From 3712bb85cbd0ba3dc91ca91124aadcc1abd229cc Mon Sep 17 00:00:00 2001 From: kakwa Date: Fri, 10 Jul 2015 21:06:28 +0200 Subject: [PATCH] many pep8 fixes thanks to pep8ify --- ldapcherry/__init__.py | 189 ++++++++++++++-------------- ldapcherry/attributes.py | 1 + ldapcherry/backend/__init__.py | 4 +- ldapcherry/backend/backendLdap.py | 77 ++++++------ ldapcherry/backend/backendSamba4.py | 1 + ldapcherry/exceptions.py | 38 ++++-- ldapcherry/ppolicy/simple.py | 4 +- ldapcherry/pyyamlwrapper.py | 12 +- ldapcherry/roles.py | 4 +- 9 files changed, 178 insertions(+), 152 deletions(-) diff --git a/ldapcherry/__init__.py b/ldapcherry/__init__.py index ce47887..8bfa303 100644 --- a/ldapcherry/__init__.py +++ b/ldapcherry/__init__.py @@ -32,6 +32,7 @@ from sets import Set SESSION_KEY = '_cp_username' + # Custom log function to overrige weird error.log function # of cherrypy def syslog_error(msg='', context='', @@ -44,36 +45,38 @@ def syslog_error(msg='', context='', else: cherrypy.log.error_log.log(severity, ' '.join((context, msg))) + import traceback if traceback: try: exc = sys.exc_info() if exc == (None, None, None): cherrypy.log.error_log.log(severity, msg) - import traceback # log each line of the exception + # in a separate log for lisibility for l in traceback.format_exception(*exc): cherrypy.log.error_log.log(severity, l) finally: del exc + class LdapCherry(object): def _handle_exception(self, e): if hasattr(e, 'log'): cherrypy.log.error( - msg = e.log, - severity = logging.ERROR + msg=e.log, + severity=logging.ERROR ) else: cherrypy.log.error( - msg = "unkwon exception: '%(e)s'" % { 'e' : str(e) }, - severity = logging.ERROR + msg="unkwon exception: '%(e)s'" % {'e': str(e)}, + severity=logging.ERROR ) # log the traceback as 'debug' cherrypy.log.error( - msg = '', - severity = logging.DEBUG, - traceback= True + msg='', + severity=logging.DEBUG, + traceback=True ) def _get_param(self, section, key, config, default=None): @@ -100,8 +103,8 @@ class LdapCherry(object): for b in self.backends: ret[b] = self.backends[b].get_groups(username) cherrypy.log.error( - msg = "user '" + username +"' groups: " + str(ret), - severity = logging.DEBUG, + msg="user '" + username + "' groups: " + str(ret), + severity=logging.DEBUG, ) return ret @@ -114,8 +117,8 @@ class LdapCherry(object): groups = self._get_groups(username) user_roles = self.roles.get_roles(groups) cherrypy.log.error( - msg = "user '" + username +"' roles: " + str(user_roles), - severity = logging.DEBUG, + msg="user '" + username + "' roles: " + str(user_roles), + severity=logging.DEBUG, ) return user_roles @@ -201,12 +204,11 @@ class LdapCherry(object): self.roles_file = self._get_param('roles', 'roles.file', config) cherrypy.log.error( - msg = "loading roles file '%(file)s'" % { 'file': self.roles_file }, - severity = logging.DEBUG + msg="loading roles file '%(file)s'" % {'file': self.roles_file}, + severity=logging.DEBUG ) self.roles = Roles(self.roles_file) - def _set_access_log(self, config, level): """ Configure access logs """ @@ -219,7 +221,7 @@ class LdapCherry(object): # replace access log handler by a syslog handler if access_handler == 'syslog': cherrypy.log.access_log.handlers = [] - handler = logging.handlers.SysLogHandler(address = '/dev/log', + handler = logging.handlers.SysLogHandler(address='/dev/log', facility='user') handler.setFormatter(syslog_formatter) cherrypy.log.access_log.addHandler(handler) @@ -256,7 +258,7 @@ class LdapCherry(object): # (by the way, what's the use of "context"?) cherrypy.log.error = syslog_error - handler = logging.handlers.SysLogHandler(address = '/dev/log', + handler = logging.handlers.SysLogHandler(address='/dev/log', facility='user') handler.setFormatter(syslog_formatter) cherrypy.log.error_log.addHandler(handler) @@ -334,34 +336,34 @@ class LdapCherry(object): # definition of the template directory self.template_dir = self._get_param('resources', 'templates.dir', config) cherrypy.log.error( - msg = "loading templates from dir '%(dir)s'" % { 'dir': self.template_dir }, - severity = logging.DEBUG + msg="loading templates from dir '%(dir)s'" % {'dir': self.template_dir}, + severity=logging.DEBUG ) # preload templates self.temp_lookup = lookup.TemplateLookup( directories=self.template_dir, input_encoding='utf-8' ) - self.temp_index = self.temp_lookup.get_template('index.tmpl') - self.temp_error = self.temp_lookup.get_template('error.tmpl') - self.temp_login = self.temp_lookup.get_template('login.tmpl') + self.temp_index = self.temp_lookup.get_template('index.tmpl') + self.temp_error = self.temp_lookup.get_template('error.tmpl') + self.temp_login = self.temp_lookup.get_template('login.tmpl') self.temp_searchadmin = self.temp_lookup.get_template('searchadmin.tmpl') - self.temp_searchuser = self.temp_lookup.get_template('searchuser.tmpl') - self.temp_adduser = self.temp_lookup.get_template('adduser.tmpl') - self.temp_roles = self.temp_lookup.get_template('roles.tmpl') - self.temp_groups = self.temp_lookup.get_template('groups.tmpl') - self.temp_form = self.temp_lookup.get_template('form.tmpl') - self.temp_selfmodify = self.temp_lookup.get_template('selfmodify.tmpl') - self.temp_modify = self.temp_lookup.get_template('modify.tmpl') + self.temp_searchuser = self.temp_lookup.get_template('searchuser.tmpl') + self.temp_adduser = self.temp_lookup.get_template('adduser.tmpl') + self.temp_roles = self.temp_lookup.get_template('roles.tmpl') + self.temp_groups = self.temp_lookup.get_template('groups.tmpl') + self.temp_form = self.temp_lookup.get_template('form.tmpl') + self.temp_selfmodify = self.temp_lookup.get_template('selfmodify.tmpl') + self.temp_modify = self.temp_lookup.get_template('modify.tmpl') self._init_auth(config) self.attributes_file = self._get_param('attributes', 'attributes.file', config) cherrypy.log.error( - msg = "loading attributes file '%(file)s'" % { 'file': self.attributes_file }, - severity = logging.DEBUG + msg="loading attributes file '%(file)s'" % {'file': self.attributes_file}, + severity=logging.DEBUG ) - def reload(self, config = None): + def reload(self, config=None): """ load/reload configuration @dict: configuration of ldapcherry """ @@ -381,14 +383,14 @@ class LdapCherry(object): self.attributes = Attributes(self.attributes_file) cherrypy.log.error( - msg = "init directories backends", - severity = logging.DEBUG + msg="init directories backends", + severity=logging.DEBUG ) self._init_backends(config) self._check_backends() cherrypy.log.error( - msg = "application started", - severity = logging.INFO + msg="application started", + severity=logging.INFO ) # loading the ppolicy @@ -397,8 +399,8 @@ class LdapCherry(object): except Exception as e: self._handle_exception(e) cherrypy.log.error( - msg = "application failed to start", - severity = logging.ERROR + msg="application failed to start", + severity=logging.ERROR ) exit(1) @@ -439,8 +441,8 @@ class LdapCherry(object): ret[attrid] = tmp[attr] cherrypy.log.error( - msg = "user '" + username + "' attributes " + str(ret), - severity = logging.DEBUG + msg="user '" + username + "' attributes " + str(ret), + severity=logging.DEBUG ) return ret @@ -480,7 +482,7 @@ class LdapCherry(object): if cherrypy.request.query_string == '': qs = '' else: - qs = '?' + cherrypy.request.query_string + qs = '?' + cherrypy.request.query_string b64requrl = base64.b64encode(cherrypy.url() + qs) if not username: raise cherrypy.HTTPRedirect("/signin?url=%(url)s" % {'url': b64requrl}) @@ -503,8 +505,8 @@ class