def search(self, baseDn, filter="(objectClass=*)", attrs = []): """ LDAP search query @param baseDn: baseDN for search @type baseDn: string @param filter: default (objectClass=*) @type filter: string @param attrs: attributes @type attrs: list """ if not self.__connected: return # log disconnect event tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_search(bdn=baseDn, filter=filter) ) self.logSentEvent( shortEvt = "search", tplEvt = self.encapsule(ldap_event=tpl) ) try: res = self.con.search_s(baseDn, ldap.SCOPE_SUBTREE, filter,attrs) except ldap.NO_SUCH_OBJECT: tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_error(details="%s" % e) ) self.logRecvEvent( shortEvt = "ldap search - no such object", tplEvt = self.encapsule(ldap_event=tpl) ) except Exception as e: # log error event tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_error(details="%s" % e) ) self.logRecvEvent( shortEvt = "ldap search - generic error", tplEvt = self.encapsule(ldap_event=tpl) ) else: # log connected event r_tpl= TestTemplates.Template(parent=None) r_layer= r_tpl.prepareLayer(name="", data=res) tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_response(results=r_layer) ) self.logRecvEvent( shortEvt = "results (%s)" % len(res), tplEvt = self.encapsule(ldap_event=tpl) )
def add(self, baseDn, record=[]): """ LDAP add query @param baseDn: baseDN for search @type baseDn: string @param record: record to add @type record: list """ if not self.__connected: return r_tpl= TestTemplates.Template(parent=None) r_layer= r_tpl.prepareLayer(name="", data=record) # log disconnect event tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_add(bdn=baseDn, record=r_layer) ) self.logSentEvent( shortEvt = "add", tplEvt = self.encapsule(ldap_event=tpl) ) try: self.con.add_s(baseDn,record) except ldap.ALREADY_EXISTS as e: tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_error(details="%s" % str(e) ) ) self.logRecvEvent( shortEvt = "ldap add - entry already exits", tplEvt = self.encapsule(ldap_event=tpl) ) except Exception as e: tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_error(details="%s" % str(e) ) ) self.logRecvEvent( shortEvt = "ldap add - generic error", tplEvt = self.encapsule(ldap_event=tpl) ) else: tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_response() ) self.logRecvEvent( shortEvt = "add success", tplEvt = self.encapsule(ldap_event=tpl) )
def connect(self):
"""
LDAP connection
"""
# log connect event
tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_connect(dn=self.cfg['dn']) )
self.logSentEvent( shortEvt = "connection", tplEvt = self.encapsule(ldap_event=tpl) )
try:
if self.cfg["ssl-support"]:
self.con = ldap.initialize('ldaps://%s:%s'%(self.cfg['ip'],self.cfg['port']))
else:
self.con = ldap.initialize('ldap://%s:%s'%(self.cfg['ip'],self.cfg['port']))
self.con.bind_s(self.cfg['dn'], self.cfg['password'])
self.__connected = True
except ldap.INVALID_CREDENTIALS as e:
# log error event
tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_error(details="%s" % e) )
self.logRecvEvent( shortEvt = "ldap connect - authentication error", tplEvt = self.encapsule(ldap_event=tpl) )
except ldap.LDAPError as e:
# log error event
tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_error(details="%s" % e) )
self.logRecvEvent( shortEvt = "ldap connect - error", tplEvt = self.encapsule(ldap_event=tpl) )
except Exception as e:
# log error event
tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_error(details="%s" % e) )
self.logRecvEvent( shortEvt = "ldap connect - generic error", tplEvt = self.encapsule(ldap_event=tpl) )
else:
# log connected event
tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_connected() )
self.logRecvEvent( shortEvt = "connected", tplEvt = self.encapsule(ldap_event=tpl) )
def deleteAttribute(self, baseDn, attrName, value): """ Delete attribute @param baseDn: baseDn @type baseDn: string @param attrName: attrName @type attrName: string @param value: value to manipulate @type value: string """ if not self.__connected: return # log disconnect event tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_delete_attribute(bdn=baseDn, attr=attrName, value=value) ) self.logSentEvent( shortEvt = "delete attribute", tplEvt = self.encapsule(ldap_event=tpl) ) try: mod_attrs = [(ldap.MOD_DELETE, attrName, value)] result = self.con.modify_s(baseDn, mod_attrs) except Exception as e: # log error event tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_error(details="%s" % e) ) self.logRecvEvent( shortEvt = "ldap delete attribute - generic error", tplEvt = self.encapsule(ldap_event=tpl) ) else: tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_response() ) self.logRecvEvent( shortEvt = "delete attribute success", tplEvt = self.encapsule(ldap_event=tpl) )
def delete(self, baseDn): """ Delete entry @param baseDn: baseDn @type baseDn: string """ if not self.__connected: return # log disconnect event tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_delete() ) self.logSentEvent( shortEvt = "delete", tplEvt = self.encapsule(ldap_event=tpl) ) try: result = self.con.delete(baseDn) except Exception as e: # log error event tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_error(details="%s" % e) ) self.logRecvEvent( shortEvt = "ldap delete - generic error", tplEvt = self.encapsule(ldap_event=tpl) ) else: tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_response() ) self.logRecvEvent( shortEvt = "deleted", tplEvt = self.encapsule(ldap_event=tpl) )
def disconnect(self): """ LDAP disconnection """ if not self.__connected: return # log disconnect event tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_disconnect() ) self.logSentEvent( shortEvt = "disconnection", tplEvt = self.encapsule(ldap_event=tpl) ) try: self.con.unbind() self.__connected = False except Exception as e: # log error event tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_error(details="%s" % e) ) self.logRecvEvent( shortEvt = "ldap disconnect - generic error", tplEvt = self.encapsule(ldap_event=tpl) ) else: # log disconnected event tpl = templates.ldap( ip=self.cfg['ip'], port=self.cfg['port'], more=templates.ldap_disconnected() ) self.logRecvEvent( shortEvt = "disconnected", tplEvt = self.encapsule(ldap_event=tpl) )