Esempio n. 1
0
    def get_group(self, groupName=None, gidNumber=None,_dc=None):
        if gidNumber:
            results = do_ldap_search("(&(objectclass=posixGroup)(gidNumber=%s))" % (gidNumber))
        elif groupName:
            results = do_ldap_search("(&(objectclass=posixGroup)(cn=%s))" % (groupName))
        else:
            return "{failure:1,'text':'No group GID or name entered'}"
        if not results:
            return "{failure:1,'text':'No group found'}"

        res=results[0][0][1]
        
        output="{"
        members=''
        for f in groupFields:
            if res.has_key(f) and f is not "memberUid":
                output+="%s:'%s'," % (f, res[f][0])
                
        if res.has_key('memberUid'):
            for m in res['memberUid']:
                members+="%s:" % (m)
        
        output+='members:"%s"' % (members[:-1])
        
        output+="}"
        cherrypy.response.headers['Content-Type'] = "text/plain"
        return output
Esempio n. 2
0
    def getMembers(self, groupName=None, gidNumber=None,_dc=None,query=None):
        
        server = cherrypy.session['server']
        suffix = cherrypy.session['suffix']
        adminUser = cherrypy.session['username']
        adminPass = cherrypy.session['password']
        if not server or not suffix or not adminUser or not adminPass:
            doLogout('You cannot be here')
            return "{failure:1,'info':'Access violation: you are not logged in or your session has expired'}"
        
        if gidNumber:
            results = do_ldap_search("(&(objectclass=posixGroup)(gidNumber=%s))" % (gidNumber))
        elif groupName:
            results = do_ldap_search("(&(objectclass=posixGroup)(cn=%s))" % (groupName))
        if not results:
            return "{failure:1,'text':'No members found'}"

        if not results[0][0][1].has_key('memberUid'):
            return "{success:1,'text':'No members found'}"
        members=results[0][0][1]['memberUid']
        
        output="{results: ["
        for member in members:
            user_details = getUser(uidNumber=member)
            if user_details:
                output+="""{cn: '%s',gidNumber:%s,givenName:'%s',sn:'%s',uid:'%s'},""" % (getUserCN(member),member,
                                                                                          user_details['givenName'][0],
                                                                                          user_details['sn'][0],
                                                                                          user_details['uid'][0])
        output+="]}"
        
        cherrypy.response.headers['Content-Type'] = "text/plain"
        return output
Esempio n. 3
0
def getGroupCN(gid):
    results = do_ldap_search("(&(objectclass=posixGroup)(gidNumber=%s))" % (gid),['cn'])
    if not results:
        return 0

    res=results[0][0][1]['cn'][0]
    return res
Esempio n. 4
0
    def list(self, *args, **kwargs):
        cn="*"
        if kwargs.has_key('cn'):
            cn=kwargs['cn']
        results = do_ldap_search("(&(objectclass=sudoRole)(cn=%s))" % (cn))

        output = "{results:["
        for res in results:
            res = res[0][1]
            commands=''
            sudouser=''
            sudooptions=''
            if res.has_key('sudoCommand'):
                commands=";".join(res['sudoCommand'])
            if res.has_key('sudoUser'):
                sudouser = res['sudoUser'][0]
            if res.has_key('sudoOption'):
                sudooptions=";".join(res['sudoOption'])
                

            hosts=";".join(res['sudoHost'])
            output += """{sudorole:"%s",sudouser:"******",sudohost:"%s",sudocommands:"%s",sudooptions:"%s"},""" % (res['cn'][0],sudouser,hosts,commands,sudooptions)
            
        output += "]}"
        cherrypy.response.headers['Content-Type'] = "text/plain"
        return output
Esempio n. 5
0
    def update(self, groupName=None, gidNumber=None,members=None,_dc=None):
        if not groupName:
            return "{failure:1,'text':'No group found'}"

        server = cherrypy.session['server']
        suffix = cherrypy.session['suffix']
        adminUser = cherrypy.session['username']
        adminPass = cherrypy.session['password']
        
        if not server or not suffix or not adminUser or not adminPass or not gidNumber:
            doLogout('You cannot be here')
            return "{failure:1,'info':'Access violation'"
    
        results = do_ldap_search("(&(objectclass=posixGroup)(cn=%s))" % (groupName))
        if len(results) < 1:
            return "{failure:1,'info':'Cannot find the required group'}"
        
        res=results[0][0][1]
        
        
        memberUid=[]
        uniqueMember=[]
        for x in members.split(","):
            if len(x)>0:
                memberUid.append(x)
                full_user = "******" % (x, suffix)
                uniqueMember.append(full_user)
        
        New={"cn":groupName,"gidNumber":gidNumber}
        if memberUid:
            if len(memberUid)>0:
                New["memberUid"] = memberUid
        if len(uniqueMember)>0:
            New['uniqueMember'] = uniqueMember
            
        Current={"cn":res['cn'][0], "gidNumber":res['gidNumber'][0]}
        if res.has_key('memberUid'):
            Current["memberUid"] = copy.copy(res['memberUid'])
        if res.has_key('uniqueMember'):
            Current['uniqueMember'] = copy.copy(res['uniqueMember'])
        if not "groupOfUniqueNames" in res['objectClass']:
            Current['objectClass'] = copy.copy(res['objectClass'])
            New['objectClass'] = copy.copy(res['objectClass'])
            New['objectClass'].append('groupOfUniqueNames')


        print Current
        print New
        DN='cn=%s,ou=Group,%s' % (res['cn'][0],suffix)
        
        if Current == New and not r:
            return "{success:1,info:'No changes needed'}"
        
        l = ldap.open(server)
        try:
            l.simple_bind_s(adminUser, adminPass)
        except ldap.LDAPError, e:
            err = parse_ldap_error(e)
            return "{failure:1,'info':'Bind: %s'}" % (err)
Esempio n. 6
0
    def get(self, hostname=None,ip=None,_dc=None):
        if not ip is None:
            results = do_ldap_search("(&(objectclass=ipHost)(ipHostNumber=%s))" % (ip))
        else:
            results = do_ldap_search("(&(objectclass=ipHost)(cn=%s))" % (hostname))

        if not results:
            return "{}"
        res=results[0][0][1]

        output = ""
        if "ipHostNumber" in results[0][0]:
            hostname = results[0][0].split("+")[0].replace("cn=","")

        aliases=",".join(res['cn'])
        output += """{hostname:"%s",ip:"%s",aliases:"%s"}""" % (hostname,res['ipHostNumber'][0],aliases)
            
        cherrypy.response.headers['Content-Type'] = "text/plain"
        return output
Esempio n. 7
0
    def list(self, *args, **kwargs):
        cn="*"
        if kwargs.has_key('cn'):
            cn=kwargs['cn']
        results = do_ldap_search("(&(objectclass=ipHost)(cn=%s))" % (cn))

        output = "{results:["
        for res in results:
            if "ipHostNumber" in res[0][0]:
                hostname = res[0][0].split("+")[0].replace("cn=","")

            res = res[0][1]
            aliases=";".join(res['cn'])
            output += """{hostname:"%s",ip:"%s",aliases:"%s"},""" % (hostname,res['ipHostNumber'][0],aliases)
            
        output += "]}"
        cherrypy.response.headers['Content-Type'] = "text/plain"
        return output
Esempio n. 8
0
    def update(self, hostname=None,ip=None,aliases=None,_dc=None):
        server = cherrypy.session['server']
        suffix = cherrypy.session['suffix']
        adminUser = cherrypy.session['username']
        adminPass = cherrypy.session['password']
        
        if not server or not suffix or not adminUser or not adminPass:
            doLogout('You cannot be here')
            return "{failure:1,'info':'Access violation'"
    
        if not hostname or not ip:
            return "{failure:1,'info':'Nothing to change'"
        results = do_ldap_search("(&(objectclass=ipHost)(cn=%s))" % (hostname))

        if len(results) < 1:
            return "{failure:1,'info':'Cannot find the required host'}"
        
