def lookup(co, lo, filter_s, base='', superordinate=None, scope='sub', unique=0, required=0, timeout=-1, sizelimit=0): filter = udm_filter.conjunction( '&', [udm_filter.expression('objectClass', 'umcPolicy')]) if filter_s: filter_p = udm_filter.parse(filter_s) udm_filter.walk(filter_p, udm_mapping.mapRewrite, arg=mapping) filter.expressions.append(filter_p) res = [] try: for dn, attrs in lo.search(unicode(filter), base, scope, [], unique, required, timeout, sizelimit): res.append(object(co, lo, None, dn, attributes=attrs)) except: pass return res
def lookup(co, lo, filter_s, base='', superordinate=None, scope='sub', unique=0, required=0, timeout=-1, sizelimit=0): """Search for UVMM profile objects.""" filter_expr = udm_filter.conjunction('&', [ udm_filter.expression('objectClass', 'univentionVirtualMachineProfile'), ]) if filter_s: filter_p = udm_filter.parse(filter_s) udm_filter.walk(filter_p, univention.admin.mapping.mapRewrite, arg=mapping) filter_expr.expressions.append(filter_p) return [ object(co, lo, None, dn) for dn in lo.searchDn(unicode( filter_expr), base, scope, unique, required, timeout, sizelimit) ]
def lookup(cls, lo, school, filter_s='', superordinate=None): filter_object_type = conjunction('&', [ parse(cls.type_filter), parse(filter_format('ucsschoolSchool=%s', [school])) ]) if filter_s: filter_object_type = conjunction( '&', [filter_object_type, parse(filter_s)]) objects = udm_modules.lookup(cls._meta.udm_module, None, lo, filter=unicode(filter_object_type), scope='sub', superordinate=superordinate) objects.extend(obj for obj in super(User, cls).lookup( lo, school, filter_s, superordinate=superordinate) if not any(obj.dn == x.dn for x in objects)) return objects
def lookup_filter(filter_s=None, lo=None): """ Return LDAP search filter for UVMM Cloud Connection entries. """ ldap_filter = udm_filter.conjunction('&', [ udm_filter.expression('objectClass', 'univentionVirtualMachineCloudConnection'), ]) ldap_filter.append_unmapped_filter_string(filter_s, udm_mapping.mapRewrite, mapping) return unicode(ldap_filter)
def build_easy_filter(cls, filter_str): if filter_str: sanitizer = LDAPSearchSanitizer() filter_str = sanitizer.sanitize('filter_str', {'filter_str': filter_str}) expressions = [] for key in cls._attrs_for_easy_filter(): expressions.append(expression(key, filter_str)) if expressions: return conjunction('|', expressions)
def guess_username(self, lo, date_format): # already provided. use this one if self.name: return self.name # search database hints = [] if self.lastname: hints.append( expression('lastname', escape_filter_chars(self.lastname))) if self.firstname: hints.append( expression('firstname', escape_filter_chars(self.firstname))) if self.birthday: hints.append( expression( 'birthday', escape_filter_chars( unformat_date(self.birthday, date_format)))) if hints: ldap_filter = conjunction('&', hints) udm_obj = self.get_first_udm_obj(lo, str(ldap_filter)) if udm_obj: return udm_obj['username'] # generate a reasonable one firstname = u'' if self.firstname: firstname = u'%s' % (self.firstname.split()[0].lower(), ) lastname = u'' if self.lastname: lastname = u'%s' % (self.lastname.split()[-1].lower()) firstname = self.RE_UID_INVALID.sub('', firstname) lastname = self.RE_UID_INVALID.sub('', lastname) def replace_invalid_chars(u): return re.sub(r'^(?:[^\w]+)?(.*?)(?:[^\w]+)?$', r'\1', u, re.UNICODE) if ucr.is_true( 'ucsschool/csvimport/username/generation/firstname_lastname', False): username = firstname + (u'.' if firstname else u'') + lastname return replace_invalid_chars(username) if firstname: firstname = firstname[:5] + '.' username = firstname + lastname[:5] maxlength = 20 - len( ucr.get('ucsschool/ldap/default/userprefix/exam', 'exam-')) return replace_invalid_chars(username[:maxlength])
