DEVHIDE
Login Or Sign up

Can devpi-server be used to create groups?

385 Views Asked by At

Devpi's docs for the --restrict-modify param specify that in addition to specifying access rights for a user, access rights can also be modified for a group:

specify which users/groups may create other users and their indices. Multiple users and groups are separated by commas. Groups need to be prefixed with a colon like this: ':group'. [...]

There's no documentation about how to actually create a group, though; is this integrated directly with the Unix groups available on the host machine?

usergroups devpi
Original Q&A
1

There are 1 best solutions below

0
hoefling On BEST ANSWER

The devpi server does not do any group management itself. Instead, it delegates it to the auth plugins. Take a look at the devpiserver_auth_user hookspec:

return dict containing authentication validation results. A dict must be returned with a key "status" with one of the following values:

  • "ok" - authentication succeeded
  • "unknown" - no matching user, other plugins are tried
  • "reject" - invalid password, authentication stops

Optionally the plugin can return a list of group names the user is member of using the "groups" key of the result dict.

AFAIK currently there is only plugin using groups: devpi-ldap, check out its code for usage example.

As for binding the access rights to unix groups, you could easily write such an auth plugin yourself. Here is a dumb example of a plugin that does not do any real auth, only returning the unix groups the user requesting access belongs to:

# myplugin.py

import grp
from pluggy import HookimplMarker


@hookimpl(tryfirst=True)
def devpiserver_auth_user(userdict, username, password):
    # get all groups for the user
    groups = [group.gr_name for group in grp.getgrall() if username in group.gr_mem]
    return {'status': 'ok', 'groups': groups}

Now add devpi's entry point in the plugin's setup script and you're good to go:

from setuptools import setup

setup(
    name='devpi-unix-group-auth',
    py_modules=['myplugin'],
    entry_points={
    'console_scripts': {
        'devpi_server': ['devpi-unix-group-auth = myplugin']
    },
    ...
)

Related Questions in USERGROUPS

Related Questions in DEVPI

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

Copyright © 2021 Jogjafile Inc.