def updatePPolicy(self, ppolicyName):
"""
Update the pwdPolicySubentry attribute of the current user
"""
if self.hasPPolicy():
if not ppolicyName:
return self.removePPolicy()
else:
# get the ppolicy dn
ppolicyDN = PPolicy().getPPolicy(ppolicyName)[0]
r = AF().log(PLUGIN_NAME, AA.PPOLICY_MOD_USER_PPOLICY,
[(self.dn, AT.USER)])
try:
self.l.modify_s(
self.dn,
[(ldap.MOD_REPLACE, 'pwdPolicySubentry', ppolicyDN)])
ppolicy_applied.send(sender=self, ppolicy_name=ppolicyName)
r.commit()
except ldap.UNDEFINED_TYPE:
logger.error("Attribute %s isn't defined on ldap" %
'pwdPolicySubentry')
except ldap.INVALID_SYNTAX:
logger.error(
"Invalid Syntax from the attribute value of %s on ldap"
% 'pwdPolicySubentry')
return True
else:
return self.addPPolicy(ppolicyName)
return False
def addPPolicy(self, ppolicyName):
"""
Add the pwdPolicy and pwdPolicySubentry objectClass to the current user,
and set the pwdPolicySubentry attribute to the select ppolicy DN
"""
if not self.hasPPolicy():
r = AF().log(PLUGIN_NAME, AA.PPOLICY_ADD_USER_PPOLICY, [(self.dn, AT.USER)])
# Get current user entry
s = self.l.search_s(self.dn, ldap.SCOPE_BASE, attrlist=['+', '*'])
c, old = s[0]
new = copy.deepcopy(old)
if not "pwdPolicy" in new["objectClass"]:
new["objectClass"].append("pwdPolicy")
new["pwdAttribute"] = "userPassword"
new['pwdPolicySubentry'] = PPolicy().getPPolicy(ppolicyName)[0]
# Update LDAP
modlist = ldap.modlist.modifyModlist(old, new)
self.l.modify_s(self.dn, modlist)
r.commit()
ppolicy_applied.send(sender=self, ppolicy_name=ppolicyName)
return True
return False
def addPPolicy(self, ppolicyName):
"""
Add the pwdPolicy and pwdPolicySubentry objectClass to the current user,
and set the pwdPolicySubentry attribute to the select ppolicy DN
"""
if not self.hasPPolicy():
r = AF().log(PLUGIN_NAME, AA.PPOLICY_ADD_USER_PPOLICY, [(self.dn, AT.USER)])
# Get current user entry
s = self.l.search_s(self.dn, ldap.SCOPE_BASE, attrlist=['+', '*'])
c, old = s[0]
new = copy.deepcopy(old)
if not "pwdPolicy" in new["objectClass"]:
new["objectClass"].append("pwdPolicy")
new["pwdAttribute"] = "userPassword"
new['pwdPolicySubentry'] = PPolicy().getPPolicy(ppolicyName)[0]
# Update LDAP
modlist = ldap.modlist.modifyModlist(old, new)
self.l.modify_s(self.dn, modlist)
r.commit()
ppolicy_applied.send(sender=self, ppolicy_name=ppolicyName)
return True
return False
def updatePPolicy(self, ppolicyName):
"""
Update the pwdPolicySubentry attribute of the current user
"""
if self.hasPPolicy():
if not ppolicyName:
return self.removePPolicy()
else:
# get the ppolicy dn
ppolicyDN = PPolicy().getPPolicy(ppolicyName)[0]
r = AF().log(PLUGIN_NAME, AA.PPOLICY_MOD_USER_PPOLICY, [(self.dn, AT.USER)])
try:
self.l.modify_s(self.dn, [(ldap.MOD_REPLACE, 'pwdPolicySubentry', ppolicyDN)])
ppolicy_applied.send(sender=self, ppolicy_name=ppolicyName)
r.commit()
except ldap.UNDEFINED_TYPE:
logger.error("Attribute %s isn't defined on ldap" % 'pwdPolicySubentry')
except ldap.INVALID_SYNTAX:
logger.error("Invalid Syntax from the attribute value of %s on ldap" % 'pwdPolicySubentry')
return True
else:
return self.addPPolicy(ppolicyName)
return False
