class LdapAutomountHome(ldapdb.models.Model): """ Represents an LDAP automount with hardcoded 'auto.home' in the base_dn (!) Ref: http://www.openldap.org/faq/data/cache/599.html Ref: http://lists.bolloretelecom.eu/pipermail/django-ldapdb/2012-April/000113.html """ connection_name = 'ldap' # LDAP meta-data base_dn = 'ou=auto.home,{}'.format(settings.LDAP_AUTOMOUNT_DN) object_classes = ['automount'] username = CharField(db_column='cn', primary_key=True) automountInformation = CharField(db_column='automountInformation') def set_automount_info(self, username=None): krb5_automount_info = "-fstype=nfs4,rw,sec=krb5 {}:{}/{}".format( settings.FILESERVER_HOST, settings.FILESERVER_HOME_PATH, username if username is not None else self.username) self.automountInformation = krb5_automount_info def __str__(self): return self.username class Meta: managed = False
def test_or(self): where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'exact', "foo"), AND) where.add((Constraint("givenName", "givenName", CharField()), 'exact', "bar"), OR) self.assertEquals(where_as_ldap(where), ("(|(cn=foo)(givenName=bar))", []))
class Tag(ldapdb.models.Model): """ A Domesday tag. """ base_dn = "ou=tags,dc=mozillians,dc=org" object_classes = ['groupOfNames'] name = CharField(db_column='cn', max_length=32768, primary_key=True) members = ListField(db_column='member') description = CharField(db_column='description', max_length=1024) # Will eventually need a blesstag, and a field describing how to become # blessed. def members_as_people(self): # XXX want to say: # return [Person.objects.get(dn=dn) for dn in self.members] return [Person.objects.get(uid=dn.split(',')[0].split("=")[1]) for dn in self.members] def __str__(self): return self.name def __unicode__(self): return self.name
class LdapGroup(ldapdb.models.Model): """ Class for representing an LDAP group entry. """ # LDAP meta-data base_dn = "ou=group,dc=iapp-intern,dc=de" object_classes = [ 'posixGroup', 'extensibleObject', ] # posixGroup cn = CharField(db_column='cn', primary_key=True) gidNumber = IntegerField(db_column='gidNumber', unique=True) description = CharField(db_column='description', blank=True) memberUid = ListField(db_column='memberUid') # extensibleObject owner = ListField(db_column='owner') def __str__(self): return self.cn def __unicode__(self): return self.cn
class LdapMaillist(ldapdb.models.Model): """ Class for representing an LDAP Maillist entry. """ # LDAP meta-data base_dn = "ou=Mailinglists,dc=iapp-intern,dc=de" object_classes = ['groupOfNames', 'extensibleObject', ] # groupOfNames cn = CharField(db_column='cn', primary_key=True) description = CharField(db_column='description', blank=True) member = ListField(db_column='member') # extensibleObject mail = CharField(db_column='mail') owner = ListField(db_column='owner') rfc822MailMember = ListField(db_column='rfc822MailMember', blank=True) def __str__(self): return self.cn def __unicode__(self): return self.cn
class Account(ldapdb.models.Model): """ An account on another system. To get the accounts for just a single person, use the scoped() method to add the person's Domesday uid, e.g.: Account.scoped("uid=%s,%s" % (self.uid, Account.base_dn)) """ base_dn = "ou=people,dc=mozillians,dc=org" object_classes = ['account'] domain = CharField(db_column='host', max_length=256, primary_key=True) userid = CharField(db_column='uid', max_length=256) def _get_owner(self): uid = re.search(',uid=(\d+),', self.dn).group(1) p = Person.objects.filter(pk=uid) return p owner = property(_get_owner) def __str__(self): return "%s: %s" % (self.domain, self.userid) def __unicode__(self): return "%s: %s" % (self.domain, self.userid)
