class plugLDAPUserFolder(PlugBase): """ """ meta_type = 'Plugin for user folder' def __init__(self): """ constructor """ self._user_objs = {} self.delegate = None self.located = {} self.canonical_name = {} self.buffer = {} PlugBase.__dict__['__init__'](self) security = ClassSecurityInfo() def getUserLocation(self, user): return self.located.get(user, '-') def setUserLocation(self, user, user_location): self.located[user] = user_location self_p_changed = 1 def delUserLocation(self, user): try: del self.located[user] self._p_changed = 1 except: pass def getUserCanonicalName(self, user): return self.canonical_name.get(user, '-') def setUserCanonicalName(self, user, user_name): self.canonical_name[user] = user_name self_p_changed = 1 def delUserCanonicalName(self, user): try: del self.canonical_name[user] self._p_changed = 1 except: pass def sort_list(self, list, n, r): #returns a sorted list of messages - sort without case-sensitivity t = [(x[n].lower(), x) for x in list] t.sort() if r: t.reverse() return [val for (key, val) in t] def initializeCache(self, root_dn): """Init""" self._user_objs[LDAP_ROOT_ID] = ldap_user(LDAP_ROOT_ID, root_dn, LDAP_ROOT_ID, LDAP_ROOT_ID, '', [], 0) self._p_changed = 1 def deleteCache(self, acl_folder): """Delete cache""" self.initializeCache(self.getRootDN(acl_folder)) self._p_changed = 1 def getLDAPServer(self, acl_folder): return acl_folder.getServers()[0].get('host', '') def getLDAPPort(self, acl_folder): return acl_folder.getServers()[0].get('port', '') def getRootDN(self, acl_folder): return acl_folder.groups_base def getGroupScope(self, acl_folder): return acl_folder.groups_scope def connectLDAP(self, acl_folder): """Open a connection to the server""" self.delegate = LDAPDelegate() self.delegate.addServer(self.getLDAPServer(acl_folder), use_ssl=0) self.delegate.connect() def getSortedUserRoles(self, skey='', rkey=''): """ sort users list """ acl = self.getUserFolder() buf = [] for user, value in self.getUsersRoles(acl).items(): buf.append((user, self.getUserCanonicalName(user), self.getUserLocation(user), value)) if skey == 'user': return self.sort_list(buf, 0, rkey) elif skey == 'cn': return self.sort_list(buf, 1, rkey) elif skey == 'group': return self.sort_list(buf, 2, rkey) def _parseRole(self, role): """Parse a structure like [('dn', {'cn':['value1'], 'description':['value2']})] and returns a tuple (dn, value1, value2)""" return (role.get('dn'), role.get('cn')[0], role.get('description')[0]) def _getRole(self, id): """Get an object""" try: return self._user_objs[id] except: return None def getRoleDescription(self, p_id): """Get title""" try: return self._getRole(p_id).description except: return '' def getRoles(self, expand=[LDAP_ROOT_ID], role_id=LDAP_ROOT_ID, depth=0): """Return a piece of roles tree""" role = self._user_objs[role_id] if role_id == LDAP_ROOT_ID: res = [(role, depth)] depth = depth + 1 else: res = [] if role_id in expand: #must expand this node if not role.cached: #must cache this node self._cacheRole(role) if role.cached: #this node is cached for child_role_id in role.childs: res.append((self._user_objs[child_role_id], depth)) if self.isInList(expand, child_role_id): res.extend(self.getRoles(expand, child_role_id, depth+1)) return res def _searchRoles(self, dn): """Search roles in LDAP""" searchScope = ldap.SCOPE_ONELEVEL searchFilter = 'objectClass=*' ROLESretrieveAttributes = ('cn','description') roles = self.delegate.search(dn, searchScope, searchFilter, ROLESretrieveAttributes) return roles['results'] def _cacheRole(self, role): """Cache a role""" #2. get all childs child_roles = self._searchRoles(role.dn) childs = [] for child_role in child_roles: #3. parse child_role_dn, child_role_cn, child_role_description = self._parseRole(child_role) self._user_objs[child_role_cn] = ldap_user(child_role_cn, child_role_dn, child_role_cn, child_role_description, role.id, [], 0) childs.append(child_role_cn) #3. update current node role.childs = childs role.cached = 1 self._p_changed = 1 return 1 def getLDAPSchema(self, acl_folder): """ returns the schema for a LDAPUserFolder """ return