roster_core Package
roster_core Package
Toplevel RosterCore API. This presents entities to external consumers.
-
exception roster_core.__init__.CoreError
Bases: exceptions.Exception
Error class that all Roster errors are
sub-classed from
-
class roster_core.__init__.Core(user_name, config_instance, unittest_timestamp=None)
Bases: object
Backend Roster interface.
This class is meant to be the only interface to the database for top
level programming for a web or xml-rpc interface, or anything else
that would need to talk to the database.
All errors raised will be a subclass of CoreError.
-
CheckMaintenanceFlag()
Checks maintenance flag
- Outputs:
- bool: value of flag on or off
-
GetEmptyRecordArgsDict(record_type)
Gets record args dict for the record_type.
- Inputs:
- record_type: string of record type (example: u’mx’)
- Outputs:
- dictionary: which is different for each record type.
- (example: {u’priority’: 10,
- u’mail_server’: ‘mail.sub.university.edu.’})
-
ListACLs(acl_name=None, cidr_block=None)
List one or many acls, if all args are none it will them all, or just
search on one more terms.
- Inputs:
- acl_name: string of acl name
cidr_block: string of valid CIDR block or IP address
- Outputs:
- dictionary: keyed by the acl name whos value is a list dictionaries with
the cidr block and range allowed values.
- example: {‘rfc_1918_networks’: [{‘cidr_block’: ‘192.168/16’},
{‘cidr_block’: ‘10/8’}],
- ‘university_networks’: [{‘cidr_block’: ‘1.2.3/24’},
- {‘cidr_block’: ‘1.1.1/24’}]}
-
ListAuditLog(user_name=None, action=None, success=None, begin_timestamp=None, end_timestamp=None)
Lists audit log
- Inputs:
- user_name: string of user name
action: string of function
success: intbool of success
begin_timestamp: datetime object of beginning timestamp
end_timestamp: datetime object of ending timestamp
- Raises:
- UnexpectedDataError: Missing begin_timestamp or end_timestamp.
- Outputs:
- dict: Dictionary of audit log
- ex: {‘action’: u’Action’, ‘data’, u’Data’,
- ‘audit_log_timestamp’: datetime.datetime,
‘audit_log_user_name’: u’username’}
-
ListCredentials(credential=None, user_name=None, infinite_cred=None)
Lists infinte credentials.
This function basically just calls _ListCredentials but runs Authorize
before.
- Inputs:
- credential: string of specific credential that is being searched for
user_name: string of name of user that is being searched for
infinite_cred: bool of search for infinite or non infinite creds
-
ListDnsServerSetAssignments(dns_server_name=None, dns_server_set_name=None)
List dns server set assignments.
Inputs:
dns_server_name: string of dns server name
dns_server_set_name: string of dns server set name
- Outputs:
- dictionary keyed by server sets.
-
ListDnsServerSetViewAssignments(view_name=None, dns_server_set_name=None, key_by_view=False)
List dns server set view assignments
Assignments can be given as a dictionary of dns server names with lists of
view names or as a dictionary of view names with lists of dns server names.
- Outputs:
Dictionary keyed by view name or dns server set name with values of
lists of view names or dns server sets depending on key_by_view bool
- example keyed by view_name: {‘view1’: [‘set1’, ‘set2’],
- ‘view2’: [‘set2’]}
- example keyed by dns_server_set_name: {‘set1’: [‘view1’]
- ‘set2’: [‘view1’, ‘view2’]}
-
ListDnsServerSets(dns_server_set_name=None)
List all dns server sets
- Inputs:
- dns_server_set_name: string of dns server set name
- Outputs:
- list of dns server sets
-
ListDnsServers(dns_server_name=None)
List dns servers.
- Outputs:
- int: number of rows modified
-
ListForwardZonePermissions(zone_name=None, group_name=None, group_permission=None)
List forward zone permissions.
- Inputs:
- zone_name: string of zone name
group_name: string of group name
group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
- Outputs:
dictionary keyed by group name with values of lists of dictionaries
containing zone names and group permissions
- example: {‘dept’: [{‘zone_name’: ‘sub.univeristy.edu’,
‘group_permission’: [‘a’, ‘aaaa’, ‘cname’]},
- {‘zone_name’: ‘othersub.university.edu’,
- ‘group_permission’: [‘a’, ‘aaaa’, ‘cname’, ‘soa’]}],
- ‘otherdept’: [{‘zone_name’: ‘sub.university.edu’,
- ‘group_permission’: [‘a’, ‘aaaa’]}]}
-
ListGroups()
List all groups.
- Outputs:
- list of groups
- example [‘cs’, ‘bio’]
-
ListNamedConfGlobalOptions(option_id=None, dns_server_set=None, timestamp=None)
Lists named conf global options
- Inputs:
- option_id: integer of named conf global option id
dns_server_set: string of the dns server set name
timestamp: datetime object of timestamp to search
- Outputs:
- named_conf_list: list of named conf global options
-
ListRecordArgumentDefinitions(record_type=None)
List record argument definitions. This is mainly for the exporter to
programtically construct records for exporting.
This function is duplicated in
roster-config-manager/roster_config_manager/tree_exporter.py
- Inputs:
- record_type: string of record type
- Outputs:
- dictionary keyed by record type with values of lists
of lists of record arguments sorted by argument order.
example: {‘mx’: [{‘argument_name’: u’priority’,
‘record_arguments_type’: u’mx’,
‘argument_data_type’: u’UnsignedInt’,
‘argument_order’: 0},
{‘argument_name’: u’mail_server’,
‘record_arguments_type’: u’mx’,
‘argument_data_type’: u’Hostname’,
‘argument_order’: 1}]}
-
ListRecords(record_type=None, target=None, zone_name=None, view_name=None, ttl=None, record_args_dict=None)
Lists records.
- Inputs:
record_type: string of record type (example: u’mx’)
target: string of target (example u’machine-01.sub.univeristy.edu.’)
zone_name: string of zone name (example u’sub.university.edu’)
ttl: int of time to live per record
view_name: string of view name (example u’internal’)
record_args_dict: dictionary, which is different for each record type.
an example dictionary can be obtained with the
GetEmptyRecordArgsDict function in this class
(example: {u’priority’: 10,
u’mail_server’: ‘mail.sub.university.edu.’})
- Raises:
- UnexpectedDataError: Must specify record_type with record_args_dict.
- Outputs:
- list of record dictionaries
Each dictionary can have different args depending on record type.
All of them will include record_type, target, zone_name, ttl, and
view_name regardless of record type. Below is an example of an mx
record search.
example: [{‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,
‘zone_name’: ‘university.edu’, ttl: 3600,
‘view_name’: ‘external’, ‘priority’: 10,
‘mail_server’: ‘smtp-01.university.edu.’,
‘last_user’: ‘sharrell},
- {‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,
- ‘zone_name’: ‘university.edu’, ttl: 3600,
‘view_name’: ‘external’, ‘priority’: 20,
‘mail_server’: ‘smtp-02.university.edu.’},
‘last_user’: ‘sharrell}]
-
ListReservedWords()
Lists reserved words.
- Output:
- list: list of reserved words
- ex: [‘reservedword1’, ‘reservedword2’]
-
ListReverseRangePermissions(cidr_block=None, group_name=None, group_permission=None)
List reverse range permissions.
- Inputs:
- cidr_block: string of cidr block
group_name: string of group name
group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
- Outputs:
dictionary keyed by group name with values of lists of dictionaries
containing reverse ranges and group permissions
- example: {‘dept’: [{‘cidr_block’: ‘192.168.0/24’,
‘group_permission’: [u’cname’, u’ptr’]},
- {‘cidr_block’: ‘192.168.1/24’,
- ‘group_permission’: [u’ptr’]}],
- ‘otherdept’: [{‘cidr_block’: ‘192.168.1/24’,
- ‘group_permission’: [u’cname’, u’ns’, u’ptr’,
- u’soa’]}]}
-
ListReverseRangeZoneAssignments(zone_name=None, cidr_block=None)
Lists reverse range to zone assignments.
- Inputs:
- zone_name: string of zone name
cidr_block: string of cidr block
- Outputs:
- dictionary: keyed by zone_name with values of cidr blocks
- example: {‘10.in-addr.arpa’: ‘10/8’,
- ‘9.168.192.in-addr.arpa’: ‘192.168.9/24’}
-
ListUserGroupAssignments(user_name=None, group_name=None, key_by_group=False)
List user-group assignments.
Assignments can be given as a dictionary of users with lists of groups or
as a dictionary of groups as a list of users.
- Outputs:
dictionarie keyed by group or user with values of lists of groups or users
depending on key_by_group bool
- example keyed by user: {‘sharrell’: [‘cs’, ‘bio’],
- ‘shuey’: [‘cs’]}
- example keyed by group: {‘cs’: [‘shuey’, ‘sharrell’]
- ‘bio’: [‘sharrell’]
-
ListUsers(user_name=None, access_level=None)
Lists one or many users, if all args are None then list them all.
- Inputs:
- user_name: string of user name
access_level: int from 0-255 as defined in user.py
- Output:
- dictionary: keyed by the user name with value of access_level.
- example: {‘sharrell’: 128,
- ‘shuey’: 64}
-
ListViewAssignments(view_superset=None, view_subset=None)
Lists view assignments.
For more informaton about view assignments please read the
MakeViewAssignment docstring.
- Inputs:
- view_superset: string of view name
view_subset: string of view name
- Outputs:
- dictionary keyed by view supersets with values lists of view subsets
-
ListViewToACLAssignments(view_name=None, acl_name=None, acl_range_allowed=None)
Lists some or all view to acl assignments corresponding to the
given args.
- Inputs:
- view_name: string of view name
acl_name: string of acl name
- Outputs:
- list: list contains dictionaries of assignments
- example: [{‘view_name’: ‘main_view’, ‘acl_name’: ‘internal’,
‘acl_range_allowed’: ‘true’},
- {‘view_name’: ‘other_view’, ‘acl_name’: ‘external’,
- ‘acl_range_allowed’: ‘false’}]
-
ListViews(view_name=None)
Lists all views.
- Outputs:
- dictionary: dict keyed by view name with a value of the view args.
- example: {‘view_1’: ‘also-notify {192.168.0.1;}nallow-transfer ‘
‘{university_networks};;’,
‘view_2’: ‘other-arg { thing };’}
-
ListZoneTypes()
Lists zone types.
- Outputs:
- list: list of zone types, example: [‘master’, ‘slave’, ‘forward’]
-
ListZones(zone_name=None, zone_type=None, zone_origin=None, view_name=None)
Lists zones.
- Inputs:
- zone_name: string of zone name
zone_type: string of zone type
zone_origin: string of zone origin. ex dept.univiersity.edu.
view_name: string of view name
- Outputs:
Dictionary of dictionaries. The parent dictionary is keyed by zone name,
the secondary dictionary is keyed by view name and the third is keyed
by type of data.