LdapCherry(object): def _adduser(self, params): cherrypy.log.error( - msg = "add user form attributes: " + str(params), - severity = logging.DEBUG + msg="add user form attributes: " + str(params), + severity=logging.DEBUG ) badd = {} @@ -530,12 +532,12 @@ class LdapCherry(object): admin = str(sess.get(SESSION_KEY, None)) cherrypy.log.error( - msg = "user '" + username + "' added by '" + admin + "'", - severity = logging.INFO + msg="user '" + username + "' added by '" + admin + "'", + severity=logging.INFO ) cherrypy.log.error( - msg = "user '" + username + "' attributes: " + str(badd), - severity = logging.DEBUG + msg="user '" + username + "' attributes: " + str(badd), + severity=logging.DEBUG ) roles = [] @@ -547,16 +549,15 @@ class LdapCherry(object): self.backends[b].add_to_groups(username, Set(groups[b])) cherrypy.log.error( - msg = "user '" + username + "' made member of "\ - + str(roles)+ " by '" + admin + "'", - severity = logging.INFO + msg="user '" + username + "' made member of " \ + + str(roles) + " by '" + admin + "'", + severity=logging.INFO ) cherrypy.log.error( - msg = "user '" + username + "' groups: " + str(groups), - severity = logging.DEBUG + msg="user '" + username + "' groups: " + str(groups), + severity=logging.DEBUG ) - def _modify_attrs(self, params, attr_list, username): badd = {} for attr in attr_list: @@ -580,25 +581,25 @@ class LdapCherry(object): def _selfmodify(self, params): cherrypy.log.error( - msg = "modify user form attributes: " + str(params), - severity = logging.DEBUG + msg="modify user form attributes: " + str(params), + severity=logging.DEBUG ) sess = cherrypy.session username = str(sess.get(SESSION_KEY, None)) badd = self._modify_attrs(params, self.attributes.get_selfattributes(), username) cherrypy.log.error( - msg = "user '" + username + "' modified his attributes", - severity = logging.INFO + msg="user '" + username + "' modified his attributes", + severity=logging.INFO ) cherrypy.log.error( - msg = "user '" + username + "' attributes: " + str(badd), - severity = logging.DEBUG + msg="user '" + username + "' attributes: " + str(badd), + severity=logging.DEBUG ) def _modify(self, params): cherrypy.log.error( - msg = "modify user form attributes: " + str(params), - severity = logging.DEBUG + msg="modify user form attributes: " + str(params), + severity=logging.DEBUG ) key = self.attributes.get_key() username = params['attrs'][key] @@ -609,12 +610,12 @@ class LdapCherry(object): admin = str(sess.get(SESSION_KEY, None)) cherrypy.log.error( - msg = "user '" + username + "' modified by '" + admin + "'", - severity = logging.INFO + msg="user '" + username + "' modified by '" + admin + "'", + severity=logging.INFO ) cherrypy.log.error( - msg = "user '" + username + "' attributes: " + str(badd), - severity = logging.DEBUG + msg="user '" + username + "' attributes: " + str(badd), + severity=logging.DEBUG ) tmp = self._get_roles(username) @@ -659,8 +660,8 @@ class LdapCherry(object): lonely_groups[b] = [] tmp = Set(groups_add[b]) - Set(groups_keep[b]) - Set(groups_current[b]) - Set(lonely_groups[b]) cherrypy.log.error( - msg = "user '" + username + "' added to groups: " + str(list(tmp))+ " in backend '" + b + "'", - severity = logging.DEBUG + msg="user '" + username + "' added to groups: " + str(list(tmp)) + " in backend '" + b + "'", + severity=logging.DEBUG ) self.backends[b].add_to_groups(username, tmp) for b in groups_rm: @@ -676,29 +677,29 @@ class LdapCherry(object): groups_current[b] = [] if not b in lonely_groups: lonely_groups[b] = [] - tmp = ((Set(groups_rm[b]) | Set(groups_remove[b])) - (Set(groups_keep[b]) | Set(groups_add[b]))) & (Set(groups_current[b]) | Set(lonely_groups[b])) + tmp = ((Set(groups_rm[b]) | Set(groups_remove[b])) - (Set(groups_keep[b]) | Set(groups_add[b]))) & (Set(groups_current[b]) | Set(lonely_groups[b])) cherrypy.log.error( - msg = "user '" + username + "' removed from groups: " + str(list(tmp))+ " in backend '" + b + "'", - severity = logging.DEBUG + msg="user '" + username + "' removed from groups: " + str(list(tmp)) + " in backend '" + b + "'", + severity=logging.DEBUG ) self.backends[b].del_from_groups(username, tmp) cherrypy.log.error( - msg = "user '" + username + "' made member of " + str(roles_member) + " by '" + admin + "'", - severity = logging.INFO + msg="user '" + username + "' made member of " + str(roles_member) + " by '" + admin + "'", + severity=logging.INFO ) def _deleteuser(self, username): for b in self.backends: self.backends[b].del_user(username) cherrypy.log.error( - msg = "user '" + username + "' deleted from backend '" + b + "'", - severity = logging.DEBUG + msg="user '" + username + "' deleted from backend '" + b + "'", + severity=logging.DEBUG ) cherrypy.log.error( - msg = "User '" + username + "' deleted", - severity = logging.INFO + msg="User '" + username + "' deleted", + severity=logging.INFO ) def _checkppolicy(self, password): @@ -729,8 +730,8 @@ class LdapCherry(object): 'user': login } cherrypy.log.error( - msg = message, - severity = logging.INFO + msg=message, + severity=logging.INFO ) cherrypy.session[SESSION_KEY] = cherrypy.request.login = login if url is None: @@ -743,8 +744,8 @@ class LdapCherry(object): 'user': login } cherrypy.log.error( - msg = message, - severity = logging.WARNING + msg=message, + severity=logging.WARNING ) if url is None: qs = '' @@ -763,8 +764,8 @@ class LdapCherry(object): cherrypy.request.login = None cherrypy.log.error( - msg = "user '%(user)s' logout" % { 'user': username }, - severity = logging.INFO + msg="user '%(user)s' logout" % {'user': username}, + severity=logging.INFO ) raise cherrypy.HTTPRedirect("/signin") @@ -786,7 +787,7 @@ class LdapCherry(object): else: res = None attrs_list = self.attributes.get_search_attributes() - return self.temp_searchuser.render(searchresult = res, attrs_list = attrs_list, is_admin=is_admin) + return self.temp_searchuser.render(searchresult=res, attrs_list=attrs_list, is_admin=is_admin) @cherrypy.expose def checkppolicy(self, **params): @@ -803,7 +804,7 @@ class LdapCherry(object): cherrypy.response.status = 200 else: cherrypy.response.status = 400 - return json.dumps(ret, separators=(',',':')) + return json.dumps(ret, separators=(',', ':')) @cherrypy.expose def searchadmin(self, searchstring=None): @@ -815,7 +816,7 @@ class LdapCherry(object): else: res = None attrs_list = self.attributes.get_search_attributes() - return self.temp_searchadmin.render(searchresult = res, attrs_list = attrs_list, is_admin=is_admin) + return self.temp_searchadmin.render(searchresult=res, attrs_list=attrs_list, is_admin=is_admin) @cherrypy.expose def adduser(self, **params): @@ -830,16 +831,16 @@ class LdapCherry(object): else: notification = '' - graph={} + graph = {} for r in self.roles.graph: s = list(self.roles.graph[r]['sub_roles']) p = list(self.roles.graph[r]['parent_roles']) - graph[r] = { 'sub_roles': s, 'parent_roles': p} - graph_js = json.dumps(graph, separators=(',',':')) + graph[r] = {'sub_roles': s, 'parent_roles': p} + graph_js = json.dumps(graph, separators=(',', ':')) display_names = {} for r in self.roles.flatten: display_names[r] = self.roles.flatten[r]['display_name'] - roles_js = json.dumps(display_names, separators=(',',':')) + roles_js = json.dumps(display_names, separators=(',', ':')) form = self.temp_form.render(attributes=self.attributes.attributes, values=None, modify=False, autofill=True) roles = self.temp_roles.render(roles=self.roles.flatten, graph=self.roles.graph, graph_js=graph_js, roles_js=roles_js, current_roles=None) return