acl_folder.getLDAPSchema() def getPluginPath(self): return self.absolute_url() def isList(self, l): return isinstance(l, list) def getUsersByRole(self, acl_folder, groups=None): """ Return all those users that are in a group """ all_dns = {} res = [] res_append = res.append member_attrs = GROUP_MEMBER_MAP.values() if groups is None: return () for group_id, group_dn in groups: dn = self.getRootDN(acl_folder) scope = self.getGroupScope(acl_folder) result = self.delegate.search(dn, scope, filter_format('(cn=%s)', (group_id,)), ['uniqueMember', 'member']) for val in result['results']: for dn in val['uniqueMember']: info = self.delegate.search(base=dn, scope=ldap.SCOPE_BASE) [ res_append(i) for i in info['results'] ] return res def findLDAPUsers(self, acl_folder, params='', term='', role='', dn=''): """ search for users in LDAP """ if self.REQUEST.has_key('search_user'): if params and term: try: self.buffer = {} users = acl_folder.findUser(search_param=params, search_term=term) [ self.buffer.setdefault(u['uid'], u['cn']) for u in users ] return users except: return () else: return () elif self.REQUEST.has_key('search_role'): try: self.buffer = {} users = self.getUsersByRole(acl_folder, [(role, dn)]) [ self.buffer.setdefault(u['uid'][0], u['cn'][0]) for u in users ] return users except: return () else: return () def getUserEmail(self, p_username, acl_folder): #return the email of the given user id users = acl_folder.findUser(search_param='uid', search_term=p_username) if len(users) > 0: return unicode(users[0].get('mail', ''), 'iso-8859-1').encode('utf-8') else: return '' def getUserFullName(self, p_username, acl_folder): #return the email of the given user id users = acl_folder.findUser(search_param='uid', search_term=p_username) if len(users) > 0: return unicode(users[0].get('cn', ''), 'iso-8859-1').encode('utf-8') else: return '' def getLDAPUserFirstName(self, dn): return unicode(dn.get('sn', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserLastName(self, dn): return unicode(dn.get('givenName', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserEmail(self, dn): return unicode(dn.get('mail', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserPhone(self, dn): return unicode(dn.get('telephoneNumber', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserAddress(self, dn): return unicode(dn.get('postalAddress', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserDescription(self, dn): return unicode(dn.get('description', ''), 'iso-8859-1').encode('utf-8') security.declarePublic('interface_html') interface_html = PageTemplateFile('plugLDAPUserFolder', globals()) security.declarePublic('pickroles_html') pickroles_html = PageTemplateFile('pickRoles', globals())
class plugLDAPUserFolder(PlugBase): """ """ meta_type = 'Plugin for user folder' default_encoding = 'latin-1' # TODO: this should be editable from ZMI group_to_roles_mapping = PersistentDict() def __init__(self): """ constructor """ self._user_objs = {} self.delegate = None self.located = {} self.canonical_name = {} self.buffer = {} group_to_roles_mapping = PersistentDict() PlugBase.__dict__['__init__'](self) security = ClassSecurityInfo() def getUserLocation(self, user): return self.located.get(user, '-') def setUserLocation(self, user, user_location): self.located[user] = user_location self_p_changed = 1 def delUserLocation(self, user): try: del self.located[user] self._p_changed = 1 except: pass def getUserCanonicalName(self, user): value = self.canonical_name.get(user, '-') return self.decode_cn(value) def setUserCanonicalName(self, user, user_name): self.canonical_name[user] = user_name self_p_changed = 1 def delUserCanonicalName(self, user): try: del self.canonical_name[user] self._p_changed = 1 except: pass def sort_list(self, list, n, r): #returns a sorted list of messages - sort without case-sensitivity t = [(x[n].lower(), x) for x in list] t.sort() if r: t.reverse() return [val for (key, val) in t] def initializeCache(self, root_dn): """Init""" self._user_objs[LDAP_ROOT_ID] = ldap_user(LDAP_ROOT_ID, root_dn, LDAP_ROOT_ID, LDAP_ROOT_ID, '', [], 0) self._p_changed = 