public function execute() { global $wgOpenStackManagerLDAPUsername; global $wgOpenStackManagerServiceGroupPrefix; $user = new OpenStackNovaUser($wgOpenStackManagerLDAPUsername); $projects = OpenStackNovaProject::getAllProjects(); $failedSync = false; $attempt_count = 0; $synced_count = 0; $failed_count = 0; /** * @var $project OpenStackNovaProject */ foreach ($projects as $project) { // actually load the project info from ldap // (getAllProjects() doesn't do this) $project->fetchProjectInfo(); $projectName = $project->getProjectName(); $serviceGroups = $project->getServiceGroups(); foreach ($serviceGroups as $serviceGroup) { $fullGroupName = $serviceGroup->getGroupName(); if (strpos($fullGroupName, $wgOpenStackManagerServiceGroupPrefix, 0) === 0) { $groupName = substr($fullGroupName, strlen($wgOpenStackManagerServiceGroupPrefix)); } else { $groupName = $fullGroupName; } $groupMembers = $serviceGroup->getMembers(); if (empty($groupMembers)) { continue; } $originalMember = $groupMembers[0]; $retval = OpenStackNovaServiceGroup::createServiceGroup($groupName, $project, $this->updateMemberName($originalMember, $project)); $attempt_count++; if ($retval) { $this->output("Succeeded copying service group {$groupName} in {$projectName}\n"); $synced_count++; foreach ($groupMembers as $member) { if ($member === $originalMember) { continue; } $serviceGroup->addMember($this->updateMemberName($member, $project)); } } else { $this->output("Failed copying service group {$groupName} in {$projectName}\n"); $failedSync = true; $failed_count++; } } } $this->output("{$attempt_count} service groups were synced, {$synced_count} changed, {$failed_count} failed.\n"); $this->output("Done.\n"); // return true if there were no failed syncs return !$failedSync; }
/** * @param $formData * @param string $entryPoint * @return bool */ function tryManageMembersSubmit($formData, $entryPoint = 'internal') { $projectname = $formData['projectname']; if ($projectname) { $project = OpenStackNovaProject::getProjectByName($projectname); if (!$project) { $this->getOutput()->addWikiMsg('openstackmanager-nonexistentproject'); return true; } $group = OpenStackNovaServiceGroup::getServiceGroupByName($formData['servicegroupname'], $project); $members = $formData['members']; $servicemembers = $formData['servicemembers']; } else { //TODO: display error } if (!$group) { $this->getOutput()->addWikiMsg('openstackmanager-nonexistentgroup'); return true; } $success = $group->setMembers($members, $servicemembers); if ($success) { $this->getOutput()->addWikiMsg('openstackmanager-setgroupmembers', $formData['servicegroupname']); } else { $this->getOutput()->addWikiMsg('openstackmanager-failedtosetgroupmembers', $formData['servicegroupname']); } $out = '<br />'; $returnto = Title::newFromText($formData['returnto']); if (!$returnto) { $returnto = SpecialPage::getTitleFor('NovaServiceGroup'); } $out .= Linker::link($returnto, $this->msg('openstackmanager-backservicegrouplist')->escaped()); $this->getOutput()->addHTML($out); return true; }
/** * Deletes a project based on project name. This function will also delete all roles * associated with the project. * * @param $projectname String * @return bool */ static function deleteProject($projectname) { global $wgAuth; OpenStackNovaLdapConnection::connect(); $project = new OpenStackNovaProject($projectname); if (!$project) { return false; } $dn = $project->projectDN; # Projects can have roles as sub-entries, we need to delete them first $result = LdapAuthenticationPlugin::ldap_list($wgAuth->ldapconn, $dn, 'objectclass=*'); $roles = LdapAuthenticationPlugin::ldap_get_entries($wgAuth->ldapconn, $result); array_shift($roles); foreach ($roles as $role) { $roledn = $role['dn']; $success = LdapAuthenticationPlugin::ldap_delete($wgAuth->ldapconn, $roledn); if ($success) { $wgAuth->printDebug("Successfully deleted role {$roledn}", NONSENSITIVE); } else { $wgAuth->printDebug("Failed to delete role {$roledn}", NONSENSITIVE); } } # Projects can have a separate group entry. If so, delete it now. if (OpenStackNovaProject::useProjectGroup()) { OpenStackNovaProjectGroup::deleteProjectGroup($projectname); } # Projects have a sudo OU and sudoers entries below that OU, we must delete them first $sudoers = OpenStackNovaSudoer::getAllSudoersByProject($project->getProjectName()); foreach ($sudoers as $sudoer) { $success = OpenStackNovaSudoer::deleteSudoer($sudoer->getSudoerName(), $project->getProjectName()); if ($success) { $wgAuth->printDebug("Successfully deleted sudoer " . $sudoer->getSudoerName(), NONSENSITIVE); } else { $wgAuth->printDebug("Failed to delete sudoer " . $sudoer->getSudoerName(), NONSENSITIVE); } } $success = LdapAuthenticationPlugin::ldap_delete($wgAuth->ldapconn, $project->getSudoersDN()); if ($success) { $wgAuth->printDebug("Successfully deleted sudoers OU " . $project->getSudoersDN(), NONSENSITIVE); } else { $wgAuth->printDebug("Failed to delete sudoers OU " . $project->getSudoersDN(), NONSENSITIVE); } # And, we need to clean up service groups. $servicegroups = $project->getServiceGroups(); foreach ($servicegroups as $group) { $groupName = $group->groupName; $success = OpenStackNovaServiceGroup::deleteServiceGroup($groupName, $project); if ($success) { $wgAuth->printDebug("Successfully deleted service group " . $groupName, NONSENSITIVE); } else { $wgAuth->printDebug("Failed to delete servie group " . $groupName, NONSENSITIVE); } } $success = LdapAuthenticationPlugin::ldap_delete($wgAuth->ldapconn, $dn); if ($success) { $wgAuth->printDebug("Successfully deleted project {$projectname}", NONSENSITIVE); return true; } else { $wgAuth->printDebug("Failed to delete project {$projectname}", NONSENSITIVE); return false; } }