def delete_ou(name):
__validate(name)
try:
conn = ldaphelper.open()
conn.delete_s(ldaphelper.get_container_dn(name))
except ldap.NO_SUCH_OBJECT:
raise NotFound(msg='OU delete not found:' + name,
id=global_ids.CNTR_NOT_FOUND)
except ldap.LDAPError as e:
raise RbacError(msg='OU delete failed result=' + str(e),
id=global_ids.CNTR_DELETE_FAILED)
except Exception as e:
raise RbacError(msg='OU delete error=' + str(e),
id=global_ids.CNTR_DELETE_FAILED)
def create_ou(name, desc=None):
__validate(name)
try:
attrs = {}
attrs.update({'objectClass': OU_OCS})
attrs.update({OU_NAME: name})
if not desc:
desc = 'py-fortress Container ' + name
attrs.update({global_ids.DESC: desc})
conn = ldaphelper.open()
conn.add_s(ldaphelper.get_container_dn(name), add_to_modlist(attrs))
except Exception as e:
raise RbacError(msg='OU create error=' + str(e),
id=global_ids.CNTR_CREATE_FAILED)
except ldap.ALREADY_EXISTS:
raise NotUnique(msg='OU create failed, already exists:' + name,
id=global_ids.CNTR_ALREADY_EXISTS)
except ldap.LDAPError as e:
raise RbacError(msg='OU create failed result=' + str(e),
id=global_ids.CNTR_CREATE_FAILED)
PW = 'userPassword'
ROLES = 'ftra'
PW_POLICY = 'pwdPolicySubentry'
ROLE_CONSTRAINTS = 'ftRC'
DISPLAY_NAME = 'displayName'
EMPLOYEE_TYPE = 'employeeType'
TITLE = 'title'
TELEPHONE_NUMBER = 'telephoneNumber'
MOBILE = 'mobile'
MAIL = 'mail'
IS_RESET = 'pwdReset'
LOCKED_TIME = 'pwdAccountLockedTime'
IS_SYSTEM = 'ftSystem'
DEPT_NUM = 'departmentNumber'
LOCATION = 'l'
PHYSICAL_OFFICE_NM = 'physicalDeliveryOfficeName'
POSTAL_CODE = 'postalCode'
RM_NUM = 'roomNumber'
SEARCH_ATTRS = [
global_ids.UID, global_ids.OU, global_ids.INTERNAL_ID, ROLES,
ROLE_CONSTRAINTS, PW_POLICY, global_ids.CONSTRAINT, global_ids.CN,
global_ids.SN, global_ids.DESC, DISPLAY_NAME, EMPLOYEE_TYPE, TITLE,
TELEPHONE_NUMBER, MOBILE, MAIL, IS_RESET, LOCKED_TIME, IS_SYSTEM,
global_ids.PROPS, DEPT_NUM, PHYSICAL_OFFICE_NM, POSTAL_CODE, RM_NUM,
LOCATION
]
CONTAINER_DN = ldaphelper.get_container_dn(global_ids.USER_OU)