def fix_openldap_ePSA(self):
schema_file = '/opt/symas/etc/openldap/schema/eduperson.schema'
schema = parse_open_ldap_schema(schema_file)
for a in schema['attributes']:
if 'eduPersonScopedAffiliation' in a.names:
break
else:
logging.info("Fixing eduperson.schema for eduPersonScopedAffiliation")
a_str = "( 1.3.6.1.4.1.5923.1.1.1.9 NAME 'eduPersonScopedAffiliation' DESC 'eduPerson per Internet2 and EDUCAUSE' EQUALITY caseIgnoreMatch SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' )"
ePSA_attr = AttributeType(a_str)
schema['attributes'].append(ePSA_attr)
for o in schema['objectclasses']:
if 'eduPerson' in o.names:
may_list = list(o.may)
may_list.append('eduPersonScopedAffiliation')
o.may = tuple(may_list)
with open(schema_file, 'w') as outfile:
for atyp in schema['attributes']:
outfile.write('attributetype {}\n'.format(atyp.__str__()))
for ocls in schema['objectclasses']:
outfile.write('objectclass {}\n'.format(ocls.__str__()))
def parse_open_ldap_schema(fn):
f = open(fn).readlines()
entry_finished = True
new_entry = []
new_object = []
attributes = []
objectclasses = []
for i, l in enumerate(f):
if l.lower().startswith('attributetype') or l.lower().startswith(
'objectclass') or (i == len(f) - 1):
entry_finished = False
objs = ' '.join(new_entry)
if objs.lower().startswith('attributetype'):
attributes.append(AttributeType(objs[14:]))
elif objs.lower().startswith('objectclass'):
objectclasses.append(ObjectClass(objs[12:]))
new_entry = []
if not entry_finished:
if not l.startswith('#'):
ls = l.strip()
if ls:
new_entry.append(ls)
return {'attributes': attributes, 'objectclasses': objectclasses}
def home():
try:
appconf = AppConfiguration.query.first()
except:
return render_template('index_nodb.html')
if not appconf:
return render_template('intro.html', setup='cluster')
print appconf.object_class_base
if not appconf.object_class_base:
return redirect(url_for('attributes.object_class'))
server = Server.query.filter_by(primary_server=True).first()
ldp = getLdapConn(server.hostname, "cn=directory manager",
server.ldap_password)
attrib_list_in_class = []
objcl_s = ldp.getObjectClass(appconf.object_class_base)
if objcl_s:
objcl_obj = ObjectClass(objcl_s)
attrib_list_in_class = list(objcl_obj.may)
attrib_list = []
attrib_list_s = ldp.getCustomAttributes()
attrib_list = [AttributeType(str(a)) for a in attrib_list_s]
return render_template('attributes.html',
attrib_list_in_class=attrib_list_in_class,
attrib_list=attrib_list,
ojectclass=appconf.object_class_base)
def repopulate_objectclass():
server = Server.query.filter_by(primary_server=True).first()
appconf = AppConfiguration.query.first()
setup_prop = get_setup_properties()
inumOrg = setup_prop['inumOrg']
inumOrgFN = inumOrg.replace('@', '').replace('!', '').replace('.', '')
ldp = getLdapConn(server.hostname, "cn=directory manager",
server.ldap_password)
ldp = getLdapConn(server.hostname, "cn=directory manager",
server.ldap_password)
attrib_list_in_class = []
objcl_s = ldp.getObjectClass(appconf.object_class_base)
attrib_list_s = ldp.getCustomAttributes()
attrib_list = [AttributeType(str(a)) for a in attrib_list_s]
attrib_name_list = [a.names[0] for a in attrib_list]
r = ldp.addAtributeToObjectClass(appconf.object_class_base,
attrib_name_list)
if not r[0]:
flash(r[1], 'danger')
else:
flash("Object Class re-populated", 'success')
return redirect(url_for('attributes.home'))
def addAttribute(self, attribute, editing=None, objcls=None):
print "EDITING", editing
name = "'{}'".format(attribute.names[0])
atrributes = self.getAttributes()
for ats in atrributes[0]['attributes']['attributeTypes']:
if editing:
if editing in ats:
a = AttributeType(str(ats))
r = self.removeAtributeFromObjectClass(objcls, a.names[0])
if not r:
return False, self.conn.result['description']
r = self.removeAttribute(editing)
if not r[0]:
return r
else:
if name in ats:
return False, 'This attribute name exists'
r = self.conn.modify("cn=schema", {'attributeTypes': [MODIFY_ADD, attribute]})
if r:
return True, ''
else:
return False, self.conn.result['description']
def opendjSchemaDataTypes(schemaDir):
from ldif import LDIFParser
from ldap.schema import AttributeType
class myLdifParser(LDIFParser):
def __init__(self, ldif_file):
LDIFParser.__init__(self, open(ldif_file,'rb'))
self.entries = []
def handle(self, dn, entry):
self.entries.append((dn, entry))
attribTypes = {
'string': [],
'boolean': [],
'integer': [],
"json": []
}
for schema in glob.glob(os.path.join(schemaDir, '*.ldif')):
print "processing", schema
ldif_parser = myLdifParser(schema)
ldif_parser.parse()
if 'attributeTypes' in ldif_parser.entries[0][1]:
for attrib in ldif_parser.entries[0][1]['attributeTypes']:
atrribute_ype = AttributeType(attrib)
if atrribute_ype.syntax in syntaxType:
atype = syntaxType[atrribute_ype.syntax]
else:
atype = 'string'
for name in atrribute_ype.names:
attribTypes[atype].append(name)
return attribTypes
