def get_object_real( self, module, dn ): if self._cached.has_key( dn ): return self._cached[ dn ] if isinstance( module, basestring ): if self._modules.has_key( module ): module = self._modules[ module ] else: name = module module = ua_modules.get( name ) ua_modules.init( self._access, self._position, module ) self._modules[ name ] = module elif module == None: module = self.identify( dn ) if not module: return None ua_modules.init( self._access, self._position, module ) new = ua_objects.get( module, self._config, self._access, position = self._position, dn = dn ) # if the object is not valid it should be displayed as an empty object try: new.open() except Exception, e: # write the traceback in the logfile import traceback ud.debug( ud.ADMIN, ud.ERROR, 'The object %s could not be opened' % dn ) try: tb = traceback.format_exc().encode( 'ascii', 'replace' ).replace( '%', '?' ) # this might fail because of problems with univention.debug ud.debug( ud.ADMIN, ud.ERROR, 'Traceback: %s' % tb ) except: pass
def get( self, name, template_object = None, force_reload = False, ldap_connection = None, ldap_position = None ): UDM_ModuleCache.lock.acquire() try: if name in self and not force_reload: return self[ name ] self[ name ] = udm_modules.get( name ) if self[ name ] is None: return None udm_modules.init( ldap_connection, ldap_position, self[ name ], template_object, force_reload=force_reload ) return self[ name ] finally: UDM_ModuleCache.lock.release()
def __init_users_module():
__set_users_module()
try:
# make sure that the UDM users/user module could be initiated
if not users_module:
raise udm_errors.base('UDM module users/user could not be initiated')
global __udm_users_module_initialised
if not __udm_users_module_initialised:
# initiate the users/user UDM module
lo, po = get_machine_connection()
udm_modules.init(lo, po, users_module)
__udm_users_module_initialised = True
except (udm_errors.base, LDAPError) as exc:
CORE.warn('%s' % (exc,))
def __init__( self, username, password ):
global users_module
self.__username = username
self.__password = password
self.__user_dn = None
signals.Provider.__init__( self )
self.core_i18n = Translation( 'univention-management-console' )
self.i18n = I18N_Manager()
self.i18n[ 'umc-core' ] = I18N()
# stores the module processes [ modulename ] = <>
self.__processes = {}
self.__killtimer = {}
lo = ldap.open( ucr[ 'ldap/server/name' ], int( ucr.get( 'ldap/server/port', 7389 ) ) )
try:
# get LDAP connection with machine account
self.lo, self.po = udm_uldap.getMachineConnection( ldap_master = False )
# get the LDAP DN of the authorized user
ldap_dn = self.lo.searchDn( '(&(uid=%s)(objectClass=posixAccount))' % self.__username )
if ldap_dn:
self.__user_dn = ldap_dn[ 0 ]
CORE.info( 'The LDAP DN for user %s is %s' % ( self.__username, self.__user_dn ) )
else:
CORE.info( 'The LDAP DN for user %s could not be found' % self.__username )
# initiate the users/user UDM module
udm_modules.update()
users_module = udm_modules.get('users/user')
udm_modules.init(self.lo, self.po, users_module)
except ( ldap.LDAPError, IOError ) as e:
# problems connection to LDAP server or the server is not joined (machine.secret is missing)
CORE.warn('An error occurred connecting to the LDAP server: %s' % e)
self.lo = None
users_module = None
except udm_errors.base as e:
# UDM error, user module coule not be initiated
CORE.warn('An error occurred intializing the UDM users/user module: %s' % e)
users_module = None
# read the ACLs
self.acls = LDAP_ACLs( self.lo, self.__username, ucr[ 'ldap/base' ] )
self.__command_list = moduleManager.permitted_commands( ucr[ 'hostname' ], self.acls )
self.signal_new( 'response' )
def init_udm_module(cls, lo):
if cls._meta.udm_module in cls._initialized_udm_modules:
return
pos = udm_uldap.position(lo.base)
udm_modules.init(lo, pos, udm_modules.get(cls._meta.udm_module))
cls._initialized_udm_modules.append(cls._meta.udm_module)
def _get_module(self):
modules.update()
module_name = "computers/%(server/role)s" % self.changeset.ucr
self.module = modules.get(module_name)
modules.init(self.ldap, self.position, self.module)
def _get_module(module, lo, pos):
mod = udm_modules.get(module)
if module not in _initialized:
udm_modules.init(lo, pos, mod)
_initialized.add(module)
return mod
def _find_dhcp_service(self):
dhcp_module = modules.get("dhcp/service")
modules.init(self.ldap, self.position, dhcp_module)
dhcp_services = dhcp_module.lookup(None, self.ldap, None)
if dhcp_services:
return dhcp_services[0].dn
lo, position = uldap.getAdminConnection()
co = config.config()
ucr = univention.config_registry.ConfigRegistry()
ucr.load()
base = ucr.get('ldap/base')
cusers = 5000
cgroups = 1050
cuseringroups = 50
cgroupsForTestUser = 50
username = "******"
groupname = "testgroup"
modules.update()
users = modules.get('users/user')
modules.init(lo, position, users)
groups = modules.get('groups/group')
modules.init(lo, position, groups)
