function getSudoers($project)
{
$project->fetchProjectInfo();
$projectName = $project->getProjectName();
$this->userNova->setProject($projectName);
$regions = $this->userNova->getRegions('compute');
$headers = array('openstackmanager-sudoername', 'openstackmanager-sudoerusers', 'openstackmanager-sudoerrunas', 'openstackmanager-sudoercommands', 'openstackmanager-sudoeroptions', 'openstackmanager-actions');
$sudoers = OpenStackNovaSudoer::getAllSudoersByProject($projectName);
$sudoerRows = array();
foreach ($sudoers as $sudoer) {
$sudoerRow = array();
$sudoerName = $sudoer->getSudoerName();
$this->pushResourceColumn($sudoerRow, $sudoerName);
$userNames = array();
$projectmembers = $project->getMembers();
$userNames = $this->makeHumanReadableUserlist($sudoer->getSudoerUsers(), $project);
$sudoRunAsUsers = $this->makeHumanReadableUserlist($sudoer->getSudoerRunAsUsers(), $project);
$this->pushRawResourceColumn($sudoerRow, $this->createResourceList($userNames));
$this->pushRawResourceColumn($sudoerRow, $this->createResourceList($sudoRunAsUsers));
$this->pushRawResourceColumn($sudoerRow, $this->createResourceList($sudoer->getSudoerCommands()));
$this->pushRawResourceColumn($sudoerRow, $this->createResourceList($sudoer->getSudoerOptions()));
$actions = array();
$actions[] = $this->createActionLink('openstackmanager-modify', array('action' => 'modify', 'sudoername' => $sudoerName, 'project' => $projectName));
$actions[] = $this->createActionLink('openstackmanager-delete', array('action' => 'delete', 'sudoername' => $sudoerName, 'project' => $projectName));
$this->pushRawResourceColumn($sudoerRow, $this->createResourceList($actions));
$sudoerRows[] = $sudoerRow;
}
if ($sudoerRows) {
$out = $this->createResourceTable($headers, $sudoerRows);
} else {
$out = '';
}
return $out;
}
/**
* Deletes a project based on project name. This function will also delete all roles
* associated with the project.
*
* @param $projectname String
* @return bool
*/
static function deleteProject($projectname)
{
global $wgAuth;
OpenStackNovaLdapConnection::connect();
$project = new OpenStackNovaProject($projectname);
if (!$project) {
return false;
}
$dn = $project->projectDN;
# Projects can have roles as sub-entries, we need to delete them first
$result = LdapAuthenticationPlugin::ldap_list($wgAuth->ldapconn, $dn, 'objectclass=*');
$roles = LdapAuthenticationPlugin::ldap_get_entries($wgAuth->ldapconn, $result);
array_shift($roles);
foreach ($roles as $role) {
$roledn = $role['dn'];
$success = LdapAuthenticationPlugin::ldap_delete($wgAuth->ldapconn, $roledn);
if ($success) {
$wgAuth->printDebug("Successfully deleted role {$roledn}", NONSENSITIVE);
} else {
$wgAuth->printDebug("Failed to delete role {$roledn}", NONSENSITIVE);
}
}
# Projects can have a separate group entry. If so, delete it now.
if (OpenStackNovaProject::useProjectGroup()) {
OpenStackNovaProjectGroup::deleteProjectGroup($projectname);
}
# Projects have a sudo OU and sudoers entries below that OU, we must delete them first
$sudoers = OpenStackNovaSudoer::getAllSudoersByProject($project->getProjectName());
foreach ($sudoers as $sudoer) {
$success = OpenStackNovaSudoer::deleteSudoer($sudoer->getSudoerName(), $project->getProjectName());
if ($success) {
$wgAuth->printDebug("Successfully deleted sudoer " . $sudoer->getSudoerName(), NONSENSITIVE);
} else {
$wgAuth->printDebug("Failed to delete sudoer " . $sudoer->getSudoerName(), NONSENSITIVE);
}
}
$success = LdapAuthenticationPlugin::ldap_delete($wgAuth->ldapconn, $project->getSudoersDN());
if ($success) {
$wgAuth->printDebug("Successfully deleted sudoers OU " . $project->getSudoersDN(), NONSENSITIVE);
} else {
$wgAuth->printDebug("Failed to delete sudoers OU " . $project->getSudoersDN(), NONSENSITIVE);
}
# And, we need to clean up service groups.
$servicegroups = $project->getServiceGroups();
foreach ($servicegroups as $group) {
$groupName = $group->groupName;
$success = OpenStackNovaServiceGroup::deleteServiceGroup($groupName, $project);
if ($success) {
$wgAuth->printDebug("Successfully deleted service group " . $groupName, NONSENSITIVE);
} else {
$wgAuth->printDebug("Failed to delete servie group " . $groupName, NONSENSITIVE);
}
}
$success = LdapAuthenticationPlugin::ldap_delete($wgAuth->ldapconn, $dn);
if ($success) {
$wgAuth->printDebug("Successfully deleted project {$projectname}", NONSENSITIVE);
return true;
} else {
$wgAuth->printDebug("Failed to delete project {$projectname}", NONSENSITIVE);
return false;
}
}