1 def deleteCache(self, acl_folder): """Delete cache""" self.initializeCache(self.getRootDN(acl_folder)) self._p_changed = 1 def getLDAPServer(self, acl_folder): return acl_folder.getServers()[0].get('host', '') def getLDAPPort(self, acl_folder): return acl_folder.getServers()[0].get('port', '') def getRootDN(self, acl_folder): return acl_folder.groups_base def getGroupScope(self, acl_folder): return acl_folder.groups_scope def connectLDAP(self, acl_folder): """Open a connection to the server""" self.delegate = LDAPDelegate() self.delegate.addServer(self.getLDAPServer(acl_folder), use_ssl=0) self.delegate.connect() def getSortedUserRoles(self, skey='', rkey=''): """ sort users list """ acl = self.getUserFolder() buf = [] for user, value in self.getUsersRoles(acl).items(): buf.append((user, self.getUserCanonicalName(user), self.getUserLocation(user), value)) if skey == 'user': return self.sort_list(buf, 0, rkey) elif skey == 'cn': return self.sort_list(buf, 1, rkey) elif skey == 'group': return self.sort_list(buf, 2, rkey) def _parseRole(self, role): """Parse a structure like [('dn', {'cn':['value1'], 'description':['value2']})] and returns a tuple (dn, value1, value2)""" dn = role.get('dn', '') cn = role.get('cn', '') if cn: cn = cn[0] description = role.get('description', '') if description: description = description[0] return (dn, cn, description) def _getRole(self, id): """Get an object""" try: return self._user_objs[id] except: return None def getRoleDescription(self, p_id): """Get title""" try: return self._getRole(p_id).description except: return '' def getRoles(self, expand=[LDAP_ROOT_ID], role_id=LDAP_ROOT_ID, depth=0): """Return a piece of roles tree""" role = self._user_objs[role_id] if role_id == LDAP_ROOT_ID: res = [(role, depth)] depth = depth + 1 else: res = [] if role_id in expand: #must expand this node if not role.cached: #must cache this node self._cacheRole(role) if role.cached: #this node is cached for child_role_id in role.childs: res.append((self._user_objs[child_role_id], depth)) if self.isInList(expand, child_role_id): res.extend(self.getRoles(expand, child_role_id, depth+1)) return res def _searchRoles(self, dn): """Search roles in LDAP""" searchScope = ldap.SCOPE_ONELEVEL searchFilter = 'objectClass=*' ROLESretrieveAttributes = ('cn','description') roles = self.delegate.search(dn, searchScope, searchFilter, ROLESretrieveAttributes) return roles['results'] def _cacheRole(self, role): """Cache a role""" #2. get all childs child_roles = self._searchRoles(role.dn) childs = [] for child_role in child_roles: #3. parse child_role_dn, child_role_cn, child_role_description = self._parseRole(child_role) self._user_objs[child_role_cn] = ldap_user(child_role_cn, child_role_dn, child_role_cn, child_role_description, role.id, [], 0) childs.append(child_role_cn) #3. update current node role.childs = childs role.cached = 1 self._p_changed = 1 return 1 def getLDAPSchema(self, acl_folder): """ returns the schema for a LDAPUserFolder """ return acl_folder.getLDAPSchema() def getPluginPath(self): return self.absolute_url() def isList(self, l): return isinstance(l, list) def get_groups_roles_map(self): groups_roles_map = {} def add_roles_from_ob(ob): try: ob_roles = ob.acl_satellite.getAllLocalRoles() except AttributeError: return # looks like we found a broken object for group_id, group_roles in ob_roles.iteritems(): all_group_roles = groups_roles_map.setdefault(group_id, []) for role in group_roles: location = { 'ob': ob, 'path': relative_object_path(ob, site), 'is_site': ob == site, } all_group_roles.append( (role, location) ) site = self.getSite() add_roles_from_ob(site) for b in site.getCatalogTool()(path='/'): try: ob = b.getObject() except: pass # broken brain? else: add_roles_from_ob(ob) return groups_roles_map security.declareProtected(manage_users, 'map_group_to_role') def map_group_to_role(self, group, roles=[], loc='', location='', REQUEST=None): """ """ if loc == 'allsite': location = '' try: ob = self.getSite().unrestrictedTraverse(location) except KeyError: self.setSessionErrorsTrans('Invalid location path') return