WebGUI Utility Scripts. Graham Knop /

Size: px

Start display at page:

Download "WebGUI Utility Scripts. Graham Knop /"

Brett Norton
6 years ago
Views:

1 WebGUI Utility Scripts Graham Knop / graham@plainblack.com

2 What are Utility Scripts Maintenance functions Reporting Import / Export Anything else that uses WebGUI s data

3 Existing Scripts WebGUI ships with a number of scripts in WebGUI/sbin rebuildlineage.pl Verifies the site s Asset relationships Rebuilds the index of these relationships /data/webgui/sbin$ perl rebuildlineage.pl --configfile= Starting...OK Looking for descendant replationships... Got the relationships. Looking for orphans... No orphans found. Rewriting existing lineage... Rebuilding lineage... Asset ID Old Lineage New Lineage PBasset old PBasset old tempspace old Cleaning up...ok Don't forget to clear your cache.

4 search.pl Indexes new content for site or recreates the entire index Searches sites using the index /data/webgui/sbin$ perl search.pl --configfile= --search Features 4Yfz9hqBqM8OYMGuQK8oLw Get Features OhdaFLE7sXOzo_SIP2ZUgA Welcome Search took seconds. /data/webgui/sbin$ perl search.pl --configfile= --indexsite PBasset Root ( ) Vzv1pWpg_w6R_o-b0rM2qQ Ad ( )... fk-hmsboa3uu0c1kykyspa The Latest News ( ) Site indexing took seconds.

5 generatecontent.pl Generates the HTML for an asset /data/webgui/sbin$ perl generatecontent.pl --configfile= --url=/home <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" " DTD/xhtml1-strict.dtd"> <html xmlns=" <head>... </head>

6 thumbnailer.pl Create thumbnails for existing images Can regenerate all, or only missing /data/webgui/sbin$ perl thumbnailer.pl \ --path=/data/domains/ --missing Nailing: /data/domains/ Nailing: /data/domains/

7 diskusage.pl Reports the disk usage of a specific asset and its children. /data/webgui/sbin$ perl diskusage.pl --configfile= Starting with the Default Page /home 310 /getting_started /home/key-benefits Total Space used: bytes

8 userimport.pl Imports users from delimited text file /data/webgui/sbin$ sudo perl userimport.pl --configfile= \ --usersfile=userlist Starting up...ok Adding user graham Cleaning up...ok

9 fileimport.pl Import files to WebGUI s asset tree from the local file system /data/webgui/sbin$ sudo perl fileimport.pl --configfile= \ --pathtofiles=/data/import --parentassetid=pbasset Starting...OK End of the childs detection Building file list.found file newimage.png. Found file newpage.html. File list complete. Adding files... Adding /data/import/newimage.png to the database. Create the new asset. Setting filesystem privilege. Privileges set. Adding /data/import/newpage.html to the database. Create the new asset. Setting filesystem privilege. Privileges set. Finished adding. Committing version tag...done. Cleaning up...ok

10 Writing Utility Scripts

11 setting.pl Make a copy of sbin/_utility.skeleton /data/webgui/sbin$ cp _utility.skeleton setting.pl Find # Do your work here section Use any part of WebGUI s API to access or change the data There are other sections that mark simple edits to make

12 Finished code use lib "../lib"; use strict; use Getopt::Long; use WebGUI::Session; my $session = start(); for my $setting (@ARGV) { print $setting. -. $session->setting->get($setting). "\n"; # Do your work here finish($session); Output /data/webgui/sbin$ perl setting.pl --configfile= companyname companyname - My Company

13 Allow changing settings use lib "../lib"; use strict; use Getopt::Long; use WebGUI::Session; my $session = start(); for my $setting (@ARGV) { if ($setting =~ /^(\w+)=(.*)/) { my ($name, $value) = ($1, $2); print $name. " - old: ". $session->setting->get($name); $session->setting->set($name, $value); print " new: ". $session->setting->get($name). "\n"; else { print $setting. " - ". $session->setting->get($setting). "\n"; # Do your work here finish($session); Output /data/webgui/sbin$ perl setting.pl --configfile= companyname \ company =graham@plainblack.com companyname - My Company company - old: info@mycompany.com new: graham@plainblack.com

14 apacheauth.pl Serve static content or anything else apache handles Authorize access based on WebGUI groups Example: Control subversion access How? Write an authentication handler, so Apache recognizes WebGUI s users Write an authorization handler, to allow for deny access based on groups

