Changeset 2189

Timestamp:

02/04/19 20:35:58 (5 years ago)

Author:

nanardon

Message:

Add sshKey managment for service accounts

Location:

trunk

Files:

• LATMOS-Accounts-Web/lib/LATMOS/Accounts/Web/Model/AttrForms.pm (modified) (1 diff)
• LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Sql.pm (modified) (4 diffs)
• LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Sql/User.pm (modified) (2 diffs)
• LATMOS-Accounts/lib/LATMOS/Accounts/Task/Updatedyndata.pm (modified) (1 diff)
• LATMOS-Accounts/man/man8/latmos-accounts-base-sql.pod (modified) (1 diff)

trunk/LATMOS-Accounts-Web/lib/LATMOS/Accounts/Web/Model/AttrForms.pm

@@ -33 +33 @@
             locked
             sshPublicKey
+            sshPublicKeyFilter
             snNative
             givenNameNative

trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Sql.pm

@@ -185 +185 @@
                 description => 'Internal group for user alias object',
                 gidnumber => -1,
-                unexported => 1,
+                unexported => 1,
             },
             intern => 1,
@@ -380 +380 @@
     my ($self) = @_;
 
+    $self->log(LA_DEBUG, 'Running PopulateDynData()');
+
     $self->temp_switch_unexported(sub {
 
@@ -393 +395 @@
         }
 
+        my %sshUser = map { $_ => 1 } (
+            $self->search_objects('user', 'authorizedKeys=*', 'oalias=NULL'),
+            $self->search_objects('user', 'sshPublicKeyFilter=*', 'oalias=NULL'),
+            $self->search_objects('user', 'sshPublicKey=*', 'oalias=NULL'),
+        );
+
+        foreach my $user (keys %sshUser) {
+            my $ouser = $self->get_object('user', $user) or next;
+            $ouser->set_fields( 'authorizedKeys', $ouser->_get_c_field('_authorizedKeys') );
+        }
+
     }, 0);
 
@@ -401 +414 @@
     my ($self) = @_;
 
-    $self->PopulateDynData;
+    # Let sync-manager update data in background
+
+    $self->PopulateDynData unless($self->config('ASyncDynData'));
 
     if ($ENV{LA_NO_COMMIT}) {

trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Sql/User.pm

@@ -1305 +1305 @@
                 formopts => { length => 45 },
             },
+            sshPublicKeyFilter => {
+                multiple => 1,
+                formopts => { length => 45 },
+            },
+            _authorizedKeys => {
+                multiple => 1,
+                ro => 1,
+                managed => 1,
+                reference => 'user',
+                hide => 1,
+                get => sub {
+                    my ($attr) = @_;
+                    my $self = $attr->object;
+
+                    my @keys = $self->_get_attributes('sshPublicKey');
+
+                    my @filters = $self->_get_attributes('sshPublicKeyFilter');
+
+                    if (@filters) {
+                        foreach my $user ($self->base->search_objects('user', @filters, 'oalias=NULL')) {
+                            my $ouser = $self->base->get_object('user', $user) or next;
+                            push(@keys, $ouser->_get_attributes('sshPublicKey'));
+                        }
+                    }
+
+                    return \@keys;
+                },
+            },
+            authorizedKeys => {
+                multiple => 1,
+                ro => 1,
+                reference => 'user',
+            },
             currentEmployment => {
                 managed => 1,
@@ -1716 +1749 @@
 
 }
-
 
 =head2 computeEmploymentDate

trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Task/Updatedyndata.pm

@@ -27 +27 @@
 
 # Every 10 minutes
-sub runDelay { 10 * 60 }
+sub runDelay { 5 * 60 }
 
 sub init {

trunk/LATMOS-Accounts/man/man8/latmos-accounts-base-sql.pod

@@ -23 +23 @@
 the group when department is changed.
 The user can still be added back later.
+
+=head2 ASyncDynData
+
+Don't compute dynamic attribute at commit but let syncManager do it
+asynchronously.
 
 =head1 FEATURES