%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/auth/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/auth/django.pyc

�
���^c@@s�dZddlmZmZmZddlZddlZddlZddlm	Z	y&ddl
Z
ddlmZe
ZWnek
r�ZeZnXdaeje�ZdZd�Zd�Zd	�Zd
�Zd�ZdS(u�
Provide authentication using Django Web Framework

:depends:   - Django Web Framework

Django authentication depends on the presence of the django framework in the
``PYTHONPATH``, the Django project's ``settings.py`` file being in the
``PYTHONPATH`` and accessible via the ``DJANGO_SETTINGS_MODULE`` environment
variable.

Django auth can be defined like any other eauth module:

.. code-block:: yaml

    external_auth:
      django:
        fred:
          - .*
          - '@runner'

This will authenticate Fred via Django and allow him to run any execution
module and all runners.

The authorization details can optionally be located inside the Django database.
The relevant entry in the ``models.py`` file would look like this:

.. code-block:: python

    class SaltExternalAuthModel(models.Model):
        user_fk = models.ForeignKey(User, on_delete=models.CASCADE)
        minion_or_fn_matcher = models.CharField(max_length=255)
        minion_fn = models.CharField(max_length=255)

The :conf_master:`external_auth` clause in the master config would then look
like this:

.. code-block:: yaml

    external_auth:
      django:
        ^model: <fully-qualified reference to model class>

When a user attempts to authenticate via Django, Salt will import the package
indicated via the keyword ``^model``.  That model must have the fields
indicated above, though the model DOES NOT have to be named
'SaltExternalAuthModel'.
i(tabsolute_importtprint_functiontunicode_literalsN(tsix(t
connectionudjangocC@str
tStS(N(t
HAS_DJANGOt__virtualname__tFalse(((s4/usr/lib/python2.7/site-packages/salt/auth/django.pyt__virtual__NscC@s.ytjj�Wntk
r%tSXtSdS(N(Rtpingt	ExceptionRtTrue(((s4/usr/lib/python2.7/site-packages/salt/auth/django.pytis_connection_usableTs

cC@s�tjdkrtj�ntdk	r,dSdtddkr�tddd}|jd�d}dj|jd�d	d!�}t|t	�t
�d
�}dj|�}t|�andS(
uG
    Prepare the connection to the Django authentication framework
    iiNu^modelu
external_authudjangou.i����iuSaltExternalAuthModeludjango_auth_module.{0}(ii(
tdjangotVERSIONtsetuptDJANGO_AUTH_CLASStNonet__opts__tsplittjoint
__import__tglobalstlocalstformatteval(tdjango_model_fullnametdjango_model_nametdjango_module_nametdjango_auth_moduletDJANGO_AUTH_CLASS_str((s4/usr/lib/python2.7/site-packages/salt/auth/django.pyt__django_auth_setup]s
cC@s�td}|tjkr,tjj|�ntjjdtd�t�t�s`t	j
�nddl}|jj
jd|d|�}|dk	r�|jr�tjd�tStjd	�n
tjd
�tS(u
    Simple Django auth
    udjango_auth_pathuDJANGO_SETTINGS_MODULEudjango_auth_settingsiNtusernametpasswordu Django authentication successfuluIDjango authentication: the password is valid but the account is disabled.uDjango authentication failed.(Rtsystpathtappendtostenviront
setdefaultRRRtclosetdjango.contrib.authtcontribtauthtauthenticateRt	is_activetlogtdebugRR(R R!tdjango_auth_pathR
tuser((s4/usr/lib/python2.7/site-packages/salt/auth/django.pyR+ws 
	
	

cC@s�t�|dkr%tjj�}ntjjd|�}i}x8|D]0}|jj|krrg||jj<n|jr�|j	r�||jjj
|j	�qG|jr�|j	r�||jjj
|j�qGt}xl||jjD]Z}t|t
�r�|jtj|�krC||jj|jj
|j	�t}qCq�q�W|sG||jjj
i|j	g|j6�qGqGWtjd|�|S(u�

    :param username: Username to filter for
    :return: Dictionary that can be slotted into the ``__opts__`` structure for
        eauth that designates the user associated ACL

    Database records such as:

    ===========  ====================     =========
    username     minion_or_fn_matcher     minion_fn
    ===========  ====================     =========
    fred                                  test.ping
    fred         server1                  network.interfaces
    fred         server1                  raid.list
    fred         server2                  .*
    guru         .*
    smartadmin   server1                  .*
    ===========  ====================     =========

    Should result in an eauth config such as:

    .. code-block:: yaml

        fred:
          - test.ping
          - server1:
              - network.interfaces
              - raid.list
          - server2:
              - .*
        guru:
          - .*
        smartadmin:
          - server1:
            - .*

    tuser_fk__usernameudjango auth_dict is %sN(RRRtobjectstalltfiltertuser_fkR tminion_or_fn_matchert	minion_fnR$Rt
isinstancetdictRtiterkeysRR.R/(R t
db_recordst	auth_dicttatfoundtd((s4/usr/lib/python2.7/site-packages/salt/auth/django.pytacl�s,&
!.(t__doc__t
__future__RRRtloggingR%R"tsalt.extRR
t	django.dbRRRR
texcRRRt	getLoggert__name__R.RRRRR+RA(((s4/usr/lib/python2.7/site-packages/salt/auth/django.pyt<module>0s&

					

Zerion Mini Shell 1.0