class Constants(Constants.Constants):
# affiliation tilknyttet
affiliation_tilknyttet = _PersonAffiliationCode(
'TILKNYTTET', 'Assosiert, reg. i kildesystem')
# affiliation for FI
affiliation_status_tilknyttet_fi = _PersonAffStatusCode(
affiliation_tilknyttet, 'fi', 'Manuelt registrert, forsvarsinst.')
# affiliation for pensjonister
affiliation_status_tilknyttet_pensjonist = _PersonAffStatusCode(
affiliation_tilknyttet, 'pensjonist',
'Manuelt registrert, pensjonist.')
# affiliation for park og idrett
affiliation_status_tilknyttet_park = _PersonAffStatusCode(
affiliation_tilknyttet, 'park-idrett',
'Manuelt registrert, park og idrett.')
# Spread definitions - user related
spread_ad_account = _SpreadCode('account@ad',
Constants.Constants.entity_account,
'Brukeren kjent i AD ved NiH')
spread_exchange_account = _SpreadCode('account@exchange',
Constants.Constants.entity_account,
'Brukeren kjent i AD ved NiH')
# Spread definitions - group related
spread_ad_group = _SpreadCode('group@ad', Constants.Constants.entity_group,
'Gruppe kjent i AD ved NiH')
spread_exch_group = _SpreadCode('group@exchange',
Constants.Constants.entity_group,
'Gruppe kjent i Exchange ved NiH')
spread_lms_group = _SpreadCode('group@lms',
Constants.Constants.entity_group,
'Gruppe kjent i LMSen til NiH')
def main():
try:
opts, args = getopt.getopt(sys.argv[1:], 'm:', [
'help', 'user_spread=', 'url=', 'dryrun', 'ad-ldap=',
'delete', 'group_spread=', 'logger-level=', 'logger-name='])
except getopt.GetoptError:
usage(1)
dryrun = False
delete_objects = False
user_spread = None
group_spread = None
ad_ldap = cereconf.AD_LDAP
ad_mod = cereconf.AD_DEFAULT_SYNC
for opt, val in opts:
if opt in ('--help',):
usage()
elif opt in ('--dryrun',):
dryrun = True
elif opt in ('--delete',):
delete_objects = True
elif opt in ('--ad-ldap',):
ad_ldap = val
elif opt in ('--url',):
url = val
elif opt in ('-m',):
ad_mod = val
elif opt == '--user_spread':
user_spread = _SpreadCode(val)
elif opt == '--group_spread':
group_spread = _SpreadCode(val)
fullsync(ad_mod, url, user_spread, group_spread, dryrun=dryrun,
delete_objects=delete_objects, ad_ldap=ad_ldap)
class Constants(Constants.Constants):
## Spread definitions - user related
# AD Ansatte
spread_ad_account = _SpreadCode(
'account@ad', Constants.Constants.entity_account,
'Account included in domain in Active Directory')
spread_ad_group = _SpreadCode(
'group@ad', Constants.Constants.entity_group,
'Group included in domain in Active Directory')
class Constants(Constants.Constants):
## employees - affiliation definition
affiliation_ansatt = _PersonAffiliationCode('ANSATT', 'Ansatt ved HiH')
## affiliations for others
affiliation_manuell = _PersonAffiliationCode(
'MANUELL', ('Tilknyttet HiH uten å være registrert i et av de'
' autoritative kildesystemene'))
affiliation_status_manuell_inaktiv = _PersonAffStatusCode(
affiliation_manuell, 'inaktiv',
'Person uten ekte tilknytning til HiH. Bruk med forsiktighet!')
## Spread definitions - user related
# AD/Exchange Ansatte
spread_ad_account_ans = _SpreadCode(
'account@ad_ans', Constants.Constants.entity_account,
'Brukeren kjent i ansattdomenet i AD ved HiH')
spread_exchange_account_ans = _SpreadCode(
'account@ex_ans', Constants.Constants.entity_account,
'Exchange-enabled account i ansattdomenet ved HiH')
# AD/Exchange Studenter
spread_ad_account_stud = _SpreadCode(
'account@ad_stud', Constants.Constants.entity_account,
'Brukeren kjent i studentdomenet i AD ved HiH')
spread_exchange_account_stud = _SpreadCode(
'account@ex_stud', Constants.Constants.entity_account,
'Exchange-enabled account i studentdomenet ved HiH')
## Spread definitions - group related
# AD/Exchange Ansatte
spread_ad_group_ans = _SpreadCode(
'group@ad_ans', Constants.Constants.entity_group,
'Gruppe kjent i ansattdomenet i AD ved HiH')
spread_exchange_group_ans = _SpreadCode(
'group@ex_ans', Constants.Constants.entity_group,
'Gruppe kjent i ansattdomenet i Exchange ved HiH')
# AD/Exchange Studenter
spread_ad_group_stud = _SpreadCode(
'group@ad_stud', Constants.Constants.entity_group,
'Gruppe kjent i studentdomenet i AD ved HiH')
spread_exchange_group_stud = _SpreadCode(
'group@ex_stud', Constants.Constants.entity_group,
'Gruppe kjent i studentdomenet i Exchange ved HiH')
## Spread definitions - person related
spread_adgang_person = _SpreadCode(
'person@adgang', Constants.Constants.entity_person,
'Person kjent i adgangssystemet til HiH')
spread_adgang_group = _SpreadCode(
'group@adgang', Constants.Constants.entity_group,
'Gruppe kjent i adgangssystemet til HiH')
## External IDs - person related
externalid_bewatorid = _EntityExternalIdCode(
'Bewator', Constants.Constants.entity_person, "Bewator ID for person")
class Constants(Constants.Constants):
# employees - affiliation definition
affiliation_ansatt = _PersonAffiliationCode('ANSATT', 'Ansatt ved NMH')
# affiliations for employees
affiliation_status_ansatt_ovlaerer = _PersonAffStatusCode(
affiliation_ansatt, 'ans_ovlaerer', 'Ansatt ved NMH, øvingslærer.')
# affiliations for others
affiliation_manuell = _PersonAffiliationCode(
'MANUELL', ('Tilknyttet NMH uten å være registrert i et av de'
' autoritative kildesystemene'))
affiliation_status_manuell_inaktiv = _PersonAffStatusCode(
affiliation_manuell, 'inaktiv',
'Person uten ekte tilknytning til NMH. Bruk med forsiktighet!')
# Spread definitions - user related
spread_ad_account = _SpreadCode('account@ad',
Constants.Constants.entity_account,
'Brukeren kjent i AD ved NMH')
spread_exchange_account = _SpreadCode('account@exchange',
Constants.Constants.entity_account,
'Brukeren kjent i AD ved NMH')
# Spread definitions - group related
spread_ad_group = _SpreadCode('group@ad', Constants.Constants.entity_group,
'Gruppe kjent i AD ved NMH')
spread_lms_group = _SpreadCode('group@lms',
Constants.Constants.entity_group,
'Gruppe kjent i LMSen til NMH')
# Spread definitions - person relates
spread_adgang_person = _SpreadCode(
'person@adgang', Constants.Constants.entity_person,
'Person kjent i adgangssystemet til NMH')
# Traits for fagområde
trait_fagomrade_fagfelt = _EntityTraitCode(
'fagfelt', Constants.Constants.entity_person,
'Trait registering part of fagområde: fagfelt')
trait_fagomrade_instrument = _EntityTraitCode(
'instrument', Constants.Constants.entity_person,
'Trait registering part of fagområde: instrument')
# Trait for fagmiljø
trait_fagmiljo = _EntityTraitCode('fagmiljo',
Constants.Constants.entity_person,
'Trait registering fagmiljø')
def main():
try:
opts, args = getopt.getopt(sys.argv[1:], 'm:', [
'help', 'user_spread=', 'url=', 'dryrun', 'ad-ldap=', 'delete',
'group_spread=', 'logger-level=', 'logger-name='
])
except getopt.GetoptError:
usage(1)
dryrun = False
delete_objects = False
user_spread = None
group_spread = None
ad_ldap = cereconf.AD_LDAP
ad_mod = cereconf.AD_DEFAULT_SYNC
for opt, val in opts:
if opt in ('--help', ):
usage()
elif opt in ('--dryrun', ):
dryrun = True
elif opt in ('--delete', ):
delete_objects = True
elif opt in ('--ad-ldap', ):
ad_ldap = val
elif opt in ('--url', ):
url = val
elif opt in ('-m', ):
ad_mod = val
elif opt == '--user_spread':
user_spread = _SpreadCode(val)
elif opt == '--group_spread':
group_spread = _SpreadCode(val)
fullsync(ad_mod,
url,
user_spread,
group_spread,
dryrun=dryrun,
delete_objects=delete_objects,
ad_ldap=ad_ldap)
def _populate_ou2spread(self):
"""Make a dict with all OUs and their derived spread from
OU2ACCOUNT_SPREADS. Used for OU->account spread settings."""
if self.ou2spread:
return
self._make_str2const()
self.ou2spread = dict()
ou = Factory.get("OU")(self.db)
for row in ou.list_entity_spreads(self._co.entity_ou):
ou_spread_str = str(_SpreadCode(int(row["spread"])))
if not procconf.OU2ACCOUNT_SPREADS.has_key(ou_spread_str):
continue
acc_spread_str = procconf.OU2ACCOUNT_SPREADS[ou_spread_str]
self.ou2spread.setdefault(row["entity_id"], []).append(self.str2const[acc_spread_str])
def _populate_ou2spread(self):
"""Make a dict with all OUs and their derived spread from
OU2ACCOUNT_SPREADS. Used for OU->account spread settings."""
if self.ou2spread:
return
self._make_str2const()
self.ou2spread = dict()
ou = Factory.get('OU')(self.db)
for row in ou.list_entity_spreads(self._co.entity_ou):
ou_spread_str = text_type(_SpreadCode(int(row['spread'])))
if ou_spread_str not in procconf.OU2ACCOUNT_SPREADS:
continue
acc_spread_str = procconf.OU2ACCOUNT_SPREADS[ou_spread_str]
self.ou2spread.setdefault(row['entity_id'], []).append(
self.str2const[acc_spread_str])
def _populate_ou2spread(self):
"""Make a dict with all OUs and their derived spread from
OU2ACCOUNT_SPREADS. Used for OU->account spread settings."""
