def get_object_real( self, module, dn ): if self._cached.has_key( dn ): return self._cached[ dn ] if isinstance( module, basestring ): if self._modules.has_key( module ): module = self._modules[ module ] else: name = module module = ua_modules.get( name ) ua_modules.init( self._access, self._position, module ) self._modules[ name ] = module elif module == None: module = self.identify( dn ) if not module: return None ua_modules.init( self._access, self._position, module ) new = ua_objects.get( module, self._config, self._access, position = self._position, dn = dn ) # if the object is not valid it should be displayed as an empty object try: new.open() except Exception, e: # write the traceback in the logfile import traceback ud.debug( ud.ADMIN, ud.ERROR, 'The object %s could not be opened' % dn ) try: tb = traceback.format_exc().encode( 'ascii', 'replace' ).replace( '%', '?' ) # this might fail because of problems with univention.debug ud.debug( ud.ADMIN, ud.ERROR, 'Traceback: %s' % tb ) except: pass
def init_object(module, lo, pos, dn='', attrs=None):
module = _get_module(module, lo, pos)
obj = udm_objects.get(module, None, lo, pos, dn)
udm_objects.open(obj)
if attrs:
if 'policies' in attrs:
obj.policies = attrs.pop('policies')
for key, value in attrs.iteritems():
obj[key] = value
return obj
def get_user_object(userdn, password):
lo, po = get_user_connection(userdn, password)
if not lo:
return
try:
# try to open the user object
user = udm_objects.get(users_module, None, lo, po, userdn)
if not user:
raise udm_errors.noObject()
user.open()
return user
except (udm_errors.base, LDAPError) as exc:
CORE.warn('Failed to open UDM user object %s: %s' % (userdn, exc))
def get_object_real(self, module, dn):
if dn in self._cached:
return self._cached[dn]
if isinstance(module, basestring):
if module in self._modules:
module = self._modules[module]
else:
name = module
module = ua_modules.get(name)
ua_modules.init(self._access, self._position, module)
self._modules[name] = module
elif module is None:
module = self.identify(dn)
if not module:
return None
ua_modules.init(self._access, self._position, module)
new = ua_objects.get(module,
None,
self._access,
position=self._position,
dn=dn)
# if the object is not valid it should be displayed as an empty object
try:
new.open()
except Exception:
# write the traceback in the logfile
import traceback
ud.debug(ud.ADMIN, ud.ERROR,
'The object %s could not be opened' % dn)
try:
tb = traceback.format_exc().encode('ascii', 'replace').replace(
'%', '?')
# this might fail because of problems with univention.debug
ud.debug(ud.ADMIN, ud.ERROR, 'Traceback: %s' % tb)
except:
pass
for key, value in new.items():
from univention.directory.reports.document import Document
if self._format in (Document.TYPE_LATEX, Document.TYPE_RML):
i, j = self.format_property(new.descriptions, key, value)
new.info[i] = j
else:
new.info[key] = value
self._get_policies(new)
self._cached[dn] = new
return new
def find(self, nameserver):
filter_expression = nameserver.build_filter()
for (dn, attr) in self.ldap_connection.search(filter_expression):
if dn:
for module in udm_modules.identify(dn, attr):
record = udm_objects.get(module,
None,
self.ldap_connection,
self.position,
dn,
attr=attr,
attributes=attr)
record.open()
return record
raise RecordNotFound()
def find(self, nameserver):
filter_expression = nameserver.build_filter()
MODULE.process("Trying to find nameserver %s in UDM/LDAP" %
(nameserver.fqdn()))
MODULE.process("Similar to running: univention-ldapsearch '%s'" %
(filter_expression))
for (dn, attr) in self.ldap_connection.search(filter_expression):
if dn:
for module in udm_modules.identify(dn, attr):
record = udm_objects.get(module,
None,
self.ldap_connection,
self.position,
dn,
attr=attr,
attributes=attr)
record.open()
return record
raise RecordNotFound()
def _get_user_obj(self):
try:
# make sure that the UDM users/user module could be initiated
if not users_module:
raise udm_errors.base('UDM module users/user could not be initiated')
# open an LDAP connection with the user password and credentials
lo = udm_uldap.access(host = ucr.get('ldap/server/name'), base = ucr.get('ldap/base'), port = int(ucr.get('ldap/server/port', '7389')), binddn = self.__user_dn, bindpw = self.__password, follow_referral=True)
# try to open the user object
userObj = udm_objects.get(users_module, None, lo, self.po, self.__user_dn)
if not userObj:
raise udm_errors.noObject()
userObj.open()
return userObj
except udm_errors.noObject as e:
CORE.warn('Failed to open UDM user object for user %s' % (self.__username))
except (udm_errors.base, ldap.LDAPError) as e:
CORE.warn('Failed to open UDM user object %s: %s' % (self.__user_dn, e))
return None
def groups_assign(self, request, ldap_user_read=None, ldap_position=None):
"""Assigns default rules to groups:
request.options = [ { 'group': <groupDN>, 'rule': <ruleName> }, ... ]
"""
MODULE.info('internetrules.groups_assign: options: %s' %
str(request.options))
# try to load all group rules
newRules = {}
rmRules = []
for ientry in request.options:
# make sure the group exists
igrp = udm_objects.get(udm_modules.get('groups/group'), None,
ldap_user_read, ldap_position,
ientry['group'])
if not igrp:
raise UMC_Error('unknown group object')
igrp.open()
# check the rule name
irule = ientry['rule']
if irule == '$default$':
# remove the rule
rmRules.append(igrp['name'])
else:
try:
# make sure the rule name is valid
self._parseRule(dict(name=irule))
except ValueError as exc:
raise UMC_Error(str(exc))
# add new rule
newRules[igrp['name']] = irule
# assign default filter rules to groups
rules.setGroupRuleName(newRules)
rules.unsetGroupRuleName(rmRules)
MODULE.info('internetrules.groups_assign: finished')
self.finished(request.id, True)
def get_object_real(self, module, dn):
if self._cached.has_key(dn):
return self._cached[dn]
if isinstance(module, basestring):
if self._modules.has_key(module):
module = self._modules[module]
else:
name = module
module = ua_modules.get(name)
ua_modules.init(self._access, self._position, module)
self._modules[name] = module
elif module == None:
module = self.identify(dn)
if not module:
return None
ua_modules.init(self._access, self._position, module)
new = ua_objects.get(module,
self._config,
self._access,
position=self._position,
dn=dn)
# if the object is not valid it should be displayed as an empty object
try:
new.open()
except Exception, e:
# write the traceback in the logfile
import traceback
ud.debug(ud.ADMIN, ud.ERROR,
'The object %s could not be opened' % dn)
try:
tb = traceback.format_exc().encode('ascii', 'replace').replace(
'%', '?')
# this might fail because of problems with univention.debug
ud.debug(ud.ADMIN, ud.ERROR, 'Traceback: %s' % tb)
except:
pass
