예제 #1
0
    def _init_schema(cls):
        schema = _get_schema()
        s = Schema()

        # Follow all of the LDAP SUP entries to find all attributes.
        def collect_classes(schema, object_class, result):
            for sup_name in object_class.sup:
                sup_class = schema.get_obj(ldap.schema.ObjectClass, sup_name)
                collect_classes(schema, sup_class, result)
            result.append(object_class)

        for class_name in cls.objectClass:
            object_class = schema.get_obj(ldap.schema.ObjectClass, class_name)
            all_classes = []
            collect_classes(schema, object_class, all_classes)
            for object_class in all_classes:
                for attr_name in object_class.must + object_class.may:
                    attr = schema.get_obj(ldap.schema.AttributeType, attr_name)
                    if 'objectClass' not in attr.names:
                        s.attributes[attr.names[0]] = attr
                        for name in attr.names:
                            s.attribute_aliases[name] = attr
                            setattr(cls, name, AttrDescriptor(attr))
                # Beware that attributes of schema objects do not inherit
                # the settings of their superiors.  single-value does not
                # appear to be an inherited value in openldap.
        # For now, objectClass is read-only, otherwise we would have to
        # dynamically update the descriptors.
        cls.objectClass = ReadOnlyDescriptor(cls.objectClass)
        cls._schema = s
예제 #2
0
def PrintSchemaTree(schema,se_class,se_tree,se_oid,level):
  """ASCII text output for console"""
  se_obj = schema.get_obj(se_class,se_oid)
  if se_obj!=None:
    print('|    '*(level-1)+'+---'*(level>0), \)
          ', '.join(se_obj.names), \
          '(%s)' % se_obj.oid
예제 #3
0
	def backend_openldap_check_finished(*args, **kwargs):
		""" TODO: please implement http://dev.licorn.org/ticket/327 here. """

		if settings.role != roles.SERVER:
			# Only servers will check / upgrade their local slapd installation.
			# On other roles, they have no local `slapd`, thus nothing to upgrade.
			return

		backend      = LMC.backends.openldap
		ssse, schema = ldap.schema.urlfetch('ldapi:///')
		schema_attr  = schema.get_obj(ldap.schema.AttributeType, 'gecos')

		if schema_attr.syntax == '1.3.6.1.4.1.1466.115.121.1.26':
			# The LDAP 'gecos' field is currently ascii only: we need to update the
			# schema to setup an utf8 field. See backends/openldap.py for more info.

			try:
				# we need to bind as root via SASL to replace a schema.
				backend.sasl_bind()

				backend.modify_schema('nis-utf8', batch=True, full_display=False)

			except:
				logging.exception(_(u'{0}: impossible to reload {1} schema '
					u'into {2}!').format(backend.pretty_name,
						stylize(ST_NAME, 'nis'), stylize(ST_NAME, 'slapd')))

			logging.notice(_(u'{0}: updated {1} schema to support utf-8 '
				u'gecos.').format(backend.pretty_name, stylize(ST_NAME, 'nis')))
예제 #4
0
파일: uldap.py 프로젝트: kielfriedt/smart
    def needed_objectclasses(self, entry):

        dont_remove = ["organizationalPerson", "univentionPerson"]

        schema_attrs = ldap.schema.SCHEMA_ATTRS

        ldap.set_option(ldap.OPT_DEBUG_LEVEL, 0)

        ldap._trace_level = 0

        subschemasubentry_dn, schema = ldap.schema.urlfetch("%s/cn=subschema", self.uri)

        if subschemasubentry_dn is None:
            univention.debug.debug(univention.debug.LDAP, univention.debug.INFO, "No sub schema sub entry found!")
            return None

        needed_oc = []
        for attr_type, schema_class in ldap.schema.SCHEMA_CLASS_MAPPING.items():
            if attr_type == "objectClasses":
                for element_id in schema.listall(schema_class):
                    se_orig = schema.get_obj(schema_class, element_id)
                    attributes = se_orig.may + se_orig.must
                    for i in range(0, len(se_orig.names)):
                        if se_orig.names[i] in entry["objectClass"] and not se_orig.names[i] in needed_oc:
                            for j in attributes:
                                if (j in res[0][1] or j in dont_remove) and not se_orig.names[i] in needed_oc:
                                    needed_oc.append(se_orig.names[i])

        return needed_oc
예제 #5
0
파일: schema2xml.py 프로젝트: GOsa3/gosa
def list_classes(uri):  # pragma: nocover
    subschemasubentry_dn, schema = ldap.schema.urlfetch(uri.encode('ascii'))
    schema_reverse = ldap.schema.SubSchema(schema.ldap_entry())

    ocs = ldap.schema.SCHEMA_CLASS_MAPPING['objectclasses']
    for element_id in schema.listall(ocs):
        obj = schema.get_obj(ocs, element_id)
        print("%s - %s" % (obj.names[0], obj.desc or "no description"))
예제 #6
0
def list_classes(uri):
    subschemasubentry_dn, schema = ldap.schema.urlfetch(uri)
    schema_reverse = ldap.schema.SubSchema(schema.ldap_entry())