if self.ou2spread:
return
self._make_str2const()
self.ou2spread = dict()
ou = Factory.get('OU')(self.db)
for row in ou.list_entity_spreads(self._co.entity_ou):
ou_spread_str = text_type(_SpreadCode(int(row['spread'])))
if ou_spread_str not in procconf.OU2ACCOUNT_SPREADS:
continue
acc_spread_str = procconf.OU2ACCOUNT_SPREADS[ou_spread_str]
self.ou2spread.setdefault(row['entity_id'], []).append(
self.str2const[acc_spread_str]
)
class Constants(Constants.Constants):
system_fs_derived = _AuthoritativeSystemCode('FS-auto',
'Utledet av FS data')
system_pbx = _AuthoritativeSystemCode('PBX', 'PBX')
# AFFILIATIONS FOR ANSATTE
affiliation_ansatt = ConstantsHigherEdu.affiliation_ansatt
affiliation_status_ansatt_manuell = _PersonAffStatusCode(
affiliation_ansatt, 'ans_manuell', 'Ansatt, manuell import')
affiliation_status_ansatt_primaer = _PersonAffStatusCode(
affiliation_ansatt, 'primaer', 'Primærtilknytning for SAP ansatte')
# AFFILIATIONS FOR STUDENTER
affiliation_student = ConstantsHigherEdu.affiliation_student
affiliation_status_student_manuell = _PersonAffStatusCode(
affiliation_student, 'stud_manuell', 'Student, manuell import')
affiliation_status_student_tilbud = _PersonAffStatusCode(
affiliation_student, 'tilbud', 'Student, tilbud')
# AFFILIATIONS FOR ASSOSIERTE PERSONER
affiliation_tilknyttet = ConstantsUniversityColleges.affiliation_tilknyttet
affiliation_status_tilknyttet_feide = _PersonAffStatusCode(
affiliation_tilknyttet, 'feide',
'Personer uten reg. i kildesystem som må ha tilgang til '
'FEIDE-baserte tjenester')
affiliation_status_tilknyttet_ekstern = _PersonAffStatusCode(
affiliation_tilknyttet, 'ekstern', 'Registrert i HR, ekstern tilsatt')
# AFFILIATIONS FOR ANDRE
affiliation_manuell = _PersonAffiliationCode(
'MANUELL', ('Tilknyttet UiA uten å være registrert i et av de'
' autoritative kildesystemene'))
affiliation_status_manuell_ekstern = _PersonAffStatusCode(
affiliation_manuell, 'ekstern',
'Eksternt tilknyttet person, når spesifikke kategorier ikke passer')
affiliation_status_manuell_sia = _PersonAffStatusCode(
affiliation_manuell, 'sia',
'Person tilknyttet Studentsamskipnaden i Agder')
affiliation_status_manuell_sta = _PersonAffStatusCode(
affiliation_manuell, 'sta',
'Person tilknyttet Studentorganisasjonen Agder')
affiliation_status_manuell_filonova = _PersonAffStatusCode(
affiliation_manuell, 'filonova',
'Person tilknyttet Filonova kursstiftelse')
affiliation_status_manuell_agderforskning = _PersonAffStatusCode(
affiliation_manuell, 'agderforskning',
'Person tilknyttet Agderforskning')
affiliation_status_manuell_statsbygg = _PersonAffStatusCode(
affiliation_manuell, 'statsbygg',
'Person tilknyttet Statsbygg ved UiA')
affiliation_status_manuell_pensjonist = _PersonAffStatusCode(
affiliation_manuell, 'pensjonist',
'Pensjonist ved UiA, ikke registrert i SAP')
affiliation_status_manuell_gjest = _PersonAffStatusCode(
affiliation_manuell, 'gjest', 'Gjesteopphold ved UiA')
affiliation_status_manuell_ans_uten_sap = _PersonAffStatusCode(
affiliation_manuell, 'ans_uten_sap',
'Ansatt som ikke er lagt inn i SAP. En midlertidig status for folk')
affiliation_status_manuell_gjest_ikke_epost = _PersonAffStatusCode(
affiliation_manuell, 'gjest_no_epost',
'Gjesteopphold som ansatt ved UiA. Skal ikke ha epost')
affiliation_status_manuell_gjest_student = _PersonAffStatusCode(
affiliation_manuell, 'gjest_student',
'Gjesteopphold for student ved UiA. Epost skal tildeles')
affiliation_status_manuell_gjest_student_ikke_epost = _PersonAffStatusCode(
affiliation_manuell, 'gj_st_no_epost',
'Gjesteopphold for student ved UiA. Epost skal ikke tildeles')
affiliation_upersonlig = _PersonAffiliationCode(
'UPERSONLIG', 'Fellesbrukere, samt andre brukere uten eier')
affiliation_upersonlig_felles = _PersonAffStatusCode(
affiliation_upersonlig, 'felles', 'Felleskonti')
affiliation_upersonlig_kurs = _PersonAffStatusCode(affiliation_upersonlig,
'kurs', 'Kurskonti')
affiliation_upersonlig_pvare = _PersonAffStatusCode(
affiliation_upersonlig, 'pvare', 'Programvarekonti')
affiliation_upersonlig_studentforening = _PersonAffStatusCode(
affiliation_upersonlig, 'studorg',
'Studentforening eller -aktivitet ved UiA')
# DEFINISJON AV SHELL
# We override the default Cerebrum paths for shells, thus this
# file should appear before PosixUser in cereconf.CLASS_CONSTANTS
posix_shell_bash = _PosixShellCode('bash', '/bin/bash')
posix_shell_tcsh = _PosixShellCode('tcsh', '/bin/tcsh')
posix_shell_csh = _PosixShellCode('csh', '/bin/csh')
posix_shell_sh = _PosixShellCode('sh', '/bin/sh')
spread_nis_user = _SpreadCode('account@nis',
Constants.Constants.entity_account,
'User in NIS domain "stud"')
spread_nis_fg = _SpreadCode('group@nis', Constants.Constants.entity_group,
'File group in NIS domain "stud"')
spread_nis_ng = _SpreadCode('netgroup@nis',
Constants.Constants.entity_group,
'Net group in NIS domain "stud"')
spread_hia_adgang = _SpreadCode('account@adgang',
Constants.Constants.entity_person,
'Person exported to Adgang system')
spread_hia_email = _SpreadCode('account@imap',
Constants.Constants.entity_account,
'Email user at UiA')
spread_hia_bibsys = _SpreadCode('account@bibsys',
Constants.Constants.entity_person,
'Person exported to BIBSYS')
spread_hia_tele = _SpreadCode('account@telefon',
Constants.Constants.entity_person,
'Person exported to phone system')
spread_hia_ldap_ou = _SpreadCode('ou@ldap', Constants.Constants.entity_ou,
'OU included in LDAP directory')
spread_hia_helpdesk = _SpreadCode('account@helpdesk',
Constants.Constants.entity_account,
'Account exported to helpdesk system')
spread_hia_ad_account = _SpreadCode(
'account@ad', Constants.Constants.entity_account,
'Account included in Active Directory')
spread_exchange_acc_old = _SpreadCode('account@exch_old',
Constants.Constants.entity_account,
'Account in old Exchange env')
spread_exchange_account = _SpreadCode('account@exchange',
Constants.Constants.entity_account,
'Account in Exchange')
spread_hia_ad_group = _SpreadCode('group@ad',
Constants.Constants.entity_group,
'group included in Active Directory')
spread_exchange_group = _SpreadCode('group@exchange',
Constants.Constants.entity_group,
'Group exported to Exchange')
spread_hia_ezpublish = _SpreadCode('group@ezpublish',
Constants.Constants.entity_group,
'Groups used by EZPublish')
spread_hia_fronter = _SpreadCode(
'group@fronter', Constants.Constants.entity_group,
('Group representing a course that should be exported to'
' the ClassFronter. Should only be given to groups that'
' have been automatically generated from FS.'))
spread_radius_user = _SpreadCode('account@radius',
Constants.Constants.entity_account,
'User in Radius domain "stud"')
spread_ans_radius_user = _SpreadCode('account@radiusan',
Constants.Constants.entity_account,
'User in Radius domain "ans"')
spread_it_radius_user = _SpreadCode('account@radiusit',
Constants.Constants.entity_account,
'User in Radius domain "it"')
spread_sia_radius_user = _SpreadCode('account@radiusia',
Constants.Constants.entity_account,
'User in Radius domain "sia"')
spread_radius_guest = _SpreadCode('guest@radius',
Constants.Constants.entity_account,
'Guest in Radius domain "stud"')
spread_radius_guestcair = _SpreadCode('guestcair@radius',
Constants.Constants.entity_account,
'Guest in Radius domain "cair"')
spread_uia_ad_account_ehelse_nhn = _SpreadCode(
'acc@ehelse-nhn', Constants.Constants.entity_account,
'Account included in AD: eHelse NHN')
spread_uia_ad_group_ehelse_nhn = _SpreadCode(
'group@ehelse-nhn', Constants.Constants.entity_group,
'Group included in AD: eHelse NHN')
spread_uia_office_365 = _SpreadCode('acc@office365',
Constants.Constants.entity_account,
'Account included in Office365')
spread_uia_forward = _SpreadCode(
'acc@forward', Constants.Constants.entity_account,
'Account contains only email forward and not a mailbox')
# Definisjon av traits
trait_accept_nondisc = _EntityTraitCode(
'acc_non_disc', Constants.Constants.entity_person,
"Trait marking a person who has accepted a non-disclosure agreement "
"with UiA.")
trait_reject_nondisc = _EntityTraitCode(
'rej_non_disc', Constants.Constants.entity_person,
"Trait marking a person who has rejected a non-disclosure agreement "
"with UiA.")
trait_accept_rules = _EntityTraitCode(
'accept_rules', Constants.Constants.entity_person,
"Trait marking a person who has accepted terms and rule for use of "
"IT services at UiA.")
# KARANTENEGRUPPER
quarantine_permisjon = _QuarantineCode('permisjon',
'Brukeren har permisjon')
quarantine_autoekstern = _QuarantineCode('autoekstern',
'Ekstern konto gått ut på dato')
email_spam_level_none = _EmailSpamLevelCode(
'no_filter', 9999, "No email will be filtered as spam")
email_spam_level_standard = _EmailSpamLevelCode(
'standard_spam', 8, "Only filter email that obviously is spam")
email_spam_level_heightened = _EmailSpamLevelCode(
'most_spam', 5, "Filter most emails that look like spam")
email_spam_level_aggressive = _EmailSpamLevelCode(
'aggressive_spam', 3, "Filter everything that resembles spam")
email_spam_action_none = _EmailSpamActionCode(
'noaction', "Deliver spam just like legitimate email")
email_spam_action_folder = _EmailSpamActionCode(
'spamfolder', "Deliver spam to a separate IMAP folder")
email_spam_action_delete = _EmailSpamActionCode(
'dropspam', "Reject messages classified as spam")
def process_person(self, person):
"""Sync spreads between a person and it's accounts."""
# str2const is something we need if we create new accounts.
self._make_str2const()
if not self._ac:
self._ac = Factory.get('Account')(self.db)
def _diff_aff(new_aff, old_aff):
"""Return two lists. One with affiliations to remove and one
with affiliations to add."""
remove = list()
add = list()
for tpl in new_aff:
if tpl not in old_aff:
add.append(tpl)
for tpl in old_aff:
if tpl not in new_aff:
remove.append(tpl)
return remove, add
# Find the person's affiliations
person_affiliations = []
for row in person.get_affiliations():
person_affiliations.append((row['ou_id'], row['affiliation']))
# If the person in question doesn't have any affiliations, we
# don't create any account.
accounts = person.get_accounts(filter_expired=False)
if len(accounts) == 0:
if person_affiliations:
ac = self._create_account(person)
if ac:
self.logger.info("Person '%d' got new account '%s'." %
(person.entity_id, ac.account_name))
# Take care of person affiliations too
else:
self.logger.info(
"Person '%d' have no affiliations. No account created." %
person.entity_id)
# Clean up in spreads
change = False
for spread in procconf.PERSON_SPREADS:
if person_affiliations:
if not person.has_spread(int(self.str2const[spread])):
person.add_spread(int(self.str2const[spread]))
self.logger.info("Person '%d' got spread '%s'." %
(person.entity_id, spread))
change = True
else:
if person.has_spread(int(self.str2const[spread])):
person.delete_spread(int(self.str2const[spread]))
self.logger.info("Person '%d' have no affiliations. "
"Spread '%s' deleted." %
(person.entity_id, spread))
change = True
if change:
person.write_db()
# Loop over the person's account(s) and correct affiliations
# and spreads
for account in person.get_accounts(filter_expired=False):
account_affiliations = []
self._ac.clear()
self._ac.find(account['account_id'])
# Update affiliations
for row in self._ac.get_account_types(filter_expired=False):
account_affiliations.append((row['ou_id'], row['affiliation']))
rem, add = _diff_aff(person_affiliations, account_affiliations)
change = False
for r in rem:
self._ac.del_account_type(r[0], r[1])
change = True
self.logger.info("Account '%s' removed type '%s', '%s'." %
(self._ac.account_name, r[0], r[1]))
for a in add:
self._ac.set_account_type(a[0], a[1])
change = True
self.logger.info("Account '%s' added type '%s', '%s'." %
(self._ac.account_name, a[0], a[1]))
# Set expire_date if no account_types
if not person_affiliations:
# Don't reset expire_date on an already expired account
if not self._ac.expire_date:
self._ac.expire_date = DateTime.now()
change = True
self.logger.info("Account '%s' set to expired." %
self._ac.account_name)
else:
# The account is about to get account_types so we restore it
# by removing expire_date
if self._ac.expire_date:
self._ac.expire_date = None
change = True
self.logger.info("Account '%s' is restored." %
self._ac.account_name)
self._ac_add_new_traits(self._ac)
# TODO: Limit the removal of spreads to types known by proc_entity
# Update account spreads (if set in the config)
if (hasattr(procconf, 'ACCOUNT_SPREADS') and
hasattr(procconf, 'OU2ACCOUNT_SPREADS')):
raise Errors.ProgrammingError(
"Both ACCOUNT_SPREADS and OU2ACCOUNT_SPREADS in procconf.")
elif (hasattr(procconf, 'ACCOUNT_SPREADS') and
procconf.ACCOUNT_SPREADS):
acc_spreads = []
for i in person_affiliations:
aff_str = str(_PersonAffiliationCode(i[1]))
if aff_str not in procconf.ACCOUNT_SPREADS:
continue
spreads = [int(self.str2const[s]) for s in
procconf.ACCOUNT_SPREADS[aff_str]]
acc_spreads += [s for s in spreads if s not in acc_spreads]
for row in self._ac.get_spread():
# Annoying "feature". get_spread() return a tuple of
# one-element tuples.
if int(row[0]) not in acc_spreads:
self._ac.delete_spread(row[0])
self.logger.info("Account '%s' removed spread '%s'." %
(self._ac.account_name,
str(_SpreadCode(int(row[0])))))
change = True
for spread in acc_spreads:
if not self._ac.has_spread(spread):
self._ac.add_spread(spread)
self.logger.info("Account '%s' added spread '%s'." %
(self._ac.account_name,
str(_SpreadCode(int(spread)))))
change = True
elif (hasattr(procconf, 'OU2ACCOUNT_SPREADS') and
procconf.OU2ACCOUNT_SPREADS):
self._populate_ou2spread()
acc_spreads = []
for ou, aff in person_affiliations:
for s in self.ou2spread[ou]:
if s not in acc_spreads:
acc_spreads.append(s)
for row in self._ac.get_spread():
# Annoying "feature". get_spread() return a tuple of
# one-element tuples.
if int(row[0]) not in acc_spreads:
self._ac.delete_spread(row[0])
self.logger.info("Account '%s' removed spread '%s'." %
(self._ac.account_name,
str(_SpreadCode(int(row[0])))))
change = True
for spread in acc_spreads:
if not self._ac.has_spread(spread):
self._ac.add_spread(spread)
self.logger.info("Account '%s' added spread '%s'." %
(self._ac.account_name,
str(_SpreadCode(int(spread)))))
change = True
if change:
self._ac.write_db()
class Constants(Constants.Constants):
# Org. hierarchy perspective
perspective_ekstens = _OUPerspectiveCode('Ekstens', 'Ekstens')
perspective_sats = _OUPerspectiveCode('SATS', 'SATS')
# Authoritative system codes
system_sats = _AuthoritativeSystemCode(
'SATS', 'Personopplysninger hentet fra skolesystemet SATS')
system_ekstens = _AuthoritativeSystemCode(
'EKSTENS', 'Personopplysninger hentet fra skolesystemet EKSTENS')
system_tpsys = _AuthoritativeSystemCode(
'TPSYS', 'Personopplysninger hentet fra skolesystemet TPSYS')
system_migrate = _AuthoritativeSystemCode(
'MIGRATE', 'Personopplysninger hentet fra tidligere brukte systemer')
# External ID codes
externalid_orgnr = _EntityExternalIdCode('ORGNR',
Constants.Constants.entity_ou,
'Organisasjonsnummer (fra SAS)')
# Disse kodene er det foreløpig usikkert om skal brukes
externalid_ouid = _EntityExternalIdCode(
'OUID', Constants.Constants.entity_ou,
'Organisasjonens unike identifikator')
externalid_skolenr = _EntityExternalIdCode('SKOLENR',
Constants.Constants.entity_ou,
'Skolenummer')
externalid_kommunenr = _EntityExternalIdCode('KOMMNR',
Constants.Constants.entity_ou,
'Kommunenummer')
externalid_ou_oid = _EntityExternalIdCode('OUOID',
Constants.Constants.entity_ou,
'OU OID')
externalid_userid = _EntityExternalIdCode(
'USERID', Constants.Constants.entity_person, 'Bruker ID')
externalid_klasse = _EntityExternalIdCode('kl-ID',
Constants.Constants.entity_group,
'Klasse ID')
externalid_faggruppe = _EntityExternalIdCode(
'fg-ID', Constants.Constants.entity_group, 'Faggruppe ID')
externalid_klassegruppe = _EntityExternalIdCode(
'kg-ID', Constants.Constants.entity_group, 'klassegruppe ID')
# Spread codes
# AD
spread_ad_acc = _SpreadCode('account@ad',
Constants.Constants.entity_account,
'Brukeren kan logge inn på Windows PC-er.')
spread_ad_grp = _SpreadCode('group@ad', Constants.Constants.entity_group,
'Gruppen brukes av Active Directory.')
spread_ad_ou = _SpreadCode('ou@ad', Constants.Constants.entity_ou,
'OUen brukes av Active Directory.')