class Group(BaseLdapModel): base_dn = force_text('ou=Groups,' + settings.LDAP_BASE_DN) object_classes = force_bytestrings(['posixGroup', 'sambaGroupMapping']) # posixGroup attributes name = CharField(db_column=force_text('cn'), max_length=200, primary_key=True, validators=list(name_validators)) gid = IntegerField(db_column=force_text('gidNumber'), unique=True) members = ListField(db_column=force_text('memberUid')) description = CharField(db_column=force_text('description'), max_length=500, blank=True, default='') group_type = IntegerField(db_column=force_text('sambaGroupType'), default=None) samba_sid = CharField(db_column=force_text('sambaSID'), unique=True, default='') def save(self, using=None): self.group_type = 2 self.set_next_free_value('gid', default=10000) # noinspection PyStringFormat self.samba_sid = '%s-%d' % (get_samba_sid(), self.gid) super(Group, self).save(using=using) group_of_names = list(GroupOfNames.objects.filter(name=self.name)[0:1]) if not group_of_names: group = GroupOfNames(name=self.name, members=['cn=admin,' + settings.LDAP_BASE_DN]) group.save() else: group = group_of_names[0] new_members = ['cn=admin,' + settings.LDAP_BASE_DN] + ['uid=%s,%s' % (x, User.base_dn) for x in self.members] if new_members != group.members: group.members = new_members group.save()
def test_char_field_in(self): where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'in', ["foo", "bar"]), AND) self.assertEquals(where_as_ldap(where), ("(|(cn=foo)(cn=bar))", [])) where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'in', ["(foo)", "(bar)"]), AND) self.assertEquals(where_as_ldap(where), ("(|(cn=\\28foo\\29)(cn=\\28bar\\29))", []))
def test_char_field_contains(self): where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'contains', "test"), AND) self.assertEquals(where_as_ldap(where), ("(cn=*test*)", [])) where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'contains', "te*st"), AND) self.assertEquals(where_as_ldap(where), ("(cn=*te\\2ast*)", []))
def test_char_field_exact(self): where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'exact', "test"), AND) self.assertEquals(where_as_ldap(where), ("(cn=test)", [])) where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'exact', "(test)"), AND) self.assertEquals(where_as_ldap(where), ("(cn=\\28test\\29)", []))
def test_char_field_startswith(self): where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'startswith', "test"), AND) self.assertEqual(where_as_ldap(where), ("(cn=test*)", [])) where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'startswith', "te*st"), AND) self.assertEqual(where_as_ldap(where), ("(cn=te\\2ast*)", []))
def test_char_field_endswith(self): where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'endswith', "test"), AND) self.assertEquals(where.as_sql(), ("(cn=*test)", [])) where = WhereNode() where.add((Constraint("cn", "cn", CharField()), 'endswith', "te*st"), AND) self.assertEquals(where.as_sql(), ("(cn=*te\\2ast)", []))
class LdapUser(Model): """ Class for representing an LDAP user entry. """ class Meta: managed = False base_dn = settings.AUTH_LDAP_BASE object_classes = [ 'posixAccount', 'shadowAccount', 'inetOrgPerson', 'top', 'person', 'organizationalPerson' ] first_name = CharField(db_column='givenName') last_name = CharField(db_column='sn') full_name = CharField(db_column='cn') email = CharField(db_column='mail') username = CharField(db_column='uid', primary_key=True) password = CharField(db_column='userPassword') uid = IntegerField(db_column='uidNumber', unique=True) group = IntegerField(db_column='gidNumber') home_directory = CharField(db_column='homeDirectory') login_shell = CharField(db_column='loginShell', default='/bin/bash') description = CharField(db_column='description') def __str__(self): return self.uid def __unicode__(self): return self.full_name
class LdapGroup(ldapdb.models.Model): """ Class for representing an LDAP group entry. This is a memberOf bind http://www.openldap.org/software/man.cgi?query=slapo-memberof&sektion=5&apropos=0&manpath=OpenLDAP+2.4-Release """ # LDAP meta-data base_dn = "ou=groups,{}".format(settings.LDAP_BASEDN) object_classes = [ 'groupOfNames', ] cn = CharField(db_column='cn', primary_key=True) member = ListField(db_column='member', default=[]) class Meta: verbose_name = _('LDAP MemberOf Group') verbose_name_plural = _('LDAP MemberOf Groups') def add_member(self, member_dn_obj): members = self.member.split(os.linesep) if not member_dn_obj in members: members.append(member_dn_obj.dn.strip()) self.member = os.linesep.join(members) self.save() def remove_member(self, member_dn_obj): members = self.member.split(os.linesep) if member_dn_obj.dn in members: members = [i for i in members if i != member_dn_obj.dn] self.member = os.linesep.join(members) self.save() def __str__(self): return self.cn
