Beispiel #1
0
 def __init__(self):
     try:
         self.handler = LDAPDAO()
         self.schema_loaded = False
     except ldap.INVALID_CREDENTIALS:
         raise TargetInvalidCredentials('LDAP invalid credentials')
     except ldap.SERVER_DOWN:
         raise TargetConnectionError("LDAP server is down")
Beispiel #2
0
 def __init__(self):
     try:
         self.handler = LDAPDAO()
         self.schema_loaded = False
     except ldap.INVALID_CREDENTIALS:
         raise TargetInvalidCredentials('LDAP invalid credentials')
     except ldap.SERVER_DOWN:
         raise TargetConnectionError("LDAP server is down")
Beispiel #3
0
class TargetLDAPImplementation():
    def __init__(self):
        try:
            self.handler = LDAPDAO()
            self.schema_loaded = False
        except ldap.INVALID_CREDENTIALS:
            raise TargetInvalidCredentials('LDAP invalid credentials')
        except ldap.SERVER_DOWN:
            raise TargetConnectionError("LDAP server is down")

    def __load_schema(self):
        if self.schema_loaded == False:
            self.schema = self.handler.search('cn=schema', '(objectClass=*)', ldap.SCOPE_BASE, ['+'])
            self.schema_loaded = True

    def getAttributes(self):
        self.__load_schema()
        # Ugly way to parse a schema entry...
        result_set = []
        for dn, entry in self.schema:
            for attribute in entry['attributeTypes']:
                # Skip aliases to prevent schema violations
                aBuffer = attribute.rsplit(' ')
                if aBuffer[3] != '(':
                    result_set.append(aBuffer[3].replace('\'', ''))
                else:
                    result_set.append(aBuffer[4].replace('\'', ''))
        return result_set

    def getObjectClasses(self):
        self.__load_schema()
        result_set = []
        for dn, entry in self.schema:
            for attribute in entry['objectClasses']:
                # Skip aliases to prevent schema violations
                aBuffer = attribute.rsplit(' ')
                if aBuffer[3] != '(':
                    result_set.append(aBuffer[3].replace('\'', ''))
                else:
                    result_set.append(aBuffer[4].replace('\'', ''))
        return result_set

    def getInstanceObjectClasses(self, lbeObjectTemplate, lbeObjectInstance, SCOPE):
        objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)

        rdnAttributeName = lbeObjectTemplate.instanceNameAttribute.name
        dn = rdnAttributeName + '=' + lbeObjectInstance.attributes[rdnAttributeName][
            0] + ',' + objectHelper.callScriptClassMethod('base_dn')

        filter = '(objectClass=*)'

        object = self.handler.search(dn, filter, SCOPE)
        if object == []:
            return []
        return object[0][1]["objectClass"]



    @classmethod
    def _ldap_date(cls, date):
        return date.strftime('%Y%m%d%H%M%SZ')

    def searchNewObjects(self, lbeObjectTemplate, SCOPE, start=0, page=0):
        objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)
        filter = '(&(createTimeStamp>=' + self._ldap_date(lbeObjectTemplate.imported_at) + ')'
        for oc in objectHelper.callScriptClassMethod('object_classes'):
            filter += '(objectClass=' + oc + ')'
        filter += ')'

        return self.searchObjects(lbeObjectTemplate, SCOPE, filter, start, page)

    # TODO: add a parameter to get all ldap attributes, used for reconciliation task
    def searchObjects(self, lbeObjectTemplate, SCOPE, filter=None, start=0, page=0):
        result_set = []
        # Call methods from object's script to get basedn and objectClass
        objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)
        if filter is None:
            filter = '(&'
            for oc in objectHelper.callScriptClassMethod('object_classes'):
                filter += '(objectClass=' + oc + ')'
            filter += ')'#(modifyTimestamp>'+str(calendar.timegm(lbeObjectTemplate.synced_at.utctimetuple()))+'Z))'

