def rm(self):
"""Delete the group"""
if not self.in_db:
raise "Cannot delete group - doesn't exist"
else:
get_conn().delete_s(self.dn)
self.in_db = False
return True
def __update(self):
"""Update the user in the database"""
modlist = []
for prop in self.changed_props:
modlist.append((ldap.MOD_REPLACE, prop, self.props[prop]))
get_conn().modify_s(self.dn, modlist)
self.changed_props = []
return True
def delete(self):
"""Deletes the user with the specified username"""
if not self.in_db:
raise "Cannot delete user - doesn't exist in database"
else:
get_conn().delete_s(self.dn)
self.in_db = False
return True
def set_passwd(self, old=None, new=None):
if not self.in_db:
return False
if old == None:
# Modify operation on the db (don't know old pass)
return self.__mod_passwd(new)
else:
get_conn().passwd_s(self.dn, old, new)
return True
def bind(self, p):
if self.in_db:
sr_ldap.unbind()
try:
get_conn().bind_s(self.dn, p)
except ldap.INVALID_CREDENTIALS, ldap.LDAPError:
return False
return True
def __update(self):
if len(self.new_users) == 0 and len(self.removed_users) == 0:
return True
modlist = [(ldap.MOD_REPLACE, "memberUid", self.members)]
get_conn().modify_s(self.dn, modlist)
self.new_users = []
self.removed_users = []
def __save_new(self):
"""Save the user as a new item in the database"""
modlist = []
for prop in self.props:
modlist.append((prop, self.props[prop]))
get_conn().add_s(self.dn, modlist)
self.in_db = True
self.changed_props = []
return True
def __save_new(self):
modlist = [("objectClass", "posixGroup"), ("cn", self.name),
("gidNumber", str(self.gid))]
if len(self.members) > 0:
modlist.append(("memberUid", self.members))
get_conn().add_s(self.dn, modlist)
self.in_db = True
self.new_users = []
self.removed_users = []
return True
def list():
sr_ldap.bind()
u_res = get_conn().search_st("ou=users,o=sr",
ldap.SCOPE_ONELEVEL,
filterstr="(objectClass=inetOrgPerson)",
attrlist=["uid"])
users = [x[1]["uid"][0] for x in u_res]
return users
def list():
sr_ldap.bind()
g_res = get_conn().search_st("ou=groups,o=sr",
ldap.SCOPE_ONELEVEL,
filterstr="(objectClass=posixGroup)")
groups = [x[1]["cn"][0] for x in g_res]
return groups
def __load( self, username ):
info = get_conn().search_st( "ou=users,o=sr",
ldap.SCOPE_ONELEVEL,
filterstr="(&(objectClass=inetOrgPerson)(uid=%s))" % (username) )
if len(info) == 1:
self.dn = info[0][0]
self.props = info[0][1]
return True
else:
return False
def groups(self):
"""Returns a list of the groups the user is in"""
filter = "(&(objectClass=posixGroup)(memberUid=%s))" % (self.username)
res = get_conn().search_st("ou=groups,o=sr",
ldap.SCOPE_ONELEVEL,
filterstr=filter,
attrlist=["cn"])
groups = [x[1]["cn"][0] for x in res]
return groups
def __get_new_uidNumber(self):
"""Finds the next available UID"""
users = get_conn().search_st("ou=users,o=sr",
ldap.SCOPE_ONELEVEL,
filterstr="(objectClass=inetOrgPerson)",
attrlist=["uidNumber"])
uids = []
for uid in [int(x[1]["uidNumber"][0]) for x in users]:
uids.append(uid)
uid = 2000
while uid in uids:
uid += 1
return uid
def __load(self, name):
info = get_conn().search_st(
"ou=groups,o=sr",
ldap.SCOPE_ONELEVEL,
filterstr="(&(objectClass=posixGroup)(cn=%s))" % (name))
if len(info) == 1:
self.dn = info[0][0]
self.gid = info[0][1]["gidNumber"]
if "memberUid" in info[0][1].keys():
self.members = info[0][1]["memberUid"]
else:
self.members = []
return True
else:
return False
def __get_new_gidNumber(self):
"""Finds the next available GID"""
groups = get_conn().search_st("ou=groups,o=sr",
ldap.SCOPE_ONELEVEL,
filterstr="(objectClass=posixGroup)",
attrlist=["gidNumber"])
gids = []
for gid in [int(x[1]["gidNumber"][0]) for x in groups]:
gids.append(gid)
gid = 3000
while gid in gids:
gid += 1
return gid
def __mod_passwd(self, p):
modlist = [(ldap.MOD_REPLACE, "userPassword", encode_pass(p))]
get_conn().modify_s(self.dn, modlist)
return True