def lookup(co, lo, filter_s, base='', superordinate=None, scope='sub', unique=False, required=False, timeout=-1, sizelimit=0): filter = udm_filter.conjunction('&', [ udm_filter.expression('objectClass', 'umcOperationSet') ]) if filter_s: filter_p = udm_filter.parse(filter_s) udm_filter.walk(filter_p, udm_mapping.mapRewrite, arg=mapping) filter.expressions.append(filter_p) return object.lookup(co, lo, filter, base, superordinate, scope, unique, required, timeout, sizelimit)
def lookup(co, lo, filter_s, base='', superordinate=None, scope='sub', unique=0, required=0, timeout=-1, sizelimit=0): """Search for UVMM profile objects.""" filter_expr = udm_filter.conjunction('&', [ udm_filter.expression('objectClass', 'univentionVirtualMachineProfile'), ]) if filter_s: filter_p = udm_filter.parse(filter_s) udm_filter.walk(filter_p, univention.admin.mapping.mapRewrite, arg=mapping) filter_expr.expressions.append(filter_p) return [object(co, lo, None, dn) for dn in lo.searchDn(unicode(filter_expr), base, scope, unique, required, timeout, sizelimit)]
def search_objects(_module, _lo, _pos, _base='', **kwargs): module = _get_module(_module, _lo, _pos) expressions = [] conj = udm_filter.conjunction('&', expressions) for key, value in kwargs.iteritems(): expressions.append( udm_filter.expression(key, escape_filter_chars(value), '=')) try: objs = module.lookup(None, _lo, str(conj), base=_base) except udm_errors.noObject: objs = [] for obj in objs: udm_objects.open(obj) return objs
def rewrite_rev(filter, subnet): """Rewrite LDAP filter expression and convert (ip) -> (zone,reversed) >>> rewrite_rev(expression('ip', '1.2.3.4'), subnet='1.2') conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '4.3', '=')]) >>> rewrite_rev(expression('ip', '1.2.3.*', escape=False), subnet='1.2') conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '*.3', '=')]) >>> rewrite_rev(expression('ip', '1.2.*.*', escape=False), subnet='1.2') conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '*.*', '=')]) >>> rewrite_rev(expression('ip', '1.2.*.4', escape=False), subnet='1.2') conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '4.*', '=')]) >>> rewrite_rev(expression('ip', '1.2.*', escape=False), subnet='1.2') conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '*', '=')]) >>> rewrite_rev(expression('ip', '1:2:3:4:5:6:7:8'), subnet='0001:0002') conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '8.0.0.0.7.0.0.0.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0', '=')]) >>> rewrite_rev(expression('ip', '1:2:3:4:5:6:7:*', escape=False), subnet='0001:0002') conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '*.7.0.0.0.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0', '=')]) >>> rewrite_rev(expression('ip', '1:2:3:4:5:6:*:8', escape=False), subnet='0001:0002') conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '8.0.0.0.*.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0', '=')]) >>> rewrite_rev(expression('ip', '1:2:3:*', escape=False), subnet='0001:0002') conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '*.3.0.0.0', '=')]) """ if isinstance(filter, conjunction): filter.expressions = [ rewrite_rev(expr, subnet) for expr in filter.expressions ] if isinstance(filter, expression) and filter.variable == 'ip': if ':' in subnet: string = ''.join(subnet.split(':')) prefix = len(string) assert 1 <= prefix < 32 addr = ''.join(part if '*' in part else part.rjust(4, '0')[-4:] for part in filter.value.split(':')) suffix = '.ip6.arpa' else: octets = subnet.split('.') prefix = len(octets) assert 1 <= prefix < 4 addr = filter.value.split('.') suffix = '.in-addr.arpa' addr_net, addr_host = [ '.'.join(reversed(_)) for _ in (addr[:prefix], addr[prefix:]) ] filter = conjunction('&', [ expression('zoneName', addr_net + suffix), expression('relativeDomainName', addr_host or '*', escape=False), ]) return filter