- example:
- {‘zone.university.edu’: {‘internal’: {‘zone_type’: ‘master’,
‘zone_options’: ‘misc opts’,
‘zone_origin’:
‘university.edu.’},
- ‘any’: {‘zone_type’: ‘master’
- ‘zone_options’: ‘other options’,
‘zone_origin’: ‘university.edu.’}},
- ‘otherzone.university.edu’: {‘any’: {‘zone_type’: ‘slave’,
- ‘zone_options’: ‘options’}}}
-
MakeACL(acl_name, cidr_block)
Makes an acl from args.
- Inputs:
- acl_name: string of acl name
cidr_block: string of valid CIDR block or IP address
-
MakeDnsServer(dns_server_name)
Makes one dns server
- Inputs:
- dns_server_name: string of the dns server name
-
MakeDnsServerSet(dns_server_set_name)
Make dns server set.
- Inputs:
- dns_server_set_name: string of dns server set name
-
MakeDnsServerSetAssignments(dns_server_name, dns_server_set_name)
Make dns server set assignment.
- Inputs:
- dns_server_name: string of dns server name
dns_server_set_name: string of dns server set name
-
MakeDnsServerSetViewAssignments(view_name, dns_server_set_name)
Make dns server set view assignment
- Inputs:
- view_name: string of the view name
dns_server_set_name: string of the dns server set name
-
MakeForwardZonePermission(zone_name, group_name, group_permission=None)
Make forward zone permission.
- Inputs:
- zone_name: string of zone name
group_name: string of group name
group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
-
MakeGroup(group_name)
Make group.
- Inputs:
- group_name: string of group name
-
MakeInfiniteCredential(user_name, credential=None)
Creates an infinite credential.
- Inputs:
- user_name: string of user to create credential for.
- Outputs:
- string: credential string created
-
MakeNamedConfGlobalOption(dns_server_set, options)
Makes named conf global option
- Inputs:
- dns_server_set: string of name of dns server set
options: string of named conf file
-
MakeRecord(record_type, target, zone_name, record_args_dict, view_name=None, ttl=None)
Makes a record.
Please check core_helpers for functions to make certain records that
need help before using this directly. For instance MakePTRRecord and
MakeAAAARecord.
- Raises:
- InvalidInputError: ”.” not allowed as terminator in non-ptr target.
InvalidInputError: An SOA cannot be made in the “any” view.
InvalidInputError: CNAME already exists.
InvalidInputError: Record already exists.
InvalidInputError: Duplicate record found.
- Inputs:
record_type: string of record type (example: u’mx’)
target: string of target (example u’machine-01’)
zone_name: string of zone name (example u’sub.university.edu’)
ttl: int of time to live per record
view_name: string of view name (example u’internal’)
record_args_dict: dictionary, which is different for each record type.
an example dictionary can be obtained with the
GetEmptyRecordArgsDict function in this class
(example: {u’priority’: 10,
u’mail_server’: ‘mail.sub.university.edu.’})
-
MakeReservedWord(reserved_word)
Create a reserved word.
- Inputs:
- reserved_word: string of reserved word
-
MakeReverseRangePermission(cidr_block, group_name, group_permission=None)
Make reverse range permission.
- Inputs:
- cidr_block: string of cidr block
group_name: string of group name
group_permission: list of group permissions, i.e., [‘cname’, ‘ptr’]
-
MakeReverseRangeZoneAssignment(zone_name, cidr_block)
Makes a reverse range to zone assignment.
- Inputs:
- zone_name: string of zone name
cidr_block: string of cidr block
-
MakeUser(user_name, access_level)
Create a user.
- Inputs:
- user_name: string of user name
access_level: int from 0-255 as defined in user.py
-
MakeUserGroupAssignment(user_name, group_name)
Make user-group assignment.
- Inputs:
- group_name: string of group name
user_name: string of user name
-
MakeView(view_name, view_options=None)
Makes a view and all of the other things that go with a view.
For more information about views please see docstring for
MakeViewAssignments.
- Inputs:
view_name: string of view name
view_options: string of view options, defaults to empty string.
-
MakeViewAssignment(view_superset, view_subset)
Assigns a view to view.
A view contains zones in that view. However zones can be assigned
to another view that is a superset of views. For example
an assignment can be made for view_a(view_superset) to also include
all of view_b’s(view_subset) zones(and by proxy, records). This
prevents having to have duplicate records in each view.
Most of the time this will not be needed as there is a special
subset included in all views(unless explicitly deleted) called the
‘any’ view. Records in the ‘any’ view will be in all views that
have not been explicity changed to remove the ‘any’ view.
The ‘any’ view subset is automatically tied to a view when a
view is created. Also this is the default view for records
and zones(again it can be explicitly changed if needed).
- Inputs:
- view_superset: string of view name
view_subset: string of view name
-
MakeViewToACLAssignments(view_name, acl_name, acl_range_allowed)
Makes view to acl assignment
- Inputs:
- view_name: string of view name
acl_name: string of acl name
acl_range_allowed: boolean to allow/disallow given acl range
-
MakeZone(zone_name, zone_type, zone_origin, view_name=None, zone_options=None, make_any=True)
Makes a zone.
- Inputs:
zone_name: string of zone name
zone_type: string of zone type
zone_origin: string of zone origin. ex dept.univiersity.edu.
zone_options: string of zone_options(defaults to empty string)
- view_name: string of view name(defaults to ‘any’)
- see docstring of MakeViewAssignments as to why ‘any’ is default
make_any: regardless of view name, make any as well(default to True)
- Raises:
- UnexpectedDataError: Invalid zone type.
-
MakeZoneType(zone_type)
Makes a new zone type.
- Inputs:
- zone_type: string of zone type
-
RemoveACL(acl_name)
Removes an acl from args. Will also remove relevant acl-view assignments.
- Inputs:
- acl_name: string of acl name
- Outputs:
- int: number of rows modified
-
RemoveCIDRBlockFromACL(acl_name, cidr_block)
Makes CIDR Block from ACL
- Inputs:
- acl_name: string of acl name
cidr_block: string of valid CIDR block or IP address
range_allowed: Int bool of if range should be allowed or denied
- Outputs:
- int: number of rows modified
-
RemoveCredential(credential=None, user_name=None)
Removes a credential
This function will call _RemoveCredential after Authorize and then log it.
- Inputs:
- credential: string of credential to remove
user_name: string of user name who has a credential to remove
-
RemoveDnsServer(dns_server_name)
Removes dns server.
- Inputs:
- dns_server_name: string of dns server name
- Outputs:
- int: number of rows modified
-
RemoveDnsServerSet(dns_server_set_name)
Remove dns server set.
- Inputs:
- dns_server_set_name: string of dns server set name
- Outputs:
- int: number of rows modified
-
RemoveDnsServerSetAssignments(dns_server_name, dns_server_set_name)
Remove a dns server set assignment
- Inputs:
- dns_server_name: string of dns server name
dns_server_set_name: string of dns server set name
-
RemoveDnsServerSetViewAssignments(view_name, dns_server_set_name)
Remove dns server set view assignment
- Inputs:
- view_name: string of view name
dns_server_set_name: string of dns server set name
- Outputs:
- int: number of rows modified
-
RemoveForwardZonePermission(zone_name, group_name, group_permission)
Remove forward zone permissions.
- Inputs:
- zone_name: string of zone name
group_name: string of group name
group_permission: list of group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
- Outputs:
- int: number of rows affected
-
RemoveGroup(group_name)
Remove group.
- Inputs:
- group_name: string of group name
- Outputs:
- int: number of rows modified
-
RemoveRecord(record_type, target, zone_name, record_args_dict, view_name, ttl=None)
Remove record.
- Inputs:
- record_type: type of record
target: target name
zone_name: name of zone
record_args_dict: dictionary of record arguments
view_name: name of view
ttl: time to live
- Raises:
- InvalidInputError: No records found.
- Multiple records found for used search terms.
RecordError: Could not remove record for an unknown reason.
-
RemoveReservedWord(reserved_word)
Removes a reserved word.
- Inputs:
- reserved_word: string of reserved word
- Outputs:
- int: number of rows modified
-
RemoveReverseRangePermission(cidr_block, group_name, group_permission)
Remove reverse range permissions.
- Inputs:
- cidr_block: string of cidr block
group_name: string of group name
group_permission: list of group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
- Outputs:
- int: number of rows affected
-
RemoveReverseRangeZoneAssignment(zone_name, cidr_block)
Remove reverse range to zone assignment.
- Inputs:
- zone_name: string of zone name
cidr_block: string of cidr block
- Outputs:
- int: number of rows affected
-
RemoveUser(user_name)
Removes a user.
- Inputs:
- user_name: string of user name
- Outputs:
- int: number of rows modified
-
RemoveUserGroupAssignment(user_name, group_name)
Remove user-group.
- Inputs:
- group_name: string of group name
user_name: string of user name
- Outputs:
- int: number of rows modified
-
RemoveView(view_name)
Removes a view.
Also removes anything attatched to that view. Including any information
about a specific zone in the view and any records in that view.
Please point gun away from foot.
- Inputs:
- view_name: string of view name
- Raises:
- InvalidInputError: Cannot remove view any
- Outputs:
- int: number of rows modified
-
RemoveViewAssignment(view_superset, view_subset)
Removes a view assignment.
For more informaton about view assignments please read the
MakeViewAssignment docstring.
- Inputs:
- view_superset: string of view name
view_subset: string of view name
-
RemoveViewToACLAssignments(view_name, acl_name, acl_range_allowed)
Removes view to acl assignment
- Inputs:
- view_name: string of view name
acl_name: string of acl name
- Outputs:
- int: number of rows modified
-
RemoveZone(zone_name, view_name=None)
Removes a zone.
- Inputs:
- zone_name: string of zone name
view_name: string of view name
- Outputs:
- int: number of rows affected
-
RemoveZoneType(zone_type)
Removes a zone type.
- Inputs:
- zone_type: string of zone type
- Outputs:
- int: number of rows affected
-
SetMaintenanceFlag(value)
Sets maintenance flag
- Inputs:
- value: boolean of flag on or off
-
UpdateDnsServer(search_dns_server_name, update_dns_server_name)
Updates dns server
- Inputs:
- search_dns_server_name: string of dns server name
update_dns_server_name: new string of dns server name
- Outputs:
- int: number of rows modified
-
UpdateDnsServerSet(search_dns_server_set_name, update_dns_server_set_name)
Update dns_server_set.
- Inputs:
- search_dns_server_set_name: string of dns_server_set name
update_dns_server_set_name: string of dns_server_set name
- Outputs:
- int: number of rows modified
-
UpdateGroup(search_group_name, update_group_name)
Update group.
- Inputs:
- search_group_name: string of group name
update_group_name: string of group name
- Outputs:
- int: number of rows modified
-
UpdateGroupForwardPermission(zone_name, group_name, new_permissions)
Updates forward zone group permissions
- Inputs:
- zone_name: string of zone name
group_name: string of group name
new_permissions: list of permissions. (ex [u’a’, u’aaaa’, u’cname’])
- Raises:
- AuthorizationError: Group does not have access to supplied zone
-
UpdateGroupReversePermission(cidr_block, group_name, new_permissions)
Updates forward zone group permissions
- Inputs:
- cidr_block: string of cidr_block
group_name: string of group name
new_permissions: list of permissions. (ex [u’a’, u’aaaa’, u’cname’])
- Raises:
- AuthorizationError: Group does not have access to supplied cidr block
-
UpdateRecord(search_record_type, search_target, search_zone_name, search_record_args_dict, search_view_name=None, search_ttl=None, update_target=None, update_zone_name=None, update_record_args_dict={}, update_view_name=None, update_ttl=None)
Update record.
