roster_core Package

roster_core Package

Toplevel RosterCore API. This presents entities to external consumers.

exception roster_core.__init__.CoreError

Bases: exceptions.Exception

Error class that all Roster errors are sub-classed from

class roster_core.__init__.Core(user_name, config_instance, unittest_timestamp=None)

Bases: object

Backend Roster interface.

This class is meant to be the only interface to the database for top level programming for a web or xml-rpc interface, or anything else that would need to talk to the database.

All errors raised will be a subclass of CoreError.

CheckMaintenanceFlag()

Checks maintenance flag

Outputs:
bool: value of flag on or off
GetEmptyRecordArgsDict(record_type)

Gets record args dict for the record_type.

Inputs:
record_type: string of record type (example: u’mx’)
Outputs:
dictionary: which is different for each record type.
(example: {u’priority’: 10,
u’mail_server’: ‘mail.sub.university.edu.’})
ListACLs(acl_name=None, cidr_block=None)

List one or many acls, if all args are none it will them all, or just search on one more terms.

Inputs:
acl_name: string of acl name cidr_block: string of valid CIDR block or IP address
Outputs:
dictionary: keyed by the acl name whos value is a list dictionaries with
the cidr block and range allowed values.
example: {‘rfc_1918_networks’: [{‘cidr_block’: ‘192.168/16’},
{‘cidr_block’: ‘10/8’}],
‘university_networks’: [{‘cidr_block’: ‘1.2.3/24’},
{‘cidr_block’: ‘1.1.1/24’}]}
ListAuditLog(user_name=None, action=None, success=None, begin_timestamp=None, end_timestamp=None)

Lists audit log

Inputs:
user_name: string of user name action: string of function success: intbool of success begin_timestamp: datetime object of beginning timestamp end_timestamp: datetime object of ending timestamp
Raises:
UnexpectedDataError: Missing begin_timestamp or end_timestamp.
Outputs:
dict: Dictionary of audit log
ex: {‘action’: u’Action’, ‘data’, u’Data’,
‘audit_log_timestamp’: datetime.datetime, ‘audit_log_user_name’: u’username’}
ListCredentials(credential=None, user_name=None, infinite_cred=None)

Lists infinte credentials.

This function basically just calls _ListCredentials but runs Authorize before.

Inputs:
credential: string of specific credential that is being searched for user_name: string of name of user that is being searched for infinite_cred: bool of search for infinite or non infinite creds
ListDnsServerSetAssignments(dns_server_name=None, dns_server_set_name=None)

List dns server set assignments. Inputs:

dns_server_name: string of dns server name dns_server_set_name: string of dns server set name
Outputs:
dictionary keyed by server sets.
ListDnsServerSetViewAssignments(view_name=None, dns_server_set_name=None, key_by_view=False)

List dns server set view assignments

Assignments can be given as a dictionary of dns server names with lists of view names or as a dictionary of view names with lists of dns server names.

Outputs:

Dictionary keyed by view name or dns server set name with values of lists of view names or dns server sets depending on key_by_view bool

example keyed by view_name: {‘view1’: [‘set1’, ‘set2’],
‘view2’: [‘set2’]}
example keyed by dns_server_set_name: {‘set1’: [‘view1’]
‘set2’: [‘view1’, ‘view2’]}
ListDnsServerSets(dns_server_set_name=None)

List all dns server sets

Inputs:
dns_server_set_name: string of dns server set name
Outputs:
list of dns server sets
ListDnsServers(dns_server_name=None)

List dns servers.

Outputs:
int: number of rows modified
ListForwardZonePermissions(zone_name=None, group_name=None, group_permission=None)

List forward zone permissions.

Inputs:
zone_name: string of zone name group_name: string of group name group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
Outputs:

dictionary keyed by group name with values of lists of dictionaries containing zone names and group permissions

example: {‘dept’: [{‘zone_name’: ‘sub.univeristy.edu’,
‘group_permission’: [‘a’, ‘aaaa’, ‘cname’]},
{‘zone_name’: ‘othersub.university.edu’,
‘group_permission’: [‘a’, ‘aaaa’, ‘cname’, ‘soa’]}],
‘otherdept’: [{‘zone_name’: ‘sub.university.edu’,
‘group_permission’: [‘a’, ‘aaaa’]}]}
ListGroups()

List all groups.

Outputs:
list of groups
example [‘cs’, ‘bio’]
ListNamedConfGlobalOptions(option_id=None, dns_server_set=None, timestamp=None)

Lists named conf global options

Inputs:
option_id: integer of named conf global option id dns_server_set: string of the dns server set name timestamp: datetime object of timestamp to search
Outputs:
named_conf_list: list of named conf global options
ListRecordArgumentDefinitions(record_type=None)

List record argument definitions. This is mainly for the exporter to programtically construct records for exporting.

This function is duplicated in roster-config-manager/roster_config_manager/tree_exporter.py

Inputs:
record_type: string of record type
Outputs:
dictionary keyed by record type with values of lists

of lists of record arguments sorted by argument order. example: {‘mx’: [{‘argument_name’: u’priority’,

‘record_arguments_type’: u’mx’, ‘argument_data_type’: u’UnsignedInt’, ‘argument_order’: 0},

{‘argument_name’: u’mail_server’, ‘record_arguments_type’: u’mx’, ‘argument_data_type’: u’Hostname’, ‘argument_order’: 1}]}

ListRecords(record_type=None, target=None, zone_name=None, view_name=None, ttl=None, record_args_dict=None)

Lists records.

Inputs:

record_type: string of record type (example: u’mx’) target: string of target (example u’machine-01.sub.univeristy.edu.’) zone_name: string of zone name (example u’sub.university.edu’) ttl: int of time to live per record view_name: string of view name (example u’internal’) record_args_dict: dictionary, which is different for each record type.

an example dictionary can be obtained with the GetEmptyRecordArgsDict function in this class (example: {u’priority’: 10,

u’mail_server’: ‘mail.sub.university.edu.’})
Raises:
UnexpectedDataError: Must specify record_type with record_args_dict.
Outputs:
list of record dictionaries

Each dictionary can have different args depending on record type. All of them will include record_type, target, zone_name, ttl, and view_name regardless of record type. Below is an example of an mx record search. example: [{‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,

‘zone_name’: ‘university.edu’, ttl: 3600, ‘view_name’: ‘external’, ‘priority’: 10, ‘mail_server’: ‘smtp-01.university.edu.’, ‘last_user’: ‘sharrell},
{‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,
‘zone_name’: ‘university.edu’, ttl: 3600, ‘view_name’: ‘external’, ‘priority’: 20, ‘mail_server’: ‘smtp-02.university.edu.’}, ‘last_user’: ‘sharrell}]
ListReservedWords()

Lists reserved words.

Output:
list: list of reserved words
ex: [‘reservedword1’, ‘reservedword2’]
ListReverseRangePermissions(cidr_block=None, group_name=None, group_permission=None)

List reverse range permissions.

Inputs:
cidr_block: string of cidr block group_name: string of group name group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
Outputs:

dictionary keyed by group name with values of lists of dictionaries containing reverse ranges and group permissions

example: {‘dept’: [{‘cidr_block’: ‘192.168.0/24’,
‘group_permission’: [u’cname’, u’ptr’]},
{‘cidr_block’: ‘192.168.1/24’,
‘group_permission’: [u’ptr’]}],
‘otherdept’: [{‘cidr_block’: ‘192.168.1/24’,
‘group_permission’: [u’cname’, u’ns’, u’ptr’,
u’soa’]}]}
ListReverseRangeZoneAssignments(zone_name=None, cidr_block=None)

Lists reverse range to zone assignments.

Inputs:
zone_name: string of zone name cidr_block: string of cidr block
Outputs:
dictionary: keyed by zone_name with values of cidr blocks
example: {‘10.in-addr.arpa’: ‘10/8’,
‘9.168.192.in-addr.arpa’: ‘192.168.9/24’}
ListUserGroupAssignments(user_name=None, group_name=None, key_by_group=False)

List user-group assignments.

Assignments can be given as a dictionary of users with lists of groups or as a dictionary of groups as a list of users.

Outputs:

dictionarie keyed by group or user with values of lists of groups or users depending on key_by_group bool

example keyed by user: {‘sharrell’: [‘cs’, ‘bio’],
‘shuey’: [‘cs’]}
example keyed by group: {‘cs’: [‘shuey’, ‘sharrell’]
‘bio’: [‘sharrell’]
ListUsers(user_name=None, access_level=None)

Lists one or many users, if all args are None then list them all.

Inputs:
user_name: string of user name access_level: int from 0-255 as defined in user.py
Output:
dictionary: keyed by the user name with value of access_level.
example: {‘sharrell’: 128,
‘shuey’: 64}
ListViewAssignments(view_superset=None, view_subset=None)

Lists view assignments.

For more informaton about view assignments please read the MakeViewAssignment docstring.

Inputs:
view_superset: string of view name view_subset: string of view name
Outputs:
dictionary keyed by view supersets with values lists of view subsets
ListViewToACLAssignments(view_name=None, acl_name=None, acl_range_allowed=None)

Lists some or all view to acl assignments corresponding to the given args.

Inputs:
view_name: string of view name acl_name: string of acl name
Outputs:
list: list contains dictionaries of assignments
example: [{‘view_name’: ‘main_view’, ‘acl_name’: ‘internal’,
‘acl_range_allowed’: ‘true’},
{‘view_name’: ‘other_view’, ‘acl_name’: ‘external’,
‘acl_range_allowed’: ‘false’}]
ListViews(view_name=None)

Lists all views.

Outputs:
dictionary: dict keyed by view name with a value of the view args.
example: {‘view_1’: ‘also-notify {192.168.0.1;}nallow-transfer ‘
‘{university_networks};;’,

‘view_2’: ‘other-arg { thing };’}

ListZoneTypes()

Lists zone types.

Outputs:
list: list of zone types, example: [‘master’, ‘slave’, ‘forward’]
ListZones(zone_name=None, zone_type=None, zone_origin=None, view_name=None)

Lists zones.

Inputs:
zone_name: string of zone name zone_type: string of zone type zone_origin: string of zone origin. ex dept.univiersity.edu. view_name: string of view name
Outputs:

Dictionary of dictionaries. The parent dictionary is keyed by zone name, the secondary dictionary is keyed by view name and the third is keyed by type of data.

example:
{‘zone.university.edu’: {‘internal’: {‘zone_type’: ‘master’,

‘zone_options’: ‘misc opts’, ‘zone_origin’:

‘university.edu.’},
‘any’: {‘zone_type’: ‘master’
‘zone_options’: ‘other options’, ‘zone_origin’: ‘university.edu.’}},
‘otherzone.university.edu’: {‘any’: {‘zone_type’: ‘slave’,
‘zone_options’: ‘options’}}}
MakeACL(acl_name, cidr_block)

Makes an acl from args.

