Move fixing files functionality to tools

Signed-off-by: Simo Sorce <simo@redhat.com>

diff --git a/ipsilon/install/ipsilon-client-install b/ipsilon/install/ipsilon-client-install
index 8802ea1..f49e351 100755 (executable)
--- a/ipsilon/install/ipsilon-client-install
+++ b/ipsilon/install/ipsilon-client-install
@@ -133,16 +133,7 @@ def saml2():
         with open(SAML2_CONFFILE, 'w+') as f:
             f.write(hunk)
 
-        pw = pwd.getpwnam(args['httpd_user'])
-        for root, dirs, files in os.walk(SAML2_HTTPDIR):
-            for name in dirs:
-                target = os.path.join(root, name)
-                os.chown(target, pw.pw_uid, pw.pw_gid)
-                os.chmod(target, 0700)
-            for name in files:
-                target = os.path.join(root, name)
-                os.chown(target, pw.pw_uid, pw.pw_gid)
-                os.chmod(target, 0600)
+        files.fix_user_dirs(SAML2_HTTPDIR, args['httpd_user'])
 
         logger.info('SAML Service Provider configured.')
         logger.info('You should be able to restart the HTTPD server and' +

diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py
index 507bba2..0ac2a72 100755 (executable)
--- a/ipsilon/providers/saml2idp.py
+++ b/ipsilon/providers/saml2idp.py
@@ -24,11 +24,11 @@ from ipsilon.providers.saml2.admin import AdminPage
 from ipsilon.providers.saml2.provider import IdentityProvider
 from ipsilon.tools.certs import Certificate
 from ipsilon.tools import saml2metadata as metadata
+from ipsilon.tools import files
 from ipsilon.util.user import UserSession
 from ipsilon.util.plugin import PluginObject
 import cherrypy
 import lasso
-import pwd
 import os
 
 
@@ -299,13 +299,4 @@ class Installer(object):
         po.save_plugin_config(FACILITY)
 
         # Fixup permissions so only the ipsilon user can read these files
-        pw = pwd.getpwnam(opts['system_user'])
-        for root, dirs, files in os.walk(path):
-            for name in dirs:
-                target = os.path.join(root, name)
-                os.chown(target, pw.pw_uid, pw.pw_gid)
-                os.chmod(target, 0700)
-            for name in files:
-                target = os.path.join(root, name)
-                os.chown(target, pw.pw_uid, pw.pw_gid)
-                os.chmod(target, 0600)
+        files.fix_user_dirs(path, opts['system_user'])

diff --git a/ipsilon/tools/files.py b/ipsilon/tools/files.py
new file mode 100755 (executable)
index 0000000..7f3bf7f
--- /dev/null
+++ b/ipsilon/tools/files.py
@@ -0,0 +1,37 @@
+#!/usr/bin/python
+#
+# Copyright (C) 2014  Simo Sorce <simo@redhat.com>
+#
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import os
+import pwd
+
+
+def fix_user_dirs(path, user=None, mode=0700):
+    pw = None
+    if user:
+        pw = pwd.getpwnam(user)
+    for t in os.walk(path, topdown=False):
+        root, files = t[0], t[2]
+        for name in files:
+            target = os.path.join(root, name)
+            if pw:
+                os.chown(target, pw.pw_uid, pw.pw_gid)
+            os.chmod(target, mode & 0666)
+        if pw:
+            os.chown(root, pw.pw_uid, pw.pw_gid)
+        os.chmod(root, mode)