- Inputs:
- search_record_type: type of record
search_target: target
search_zone_name: name of zone
search_record_args_dict: dictionary of record arguments
search_view_name: name of view
search_ttl: time to live
update_target: target
update_zone_name: name of zone
update_record_args_dict: dictionary of record arguments
update_view_name: name of view
update_ttl: time to live
- Raises:
- InvalidInputError: ”.” not allowed as terminator in non-ptr target.
InvalidInputError: Record already exists.
InvalidInputError: CNAME already exists.
InvalidInputError: Duplicate record found.
InvalidInputError: No records found.
InvalidInputError: Multiple records found for used search terms.
-
UpdateUser(search_user_name, update_user_name=None, update_access_level=None)
Updates a user.
- Inputs:
- search_user_name: string of user name
update_user_name: string of user name
update_access_level: int from 0-255 as defined in user.py
- Outputs:
- int: number of rows modified
-
UpdateView(search_view_name, update_view_name=None, update_view_options=None)
Updates a view.
Also updates anything attatched to that view. Including any information
about a specific zone in the view and any records in that view.
- Inputs:
search_view_name: string of view name to be updated
update_view_name: string of view name to update with
update_view_options: string of view options, defaults to empty string.
- Raises:
- InvalidInputError: Cannot update view any.
-
UpdateZone(search_zone_name, search_view_name=None, update_zone_name=None, update_zone_options=None, update_zone_type=None)
Updates zone options or zone type of zone
- Inputs:
search_zone_name: string of zone name
search_view_name: string of view name
update_zone_name: string of zone name
update_zone_type: string of zone type
update_zone_options: string of zone options
- Outputs:
- int: number of rows affected
-
class roster_core.__init__.CoreHelpers(core_instance)
Bases: object
Library of helper functions that extend the core functions.
-
AddFormattedRecords(zone_name, zone_file_string, view)
Adds records from a string of a partial zone file
- Inputs:
- zone_name: string of zone name
zone_file_string: string of the file contents
view: string of view name
- Outputs:
- int: Amount of records added to db.
-
CIDRExpand(cidr_block, begin=None, end=None)
-
ConstructRecordArgsDictFromRecordID(record_id)
Constructs the records_arg_dict from the Roster database given only
the record id.
Inputs:
record_id: int of record id
Outputs:
record_args_dict: dictionary of arguments and their values
-
ExpandIPV6(ip_address)
-
GetAssociatedCNAMEs(hostname, view_name, zone_name, recursive=False)
Lists cname’s by assignment hostname.
- Inputs:
- hostname: string of hostname
view_name: string of view name
zone_name: string of zone name
- Outputs:
- list: list of found cname dictionaries
-
GetCIDRBlocksByView(view, username)
Lists CIDR blocks available to a username in a given view
- Inputs:
- view: string of view name
username: string of user name
- Outputs:
- list: list of cidr block strings
-
GetPTRTarget(long_target, view_name=u'any')
Gets the short PTR target given the long PTR target
Inputs:
long_target: String of long PTR target
view_name: String of view name
- Raises:
- InvalidInputError: No suitable reverse range zone assignments found.
- Outputs:
- string: String of short PTR target
-
GetViewsByUser(username)
Lists view names available to given username
- Inputs:
- username: string of user name
- Outputs:
- list: list of view name strings
-
ListAccessLevels()
Lists access levels from constants for both integer and string keys
- Outputs:
- dict: dictionary of access levels with both string and integer-string keys
- Example:
- {‘32’: 32, ‘64’: 64, ‘128’: 128, ‘user’: 32, ‘unlocked_user’: 64,
- ‘dns_admin’: 128}
-
ListAvailableIpsInCIDR(cidr_block, num_ips=1, view_name=None, zone_name=None)
Finds first available ips. Only lists as many IPs as are available.
Returns empty list if no IPs are available in given cidr block and a
truncated list if only a portion of IPs are available.
- Inputs:
- cidr_block: string of ipv4 or ipv6 cidr block
- Raises:
- InvalidInputError: IP is in a reserved IP space.
InvalidInputError: Not a valid cidr block
- Outputs:
- list: list of strings of ip addresses
-
ListGroupPermissions()
-
ListLatestNamedConfig(dns_server_set)
Lists the latest named config string given dns server set
This function is duplicated in
roster-config-manager/roster_config_manager/tree_exporter.py
- Inputs:
- dns_server_set: string of dns server set name
- Outputs:
- dict: dictionary of latest named config
-
ListNamedConfGlobalOptionsClient(option_id=None, dns_server_set=None, timestamp=None)
Converts XMLRPC datetime to datetime object and runs
ListNamedConfGlobalOptions
- Inputs:
- option_id: integer of the option id
dns_server_set: string of the dns server set name
timestamp: XMLRPC datetime timestamp
- Outputs:
- list: list of dictionarires from ListNamedConfGlobalOptions
-
ListRecordsByCIDRBlock(cidr_block, view_name=None, zone_name=None)
Lists records in a given cidr block.
- Inputs:
- cidr_block: string of ipv4 or ipv6 cidr block
view_name: string of the view
zone_name: string of the zone
- Raise:
- InvalidInputError: The CIDR block specified does not contain a valid IP
IPIndexError: Record type not indexable by IP
IPIndexError: Record type unknown. Missing ipv4 or ipv6 dec index
- Outputs:
- dict: A dictionary Keyed by view, keyed by IP, listed by record.
- example:
- {u’test_view’:
- {u‘192.168.1.8’:
- [{u’forward’: True,
u’host’: u’host6.university.edu’,
u’zone’: u’forward_zone’,
u’zone_origin’: u’university.edu.’},
- {u’forward’: False,
- u’host’: u’host6.university.edu’,
u’zone’: u’reverse_zone’,
u’zone_origin’: u‘1.168.192.in-addr.arpa.’}]}}
-
ListRecordsByZone(zone_name, view_name=None)
Lists records in a given zone.
- Inputs:
- zone_name: name of the zone
view_name: name of the view
- Output:
- dict: A dictionary Keyed by view, keyed by IP, listed by record.
- example:
- {u’test_view’:
- {u‘192.168.1.8’:
- [{u’forward’: True,
u’host’: u’host6.university.edu’,
u’zone’: u’forward_zone’,
u’zone_origin’: u’university.edu.’},
- {u’forward’: False,
- u’host’: u’host6.university.edu’,
u’zone’: u’reverse_zone’,
u’zone_origin’: u‘1.168.192.in-addr.arpa.’}]}}
-
ListSortedHostsByCIDR(cidr, zone_name=None, view_name=None)
-
ListSortedHostsByZone(zone_name, view_name=None)
-
ListZoneByIPAddress(ip_address)
Lists zone name given ip_address
- Inputs:
- ip_address: string of ip address
- Outputs:
- string: string of zone name, ex: ‘test_zone’
-
MakeAAAARecord(target, zone_name, record_args_dict, view_name=None, ttl=None)
Makes an AAAA record.
- Inputs:
- target: string of target
zone_name: string of zone name
record_args_dict: dictionary of record arguments
view_name: string of view name
ttl: time to live
-
MakeIPv4ClasslessReverseDelegatedTargetZone(cidr_block)
Creates a delegated reverse zone
- Inputs:
- cidr_block: string of IPv4 cidr block
- Raises:
- InvalidInputError: Not a valid cidr block
-
MakeIPv4ClasslessReverseDelegation(name_server, cidr_block, view_name=u'any', ttl=None)
Creates classless forwarding for reverse DNS lookups
- Inputs:
- name_server: nameserver to add for reverse delegation
cidr_block: string of CIDR block
view_name: string of view for the reverse zone, defaults to ‘any’
ttl: time-to-live for the newly added records, defaults to zone ttl
- Raises:
- InvalidInputError: nameserver required
InvalidInputError: cidr block range required
InvalidInputError: Not a valid zone name or CIDR block
-
MakePTRRecord(target, record_args_dict, view_name=u'any', ttl=None)
Makes a ptr record.
- Inputs:
- target: string of target
record_args_dict: dictionary of record arguments
view_name: string of view name
ttl: string of ttl
-
MakeSubdomainDelegation(zone_name, subdomain_name, nameserver, view_name=u'any')
“Makes a Delegated Subdomain
Assumes delegation zone is created
- Inputs:
- view_name: string of view name
zone_name: string of zone name
subdomain_name: string of subdomain name
nameserver: string of fully qualified nameserver
- Raises:
- InvalidInputError: Zone does not exist.
-
ProcessRecordsBatch(delete_records=None, add_records=None, zone_import=False)
Proccess batches of records
- Inputs:
- delete_records: list of dictionaries of records
- ex: {‘record_ttl’: 3600, ‘record_type’: u’a’,
- ‘records_id’: 10, ‘record_target’: u’host1’,
‘record_zone_name’: u’forward_zone’,
‘record_last_user’: u’sharrell’,
‘record_view_dependency’: u’test_view_dep’}
{‘record_type’: ‘ptr’, ‘record_target’: ‘target’,
‘view_name’: ‘view’, ‘zone_name’: ‘zone’}
add_records: list of dictionaries of records
- Raises:
- RecordsBatchError: Record specification too broad
RecordsBatchError: No record found
RecordsBatchError: Record already exists
RecordsBatchError: CNAME already exists
RecordsBatchError: Duplicate record found
- Outputs:
- int: row count
-
RemoveCNamesByAssignmentHost(hostname, view_name, zone_name)
Removes cname’s by assignment hostname, will not remove cnames
that the user does not have permissin to remove. The function will continue
and pass over that cname.
- Inputs:
- hostname: string of hostname
view_name: string of view name
zone_name: string of zone name
- Raises:
- UnexpectedDataError: Incorrect number of records found
- Outputs:
- int: number of rows modified
-
RemovePTRRecord(record_type, target, zone_name, record_args_dict, view_name, ttl=None)
Removes a ptr record.
- Inputs:
- target: string of target
record_args_dict: dictionary of record arguments
view_name: string of view name
ttl: string of ttl
-
ReverseIP(ip_address)
-
RevertNamedConfig(dns_server_set, option_id)
Revert a Named Config file
- Inputs:
- option_id: the id of config to replicate
dns_server_set: string of dns server set name
- Raises:
- InvalidInputError: DNS server set does not contain id.
UnexpectedDataError: Multiple configurations found.
-
SortRecordsByHost(records_dict)
Generates an IP list sorted by record’s host
Inputs:
- record_dict: dictionary keyed by view, then keyed by IP
- dictionary from ListRecordsByCIDRBlock
and from ListRecordsByZone
- Outputs:
- sorted_list: list of sorted records
-
UnReverseIP(ip_address)
-
class roster_core.__init__.Config(file_name='/etc/roster_server.conf')
Bases: object
Abstracts a config file for Roster Core and Server
-
GetDb()
Creates a dbAccess instance.