    ocs = ldap.schema.SCHEMA_CLASS_MAPPING['objectclasses']
    for element_id in schema.listall(ocs):
        obj = schema.get_obj(ocs, element_id)
        print("%s - %s" % (obj.names[0], obj.desc or "no description"))
예제 #7
0
파일: ldapwriter.py 프로젝트: thehub/syncer
def getAttrs(oc, attrs):
    """
    recursive. returns all attributes for a objectClass object down the hierarchy
    """
    attrs.extend(oc.may + oc.must)
    for oc_name in oc.sup:
        sup_oc = schema.get_obj(ldap.schema.ObjectClass, oc_name)
        getAttrs(sup_oc, attrs)
    return attrs
예제 #8
0
def PrintSchemaTree(schema,se_class,se_tree,se_oid,level):
  """ASCII text output for console"""
  se_obj = schema.get_obj(se_class,se_oid)
  if se_obj!=None:
    print ('|    '*(level-1)+'+---'*(level>0), \
          ', '.join(se_obj.names), \
          '(%s)' % se_obj.oid)
  for sub_se_oid in se_tree[se_oid]:
    print ('|    '*(level+1))
    PrintSchemaTree(schema,se_class,se_tree,sub_se_oid,level+1)
예제 #9
0
 def test_urlfetch_file(self):
     freeipa_uri = 'file://{}'.format(TEST_SUBSCHEMA_FILES[0])
     dn, schema = ldap.schema.urlfetch(freeipa_uri)
     self.assertEqual(dn, 'cn=schema')
     self.assertIsInstance(schema, ldap.schema.subentry.SubSchema)
     obj = schema.get_obj(ObjectClass, '2.5.6.9')
     self.assertEqual(
         str(obj),
         "( 2.5.6.9 NAME 'groupOfNames' SUP top STRUCTURAL MUST cn "
         "MAY ( member $ businessCategory $ seeAlso $ owner $ ou $ o "
         "$ description ) )")
예제 #10
0
파일: schema2xml.py 프로젝트: GOsa3/gosa
def resolve_inherited_attrs(schema, oc):  # pragma: nocover
    res = {'must': [], 'may': []}
    if oc == 'top':
        return res

    noc = schema.get_obj(ldap.schema.ObjectClass, oc)
    if noc.kind == 0:
        r = resolve_inherited_attrs(schema, noc.sup[0])
        res['must'] += r['must']
        res['may'] += r['may']

    res['must'] += list(noc.must)
    res['may'] += list(noc.may)

    return res
예제 #11
0
 def assertSlapdSchema(self, dn, schema):
     self.assertEqual(dn, 'cn=Subschema')
     self.assertIsInstance(schema, ldap.schema.subentry.SubSchema)
     obj = schema.get_obj(ObjectClass, '1.3.6.1.1.3.1')
     self.assertEqual(
         str(obj),
         "( 1.3.6.1.1.3.1 NAME 'uidObject' DESC 'RFC2377: uid object' "
         "SUP top AUXILIARY MUST uid )"
     )
     entries = schema.ldap_entry()
     self.assertIsInstance(entries, dict)
     self.assertEqual(sorted(entries), [
         'attributeTypes', 'ldapSyntaxes', 'matchingRuleUse',
         'matchingRules', 'objectClasses',
     ])
예제 #12
0
def HTMLSchemaTree(schema,se_class,se_tree,se_oid,level):
  """HTML output for browser"""
  se_obj = schema.get_obj(se_class,se_oid)
  if se_obj!=None:
    print ("""
    <dt><strong>%s (%s)</strong></dt>
    <dd>
      %s
    """ % (', '.join(se_obj.names),se_obj.oid,se_obj.desc))
  if se_tree[se_oid]:
    print ('<dl>')
    for sub_se_oid in se_tree[se_oid]:
      HTMLSchemaTree(schema,se_class,se_tree,sub_se_oid,level+1)
    print ('</dl>')
  print ('</dd>')
예제 #13
0
def resolve_inherited_attrs(schema, oc):
    res = {'must': [], 'may': []}
    if oc == 'top':
        return res

    noc = schema.get_obj(ldap.schema.ObjectClass, oc)
    if noc.kind == 0:
       r = resolve_inherited_attrs(schema, noc.sup[0])
       res['must'] += r['must']
       res['may'] += r['may']

    res['must'] += list(noc.must)
    res['may'] += list(noc.may)

    return res
예제 #14
0
def HTMLSchemaTree(schema,se_class,se_tree,se_oid,level):
  """HTML output for browser"""
  se_obj = schema.get_obj(se_class,se_oid)
  if se_obj!=None:
    print("""
    <dt><strong>%s (%s)</strong></dt>
    <dd>
      %s
    """ % (', '.join(se_obj.names),se_obj.oid,se_obj.desc))
  if se_tree[se_oid]:
    print('<dl>')
    for sub_se_oid in se_tree[se_oid]:
      HTMLSchemaTree(schema,se_class,se_tree,sub_se_oid,level+1)
    print('</dl>')
  print('</dd>')
예제 #15
0
 def test_objectclass_attrs(self):
     """Check types and values of an ObjectClass object's attributes"""
     schema = self.get_schema()
     cls = schema.get_obj(ObjectClass, '2.5.6.9')
     expected_may = (
         'member', 'businessCategory', 'seeAlso', 'owner', 'ou', 'o',
         'description',
     )
     self.assertEqual(cls.oid, '2.5.6.9')
     self.assertEqual(cls.names, ('groupOfNames',))
     self.assertEqual(cls.desc, None)
     self.assertEqual(cls.obsolete, False)
     self.assertEqual(cls.must, ('cn',))
     self.assertEqual(cls.may, expected_may)
     self.assertEqual(cls.kind, 0)
     self.assertEqual(cls.sup, ('top',))
     self.assertEqual(cls.x_origin, ('RFC 4519',))
예제 #16
0
파일: schema2xml.py 프로젝트: GOsa3/gosa
def _resolve_attribute(schema, attr, blank=None):  # pragma: nocover
    if not blank:
        blank = ldap.schema.AttributeType()
        blank.syntax_len = None

    if attr.sup:
        sup = schema.get_obj(ldap.schema.AttributeType, attr.sup[0])
        if sup.syntax:
            blank.syntax = sup.syntax
        if sup.syntax_len:
            blank.syntax_len = sup.syntax_len
        if sup.equality:
            blank.equality = sup.equality
        if sup.substr:
            blank.substr = sup.substr
        return _resolve_attribute(schema, sup, blank)