# LMS
spread_lms_acc = _SpreadCode(
'account@lms', Constants.Constants.entity_account,
'Brukeren kan logge inn på LMS (f.eks. Classfronter).')
spread_lms_grp = _SpreadCode('group@lms', Constants.Constants.entity_group,
'Gruppen brukes av LMS-et.')
spread_lms_per = _SpreadCode('person@lms',
Constants.Constants.entity_person,
'Person kjent i organisasjonens LMS')
spread_lms_ou = _SpreadCode(
'ou@lms', Constants.Constants.entity_ou,
'Eksportere OU til LMS (f.eks. Classfronter).')
# OID
spread_oid_acc = _SpreadCode(
'account@oid', Constants.Constants.entity_account,
'Brukeren kan logge inn på webportalen (OCS).')
spread_oid_grp = _SpreadCode('group@oid', Constants.Constants.entity_group,
'Gruppen brukes av webportalen (OCS).')
spread_oid_ou = _SpreadCode('ou@oid', Constants.Constants.entity_ou,
'OU-en skal eksporteres til OID.')
# LDAP
spread_ldap_per = _SpreadCode(
'person@ldap', Constants.Constants.entity_person,
'Brukeren kan benytte seg av FEIDE-innlogging.')
spread_ldap_grp = _SpreadCode('group@ldap',
Constants.Constants.entity_group,
'Gruppen brukes i LDAP.')
# Quarantine codes
quarantine_generell = _QuarantineCode('generell', 'Generell sperring')
# Affiliation codes
affiliation_ansatt = _PersonAffiliationCode(
'ANSATT', 'Personen er registrert som ansatt i SAS.')
affiliation_status_ansatt_aktiv = _PersonAffStatusCode(
affiliation_ansatt, 'aktiv',
'Personen har aktiv tilsetting, registrert i SAS.')
affiliation_elev = _PersonAffiliationCode(
'ELEV', 'Personen er registrert som elev i SAS.')
affiliation_status_elev_aktiv = _PersonAffStatusCode(
affiliation_elev, 'aktiv',
'Eleven har en aktiv tilknytning til skolen, registrert i SAS.')
affiliation_foresatt = _PersonAffiliationCode(
'FORESATT', 'Foresatt registrert i SAS.')
affiliation_status_foresatt_aktiv = _PersonAffStatusCode(
affiliation_foresatt, 'aktiv',
'Foresatt for elev med aktiv tilknytning til skole, registrert i SAS.')
affiliation_manuell = _PersonAffiliationCode(
'MANUELL', 'Personen er ikke registrert i SAS.')
affiliation_status_manuell_gjest = _PersonAffStatusCode(
affiliation_manuell, 'gjest',
'Personen er tilknyttet skolen som gjest.')
affiliation_teacher = _PersonAffiliationCode('LÆRER',
'Lærer registrert i SAS.')
affiliation_status_teacher_aktiv = _PersonAffStatusCode(
affiliation_teacher, 'aktiv', 'Lærer aktiv ved en skole.')
affiliation_tilknyttet = _PersonAffiliationCode(
'TILKNYTTET', 'Personen knyttet til organisasjonen')
affiliation_status_tilknyttet_aktiv = _PersonAffStatusCode(
affiliation_tilknyttet, 'aktiv', 'Person aktiv ved organisasjonen.')
affiliation_affiliate = _PersonAffiliationCode(
'AFFILIATE', 'Personen knyttet til organisasjonen')
affiliation_status_affiliate_aktiv = _PersonAffStatusCode(
affiliation_affiliate, 'aktiv', 'Person aktiv ved organisasjonen.')
# Account_type codes
account_test = _AccountCode('test', 'Testkonto')
# Contact_types
# TBD: contact_job_mobile should be removed. contact_private_mobile is
# moved to Cerebrum.Constants.CommonConstants
contact_job_mobile = _ContactInfoCode('JOBMOBILE', 'JOBMOBILE')
contact_private_email = _ContactInfoCode('PRIVATEEMAIL', 'PRIVATEEMAIL')
# Mail traits
trait_homedb_info = _EntityTraitCode(
'homeMDB', Constants.Constants.entity_account,
'Register Exchange homeMDB for e-mail accounts')
trait_x400_addr = _EntityTraitCode(
'x400address', Constants.Constants.entity_account,
'Register old addresses for e-mail accounts')
trait_x500_addr = _EntityTraitCode(
'x500address', Constants.Constants.entity_account,
'Register old addresses for e-mail accounts')
# Traits for migrating between versions of Exchange:
# Marking accounts that are being migrated. Such accounts should not be
# updated in AD until the migration is done.
trait_exchange_under_migration = _EntityTraitCode(
'under_migration', Constants.Constants.entity_account,
"Accounts that is under migrationt to another Exchange version.")
# Need to differ between migrated and non-migrated accounts
trait_exchange_migrated = _EntityTraitCode(
'exch_migrated', Constants.Constants.entity_account,
"Account that has been migrated to a newer Exchange version.")
# Group traits
trait_group_imported = _EntityTraitCode(
'imported_group', Constants.Constants.entity_group,
'Register last_seen date for groups imported from by ABC')
trait_group_derived = _EntityTraitCode(
'internal_group', Constants.Constants.entity_group,
'Register last_seen date for internaly created groups')
trait_group_affiliation = _EntityTraitCode(
'aff_group', Constants.Constants.entity_group,
'Tag groups created to become affiliation groups.')
# tag shadow groups as "undervisningsgruppe" and "klassegruppe"
trait_shdw_undv = _EntityTraitCode(
'undv_group', Constants.Constants.entity_group,
'Tag groups created to represent "undervisningsgruppe".')
trait_shdw_kls = _EntityTraitCode(
'kls_group', Constants.Constants.entity_group,
'Tag groups created to represent "klassegruppe".')
# tag affiliation based auto-groups
trait_auto_aff = _EntityTraitCode(
'auto_group', Constants.Constants.entity_group,
'Tag affiliations based automatic groups.')
# Guardianship-related traits
trait_guardian_of = _EntityTraitCode('guardian_of',
Constants.Constants.entity_person,
'Register guardees for this person')
trait_guardian_urls = _EntityTraitCode('guardian_urls',
Constants.Constants.entity_person,
'Register urls for this person')
# SMS traits
trait_sms_reminder = _EntityTraitCode('sms_reminder',
Constants.Constants.entity_account,
'Tagging that an SMS has been sent')
def map_spread(id):
try:
return int(_SpreadCode(id))
except Errors.NotFoundError:
print "Error mapping spread %s" % id # no need to use logger here
raise
class ConstantsHigherEdu(Constants.Constants):
# authoritative source systems (FS = student registry, SAP = common
# HR-system)
system_fs = _AuthoritativeSystemCode('FS', 'FS')
system_sap = _AuthoritativeSystemCode('SAP', 'SAP')
# external id definitions (student and employee id)
externalid_studentnr = _EntityExternalIdCode(
'NO_STUDNO', Constants.Constants.entity_person, 'Student ID number')
externalid_sap_ansattnr = _EntityExternalIdCode(
'NO_SAPNO', Constants.Constants.entity_person, 'Employee ID number')
externalid_sap_ou = _EntityExternalIdCode("SAP_OU_ID",
Constants.Constants.entity_ou,
'SAP OU identification')
externalid_uname = _EntityExternalIdCode('UNAME',
Constants.Constants.entity_person,
'User name (external system)')
externalid_stedkode = _EntityExternalIdCode('STEDKODE',
Constants.Constants.entity_ou,
'Stedkode')
# OU-structure perspectives
perspective_fs = _OUPerspectiveCode('FS', 'FS')
perspective_sap = _OUPerspectiveCode('SAP', 'SAP')
# Affiliations for students
affiliation_student = _PersonAffiliationCode('STUDENT', 'Student')
affiliation_status_student_evu = _PersonAffStatusCode(
affiliation_student, 'evu', 'Student, etter og videre utdanning')
affiliation_status_student_aktiv = _PersonAffStatusCode(
affiliation_student, 'aktiv', 'Student, aktiv')
affiliation_status_student_privatist = _PersonAffStatusCode(
affiliation_student, 'privatist', 'Student, privatist')
affiliation_status_student_drgrad = _PersonAffStatusCode(
affiliation_student, 'drgrad', 'Student, drgrad')
affiliation_status_student_ekstern = _PersonAffStatusCode(
affiliation_student, 'ekstern', 'Student, ekstern')
# Affiliations for employees
affiliation_ansatt = _PersonAffiliationCode('ANSATT', 'Ansatt')
affiliation_status_ansatt_vitenskapelig = _PersonAffStatusCode(
affiliation_ansatt, 'vitenskapelig', 'Ansatt, vitenskapelig')
affiliation_status_ansatt_tekadm = _PersonAffStatusCode(
affiliation_ansatt, 'tekadm', 'Ansatt, teknisk-administrativ')
spread_ldap_group = _SpreadCode(
'group@ldap', Constants.Constants.entity_group,
'Gruppen eksporteres til gruppetreet i LDAP')