- Outputs:
- dbAccess instance
audit_log Module
This module is used to create an audit log of activities executed on the
dnsManagement core and user libs.
-
class roster_core.audit_log.AuditLog(log_to_syslog=False, log_to_db=False, db_instance=None, log_to_file=False, log_file_name=None)[source]
Bases: object
-
LogAction(user, action, data, success, current_transaction=False)[source]
Logs action to places specified in initalizer.
- Inputs:
user: string of user name
action: string of function name that is being logged
data: dictionary of arguments
- ex: {‘replay_args’: [u’test_acl’, u‘192.168.0/24’, 1],
- ‘audit_args’: {‘cidr_block’: u‘192.168.0/24’,
- ‘range_allowed’: 1,
‘acl_name’: u’test_acl’}}
success: bool of success of action
current_transaction: boolean for if a transaction is already started
config Module
Module to handle config file loading.
-
class roster_core.config.Config(file_name='/etc/roster_server.conf')[source]
Bases: object
Abstracts a config file for Roster Core and Server
-
GetDb()[source]
Creates a dbAccess instance.
- Outputs:
- dbAccess instance
constants Module
Module to handle all constants.
core Module
Toplevel core API.
-
roster_core.core.CheckCoreVersionMatches(version)[source]
Does a version check between core and calling module
- Inputs:
- version: version to check against core’s version
- Raises:
- VersionDiscrepancyError: version mismatch with core version.
-
class roster_core.core.Core(user_name, config_instance, unittest_timestamp=None)[source]
Bases: object
Backend Roster interface.
This class is meant to be the only interface to the database for top
level programming for a web or xml-rpc interface, or anything else
that would need to talk to the database.
All errors raised will be a subclass of CoreError.
-
CheckMaintenanceFlag()[source]
Checks maintenance flag
- Outputs:
- bool: value of flag on or off
-
GetEmptyRecordArgsDict(record_type)[source]
Gets record args dict for the record_type.
- Inputs:
- record_type: string of record type (example: u’mx’)
- Outputs:
- dictionary: which is different for each record type.
- (example: {u’priority’: 10,
- u’mail_server’: ‘mail.sub.university.edu.’})
-
ListACLs(acl_name=None, cidr_block=None)[source]
List one or many acls, if all args are none it will them all, or just
search on one more terms.
- Inputs:
- acl_name: string of acl name
cidr_block: string of valid CIDR block or IP address
- Outputs:
- dictionary: keyed by the acl name whos value is a list dictionaries with
the cidr block and range allowed values.
- example: {‘rfc_1918_networks’: [{‘cidr_block’: ‘192.168/16’},
{‘cidr_block’: ‘10/8’}],
- ‘university_networks’: [{‘cidr_block’: ‘1.2.3/24’},
- {‘cidr_block’: ‘1.1.1/24’}]}
-
ListAuditLog(user_name=None, action=None, success=None, begin_timestamp=None, end_timestamp=None)[source]
Lists audit log
- Inputs:
- user_name: string of user name
action: string of function
success: intbool of success
begin_timestamp: datetime object of beginning timestamp
end_timestamp: datetime object of ending timestamp
- Raises:
- UnexpectedDataError: Missing begin_timestamp or end_timestamp.
- Outputs:
- dict: Dictionary of audit log
- ex: {‘action’: u’Action’, ‘data’, u’Data’,
- ‘audit_log_timestamp’: datetime.datetime,
‘audit_log_user_name’: u’username’}
-
ListCredentials(credential=None, user_name=None, infinite_cred=None)[source]
Lists infinte credentials.
This function basically just calls _ListCredentials but runs Authorize
before.
- Inputs:
- credential: string of specific credential that is being searched for
user_name: string of name of user that is being searched for
infinite_cred: bool of search for infinite or non infinite creds
-
ListDnsServerSetAssignments(dns_server_name=None, dns_server_set_name=None)[source]
List dns server set assignments.
Inputs:
dns_server_name: string of dns server name
dns_server_set_name: string of dns server set name
- Outputs:
- dictionary keyed by server sets.
-
ListDnsServerSetViewAssignments(view_name=None, dns_server_set_name=None, key_by_view=False)[source]
List dns server set view assignments
Assignments can be given as a dictionary of dns server names with lists of
view names or as a dictionary of view names with lists of dns server names.
- Outputs:
Dictionary keyed by view name or dns server set name with values of
lists of view names or dns server sets depending on key_by_view bool
- example keyed by view_name: {‘view1’: [‘set1’, ‘set2’],
- ‘view2’: [‘set2’]}
- example keyed by dns_server_set_name: {‘set1’: [‘view1’]
- ‘set2’: [‘view1’, ‘view2’]}
-
ListDnsServerSets(dns_server_set_name=None)[source]
List all dns server sets
- Inputs:
- dns_server_set_name: string of dns server set name
- Outputs:
- list of dns server sets
-
ListDnsServers(dns_server_name=None)[source]
List dns servers.
- Outputs:
- int: number of rows modified
-
ListForwardZonePermissions(zone_name=None, group_name=None, group_permission=None)[source]
List forward zone permissions.
- Inputs:
- zone_name: string of zone name
group_name: string of group name
group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
- Outputs:
dictionary keyed by group name with values of lists of dictionaries
containing zone names and group permissions
- example: {‘dept’: [{‘zone_name’: ‘sub.univeristy.edu’,
‘group_permission’: [‘a’, ‘aaaa’, ‘cname’]},
- {‘zone_name’: ‘othersub.university.edu’,
- ‘group_permission’: [‘a’, ‘aaaa’, ‘cname’, ‘soa’]}],
- ‘otherdept’: [{‘zone_name’: ‘sub.university.edu’,
- ‘group_permission’: [‘a’, ‘aaaa’]}]}
-
ListGroups()[source]
List all groups.
- Outputs:
- list of groups
- example [‘cs’, ‘bio’]
-
ListNamedConfGlobalOptions(option_id=None, dns_server_set=None, timestamp=None)[source]
Lists named conf global options
- Inputs:
- option_id: integer of named conf global option id
dns_server_set: string of the dns server set name
timestamp: datetime object of timestamp to search
- Outputs:
- named_conf_list: list of named conf global options
-
ListRecordArgumentDefinitions(record_type=None)[source]
List record argument definitions. This is mainly for the exporter to
programtically construct records for exporting.
This function is duplicated in
roster-config-manager/roster_config_manager/tree_exporter.py
- Inputs:
- record_type: string of record type
- Outputs:
- dictionary keyed by record type with values of lists
of lists of record arguments sorted by argument order.
example: {‘mx’: [{‘argument_name’: u’priority’,
‘record_arguments_type’: u’mx’,
‘argument_data_type’: u’UnsignedInt’,
‘argument_order’: 0},
{‘argument_name’: u’mail_server’,
‘record_arguments_type’: u’mx’,
‘argument_data_type’: u’Hostname’,
‘argument_order’: 1}]}
-
ListRecords(record_type=None, target=None, zone_name=None, view_name=None, ttl=None, record_args_dict=None)[source]
Lists records.
- Inputs:
record_type: string of record type (example: u’mx’)
target: string of target (example u’machine-01.sub.univeristy.edu.’)
zone_name: string of zone name (example u’sub.university.edu’)
ttl: int of time to live per record
view_name: string of view name (example u’internal’)
record_args_dict: dictionary, which is different for each record type.
an example dictionary can be obtained with the
GetEmptyRecordArgsDict function in this class
(example: {u’priority’: 10,
u’mail_server’: ‘mail.sub.university.edu.’})
- Raises:
- UnexpectedDataError: Must specify record_type with record_args_dict.
- Outputs:
- list of record dictionaries
Each dictionary can have different args depending on record type.
All of them will include record_type, target, zone_name, ttl, and
view_name regardless of record type. Below is an example of an mx
record search.
example: [{‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,
‘zone_name’: ‘university.edu’, ttl: 3600,
‘view_name’: ‘external’, ‘priority’: 10,
‘mail_server’: ‘smtp-01.university.edu.’,
‘last_user’: ‘sharrell},
- {‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,
- ‘zone_name’: ‘university.edu’, ttl: 3600,
‘view_name’: ‘external’, ‘priority’: 20,
‘mail_server’: ‘smtp-02.university.edu.’},
‘last_user’: ‘sharrell}]
-
ListReservedWords()[source]
Lists reserved words.
- Output:
- list: list of reserved words
- ex: [‘reservedword1’, ‘reservedword2’]
-
ListReverseRangePermissions(cidr_block=None, group_name=None, group_permission=None)[source]
List reverse range permissions.
- Inputs:
- cidr_block: string of cidr block
group_name: string of group name
group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
- Outputs:
dictionary keyed by group name with values of lists of dictionaries
containing reverse ranges and group permissions
- example: {‘dept’: [{‘cidr_block’: ‘192.168.0/24’,
‘group_permission’: [u’cname’, u’ptr’]},
- {‘cidr_block’: ‘192.168.1/24’,
- ‘group_permission’: [u’ptr’]}],
- ‘otherdept’: [{‘cidr_block’: ‘192.168.1/24’,
- ‘group_permission’: [u’cname’, u’ns’, u’ptr’,
- u’soa’]}]}
-
ListReverseRangeZoneAssignments(zone_name=None, cidr_block=None)[source]
Lists reverse range to zone assignments.
- Inputs:
- zone_name: string of zone name
cidr_block: string of cidr block
- Outputs:
- dictionary: keyed by zone_name with values of cidr blocks
- example: {‘10.in-addr.arpa’: ‘10/8’,
- ‘9.168.192.in-addr.arpa’: ‘192.168.9/24’}
-
ListUserGroupAssignments(user_name=None, group_name=None, key_by_group=False)[source]
List user-group assignments.
Assignments can be given as a dictionary of users with lists of groups or
as a dictionary of groups as a list of users.
- Outputs:
dictionarie keyed by group or user with values of lists of groups or users
depending on key_by_group bool
- example keyed by user: {‘sharrell’: [‘cs’, ‘bio’],
- ‘shuey’: [‘cs’]}
- example keyed by group: {‘cs’: [‘shuey’, ‘sharrell’]
- ‘bio’: [‘sharrell’]
-
ListUsers(user_name=None, access_level=None)[source]
Lists one or many users, if all args are None then list them all.
- Inputs:
- user_name: string of user name
access_level: int from 0-255 as defined in user.py
- Output:
- dictionary: keyed by the user name with value of access_level.
- example: {‘sharrell’: 128,
- ‘shuey’: 64}
-
ListViewAssignments(view_superset=None, view_subset=None)[source]
Lists view assignments.
For more informaton about view assignments please read the
MakeViewAssignment docstring.
- Inputs:
- view_superset: string of view name
view_subset: string of view name
- Outputs:
- dictionary keyed by view supersets with values lists of view subsets
-
ListViewToACLAssignments(view_name=None, acl_name=None, acl_range_allowed=None)[source]
Lists some or all view to acl assignments corresponding to the
given args.
