def updatePPolicy(self, ppolicyName): """ Update the pwdPolicySubentry attribute of the current user """ if self.hasPPolicy(): if not ppolicyName: return self.removePPolicy() else: # get the ppolicy dn ppolicyDN = PPolicy().getPPolicy(ppolicyName)[0] r = AF().log(PLUGIN_NAME, AA.PPOLICY_MOD_USER_PPOLICY, [(self.dn, AT.USER)]) try: self.l.modify_s( self.dn, [(ldap.MOD_REPLACE, 'pwdPolicySubentry', ppolicyDN)]) ppolicy_applied.send(sender=self, ppolicy_name=ppolicyName) r.commit() except ldap.UNDEFINED_TYPE: logger.error("Attribute %s isn't defined on ldap" % 'pwdPolicySubentry') except ldap.INVALID_SYNTAX: logger.error( "Invalid Syntax from the attribute value of %s on ldap" % 'pwdPolicySubentry') return True else: return self.addPPolicy(ppolicyName) return False
def addPPolicy(self, ppolicyName): """ Add the pwdPolicy and pwdPolicySubentry objectClass to the current user, and set the pwdPolicySubentry attribute to the select ppolicy DN """ if not self.hasPPolicy(): r = AF().log(PLUGIN_NAME, AA.PPOLICY_ADD_USER_PPOLICY, [(self.dn, AT.USER)]) # Get current user entry s = self.l.search_s(self.dn, ldap.SCOPE_BASE, attrlist=['+', '*']) c, old = s[0] new = copy.deepcopy(old) if not "pwdPolicy" in new["objectClass"]: new["objectClass"].append("pwdPolicy") new["pwdAttribute"] = "userPassword" new['pwdPolicySubentry'] = PPolicy().getPPolicy(ppolicyName)[0] # Update LDAP modlist = ldap.modlist.modifyModlist(old, new) self.l.modify_s(self.dn, modlist) r.commit() ppolicy_applied.send(sender=self, ppolicy_name=ppolicyName) return True return False
def addPPolicy(self, ppolicyName): """ Add the pwdPolicy and pwdPolicySubentry objectClass to the current user, and set the pwdPolicySubentry attribute to the select ppolicy DN """ if not self.hasPPolicy(): r = AF().log(PLUGIN_NAME, AA.PPOLICY_ADD_USER_PPOLICY, [(self.dn, AT.USER)]) # Get current user entry s = self.l.search_s(self.dn, ldap.SCOPE_BASE, attrlist=['+', '*']) c, old = s[0] new = copy.deepcopy(old) if not "pwdPolicy" in new["objectClass"]: new["objectClass"].append("pwdPolicy") new["pwdAttribute"] = "userPassword" new['pwdPolicySubentry'] = PPolicy().getPPolicy(ppolicyName)[0] # Update LDAP modlist = ldap.modlist.modifyModlist(old, new) self.l.modify_s(self.dn, modlist) r.commit() ppolicy_applied.send(sender=self, ppolicy_name=ppolicyName) return True return False
def updatePPolicy(self, ppolicyName): """ Update the pwdPolicySubentry attribute of the current user """ if self.hasPPolicy(): if not ppolicyName: return self.removePPolicy() else: # get the ppolicy dn ppolicyDN = PPolicy().getPPolicy(ppolicyName)[0] r = AF().log(PLUGIN_NAME, AA.PPOLICY_MOD_USER_PPOLICY, [(self.dn, AT.USER)]) try: self.l.modify_s(self.dn, [(ldap.MOD_REPLACE, 'pwdPolicySubentry', ppolicyDN)]) ppolicy_applied.send(sender=self, ppolicy_name=ppolicyName) r.commit() except ldap.UNDEFINED_TYPE: logger.error("Attribute %s isn't defined on ldap" % 'pwdPolicySubentry') except ldap.INVALID_SYNTAX: logger.error("Invalid Syntax from the attribute value of %s on ldap" % 'pwdPolicySubentry') return True else: return self.addPPolicy(ppolicyName) return False