        # Search in object's basedn
        if SCOPE != 0 and SCOPE != 1 and SCOPE != 2:
            SCOPE = 0 # BASE

        for dn, entry in self.handler.search(objectHelper.callScriptClassMethod('base_dn'), filter, SCOPE,
                                             ['*', '+']):
            # Create an empty instance
            objectInstance = LBEObjectInstance(lbeObjectTemplate,
                                               name=entry[lbeObjectTemplate.instanceNameAttribute.name][0])
            # Add attributes defined in the template. Other ones are ignored
            try:  # Object
                for attributeInstance in lbeObjectTemplate.lbeattributeinstance_set.all():
                    try:
                        objectInstance.attributes[attributeInstance.lbeAttribute.name] = entry[
                            attributeInstance.lbeAttribute.name]
                    except KeyError, e:
                        logger.warning(
                            'The attribute ' + attributeInstance.lbeAttribute.name + ' does not exist in LDAP object: ' + dn)
                    # Set displayName and few others attributes
                objectInstance.displayName = entry[lbeObjectTemplate.instanceDisplayNameAttribute.name][0]
                objectInstance.status = OBJECT_STATE_IMPORTED
                objectInstance.created_at = datetime.datetime.strptime(entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
                try:
                    objectInstance.updated_at = datetime.datetime.strptime(entry['modifyTimestamp'][0], '%Y%m%d%H%M%SZ')
                except KeyError:
                    objectInstance.updated_at = datetime.datetime.strptime(entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
                result_set.append(objectInstance)
            except AttributeError:  # Group:
                groupInstance = GroupInstanceHelper(lbeObjectTemplate)
                objectInstance.displayName = entry['cn'][0]
                objectInstance.attributes[u'cn'] = entry['cn']
                if groupInstance.attributeName in entry:
                    objectInstance.attributes[groupInstance.attributeName] = entry[groupInstance.attributeName]
                else:
                    objectInstance.attributes[groupInstance.attributeName] = []
                objectInstance.status = OBJECT_STATE_IMPORTED
                objectInstance.created_at = datetime.datetime.strptime(entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
                try:
                    objectInstance.updated_at = datetime.datetime.strptime(entry['modifyTimestamp'][0], '%Y%m%d%H%M%SZ')
                except KeyError:
                    objectInstance.updated_at = datetime.datetime.strptime(entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
                result_set.append(objectInstance)
Beispiel #4
0
class TargetLDAPImplementation():
    def __init__(self):
        try:
            self.handler = LDAPDAO()
            self.schema_loaded = False
        except ldap.INVALID_CREDENTIALS:
            raise TargetInvalidCredentials('LDAP invalid credentials')
        except ldap.SERVER_DOWN:
            raise TargetConnectionError("LDAP server is down")

    def __load_schema(self):
        if self.schema_loaded == False:
            self.schema = self.handler.search('cn=schema', '(objectClass=*)',
                                              ldap.SCOPE_BASE, ['+'])
            self.schema_loaded = True

    def getAttributes(self):
        self.__load_schema()
        # Ugly way to parse a schema entry...
        result_set = []
        for dn, entry in self.schema:
            for attribute in entry['attributeTypes']:
                # Skip aliases to prevent schema violations
                aBuffer = attribute.rsplit(' ')
                if aBuffer[3] != '(':
                    result_set.append(aBuffer[3].replace('\'', ''))
                else:
                    result_set.append(aBuffer[4].replace('\'', ''))
        return result_set

    def getObjectClasses(self):
        self.__load_schema()
        result_set = []
        for dn, entry in self.schema:
            for attribute in entry['objectClasses']:
                # Skip aliases to prevent schema violations
                aBuffer = attribute.rsplit(' ')
                if aBuffer[3] != '(':
                    result_set.append(aBuffer[3].replace('\'', ''))
                else:
                    result_set.append(aBuffer[4].replace('\'', ''))
        return result_set

    def getInstanceObjectClasses(self, lbeObjectTemplate, lbeObjectInstance,
                                 SCOPE):
        objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)

        rdnAttributeName = lbeObjectTemplate.instanceNameAttribute.name
        dn = rdnAttributeName + '=' + lbeObjectInstance.attributes[
            rdnAttributeName][0] + ',' + objectHelper.callScriptClassMethod(
                'base_dn')

        filter = '(objectClass=*)'

        object = self.handler.search(dn, filter, SCOPE)
        if object == []:
            return []
        return object[0][1]["objectClass"]

    @classmethod
    def _ldap_date(cls, date):
        return date.strftime('%Y%m%d%H%M%SZ')

    def searchNewObjects(self, lbeObjectTemplate, SCOPE, start=0, page=0):
        objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)
        filter = '(&(createTimeStamp>=' + self._ldap_date(
            lbeObjectTemplate.imported_at) + ')'
        for oc in objectHelper.callScriptClassMethod('object_classes'):
            filter += '(objectClass=' + oc + ')'
        filter += ')'

        return self.searchObjects(lbeObjectTemplate, SCOPE, filter, start,
                                  page)

    # TODO: add a parameter to get all ldap attributes, used for reconciliation task
    def searchObjects(self,
                      lbeObjectTemplate,
                      SCOPE,
                      filter=None,
                      start=0,
                      page=0):
        result_set = []
        # Call methods from object's script to get basedn and objectClass
        objectHelper = LBEObjectInstanceHelper(lbeObjectTemplate)
        if filter is None:
            filter = '(&'
            for oc in objectHelper.callScriptClassMethod('object_classes'):
                filter += '(objectClass=' + oc + ')'
            filter += ')'  #(modifyTimestamp>'+str(calendar.timegm(lbeObjectTemplate.synced_at.utctimetuple()))+'Z))'

        # Search in object's basedn
        if SCOPE != 0 and SCOPE != 1 and SCOPE != 2:
            SCOPE = 0  # BASE

        for dn, entry in self.handler.search(
                objectHelper.callScriptClassMethod('base_dn'), filter, SCOPE,
            ['*', '+']):
            # Create an empty instance
            objectInstance = LBEObjectInstance(
                lbeObjectTemplate,
                name=entry[lbeObjectTemplate.instanceNameAttribute.name][0])
            # Add attributes defined in the template. Other ones are ignored
            try:  # Object
                for attributeInstance in lbeObjectTemplate.lbeattributeinstance_set.all(
                ):
                    try:
                        objectInstance.attributes[
                            attributeInstance.lbeAttribute.name] = entry[
                                attributeInstance.lbeAttribute.name]
                    except KeyError, e:
                        logger.warning('The attribute ' +
                                       attributeInstance.lbeAttribute.name +
                                       ' does not exist in LDAP object: ' + dn)
                    # Set displayName and few others attributes
                objectInstance.displayName = entry[
                    lbeObjectTemplate.instanceDisplayNameAttribute.name][0]
                objectInstance.status = OBJECT_STATE_IMPORTED
                objectInstance.created_at = datetime.datetime.strptime(
                    entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
                try:
                    objectInstance.updated_at = datetime.datetime.strptime(
                        entry['modifyTimestamp'][0], '%Y%m%d%H%M%SZ')
                except KeyError:
                    objectInstance.updated_at = datetime.datetime.strptime(
                        entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
                result_set.append(objectInstance)
            except AttributeError:  # Group:
                groupInstance = GroupInstanceHelper(lbeObjectTemplate)
                objectInstance.displayName = entry['cn'][0]
                objectInstance.attributes[u'cn'] = entry['cn']
                if groupInstance.attributeName in entry:
                    objectInstance.attributes[
                        groupInstance.attributeName] = entry[
                            groupInstance.attributeName]
                else:
                    objectInstance.attributes[groupInstance.attributeName] = []
                objectInstance.status = OBJECT_STATE_IMPORTED
                objectInstance.created_at = datetime.datetime.strptime(
                    entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
                try:
                    objectInstance.updated_at = datetime.datetime.strptime(
                        entry['modifyTimestamp'][0], '%Y%m%d%H%M%SZ')
                except KeyError:
                    objectInstance.updated_at = datetime.datetime.strptime(
                        entry['createTimestamp'][0], '%Y%m%d%H%M%SZ')
                result_set.append(objectInstance)