- Inputs:
- view_name: string of view name
acl_name: string of acl name
- Outputs:
- list: list contains dictionaries of assignments
- example: [{‘view_name’: ‘main_view’, ‘acl_name’: ‘internal’,
‘acl_range_allowed’: ‘true’},
- {‘view_name’: ‘other_view’, ‘acl_name’: ‘external’,
- ‘acl_range_allowed’: ‘false’}]
-
ListViews(view_name=None)[source]
Lists all views.
- Outputs:
- dictionary: dict keyed by view name with a value of the view args.
- example: {‘view_1’: ‘also-notify {192.168.0.1;}nallow-transfer ‘
‘{university_networks};;’,
‘view_2’: ‘other-arg { thing };’}
-
ListZoneTypes()[source]
Lists zone types.
- Outputs:
- list: list of zone types, example: [‘master’, ‘slave’, ‘forward’]
-
ListZones(zone_name=None, zone_type=None, zone_origin=None, view_name=None)[source]
Lists zones.
- Inputs:
- zone_name: string of zone name
zone_type: string of zone type
zone_origin: string of zone origin. ex dept.univiersity.edu.
view_name: string of view name
- Outputs:
Dictionary of dictionaries. The parent dictionary is keyed by zone name,
the secondary dictionary is keyed by view name and the third is keyed
by type of data.
- example:
- {‘zone.university.edu’: {‘internal’: {‘zone_type’: ‘master’,
‘zone_options’: ‘misc opts’,
‘zone_origin’:
‘university.edu.’},
- ‘any’: {‘zone_type’: ‘master’
- ‘zone_options’: ‘other options’,
‘zone_origin’: ‘university.edu.’}},
- ‘otherzone.university.edu’: {‘any’: {‘zone_type’: ‘slave’,
- ‘zone_options’: ‘options’}}}
-
MakeACL(acl_name, cidr_block)[source]
Makes an acl from args.
- Inputs:
- acl_name: string of acl name
cidr_block: string of valid CIDR block or IP address
-
MakeDnsServer(dns_server_name)[source]
Makes one dns server
- Inputs:
- dns_server_name: string of the dns server name
-
MakeDnsServerSet(dns_server_set_name)[source]
Make dns server set.
- Inputs:
- dns_server_set_name: string of dns server set name
-
MakeDnsServerSetAssignments(dns_server_name, dns_server_set_name)[source]
Make dns server set assignment.
- Inputs:
- dns_server_name: string of dns server name
dns_server_set_name: string of dns server set name
-
MakeDnsServerSetViewAssignments(view_name, dns_server_set_name)[source]
Make dns server set view assignment
- Inputs:
- view_name: string of the view name
dns_server_set_name: string of the dns server set name
-
MakeForwardZonePermission(zone_name, group_name, group_permission=None)[source]
Make forward zone permission.
- Inputs:
- zone_name: string of zone name
group_name: string of group name
group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
-
MakeGroup(group_name)[source]
Make group.
- Inputs:
- group_name: string of group name
-
MakeInfiniteCredential(user_name, credential=None)[source]
Creates an infinite credential.
- Inputs:
- user_name: string of user to create credential for.
- Outputs:
- string: credential string created
-
MakeNamedConfGlobalOption(dns_server_set, options)[source]
Makes named conf global option
- Inputs:
- dns_server_set: string of name of dns server set
options: string of named conf file
-
MakeRecord(record_type, target, zone_name, record_args_dict, view_name=None, ttl=None)[source]
Makes a record.
Please check core_helpers for functions to make certain records that
need help before using this directly. For instance MakePTRRecord and
MakeAAAARecord.
- Raises:
- InvalidInputError: ”.” not allowed as terminator in non-ptr target.
InvalidInputError: An SOA cannot be made in the “any” view.
InvalidInputError: CNAME already exists.
InvalidInputError: Record already exists.
InvalidInputError: Duplicate record found.
- Inputs:
record_type: string of record type (example: u’mx’)
target: string of target (example u’machine-01’)
zone_name: string of zone name (example u’sub.university.edu’)
ttl: int of time to live per record
view_name: string of view name (example u’internal’)
record_args_dict: dictionary, which is different for each record type.
an example dictionary can be obtained with the
GetEmptyRecordArgsDict function in this class
(example: {u’priority’: 10,
u’mail_server’: ‘mail.sub.university.edu.’})
-
MakeReservedWord(reserved_word)[source]
Create a reserved word.
- Inputs:
- reserved_word: string of reserved word
-
MakeReverseRangePermission(cidr_block, group_name, group_permission=None)[source]
Make reverse range permission.
- Inputs:
- cidr_block: string of cidr block
group_name: string of group name
group_permission: list of group permissions, i.e., [‘cname’, ‘ptr’]
-
MakeReverseRangeZoneAssignment(zone_name, cidr_block)[source]
Makes a reverse range to zone assignment.
- Inputs:
- zone_name: string of zone name
cidr_block: string of cidr block
-
MakeUser(user_name, access_level)[source]
Create a user.
- Inputs:
- user_name: string of user name
access_level: int from 0-255 as defined in user.py
-
MakeUserGroupAssignment(user_name, group_name)[source]
Make user-group assignment.
- Inputs:
- group_name: string of group name
user_name: string of user name
-
MakeView(view_name, view_options=None)[source]
Makes a view and all of the other things that go with a view.
For more information about views please see docstring for
MakeViewAssignments.
- Inputs:
view_name: string of view name
view_options: string of view options, defaults to empty string.
-
MakeViewAssignment(view_superset, view_subset)[source]
Assigns a view to view.
A view contains zones in that view. However zones can be assigned
to another view that is a superset of views. For example
an assignment can be made for view_a(view_superset) to also include
all of view_b’s(view_subset) zones(and by proxy, records). This
prevents having to have duplicate records in each view.
Most of the time this will not be needed as there is a special
subset included in all views(unless explicitly deleted) called the
‘any’ view. Records in the ‘any’ view will be in all views that
have not been explicity changed to remove the ‘any’ view.
The ‘any’ view subset is automatically tied to a view when a
view is created. Also this is the default view for records
and zones(again it can be explicitly changed if needed).
- Inputs:
- view_superset: string of view name
view_subset: string of view name
-
MakeViewToACLAssignments(view_name, acl_name, acl_range_allowed)[source]
Makes view to acl assignment
- Inputs:
- view_name: string of view name
acl_name: string of acl name
acl_range_allowed: boolean to allow/disallow given acl range
-
MakeZone(zone_name, zone_type, zone_origin, view_name=None, zone_options=None, make_any=True)[source]
Makes a zone.
- Inputs:
zone_name: string of zone name
zone_type: string of zone type
zone_origin: string of zone origin. ex dept.univiersity.edu.
zone_options: string of zone_options(defaults to empty string)
- view_name: string of view name(defaults to ‘any’)
- see docstring of MakeViewAssignments as to why ‘any’ is default
make_any: regardless of view name, make any as well(default to True)
- Raises:
- UnexpectedDataError: Invalid zone type.
-
MakeZoneType(zone_type)[source]
Makes a new zone type.
- Inputs:
- zone_type: string of zone type
-
RemoveACL(acl_name)[source]
Removes an acl from args. Will also remove relevant acl-view assignments.
- Inputs:
- acl_name: string of acl name
- Outputs:
- int: number of rows modified
-
RemoveCIDRBlockFromACL(acl_name, cidr_block)[source]
Makes CIDR Block from ACL
- Inputs:
- acl_name: string of acl name
cidr_block: string of valid CIDR block or IP address
range_allowed: Int bool of if range should be allowed or denied
- Outputs:
- int: number of rows modified
-
RemoveCredential(credential=None, user_name=None)[source]
Removes a credential
This function will call _RemoveCredential after Authorize and then log it.
- Inputs:
- credential: string of credential to remove
user_name: string of user name who has a credential to remove
-
RemoveDnsServer(dns_server_name)[source]
Removes dns server.
- Inputs:
- dns_server_name: string of dns server name
- Outputs:
- int: number of rows modified
-
RemoveDnsServerSet(dns_server_set_name)[source]
Remove dns server set.
- Inputs:
- dns_server_set_name: string of dns server set name
- Outputs:
- int: number of rows modified
-
RemoveDnsServerSetAssignments(dns_server_name, dns_server_set_name)[source]
Remove a dns server set assignment
- Inputs:
- dns_server_name: string of dns server name
dns_server_set_name: string of dns server set name
-
RemoveDnsServerSetViewAssignments(view_name, dns_server_set_name)[source]
Remove dns server set view assignment
- Inputs:
- view_name: string of view name
dns_server_set_name: string of dns server set name
- Outputs:
- int: number of rows modified
-
RemoveForwardZonePermission(zone_name, group_name, group_permission)[source]
Remove forward zone permissions.
- Inputs:
- zone_name: string of zone name
group_name: string of group name
group_permission: list of group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
- Outputs:
- int: number of rows affected
-
RemoveGroup(group_name)[source]
Remove group.
- Inputs:
- group_name: string of group name
- Outputs:
- int: number of rows modified
-
RemoveRecord(record_type, target, zone_name, record_args_dict, view_name, ttl=None)[source]
Remove record.
- Inputs:
- record_type: type of record
target: target name
zone_name: name of zone
record_args_dict: dictionary of record arguments
view_name: name of view
ttl: time to live
- Raises:
- InvalidInputError: No records found.
- Multiple records found for used search terms.
RecordError: Could not remove record for an unknown reason.
-
RemoveReservedWord(reserved_word)[source]
Removes a reserved word.
- Inputs:
- reserved_word: string of reserved word
- Outputs:
- int: number of rows modified
-
RemoveReverseRangePermission(cidr_block, group_name, group_permission)[source]
Remove reverse range permissions.
- Inputs:
- cidr_block: string of cidr block
group_name: string of group name
group_permission: list of group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
- Outputs:
- int: number of rows affected
-
RemoveReverseRangeZoneAssignment(zone_name, cidr_block)[source]
Remove reverse range to zone assignment.
- Inputs:
- zone_name: string of zone name
cidr_block: string of cidr block
- Outputs:
- int: number of rows affected
-
RemoveUser(user_name)[source]
Removes a user.
- Inputs:
- user_name: string of user name
- Outputs:
- int: number of rows modified
-
RemoveUserGroupAssignment(user_name, group_name)[source]
Remove user-group.
- Inputs:
- group_name: string of group name
user_name: string of user name
- Outputs:
- int: number of rows modified
-
RemoveView(view_name)[source]
Removes a view.
Also removes anything attatched to that view. Including any information
about a specific zone in the view and any records in that view.
Please point gun away from foot.
- Inputs:
- view_name: string of view name
- Raises:
- InvalidInputError: Cannot remove view any
- Outputs:
- int: number of rows modified
-
RemoveViewAssignment(view_superset, view_subset)[source]
Removes a view assignment.
For more informaton about view assignments please read the
MakeViewAssignment docstring.
- Inputs:
- view_superset: string of view name
view_subset: string of view name
-
RemoveViewToACLAssignments(view_name, acl_name, acl_range_allowed)[source]
Removes view to acl assignment
- Inputs:
- view_name: string of view name
acl_name: string of acl name
- Outputs:
- int: number of rows modified
-
RemoveZone(zone_name, view_name=None)[source]
Removes a zone.