15 BEGIN { #prevent command line execution if (!$ENV{MOD_PERL) { die "This script must be run by Apache 2\n"; package Apache2::AuthWebGUI; use strict; use warnings; use WebGUI::Session; use WebGUI::Utility; # Load the parts of WebGUI that are needed use Apache2::Access (); # Load the Apache modules that are used use Apache2::RequestUtil (); use Apache2::Const -compile => qw(ok DECLINED HTTP_UNAUTHORIZED SERVER_ERROR);

16 BEGIN { #prevent command line execution if (!$ENV{MOD_PERL) { die "This script must be run by Apache 2\n"; package Apache2::AuthWebGUI; use strict; use warnings; use WebGUI::Session; use WebGUI::Utility; # Load the parts of WebGUI that are needed use Apache2::Access (); # Load the Apache modules that are used use Apache2::RequestUtil (); use Apache2::Const -compile => qw(ok DECLINED HTTP_UNAUTHORIZED SERVER_ERROR);

17 BEGIN { #prevent command line execution if (!$ENV{MOD_PERL) { die "This script must be run by Apache 2\n"; package Apache2::AuthWebGUI; use strict; use warnings; use WebGUI::Session; use WebGUI::Utility; # Load the parts of WebGUI that are needed use Apache2::Access (); # Load the Apache modules that are used use Apache2::RequestUtil (); use Apache2::Const -compile => qw(ok DECLINED HTTP_UNAUTHORIZED SERVER_ERROR);

18 BEGIN { #prevent command line execution if (!$ENV{MOD_PERL) { die "This script must be run by Apache 2\n"; package Apache2::AuthWebGUI; use strict; use warnings; use WebGUI::Session; use WebGUI::Utility; # Load the parts of WebGUI that are needed use Apache2::Access (); # Load the Apache modules that are used use Apache2::RequestUtil (); use Apache2::Const -compile => qw(ok DECLINED HTTP_UNAUTHORIZED SERVER_ERROR);

19 # Authentication sub # Add to httpd.conf as PerlAuthenHandler Apache2::AuthWebGUI::authen # All we are doing is identifying the user sub authen { my $r = shift; # Apache Request handle my $s = Apache2::ServerUtil->server; # Server handle # Create a WebGUI session, use the same configuration settings as WebGUI my $session = WebGUI::Session->open($s->dir_config('WebguiRoot'), $r->dir_config('webguiconfig'), $r, $s); # Two auth modes, we can also try both my $mode = $r->dir_config('webguiauthmode') 'both'; # First is cookie mode, uses the session cookie from WebGUI if ($mode eq 'cookie' $mode eq 'both') { # The session use the cookie to find the logged in user my $userid = $session->user->userid; # If it isn't visitor, they are authenticated if ($userid ne '1') { checkgroupaccess($session); # For the authz handler $r->user($session->user->username); return Apache2::Const::OK;

20 # Authentication sub # Add to httpd.conf as PerlAuthenHandler Apache2::AuthWebGUI::authen # All we are doing is identifying the user sub authen { my $r = shift; # Apache Request handle my $s = Apache2::ServerUtil->server; # Server handle # Create a WebGUI session, use the same configuration settings as WebGUI my $session = WebGUI::Session->open($s->dir_config('WebguiRoot'), $r->dir_config('webguiconfig'), $r, $s); # Two auth modes, we can also try both my $mode = $r->dir_config('webguiauthmode') 'both'; # First is cookie mode, uses the session cookie from WebGUI if ($mode eq 'cookie' $mode eq 'both') { # The session use the cookie to find the logged in user my $userid = $session->user->userid; # If it isn't visitor, they are authenticated if ($userid ne '1') { checkgroupaccess($session); # For the authz handler $r->user($session->user->username); return Apache2::Const::OK;

21 # Authentication sub # Add to httpd.conf as PerlAuthenHandler Apache2::AuthWebGUI::authen # All we are doing is identifying the user sub authen { my $r = shift; # Apache Request handle my $s = Apache2::ServerUtil->server; # Server handle # Create a WebGUI session, use the same configuration settings as WebGUI my $session = WebGUI::Session->open($s->dir_config('WebguiRoot'), $r->dir_config('webguiconfig'), $r, $s); # Two auth modes, we can also try both my $mode = $r->dir_config('webguiauthmode') 'both'; # First is cookie mode, uses the session cookie from WebGUI if ($mode eq 'cookie' $mode eq 'both') { # The session use the cookie to find the logged in user my $userid = $session->user->userid; # If it isn't visitor, they are authenticated if ($userid ne '1') { checkgroupaccess($session); # For the authz handler $r->user($session->user->username); return Apache2::Const::OK;

