Merge pull request #159 from pdmars/delete_root_fix

added an ignore users option, e.g. prevents such users from being...
2012-07-10 09:47:53 -07:00 · 2012-07-10 09:47:53 -07:00 · 209a97829c
commit 209a97829c
parent 63bfd8fad4 6333c7e9b7
4 changed files with 33 additions and 4 deletions
--- a/etc/reddwarf/reddwarf.conf.sample
+++ b/etc/reddwarf/reddwarf.conf.sample
@ -62,6 +62,9 @@ taskmanager_queue = taskmanager
 # Auth
 admin_roles = [admin]

+# Users to ignore for user create/list/delete operations
+ignore_users = [os_admin]
+
 # Guest related conf
 agent_heartbeat_time = 10
 agent_call_low_timeout = 5
--- a/etc/reddwarf/reddwarf.conf.test
+++ b/etc/reddwarf/reddwarf.conf.test
@ -68,6 +68,9 @@ volume_time_out=30
 # Auth
 admin_roles = [admin]

+# Users to ignore for user create/list/delete operations
+ignore_users = [os_admin]
+
 # Guest related conf
 agent_heartbeat_time = 10
 agent_call_low_timeout = 5
--- a/reddwarf/extensions/mysql/models.py
+++ b/reddwarf/extensions/mysql/models.py
@ -84,13 +84,23 @@ class Root(object):
    @classmethod
    def load(cls, context, instance_id):
        load_and_verify(context, instance_id)
-        return create_guest_client(context, instance_id).is_root_enabled()
+        # TODO(pdmars): remove the is_root_enabled call from the guest agent,
+        # just check the database for this information.
+        # If the root history returns null or raises an exception, the root
+        # user hasn't been enabled.
+        try:
+            root_history = RootHistory.load(context, instance_id)
+        except exception.NotFound:
+            return False
+        if not root_history:
+            return False
+        return True

    @classmethod
    def create(cls, context, instance_id, user):
        load_and_verify(context, instance_id)
        root = create_guest_client(context, instance_id).enable_root()
-        root_user = guest_models.MySQLUser()
+        root_user = guest_models.RootUser()
        root_user.deserialize(root)
        root_history = RootHistory.create(context, instance_id, user)
        return root_user
--- a/reddwarf/guestagent/db/models.py
+++ b/reddwarf/guestagent/db/models.py
@ -18,6 +18,8 @@
 import re
 import string

+from reddwarf.common import config
+

 class Base(object):
    def serialize(self):
@ -334,6 +336,7 @@ class MySQLUser(Base):
    """Represents a MySQL User and its associated properties"""

    not_supported_chars = re.compile("^\s|\s$|'|\"|;|`|,|/|\\\\")
+    _ignore_users = config.Config.get("ignore_users", [])

    def __init__(self):
        self._name = None
@ -341,8 +344,12 @@ class MySQLUser(Base):
        self._databases = []

    def _check_valid(self, value):
-        if not value or self.not_supported_chars.search(value) or \
-                                string.find("%r" % value, "\\") != -1:
+        # User names are not valid if they contain unsupported characters, or
+        # are in the ignore_users list.
+        if (not value or
+            self.not_supported_chars.search(value) or
+            string.find("%r" % value, "\\") != -1 or
+            value.lower() in self._ignore_users):
            return False
        else:
            return True
@ -381,3 +388,9 @@ class MySQLUser(Base):
        mydb = MySQLDatabase()
        mydb.name = value
        self._databases.append(mydb.serialize())
+
+
+class RootUser(MySQLUser):
+    """Overrides _ignore_users from the MySQLUser class."""
+
+    _ignore_users = []