コード例 #1
0
    def update(self, groupName=None, gidNumber=None,members=None,_dc=None):
        if not groupName:
            return "{failure:1,'text':'No group found'}"

        server = cherrypy.session['server']
        suffix = cherrypy.session['suffix']
        adminUser = cherrypy.session['username']
        adminPass = cherrypy.session['password']
        
        if not server or not suffix or not adminUser or not adminPass or not gidNumber:
            doLogout('You cannot be here')
            return "{failure:1,'info':'Access violation'"
    
        results = do_ldap_search("(&(objectclass=posixGroup)(cn=%s))" % (groupName))
        if len(results) < 1:
            return "{failure:1,'info':'Cannot find the required group'}"
        
        res=results[0][0][1]
        
        
        memberUid=[]
        uniqueMember=[]
        for x in members.split(","):
            if len(x)>0:
                memberUid.append(x)
                full_user = "******" % (x, suffix)
                uniqueMember.append(full_user)
        
        New={"cn":groupName,"gidNumber":gidNumber}
        if memberUid:
            if len(memberUid)>0:
                New["memberUid"] = memberUid
        if len(uniqueMember)>0:
            New['uniqueMember'] = uniqueMember
            
        Current={"cn":res['cn'][0], "gidNumber":res['gidNumber'][0]}
        if res.has_key('memberUid'):
            Current["memberUid"] = copy.copy(res['memberUid'])
        if res.has_key('uniqueMember'):
            Current['uniqueMember'] = copy.copy(res['uniqueMember'])
        if not "groupOfUniqueNames" in res['objectClass']:
            Current['objectClass'] = copy.copy(res['objectClass'])
            New['objectClass'] = copy.copy(res['objectClass'])
            New['objectClass'].append('groupOfUniqueNames')


        print Current
        print New
        DN='cn=%s,ou=Group,%s' % (res['cn'][0],suffix)
        
        if Current == New and not r:
            return "{success:1,info:'No changes needed'}"
        
        l = ldap.open(server)
        try:
            l.simple_bind_s(adminUser, adminPass)
        except ldap.LDAPError, e:
            err = parse_ldap_error(e)
            return "{failure:1,'info':'Bind: %s'}" % (err)
コード例 #2
0
    def add(self, role=None,sudohost=None,sudouser=None,sudogroup=None,sudocommands=None,sudooptions=None,_dc=None):

        server = cherrypy.session['server']
        suffix = cherrypy.session['suffix']
        adminUser = cherrypy.session['username']
        adminPass = cherrypy.session['password']
        if not server or not suffix or not adminUser or not adminPass:
            doLogout('You cannot be here')
            return "{failure:1,'info':'Access violation: you are not logged in or your session has expired'}"
        
        if sudogroup and not "Select" in sudogroup:
            sudouser="******" % (sudogroup)
            
        commands=[]
        for c in sudocommands.split(";"):
            if len(c)>1:
                commands.append(c)
        Options=[]
        for c in sudooptions.split(";"):
            if len(c)>1:
                Options.append(c)
        
        attrs={'cn':role,'objectClass': ['top','sudoRole']}
        if len(sudouser)>0:
            attrs['sudoUser'] = sudouser
        if len(commands)>0:
            attrs['sudoCommand'] = commands
        if len(Options)>0:
            attrs['sudoOption'] = Options

        hosts=[]
        for c in sudohost.split(","):
            if len(c)>1:
                hosts.append(c)

        if len(hosts)<1:
            hosts.append("ALL")
        attrs['sudoHost']=hosts
        
         
        DN="cn=%s,ou=SUDOers,%s" % (role, suffix)
        
        if not server or not suffix: return "{'failure':1,'info':'Missing server or suffix'}"
        l = ldap.open(server)
        try:
            l.simple_bind_s(adminUser, adminPass)
        except ldap.LDAPError, e:
            err = parse_ldap_error(e)
            return """{failure:1,info:"%s"}""" % (err)
コード例 #3
0
 def add(self, groupName=None, gidNumber=None,members=None,_dc=None):
     
     server = cherrypy.session['server']
     suffix = cherrypy.session['suffix']
     adminUser = cherrypy.session['username']
     adminPass = cherrypy.session['password']
     if not server or not suffix or not adminUser or not adminPass:
         doLogout('You cannot be here')
         return "{failure:1,'info':'Access violation: you are not logged in or your session has expired'}"
     
