def guess_username(self, lo, date_format):
# already provided. use this one
if self.name:
return self.name
# search database
hints = []
if self.lastname:
hints.append(
expression('lastname', escape_filter_chars(self.lastname)))
if self.firstname:
hints.append(
expression('firstname',
escape_filter_chars(self.firstname)))
if self.birthday:
hints.append(
expression(
'birthday',
escape_filter_chars(
unformat_date(self.birthday, date_format))))
if hints:
ldap_filter = conjunction('&', hints)
udm_obj = self.get_first_udm_obj(lo, str(ldap_filter))
if udm_obj:
return udm_obj['username']
# generate a reasonable one
firstname = u''
if self.firstname:
firstname = u'%s' % (self.firstname.split()[0].lower(), )
lastname = u''
if self.lastname:
lastname = u'%s' % (self.lastname.split()[-1].lower())
firstname = self.RE_UID_INVALID.sub('', firstname)
lastname = self.RE_UID_INVALID.sub('', lastname)
def replace_invalid_chars(u):
return re.sub(r'^(?:[^\w]+)?(.*?)(?:[^\w]+)?$', r'\1', u,
re.UNICODE)
if ucr.is_true(
'ucsschool/csvimport/username/generation/firstname_lastname',
False):
username = firstname + (u'.' if firstname else u'') + lastname
return replace_invalid_chars(username)
if firstname:
firstname = firstname[:5] + '.'
username = firstname + lastname[:5]
maxlength = 20 - len(
ucr.get('ucsschool/ldap/default/userprefix/exam', 'exam-'))
return replace_invalid_chars(username[:maxlength])
def rewrite_rev(filter, subnet):
"""Rewrite LDAP filter expression and convert (ip) -> (zone,reversed)
>>> rewrite_rev(expression('ip', '1.2.3.4'), subnet='1.2')
conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '4.3', '=')])
>>> rewrite_rev(expression('ip', '1.2.3.*', escape=False), subnet='1.2')
conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '*.3', '=')])
>>> rewrite_rev(expression('ip', '1.2.*.*', escape=False), subnet='1.2')
conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '*.*', '=')])
>>> rewrite_rev(expression('ip', '1.2.*.4', escape=False), subnet='1.2')
conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '4.*', '=')])
>>> rewrite_rev(expression('ip', '1.2.*', escape=False), subnet='1.2')
conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '*', '=')])
>>> rewrite_rev(expression('ip', '1:2:3:4:5:6:7:8'), subnet='0001:0002')
conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '8.0.0.0.7.0.0.0.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0', '=')])
>>> rewrite_rev(expression('ip', '1:2:3:4:5:6:7:*', escape=False), subnet='0001:0002')
conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '*.7.0.0.0.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0', '=')])
>>> rewrite_rev(expression('ip', '1:2:3:4:5:6:*:8', escape=False), subnet='0001:0002')
conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '8.0.0.0.*.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0', '=')])
>>> rewrite_rev(expression('ip', '1:2:3:*', escape=False), subnet='0001:0002')
conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '*.3.0.0.0', '=')])
"""
if isinstance(filter, conjunction):
filter.expressions = [
rewrite_rev(expr, subnet) for expr in filter.expressions
]
if isinstance(filter, expression) and filter.variable == 'ip':
if ':' in subnet:
string = ''.join(subnet.split(':'))
prefix = len(string)
assert 1 <= prefix < 32
addr = ''.join(part if '*' in part else part.rjust(4, '0')[-4:]
for part in filter.value.split(':'))
suffix = '.ip6.arpa'
else:
octets = subnet.split('.')
prefix = len(octets)
assert 1 <= prefix < 4
addr = filter.value.split('.')
suffix = '.in-addr.arpa'
addr_net, addr_host = [
'.'.join(reversed(_)) for _ in (addr[:prefix], addr[prefix:])
]
filter = conjunction('&', [
expression('zoneName', addr_net + suffix),
expression('relativeDomainName', addr_host or '*', escape=False),
])
return filter
def lookup(co,
lo,
filter_s,
base='',
superordinate=None,
scope='sub',
unique=0,
required=0,
timeout=-1,
sizelimit=0):
"""Search for UVMM profile objects."""
filter_expr = udm_filter.conjunction('&', [
udm_filter.expression('objectClass',
'univentionVirtualMachineProfile'),
])
if filter_s:
filter_p = udm_filter.parse(filter_s)
udm_filter.walk(filter_p,
univention.admin.mapping.mapRewrite,
arg=mapping)
filter_expr.expressions.append(filter_p)
return [
object(co, lo, None, dn) for dn in lo.searchDn(unicode(
filter_expr), base, scope, unique, required, timeout, sizelimit)
]
def lookup(co,
lo,
filter_s,
base='',
superordinate=None,
scope='sub',
unique=0,
required=0,
timeout=-1,
sizelimit=0):
filter = udm_filter.conjunction(
'&', [udm_filter.expression('objectClass', 'umcPolicy')])
if filter_s:
filter_p = udm_filter.parse(filter_s)
udm_filter.walk(filter_p, udm_mapping.mapRewrite, arg=mapping)
filter.expressions.append(filter_p)
res = []
try:
for dn, attrs in lo.search(unicode(filter), base, scope, [], unique,
required, timeout, sizelimit):
res.append(object(co, lo, None, dn, attributes=attrs))
except:
pass
return res
def lookup_filter(filter_s=None, lo=None):
"""
Return LDAP search filter for UVMM Cloud Connection entries.
