def guess_username(self, lo, date_format): # already provided. use this one if self.name: return self.name # search database hints = [] if self.lastname: hints.append( expression('lastname', escape_filter_chars(self.lastname))) if self.firstname: hints.append( expression('firstname', escape_filter_chars(self.firstname))) if self.birthday: hints.append( expression( 'birthday', escape_filter_chars( unformat_date(self.birthday, date_format)))) if hints: ldap_filter = conjunction('&', hints) udm_obj = self.get_first_udm_obj(lo, str(ldap_filter)) if udm_obj: return udm_obj['username'] # generate a reasonable one firstname = u'' if self.firstname: firstname = u'%s' % (self.firstname.split()[0].lower(), ) lastname = u'' if self.lastname: lastname = u'%s' % (self.lastname.split()[-1].lower()) firstname = self.RE_UID_INVALID.sub('', firstname) lastname = self.RE_UID_INVALID.sub('', lastname) def replace_invalid_chars(u): return re.sub(r'^(?:[^\w]+)?(.*?)(?:[^\w]+)?$', r'\1', u, re.UNICODE) if ucr.is_true( 'ucsschool/csvimport/username/generation/firstname_lastname', False): username = firstname + (u'.' if firstname else u'') + lastname return replace_invalid_chars(username) if firstname: firstname = firstname[:5] + '.' username = firstname + lastname[:5] maxlength = 20 - len( ucr.get('ucsschool/ldap/default/userprefix/exam', 'exam-')) return replace_invalid_chars(username[:maxlength])
def rewrite_rev(filter, subnet): """Rewrite LDAP filter expression and convert (ip) -> (zone,reversed) >>> rewrite_rev(expression('ip', '1.2.3.4'), subnet='1.2') conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '4.3', '=')]) >>> rewrite_rev(expression('ip', '1.2.3.*', escape=False), subnet='1.2') conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '*.3', '=')]) >>> rewrite_rev(expression('ip', '1.2.*.*', escape=False), subnet='1.2') conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '*.*', '=')]) >>> rewrite_rev(expression('ip', '1.2.*.4', escape=False), subnet='1.2') conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '4.*', '=')]) >>> rewrite_rev(expression('ip', '1.2.*', escape=False), subnet='1.2') conjunction('&', [expression('zoneName', '2.1.in-addr.arpa', '='), expression('relativeDomainName', '*', '=')]) >>> rewrite_rev(expression('ip', '1:2:3:4:5:6:7:8'), subnet='0001:0002') conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '8.0.0.0.7.0.0.0.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0', '=')]) >>> rewrite_rev(expression('ip', '1:2:3:4:5:6:7:*', escape=False), subnet='0001:0002') conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '*.7.0.0.0.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0', '=')]) >>> rewrite_rev(expression('ip', '1:2:3:4:5:6:*:8', escape=False), subnet='0001:0002') conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '8.0.0.0.*.6.0.0.0.5.0.0.0.4.0.0.0.3.0.0.0', '=')]) >>> rewrite_rev(expression('ip', '1:2:3:*', escape=False), subnet='0001:0002') conjunction('&', [expression('zoneName', '2.0.0.0.1.0.0.0.ip6.arpa', '='), expression('relativeDomainName', '*.3.0.0.0', '=')]) """ if isinstance(filter, conjunction): filter.expressions = [ rewrite_rev(expr, subnet) for expr in filter.expressions ] if isinstance(filter, expression) and filter.variable == 'ip': if ':' in subnet: string = ''.join(subnet.split(':')) prefix = len(string) assert 1 <= prefix < 32 addr = ''.join(part if '*' in part else part.rjust(4, '0')[-4:] for part in filter.value.split(':')) suffix = '.ip6.arpa' else: octets = subnet.split('.') prefix = len(octets) assert 1 <= prefix < 4 addr = filter.value.split('.') suffix = '.in-addr.arpa' addr_net, addr_host = [ '.'.join(reversed(_)) for _ in (addr[:prefix], addr[prefix:]) ] filter = conjunction('&', [ expression('zoneName', addr_net + suffix), expression('relativeDomainName', addr_host or '*', escape=False), ]) return filter
def lookup(co, lo, filter_s, base='', superordinate=None, scope='sub', unique=0, required=0, timeout=-1, sizelimit=0): """Search for UVMM profile objects.""" filter_expr = udm_filter.conjunction('&', [ udm_filter.expression('objectClass', 'univentionVirtualMachineProfile'), ]) if filter_s: filter_p = udm_filter.parse(filter_s) udm_filter.walk(filter_p, univention.admin.mapping.mapRewrite, arg=mapping) filter_expr.expressions.append(filter_p) return [ object(co, lo, None, dn) for dn in lo.searchDn(unicode( filter_expr), base, scope, unique, required, timeout, sizelimit) ]
def lookup(co, lo, filter_s, base='', superordinate=None, scope='sub', unique=0, required=0, timeout=-1, sizelimit=0): filter = udm_filter.conjunction( '&', [udm_filter.expression('objectClass', 'umcPolicy')]) if filter_s: filter_p = udm_filter.parse(filter_s) udm_filter.walk(filter_p, udm_mapping.mapRewrite, arg=mapping) filter.expressions.append(filter_p) res = [] try: for dn, attrs in lo.search(unicode(filter), base, scope, [], unique, required, timeout, sizelimit): res.append(object(co, lo, None, dn, attributes=attrs)) except: pass return res
