subiquity/console_conf/controllers/identity.py

# Copyright 2015 Canonical, Ltd.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import json
import logging
import subprocess

from subiquitycore.controllers.identity import BaseIdentityController
from subiquitycore.utils import disable_first_boot_service, run_command

from console_conf.ui.views import IdentityView, LoginView

log = logging.getLogger('console_conf.controllers.identity')

login_details_tmpl = """This device is registered to {realname}.

Remote access was enabled via authentication with SSO user <{username}>.
Public SSH keys were added to the device for remote access.

{realname} can connect remotely to this device via SSH:

"""


class IdentityController(BaseIdentityController):
    identity_view = IdentityView

    def default(self):
        title = "Profile setup"
        excerpt = "Enter an email address from your account in the store."
        footer = ""
        self.ui.set_header(title, excerpt)
        self.ui.set_footer(footer, 40)
        self.ui.set_body(self.identity_view(self.model, self, self.opts, self.loop))
        device_owner = self.get_device_owner()
        if device_owner is not None:
            self.model.add_user(device_owner)
            self.login()

    def get_device_owner(self):
        """ Check if device is owned """

        # TODO: use proper snap APIs.
        try:
            extrausers_fp = open('/var/lib/extrausers/passwd', 'r')
        except FileNotFoundError:
            return None
        with extrausers_fp:
            passwd_line = extrausers_fp.readline()
            if passwd_line and len(passwd_line) > 0:
                passwd = passwd_line.split(':')
                result = {
                    'realname': passwd[4].split(',')[0],
                    'username': passwd[0],
                    }
                return result
        return None

    def identity_done(self, email):
        if self.opts.dry_run:
            result = {
                'realname': email,
                'username': email,
                }
            self.model.add_user(result)
            ssh_keys = subprocess.getoutput('ssh-add -L').splitlines()
            login_details_path = '.subiquity/login-details.txt'
        else:
            self.ui.frame.body.progress.set_text("Contacting store...")
            self.loop.draw_screen()
            result = run_command(["snap", "create-user", "--sudoer", "--json", email])
            self.ui.frame.body.progress.set_text("")
            if result['status'] != 0:
                self.ui.frame.body.error.set_text("Creating user failed:\n" + result['err'])
                return
            else:
                data = json.loads(result['output'])
                result = {
                    'realname': email,
                    'username': data['username'],
                    }
                ssh_keys = data['ssh-keys']
                login_details_path = '/var/lib/console-conf/login-details.txt'
                self.model.add_user(result)
        log.debug('ssh_keys %s', ssh_keys)
        fingerprints = []
        for key in ssh_keys:
            keygen_result = subprocess.Popen(['ssh-keygen', '-lf', '-'], stdin=subprocess.PIPE, stdout=subprocess.PIPE)
            fingerprint, err = keygen_result.communicate(key.encode('utf-8'))
            fingerprints.append(fingerprint.decode('utf-8', 'replace').replace('\r', ''))
        log.debug('fingerprints %s', fingerprints)
        net_model = self.controllers['Network'].model
        with open(login_details_path, 'w') as fp:
            fp.write(login_details_tmpl.format(**result))
            for dev in net_model.get_all_netdevs():
                for ip in dev.actual_ip_addresses:
                    fp.write("    ssh %s@%s\n"%(result['username'], ip))
            fp.write("\nSSH keys with the following fingerprints can be used to log in:\n\n")
            for fingerprint in fingerprints:
                fp.write("    " + fingerprint)
            fp.write("\nPressing enter after setting a password will allow you to log in here.\n")
        self.login()

    def cancel(self):
        # You can only go back if we haven't created a user yet.
        if self.model.user is None:
            self.signal.emit_signal('prev-screen')

    def login(self):
        title = "Configuration Complete"
        footer = "View configured user and device access methods"
        self.ui.set_header(title)
        self.ui.set_footer(footer)

        net_model = self.controllers['Network'].model
        ifaces = net_model.get_all_netdevs()
        login_view = LoginView(self.opts, self.model, self, ifaces)

        self.ui.set_body(login_view)

    def login_done(self):
        if not self.opts.dry_run:
            # stop the console-conf services (this will kill the current process).
            disable_first_boot_service()