- Inputs:
- zone_name: string of zone name
view_name: string of view name
- Outputs:
- int: number of rows affected
-
RemoveZoneType(zone_type)[source]
Removes a zone type.
- Inputs:
- zone_type: string of zone type
- Outputs:
- int: number of rows affected
-
SetMaintenanceFlag(value)[source]
Sets maintenance flag
- Inputs:
- value: boolean of flag on or off
-
UpdateDnsServer(search_dns_server_name, update_dns_server_name)[source]
Updates dns server
- Inputs:
- search_dns_server_name: string of dns server name
update_dns_server_name: new string of dns server name
- Outputs:
- int: number of rows modified
-
UpdateDnsServerSet(search_dns_server_set_name, update_dns_server_set_name)[source]
Update dns_server_set.
- Inputs:
- search_dns_server_set_name: string of dns_server_set name
update_dns_server_set_name: string of dns_server_set name
- Outputs:
- int: number of rows modified
-
UpdateGroup(search_group_name, update_group_name)[source]
Update group.
- Inputs:
- search_group_name: string of group name
update_group_name: string of group name
- Outputs:
- int: number of rows modified
-
UpdateGroupForwardPermission(zone_name, group_name, new_permissions)[source]
Updates forward zone group permissions
- Inputs:
- zone_name: string of zone name
group_name: string of group name
new_permissions: list of permissions. (ex [u’a’, u’aaaa’, u’cname’])
- Raises:
- AuthorizationError: Group does not have access to supplied zone
-
UpdateGroupReversePermission(cidr_block, group_name, new_permissions)[source]
Updates forward zone group permissions
- Inputs:
- cidr_block: string of cidr_block
group_name: string of group name
new_permissions: list of permissions. (ex [u’a’, u’aaaa’, u’cname’])
- Raises:
- AuthorizationError: Group does not have access to supplied cidr block
-
UpdateRecord(search_record_type, search_target, search_zone_name, search_record_args_dict, search_view_name=None, search_ttl=None, update_target=None, update_zone_name=None, update_record_args_dict={}, update_view_name=None, update_ttl=None)[source]
Update record.
- Inputs:
- search_record_type: type of record
search_target: target
search_zone_name: name of zone
search_record_args_dict: dictionary of record arguments
search_view_name: name of view
search_ttl: time to live
update_target: target
update_zone_name: name of zone
update_record_args_dict: dictionary of record arguments
update_view_name: name of view
update_ttl: time to live
- Raises:
- InvalidInputError: ”.” not allowed as terminator in non-ptr target.
InvalidInputError: Record already exists.
InvalidInputError: CNAME already exists.
InvalidInputError: Duplicate record found.
InvalidInputError: No records found.
InvalidInputError: Multiple records found for used search terms.
-
UpdateUser(search_user_name, update_user_name=None, update_access_level=None)[source]
Updates a user.
- Inputs:
- search_user_name: string of user name
update_user_name: string of user name
update_access_level: int from 0-255 as defined in user.py
- Outputs:
- int: number of rows modified
-
UpdateView(search_view_name, update_view_name=None, update_view_options=None)[source]
Updates a view.
Also updates anything attatched to that view. Including any information
about a specific zone in the view and any records in that view.
- Inputs:
search_view_name: string of view name to be updated
update_view_name: string of view name to update with
update_view_options: string of view options, defaults to empty string.
- Raises:
- InvalidInputError: Cannot update view any.
-
UpdateZone(search_zone_name, search_view_name=None, update_zone_name=None, update_zone_options=None, update_zone_type=None)[source]
Updates zone options or zone type of zone
- Inputs:
search_zone_name: string of zone name
search_view_name: string of view name
update_zone_name: string of zone name
update_zone_type: string of zone type
update_zone_options: string of zone options
- Outputs:
- int: number of rows affected
core_helpers Module
Core helper functions.
-
class roster_core.core_helpers.CoreHelpers(core_instance)[source]
Bases: object
Library of helper functions that extend the core functions.
-
AddFormattedRecords(zone_name, zone_file_string, view)[source]
Adds records from a string of a partial zone file
- Inputs:
- zone_name: string of zone name
zone_file_string: string of the file contents
view: string of view name
- Outputs:
- int: Amount of records added to db.
-
CIDRExpand(cidr_block, begin=None, end=None)[source]
-
ConstructRecordArgsDictFromRecordID(record_id)[source]
Constructs the records_arg_dict from the Roster database given only
the record id.
Inputs:
record_id: int of record id
Outputs:
record_args_dict: dictionary of arguments and their values
-
ExpandIPV6(ip_address)[source]
-
GetAssociatedCNAMEs(hostname, view_name, zone_name, recursive=False)[source]
Lists cname’s by assignment hostname.
- Inputs:
- hostname: string of hostname
view_name: string of view name
zone_name: string of zone name
- Outputs:
- list: list of found cname dictionaries
-
GetCIDRBlocksByView(view, username)[source]
Lists CIDR blocks available to a username in a given view
- Inputs:
- view: string of view name
username: string of user name
- Outputs:
- list: list of cidr block strings
-
GetPTRTarget(long_target, view_name=u'any')[source]
Gets the short PTR target given the long PTR target
Inputs:
long_target: String of long PTR target
view_name: String of view name
- Raises:
- InvalidInputError: No suitable reverse range zone assignments found.
- Outputs:
- string: String of short PTR target
-
GetViewsByUser(username)[source]
Lists view names available to given username
- Inputs:
- username: string of user name
- Outputs:
- list: list of view name strings
-
ListAccessLevels()[source]
Lists access levels from constants for both integer and string keys
- Outputs:
- dict: dictionary of access levels with both string and integer-string keys
- Example:
- {‘32’: 32, ‘64’: 64, ‘128’: 128, ‘user’: 32, ‘unlocked_user’: 64,
- ‘dns_admin’: 128}
-
ListAvailableIpsInCIDR(cidr_block, num_ips=1, view_name=None, zone_name=None)[source]
Finds first available ips. Only lists as many IPs as are available.
Returns empty list if no IPs are available in given cidr block and a
truncated list if only a portion of IPs are available.
- Inputs:
- cidr_block: string of ipv4 or ipv6 cidr block
- Raises:
- InvalidInputError: IP is in a reserved IP space.
InvalidInputError: Not a valid cidr block
- Outputs:
- list: list of strings of ip addresses
-
ListGroupPermissions()[source]
-
ListLatestNamedConfig(dns_server_set)[source]
Lists the latest named config string given dns server set
This function is duplicated in
roster-config-manager/roster_config_manager/tree_exporter.py
- Inputs:
- dns_server_set: string of dns server set name
- Outputs:
- dict: dictionary of latest named config
-
ListNamedConfGlobalOptionsClient(option_id=None, dns_server_set=None, timestamp=None)[source]
Converts XMLRPC datetime to datetime object and runs
ListNamedConfGlobalOptions
- Inputs:
- option_id: integer of the option id
dns_server_set: string of the dns server set name
timestamp: XMLRPC datetime timestamp
- Outputs:
- list: list of dictionarires from ListNamedConfGlobalOptions
-
ListRecordsByCIDRBlock(cidr_block, view_name=None, zone_name=None)[source]
Lists records in a given cidr block.
- Inputs:
- cidr_block: string of ipv4 or ipv6 cidr block
view_name: string of the view
zone_name: string of the zone
- Raise:
- InvalidInputError: The CIDR block specified does not contain a valid IP
IPIndexError: Record type not indexable by IP
IPIndexError: Record type unknown. Missing ipv4 or ipv6 dec index
- Outputs:
- dict: A dictionary Keyed by view, keyed by IP, listed by record.
- example:
- {u’test_view’:
- {u‘192.168.1.8’:
- [{u’forward’: True,
u’host’: u’host6.university.edu’,
u’zone’: u’forward_zone’,
u’zone_origin’: u’university.edu.’},
- {u’forward’: False,
- u’host’: u’host6.university.edu’,
u’zone’: u’reverse_zone’,
u’zone_origin’: u‘1.168.192.in-addr.arpa.’}]}}
-
ListRecordsByZone(zone_name, view_name=None)[source]
Lists records in a given zone.
- Inputs:
- zone_name: name of the zone
view_name: name of the view
- Output:
- dict: A dictionary Keyed by view, keyed by IP, listed by record.
- example:
- {u’test_view’:
- {u‘192.168.1.8’:
- [{u’forward’: True,
u’host’: u’host6.university.edu’,
u’zone’: u’forward_zone’,
u’zone_origin’: u’university.edu.’},
- {u’forward’: False,
- u’host’: u’host6.university.edu’,
u’zone’: u’reverse_zone’,
u’zone_origin’: u‘1.168.192.in-addr.arpa.’}]}}
-
ListSortedHostsByCIDR(cidr, zone_name=None, view_name=None)[source]
-
ListSortedHostsByZone(zone_name, view_name=None)[source]
-
ListZoneByIPAddress(ip_address)[source]
Lists zone name given ip_address
- Inputs:
- ip_address: string of ip address
- Outputs:
- string: string of zone name, ex: ‘test_zone’
-
MakeAAAARecord(target, zone_name, record_args_dict, view_name=None, ttl=None)[source]
Makes an AAAA record.
- Inputs:
- target: string of target
zone_name: string of zone name
record_args_dict: dictionary of record arguments
view_name: string of view name
ttl: time to live
-
MakeIPv4ClasslessReverseDelegatedTargetZone(cidr_block)[source]
Creates a delegated reverse zone
- Inputs:
- cidr_block: string of IPv4 cidr block
- Raises:
- InvalidInputError: Not a valid cidr block
-
MakeIPv4ClasslessReverseDelegation(name_server, cidr_block, view_name=u'any', ttl=None)[source]
Creates classless forwarding for reverse DNS lookups
- Inputs:
- name_server: nameserver to add for reverse delegation
cidr_block: string of CIDR block
view_name: string of view for the reverse zone, defaults to ‘any’
ttl: time-to-live for the newly added records, defaults to zone ttl
- Raises:
- InvalidInputError: nameserver required
InvalidInputError: cidr block range required
InvalidInputError: Not a valid zone name or CIDR block
-
MakePTRRecord(target, record_args_dict, view_name=u'any', ttl=None)[source]
Makes a ptr record.
- Inputs:
- target: string of target
record_args_dict: dictionary of record arguments
view_name: string of view name
ttl: string of ttl
-
MakeSubdomainDelegation(zone_name, subdomain_name, nameserver, view_name=u'any')[source]
“Makes a Delegated Subdomain
Assumes delegation zone is created
- Inputs:
- view_name: string of view name
zone_name: string of zone name
subdomain_name: string of subdomain name
nameserver: string of fully qualified nameserver
- Raises:
- InvalidInputError: Zone does not exist.