def lookup_filter(filter_s=None, lo=None): """ Return LDAP search filter for UVMM Cloud Connection entries. """ ldap_filter = udm_filter.conjunction('&', [ udm_filter.expression('objectClass', 'univentionVirtualMachineCloudConnection'), ]) ldap_filter.append_unmapped_filter_string(filter_s, udm_mapping.mapRewrite, mapping) return unicode(ldap_filter)
def build_easy_filter(cls, filter_str): if filter_str: sanitizer = LDAPSearchSanitizer() filter_str = sanitizer.sanitize('filter_str', {'filter_str': filter_str}) expressions = [] for key in cls._attrs_for_easy_filter(): expressions.append(expression(key, filter_str)) if expressions: return conjunction('|', expressions)
def lookup(co, lo, filter_s, base='', superordinate=None, scope='sub', unique=False, required=False, timeout=-1, sizelimit=0): filter = udm_filter.conjunction('&', [ udm_filter.expression('objectClass', 'umcOperationSet') ]) if filter_s: filter_p = udm_filter.parse(filter_s) udm_filter.walk(filter_p, udm_mapping.mapRewrite, arg=mapping) filter.expressions.append(filter_p) return object.lookup(co, lo, filter, base, superordinate, scope, unique, required, timeout, sizelimit)
def lookup(co, lo, filter_s, base='', superordinate=None, scope='sub', unique=0, required=0, timeout=-1, sizelimit=0): """Search for UVMM profile objects.""" filter_expr = udm_filter.conjunction('&', [ udm_filter.expression('objectClass', 'univentionVirtualMachineProfile'), ]) if filter_s: filter_p = udm_filter.parse(filter_s) udm_filter.walk(filter_p, univention.admin.mapping.mapRewrite, arg=mapping) filter_expr.expressions.append(filter_p) return [object(co, lo, None, dn) for dn in lo.searchDn(unicode(filter_expr), base, scope, unique, required, timeout, sizelimit)]
def search_objects(_module, _lo, _pos, _base='', **kwargs): module = _get_module(_module, _lo, _pos) expressions = [] conj = udm_filter.conjunction('&', expressions) for key, value in kwargs.iteritems(): expressions.append( udm_filter.expression(key, escape_filter_chars(value), '=')) try: objs = module.lookup(None, _lo, str(conj), base=_base) except udm_errors.noObject: objs = [] for obj in objs: udm_objects.open(obj) return objs
def lookup( co, lo, filter_s, base = '', superordinate = None, scope = 'sub', unique = 0, required = 0, timeout = -1, sizelimit = 0 ): filter=udm_filter.conjunction('&', [ udm_filter.expression('objectClass', 'umcOperationSet') ]) if filter_s: filter_p=udm_filter.parse(filter_s) udm_filter.walk( filter_p, udm_mapping.mapRewrite, arg=mapping) filter.expressions.append(filter_p) res=[] try: for dn in lo.searchDn(unicode(filter), base, scope, unique, required, timeout, sizelimit): res.append(object(co, lo, None, dn)) except: pass return res
def lookup_filter(filter_s=None, lo=None): filter_expr = conjunction('&', [expression('objectClass', 'ipService')]) filter_expr.append_unmapped_filter_string(filter_s, mapRewrite, mapping) return filter_expr
def unmapped_lookup_filter(cls): return udm_filter.conjunction( '&', [udm_filter.expression('objectClass', 'umcPolicy')])
def get_shares(self, pattern, ldap_user_read=None, ldap_position=None, search_base=None): result = {} result['shares'] = [] if not search_base.availableSchools: MODULE.error('%s.query: No schools available to this user!' % (self.module_name, )) return result # empty # sanitize the search pattern to match only role shares and only in ou role_specified = self.valid_role_from_roleshare_name(pattern) school_ou_specified = self.valid_school_from_roleshare_name( pattern, search_base.availableSchools) udm_filter = None if school_ou_specified: if role_specified: udm_filter = pattern else: hints = [] for role in supported_roles: hints.append(expression('name', "-".join((role, pattern)))) udm_filter = conjunction('&', hints) else: if role_specified: hints = [] for school_ou in search_base.availableSchools: hints.append( expression('name', "-".join((pattern, school_ou)))) if hints: udm_filter = conjunction('&', hints) else: # invalid pattern, ignore hints = [] for role in supported_roles: for school_ou in search_base.availableSchools: hints.append( expression('name', "-".join((role, school_ou)))) if hints: udm_filter = conjunction('&', hints) if not udm_filter: MODULE.error('%s.query: invalid search filter: %s' % ( self.module_name, pattern, )) return result # empty udm_modules.init(ldap_user_read, ldap_position, udm_modules.get(self.udm_module_name)) res = udm_modules.lookup(self.udm_module_name, None, ldap_user_read, base=ucr['ldap/base'], scope='sub', filter=udm_filter) result['shares'] = [obj['name'] for obj in res] return result