def add(self, data):
self.cn = data.get('cn')
self.mail = web.safestr(data.get('mail')).strip().lower()
if not iredutils.isEmail(self.mail):
return (False, 'INVALID_MAIL')
self.domainGlobalAdmin = web.safestr(
data.get('domainGlobalAdmin', 'no'))
if self.domainGlobalAdmin not in [
'yes',
'no',
]:
self.domainGlobalAdmin = 'no'
self.preferredLanguage = web.safestr(
data.get('preferredLanguage', 'en_US'))
# Check password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
else:
return result
ldif = iredldif.ldif_mailadmin(
mail=self.mail,
passwd=self.passwd,
cn=self.cn,
preferredLanguage=self.preferredLanguage,
domainGlobalAdmin=self.domainGlobalAdmin,
)
self.dn = ldaputils.convKeywordToDN(self.mail, accountType='admin')
try:
self.conn.add_s(self.dn, ldif)
web.logger(
msg="Create admin: %s." % (self.mail),
event='create',
)
return (True, )
except ldap.ALREADY_EXISTS:
return (False, 'ALREADY_EXISTS')
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
def add(self, data):
self.cn = data.get('cn')
self.mail = web.safestr(data.get('mail')).strip().lower()
if not iredutils.isEmail(self.mail):
return (False, 'INVALID_MAIL')
self.domainGlobalAdmin = web.safestr(data.get('domainGlobalAdmin', 'no'))
if self.domainGlobalAdmin not in ['yes', 'no',]:
self.domainGlobalAdmin = 'no'
self.preferredLanguage = web.safestr(data.get('preferredLanguage', 'en_US'))
# Check password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
else:
return result
ldif = iredldif.ldif_mailadmin(
mail=self.mail,
passwd=self.passwd,
cn=self.cn,
preferredLanguage=self.preferredLanguage,
domainGlobalAdmin=self.domainGlobalAdmin,
)
self.dn = ldaputils.convKeywordToDN(self.mail, accountType='admin')
try:
self.conn.add_s(self.dn, ldif)
web.logger(msg="Create admin: %s." % (self.mail), event='create',)
return (True,)
except ldap.ALREADY_EXISTS:
return (False, 'ALREADY_EXISTS')
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
self.groups = data.get('groups', [])
if not iredutils.isDomain(self.domain) or not iredutils.isEmail(self.mail):
return (False, 'MISSING_DOMAIN_OR_USERNAME')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isAccountExists(domain=self.domain, filter='(mail=%s)' % self.mail):
return (False, 'ALREADY_EXISTS')
# Get @domainAccountSetting.
domainLib = domainlib.Domain()
result_domain_profile = domainLib.profile(self.domain)
# Initial parameters.
domainAccountSetting = {}
self.aliasDomains = []
if result_domain_profile[0] is True:
domainProfile = result_domain_profile[1]
domainAccountSetting = ldaputils.getAccountSettingFromLdapQueryResult(domainProfile, key='domainName').get(self.domain, {})
self.aliasDomains = domainProfile[0][1].get('domainAliasName', [])
# Check password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw,
min_passwd_length=domainAccountSetting.get('minPasswordLength', '0'),
max_passwd_length=domainAccountSetting.get('maxPasswordLength', '0'),
)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
else:
return result
# Get display name.
self.cn = data.get('cn')
# Get user quota. Unit is MB.
# 0 or empty is not allowed if domain quota is set, set to
# @defaultUserQuota or @domainSpareQuotaSize
# Initial final mailbox quota.
self.quota = 0
# Get mail quota from web form.
defaultUserQuota = domainLib.getDomainDefaultUserQuota(self.domain, domainAccountSetting)
self.mailQuota = str(data.get('mailQuota')).strip()
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = defaultUserQuota
# 0 means unlimited.
domainQuotaSize, domainQuotaUnit = domainAccountSetting.get('domainQuota', '0:GB').split(':')
if int(domainQuotaSize) == 0:
# Unlimited.
self.quota = self.mailQuota
else:
# Get domain quota, convert to MB.
if domainQuotaUnit == 'TB':
domainQuota = int(domainQuotaSize) * 1024 * 1024 # TB
elif domainQuotaUnit == 'GB':
domainQuota = int(domainQuotaSize) * 1024 # GB
else:
domainQuota = int(domainQuotaSize) # MB
# TODO Query whole domain and calculate current quota size, not read from domain profile.
#domainCurrentQuotaSize = int(domainProfile[0][1].get('domainCurrentQuotaSize', ['0'])[0]) / (1024*1024)
result = connutils.getDomainCurrentQuotaSizeFromLDAP(domain=self.domain)
if result[0] is True:
domainCurrentQuotaSize = result[1]
else:
domainCurrentQuotaSize = 0
# Spare quota.
domainSpareQuotaSize = domainQuota - domainCurrentQuotaSize/(1024*1024)
if domainSpareQuotaSize <= 0:
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
# Get FINAL mailbox quota.
if self.mailQuota == 0:
self.quota = domainSpareQuotaSize
else:
if domainSpareQuotaSize > self.mailQuota:
self.quota = self.mailQuota
else:
self.quota = domainSpareQuotaSize
# Get default groups.
self.groups = [ web.safestr(v)
for v in domainAccountSetting.get('defaultList', '').split(',')
if iredutils.isEmail(v)
]
self.defaultStorageBaseDirectory = domainAccountSetting.get('defaultStorageBaseDirectory', None)
# Get default mail list which set in domain accountSetting.
ldif = iredldif.ldif_mailuser(
domain=self.domain,
aliasDomains=self.aliasDomains,
username=self.username,
cn=self.cn,
passwd=self.passwd,
quota=self.quota,
groups=self.groups,
storageBaseDirectory=self.defaultStorageBaseDirectory,
)
if attrs.RDN_USER == 'mail':
self.dn = ldaputils.convKeywordToDN(self.mail, accountType='user')
elif attrs.RDN_USER == 'cn':
self.dn = 'cn=' + self.cn + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \
ldaputils.convKeywordToDN(self.domain, accountType='domain')
elif attrs.RDN_USER == 'uid':
self.dn = 'uid=' + self.username + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \
ldaputils.convKeywordToDN(self.domain, accountType='domain')
else:
return (False, 'UNSUPPORTED_USER_RDN')
try:
self.conn.add_s(ldap.filter.escape_filter_chars(self.dn), ldif,)
web.logger(msg="Create user: %s." % (self.mail), domain=self.domain, event='create',)
return (True,)
except ldap.ALREADY_EXISTS:
return (False, 'ALREADY_EXISTS')
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
else:
accountStatus = 'disabled'
mod_attrs += [ (ldap.MOD_REPLACE, 'accountStatus', accountStatus) ]
elif self.profile_type == 'password':
# Get password length from @domainAccountSetting.
minPasswordLength = domainAccountSetting.get('minPasswordLength', cfg.general.get('min_passwd_length', '0'))
maxPasswordLength = domainAccountSetting.get('maxPasswordLength', cfg.general.get('max_passwd_length', '0'))
# Get new passwords from user input.
self.newpw = str(data.get('newpw', None))
self.confirmpw = str(data.get('confirmpw', None))
result = iredutils.verifyNewPasswords(
newpw=self.newpw,
confirmpw=self.confirmpw,
min_passwd_length=minPasswordLength,
max_passwd_length=maxPasswordLength,
)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
mod_attrs += [ (ldap.MOD_REPLACE, 'userPassword', self.passwd) ]
else:
return result
try:
self.conn.modify_s(self.dn, mod_attrs)
return (True,)
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
self.groups = data.get('groups', [])
if not iredutils.isDomain(self.domain) or not iredutils.isEmail(
self.mail):
return (False, 'MISSING_DOMAIN_OR_USERNAME')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isAccountExists(domain=self.domain,
filter='(mail=%s)' % self.mail):
return (False, 'ALREADY_EXISTS')
# Get @domainAccountSetting.
domainLib = domainlib.Domain()
result_domain_profile = domainLib.profile(self.domain)
# Initial parameters.
domainAccountSetting = {}
self.aliasDomains = []
if result_domain_profile[0] is True:
domainProfile = result_domain_profile[1]
domainAccountSetting = ldaputils.getAccountSettingFromLdapQueryResult(
domainProfile, key='domainName').get(self.domain, {})
self.aliasDomains = domainProfile[0][1].get('domainAliasName', [])
# Check password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(
self.newpw,
self.confirmpw,
min_passwd_length=domainAccountSetting.get('minPasswordLength',
'0'),
max_passwd_length=domainAccountSetting.get('maxPasswordLength',
'0'),
)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
else:
return result
# Get display name.
self.cn = data.get('cn')
