def update(self, groupName=None, gidNumber=None,members=None,_dc=None): if not groupName: return "{failure:1,'text':'No group found'}" server = cherrypy.session['server'] suffix = cherrypy.session['suffix'] adminUser = cherrypy.session['username'] adminPass = cherrypy.session['password'] if not server or not suffix or not adminUser or not adminPass or not gidNumber: doLogout('You cannot be here') return "{failure:1,'info':'Access violation'" results = do_ldap_search("(&(objectclass=posixGroup)(cn=%s))" % (groupName)) if len(results) < 1: return "{failure:1,'info':'Cannot find the required group'}" res=results[0][0][1] memberUid=[] uniqueMember=[] for x in members.split(","): if len(x)>0: memberUid.append(x) full_user = "******" % (x, suffix) uniqueMember.append(full_user) New={"cn":groupName,"gidNumber":gidNumber} if memberUid: if len(memberUid)>0: New["memberUid"] = memberUid if len(uniqueMember)>0: New['uniqueMember'] = uniqueMember Current={"cn":res['cn'][0], "gidNumber":res['gidNumber'][0]} if res.has_key('memberUid'): Current["memberUid"] = copy.copy(res['memberUid']) if res.has_key('uniqueMember'): Current['uniqueMember'] = copy.copy(res['uniqueMember']) if not "groupOfUniqueNames" in res['objectClass']: Current['objectClass'] = copy.copy(res['objectClass']) New['objectClass'] = copy.copy(res['objectClass']) New['objectClass'].append('groupOfUniqueNames') print Current print New DN='cn=%s,ou=Group,%s' % (res['cn'][0],suffix) if Current == New and not r: return "{success:1,info:'No changes needed'}" l = ldap.open(server) try: l.simple_bind_s(adminUser, adminPass) except ldap.LDAPError, e: err = parse_ldap_error(e) return "{failure:1,'info':'Bind: %s'}" % (err)
def add(self, role=None,sudohost=None,sudouser=None,sudogroup=None,sudocommands=None,sudooptions=None,_dc=None): server = cherrypy.session['server'] suffix = cherrypy.session['suffix'] adminUser = cherrypy.session['username'] adminPass = cherrypy.session['password'] if not server or not suffix or not adminUser or not adminPass: doLogout('You cannot be here') return "{failure:1,'info':'Access violation: you are not logged in or your session has expired'}" if sudogroup and not "Select" in sudogroup: sudouser="******" % (sudogroup) commands=[] for c in sudocommands.split(";"): if len(c)>1: commands.append(c) Options=[] for c in sudooptions.split(";"): if len(c)>1: Options.append(c) attrs={'cn':role,'objectClass': ['top','sudoRole']} if len(sudouser)>0: attrs['sudoUser'] = sudouser if len(commands)>0: attrs['sudoCommand'] = commands if len(Options)>0: attrs['sudoOption'] = Options hosts=[] for c in sudohost.split(","): if len(c)>1: hosts.append(c) if len(hosts)<1: hosts.append("ALL") attrs['sudoHost']=hosts DN="cn=%s,ou=SUDOers,%s" % (role, suffix) if not server or not suffix: return "{'failure':1,'info':'Missing server or suffix'}" l = ldap.open(server) try: l.simple_bind_s(adminUser, adminPass) except ldap.LDAPError, e: err = parse_ldap_error(e) return """{failure:1,info:"%s"}""" % (err)
def add(self, groupName=None, gidNumber=None,members=None,_dc=None): server = cherrypy.session['server'] suffix = cherrypy.session['suffix'] adminUser = cherrypy.session['username'] adminPass = cherrypy.session['password'] if not server or not suffix or not adminUser or not adminPass: doLogout('You cannot be here') return "{failure:1,'info':'Access violation: you are not logged in or your session has expired'}" if not server or not suffix: return "{'failure':1,'info':'Missing server or suffix'}" l = ldap.open(server) try: l.simple_bind_s(adminUser, adminPass) except ldap.LDAPError, e: err = parse_ldap_error(e) return "{'failure':1,'info':'%s'}" % (err)
def delete(self, hostname=None,ip=None,aliases=None,_dc=None): if not hostname or not ip: return "{'failure':1,'info':'Host not found'}" server = cherrypy.session['server'] suffix = cherrypy.session['suffix'] adminUser = cherrypy.session['username'] adminPass = cherrypy.session['password'] if not server or not suffix or not adminUser or not adminPass: doLogout('You cannot be here') return "{failure:1,'info':'Access violation'" l = ldap.open(server) try: l.simple_bind_s(adminUser, adminPass) except ldap.LDAPError, e: err = parse_ldap_error(e) return "{failure:1,'info':'%s'}" % (err)
def list(self, server=None, suffix=None, searchFilter=None,_dc=None,query=None): server = cherrypy.session['server'] suffix = cherrypy.session['suffix'] adminUser = cherrypy.session['username'] adminPass = cherrypy.session['password'] if not server or not suffix or not adminUser or not adminPass: doLogout('You cannot be here') return "{failure:1,'info':'Access violation: you are not logged in or your session has expired'}" print "==> Loading groups list\n\n" l = ldap.open(server) try: # l.simple_bind_s(adminUser, adminPass) l.simple_bind_s() except ldap.LDAPError, e: err = parse_ldap_error(e) return "{'failure':1,'text':'%s'}" % (err)