Inputs:
acl_name: string of acl name cidr_block: string of valid CIDR block or IP address
MakeDnsServer(dns_server_name)

Makes one dns server

Inputs:
dns_server_name: string of the dns server name
MakeDnsServerSet(dns_server_set_name)

Make dns server set.

Inputs:
dns_server_set_name: string of dns server set name
MakeDnsServerSetAssignments(dns_server_name, dns_server_set_name)

Make dns server set assignment.

Inputs:
dns_server_name: string of dns server name dns_server_set_name: string of dns server set name
MakeDnsServerSetViewAssignments(view_name, dns_server_set_name)

Make dns server set view assignment

Inputs:
view_name: string of the view name dns_server_set_name: string of the dns server set name
MakeForwardZonePermission(zone_name, group_name, group_permission=None)

Make forward zone permission.

Inputs:
zone_name: string of zone name group_name: string of group name group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
MakeGroup(group_name)

Make group.

Inputs:
group_name: string of group name
MakeInfiniteCredential(user_name, credential=None)

Creates an infinite credential.

Inputs:
user_name: string of user to create credential for.
Outputs:
string: credential string created
MakeNamedConfGlobalOption(dns_server_set, options)

Makes named conf global option

Inputs:
dns_server_set: string of name of dns server set options: string of named conf file
MakeRecord(record_type, target, zone_name, record_args_dict, view_name=None, ttl=None)

Makes a record.

Please check core_helpers for functions to make certain records that need help before using this directly. For instance MakePTRRecord and MakeAAAARecord.

Raises:
InvalidInputError: ”.” not allowed as terminator in non-ptr target. InvalidInputError: An SOA cannot be made in the “any” view. InvalidInputError: CNAME already exists. InvalidInputError: Record already exists. InvalidInputError: Duplicate record found.
Inputs:

record_type: string of record type (example: u’mx’) target: string of target (example u’machine-01’) zone_name: string of zone name (example u’sub.university.edu’) ttl: int of time to live per record view_name: string of view name (example u’internal’) record_args_dict: dictionary, which is different for each record type.

an example dictionary can be obtained with the GetEmptyRecordArgsDict function in this class (example: {u’priority’: 10,

u’mail_server’: ‘mail.sub.university.edu.’})
MakeReservedWord(reserved_word)

Create a reserved word.

Inputs:
reserved_word: string of reserved word
MakeReverseRangePermission(cidr_block, group_name, group_permission=None)

Make reverse range permission.

Inputs:
cidr_block: string of cidr block group_name: string of group name group_permission: list of group permissions, i.e., [‘cname’, ‘ptr’]
MakeReverseRangeZoneAssignment(zone_name, cidr_block)

Makes a reverse range to zone assignment.

Inputs:
zone_name: string of zone name cidr_block: string of cidr block
MakeUser(user_name, access_level)

Create a user.

Inputs:
user_name: string of user name access_level: int from 0-255 as defined in user.py
MakeUserGroupAssignment(user_name, group_name)

Make user-group assignment.

Inputs:
group_name: string of group name user_name: string of user name
MakeView(view_name, view_options=None)

Makes a view and all of the other things that go with a view.

For more information about views please see docstring for MakeViewAssignments.

Inputs:

view_name: string of view name view_options: string of view options, defaults to empty string.

MakeViewAssignment(view_superset, view_subset)

Assigns a view to view.

A view contains zones in that view. However zones can be assigned to another view that is a superset of views. For example an assignment can be made for view_a(view_superset) to also include all of view_b’s(view_subset) zones(and by proxy, records). This prevents having to have duplicate records in each view.

Most of the time this will not be needed as there is a special subset included in all views(unless explicitly deleted) called the ‘any’ view. Records in the ‘any’ view will be in all views that have not been explicity changed to remove the ‘any’ view.

The ‘any’ view subset is automatically tied to a view when a view is created. Also this is the default view for records and zones(again it can be explicitly changed if needed).

Inputs:
view_superset: string of view name view_subset: string of view name
MakeViewToACLAssignments(view_name, acl_name, acl_range_allowed)

Makes view to acl assignment

Inputs:
view_name: string of view name acl_name: string of acl name acl_range_allowed: boolean to allow/disallow given acl range
MakeZone(zone_name, zone_type, zone_origin, view_name=None, zone_options=None, make_any=True)

Makes a zone.

Inputs:

zone_name: string of zone name zone_type: string of zone type zone_origin: string of zone origin. ex dept.univiersity.edu. zone_options: string of zone_options(defaults to empty string)

view_name: string of view name(defaults to ‘any’)
see docstring of MakeViewAssignments as to why ‘any’ is default

make_any: regardless of view name, make any as well(default to True)

Raises:
UnexpectedDataError: Invalid zone type.
MakeZoneType(zone_type)

Makes a new zone type.

Inputs:
zone_type: string of zone type
RemoveACL(acl_name)

Removes an acl from args. Will also remove relevant acl-view assignments.

Inputs:
acl_name: string of acl name
Outputs:
int: number of rows modified
RemoveCIDRBlockFromACL(acl_name, cidr_block)

Makes CIDR Block from ACL

Inputs:
acl_name: string of acl name cidr_block: string of valid CIDR block or IP address range_allowed: Int bool of if range should be allowed or denied
Outputs:
int: number of rows modified
RemoveCredential(credential=None, user_name=None)

Removes a credential

This function will call _RemoveCredential after Authorize and then log it.

Inputs:
credential: string of credential to remove user_name: string of user name who has a credential to remove
RemoveDnsServer(dns_server_name)

Removes dns server.

Inputs:
dns_server_name: string of dns server name
Outputs:
int: number of rows modified
RemoveDnsServerSet(dns_server_set_name)

Remove dns server set.

Inputs:
dns_server_set_name: string of dns server set name
Outputs:
int: number of rows modified
RemoveDnsServerSetAssignments(dns_server_name, dns_server_set_name)

Remove a dns server set assignment

Inputs:
dns_server_name: string of dns server name dns_server_set_name: string of dns server set name
RemoveDnsServerSetViewAssignments(view_name, dns_server_set_name)

Remove dns server set view assignment

Inputs:
view_name: string of view name dns_server_set_name: string of dns server set name
Outputs:
int: number of rows modified
RemoveForwardZonePermission(zone_name, group_name, group_permission)

Remove forward zone permissions.

Inputs:
zone_name: string of zone name group_name: string of group name group_permission: list of group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
Outputs:
int: number of rows affected
RemoveGroup(group_name)

Remove group.

Inputs:
group_name: string of group name
Outputs:
int: number of rows modified
RemoveRecord(record_type, target, zone_name, record_args_dict, view_name, ttl=None)

Remove record.

Inputs:
record_type: type of record target: target name zone_name: name of zone record_args_dict: dictionary of record arguments view_name: name of view ttl: time to live
Raises:
InvalidInputError: No records found.
Multiple records found for used search terms.

RecordError: Could not remove record for an unknown reason.

RemoveReservedWord(reserved_word)

Removes a reserved word.

Inputs:
reserved_word: string of reserved word
Outputs:
int: number of rows modified
RemoveReverseRangePermission(cidr_block, group_name, group_permission)

Remove reverse range permissions.

Inputs:
cidr_block: string of cidr block group_name: string of group name group_permission: list of group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
Outputs:
int: number of rows affected
RemoveReverseRangeZoneAssignment(zone_name, cidr_block)

Remove reverse range to zone assignment.

Inputs:
zone_name: string of zone name cidr_block: string of cidr block
Outputs:
int: number of rows affected
RemoveUser(user_name)

Removes a user.

Inputs:
user_name: string of user name
Outputs:
int: number of rows modified
RemoveUserGroupAssignment(user_name, group_name)

Remove user-group.

Inputs:
group_name: string of group name user_name: string of user name
Outputs:
int: number of rows modified
RemoveView(view_name)

Removes a view.

Also removes anything attatched to that view. Including any information about a specific zone in the view and any records in that view. Please point gun away from foot.

Inputs:
view_name: string of view name
Raises:
InvalidInputError: Cannot remove view any
Outputs:
int: number of rows modified
RemoveViewAssignment(view_superset, view_subset)

Removes a view assignment.

For more informaton about view assignments please read the MakeViewAssignment docstring.

Inputs:
view_superset: string of view name view_subset: string of view name
RemoveViewToACLAssignments(view_name, acl_name, acl_range_allowed)

Removes view to acl assignment

Inputs:
view_name: string of view name acl_name: string of acl name
Outputs:
int: number of rows modified
RemoveZone(zone_name, view_name=None)

Removes a zone.

Inputs:
zone_name: string of zone name view_name: string of view name
Outputs:
int: number of rows affected
RemoveZoneType(zone_type)

Removes a zone type.

Inputs:
zone_type: string of zone type
Outputs:
int: number of rows affected
SetMaintenanceFlag(value)

Sets maintenance flag

Inputs:
value: boolean of flag on or off
UpdateDnsServer(search_dns_server_name, update_dns_server_name)

Updates dns server

Inputs:
search_dns_server_name: string of dns server name update_dns_server_name: new string of dns server name
Outputs:
int: number of rows modified
UpdateDnsServerSet(search_dns_server_set_name, update_dns_server_set_name)

Update dns_server_set.

Inputs:
search_dns_server_set_name: string of dns_server_set name update_dns_server_set_name: string of dns_server_set name
Outputs:
int: number of rows modified
UpdateGroup(search_group_name, update_group_name)

Update group.

Inputs:
search_group_name: string of group name update_group_name: string of group name
Outputs:
int: number of rows modified
UpdateGroupForwardPermission(zone_name, group_name, new_permissions)

Updates forward zone group permissions

Inputs:
zone_name: string of zone name group_name: string of group name new_permissions: list of permissions. (ex [u’a’, u’aaaa’, u’cname’])
Raises:
AuthorizationError: Group does not have access to supplied zone
UpdateGroupReversePermission(cidr_block, group_name, new_permissions)

Updates forward zone group permissions

Inputs:
cidr_block: string of cidr_block group_name: string of group name new_permissions: list of permissions. (ex [u’a’, u’aaaa’, u’cname’])
Raises:
AuthorizationError: Group does not have access to supplied cidr block
UpdateRecord(search_record_type, search_target, search_zone_name, search_record_args_dict, search_view_name=None, search_ttl=None, update_target=None, update_zone_name=None, update_record_args_dict={}, update_view_name=None, update_ttl=None)

Update record.

Inputs:
search_record_type: type of record search_target: target search_zone_name: name of zone search_record_args_dict: dictionary of record arguments search_view_name: name of view search_ttl: time to live update_target: target update_zone_name: name of zone update_record_args_dict: dictionary of record arguments update_view_name: name of view update_ttl: time to live
Raises:
InvalidInputError: ”.” not allowed as terminator in non-ptr target. InvalidInputError: Record already exists. InvalidInputError: CNAME already exists. InvalidInputError: Duplicate record found. InvalidInputError: No records found. InvalidInputError: Multiple records found for used search terms.
UpdateUser(search_user_name, update_user_name=None, update_access_level=None)

Updates a user.

Inputs:
search_user_name: string of user name update_user_name: string of user name update_access_level: int from 0-255 as defined in user.py
Outputs:
int: number of rows modified
UpdateView(search_view_name, update_view_name=None, update_view_options=None)

Updates a view.

Also updates anything attatched to that view. Including any information about a specific zone in the view and any records in that view.

Inputs:

search_view_name: string of view name to be updated update_view_name: string of view name to update with update_view_options: string of view options, defaults to empty string.

Raises:
InvalidInputError: Cannot update view any.
UpdateZone(search_zone_name, search_view_name=None, update_zone_name=None, update_zone_options=None, update_zone_type=None)

Updates zone options or zone type of zone

Inputs:

search_zone_name: string of zone name search_view_name: string of view name update_zone_name: string of zone name update_zone_type: string of zone type update_zone_options: string of zone options

Outputs:
int: number of rows affected
class roster_core.__init__.CoreHelpers(core_instance)

Bases: object

Library of helper functions that extend the core functions.

AddFormattedRecords(zone_name, zone_file_string, view)

Adds records from a string of a partial zone file

Inputs:
zone_name: string of zone name zone_file_string: string of the file contents view: string of view name
Outputs:
int: Amount of records added to db.
CIDRExpand(cidr_block, begin=None, end=None)
ConstructRecordArgsDictFromRecordID(record_id)

Constructs the records_arg_dict from the Roster database given only the record id.

Inputs: record_id: int of record id

Outputs: record_args_dict: dictionary of arguments and their values

ExpandIPV6(ip_address)
GetAssociatedCNAMEs(hostname, view_name, zone_name, recursive=False)

Lists cname’s by assignment hostname.

Inputs:
hostname: string of hostname view_name: string of view name zone_name: string of zone name
Outputs:
list: list of found cname dictionaries
GetCIDRBlocksByView(view, username)

Lists CIDR blocks available to a username in a given view

Inputs:
view: string of view name username: string of user name
Outputs:
list: list of cidr block strings
GetPTRTarget(long_target, view_name=u'any')

Gets the short PTR target given the long PTR target Inputs:

long_target: String of long PTR target view_name: String of view name
Raises:
InvalidInputError: No suitable reverse range zone assignments found.
Outputs:
string: String of short PTR target
GetViewsByUser(username)

Lists view names available to given username

Inputs:
username: string of user name
Outputs:
list: list of view name strings
ListAccessLevels()

Lists access levels from constants for both integer and string keys

Outputs:
dict: dictionary of access levels with both string and integer-string keys
Example:
{‘32’: 32, ‘64’: 64, ‘128’: 128, ‘user’: 32, ‘unlocked_user’: 64,
‘dns_admin’: 128}
ListAvailableIpsInCIDR(cidr_block, num_ips=1, view_name=None, zone_name=None)

Finds first available ips. Only lists as many IPs as are available. Returns empty list if no IPs are available in given cidr block and a truncated list if only a portion of IPs are available.

Inputs:
cidr_block: string of ipv4 or ipv6 cidr block
Raises:
InvalidInputError: IP is in a reserved IP space. InvalidInputError: Not a valid cidr block
Outputs:
list: list of strings of ip addresses
ListGroupPermissions()
ListLatestNamedConfig(dns_server_set)

Lists the latest named config string given dns server set

This function is duplicated in roster-config-manager/roster_config_manager/tree_exporter.py

Inputs:
dns_server_set: string of dns server set name
Outputs:
dict: dictionary of latest named config
ListNamedConfGlobalOptionsClient(option_id=None, dns_server_set=None, timestamp=None)

Converts XMLRPC datetime to datetime object and runs ListNamedConfGlobalOptions

Inputs:
option_id: integer of the option id dns_server_set: string of the dns server set name timestamp: XMLRPC datetime timestamp
Outputs:
list: list of dictionarires from ListNamedConfGlobalOptions
ListRecordsByCIDRBlock(cidr_block, view_name=None, zone_name=None)

Lists records in a given cidr block.

Inputs:
cidr_block: string of ipv4 or ipv6 cidr block view_name: string of the view zone_name: string of the zone
Raise:
InvalidInputError: The CIDR block specified does not contain a valid IP IPIndexError: Record type not indexable by IP IPIndexError: Record type unknown. Missing ipv4 or ipv6 dec index
Outputs:
dict: A dictionary Keyed by view, keyed by IP, listed by record.
example:
{u’test_view’:
{u‘192.168.1.8’:
[{u’forward’: True,
u’host’: u’host6.university.edu’, u’zone’: u’forward_zone’, u’zone_origin’: u’university.edu.’},
{u’forward’: False,
u’host’: u’host6.university.edu’, u’zone’: u’reverse_zone’, u’zone_origin’: u‘1.168.192.in-addr.arpa.’}]}}
ListRecordsByZone(zone_name, view_name=None)

Lists records in a given zone.

Inputs:
zone_name: name of the zone view_name: name of the view
Output:
dict: A dictionary Keyed by view, keyed by IP, listed by record.
example:
{u’test_view’:
{u‘192.168.1.8’:
[{u’forward’: True,
u’host’: u’host6.university.edu’, u’zone’: u’forward_zone’, u’zone_origin’: u’university.edu.’},
{u’forward’: False,
u’host’: u’host6.university.edu’, u’zone’: u’reverse_zone’, u’zone_origin’: u‘1.168.192.in-addr.arpa.’}]}}
ListSortedHostsByCIDR(cidr, zone_name=None, view_name=None)
ListSortedHostsByZone(zone_name, view_name=None)
ListZoneByIPAddress(ip_address)

Lists zone name given ip_address

Inputs:
ip_address: string of ip address
Outputs:
string: string of zone name, ex: ‘test_zone’
MakeAAAARecord(target, zone_name, record_args_dict, view_name=None, ttl=None)

Makes an AAAA record.

Inputs:
target: string of target zone_name: string of zone name record_args_dict: dictionary of record arguments view_name: string of view name ttl: time to live
MakeIPv4ClasslessReverseDelegatedTargetZone(cidr_block)

Creates a delegated reverse zone

Inputs:
cidr_block: string of IPv4 cidr block
Raises:
InvalidInputError: Not a valid cidr block
MakeIPv4ClasslessReverseDelegation(name_server, cidr_block, view_name=u'any', ttl=None)

Creates classless forwarding for reverse DNS lookups

Inputs:
name_server: nameserver to add for reverse delegation cidr_block: string of CIDR block view_name: string of view for the reverse zone, defaults to ‘any’ ttl: time-to-live for the newly added records, defaults to zone ttl
Raises:
InvalidInputError: nameserver required InvalidInputError: cidr block range required InvalidInputError: Not a valid zone name or CIDR block
MakePTRRecord(target, record_args_dict, view_name=u'any', ttl=None)

Makes a ptr record.

Inputs:
target: string of target record_args_dict: dictionary of record arguments view_name: string of view name ttl: string of ttl
MakeSubdomainDelegation(zone_name, subdomain_name, nameserver, view_name=u'any')

“Makes a Delegated Subdomain Assumes delegation zone is created

Inputs:
view_name: string of view name zone_name: string of zone name subdomain_name: string of subdomain name nameserver: string of fully qualified nameserver
Raises:
InvalidInputError: Zone does not exist.
ProcessRecordsBatch(delete_records=None, add_records=None, zone_import=False)

Proccess batches of records

Inputs:
delete_records: list of dictionaries of records
ex: {‘record_ttl’: 3600, ‘record_type’: u’a’,
‘records_id’: 10, ‘record_target’: u’host1’, ‘record_zone_name’: u’forward_zone’, ‘record_last_user’: u’sharrell’, ‘record_view_dependency’: u’test_view_dep’} {‘record_type’: ‘ptr’, ‘record_target’: ‘target’, ‘view_name’: ‘view’, ‘zone_name’: ‘zone’}

add_records: list of dictionaries of records

Raises:
RecordsBatchError: Record specification too broad RecordsBatchError: No record found RecordsBatchError: Record already exists RecordsBatchError: CNAME already exists RecordsBatchError: Duplicate record found
Outputs:
int: row count
RemoveCNamesByAssignmentHost(hostname, view_name, zone_name)

Removes cname’s by assignment hostname, will not remove cnames that the user does not have permissin to remove. The function will continue and pass over that cname.

Inputs:
hostname: string of hostname view_name: string of view name zone_name: string of zone name
Raises:
UnexpectedDataError: Incorrect number of records found
Outputs:
int: number of rows modified
RemovePTRRecord(record_type, target, zone_name, record_args_dict, view_name, ttl=None)

Removes a ptr record.

Inputs:
target: string of target record_args_dict: dictionary of record arguments view_name: string of view name ttl: string of ttl
ReverseIP(ip_address)
RevertNamedConfig(dns_server_set, option_id)

Revert a Named Config file

Inputs:
option_id: the id of config to replicate dns_server_set: string of dns server set name
Raises:
InvalidInputError: DNS server set does not contain id. UnexpectedDataError: Multiple configurations found.
SortRecordsByHost(records_dict)

Generates an IP list sorted by record’s host Inputs:

record_dict: dictionary keyed by view, then keyed by IP
dictionary from ListRecordsByCIDRBlock and from ListRecordsByZone
Outputs:
sorted_list: list of sorted records
UnReverseIP(ip_address)
class roster_core.__init__.Config(file_name='/etc/roster_server.conf')

Bases: object

Abstracts a config file for Roster Core and Server

GetDb()

Creates a dbAccess instance.

Outputs:
dbAccess instance

audit_log Module

This module is used to create an audit log of activities executed on the dnsManagement core and user libs.

class roster_core.audit_log.AuditLog(log_to_syslog=False, log_to_db=False, db_instance=None, log_to_file=False, log_file_name=None)[source]

Bases: object

LogAction(user, action, data, success, current_transaction=False)[source]

Logs action to places specified in initalizer.

Inputs:

user: string of user name action: string of function name that is being logged data: dictionary of arguments

ex: {‘replay_args’: [u’test_acl’, u‘192.168.0/24’, 1],
‘audit_args’: {‘cidr_block’: u‘192.168.0/24’,
‘range_allowed’: 1, ‘acl_name’: u’test_acl’}}

success: bool of success of action current_transaction: boolean for if a transaction is already started

config Module

Module to handle config file loading.

class roster_core.config.Config(file_name='/etc/roster_server.conf')[source]

Bases: object

Abstracts a config file for Roster Core and Server

GetDb()[source]

Creates a dbAccess instance.

