def set_realm(realm, resolvers=None, priority=None): """ It takes a list of resolvers and adds these to the realm. If the realm does not exist, it is created. If the realm exists, the old resolvers are removed and the new ones are added. :param realm: an existing or a new realm :param resolvers: names of resolvers :type resolvers: list :param priority: The priority of the resolvers in the realm :type priority: dict, with resolver names as keys :return: tuple of lists of added resolvers and resolvers, that could not be added """ if resolvers is None: resolvers = [] added = [] failed = [] priority = priority or {} realm_created = False realm = realm.lower().strip() realm = realm.replace(" ", "-") nameExp = "^[A-Za-z0-9_\-\.]*$" sanity_name_check(realm, nameExp) # create new realm if it does not exist R = Realm.query.filter_by(name=realm).first() if not R: R = Realm(realm) R.save() realm_created = True if not realm_created: # delete old resolvers oldResos = ResolverRealm.query.filter_by(realm_id=R.id) for oldReso in oldResos: oldReso.delete() # assign the resolvers for reso_name in resolvers: reso_name = reso_name.strip() Reso = Resolver.query.filter_by(name=reso_name).first() if Reso: ResolverRealm(Reso.id, R.id, priority=priority.get(reso_name)).save() added.append(reso_name) else: failed.append(reso_name) # if this is the first realm, make it the default if Realm.query.count() == 1: r = Realm.query.filter_by(name=realm).first() r.default = True save_config_timestamp() db.session.commit() return (added, failed)
def test_24_sanity_name_check(self): self.assertTrue(sanity_name_check('Hello_World')) with self.assertRaisesRegexp(Exception, "non conformant characters in the name"): sanity_name_check('Hello World!') self.assertTrue(sanity_name_check('Hello World', name_exp='^[A-Za-z\\ ]+$')) with self.assertRaisesRegexp(Exception, "non conformant characters in the name"): sanity_name_check('Hello_World', name_exp='^[A-Za-z]+$')
def save_resolver(params): """ create a new resolver from request parameters and save the resolver in the database. If the resolver already exist, it is updated. If you update a resolver, you do not need to provide all parameters. Parameters you do not provide are left untouched. When updating a resolver you must not change the type! You do not need to specify the type, but if you specify a wrong type, it will produce an error. :param params: request parameters like "name" and "type" and the configuration parameters of the resolver config. :type params: dict :return: the database ID of the resolver :rtype: int """ # before we create the resolver in the database, we need to check # for the name and type thing... resolvername = getParam(params, 'resolver', required) resolvertype = getParam(params, 'type', required) update_resolver = False # check the name sanity_name_check(resolvername) # check the type resolvertypes = get_resolver_types() if resolvertype not in resolvertypes: raise Exception("resolver type : {0!s} not in {1!s}".format( resolvertype, unicode(resolvertypes))) # check the name resolvers = get_resolver_list(filter_resolver_name=resolvername) for r_name, resolver in resolvers.items(): if resolver.get("type") == resolvertype: # We found the resolver with the same name and the same type, # So we will update this resolver update_resolver = True else: raise Exception( "resolver with similar name and other type already " "exists: %s" % r_name) # create a dictionary for the ResolverConfig resolver_config = get_resolver_config_description(resolvertype) config_description = resolver_config.get(resolvertype).get('config', {}) types = {} desc = {} data = {} for k in params: if k not in ['resolver', 'type']: if k.startswith('type.') is True: key = k[len('type.'):] types[key] = params.get(k) elif k.startswith('desc.') is True: key = k[len('desc.'):] desc[key] = params.get(k) else: data[k] = params.get(k) if k in config_description: types[k] = config_description.get(k) else: log.warn("the passed key %r is not a " "parameter for the resolver %r" % (k, resolvertype)) # Check that there is no type or desc without the data itself. # i.e. if there is a type.BindPW=password, then there must be a # BindPW=.... _missing = False for t in types: if t not in data: _missing = True for t in desc: if t not in data: _missing = True if _missing: raise Exception( "type or description without necessary data! {0!s}".format( unicode(params))) # Everything passed. So lets actually create the resolver in the DB if update_resolver: resolver_id = Resolver.query.filter( func.lower(Resolver.name) == resolvername.lower()).first().id else: resolver = Resolver(params.get("resolver"), params.get("type")) resolver_id = resolver.save() # create the config for key, value in data.items(): if types.get(key) == "password": value = encryptPassword(value) ResolverConfig(resolver_id=resolver_id, Key=key, Value=value, Type=types.get(key, ""), Description=desc.get(key, "")).save() return resolver_id