    return blank
예제 #17
0
def _resolve_attribute(schema, attr, blank=None):
    if not blank:
        blank = ldap.schema.AttributeType()
        blank.syntax_len = None

    if attr.sup:
        sup = schema.get_obj(ldap.schema.AttributeType, attr.sup[0])
        if sup.syntax:
            blank.syntax = sup.syntax
        if sup.syntax_len:
            blank.syntax_len = sup.syntax_len
        if sup.equality:
            blank.equality = sup.equality
        if sup.substr:
            blank.substr = sup.substr
        return _resolve_attribute(schema, sup, blank)

    return blank
예제 #18
0
 def test_attributetype_attrs(self):
     """Check types and values of an AttributeType object's attributes"""
     schema = self.get_schema()
     attr = schema.get_obj(AttributeType, '1.3.6.1.4.1.11.1.3.1.1.3')
     expected_desc = (
         'Maximum time an agent or service allows for a search to complete'
     )
     self.assertEqual(attr.oid, '1.3.6.1.4.1.11.1.3.1.1.3')
     self.assertEqual(attr.names, ('searchTimeLimit',))
     self.assertEqual(attr.desc, expected_desc)
     self.assertEqual(attr.obsolete, False)
     self.assertEqual(attr.single_value, True)
     self.assertEqual(attr.syntax, '1.3.6.1.4.1.1466.115.121.1.27')
     self.assertEqual(attr.no_user_mod, False)
     self.assertEqual(attr.equality, 'integerMatch')
     self.assertEqual(attr.ordering, 'integerOrderingMatch')
     self.assertEqual(attr.sup, ())
     self.assertEqual(attr.x_origin, ('RFC4876', 'user defined'))
예제 #19
0
파일: schema2xml.py 프로젝트: GOsa3/gosa
def dump_ui(uri,
            oc,
            outfile=None,
            extend=None,
            rdn=None,
            contains=None):  # pragma: nocover
    subschemasubentry_dn, schema = ldap.schema.urlfetch(uri)
    schema_reverse = ldap.schema.SubSchema(schema.ldap_entry())

    oco = schema.get_obj(ldap.schema.ObjectClass, oc)
    if oco is None:
        log.error(
            "unknown objectclass '%s' - please use the --list option to see what's there"
            % oc)
        exit(1)

    # Complete attributes in case of inheritance
    if oco.kind == 0:
        r = resolve_inherited_attrs(schema, oco.sup[0])
        oco.must = list(set(list(oco.must) + r['must']))
        oco.may = list(set(list(oco.may) + r['must']))

    # Tabstop and connection collectors
    ts = []
    cs = []

    # Build resulting json dump
    children_must = generate_children(oco.must, schema)
    children_may = generate_children(oco.may, schema,
                                     len(children_must) // 2, children_must)

    template = {
        'type': 'widget',
        'class': 'qx.ui.container.Composite',
        'layout': 'qx.ui.layout.Grid',
        'extensions': {
            'tabConfig': {
                'title': oc
            }
        },
        'children': children_must + children_may
    }

    return json.dumps(template, indent=2)
예제 #20
0
def resolve_attribute(schema, attr):
    blank = {}
    attr = schema.get_obj(ldap.schema.AttributeType, attr)

    if attr.sup:
       inh = _resolve_attribute(schema, attr)
    else:
       inh = None

    blank['name'] = attr.names[0]
    blank['desc'] = attr.desc or "no description"
    blank['sup'] = inh != None
    blank['type'] = resolve_type(attr.syntax or inh.syntax)
    blank['syntax'] = attr.syntax or inh.syntax
    blank['maxlen'] = attr.syntax_len or (inh and inh.syntax_len) or None
    blank['multivalue'] = not attr.single_value
    blank['writable'] = not attr.no_user_mod
    blank['index'] = True if attr.equality or attr.substr or (inh and (inh.equality or inh.substr)) else False

    return blank
예제 #21
0
파일: schema2xml.py 프로젝트: GOsa3/gosa
def resolve_attribute(schema, attr):  # pragma: nocover
    blank = {}
    attr = schema.get_obj(ldap.schema.AttributeType, attr)

    if attr.sup:
        inh = _resolve_attribute(schema, attr)
    else:
        inh = None

    blank['name'] = attr.names[0]
    blank['desc'] = attr.desc or "no description"
    blank['sup'] = inh != None
    blank['type'] = resolve_type(attr.syntax or inh.syntax)
    blank['syntax'] = attr.syntax or inh.syntax
    blank['maxlen'] = attr.syntax_len or (inh and inh.syntax_len) or None
    blank['multivalue'] = not attr.single_value
    blank['writable'] = not attr.no_user_mod
    blank['index'] = True if attr.equality or attr.substr or (
        inh and (inh.equality or inh.substr)) else False

    return blank
예제 #22
0
파일: schema2xml.py 프로젝트: gonicus/gosa
def dump_ui(uri, oc, outfile=None, extend=None, rdn=None, contains=None):  # pragma: nocover
    subschemasubentry_dn, schema = ldap.schema.urlfetch(uri)
    schema_reverse = ldap.schema.SubSchema(schema.ldap_entry())

    oco = schema.get_obj(ldap.schema.ObjectClass, oc)
    if oco is None:
        log.error("unknown objectclass '%s' - please use the --list option to see what's there" % oc)
        exit(1)

    # Complete attributes in case of inheritance
    if oco.kind == 0:
        r = resolve_inherited_attrs(schema, oco.sup[0])
        oco.must = list(set(list(oco.must) + r['must']))
        oco.may = list(set(list(oco.may) + r['must']))