"""
ldap_filter = udm_filter.conjunction('&', [
udm_filter.expression('objectClass', 'univentionVirtualMachineCloudConnection'),
])
ldap_filter.append_unmapped_filter_string(filter_s, udm_mapping.mapRewrite, mapping)
return unicode(ldap_filter)
def build_easy_filter(cls, filter_str):
if filter_str:
sanitizer = LDAPSearchSanitizer()
filter_str = sanitizer.sanitize('filter_str',
{'filter_str': filter_str})
expressions = []
for key in cls._attrs_for_easy_filter():
expressions.append(expression(key, filter_str))
if expressions:
return conjunction('|', expressions)
def lookup(co, lo, filter_s, base='', superordinate=None, scope='sub', unique=False, required=False, timeout=-1, sizelimit=0):
filter = udm_filter.conjunction('&', [
udm_filter.expression('objectClass', 'umcOperationSet')
])
if filter_s:
filter_p = udm_filter.parse(filter_s)
udm_filter.walk(filter_p, udm_mapping.mapRewrite, arg=mapping)
filter.expressions.append(filter_p)
return object.lookup(co, lo, filter, base, superordinate, scope, unique, required, timeout, sizelimit)
def lookup(co, lo, filter_s, base='', superordinate=None, scope='sub', unique=0, required=0, timeout=-1, sizelimit=0):
"""Search for UVMM profile objects."""
filter_expr = udm_filter.conjunction('&', [
udm_filter.expression('objectClass', 'univentionVirtualMachineProfile'),
])
if filter_s:
filter_p = udm_filter.parse(filter_s)
udm_filter.walk(filter_p, univention.admin.mapping.mapRewrite, arg=mapping)
filter_expr.expressions.append(filter_p)
return [object(co, lo, None, dn)
for dn in lo.searchDn(unicode(filter_expr), base, scope, unique, required, timeout, sizelimit)]
def search_objects(_module, _lo, _pos, _base='', **kwargs):
module = _get_module(_module, _lo, _pos)
expressions = []
conj = udm_filter.conjunction('&', expressions)
for key, value in kwargs.iteritems():
expressions.append(
udm_filter.expression(key, escape_filter_chars(value), '='))
try:
objs = module.lookup(None, _lo, str(conj), base=_base)
except udm_errors.noObject:
objs = []
for obj in objs:
udm_objects.open(obj)
return objs
def lookup( co, lo, filter_s, base = '', superordinate = None, scope = 'sub', unique = 0, required = 0, timeout = -1, sizelimit = 0 ):
filter=udm_filter.conjunction('&', [
udm_filter.expression('objectClass', 'umcOperationSet')
])
if filter_s:
filter_p=udm_filter.parse(filter_s)
udm_filter.walk( filter_p, udm_mapping.mapRewrite, arg=mapping)
filter.expressions.append(filter_p)
res=[]
try:
for dn in lo.searchDn(unicode(filter), base, scope, unique, required, timeout, sizelimit):
res.append(object(co, lo, None, dn))
except:
pass
return res
def lookup_filter(filter_s=None, lo=None):
filter_expr = conjunction('&', [expression('objectClass', 'ipService')])
filter_expr.append_unmapped_filter_string(filter_s, mapRewrite, mapping)
return filter_expr
def unmapped_lookup_filter(cls):
return udm_filter.conjunction(
'&', [udm_filter.expression('objectClass', 'umcPolicy')])
def get_shares(self,
pattern,
ldap_user_read=None,
ldap_position=None,
search_base=None):
result = {}
result['shares'] = []
if not search_base.availableSchools:
MODULE.error('%s.query: No schools available to this user!' %
(self.module_name, ))
return result # empty
# sanitize the search pattern to match only role shares and only in ou
role_specified = self.valid_role_from_roleshare_name(pattern)
school_ou_specified = self.valid_school_from_roleshare_name(
pattern, search_base.availableSchools)
udm_filter = None
if school_ou_specified:
if role_specified:
udm_filter = pattern
else:
hints = []
for role in supported_roles:
hints.append(expression('name', "-".join((role, pattern))))
udm_filter = conjunction('&', hints)
else:
if role_specified:
hints = []
for school_ou in search_base.availableSchools:
hints.append(
expression('name', "-".join((pattern, school_ou))))
if hints:
udm_filter = conjunction('&', hints)
else:
# invalid pattern, ignore
hints = []
for role in supported_roles:
for school_ou in search_base.availableSchools:
hints.append(
expression('name', "-".join((role, school_ou))))
if hints:
udm_filter = conjunction('&', hints)
if not udm_filter:
MODULE.error('%s.query: invalid search filter: %s' % (
self.module_name,
pattern,
))
return result # empty
udm_modules.init(ldap_user_read, ldap_position,
udm_modules.get(self.udm_module_name))
res = udm_modules.lookup(self.udm_module_name,
None,
ldap_user_read,
base=ucr['ldap/base'],
scope='sub',
filter=udm_filter)
result['shares'] = [obj['name'] for obj in res]
return result