     if not server or not suffix: return "{'failure':1,'info':'Missing server or suffix'}"
     l = ldap.open(server)
     try:
         l.simple_bind_s(adminUser, adminPass)
     except ldap.LDAPError, e:
         err = parse_ldap_error(e)
         return "{'failure':1,'info':'%s'}" % (err)
コード例 #4
0
 def delete(self, hostname=None,ip=None,aliases=None,_dc=None):
     if not hostname or not ip: return "{'failure':1,'info':'Host not found'}"
     server = cherrypy.session['server']
     suffix = cherrypy.session['suffix']
     adminUser = cherrypy.session['username']
     adminPass = cherrypy.session['password']
     
     if not server or not suffix or not adminUser or not adminPass:
         doLogout('You cannot be here')
         return "{failure:1,'info':'Access violation'"
     
     l = ldap.open(server)
     try:
         l.simple_bind_s(adminUser, adminPass)
     except ldap.LDAPError, e:
         err = parse_ldap_error(e)
         return "{failure:1,'info':'%s'}" % (err)
コード例 #5
0
 def list(self, server=None, suffix=None, searchFilter=None,_dc=None,query=None):
     
     server = cherrypy.session['server']
     suffix = cherrypy.session['suffix']
     adminUser = cherrypy.session['username']
     adminPass = cherrypy.session['password']
     if not server or not suffix or not adminUser or not adminPass:
         doLogout('You cannot be here')
         return "{failure:1,'info':'Access violation: you are not logged in or your session has expired'}"
     
     print "==> Loading groups list\n\n"
     l = ldap.open(server)
     try:
         # l.simple_bind_s(adminUser, adminPass)
         l.simple_bind_s()
     except ldap.LDAPError, e:
         err = parse_ldap_error(e)
         return "{'failure':1,'text':'%s'}" % (err)
コード例 #6
0
 def delete(self,groupName=None,gidNumber=None,_dc=None):
     
     server = cherrypy.session['server']
     suffix = cherrypy.session['suffix']
     adminUser = cherrypy.session['username']
     adminPass = cherrypy.session['password']
     
     if not server or not suffix or not adminUser or not adminPass:
         doLogout('You cannot be here')
         return "{failure:1,'info':'Access violation'"
     
     if not groupName and not gidNumber: 
         return "{failure:1,'info':'Missing group name or GID'}"
     
     l = ldap.open(server)
     try:
         l.simple_bind_s(adminUser, adminPass)
     except ldap.LDAPError, e:
         err = parse_ldap_error(e)
         return "{failure:1,'info':'%s'}" % (err)
コード例 #7
0
    def update(self, hostname=None,ip=None,aliases=None,_dc=None):
        server = cherrypy.session['server']
        suffix = cherrypy.session['suffix']
        adminUser = cherrypy.session['username']
        adminPass = cherrypy.session['password']
        
        if not server or not suffix or not adminUser or not adminPass:
            doLogout('You cannot be here')
            return "{failure:1,'info':'Access violation'"
    
        if not hostname or not ip:
            return "{failure:1,'info':'Nothing to change'"
        results = do_ldap_search("(&(objectclass=ipHost)(cn=%s))" % (hostname))

        if len(results) < 1:
            return "{failure:1,'info':'Cannot find the required host'}"
        
        DN=results[0][0][0]
        res=results[0][0][1]
        if "ie:" in aliases: aliases=''

        hostAliases=[]
        for c in aliases.split(","):
            if len(c)>1:
                c = c.replace(" ","")
                hostAliases.append(c)
        if not hostname in hostAliases:
            hostAliases.append(hostname)
        
        Current={"cn":res['cn'],"ipHostNumber":res['ipHostNumber'][0]}
        New={"cn":hostAliases,"ipHostNumber":ip}
        
        if Current == New:
            return "{success:1,info:'No changes needed'}"
        
        l = ldap.open(server)
        try:
            l.simple_bind_s(adminUser, adminPass)
        except ldap.LDAPError, e:
            err = parse_ldap_error(e)
            return "{failure:1,'info':'Bind: %s'}" % (err)
コード例 #8
0
    def add(self, hostname=None,ip=None,aliases=None,_dc=None):