    # Tabstop and connection collectors
    ts = []
    cs = []

    # Build resulting json dump
    children_must = generate_children(oco.must, schema)
    children_may = generate_children(oco.may, schema, len(children_must) // 2, children_must)

    template = {
        'type': 'widget',
        'class': 'qx.ui.container.Composite',
        'layout': 'qx.ui.layout.Grid',
        'extensions': {
            'tabConfig': {
                'title': oc
            }
        },
        'children': children_must + children_may
    }

    return json.dumps(template, indent=2)
예제 #23
0
파일: uldap.py 프로젝트: bopopescu/smart-1
    def needed_objectclasses(self, entry):

        dont_remove = ['organizationalPerson', 'univentionPerson']

        schema_attrs = ldap.schema.SCHEMA_ATTRS

        ldap.set_option(ldap.OPT_DEBUG_LEVEL, 0)

        ldap._trace_level = 0

        subschemasubentry_dn, schema = ldap.schema.urlfetch(
            '%s/cn=subschema', self.uri)

        if subschemasubentry_dn is None:
            univention.debug.debug(univention.debug.LDAP,
                                   univention.debug.INFO,
                                   'No sub schema sub entry found!')
            return None

        needed_oc = []
        for attr_type, schema_class in ldap.schema.SCHEMA_CLASS_MAPPING.items(
        ):
            if attr_type == 'objectClasses':
                for element_id in schema.listall(schema_class):
                    se_orig = schema.get_obj(schema_class, element_id)
                    attributes = se_orig.may + se_orig.must
                    for i in range(0, len(se_orig.names)):
                        if se_orig.names[i] in entry[
                                'objectClass'] and not se_orig.names[
                                    i] in needed_oc:
                            for j in attributes:
                                if (j in res[0][1] or j in dont_remove
                                    ) and not se_orig.names[i] in needed_oc:
                                    needed_oc.append(se_orig.names[i])

        return needed_oc
예제 #24
0
 def collect_classes(schema, object_class, result):
     for sup_name in object_class.sup:
         sup_class = schema.get_obj(ldap.schema.ObjectClass, sup_name)
         collect_classes(schema, sup_class, result)
     result.append(object_class)
예제 #25
0
def dump_class(uri, oc, outfile=None, extend=None, rdn=None, contains=None):
    subschemasubentry_dn, schema = ldap.schema.urlfetch(uri)
    schema_reverse = ldap.schema.SubSchema(schema.ldap_entry())

    oco = schema.get_obj(ldap.schema.ObjectClass, oc)
    if oco is None:
        log.error("unknown objectclass '%s' - please use the --list option to see what's there" % oc)
        exit(1)

    # Complete attributes in case of inheritance
    if oco.kind == 0:
        r = resolve_inherited_attrs(schema, oco.sup[0])
        oco.must = list(set(list(oco.must) + r['must']))
        oco.may = list(set(list(oco.may) + r['must']))

    # Build resulting XML dump
    e = ElementMaker(namespace="http://www.gonicus.de/Objects", nsmap={None: "http://www.gonicus.de/Objects"})
    more = []
    if oco.desc:
        more.append(e.Description(oco.desc))
    more.append(e.Backend("LDAP"))
    if oco.kind == 0:
        if not rdn:
            log.error("no RDN provided - please use --rdn <value> to specify one")
            exit(1)
        more.append(e.BackendParameters(e.Backend("LDAP", objectClasses=oc, RDN=rdn)))

    if oco.kind != 0:
        more.append(e.BaseObject("false"))
    else:
        more.append(e.BaseObject("true"))

    # Build attribute set
    attrs = []
    for mua in oco.must:
        attr = resolve_attribute(schema, mua)
        syntax = attr['syntax']

        if skip(syntax):
            continue

	values = gen_values(syntax)
	values += gen_validators(syntax)
	values += gen_index(syntax)

        attrs.append(
           e.Attribute(
               e.Name(attr['name']),
               e.Description(attr['desc']),
               e.Type(attr['type']),
               e.MultiValue("true" if attr['multivalue'] else "false"),
               e.Mandatory("true"),
	       *values))
    for mua in oco.may:
        attr = resolve_attribute(schema, mua)
        syntax = attr['syntax']
        if skip(syntax):
            continue
	values = gen_values(syntax)
	values += gen_validators(syntax)
	values += gen_index(syntax)
        attrs.append(
           e.Attribute(
               e.Name(attr['name']),
               e.Description(attr['desc']),
               e.Type(attr['type']),
               e.MultiValue("true" if attr['multivalue'] else "false"),
               e.Mandatory("false"),
	       *values))

    more.append(e.Attributes(*attrs))

    # Add container
    if contains == None:
        c = []
        for typ in contains.split(","):
            c.append(e.Type(typ))
        more.append(e.Container(*c))

    # Maintain extension
    if extend == None:
        more.append(e.Extends(e.Value(extend)))

    res = '<?xml version="1.0" encoding="UTF-8"?>\n'
    data = e.Objects(e.Object(e.Name(oc), e.DisplayName(oc), *more))
    res += etree.tostring(data, pretty_print=True)

    return res
예제 #26
0
def dump_ui(uri, oc, outfile=None, extend=None, rdn=None, contains=None):
    subschemasubentry_dn, schema = ldap.schema.urlfetch(uri)
    schema_reverse = ldap.schema.SubSchema(schema.ldap_entry())

    oco = schema.get_obj(ldap.schema.ObjectClass, oc)
    if oco is None:
        log.error("unknown objectclass '%s' - please use the --list option to see what's there" % oc)
        exit(1)

    # Complete attributes in case of inheritance
    if oco.kind == 0:
        r = resolve_inherited_attrs(schema, oco.sup[0])
        oco.must = list(set(list(oco.must) + r['must']))
        oco.may = list(set(list(oco.may) + r['must']))