def save_resolver(params): """ create a new resolver from request parameters and save the resolver in the database. If the resolver already exist, it is updated. If you update a resolver, you do not need to provide all parameters. Parameters you do not provide are left untouched. When updating a resolver you must not change the type! You do not need to specify the type, but if you specify a wrong type, it will produce an error. :param params: request parameters like "name" and "type" and the configuration parameters of the resolver config. :type params: dict :return: the database ID of the resolver :rtype: int """ # before we create the resolver in the database, we need to check # for the name and type thing... resolvername = getParam(params, 'resolver', required) resolvertype = getParam(params, 'type', required) update_resolver = False # check the name sanity_name_check(resolvername) # check the type resolvertypes = get_resolver_types() if resolvertype not in resolvertypes: raise Exception("resolver type : {0!s} not in {1!s}".format(resolvertype, unicode(resolvertypes))) # check the name resolvers = get_resolver_list(filter_resolver_name=resolvername) for r_name, resolver in resolvers.items(): if resolver.get("type") == resolvertype: # We found the resolver with the same name and the same type, # So we will update this resolver update_resolver = True else: raise Exception("resolver with similar name and other type already " "exists: %s" % r_name) # create a dictionary for the ResolverConfig resolver_config = get_resolver_config_description(resolvertype) config_description = resolver_config.get(resolvertype).get('config', {}) types = {} desc = {} data = {} for k in params: if k not in ['resolver', 'type']: if k.startswith('type.') is True: key = k[len('type.'):] types[key] = params.get(k) elif k.startswith('desc.') is True: key = k[len('desc.'):] desc[key] = params.get(k) else: data[k] = params.get(k) if k in config_description: types[k] = config_description.get(k) else: log.warn("the passed key %r is not a " "parameter for the resolver %r" % (k, resolvertype)) # Check that there is no type or desc without the data itself. # i.e. if there is a type.BindPW=password, then there must be a # BindPW=.... _missing = False for t in types: if t not in data: _missing = True for t in desc: if t not in data: _missing = True if _missing: raise Exception("type or description without necessary data! {0!s}".format( unicode(params))) # Everything passed. So lets actually create the resolver in the DB if update_resolver: resolver_id = Resolver.query.filter(func.lower(Resolver.name) == resolvername.lower()).first().id else: resolver = Resolver(params.get("resolver"), params.get("type")) resolver_id = resolver.save() # create the config for key, value in data.items(): if types.get(key) == "password": value = encryptPassword(value) ResolverConfig(resolver_id=resolver_id, Key=key, Value=value, Type=types.get(key, ""), Description=desc.get(key, "")).save() # Remove corresponding entries from the user cache delete_user_cache(resolver=resolvername) return resolver_id
def save_caconnector(params): """ Create a new CA connector from the given parameters and save it to the database. If the CA Connector already exists, it is updated. For updating some attributes of an existing CA connector you do not need to pass all attributes again, but only those, which should be changed. When updating the CA connector the type must not be changed, since another type might require different attributes. :param params: request parameters like "caconnector" (name) and "type" and the specific attributes of the ca connector. :type params: dict :return: the database ID of the CA connector :rtype: int """ # before we create the resolver in the database, we need to check # for the name and type thing... connector_name = getParam(params, 'caconnector', required) connector_type = getParam(params, 'type', required) update_connector = False sanity_name_check(connector_name) # check the type if connector_type not in get_caconnector_types(): raise Exception("connector type : {0!s} not in {1!s}".format( connector_type, unicode(get_caconnector_types()))) # check the name connectors = get_caconnector_list(filter_caconnector_name=connector_name) for connector in connectors: if connector.get("type") == connector_type: # There is a CA connector with the same name, so we will update # the CA Connector config update_connector = True else: # pragma: no cover raise Exception("CA Connector with similar name and other type " "already exists: %s" % connector_name) # create a dictionary for the ResolverConfig connector_config = get_caconnector_config_description(connector_type) config_description = connector_config.get(connector_type, {}) data, types, desc = get_data_from_params(params, ["caconnector", "type"], config_description, "CA connector", connector_type) # Everything passed. So lets actually create the CA Connector in the DB if update_connector: connector_id = CAConnector.query.filter( func.lower(CAConnector.name) == connector_name.lower()).first().id else: db_connector = CAConnector(params.get("caconnector"), params.get("type")) connector_id = db_connector.save() # create the config for key, value in data.items(): if types.get(key) == "password": value = encryptPassword(value) CAConnectorConfig(caconnector_id=connector_id, Key=key, Value=value, Type=types.get(key, ""), Description=desc.get(key, "")).save() return connector_id