-
ProcessRecordsBatch(delete_records=None, add_records=None, zone_import=False)[source]
Proccess batches of records
- Inputs:
- delete_records: list of dictionaries of records
- ex: {‘record_ttl’: 3600, ‘record_type’: u’a’,
- ‘records_id’: 10, ‘record_target’: u’host1’,
‘record_zone_name’: u’forward_zone’,
‘record_last_user’: u’sharrell’,
‘record_view_dependency’: u’test_view_dep’}
{‘record_type’: ‘ptr’, ‘record_target’: ‘target’,
‘view_name’: ‘view’, ‘zone_name’: ‘zone’}
add_records: list of dictionaries of records
- Raises:
- RecordsBatchError: Record specification too broad
RecordsBatchError: No record found
RecordsBatchError: Record already exists
RecordsBatchError: CNAME already exists
RecordsBatchError: Duplicate record found
- Outputs:
- int: row count
-
RemoveCNamesByAssignmentHost(hostname, view_name, zone_name)[source]
Removes cname’s by assignment hostname, will not remove cnames
that the user does not have permissin to remove. The function will continue
and pass over that cname.
- Inputs:
- hostname: string of hostname
view_name: string of view name
zone_name: string of zone name
- Raises:
- UnexpectedDataError: Incorrect number of records found
- Outputs:
- int: number of rows modified
-
RemovePTRRecord(record_type, target, zone_name, record_args_dict, view_name, ttl=None)[source]
Removes a ptr record.
- Inputs:
- target: string of target
record_args_dict: dictionary of record arguments
view_name: string of view name
ttl: string of ttl
-
ReverseIP(ip_address)[source]
-
RevertNamedConfig(dns_server_set, option_id)[source]
Revert a Named Config file
- Inputs:
- option_id: the id of config to replicate
dns_server_set: string of dns server set name
- Raises:
- InvalidInputError: DNS server set does not contain id.
UnexpectedDataError: Multiple configurations found.
-
SortRecordsByHost(records_dict)[source]
Generates an IP list sorted by record’s host
Inputs:
- record_dict: dictionary keyed by view, then keyed by IP
- dictionary from ListRecordsByCIDRBlock
and from ListRecordsByZone
- Outputs:
- sorted_list: list of sorted records
-
UnReverseIP(ip_address)[source]
data_validation Module
This module contains static methods for validating different kinds of data.
-
class roster_core.data_validation.DataValidation(reserved_words, group_permissions)[source]
Bases: object
-
ListGroupPermissions()[source]
Returns a list of group permissions pulled from the database
- Outputs:
- list: list of string group permissions
-
ValidateRowDict(table_name, row_dict, none_ok=False, all_none_ok=False)[source]
Checks row dictionaries for correctness in reference to know data types
and column names in the coresponding table.
- Input:
- table_name: string of table name
row_dict: dict of row
none_ok: bool of allowance of None as a value in the dict
all_none_ok: bool of allowance of None as every value in the dict
- Raises:
- UnexpectedDataError: Missing key in dictionary
UnexpectedDataError: Dictionary has extra key that is not used.
FunctionError: No Function to check data type
UnexpectedDataError: Invalid data type
UnexpectedDataError: Need to fill out at least one value in dict
-
isAccessLevel(access_level)[source]
Checks to make sure that the string is a valid access level.
- Inputs:
- access_level: unisgned int that is in constants.ACCESS_LEVELS
- Outputs:
- bool: if access level is valid or not
-
isCIDRBlock(cidr_block)[source]
Checks that a string is a CIDR block.
http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
- Inputs:
- cidr_block: string of CIDR block
- Outputs:
- bool: if it is valid CIDR block
-
isDateTime(date_time)[source]
Checks that is a unicode string and that is a valid time stamp.
- Inputs:
- date_time: string of date in format YYYY-MM-DD HH:MM:SS
- Outputs:
- bool: if it is a valid date
-
isGroupPermission(group_permission)[source]
Checks to make sure that the string is a valid group permission.
- Inputs:
- group_permission: unicode string of a group permission
- Outputs:
- bool: if group permission is valid or not
-
isHostname(host_name)[source]
Checks that is a unicode string and that is properly dotted.
- Inputs:
- host_name: string of properly dotted time stamp
- Outputs:
- bool: if it is a valid hostname
-
isIPv4IPAddress(ip_address)[source]
Checks that a string is an ipv4 IP Address.
- Inputs:
- ip_address: string of an ipv4 ip address
- Outputs:
- bool: if string is valid ip address
-
isIPv6IPAddress(ip_address)[source]
Checks that a string is a fully enumerated ipv6 IP Address.
- Inputs:
- ip_address: string of ipv6 ip address
- Outputs:
- bool: if string is valid ip address
-
isIntBool(int_bool)[source]
Checks that int_bool is only 1 or 0 and nothing else.
- Inputs:
- int_bool: 1 or 0
- Outputs:
- bool: if it is a valid int bool
-
isPickleString(pickle_string)[source]
Checks that the string can be unpickled.
- Inputs:
- pickle_string: string to be unpickled.
- Outputs:
- bool: if it is a valid pickle string
-
isReservedWord(u_string)[source]
Checks that a string is unicode. Ignores reserved words.
- Inputs:
- u_string: unicode string
- Outputs:
- bool: bool if string or not
-
isTarget(target)[source]
Checks that a target and it’s components have the correct length
Inputs:
target: target string
Outputs:
bool: if it is a valid target
-
isUnicodeString(u_string)[source]
Checks that a string is unicode.
- Inputs:
- u_string: unicode string
- Raises:
- ReservedWordError: Reserved word found, unable to complete request.
- Outputs:
- bool: bool if string or not
-
isUnicodeString255(string)[source]
Checks that is a unicode string and that is less than 256 characters
long
- Inputs:
- string: string to validate
- Outputs:
- bool: if it is a valid unicode string of correct length
-
isUnicodeStringNoSpaces(string)[source]
Checks that string is unicode and contains no spaces
- Inputs:
- string: string to validate
- Outputs:
- bool: if it is a valid unicode string with no spaces
-
isUnsignedInt(unsigned_int)[source]
Checks that unsigned_int is of int class and is 0 or higher.
- Inputs:
- unsigned_int: integer
- Outputs:
- bool: if it is a valid unsigned int
db_access Module
This module is an API to access the dnsManagement database.
This module should only be run by servers with authentication layers
that are active. This module does not include authentication, but does
include authorization.
The api that will be exposed by this module is meant for use in a web
application or rpc server. This module is not for use in command line tools.
The two primary uses of this class are:
1. to use convience functions to get large amounts of data out of the db
without large amounts of db queries. For usage on this consult the pydoc
on the individual functions.
- to Make/Remove/List rows in the database. The method that is used in this
class is based on generic Make/Remove/Lock functions that take specifc
dictionaries that correspond to the table that is being referenced.
Here is an example of how to remove rows from the acls table:
acls_dict = db_instance.GetEmptyRowDict(‘acls’)
acls_dict[‘acl_name’] = ‘test_acl’
db_instance.StartTransaction()
try:
matching_rows = db_instance.ListRow(‘acls’, acls_dict)
for row in matching_rows:
db_instance.RemoveRow(‘acls’, row)
- except Exception:
- db_instance.EndTransaction(rollback=True)
- else:
- db_instance.EndTransaction()
- Note: MySQLdb.Error can be raised in almost any function in this module. Please
- keep that in mind when using this module.
-
class roster_core.db_access.dbAccess(db_host, db_user, db_passwd, db_name, big_lock_timeout, big_lock_wait, thread_safe=True, ssl=False, ssl_ca=None, ssl_cert=None, ssl_key=None, ssl_capath=None, ssl_cipher=None, db_debug=False, db_debug_log=None)[source]
Bases: object
This class provides the primary interface for connecting and interacting
with the roster database.
-
CheckMaintenanceFlag()[source]
Checks the maintenance flag in the database.
- Outputs:
- bool: boolean of maintenance mode
-
CreateRosterDatabase(schema=None)[source]
Destroys existing table structure in database and replaces it
with schema that is passed in(or default schema).
DO NOT RUN THIS AGAINST A DATABASE THAT IS NOT READY TO BE CLEARED
This function is used because of a poorly understood bug in MySQLdb
that does not allow our schema to be executed as one big query. The
work around is splitting the whole thing up and commiting each piece
separately.
- Inputs:
- schema: string of sql schema
-
DumpDatabase()[source]
This will dump the entire database to memory.
This would be done by mysqldump but it needs to be done in the same lock
as other processes. So this is a simple mysqldump function.
- Outputs:
- Dictionary: Dictionary with keys of table name and schema/data for each
- table as values.
-
EndTransaction(rollback=False)[source]
Ends a transaction.
Also does some simple checking to make sure a connection was open first
and releases itself from the current queue.
- Inputs:
- rollback: boolean of if the transaction should be rolled back
- Raises:
- TransactionError: Must run StartTansaction before EndTransaction.
-
GetCurrentTime()[source]
Returns datetime object of current time in database.
- Outputs:
- datetime: current time in the database
-
GetEmptyRecordArgsDict(record_type)[source]
Gets empty args dict for a specific record type
- Inputs:
- record_type: string of record type
- Outputs:
- dictionary: keyed by argument name with values of None
- example: {‘mail_host’: None
- ‘priority’: None}
-
GetEmptyRowDict(table_name)[source]
Gives a dict that has all the members needed to interact with the
the given table using the Make/Remove/ListRow functions.
- Inputs:
- table_name: string of valid table name from constants
- Raises:
- InvalidInputError: Table name not valid
- Outputs:
- dictionary: of empty row for specificed table.
example acls dict:
{‘acl_name’: None
‘acl_range_allowed: None,
‘acl_cidr_block’: None }
-
GetRecordArgsDict(record_type)[source]
Get args for a specific record type from the db and shove them into
a dictionary.
- Inputs:
- record_type: string of record type
- Raises:
- InvalidInputError: Unknown record type
- Outputs:
- dictionary: keyed by argument name with values of data type of that arg
- example: {‘mail_host’: ‘Hostname’
- ‘priority’: ‘UnsignedInt’}
-
GetUserAuthorizationInfo(user)[source]
Grabs authorization data from the db and returns a dict.
This function does two selects on the db, one for forward and one for
reverse zones. It also parses the data into a dict for ease of use.
- Inputs:
- user: string of username
- Raises:
- UnexpectedDataError: Row did not contain
- reverse_range_permissions or
forward_zone_permissions
- Outputs:
- dict: dict with all the relevant information
example:
{‘user_access_level’: ‘2’,
‘user_name’: ‘shuey’,
‘forward_zones’: [
- {‘zone_name’: ‘cs.university.edu’,
- ‘group_permission’: [‘a’, ‘aaaa’]},
- {‘zone_name’: ‘eas.university.edu’,
- ‘group_permission’: [‘a’, ‘aaaa’, ‘cname’]},
- {‘zone_name’: ‘bio.university.edu’,
- ‘group_permission’: ‘’a’, ‘ns’}],
‘groups’: [‘cs’, ‘bio’],
‘reverse_ranges’: [
- {‘cidr_block’: ‘192.168.0.0/24’,
- ‘group_permission’: [‘ptr’, ‘cname’]},
- {‘cidr_block’: ‘192.168.0.0/24’,
- ‘group_permission’: [‘ptr’]},
- {‘cidr_block’: ‘192.168.1.0/24’,
- ‘group_permission’: [‘ptr’, ‘cname’]}]}
-
GetValidTables()[source]
Export this function to the top level of the db_access stuff so
it can be used without importing un-needed classes.