    # Tabstop and connection collectors
    ts = []
    cs = []

    # Build resulting XML dump
    e = ElementMaker()

    n = 0
    attrs = []
    for mua in oco.must:
        attr = resolve_attribute(schema, mua)
        syntax = attr['syntax']

        if skip(syntax):
            continue

        if not 'widget' in TYPE_MAP[syntax]:
            continue

        widget = TYPE_MAP[syntax]['widget']

        attrs.append(
           e.item(
               e.widget(
                   e.property(e.string(mua), name="text"),
                   CLASS("QLabel"), name="%sLabel*" % mua), row=str(n), column="0"))
        attrs.append(e.item(e.widget(CLASS(widget), name="%sEdit*" % mua), row=str(n), column="1"))

        ts.append(e.tabstop(mua))
        cs.append(e.connection(
          e.sender("%sEdit" % mua),
          e.signal("textChanged(QString)"),
          e.receiver(oc),
          e.slot("property_%s()" % mua)))

        n += 1

    for mua in oco.may:
        if mua in oco.must:
            continue

        attr = resolve_attribute(schema, mua)
        syntax = attr['syntax']

        if skip(syntax):
            continue

        if not 'widget' in TYPE_MAP[syntax]:
            continue

        widget = TYPE_MAP[syntax]['widget']

        attrs.append(
           e.item(
               e.widget(
                   e.property(e.string(mua), name="text"),
                   CLASS("QLabel"), name="%sLabel" % mua), row=str(n), column="0"))
        attrs.append(e.item(e.widget(CLASS(widget), name="%sEdit" % mua), row=str(n), column="1"))

        ts.append(e.tabstop(mua))
        cs.append(e.connection(
          e.sender("%sEdit" % mua),
          e.signal("textChanged(QString)"),
          e.receiver(oc),
          e.slot("property_%s()" % mua)))

        n += 1

    res = '<?xml version="1.0" encoding="UTF-8"?>\n'
    data = e.ui(
        e("class", oc),
        e.widget(
            e.property(e.rect(e.x("0"), e.y("0"), e.width("400"), e.height("300")), name="geometry"),
            e.property(e.string(oc), name="windowTitle"),
            e.layout(
                e.item(
                    e.layout(CLASS("QFormLayout"), *attrs, name="formLayout"), row="0", column="0"),
                CLASS("QGridLayout"), name="gridLayout"),
            CLASS("QWidget"), name=oc),
            e.tabstops(*ts),
            e.connections(*cs),
        version="4.0")
    res += etree.tostring(data, pretty_print=True)

    return res
예제 #27
0
파일: schema2xml.py 프로젝트: GOsa3/gosa
def dump_class(uri, oc, outfile=None, extend=None, rdn=None, contains=None):
    subschemasubentry_dn, schema = ldap.schema.urlfetch(uri)
    schema_reverse = ldap.schema.SubSchema(schema.ldap_entry())

    oco = schema.get_obj(ldap.schema.ObjectClass, oc)
    if oco is None:
        log.error(
            "unknown objectclass '%s' - please use the --list option to see what's there"
            % oc)
        exit(1)

    # Complete attributes in case of inheritance
    if oco.kind == 0:
        r = resolve_inherited_attrs(schema, oco.sup[0])
        oco.must = list(set(list(oco.must) + r['must']))
        oco.may = list(set(list(oco.may) + r['must']))

    # Build resulting XML dump
    e = ElementMaker(namespace="http://www.gonicus.de/Objects",
                     nsmap={None: "http://www.gonicus.de/Objects"})
    more = []
    if oco.desc:
        more.append(e.Description(oco.desc))
    more.append(e.Backend("LDAP"))
    if oco.kind == 0:
        if not rdn:
            log.error(
                "no RDN provided - please use --rdn <value> to specify one")
            exit(1)
        more.append(
            e.BackendParameters(e.Backend("LDAP", objectClasses=oc, RDN=rdn)))

    if oco.kind != 0:
        more.append(e.BaseObject("false"))
    else:
        more.append(e.BaseObject("true"))

    # Build attribute set
    attrs = []
    syntax = None
    for mua in oco.must:
        attr = resolve_attribute(schema, mua)
        syntax = attr['syntax']

        if skip(syntax):
            continue

        values = gen_values(syntax)
        values += gen_validators(syntax)
        values += gen_index(syntax)

        attrs.append(
            e.Attribute(
                e.Name(attr['name']), e.Description(attr['desc']),
                e.Type(attr['type']),
                e.MultiValue("true" if attr['multivalue'] else "false"),
                e.Mandatory("true"), *values))

    for mua in oco.may:
        attr = resolve_attribute(schema, mua)
        syntax = attr['syntax']
        if skip(syntax):
            continue

        values = gen_values(syntax)
        values += gen_validators(syntax)
        values += gen_index(syntax)
        attrs.append(
            e.Attribute(
                e.Name(attr['name']), e.Description(attr['desc']),
                e.Type(attr['type']),
                e.MultiValue("true" if attr['multivalue'] else "false"),
                e.Mandatory("false"), *values))

    more.append(e.Attributes(*attrs))

    # Add container
    if contains == None:
        c = []
        for typ in contains.split(","):
            c.append(e.Type(typ))
        more.append(e.Container(*c))

    # Maintain extension
    if extend == None:
        more.append(e.Extends(e.Value(extend)))

    res = '<?xml version="1.0" encoding="UTF-8"?>\n'
    data = e.Objects(e.Object(e.Name(oc), e.DisplayName(oc), *more))
    res += etree.tostring(data, pretty_print=True).decode('utf-8')

    return res
예제 #28
0
if subschemasubentry_dn is None:
    print('No sub schema sub entry found!')
    sys.exit(1)

if schema.non_unique_oids:
    print('*** Schema errors ***')
    print('non-unique OIDs:\n', '\r\n'.join(schema.non_unique_oids))

print('*** Schema from', repr(subschemasubentry_dn))

