def relock(lo, position, type, value, scope='domain', timeout=300):
"""
Extend a lock of an |UDM| object.
:param lo: |LDAP| connection.
:param position: |UDM| position specifying the |LDAP| base container.
:param type: A string describing the type of object, e.g. `user`.
:param value: A unique value for the object, e.g. `uid`.
:param scope: The scope for the lock, e.g. `domain`.
:param timeout: Number of seconds for the lock being valid.
:raises univention.admin.uexceptions.permissionDenied: if the lock time cannot be modified.
:raises univention.admin.uexceptions.noLock: if the lock was not acquired.
:returns: Number of seconds since the UNIX epoch until which the lock is acquired.
"""
_d = ud.function(
'admin.locking.relock type=%s value=%s scope=%s timeout=%d' %
(type, value, scope, timeout)) # noqa: F841
dn = lockDn(lo, position, type, value.decode('utf-8'), scope)
now = int(time.time())
if timeout > 0:
locktime = now + timeout
else:
locktime = 0
ml = [('lockTime', b'1', str(locktime).encode('ASCII'))]
try:
lo.modify(dn, ml, exceptions=True)
return locktime
except ldap.INSUFFICIENT_ACCESS:
raise univention.admin.uexceptions.permissionDenied(
_('Can not modify lock time of %r.') % (dn, ))
# locking failed
raise univention.admin.uexceptions.noLock(
_('The attribute %r could not get locked.') % (type, ))
def unmapMX(old):
_d = ud.function('admin.handlers.dns.host_record.unmapMX old=%s' %
str(old)) # noqa: F841
new = []
for i in old:
new.append(i.split(' '))
return new
def mapMX(old):
_d = ud.function('admin.handlers.dns.host_record.mapMX old=%s' %
str(old)) # noqa: F841
new = []
for i in old:
new.append(string.join(i, ' '))
return new
def mapMX(old, encoding=()):
_d = ud.function('admin.handlers.dns.host_record.mapMX old=%s' %
str(old)) # noqa: F841
new = []
for i in old:
new.append(u' '.join(i).encode(*encoding))
return new
def unmapMX(old, encoding=()):
_d = ud.function('admin.handlers.dns.host_record.unmapMX old=%s' %
str(old)) # noqa: F841
new = []
for i in old:
new.append(i.decode(*encoding).split(u' '))
return new
def lock(lo, position, type, value, scope='domain', timeout=300):
"""
Lock an |UDM| object.
:param lo: |LDAP| connection.
:param position: |UDM| position specifying the |LDAP| base container.
:param type: A string describing the type of object, e.g. `user`.
:param value: A unique value for the object, e.g. `uid`.
:param scope: The scope for the lock, e.g. `domain`.
:param timeout: Number of seconds for the lock being valid.
:raises univention.admin.uexceptions.permissionDenied: if the lock time cannot be modified.
:raises univention.admin.uexceptions.noLock: if the lock cannot be acquired.
:returns: Number of seconds since the UNIX epoch until which the lock is acquired.
"""
_d = ud.function(
'admin.locking.lock type=%s value=%s scope=%s timeout=%d' %
(type, value, scope, timeout)) # noqa: F841
dn = lockDn(lo, position, type, value.decode('utf-8'), scope)
now = int(time.time())
if timeout > 0:
locktime = now + timeout
else:
locktime = 0
al = [
('objectClass', [b'top', b'lock']),
('cn', [value]),
('lockTime', [str(locktime).encode('ascii')]),
]
if not lo.get(dn, ['lockTime']):
try:
lo.add(dn, al)
return locktime
except ldap.ALREADY_EXISTS:
pass
except univention.admin.uexceptions.permissionDenied:
raise univention.admin.uexceptions.permissionDenied(
_('Can not modify lock time of %r.') % (dn, ))
oldlocktime = lo.getAttr(dn, 'lockTime')
if oldlocktime and oldlocktime[0]:
oldlocktime = int(oldlocktime[0])
else:
oldlocktime = 0
# lock is old, try again
if oldlocktime > 0 and oldlocktime < now:
ml = [('lockTime', str(oldlocktime).encode('ascii'),
str(locktime).encode('ascii'))]
try:
lo.modify(dn, ml, exceptions=True)
return locktime
except ldap.INSUFFICIENT_ACCESS:
raise univention.admin.uexceptions.permissionDenied(
_('Can not modify lock time of %r.') % (dn, ))
raise univention.admin.uexceptions.noLock(
_('The attribute %r could not get locked.') % (type, ))
def unlock(lo, position, type, value, scope='domain'):
"""
Unlock an |UDM| object.
