From 7e740f2741de172b77108954aab4f94ebf8cad8e Mon Sep 17 00:00:00 2001
From: atlurie <atlurie@uab.edu>
Date: Tue, 14 Jun 2022 01:38:58 -0500
Subject: [PATCH] Refactor to send msg to group_member agent with groups a user
should be added to and removed from.
This change will support our design decision that a user should be only
part of a group that corresponds to his current state. Users are not in
two states at any given time, they have only one state. Likewise, they
should only be in one group at a time corresponding to their state (look
at rabbit_config.py)
---
prod_rmq_agents/ssh_access.py | 48 ++++++++++++++++++++---------------
1 file changed, 27 insertions(+), 21 deletions(-)
diff --git a/prod_rmq_agents/ssh_access.py b/prod_rmq_agents/ssh_access.py
index 34f3274..6e0fbfe 100644
--- a/prod_rmq_agents/ssh_access.py
+++ b/prod_rmq_agents/ssh_access.py
@@ -49,38 +49,44 @@ def ssh_access(ch, method, properties, body):
else:
corr_id = str(uuid.uuid4())
print(f'corr_id generated: {corr_id}')
+ msg["groups"] = {}
+ proc = Popen(['/usr/bin/groups', username], stdout=PIPE, stderr=PIPE)
+ out,err = proc.communicate()
+
+ user_group_list = out.decode().strip().split(":")[1].split()
+ lock_groups = rcfg.lock_groups
+ """
+ Filter the lock group a user is in and assign to spl
+ lambda function returns common elements between two lists. For all
+ the true values by returned lambda function for common elements
+ corresponding values are included as a list by filter function.
+ """
+ spl_groups = list(filter(lambda x:x in list(lock_groups.values()),user_group_list))
+
+ # Depending on state add user to the group corresponding to state.
+ # Remove user from lock_groups they are already part of.
if state == 'certification':
- msg["action"] = "add"
- msg["groupnames"] = [lock_groups[state]]
+ # eg: {"groups": { "add":[a,b,c], "remove":[d,e,f] }
+ msg["groups"]["add"] = [lock_groups[state]]
+ msg["groups"]["remove"] = spl_groups
elif state == 'hold':
- msg["action"] = "add"
- msg["groupnames"] = [lock_groups[state]]
+ # eg: {"groups": { "add":[a,b,c], "remove":[d,e,f] }
+ msg["groups"]["add"] = [lock_groups[state]]
+ msg["groups"]["remove"] = spl_groups
elif state == 'pre_certification':
- msg["action"] = "add"
- msg["groupnames"] = [lock_groups[state]]
+ # eg: {"groups": { "add":[a,b,c], "remove":[d,e,f] }
+ msg["groups"]["add"] = [lock_groups[state]]
+ msg["groups"]["remove"] = spl_groups
elif state == 'ok':
- msg["action"] = "remove"
- proc = Popen(['/usr/bin/groups', username], stdout=PIPE, stderr=PIPE)
- out,err = proc.communicate()
-
- user_group_list = out.decode().strip().split(":")[1].split()
-
- """
- Filter the lock group a user is in and assign to msg["groupnames"]
- lambda function returns common elements between two lists. For all
- the true values by returned lambda function for common elements
- corresponding values are included as a list by filter function.
- """
- msg["groupnames"] = list(filter(lambda x:x in list(lock_groups.values()),user_group_list))
+ msg["groups"]["remove"] = spl_groups
- #msg["success"] = True
# send a message to group_member.py agent
- logger.info(f"Request sent to add user {username} to {msg['groupnames']} group")
+ logger.info(f"Request sent to add/remove user {username} to spl groups")
print(f"sending msg to group agent {msg}")
rc_rmq.publish_msg(
{
--
GitLab