REQUEST.RESPONSE.redirect(REQUEST['HTTP_REFERER']) ob.acl_satellite.add_group_roles(group, roles) if REQUEST is not None: return REQUEST.RESPONSE.redirect(REQUEST['HTTP_REFERER']) security.declareProtected(manage_users, 'revoke_group_role') def revoke_group_role(self, roles, REQUEST=None): """ """ for roledata in roles: group, role, location = roledata.split(';') ob = self.getSite().unrestrictedTraverse(location) ob.acl_satellite.remove_group_roles(group, [role]) if REQUEST is not None: return REQUEST.RESPONSE.redirect(REQUEST['HTTP_REFERER']) def group_member_ids(self, group): if not hasattr(self, '_v_ldap_groups_cache'): cache = self._v_ldap_groups_cache = {} cache = self._v_ldap_groups_cache ldap_folder = self.getUserFolder() root_dn = self.getRootDN(ldap_folder) scope = self.getGroupScope(ldap_folder) if not cache.get(group, {}): result = self.delegate.search(root_dn, scope, filter_format('cn=%s', (group,)), ['uniqueMember']) cache[group] = result else: result = cache[group] if result['size'] > 0: group_users = [x.split(',')[0].split('=')[1] for x in result['results'][result['size']-1]['uniqueMember']] return group_users else: return [] def user_in_group(self, user, group): return (str(user) in self.group_member_ids(group)) def getUsersByRole(self, acl_folder, groups=None): """ Return all those users that are in a group """ all_dns = {} res = [] res_append = res.append member_attrs = GROUP_MEMBER_MAP.values() if groups is None: return () for group_id, group_dn in groups: dn = self.getRootDN(acl_folder) scope = self.getGroupScope(acl_folder) result = self.delegate.search(dn, scope, filter_format('(cn=%s)', (group_id,)), ['uniqueMember', 'member']) for val in result['results']: for dn in val['uniqueMember']: info = self.delegate.search(base=dn, scope=ldap.SCOPE_BASE) [ res_append(i) for i in info['results'] ] return res def findLDAPUsers(self, acl_folder, params='', term='', role='', dn=''): """ search for users in LDAP """ if self.REQUEST.has_key('search_user'): if params and term: try: self.buffer = {} users = acl_folder.findUser(search_param=params, search_term=term) [ self.buffer.setdefault(u['uid'], self.decode_cn(u['cn'])) for u in users ] return users except: return () else: return () elif self.REQUEST.has_key('search_role'): try: self.buffer = {} users = self.getUsersByRole(acl_folder, [(role, dn)]) [ self.buffer.setdefault(u['uid'][0], self.decode_cn(u['cn'][0])) for u in users ] return users except: return () else: return () def _get_user_by_uid(self, uid, acl_folder): attrs = acl_folder.getSchemaConfig().keys() attrs.extend(['o', 'postalAddress']) users = acl_folder.findUser(search_param='uid', search_term=uid, attrs=attrs) for user in users: if user.get('uid', '') == uid: return user def _get_user_email(self, user): if user is not None: return unicode(user.get('mail', ''), 'iso-8859-1').encode('utf-8') else: return '' def getUserEmail(self, p_username, acl_folder): #return the email of the given user id user = self._get_user_by_uid(p_username, acl_folder) return self._get_user_email(user) def _get_user_full_name(self, user): if user is not None: return unicode(user.get('cn', ''), 'iso-8859-1').encode('utf-8') else: return '' def getUserFullName(self, p_username, acl_folder): #return the full name of the given user id user = self._get_user_by_uid(p_username, acl_folder) return self._get_user_full_name(user) def _get_user_organisation(self, user): if user is not None: return unicode(user.get('o', ''), 'iso-8859-1').encode('utf-8') else: return '' def _get_user_postal_address(self, user): if user is not None: return unicode(user.get('postalAddress', ''), 'iso-8859-1').encode('utf-8') else: return '' def getLDAPUserFirstName(self, dn): return unicode(dn.get('sn', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserLastName(self, dn): return unicode(dn.get('givenName', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserEmail(self, dn): return unicode(dn.get('mail', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserPhone(self, dn): return unicode(dn.get('telephoneNumber', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserAddress(self, dn): return