self.temp_adduser.render(form=form, roles=roles, is_admin=is_admin, notification=notification) @@ -868,12 +869,12 @@ class LdapCherry(object): else: notification = '' - graph={} + graph = {} for r in self.roles.graph: s = list(self.roles.graph[r]['sub_roles']) p = list(self.roles.graph[r]['parent_roles']) - graph[r] = { 'sub_roles': s, 'parent_roles': p} - graph_js = json.dumps(graph, separators=(',',':')) + graph[r] = {'sub_roles': s, 'parent_roles': p} + graph_js = json.dumps(graph, separators=(',', ':')) display_names = {} for r in self.roles.flatten: display_names[r] = self.roles.flatten[r]['display_name'] @@ -881,7 +882,7 @@ class LdapCherry(object): tmp = self._get_roles(user) user_roles = tmp['roles'] user_lonely_groups = tmp['unusedgroups'] - roles_js = json.dumps(display_names, separators=(',',':')) + roles_js = json.dumps(display_names, separators=(',', ':')) key = self.attributes.get_key() form = self.temp_form.render(attributes=self.attributes.attributes, values=user_attrs, modify=True, keyattr=key, autofill=False) roles = self.temp_roles.render(roles=self.roles.flatten, graph=self.roles.graph, graph_js=graph_js, roles_js=roles_js, current_roles=user_roles) @@ -896,7 +897,7 @@ class LdapCherry(object): user = str(sess.get(SESSION_KEY, None)) if self.auth_mode == 'none': return self.temp_error.render(is_admin=is_admin, - alert = 'warning', + alert='warning', message="Not accessible with authentication disabled." ) if cherrypy.request.method.upper() == 'POST': diff --git a/ldapcherry/attributes.py b/ldapcherry/attributes.py index 1c3abfb..4740fa4 100644 --- a/ldapcherry/attributes.py +++ b/ldapcherry/attributes.py @@ -16,6 +16,7 @@ import yaml types = ['string', 'email', 'int', 'stringlist', 'fix', 'password'] + class Attributes: def __init__(self, attributes_file): diff --git a/ldapcherry/backend/__init__.py b/ldapcherry/backend/__init__.py index 9a4f6d7..60d6fa9 100644 --- a/ldapcherry/backend/__init__.py +++ b/ldapcherry/backend/__init__.py @@ -7,6 +7,7 @@ from ldapcherry.exceptions import MissingParameter + class Backend: def __init__(self, config, logger, name, attrslist, key): @@ -45,5 +46,4 @@ class Backend: elif not default is None: return default else: - raise MissingParameter('backends', self.backend_name+'.'+param) - + raise MissingParameter('backends', self.backend_name + '.' + param) diff --git a/ldapcherry/backend/backendLdap.py b/ldapcherry/backend/backendLdap.py index d4ee703..0b75402 100644 --- a/ldapcherry/backend/backendLdap.py +++ b/ldapcherry/backend/backendLdap.py @@ -13,21 +13,24 @@ import ldapcherry.backend import os import re + class DelUserDontExists(Exception): def __init__(self, user): self.user = user - self.log = "cannot remove user, user <%(user)s> does not exist" % { 'user' : user} + self.log = "cannot remove user, user <%(user)s> does not exist" % {'user': user} + class CaFileDontExist(Exception): def __init__(self, cafile): self.cafile = cafile - self.log = "CA file %(cafile)s don't exist" % { 'cafile': cafile } + self.log = "CA file %(cafile)s don't exist" % {'cafile': cafile} -NO_ATTR = 0 +NO_ATTR = 0 DISPLAYED_ATTRS = 1 LISTED_ATTRS = 2 ALL_ATTRS = 3 + class Backend(ldapcherry.backend.Backend): def __init__(self, config, logger, name, attrslist, key): @@ -64,29 +67,29 @@ class Backend(ldapcherry.backend.Backend): def _exception_handler(self, e): et = type(e) if et is ldap.OPERATIONS_ERROR: - self._logger( - severity = logging.ERROR, - msg = "cannot use starttls with ldaps:// uri (uri: " + self.uri + ")", - ) + self._logger( + severity=logging.ERROR, + msg="cannot use starttls with ldaps:// uri (uri: " + self.uri + ")", + ) elif et is ldap.INVALID_CREDENTIALS: self._logger( - severity = logging.ERROR, - msg = "Configuration error, wrong credentials, unable to connect to ldap with '" + self.binddn + "'", + severity=logging.ERROR, + msg="Configuration error, wrong credentials, unable to connect to ldap with '" + self.binddn + "'", ) elif et is ldap.SERVER_DOWN: self._logger( - severity = logging.ERROR, - msg = "Unable to contact ldap server '" + self.uri + "', check 'auth.ldap.uri' and ssl/tls configuration", + severity=logging.ERROR, + msg="Unable to contact ldap server '" + self.uri + "', check 'auth.ldap.uri' and ssl/tls configuration", ) elif et is ldap.FILTER_ERROR: self._logger( - severity = logging.ERROR, - msg = "Bad search filter, check '" + self.backend_name + ".*_filter_tmpl' params", + severity=logging.ERROR, + msg="Bad search filter, check '" + self.backend_name + ".*_filter_tmpl' params", ) elif et is ldap.NO_SUCH_OBJECT: self._logger( - severity = logging.ERROR, - msg = "Search DN '" + basedn \ + severity=logging.ERROR, + msg="Search DN '" + basedn \ + "' doesn't exist, check '" \ + self.backend_name + ".userdn' or '" \ + self.backend_name + ".groupdn'", @@ -95,24 +98,24 @@ class Backend(ldapcherry.backend.Backend): info = e[0]['info'] desc = e[0]['desc'] self._logger( - severity = logging.ERROR, - msg = "Configuration error, " + desc + ", " + info, + severity=logging.ERROR, + msg="Configuration error, " + desc + ", " + info, ) elif et is ldap.INSUFFICIENT_ACCESS: self._logger( - severity = logging.ERROR, - msg = "Access error on '" + self.backend_name + "' backend, please check your acls in this backend", + severity=logging.ERROR, + msg="Access error on '" + self.backend_name + "' backend, please check your acls in this backend", ) elif et is ldap.ALREADY_EXISTS: desc = e[0]['desc'] self._logger( - severity = logging.ERROR, - msg = "adding user failed, " + desc, + severity=logging.ERROR, + msg="adding user failed, " + desc, ) else: self._logger( - severity = logging.ERROR, - msg = "unknow ldap exception in ldap backend", + severity=logging.ERROR, + msg="unknow ldap exception in ldap backend", ) raise e @@ -233,7 +236,7 @@ class Backend(ldapcherry.backend.Backend): dn = self.dn_user_attr + '=' + attrs[self.dn_user_attr] + ',' + self.userdn ldif = modlist.addModlist(attrs_str) try: - ldap_client.add_s(dn,ldif) + ldap_client.add_s(dn, ldif) except Exception as e: ldap_client.unbind_s() self._exception_handler(e) @@ -256,9 +259,9 @@ class Backend(ldapcherry.backend.Backend): for attr in attrs: content = self._str(attrs[attr]) attr = self._str(attr) - new = { attr : content } + new = {attr: content} if attr in old_attrs: - old = { attr: old_attrs[attr]} + old = {attr: old_attrs[attr]} else: old = {} ldif = modlist.modifyModlist(old, new) @@ -281,18 +284,18 @@ class Backend(ldapcherry.backend.Backend): for attr in self.group_attrs: content = self._str(self.group_attrs[attr] % attrs) self._logger( - severity = logging.DEBUG, - msg = "%(backend)s: adding user '%(user)s' with dn '%(dn)s' to group '%(group)s' by setting '%(attr)s' to '%(content)s'" % \ - { 'user': username, 'dn': dn, 'group': group, 'attr': attr, 'content': content, 'backend': self.backend_name } + severity=logging.DEBUG, + msg="%(backend)s: adding user '%(user)s' with dn '%(dn)s' to group '%(group)s' by setting '%(attr)s' to '%(content)s'" % \ + {'user': username, 'dn': dn, 'group': group, 'attr': attr, 'content': content, 'backend': self.backend_name} ) - ldif = modlist.modifyModlist({}, { attr : content }) + ldif = modlist.modifyModlist({}, {attr: content}) try: ldap_client.modify_s(group, ldif) except ldap.TYPE_OR_VALUE_EXISTS as e: self._logger( - severity = logging.INFO, - msg = "%(backend)s: user '%(user)s' already member of group '%(group)s' (attribute '%(attr)s')" % \ - { 