Commit f4512ef2 authored by Rafael Monnerat's avatar Rafael Monnerat

Implement methods for get and modify configuration into zope.conf and

zopectl. This allow portal_introspections modify products folders,
python or zope home during one upgrade.

For this is required the file /etc/erp5.cfg with some allowed folders
definition. This is file can be modified to follow some better name
convension.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@28311 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 7af1610f
...@@ -39,6 +39,8 @@ from Products.ERP5 import _dtmldir ...@@ -39,6 +39,8 @@ from Products.ERP5 import _dtmldir
from Products.ERP5.Tool.LogMixin import LogMixin from Products.ERP5.Tool.LogMixin import LogMixin
from Products.ERP5Type.Utils import _setSuperSecurityManager from Products.ERP5Type.Utils import _setSuperSecurityManager
from App.config import getConfiguration from App.config import getConfiguration
from AccessControl import Unauthorized
from Products.ERP5Type.Cache import CachingMethod
import tarfile import tarfile
_MARKER = [] _MARKER = []
...@@ -196,6 +198,40 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -196,6 +198,40 @@ class IntrospectionTool(LogMixin, BaseTool):
# #
# Instance variable definition access # Instance variable definition access
# #
security.declareProtected(Permissions.ManagePortal, '_loadExternalConfig')
def _loadExternalConfig(self):
"""
Load configuration from one external file, this configuration
should be set for security reasons to prevent people access
forbidden areas in the system.
"""
def cached_loadExternalConfig():
import ConfigParser
config = ConfigParser.ConfigParser()
config.readfp(open('/etc/erp5.cfg'))
return config
cached_loadExternalConfig = CachingMethod(cached_loadExternalConfig,
id='IntrospectionTool__loadExternalConfig',
cache_factory='erp5_content_long')
return cached_loadExternalConfig()
security.declareProtected(Permissions.ManagePortal, '_getZopeConfigurationFile')
def _getZopeConfigurationFile(self, relative_path="", mode="r"):
"""
Get a configuration file from the instance using relative path
"""
if ".." in relative_path or relative_path.startswith("/"):
raise Unauthorized("In Relative Path, you cannot use .. or startwith / for security reason.")
instance_home = getConfiguration().instancehome
file_path = os.path.join(instance_home, relative_path)
if not os.path.exists(file_path):
raise IOError, 'The file: %s does not exist.' % file_path
return open(file_path, mode)
security.declareProtected(Permissions.ManagePortal, 'getSoftwareHome') security.declareProtected(Permissions.ManagePortal, 'getSoftwareHome')
def getSoftwareHome(self): def getSoftwareHome(self):
""" """
...@@ -204,6 +240,7 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -204,6 +240,7 @@ class IntrospectionTool(LogMixin, BaseTool):
Get the value of SOFTWARE_HOME for zopectl startup script Get the value of SOFTWARE_HOME for zopectl startup script
or from zope.conf (whichever is most relevant) or from zope.conf (whichever is most relevant)
""" """
return getConfiguration().softwarehome
security.declareProtected(Permissions.ManagePortal, 'setSoftwareHome') security.declareProtected(Permissions.ManagePortal, 'setSoftwareHome')
def setSoftwareHome(self, path): def setSoftwareHome(self, path):
...@@ -219,6 +256,29 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -219,6 +256,29 @@ class IntrospectionTool(LogMixin, BaseTool):
WARNING: the list of possible path should be protected WARNING: the list of possible path should be protected
if possible (ex. /etc/erp5/software_home) if possible (ex. /etc/erp5/software_home)
""" """
config = self._loadExternalConfig()
allowed_path_list = config.get("main", "zopehome").split("\n")
if path not in allowed_path_list:
raise Unauthorized("You are setting one Unauthorized path as Zope Home.")
config_file = self._getZopeConfigurationFile("bin/zopectl")
new_file_list = []
for line in config_file:
if line.startswith("SOFTWARE_HOME="):
# Only comment the line, so it can easily reverted
new_file_list.append("#%s" % (line))
new_file_list.append('SOFTWARE_HOME="%s"\n' % (path))
else:
new_file_list.append(line)
config_file.close()
# reopen file for write
config_file = self._getZopeConfigurationFile("bin/zopectl", "w")
config_file.write("".join(new_file_list))
config_file.close()
return
security.declareProtected(Permissions.ManagePortal, 'getPythonExecutable') security.declareProtected(Permissions.ManagePortal, 'getPythonExecutable')
def getPythonExecutable(self): def getPythonExecutable(self):
...@@ -226,7 +286,15 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -226,7 +286,15 @@ class IntrospectionTool(LogMixin, BaseTool):
Get the value of PYTHON for zopectl startup script Get the value of PYTHON for zopectl startup script
or from zope.conf (whichever is most relevant) or from zope.conf (whichever is most relevant)
""" """
config_file = self._getZopeConfigurationFile("bin/zopectl")
new_file_list = []
for line in config_file:
if line.startswith("PYTHON="):
return line.replace("PYTHON=","")
