def __init__(self):
try:
self.handler = LDAPDAO()
self.schema_loaded = False
except ldap.INVALID_CREDENTIALS:
raise TargetInvalidCredentials('LDAP invalid credentials')
except ldap.SERVER_DOWN:
raise TargetConnectionError("LDAP server is down")
def __init__(self):
try:
self.handler = LDAPDAO()
self.schema_loaded = False
except ldap.INVALID_CREDENTIALS:
raise TargetInvalidCredentials('LDAP invalid credentials')
except ldap.SERVER_DOWN:
raise TargetConnectionError("LDAP server is down")
class TargetLDAPImplementation():
def __init__(self):
try:
self.handler = LDAPDAO()
self.schema_loaded = False
except ldap.INVALID_CREDENTIALS:
raise TargetInvalidCredentials('LDAP invalid credentials')
except ldap.SERVER_DOWN:
raise TargetConnectionError("LDAP server is down")
def __load_schema(self):
if self.schema_loaded == False:
self.schema = self.handler.search('cn=schema', '(objectClass=*)', ldap.SCOPE_BASE, ['+'])
self.schema_loaded = True
def getAttributes(self):
self.__load_schema()
# Ugly way to parse a schema entry...
result_set = []
for dn, entry in self.schema:
for attribute in entry['attributeTypes']:
# Skip aliases to prevent schema violations
aBuffer = attribute.rsplit(' ')
if aBuffer[3] != '(':
result_set.append(aBuffer[3].replace('\'', ''))
else:
result_set.append(aBuffer[4].replace('\'', ''))
return result_set
def getObjectClasses(self):
self.__load_schema()
result_set = []
for dn, entry in self.schema:
for attribute in entry['objectClasses']:
# Skip aliases to prevent schema violations
aBuffer = attribute.rsplit(' ')
if aBuffer[3] != '(':
result_set.append(aBuffer[3].replace('\'', ''))
else:
result_set.append(aBuffer[4].replace('\'', ''))
return result_set
def getInstanceObjectClasses(self, lbeObjectTemplate, lbeObjectInstance, SCOPE):
objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)
rdnAttributeName = lbeObjectTemplate.instanceNameAttribute.name
dn = rdnAttributeName + '=' + lbeObjectInstance.attributes[rdnAttributeName][
0] + ',' + objectHelper.callScriptClassMethod('base_dn')
filter = '(objectClass=*)'
object = self.handler.search(dn, filter, SCOPE)
if object == []:
return []
return object[0][1]["objectClass"]
@classmethod
def _ldap_date(cls, date):
return date.strftime('%Y%m%d%H%M%SZ')
def searchNewObjects(self, lbeObjectTemplate, SCOPE, start=0, page=0):
objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)
filter = '(&(createTimeStamp>=' + self._ldap_date(lbeObjectTemplate.imported_at) + ')'
for oc in objectHelper.callScriptClassMethod('object_classes'):
filter += '(objectClass=' + oc + ')'
filter += ')'
return self.searchObjects(lbeObjectTemplate, SCOPE, filter, start, page)
# TODO: add a parameter to get all ldap attributes, used for reconciliation task
def searchObjects(self, lbeObjectTemplate, SCOPE, filter=None, start=0, page=0):
result_set = []
# Call methods from object's script to get basedn and objectClass
objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)
if filter is None:
filter = '(&'
for oc in objectHelper.callScriptClassMethod('object_classes'):
filter += '(objectClass=' + oc + ')'
filter += ')'#(modifyTimestamp>'+str(calendar.timegm(lbeObjectTemplate.synced_at.utctimetuple()))+'Z))'
# Search in object's basedn
if SCOPE != 0 and SCOPE != 1 and SCOPE != 2:
SCOPE = 0 # BASE
for dn, entry in self.handler.search(objectHelper.callScriptClassMethod('base_dn'), filter, SCOPE,
['*', '+']):
# Create an empty instance
objectInstance = LBEObjectInstance(lbeObjectTemplate,
name=entry[lbeObjectTemplate.instanceNameAttribute.name][0])
# Add attributes defined in the template. Other ones are ignored
try: # Object
for attributeInstance in lbeObjectTemplate.lbeattributeinstance_set.all():
try:
objectInstance.attributes[attributeInstance.lbeAttribute.name] = entry[
attributeInstance.lbeAttribute.name]
except KeyError, e:
logger.warning(
'The attribute ' + attributeInstance.lbeAttribute.name + ' does not exist in LDAP object: ' + dn)
# Set displayName and few others attributes
objectInstance.displayName = entry[lbeObjectTemplate.instanceDisplayNameAttribute.name][0]
objectInstance.status = OBJECT_STATE_IMPORTED
objectInstance.created_at = datetime.datetime.strptime(entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
try:
objectInstance.updated_at = datetime.datetime.strptime(entry['modifyTimestamp'][0], '%Y%m%d%H%M%SZ')
except KeyError:
objectInstance.updated_at = datetime.datetime.strptime(entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
result_set.append(objectInstance)
except AttributeError: # Group:
groupInstance = GroupInstanceHelper(lbeObjectTemplate)
objectInstance.displayName = entry['cn'][0]
objectInstance.attributes[u'cn'] = entry['cn']
if groupInstance.attributeName in entry:
objectInstance.attributes[groupInstance.attributeName] = entry[groupInstance.attributeName]
else:
objectInstance.attributes[groupInstance.attributeName] = []
objectInstance.status = OBJECT_STATE_IMPORTED
objectInstance.created_at = datetime.datetime.strptime(entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
try:
objectInstance.updated_at = datetime.datetime.strptime(entry['modifyTimestamp'][0], '%Y%m%d%H%M%SZ')
except KeyError:
objectInstance.updated_at = datetime.datetime.strptime(entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
result_set.append(objectInstance)
class TargetLDAPImplementation():
def __init__(self):
try:
self.handler = LDAPDAO()
self.schema_loaded = False
except ldap.INVALID_CREDENTIALS:
raise TargetInvalidCredentials('LDAP invalid credentials')
except ldap.SERVER_DOWN:
raise TargetConnectionError("LDAP server is down")
def __load_schema(self):
if self.schema_loaded == False:
self.schema = self.handler.search('cn=schema', '(objectClass=*)',
ldap.SCOPE_BASE, ['+'])
self.schema_loaded = True
def getAttributes(self):
self.__load_schema()
