def accountUnlockable(self, user, object_dn):
index = PluginRegistry.getInstance("ObjectIndex")
# Do we have read permissions for the requested attribute
env = Environment.getInstance()
topic = "%s.objects.%s.attributes.%s" % (env.domain, "User", "isLocked")
aclresolver = PluginRegistry.getInstance("ACLResolver")
if not aclresolver.check(user, topic, "r", base=object_dn):
self.__log.debug(
"user '%s' has insufficient permissions to read %s on %s, required is %s:%s"
% (user, "isLocked", object_dn, topic, "r")
)
raise ACLException(C.make_error("PERMISSION_ACCESS", topic, target=object_dn))
res = index.search({"dn": object_dn, "userPassword": {"$size": 1}}, {"userPassword": 1})
if res.count():
hsh = res[0]["userPassword"][0]
else:
# No password hash -> cannot lock/unlock account
return False
# Try to detect the responsible password method-class
pwd_o = self.detect_method_by_hash(hsh)
if not pwd_o:
# Could not identify password method
return False
return pwd_o.isUnlockable(hsh)
def serve(self):
""" Start AMQP service for this clacks service provider. """
# Load AMQP and Command registry instances
amqp = PluginRegistry.getInstance('AMQPHandler')
self.__cr = PluginRegistry.getInstance('CommandRegistry')
# Create a list of queues we need here
queues = {}
for dsc in self.__cr.commands.values():
queues[dsc['target']] = True
# Finally create the queues
for queue in queues:
# Add round robin processor for queue
self.__cmdWorker = AMQPWorker(self.env, connection=amqp.getConnection(),
r_address='%s.command.%s; { create:always, node:{ type:queue, x-bindings:[ { exchange:"amq.direct", queue:"%s.command.%s" } ] } }' % (self.env.domain, queue, self.env.domain, queue),
workers=int(self.env.config.get('amqp.worker', default=1)),
callback=self.commandReceived)
# Add private processor for queue
self.__cmdWorker = AMQPWorker(self.env, connection=amqp.getConnection(),
r_address='%s.command.%s.%s; { create:always, delete:receiver, node:{ type:queue, x-bindings:[ { exchange:"amq.direct", queue:"%s.command.%s.%s" } ] } }' % (self.env.domain, queue, self.env.id, self.env.domain, queue, self.env.id),
workers=int(self.env.config.get('amqp.worker', default=1)),
callback=self.commandReceived)
# Announce service
if self.env.config.get("amqp.announce", default="True").lower() == "true":
url = parseURL(self.env.config.get("amqp.url"))
self.__zeroconf = ZeroconfService(name="Clacks RPC service",
port=url['port'],
stype="_%s._tcp" % url['scheme'],
text=dict_to_txt_array({'path': self.env.domain, 'service': 'clacks'}))
self.__zeroconf.publish()
self.log.info("ready to process incoming requests")
def __dbus_proxy_monitor(self, bus_name):
"""
This method monitors the DBus service 'org.clacks' and whenever there is a
change in the status (dbus closed/startet) we will take notice.
And can register or unregister methods to the dbus
"""
if "org.clacks" in self.bus.list_names():
if self.clacks_dbus:
del(self.clacks_dbus)
self.clacks_dbus = self.bus.get_object('org.clacks', '/org/clacks/notify')
ccr = PluginRegistry.getInstance('ClientCommandRegistry')
ccr.register("notify", 'Notify.notify', [], \
['user', 'title', 'message', 'timeout', 'icon'], \
'Sent a notification to a given user')
ccr.register("notify_all", 'Notify.notify_all', [], \
['title', 'message', 'timeout', 'icon'], \
'Sent a notification to a given user')
amcs = PluginRegistry.getInstance('AMQPClientService')
amcs.reAnnounce()
self.log.info("established dbus connection")
else:
if self.clacks_dbus:
del(self.clacks_dbus)
# Trigger resend of capapability event
ccr = PluginRegistry.getInstance('ClientCommandRegistry')
ccr.unregister("notify")
ccr.unregister("notify_all")
amcs = PluginRegistry.getInstance('AMQPClientService')
amcs.reAnnounce()
self.log.info("lost dbus connection")
else:
self.log.info("no dbus connection")
def __dbus_proxy_monitor(self, bus_name):
"""
This method monitors the DBus service 'org.clacks' and whenever there is a
change in the status (dbus closed/startet) we will take notice.