# Not possible get configuration from the zopecl
return None
security.declareProtected(Permissions.ManagePortal, 'setPythonExecutable') security.declareProtected(Permissions.ManagePortal, 'setPythonExecutable')
def setPythonExecutable(self, path): def setPythonExecutable(self, path):
""" """
...@@ -238,16 +306,39 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -238,16 +306,39 @@ class IntrospectionTool(LogMixin, BaseTool):
WARNING: the list of possible path should be protected WARNING: the list of possible path should be protected
if possible (ex. /etc/erp5/python) if possible (ex. /etc/erp5/python)
""" """
config = self._loadExternalConfig()
security.declareProtected(Permissions.ManagePortal, 'getProductPath') allowed_path_list = config.get("main", "python").split("\n")
def getProductPath(self):
if path not in allowed_path_list:
raise Unauthorized("You are setting one Unauthorized path as Python.")
config_file = self._getZopeConfigurationFile("bin/zopectl")
new_file_list = []
for line in config_file:
if line.startswith("PYTHON="):
# Only comment the line, so it can easily reverted
new_file_list.append("#%s" % (line))
new_file_list.append('PYTHON="%s"\n' % (path))
else:
new_file_list.append(line)
config_file.close()
# reopen file for write
config_file = self._getZopeConfigurationFile("bin/zopectl", "w")
config_file.write("".join(new_file_list))
config_file.close()
return
security.declareProtected(Permissions.ManagePortal, 'getProductPathList')
def getProductPathList(self):
""" """
Get the value of SOFTWARE_HOME for zopectl startup script Get the value of SOFTWARE_HOME for zopectl startup script
or from zope.conf (whichever is most relevant) or from zope.conf (whichever is most relevant)
""" """
return getConfiguration().products
security.declareProtected(Permissions.ManagePortal, 'setProductPath') security.declareProtected(Permissions.ManagePortal, 'setProductPathList')
def setProductPath(self, path): def setProductPathList(self, path_list):
""" """
Set the value of SOFTWARE_HOME for zopectl startup script Set the value of SOFTWARE_HOME for zopectl startup script
or from zope.conf (whichever is most relevant) or from zope.conf (whichever is most relevant)
...@@ -256,8 +347,32 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -256,8 +347,32 @@ class IntrospectionTool(LogMixin, BaseTool):
on the same system on the same system
WARNING: the list of possible path should be protected WARNING: the list of possible path should be protected
if possible (ex. /etc/erp5/python) if possible (ex. /etc/erp5/product)
""" """
config = self._loadExternalConfig()
allowed_path_list = config.get("main", "products").split("\n")
for path in path_list:
if path not in allowed_path_list:
raise Unauthorized("You are setting one Unauthorized path as Product Path.")
config_file = self._getZopeConfigurationFile("etc/zope.conf")
new_file_list = []
for line in config_file:
new_line = line
if line.strip(" ").startswith("products"):
# Only comment the line, so it can easily reverted
new_line = "#%s" % ( line)
new_file_list.append(new_line)
for path in path_list:
new_file_list.append("products %s\n" % (path))
config_file.close()
# reopen file for write
config_file = self._getZopeConfigurationFile("etc/zope.conf", "w")
config_file.write("".join(new_file_list))
config_file.close()
return
security.declareProtected(Permissions.ManagePortal, 'updateSVNProductList') security.declareProtected(Permissions.ManagePortal, 'updateSVNProductList')
def updateSVNProductList(self, path_list, revision=None): def updateSVNProductList(self, path_list, revision=None):
...@@ -270,12 +385,12 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -270,12 +385,12 @@ class IntrospectionTool(LogMixin, BaseTool):
buildout installer (server level) and build a complex custom buildout installer (server level) and build a complex custom
software home or product home software home or product home
""" """
pass raise NotImplemented
# #
# Library signature # Library signature
# #
# XXX this function can be cached to prevent save disk access.
security.declareProtected(Permissions.ManagePortal, 'getSystemSignatureDict') security.declareProtected(Permissions.ManagePortal, 'getSystemSignatureDict')
def getSystemSignatureDict(self): def getSystemSignatureDict(self):
""" """
...@@ -284,11 +399,25 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -284,11 +399,25 @@ class IntrospectionTool(LogMixin, BaseTool):
{ {
'python': '2.4.3' 'python': '2.4.3'
, 'pysvn': '1.2.3' , 'pysvn': '1.2.3'
}
NOTE: consider using autoconf / automake tools ? NOTE: consider using autoconf / automake tools ?
""" """
def tuple_to_format_str(t):
return '.'.join([str(i) for i in t])
from sys import version_info
# Get only x.x.x numbers.
py_version = tuple_to_format_str(version_info)
try:
import pysvn
# Convert tuple to x.x.x format
pysvn_version = tuple_to_format_str(pysvn.version)
except:
pysvn_version = None
return {
"python" : py_version,
"pysvn" : pysvn_version
}
InitializeClass(IntrospectionTool) InitializeClass(IntrospectionTool)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment