Context Navigation

source: trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Task/Unusedhosts.pm @ 2014

Visit:

Last change on this file since 2014 was 2014, checked in by nanardon, 7 years ago
Add Unusedhosts module, disable host when user is expired or unexported
Property svn:executable set to ``*
File size: 7.5 KB

Line
1	package LATMOS::Accounts::Task::Unusedhosts;
2
3	use strict;
4	use warnings;
5	use base qw(LATMOS::Accounts::Task);
6	use LATMOS::Accounts;
7	use LATMOS::Accounts::Log;
8	use LATMOS::Accounts::Utils;
9	use DateTime;
10
11	=head1 NAME
12
13	LATMOS::Accounts::Task::Unusedhosts - Disable host owned by inactive users
14
15	=head1 DESCRIPTION
16
17	This module disable nethost when owned by an expired or disabled user account, removing it from network
18
19	=head1 PARAMETER
20
21	=head2 netzone
22
23	The C<netzone> object containing concerned hosts
24
25	=head2 filter
26
27	A filter limiting host search.
28
29	=head2 disableMode
30
31	The rules to disable hosts:
32
33	=over 4
34
35	=item C<owner>: C<owner> is set and is inactive
36
37	=item C<user>: C<user> is set and is inactive
38
39	=item C<both>: C<owner> or C<user> (if set) is inactive
40
41	=item C<effective> (default): If C<user> is set and is inactive otherwise if
42	C<owner> is inactive
43
44	=back
45
46	=head2 test
47
48	If set only log are emitted but changes are not done and mail not really sent
49
50	=cut
51
52	# Run every 2 hours
53	sub runDelay { 2 * 60 * 60 }
54
55	# Wait 30 minutes
56	sub waitDelay { 30 * 60 }
57
58	sub init {
59	my ($self) = @_;
60	my $LA = LATMOS::Accounts->new($self->{config}, noacl => 1);
61	my $labase = $self->{base} ? $LA->base($self->{base}) : $LA->base;
62	$labase && $labase->load or die "Cannot load base";
63
64	$self->{_la} = $LA;
65	$self->{_base} = $labase;
66
67	1;
68	}
69
70	sub run {
71	my ($self) = @_;
72
73	$self->_enable;
74
75	$self->_disable;
76
77	1;
78	}
79
80	sub _filters {
81	my ($self) = @_;
82
83	my $filteredHosts;
84
85	if (my @cfilters = $self->{syncm}->ini->val($self->{name}, 'filter')) {
86	foreach ($self->{_base}->search_objects('nethost', @cfilters)) {
87	$filteredHosts->{$_} = 1;
88	}
89	}
90
91	my %hosts;
92
93	if (my @zones = $self->{syncm}->ini->val($self->{name}, 'netzone')) {
94
95	my @filters;
96
97	foreach my $zone (@zones) {
98	la_log(LA_DEBUG, "Limiting affected host to zone %s", $zone);
99	my $oZone = $self->{_base}->get_object('netzone', $zone) or do {
100	la_log(LA_ERR, "Cannot get zone $zone named in config");
101	return;
102	};
103
104	my @hosts = $oZone->get_attributes('hosts');
105
106	push(@filters, [ 'name=' . join('\|\|', @hosts) ]);
107
108	if ($oZone->get_attributes('allow_dyn')) {
109	la_log(LA_DEBUG, "Zone %s has allow_dyn set, searching w/o ip", $zone);
110	push(@filters, [ 'ip=NULL' ]);
111	}
112	}
113
114	foreach my $filter (@filters) {
115	foreach ($self->{_base}->search_objects('nethost', @$filter)) {
116	$filteredHosts && !$filteredHosts->{$_} and next;
117	$hosts{$_} = 1;
118	}
119	}
120	}
121
122	return %hosts;
123	}
124
125	sub _disable {
126	my ($self) = @_;
127
128	my $test = $self->{syncm}->ini->val($self->{name}, 'test');
129	my $mode = $self->{syncm}->ini->val($self->{name}, 'disableMode', 'effective');
130
131	la_log(LA_DEBUG, "Checking for host to disable using %s method", $mode);
132
133	my %hosts = $self->_filters;
134
135	my @HostToDisable;
136	for ($mode) {
137	/owner/i and do {
138	my @HostNoOwner = $self->{_base}->search_objects('nethost', 'exported=1', 'owner.active=0');
139	foreach (@HostNoOwner) {
140	push(@HostToDisable, $_);
141	}
142	last;
143	};
144	/user/i and do {
145	my @HostNoUser = $self->{_base}->search_objects('nethost', 'exported=1', 'user.active=0');
146	foreach (@HostNoUser) {
147	push(@HostToDisable, $_);
148	}
149	last;