        server = cherrypy.session['server']
        suffix = cherrypy.session['suffix']
        adminUser = cherrypy.session['username']
        adminPass = cherrypy.session['password']
        if not server or not suffix or not adminUser or not adminPass:
            doLogout('You cannot be here')
            return "{failure:1,'info':'Access violation'"
        
        if not hostname or not ip:
            return "{failure:1,'info':'Hostname or IP address missing'"
        
        if "ie:" in aliases: aliases=''
        hostAliases=[]
        for c in aliases.split(","):
            if len(c)>1:
                c = c.replace(" ","")
                hostAliases.append(c)
        hostAliases.append(hostname)

        attrs={
               'cn':hostAliases,
               'objectClass': ['top','ipHost','device'],
               'ipHostNumber':ip,
               }
            
        DN="cn=%s+ipHostNumber=%s,ou=Hosts,%s" % (hostname,ip,suffix)
        
        
        l = ldap.open(server)
        try:
            l.simple_bind_s(adminUser, adminPass)
        except ldap.LDAPError, e:
            err = parse_ldap_error(e)
            return "{'failure':1,'info':'%s'}" % (err)
コード例 #9
0
            l.simple_bind_s(adminUser, adminPass)
        except ldap.LDAPError, e:
            err = parse_ldap_error(e)
            return "{failure:1,'info':'%s'}" % (err)

        if not groupName:
            groupName=getGroupDN(gidNumber)
        if len(groupName) < 2:
            return "{failure:1,'info':'Cannot identified group'}"
        
        deleteDN='cn=%s,ou=Group,%s' % (groupName,suffix)
        
        try:
            l.delete_s(deleteDN)
        except ldap.LDAPError, e:
            err = parse_ldap_error(e)
            return "{failure:1,'text':'%s'}" % (err)

        l.unbind_s()

        return """{success:1,'info':"Group %s deleted",group:"%s"}""" % (groupName,groupName)
    
    delete.exposed = True
    
    def list(self, server=None, suffix=None, searchFilter=None,_dc=None,query=None):
        
        server = cherrypy.session['server']
        suffix = cherrypy.session['suffix']
        adminUser = cherrypy.session['username']
        adminPass = cherrypy.session['password']
        if not server or not suffix or not adminUser or not adminPass:
コード例 #10
0
    def update(self, role=None,sudohost=None,sudouser=None,sudogroup=None,sudocommands=None,sudooptions=None,_dc=None):
        server = cherrypy.session['server']
        suffix = cherrypy.session['suffix']
        adminUser = cherrypy.session['username']
        adminPass = cherrypy.session['password']
        
        if not server or not suffix or not adminUser or not adminPass:
            doLogout('You cannot be here')
            return "{failure:1,'info':'Access violation'"

        sudorole=role
        results = do_ldap_search("(&(objectclass=SudoRole)(cn=%s))" % (sudorole))

        if not results:
            return "{failure:1,info:'Role not found'}"
        DN=results[0][0][0]
        res=results[0][0][1]

        if sudogroup and not "Select" in sudogroup:
            if "%" in sudogroup:
                sudouser="******" % (sudogroup)
            else:
                sudouser="******" % (sudogroup)

        if "Select" in sudouser:
            sudouser=''
        commands=[]
        for c in sudocommands.split(";"):
            if len(c)>1:
                commands.append(c)

        hosts=[]
        for c in sudohost.split(","):
            if len(c)>1:
                hosts.append(c)
        options=[]
        for c in sudooptions.split(";"):
            if len(c)>1:
                options.append(c)        
        
        Current={'cn':res['cn']}
        for k in ["sudoCommand", "sudoUser", "sudoOption","sudoHost"]:
            if res.has_key(k):
                Current[k] = res[k]

        New={'cn':role}
        if len(sudouser)>0:
            New['sudoUser'] = sudouser
        if len(commands)>0:
            New['sudoCommand'] = commands
        if len(options)>0:
            New['sudoOption'] = options
        
        if len(hosts)>0:
            New['sudoHost'] = hosts
        else:
            New['sudoHost'] = 'ALL'

        
        print "\n\n"
        print Current
        print "\n\n"
        print New
        print "\n\n"
        
        l = ldap.open(server)
        try:
            l.simple_bind_s(adminUser, adminPass)
        except ldap.LDAPError, e:
            err = parse_ldap_error(e)
            return """{failure:1,info:"%s"}""" % (err)