Outputs:
dbAccess instance

constants Module

Module to handle all constants.

core Module

Toplevel core API.

roster_core.core.CheckCoreVersionMatches(version)[source]

Does a version check between core and calling module

Inputs:
version: version to check against core’s version
Raises:
VersionDiscrepancyError: version mismatch with core version.
class roster_core.core.Core(user_name, config_instance, unittest_timestamp=None)[source]

Bases: object

Backend Roster interface.

This class is meant to be the only interface to the database for top level programming for a web or xml-rpc interface, or anything else that would need to talk to the database.

All errors raised will be a subclass of CoreError.

CheckMaintenanceFlag()[source]

Checks maintenance flag

Outputs:
bool: value of flag on or off
GetEmptyRecordArgsDict(record_type)[source]

Gets record args dict for the record_type.

Inputs:
record_type: string of record type (example: u’mx’)
Outputs:
dictionary: which is different for each record type.
(example: {u’priority’: 10,
u’mail_server’: ‘mail.sub.university.edu.’})
ListACLs(acl_name=None, cidr_block=None)[source]

List one or many acls, if all args are none it will them all, or just search on one more terms.

Inputs:
acl_name: string of acl name cidr_block: string of valid CIDR block or IP address
Outputs:
dictionary: keyed by the acl name whos value is a list dictionaries with
the cidr block and range allowed values.
example: {‘rfc_1918_networks’: [{‘cidr_block’: ‘192.168/16’},
{‘cidr_block’: ‘10/8’}],
‘university_networks’: [{‘cidr_block’: ‘1.2.3/24’},
{‘cidr_block’: ‘1.1.1/24’}]}
ListAuditLog(user_name=None, action=None, success=None, begin_timestamp=None, end_timestamp=None)[source]

Lists audit log

Inputs:
user_name: string of user name action: string of function success: intbool of success begin_timestamp: datetime object of beginning timestamp end_timestamp: datetime object of ending timestamp
Raises:
UnexpectedDataError: Missing begin_timestamp or end_timestamp.
Outputs:
dict: Dictionary of audit log
ex: {‘action’: u’Action’, ‘data’, u’Data’,
‘audit_log_timestamp’: datetime.datetime, ‘audit_log_user_name’: u’username’}
ListCredentials(credential=None, user_name=None, infinite_cred=None)[source]

Lists infinte credentials.

This function basically just calls _ListCredentials but runs Authorize before.

Inputs:
credential: string of specific credential that is being searched for user_name: string of name of user that is being searched for infinite_cred: bool of search for infinite or non infinite creds
ListDnsServerSetAssignments(dns_server_name=None, dns_server_set_name=None)[source]

List dns server set assignments. Inputs:

dns_server_name: string of dns server name dns_server_set_name: string of dns server set name
Outputs:
dictionary keyed by server sets.
ListDnsServerSetViewAssignments(view_name=None, dns_server_set_name=None, key_by_view=False)[source]

List dns server set view assignments

Assignments can be given as a dictionary of dns server names with lists of view names or as a dictionary of view names with lists of dns server names.

Outputs:

Dictionary keyed by view name or dns server set name with values of lists of view names or dns server sets depending on key_by_view bool

example keyed by view_name: {‘view1’: [‘set1’, ‘set2’],
‘view2’: [‘set2’]}
example keyed by dns_server_set_name: {‘set1’: [‘view1’]
‘set2’: [‘view1’, ‘view2’]}
ListDnsServerSets(dns_server_set_name=None)[source]

List all dns server sets

Inputs:
dns_server_set_name: string of dns server set name
Outputs:
list of dns server sets
ListDnsServers(dns_server_name=None)[source]

List dns servers.

Outputs:
int: number of rows modified
ListForwardZonePermissions(zone_name=None, group_name=None, group_permission=None)[source]

List forward zone permissions.

Inputs:
zone_name: string of zone name group_name: string of group name group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
Outputs:

dictionary keyed by group name with values of lists of dictionaries containing zone names and group permissions

example: {‘dept’: [{‘zone_name’: ‘sub.univeristy.edu’,
‘group_permission’: [‘a’, ‘aaaa’, ‘cname’]},
{‘zone_name’: ‘othersub.university.edu’,
‘group_permission’: [‘a’, ‘aaaa’, ‘cname’, ‘soa’]}],
‘otherdept’: [{‘zone_name’: ‘sub.university.edu’,
‘group_permission’: [‘a’, ‘aaaa’]}]}
ListGroups()[source]

List all groups.

Outputs:
list of groups
example [‘cs’, ‘bio’]
ListNamedConfGlobalOptions(option_id=None, dns_server_set=None, timestamp=None)[source]

Lists named conf global options

Inputs:
option_id: integer of named conf global option id dns_server_set: string of the dns server set name timestamp: datetime object of timestamp to search
Outputs:
named_conf_list: list of named conf global options
ListRecordArgumentDefinitions(record_type=None)[source]

List record argument definitions. This is mainly for the exporter to programtically construct records for exporting.

This function is duplicated in roster-config-manager/roster_config_manager/tree_exporter.py

Inputs:
record_type: string of record type
Outputs:
dictionary keyed by record type with values of lists

of lists of record arguments sorted by argument order. example: {‘mx’: [{‘argument_name’: u’priority’,

‘record_arguments_type’: u’mx’, ‘argument_data_type’: u’UnsignedInt’, ‘argument_order’: 0},

{‘argument_name’: u’mail_server’, ‘record_arguments_type’: u’mx’, ‘argument_data_type’: u’Hostname’, ‘argument_order’: 1}]}

ListRecords(record_type=None, target=None, zone_name=None, view_name=None, ttl=None, record_args_dict=None)[source]

Lists records.

Inputs:

record_type: string of record type (example: u’mx’) target: string of target (example u’machine-01.sub.univeristy.edu.’) zone_name: string of zone name (example u’sub.university.edu’) ttl: int of time to live per record view_name: string of view name (example u’internal’) record_args_dict: dictionary, which is different for each record type.

an example dictionary can be obtained with the GetEmptyRecordArgsDict function in this class (example: {u’priority’: 10,

u’mail_server’: ‘mail.sub.university.edu.’})
Raises:
UnexpectedDataError: Must specify record_type with record_args_dict.
Outputs:
list of record dictionaries

Each dictionary can have different args depending on record type. All of them will include record_type, target, zone_name, ttl, and view_name regardless of record type. Below is an example of an mx record search. example: [{‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,

‘zone_name’: ‘university.edu’, ttl: 3600, ‘view_name’: ‘external’, ‘priority’: 10, ‘mail_server’: ‘smtp-01.university.edu.’, ‘last_user’: ‘sharrell},
{‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,
‘zone_name’: ‘university.edu’, ttl: 3600, ‘view_name’: ‘external’, ‘priority’: 20, ‘mail_server’: ‘smtp-02.university.edu.’}, ‘last_user’: ‘sharrell}]
ListReservedWords()[source]

Lists reserved words.

Output:
list: list of reserved words
ex: [‘reservedword1’, ‘reservedword2’]
ListReverseRangePermissions(cidr_block=None, group_name=None, group_permission=None)[source]

List reverse range permissions.

Inputs:
cidr_block: string of cidr block group_name: string of group name group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
Outputs:

dictionary keyed by group name with values of lists of dictionaries containing reverse ranges and group permissions

example: {‘dept’: [{‘cidr_block’: ‘192.168.0/24’,
‘group_permission’: [u’cname’, u’ptr’]},
{‘cidr_block’: ‘192.168.1/24’,
‘group_permission’: [u’ptr’]}],
‘otherdept’: [{‘cidr_block’: ‘192.168.1/24’,
‘group_permission’: [u’cname’, u’ns’, u’ptr’,
u’soa’]}]}
ListReverseRangeZoneAssignments(zone_name=None, cidr_block=None)[source]

Lists reverse range to zone assignments.

Inputs:
zone_name: string of zone name cidr_block: string of cidr block
Outputs:
dictionary: keyed by zone_name with values of cidr blocks
example: {‘10.in-addr.arpa’: ‘10/8’,
‘9.168.192.in-addr.arpa’: ‘192.168.9/24’}
ListUserGroupAssignments(user_name=None, group_name=None, key_by_group=False)[source]

List user-group assignments.

Assignments can be given as a dictionary of users with lists of groups or as a dictionary of groups as a list of users.

Outputs:

dictionarie keyed by group or user with values of lists of groups or users depending on key_by_group bool

example keyed by user: {‘sharrell’: [‘cs’, ‘bio’],
‘shuey’: [‘cs’]}
example keyed by group: {‘cs’: [‘shuey’, ‘sharrell’]
‘bio’: [‘sharrell’]
ListUsers(user_name=None, access_level=None)[source]

Lists one or many users, if all args are None then list them all.

Inputs:
user_name: string of user name access_level: int from 0-255 as defined in user.py
Output:
dictionary: keyed by the user name with value of access_level.
example: {‘sharrell’: 128,
‘shuey’: 64}
ListViewAssignments(view_superset=None, view_subset=None)[source]

Lists view assignments.

For more informaton about view assignments please read the MakeViewAssignment docstring.

Inputs:
view_superset: string of view name view_subset: string of view name
Outputs:
dictionary keyed by view supersets with values lists of view subsets
ListViewToACLAssignments(view_name=None, acl_name=None, acl_range_allowed=None)[source]

Lists some or all view to acl assignments corresponding to the given args.

Inputs:
view_name: string of view name acl_name: string of acl name
Outputs:
list: list contains dictionaries of assignments
example: [{‘view_name’: ‘main_view’, ‘acl_name’: ‘internal’,
‘acl_range_allowed’: ‘true’},
{‘view_name’: ‘other_view’, ‘acl_name’: ‘external’,
‘acl_range_allowed’: ‘false’}]
ListViews(view_name=None)[source]

Lists all views.

Outputs:
dictionary: dict keyed by view name with a value of the view args.
example: {‘view_1’: ‘also-notify {192.168.0.1;}nallow-transfer ‘
‘{university_networks};;’,

‘view_2’: ‘other-arg { thing };’}

ListZoneTypes()[source]

Lists zone types.

Outputs:
list: list of zone types, example: [‘master’, ‘slave’, ‘forward’]
ListZones(zone_name=None, zone_type=None, zone_origin=None, view_name=None)[source]

Lists zones.