150	};
151	/both/i and do {
152	my %HostNoUser = map { $_ => } (
153	$self->{_base}->search_objects('nethost', 'exported=1', 'user.active=0'),
154	$self->{_base}->search_objects('nethost', 'exported=1', 'owner.active=0'),
155	);
156	foreach (keys %HostNoUser) {
157	push(@HostToDisable, $_);
158	}
159	last;
160	};
161	/effective/i and do {
162	my %HostNoUser = map { $_ => } (
163	$self->{_base}->search_objects('nethost', 'exported=1', 'user.active=0'),
164	$self->{_base}->search_objects('nethost', 'exported=1', 'user=NULL', 'owner.active=0'),
165	);
166	foreach (keys %HostNoUser) {
167	push(@HostToDisable, $_);
168	}
169	last;
170	};
171
172	la_log(LA_ERR, "Unknown host check method `%s'", $mode);
173	}
174
175	foreach my $hostname (sort @HostToDisable) {
176	$hosts{$hostname} or next;
177	my $Host = $self->{_base}->get_object('nethost', $hostname) or next;
178	$self->{_base}->log(
179	LA_INFO,
180	'%sHost %s disable because owner or user is inactive',
181	($test ? '(Test) ' : ''),
182	$hostname,
183	);
184	$Host->ReportChange('Update', "Disabling because user/owner is inactive");
185	$Host->_set_c_fields( unexported => 1 );
186	}
187
188	$self->{_base}->commit()
189	unless($test);
190	}
191
192	sub _enable {
193	my ($self) = @_;
194
195	my $test = $self->{syncm}->ini->val($self->{name}, 'test');
196	my $mode = $self->{syncm}->ini->val($self->{name}, 'disableMode', 'effective');
197
198	la_log(LA_DEBUG, "Checking for host to disable using %s method", $mode);
199
200	my %hosts = $self->_filters;
201
202	my @HostToEnable;
203	for ($mode) {
204	/owner/i and do {
205	my @HostNoOwner = $self->{_base}->search_objects('nethost', 'exported=0', 'owner.active=1');
206	foreach (@HostNoOwner) {
207	push(@HostToEnable, $_);
208	}
209	last;
210	};
211	/user/i and do {
212	my @HostNoUser = $self->{_base}->search_objects('nethost', 'exported=0', 'user.active=1');
213	foreach (@HostNoUser) {
214	push(@HostToEnable, $_);
215	}
216	last;
217	};
218	/both/i and do {
219	my %HostNoUser = map { $_ => } (
220	$self->{_base}->search_objects('nethost', 'exported=0', 'user.active=1', 'owner.active=1'),
221	$self->{_base}->search_objects('nethost', 'exported=0', 'user=NULL', 'owner.active=1'),
222	);
223	foreach (keys %HostNoUser) {
224	push(@HostToEnable, $_);
225	}
226	last;
227	};
228	/effective/i and do {
229	my %HostNoUser = map { $_ => } (
230	$self->{_base}->search_objects('nethost', 'exported=0', 'user.active=1'),
231	$self->{_base}->search_objects('nethost', 'exported=0', 'user=NULL', 'owner.active=1'),
232	);
233	foreach (keys %HostNoUser) {
234	push(@HostToEnable, $_);
235	}
236	last;
237	};
238
239	la_log(LA_ERR, "Unknown host check method `%s'", $mode);
240	}
241
242	foreach my $hostname (sort @HostToEnable) {
243	$hosts{$hostname} or next;
244	my $Host = $self->{_base}->get_object('nethost', $hostname) or next;
245	$self->{_base}->log(
246	LA_INFO,
247	'%sHost %s enable because owner or user is active',
248	($test ? '(Test) ' : ''),
249	$hostname,
250	);
251	$Host->ReportChange('Update', "Enabling because user/owner is active");
252	$Host->_set_c_fields( unexported => 0 );
253	}
254
255	$self->{_base}->commit()
256	unless($test);
257	}
258
259	1;
260
261	__END__
262
263	=head1 SEE ALSO
264
265	L<LATMOS::Accounts>, L<LATMOS::Accounts::Task>
266
267	=head1 AUTHOR
268
269	Olivier Thauvin, E<lt>olivier.thauvin@latmos.ipsl.frE<gt>
270
271	=head1 COPYRIGHT AND LICENSE
272
273	Copyright (C) 2012 CNRS SA/CETP/LATMOS
274
275	This library is free software; you can redistribute it and/or modify
276	it under the same terms as Perl itself, either Perl version 5.10.0 or,
277	at your option, any later version of Perl 5 you may have available.
278
279	=cut
280

Note: See TracBrowser for help on using the repository browser.

Download in other formats: