Example #1
0
def settings_set(conninfo,
                 credentials,
                 bind_uri,
                 base_dn,
                 ldap_schema='RFC2307',
                 user='',
                 password='',
                 gids_extension=False,
                 encrypt_connection=True,
                 ldap_schema_description=None):

    method = 'PUT'
    uri = '/v1/ldap/settings'

    settings = {
        'bind_uri': util.check_ascii(bind_uri, 'bind_uri'),
        'base_dn': util.check_unicode(base_dn, 'base_dn'),
        'ldap_schema': util.check_ascii(ldap_schema, 'ldap_schema'),
        'user': util.check_unicode(user, 'user'),
        'gids_extension': gids_extension,
        'encrypt_connection': encrypt_connection,
    }
    if password is not None:
        settings['password'] = util.check_unicode(password, 'password')
    if ldap_schema_description is not None:
        settings['ldap_schema_description'] = ldap_schema_description

    return request.rest_request(conninfo,
                                credentials,
                                method,
                                uri,
                                body=settings)
Example #2
0
def add_user(
    conninfo, credentials, name, primary_group, uid, home_directory=None):
    method = "POST"
    uri = "/v1/users/"

    user_info = {
        'name':          util.check_unicode(name, 'username'),
        'primary_group': str(primary_group),
        'uid':           '' if uid is None else str(uid),
        'home_directory': util.check_unicode(home_directory, 'home_directory'),
    }

    return request.rest_request(
        conninfo, credentials, method, uri, body=user_info)
Example #3
0
def add_user_mapping_from_args(entry, args, must_set=True):
    '''
    @p must_set indicates whether it is mandatory that a user mapping be
        set.  This would be False when modifying an entry that already has
        squashing enabled, in which case the anon user is already set and it is
        not necessary to change it.
    '''
    if must_set and not (args.anon_local or (args.anon_uid is not None)):
        raise ValueError(
            "Must specify an anonymous identity when enabling squashing.")
    if args.anon_local and (args.anon_gid is not None):
        raise ValueError("Cannot specify both --anon-local and --anon-gid.")
    if args.anon_local:
        entry.map_to_user = {
            'id_type': 'LOCAL_USER',
            'id_value': util.check_unicode(args.anon_local, 'anon local')
        }
        if 'map_to_group' in entry.dictionary():
            del entry.map_to_group
    elif args.anon_uid is not None:
        if args.anon_gid is None:
            raise ValueError(
                "Must provide --anon-gid when --anon-uid is given.")
        entry.map_to_user = {
            'id_type': 'NFS_UID',
            'id_value': str(args.anon_uid)
        }
        entry.map_to_group = {
            'id_type': 'NFS_GID',
            'id_value': str(args.anon_gid)
        }
Example #4
0
def set_user_password(conninfo, credentials, user_id, new_password):
    user_id = int(user_id)
    new_password = util.check_unicode(new_password, 'password')

    method = "POST"
    uri = "/v1/users/%d/setpassword" % user_id
    body = { 'new_password' : new_password }

    return request.rest_request(conninfo, credentials, method, uri, body=body)
Example #5
0
def modify_user(conninfo, credentials, user_id, name, primary_group,
        uid, home_directory=None, if_match=None):
    user_id = int(user_id)
    if_match = if_match if if_match is None else str(if_match)

    method = "PUT"
    uri = "/v1/users/%d" % user_id

    user_info = {
        'id':            str(user_id),
        'name':          util.check_unicode(name, 'username'),
        'primary_group': str(primary_group),
        'uid':           '' if uid is None else str(uid),
        'home_directory': util.check_unicode(home_directory, 'home_directory'),
    }

    return request.rest_request(
        conninfo, credentials, method, uri, body=user_info, if_match=if_match)
Example #6
0
def add_group(conninfo, credentials, name, gid):
    gid = gid if gid is None else str(gid)

    method = "POST"
    uri = "/v1/groups/"

    group_info = {
        'name': util.check_unicode(name, 'group name'),
        'gid':  gid if gid is not None else '',
    }

    return request.rest_request(conninfo, credentials, method, uri,
        body=group_info)
Example #7
0
def settings_set_v2(conninfo,
                    credentials,
                    bind_uri,
                    base_distinguished_names,
                    use_ldap=False,
                    user='',
                    password='',
                    encrypt_connection=True,
                    ldap_schema='RFC2307',
                    ldap_schema_description=None):

    method = 'PUT'
    uri = '/v2/ldap/settings'

    settings = {
        'use_ldap':
        use_ldap,
        'bind_uri':
        util.check_ascii(bind_uri, 'bind_uri'),
        'base_distinguished_names':
        util.check_unicode(base_distinguished_names,
                           'base_distinguished_names'),
        'ldap_schema':
        util.check_ascii(ldap_schema, 'ldap_schema'),
        'user':
        util.check_unicode(user, 'user'),
        'encrypt_connection':
        encrypt_connection,
    }
    if password is not None:
        settings['password'] = util.check_unicode(password, 'password')
    if ldap_schema_description is not None:
        settings['ldap_schema_description'] = ldap_schema_description

    return request.rest_request(conninfo,
                                credentials,
                                method,
                                uri,
                                body=settings)
Example #8
0
def get_user_id(conninfo, credentials, value):
    # First, try to parse as an integer
    try:
        return request.RestResponse(int(value), 'etag')
    except ValueError:
        pass

    value = util.check_unicode(value, 'user_name')

    # Second, look up the user by name
    data, etag = list_users(conninfo, credentials)
    for user in data:
        if user['name'] == value:
            return request.RestResponse(int(user['id']), etag)

    raise ValueError('Unable to convert "%s" to a user id' % value)
Example #9
0
def modify_group(conninfo, credentials, group_id, name, gid, if_match=None):
    group_id = int(group_id)
    name = util.check_unicode(name, 'group_name')
    gid = gid if gid is None else str(gid)
    if_match = if_match if if_match is None else str(if_match)

    method = "PUT"
    uri = "/v1/groups/%d" % group_id

    group_info = {
        'id':   str(group_id),
        'name': name,
        'gid':  gid if gid is not None else '',
    }

    return request.rest_request(conninfo, credentials, method, uri,
        body=group_info, if_match=if_match)