def rm(self): """Delete the group""" if not self.in_db: raise "Cannot delete group - doesn't exist" else: get_conn().delete_s(self.dn) self.in_db = False return True
def __update(self): """Update the user in the database""" modlist = [] for prop in self.changed_props: modlist.append((ldap.MOD_REPLACE, prop, self.props[prop])) get_conn().modify_s(self.dn, modlist) self.changed_props = [] return True
def delete(self): """Deletes the user with the specified username""" if not self.in_db: raise "Cannot delete user - doesn't exist in database" else: get_conn().delete_s(self.dn) self.in_db = False return True
def set_passwd(self, old=None, new=None): if not self.in_db: return False if old == None: # Modify operation on the db (don't know old pass) return self.__mod_passwd(new) else: get_conn().passwd_s(self.dn, old, new) return True
def bind(self, p): if self.in_db: sr_ldap.unbind() try: get_conn().bind_s(self.dn, p) except ldap.INVALID_CREDENTIALS, ldap.LDAPError: return False return True
def __update(self): if len(self.new_users) == 0 and len(self.removed_users) == 0: return True modlist = [(ldap.MOD_REPLACE, "memberUid", self.members)] get_conn().modify_s(self.dn, modlist) self.new_users = [] self.removed_users = []
def __save_new(self): """Save the user as a new item in the database""" modlist = [] for prop in self.props: modlist.append((prop, self.props[prop])) get_conn().add_s(self.dn, modlist) self.in_db = True self.changed_props = [] return True
def __save_new(self): modlist = [("objectClass", "posixGroup"), ("cn", self.name), ("gidNumber", str(self.gid))] if len(self.members) > 0: modlist.append(("memberUid", self.members)) get_conn().add_s(self.dn, modlist) self.in_db = True self.new_users = [] self.removed_users = [] return True
def list(): sr_ldap.bind() u_res = get_conn().search_st("ou=users,o=sr", ldap.SCOPE_ONELEVEL, filterstr="(objectClass=inetOrgPerson)", attrlist=["uid"]) users = [x[1]["uid"][0] for x in u_res] return users
def list(): sr_ldap.bind() g_res = get_conn().search_st("ou=groups,o=sr", ldap.SCOPE_ONELEVEL, filterstr="(objectClass=posixGroup)") groups = [x[1]["cn"][0] for x in g_res] return groups
def __load( self, username ): info = get_conn().search_st( "ou=users,o=sr", ldap.SCOPE_ONELEVEL, filterstr="(&(objectClass=inetOrgPerson)(uid=%s))" % (username) ) if len(info) == 1: self.dn = info[0][0] self.props = info[0][1] return True else: return False
def groups(self): """Returns a list of the groups the user is in""" filter = "(&(objectClass=posixGroup)(memberUid=%s))" % (self.username) res = get_conn().search_st("ou=groups,o=sr", ldap.SCOPE_ONELEVEL, filterstr=filter, attrlist=["cn"]) groups = [x[1]["cn"][0] for x in res] return groups
def __get_new_uidNumber(self): """Finds the next available UID""" users = get_conn().search_st("ou=users,o=sr", ldap.SCOPE_ONELEVEL, filterstr="(objectClass=inetOrgPerson)", attrlist=["uidNumber"]) uids = [] for uid in [int(x[1]["uidNumber"][0]) for x in users]: uids.append(uid) uid = 2000 while uid in uids: uid += 1 return uid
def __load(self, name): info = get_conn().search_st( "ou=groups,o=sr", ldap.SCOPE_ONELEVEL, filterstr="(&(objectClass=posixGroup)(cn=%s))" % (name)) if len(info) == 1: self.dn = info[0][0] self.gid = info[0][1]["gidNumber"] if "memberUid" in info[0][1].keys(): self.members = info[0][1]["memberUid"] else: self.members = [] return True else: return False
def __get_new_gidNumber(self): """Finds the next available GID""" groups = get_conn().search_st("ou=groups,o=sr", ldap.SCOPE_ONELEVEL, filterstr="(objectClass=posixGroup)", attrlist=["gidNumber"]) gids = [] for gid in [int(x[1]["gidNumber"][0]) for x in groups]: gids.append(gid) gid = 3000 while gid in gids: gid += 1 return gid
def __mod_passwd(self, p): modlist = [(ldap.MOD_REPLACE, "userPassword", encode_pass(p))] get_conn().modify_s(self.dn, modlist) return True