22 # Authentication sub # Add to httpd.conf as PerlAuthenHandler Apache2::AuthWebGUI::authen # All we are doing is identifying the user sub authen { my $r = shift; # Apache Request handle my $s = Apache2::ServerUtil->server; # Server handle # Create a WebGUI session, use the same configuration settings as WebGUI my $session = WebGUI::Session->open($s->dir_config('WebguiRoot'), $r->dir_config('webguiconfig'), $r, $s); # Two auth modes, we can also try both my $mode = $r->dir_config('webguiauthmode') 'both'; # First is cookie mode, uses the session cookie from WebGUI if ($mode eq 'cookie' $mode eq 'both') { # The session use the cookie to find the logged in user my $userid = $session->user->userid; # If it isn't visitor, they are authenticated if ($userid ne '1') { checkgroupaccess($session); # For the authz handler $r->user($session->user->username); return Apache2::Const::OK;

23 # Authentication sub # Add to httpd.conf as PerlAuthenHandler Apache2::AuthWebGUI::authen # All we are doing is identifying the user sub authen { my $r = shift; # Apache Request handle my $s = Apache2::ServerUtil->server; # Server handle # Create a WebGUI session, use the same configuration settings as WebGUI my $session = WebGUI::Session->open($s->dir_config('WebguiRoot'), $r->dir_config('webguiconfig'), $r, $s); # Two auth modes, we can also try both my $mode = $r->dir_config('webguiauthmode') 'both'; # First is cookie mode, uses the session cookie from WebGUI if ($mode eq 'cookie' $mode eq 'both') { # The session use the cookie to find the logged in user my $userid = $session->user->userid; # If it isn't visitor, they are authenticated if ($userid ne '1') { checkgroupaccess($session); # For the authz handler $r->user($session->user->username); return Apache2::Const::OK;

24 # Next try basic auth, part of the HTTP standard if ($mode eq 'basic' $mode eq 'both') { # Check if the browser sent auth info my ($status, $password) = $r->get_basic_auth_pw; # It didn't or something else went wrong. # Return that to the browser so it knows to ask for login info if ($status!= Apache2::Const::OK) { $session->var->end; return $status; # The request has a user, find the auth settings for that user my $user = $r->user; my $auth = getauth($session, $user); if (!$auth) { $session->var->end; return Apache2::Const::SERVER_ERROR; # Check the the password. If it checks out, they are logged in if ($auth->authenticate($user, $password)) { checkgroupaccess($session, $user); $session->var->end; return Apache2::Const::OK;

25 # Next try basic auth, part of the HTTP standard if ($mode eq 'basic' $mode eq 'both') { # Check if the browser sent auth info my ($status, $password) = $r->get_basic_auth_pw; # It didn't or something else went wrong. # Return that to the browser so it knows to ask for login info if ($status!= Apache2::Const::OK) { $session->var->end; return $status; # The request has a user, find the auth settings for that user my $user = $r->user; my $auth = getauth($session, $user); if (!$auth) { $session->var->end; return Apache2::Const::SERVER_ERROR; # Check the the password. If it checks out, they are logged in if ($auth->authenticate($user, $password)) { checkgroupaccess($session, $user); $session->var->end; return Apache2::Const::OK;

26 # Next try basic auth, part of the HTTP standard if ($mode eq 'basic' $mode eq 'both') { # Check if the browser sent auth info my ($status, $password) = $r->get_basic_auth_pw; # It didn't or something else went wrong. # Return that to the browser so it knows to ask for login info if ($status!= Apache2::Const::OK) { $session->var->end; return $status; # The request has a user, find the auth settings for that user my $user = $r->user; my $auth = getauth($session, $user); if (!$auth) { $session->var->end; return Apache2::Const::SERVER_ERROR; # Check the the password. If it checks out, they are logged in if ($auth->authenticate($user, $password)) { checkgroupaccess($session, $user); $session->var->end; return Apache2::Const::OK;

