Merge branch 'release/0.2.0' into production

* release/0.2.0:
  set version number, make sure bug fixes are included
  restrict permissions of mailbox base directories to be read only
  add new mailbox handling tasks
  move celery routers to gvacommon
  initial version
  sftp directories are now owned by root instead of user
This commit is contained in:
Jan Dittberner 2014-12-27 15:30:49 +01:00
commit 99adf6ffaf
7 changed files with 95 additions and 26 deletions

View file

@ -1,6 +1,15 @@
Changelog
=========
* :release:`0.2.0 <2014-12-27>`
* :support:`-` restrict permissions of mailbox base directories to be read only
* :feature:`-` add new mailbox handling tasks
:py:func:`osusers.tasks.create_file_mailbox` and
:py:func:`osusers.tasks.delete_file_mailbox`
* :support:`-` move celery routers into gvacommon that is in it's own
repository to be used by others (gva, gvaldap)
* :bug:`- major` sftp directories are now owned by root instead of user
* :release:`0.1.0 <2014-12-26>`
* :support:`-` configure celery task serialization, add routing for ldap tasks

View file

@ -62,9 +62,9 @@ copyright = u'2014, Jan Dittberner'
# built documents.
#
# The short X.Y version.
version = '0.1.0'
version = '0.2.0'
# The full version, including alpha/beta/rc tags.
release = '0.1.0'
release = '0.2.0'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.

2
gvafile/gvacommon/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
.*.swp
*.pyc

View file

View file

@ -0,0 +1,24 @@
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
class LdapRouter(object):
def route_for_task(self, task, args=None, kwargs=None):
if 'ldap' in task:
return {'exchange': 'ldap',
'exchange_type': 'direct',
'queue': 'ldap'}
return None
class FileRouter(object):
def route_for_task(self, task, args=None, kwargs=None):
if 'file' in task:
return {'exchange': 'file',
'exchange_type': 'direct',
'queue': 'file'}
return None

View file

@ -283,8 +283,8 @@ CELERY_RESULT_BACKEND = 'amqp'
CELERY_RESULT_PERSISTENT = True
CELERY_TASK_RESULT_EXPIRES = None
CELERY_ROUTES = (
'osusers.tasks.LdapRouter',
'osusers.tasks.FileRouter',
'gvacommon.celeryrouters.LdapRouter',
'gvacommon.celeryrouters.FileRouter',
)
CELERY_ACCEPT_CONTENT = ['pickle', 'yaml', 'json']
CELERY_TASK_SERIALIZER = 'json'

View file

@ -25,26 +25,6 @@ SETFACL_CMD = '/usr/bin/setfacl'
RM_CMD = '/bin/rm'
class LdapRouter(object):
def route_for_task(self, task, args=None, kwargs=None):
if 'ldap' in task:
return {'exchange': 'ldap',
'exchange_type': 'direct',
'queue': 'ldap'}
return None
class FileRouter(object):
def route_for_task(self, task, args=None, kwargs=None):
if 'file' in task:
return {'exchange': 'file',
'exchange_type': 'direct',
'queue': 'file'}
return None
def _build_sftp_directory_name(username):
"""
Constructs the SFTP directory name for a given username.
@ -76,7 +56,7 @@ def setup_file_sftp_userdir(username):
sftp_directory = _build_sftp_directory_name(username)
try:
subprocess.check_output([
SUDO_CMD, INSTALL_CMD, '-o', username, '-g', username,
SUDO_CMD, INSTALL_CMD, '-o', 'root', '-g', username,
'-m', '0750', '-d', sftp_directory], stderr=subprocess.STDOUT)
subprocess.check_output([
SUDO_CMD, SETFACL_CMD, '-m', 'www-data:--x',
@ -131,7 +111,7 @@ def setup_file_mail_userdir(username):
try:
subprocess.check_output([
SUDO_CMD, INSTALL_CMD, '-o', username, '-g', username,
'-m', '0750', '-d', mail_directory], stderr=subprocess.STDOUT)
'-m', '0500', '-d', mail_directory], stderr=subprocess.STDOUT)
except subprocess.CalledProcessError:
_logger.exception(
'could not create mail base directory for user %s', username)
@ -163,3 +143,57 @@ def delete_file_mail_userdir(username):
raise GVAFileException(
"could not remove mail base directory of user %s" % username)
return mail_directory
@shared_task
def create_file_mailbox(username, mailboxname):
"""
This task creates a new mailbox directory for the given user and mailbox
name.
:param str username: the user name
:param str mailboxname: the mailbox name
:raises GVAFileException: if the mailbox directory cannot be created
:return: the created mailbox directory name
:rtype: str
"""
mailbox_directory = os.path.join(
_build_mail_directory_name(username), mailboxname)
try:
subprocess.check_output([
SUDO_CMD, INSTALL_CMD, '-o', username, '-g', username,
'-m', '0700', '-d', mailbox_directory], stderr=subprocess.STDOUT)
except subprocess.CalledProcessError:
_logger.exception(
'could not create mailbox %s for user %s', mailboxname, username)
raise GVAFileException(
"could not create mailbox %s for user %s" % (mailboxname, username)
)
return mailbox_directory
@shared_task
def delete_file_mailbox(username, mailboxname):
"""
This task deletes the given mailbox of the given user.
:param str username: the user name
:param str mailboxname: the mailbox name
:raises GVAFileException: if the mailbox directory cannot be deleted
:return: the deleted mailbox directory name
:rtype: str
"""
mailbox_directory = os.path.join(
_build_mail_directory_name(username), mailboxname)
try:
subprocess.check_output([
SUDO_CMD, RM_CMD, '-r', '-f', mailbox_directory],
stderr=subprocess.STDOUT)
except subprocess.CalledProcessError:
_logger.exception(
'could not remove mailbox %s of user %s', mailboxname, username)
raise GVAFileException(
"could not remove mailbox %s of user %s" % (mailboxname, username))
return mailbox_directory