# this should not really be her and it will be removed when the
# bofhd-restructuring is done. for now it solves our problems
# with bofhd_uio_cmds-copies in use.
# bofhd constants
auth_rt_create = _AuthRoleOpCode(
'rt_create', 'Create e-mail target for Request Tracker')
auth_rt_replace = _AuthRoleOpCode(
'rt_replace', 'Replace existing mailing list with Request Tracker')
auth_rt_addr_add = _AuthRoleOpCode(
'rt_addr_add', 'Add e-mail address to Request Tracker target')
class Constants(Constants.Constants):
system_lt = _AuthoritativeSystemCode('LT', 'LT')
system_ureg = _AuthoritativeSystemCode('Ureg', 'Migrerte data, utdatert')
system_fs_derived = _AuthoritativeSystemCode('FS-auto',
'Utledet av FS data')
system_folk_uio_no = _AuthoritativeSystemCode('folk.uio.no',
'http://folk.uio.no/')
perspective_lt = _OUPerspectiveCode('LT', 'LT')
account_test = _AccountCode('testbruker', 'Testkonto')
account_kurs = _AccountCode('kursbruker', 'Kurskonto')
account_uio_guest = _AccountCode('gjestebruker_uio', 'Manuell gjestekonto')
affiliation_ansatt = _PersonAffiliationCode(
'ANSATT', 'Registrert som aktiv ansatt ved UiO')
affiliation_status_ansatt_vit = _PersonAffStatusCode(
affiliation_ansatt, 'vitenskapelig', 'Vitenskapelig ansatt')
affiliation_status_ansatt_bil = _PersonAffStatusCode(
affiliation_ansatt, 'bilag', 'Bilagslønnet')
affiliation_status_ansatt_ltreg = _PersonAffStatusCode(
affiliation_ansatt, 'ltreg', 'Registert som gjest, utdatert')
affiliation_status_ansatt_tekadm = _PersonAffStatusCode(
affiliation_ansatt, 'tekadm', 'Teknisk/administrativt ansatt')
affiliation_status_ansatt_perm = _PersonAffStatusCode(
affiliation_ansatt, 'permisjon', 'Ansatt, for tiden i permisjon')
affiliation_student = _PersonAffiliationCode(
'STUDENT', 'Student ved UiO, registrert i FS')
affiliation_status_student_soker = _PersonAffStatusCode(
affiliation_student, 'soker', 'Registrert med søknad i FS')
affiliation_status_student_tilbud = _PersonAffStatusCode(
affiliation_student, 'tilbud', 'Registrert tilbud om opptak i FS')
affiliation_status_student_opptak = _PersonAffStatusCode(
affiliation_student, 'opptak',
'Registrert med gyldig studierett i FS ')
affiliation_status_student_ny = _PersonAffStatusCode(
affiliation_student, 'ny',
'Registrert med ny, gyldig studierett i FS')
affiliation_status_student_aktiv = _PersonAffStatusCode(
affiliation_student, 'aktiv', 'Registrert som aktiv student i FS')
affiliation_status_student_emnestud = _PersonAffStatusCode(
affiliation_student, 'emnestud',
'Registrert som aktiv emnestudent i FS')
affiliation_status_student_drgrad = _PersonAffStatusCode(
affiliation_student, 'drgrad',
'Registrert som aktiv doktorgradsstudent i FS')
affiliation_status_student_privatist = _PersonAffStatusCode(
affiliation_student, 'privatist', 'Registrert som privatist i FS')
affiliation_status_student_evu = _PersonAffStatusCode(
affiliation_student, 'evu', 'Registrert som EVU-student i FS')
affiliation_status_student_perm = _PersonAffStatusCode(
affiliation_student, 'permisjon',
'Registrert med gyldig permisjon i FS')
affiliation_status_student_alumni = _PersonAffStatusCode(
affiliation_student, 'alumni', 'Har fullført studieprogram i FS')
affiliation_tilknyttet = _PersonAffiliationCode(
'TILKNYTTET', 'Tilknyttet UiO uten å være student eller ansatt')
affiliation_tilknyttet_fagperson = _PersonAffStatusCode(
affiliation_tilknyttet, 'fagperson', 'Registrert som fagperson i FS')
affiliation_tilknyttet_emeritus = _PersonAffStatusCode(
affiliation_tilknyttet, 'emeritus',
'Registrert med rolle EMERITUS i SAPUiO')
affiliation_tilknyttet_bilag = _PersonAffStatusCode(
affiliation_tilknyttet, 'bilag',
'Registrert med rolle BILAGSLØN i SAPUiO')
affiliation_tilknyttet_ekst_forsker = _PersonAffStatusCode(
affiliation_tilknyttet, 'ekst_forsker',
'Registrert med rolle EF-FORSKER eller SENIORFORS i SAPUiO')
affiliation_tilknyttet_gjesteforsker = _PersonAffStatusCode(
affiliation_tilknyttet, 'gjesteforsker',
'Registrert med rolle GJ-FORSKER i SAPUiO')
affiliation_tilknyttet_assosiert_person = _PersonAffStatusCode(
affiliation_tilknyttet, 'assosiert_person',
'Registrert med rolle ASSOSIERT i SAPUiO')
affiliation_tilknyttet_frida_reg = _PersonAffStatusCode(
affiliation_tilknyttet, 'frida_reg',
'Registrert med rolle REGANSV og REG-ANSV i SAPUiO')
affiliation_tilknyttet_ekst_stip = _PersonAffStatusCode(
affiliation_tilknyttet, 'ekst_stip',
'Registrert med rolle EF-STIP i SAPUiO')
affiliation_tilknyttet_sivilarbeider = _PersonAffStatusCode(
affiliation_tilknyttet, 'sivilarbeider',
'Personer registrert i LT med gjestetypekode=SIVILARB')
affiliation_tilknyttet_diverse = _PersonAffStatusCode(
affiliation_tilknyttet, 'diverse',
'Personer registrert i LT med gjestetypekode=IKKE ANGITT')
affiliation_tilknyttet_pcvakt = _PersonAffStatusCode(
affiliation_tilknyttet, 'pcvakt',
'Personer registrert i LT med gjestetypekode=PCVAKT')
affiliation_tilknyttet_unirand = _PersonAffStatusCode(
affiliation_tilknyttet, 'unirand',
'Personer registrert i LT med gjestetypekode=UNIRAND')
affiliation_tilknyttet_grlaerer = _PersonAffStatusCode(
affiliation_tilknyttet, 'grlaerer',
'Personer registrert i LT med gjestetypekode=GRUPPELÆRER')
affiliation_tilknyttet_ekst_partner = _PersonAffStatusCode(
affiliation_tilknyttet, 'ekst_partner',
'Personer registrert i LT med gjestetypekode=EKST. PART')
affiliation_tilknyttet_studpol = _PersonAffStatusCode(
affiliation_tilknyttet, 'studpol',
'Personer registrert i LT'
' med gjestetypekode=ST-POL FRI eller ST-POL UTV')
affiliation_tilknyttet_studorg = _PersonAffStatusCode(
affiliation_tilknyttet, 'studorg',
'Personer registrert i LT'
' med gjestetypekode=ST-ORG FRI eller ST-ORG UTV')
affiliation_tilknyttet_innkjoper = _PersonAffStatusCode(
affiliation_tilknyttet, 'innkjoper',
'Registrert med rolle INNKJØPER i SAPUiO')
affiliation_tilknyttet_isf = _PersonAffStatusCode(
affiliation_tilknyttet, 'isf',
'Person tilknyttet Institutt for samfunnsforskning')
affiliation_tilknyttet_ekstern = _PersonAffStatusCode(
affiliation_tilknyttet, 'ekstern',
'Person tilknyttet enhet med avtale om utvidede IT-tilganger (FEIDE)')
affiliation_manuell = _PersonAffiliationCode(
'MANUELL', 'Tilknyttet enheter/institusjoner som USIT har avtale med')
affiliation_manuell_alumni = _PersonAffStatusCode(
affiliation_manuell, 'alumni', 'Uteksaminerte studenter')
affiliation_manuell_ekstern = _PersonAffStatusCode(
affiliation_manuell, 'ekstern',
'Person tilknyttet enhet med avtale om begrensede IT-tilganger')
# We override the default settings for shells, thus this file
# should be before PosixUser in cereconf.CLASS_CONSTANTS
posix_shell_bash = _PosixShellCode('bash', '/local/gnu/bin/bash')
posix_shell_csh = _PosixShellCode('csh', '/bin/csh')
posix_shell_false = _PosixShellCode('false', '/bin/false')
posix_shell_ksh = _PosixShellCode('ksh', '/bin/ksh')
posix_shell_ma104 = _PosixShellCode('ma104', '/local/bin/ma104')
posix_shell_nologin = _PosixShellCode('nologin', '/local/etc/nologin')
posix_shell_nologin_autostud = _PosixShellCode(
'nologin.autostud', '/local/etc/shells/nologin.autostud')
posix_shell_nologin_brk = _PosixShellCode(
'nologin.brk', '/local/etc/shells/nologin.brk')
posix_shell_nologin_chpwd = _PosixShellCode(
'nologin.chpwd', '/local/etc/shells/nologin.chpwd')
posix_shell_nologin_ftpuser = _PosixShellCode(
'nologin.ftpuser', '/local/etc/shells/nologin.ftpuser')
posix_shell_nologin_nystudent = _PosixShellCode(
'nologin.nystuden', '/local/etc/shells/nologin.nystudent')
posix_shell_nologin_permisjon = _PosixShellCode(
'nologin.permisjo', '/local/etc/shells/nologin.permisjon')
posix_shell_nologin_pwd = _PosixShellCode(
'nologin.pwd', '/local/etc/shells/nologin.pwd')
posix_shell_nologin_sh = _PosixShellCode(
'nologin.sh', '/local/etc/shells/nologin.sh')
posix_shell_nologin_sluttet = _PosixShellCode(
'nologin.sluttet', '/local/etc/shells/nologin.sluttet')
posix_shell_nologin_stengt = _PosixShellCode(
'nologin.stengt', '/local/etc/shells/nologin.stengt')
posix_shell_nologin_teppe = _PosixShellCode(
'nologin.teppe', '/local/etc/shells/nologin.teppe')
posix_shell_puberos = _PosixShellCode(
'puberos', '/local/bin/puberos')
posix_shell_pwsh = _PosixShellCode(
'pwsh', '/etc/pw/sh')
posix_shell_sftp_server = _PosixShellCode(
'sftp-server', '/local/openssh/libexec/sftp-server')
posix_shell_simonshell = _PosixShellCode(
'simonshell', '/hom/simon/simonshell')
posix_shell_sh = _PosixShellCode('sh', '/bin/sh')
posix_shell_sync = _PosixShellCode('sync', '/bin/sync')
posix_shell_tcsh = _PosixShellCode('tcsh', '/local/bin/tcsh')
posix_shell_true = _PosixShellCode('true', '/bin/true')
posix_shell_zsh = _PosixShellCode('zsh', '/local/bin/zsh')
spread_uio_nis_user = _SpreadCode(
'NIS_user@uio', Constants.Constants.entity_account,
'User in NIS domain "uio"')
spread_uio_nis_fg = _SpreadCode(
'NIS_fg@uio', Constants.Constants.entity_group,
'File group in NIS domain "uio"')
spread_uio_nis_ng = _SpreadCode(
'NIS_ng@uio', Constants.Constants.entity_group,
'Net group in NIS domain "uio"')
spread_ifi_nis_user = _SpreadCode(
'NIS_user@ifi', Constants.Constants.entity_account,
'User in NIS domain "ifi"')
spread_ifi_nis_fg = _SpreadCode(
'NIS_fg@ifi', Constants.Constants.entity_group,
'File group in NIS domain "ifi"')
spread_ifi_nis_ng = _SpreadCode(
'NIS_ng@ifi', Constants.Constants.entity_group,
'Net group in NIS domain "ifi"')
spread_hpc_nis_user = _SpreadCode(
'NIS_user@hpc', Constants.Constants.entity_account,
'User in NIS domain, exported to HPC')
spread_hpc_nis_fg = _SpreadCode(
'NIS_fg@hpc', Constants.Constants.entity_group,
'File group in NIS domain "uio" exported to HPC')
spread_uio_ldap_person = _SpreadCode(
'LDAP_person', Constants.Constants.entity_person,
'Person included in LDAP directory')
spread_isf_ldap_person = _SpreadCode(
'LDAP_isf_person', Constants.Constants.entity_person,
'Person included in ISF-s LDAP directory')
spread_uio_ldap_ou = _SpreadCode(
'LDAP_OU', Constants.Constants.entity_ou,
'OU included in LDAP directory')
spread_uio_ldap_account = _SpreadCode(
'LDAP_account', Constants.Constants.entity_account,
'Account included the LDAP directory')
spread_uio_org_ou = _SpreadCode(
'ORG_OU', Constants.Constants.entity_ou,
'OU defined as part of UiOs org.structure proper')
spread_uio_ad_account = _SpreadCode(
'AD_account', Constants.Constants.entity_account,
'Account included in Active Directory at UiO')
spread_uio_ad_group = _SpreadCode(
'AD_group', Constants.Constants.entity_group,
'Group included in Active Directory at UiO')
spread_uio_ad_xpand = _SpreadCode(
'Xpand_group', Constants.Constants.entity_group,
"Group included in Xpand's AD-OU")
spread_uio_ua = _SpreadCode(
'UA@uio', Constants.Constants.entity_person,
'Person exported to UA')
# Spreads for Exchange
spread_exchange_account = _SpreadCode(
'exchange_acc@uio', Constants.Constants.entity_account,
'An account with an Exchange-mailbox at UiO')
spread_exchange_group = _SpreadCode(
'exch_group@uio', Constants.Constants.entity_group,
'A mail enabled security group for Exchange')
spread_exchange_shared_mbox = _SpreadCode(
'exch_shared_mbox', Constants.Constants.entity_group,
'Group exposed as a shared mailbox in Exchange')
spread_uio_ldap_guest = _SpreadCode(
'guest@ldap', Constants.Constants.entity_account,
'LDAP/RADIUS spread for wireless accounts')
# exchange-related-jazz
# this code should be removed from the cerebrum-db as soon as
# migration to Exchange is completed. Removal will serve two
# purposes; firstly as a code clean-up, secondly as a check that
# the migration was completed properly and no mailboxes are
# registered as IMAP-accounts.
spread_uio_imap = _SpreadCode(
'IMAP@uio', Constants.Constants.entity_account,
'E-mail user at UiO')
spread_fronter_kladdebok = _SpreadCode(
'CF@uio_kladdebok', Constants.Constants.entity_group,
'Group representing a course that should be exported to the '
'ClassFronter instance on kladdebok.uio.no. Should only be given to '
'groups that have been automatically generated from FS.')
spread_fronter_blyant = _SpreadCode(
'CF@uio_blyant', Constants.Constants.entity_group,
'Group representing a course that should be exported to the '
'ClassFronter instance on blyant.uio.no. Should only be given to '
'groups that have been automatically generated from FS.''')
spread_fronter_petra = _SpreadCode(
'CF@uio_petra', Constants.Constants.entity_group,
'Group representing a course that should be exported to the '
'ClassFronter instance on petra.uio.no. Should only be given to '
'groups that have been automatically generated from FS.')
spread_fronter_dotcom = _SpreadCode(
'*****@*****.**', Constants.Constants.entity_group,
'Group representing a course that should be exported to the '
'ClassFronter instance on fronter.com. Should only be given to '
'groups that have been automatically generated from FS.')
