def accountUnlockable(self, user, object_dn): index = PluginRegistry.getInstance("ObjectIndex") # Do we have read permissions for the requested attribute env = Environment.getInstance() topic = "%s.objects.%s.attributes.%s" % (env.domain, "User", "isLocked") aclresolver = PluginRegistry.getInstance("ACLResolver") if not aclresolver.check(user, topic, "r", base=object_dn): self.__log.debug( "user '%s' has insufficient permissions to read %s on %s, required is %s:%s" % (user, "isLocked", object_dn, topic, "r") ) raise ACLException(C.make_error("PERMISSION_ACCESS", topic, target=object_dn)) res = index.search({"dn": object_dn, "userPassword": {"$size": 1}}, {"userPassword": 1}) if res.count(): hsh = res[0]["userPassword"][0] else: # No password hash -> cannot lock/unlock account return False # Try to detect the responsible password method-class pwd_o = self.detect_method_by_hash(hsh) if not pwd_o: # Could not identify password method return False return pwd_o.isUnlockable(hsh)
def serve(self): """ Start AMQP service for this clacks service provider. """ # Load AMQP and Command registry instances amqp = PluginRegistry.getInstance('AMQPHandler') self.__cr = PluginRegistry.getInstance('CommandRegistry') # Create a list of queues we need here queues = {} for dsc in self.__cr.commands.values(): queues[dsc['target']] = True # Finally create the queues for queue in queues: # Add round robin processor for queue self.__cmdWorker = AMQPWorker(self.env, connection=amqp.getConnection(), r_address='%s.command.%s; { create:always, node:{ type:queue, x-bindings:[ { exchange:"amq.direct", queue:"%s.command.%s" } ] } }' % (self.env.domain, queue, self.env.domain, queue), workers=int(self.env.config.get('amqp.worker', default=1)), callback=self.commandReceived) # Add private processor for queue self.__cmdWorker = AMQPWorker(self.env, connection=amqp.getConnection(), r_address='%s.command.%s.%s; { create:always, delete:receiver, node:{ type:queue, x-bindings:[ { exchange:"amq.direct", queue:"%s.command.%s.%s" } ] } }' % (self.env.domain, queue, self.env.id, self.env.domain, queue, self.env.id), workers=int(self.env.config.get('amqp.worker', default=1)), callback=self.commandReceived) # Announce service if self.env.config.get("amqp.announce", default="True").lower() == "true": url = parseURL(self.env.config.get("amqp.url")) self.__zeroconf = ZeroconfService(name="Clacks RPC service", port=url['port'], stype="_%s._tcp" % url['scheme'], text=dict_to_txt_array({'path': self.env.domain, 'service': 'clacks'})) self.__zeroconf.publish() self.log.info("ready to process incoming requests")
def __dbus_proxy_monitor(self, bus_name): """ This method monitors the DBus service 'org.clacks' and whenever there is a change in the status (dbus closed/startet) we will take notice. And can register or unregister methods to the dbus """ if "org.clacks" in self.bus.list_names(): if self.clacks_dbus: del(self.clacks_dbus) self.clacks_dbus = self.bus.get_object('org.clacks', '/org/clacks/notify') ccr = PluginRegistry.getInstance('ClientCommandRegistry') ccr.register("notify", 'Notify.notify', [], \ ['user', 'title', 'message', 'timeout', 'icon'], \ 'Sent a notification to a given user') ccr.register("notify_all", 'Notify.notify_all', [], \ ['title', 'message', 'timeout', 'icon'], \ 'Sent a notification to a given user') amcs = PluginRegistry.getInstance('AMQPClientService') amcs.reAnnounce() self.log.info("established dbus connection") else: if self.clacks_dbus: del(self.clacks_dbus) # Trigger resend of capapability event ccr = PluginRegistry.getInstance('ClientCommandRegistry') ccr.unregister("notify") ccr.unregister("notify_all") amcs = PluginRegistry.getInstance('AMQPClientService') amcs.reAnnounce() self.log.info("lost dbus connection") else: self.log.info("no dbus connection")