:param lo: |LDAP| connection.
:param position: |UDM| position specifying the |LDAP| base container.
:param type: A string describing the type of object, e.g. `user`.
:param value: A unique value for the object, e.g. `uid`.
:param scope: The scope for the lock, e.g. `domain`.
"""
_d = ud.function('admin.locking.unlock type=%s value=%s scope=%s' %
(type, value, scope)) # noqa: F841
dn = lockDn(lo, position, type, value.decode('utf-8'), scope)
try:
lo.delete(dn, exceptions=True)
except ldap.NO_SUCH_OBJECT:
pass
def default(module, co, lo, position):
# type: (univention.admin.modules.UdmModule, univention.admin.uldap.config, univention.admin.uldap.access, univention.admin.uldap.position) -> univention.admin.handlers.simpleLdap
"""
Create |UDM| object and initialize default values.
:param module: |UDM| handler.
:param co: |UDM| configuation object.
:param lo: |LDAP| connection.
:param position: |UDM| position instance.
:returns: An initialized |UDM| object.
"""
_d = ud.function('admin.objects.default') # noqa: F841
module = univention.admin.modules.get(module)
object = module.object(co, lo, position)
for name, property in module.property_descriptions.items():
default = property.default(object)
if default:
object[name] = default
return object
def removePolicyReference(object, policy_type):
# type: (univention.admin.handlers.simpleLdap, str) -> None
"""
Remove the policy of the requested type.
:param object: |UDM| object.
:param policy_type: Name of the |UDM| policy to lookup.
"""
# FIXME: Move this to handlers.simpleLdap?
_d = ud.function('admin.objects.removePolicyReference policy_type=%s' % (policy_type))
remove = None
for policy_dn in object.policies:
for m in univention.admin.modules.identify(policy_dn, object.lo.get(policy_dn)):
if univention.admin.modules.name(m) == policy_type:
remove = policy_dn
if remove:
ud.debug(ud.ADMIN, ud.INFO, 'removePolicyReference: removing reference: %s' % remove)
object.policies.remove(remove)
def getPolicyReference(object, policy_type):
# type: (univention.admin.handlers.simpleLdap, str) -> Optional[univention.admin.handlers.simplePolicy]
"""
Return the policy of the requested type.
:param object: |UDM| object.
:param policy_type: Name of the |UDM| policy to lookup.
:returns: The policy applying to the object or `None`.
"""
# FIXME: Move this to handlers.simpleLdap?
_d = ud.function('admin.objects.getPolicyReference policy_type=%s' % (policy_type))
policyReference = None
for policy_dn in object.policies:
for m in univention.admin.modules.identify(policy_dn, object.lo.get(policy_dn)):
if univention.admin.modules.name(m) == policy_type:
policyReference = policy_dn
ud.debug(ud.ADMIN, ud.INFO, 'getPolicyReference: returning: %s' % policyReference)
return policyReference
def replacePolicyReference(object, policy_type, new_reference):
# type: (univention.admin.handlers.simpleLdap, str, univention.admin.handlers.simplePolicy) -> None
"""
Replace the policy of the requested type with a new instance.
:param object: |UDM| object.
:param policy_type: Name of the |UDM| policy to lookup.
"""
# FIXME: Move this to handlers.simpleLdap?
_d = ud.function('admin.objects.replacePolicyReference policy_type=%s new_reference=%s' % (policy_type, new_reference))
module = univention.admin.modules.get(policy_type)
if not univention.admin.modules.recognize(module, new_reference, object.lo.get(new_reference)):
ud.debug(ud.ADMIN, ud.INFO, 'replacePolicyReference: error.')
return
removePolicyReference(object, policy_type)
ud.debug(ud.ADMIN, ud.INFO, 'replacePolicyReference: appending reference: %s' % new_reference)
object.policies.append(new_reference)
def restorePolicyReference(object, policy_type):
# type: (univention.admin.handlers.simpleLdap, str) -> None
"""
Restore the policy of the requested type.
:param object: |UDM| object.
:param policy_type: Name of the |UDM| policy to lookup.
"""
# FIXME: Move this to handlers.simpleLdap?
_d = ud.function('admin.objects.restorePolicyReference policy_type=%s' % (policy_type))
module = univention.admin.modules.get(policy_type)
if not module:
return
removePolicyReference(object, policy_type)
restore = None
for policy_dn in object.oldpolicies:
if univention.admin.modules.recognize(module, policy_dn, object.lo.get(policy_dn)):
restore = policy_dn
if restore:
object.policies.append(restore)
def f():
_d = ud.function('f') # noqa: F841
_d
def f():
_d = ud.function('f')
_d