27 # Next try basic auth, part of the HTTP standard if ($mode eq 'basic' $mode eq 'both') { # Check if the browser sent auth info my ($status, $password) = $r->get_basic_auth_pw; # It didn't or something else went wrong. # Return that to the browser so it knows to ask for login info if ($status!= Apache2::Const::OK) { $session->var->end; return $status; # The request has a user, find the auth settings for that user my $user = $r->user; my $auth = getauth($session, $user); if (!$auth) { $session->var->end; return Apache2::Const::SERVER_ERROR; # Check the the password. If it checks out, they are logged in if ($auth->authenticate($user, $password)) { checkgroupaccess($session, $user); $session->var->end; return Apache2::Const::OK;

28 # Next try basic auth, part of the HTTP standard if ($mode eq 'basic' $mode eq 'both') { # Check if the browser sent auth info my ($status, $password) = $r->get_basic_auth_pw; # It didn't or something else went wrong. # Return that to the browser so it knows to ask for login info if ($status!= Apache2::Const::OK) { $session->var->end; return $status; # The request has a user, find the auth settings for that user my $user = $r->user; my $auth = getauth($session, $user); if (!$auth) { $session->var->end; return Apache2::Const::SERVER_ERROR; # Check the the password. If it checks out, they are logged in if ($auth->authenticate($user, $password)) { checkgroupaccess($session, $user); $session->var->end; return Apache2::Const::OK;

29 # Otherwise, note it for logs $r->note_basic_auth_failure; # We didn't succeed, so clean up and return the failure $session->var->end; return Apache2::Const::HTTP_UNAUTHORIZED;

30 sub getauth { my $session = shift; my $user = shift; # need to find out the authentication method, and only use it if valid (my $method) = $session->db->quickarray("select authmethod from users. where username=?", [$user]); if { $method = $session->setting->get("authmethod"); # make sure the module is loaded my $module = "WebGUI::Auth::$method"; (my $modfile = "$module.pm") =~ s{::{/g; if (!eval { require $modfile; 1 ) { $session->errorhandler->error( "Authentication module failed to compile: $module: $@"); return; # create a new instance of the auth module, or log and fail my $auth = eval { $module->new($session, $method) ; if (!$auth) { $session->errorhandler->error("couldn't instantiate authentication. module: $method. Root cause: $@"); return; return $auth;

31 sub getauth { my $session = shift; my $user = shift; # need to find out the authentication method, and only use it if valid (my $method) = $session->db->quickarray("select authmethod from users. where username=?", [$user]); if { $method = $session->setting->get("authmethod"); # make sure the module is loaded my $module = "WebGUI::Auth::$method"; (my $modfile = "$module.pm") =~ s{::{/g; if (!eval { require $modfile; 1 ) { $session->errorhandler->error( "Authentication module failed to compile: $module: $@"); return; # create a new instance of the auth module, or log and fail my $auth = eval { $module->new($session, $method) ; if (!$auth) { $session->errorhandler->error("couldn't instantiate authentication. module: $method. Root cause: $@"); return; return $auth;

32 sub getauth { my $session = shift; my $user = shift; # need to find out the authentication method, and only use it if valid (my $method) = $session->db->quickarray("select authmethod from users. where username=?", [$user]); if { $method = $session->setting->get("authmethod"); # make sure the module is loaded my $module = "WebGUI::Auth::$method"; (my $modfile = "$module.pm") =~ s{::{/g; if (!eval { require $modfile; 1 ) { $session->errorhandler->error( "Authentication module failed to compile: $module: $@"); return; # create a new instance of the auth module, or log and fail my $auth = eval { $module->new($session, $method) ; if (!$auth) { $session->errorhandler->error("couldn't instantiate authentication. module: $method. Root cause: $@"); return; return $auth;

33 sub getauth { my $session = shift; my $user = shift; # need to find out the authentication method, and only use it if valid (my $method) = $session->db->quickarray("select authmethod from users. where username=?", [$user]); if { $method = $session->setting->get("authmethod"); # make sure the module is loaded my $module = "WebGUI::Auth::$method"; (my $modfile = "$module.pm") =~ s{::{/g; if (!eval { require $modfile; 1 ) { $session->errorhandler->error( "Authentication module failed to compile: $module: $@"); return; # create a new instance of the auth module, or log and fail my $auth = eval { $module->new($session, $method) ; if (!$auth) { $session->errorhandler->error("couldn't instantiate authentication. module: $method. Root cause: $@"); return; return $auth;

34 Configuration # Uses the same configuration as normal WebGUI PerlSetVar WebguiConfig dev.localhost.localdomain.conf # Load the file with the code in it PerlPostConfigRequire /data/webgui/sbin/apacheauth.pl # Register it to handle authentication PerlAuthenHandler Apache2::AuthWebGUI::authen <Location /> PerlSetVar WebguiAuthMode both # Allow session cookie or basic auth AuthType Basic # Setup for basic auth AuthName "WebGUI Data Area" Require valid-user # Require a valid login to get access </Location>