def __dbus_proxy_monitor(self, bus_name): """ This method monitors the DBus service 'org.clacks' and whenever there is a change in the status (dbus closed/startet) we will take notice. And can register or unregister methods to the dbus """ if "org.clacks" in self.bus.list_names(): if self.clacks_dbus: del(self.clacks_dbus) # Trigger resend of capapability event self.clacks_dbus = self.bus.get_object('org.clacks', '/org/clacks/inventory') ccr = PluginRegistry.getInstance('ClientCommandRegistry') ccr.register("request_inventory", 'Inventory.request_inventory', [], ['old_checksum=None'], 'Request client inventory information') amcs = PluginRegistry.getInstance('AMQPClientService') amcs.reAnnounce() self.log.info("established dbus connection") else: if self.clacks_dbus: del(self.clacks_dbus) # Trigger resend of capapability event ccr = PluginRegistry.getInstance('ClientCommandRegistry') ccr.unregister("request_inventory") amcs = PluginRegistry.getInstance('AMQPClientService') amcs.reAnnounce() self.log.info("lost dbus connection") else: self.log.info("no dbus connection")
def setSambaPassword(self, user, object_dn, password): """ Set a new samba-password for a user """ # Do we have read permissions for the requested attribute env = Environment.getInstance() topic = "%s.objects.%s.attributes.%s" % (env.domain, "User", "sambaNTPassword") aclresolver = PluginRegistry.getInstance("ACLResolver") if not aclresolver.check(user, topic, "w", base=object_dn): self.__log.debug( "user '%s' has insufficient permissions to write %s on %s, required is %s:%s" % (user, "isLocked", object_dn, topic, "w") ) raise ACLException(C.make_error("PERMISSION_ACCESS", topic, target=object_dn)) topic = "%s.objects.%s.attributes.%s" % (env.domain, "User", "sambaLMPassword") aclresolver = PluginRegistry.getInstance("ACLResolver") if not aclresolver.check(user, topic, "w", base=object_dn): self.__log.debug( "user '%s' has insufficient permissions to write %s on %s, required is %s:%s" % (user, "isLocked", object_dn, topic, "w") ) raise ACLException(C.make_error("PERMISSION_ACCESS", topic, target=object_dn)) # Set the password and commit the changes lm, nt = smbpasswd.hash(password) user = ObjectProxy(object_dn) user.sambaNTPassword = nt user.sambaLMPassword = lm user.commit()
def __dbus_proxy_monitor(self, bus_name): """ This method monitors the DBus service 'org.clacks' and whenever there is a change in the status (dbus closed/startet) we will take notice. And can stop or restart singature checking. """ if "org.clacks" in self.bus.list_names(): if self.clacks_dbus: del(self.clacks_dbus) self.clacks_dbus = self.bus.get_object('org.clacks', '/org/clacks/shell') self.clacks_dbus.connect_to_signal("_signatureChanged", self.__signatureChanged_received, dbus_interface="org.clacks") self.log.info("established dbus connection") self.__signatureChanged_received(None) # Trigger resend of capapability event ccr = PluginRegistry.getInstance('ClientCommandRegistry') ccr.register("listDBusMethods", 'DBUSProxy.listDBusMethods', [], [], 'This method lists all callable dbus methods') ccr.register("callDBusMethod", 'DBUSProxy.callDBusMethod', [], ['method', '*args'], \ 'This method allows to access registered dbus methods by forwarding methods calls') amcs = PluginRegistry.getInstance('AMQPClientService') amcs.reAnnounce() else: if self.clacks_dbus: del(self.clacks_dbus) self.__signatureChanged_received(None) self.log.info("lost dbus connection") # Trigger resend of capapability event ccr = PluginRegistry.getInstance('ClientCommandRegistry') ccr.unregister("listDBusMethods") ccr.unregister("callDBusMethod") amcs = PluginRegistry.getInstance('AMQPClientService') amcs.reAnnounce() else: self.log.info("no dbus connection")
def _convert_to_unicodestring(self, value): rom = PluginRegistry.getInstance("JSONRPCObjectMapper") cr = PluginRegistry.getInstance("CommandRegistry") new_value = [] for item in value: uuid = item["__jsonclass__"][1][1] new_value.append(rom.dispatchObjectMethod(uuid, "dump")) cr.call("closeObject", uuid) return new_value