unicode(dn.get('postalAddress', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserDescription(self, dn): return unicode(dn.get('description', ''), 'iso-8859-1').encode('utf-8') def decode_cn(self, value): if isinstance(value, str): value = value.decode(self.default_encoding) return value def get_group_roles_in_site(self, user): """ The user may have site-level roles because they are part of an LDAP group. If so, return them. """ return self.getSite().acl_satellite.getAdditionalRoles(user) security.declarePublic('interface_html') interface_html = PageTemplateFile('plugLDAPUserFolder', globals()) security.declarePublic('pickroles_html') pickroles_html = PageTemplateFile('pickRoles', globals()) _group_members = PageTemplateFile('ldapGroupMembers', globals()) security.declareProtected(manage_users, 'group_members') def group_members(self, REQUEST): """ Show members of a LDAP group """ group_id = REQUEST.form['group_id'] member_ids = self.group_member_ids(group_id) ldap_user_folder = self.getUserFolder() def user_data(user_id): user_ob = ldap_user_folder.getUser(user_id) if user_ob is None: name = "[not found]" else: name = user_ob.getProperty('cn').decode('latin-1') return { 'user_id': user_id, 'user_name': name, } options = { 'group_id': group_id, 'member_ids': member_ids, 'members': map(user_data, member_ids), } return self._group_members(REQUEST, **options)
class plugLDAPUserFolder(PlugBase): """ """ meta_type = 'Plugin for user folder' def __init__(self): """ constructor """ self._user_objs = {} self.delegate = None self.located = {} self.canonical_name = {} self.buffer = {} PlugBase.__dict__['__init__'](self) security = ClassSecurityInfo() def getUserLocation(self, user): return self.located.get(user, '-') def setUserLocation(self, user, user_location): self.located[user] = user_location self_p_changed = 1 def delUserLocation(self, user): try: del self.located[user] self._p_changed = 1 except: pass def getUserCanonicalName(self, user): return self.canonical_name.get(user, '-') def setUserCanonicalName(self, user, user_name): self.canonical_name[user] = user_name self_p_changed = 1 def delUserCanonicalName(self, user): try: del self.canonical_name[user] self._p_changed = 1 except: pass def sort_list(self, list, n, r): #returns a sorted list of messages - sort without case-sensitivity t = [(x[n].lower(), x) for x in list] t.sort() if r: t.reverse() return [val for (key, val) in t] def initializeCache(self, root_dn): """Init""" self._user_objs[LDAP_ROOT_ID] = ldap_user(LDAP_ROOT_ID, root_dn, LDAP_ROOT_ID, LDAP_ROOT_ID, '', [], 0) self._p_changed = 1 def deleteCache(self, acl_folder): """Delete cache""" self.initializeCache(self.getRootDN(acl_folder)) self._p_changed = 1 def getLDAPServer(self, acl_folder): return acl_folder.getServers()[0].get('host', '') def getLDAPPort(self, acl_folder): return acl_folder.getServers()[0].get('port', '') def getRootDN(self, acl_folder): return acl_folder.groups_base def getGroupScope(self, acl_folder): return acl_folder.groups_scope def connectLDAP(self, acl_folder): """Open a connection to the server""" self.delegate = LDAPDelegate() self.delegate.addServer(self.getLDAPServer(acl_folder), use_ssl=0) self.delegate.connect() def getSortedUserRoles(self, skey='', rkey=''): """ sort users list """ acl = self.getUserFolder() buf = [] for user, value in self.getUsersRoles(acl).items(): buf.append((user, self.getUserCanonicalName(user), self.getUserLocation(user), value)) if skey == 'user': return self.sort_list(buf, 0, rkey) elif skey == 'cn': return self.sort_list(buf, 1, rkey) elif skey == 'group': return self.sort_list(buf, 2, rkey) def _parseRole(self, role): """Parse a structure like [('dn', {'cn':['value1'], 'description':['value2']})] and returns a tuple (dn, value1, value2)""" return (role.get('dn'), role.get('cn')[0], role.get('description')[0]) def _getRole(self, id): """Get an object""" try: return self._user_objs[id] except: return None def getRoleDescription(self, p_id): """Get title""" try: return self._getRole(p_id).description except: return '' def