From 0a14f0207c36fed31ca27a08279a64e9ad8a1597 Mon Sep 17 00:00:00 2001 From: Holger Frey Date: Tue, 31 Aug 2021 10:08:38 +0200 Subject: [PATCH] updated readme to new commands --- README.md | 72 +++++++++++++++++----------------------- elab_users/__init__.py | 4 +-- tests/test_elab_users.py | 2 +- 3 files changed, 34 insertions(+), 44 deletions(-) diff --git a/README.md b/README.md index c4e0497..4d12578 100644 --- a/README.md +++ b/README.md @@ -11,9 +11,7 @@ First of all, we talk about the following files and folders: .htpasswd README authz - cpi - elab-users.py - old-scripts-backup + JaneDoe ** WARNING: ** In this list, there is one hidden files: `.htpasswd`. This file is hidden on @@ -25,70 +23,62 @@ purpose, so ** don't mess with it **. `authz`: defines the access controll list, so who has access to what -`cpi`: folder that holds the svn repository itself +`JaneDoe`: folder that holds one svn repository for a user -`elab-users.py`: usermanagement script -`old-scripts-backup`: contains the old scripts to add a user for backup reasons - - -Usermanagement with `elab-users.py` +Usermanagement with `elab-users` ----------------------------------- -** HINT: ** To run this scipt first change to the directory with -`cd /var/www/svn` and prepend every command with `./` -(e.g. `./elab-users.py --help`). +** HINT: ** To run this scipt if the service was deployed to dokku, use this +command structure `dokku run svn elab-users [command] [name]` + -The script `elab-users.py` provides some options to add and delete users, +The script `elab-users` provides some options to add and delete users, show access information from users and their elab journals. If the scprit is called with the `--help` option, the folowing help message is displayed: - Usage: elab-users.py [option] name + usage: elab-users [-h] [command] [name] - shows and manipulates svn access rights + positional arguments: + command one of the commands: [user, group, add, restricted, retire, password] + name user or group to perform the command on - Options: - -h, --help show this help message and exit - -g, --groupinfo display users in a group - -a, --add add a regular user - -r, --restricted add a restricted user - -m, --move move a user to alumni - -p, --password reset a user password + optional arguments: + -h, --help show this help message and exit - to grant a restricted user access to another folder, you have to carefully - edit the authz file +To grant a restricted user access to another folder, you have to carefully +edit the authz file -the following combinations are possible: +The following combinations are possible: -* `elab-users.py`: will show a list of all groups and their users -* `elab-users.py UserName`: shows the access rights of the user and their labjournal -* `elab-users.py -g GroupName`: shows a list of all group members -* `elab-users.py -a UserName`: adds a regular user, creates svn folders and sets a random password -* `elab-users.py -a UserName`: adds a restricted user, creates svn folders and sets a random password -* `elab-users.py -m UserName`: moves an existing user to the alumni group, removes his password -* `elab-users.py -p UserName`: resets the password for an existing user to a new random one +* `elab-users`: will show a list of all groups and their users +* `elab-users UserName`: shows the access rights of the user and their lab journal +* `elab-users group GroupName`: shows a list of all group members +* `elab-users add UserName`: adds a regular user, creates svn folders and sets a random password +* `elab-users restricted UserName`: adds a restricted user, creates svn folders and sets a random password +* `elab-users retire UserName`: moves an existing user to the alumni group, removes his password +* `elab-users password UserName`: resets the password for an existing user to a new random one Grant read writes to restricted users ------------------------------------- -As noted in the help message of `elab-users.py`, if a restriced user should have -read access to another labjournal, the `authz` file has to be edited manually. -Here are two examples that grant the user 'UrmilShah' read access to -two different lab journals: +As noted before, if a restriced user should have read access to another +lab journal, the `authz` file has to be edited manually. Here are two examples +that grant the user 'JaneDoe' read access to two different lab journals: ... snip ... - [cpi:/AndreasEvers] + [JohnSmith:/] @restricted = - UrmilShah = r + JaneDoe = r ... snip ... - [cpi:/HolgerFrey] + [MaxMustermann:/] @restricted = - UrmilShah = r - HolgerFrey = rw + JaneDoe = r + MaxMustermann = rw ... snip ... diff --git a/elab_users/__init__.py b/elab_users/__init__.py index ae0af7c..be1b041 100644 --- a/elab_users/__init__.py +++ b/elab_users/__init__.py @@ -26,7 +26,7 @@ from .constants import ( SVN_REPOS_PATH = Path(os.getenv("SVN_REPOS_PATH", default=".")).resolve() -COMMANDS = ["user", "groups", "add", "restricted", "retire", "password"] +COMMANDS = ["user", "group", "add", "restricted", "retire", "password"] def get_config(svn_dir=SVN_REPOS_PATH, authz=AUTHZ_FILE_NAME): @@ -194,7 +194,7 @@ def main( show_user_info(args.command, svn_dir, authz) elif args.command.lower() == "user": show_user_info(args.name, svn_dir, authz) - elif args.command.lower() == "groups": + elif args.command.lower() == "group": show_group_info(args.name, svn_dir, authz) elif args.command.lower() == "add": add_new_user(args.name, USERS, svn_dir, authz, htpwd, handler) diff --git a/tests/test_elab_users.py b/tests/test_elab_users.py index bc7a43e..570010d 100644 --- a/tests/test_elab_users.py +++ b/tests/test_elab_users.py @@ -345,7 +345,7 @@ def test_show_user_info_error_unknown_user(example_authz): ([], "Users in group 'restricted':"), (["OswaldPrucker"], "granted to all journals"), (["user", "OswaldPrucker"], "granted to all journals"), - (["groups", "alumni"], "Users in group 'alumni':"), + (["group", "alumni"], "Users in group 'alumni':"), (["add", "JaneDoe"], "url:"), (["restricted", "JaneDoe"], "url:"), (["retire", "AlexanderDietz"], "to alumni"),