def test_read_entry_with_attribute_from_auxiliary_class(self):
if test_server_type != 'AD':
w = Writer(self.connection,
'inetorgperson',
auxiliary_class='homeInfo')
n = w.new('cn=' + testcase_id + 'new-3,' + test_base)
n.sn = 'sn-test-3'
n.homeState = 'state-test-3'
self.assertEqual(n.entry_status, STATUS_PENDING_CHANGES)
n.entry_commit_changes()
self.assertEqual(n.sn, 'sn-test-3')
self.assertEqual(n.homeState, 'state-test-3')
self.assertEqual(n.entry_status, STATUS_COMMITTED)
r = Reader(self.connection,
'inetorgperson',
test_base,
'(cn=' + testcase_id + 'new-3',
auxiliary_class='homeInfo')
r.search()
self.assertTrue(r[0].cn, testcase_id + 'new-3')
self.assertTrue(r[0].homeState, testcase_id + 'state-test-3')
w1 = Writer.from_cursor(r)
w1[0].entry_delete()
w1.commit()
def delete(self):
ldap_server = Server(host=self.server.server_host,
port=self.server.server_port,
use_ssl=self.server.start_tls,
get_info=ALL)
connection = Connection(server=ldap_server,
user=self.server.admin_username,
password=self.server.admin_password,
raise_exceptions=True,
authentication=NTLM)
connection.bind()
query = 'cn: {}'.format(self.group.name, )
cursor_reader = Reader(connection,
self.obj,
self.server.search_base,
query=query)
cursor_reader.search()
cursor_writer = Writer.from_cursor(cursor_reader)
if cursor_reader.entries:
ldap_group = cursor_writer[0]
ldap_group.entry_delete()
ldap_group.entry_commit_changes()
connection.unbind()
def reset_password(self):
ldap_server = Server(host=self.server.server_host,
port=self.server.server_port,
use_ssl=self.server.start_tls,
get_info=ALL)
connection = Connection(server=ldap_server,
user=self.server.admin_username,
password=self.server.admin_password,
raise_exceptions=True,
authentication=NTLM)
connection.bind()
cursor_reader = Reader(connection,
self.person,
self.server.search_base,
query=self.query)
cursor_reader.search()
cursor_writer = Writer.from_cursor(cursor_reader)
if cursor_reader.entries:
ldap_user = cursor_writer[0]
self._reset_password(connection, ldap_user)
ldap_user.entry_commit_changes()
connection.unbind()
def process_outbound_entry(queue_entry, ldap_connection):
""" Processes queue_entry and apply changes to the LDAP user/group.
Args:
queue_entry: (dict) A outbound_queue table entry. The mandatory keys in
the dict are:
{
"data": (dict containing current state of LDAP object)
"data_type": (str)
}
ldap_connection: (ldap Connection object) A bound ldap connection object.
Returns:
write_confirmation: (bool) Returns True if a change to LDAP occurred,
returns False if no LDAP changes occurred
"""
distinguished_name = get_distinguished_name(queue_entry)
data_type = queue_entry["data_type"]
if data_type == "group":
sawtooth_entry_filtered = outbound_group_filter(queue_entry["data"], "ldap")
elif data_type == "user":
# Outbound AD user changes is currently not supported
return False
object_def = ObjectDef(data_type, ldap_connection)
reader_cursor = Reader(ldap_connection, object_def, distinguished_name)
reader_cursor.search()
writer_cursor = Writer.from_cursor(reader_cursor)
if reader_cursor.entries:
LOGGER.debug("Updating AD %s: %s", data_type, distinguished_name)
validated_entry = validate_update_entry(sawtooth_entry_filtered, data_type)
# Grab current state of user/group in LDAP
ldap_resource = writer_cursor[0]
# Update AD user/group
for ad_attribute in validated_entry:
ldap_current_value = ldap_resource[ad_attribute].value
if ad_attribute != "distinguishedName" and validated_entry[ad_attribute]:
# Convert member list to list if value is a string
if ad_attribute == "member" and isinstance(ldap_current_value, str):
ldap_current_value = [ldap_current_value]
# Sort lists for comparison
if isinstance(ldap_current_value, list):
ldap_current_value.sort()
validated_entry[ad_attribute].sort()
if ldap_current_value != validated_entry[ad_attribute]:
ldap_resource[ad_attribute] = validated_entry[ad_attribute]
return ldap_resource.entry_commit_changes()
LOGGER.debug("AD %s %s was not found.", data_type, distinguished_name)
return False
def test_modify_entry_with_attrdef_with_friendly_name(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'new-9', attributes={test_multivalued_attribute: testcase_id + 'friendly-attr-name-1'}))
a = AttrDef(name=test_multivalued_attribute, key='myname')
o = ObjectDef('inetorgperson')
o += a
r = Reader(self.connection, o, test_base, 'myname:=' + testcase_id + 'friendly*')
r.search()
self.assertTrue(r[0].myname, testcase_id + 'friendly-attr-name-1')
w = Writer.from_cursor(r)
e = w[0]
e.myname += 'xyz'
w.commit()
self.assertTrue('xyz' in e.myname)
def save(self):
ldap_server = Server(host=self.server.server_host,
port=self.server.server_port,
use_ssl=self.server.start_tls,
get_info=ALL)
connection = Connection(server=ldap_server,
user=self.server.admin_username,
password=self.server.admin_password,
raise_exceptions=True,
authentication=NTLM)
connection.bind()
query = 'cn: {}'.format(self.group.name, )
cursor_reader = Reader(connection,
self.obj,
self.server.search_base,
query=query)
