def settings_set(conninfo,
credentials,
bind_uri,
base_dn,
ldap_schema='RFC2307',
user='',
password='',
gids_extension=False,
encrypt_connection=True,
ldap_schema_description=None):
method = 'PUT'
uri = '/v1/ldap/settings'
settings = {
'bind_uri': util.check_ascii(bind_uri, 'bind_uri'),
'base_dn': util.check_unicode(base_dn, 'base_dn'),
'ldap_schema': util.check_ascii(ldap_schema, 'ldap_schema'),
'user': util.check_unicode(user, 'user'),
'gids_extension': gids_extension,
'encrypt_connection': encrypt_connection,
}
if password is not None:
settings['password'] = util.check_unicode(password, 'password')
if ldap_schema_description is not None:
settings['ldap_schema_description'] = ldap_schema_description
return request.rest_request(conninfo,
credentials,
method,
uri,
body=settings)
def add_user(
conninfo, credentials, name, primary_group, uid, home_directory=None):
method = "POST"
uri = "/v1/users/"
user_info = {
'name': util.check_unicode(name, 'username'),
'primary_group': str(primary_group),
'uid': '' if uid is None else str(uid),
'home_directory': util.check_unicode(home_directory, 'home_directory'),
}
return request.rest_request(
conninfo, credentials, method, uri, body=user_info)
def add_user_mapping_from_args(entry, args, must_set=True):
'''
@p must_set indicates whether it is mandatory that a user mapping be
set. This would be False when modifying an entry that already has
squashing enabled, in which case the anon user is already set and it is
not necessary to change it.
'''
if must_set and not (args.anon_local or (args.anon_uid is not None)):
raise ValueError(
"Must specify an anonymous identity when enabling squashing.")
if args.anon_local and (args.anon_gid is not None):
raise ValueError("Cannot specify both --anon-local and --anon-gid.")
if args.anon_local:
entry.map_to_user = {
'id_type': 'LOCAL_USER',
'id_value': util.check_unicode(args.anon_local, 'anon local')
}
if 'map_to_group' in entry.dictionary():
del entry.map_to_group
elif args.anon_uid is not None:
if args.anon_gid is None:
raise ValueError(
"Must provide --anon-gid when --anon-uid is given.")
entry.map_to_user = {
'id_type': 'NFS_UID',
'id_value': str(args.anon_uid)
}
entry.map_to_group = {
'id_type': 'NFS_GID',
'id_value': str(args.anon_gid)
}
def set_user_password(conninfo, credentials, user_id, new_password):
user_id = int(user_id)
new_password = util.check_unicode(new_password, 'password')
method = "POST"
uri = "/v1/users/%d/setpassword" % user_id
body = { 'new_password' : new_password }
return request.rest_request(conninfo, credentials, method, uri, body=body)
def modify_user(conninfo, credentials, user_id, name, primary_group,
uid, home_directory=None, if_match=None):
user_id = int(user_id)
if_match = if_match if if_match is None else str(if_match)
method = "PUT"
uri = "/v1/users/%d" % user_id
user_info = {
'id': str(user_id),
'name': util.check_unicode(name, 'username'),
'primary_group': str(primary_group),
'uid': '' if uid is None else str(uid),
'home_directory': util.check_unicode(home_directory, 'home_directory'),
}
return request.rest_request(
conninfo, credentials, method, uri, body=user_info, if_match=if_match)
def add_group(conninfo, credentials, name, gid):
gid = gid if gid is None else str(gid)
method = "POST"
uri = "/v1/groups/"
group_info = {
'name': util.check_unicode(name, 'group name'),
'gid': gid if gid is not None else '',
}
return request.rest_request(conninfo, credentials, method, uri,
body=group_info)
def settings_set_v2(conninfo,
credentials,
bind_uri,
base_distinguished_names,
use_ldap=False,
user='',
password='',
encrypt_connection=True,
ldap_schema='RFC2307',
ldap_schema_description=None):
method = 'PUT'
uri = '/v2/ldap/settings'
settings = {
'use_ldap':
use_ldap,
'bind_uri':
util.check_ascii(bind_uri, 'bind_uri'),
'base_distinguished_names':
util.check_unicode(base_distinguished_names,
'base_distinguished_names'),
'ldap_schema':
util.check_ascii(ldap_schema, 'ldap_schema'),
'user':
util.check_unicode(user, 'user'),
'encrypt_connection':
encrypt_connection,
}
if password is not None:
settings['password'] = util.check_unicode(password, 'password')
if ldap_schema_description is not None:
settings['ldap_schema_description'] = ldap_schema_description
return request.rest_request(conninfo,
credentials,
method,
uri,
body=settings)
def get_user_id(conninfo, credentials, value):
# First, try to parse as an integer
try:
return request.RestResponse(int(value), 'etag')
except ValueError:
pass
value = util.check_unicode(value, 'user_name')
# Second, look up the user by name
data, etag = list_users(conninfo, credentials)
for user in data:
if user['name'] == value:
return request.RestResponse(int(user['id']), etag)
raise ValueError('Unable to convert "%s" to a user id' % value)
def modify_group(conninfo, credentials, group_id, name, gid, if_match=None):
group_id = int(group_id)
name = util.check_unicode(name, 'group_name')
gid = gid if gid is None else str(gid)
if_match = if_match if if_match is None else str(if_match)
method = "PUT"
uri = "/v1/groups/%d" % group_id
group_info = {
'id': str(group_id),
'name': name,
'gid': gid if gid is not None else '',
}
return request.rest_request(conninfo, credentials, method, uri,
body=group_info, if_match=if_match)