# Get user quota. Unit is MB.
# 0 or empty is not allowed if domain quota is set, set to
# @defaultUserQuota or @domainSpareQuotaSize
# Initial final mailbox quota.
self.quota = 0
# Get mail quota from web form.
defaultUserQuota = domainLib.getDomainDefaultUserQuota(
self.domain, domainAccountSetting)
self.mailQuota = str(data.get('mailQuota')).strip()
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = defaultUserQuota
# 0 means unlimited.
domainQuotaSize, domainQuotaUnit = domainAccountSetting.get(
'domainQuota', '0:GB').split(':')
if int(domainQuotaSize) == 0:
# Unlimited.
self.quota = self.mailQuota
else:
# Get domain quota, convert to MB.
if domainQuotaUnit == 'TB':
domainQuota = int(domainQuotaSize) * 1024 * 1024 # TB
elif domainQuotaUnit == 'GB':
domainQuota = int(domainQuotaSize) * 1024 # GB
else:
domainQuota = int(domainQuotaSize) # MB
# TODO Query whole domain and calculate current quota size, not read from domain profile.
#domainCurrentQuotaSize = int(domainProfile[0][1].get('domainCurrentQuotaSize', ['0'])[0]) / (1024*1024)
result = connutils.getDomainCurrentQuotaSizeFromLDAP(
domain=self.domain)
if result[0] is True:
domainCurrentQuotaSize = result[1]
else:
domainCurrentQuotaSize = 0
# Spare quota.
domainSpareQuotaSize = domainQuota - domainCurrentQuotaSize / (
1024 * 1024)
if domainSpareQuotaSize <= 0:
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
# Get FINAL mailbox quota.
if self.mailQuota == 0:
self.quota = domainSpareQuotaSize
else:
if domainSpareQuotaSize > self.mailQuota:
self.quota = self.mailQuota
else:
self.quota = domainSpareQuotaSize
# Get default groups.
self.groups = [
web.safestr(v)
for v in domainAccountSetting.get('defaultList', '').split(',')
if iredutils.isEmail(v)
]
self.defaultStorageBaseDirectory = domainAccountSetting.get(
'defaultStorageBaseDirectory', None)
# Get default mail list which set in domain accountSetting.
ldif = iredldif.ldif_mailuser(
domain=self.domain,
aliasDomains=self.aliasDomains,
username=self.username,
cn=self.cn,
passwd=self.passwd,
quota=self.quota,
groups=self.groups,
storageBaseDirectory=self.defaultStorageBaseDirectory,
)
if attrs.RDN_USER == 'mail':
self.dn = ldaputils.convKeywordToDN(self.mail, accountType='user')
elif attrs.RDN_USER == 'cn':
self.dn = 'cn=' + self.cn + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \
ldaputils.convKeywordToDN(self.domain, accountType='domain')
elif attrs.RDN_USER == 'uid':
self.dn = 'uid=' + self.username + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \
ldaputils.convKeywordToDN(self.domain, accountType='domain')
else:
return (False, 'UNSUPPORTED_USER_RDN')
try:
self.conn.add_s(
ldap.filter.escape_filter_chars(self.dn),
ldif,
)
web.logger(
msg="Create user: %s." % (self.mail),
domain=self.domain,
event='create',
)
return (True, )
except ldap.ALREADY_EXISTS:
return (False, 'ALREADY_EXISTS')
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus', accountStatus)]
elif self.profile_type == 'password':
# Get password length from @domainAccountSetting.
minPasswordLength = domainAccountSetting.get(
'minPasswordLength', cfg.general.get('min_passwd_length', '0'))
maxPasswordLength = domainAccountSetting.get(
'maxPasswordLength', cfg.general.get('max_passwd_length', '0'))
# Get new passwords from user input.
self.newpw = str(data.get('newpw', None))
self.confirmpw = str(data.get('confirmpw', None))
result = iredutils.verifyNewPasswords(
newpw=self.newpw,
confirmpw=self.confirmpw,
min_passwd_length=minPasswordLength,
max_passwd_length=maxPasswordLength,
)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
mod_attrs += [(ldap.MOD_REPLACE, 'userPassword', self.passwd)]
else:
return result
try:
self.conn.modify_s(self.dn, mod_attrs)
return (True, )
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))