def lookup( co, lo, filter_s, base = '', superordinate = None, scope = 'sub', unique = 0, required = 0, timeout = -1, sizelimit = 0 ): filter=udm_filter.conjunction('&', [ udm_filter.expression('objectClass', 'umcOperationSet') ]) if filter_s: filter_p=udm_filter.parse(filter_s) udm_filter.walk( filter_p, udm_mapping.mapRewrite, arg=mapping) filter.expressions.append(filter_p) res=[] try: for dn in lo.searchDn(unicode(filter), base, scope, unique, required, timeout, sizelimit): res.append(object(co, lo, None, dn)) except: pass return res
def get_all(cls, lo, school, filter_str=None, easy_filter=False, superordinate=None): ''' Returns a list of all objects that can be found in cls.get_container() with the correct udm_module If filter_str is given, all udm properties with include_in_default_search are queried for that string (so that it should be the value) ''' cls.init_udm_module(lo) complete_filter = cls._meta.udm_filter if easy_filter: filter_from_filter_str = cls.build_easy_filter(filter_str) else: filter_from_filter_str = filter_str if filter_from_filter_str: if complete_filter: complete_filter = conjunction( '&', [complete_filter, filter_from_filter_str]) else: complete_filter = filter_from_filter_str complete_filter = str(complete_filter) logger.debug('Getting all %s of %s with filter %r', cls.__name__, school, complete_filter) ret = [] for udm_obj in cls.lookup(lo, school, complete_filter, superordinate=superordinate): udm_obj.open() try: ret.append(cls.from_udm_obj(udm_obj, school, lo)) except UnknownModel: continue return ret
def lookup_filter(filter_s=None, lo=None): filter_expr = conjunction('&', [expression('objectClass', 'ipService')]) filter_expr.append_unmapped_filter_string(filter_s, mapRewrite, mapping) return filter_expr
def unmapped_lookup_filter(cls): return udm_filter.conjunction( '&', [udm_filter.expression('objectClass', 'umcPolicy')])
def get_shares(self, pattern, ldap_user_read=None, ldap_position=None, search_base=None): result = {} result['shares'] = [] if not search_base.availableSchools: MODULE.error('%s.query: No schools available to this user!' % (self.module_name, )) return result # empty # sanitize the search pattern to match only role shares and only in ou role_specified = self.valid_role_from_roleshare_name(pattern) school_ou_specified = self.valid_school_from_roleshare_name( pattern, search_base.availableSchools) udm_filter = None if school_ou_specified: if role_specified: udm_filter = pattern else: hints = [] for role in supported_roles: hints.append(expression('name', "-".join((role, pattern)))) udm_filter = conjunction('&', hints) else: if role_specified: hints = [] for school_ou in search_base.availableSchools: hints.append( expression('name', "-".join((pattern, school_ou)))) if hints: udm_filter = conjunction('&', hints) else: # invalid pattern, ignore hints = [] for role in supported_roles: for school_ou in search_base.availableSchools: hints.append( expression('name', "-".join((role, school_ou)))) if hints: udm_filter = conjunction('&', hints) if not udm_filter: MODULE.error('%s.query: invalid search filter: %s' % ( self.module_name, pattern, )) return result # empty udm_modules.init(ldap_user_read, ldap_position, udm_modules.get(self.udm_module_name)) res = udm_modules.lookup(self.udm_module_name, None, ldap_user_read, base=ucr['ldap/base'], scope='sub', filter=udm_filter) result['shares'] = [obj['name'] for obj in res] return result