Dynamic role-based API checker for CloudStack - Migration from old commands.properties file

## create-rolemaps.py
#!/bin/env python
# Usage: python <script> <commands.properties file>
import sys
import uuid

def createMappings(apis):
    # All apis allowed for root Admin
    print("INSERT INTO `cloud`.`role_permissions` (`uuid`, `role_id`, `rule`, `permission`) values (UUID(), 1, '*', 'Allow')")
    # ResourceAdmin, DomainAdmin, User
    roles = [2, 3, 4]
    octetKey = {2:2, 3:4, 4:8}
    for role in roles:
        for api in sorted(apis.keys()):
            value = int(apis[api])
            if value & octetKey[role] > 0:
                print("INSERT INTO `cloud`.`role_permissions` (`uuid`, `role_id`, `rule`, `permission`) values (UUID(), %d, '%s', 'Allow') ON DUPLICATE KEY UPDATE rule=rule;" % (role, api))

def main():
    print("INSERT INTO `cloud`.`roles` (`id`, `uuid`, `name`, `type`) values (1, '%s', 'Admin', 'Admin') ON DUPLICATE KEY UPDATE name=name;" % uuid.uuid4())
    print("INSERT INTO `cloud`.`roles` (`id`, `uuid`, `name`, `type`) values (2, '%s', 'Resource Admin', 'ResourceAdmin') ON DUPLICATE KEY UPDATE name=name;" % uuid.uuid4())
    print("INSERT INTO `cloud`.`roles` (`id`, `uuid`, `name`, `type`) values (3, '%s', 'Domain Admin', 'DomainAdmin') ON DUPLICATE KEY UPDATE name=name;" % uuid.uuid4())
    print("INSERT INTO `cloud`.`roles` (`id`, `uuid`, `name`, `type`) values (4, '%s', 'User', 'User') ON DUPLICATE KEY UPDATE name=name;" % uuid.uuid4())

    with open(sys.argv[1]) as f:
        data = f.read()
        apiMap = {} # {name = octet}
        for line in data.split('\n'):
            if not line or line == '' or line.startswith('#'):
                continue
            name, value = line.split('=')
            apiMap[name] = value
        createMappings(apiMap)

if __name__ == '__main__':
    main()
	#!/bin/env python
	# Usage: python <script> <commands.properties file>
	import sys
	import uuid

	def createMappings(apis):
	# All apis allowed for root Admin
	print("INSERT INTO `cloud`.`role_permissions` (`uuid`, `role_id`, `rule`, `permission`) values (UUID(), 1, '*', 'Allow')")
	# ResourceAdmin, DomainAdmin, User
	roles = [2, 3, 4]
	octetKey = {2:2, 3:4, 4:8}
	for role in roles:
	for api in sorted(apis.keys()):
	value = int(apis[api])
	if value & octetKey[role] > 0:
	print("INSERT INTO `cloud`.`role_permissions` (`uuid`, `role_id`, `rule`, `permission`) values (UUID(), %d, '%s', 'Allow') ON DUPLICATE KEY UPDATE rule=rule;" % (role, api))

	def main():
	print("INSERT INTO `cloud`.`roles` (`id`, `uuid`, `name`, `type`) values (1, '%s', 'Admin', 'Admin') ON DUPLICATE KEY UPDATE name=name;" % uuid.uuid4())
	print("INSERT INTO `cloud`.`roles` (`id`, `uuid`, `name`, `type`) values (2, '%s', 'Resource Admin', 'ResourceAdmin') ON DUPLICATE KEY UPDATE name=name;" % uuid.uuid4())
	print("INSERT INTO `cloud`.`roles` (`id`, `uuid`, `name`, `type`) values (3, '%s', 'Domain Admin', 'DomainAdmin') ON DUPLICATE KEY UPDATE name=name;" % uuid.uuid4())
	print("INSERT INTO `cloud`.`roles` (`id`, `uuid`, `name`, `type`) values (4, '%s', 'User', 'User') ON DUPLICATE KEY UPDATE name=name;" % uuid.uuid4())

	with open(sys.argv[1]) as f:
	data = f.read()
	apiMap = {} # {name = octet}
	for line in data.split('\n'):
	if not line or line == '' or line.startswith('#'):
	continue
	name, value = line.split('=')
	apiMap[name] = value
	createMappings(apiMap)

	if __name__ == '__main__':
	main()