# LDAP: Brukere, grupper
# TODO: Kunne begrense tillatte spreads for spesielt priviligerte
# brukere.
quarantine_generell = _QuarantineCode('generell', 'Generell splatt')
quarantine_teppe = _QuarantineCode('teppe',
'Kalt inn på teppet til drift')
quarantine_slutta = _QuarantineCode('slutta', 'Personen har slutta')
quarantine_system = _QuarantineCode('system', 'Systembrukar som ikke'
' skal logge inn')
quarantine_permisjon = _QuarantineCode('permisjon',
'Brukeren har permisjon')
quarantine_svakt_passord = _QuarantineCode('svakt_passord',
'For dårlig passord')
quarantine_autopassord = _QuarantineCode(
'autopassord',
'Passord ikke skiftet trass pålegg')
quarantine_auto_emailonly = _QuarantineCode(
'auto_kunepost',
'Ikke ordinær student, tilgang til bare e-post')
quarantine_auto_inaktiv = _QuarantineCode('auto_inaktiv',
'Ikke aktiv student, utestengt')
quarantine_autoekstern = _QuarantineCode('autoekstern',
'Ekstern konto gått ut på dato')
quarantine_autointsomm = _QuarantineCode('autointsomm',
'Sommerskolen er ferdig for i år')
quarantine_nologin = _QuarantineCode('nologin',
'Gammel ureg karantene nologin')
quarantine_nologin_brk = _QuarantineCode(
'nologin_brk',
'Gammel ureg karantene nologin_brk')
quarantine_nologin_ftpuser = _QuarantineCode(
'nologin_ftpuser',
'Gammel ureg karantene nologin_ftpuser')
quarantine_nologin_nystudent = _QuarantineCode(
'nologin_nystuden',
'Gammel ureg karantene nologin_nystudent')
quarantine_nologin_sh = _QuarantineCode('nologin_sh',
'Gammel ureg karantene nologin_sh')
quarantine_nologin_stengt = _QuarantineCode(
'nologin_stengt',
'Gammel ureg karantene nologin_stengt')
quarantine_ou_notvalid = _QuarantineCode(
'ou_notvalid',
'OU not valid from external source')
quarantine_ou_remove = _QuarantineCode('ou_remove',
'OU is clean and may be removed')
quarantine_guest_release = _QuarantineCode(
'guest_release',
'Guest user is released but not available.')
quarantine_oppringt = _QuarantineCode(
'oppringt',
'Brukeren er sperret for oppringt-tjenesten.')
quarantine_vpn = _QuarantineCode('vpn',
'Brukeren er sperret for VPN-tjenesten.')
quarantine_equant = _QuarantineCode(
'equant',
'Brukeren er sperret for Equant tjenesten.')
quarantine_radius = _QuarantineCode(
'radius', 'Bruker er sperret for RADIUS-innlogging.')
quarantine_cert = _QuarantineCode('cert', 'Bruker er sperret av CERT.')
email_domain_category_uio_globals = _EmailDomainCategoryCode(
'UIO_GLOBALS',
"All local_parts defined in domain 'UIO_GLOBALS' are treated"
" as overrides for all domains posessing this category.")
email_spam_level_none = _EmailSpamLevelCode(
'no_filter', 9999, "No email will be filtered as spam")
email_spam_level_standard = _EmailSpamLevelCode(
'standard_spam', 7, "Only filter email that obviously is spam")
email_spam_level_heightened = _EmailSpamLevelCode(
'most_spam', 5, "Filter most emails that look like spam")
email_spam_level_aggressive = _EmailSpamLevelCode(
'aggressive_spam', 3, "Filter everything that resembles spam")
email_spam_action_none = _EmailSpamActionCode(
'noaction', "Deliver spam just like legitimate email")
email_spam_action_folder = _EmailSpamActionCode(
'spamfolder', "Deliver spam to a separate IMAP folder")
email_spam_action_delete = _EmailSpamActionCode(
'dropspam', "Reject messages classified as spam")
trait_email_server_weight = _EntityTraitCode(
'em_server_weight', Constants.Constants.entity_host,
"The relative weight of this server when assigning new users to "
"an e-mail server.")
trait_email_pause = _EntityTraitCode(
'email_pause', EmailConstants.entity_email_target,
'Pauses delivery of email')
# TBD: These may fit better into mod_disk_quota as actual mixin
# tables for disk_info and host_info
trait_host_disk_quota = _EntityTraitCode(
'host_disk_quota', Constants.Constants.entity_host,
"The default quota each user gets for disks on this host, "
"stored in numval.")
trait_disk_quota = _EntityTraitCode(
'disk_quota', Constants.Constants.entity_disk,
"The existence of this trait means this disk has quota. "
"numval contains the default quota. If it is NULL, the default "
"quota value is taken from the host_disk_quota trait.")
# Owner trait for GuestUsers module.
trait_uio_guest_owner = _EntityTraitCode(
'guest_owner_uio', Constants.Constants.entity_account,
"When a guest account is requested a group must be set as "
"owner for the account for the given time.")
trait_account_generation = _EntityTraitCode(
'ac_generation', Constants.Constants.entity_account,
"When a users homedir is archived, this value is increased.")
trait_student_disk = _EntityTraitCode(
'student_disk', Constants.Constants.entity_disk,
"When set, the disk in question is designated as"
" hosting students' home areas")
# Trait for tagging a person's primary affiliation, to be used by the web
# presentations.
trait_primary_aff = _EntityTraitCode(
"primary_aff", Constants.Constants.entity_person,
"A person's chosen primary affiliation,"
" for use at the web presentations")
# Trait for tagging -adm,-drift,-null accounts
trait_sysadm_account = _EntityTraitCode(
"sysadm_account", Constants.Constants.entity_account,
"An account used for system administration,"
" e.g. foo-adm, foo-drift and foo-null users")
# Trait for passphrase stats
trait_has_passphrase = _EntityTraitCode(
'has_passphrase',
Constants.Constants.entity_account,
"Account uses passphrase")
address_other_street = _AddressCode('OTHER_STREET', 'Other street address')
address_other_post = _AddressCode('OTHER_POST', 'Other post address')
# Consent related stuff
consent_office365 = Consent.Constants.EntityConsent(
'office365',
entity_type=Constants.Constants.entity_person,
consent_type=Consent.Constants.consent_opt_in,
description="Export to office365?")
# Temporary access for new students:
#
# Trait to tag students with temporary access to IT-services
trait_tmp_student = _EntityTraitCode(
'tmp_student',
Constants.Constants.entity_account,
'Account is granted temporary access')
#
# Quarantine for revoking access
quarantine_auto_tmp_student = _QuarantineCode(
'auto_tmp_student',
'Account is no longer active')
def map_spread(id):
try:
return int(_SpreadCode(id))
except Errors.NotFoundError:
print "Error mapping spread %s" % id # no need to use logger here
raise
class Constants(CereConst.Constants):
# Affiliations for students
affiliation_student = ConstantsHigherEdu.affiliation_student
affiliation_status_student_tilbud = _PersonAffStatusCode(
affiliation_student,
'tilbud',
'Student, tilbud')
affiliation_status_student_privatist = _PersonAffStatusCode(
affiliation_student,
'privatist',
'Student, privatist')
# Affiliations for associated people
affiliation_status_tilknyttet_timelonnet = _PersonAffStatusCode(
ConstantsUniversityColleges.affiliation_tilknyttet,
'timelonnet',
'Personer registrert i SAP som timelønnet')
# Affiliations for others
affiliation_manuell = _PersonAffiliationCode(
'MANUELL',
'Tilknyttet HiOf uten å være registrert i et av de'
' autoritative kildesystemene')
affiliation_status_manuell_ekstern = _PersonAffStatusCode(
affiliation_manuell,
'ekstern',
'Eksternt tilknyttet person, når spesifikke kategorier ikke passer')
affiliation_status_manuell_pensjonist = _PersonAffStatusCode(
affiliation_manuell,
'pensjonist',
'Pensjonist ved HiOf, ikke registrert i SAP')
affiliation_status_manuell_gjest = _PersonAffStatusCode(
affiliation_manuell,
'gjest',
'Gjesteopphold ved HiOf')
# Posix-shell definitions
#
# We override the default Cerebrum paths for shells, thus this
# file should appear before PosixUser in cereconf.CLASS_CONSTANTS
posix_shell_bash = _PosixShellCode('bash', '/bin/bash')
posix_shell_tcsh = _PosixShellCode('tcsh', '/bin/tcsh')
posix_shell_csh = _PosixShellCode('csh', '/bin/csh')
posix_shell_sh = _PosixShellCode('sh', '/bin/sh')
# Spread definitions - user related
spread_nis_account = _SpreadCode(
'account@nis',
ConstantsUniversityColleges.entity_account,
'Account in NIS')
spread_email_account = _SpreadCode(
'account@imap',
CereConst.Constants.entity_account,
'Email account at HiOf')
spread_ad_account = _SpreadCode(
'account@ad',
CereConst.Constants.entity_account,
'Account included in domain in Active Directory')
spread_ad_account_fag = _SpreadCode(
'account@ad_fag',
CereConst.Constants.entity_account,
'Account included in domain F*G in Active Directory')
spread_ad_account_adm = _SpreadCode(
'account@ad_adm',
CereConst.Constants.entity_account,
'Account included in domain ADM in Active Directory')
spread_ad_account_stud = _SpreadCode(
'account@ad_stud',
CereConst.Constants.entity_account,
'Account included in domain STUD in Active Directory')
# Spread definitions - group related
spread_nis_fg = _SpreadCode(
'fgroup@nis',
ConstantsUniversityColleges.entity_group,
'File group in NIS')
spread_nis_ng = _SpreadCode(
'netgroup@nis',
ConstantsUniversityColleges.entity_group,
'Net group in NIS')
spread_ad_group = _SpreadCode(
'group@ad', CereConst.Constants.entity_group,
'Group included in domain in Active Directory')
# Traits
trait_ad_homedir = _EntityTraitCode(
'ad_homedir',
CereConst.Constants.entity_account,
"AD homedir for account")
trait_ad_profile_path = _EntityTraitCode(
'ad_profile_path',
CereConst.Constants.entity_account,
"AD profile path for account")
trait_ad_account_ou = _EntityTraitCode(
'ad_account_ou',
CereConst.Constants.entity_account,
"AD OU for account")
trait_phone_exchange = _EntityTraitCode(
'phone_exchange',
CereConst.Constants.entity_account,
"ID of telephone exchange, PBX")
trait_cf_group = _EntityTraitCode(
'cf_group',
CereConst.Constants.entity_group,
'Trait for tagging Fronter groups')
# BofhdRequests constants
bofh_ad_attrs_remove = _BofhdRequestOpCode(
"br_ad_attr_rem",
"Remove AD attributes for a user")
class Constants(Constants.Constants):
# Affiliations and statuses
# Project
affiliation_project = _PersonAffiliationCode('PROJECT',
'Member of a project')
# Project Owner
affiliation_status_project_owner = _PersonAffStatusCode(
affiliation_project, 'owner', 'Project Owner')
# Project Administrator (PA)
affiliation_status_project_admin = _PersonAffStatusCode(
affiliation_project, 'admin', 'Project Administrator (PA)')
# Project Member (PM)
affiliation_status_project_member = _PersonAffStatusCode(
affiliation_project, 'member', 'Project Member (PM)')
# Pending
affiliation_pending = _PersonAffiliationCode('PENDING',
'Unapproved affiliations')
# Pending project member (PM)
affiliation_status_pending_project_member = _PersonAffStatusCode(
affiliation_pending, 'member',
'Waiting for getting accepted as a project member')
# Spreads
# AD
spread_ad_account = _SpreadCode('account@ad',
Constants.Constants.entity_account,
'Account should be synced with AD')
spread_file_group = _SpreadCode('filegroup',
Constants.Constants.entity_group,
'File group')
spread_net_group = _SpreadCode('netgroup',
Constants.Constants.entity_group,
'Net group')
spread_ad_host = _SpreadCode('host@ad', DnsConstants.entity_dns_owner,
'Host that is synced with AD')
# GW
spread_gateway_account = _SpreadCode(
'account@gw', Constants.Constants.entity_account,
'Account to be synced to the gateway')
# The gateway doesn't care about groups
# spread_gateway_group = _SpreadCode(
# 'group@gw', Constants.Constants.entity_group,
# 'Group to be synced to the gateway')
# Quarantines
quarantine_autopassord = _QuarantineCode('autopassord',
'Password out of date')
quarantine_generell = _QuarantineCode('generell', 'General block')
quarantine_teppe = _QuarantineCode('teppe', 'Quarantine for severe issues')
quarantine_not_approved = _QuarantineCode(
'not_approved', 'Waiting for approval from admin')
quarantine_project_end = _QuarantineCode(
'project_end', 'Blocking projects when end date is reached')
quarantine_project_start = _QuarantineCode(
'not_started_yet',
"Project haven't started yet, waiting for start date")
quarantine_frozen = _QuarantineCode('frozen', 'Project is frozen')
quarantine_auto_frozen = _QuarantineCode('auto_frozen',
'User is auto-frozen')
# Source systems
system_nettskjema = _AuthoritativeSystemCode(
'Nettskjema', 'Information from Nettskjema, registered by anyone')
system_ad = _AuthoritativeSystemCode('AD', 'Information from AD')
# External IDs
externalid_project_id = _EntityExternalIdCode(
'projectid', Constants.Constants.entity_ou,
"Project's external ID, generated by Cerebrum")
# Traits
trait_project_group = _EntityTraitCode('project_group',
Constants.Constants.entity_group,
'The project a group belongs to')
trait_project_host = _EntityTraitCode('project_host',
DnsConstants.entity_dns_owner,
'The project a host belongs to')
trait_project_subnet = _EntityTraitCode(
'project_subnet', DnsConstants.entity_dns_subnet,
'The project a IPv4 subnet belongs to')
trait_project_subnet6 = _EntityTraitCode(
'project_subnet6', DnsConstants.entity_dns_ipv6_subnet,
'The project a IPv6 subnet belongs to')
trait_project_vm_type = _EntityTraitCode(
'project_vm_type', Constants.Constants.entity_ou,
'The type of VM the project should use')
# Traits for metadata about projects:
trait_project_institution = _EntityTraitCode(
'institution', Constants.Constants.entity_ou,
'The institution the project belongs to')
trait_project_rek = _EntityTraitCode('rek_approval',
Constants.Constants.entity_ou,
'The REK approval for the project')
trait_project_persons_accepted = _EntityTraitCode(
'accepted_persons', Constants.Constants.entity_ou,
'FNRs of non-existing persons that has been '
'accepted as members of the project')
# Authentication codes (password types):
trait_otp_device = _EntityTraitCode(
'otp_device', Constants.Constants.entity_person,
'The type of OTP key, e.g. hotp or '
'totp, depending on device')
auth_type_otp_key = _AuthenticationCode(
'OTP-key',
'One-Time Password key, used to be able to generate one-time'
'passwords')
# DNS zone
tsd_zone = _DnsZoneCode("tsd", ".tsd.usit.no.")