- Outputs:
- list: valid table names
-
GetZoneOrigin(zone_name, view_name)[source]
Returns zone origin of zone_name that is passed in.
If no zone origin found, return None
- Inputs:
- zone_name: string of zone_name
view_name: string of view_name
- Outputs:
- string of zone origin or None
-
InitDataValidation()[source]
Get all reserved words and group permissions and init the
data_validation_instance
-
ListRow(*args, **kwargs)[source]
Lists rows in the database using a dictionary of tables. Then returns
the rows found. Joins are auto generated on the fly based on foreign keys
in the database.
- Inputs:
args: pairs of string of table name and dict of rows
kwargs: lock_rows: default False
- column: column to search range on, if using multiple
- tables, the column must be in the first table
in args.
range_values: range tuple of values to search within for on column
is_date: boolean of if range is of dates
- example usage: ListRow(‘users’, user_row_dict,
- ‘user_group_assignments’, user_assign_row_dict,
lock_rows=True)
- Raises:
TransactionError: Must run StartTansaction before inserting
UnexpectedDataError: If is_date is specified you must specify column and range
UnexpectedDataError: If column or range is specified both are needed
InvalidInputError: Found unknown option(s)
UnexpectedDataError: No args given, must at least have a pair of table name and row dict
UnexpectedDataError: Number of unnamed args is not even.
Args should be entered in pairs of table name and row dict.
InvalidInputError: Table name not valid
InvalidInputError: Column not found in row
UnexpectedDataError: Column in table is not a DateTime type
UnexpectedDataError: Date from range is not a valid datetime object
InvalidInputError: Range must be int if is_date is not set
InvalidInputError: Multiple tables were passed in but no joins were found
- Outputs:
tuple of row dicts consisting of all the tables that were in the input.
all column names in the db are unique so no colisions occour
- example: ({‘user_name’: ‘sharrell’, ‘access_level’: 10,
‘user_group_assignments_group_name: ‘cs’,
‘user_group_assignments_user_name: ‘sharrell’},
- {‘user_name’: ‘sharrell’, ‘access_level’: 10,
- ‘user_group_assignments_group_name: ‘eas’,
‘user_group_assignments_user_name: ‘sharrell’})
-
ListTableNames()[source]
Lists all tables in the database.
- Outputs:
- List: List of tables
-
LockDb()[source]
This function is to lock the whole database for consistent data
retrevial.
This function expects for self.db_instance.cursor to be instantiated and
valid.
- Raises:
- TransactionError: Must unlock tables before re-locking them.
-
MakeRow(table_name, row_dict)[source]
Creates a row in the database using the table name and row dict
- Inputs:
- table_name: string of valid table name from constants
row_dict: dictionary that coresponds to table_name
- Raises:
- InvalidInputError: Table name not valid
TransactionError: Must run StartTansaction before inserting
- Outputs:
- int: last insert id
-
RemoveRow(table_name, row_dict)[source]
Removes a row in the database using the table name and row dict
- Inputs:
- table_name: string of valid table name from constants
row_dict: dictionary that coresponds to table_name
- Raises:
- InvalidInputError: Table name not valid
TransactionError: Must run StartTansaction before deleting
- Outputs:
- int: number of rows affected
-
StartTransaction()[source]
Starts a transaction.
Also it starts a db connection if none exists or it times out.
Always creates a new cursor.
This function also serializes all requests on this object and if the
big lock has been activated will wait for it to be released.
- Raises:
- TransactionError: Cannot start new transaction last transaction not
- committed or rolled-back.
-
TableRowCount(table_name)[source]
Counts the amount of records in a table and returns it.
- Inputs:
- table_name: string of valid table name from constants
- Raises:
- InvalidInputError: Table name not valid
TransactionError: Must run StartTansaction before getting row count.
- Outputs:
- int: number of rows found
-
UnlockDb()[source]
This function is to unlock the whole database.
This function expects for self.db_instance.cursor to be instantiated and
valid. It also expects all tables to be locked.
- Raises:
- TransactionError: Must lock tables before unlocking them.
-
UpdateRow(table_name, search_row_dict, update_row_dict)[source]
Updates a row in the database using search and update dictionaries.
- Inputs:
table_name: string of valid table name from constants
search_row_dict: dictionary that coresponds to table_name containing
search args
- update_row_dict: dictionary that coresponds to table_name containing
- update args
- Raises:
- InvalidInputError: Table name not valid
TransactionError: Must run StartTansaction before inserting
- Outputs:
- int: number of rows affected
-
ValidateRecordArgsDict(record_type, record_args_dict, none_ok=False)[source]
Type checks record args dynamically.
- Inputs:
record_type: string of record_type
record_args_dict: dictionary for args keyed by arg name.
a filled out dict from GetEmptyRecordArgsDict()
none_ok: boolean of if None types should be acepted.
- Raises:
- InvalidInputError: dict for record type should have these keys
FucntionError: No function to check data type
UnexpectedDataError: Invalid data type
-
close()[source]
Closes a connection that has been opened.
A new connection will be created on StartTransaction.
-
cursor_execute(execution_string, values={})[source]
This function allows for the capture of every mysql command that
is run in this class.
- Inputs:
- execution_string: mysql command string
values: dictionary of values for mysql command
embedded_files Module
helpers_lib Module
This is a library of static helper functions for Roster.
-
roster_core.helpers_lib.CIDRExpand(cidr_block, begin=None, end=None)[source]
Expands a cidr block to a list of ip addreses
from begin (integer) to end (integer).
- Inputs:
- cidr_block: string of cidr_block
begin: integer of ip address to start
end: integer of ip address to end
- Raises:
- InvalidInputError: Not a valid CIDR block.
- Outputs:
- list: list of ip addresses in strings
-
roster_core.helpers_lib.ExpandIPV6(ip_address)[source]
Expands a shorthand ipv6 address to a full ipv6 address
- Inputs:
- ip_address: string of ipv6 address
- Raises:
- InvalidInputError: Not a valid IP address.
InvalidInputError: Not a valid IPV6 address.
- Outputs:
- string: string of long ipv6 address
-
roster_core.helpers_lib.GetFunctionNameAndArgs()[source]
Grabs the current frame and adjacent frames then finds the calling
function name and arguments and returns them.
- Outputs:
- tuple: function name and current args
- ex: (‘MakeUser’, {‘replay_args’: [u’ahoward’, 64],
- ‘audit_args’: {‘access_level’: 64,
- ‘user_name’: u’ahoward’}}
-
roster_core.helpers_lib.GetRecordsFromRecordRowsAndArgumentRows(record_data, record_args_dict)[source]
Takes data from joined records and record_arguments_record_assignments
and creates record rows that are combined.
- Inputs:
- record_data: List of rows from ListRow with records and
- records_arguments_record_assignments joined.
- Outputs:
- list of record dictionaries
Each dictionary can have different args depending on record type.
All of them will include record_type, target, zone_name, ttl, and
view_name regardless of record type. Below is an example of an mx
record search.
example: [{‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,
‘zone_name’: ‘university.edu’, ttl: 3600,
‘view_name’: ‘external’, ‘priority’: 10,
‘mail_server’: ‘smtp-01.university.edu.’,
‘last_user’: ‘sharrell},
- {‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,
- ‘zone_name’: ‘university.edu’, ttl: 3600,
‘view_name’: ‘external’, ‘priority’: 20,
‘mail_server’: ‘smtp-02.university.edu.’},
‘last_user’: ‘sharrell}]
-
roster_core.helpers_lib.GetRowDict(table_name)[source]
Returns a specific dictionary keyed off of table name.
- Inputs:
- table_name: string of table name from db
- Outputs:
- dictionary: dict of row that was requested (see constants above)
-
roster_core.helpers_lib.GetValidTables()[source]
Returns all of the tables in the database that are enumerated in this
modules.
- Outputs:
- list: list of valid tables.
- example: [‘acls’, ‘records’, ‘etc’]
-
roster_core.helpers_lib.ReverseIP(ip_address)[source]
Reverse an IP address
- Inputs:
- ip_address: either an ipv4 or ipv6 string
- Raises:
- InvalidInputError: Not a valid IP address.
- Outputs:
- string: reverse ip address
-
roster_core.helpers_lib.UnReverseIP(ip_address)[source]
Un-Reverses reversed IP addresses
- Inputs:
- ip_address: either an ipv4 or ipv6 string (reversed)
- Outputs:
- string: forward ip address
-
roster_core.helpers_lib.UnicodeString(string)[source]
Returns unicode string if object is a string
- Inputs:
- string: string to unicode
- Outputs:
- unicode string: if input is a string
punycode_lib Module
Punycode and Unicode convertor module for Roster
-
roster_core.punycode_lib.Puny2Uni(punycode_string=None)[source]
Converts a Punycoded domain into a unicode domain.
- Inputs:
- string: Punycoded domain.
- Outputs:
- unicode: Decoded punycode domain.
-
roster_core.punycode_lib.Uni2Puny(unicode_string=None)[source]
Converts a unicode domain into a punycoded domain.
- Inputs:
- unicode/string: String or unicode of domain.
- Outputs:
- string: A punycoded domain string.
user Module
Classes pertaining to users and authorization for Roster.
Authorization for specific functions and for specific domain/ip range blocks
is handled in this module.
-
class roster_core.user.User(user_name, db_instance, log_instance)[source]
Bases: object
Representation of a user, with basic manipulation methods.
Note that is it not necessary to authenticate a user to construct this
class. This class is mainly responsible for authorization.
-
Authorize(method, record_data=None, current_transaction=False)[source]
Check to see if the user is authorized to run the given operation.
- Inputs:
method: what the user’s trying to do
record_data: dictionary of target, zone_name, view_name, record_type,
and record_args_dict for the record that is being modified.
{‘target’: ‘test_target’,
‘zone_name’: ‘test_zone’,
‘view_name’: ‘test_view’,
‘record_type’: ‘a’,
‘record_args_dict’ : {
u’assignment_ip’ : ‘192.168.1.1’
}
}
- current_transaction: bool of if this function is run from inside a
- transaction in the db_access class
- Raises:
- MaintenanceError: Roster is currently under maintenance.
MissingDataTypeError: Incomplete record data provided for access method.
AuthorizationError: Authorization failure.
-
GetPermissions()[source]
Return permissions and groups for user.
- Outputs:
- dictionary of permissions
example:
{‘user_access_level’: ‘2’,
‘user_name’: ‘shuey’,
‘forward_zones’: [
{‘zone_name’: ‘cs.university.edu’, ‘group_permission’: ‘rw’},
{‘zone_name’: ‘eas.university.edu’, ‘group_permission’: ‘r’},
{‘zone_name’: ‘bio.university.edu’, ‘group_permission’: ‘rw’}],
‘groups’: [‘cs’, ‘bio’],
‘reverse_ranges’: [
- {‘cidr_block’: ‘192.168.0.0/24’,
- ‘group_permission’: ‘rw’},
- {‘cidr_block’: ‘192.168.0.0/24’,
- ‘group_permission’: ‘r’},
- {‘cidr_block’: ‘192.168.1.0/24’,
- ‘group_permission’: ‘rw’}]}
-
GetUserName()[source]
Return user name for current session.
- Outputs:
- string: user name