Implement change registration

This will make it possible for plugins to register what they
have changed during installation, so that they can revert
any changes they made during the uninstallation.

https://fedorahosted.org/ipsilon/ticket/67

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Reviewed-by: Rob Crittenden <rcritten@redhat.com>

diff --git a/ipsilon/helpers/common.py b/ipsilon/helpers/common.py
index d3f7125..bdaa82f 100644 (file)
--- a/ipsilon/helpers/common.py
+++ b/ipsilon/helpers/common.py
@@ -12,7 +12,7 @@ class EnvHelpersInstaller(object):
         self.ptype = 'helper'
         self.name = None
 
-    def unconfigure(self, opts):
+    def unconfigure(self, opts, changes):
         return
 
     def install_args(self, group):
@@ -21,7 +21,7 @@ class EnvHelpersInstaller(object):
     def validate_args(self, args):
         return
 
-    def configure_server(self, opts):
+    def configure_server(self, opts, changes):
         raise NotImplementedError
 
 

diff --git a/ipsilon/helpers/ipa.py b/ipsilon/helpers/ipa.py
index a785edb..9c786f9 100644 (file)
--- a/ipsilon/helpers/ipa.py
+++ b/ipsilon/helpers/ipa.py
@@ -163,7 +163,7 @@ class Installer(EnvHelpersInstaller):
         pw = pwd.getpwnam(HTTPD_USER)
         os.chown(opts['gssapi_httpd_keytab'], pw.pw_uid, pw.pw_gid)
 
-    def configure_server(self, opts):
+    def configure_server(self, opts, changes):
         if opts['ipa'] != 'yes' and opts['ipa'] != 'auto':
             return
         if opts['ipa'] != 'yes' and opts['gssapi'] == 'no':

diff --git a/ipsilon/info/common.py b/ipsilon/info/common.py
index 06b71aa..4cd6663 100644 (file)
--- a/ipsilon/info/common.py
+++ b/ipsilon/info/common.py
@@ -102,10 +102,10 @@ class InfoProviderInstaller(object):
     def validate_args(self, args):
         return
 
-    def unconfigure(self, opts):
+    def unconfigure(self, opts, changes):
         return
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         raise NotImplementedError
 
 

diff --git a/ipsilon/info/infoldap.py b/ipsilon/info/infoldap.py
index 9494666..66e8d50 100644 (file)
--- a/ipsilon/info/infoldap.py
+++ b/ipsilon/info/infoldap.py
@@ -182,7 +182,7 @@ class Installer(InfoProviderInstaller):
         group.add_argument('--info-ldap-base-dn', action='store',
                            help='LDAP Base DN')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['info_ldap'] != 'yes':
             return
 

diff --git a/ipsilon/info/infonss.py b/ipsilon/info/infonss.py
index 1966c27..0cd6fa0 100644 (file)
--- a/ipsilon/info/infonss.py
+++ b/ipsilon/info/infonss.py
@@ -79,7 +79,7 @@ class Installer(InfoProviderInstaller):
         group.add_argument('--info-nss', choices=['yes', 'no'], default='no',
                            help='Use passwd data to populate user attrs')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['info_nss'] != 'yes':
             return
 

diff --git a/ipsilon/info/infosssd.py b/ipsilon/info/infosssd.py
index 75fcf24..54d0ba2 100644 (file)
--- a/ipsilon/info/infosssd.py
+++ b/ipsilon/info/infosssd.py
@@ -131,7 +131,7 @@ class Installer(InfoProviderInstaller):
                            help='SSSD domain to enable mod_lookup_identity'
                                 ' for')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['info_sssd'] != 'yes':
             return
 

diff --git a/ipsilon/install/ipsilon-server-install b/ipsilon/install/ipsilon-server-install
index 471fe9a..0677f0e 100755 (executable)
--- a/ipsilon/install/ipsilon-server-install
+++ b/ipsilon/install/ipsilon-server-install
@@ -10,6 +10,7 @@ from ipsilon.tools import files
 import ConfigParser
 import argparse
 import cherrypy
+import json
 import logging
 import os
 import pwd
@@ -154,6 +155,12 @@ def install(plugins, args):
     # components
     cherrypy.config.update(ipsilon_conf)
 