class LdapOA(ldapdb.models.Model): base_dn = "cn=OA,ou=Roles,dc=xiaoneng,dc=cn" object_classes = ['groupOfUniqueNames'] cn = CharField(db_column='cn', max_length=200, primary_key=True) uniqueMember = ListField(db_column='uniqueMember')
class LdapGroup(ldapdb.models.Model): """ Class for representing an LDAP group entry. """ # LDAP meta-data base_dn = "ou=Users,dc=xiaoneng,dc=cn" object_classes = ['organizationalUnit'] ou = CharField(db_column='ou', max_length=200, primary_key=True) name = CharField(db_column='businessCategory', max_length=200) def __str__(self): return self.ou def __unicode__(self): return self.ou
class FakeModel(models.Model): class Meta: abstract = True base_dn = 'ou=test,dc=example,dc=org' object_classes = ['inetOrgPerson'] name = CharField(db_column='cn')
class LdapStructure(ldapdb.models.Model): base_dn = "ou=Users,dc=xiaoneng,dc=cn" object_classes = ['organizationalUnit'] ou = CharField(db_column='ou', max_length=200, primary_key=True) def __str__(self): return self.ou
class LdapUser(ldapdb.models.Model): # LDAP meta-data base_dn = "dc=at" object_classes = ['inetOrgPerson'] first_name = CharField(db_column='givenName') last_name = CharField("surname", db_column='sn') full_name = CharField(db_column='cn') email = CharField(db_column='mail', primary_key=True) #ordering = ['last_name'] def __str__(self): return self.full_name def __unicode__(self): return self.full_name
class GroupOfNames(BaseLdapModel): # a copy of Group, but based on different object classes. # required by nslcd! base_dn = 'ou=CoreGroups,' + settings.LDAP_BASE_DN object_classes = force_bytestrings(['groupOfNames']) name = CharField(db_column=force_text('cn'), max_length=200, primary_key=True, validators=list(name_validators)) members = ListField(db_column=force_text('member'))
class ServiceAccount(BaseLdapModel): # description used as description for primary groups of users base_dn = 'ou=Services,' + settings.LDAP_BASE_DN object_classes = force_bytestrings(['posixAccount', 'shadowAccount', 'inetOrgPerson', 'person']) fqdn = CharField(db_column=force_text('uid'), max_length=200, primary_key=True, validators=list(name_validators)) uid_number = IntegerField(db_column=force_text('uidNumber'), default=None, unique=True) gid_number = IntegerField(db_column=force_text('gidNumber'), default=None) # forced values display_name = CharField(db_column=force_text('displayName'), max_length=200) mail = CharField(db_column=force_text('mail'), default=None) gecos = CharField(db_column=force_text('gecos'), max_length=200, default=None) cn = CharField(db_column=force_text('cn'), max_length=200, default=None, validators=list(name_validators)) sn = CharField(db_column=force_text('sn'), max_length=200, default=None, validators=list(name_validators)) # password values user_password = CharField(db_column=force_text('userPassword'), default=None) # samba_nt_password = CharField(db_column=force_text('sambaNTPassword'), default=None) def save(self, using=None): self.cn = self.fqdn self.sn = self.fqdn self.display_name = self.fqdn self.gecos = self.fqdn self.mail = '%s@%s' % (self.fqdn, settings.PENATES_DOMAIN) self.set_next_free_value('uid_number') self.gid_number = self.uid_number super(ServiceAccount, self).save(using=using) def set_password(self, password): self.user_password = password_hash(password) self.save()
class Principal(BaseLdapModel): base_dn = 'cn=krbContainer,' + settings.LDAP_BASE_DN object_classes = force_bytestrings(['krbPrincipal', 'krbPrincipalAux', 'krbTicketPolicyAux']) name = CharField(db_column=force_text('krbPrincipalName'), primary_key=True) flags = IntegerField(db_column=force_text('krbTicketFlags'), default=None) def save(self, using=None): self.flags = 128 super(Principal, self).save(using=using)
class LdapRoom(ldapdb.models.Model): """ Class for representing an LDAP roon entry. """ # LDAP meta-data base_dn = "ou=rooms,dc=iapp-intern,dc=de" object_classes = ['room'] # posixGroup cn = CharField(db_column='cn', primary_key=True) description = CharField(db_column='description') telephoneNumber = CharField(db_column='telephoneNumber') def __str__(self): return self.cn def __unicode__(self): return self.cn