Inputs:
zone_name: string of zone name zone_type: string of zone type zone_origin: string of zone origin. ex dept.univiersity.edu. view_name: string of view name
Outputs:

Dictionary of dictionaries. The parent dictionary is keyed by zone name, the secondary dictionary is keyed by view name and the third is keyed by type of data.

example:
{‘zone.university.edu’: {‘internal’: {‘zone_type’: ‘master’,

‘zone_options’: ‘misc opts’, ‘zone_origin’:

‘university.edu.’},
‘any’: {‘zone_type’: ‘master’
‘zone_options’: ‘other options’, ‘zone_origin’: ‘university.edu.’}},
‘otherzone.university.edu’: {‘any’: {‘zone_type’: ‘slave’,
‘zone_options’: ‘options’}}}
MakeACL(acl_name, cidr_block)[source]

Makes an acl from args.

Inputs:
acl_name: string of acl name cidr_block: string of valid CIDR block or IP address
MakeDnsServer(dns_server_name)[source]

Makes one dns server

Inputs:
dns_server_name: string of the dns server name
MakeDnsServerSet(dns_server_set_name)[source]

Make dns server set.

Inputs:
dns_server_set_name: string of dns server set name
MakeDnsServerSetAssignments(dns_server_name, dns_server_set_name)[source]

Make dns server set assignment.

Inputs:
dns_server_name: string of dns server name dns_server_set_name: string of dns server set name
MakeDnsServerSetViewAssignments(view_name, dns_server_set_name)[source]

Make dns server set view assignment

Inputs:
view_name: string of the view name dns_server_set_name: string of the dns server set name
MakeForwardZonePermission(zone_name, group_name, group_permission=None)[source]

Make forward zone permission.

Inputs:
zone_name: string of zone name group_name: string of group name group_permission: list group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
MakeGroup(group_name)[source]

Make group.

Inputs:
group_name: string of group name
MakeInfiniteCredential(user_name, credential=None)[source]

Creates an infinite credential.

Inputs:
user_name: string of user to create credential for.
Outputs:
string: credential string created
MakeNamedConfGlobalOption(dns_server_set, options)[source]

Makes named conf global option

Inputs:
dns_server_set: string of name of dns server set options: string of named conf file
MakeRecord(record_type, target, zone_name, record_args_dict, view_name=None, ttl=None)[source]

Makes a record.

Please check core_helpers for functions to make certain records that need help before using this directly. For instance MakePTRRecord and MakeAAAARecord.

Raises:
InvalidInputError: ”.” not allowed as terminator in non-ptr target. InvalidInputError: An SOA cannot be made in the “any” view. InvalidInputError: CNAME already exists. InvalidInputError: Record already exists. InvalidInputError: Duplicate record found.
Inputs:

record_type: string of record type (example: u’mx’) target: string of target (example u’machine-01’) zone_name: string of zone name (example u’sub.university.edu’) ttl: int of time to live per record view_name: string of view name (example u’internal’) record_args_dict: dictionary, which is different for each record type.

an example dictionary can be obtained with the GetEmptyRecordArgsDict function in this class (example: {u’priority’: 10,

u’mail_server’: ‘mail.sub.university.edu.’})
MakeReservedWord(reserved_word)[source]

Create a reserved word.

Inputs:
reserved_word: string of reserved word
MakeReverseRangePermission(cidr_block, group_name, group_permission=None)[source]

Make reverse range permission.

Inputs:
cidr_block: string of cidr block group_name: string of group name group_permission: list of group permissions, i.e., [‘cname’, ‘ptr’]
MakeReverseRangeZoneAssignment(zone_name, cidr_block)[source]

Makes a reverse range to zone assignment.

Inputs:
zone_name: string of zone name cidr_block: string of cidr block
MakeUser(user_name, access_level)[source]

Create a user.

Inputs:
user_name: string of user name access_level: int from 0-255 as defined in user.py
MakeUserGroupAssignment(user_name, group_name)[source]

Make user-group assignment.

Inputs:
group_name: string of group name user_name: string of user name
MakeView(view_name, view_options=None)[source]

Makes a view and all of the other things that go with a view.

For more information about views please see docstring for MakeViewAssignments.

Inputs:

view_name: string of view name view_options: string of view options, defaults to empty string.

MakeViewAssignment(view_superset, view_subset)[source]

Assigns a view to view.

A view contains zones in that view. However zones can be assigned to another view that is a superset of views. For example an assignment can be made for view_a(view_superset) to also include all of view_b’s(view_subset) zones(and by proxy, records). This prevents having to have duplicate records in each view.

Most of the time this will not be needed as there is a special subset included in all views(unless explicitly deleted) called the ‘any’ view. Records in the ‘any’ view will be in all views that have not been explicity changed to remove the ‘any’ view.

The ‘any’ view subset is automatically tied to a view when a view is created. Also this is the default view for records and zones(again it can be explicitly changed if needed).

Inputs:
view_superset: string of view name view_subset: string of view name
MakeViewToACLAssignments(view_name, acl_name, acl_range_allowed)[source]

Makes view to acl assignment

Inputs:
view_name: string of view name acl_name: string of acl name acl_range_allowed: boolean to allow/disallow given acl range
MakeZone(zone_name, zone_type, zone_origin, view_name=None, zone_options=None, make_any=True)[source]

Makes a zone.

Inputs:

zone_name: string of zone name zone_type: string of zone type zone_origin: string of zone origin. ex dept.univiersity.edu. zone_options: string of zone_options(defaults to empty string)

view_name: string of view name(defaults to ‘any’)
see docstring of MakeViewAssignments as to why ‘any’ is default

make_any: regardless of view name, make any as well(default to True)

Raises:
UnexpectedDataError: Invalid zone type.
MakeZoneType(zone_type)[source]

Makes a new zone type.

Inputs:
zone_type: string of zone type
RemoveACL(acl_name)[source]

Removes an acl from args. Will also remove relevant acl-view assignments.

Inputs:
acl_name: string of acl name
Outputs:
int: number of rows modified
RemoveCIDRBlockFromACL(acl_name, cidr_block)[source]

Makes CIDR Block from ACL

Inputs:
acl_name: string of acl name cidr_block: string of valid CIDR block or IP address range_allowed: Int bool of if range should be allowed or denied
Outputs:
int: number of rows modified
RemoveCredential(credential=None, user_name=None)[source]

Removes a credential

This function will call _RemoveCredential after Authorize and then log it.

Inputs:
credential: string of credential to remove user_name: string of user name who has a credential to remove
RemoveDnsServer(dns_server_name)[source]

Removes dns server.

Inputs:
dns_server_name: string of dns server name
Outputs:
int: number of rows modified
RemoveDnsServerSet(dns_server_set_name)[source]

Remove dns server set.

Inputs:
dns_server_set_name: string of dns server set name
Outputs:
int: number of rows modified
RemoveDnsServerSetAssignments(dns_server_name, dns_server_set_name)[source]

Remove a dns server set assignment

Inputs:
dns_server_name: string of dns server name dns_server_set_name: string of dns server set name
RemoveDnsServerSetViewAssignments(view_name, dns_server_set_name)[source]

Remove dns server set view assignment

Inputs:
view_name: string of view name dns_server_set_name: string of dns server set name
Outputs:
int: number of rows modified
RemoveForwardZonePermission(zone_name, group_name, group_permission)[source]

Remove forward zone permissions.

Inputs:
zone_name: string of zone name group_name: string of group name group_permission: list of group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
Outputs:
int: number of rows affected
RemoveGroup(group_name)[source]

Remove group.

Inputs:
group_name: string of group name
Outputs:
int: number of rows modified
RemoveRecord(record_type, target, zone_name, record_args_dict, view_name, ttl=None)[source]

Remove record.

Inputs:
record_type: type of record target: target name zone_name: name of zone record_args_dict: dictionary of record arguments view_name: name of view ttl: time to live
Raises:
InvalidInputError: No records found.
Multiple records found for used search terms.

RecordError: Could not remove record for an unknown reason.

RemoveReservedWord(reserved_word)[source]

Removes a reserved word.

Inputs:
reserved_word: string of reserved word
Outputs:
int: number of rows modified
RemoveReverseRangePermission(cidr_block, group_name, group_permission)[source]

Remove reverse range permissions.

Inputs:
cidr_block: string of cidr block group_name: string of group name group_permission: list of group permissions, i.e., [‘a’, ‘aaaa’, ‘cname’]
Outputs:
int: number of rows affected
RemoveReverseRangeZoneAssignment(zone_name, cidr_block)[source]

Remove reverse range to zone assignment.

Inputs:
zone_name: string of zone name cidr_block: string of cidr block
Outputs:
int: number of rows affected
RemoveUser(user_name)[source]

Removes a user.

Inputs:
user_name: string of user name
Outputs:
int: number of rows modified
RemoveUserGroupAssignment(user_name, group_name)[source]

Remove user-group.

Inputs:
group_name: string of group name user_name: string of user name
Outputs:
int: number of rows modified
RemoveView(view_name)[source]

Removes a view.

Also removes anything attatched to that view. Including any information about a specific zone in the view and any records in that view. Please point gun away from foot.

Inputs:
view_name: string of view name
Raises:
InvalidInputError: Cannot remove view any
Outputs:
int: number of rows modified
RemoveViewAssignment(view_superset, view_subset)[source]

Removes a view assignment.

For more informaton about view assignments please read the MakeViewAssignment docstring.

Inputs:
view_superset: string of view name view_subset: string of view name
RemoveViewToACLAssignments(view_name, acl_name, acl_range_allowed)[source]

Removes view to acl assignment

Inputs:
view_name: string of view name acl_name: string of acl name
Outputs:
int: number of rows modified
RemoveZone(zone_name, view_name=None)[source]

Removes a zone.

Inputs:
zone_name: string of zone name view_name: string of view name
Outputs:
int: number of rows affected
RemoveZoneType(zone_type)[source]

Removes a zone type.

Inputs:
zone_type: string of zone type
Outputs:
int: number of rows affected
SetMaintenanceFlag(value)[source]

Sets maintenance flag

Inputs:
value: boolean of flag on or off
UpdateDnsServer(search_dns_server_name, update_dns_server_name)[source]

Updates dns server

Inputs:
search_dns_server_name: string of dns server name update_dns_server_name: new string of dns server name
Outputs:
int: number of rows modified
UpdateDnsServerSet(search_dns_server_set_name, update_dns_server_set_name)[source]

Update dns_server_set.

Inputs:
search_dns_server_set_name: string of dns_server_set name update_dns_server_set_name: string of dns_server_set name
Outputs:
int: number of rows modified
UpdateGroup(search_group_name, update_group_name)[source]

Update group.