+    # Prepare to allow plugins to save things changed during install
+    changes = {'env_helper': {},
+               'login_manager': {},
+               'info_provider': {},
+               'auth_provider': {}}
+
     # Move pre-existing admin db away
     admin_db = cherrypy.config['admin.config.db']
     if os.path.exists(admin_db):
@@ -169,8 +176,10 @@ def install(plugins, args):
     logger.info('Configuring environment helpers')
     for plugin_name in plugins['Environment Helpers']:
         plugin = plugins['Environment Helpers'][plugin_name]
-        if plugin.configure_server(args) == False:
+        plugin_changes = {}
+        if plugin.configure_server(args, plugin_changes) == False:
             logger.info('Configuration of environment helper %s failed' % plugin_name)
+        changes['env_helper'][plugin_name] = plugin_changes
 
     logger.info('Configuring login managers')
     for plugin_name in args['lm_order']:
@@ -178,20 +187,32 @@ def install(plugins, args):
             plugin = plugins['Login Managers'][plugin_name]
         except KeyError:
             sys.exit('Login provider %s not installed' % plugin_name)
-        if plugin.configure(args) == False:
+        plugin_changes = {}
+        if plugin.configure(args, plugin_changes) == False:
             logger.info('Configuration of login manager %s failed' % plugin_name)
+        changes['login_manager'][plugin_name] = plugin_changes
 
     logger.info('Configuring Info provider')
     for plugin_name in plugins['Info Provider']:
         plugin = plugins['Info Provider'][plugin_name]
-        if plugin.configure(args) == False:
+        plugin_changes = {}
+        if plugin.configure(args, plugin_changes) == False:
             logger.info('Configuration of info provider %s failed' % plugin_name)
+        changes['info_provider'][plugin_name] = plugin_changes
 
     logger.info('Configuring Authentication Providers')
     for plugin_name in plugins['Auth Providers']:
         plugin = plugins['Auth Providers'][plugin_name]
-        if plugin.configure(args) == False:
+        plugin_changes = {}
+        if plugin.configure(args, plugin_changes) == False:
             logger.info('Configuration of auth provider %s failed' % plugin_name)
+        changes['auth_provider'][plugin_name] = plugin_changes
+
+    # Save any changes that were made
+    install_changes = os.path.join(instance_conf, 'install_changes')
+    changes = json.dumps(changes)
+    with open(install_changes, 'w+') as f:
+        f.write(changes)
 
     # Fixup permissions so only the ipsilon user can read these files
     files.fix_user_dirs(instance_conf, opts['system_user'])
@@ -223,28 +244,37 @@ def uninstall(plugins, args):
         if sure != 'yes':
             raise Exception('Aborting')
 
+    # Get the details of what we changed during installation
+    install_changes = os.path.join(instance_conf, 'install_changes')
+    with open(install_changes, 'r') as f:
+        changes = json.loads(f.read())
+
     logger.info('Removing environment helpers')
     for plugin_name in plugins['Environment Helpers']:
         plugin = plugins['Environment Helpers'][plugin_name]
-        if plugin.unconfigure(args) == False:
+        plugin_changes = changes['env_helper'][plugin_name]
+        if plugin.unconfigure(args, plugin_changes) == False:
             logger.info('Removal of environment helper %s failed' % plugin_name)
 
     logger.info('Removing login managers')
     for plugin_name in plugins['Login Managers']:
         plugin = plugins['Login Managers'][plugin_name]
-        if plugin.unconfigure(args) == False:
+        plugin_changes = changes['login_manager'][plugin_name]
+        if plugin.unconfigure(args, plugin_changes) == False:
             logger.info('Removal of login manager %s failed' % plugin_name)
 
     logger.info('Removing Info providers')
     for plugin_name in plugins['Info Provider']:
         plugin = plugins['Info Provider'][plugin_name]
-        if plugin.unconfigure(args) == False:
+        plugin_changes = changes['info_provider'][plugin_name]
+        if plugin.unconfigure(args, plugin_changes) == False:
             logger.info('Removal of info provider %s failed' % plugin_name)
 
     logger.info('Removing Authentication Providers')
     for plugin_name in plugins['Auth Providers']:
         plugin = plugins['Auth Providers'][plugin_name]
-        if plugin.unconfigure(args) == False:
+        plugin_changes = changes['auth_provider'][plugin_name]
+        if plugin.unconfigure(args, plugin_changes) == False:
             logger.info('Removal of auth provider %s failed' % plugin_name)
 
     logger.info('Removing httpd configuration')

diff --git a/ipsilon/login/authfas.py b/ipsilon/login/authfas.py
index 8af7f28..d0b834a 100644 (file)
--- a/ipsilon/login/authfas.py
+++ b/ipsilon/login/authfas.py
@@ -185,7 +185,7 @@ class Installer(LoginManagerInstaller):
         group.add_argument('--fas', choices=['yes', 'no'], default='no',
                            help='Configure FAS authentication')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['fas'] != 'yes':
             return
 

diff --git a/ipsilon/login/authform.py b/ipsilon/login/authform.py
index c6b958f..eed35fc 100644 (file)
--- a/ipsilon/login/authform.py
+++ b/ipsilon/login/authform.py
@@ -99,7 +99,7 @@ class Installer(LoginManagerInstaller):
         group.add_argument('--form-service', action='store', default='remote',
                            help='PAM service name to use for authentication')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['form'] != 'yes':
             return
 