def searchForObjectDetails(self, user, extension, attribute, fltr, attributes, skip_values): """ Search selectable items valid for the attribute "extension.attribute". This is used to add new groups to the users groupMembership attribute. """ # Extract the the required information about the object # relation out of the BackendParameters for the given extension. of = ObjectFactory.getInstance() be_data = of.getObjectBackendParameters(extension, attribute) if not be_data: raise GOsaException(C.make_error("BACKEND_PARAMETER_MISSING", extension=extension, attribute=attribute)) # Collection basic information otype, oattr, foreignMatchAttr, matchAttr = be_data[attribute] #@UnusedVariable # Create a list of attributes that will be requested if oattr not in attributes: attributes.append(oattr) attrs = dict([(x, 1) for x in attributes]) if not "dn" in attrs: attrs.update({'dn': 1}) # Start the query and brind the result in a usable form index = PluginRegistry.getInstance("ObjectIndex") res = index.search({ '$or': [{'_type': otype}, {'_extensions': otype}], oattr: re.compile("^.*" + re.escape(fltr) + ".*$") }, attrs) result = [] # Do we have read permissions for the requested attribute env = Environment.getInstance() topic = "%s.objects.%s" % (env.domain, otype) aclresolver = PluginRegistry.getInstance("ACLResolver") for entry in res: if not aclresolver.check(user, topic, "s", base=entry['dn']): continue item = {} for attr in attributes: if attr in entry and len(entry[attr]): item[attr] = entry[attr] if attr == "dn" else entry[attr][0] else: item[attr] = "" item['__identifier__'] = item[oattr] # Skip values that are in the skip list if skip_values and item['__identifier__'] in skip_values: continue result.append(item) return result
def resolve(self, number): number = self.replaceNumber(number) index = PluginRegistry.getInstance("ObjectIndex") res = index.search({"_type": "User", "telephoneNumber": str(number)}, {"dn": 1}) if res.count() != 1: res = index.search({"_type": "User", "uid": str(number)}, {"dn": 1}) if res.count() == 1: obj = ObjectProxy(res[0]["dn"]) result = { "company_id": "", "company_name": "Intern", "company_phone": "", "company_detail_url": "", "contact_id": obj.uid, "contact_name": obj.cn, "contact_phone": obj.telephoneNumber[0], "contact_detail_url": "", "avatar": obj.jpegPhoto.get() if obj.jpegPhoto else None, "ldap_uid": obj.uid, "resource": "ldap", } return result return None
def serve(self): # Collect value extenders self.__value_extender = clacks.agent.objects.renderer.get_renderers() self.__search_aid = PluginRegistry.getInstance("ObjectIndex").get_search_aid() # Load DB instance self.db = self.env.get_mongo_db('clacks')
def extensionExists(self, userid, dn, etype): index = PluginRegistry.getInstance("ObjectIndex") res = index.search({'_type': 'User', 'dn': dn}, {'_extensions': 1}) if not res.count(): raise GOsaException(C.make_error("UNKNOWN_USER", userid)) return etype in res[0]['_extensions'] if '_extensions' in res[0] else False
def serve(self): """ Start the scheduler service. """ self.sched.start() # Start migration job self.sched.add_interval_job(self.migrate, seconds=60, tag="_internal", jobstore="ram") # Notify others about local scheduler job changes self.sched.add_listener( self.__notify, EVENT_JOBSTORE_JOB_REMOVED | EVENT_JOBSTORE_JOB_ADDED | EVENT_JOB_EXECUTED ) # Get notified by others about remote job changes amqp = PluginRegistry.getInstance("AMQPHandler") EventConsumer( self.env, amqp.getConnection(), xquery=""" declare namespace f='http://www.gonicus.de/Events'; let $e := ./f:Event return $e/f:SchedulerUpdate and $e/f:Id != '%s' """ % self.env.id, callback=self.__eventProcessor, )
def setUserPassword(self, user, object_dn, password): """ Set a new password for a user """ # Do we have read permissions for the requested attribute env = Environment.getInstance() topic = "%s.objects.%s.attributes.%s" % (env.domain, "User", "userPassword") aclresolver = PluginRegistry.getInstance("ACLResolver") if not aclresolver.check(user, topic, "w", base=object_dn): self.__log.debug( "user '%s' has insufficient permissions to write %s on %s, required is %s:%s" % (user, "isLocked", object_dn, topic, "w") ) raise ACLException(C.make_error("PERMISSION_ACCESS", topic, target=object_dn)) user = ObjectProxy(object_dn) method = user.passwordMethod # Try to detect the responsible password method-class pwd_o = self.get_method_by_method_type(method) if not pwd_o: raise PasswordException(C.make_error("PASSWORD_UNKNOWN_HASH", type=method)) # Generate the new password hash usind the detected method pwd_str = pwd_o.generate_password_hash(password, method) # Set the password and commit the changes user.userPassword = pwd_str user.commit()