tsdv4_zone = _DnsZoneCode("tsdipv4", None)
tsdv6_zone = _DnsZoneCode("tsdipv6", None)
class ConstantsCommon(Constants.Constants):
""" Constants that every instance should have. """
""" Common constants for all Norwegian installations. """
# external id definitions (NO_NIN, norwegian national id number)
externalid_fodselsnr = _EntityExternalIdCode(
'NO_BIRTHNO', Constants.Constants.entity_person,
'Norwegian national ID number')
@staticmethod
def make_passport_number(country, passport_number):
return '{}-{}'.format(country, passport_number)
# External IDs related to A-melding.
externalid_pass_number = _EntityExternalIdCode(
'PASSNR', Constants.Constants.entity_person,
"A persons passport number")
externalid_social_security_number = _EntityExternalIdCode(
'SSN', Constants.Constants.entity_person,
"A persons social security number")
externalid_tax_identification_number = _EntityExternalIdCode(
'TIN', Constants.Constants.entity_person,
"A persons tax identification number")
externalid_value_added_tax_number = _EntityExternalIdCode(
'VAT', Constants.Constants.entity_person,
"A persons value added tax identification number")
system_override = _AuthoritativeSystemCode(
'Override', 'Override information fetched from authoritative systems')
spread_ou_publishable = _SpreadCode(
'publishable_ou', Constants.Constants.entity_ou,
'OUs publishable in online directories')
quarantine_autopassord = _QuarantineCode(
'autopassord', 'Passord ikke skiftet trass pålegg')
quarantine_svakt_passord = _QuarantineCode('svakt_passord',
'For dårlig passord')
trait_auto_group = _EntityTraitCode(
'auto_group', Constants.Constants.entity_group,
"Trait marking automatically administered groups with person members.")
trait_auto_meta_group = _EntityTraitCode(
'auto_meta_group', Constants.Constants.entity_group,
"Trait marking automatically administered groups with group members.")
trait_personal_dfg = _EntityTraitCode('personal_group',
Constants.Constants.entity_group,
"Group is a personal file group.")
trait_group_entitlement = _EntityTraitCode(
'entitlement', Constants.Constants.entity_group,
"Trait listing entitlement that members of this group have")
# Traits for the password service (Individuation)
trait_password_token = _EntityTraitCode(
"password_token", Constants.Constants.entity_account,
"Store a one time password for an account")
trait_browser_token = _EntityTraitCode(
"browser_token", Constants.Constants.entity_account,
"Store a browser token for an account")
trait_password_failed_attempts = _EntityTraitCode(
"passw_attempts", Constants.Constants.entity_account,
"Number of times an account has tried to use sms password service")
# Trait for reservation from the new password service
# TODO: should be replaced by a reservation table later
trait_reservation_sms_password = _EntityTraitCode(
'reserve_passw', Constants.Constants.entity_account,
"Reserving account from using the forgotten password service (SMS)")
# Trait for reservation from being published at the web
# TODO: should be replaced by a reservation table later
trait_public_reservation = _EntityTraitCode(
'reserve_public', Constants.Constants.entity_person,
"Reserved from being published at the web pages")
# Trait for storing if a user has gotten a welcome SMS.
trait_sms_welcome = _EntityTraitCode(
'sms_welcome', Constants.Constants.entity_account,
"If a user has retrieved a welcome message by SMS")
# Trait for showing that a user account is either newly created or restored.
# Used to e.g. send welcome message by SMS. This trait is for all accounts,
# the trait_student_new should be used for only targeting student accounts.
trait_account_new = _EntityTraitCode(
'new_account', Constants.Constants.entity_account,
"The account is newly created or restored")
# Trait for showing that a student account is either newly created or
# restored. Used to send welcome message by SMS.
trait_student_new = _EntityTraitCode(
'new_student', Constants.Constants.entity_account,
"If the student account is newly created or restored")
# Traits for SAP medarbeidergrupper
trait_sap_mg = _EntityTraitCode('sap_mg',
Constants.Constants.entity_account,
"MG from SAP - medarbeidergruppe")
trait_sap_mug = _EntityTraitCode('sap_mug',
Constants.Constants.entity_account,
"MUG from SAP - medarbeiderundergruppe")
# Quarantine to be set automatically when cleaning up in persons that are no
# longer affiliated with the instance
quarantine_auto_no_aff = _QuarantineCode(
'auto_no_aff', 'Ikke tilknyttet person, utestengt')
class ConstantsUniversityColleges(Constants.Constants):
# Source systems
system_migrate = _AuthoritativeSystemCode('MIGRATE', 'Migrate from files')
system_manual = _AuthoritativeSystemCode('MANUELL',
'Manually added information')
# Affiliation for associated people
affiliation_tilknyttet = _PersonAffiliationCode(
'TILKNYTTET', 'Assosiert, reg. i kildesystem')
affiliation_status_tilknyttet_fagperson = _PersonAffStatusCode(
affiliation_tilknyttet, 'fagperson', 'Registrert i FS, fagperson')
affiliation_status_tilknyttet_pensjonist = _PersonAffStatusCode(
affiliation_tilknyttet, 'pensjonist', 'Registrert i HR, pensjonist')
affiliation_status_tilknyttet_bilag = _PersonAffStatusCode(
affiliation_tilknyttet, 'bilag', 'Registrert i HR, bilagslønnet')
affiliation_status_tilknyttet_time = _PersonAffStatusCode(
affiliation_tilknyttet, 'timelønnet', 'Registrert i HR, timelønnet')
affiliation_status_tilknyttet_gjest = _PersonAffStatusCode(
affiliation_tilknyttet, 'gjest', 'Registrert i HR, gjest')
affiliation_status_tilknyttet_gjestefors = _PersonAffStatusCode(
affiliation_tilknyttet, 'gjesteforsker',
'Registrert i HR, gjesteforsker')
affiliation_status_tilknyttet_nosrc = _PersonAffStatusCode(
affiliation_tilknyttet, 'nosource',
'Ekstern person, ltilknyttet uten rgistrering')
affiliation_tilknyttet_fagperson = _PersonAffStatusCode(
affiliation_tilknyttet, 'fperson', 'Dummy, do not use')
# quarantine definitions
quarantine_generell = _QuarantineCode('generell', 'Generell sperring')
quarantine_teppe = _QuarantineCode('teppe', 'Kalt inn til samtale')
quarantine_auto_emailonly = _QuarantineCode(
'kunepost', 'Ikke ordinær student, tilgang til bare e-post')
quarantine_system = _QuarantineCode(
'system', 'Systembruker som ikke skal logge inn')
# Cerebrum (internal), used by automagic only
quarantine_auto_inaktiv = _QuarantineCode('auto_inaktiv',
'Ikke aktiv student, utestengt')
quarantine_autoemailonly = _QuarantineCode(
'auto_kunepost', 'Privatist, kun tilgang til e-post')
quarantine_ou_notvalid = _QuarantineCode(
'ou_notvalid', 'Sted ugyldig i autoritativ kildesystem')
quarantine_ou_remove = _QuarantineCode(
'ou_remove', 'Sted fjernet fra autoritativ kildesystem')
# Non-personal account codes
account_test = _AccountCode('testbruker', 'Testkonto')
account_kurs = _AccountCode('kursbruker', 'Kurskonto')
account_studorg = _AccountCode('studorgbruker',
'Studentorganisasjonsbruker')
account_felles = _AccountCode('fellesbruker', 'Fellesbruker')
account_system = _AccountCode('systembruker', 'Systembruker')
# SAP name constants
name_middle = _PersonNameCode('MIDDLE', 'Mellomnavn')
name_initials = _PersonNameCode('INITIALS', 'Initialer')
## Contact info
contact_office = _ContactInfoCode(
'OFFICE', 'Office address (building code and room number')
# SAP comm. constants
contact_phone_cellular = _ContactInfoCode("CELLPHONE", "Mobiltelefonnr")
contact_phone_cellular_private = _ContactInfoCode("PRIVCELLPHONE",
"Privat mobiltefonnr")
# Spread definitions - user related
spread_ldap_account = _SpreadCode('account@ldap',
Constants.Constants.entity_account,
'Brukeren kjent i LDAP (FEIDE)')
spread_lms_account = _SpreadCode('account@lms',
Constants.Constants.entity_account,
'Brukeren kjent i LMSen')
# Spread definitions - guest user related
spread_ad_guest = _SpreadCode(
'guest_account@ad', Constants.Constants.entity_account,
'Guest account included in Active Directory')
# Spread definitions - person related
spread_ldap_person = _SpreadCode(
'person@ldap', Constants.Constants.entity_person,
'Person kjent i organisasjonstreet (FEIDE-person)')
spread_lms_person = _SpreadCode('person@lms',
Constants.Constants.entity_person,
'Person kjent i organisasjonens LMS')
# Spread definitions - group related
spread_lms_group = _SpreadCode('group@lms',
Constants.Constants.entity_group,
'Gruppen kjent i LMS')
# Spread definitions - ou related
spread_ou_to_cristin = _SpreadCode('CRIS_OU',
Constants.Constants.entity_ou,
'OU to be exported to Cristin')
class Constants(Constants.Constants):
#
# External Identifiers
#
externalid_sys_x_id = _EntityExternalIdCode(
'SYS_X_ID', Constants.Constants.entity_person,
'Internal sys_x identifier')
externalid_paga_ansattnr = _EntityExternalIdCode(
'PAGA_ANSATTNR', Constants.Constants.entity_person,
'Internal PAGA identifier')
externalid_hifm_ansattnr = _EntityExternalIdCode(
'HIFM_ANSATTNR', Constants.Constants.entity_person,
'Internal HIFM identifier')
externalid_sito_ansattnr = _EntityExternalIdCode(
'SITO_ANSATTNR', Constants.Constants.entity_person,
'Internal SITO identifier')
externalid_sito_ou = _EntityExternalIdCode('SITO_OU',
Constants.Constants.entity_ou,
'internal sito ou identifier')
#
# Authoritative systems
#
system_hifm = _AuthoritativeSystemCode('HIFM', 'Høgskolen i Alta')
system_hitos = _AuthoritativeSystemCode('HITOS', 'Høgskolen i Tromsø')
system_x = _AuthoritativeSystemCode('SYS_X', 'Manuelt personal system')
system_tlf = _AuthoritativeSystemCode('TLF', 'Telefoni system')
system_sysacc = _AuthoritativeSystemCode('SYSACC', 'System Accounts')
system_paga = _AuthoritativeSystemCode('PAGA', 'PAGA')
system_sito = _AuthoritativeSystemCode('SITO', 'SITO')
system_flyt = _AuthoritativeSystemCode('FLYT', 'FLYT')
system_fs_derived = _AuthoritativeSystemCode('FS-auto',
'Utledet av FS data')
system_kr_reg = _AuthoritativeSystemCode(
'KR_REG', 'Kontakt- og reservasjonsregisteret')
system_intern_ice = _AuthoritativeSystemCode(
'INTERN_ICE', 'Internal (uit) source for ICE number')
#
# Account codes
#
account_test = _AccountCode('T', 'Testkonto')
account_felles_drift = _AccountCode('FD', 'Felles Drift')
account_felles_intern = _AccountCode('FI', 'Felles Intern')
account_kurs = _AccountCode('K', 'Kurs')
account_forening = _AccountCode('F', 'Forening')
account_maskin = _AccountCode('M', 'Maskin')
account_prosess = _AccountCode('P', 'Prosess')
account_uit_guest = _AccountCode('gjestebruker_uit', 'Manuell gjestekonto')
#
# Contact codes
#
contact_workphone2 = _ContactInfoCode('PHONE_WORK_2',