for i in range(0, cusers):
name = "%s%s" % (username, i)
if not users.lookup(co, lo, "uid=%s" % name):
user = users.object(co, lo, position)
user.open()
user["lastname"] = name
user["password"] = "******"
user["username"] = name
user.create()
for i in range(0, cgroups):
name = "%s%s" % (groupname, i)
def handler(dn, new, old):
"""Handle UDM extension modules"""
if new:
ocs = new.get('objectClass', [])
univentionUCSVersionStart = new.get('univentionUCSVersionStart', [None])[0]
univentionUCSVersionEnd = new.get('univentionUCSVersionEnd', [None])[0]
current_UCS_version = "%s-%s" % (listener.configRegistry.get('version/version'), listener.configRegistry.get('version/patchlevel'))
if univentionUCSVersionStart and UCS_Version(current_UCS_version) < UCS_Version(univentionUCSVersionStart):
ud.debug(ud.LISTENER, ud.INFO, '%s: extension %s requires at least UCR version %s.' % (name, new['cn'][0], univentionUCSVersionStart))
new = None
elif univentionUCSVersionEnd and UCS_Version(current_UCS_version) > UCS_Version(univentionUCSVersionEnd):
ud.debug(ud.LISTENER, ud.INFO, '%s: extension %s specifies compatibility only up to and including UCR version %s.' % (name, new['cn'][0], univentionUCSVersionEnd))
new = None
elif old:
ocs = old.get('objectClass', [])
if 'univentionUDMModule' in ocs:
objectclass = 'univentionUDMModule'
udm_module_name = 'settings/udm_module'
target_subdir = 'univention/admin/handlers'
elif 'univentionUDMHook' in ocs:
objectclass = 'univentionUDMHook'
udm_module_name = 'settings/udm_hook'
target_subdir = 'univention/admin/hooks.d'
elif 'univentionUDMSyntax' in ocs:
objectclass = 'univentionUDMSyntax'
udm_module_name = 'settings/udm_syntax'
target_subdir = 'univention/admin/syntax.d'
else:
ud.debug(ud.LISTENER, ud.ERROR, '%s: Undetermined error: unknown objectclass: %s.' % (name, ocs))
old_relative_filename = None
if old:
old_relative_filename = old.get('%sFilename' % objectclass)[0]
if new:
new_version = new.get('univentionOwnedByPackageVersion', [None])[0]
if not new_version:
return
new_pkgname = new.get('univentionOwnedByPackage', [None])[0]
if not new_pkgname:
return
if old: # check for trivial changes
diff_keys = [key for key in new.keys() if new.get(key) != old.get(key) and key not in ('entryCSN', 'modifyTimestamp', 'modifiersName')]
if diff_keys == ['%sActive' % objectclass] and new.get('%sActive' % objectclass)[0] == 'TRUE':
ud.debug(ud.LISTENER, ud.INFO, '%s: %s: activation status changed.' % (name, new['cn'][0]))
return
elif diff_keys == ['univentionAppIdentifier']:
ud.debug(ud.LISTENER, ud.INFO, '%s: %s: App identifier changed.' % (name, new['cn'][0]))
return
if new_pkgname == old.get('univentionOwnedByPackage', [None])[0]:
old_version = old.get('univentionOwnedByPackageVersion', ['0'])[0]
rc = apt.apt_pkg.version_compare(new_version, old_version)
if not rc > -1:
ud.debug(ud.LISTENER, ud.WARN, '%s: New version is lower than version of old object (%s), skipping update.' % (name, old_version))
return
# ok, basic checks passed, handle the data
try:
new_object_data = bz2.decompress(new.get('%sData' % objectclass)[0])
except TypeError:
ud.debug(ud.LISTENER, ud.ERROR, '%s: Error uncompressing data of object %s.' % (name, dn))
return
new_relative_filename = new.get('%sFilename' % objectclass)[0]
listener.setuid(0)
try:
if old_relative_filename and old_relative_filename != new_relative_filename:
remove_python_file(objectclass, target_subdir, old_relative_filename)
if not install_python_file(objectclass, target_subdir, new_relative_filename, new_object_data):
return
install_messagecatalog(dn, new, objectclass)
if objectclass == 'univentionUDMModule':
install_umcregistration(dn, new)
install_umcicons(dn, new)
finally:
listener.unsetuid()
elif old:
# ok, basic checks passed, handle the change
listener.setuid(0)
try:
remove_python_file(objectclass, target_subdir, old_relative_filename)
remove_messagecatalog(dn, old, objectclass)
if objectclass == 'univentionUDMModule':
remove_umcicons(dn, old)
remove_umcregistration(dn, old)
finally:
listener.unsetuid()
# Kill running univention-cli-server and mark new extension object active
listener.setuid(0)
try:
if new:
if not listener.configRegistry.get('server/role') == 'domaincontroller_master':
# Only set active flag on Master
return
try:
lo, ldap_position = udm_uldap.getAdminConnection()
udm_modules.update()
udm_module = udm_modules.get(udm_module_name)
udm_modules.init(lo, ldap_position, udm_module)
try:
udm_object = udm_module.object(None, lo, ldap_position, dn)
udm_object.open()
udm_object['active'] = True
udm_object.modify()
except udm_errors.ldapError as e:
ud.debug(ud.LISTENER, ud.ERROR, '%s: Error modifying %s: %s.' % (name, dn, e))
except udm_errors.noObject as e:
ud.debug(ud.LISTENER, ud.ERROR, '%s: Error modifying %s: %s.' % (name, dn, e))
except udm_errors.ldapError as e:
ud.debug(ud.LISTENER, ud.ERROR, '%s: Error accessing UDM: %s' % (name, e))
finally:
listener.unsetuid()