def lockAccountPassword(self, user, object_dn): """ Locks the account password for the given DN """ # Do we have read permissions for the requested attribute env = Environment.getInstance() topic = "%s.objects.%s.attributes.%s" % (env.domain, "User", "userPassword") aclresolver = PluginRegistry.getInstance("ACLResolver") if not aclresolver.check(user, topic, "w", base=object_dn): self.__log.debug( "user '%s' has insufficient permissions to write %s on %s, required is %s:%s" % (user, "isLocked", object_dn, topic, "w") ) raise ACLException(C.make_error("PERMISSION_ACCESS", topic, target=object_dn)) # Get the object for the given dn user = ObjectProxy(object_dn) # Check if there is a userPasswort available and set if not "userPassword" in user.get_attributes(): raise PasswordException(C.make_error("PASSWORD_NO_ATTRIBUTE")) if not user.userPassword: raise PasswordException(C.make_error("PASSWORD_NOT_AVAILABLE")) # Try to detect the responsible password method-class pwd_o = self.detect_method_by_hash(user.userPassword) if not pwd_o: raise PasswordException(C.make_error("PASSWORD_METHOD_UNKNOWN")) # Lock the hash and save it user.userPassword = pwd_o.lock_account(user.userPassword) user.commit()
def get_adjusted_parent_dn(self, dn=None): index = PluginRegistry.getInstance("ObjectIndex") tdn = [] pdn = self.get_parent_dn(dn) # Skip base if len(pdn) < len(self.__env.base): return pdn while True: if pdn == self.__env.base or len(pdn) < len(self.__env.base): break # Fetch object type for pdn ptype = index.search({"dn": pdn}, {'_type': 1})[0]['_type'] schema = self.__factory.getXMLSchema(ptype) if not ("StructuralInvisible" in schema.__dict__ and schema.StructuralInvisible == True): #tdn.insert(0, str2dn(pdn.encode('utf-8'))[0]) tdn.append(str2dn(pdn.encode('utf-8'))[0]) pdn = self.get_parent_dn(pdn) tdn = str2dn(self.__env.base.encode('utf-8'))[::-1] + tdn[::-1] return dn2str(tdn[::-1]).decode('utf-8')
def resolve(self, number): number = self.replaceNumber(number) index = PluginRegistry.getInstance("ObjectIndex") res = index.search({'_type': 'User', 'telephoneNumber': str(number)}, {'dn': 1}) if res.count() == 1: obj = ObjectProxy(res[0]['dn']) result = { 'company_id': '', 'company_name': 'Intern', 'company_phone': '', 'company_detail_url': '', 'contact_id': obj.uid, 'contact_name': obj.cn, 'contact_phone': obj.telephoneNumber[0], 'contact_detail_url': '', 'avatar': obj.jpegPhoto.get() if obj.jpegPhoto else None, 'ldap_uid': obj.uid, 'resource': 'ldap', } return result return None
def remove(self, recursive=False): """ Removes the currently proxied object. """ # Check ACLs # We need the 'd' right for the current base-object and all its active extensions to be able to remove it. if self.__current_user is not None: required_acl_objects = [self.__base_type] + [ext for ext, item in self.__extensions.items() if item is not None] for ext_type in required_acl_objects: topic = "%s.objects.%s" % (self.__env.domain, ext_type) if not self.__acl_resolver.check(self.__current_user, topic, "d", base=self.dn): self.__log.debug("user '%s' has insufficient permissions to remove %s, required is %s:%s" % ( self.__current_user, self.__base.dn, topic, 'd')) raise ACLException(C.make_error('PERMISSION_REMOVE', target=self.__base.dn)) zope.event.notify(ObjectChanged("pre object remove", self.__base)) if recursive: # Load all children and remove them, starting from the most # nested ones. index = PluginRegistry.getInstance("ObjectIndex") children = index.search({"dn": re.compile("^(.*,)?" + re.escape(self.__base.dn) + "$")}, {'dn': 1}) children = [c['dn'] for c in children] children.sort(key=len, reverse=True) for child in children: c_obj = ObjectProxy(child) c_obj.remove(recursive=True) else: # Test if we've children index = PluginRegistry.getInstance("ObjectIndex") if index.search({"dn": re.compile("^(.*,)" + re.escape(self.__base.dn) + "$")}, {'dn': 1}).count(): raise ProxyException(C.make_error('OBJECT_HAS_CHILDREN', target=self.__base.dn)) for extension in [e for e in self.__extensions.values() if e]: extension.remove_refs() extension.retract() self.__base.remove_refs() self.__base.remove() zope.event.notify(ObjectChanged("post object remove", self.__base))