# Display schema
for attr_type, schema_class in ldap.schema.SCHEMA_CLASS_MAPPING.items():
    print('*' * 20, attr_type, '*' * 20)
    for element_id in schema.listall(schema_class):
        se_orig = schema.get_obj(schema_class, element_id)
        print(attr_type, str(se_orig))
print('*** Testing object class inetOrgPerson ***')

drink = schema.get_obj(ldap.schema.AttributeType, 'favouriteDrink')
if not drink is None:
    print('*** drink ***')
    print('drink.names', repr(drink.names))
    print('drink.collective', repr(drink.collective))

inetOrgPerson = schema.get_obj(ldap.schema.ObjectClass, 'inetOrgPerson')
if not inetOrgPerson is None:
    print(inetOrgPerson.must, inetOrgPerson.may)

print('*** person,organizationalPerson,inetOrgPerson ***')
try:
예제 #29
0
파일: ldapwriter.py 프로젝트: thehub/syncer
    """
    recursive. returns all attributes for a objectClass object down the hierarchy
    """
    attrs.extend(oc.may + oc.must)
    for oc_name in oc.sup:
        sup_oc = schema.get_obj(ldap.schema.ObjectClass, oc_name)
        getAttrs(sup_oc, attrs)
    return attrs


def addAttrs(*ocnames):
    return tuple(itertools.chain(*[hubocnames_and_attrs[name] for name in ocnames]))


isHubOC = lambda oc: oc.names[0].startswith("hub")
all_ocs = [schema.get_obj(ldap.schema.ObjectClass, oid) for oid in schema.listall(ldap.schema.ObjectClass)]
all_attrs = [schema.get_obj(ldap.schema.AttributeType, oid) for oid in schema.listall(ldap.schema.AttributeType)]
multivalue_attrs = tuple(itertools.chain(*[x.names for x in all_attrs if not x.single_value]))

hub_ocs = [oc for oc in all_ocs if isHubOC(oc)]
hub_ocs = all_ocs
hubocnames_and_attrs = dict([(oc.names[0], tuple(getAttrs(oc, []))) for oc in hub_ocs])
# aux_attrs_and_ocnames = dict([(hubocnames_and_attrs[oc.names[0]], oc.names[0]) for oc in hub_ocs if oc.kind == 2])
oc_entries = dict([(oc.names[0], (oc.names + oc.sup)) for oc in hub_ocs])

conn.unbind_s()
del all_ocs, conn, isHubOC, schema, all_attrs


def getLocalUserDNFromUid(conn, uid):
    gdn = globaluserdn % uid
예제 #30
0
파일: attr.py 프로젝트: COMU/pyldapadmin
def get_att(name,password,host):
#if __name__=='__main__':
    url = ldapurl.LDAPUrl('ldap://', host+':389', '', name)
    ldap_server = ldap.initialize('ldap://'+host+':389')
    ldap_server.bind_s(name, password)
    subentrydn = ldap_server.search_subschemasubentry_s()
    entry = ldap_server.read_subschemasubentry_s(subentrydn,url.attrs)
    schema = None
    attributes = {}
    objectclass = {}
    if subentrydn!=None:
        schema = ldap.schema.SubSchema(entry)
        attlist = schema.listall(ldap.schema.AttributeType)
        for item in attlist:
            a = schema.get_obj(ldap.schema.AttributeType, item)
            attnamelist = a.names
            for att in attnamelist:
                attributes[att.lower()] = {"DESC": a.desc,
                "SINGLE": a.single_value,
                "SYNTAX": a.syntax,
                "NAME": att,
                "COLLECTIVE": a.collective,
                "EQUALITY": a.equality,
                "OBSOLETE": a.obsolete,
                "OID": a.oid,
                "ORDERING": a.ordering, "SUP": a.sup,
                "SYNTAX_LEN": a.syntax_len,
                "USAGE": a.usage}
        objlist = schema.listall(ldap.schema.ObjectClass)
        for oids in objlist:
            a = schema.get_obj(ldap.schema.ObjectClass, oids)
            kind = ""
            if a.kind == 0:
                kind = "STRUCTURAL"
            if a.kind == 1:
                kind = "ABSTRACT"
            if a.kind == 2:
                kind = "AUXILIARY"
            desc = ""
            if a.desc != None:
                desc = a.desc
            must = []
            if len(a.must) != 0:
                must = a.must
            may = []
            if len(a.may) != 0:
                may = a.may
            sup = []
            for item in a.sup:
                if item.lower() != 'top':
                    sup.append(item.lower())
            numericoid = ""
            if a.oid != None:
                numericoid = a.oid

            for name in a.names:
                objectclass[name] = {"DESC":desc,"MUST":must,"MAY": may,"NAME": name,"KIND":kind,"SUP":sup,"OID": numericoid}
    else:
        schema = None

    #print attributes
    ldap_server.unbind()
    return objectclass
예제 #31
0
파일: schema.py 프로젝트: shobull/hue
subschemasubentry_dn, schema = ldap.schema.urlfetch(sys.argv[-1])

schema_reverse = ldap.schema.SubSchema(schema.ldap_entry())

if subschemasubentry_dn is None:
    print "No sub schema sub entry found!"
    sys.exit(1)

print "*** Schema from", repr(subschemasubentry_dn)

# Display schema
for attr_type, schema_class in ldap.schema.SCHEMA_CLASS_MAPPING.items():
    print "*" * 20, attr_type, "*" * 20
    for element_id in schema.listall(schema_class):
        se_orig = schema.get_obj(schema_class, element_id)
        se_reverse = schema_reverse.get_obj(schema_class, element_id)
        #    assert str(se_orig)==str(se_reverse)
        print attr_type, str(se_orig)
print "*** Testing object class inetOrgPerson ***"

inetOrgPerson = schema.get_obj(ldap.schema.ObjectClass, "inetOrgPerson")
if not inetOrgPerson is None:
    print inetOrgPerson.must, inetOrgPerson.may

print "*** person,organizationalPerson,inetOrgPerson ***"
try:
    print schema.attribute_types(["person", "organizationalPerson", "inetOrgPerson"])
    print schema.attribute_types(
        ["person", "organizationalPerson", "inetOrgPerson"],
        attr_type_filter=[("no_user_mod", [0]), ("usage", range(2))],
예제 #32
0
if subschemasubentry_dn is None:
  print('No sub schema sub entry found!')
  sys.exit(1)

if schema.non_unique_oids:
  print('*** Schema errors ***')
  print('non-unique OIDs:\n','\r\n'.join(schema.non_unique_oids))

print('*** Schema from',repr(subschemasubentry_dn))