class LDAPPosixUser(LDAPModel): """ Class for representing an LDAP user entry. """ objects = LDAPPosixUserManager() # LDAP meta-data base_dn = settings.LDAP_SYNC_USER_BASE_DN object_classes = ['top', 'posixAccount', 'inetOrgPerson'] # inetOrgPerson first_name = CharField(db_column='givenName', verbose_name="Prime name") last_name = CharField("Final name", db_column='sn') common_name = CharField(db_column='cn') email = ListField(db_column='mail') # posixAccount uid = IntegerField(db_column='uidNumber', default=1000) group = IntegerField(db_column='gidNumber') home_directory = CharField(db_column='homeDirectory') login_shell = CharField(db_column='loginShell', default='/bin/bash') nadine_id = CharField(db_column='uid', primary_key=True) password = CharField(db_column='userPassword') if hasattr(settings, 'LDAP_SYNC_USER_HOME_DIR_TEMPLATE'): HOME_DIR_TEMPLATE = settings.LDAP_SYNC_USER_HOME_DIR_TEMPLATE else: HOME_DIR_TEMPLATE = "/home/{}" def ensure_gid(self): """ If no group is set then perform a get_or_create() for default members group. """ if self.group is None: members_group, _ = LDAPPosixGroup.objects.get_or_create( name=settings.LDAP_SYNC_MEMBERS_GROUP_CN) self.group = members_group.gid def ensure_home_directory(self): """ If no home_directory is set then LDAP complains, we can auto-populate. """ if not self.home_directory: self.home_directory = self.HOME_DIR_TEMPLATE.format(self.uid) def save(self, *args, **kwargs): self.ensure_gid() self.ensure_home_directory() return super(LDAPPosixUser, self).save(*args, **kwargs) def __str__(self): return "{}:{}".format(self.nadine_id, self.common_name) def __str__(self): return self.full_name
class Tag(ldapdb.models.Model): """ A Domesday tag. """ base_dn = "ou=tags,dc=mozillians,dc=org" object_classes = ['groupOfNames'] name = CharField(db_column='cn', max_length=32768, primary_key=True) members = ListField(db_column='member') def __str__(self): return self.name def __unicode__(self): return self.name
class LdapOU(ldapdb.models.Model): """ Class for representing an LDAP organizational unit. """ # LDAP meta-data # this ONLY works in dev (which is the way it should be). Note that base_dn = settings.LDAP_BASE_SEARCH_DN does # NOT work because base_dn = settings.LDAP_BASE_SEARCH_DN now contains the ou!" base_dn = "dc=agaveapi" object_classes = ['organizationalUnit'] ou = CharField(db_column='ou', blank=True, primary_key=True) def __str__(self): return self.ou def __unicode__(self): return self.ou
class LdapGroup(ldapdb.models.Model): """ Class for representing an LDAP group entry. """ # LDAP meta-data base_dn = "ou=groups,dc=nodomain" object_classes = ['posixGroup'] # posixGroup attributes gid = IntegerField(db_column='gidNumber', unique=True) name = CharField(db_column='cn', max_length=200, primary_key=True) usernames = ListField(db_column='memberUid') def __str__(self): return self.name def __unicode__(self): return self.name
class LdapUser(ldapdb.models.Model): base_dn = "ou=Users,dc=xiaoneng,dc=cn" object_classes = ['inetOrgPerson'] username = CharField(db_column='cn', primary_key=True) user_sn = CharField(db_column='sn') email = CharField(db_column='mail', blank=True) phone = CharField(db_column='telephoneNumber', blank=True) password = CharField(db_column='userPassword') sshpublickey = CharField(db_column='sshpublickey', blank=True) def __str__(self): return self.username
class LdapGroup(ldapdb.models.Model): """ Represents an LDAP posixGroup entry. """ connection_name = 'ldap' # LDAP meta-data base_dn = settings.LDAP_GROUP_DN object_classes = ['posixGroup'] # posixGroup attributes gid = IntegerField(db_column='gidNumber', unique=True) name = CharField(db_column='cn', max_length=200, primary_key=True) members = ListField(db_column='memberUid') def __str__(self): return self.name class Meta: managed = False
class LdapAutomountMap(ldapdb.models.Model): """ Represents an LDAP automountMap Ref: http://www.openldap.org/faq/data/cache/599.html """ connection_name = 'ldap' # LDAP meta-data base_dn = settings.LDAP_AUTOMOUNT_DN object_classes = ['automountMap'] ou = CharField(db_column='ou', primary_key=True) # F.ex auto.home def __str__(self): return self.ou class Meta: managed = False