def listObjectOIDs(self): """ Provide a list of domain wide available object OIDs. ``Return:`` list """ cr = PluginRegistry.getInstance('CommandRegistry') return cr.objects.keys()
def shutdown(a=None, b=None): """ Function to shut down the agent. Do some clean up and close sockets.""" global dr amqp = PluginRegistry.getInstance("AMQPHandler") # Tell others that we're away now if hasattr(amqp, 'env'): e = EventMaker() goodbye = e.Event(e.NodeLeave(e.Id(amqp.env.id))) amqp.sendEvent(goodbye) # Shutdown plugins PluginRegistry.shutdown() dr.stop() logging.info("shut down") logging.shutdown()
def __notify(self, event=None): # Don't send events for internal job changes if event and event.job.tag == "_internal": return e = EventMaker() notify = e.Event(e.SchedulerUpdate(e.Id(self.env.id))) amqp = PluginRegistry.getInstance("AMQPHandler") amqp.sendEvent(notify)
def __get_proxy_by_oid(self, oid): # Choose a possible node cr = PluginRegistry.getInstance('CommandRegistry') nodes = cr.get_load_sorted_nodes() provider = None # Get first match that is a provider for this object for provider in nodes.keys(): if provider in cr.objects[oid]: break if not provider in self.__proxy: env = Environment.getInstance() queue = '%s.core.%s' % (env.domain, provider) amqp = PluginRegistry.getInstance("AMQPHandler") self.__proxy[provider] = AMQPServiceProxy(amqp.url['source'], queue) return self.__proxy[provider]
def serve(self): """ This method registeres all known methods to the command registry. """ # Register ourselfs for bus changes on org.clacks self.bus.watch_name_owner("org.clacks", self.__dbus_proxy_monitor) ccr = PluginRegistry.getInstance('ClientCommandRegistry') for name in self.methods.keys(): ccr.register(name, 'DBUSProxy.callDBusMethod', [name], ['(signatur)'], 'docstring')
def process(self, obj, key, valDict, sid): index = PluginRegistry.getInstance("ObjectIndex") sids = index.search({'_type': 'SambaDomain'}, {'sambaSID': 1, 'sambaDomainName': 1}) for item in sids: if re.match("^" + re.escape(item['sambaSID'][0]) + "\-[0-9]*$", sid): valDict[key]['value'] = [item['sambaDomainName'][0]] return key, valDict return key, valDict
def reload_signatures(self): """ Reloads the dbus signatures. """ to_register = {} to_unregister = {} if not self.clacks_dbus: self.log.debug("no dbus service registered for '%s' - is clacks-dbus running?" % ("org.clacks")) to_unregister = self.methods self.methods = {} else: try: self.log.debug('loading dbus-methods registered by clacks (introspection)') new_methods = self._call_introspection("org.clacks", "/") # Detect new methods for meth in new_methods: if meth not in self.methods or self.methods[meth]['args'] != new_methods[meth]['args']: to_register[meth] = new_methods[meth] # Find removed methods for meth in self.methods: if not meth in new_methods: to_unregister[meth] = self.methods[meth] self.methods = new_methods self.log.debug("found %s registered dbus methods" % (str(len(self.methods)))) except DBusException as exception: self.log.debug("failed to load dbus methods: %s" % (str(exception))) # (Re-)register the methods we've found ccr = PluginRegistry.getInstance('ClientCommandRegistry') for name in to_register: ccr.register(name, 'DBUSProxy.callDBusMethod', [name], ['(signatur)'], 'docstring') for name in to_unregister: ccr.unregister(name) # Trigger resend of capapability event amcs = PluginRegistry.getInstance('AMQPClientService') amcs.reAnnounce()
def __has_access_to(self, user, object_dn, object_type, attr): """ Checks whether the given user has access to the given object/attribute or not. """ aclresolver = PluginRegistry.getInstance("ACLResolver") if user: topic = "%s.objects.%s.attributes.%s" % (self.env.domain, object_type, attr) return aclresolver.check(user, topic, "r", base=object_dn) else: return True