# Display schema
for attr_type,schema_class in ldap.schema.SCHEMA_CLASS_MAPPING.items():
  print('*'*20,attr_type,'*'*20)
  for element_id in schema.listall(schema_class):
    se_orig = schema.get_obj(schema_class,element_id)
    print(attr_type,str(se_orig))
print('*** Testing object class inetOrgPerson ***')

drink = schema.get_obj(ldap.schema.AttributeType,'favouriteDrink')
if not drink is None:
  print('*** drink ***')
  print('drink.names',repr(drink.names))
  print('drink.collective',repr(drink.collective))

inetOrgPerson = schema.get_obj(ldap.schema.ObjectClass,'inetOrgPerson')
if not inetOrgPerson is None:
  print(inetOrgPerson.must,inetOrgPerson.may)

print('*** person,organizationalPerson,inetOrgPerson ***')
try:
예제 #33
0
 def get_attribute_type(self, oid):
     openldap_uri = 'file://{}'.format(TEST_SUBSCHEMA_FILES[0])
     dn, schema = ldap.schema.urlfetch(openldap_uri)
     return schema.get_obj(AttributeType, oid)
예제 #34
0
class WorkerThreadFetch(threading.Thread):

    # TODO MOVE THIS TO LUMACONNECTION

    def __init__(self, serverMeta):
        threading.Thread.__init__(self)
        self.serverMeta = serverMeta
        self.ldapConnection = None

        self.FINISHED = False
        self.exceptionObject = None

        self.objectClassesDict = {}
        self.attributeDict = {}
        self.syntaxDict = {}
        self.matchingDict = {}

    def run(self):
        try:
            urlschemeVal = "ldap"
            if self.serverMeta.encryptionMethod == ServerEncryptionMethod.SSL:
                urlschemeVal = "ldaps"

            whoVal = None
            credVal = None
            if not (self.serverMeta.bindAnon):
                whoVal = self.serverMeta.bindDN
                credVal = self.serverMeta.bindPassword

            url = ldapurl.LDAPUrl(urlscheme=urlschemeVal,
                                  hostport=self.serverMeta.hostname + ":" +
                                  str(self.serverMeta.port),
                                  dn=self.serverMeta.baseDN,
                                  who=whoVal,
                                  cred=credVal)

            self.ldapServerObject = ldap.initialize(url.initializeUrl())
            self.ldapServerObject.protocol_version = 3

            # Check whether we want to validate the server certificate.
            validateMethod = ldap.OPT_X_TLS_DEMAND
            if self.serverMeta.checkServerCertificate == ServerCheckCertificate.Demand:
                validateMethod = ldap.OPT_X_TLS_DEMAND
            elif self.serverMeta.checkServerCertificate == ServerCheckCertificate.Never:
                validateMethod = ldap.OPT_X_TLS_NEVER
            elif self.serverMeta.checkServerCertificate == ServerCheckCertificate.Try:
                validateMethod = ldap.OPT_X_TLS_TRY
            elif self.serverMeta.checkServerCertificate == ServerCheckCertificate.Allow:
                validateMethod = ldap.OPT_X_TLS_ALLOW

            encryption = False
            if self.serverMeta.encryptionMethod == ServerEncryptionMethod.SSL:
                encryption = True
            elif self.serverMeta.encryptionMethod == ServerEncryptionMethod.TLS:
                encryption = True

            if encryption:
                ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, validateMethod)
                #self.ldapServerObject.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, validateMethod)

            # If we're going to present client certificates, this must be set as an option
            if self.serverMeta.useCertificate and encryption:
                try:
                    self.ldapServerObject.set_option(
                        ldap.OPT_X_TLS_CERTFILE,
                        self.serverMeta.clientCertFile)
                    self.ldapServerObject.set_option(
                        ldap.OPT_X_TLS_KEYFILE,
                        self.serverMeta.clientCertKeyfile)
                except Exception, e:
                    message = "Certificate error. Reason:\n"
                    message += "Could not set client certificate and certificate keyfile. "
                    message += str(e)

                    #TODO LOGGING
                    print "Error:", message, "in ObjectClassAttributeInfo.WorkerThreadFetch"
                    print "TODO - proper logging/error-handling"
                    #environment.logMessage(LogObject("Error,",message))

            if self.serverMeta.encryptionMethod == ServerEncryptionMethod.TLS:
                self.ldapServerObject.start_tls_s()

            # Enable Alias support
            if self.serverMeta.followAliases:
                self.ldapServerObject.set_option(ldap.OPT_DEREF,
                                                 ldap.DEREF_ALWAYS)

            if self.serverMeta.bindAnon:
                self.ldapServerObject.simple_bind()
            elif self.serverMeta.authMethod == ServerAuthMethod.Simple:
                self.ldapServerObject.simple_bind_s(whoVal, credVal)
            elif not self.serverMeta == ServerAuthMethod.Simple:
                sasl_cb_value_dict = {}
                if not self.serverMeta.authMethod == ServerAuthMethod.SASL_GSSAPI:
                    sasl_cb_value_dict[ldap.sasl.CB_AUTHNAME] = whoVal
                    sasl_cb_value_dict[ldap.sasl.CB_PASS] = credVal

                sasl_mech = None
                if self.serverMeta.authMethod == ServerAuthMethod.SASL_PLAIN:
                    sasl_mech = "PLAIN"
                elif self.serverMeta.authMethod == ServerAuthMethod.SASL_CRAM_MD5:
                    sasl_mech = "CRAM-MD5"
                elif self.serverMeta.authMethod == ServerAuthMethod.SASL_DIGEST_MD5:
                    sasl_mech = "DIGEST-MD5"
                elif self.serverMeta.authMethod == ServerAuthMethod.SASL_LOGIN:
                    sasl_mech = "LOGIN"
                elif self.serverMeta.authMethod == ServerAuthMethod.SASL_GSSAPI:
                    sasl_mech = "GSSAPI"
                elif self.serverMeta.authMethod == ServerAuthMethod.SASL_EXTERNAL:
                    sasl_mech = "EXTERNAL"

                sasl_auth = ldap.sasl.sasl(sasl_cb_value_dict, sasl_mech)