And can register or unregister methods to the dbus
"""
if "org.clacks" in self.bus.list_names():
if self.clacks_dbus:
del(self.clacks_dbus)
# Trigger resend of capapability event
self.clacks_dbus = self.bus.get_object('org.clacks', '/org/clacks/inventory')
ccr = PluginRegistry.getInstance('ClientCommandRegistry')
ccr.register("request_inventory", 'Inventory.request_inventory', [], ['old_checksum=None'], 'Request client inventory information')
amcs = PluginRegistry.getInstance('AMQPClientService')
amcs.reAnnounce()
self.log.info("established dbus connection")
else:
if self.clacks_dbus:
del(self.clacks_dbus)
# Trigger resend of capapability event
ccr = PluginRegistry.getInstance('ClientCommandRegistry')
ccr.unregister("request_inventory")
amcs = PluginRegistry.getInstance('AMQPClientService')
amcs.reAnnounce()
self.log.info("lost dbus connection")
else:
self.log.info("no dbus connection")
def setSambaPassword(self, user, object_dn, password):
"""
Set a new samba-password for a user
"""
# Do we have read permissions for the requested attribute
env = Environment.getInstance()
topic = "%s.objects.%s.attributes.%s" % (env.domain, "User", "sambaNTPassword")
aclresolver = PluginRegistry.getInstance("ACLResolver")
if not aclresolver.check(user, topic, "w", base=object_dn):
self.__log.debug(
"user '%s' has insufficient permissions to write %s on %s, required is %s:%s"
% (user, "isLocked", object_dn, topic, "w")
)
raise ACLException(C.make_error("PERMISSION_ACCESS", topic, target=object_dn))
topic = "%s.objects.%s.attributes.%s" % (env.domain, "User", "sambaLMPassword")
aclresolver = PluginRegistry.getInstance("ACLResolver")
if not aclresolver.check(user, topic, "w", base=object_dn):
self.__log.debug(
"user '%s' has insufficient permissions to write %s on %s, required is %s:%s"
% (user, "isLocked", object_dn, topic, "w")
)
raise ACLException(C.make_error("PERMISSION_ACCESS", topic, target=object_dn))
# Set the password and commit the changes
lm, nt = smbpasswd.hash(password)
user = ObjectProxy(object_dn)
user.sambaNTPassword = nt
user.sambaLMPassword = lm
user.commit()
def __dbus_proxy_monitor(self, bus_name):
"""
This method monitors the DBus service 'org.clacks' and whenever there is a
change in the status (dbus closed/startet) we will take notice.
And can stop or restart singature checking.
"""
if "org.clacks" in self.bus.list_names():
if self.clacks_dbus:
del(self.clacks_dbus)
self.clacks_dbus = self.bus.get_object('org.clacks', '/org/clacks/shell')
self.clacks_dbus.connect_to_signal("_signatureChanged", self.__signatureChanged_received, dbus_interface="org.clacks")
self.log.info("established dbus connection")
self.__signatureChanged_received(None)
# Trigger resend of capapability event
ccr = PluginRegistry.getInstance('ClientCommandRegistry')
ccr.register("listDBusMethods", 'DBUSProxy.listDBusMethods', [], [], 'This method lists all callable dbus methods')
ccr.register("callDBusMethod", 'DBUSProxy.callDBusMethod', [], ['method', '*args'], \
'This method allows to access registered dbus methods by forwarding methods calls')
amcs = PluginRegistry.getInstance('AMQPClientService')
amcs.reAnnounce()
else:
if self.clacks_dbus:
del(self.clacks_dbus)
self.__signatureChanged_received(None)
self.log.info("lost dbus connection")
# Trigger resend of capapability event
ccr = PluginRegistry.getInstance('ClientCommandRegistry')
ccr.unregister("listDBusMethods")
ccr.unregister("callDBusMethod")
amcs = PluginRegistry.getInstance('AMQPClientService')
amcs.reAnnounce()
else:
self.log.info("no dbus connection")
def _convert_to_unicodestring(self, value):
rom = PluginRegistry.getInstance("JSONRPCObjectMapper")
cr = PluginRegistry.getInstance("CommandRegistry")
new_value = []
for item in value:
uuid = item["__jsonclass__"][1][1]
new_value.append(rom.dispatchObjectMethod(uuid, "dump"))
cr.call("closeObject", uuid)
return new_value
def searchForObjectDetails(self, user, extension, attribute, fltr, attributes, skip_values):
"""
Search selectable items valid for the attribute "extension.attribute".
This is used to add new groups to the users groupMembership attribute.
"""
# Extract the the required information about the object
# relation out of the BackendParameters for the given extension.
of = ObjectFactory.getInstance()
be_data = of.getObjectBackendParameters(extension, attribute)
if not be_data:
raise GOsaException(C.make_error("BACKEND_PARAMETER_MISSING", extension=extension, attribute=attribute))
# Collection basic information
otype, oattr, foreignMatchAttr, matchAttr = be_data[attribute] #@UnusedVariable
# Create a list of attributes that will be requested
if oattr not in attributes:
attributes.append(oattr)
attrs = dict([(x, 1) for x in attributes])
if not "dn" in attrs:
attrs.update({'dn': 1})
# Start the query and brind the result in a usable form
index = PluginRegistry.getInstance("ObjectIndex")
res = index.search({
'$or': [{'_type': otype}, {'_extensions': otype}],
oattr: re.compile("^.*" + re.escape(fltr) + ".*$")
}, attrs)
result = []
# Do we have read permissions for the requested attribute
env = Environment.getInstance()
topic = "%s.objects.%s" % (env.domain, otype)
aclresolver = PluginRegistry.getInstance("ACLResolver")
for entry in res:
if not aclresolver.check(user, topic, "s", base=entry['dn']):
continue
item = {}
for attr in attributes:
if attr in entry and len(entry[attr]):
item[attr] = entry[attr] if attr == "dn" else entry[attr][0]
else:
item[attr] = ""
item['__identifier__'] = item[oattr]
# Skip values that are in the skip list
if skip_values and item['__identifier__'] in skip_values:
continue
result.append(item)
return result
def resolve(self, number):
number = self.replaceNumber(number)
index = PluginRegistry.getInstance("ObjectIndex")
res = index.search({"_type": "User", "telephoneNumber": str(number)}, {"dn": 1})
if res.count() != 1:
res = index.search({"_type": "User", "uid": str(number)}, {"dn": 1})
if res.count() == 1:
obj = ObjectProxy(res[0]["dn"])
result = {
"company_id": "",
"company_name": "Intern",
"company_phone": "",
"company_detail_url": "",
"contact_id": obj.uid,
"contact_name": obj.cn,
"contact_phone": obj.telephoneNumber[0],
"contact_detail_url": "",
"avatar": obj.jpegPhoto.get() if obj.jpegPhoto else None,
"ldap_uid": obj.uid,
"resource": "ldap",
}
return result
return None
def serve(self):
# Collect value extenders
self.__value_extender = clacks.agent.objects.renderer.get_renderers()
self.__search_aid = PluginRegistry.getInstance("ObjectIndex").get_search_aid()
# Load DB instance
self.db = self.env.get_mongo_db('clacks')
def extensionExists(self, userid, dn, etype):
index = PluginRegistry.getInstance("ObjectIndex")
res = index.search({'_type': 'User', 'dn': dn}, {'_extensions': 1})
if not res.count():
raise GOsaException(C.make_error("UNKNOWN_USER", userid))
return etype in res[0]['_extensions'] if '_extensions' in res[0] else False
def serve(self):
"""
Start the scheduler service.
"""
self.sched.start()
# Start migration job
self.sched.add_interval_job(self.migrate, seconds=60, tag="_internal", jobstore="ram")
# Notify others about local scheduler job changes
self.sched.add_listener(
self.__notify, EVENT_JOBSTORE_JOB_REMOVED | EVENT_JOBSTORE_JOB_ADDED | EVENT_JOB_EXECUTED
)
# Get notified by others about remote job changes
amqp = PluginRegistry.getInstance("AMQPHandler")
EventConsumer(
self.env,
amqp.getConnection(),
xquery="""
declare namespace f='http://www.gonicus.de/Events';
let $e := ./f:Event
return $e/f:SchedulerUpdate
and $e/f:Id != '%s'
"""
% self.env.id,
callback=self.__eventProcessor,
)
def setUserPassword(self, user, object_dn, password):
"""
Set a new password for a user
"""
# Do we have read permissions for the requested attribute
env = Environment.getInstance()
topic = "%s.objects.%s.attributes.%s" % (env.domain, "User", "userPassword")
aclresolver = PluginRegistry.getInstance("ACLResolver")
if not aclresolver.check(user, topic, "w", base=object_dn):
self.__log.debug(
"user '%s' has insufficient permissions to write %s on %s, required is %s:%s"
% (user, "isLocked", object_dn, topic, "w")
)
raise ACLException(C.make_error("PERMISSION_ACCESS", topic, target=object_dn))
user = ObjectProxy(object_dn)
method = user.passwordMethod
# Try to detect the responsible password method-class
pwd_o = self.get_method_by_method_type(method)
if not pwd_o:
raise PasswordException(C.make_error("PASSWORD_UNKNOWN_HASH", type=method))
# Generate the new password hash usind the detected method
pwd_str = pwd_o.generate_password_hash(password, method)
# Set the password and commit the changes
user.userPassword = pwd_str
user.commit()
def lockAccountPassword(self, user, object_dn):
"""
Locks the account password for the given DN
"""
# Do we have read permissions for the requested attribute
env = Environment.getInstance()
topic = "%s.objects.%s.attributes.%s" % (env.domain, "User", "userPassword")
aclresolver = PluginRegistry.getInstance("ACLResolver")
if not aclresolver.check(user, topic, "w", base=object_dn):
self.__log.debug(
"user '%s' has insufficient permissions to write %s on %s, required is %s:%s"
% (user, "isLocked", object_dn, topic, "w")
)
raise ACLException(C.make_error("PERMISSION_ACCESS", topic, target=object_dn))
# Get the object for the given dn
user = ObjectProxy(object_dn)
# Check if there is a userPasswort available and set
if not "userPassword" in user.get_attributes():
raise PasswordException(C.make_error("PASSWORD_NO_ATTRIBUTE"))
if not user.userPassword:
raise PasswordException(C.make_error("PASSWORD_NOT_AVAILABLE"))
# Try to detect the responsible password method-class
pwd_o = self.detect_method_by_hash(user.userPassword)
if not pwd_o:
raise PasswordException(C.make_error("PASSWORD_METHOD_UNKNOWN"))
# Lock the hash and save it
user.userPassword = pwd_o.lock_account(user.userPassword)
user.commit()
def get_adjusted_parent_dn(self, dn=None):
index = PluginRegistry.getInstance("ObjectIndex")
tdn = []
pdn = self.get_parent_dn(dn)
# Skip base
if len(pdn) < len(self.__env.base):
return pdn
while True:
if pdn == self.__env.base or len(pdn) < len(self.__env.base):
break
# Fetch object type for pdn
ptype = index.search({"dn": pdn}, {'_type': 1})[0]['_type']
schema = self.__factory.getXMLSchema(ptype)
if not ("StructuralInvisible" in schema.__dict__ and schema.StructuralInvisible == True):
#tdn.insert(0, str2dn(pdn.encode('utf-8'))[0])
tdn.append(str2dn(pdn.encode('utf-8'))[0])
pdn = self.get_parent_dn(pdn)
tdn = str2dn(self.__env.base.encode('utf-8'))[::-1] + tdn[::-1]
return dn2str(tdn[::-1]).decode('utf-8')
def resolve(self, number):
number = self.replaceNumber(number)
index = PluginRegistry.getInstance("ObjectIndex")
res = index.search({'_type': 'User', 'telephoneNumber': str(number)},
{'dn': 1})
if res.count() == 1:
obj = ObjectProxy(res[0]['dn'])
result = {
'company_id': '',
'company_name': 'Intern',
'company_phone': '',
'company_detail_url': '',
'contact_id': obj.uid,
'contact_name': obj.cn,
'contact_phone': obj.telephoneNumber[0],
'contact_detail_url': '',
'avatar': obj.jpegPhoto.get() if obj.jpegPhoto else None,
'ldap_uid': obj.uid,
'resource': 'ldap',
}
return result
return None
def remove(self, recursive=False):
"""
Removes the currently proxied object.
"""
# Check ACLs
# We need the 'd' right for the current base-object and all its active extensions to be able to remove it.
if self.__current_user is not None:
required_acl_objects = [self.__base_type] + [ext for ext, item in self.__extensions.items() if
item is not None]
for ext_type in required_acl_objects:
topic = "%s.objects.%s" % (self.__env.domain, ext_type)
if not self.__acl_resolver.check(self.__current_user, topic, "d", base=self.dn):
self.__log.debug("user '%s' has insufficient permissions to remove %s, required is %s:%s" % (
self.__current_user, self.__base.dn, topic, 'd'))
raise ACLException(C.make_error('PERMISSION_REMOVE', target=self.__base.dn))
zope.event.notify(ObjectChanged("pre object remove", self.__base))
if recursive:
# Load all children and remove them, starting from the most
# nested ones.
index = PluginRegistry.getInstance("ObjectIndex")
children = index.search({"dn": re.compile("^(.*,)?" + re.escape(self.__base.dn) + "$")}, {'dn': 1})
children = [c['dn'] for c in children]
children.sort(key=len, reverse=True)
for child in children:
c_obj = ObjectProxy(child)
c_obj.remove(recursive=True)
else:
# Test if we've children
index = PluginRegistry.getInstance("ObjectIndex")
if index.search({"dn": re.compile("^(.*,)" + re.escape(self.__base.dn) + "$")}, {'dn': 1}).count():
raise ProxyException(C.make_error('OBJECT_HAS_CHILDREN', target=self.__base.dn))
for extension in [e for e in self.__extensions.values() if e]:
extension.remove_refs()
extension.retract()
self.__base.remove_refs()
self.__base.remove()
zope.event.notify(ObjectChanged("post object remove", self.__base))
def listObjectOIDs(self):
"""
Provide a list of domain wide available object OIDs.
``Return:`` list
"""
cr = PluginRegistry.getInstance('CommandRegistry')
return cr.objects.keys()
def shutdown(a=None, b=None):
""" Function to shut down the agent. Do some clean up and close sockets."""
global dr
amqp = PluginRegistry.getInstance("AMQPHandler")
# Tell others that we're away now
if hasattr(amqp, 'env'):
e = EventMaker()
goodbye = e.Event(e.NodeLeave(e.Id(amqp.env.id)))
amqp.sendEvent(goodbye)
# Shutdown plugins
PluginRegistry.shutdown()
dr.stop()
logging.info("shut down")
logging.shutdown()
def __notify(self, event=None):
# Don't send events for internal job changes
if event and event.job.tag == "_internal":
return
e = EventMaker()
notify = e.Event(e.SchedulerUpdate(e.Id(self.env.id)))
amqp = PluginRegistry.getInstance("AMQPHandler")
amqp.sendEvent(notify)
def __get_proxy_by_oid(self, oid):
# Choose a possible node
cr = PluginRegistry.getInstance('CommandRegistry')
nodes = cr.get_load_sorted_nodes()
provider = None
# Get first match that is a provider for this object
for provider in nodes.keys():
if provider in cr.objects[oid]:
break
if not provider in self.__proxy:
env = Environment.getInstance()
queue = '%s.core.%s' % (env.domain, provider)
amqp = PluginRegistry.getInstance("AMQPHandler")
self.__proxy[provider] = AMQPServiceProxy(amqp.url['source'], queue)
return self.__proxy[provider]
def serve(self):
"""
This method registeres all known methods to the command registry.
"""
# Register ourselfs for bus changes on org.clacks
self.bus.watch_name_owner("org.clacks", self.__dbus_proxy_monitor)
ccr = PluginRegistry.getInstance('ClientCommandRegistry')
for name in self.methods.keys():
ccr.register(name, 'DBUSProxy.callDBusMethod', [name], ['(signatur)'], 'docstring')
def process(self, obj, key, valDict, sid):
index = PluginRegistry.getInstance("ObjectIndex")
sids = index.search({'_type': 'SambaDomain'}, {'sambaSID': 1, 'sambaDomainName': 1})
for item in sids:
if re.match("^" + re.escape(item['sambaSID'][0]) + "\-[0-9]*$", sid):
valDict[key]['value'] = [item['sambaDomainName'][0]]
return key, valDict
return key, valDict
def reload_signatures(self):
"""
Reloads the dbus signatures.
"""
to_register = {}
to_unregister = {}
if not self.clacks_dbus:
self.log.debug("no dbus service registered for '%s' - is clacks-dbus running?" % ("org.clacks"))
to_unregister = self.methods
self.methods = {}
else:
try:
self.log.debug('loading dbus-methods registered by clacks (introspection)')
new_methods = self._call_introspection("org.clacks", "/")
# Detect new methods
for meth in new_methods:
if meth not in self.methods or self.methods[meth]['args'] != new_methods[meth]['args']:
to_register[meth] = new_methods[meth]
# Find removed methods
for meth in self.methods:
if not meth in new_methods:
to_unregister[meth] = self.methods[meth]
self.methods = new_methods
self.log.debug("found %s registered dbus methods" % (str(len(self.methods))))
except DBusException as exception:
self.log.debug("failed to load dbus methods: %s" % (str(exception)))
# (Re-)register the methods we've found
ccr = PluginRegistry.getInstance('ClientCommandRegistry')
for name in to_register:
ccr.register(name, 'DBUSProxy.callDBusMethod', [name], ['(signatur)'], 'docstring')
for name in to_unregister:
ccr.unregister(name)
# Trigger resend of capapability event
amcs = PluginRegistry.getInstance('AMQPClientService')
amcs.reAnnounce()
def __has_access_to(self, user, object_dn, object_type, attr):
"""
Checks whether the given user has access to the given object/attribute or not.
"""
aclresolver = PluginRegistry.getInstance("ACLResolver")
if user:
topic = "%s.objects.%s.attributes.%s" % (self.env.domain, object_type, attr)
return aclresolver.check(user, topic, "r", base=object_dn)
else:
return True
def process(self, req, environ):
# Check if we're authenticated
if not self.check_cookie(environ):
raise exc.HTTPUnauthorized(
"Please use the login method to authorize yourself.",
allow='POST').exception
# Strip leading part of the path
path = environ['PATH_INFO'][len(self.__path):].strip(os.sep)
# Extract cache entry uuid, attribute, index and subindex
try:
uuid, attribute, index, subindex = path.split(os.sep)
except:
raise exc.HTTPNotFound().exception
# Check if we're authorized
info = extract_cookie("ClacksRPC", self.__secret, environ['HTTP_COOKIE'])
# Query type and dn from uuid
tmp = self.db.index.find_one({'_uuid': uuid}, {'dn': 1, '_type': 1})
if not tmp:
raise exc.HTTPNotFound().exception
aclresolver = PluginRegistry.getInstance("ACLResolver")
topic = "%s.objects.%s.attributes.%s" % (self.env.domain, tmp['_type'], attribute)
if not aclresolver.check(info['REMOTE_USER'], topic, "r", base=tmp['dn']):
raise exc.HTTPForbidden().exception
# Remove extension from subindex
subindex = os.path.splitext(subindex)[0]
# Load the cached binary data and serve it
data = self.db.cache.find_one({'uuid': uuid, 'attribute': attribute,
subindex: {'$exists': True},
"%s.%s" % (subindex, index): {'$exists': True}}, {subindex: 1, 'modified': 1})
if not data:
raise exc.HTTPNotFound().exception
# Tell the client that we've no modification?
lm = req.headers.get('If-Modified-Since')
if lm:
lm = datetime(*rfc822.parsedate(lm)[0:6])
if data['modified'] > lm:
raise exc.HTTPNotModified().exception
resp = Response(
content_type='image/jpeg',
body=str(data[subindex][int(index)]))
resp.cache_control.max_age = 3600
resp.cache_control.private = 1
resp.last_modified = data['modified']
return resp
def process(self, all_props, key, value, objectType):
errors = []
index = PluginRegistry.getInstance("ObjectIndex")
for dn in value:
if not index.search({'_type': objectType, 'dn': dn}, {'dn': 1}).count():
errors.append(dict(index=value.index(dn),
detail=N_("DN '%(dn)s' does not exist"),
dn=dn))
return len(errors) == 0, errors
def getUserDetails(self, userid):
index = PluginRegistry.getInstance("ObjectIndex")
res = index.search({'_type': 'User', 'uid': userid}, {'sn': 1, 'givenName': 1, 'cn': 1, 'dn': 1, '_uuid': 1})
if not res.count():
raise GOsaException(C.make_error("UNKNOWN_USER", userid))
return({'sn': res[0]['sn'][0],
'givenName': res[0]['givenName'][0],
'dn': res[0]['dn'],
'uuid': res[0]['_uuid'],
'cn': res[0]['cn'][0]})
def getObjectDetails(self, extension, attribute, names, attributes):
"""
This method is used to complete object information shown in the gui.
e.g. The groupMembership table just knows the groups cn attribute.
To be able to show the description too, it uses this method.
#TODO: @fabian - this function is about 95% the same than the one
# above.
"""
# Extract the the required information about the object
# relation out of the BackendParameters for the given extension.
of = ObjectFactory.getInstance()
be_data = of.getObjectBackendParameters(extension, attribute)
if not be_data:
raise GOsaException(C.make_error("BACKEND_PARAMETER_MISSING", extension=extension, attribute=attribute))
# Collection basic information
otype, oattr, foreignMatchAttr, matchAttr = be_data[attribute] #@UnusedVariable
# Create a list of attributes that will be requested
if oattr not in attributes:
attributes.append(oattr)
attrs = dict([(x, 1) for x in attributes])
# Start the query and brind the result in a usable form
index = PluginRegistry.getInstance("ObjectIndex")
res = index.search({
'$or': [{'_type': otype}, {'_extensions': otype}],
oattr: {'$in': names}
}, attrs)
result = {}
mapping = {}
for entry in names:
_id = len(result)
mapping[entry] = _id
result[_id] = None
for entry in res:
item = {}
for attr in attributes:
if attr in entry and len(entry[attr]):
item[attr] = entry[attr] if attr == 'dn' else entry[attr][0]
else:
item[attr] = ""
_id = mapping[item[oattr]]
result[_id] = item
return {"result": result, "map": mapping}
def check_cookie(self):
if "Cookie" in self.request.headers:
info = extract_cookie("ClacksRPC", self.__secret, self.request.headers['Cookie'])
# The cookie seems to be valid - check the session id
if info:
jsrpc = PluginRegistry.getInstance("JSONRPCService")
return jsrpc.check_session(info['REMOTE_SESSION'], info['REMOTE_USER'])
return False
return False