def process(self, req, environ): # Check if we're authenticated if not self.check_cookie(environ): raise exc.HTTPUnauthorized( "Please use the login method to authorize yourself.", allow='POST').exception # Strip leading part of the path path = environ['PATH_INFO'][len(self.__path):].strip(os.sep) # Extract cache entry uuid, attribute, index and subindex try: uuid, attribute, index, subindex = path.split(os.sep) except: raise exc.HTTPNotFound().exception # Check if we're authorized info = extract_cookie("ClacksRPC", self.__secret, environ['HTTP_COOKIE']) # Query type and dn from uuid tmp = self.db.index.find_one({'_uuid': uuid}, {'dn': 1, '_type': 1}) if not tmp: raise exc.HTTPNotFound().exception aclresolver = PluginRegistry.getInstance("ACLResolver") topic = "%s.objects.%s.attributes.%s" % (self.env.domain, tmp['_type'], attribute) if not aclresolver.check(info['REMOTE_USER'], topic, "r", base=tmp['dn']): raise exc.HTTPForbidden().exception # Remove extension from subindex subindex = os.path.splitext(subindex)[0] # Load the cached binary data and serve it data = self.db.cache.find_one({'uuid': uuid, 'attribute': attribute, subindex: {'$exists': True}, "%s.%s" % (subindex, index): {'$exists': True}}, {subindex: 1, 'modified': 1}) if not data: raise exc.HTTPNotFound().exception # Tell the client that we've no modification? lm = req.headers.get('If-Modified-Since') if lm: lm = datetime(*rfc822.parsedate(lm)[0:6]) if data['modified'] > lm: raise exc.HTTPNotModified().exception resp = Response( content_type='image/jpeg', body=str(data[subindex][int(index)])) resp.cache_control.max_age = 3600 resp.cache_control.private = 1 resp.last_modified = data['modified'] return resp
def process(self, all_props, key, value, objectType): errors = [] index = PluginRegistry.getInstance("ObjectIndex") for dn in value: if not index.search({'_type': objectType, 'dn': dn}, {'dn': 1}).count(): errors.append(dict(index=value.index(dn), detail=N_("DN '%(dn)s' does not exist"), dn=dn)) return len(errors) == 0, errors
def getUserDetails(self, userid): index = PluginRegistry.getInstance("ObjectIndex") res = index.search({'_type': 'User', 'uid': userid}, {'sn': 1, 'givenName': 1, 'cn': 1, 'dn': 1, '_uuid': 1}) if not res.count(): raise GOsaException(C.make_error("UNKNOWN_USER", userid)) return({'sn': res[0]['sn'][0], 'givenName': res[0]['givenName'][0], 'dn': res[0]['dn'], 'uuid': res[0]['_uuid'], 'cn': res[0]['cn'][0]})
def getObjectDetails(self, extension, attribute, names, attributes): """ This method is used to complete object information shown in the gui. e.g. The groupMembership table just knows the groups cn attribute. To be able to show the description too, it uses this method. #TODO: @fabian - this function is about 95% the same than the one # above. """ # Extract the the required information about the object # relation out of the BackendParameters for the given extension. of = ObjectFactory.getInstance() be_data = of.getObjectBackendParameters(extension, attribute) if not be_data: raise GOsaException(C.make_error("BACKEND_PARAMETER_MISSING", extension=extension, attribute=attribute)) # Collection basic information otype, oattr, foreignMatchAttr, matchAttr = be_data[attribute] #@UnusedVariable # Create a list of attributes that will be requested if oattr not in attributes: attributes.append(oattr) attrs = dict([(x, 1) for x in attributes]) # Start the query and brind the result in a usable form index = PluginRegistry.getInstance("ObjectIndex") res = index.search({ '$or': [{'_type': otype}, {'_extensions': otype}], oattr: {'$in': names} }, attrs) result = {} mapping = {} for entry in names: _id = len(result) mapping[entry] = _id result[_id] = None for entry in res: item = {} for attr in attributes: if attr in entry and len(entry[attr]): item[attr] = entry[attr] if attr == 'dn' else entry[attr][0] else: item[attr] = "" _id = mapping[item[oattr]] result[_id] = item return {"result": result, "map": mapping}
def check_cookie(self): if "Cookie" in self.request.headers: info = extract_cookie("ClacksRPC", self.__secret, self.request.headers['Cookie']) # The cookie seems to be valid - check the session id if info: jsrpc = PluginRegistry.getInstance("JSONRPCService") return jsrpc.check_session(info['REMOTE_SESSION'], info['REMOTE_USER']) return False return False