def get_ldap_info(self):
"""Retrieve the data from the LDAP to initially fill up the ldap_info field."""
vo_ldap_info = self.ldap_query.vo_filter_search(CnFilter(self.vo_id))
if len(vo_ldap_info) == 0:
self.log.error("Could not find a group in the LDAP with the ID %s, raising NoSuchGroupError"
% (self.vo_id))
raise NoSuchVoError(self.vo_id)
return vo_ldap_info[0] # there can be only one
def get_ldap_info(self):
"""Retrieve the data from the LDAP to initially fill up the ldap_info field.
"""
cn_filter = CnFilter(self.user_id)
user_ldap_info = self.ldap_query.user_filter_search(
ldap_filter=cn_filter)
if len(user_ldap_info) == 0:
self.log.error(
"Could not find a user in the LDAP with the ID %s, raising NoSuchUserError"
% (self.user_id))
raise NoSuchUserError(name=self.user_id)
return user_ldap_info[0]
def project_modify(self, cn, attributes):
"""Change one or more attributes for a given project.
@type cn: string representing the common name for the user
@type attributes: dictionary with the attribute names and their new values
@raise: NoSuchProjectError
"""
dn = "cn=%s,%s" % (cn, self.configuration.project_dn_base)
current = self.project_filter_search(CnFilter(cn))
if current is None:
self.log.error("project_modify did not find project with cn = %s (dn = %s)" % (cn, dn))
raise NoSuchProjectError(cn)
self.log.debug("project_modify current attribute values = %s - new attribute values = %s"
% (current[0], attributes))
self.__modify(current[0], dn, attributes)
def add_or_update(self, VscLdapKlass, cn, ldap_attributes, dry_run):
"""
Perform the update in LDAP for the given vsc.ldap.entitities class, cn and the ldap attributes.
@return: NEW, UPDATED or ERROR, depending on the operation and its result.
"""
ldap_entries = VscLdapKlass.lookup(CnFilter(cn))
if not ldap_entries:
# add the entry
logging.debug("add new entry %s %s with the attributes %s",
VscLdapKlass.__name__, cn, ldap_attributes)
if not dry_run:
try:
entry = VscLdapKlass(cn)
entry.add(ldap_attributes)
logging.info("Added a new user %s to LDAP" % (cn, ))
except LDAPError:
logging.warning("Could not add %s %s to LDAP" % (
VscLdapKlass.__name__,
cn,
))
return ERROR
return NEW
else:
ldap_entries[0].status
logging.debug(
"update existing entry %s %s with the attributes %s -- old entry: %s",
VscLdapKlass.__name__, cn, ldap_attributes,
ldap_entries[0].ldap_info)
if not dry_run:
try:
ldap_entries[0].modify_ldap(ldap_attributes)
logging.info("Modified %s %s in LDAP" % (
VscLdapKlass.__name__,
cn,
))
except LDAPError:
logging.warning("Could not add %s %s to LDAP" % (
VscLdapKlass.__name__,
cn,
))
return ERROR
return UPDATED
def group_search(self, cn, member_uid, attributes=None):
"""Perform an LDAP lookup in the group tree, looking for the entry with given cn and memberUid.
@type cn: string representing the desired common name in the LDAP database
@type member_uid: string representing the member's user id in the LDAP database?
@type attributes: list of strings describing LDAP attributes. If this is
None (default), we return all the retrieved attributes
@returns: the matching LDAP entry as a dictionary, limited to the requested attributes.
"""
self.log.debug("group_search: cn = %s, member_uid = %s, requested attributes = %s"
% (cn, member_uid, attributes))
cn_filter = CnFilter(cn)
member_filter = MemberFilter(member_uid)
result = self.group_filter_search(cn_filter & member_filter, attributes)
self.log.debug("group_search for %s, %s yields %s" % (cn, member_uid, result))
if not result is None and len(result) > 0:
return result[0]
else:
self.log.debug("group_search returning None")
return None