        self.signal.emit_signal('quit')
Refactor identity stuff to avoid dep on curtin in console-conf case. A bit verbose perhaps, but works. Now console-conf only depends on curtin for the network stuff. 2016-07-27 04:05:47 +00:00			`# Copyright 2015 Canonical, Ltd.`
			`#`
			`# This program is free software: you can redistribute it and/or modify`
			`# it under the terms of the GNU Affero General Public License as`
			`# published by the Free Software Foundation, either version 3 of the`
			`# License, or (at your option) any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU Affero General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU Affero General Public License`
			`# along with this program. If not, see <http://www.gnu.org/licenses/>.`

move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`import json`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`import logging`
			`import subprocess`
Refactor identity stuff to avoid dep on curtin in console-conf case. A bit verbose perhaps, but works. Now console-conf only depends on curtin for the network stuff. 2016-07-27 04:05:47 +00:00
			`from subiquitycore.controllers.identity import BaseIdentityController`
re-work logic, including having console-conf generate the file to show 2016-11-09 01:33:41 +00:00			`from subiquitycore.utils import disable_first_boot_service, run_command`
Refactor identity stuff to avoid dep on curtin in console-conf case. A bit verbose perhaps, but works. Now console-conf only depends on curtin for the network stuff. 2016-07-27 04:05:47 +00:00
stuff 2016-07-27 23:13:19 +00:00			`from console_conf.ui.views import IdentityView, LoginView`
Refactor identity stuff to avoid dep on curtin in console-conf case. A bit verbose perhaps, but works. Now console-conf only depends on curtin for the network stuff. 2016-07-27 04:05:47 +00:00
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`log = logging.getLogger('console_conf.controllers.identity')`

			`login_details_tmpl = """This device is registered to {realname}.`

			`Remote access was enabled via authentication with SSO user <{username}>.`
			`Public SSH keys were added to the device for remote access.`

			`{realname} can connect remotely to this device via SSH:`

			`"""`

Refactor identity stuff to avoid dep on curtin in console-conf case. A bit verbose perhaps, but works. Now console-conf only depends on curtin for the network stuff. 2016-07-27 04:05:47 +00:00
			`class IdentityController(BaseIdentityController):`
			`identity_view = IdentityView`
entirely custom identity view for console-conf 2016-07-27 10:15:22 +00:00
do not have controllers (or view code!!) know the order of the screens 2016-09-27 02:33:54 +00:00			`def default(self):`
entirely custom identity view for console-conf 2016-07-27 10:15:22 +00:00			`title = "Profile setup"`
			`excerpt = "Enter an email address from your account in the store."`
			`footer = ""`
			`self.ui.set_header(title, excerpt)`
			`self.ui.set_footer(footer, 40)`
remove most trivial use of signals from console-conf's flow 2016-10-10 23:48:28 +00:00			`self.ui.set_body(self.identity_view(self.model, self, self.opts, self.loop))`
Fixup: don't side-effect checking for the device owner. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 20:34:36 +00:00			`device_owner = self.get_device_owner()`
			`if device_owner is not None:`
address review comments 2016-10-12 00:17:14 +00:00			`self.model.add_user(device_owner)`
one last emit_signal that came in via merge 2016-11-01 23:56:44 +00:00			`self.login()`
identity: implement an initial, dumb "is this device owned" check. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 19:17:15 +00:00
Fixup: don't side-effect checking for the device owner. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 20:34:36 +00:00			`def get_device_owner(self):`
identity: implement an initial, dumb "is this device owned" check. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 19:17:15 +00:00			`""" Check if device is owned """`