Inputs:
search_group_name: string of group name update_group_name: string of group name
Outputs:
int: number of rows modified
UpdateGroupForwardPermission(zone_name, group_name, new_permissions)[source]

Updates forward zone group permissions

Inputs:
zone_name: string of zone name group_name: string of group name new_permissions: list of permissions. (ex [u’a’, u’aaaa’, u’cname’])
Raises:
AuthorizationError: Group does not have access to supplied zone
UpdateGroupReversePermission(cidr_block, group_name, new_permissions)[source]

Updates forward zone group permissions

Inputs:
cidr_block: string of cidr_block group_name: string of group name new_permissions: list of permissions. (ex [u’a’, u’aaaa’, u’cname’])
Raises:
AuthorizationError: Group does not have access to supplied cidr block
UpdateRecord(search_record_type, search_target, search_zone_name, search_record_args_dict, search_view_name=None, search_ttl=None, update_target=None, update_zone_name=None, update_record_args_dict={}, update_view_name=None, update_ttl=None)[source]

Update record.

Inputs:
search_record_type: type of record search_target: target search_zone_name: name of zone search_record_args_dict: dictionary of record arguments search_view_name: name of view search_ttl: time to live update_target: target update_zone_name: name of zone update_record_args_dict: dictionary of record arguments update_view_name: name of view update_ttl: time to live
Raises:
InvalidInputError: ”.” not allowed as terminator in non-ptr target. InvalidInputError: Record already exists. InvalidInputError: CNAME already exists. InvalidInputError: Duplicate record found. InvalidInputError: No records found. InvalidInputError: Multiple records found for used search terms.
UpdateUser(search_user_name, update_user_name=None, update_access_level=None)[source]

Updates a user.

Inputs:
search_user_name: string of user name update_user_name: string of user name update_access_level: int from 0-255 as defined in user.py
Outputs:
int: number of rows modified
UpdateView(search_view_name, update_view_name=None, update_view_options=None)[source]

Updates a view.

Also updates anything attatched to that view. Including any information about a specific zone in the view and any records in that view.

Inputs:

search_view_name: string of view name to be updated update_view_name: string of view name to update with update_view_options: string of view options, defaults to empty string.

Raises:
InvalidInputError: Cannot update view any.
UpdateZone(search_zone_name, search_view_name=None, update_zone_name=None, update_zone_options=None, update_zone_type=None)[source]

Updates zone options or zone type of zone

Inputs:

search_zone_name: string of zone name search_view_name: string of view name update_zone_name: string of zone name update_zone_type: string of zone type update_zone_options: string of zone options

Outputs:
int: number of rows affected

core_helpers Module

Core helper functions.

class roster_core.core_helpers.CoreHelpers(core_instance)[source]

Bases: object

Library of helper functions that extend the core functions.

AddFormattedRecords(zone_name, zone_file_string, view)[source]

Adds records from a string of a partial zone file

Inputs:
zone_name: string of zone name zone_file_string: string of the file contents view: string of view name
Outputs:
int: Amount of records added to db.
CIDRExpand(cidr_block, begin=None, end=None)[source]
ConstructRecordArgsDictFromRecordID(record_id)[source]

Constructs the records_arg_dict from the Roster database given only the record id.

Inputs: record_id: int of record id

Outputs: record_args_dict: dictionary of arguments and their values

ExpandIPV6(ip_address)[source]
GetAssociatedCNAMEs(hostname, view_name, zone_name, recursive=False)[source]

Lists cname’s by assignment hostname.

Inputs:
hostname: string of hostname view_name: string of view name zone_name: string of zone name
Outputs:
list: list of found cname dictionaries
GetCIDRBlocksByView(view, username)[source]

Lists CIDR blocks available to a username in a given view

Inputs:
view: string of view name username: string of user name
Outputs:
list: list of cidr block strings
GetPTRTarget(long_target, view_name=u'any')[source]

Gets the short PTR target given the long PTR target Inputs:

long_target: String of long PTR target view_name: String of view name
Raises:
InvalidInputError: No suitable reverse range zone assignments found.
Outputs:
string: String of short PTR target
GetViewsByUser(username)[source]

Lists view names available to given username

Inputs:
username: string of user name
Outputs:
list: list of view name strings
ListAccessLevels()[source]

Lists access levels from constants for both integer and string keys

Outputs:
dict: dictionary of access levels with both string and integer-string keys
Example:
{‘32’: 32, ‘64’: 64, ‘128’: 128, ‘user’: 32, ‘unlocked_user’: 64,
‘dns_admin’: 128}
ListAvailableIpsInCIDR(cidr_block, num_ips=1, view_name=None, zone_name=None)[source]

Finds first available ips. Only lists as many IPs as are available. Returns empty list if no IPs are available in given cidr block and a truncated list if only a portion of IPs are available.

Inputs:
cidr_block: string of ipv4 or ipv6 cidr block
Raises:
InvalidInputError: IP is in a reserved IP space. InvalidInputError: Not a valid cidr block
Outputs:
list: list of strings of ip addresses
ListGroupPermissions()[source]
ListLatestNamedConfig(dns_server_set)[source]

Lists the latest named config string given dns server set

This function is duplicated in roster-config-manager/roster_config_manager/tree_exporter.py

Inputs:
dns_server_set: string of dns server set name
Outputs:
dict: dictionary of latest named config
ListNamedConfGlobalOptionsClient(option_id=None, dns_server_set=None, timestamp=None)[source]

Converts XMLRPC datetime to datetime object and runs ListNamedConfGlobalOptions

Inputs:
option_id: integer of the option id dns_server_set: string of the dns server set name timestamp: XMLRPC datetime timestamp
Outputs:
list: list of dictionarires from ListNamedConfGlobalOptions
ListRecordsByCIDRBlock(cidr_block, view_name=None, zone_name=None)[source]

Lists records in a given cidr block.

Inputs:
cidr_block: string of ipv4 or ipv6 cidr block view_name: string of the view zone_name: string of the zone
Raise:
InvalidInputError: The CIDR block specified does not contain a valid IP IPIndexError: Record type not indexable by IP IPIndexError: Record type unknown. Missing ipv4 or ipv6 dec index
Outputs:
dict: A dictionary Keyed by view, keyed by IP, listed by record.
example:
{u’test_view’:
{u‘192.168.1.8’:
[{u’forward’: True,
u’host’: u’host6.university.edu’, u’zone’: u’forward_zone’, u’zone_origin’: u’university.edu.’},
{u’forward’: False,
u’host’: u’host6.university.edu’, u’zone’: u’reverse_zone’, u’zone_origin’: u‘1.168.192.in-addr.arpa.’}]}}
ListRecordsByZone(zone_name, view_name=None)[source]

Lists records in a given zone.

Inputs:
zone_name: name of the zone view_name: name of the view
Output:
dict: A dictionary Keyed by view, keyed by IP, listed by record.
example:
{u’test_view’:
{u‘192.168.1.8’:
[{u’forward’: True,
u’host’: u’host6.university.edu’, u’zone’: u’forward_zone’, u’zone_origin’: u’university.edu.’},
{u’forward’: False,
u’host’: u’host6.university.edu’, u’zone’: u’reverse_zone’, u’zone_origin’: u‘1.168.192.in-addr.arpa.’}]}}
ListSortedHostsByCIDR(cidr, zone_name=None, view_name=None)[source]
ListSortedHostsByZone(zone_name, view_name=None)[source]
ListZoneByIPAddress(ip_address)[source]

Lists zone name given ip_address

Inputs:
ip_address: string of ip address
Outputs:
string: string of zone name, ex: ‘test_zone’
MakeAAAARecord(target, zone_name, record_args_dict, view_name=None, ttl=None)[source]

Makes an AAAA record.

Inputs:
target: string of target zone_name: string of zone name record_args_dict: dictionary of record arguments view_name: string of view name ttl: time to live
MakeIPv4ClasslessReverseDelegatedTargetZone(cidr_block)[source]

Creates a delegated reverse zone

Inputs:
cidr_block: string of IPv4 cidr block
Raises:
InvalidInputError: Not a valid cidr block
MakeIPv4ClasslessReverseDelegation(name_server, cidr_block, view_name=u'any', ttl=None)[source]

Creates classless forwarding for reverse DNS lookups

Inputs:
name_server: nameserver to add for reverse delegation cidr_block: string of CIDR block view_name: string of view for the reverse zone, defaults to ‘any’ ttl: time-to-live for the newly added records, defaults to zone ttl
Raises:
InvalidInputError: nameserver required InvalidInputError: cidr block range required InvalidInputError: Not a valid zone name or CIDR block
MakePTRRecord(target, record_args_dict, view_name=u'any', ttl=None)[source]

Makes a ptr record.

Inputs:
target: string of target record_args_dict: dictionary of record arguments view_name: string of view name ttl: string of ttl
MakeSubdomainDelegation(zone_name, subdomain_name, nameserver, view_name=u'any')[source]

“Makes a Delegated Subdomain Assumes delegation zone is created

Inputs:
view_name: string of view name zone_name: string of zone name subdomain_name: string of subdomain name nameserver: string of fully qualified nameserver
Raises:
InvalidInputError: Zone does not exist.
ProcessRecordsBatch(delete_records=None, add_records=None, zone_import=False)[source]

Proccess batches of records

Inputs:
delete_records: list of dictionaries of records
ex: {‘record_ttl’: 3600, ‘record_type’: u’a’,
‘records_id’: 10, ‘record_target’: u’host1’, ‘record_zone_name’: u’forward_zone’, ‘record_last_user’: u’sharrell’, ‘record_view_dependency’: u’test_view_dep’} {‘record_type’: ‘ptr’, ‘record_target’: ‘target’, ‘view_name’: ‘view’, ‘zone_name’: ‘zone’}

add_records: list of dictionaries of records

Raises:
RecordsBatchError: Record specification too broad RecordsBatchError: No record found RecordsBatchError: Record already exists RecordsBatchError: CNAME already exists RecordsBatchError: Duplicate record found
Outputs:
int: row count
RemoveCNamesByAssignmentHost(hostname, view_name, zone_name)[source]

Removes cname’s by assignment hostname, will not remove cnames that the user does not have permissin to remove. The function will continue and pass over that cname.

Inputs:
hostname: string of hostname view_name: string of view name zone_name: string of zone name
Raises:
UnexpectedDataError: Incorrect number of records found
Outputs:
int: number of rows modified
RemovePTRRecord(record_type, target, zone_name, record_args_dict, view_name, ttl=None)[source]

Removes a ptr record.

Inputs:
target: string of target record_args_dict: dictionary of record arguments view_name: string of view name ttl: string of ttl
ReverseIP(ip_address)[source]
RevertNamedConfig(dns_server_set, option_id)[source]

Revert a Named Config file

Inputs:
option_id: the id of config to replicate dns_server_set: string of dns server set name
Raises:
InvalidInputError: DNS server set does not contain id. UnexpectedDataError: Multiple configurations found.
SortRecordsByHost(records_dict)[source]

Generates an IP list sorted by record’s host Inputs:

record_dict: dictionary keyed by view, then keyed by IP
dictionary from ListRecordsByCIDRBlock and from ListRecordsByZone
Outputs:
sorted_list: list of sorted records
UnReverseIP(ip_address)[source]

data_validation Module

This module contains static methods for validating different kinds of data.

class roster_core.data_validation.DataValidation(reserved_words, group_permissions)[source]

Bases: object

ListGroupPermissions()[source]

Returns a list of group permissions pulled from the database

Outputs:
list: list of string group permissions
ValidateRowDict(table_name, row_dict, none_ok=False, all_none_ok=False)[source]

Checks row dictionaries for correctness in reference to know data types and column names in the coresponding table.