'Secondary Work Phone')
contact_room = _ContactInfoCode('ROOM@UIT', 'Location and room number')
contact_building = _ContactInfoCode('BYGG@UIT', 'Building name')
contact_sito_mobile = _ContactInfoCode('PHONE_SITO', 'sito employee phone')
contact_uit_mobile = _ContactInfoCode('PHONE_UIT', 'uit employee phone')
contact_ice_phone = _ContactInfoCode('ICE_PHONE',
'Phone number for alerts (varsler)')
#
# Address codes
#
address_location = _AddressCode('Lokasjon', 'Campus')
#
# OU Structure perspective
#
perspective_sito = _OUPerspectiveCode('SITO', 'SITO')
#
# Affiliations
#
# Employee affiliations
affiliation_ansatt_sito = _PersonAffiliationCode(
'SITO', 'Ansatt ved studentsamskipnaden i tromso')
affiliation_ansatt = _PersonAffiliationCode('ANSATT',
'Ansatt ved UiT (i følge LT)')
affiliation_flyt_ansatt_hih = _PersonAffiliationCode(
'ANSATT_HIH', 'Ansatt ved HiH')
affiliation_flyt_student_hih = _PersonAffiliationCode(
'STUDENT_HIH', 'Student ved HiH')
# Affiliation status
affiliation_status_flyt_hih_ansatt_faculty = _PersonAffStatusCode(
affiliation_ansatt, 'Ansatt HiH', 'Vitenskapelig')
affiliation_status_flyt_hih_ansatt_tekadm = _PersonAffStatusCode(
affiliation_ansatt, 'ansatt HiH', 'Teknisk/administrativt')
affiliation_status_flyt_hin_ansatt_faculty = _PersonAffStatusCode(
affiliation_ansatt, 'Ansatt HiN', 'Vitenskapelig')
affiliation_status_flyt_hin_ansatt_tekadm = _PersonAffStatusCode(
affiliation_ansatt, 'ansatt HiN', 'Teknisk/administrativt')
affiliation_status_timelonnet_fast = _PersonAffStatusCode(
affiliation_ansatt, 'Timelonnet fast', 'Fast ansatt på timelønn')
affiliation_status_timelonnet_midlertidig = _PersonAffStatusCode(
affiliation_ansatt, 'Timelonnet midl',
'Midlertidig ansatt på timelønn')
affiliation_status_ansatt_perm = _PersonAffStatusCode(
affiliation_ansatt, 'permisjon', 'Ansatt, for tiden i permisjon')
affiliation_status_flyt_ansatt_hifm = _PersonAffStatusCode(
affiliation_ansatt, 'ansatt HIFm', 'Ansatte fra Høyskolen i Alta')
affiliation_status_ansatt_sito = _PersonAffStatusCode(
affiliation_ansatt_sito, 'sito', 'Ansatt')
affiliation_status_ansatt_sys_x = _PersonAffStatusCode(
affiliation_ansatt, 'sys_x-ansatt',
'Manuelt gitt tilgang til AD (bør nyanseres)')
# Student affiliations
affiliation_student = _PersonAffiliationCode(
'STUDENT', 'Student ved UiT (i følge FS)')
affiliation_status_flyt_hih_student_aktiv = _PersonAffStatusCode(
affiliation_student, 'student HiH', 'Aktiv student')
affiliation_status_flyt_student_hifm = _PersonAffStatusCode(
affiliation_student, 'student HIFm', 'Student fra Høyskolen i Alta')
affiliation_status_flyt_hin_student_aktiv = _PersonAffStatusCode(
affiliation_student, 'student HiN', 'Aktiv student')
affiliation_status_student_soker = _PersonAffStatusCode(
affiliation_student, 'soker', 'Registrert med søknad i FS')
affiliation_status_student_sys_x = _PersonAffStatusCode(
affiliation_student, 'sys_x-student',
'Student Manuelt gitt tilgang til AD')
affiliation_status_student_tilbud = _PersonAffStatusCode(
affiliation_student, 'tilbud', 'Har fått tilbud om opptak')
affiliation_status_student_opptak = _PersonAffStatusCode(
affiliation_student, 'opptak', 'Har studierett ved studieprogram')
affiliation_status_student_ny = Constants._PersonAffStatusCode(
affiliation_student, 'ny', 'Registrert med ny, gyldig studierett i FS')
affiliation_status_student_perm = _PersonAffStatusCode(
affiliation_student, 'permisjon', 'Har gyldig permisjonstatus i FS')
affiliation_status_student_alumni = _PersonAffStatusCode(
affiliation_student, 'alumni', 'Har fullført studieprogram i FS')
affiliation_status_student_drgrad = _PersonAffStatusCode(
affiliation_student, 'drgrad', 'Registrert student på doktorgrad')
affiliation_status_student_emnestud = _PersonAffStatusCode(
affiliation_student, 'emnestud',
'Registrert som aktiv emnestudent i FS')
# Tilknyttet affiliation
affiliation_tilknyttet = _PersonAffiliationCode(
'TILKNYTTET', 'Tilknyttet UiT uten å være student eller ansatt')
affiliation_tilknyttet_fagperson = _PersonAffStatusCode(
affiliation_tilknyttet, 'fagperson', 'Registrert som fagperson i FS')
affiliation_tilknyttet_emeritus = _PersonAffStatusCode(
affiliation_tilknyttet, 'emeritus',
'Registrert i LT med gjestetypekode EMERITUS')
affiliation_tilknyttet_ekst_stip = _PersonAffStatusCode(
affiliation_tilknyttet, 'ekst_stip',
'Personer registrert i LT med gjestetypekode=EF-STIP')
# Manual affiliation
affiliation_manuell = _PersonAffiliationCode(
'MANUELL', 'Tilknyttet enheter/instutusjoner som UiT har avtale med')
affiliation_manuell_alumni = _PersonAffStatusCode(
affiliation_manuell, 'alumni', 'Uteksaminerte studenter')
affiliation_manuell_sito = _PersonAffStatusCode(
affiliation_manuell, 'sito', 'Manuelt registrert Sito ansatt')
affiliation_manuell_gjest_u_konto = _PersonAffStatusCode(
affiliation_manuell, 'gjest_u_konto', 'gjest uten konto')
affiliation_manuell_unn = _PersonAffStatusCode(
affiliation_manuell, 'UNN', 'Universitets sykheuset i Nord Norge')
affiliation_manuell_gjest = _PersonAffStatusCode(affiliation_manuell,
'gjest', 'Gjest')
affiliation_manuell_utdanning_no = _PersonAffStatusCode(
affiliation_manuell, 'utdanning_no', 'Utdanning.no')
affiliation_manuell_akademisk_kvarter = _PersonAffStatusCode(
affiliation_manuell, 'akademisk_kvart', 'Akademisk Kvarter')
affiliation_manuell_norges_universitetet = _PersonAffStatusCode(
affiliation_manuell, 'norges_universi', 'Norgesuniversitetet')
affiliation_manuell_kirkutdnor = _PersonAffStatusCode(
affiliation_manuell, 'kirkutdnor',
'Kirkelig Utdanningssenter Nord-Norge')
affiliation_manuell_gjesteforsker = _PersonAffStatusCode(
affiliation_manuell, 'gjesteforsker', 'Gjesteforsker (under utfasing)')
affiliation_manuell_konsulent = _PersonAffStatusCode(
affiliation_manuell, 'konsulent', 'Konsulent (under utfasing)')
affiliation_status_gjest_u_account = _PersonAffStatusCode(
affiliation_manuell, 'gjest_u_konto', 'Gjest uten konto')
# Non-personal affiliation
affiliation_upersonlig = _PersonAffiliationCode(
'UPERSONLIG', 'Fellesbrukere, samt andre brukere uten eier')
affiliation_upersonlig_felles = _PersonAffStatusCode(
affiliation_upersonlig, 'felles', 'Felleskonti')
affiliation_upersonlig_kurs = _PersonAffStatusCode(affiliation_upersonlig,
'kurs', 'Kurskonti')
affiliation_upersonlig_pvare = _PersonAffStatusCode(
affiliation_upersonlig, 'pvare', 'Programvarekonti')
affiliation_upersonlig_term_maskin = _PersonAffStatusCode(
affiliation_upersonlig, 'term_maskin', 'Terminalstuemaskin')
affiliation_upersonlig_bib_felles = _PersonAffStatusCode(
affiliation_upersonlig, 'bib_felles', 'Bibliotek felles')
#
# Shells
#
# Override of the default shell paths.
# NOTE: this file should be before PosixUser in cereconf.CLASS_CONSTANTS
# TODO: Shell path mapping should be configuration, not db-constants.
#
posix_shell_bash = _PosixShellCode('bash', '/bin/bash')
posix_shell_csh = _PosixShellCode('csh', '/bin/csh')
posix_shell_false = _PosixShellCode('false', '/bin/false')
posix_shell_nologin = _PosixShellCode('nologin', '/local/etc/nologin')
posix_shell_sh = _PosixShellCode('sh', '/bin/sh')
posix_shell_zsh = _PosixShellCode('zsh', '/local/bin/zsh')
#
# Spreads
#
spread_uit_fronter = _SpreadCode('fronter@uit',
Constants.Constants.entity_group,
'fronter user')
spread_uit_fronter_account = _SpreadCode(
'fronter_acc@uit', Constants.Constants.entity_account,
'fronter account')
spread_uit_evu = _SpreadCode('evu@uit', Constants.Constants.entity_account,
'evu person')
spread_uit_cristin = _SpreadCode('cristin@uit',
Constants.Constants.entity_account,
'Accounts with CRISTIN spread')
# spread for ldap guests
spread_uit_ldap_guest = _SpreadCode(
'guest@ldap', Constants.Constants.entity_account,
'LDAP/RADIUS spread for wireless accounts')
# spread for ldap system accounts
spread_uit_ldap_system = _SpreadCode(
'system@ldap', Constants.Constants.entity_account,
'account included in system tree on ldap')
# spread for ldap people accounts
spread_uit_ldap_people = _SpreadCode(
'people@ldap', Constants.Constants.entity_account,
'account included in people tree on ldap')
# spread for securimaster export
spread_uit_securimaster = _SpreadCode(
'securimaster', Constants.Constants.entity_account,
'account to be exported to securimaster')
# spread for portal export
spread_uit_portal = _SpreadCode('portal export',
Constants.Constants.entity_account,
'account to be exported to the portal')
# spread for paga export - account uit should be exported to paga
spread_uit_paga = _SpreadCode('paga export',
Constants.Constants.entity_account,
'account to have its uid exported to paga')
# spread for fs export - account should have email and uid exported to FS
spread_uit_fs = _SpreadCode(
'fs export', Constants.Constants.entity_account,
'account to have its uid and email exported to fs')
spread_uit_ad_account = _SpreadCode(
'AD_account', Constants.Constants.entity_account,
'account included in Active Directory')
spread_uit_ad_group = _SpreadCode('AD_group',
Constants.Constants.entity_group,
'group included in Active Directory')
spread_uit_ad_lit_admingroup = _SpreadCode(
'AD_group_litadmn', Constants.Constants.entity_group,
'AD admingroup for local IT')
# Spreads for Exchange
spread_uit_exchange = _SpreadCode('exchange_mailbox',
Constants.Constants.entity_account,
'Accounts with exchange mailbox')
# sito spread
spread_sito = _SpreadCode('SITO', Constants.Constants.entity_account,
'Accounts generated for sito users')
spread_fronter_dotcom = _SpreadCode(
'*****@*****.**', Constants.Constants.entity_group,
'Group representing a course that should be exported to the '
'ClassFronter instance on fronter.com. Should only be given to '
'groups that have been automatically generated from FS.')
spread_ephorte_person = _SpreadCode('ePhorte_person',
Constants.Constants.entity_person,
'Person included in ePhorte export')
#
# Email
#
email_server_type_exchange_imap = _EmailServerTypeCode(
'exchange_imap', "Server is an Exchange server")
#
# Quarantines
#
quarantine_ou_notvalid = _QuarantineCode(
'ou_notvalid', 'OU not valid from external source')
quarantine_auto_emailonly = _QuarantineCode(
'auto_kunepost', 'Ikke ordin<E6>r student, tilgang til bare e-post')
quarantine_auto_inaktiv = _QuarantineCode('auto_inaktiv',
'Ikke aktiv student, utestengt')
quarantine_tilbud = _QuarantineCode(
'Tilbud', "Pre-generert konto til studenter som har fått studietilbud,"
"men som ikke har aktivert kontoen.")