def handle(self, dn, entry):
self.schema = {
'dn': dn,
'objectClass': entry['objectClass'],
'objectClasses': [],
'attributeTypes': [],
'ldapSyntaxes': entry.get('ldapSyntaxes', []),
}
for ocls in entry.get('objectClasses', []):
o = ObjectClass(ocls)
self.schema['objectClasses'].append(o)
for name in o.names:
self.class_names.append(name)
for atyp in entry.get('attributeTypes', []):
a = AttributeType(atyp)
self.schema['attributeTypes'].append(a)
for name in a.names:
self.attribute_names.append(name)
for fn in file_list:
f = open(fn).readlines()
entry_finished = True
new_entry= []
new_object = []
attributes = []
objectclasses = []
for i,l in enumerate(f):
if l.lower().startswith('attributetype') or l.lower().startswith('objectclass') or (i==len(f)-1):
entry_finished = False
objs = ' '.join(new_entry)
if objs.lower().startswith('attributetype'):
attributes.append(AttributeType(objs[14:]))
elif objs.lower().startswith('objectclass'):
objectclasses.append(ObjectClass(objs[12:]))
new_entry = []
if not entry_finished:
if not l.startswith('#'):
ls = l.strip()
if ls:
new_entry.append(ls)
spath, sfile = os.path.split(fn)
fname, fext = os.path.splitext(sfile)
opendj_fn = 'opendj_schema/{}-{}.ldif'.format(c,fname)
def add_attribute(
self,
oid,
names,
syntax,
origin,
desc='',
sup=(),
substr='',
equality='',
single_value=False,
obsolete=False,
ordering=None,
x_ordered=None,
syntax_len=None,
collective=False,
no_user_mod=False,
usage=0,
):
a = AttributeType()
a.oid = oid
a.names = tuple(names)
a.syntax = syntax
a.x_origin = origin
a.desc = desc
a.sup = sup
a.equality = equality
a.substr = substr
a.single_value = single_value
a.obsolete = obsolete
a.x_ordered = x_ordered
a.ordering = ordering
a.syntax_len = syntax_len
a.collective = collective
a.no_user_mod = no_user_mod
a.usage = usage
self.schema['attributeTypes'].append(a)
for name in a.names:
self.attribute_names.append(name)
def add_attributes(self, s):
a = AttributeType(s)
self.schema['attributeTypes'].append(a)
for name in a.names:
self.attribute_names.append(name)
def edit_attribute():
server = Server.query.filter_by(primary_server=True).first()
appconf = AppConfiguration.query.first()
editing = request.args.get('oid')
syntax_file = os.path.join(app.config["DATA_DIR"], 'syntaxes.json')
setup_prop = get_setup_properties()
inumOrg = setup_prop['inumOrg']
inumOrgFN = inumOrg.replace('@', '').replace('!', '').replace('.', '')
ldp = getLdapConn(server.hostname, "cn=directory manager",
server.ldap_password)
if not os.path.exists(syntax_file):
ldap_response = ldp.getSyntaxes()
attr_list = []
for ats in ldap_response[0]['attributes']['ldapSyntaxes']:
a = AttributeType(str(ats))
attr_list.append((a.oid, a.desc))
with open(syntax_file, 'w') as sf:
json.dump(attr_list, sf)
else:
attr_list = json.loads(open(syntax_file).read())
form = LdapSchema()
form.syntax.choices = attr_list
if request.method == 'GET':
if editing:
a_s = ldp.getAttributebyOID(editing)
if a_s:
a = AttributeType(str(a_s))
form.oid.data = a.oid
form.names.data = ' '.join(a.names)
form.desc.data = a.desc
form.syntax_len.data = a.syntax_len
form.syntax.data = a.syntax
form.single_value.data = a.single_value
form.collective.data = a.collective
if a.substr:
form.substr.data = a.substr
if a.equality:
form.equality.data = a.equality
if a.ordering:
form.ordering.data = a.ordering
if request.method == 'POST':
if form.validate_on_submit():
oid = form.oid.data
if not oid:
if not appconf.attribute_oid:
appconf.attribute_oid = 100
oid_postfix = appconf.attribute_oid
oid = '1.3.6.1.4.1.48710.1.5.{}'.format(oid_postfix)
appconf.attribute_oid += 1
db.session.commit()
names = form.names.data.strip().replace(' ', '')
x_origin = inumOrgFN
desc = form.desc.data.strip()
syntax_len = form.syntax_len.data
syntax = form.syntax.data
substr = form.substr.data
single_value = form.single_value.data
collective = form.collective.data
equality = form.equality.data
ordering = form.ordering.data
a = AttributeType()
a = AttributeType()
a.oid = str(oid)
a.names = (str(names), )
a.syntax = str(syntax)
a.x_origin = str(x_origin)
a.desc = str(desc)
a.sup = ()
a.equality = str(equality)
a.substr = str(substr)
a.single_value = single_value
a.x_ordered = ''
a.ordering = str(ordering)
a.syntax_len = syntax_len
a.collective = collective
a.no_user_mod = False
a.usage = False
a.obsolete = False
result = ldp.addAttribute(a, editing, appconf.object_class_base)
if not result[0]:
flash(result[1], 'danger')
else:
flash('Attribute {} was added'.format(names), 'success')
r = ldp.addAtributeToObjectClass(appconf.object_class_base,
names)
if r[0]:
flash(
'Attribute {} was added to object class {}'.format(
names, appconf.object_class_base), 'success')
return redirect(url_for('attributes.home'))
else:
flash(
'Could not add attribute {} to object class {}. Reason: {}'
.format(names, appconf.object_class_base,
r[1]), 'danger')
return render_template('schema_form.html', form=form)