Input:
table_name: string of table name row_dict: dict of row none_ok: bool of allowance of None as a value in the dict all_none_ok: bool of allowance of None as every value in the dict
Raises:
UnexpectedDataError: Missing key in dictionary UnexpectedDataError: Dictionary has extra key that is not used. FunctionError: No Function to check data type UnexpectedDataError: Invalid data type UnexpectedDataError: Need to fill out at least one value in dict
isAccessLevel(access_level)[source]

Checks to make sure that the string is a valid access level.

Inputs:
access_level: unisgned int that is in constants.ACCESS_LEVELS
Outputs:
bool: if access level is valid or not
isCIDRBlock(cidr_block)[source]

Checks that a string is a CIDR block.

http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing

Inputs:
cidr_block: string of CIDR block
Outputs:
bool: if it is valid CIDR block
isDateTime(date_time)[source]

Checks that is a unicode string and that is a valid time stamp.

Inputs:
date_time: string of date in format YYYY-MM-DD HH:MM:SS
Outputs:
bool: if it is a valid date
isGroupPermission(group_permission)[source]

Checks to make sure that the string is a valid group permission.

Inputs:
group_permission: unicode string of a group permission
Outputs:
bool: if group permission is valid or not
isHostname(host_name)[source]

Checks that is a unicode string and that is properly dotted.

Inputs:
host_name: string of properly dotted time stamp
Outputs:
bool: if it is a valid hostname
isIPv4IPAddress(ip_address)[source]

Checks that a string is an ipv4 IP Address.

Inputs:
ip_address: string of an ipv4 ip address
Outputs:
bool: if string is valid ip address
isIPv6IPAddress(ip_address)[source]

Checks that a string is a fully enumerated ipv6 IP Address.

Inputs:
ip_address: string of ipv6 ip address
Outputs:
bool: if string is valid ip address
isIntBool(int_bool)[source]

Checks that int_bool is only 1 or 0 and nothing else.

Inputs:
int_bool: 1 or 0
Outputs:
bool: if it is a valid int bool
isPickleString(pickle_string)[source]

Checks that the string can be unpickled.

Inputs:
pickle_string: string to be unpickled.
Outputs:
bool: if it is a valid pickle string
isReservedWord(u_string)[source]

Checks that a string is unicode. Ignores reserved words.

Inputs:
u_string: unicode string
Outputs:
bool: bool if string or not
isTarget(target)[source]

Checks that a target and it’s components have the correct length

Inputs: target: target string

Outputs: bool: if it is a valid target

isUnicodeString(u_string)[source]

Checks that a string is unicode.

Inputs:
u_string: unicode string
Raises:
ReservedWordError: Reserved word found, unable to complete request.
Outputs:
bool: bool if string or not
isUnicodeString255(string)[source]

Checks that is a unicode string and that is less than 256 characters long

Inputs:
string: string to validate
Outputs:
bool: if it is a valid unicode string of correct length
isUnicodeStringNoSpaces(string)[source]

Checks that string is unicode and contains no spaces

Inputs:
string: string to validate
Outputs:
bool: if it is a valid unicode string with no spaces
isUnsignedInt(unsigned_int)[source]

Checks that unsigned_int is of int class and is 0 or higher.

Inputs:
unsigned_int: integer
Outputs:
bool: if it is a valid unsigned int

db_access Module

This module is an API to access the dnsManagement database.

This module should only be run by servers with authentication layers that are active. This module does not include authentication, but does include authorization.

The api that will be exposed by this module is meant for use in a web application or rpc server. This module is not for use in command line tools.

The two primary uses of this class are: 1. to use convience functions to get large amounts of data out of the db

without large amounts of db queries. For usage on this consult the pydoc on the individual functions.
  1. to Make/Remove/List rows in the database. The method that is used in this

class is based on generic Make/Remove/Lock functions that take specifc dictionaries that correspond to the table that is being referenced.

Here is an example of how to remove rows from the acls table:

acls_dict = db_instance.GetEmptyRowDict(‘acls’) acls_dict[‘acl_name’] = ‘test_acl’ db_instance.StartTransaction() try:

matching_rows = db_instance.ListRow(‘acls’, acls_dict) for row in matching_rows:

db_instance.RemoveRow(‘acls’, row)
except Exception:
db_instance.EndTransaction(rollback=True)
else:
db_instance.EndTransaction()
Note: MySQLdb.Error can be raised in almost any function in this module. Please
keep that in mind when using this module.
class roster_core.db_access.dbAccess(db_host, db_user, db_passwd, db_name, big_lock_timeout, big_lock_wait, thread_safe=True, ssl=False, ssl_ca=None, ssl_cert=None, ssl_key=None, ssl_capath=None, ssl_cipher=None, db_debug=False, db_debug_log=None)[source]

Bases: object

This class provides the primary interface for connecting and interacting with the roster database.

CheckMaintenanceFlag()[source]

Checks the maintenance flag in the database.

Outputs:
bool: boolean of maintenance mode
CreateRosterDatabase(schema=None)[source]

Destroys existing table structure in database and replaces it with schema that is passed in(or default schema).

DO NOT RUN THIS AGAINST A DATABASE THAT IS NOT READY TO BE CLEARED

This function is used because of a poorly understood bug in MySQLdb that does not allow our schema to be executed as one big query. The work around is splitting the whole thing up and commiting each piece separately.

Inputs:
schema: string of sql schema
DumpDatabase()[source]

This will dump the entire database to memory.

This would be done by mysqldump but it needs to be done in the same lock as other processes. So this is a simple mysqldump function.

Outputs:
Dictionary: Dictionary with keys of table name and schema/data for each
table as values.
EndTransaction(rollback=False)[source]

Ends a transaction.

Also does some simple checking to make sure a connection was open first and releases itself from the current queue.

Inputs:
rollback: boolean of if the transaction should be rolled back
Raises:
TransactionError: Must run StartTansaction before EndTransaction.
GetCurrentTime()[source]

Returns datetime object of current time in database.

Outputs:
datetime: current time in the database
GetEmptyRecordArgsDict(record_type)[source]

Gets empty args dict for a specific record type

Inputs:
record_type: string of record type
Outputs:
dictionary: keyed by argument name with values of None
example: {‘mail_host’: None
‘priority’: None}
GetEmptyRowDict(table_name)[source]

Gives a dict that has all the members needed to interact with the the given table using the Make/Remove/ListRow functions.

Inputs:
table_name: string of valid table name from constants
Raises:
InvalidInputError: Table name not valid
Outputs:
dictionary: of empty row for specificed table.

example acls dict: {‘acl_name’: None

‘acl_range_allowed: None, ‘acl_cidr_block’: None }
GetRecordArgsDict(record_type)[source]

Get args for a specific record type from the db and shove them into a dictionary.

Inputs:
record_type: string of record type
Raises:
InvalidInputError: Unknown record type
Outputs:
dictionary: keyed by argument name with values of data type of that arg
example: {‘mail_host’: ‘Hostname’
‘priority’: ‘UnsignedInt’}
GetUserAuthorizationInfo(user)[source]

Grabs authorization data from the db and returns a dict.

This function does two selects on the db, one for forward and one for reverse zones. It also parses the data into a dict for ease of use.

Inputs:
user: string of username
Raises:
UnexpectedDataError: Row did not contain
reverse_range_permissions or forward_zone_permissions
Outputs:
dict: dict with all the relevant information

example: {‘user_access_level’: ‘2’,

‘user_name’: ‘shuey’, ‘forward_zones’: [

{‘zone_name’: ‘cs.university.edu’,
‘group_permission’: [‘a’, ‘aaaa’]},
{‘zone_name’: ‘eas.university.edu’,
‘group_permission’: [‘a’, ‘aaaa’, ‘cname’]},
{‘zone_name’: ‘bio.university.edu’,
‘group_permission’: ‘’a’, ‘ns’}],

‘groups’: [‘cs’, ‘bio’], ‘reverse_ranges’: [

{‘cidr_block’: ‘192.168.0.0/24’,
‘group_permission’: [‘ptr’, ‘cname’]},
{‘cidr_block’: ‘192.168.0.0/24’,
‘group_permission’: [‘ptr’]},
{‘cidr_block’: ‘192.168.1.0/24’,
‘group_permission’: [‘ptr’, ‘cname’]}]}
GetValidTables()[source]

Export this function to the top level of the db_access stuff so it can be used without importing un-needed classes.

Outputs:
list: valid table names
GetZoneOrigin(zone_name, view_name)[source]

Returns zone origin of zone_name that is passed in. If no zone origin found, return None

Inputs:
zone_name: string of zone_name view_name: string of view_name
Outputs:
string of zone origin or None
InitDataValidation()[source]

Get all reserved words and group permissions and init the data_validation_instance

ListRow(*args, **kwargs)[source]

Lists rows in the database using a dictionary of tables. Then returns the rows found. Joins are auto generated on the fly based on foreign keys in the database.

Inputs:

args: pairs of string of table name and dict of rows kwargs: lock_rows: default False

column: column to search range on, if using multiple
tables, the column must be in the first table in args.

range_values: range tuple of values to search within for on column is_date: boolean of if range is of dates

example usage: ListRow(‘users’, user_row_dict,
‘user_group_assignments’, user_assign_row_dict, lock_rows=True)
Raises:

TransactionError: Must run StartTansaction before inserting UnexpectedDataError: If is_date is specified you must specify column and range UnexpectedDataError: If column or range is specified both are needed InvalidInputError: Found unknown option(s) UnexpectedDataError: No args given, must at least have a pair of table name and row dict UnexpectedDataError: Number of unnamed args is not even.

Args should be entered in pairs of table name and row dict.

InvalidInputError: Table name not valid InvalidInputError: Column not found in row UnexpectedDataError: Column in table is not a DateTime type UnexpectedDataError: Date from range is not a valid datetime object InvalidInputError: Range must be int if is_date is not set InvalidInputError: Multiple tables were passed in but no joins were found

Outputs:

tuple of row dicts consisting of all the tables that were in the input. all column names in the db are unique so no colisions occour

example: ({‘user_name’: ‘sharrell’, ‘access_level’: 10,
‘user_group_assignments_group_name: ‘cs’, ‘user_group_assignments_user_name: ‘sharrell’},
{‘user_name’: ‘sharrell’, ‘access_level’: 10,
‘user_group_assignments_group_name: ‘eas’, ‘user_group_assignments_user_name: ‘sharrell’})
ListTableNames()[source]

Lists all tables in the database.