diff --git a/ipsilon/login/authgssapi.py b/ipsilon/login/authgssapi.py
index ce8213d..a05644d 100644 (file)
--- a/ipsilon/login/authgssapi.py
+++ b/ipsilon/login/authgssapi.py
@@ -114,7 +114,7 @@ class Installer(LoginManagerInstaller):
                            default='/etc/httpd/conf/http.keytab',
                            help='Kerberos keytab location for HTTPD')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['gssapi'] != 'yes':
             return
 

diff --git a/ipsilon/login/authldap.py b/ipsilon/login/authldap.py
index 161ef75..ce096f4 100644 (file)
--- a/ipsilon/login/authldap.py
+++ b/ipsilon/login/authldap.py
@@ -194,7 +194,7 @@ class Installer(LoginManagerInstaller):
         group.add_argument('--ldap-base-dn', action='store',
                            help='LDAP Base DN')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['ldap'] != 'yes':
             return
 

diff --git a/ipsilon/login/authpam.py b/ipsilon/login/authpam.py
index c2a6afb..1a34f8f 100644 (file)
--- a/ipsilon/login/authpam.py
+++ b/ipsilon/login/authpam.py
@@ -114,7 +114,7 @@ class Installer(LoginManagerInstaller):
         group.add_argument('--pam-service', action='store', default='remote',
                            help='PAM service name to use for authentication')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['pam'] != 'yes':
             return
 

diff --git a/ipsilon/login/authtest.py b/ipsilon/login/authtest.py
index 0b05e0a..aa2a73a 100644 (file)
--- a/ipsilon/login/authtest.py
+++ b/ipsilon/login/authtest.py
@@ -101,7 +101,7 @@ class Installer(LoginManagerInstaller):
         group.add_argument('--testauth', choices=['yes', 'no'], default='no',
                            help='Configure PAM authentication')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['testauth'] != 'yes':
             return
 

diff --git a/ipsilon/login/common.py b/ipsilon/login/common.py
index 7cf0c2a..db71fb0 100644 (file)
--- a/ipsilon/login/common.py
+++ b/ipsilon/login/common.py
@@ -322,7 +322,7 @@ class LoginManagerInstaller(object):
         self.ptype = 'login'
         self.name = None
 
-    def unconfigure(self, opts):
+    def unconfigure(self, opts, changes):
         return
 
     def install_args(self, group):
@@ -331,7 +331,7 @@ class LoginManagerInstaller(object):
     def validate_args(self, args):
         return
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         raise NotImplementedError
 
 

diff --git a/ipsilon/providers/common.py b/ipsilon/providers/common.py
index b842b39..c4d6658 100644 (file)
--- a/ipsilon/providers/common.py
+++ b/ipsilon/providers/common.py
@@ -105,7 +105,7 @@ class ProviderInstaller(object):
         self.ptype = 'provider'
         self.name = None
 
-    def unconfigure(self, opts):
+    def unconfigure(self, opts, changes):
         return
 
     def install_args(self, group):
@@ -114,7 +114,7 @@ class ProviderInstaller(object):
     def validate_args(self, args):
         return
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         raise NotImplementedError
 
 

diff --git a/ipsilon/providers/openidp.py b/ipsilon/providers/openidp.py
index 052ab43..8f74578 100644 (file)
--- a/ipsilon/providers/openidp.py
+++ b/ipsilon/providers/openidp.py
@@ -146,7 +146,7 @@ class Installer(ProviderInstaller):
         group.add_argument('--openid-extensions', default='',
                            help='List of OpenID Extensions to enable')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['openid'] != 'yes':
             return
 

diff --git a/ipsilon/providers/personaidp.py b/ipsilon/providers/personaidp.py
index d2794e0..f0146db 100644 (file)
--- a/ipsilon/providers/personaidp.py
+++ b/ipsilon/providers/personaidp.py
@@ -85,7 +85,7 @@ class Installer(ProviderInstaller):
         group.add_argument('--persona', choices=['yes', 'no'], default='yes',
                            help='Configure Persona Provider')
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['persona'] != 'yes':
             return
 

diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py
index 6dfb03a..11ba832 100644 (file)
--- a/ipsilon/providers/saml2idp.py
+++ b/ipsilon/providers/saml2idp.py
@@ -452,7 +452,7 @@ class Installer(ProviderInstaller):
                                  '(default - %d)' %
                                  METADATA_DEFAULT_VALIDITY_PERIOD))
 
-    def configure(self, opts):
+    def configure(self, opts, changes):
         if opts['saml2'] != 'yes':
             return