35 Called after figuring out user # Check authorization settings to see if user has access sub checkgroupaccess { my $session = shift; my $username = shift; my $r = $session->request; # Session's user if no user specified my $user = $username? WebGUI::User->newByUsername($session, $username) : $session->user; # Read config, split and make into a list my $groupstoaccess = $session->request->dir_config('webguiauthrequiregroup'); return unless $groupstoaccess; if (!ref $groupstoaccess) { $groupstoaccess = [split /\s+/, $groupstoaccess]; # if the user is in any of the groups, mark as success for my $groupid (@$groupstoaccess) { if ($user->isingroup($groupid)) { $r->pnotes(webguiauthgroupaccess => 1); return; return;

36 Called after figuring out user # Check authorization settings to see if user has access sub checkgroupaccess { my $session = shift; my $username = shift; my $r = $session->request; # Session's user if no user specified my $user = $username? WebGUI::User->newByUsername($session, $username) : $session->user; # Read config, split and make into a list my $groupstoaccess = $session->request->dir_config('webguiauthrequiregroup'); return unless $groupstoaccess; if (!ref $groupstoaccess) { $groupstoaccess = [split /\s+/, $groupstoaccess]; # if the user is in any of the groups, mark as success for my $groupid (@$groupstoaccess) { if ($user->isingroup($groupid)) { $r->pnotes(webguiauthgroupaccess => 1); return; return;

37 Called after figuring out user # Check authorization settings to see if user has access sub checkgroupaccess { my $session = shift; my $username = shift; my $r = $session->request; # Session's user if no user specified my $user = $username? WebGUI::User->newByUsername($session, $username) : $session->user; # Read config, split and make into a list my $groupstoaccess = $session->request->dir_config('webguiauthrequiregroup'); return unless $groupstoaccess; if (!ref $groupstoaccess) { $groupstoaccess = [split /\s+/, $groupstoaccess]; # if the user is in any of the groups, mark as success for my $groupid (@$groupstoaccess) { if ($user->isingroup($groupid)) { $r->pnotes(webguiauthgroupaccess => 1); return; return;

38 Called after figuring out user # Check authorization settings to see if user has access sub checkgroupaccess { my $session = shift; my $username = shift; my $r = $session->request; # Session's user if no user specified my $user = $username? WebGUI::User->newByUsername($session, $username) : $session->user; # Read config, split and make into a list my $groupstoaccess = $session->request->dir_config('webguiauthrequiregroup'); return unless $groupstoaccess; if (!ref $groupstoaccess) { $groupstoaccess = [split /\s+/, $groupstoaccess]; # if the user is in any of the groups, mark as success for my $groupid (@$groupstoaccess) { if ($user->isingroup($groupid)) { $r->pnotes(webguiauthgroupaccess => 1); return; return;

39 # would be expensive to reinitialize session, so we use the data we saved earlier sub authz { my $r = shift; # Apache Request handle if ($r->pnotes('webguiauthgroupaccess')) { # Pull out data from auth phase return Apache2::Const::OK; return Apache2::Const::HTTP_UNAUTHORIZED;

40 Configuration # Uses the same configuration as normal WebGUI PerlSetVar WebguiConfig dev.localhost.localdomain.conf # Load the file with the code in it PerlPostConfigRequire /data/webgui/sbin/apacheauth.pl # Register it to handle authentication PerlAuthenHandler Apache2::AuthWebGUI::authen # Register it to handle authorization PerlAuthzHandler Apache2::AuthWebGUI::authz <Location /> PerlSetVar WebguiAuthMode both # Allow session cookie or basic auth PerlSetVar WebguiAuthRequireGroup 11 # Only allow access to secondary admins AuthType Basic # Setup for basic auth AuthName "WebGUI Data Area" Require valid-user # Require a valid login to get access </Location>

41 Utility Scripts Interact with WebGUI in an automated fashion Perform maintenance on a WebGUI site Interact with the local file system and OS Add new functionality using WebGUI s API

Writing Tests with Apache-Test Part II

Writing Tests with Apache-Test Part II Geoffrey Young geoff@modperlcookbook.org http://www.modperlcookbook.org/~geoff/ 1 Last Session... I introduced Apache-Test mechanics Everyone was impressed There's