def entry_status(inst, basedn, log, args):
dn = _get_dn_arg(args.dn, msg="Enter dn to check")
roles = Roles(inst, basedn)
role = roles.get(dn=dn)
status = role.status()
log.info(f'Entry DN: {dn}')
log.info(f'Entry State: {status["state"].describe(status["role_dn"])}\n')
def subtree_status(inst, basedn, log, args):
basedn = _get_dn_arg(args.basedn, msg="Enter basedn to check")
filter = ""
scope = ldap.SCOPE_SUBTREE
epoch_inactive_time = None
if args.scope == "one":
scope = ldap.SCOPE_ONELEVEL
if args.filter:
filter = args.filter
if args.become_inactive_on:
datetime_inactive_time = datetime.strptime(args.become_inactive_on,
'%Y-%m-%dT%H:%M:%S')
epoch_inactive_time = datetime.timestamp(datetime_inactive_time)
account_list = Accounts(inst, basedn).filter(filter, scope)
if not account_list:
raise ValueError(f"No entries were found under {basedn}")
for entry in account_list:
status = entry.status()
state = status["state"]
params = status["params"]
if args.inactive_only and state == AccountState.ACTIVATED:
continue
if args.become_inactive_on:
if epoch_inactive_time is None or params["Time Until Inactive"] is None or \
epoch_inactive_time <= (params["Time Until Inactive"] + status["calc_time"]):
continue
_print_entry_status(status, entry.dn, log)
def reset_password(inst, basedn, log, args):
dn = _get_dn_arg(args.dn, msg="Enter dn to reset password")
new_password = _get_arg(args.new_password,
hidden=True,
confirm=True,
msg="Enter new password for %s" % dn)
accounts = Accounts(inst, basedn)
acct = accounts.get(dn=dn)
acct.reset_password(new_password)
log.info('reset password for %s' % dn)
def subtree_status(inst, basedn, log, args):
basedn = _get_dn_arg(args.basedn, msg="Enter basedn to check")
filter = ""
scope = ldap.SCOPE_SUBTREE
role_list = Roles(inst, basedn).filter(filter, scope)
if not role_list:
raise ValueError(f"No entries were found under {basedn} or the user doesn't have an access")
for entry in role_list:
status = entry.status()
log.info(f'Entry DN: {entry.dn}')
log.info(f'Entry State: {status["state"].describe(status["role_dn"])}\n')
def change_password(inst, basedn, log, args):
dn = _get_dn_arg(args.dn, msg="Enter dn to change password")
cur_password = _get_arg(args.current_password,
hidden=True,
confirm=False,
msg="Enter current password for %s" % dn)
new_password = _get_arg(args.new_password,
hidden=True,
confirm=True,
msg="Enter new password for %s" % dn)
accounts = Accounts(inst, basedn)
acct = accounts.get(dn=dn)
acct.change_password(cur_password, new_password)
log.info('changed password for %s' % dn)
def entry_status(inst, basedn, log, args):
dn = _get_dn_arg(args.dn, msg="Enter dn to check")
roles = Roles(inst, basedn)
try:
role = roles.get(dn=dn)
except ldap.NO_SUCH_OBJECT:
raise ValueError(
"Role \"{}\" is not found or the entry is not a role.".format(dn))
status = role.status()
info_dict = {}
if args.json:
info_dict["dn"] = dn
info_dict["state"] = f'{status["state"].describe(status["role_dn"])}'
log.info(json.dumps({"type": "status", "info": info_dict}, indent=4))
else:
log.info(f'Entry DN: {dn}')
log.info(
f'Entry State: {status["state"].describe(status["role_dn"])}\n')
def rename(inst, basedn, log, args, warn=True):
dn = _get_dn_arg(args.dn, msg="Enter dn to modify")
_generic_rename_dn(inst, basedn, log.getChild('_generic_rename_dn'), MANY,
dn, args)
def delete(inst, basedn, log, args, warn=True):
dn = _get_dn_arg(args.dn, msg="Enter dn to delete")
if warn:
_warn(dn, msg="Deleting %s %s" % (SINGULAR.__name__, dn))
_generic_delete(inst, basedn, log.getChild('_generic_delete'), SINGULAR,
dn, args)
def get_dn(inst, basedn, log, args):
dn = _get_dn_arg(args.dn, msg="Enter dn to retrieve")
_generic_get_dn(inst, basedn, log.getChild('_generic_get_dn'), MANY, dn,
args)
def unlock(inst, basedn, log, args):
dn = _get_dn_arg(args.dn, msg="Enter dn to check")
role = Role(inst, dn=dn)
role.unlock()
log.info(f'Entry {dn} is unlocked')
def entry_status(inst, basedn, log, args):
dn = _get_dn_arg(args.dn, msg="Enter dn to check")
accounts = Accounts(inst, basedn)
acct = accounts.get(dn=dn)
status = acct.status()
_print_entry_status(status, dn, log, args)
def unlock(inst, basedn, log, args):
dn = _get_dn_arg(args.dn, msg="Enter dn to unlock")
accounts = Accounts(inst, basedn)
acct = accounts.get(dn=dn)
acct.unlock()
log.info(f'Entry {dn} is unlocked')
