1 changed files with 92 additions and 0 deletions
@ -0,0 +1,92 @@ |
|||||
|
#!/usr/bin/python |
||||
|
# -*- coding: utf-8 -*- |
||||
|
# |
||||
|
# folderauth.py |
||||
|
# |
||||
|
# |
||||
|
# sets the authorizations of folders |
||||
|
# current authorizations are not removed, only new ones are added and existing |
||||
|
# rules might be updated |
||||
|
# |
||||
|
# CSV-Format |
||||
|
# Column 1 is the full path to the folder |
||||
|
# Column 2 is the principal type |
||||
|
# Column 3 is the principal id |
||||
|
# Column 4 is the access setting (read, full) |
||||
|
|
||||
|
|
||||
|
import argparse |
||||
|
import csv |
||||
|
import os |
||||
|
import json |
||||
|
import subprocess |
||||
|
import sys |
||||
|
from sharedfunctions import callrestapi, getfolderid, file_accessible |
||||
|
|
||||
|
|
||||
|
def addRule(data): |
||||
|
|
||||
|
if debug: print("Rule data: "+str(data)) |
||||
|
rst = callrestapi('authorization/rules','post',data=data,returnResponse=True) |
||||
|
|
||||
|
if rst.status_code==201: |
||||
|
print(" done") |
||||
|
|
||||
|
elif rst.status_code==400 and json.loads(rst.text)['errorCode']==1177: |
||||
|
print(" rule already exists, skiping") |
||||
|
|
||||
|
elif (400 <= rst.status_code <=599): |
||||
|
print("http response code: "+ str(rst.status_code)) |
||||
|
print("ret.text: "+rst.text) |
||||
|
sys.exit() |
||||
|
|
||||
|
|
||||
|
|
||||
|
parser = argparse.ArgumentParser(description="Apply bulk auths from a CSV file to folders and contents") |
||||
|
parser.add_argument("-f","--file", help="Full path to CSV file.",required='True') |
||||
|
parser.add_argument("-d","--debug", help="Turn debug on", action='store_true', default=False) |
||||
|
|
||||
|
args = parser.parse_args() |
||||
|
file=args.file |
||||
|
debug=args.debug |
||||
|
|
||||
|
if not file_accessible(file,'r'): |
||||
|
print("Can not open file.") |
||||
|
sys.exit(1) |
||||
|
|
||||
|
with open(file, 'rt') as f: |
||||
|
filecontents = csv.reader(f) |
||||
|
for row in filecontents: |
||||
|
print("Adding rule: "+str(row)) |
||||
|
folderpath=row[0] |
||||
|
principaltype=row[1] |
||||
|
principalname=row[2] |
||||
|
accesscontrol=row[3] |
||||
|
|
||||
|
folderid=getfolderid(folderpath) |
||||
|
folderuri=folderid[0] |
||||
|
|
||||
|
if accesscontrol=="full": |
||||
|
permissions = ["create","read","update","delete","secure","add","remove"] |
||||
|
elif accesscontrol=="read": |
||||
|
permissions = ["read"] |
||||
|
else: |
||||
|
print("Unkown access control: "+accesscontrol) |
||||
|
|
||||
|
data = { |
||||
|
'type': 'grant', |
||||
|
'objectUri': '/folders/folders/'+folderuri, |
||||
|
'principalType': principaltype, |
||||
|
'principal': principalname, |
||||
|
'permissions': permissions |
||||
|
} |
||||
|
addRule(data) |
||||
|
|
||||
|
data = { |
||||
|
'type': 'grant', |
||||
|
'containerUri': '/folders/folders/'+folderuri, |
||||
|
'principalType': principaltype, |
||||
|
'principal': principalname, |
||||
|
'permissions': permissions |
||||
|
} |
||||
|
addRule(data) |
||||
Loading…
Reference in new issue