                # If python-ldap has no support for SASL, it doesn't have
                # sasl_interactive_bind_s as a method.
                try:
                    if "EXTERNAL" == sasl_mech:
                        #url = ldapurl.LDAPUrl(urlscheme="ldapi",
                        #    hostport = self.serverMeta.host.replace("/", "%2f"),
                        #    dn = self.serverMeta.baseDN)

                        url = "ldapi://" + self.serverMeta.hostname.replace(
                            "/", "%2F").replace(",", "%2C")

                        #self.ldapServerObject = ldap.initialize(url.initializeUrl())
                        self.ldapServerObject = ldap.initialize(url)
                        self.ldapServerObject.protocol_version = 3

                        # Enable Alias support
                        if self.serverMeta.followAliases:
                            self.ldapServerObject.set_option(
                                ldap.OPT_DEREF, ldap.DEREF_ALWAYS)

                    self.ldapServerObject.sasl_interactive_bind_s(
                        "", sasl_auth)
                except AttributeError, e:
                    self.result = False
                    self.exceptionObject = e
                    self.FINISHED = True
                    return

            #subschemasubentry_dn = self.ldapServerObject.search_subschemasubentry_s(url.dn)
            subschemasubentry_dn = self.ldapServerObject.search_subschemasubentry_s(
            )
            if subschemasubentry_dn is None:
                subschemasubentry_entry = None
            else:
                if url.attrs is None:
                    schema_attrs = SCHEMA_ATTRS
                else:
                    schema_attrs = url.attrs
                subschemasubentry_entry = self.ldapServerObject.read_subschemasubentry_s(
                    subschemasubentry_dn, attrs=schema_attrs)
            self.ldapServerObject.unbind_s()

            schema = None
            if subschemasubentry_dn != None:
                schema = ldap.schema.SubSchema(subschemasubentry_entry)
            else:
                schema = None

            # get objectclass information
            oidList = schema.listall(ldap.schema.ObjectClass)
            for x in oidList:
                y = schema.get_obj(ldap.schema.ObjectClass, x)

                # detect kind of objectclass
                kind = ""
                if 0 == y.kind:
                    kind = "STRUCTURAL"
                elif 1 == y.kind:
                    kind = "ABSTRACT"
                elif 2 == y.kind:
                    kind = "AUXILIARY"

                # name of objectclass
                desc = ""
                if not (y.desc == None):
                    desc = y.desc

                # must attributes of the objectclass
                must = []
                if not (len(y.must) == 0):
                    must = y.must

                # may attributes of the objectclass
                may = []
                if not (len(y.may) == 0):
                    may = y.may

                # parents of the objectclass
                # beware that not the whole class chain is given. only
                # the first class above the current
                parents = []
                for parent in y.sup:
                    # filter out objectclass top. all classes are
                    # derived from top
                    if not ("top" == parent.lower()):
                        parents.append(parent.lower())

                oid = ""
                if not (y.oid == None):
                    oid = y.oid

                # store values for each name the current class has.
                # IMPORTANT: the key is always lowercase
                for name in y.names:
                    self.objectClassesDict[name.lower()] = {
                        "DESC": desc,
                        "MUST": must,
                        "MAY": may,
                        "NAME": name,
                        "KIND": kind,
                        "PARENTS": parents,
                        "OID": oid
                    }

            # get attribute information
            oidList = schema.listall(ldap.schema.AttributeType)
            for x in oidList:
                y = schema.get_obj(ldap.schema.AttributeType, x)

                nameList = y.names
                for z in nameList:
                    self.attributeDict[z.lower()] = {
                        "DESC": y.desc,
                        "SINGLE": y.single_value,
                        "SYNTAX": y.syntax,
                        "NAME": z,
                        "COLLECTIVE": y.collective,
                        "EQUALITY": y.equality,
                        "OBSOLETE": y.obsolete,
                        "OID": y.oid,
                        "ORDERING": y.ordering,
                        "SUP": y.sup,
                        "SYNTAX_LEN": y.syntax_len,
                        "USAGE": y.usage
                    }

            # get syntax information
            oidList = schema.listall(ldap.schema.LDAPSyntax)
            for x in oidList:
                y = schema.get_obj(ldap.schema.LDAPSyntax, x)
                self.syntaxDict[x] = {"DESC": y.desc, "OID": y.oid}

            # get matching information
            oidList = schema.listall(ldap.schema.MatchingRule)
            for x in oidList:
                y = schema.get_obj(ldap.schema.MatchingRule, x)
                for z in y.names:
                    self.matchingDict[z.lower()] = {
                        "DESC": y.desc,
                        "OID": y.oid,
                        "OBSOLETE": y.obsolete,
                        "SYNTAX": y.syntax,
                        "NAME": z
                    }

            self.FINISHED = True
예제 #35
0
파일: directory.py 프로젝트: jubalfh/cog
def get_object_class(oc):
    _, schema = ldap.schema.urlfetch(settings.ldap_uri)
    return schema.get_obj(ldap.schema.ObjectClass, oc)