quarantine_sys_x_approved = _QuarantineCode(
'sys-x_approved', 'Konto fra system-x som ikke er godkjent')
quarantine_generell = _QuarantineCode('generell', 'Generell splatt')
quarantine_system = _QuarantineCode(
'system', 'Systembrukar som ikke skal logge inn')
quarantine_permisjon = _QuarantineCode('permisjon',
'Brukeren har permisjon')
quarantine_svakt_passord = _QuarantineCode('svakt_passord',
'For dårlig passord')
quarantine_autopassord = _QuarantineCode(
'autopassord', 'Passord ikke skiftet trass pålegg')
quarantine_sut_disk_usage = _QuarantineCode('sut_disk',
"Bruker for mye disk på sut")
#
# Auth codes
#
auth_type_md5_crypt_hex = _AuthenticationCode(
'MD5-crypt2', "MD5-derived 32 bit password non unix style, no salt")
auth_type_md5_b64 = _AuthenticationCode(
'MD5-crypt_base64', "MD5-derived 32 bit password base 64 encoded")
#
# Traits
#
trait_sito_registrar_notified = _EntityTraitCode(
'sito_req_mailed', Constants.Constants.entity_account,
"Trait set on account when sito processing is done")
trait_sito_user_notified = _EntityTraitCode(
'sito_user_mailed', Constants.Constants.entity_account,
"Trait set on account after account created mail is sent to user")
trait_sysx_registrar_notified = _EntityTraitCode(
'sysx_reg_mailed', Constants.Constants.entity_account,
"Trait set on account when systemx processing is done")
trait_sysx_user_notified = _EntityTraitCode(
'sysx_user_mailed', Constants.Constants.entity_account,
"Trait set on account after account created mail is sent to user")
trait_primary_aff = _EntityTraitCode(
"primary_aff", Constants.Constants.entity_person,
"A person's chosen primary affiliation,"
" for use at the web presentations")
trait_sysx_registrar_notified = _EntityTraitCode(
'sysx_reg_mailed', Constants.Constants.entity_account,
"Trait set on account when systemx processing is done")
trait_sysx_user_notified = _EntityTraitCode(
'sysx_user_mailed', Constants.Constants.entity_account,
"Trait set on account after account created mail is sent to user")
trait_nsd_unit_code = _EntityTraitCode(
'nsd_unit_code', Constants.Constants.entity_ou,
'NSD unit code (Avdelingskode) to use for this OU')
class EphorteConstants(ConstantsBase):
# Values from the ePhorte table ROLE
ephorte_role_ar1 = _EphorteRoleTypeCode('AR1', 'Arkivansvarlig')
ephorte_role_ar2 = _EphorteRoleTypeCode('AR2', 'Arkivar')
ephorte_role_ar3 = _EphorteRoleTypeCode('AR3', 'Arkivledelsen')
ephorte_role_ld = _EphorteRoleTypeCode('LD', 'Leder/saksfordeler')
ephorte_role_ld_les = _EphorteRoleTypeCode('LD LES', 'Leserolle - leder')
ephorte_role_sb = _EphorteRoleTypeCode('SB', 'Saksbehandler')
ephorte_role_sb2 = _EphorteRoleTypeCode('SB2', 'Consultant')
ephorte_role_sy = _EphorteRoleTypeCode('SY', 'Systemansvarlig')
ephorte_role_mal = _EphorteRoleTypeCode('MAL', 'Mal-ansvarlige')
ephorte_role_sub = _EphorteRoleTypeCode('SUB', 'Superbruker')
#Values from the ePhorte table tilgang_type_code
ephorte_perm_us = _EphortePermTypeCode(
'US', 'Unntatt etter offentlighetsloven ved SO')
ephorte_perm_un = _EphortePermTypeCode(
'UN', 'Unntatt etter offentlighetsloven ved NIKK')
ephorte_perm_ua = _EphortePermTypeCode('UA', 'Under arbeid')
ephorte_perm_uo = _EphortePermTypeCode('UO',
'Unntatt etter offentlighetsloven')
ephorte_perm_p = _EphortePermTypeCode('P', 'Personalsaker')
ephorte_perm_p2 = _EphortePermTypeCode('P2',
'Personers økonomiske forhold')
ephorte_perm_p3 = _EphortePermTypeCode('P3', 'Disiplinærsaker personal')
ephorte_perm_p4 = _EphortePermTypeCode('P4', 'Rettssaker')
ephorte_perm_s = _EphortePermTypeCode('S', 'Studentsaker')
ephorte_perm_s2 = _EphortePermTypeCode('S2', 'Disiplinærsaker studenter')
ephorte_perm_b = _EphortePermTypeCode('B',
'Begrenset etter sikkerhetsloven')
ephorte_perm_f = _EphortePermTypeCode(
'F', 'Fortrolig etter beskyttelsesinstruksen')
ephorte_perm_k = _EphortePermTypeCode('K', 'Kontrakter og avtaler')
ephorte_perm_of = _EphortePermTypeCode('OF',
'Unntatt etter offentlighetsloven')
ephorte_perm_pv = _EphortePermTypeCode('PV', 'Personalsaker')
ephorte_perm_po = _EphortePermTypeCode('PO',
'Personers økonomiske forhold')
ephorte_perm_pd = _EphortePermTypeCode('PD', 'Disiplinærsaker personal')
ephorte_perm_pr = _EphortePermTypeCode('PR', 'Rettssaker')
ephorte_perm_sv = _EphortePermTypeCode('SV', 'Studentsaker')
ephorte_perm_sd = _EphortePermTypeCode('SD', 'Disiplinærsaker studenter')
ephorte_perm_ar = _EphortePermTypeCode('AR', 'Under arbeid')
ephorte_perm_pa = _EphortePermTypeCode('PA', 'Personalsaker AKAN')
ephorte_perm_fo = _EphortePermTypeCode('FO', 'Forskningssaker')
ephorte_perm_st = _EphortePermTypeCode('ST', 'Studenttilrettelegging')
ephorte_perm_va = _EphortePermTypeCode('VA', 'Varsling ansatte')
ephorte_perm_vs = _EphortePermTypeCode('VS', 'Varsling studenter')
ephorte_perm_pb = _EphortePermTypeCode('PB', 'Personalsaker bilagslønn')
ephorte_perm_os = _EphortePermTypeCode('OS', 'Studentombud')
ephorte_perm_ai = _EphortePermTypeCode('AI', 'Anskaffelse Innkjøp')
ephorte_perm_af = _EphortePermTypeCode('AF', 'Forskningsavvik')
# Values from the ePhorte table ARKIVDEL
ephorte_arkivdel_avtale_uio = _EphorteArkivdelCode(
'AVTALE UIO', 'Avtalearkiv ved Universitetet i Oslo')
ephorte_arkivdel_cristin = _EphorteArkivdelCode(
'CRISTIN', 'Current Research Information System in Norway')
ephorte_arkivdel_fs = _EphorteArkivdelCode('FS',
'FS - Felles studentsystem')
ephorte_arkivdel_eiend_uio = _EphorteArkivdelCode(
'EIEND UIO', 'Eiendomsarkiv ved Universitetet i Oslo')
ephorte_arkivdel_khm_forn = _EphorteArkivdelCode(
'KHM FORN', 'KHM (Kulturhistorisk museum) - Fornminnneforvaltning')
ephorte_arkivdel_pers_uio = _EphorteArkivdelCode(
'PERS UIO', 'Personalarkiv ved Universitetet i Oslo')
ephorte_arkivdel_persav_uio = _EphorteArkivdelCode(
'PERSAV UIO', 'Avsluttede personalmapper ved UiO')
ephorte_arkivdel_sak_romani = _EphorteArkivdelCode(
'ROMANI', 'Romani og taterutvalget')
ephorte_arkivdel_sak_nikk = _EphorteArkivdelCode('SAK NIKK',
'Saksarkiv ved NIKK')
ephorte_arkivdel_sak_so = _EphorteArkivdelCode(
'SAK SO', 'Saksarkiv ved Samordna Opptak')
ephorte_arkivdel_sak_uio = _EphorteArkivdelCode(
'SAK UIO', 'Saksarkiv ved Universitetet i Oslo')
ephorte_arkivdel_stud_uio = _EphorteArkivdelCode(
'STUD UIO', 'Studentarkiv ved Universitetet i Oslo')
ephorte_arkivdel_studav_uio = _EphorteArkivdelCode(
'STUDAV UIO', 'Avsluttede studentmapper ved UiO')
ephorte_arkivdel_sak_fsat = _EphorteArkivdelCode(
'SAK FSAT', 'Saksarkiv ved Felles studieadministrativt tjenestesenter')
# Values from the ePhorte table JOURNENHET
ephorte_journenhet_uio = _EphorteJournalenhetCode(
'J-UIO', 'Journalenhet for UiO - Universitetet i Oslo')
ephorte_journenhet_so = _EphorteJournalenhetCode(
'J-SO', 'Journalenhet for SO - Samordna Opptak')
ephorte_journenhet_nikk = _EphorteJournalenhetCode(
'J-NIKK',
'Journalenhet for NIKK - Nordisk institutt for kvinne- og kjønnsforskn'
)
ephorte_journenhet_romani = _EphorteJournalenhetCode(
'J-ROMANI', 'Journalenhet for ROMANI - prosjektet')
ephorte_journenhet_fsat = _EphorteJournalenhetCode(
'J-FSAT',
'Journalenhet for FSAT - Felles studieadministrativt tjenestesenter')
# Spreads relevant for ephorte
spread_ephorte_person = _SpreadCode('ePhorte_person',
Constants.Constants.entity_person,
'Person included in ePhorte export')
spread_ephorte_ou = _SpreadCode('ePhorte_ou',
Constants.Constants.entity_ou,
'OU included in ePhorte export')
EphorteRole = _EphorteRoleTypeCode
EphorteArkivdel = _EphorteArkivdelCode
EphorteJournalenhet = _EphorteJournalenhetCode
EphortePermission = _EphortePermTypeCode
# ChangeLog constants
ephorte_role_add = _ChangeTypeCode('ephorte', 'role_add',
'add ephorte role @ %(dest)s',
('type=%(rolle_type:rolle_type)s', ))
ephorte_role_upd = _ChangeTypeCode('ephorte', 'role_upd',
'update ephorte role @ %(dest)s')
ephorte_role_rem = _ChangeTypeCode('ephorte', 'role_rem',
'remove ephorte role @ %(dest)s',
('type=%(rolle_type:rolle_type)s', ))
ephorte_perm_add = _ChangeTypeCode('ephorte', 'perm_add',
'add ephorte perm @ %(dest)s',
('type=%(perm_type:perm_type)s', ))
ephorte_perm_rem = _ChangeTypeCode('ephorte', 'perm_rem',
'remove ephorte perm @ %(dest)s',
('type=%(perm_type:perm_type)s', ))
def process_person(self, person):
"""Sync spreads between a person and it's accounts."""
# str2const is something we need if we create new accounts.
self._make_str2const()
if not self._ac:
self._ac = Factory.get('Account')(self.db)
def _diff_aff(new_aff, old_aff):
"""Return two lists. One with affiliations to remove and one
with affiliations to add."""
remove = list()
add = list()
for tpl in new_aff:
if tpl not in old_aff:
add.append(tpl)
for tpl in old_aff:
if tpl not in new_aff:
remove.append(tpl)
return remove, add
# Find the person's affiliations
person_affiliations = []
for row in person.get_affiliations():
person_affiliations.append((row['ou_id'], row['affiliation']))
# If the person in question doesn't have any affiliations, we
# don't create any account.
accounts = person.get_accounts(filter_expired=False)
if len(accounts) == 0:
if person_affiliations:
ac = self._maybe_create_account(person)
if ac:
self.logger.info("Person '%d' got new account '%s'." %
(person.entity_id, ac.account_name))
# Take care of person affiliations too
else:
self.logger.info(
"Person '%d' have no affiliations. No account created." %
person.entity_id)
# Clean up in spreads
change = False
for spread in procconf.PERSON_SPREADS:
if person_affiliations:
if not person.has_spread(int(self.str2const[spread])):
person.add_spread(int(self.str2const[spread]))
self.logger.info("Person '%d' got spread '%s'." %
(person.entity_id, spread))
change = True
else:
if person.has_spread(int(self.str2const[spread])):
person.delete_spread(int(self.str2const[spread]))
self.logger.info("Person '%d' have no affiliations. "
"Spread '%s' deleted." %
(person.entity_id, spread))
change = True
if change:
person.write_db()
# Loop over the person's account(s) and correct affiliations
# and spreads
for account in person.get_accounts(filter_expired=False):
account_affiliations = []
self._ac.clear()
self._ac.find(account['account_id'])
# Update affiliations
for row in self._ac.get_account_types(filter_expired=False):
account_affiliations.append((row['ou_id'], row['affiliation']))
rem, add = _diff_aff(person_affiliations, account_affiliations)
change = False
for r in rem:
self._ac.del_account_type(r[0], r[1])
change = True
self.logger.info("Account '%s' removed type '%s', '%s'." %
(self._ac.account_name, r[0], r[1]))
for a in add:
self._ac.set_account_type(a[0], a[1])
change = True
self.logger.info("Account '%s' added type '%s', '%s'." %
(self._ac.account_name, a[0], a[1]))
# Set expire_date if no account_types
if not person_affiliations:
# Don't reset expire_date on an already expired account
if not self._ac.expire_date:
self._ac.expire_date = DateTime.now()
change = True
self.logger.info("Account '%s' set to expired." %
self._ac.account_name)
else:
# The account is about to get account_types so we restore it
# by removing expire_date
if self._ac.expire_date:
self._ac.expire_date = None
change = True
self.logger.info("Account '%s' is restored." %
self._ac.account_name)
self._ac_add_new_traits(self._ac)
# TODO: Limit the removal of spreads to types known by proc_entity
# Update account spreads (if set in the config)
if (hasattr(procconf, 'ACCOUNT_SPREADS')
and hasattr(procconf, 'OU2ACCOUNT_SPREADS')):
raise Errors.ProgrammingError(
"Both ACCOUNT_SPREADS and OU2ACCOUNT_SPREADS in procconf.")
elif (hasattr(procconf, 'ACCOUNT_SPREADS')
and procconf.ACCOUNT_SPREADS):
acc_spreads = []
for i in person_affiliations:
aff_str = str(_PersonAffiliationCode(i[1]))
if aff_str not in procconf.ACCOUNT_SPREADS:
continue
spreads = [
int(self.str2const[s])
for s in procconf.ACCOUNT_SPREADS[aff_str]
]
acc_spreads += [s for s in spreads if s not in acc_spreads]
for row in self._ac.get_spread():
# Annoying "feature". get_spread() return a tuple of
# one-element tuples.
if int(row[0]) not in acc_spreads:
self._ac.delete_spread(row[0])
self.logger.info("Account '%s' removed spread '%s'." %
(self._ac.account_name,
str(_SpreadCode(int(row[0])))))
change = True
for spread in acc_spreads:
if not self._ac.has_spread(spread):
self._ac.add_spread(spread)
self.logger.info("Account '%s' added spread '%s'." %
(self._ac.account_name,
str(_SpreadCode(int(spread)))))
change = True
elif (hasattr(procconf, 'OU2ACCOUNT_SPREADS')
and procconf.OU2ACCOUNT_SPREADS):
self._populate_ou2spread()
acc_spreads = []
for ou, aff in person_affiliations:
for s in self.ou2spread[ou]:
if s not in acc_spreads:
acc_spreads.append(s)
for row in self._ac.get_spread():
# Annoying "feature". get_spread() return a tuple of
# one-element tuples.
if int(row[0]) not in acc_spreads:
self._ac.delete_spread(row[0])
self.logger.info("Account '%s' removed spread '%s'." %
(self._ac.account_name,
str(_SpreadCode(int(row[0])))))
change = True
for spread in acc_spreads:
if not self._ac.has_spread(spread):
self._ac.add_spread(spread)
self.logger.info("Account '%s' added spread '%s'." %
(self._ac.account_name,
str(_SpreadCode(int(spread)))))
change = True
if change:
self._ac.write_db()