plugins/python: add python approval plugin example

This commit is contained in:
Robert Manner
2020-02-11 10:28:05 +01:00
committed by Todd C. Miller
parent 23af39b005
commit 80b3d86d6e
3 changed files with 21 additions and 1 deletions

View File

@@ -305,6 +305,7 @@ plugins/group_file/group_file.exp
plugins/group_file/plugin_test.c
plugins/python
plugins/python/Makefile.in
plugins/python/example_approval_plugin.py
plugins/python/example_audit_plugin.py
plugins/python/example_conversation.py
plugins/python/example_debugging.py

View File

@@ -115,7 +115,7 @@ install_gid = 0
SHELL = @SHELL@
EXAMPLES = example_conversation.py example_debugging.py example_group_plugin.py example_io_plugin.py example_policy_plugin.py \
example_audit_plugin.py
example_audit_plugin.py example_approval_plugin.py
OBJS = python_plugin_common.lo python_plugin_policy.lo python_plugin_io.lo python_plugin_group.lo pyhelpers.lo \
python_importblocker.lo python_convmessage.lo sudo_python_module.lo sudo_python_debug.lo \

View File

@@ -0,0 +1,19 @@
import sudo
from datetime import datetime
from typing import Tuple
class BusinessHoursApprovalPlugin(sudo.Plugin):
def check(self, command_info: Tuple[str, ...], run_argv: Tuple[str, ...],
run_env: Tuple[str, ...]) -> int:
error_msg = ""
now = datetime.now()
if now.weekday() >= 5:
error_msg = "That is not allowed on the weekend!"
if now.hour < 8 or now.hour > 17:
error_msg = "That is not allowed outside the business hours!"
if error_msg:
sudo.log_info(error_msg)
raise sudo.PluginReject(error_msg)