getRoles(self, expand=[LDAP_ROOT_ID], role_id=LDAP_ROOT_ID, depth=0): """Return a piece of roles tree""" role = self._user_objs[role_id] if role_id == LDAP_ROOT_ID: res = [(role, depth)] depth = depth + 1 else: res = [] if role_id in expand: #must expand this node if not role.cached: #must cache this node self._cacheRole(role) if role.cached: #this node is cached for child_role_id in role.childs: res.append((self._user_objs[child_role_id], depth)) if self.isInList(expand, child_role_id): res.extend(self.getRoles(expand, child_role_id, depth+1)) return res def _searchRoles(self, dn): """Search roles in LDAP""" searchScope = ldap.SCOPE_ONELEVEL searchFilter = 'objectClass=*' ROLESretrieveAttributes = ('cn','description') roles = self.delegate.search(dn, searchScope, searchFilter, ROLESretrieveAttributes) return roles['results'] def _cacheRole(self, role): """Cache a role""" #2. get all childs child_roles = self._searchRoles(role.dn) childs = [] for child_role in child_roles: #3. parse child_role_dn, child_role_cn, child_role_description = self._parseRole(child_role) self._user_objs[child_role_cn] = ldap_user(child_role_cn, child_role_dn, child_role_cn, child_role_description, role.id, [], 0) childs.append(child_role_cn) #3. update current node role.childs = childs role.cached = 1 self._p_changed = 1 return 1 def getLDAPSchema(self, acl_folder): """ returns the schema for a LDAPUserFolder """ return acl_folder.getLDAPSchema() def getPluginPath(self): return self.absolute_url() def isList(self, l): return isinstance(l, list) def getUsersByRole(self, acl_folder, groups=None): """ Return all those users that are in a group """ all_dns = {} res = [] res_append = res.append member_attrs = GROUP_MEMBER_MAP.values() if groups is None: return () for group_id, group_dn in groups: dn = self.getRootDN(acl_folder) scope = self.getGroupScope(acl_folder) result = self.delegate.search(dn, scope, filter_format('(cn=%s)', (group_id,)), ['uniqueMember', 'member']) for val in result['results']: for dn in val['uniqueMember']: info = self.delegate.search(base=dn, scope=ldap.SCOPE_BASE) [ res_append(i) for i in info['results'] ] return res def findLDAPUsers(self, acl_folder, params='', term='', role='', dn=''): """ search for users in LDAP """ if self.REQUEST.has_key('search_user'): if params and term: try: self.buffer = {} users = acl_folder.findUser(search_param=params, search_term=term) [ self.buffer.setdefault(u['uid'], u['cn']) for u in users ] return users except: return () else: return () elif self.REQUEST.has_key('search_role'): try: self.buffer = {} users = self.getUsersByRole(acl_folder, [(role, dn)]) [ self.buffer.setdefault(u['uid'][0], u['cn'][0]) for u in users ] return users except: return () else: return () def getUserEmail(self, p_username, acl_folder): #return the email of the given user id users = acl_folder.findUser(search_param='uid', search_term=p_username) if users>0: return unicode(users[0].get('mail', ''), 'iso-8859-1').encode('utf-8') else: return '' def getUserFullName(self, p_username, acl_folder): #return the email of the given user id users = acl_folder.findUser(search_param='uid', search_term=p_username) if users>0: return unicode(users[0].get('cn', ''), 'iso-8859-1').encode('utf-8') else: return '' def getLDAPUserFirstName(self, dn): return unicode(dn.get('sn', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserLastName(self, dn): return unicode(dn.get('givenName', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserEmail(self, dn): return unicode(dn.get('mail', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserPhone(self, dn): return unicode(dn.get('telephoneNumber', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserAddress(self, dn): return unicode(dn.get('postalAddress', ''), 'iso-8859-1').encode('utf-8') def getLDAPUserDescription(self, dn): return unicode(dn.get('description', ''), 'iso-8859-1').encode('utf-8') security.declarePublic('interface_html') interface_html = PageTemplateFile('plugLDAPUserFolder', globals()) security.declarePublic('pickroles_html') pickroles_html = PageTemplateFile('pickRoles', globals())