# Ugly way to parse a schema entry...
result_set = []
for dn, entry in self.schema:
for attribute in entry['attributeTypes']:
# Skip aliases to prevent schema violations
aBuffer = attribute.rsplit(' ')
if aBuffer[3] != '(':
result_set.append(aBuffer[3].replace('\'', ''))
else:
result_set.append(aBuffer[4].replace('\'', ''))
return result_set
def getObjectClasses(self):
self.__load_schema()
result_set = []
for dn, entry in self.schema:
for attribute in entry['objectClasses']:
# Skip aliases to prevent schema violations
aBuffer = attribute.rsplit(' ')
if aBuffer[3] != '(':
result_set.append(aBuffer[3].replace('\'', ''))
else:
result_set.append(aBuffer[4].replace('\'', ''))
return result_set
def getInstanceObjectClasses(self, lbeObjectTemplate, lbeObjectInstance,
SCOPE):
objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)
rdnAttributeName = lbeObjectTemplate.instanceNameAttribute.name
dn = rdnAttributeName + '=' + lbeObjectInstance.attributes[
rdnAttributeName][0] + ',' + objectHelper.callScriptClassMethod(
'base_dn')
filter = '(objectClass=*)'
object = self.handler.search(dn, filter, SCOPE)
if object == []:
return []
return object[0][1]["objectClass"]
@classmethod
def _ldap_date(cls, date):
return date.strftime('%Y%m%d%H%M%SZ')
def searchNewObjects(self, lbeObjectTemplate, SCOPE, start=0, page=0):
objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)
filter = '(&(createTimeStamp>=' + self._ldap_date(
lbeObjectTemplate.imported_at) + ')'
for oc in objectHelper.callScriptClassMethod('object_classes'):
filter += '(objectClass=' + oc + ')'
filter += ')'
return self.searchObjects(lbeObjectTemplate, SCOPE, filter, start,
page)
# TODO: add a parameter to get all ldap attributes, used for reconciliation task
def searchObjects(self,
lbeObjectTemplate,
SCOPE,
filter=None,
start=0,
page=0):
result_set = []
# Call methods from object's script to get basedn and objectClass
objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)
if filter is None:
filter = '(&'
for oc in objectHelper.callScriptClassMethod('object_classes'):
filter += '(objectClass=' + oc + ')'
filter += ')' #(modifyTimestamp>'+str(calendar.timegm(lbeObjectTemplate.synced_at.utctimetuple()))+'Z))'
# Search in object's basedn
if SCOPE != 0 and SCOPE != 1 and SCOPE != 2:
SCOPE = 0 # BASE
for dn, entry in self.handler.search(
objectHelper.callScriptClassMethod('base_dn'), filter, SCOPE,
['*', '+']):
# Create an empty instance
objectInstance = LBEObjectInstance(
lbeObjectTemplate,
name=entry[lbeObjectTemplate.instanceNameAttribute.name][0])
# Add attributes defined in the template. Other ones are ignored
try: # Object
for attributeInstance in lbeObjectTemplate.lbeattributeinstance_set.all(
):
try:
objectInstance.attributes[
attributeInstance.lbeAttribute.name] = entry[
attributeInstance.lbeAttribute.name]
except KeyError, e:
logger.warning('The attribute ' +
attributeInstance.lbeAttribute.name +
' does not exist in LDAP object: ' + dn)
# Set displayName and few others attributes
objectInstance.displayName = entry[
lbeObjectTemplate.instanceDisplayNameAttribute.name][0]
objectInstance.status = OBJECT_STATE_IMPORTED
objectInstance.created_at = datetime.datetime.strptime(
entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
try:
objectInstance.updated_at = datetime.datetime.strptime(
entry['modifyTimestamp'][0], '%Y%m%d%H%M%SZ')
except KeyError:
objectInstance.updated_at = datetime.datetime.strptime(
entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
result_set.append(objectInstance)
except AttributeError: # Group:
groupInstance = GroupInstanceHelper(lbeObjectTemplate)
objectInstance.displayName = entry['cn'][0]
objectInstance.attributes[u'cn'] = entry['cn']
if groupInstance.attributeName in entry:
objectInstance.attributes[
groupInstance.attributeName] = entry[
groupInstance.attributeName]
else:
objectInstance.attributes[groupInstance.attributeName] = []
objectInstance.status = OBJECT_STATE_IMPORTED
objectInstance.created_at = datetime.datetime.strptime(
entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
try:
objectInstance.updated_at = datetime.datetime.strptime(
entry['modifyTimestamp'][0], '%Y%m%d%H%M%SZ')
except KeyError:
objectInstance.updated_at = datetime.datetime.strptime(
entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
result_set.append(objectInstance)