diff --git a/warden3/warden_client/warden_client_test.py b/warden3/warden_client/warden_client_test.py
index 93297ee4716dcc9e6d96a54f4ac5352096f832b7..7a634ceeae0633a57706d689d94a01083df7e943 100755
--- a/warden3/warden_client/warden_client_test.py
+++ b/warden3/warden_client/warden_client_test.py
@@ -161,6 +161,11 @@ def main():
if not isinstance(info, Error):
pprint(info)
+ print "=== Debug ==="
+ info = wclient.getDebug()
+ if not isinstance(info, Error):
+ pprint(info)
+
if __name__ == "__main__":
main()
diff --git a/warden3/warden_server/warden_server.py b/warden3/warden_server/warden_server.py
index b8a0d959d56ff4a530c71d397da91e76e893978e..80ce0071d7d04d3633e92a4a6215e92d646c854a 100755
--- a/warden3/warden_server/warden_server.py
+++ b/warden3/warden_server/warden_server.py
@@ -11,6 +11,8 @@ import ConfigParser
from traceback import format_tb
import M2Crypto.X509
import json
+import MySQLdb as my
+import MySQLdb.cursors as mycursors
from uuid import uuid4
from time import time, gmtime
from math import trunc
@@ -187,16 +189,11 @@ class X509Authenticator(NoAuthenticator):
def authenticate (self, env):
names = self.get_cert_dns_names(env["SSL_CLIENT_CERT"])
- # FIXME: should probably fetch and return id from db, not textual username
- env["warden.x509_dns_names"] = names
- return names[0] if names else None
+ return self.db.get_client_by_name(names)
def authorize(self, env, client, method, args):
- # Here we might choose with methods or args to (dis)allow for which
- # client.
- # FIXME: fetch reader/writer or better list of allowed methods from db
- return (client is not None)
+ return (client is not None) and client["rights"]=="whatever"
@@ -239,13 +236,44 @@ class JSONSchemaValidator(NoValidator):
-class Database(Object):
- #FIXME: here database model will dictate methods, which other
- # objects will use. This is only dull example.
+class MySQL(Object):
+
+ def __init__(self, host, user, password, dbname, port):
+ self.host = host
+ self.user = user
+ self.password = password
+ self.dbname = dbname
+ self.port = port
+
+ self.con = my.connect(host=self.host, user=self.user, passwd=self.password,
+ db=self.dbname, port=self.port, cursorclass=mycursors.DictCursor)
+ self.crs = self.con.cursor()
+
+
+ def __str__(self):
+ return "%s(host='%s', user='%s', dbname='%s', port=%d)" % (
+ type(self).__name__, self.host, self.user, self.dbname, self.port)
+
+
+ def get_client_by_name(self, name):
+ return {
+ "name": name[0] if name else None,
+ "rights": "whatever"
+ }
+
+
+ def get_debug(self):
+ self.crs.execute("SELECT VERSION() AS VER");
+ row = self.crs.fetchone()
+ return {
+ "db": "MySQL",
+ "version": row["VER"]
+ }
+
+
+ def get_status(self):
+ return {}
- def __init__(self):
- # Will accept db configuration parameters, initialize connection, etc.
- pass
def gen_random_idea(self):
@@ -419,7 +447,10 @@ class WardenHandler(Object):
@expose
def getDebug(self, _env, _client):
- return _env
+ return {
+ "environment": _env,
+ "database": self.db.get_debug()
+ }
@expose
@@ -572,7 +603,7 @@ def build_server(conf):
# "type" keyword in section may be used to choose other
section_def = {
"log": ["FileLogger", "SysLogger"],
- "db": ["Database"],
+ "db": ["MySQL"],
"auth": ["X509Authenticator", "NoAuthenticator"],
"validator": ["JSONSchemaValidator", "NoValidator"],
"handler": ["WardenHandler"],
@@ -598,7 +629,13 @@ def build_server(conf):
"JSONSchemaValidator": {
"filename": {"type": filepath, "default": path.join(path.dirname(__file__), "idea.schema")}
},
- "Database": {},
+ "MySQL": {
+ "host": {"type": str, "default": "localhost"},
+ "user": {"type": str, "default": "warden"},
+ "password": {"type": str, "default": ""},
+ "dbname": {"type": str, "default": "warden3"},
+ "port": {"type": natural, "default": 3306}
+ },
"WardenHandler": {
"validator": {"type": obj, "default": "validator"},
"db": {"type": obj, "default": "DB"},