        DN=results[0][0][0]
        res=results[0][0][1]
        if "ie:" in aliases: aliases=''

        hostAliases=[]
        for c in aliases.split(","):
            if len(c)>1:
                c = c.replace(" ","")
                hostAliases.append(c)
        if not hostname in hostAliases:
            hostAliases.append(hostname)
        
        Current={"cn":res['cn'],"ipHostNumber":res['ipHostNumber'][0]}
        New={"cn":hostAliases,"ipHostNumber":ip}
        
        if Current == New:
            return "{success:1,info:'No changes needed'}"
        
        l = ldap.open(server)
        try:
            l.simple_bind_s(adminUser, adminPass)
        except ldap.LDAPError, e:
            err = parse_ldap_error(e)
            return "{failure:1,'info':'Bind: %s'}" % (err)
Esempio n. 9
0
    def get(self, sudorole=None,_dc=None):
        results = do_ldap_search("(&(objectclass=SudoRole)(cn=%s))" % (sudorole))

        if not results:
            return "{}"
        res=results[0][0][1]

        users=''
        hosts=''
        commands=''
        options=''
        if res.has_key('sudoUser'):
            users = ';'.join(res['sudoUser'])
        if res.has_key('sudoCommand'):
            commands = ';'.join(res['sudoCommand'])
        if res.has_key('sudoHost'):
            hosts = ';'.join(res['sudoHost'])
        if res.has_key('sudoOption'):
            options = ';'.join(res['sudoOption'])
        output = """{cn:"%s",sudoCommand:"%s",sudoUser:"******",sudoHost:"%s",sudoOption:"%s"}""" % (sudorole,commands,users,hosts,options)
            
        cherrypy.response.headers['Content-Type'] = "text/plain"
        return output
Esempio n. 10
0
    def update(self, role=None,sudohost=None,sudouser=None,sudogroup=None,sudocommands=None,sudooptions=None,_dc=None):
        server = cherrypy.session['server']
        suffix = cherrypy.session['suffix']
        adminUser = cherrypy.session['username']
        adminPass = cherrypy.session['password']
        
        if not server or not suffix or not adminUser or not adminPass:
            doLogout('You cannot be here')
            return "{failure:1,'info':'Access violation'"

        sudorole=role
        results = do_ldap_search("(&(objectclass=SudoRole)(cn=%s))" % (sudorole))

        if not results:
            return "{failure:1,info:'Role not found'}"
        DN=results[0][0][0]
        res=results[0][0][1]

        if sudogroup and not "Select" in sudogroup:
            if "%" in sudogroup:
                sudouser="******" % (sudogroup)
            else:
                sudouser="******" % (sudogroup)

        if "Select" in sudouser:
            sudouser=''
        commands=[]
        for c in sudocommands.split(";"):
            if len(c)>1:
                commands.append(c)

        hosts=[]
        for c in sudohost.split(","):
            if len(c)>1:
                hosts.append(c)
        options=[]
        for c in sudooptions.split(";"):
            if len(c)>1:
                options.append(c)        
        
        Current={'cn':res['cn']}
        for k in ["sudoCommand", "sudoUser", "sudoOption","sudoHost"]:
            if res.has_key(k):
                Current[k] = res[k]

        New={'cn':role}
        if len(sudouser)>0:
            New['sudoUser'] = sudouser
        if len(commands)>0:
            New['sudoCommand'] = commands
        if len(options)>0:
            New['sudoOption'] = options
        
        if len(hosts)>0:
            New['sudoHost'] = hosts
        else:
            New['sudoHost'] = 'ALL'

        
        print "\n\n"
        print Current
        print "\n\n"
        print New
        print "\n\n"
        
        l = ldap.open(server)
        try:
            l.simple_bind_s(adminUser, adminPass)
        except ldap.LDAPError, e:
            err = parse_ldap_error(e)
            return """{failure:1,info:"%s"}""" % (err)