def list_users(self,usertype,uid=None): if uid==None: uid = '*' usertype_ids = userdef.list_usertypes_by_id() usertype_objectclasses = {} for id in usertype_ids: usertype_objectclasses[id] = ldapdef.objectclass_by_usertype(id) + ['sambaSamAccount'] path = conf.get('LDAPSERVER','basedn') if usertype: path = ldapdef.basedn_by_usertype(usertype) if not path: return {} res = self.l.search(path,ldap.SCOPE_SUBTREE,'(& (uid=%s)(objectclass=posixaccount)(objectclass=person))' % uid ,[]) user_dict = {} while 1: sres = self.l.result(res,0) if sres[1]==[]: break if not sres[1][0][1].has_key('uid'): continue uid = sres[1][0][1]['uid'][0] user_dict[uid] = {} user_dict[uid]['dn'] = sres[1][0][0] for (k,v) in sres[1][0][1].items(): if k=='objectClass': for usertype_id,objectclasses in usertype_objectclasses.items(): had_all_classes = True for objcls in objectclasses: if not v.count(objcls): had_all_classes = False break if had_all_classes == True: user_dict[uid]['usertype_id'] = usertype_id break continue if len(v)==1: user_dict[uid][k] = v[0] else: user_dict[uid][k] = v return user_dict
def createuser(self,uid,givenname,familyname,passwd,usertype,primarygid=1000,firstyear=None): """ Add a user to the schools authentication directory service. The usertype must be one of the constants TEACHER,STUDENT,PARENT or OTHER """ # check if the group exists already if self.user_exists(uid): return -10001 title = userdef.usertype_as_text(usertype) if not title: return -10005 # invalid usertype id usertype_ou = ldapdef.ou_confkey_by_usertype(usertype) objectclass = ldapdef.objectclass_by_usertype(usertype) if not objectclass: return -10006 # Object classes have not been defined for this usertype path = "uid=%s,%s" % (uid,ldapdef.basedn_by_usertype(usertype)) # Check the group for existance import groupmanager as gman gm = gman.GroupManager() gl = gm.list_groups(None) glgid = {} for groupname in gl.keys(): glgid[int(gl[groupname]['gidNumber'])]=groupname if not glgid.has_key(primarygid): return -10004 #uidnumber = self.max(conf.get('LDAPSERVER','basedn'), # 'objectclass=posixaccount','uidNumber', # int(conf.get('DOMAIN','uid_start')))+1 uidnumber = None uidnumbers = [] for pw in pwd.getpwall(): if int(pw[2]) >= int(conf.get('DOMAIN','uid_start')): uidnumbers += [int(pw[2])] uidnumbers.sort() expect_uidnumber = int(conf.get('DOMAIN','uid_start')) for i in range(100000): if expect_uidnumber != uidnumbers[i]: uidnumber = expect_uidnumber break expect_uidnumber += 1 if uidnumber == None: return -10007 # failed to pick an uidnumber cn = '%s %s' % (givenname,familyname) user_info = {'uid':uid, 'givenname':'%s' % givenname, 'cn':cn, 'gidNumber': str(primarygid), 'uidnumber': str(uidnumber), 'homeDirectory':'%s/%s/users/%s/.linux' % (conf.get('DOMAIN','domain_root'),conf.get('DOMAIN','domain_name'),uid), 'sn':'%s' % familyname, 'objectclass':objectclass, 'mail': uid, 'title':title, 'loginShell': '/bin/zsh', 'userPassword':mkpasswd(passwd,3,'ssha')} if userdef.usertype_as_id(usertype) == userdef.usertype_as_id('student') and firstyear != None: user_info['firstSchoolYear'] = str(firstyear) self.bind(conf.get('LDAPSERVER','admin'),conf.get('LDAPSERVER','passwd')) self.touch_by_dict({path:user_info}) try: posix_uid = pwd.getpwnam(uid)[2] except Exception, e: print e return -10002