu" % name
 
 
 def exists():
@@ -31,5 +31,5 @@ def auth():
             kinit = "/usr/kerberos/bin/kinit"
         else:
             kinit = "/usr/bin/kinit"
-        subprocess.Popen([kinit, principle, "-k", "-t", KEYTAB_FILE]).wait()
+        subprocess.Popen([kinit, principal, "-k", "-t", KEYTAB_FILE]).wait()
         state.got_tickets = now

scriptspony/controllers/root.py

@@ -103,21 +103,24 @@ def index(self, locker=None, sudo=False, **kwargs):
         return dict(hosts=hosts, locker=locker, user_info=user_info, https=https)
 
     @expose("scriptspony.templates.edit")
-    def edit(self, locker, hostname, path=None, token=None, alias="", **kwargs):
+    def edit(self, locker, hostname, pool=None, path=None, token=None, alias="", **kwargs):
         if request.response_ext:
             hostname += request.response_ext
-        if path is not None:
+        if path is not None or pool is not None:
             if token != auth.token():
                 flash("Invalid token!")
             else:
                 try:
-                    vhosts.set_path(locker, hostname, path)
+                    if path is not None:
+                        vhosts.set_path(locker, hostname, path)
+                    if pool is not None:
+                        vhosts.set_pool(locker, hostname, pool)
                 except vhosts.UserError as e:
                     flash(e.message)
                 else:
                     flash("Host '%s' reconfigured." % hostname)
                     redirect("/index/" + locker)
-            _, aliases = vhosts.get_vhost_info(locker, hostname)
+            _, aliases, pool = vhosts.get_vhost_info(locker, hostname)
         else:
             if alias:
                 if token != auth.token():
@@ -131,12 +134,14 @@ def edit(self, locker, hostname, path=None, token=None, alias="", **kwargs):
                         flash("Alias '%s' added to hostname '%s'." % (alias, hostname))
                         redirect("/index/" + locker)
             try:
-                path, aliases = vhosts.get_vhost_info(locker, hostname)
+                path, aliases, pool = vhosts.get_vhost_info(locker, hostname)
             except vhosts.UserError as e:
                 flash(e.message)
                 redirect("/index/" + locker)
+        pools = vhosts.list_pools()
+        pool = pools.get(pool, pool)
         return dict(
-            locker=locker, hostname=hostname, path=path, aliases=aliases, alias=alias
+            locker=locker, hostname=hostname, pool=pool, pools=pools, path=path, aliases=aliases, alias=alias
         )
 
     @expose("scriptspony.templates.delete")
@@ -154,10 +159,10 @@ def delete(self, locker, hostname, confirm=False, token=None, **kwargs):
                 else:
                     flash("Host '%s' deleted." % hostname)
                     redirect("/index/" + locker)
-            _, aliases = vhosts.get_vhost_info(locker, hostname)
+            _, aliases, _ = vhosts.get_vhost_info(locker, hostname)
         else:
             try:
-                path, aliases = vhosts.get_vhost_info(locker, hostname)
+                path, aliases, _ = vhosts.get_vhost_info(locker, hostname)
             except vhosts.UserError as e:
                 flash(e.message)
                 redirect("/index/" + locker)

scriptspony/templates/edit.mak

@@ -11,8 +11,15 @@ from scripts.auth import token
     <li>Hostname: ${hostname}</li>
     <li>Locker: ${locker}</li>
     <li>Path: /mit/${locker}/web_scripts/<input type="text" name="path" value="${path}" /></li>
+    <li>Server Pool: ${pool} <select name="pool">
+    <option value="unchanged">Unchanged</option>
+    <option value="default">Default</option>
+    %for ip, description in pools.items():
+    <option value="${ip}">${description}</option>
+    %endfor
+    </select></li>
   </ul>
-  <button class="btn"><span class="fa fa-save"></span> Save Path</button>
+  <button class="btn"><span class="fa fa-save"></span>Save Changes</button>
   %if hostname.lower().endswith('.'+locker+'.scripts.mit.edu') or not hostname.lower().endswith('.mit.edu'):
     <a class="btn btn-danger" href="${tg.url('/delete/'+locker+'/'+hostname)}"><span class="fa fa-times-circle"></span> Delete</a>
   %endif

scriptspony/templates/index.mak

@@ -10,7 +10,7 @@ from scripts import auth
   <p>
     <table border="1">
       <tr><th>Hostname</th><th>Path</th><th>Fedora Pool</th><th>Edit</th></tr>
-      %for host,aliases,path,ipv4 in hosts:
+      %for host,aliases,path,pool in hosts:
         <tr>
           <td>
 	  <a href="http://${host}">${host}</a>
@@ -22,7 +22,7 @@ from scripts import auth
 	    <small>/mit/${locker}/web_scripts/</small>${path}
 	  </td>
 	  <td>
-	  <big>${ipv4}</big>
+	  <big>${pool}</big>
 	  </td>
           %if host not in (locker+'.scripts.mit.edu',):
             <td class="nbr">

scriptspony/vhosts.py

@@ -113,12 +113,13 @@ def get_vhost_info(locker, hostname):
             "(&(objectClass=scriptsVhost)(scriptsVhostAccount=uid=%s,ou=People,dc=scripts,dc=mit,dc=edu)(scriptsVhostName=%s))",
             [locker, hostname],
         ),
-        ["scriptsVhostDirectory", "scriptsVhostAlias"],
+        ["scriptsVhostDirectory", "scriptsVhostAlias", "scriptsVhostPoolIPv4"],
     )
     try:
         return (
             res[0][1]["scriptsVhostDirectory"][0],
             res[0][1].get("scriptsVhostAlias", []),
+            res[0][1]["scriptsVhostPoolIPv4"][0]
         )
     except IndexError:
         raise UserError(
@@ -150,6 +151,29 @@ def set_path(locker, vhost, path):
     #       doesn't exist
     # TODO: also check for index files or .htaccess and warn if none are there
 
+@sensitive
+@log.exceptions
+@reconnecting
+def set_pool(locker, vhost, pool):
+    """Sets the pool of an existing vhost owned by the locker."""
+    if vhost == locker + ".scripts.mit.edu":
+        raise UserError("You cannot reconfigure " + vhost + "!")
+    locker = locker.encode("utf-8")
+    pool = pool.encode("utf-8")
+    scriptsVhostName = get_vhost_name(locker, vhost)
+    if pool == "unchanged":
+        pass
+    elif pool == "default":
+        conn.modify_s(scriptsVhostName, [(ldap.MOD_DELETE, "scriptsVhostPoolIPv4", None)])
+    else:
+        conn.modify_s(
+            scriptsVhostName, [(ldap.MOD_REPLACE, "scriptsVhostPoolIPv4", [pool])]
+        )
+
+    log.info(
+        "%s set pool for vhost '%s' (locker '%s') to '%s'."
+        % (current_user(), vhost, locker, pool)
+    )
 
 @sensitive
 @log.exceptions