			`# TODO: use proper snap APIs.`
address review comments 2016-10-12 00:17:14 +00:00			`try:`
			`extrausers_fp = open('/var/lib/extrausers/passwd', 'r')`
			`except FileNotFoundError:`
			`return None`
			`with extrausers_fp:`
identity: implement an initial, dumb "is this device owned" check. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 19:17:15 +00:00			`passwd_line = extrausers_fp.readline()`
			`if passwd_line and len(passwd_line) > 0:`
			`passwd = passwd_line.split(':')`
			`result = {`
			`'realname': passwd[4].split(',')[0],`
			`'username': passwd[0],`
			`}`
Fixup: don't side-effect checking for the device owner. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 20:34:36 +00:00			`return result`
			`return None`
entirely custom identity view for console-conf 2016-07-27 10:15:22 +00:00
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`def identity_done(self, email):`
identity: implement an initial, dumb "is this device owned" check. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 19:17:15 +00:00			`if self.opts.dry_run:`
			`result = {`
			`'realname': email,`
			`'username': email,`
			`}`
			`self.model.add_user(result)`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`ssh_keys = subprocess.getoutput('ssh-add -L').splitlines()`
			`login_details_path = '.subiquity/login-details.txt'`
identity: implement an initial, dumb "is this device owned" check. Signed-off-by: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> 2016-09-29 19:17:15 +00:00			`else:`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`self.ui.frame.body.progress.set_text("Contacting store...")`
			`self.loop.draw_screen()`
			`result = run_command(["snap", "create-user", "--sudoer", "--json", email])`
fix attribute error in user creation 2016-09-30 02:12:15 +00:00			`self.ui.frame.body.progress.set_text("")`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`if result['status'] != 0:`
			`self.ui.frame.body.error.set_text("Creating user failed:\n" + result['err'])`
			`return`
			`else:`
			`data = json.loads(result['output'])`
			`result = {`
			`'realname': email,`
			`'username': data['username'],`
			`}`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`ssh_keys = data['ssh-keys']`
			`login_details_path = '/var/lib/console-conf/login-details.txt'`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`self.model.add_user(result)`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`log.debug('ssh_keys %s', ssh_keys)`
			`fingerprints = []`
			`for key in ssh_keys:`
			`keygen_result = subprocess.Popen(['ssh-keygen', '-lf', '-'], stdin=subprocess.PIPE, stdout=subprocess.PIPE)`
			`fingerprint, err = keygen_result.communicate(key.encode('utf-8'))`
tweaks 2016-11-09 21:39:03 +00:00			`fingerprints.append(fingerprint.decode('utf-8', 'replace').replace('\r', ''))`
write a much nicer login-details.txt file 2016-11-09 01:57:35 +00:00			`log.debug('fingerprints %s', fingerprints)`
			`net_model = self.controllers['Network'].model`
			`with open(login_details_path, 'w') as fp:`
			`fp.write(login_details_tmpl.format(**result))`
			`for dev in net_model.get_all_netdevs():`
			`for ip in dev.actual_ip_addresses:`
			`fp.write(" ssh %s@%s\n"%(result['username'], ip))`
			`fp.write("\nSSH keys with the following fingerprints can be used to log in:\n\n")`
			`for fingerprint in fingerprints:`
			`fp.write(" " + fingerprint)`
tweaks 2016-11-09 21:39:03 +00:00			`fp.write("\nPressing enter after setting a password will allow you to log in here.\n")`
remove most trivial use of signals from console-conf's flow 2016-10-10 23:48:28 +00:00			`self.login()`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00
restore escape key behaviour 2016-11-01 23:44:04 +00:00			`def cancel(self):`
			`# You can only go back if we haven't created a user yet.`
			`if self.model.user is None:`
			`self.signal.emit_signal('prev-screen')`

Start at a login view. 2016-07-27 22:30:27 +00:00			`def login(self):`
			`title = "Configuration Complete"`
			`footer = "View configured user and device access methods"`
			`self.ui.set_header(title)`
			`self.ui.set_footer(footer)`

			`net_model = self.controllers['Network'].model`
reorganize the network model and make the UI a bit more consistent The main change here is to separate the state a network device is in and the state we want it to be in. So it now parses the netplan config on a system as well as probing the state of via probert. The UI is changed to make this distintion too, and be IMO a bit more consistent. Somewhere in this I've removed the display of whether the probed address was found via DHCP or not, possibly that should be put back if it doesn't make things too cluttered. In dry-run mode, we now still write the config and feed it to netplan, but in a way that doesn't affect the system we are running it on. 2016-11-07 00:35:42 +00:00			`ifaces = net_model.get_all_netdevs()`
			`login_view = LoginView(self.opts, self.model, self, ifaces)`
Start at a login view. 2016-07-27 22:30:27 +00:00
			`self.ui.set_body(login_view)`
do not have controllers (or view code!!) know the order of the screens 2016-09-27 02:33:54 +00:00
			`def login_done(self):`
move logic from identity/login views into identity controller This was what I wanted to do before I got distracted by the other things. 2016-09-27 08:42:50 +00:00			`if not self.opts.dry_run:`
			`# stop the console-conf services (this will kill the current process).`
			`disable_first_boot_service()`

			`self.signal.emit_signal('quit')`