cursor_reader.search()
cursor_writer = Writer.from_cursor(cursor_reader)
if cursor_reader.entries:
ldap_group = cursor_writer[0]
else:
ldap_group = cursor_writer.new(
dn="CN={},{}".format(self.group.name, self.server.search_base))
ldap_group.cn = self.group.name
ldap_group.slug_name = self.group.name
if self.group.service_type == 'security':
ldap_group.type = -2147483646
elif self.group.service_type == 'area':
ldap_group.type = -2147483646
ldap_group.flags = 25
else:
ldap_group.type = 2
#ldap_group.email = self.group.email
ldap_group.email_canonical = self.group.email.strip().split("@")[0]
ldap_group.entry_commit_changes()
connection.unbind()
print(8, conn.last_error)
conn.modify('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_REPLACE, ['Smith'])]})
print(9, conn.last_error)
conn.modify('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_ADD, ['Young', 'Johnson']), (MODIFY_DELETE, ['Smith'])], 'givenname': [(MODIFY_REPLACE, ['Mary', 'Jane'])]})
print(10, conn.last_error)
conn.modify_dn('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'cn=b.smith', new_superior='ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org')
print(11, conn.last_error)
conn.modify('cn=b.smith,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_DELETE, ['Johnson'])], 'givenname': [(MODIFY_REPLACE, ['Beatrix'])]})
print(12, conn.last_error)
conn.modify_dn('cn=b.smith,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'cn=b.young')
print(13, conn.last_error)
conn.add('cn=m.johnson,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'inetOrgPerson', {'givenName': 'Mary Ann', 'sn': 'Johnson', 'departmentNumber': 'DEV', 'telephoneNumber': 2222})
print(14, conn.last_error)
conn.add('cn=q.gray,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'inetOrgPerson', {'givenName': 'Quentin', 'sn': 'Gray', 'departmentNumber': 'QA', 'telephoneNumber': 3333})
print(15, conn.last_error)
obj_person = ObjectDef('inetOrgPerson', conn)
r = Reader(conn, obj_person, 'ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org')
r.search()
print(r)
w = Writer.from_cursor(r)
print(w)
print(w[0])
e = w[0]
print(e.entry_dn)
print(e.entry_attributes)
print(e.entry_attributes_as_dict)
print(e.entry_mandatory_attributes)
print(e.entry_to_ldif())
print(e.entry_to_json(include_empty=False))
def save(self):
ldap_server = Server(host=self.server.server_host,
port=self.server.server_port,
use_ssl=self.server.start_tls,
get_info=ALL)
connection = Connection(server=ldap_server,
user=self.server.admin_username,
password=self.server.admin_password,
raise_exceptions=True,
authentication=NTLM)
connection.bind()
cursor_reader = Reader(connection,
self.person,
self.server.search_base,
query=self.query)
cursor_reader.search()
cursor_writer = Writer.from_cursor(cursor_reader)
if cursor_reader.entries:
ldap_user = cursor_writer[0]
else:
ldap_user = cursor_writer.new(dn="CN={},{}".format(
self.user.get_full_name(), self.server.search_base))
ldap_user.cn = self.user.get_full_name()
ldap_user.username = self.user.username[:20]
ldap_user.logon = "{}@{}".format(self.user.username,
self.server.domain)
ldap_user.entry_commit_changes()
self._reset_password(connection, ldap_user)
if self.user.status == "active":
self._activate_user(connection, ldap_user)
else:
self._deactivate_user(connection, ldap_user)
ldap_user.first_name = self.user.first_name
ldap_user.last_name = self.user.last_name
ldap_user.full_name = self.user.get_full_name()
if self.user.email:
ldap_user.email = self.user.email
ldap_user.email_canonical = self.user.email.strip().split("@")[0]
if self.user.email_domain:
ldap_user.email_domain = self.user.email_domain
if str(self.user.email_buzon_size):
ldap_user.email_buzon_size = self.user.email_buzon_size * 1024 * 1024
if str(self.user.email_message_size):
ldap_user.email_message_size = self.user.email_message_size
if self.user.internet_domain:
ldap_user.internet_domain = self.user.internet_domain
if self.user.internet_quota_type:
ldap_user.internet_quota_type = self.user.internet_quota_type
if str(self.user.internet_quota_size):
ldap_user.internet_quota_size = self.user.internet_quota_size
if str(self.user.internet_extra_quota_size):
ldap_user.internet_extra_quota_size = self.user.internet_extra_quota_size
if self.user.ftp_folder:
ldap_user.ftp_folder = self.user.ftp_folder
if str(self.user.ftp_size):
ldap_user.ftp_size = self.user.ftp_size
ldap_user.entry_commit_changes()
groups = []
for service in self.user.services.all():
service.ldap_save()
groups.append("CN={},{}".format(service.name,
self.server.search_base))
for distribution_list in self.user.distribution_list.all():
distribution_list.ldap_save()
groups.append("CN={},{}".format(distribution_list.name,
self.server.search_base))
if self.user.area:
self.user.area.ldap_save()
groups.append("CN={},{}".format(self.user.area.name,
self.server.search_base))
connection.extend.microsoft.remove_members_from_groups(
ldap_user.entry_dn, ldap_user.groups.values)
connection.extend.microsoft.add_members_to_groups(
ldap_user.entry_dn, groups)
connection.unbind()