def save_resolver(params): """ create a new machine resolver from request parameters and save the machine resolver in the database. If the machine resolver already exist, it is updated. If you update machine resolver, you do not need to provide all parameters. Parameters you do not provide are left untouched. When updating a resolver you must not change the type! You do not need to specify the type, but if you specify a wrong type, it will produce an error. :param params: request parameters like "name" and "type" and the configuration parameters of the resolver config. :type params: dict :return: the database ID of the resolver :rtype: int """ # before we create the resolver in the database, we need to check # for the name and type. resolvername = getParam(params, 'name', required) resolvertype = getParam(params, 'type', required) update_resolver = False # check the name sanity_name_check(resolvername) # check the type (class_dict, type_dict) = get_machine_resolver_class_dict() if resolvertype not in type_dict.values(): raise Exception("machine resolver type : %s not in %s" % (resolvertype, type_dict.values())) # check the name resolvers = get_resolver_list(filter_resolver_name=resolvername) for r_name, resolver in resolvers.items(): if resolver.get("type") == resolvertype: # We found the resolver with the same name and the same type, # So we will update this resolver update_resolver = True else: # pragma: no cover raise Exception("machine resolver with similar name and other type " "already exists: %s" % r_name) # create a dictionary for the ResolverConfig resolver_config = get_resolver_config_description(resolvertype) config_description = resolver_config.get(resolvertype, {}).get('config', {}) data, types, desc = get_data_from_params(params, ["name", "type"], config_description, "machine resolver", resolvertype) # Everything passed. So lets actually create the resolver in the DB if update_resolver: resolver_id = MachineResolver.query.filter(func.lower( MachineResolver.name) == resolvername.lower()).first().id else: resolver = MachineResolver(params.get("name"), params.get("type")) resolver_id = resolver.save() # create the config for key, value in data.items(): if types.get(key) == "password": value = encryptPassword(value) MachineResolverConfig(resolver_id=resolver_id, Key=key, Value=value, Type=types.get(key, ""), Description=desc.get(key, "")).save() return resolver_id
def save_resolver(params): """ create a new machine resolver from request parameters and save the machine resolver in the database. If the machine resolver already exist, it is updated. If you update machine resolver, you do not need to provide all parameters. Parameters you do not provide are left untouched. When updating a resolver you must not change the type! You do not need to specify the type, but if you specify a wrong type, it will produce an error. :param params: request parameters like "name" and "type" and the configuration parameters of the resolver config. :type params: dict :return: the database ID of the resolver :rtype: int """ # before we create the resolver in the database, we need to check # for the name and type. resolvername = getParam(params, 'name', required) resolvertype = getParam(params, 'type', required) update_resolver = False # check the name sanity_name_check(resolvername) # check the type (class_dict, type_dict) = get_machine_resolver_class_dict() if resolvertype not in type_dict.values(): raise Exception("machine resolver type : %s not in %s" % (resolvertype, type_dict.values())) # check the name resolvers = get_resolver_list(filter_resolver_name=resolvername) for r_name, resolver in resolvers.items(): if resolver.get("type") == resolvertype: # We found the resolver with the same name and the same type, # So we will update this resolver update_resolver = True else: # pragma: no cover raise Exception( "machine resolver with similar name and other type " "already exists: %s" % r_name) # create a dictionary for the ResolverConfig resolver_config = get_resolver_config_description(resolvertype) config_description = resolver_config.get(resolvertype, {}).get('config', {}) data, types, desc = get_data_from_params(params, ["name", "type"], config_description, "machine resolver", resolvertype) # Everything passed. So lets actually create the resolver in the DB if update_resolver: resolver_id = MachineResolver.query.filter( func.lower(MachineResolver.name) == resolvername.lower()).first().id else: resolver = MachineResolver(params.get("name"), params.get("type")) resolver_id = resolver.save() # create the config for key, value in data.items(): if types.get(key) == "password": value = encryptPassword(value) MachineResolverConfig(resolver_id=resolver_id, Key=key, Value=value, Type=types.get(key, ""), Description=desc.get(key, "")).save() return resolver_id
def save_resolver(params): """ create a new resolver from request parameters and save the resolver in the database. If the resolver already exist, it is updated. If you update a resolver, you do not need to provide all parameters. Parameters you do not provide are left untouched. When updating a resolver you must not change the type! You do not need to specify the type, but if you specify a wrong type, it will produce an error. :param params: request parameters like "name" and "type" and the configuration parameters of the resolver config. :type params: dict :return: the database ID of the resolver :rtype: int """ # before we create the resolver in the database, we need to check # for the name and type thing... resolvername = getParam(params, 'resolver', required) resolvertype = getParam(params, 'type', required) update_resolver = False # check the name sanity_name_check(resolvername) # check the type resolvertypes = get_resolver_types() if resolvertype not in resolvertypes: raise Exception("resolver type : {0!s} not in {1!s}".format( resolvertype, str(resolvertypes))) # check the name resolvers = get_resolver_list(filter_resolver_name=resolvername) for r_name, resolver in resolvers.items(): if resolver.get("type") == resolvertype: # We found the resolver with the same name and the same type, # So we will update this resolver update_resolver = True else: raise Exception( "resolver with similar name and other type already " "exists: %s" % r_name) # create a dictionary for the ResolverConfig resolver_config = get_resolver_config_description(resolvertype) config_description = resolver_config.get(resolvertype).get('config', {}) data, types, desc = get_data_from_params(params, ['resolver', 'type'], config_description, resolvertype, resolvername) # Everything passed. So lets actually create the resolver in the DB if update_resolver: resolver_id = Resolver.query.filter( func.lower(Resolver.name) == resolvername.lower()).first().id else: resolver = Resolver(params.get("resolver"), params.get("type")) resolver_id = resolver.save() # create the config for key, value in data.items(): if types.get(key) == "password": if value == CENSORED: continue else: value = encryptPassword(value) ResolverConfig(resolver_id=resolver_id, Key=key, Value=value, Type=types.get(key, ""), Description=desc.get(key, "")).save() # Remove corresponding entries from the user cache delete_user_cache(resolver=resolvername) return resolver_id
def save_caconnector(params): """ Create a new CA connector from the given parameters and save it to the database. If the CA Connector already exists, it is updated. For updating some attributes of an existing CA connector you do not need to pass all attributes again, but only those, which should be changed. When updating the CA connector the type must not be changed, since another type might require different attributes. :param params: request parameters like "caconnector" (name) and "type" and the specific attributes of the ca connector. :type params: dict :return: the database ID of the CA connector :rtype: int """ # before we create the resolver in the database, we need to check # for the name and type thing... connector_name = getParam(params, 'caconnector', required) connector_type = getParam(params, 'type', required) update_connector = False sanity_name_check(connector_name) # check the type if connector_type not in get_caconnector_types(): raise Exception("connector type : %s not in %s" % (connector_type, unicode(get_caconnector_types()))) # check the name connectors = get_caconnector_list(filter_caconnector_name=connector_name) for connector in connectors: if connector.get("type") == connector_type: # There is a CA connector with the same name, so we will update # the CA Connector config update_connector = True else: # pragma: no cover raise Exception("CA Connector with similar name and other type " "already exists: %s" % connector_name) # create a dictionary for the ResolverConfig connector_config = get_caconnector_config_description(connector_type) config_description = connector_config.get(connector_type, {}) data, types, desc = get_data_from_params(params, ["caconnector", "type"], config_description, "CA connector", connector_type) # Everything passed. So lets actually create the CA Connector in the DB if update_connector: connector_id = CAConnector.query.filter(func.lower(CAConnector.name) == connector_name.lower()).first().id else: db_connector = CAConnector(params.get("caconnector"), params.get("type")) connector_id = db_connector.save() # create the config for key, value in data.items(): if types.get(key) == "password": value = encryptPassword(value) CAConnectorConfig(caconnector_id=connector_id, Key=key, Value=value, Type=types.get(key, ""), Description=desc.get(key, "")).save() return connector_id