def delete(self,groupName=None,gidNumber=None,_dc=None): server = cherrypy.session['server'] suffix = cherrypy.session['suffix'] adminUser = cherrypy.session['username'] adminPass = cherrypy.session['password'] if not server or not suffix or not adminUser or not adminPass: doLogout('You cannot be here') return "{failure:1,'info':'Access violation'" if not groupName and not gidNumber: return "{failure:1,'info':'Missing group name or GID'}" l = ldap.open(server) try: l.simple_bind_s(adminUser, adminPass) except ldap.LDAPError, e: err = parse_ldap_error(e) return "{failure:1,'info':'%s'}" % (err)
def update(self, hostname=None,ip=None,aliases=None,_dc=None): server = cherrypy.session['server'] suffix = cherrypy.session['suffix'] adminUser = cherrypy.session['username'] adminPass = cherrypy.session['password'] if not server or not suffix or not adminUser or not adminPass: doLogout('You cannot be here') return "{failure:1,'info':'Access violation'" if not hostname or not ip: return "{failure:1,'info':'Nothing to change'" results = do_ldap_search("(&(objectclass=ipHost)(cn=%s))" % (hostname)) if len(results) < 1: return "{failure:1,'info':'Cannot find the required host'}" DN=results[0][0][0] res=results[0][0][1] if "ie:" in aliases: aliases='' hostAliases=[] for c in aliases.split(","): if len(c)>1: c = c.replace(" ","") hostAliases.append(c) if not hostname in hostAliases: hostAliases.append(hostname) Current={"cn":res['cn'],"ipHostNumber":res['ipHostNumber'][0]} New={"cn":hostAliases,"ipHostNumber":ip} if Current == New: return "{success:1,info:'No changes needed'}" l = ldap.open(server) try: l.simple_bind_s(adminUser, adminPass) except ldap.LDAPError, e: err = parse_ldap_error(e) return "{failure:1,'info':'Bind: %s'}" % (err)
def add(self, hostname=None,ip=None,aliases=None,_dc=None): server = cherrypy.session['server'] suffix = cherrypy.session['suffix'] adminUser = cherrypy.session['username'] adminPass = cherrypy.session['password'] if not server or not suffix or not adminUser or not adminPass: doLogout('You cannot be here') return "{failure:1,'info':'Access violation'" if not hostname or not ip: return "{failure:1,'info':'Hostname or IP address missing'" if "ie:" in aliases: aliases='' hostAliases=[] for c in aliases.split(","): if len(c)>1: c = c.replace(" ","") hostAliases.append(c) hostAliases.append(hostname) attrs={ 'cn':hostAliases, 'objectClass': ['top','ipHost','device'], 'ipHostNumber':ip, } DN="cn=%s+ipHostNumber=%s,ou=Hosts,%s" % (hostname,ip,suffix) l = ldap.open(server) try: l.simple_bind_s(adminUser, adminPass) except ldap.LDAPError, e: err = parse_ldap_error(e) return "{'failure':1,'info':'%s'}" % (err)
l.simple_bind_s(adminUser, adminPass) except ldap.LDAPError, e: err = parse_ldap_error(e) return "{failure:1,'info':'%s'}" % (err) if not groupName: groupName=getGroupDN(gidNumber) if len(groupName) < 2: return "{failure:1,'info':'Cannot identified group'}" deleteDN='cn=%s,ou=Group,%s' % (groupName,suffix) try: l.delete_s(deleteDN) except ldap.LDAPError, e: err = parse_ldap_error(e) return "{failure:1,'text':'%s'}" % (err) l.unbind_s() return """{success:1,'info':"Group %s deleted",group:"%s"}""" % (groupName,groupName) delete.exposed = True def list(self, server=None, suffix=None, searchFilter=None,_dc=None,query=None): server = cherrypy.session['server'] suffix = cherrypy.session['suffix'] adminUser = cherrypy.session['username'] adminPass = cherrypy.session['password'] if not server or not suffix or not adminUser or not adminPass:
def update(self, role=None,sudohost=None,sudouser=None,sudogroup=None,sudocommands=None,sudooptions=None,_dc=None): server = cherrypy.session['server'] suffix = cherrypy.session['suffix'] adminUser = cherrypy.session['username'] adminPass = cherrypy.session['password'] if not server or not suffix or not adminUser or not adminPass: doLogout('You cannot be here') return "{failure:1,'info':'Access violation'" sudorole=role results = do_ldap_search("(&(objectclass=SudoRole)(cn=%s))" % (sudorole)) if not results: return "{failure:1,info:'Role not found'}" DN=results[0][0][0] res=results[0][0][1] if sudogroup and not "Select" in sudogroup: if "%" in sudogroup: sudouser="******" % (sudogroup) else: sudouser="******" % (sudogroup) if "Select" in sudouser: sudouser='' commands=[] for c in sudocommands.split(";"): if len(c)>1: commands.append(c) hosts=[] for c in sudohost.split(","): if len(c)>1: hosts.append(c) options=[] for c in sudooptions.split(";"): if len(c)>1: options.append(c) Current={'cn':res['cn']} for k in ["sudoCommand", "sudoUser", "sudoOption","sudoHost"]: if res.has_key(k): Current[k] = res[k] New={'cn':role} if len(sudouser)>0: New['sudoUser'] = sudouser if len(commands)>0: New['sudoCommand'] = commands if len(options)>0: New['sudoOption'] = options if len(hosts)>0: New['sudoHost'] = hosts else: New['sudoHost'] = 'ALL' print "\n\n" print Current print "\n\n" print New print "\n\n" l = ldap.open(server) try: l.simple_bind_s(adminUser, adminPass) except ldap.LDAPError, e: err = parse_ldap_error(e) return """{failure:1,info:"%s"}""" % (err)