Outputs:
List: List of tables
LockDb()[source]

This function is to lock the whole database for consistent data retrevial.

This function expects for self.db_instance.cursor to be instantiated and valid.

Raises:
TransactionError: Must unlock tables before re-locking them.
MakeRow(table_name, row_dict)[source]

Creates a row in the database using the table name and row dict

Inputs:
table_name: string of valid table name from constants row_dict: dictionary that coresponds to table_name
Raises:
InvalidInputError: Table name not valid TransactionError: Must run StartTansaction before inserting
Outputs:
int: last insert id
RemoveRow(table_name, row_dict)[source]

Removes a row in the database using the table name and row dict

Inputs:
table_name: string of valid table name from constants row_dict: dictionary that coresponds to table_name
Raises:
InvalidInputError: Table name not valid TransactionError: Must run StartTansaction before deleting
Outputs:
int: number of rows affected
StartTransaction()[source]

Starts a transaction.

Also it starts a db connection if none exists or it times out. Always creates a new cursor.

This function also serializes all requests on this object and if the big lock has been activated will wait for it to be released.

Raises:
TransactionError: Cannot start new transaction last transaction not
committed or rolled-back.
TableRowCount(table_name)[source]

Counts the amount of records in a table and returns it.

Inputs:
table_name: string of valid table name from constants
Raises:
InvalidInputError: Table name not valid TransactionError: Must run StartTansaction before getting row count.
Outputs:
int: number of rows found
UnlockDb()[source]

This function is to unlock the whole database.

This function expects for self.db_instance.cursor to be instantiated and valid. It also expects all tables to be locked.

Raises:
TransactionError: Must lock tables before unlocking them.
UpdateRow(table_name, search_row_dict, update_row_dict)[source]

Updates a row in the database using search and update dictionaries.

Inputs:

table_name: string of valid table name from constants search_row_dict: dictionary that coresponds to table_name containing

search args
update_row_dict: dictionary that coresponds to table_name containing
update args
Raises:
InvalidInputError: Table name not valid TransactionError: Must run StartTansaction before inserting
Outputs:
int: number of rows affected
ValidateRecordArgsDict(record_type, record_args_dict, none_ok=False)[source]

Type checks record args dynamically.

Inputs:

record_type: string of record_type record_args_dict: dictionary for args keyed by arg name.

a filled out dict from GetEmptyRecordArgsDict()

none_ok: boolean of if None types should be acepted.

Raises:
InvalidInputError: dict for record type should have these keys FucntionError: No function to check data type UnexpectedDataError: Invalid data type
close()[source]

Closes a connection that has been opened.

A new connection will be created on StartTransaction.

cursor_execute(execution_string, values={})[source]

This function allows for the capture of every mysql command that is run in this class.

Inputs:
execution_string: mysql command string values: dictionary of values for mysql command

embedded_files Module

errors Module

Central collection of base error classes in the RosterCore.

exception roster_core.errors.AuthenticationError[source]

Bases: roster_core.errors.UserError

exception roster_core.errors.AuthorizationError[source]

Bases: roster_core.errors.UserError

exception roster_core.errors.ConfigError[source]

Bases: roster_core.errors.UserError

exception roster_core.errors.CoreError[source]

Bases: exceptions.Exception

Error class that all Roster errors are sub-classed from

exception roster_core.errors.DatabaseError(value)[source]

Bases: roster_core.errors.UserError

Raised when DatabaseError is raised and changes its value to be more readable

exception roster_core.errors.DbAccessError[source]

Bases: roster_core.errors.InternalError

exception roster_core.errors.FunctionError[source]

Bases: roster_core.errors.InternalError

exception roster_core.errors.IPIndexError[source]

Bases: roster_core.errors.InternalError

exception roster_core.errors.InternalError[source]

Bases: roster_core.errors.CoreError

Error class that all internal/code errors sub-class from.

exception roster_core.errors.InvalidInputError[source]

Bases: roster_core.errors.UserError

exception roster_core.errors.MaintenanceError[source]

Bases: roster_core.errors.InternalError

exception roster_core.errors.MissingDataTypeError[source]

Bases: roster_core.errors.DbAccessError

exception roster_core.errors.RecordError[source]

Bases: roster_core.errors.InternalError

exception roster_core.errors.RecordsBatchError[source]

Bases: roster_core.errors.InternalError

exception roster_core.errors.ReservedWordError[source]

Bases: roster_core.errors.UserError

exception roster_core.errors.TransactionError[source]

Bases: roster_core.errors.DbAccessError

exception roster_core.errors.UnexpectedDataError[source]

Bases: roster_core.errors.UserError

exception roster_core.errors.UserError[source]

Bases: roster_core.errors.CoreError

Error class that all User errors sub-class from.

exception roster_core.errors.VersionDiscrepancyError[source]

Bases: roster_core.errors.InternalError

helpers_lib Module

This is a library of static helper functions for Roster.

roster_core.helpers_lib.CIDRExpand(cidr_block, begin=None, end=None)[source]

Expands a cidr block to a list of ip addreses from begin (integer) to end (integer).

Inputs:
cidr_block: string of cidr_block begin: integer of ip address to start end: integer of ip address to end
Raises:
InvalidInputError: Not a valid CIDR block.
Outputs:
list: list of ip addresses in strings
roster_core.helpers_lib.ExpandIPV6(ip_address)[source]

Expands a shorthand ipv6 address to a full ipv6 address

Inputs:
ip_address: string of ipv6 address
Raises:
InvalidInputError: Not a valid IP address. InvalidInputError: Not a valid IPV6 address.
Outputs:
string: string of long ipv6 address
roster_core.helpers_lib.GetFunctionNameAndArgs()[source]

Grabs the current frame and adjacent frames then finds the calling function name and arguments and returns them.

Outputs:
tuple: function name and current args
ex: (‘MakeUser’, {‘replay_args’: [u’ahoward’, 64],
‘audit_args’: {‘access_level’: 64,
‘user_name’: u’ahoward’}}
roster_core.helpers_lib.GetRecordsFromRecordRowsAndArgumentRows(record_data, record_args_dict)[source]

Takes data from joined records and record_arguments_record_assignments and creates record rows that are combined.

Inputs:
record_data: List of rows from ListRow with records and
records_arguments_record_assignments joined.
Outputs:
list of record dictionaries

Each dictionary can have different args depending on record type. All of them will include record_type, target, zone_name, ttl, and view_name regardless of record type. Below is an example of an mx record search. example: [{‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,

‘zone_name’: ‘university.edu’, ttl: 3600, ‘view_name’: ‘external’, ‘priority’: 10, ‘mail_server’: ‘smtp-01.university.edu.’, ‘last_user’: ‘sharrell},
{‘record_type’: ‘mx’, ‘target’: ‘university.edu.’,
‘zone_name’: ‘university.edu’, ttl: 3600, ‘view_name’: ‘external’, ‘priority’: 20, ‘mail_server’: ‘smtp-02.university.edu.’}, ‘last_user’: ‘sharrell}]
roster_core.helpers_lib.GetRowDict(table_name)[source]

Returns a specific dictionary keyed off of table name.

Inputs:
table_name: string of table name from db
Outputs:
dictionary: dict of row that was requested (see constants above)
roster_core.helpers_lib.GetValidTables()[source]

Returns all of the tables in the database that are enumerated in this modules.

Outputs:
list: list of valid tables.
example: [‘acls’, ‘records’, ‘etc’]
roster_core.helpers_lib.ReverseIP(ip_address)[source]

Reverse an IP address

Inputs:
ip_address: either an ipv4 or ipv6 string
Raises:
InvalidInputError: Not a valid IP address.
Outputs:
string: reverse ip address
roster_core.helpers_lib.UnReverseIP(ip_address)[source]

Un-Reverses reversed IP addresses

Inputs:
ip_address: either an ipv4 or ipv6 string (reversed)
Outputs:
string: forward ip address
roster_core.helpers_lib.UnicodeString(string)[source]

Returns unicode string if object is a string

Inputs:
string: string to unicode
Outputs:
unicode string: if input is a string

punycode_lib Module

Punycode and Unicode convertor module for Roster

roster_core.punycode_lib.Puny2Uni(punycode_string=None)[source]

Converts a Punycoded domain into a unicode domain.

Inputs:
string: Punycoded domain.
Outputs:
unicode: Decoded punycode domain.
roster_core.punycode_lib.Uni2Puny(unicode_string=None)[source]

Converts a unicode domain into a punycoded domain.

Inputs:
unicode/string: String or unicode of domain.
Outputs:
string: A punycoded domain string.

user Module

Classes pertaining to users and authorization for Roster.

Authorization for specific functions and for specific domain/ip range blocks is handled in this module.

class roster_core.user.User(user_name, db_instance, log_instance)[source]

Bases: object

Representation of a user, with basic manipulation methods. Note that is it not necessary to authenticate a user to construct this class. This class is mainly responsible for authorization.

Authorize(method, record_data=None, current_transaction=False)[source]

Check to see if the user is authorized to run the given operation.

Inputs:

method: what the user’s trying to do record_data: dictionary of target, zone_name, view_name, record_type,

and record_args_dict for the record that is being modified. {‘target’: ‘test_target’,

‘zone_name’: ‘test_zone’, ‘view_name’: ‘test_view’, ‘record_type’: ‘a’, ‘record_args_dict’ : {

u’assignment_ip’ : ‘192.168.1.1’

}

}

current_transaction: bool of if this function is run from inside a
transaction in the db_access class
Raises:
MaintenanceError: Roster is currently under maintenance. MissingDataTypeError: Incomplete record data provided for access method. AuthorizationError: Authorization failure.
GetPermissions()[source]

Return permissions and groups for user.

Outputs:
dictionary of permissions

example: {‘user_access_level’: ‘2’,

‘user_name’: ‘shuey’, ‘forward_zones’: [

{‘zone_name’: ‘cs.university.edu’, ‘group_permission’: ‘rw’}, {‘zone_name’: ‘eas.university.edu’, ‘group_permission’: ‘r’}, {‘zone_name’: ‘bio.university.edu’, ‘group_permission’: ‘rw’}],

‘groups’: [‘cs’, ‘bio’], ‘reverse_ranges’: [

{‘cidr_block’: ‘192.168.0.0/24’,
‘group_permission’: ‘rw’},
{‘cidr_block’: ‘192.168.0.0/24’,
‘group_permission’: ‘r’},
{‘cidr_block’: ‘192.168.1.0/24’,
‘group_permission’: ‘rw’}]}
GetUserName()[source]

Return user name for current session.

Outputs:
string: user name