Merge pull request #322 from CanonicalLtd/mwhudson/no-create-user

stop creating the user in the live session

subiquity/controllers/identity.py

@@ -16,7 +16,6 @@
 import logging
 
 from subiquitycore.controller import BaseController
-from subiquitycore.user import create_user
 
 from subiquity.ui.views import IdentityView
 
@@ -47,21 +46,13 @@ class IdentityController(BaseController):
                 'confirm_password': self.answers['password'],
                 'ssh_import_id': self.answers.get('ssh-import-id', ''),
                 }
-            self.create_user(d)
+            self.done(d)
 
     def cancel(self):
         self.signal.emit_signal('prev-screen')
 
-    def create_user(self, result):
+    def done(self, result):
         log.debug("User input: {}".format(result))
         self.model.add_user(result)
-        try:
-            create_user(result, dryrun=self.opts.dry_run)
-        except PermissionError:
-            log.exception('Failed to write curtin post-install config')
-            self.signal.emit_signal('filesystem:error',
-                                    'curtin_write_postinst_config', result)
-            return None
         self.signal.emit_signal('installprogress:identity-config-done')
-        # show next view
         self.signal.emit_signal('next-screen')

subiquity/ui/views/identity.py

@@ -222,25 +222,21 @@ class IdentityView(BaseView):
 
     def done(self, result):
         cpassword = self.model.encrypt_password(self.form.password.value)
-        log.debug("*crypted* User input: {} {} {}".format(
-            self.form.username.value, cpassword, cpassword))
         result = {
             "hostname": self.form.hostname.value,
             "realname": self.form.realname.value,
             "username": self.form.username.value,
             "password": cpassword,
-            "confirm_password": cpassword,
         }
 
         # if user specifed a value, allow user to validate fingerprint
         if self.form.ssh_import_id.value:
-            if self.ssh_import_confirmed is True:
-                ssh_import_id = self.form.ssh_import_id.value + ":" + self.form.import_username.value
-                result.update({'ssh_import_id': ssh_import_id})
+            if self.ssh_import_confirmed:
+                result['ssh_import_id'] = self.form.ssh_import_id.value + ":" + self.form.import_username.value
             else:
-                self.emit_signal('identity:confirm-ssh-id',
-                                 self.form.ssh_import_id.value)
+                # XXX Not implemented yet
+                self.controller.confirm_ssh_import_id(result)
                 return
 
         log.debug("User input: {}".format(result))
-        self.controller.create_user(result)
+        self.controller.done(result)

subiquity/ui/views/tests/test_identity.py

@@ -49,12 +49,13 @@ class IdentityViewTests(unittest.TestCase):
         CRYPTED = '<crypted>'
         view.model.encrypt_password.side_effect = lambda p: CRYPTED
         expected = valid_data.copy()
-        expected['password'] = expected['confirm_password'] = CRYPTED
+        expected['password'] = CRYPTED
+        del expected['confirm_password']
 
         done_btn = view_helpers.find_button_matching(view, "^Done$")
         view_helpers.click(done_btn)
 
-        view.controller.create_user.assert_called_once_with(expected)
+        view.controller.done.assert_called_once_with(expected)
 
     def test_can_tab_to_done_when_valid(self):
         # Urwid doesn't distinguish very well between widgets that are

subiquitycore/user.py

@@ -1,67 +0,0 @@
-# Copyright 2016 Canonical, Ltd.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-import logging
-import os
-import time
-
-from subiquitycore.utils import run_command
-
-
-log = logging.getLogger("subiquitycore.user")
-
-
-def create_user(userinfo, dryrun=False, extra_args=[]):
-    """Create a user according to the information in userinfo."""
-    usercmds = []
-    username = userinfo['username']
-
-    useradd = ["useradd", "-m", "-p", userinfo['confirm_password'], username] + extra_args
-    usercmds.append(useradd)
-    if 'ssh_import_id' in userinfo:
-        target = "/home/{}/.ssh/authorized_keys".format(username)
-        ssh_id = userinfo['ssh_import_id']
-        if ssh_id.startswith('sso'):
-            log.info('call out to SSO login')
-        else:
-            ssh_import_id = ["ssh-import-id", "-o", target, ssh_id]
-            usercmds.append(ssh_import_id)
-
-    if not dryrun:
-        for cmd in usercmds:
-            # TODO(mwhudson): Check return value!
-            run_command(cmd, shell=False)
-
-        # always run chown last
-        homedir = '/home/' + username
-        retries = 10
-        while not os.path.exists(homedir) and retries > 0:
-            log.debug('waiting on homedir')
-            retries -= 1
-            time.sleep(0.2)
-
-        if retries <= 0:
-            raise ValueError('Failed to create homedir')
-
-        chown = ["chown", "{0}.{0}".format(username), "-R", homedir]
-        # TODO(mwhudson): Check return value!
-        run_command(chown, shell=False)
-
-        # add sudo rule
-        with open('/etc/sudoers.d/installer-user', 'w') as fh:
-            fh.write('# installer added user\n\n')
-            fh.write('{} ALL=(ALL) NOPASSWD:ALL\n'.format(username))
-    else:
-        log.info('dry-run, skipping user configuration')