'user': username, 'group': group, 'attr': attr, 'backend': self.backend_name} + severity=logging.INFO, + msg="%(backend)s: user '%(user)s' already member of group '%(group)s' (attribute '%(attr)s')" % \ + {'user': username, 'group': group, 'attr': attr, 'backend': self.backend_name} ) except Exception as e: ldap_client.unbind_s() @@ -309,14 +312,14 @@ class Backend(ldapcherry.backend.Backend): group = self._str(group) for attr in self.group_attrs: content = self._str(self.group_attrs[attr] % attrs) - ldif = [(ldap.MOD_DELETE, attr, content)] + ldif = [(ldap.MOD_DELETE, attr, content)] try: ldap_client.modify_s(group, ldif) except ldap.NO_SUCH_ATTRIBUTE as e: self._logger( - severity = logging.INFO, - msg = "%(backend)s: user '%(user)s' wasn't member of group '%(group)s' (attribute '%(attr)s')" % \ - { 'user': username, 'group': group, 'attr': attr, 'backend': self.backend_name} + severity=logging.INFO, + msg="%(backend)s: user '%(user)s' wasn't member of group '%(group)s' (attribute '%(attr)s')" % \ + {'user': username, 'group': group, 'attr': attr, 'backend': self.backend_name} ) except Exception as e: ldap_client.unbind_s() diff --git a/ldapcherry/backend/backendSamba4.py b/ldapcherry/backend/backendSamba4.py index c7f704c..302fcf3 100644 --- a/ldapcherry/backend/backendSamba4.py +++ b/ldapcherry/backend/backendSamba4.py @@ -7,6 +7,7 @@ import ldapcherry.backend + class Backend(ldapcherry.backend.Backend): def __init__(self, config, logger, name, attrslist, key): diff --git a/ldapcherry/exceptions.py b/ldapcherry/exceptions.py index f0d7f6a..330118b 100644 --- a/ldapcherry/exceptions.py +++ b/ldapcherry/exceptions.py @@ -7,70 +7,83 @@ import string + class MissingParameter(Exception): def __init__(self, section, key): self.section = section self.key = key - self.log = "missing parameter '%(key)s' in section '%(section)s'" % { 'key' : key, 'section' : section } + self.log = "missing parameter '%(key)s' in section '%(section)s'" % {'key': key, 'section': section} + class MissingKey(Exception): def __init__(self, key, section, ymlfile): self.key = key self.section = section self.ymlfile = ymlfile - self.log = "missing key '%(key)s' in section '%(section)s' inside file '%(ymlfile)s'" % {'key': key, 'section': section, 'ymlfile': ymlfile } + self.log = "missing key '%(key)s' in section '%(section)s' inside file '%(ymlfile)s'" % {'key': key, 'section': section, 'ymlfile': ymlfile} + class DumplicateRoleKey(Exception): def __init__(self, role): self.role = role - self.log = "duplicate role key '%(role)s' in role file" % { 'role' : role} + self.log = "duplicate role key '%(role)s' in role file" % {'role': role} + class MissingRole(Exception): def __init__(self, role): self.role = role - self.log = "role '%(role)s' does not exist in role file" % { 'role' : role} + self.log = "role '%(role)s' does not exist in role file" % {'role': role} + class MissingBackend(Exception): def __init__(self, backend): self.backend = backend - self.log = "backend '%(backend)s' does not exist in main config file" % { 'backend' : backend} + self.log = "backend '%(backend)s' does not exist in main config file" % {'backend': backend} + class WrongBackend(Exception): def __init__(self, backend): self.backend = backend - self.log = "backend '%(backend)s' does not exist" % { 'backend' : backend} + self.log = "backend '%(backend)s' does not exist" % {'backend': backend} + class DumplicateRoleContent(Exception): def __init__(self, role1, role2): self.role1 = role1 self.role2 = role2 - self.log = "role '%(role1)s' and '%(role2)s' are identical" % { 'role1' : role1, 'role2': role2} + self.log = "role '%(role1)s' and '%(role2)s' are identical" % {'role1': role1, 'role2': role2} + class MissingRolesFile(Exception): def __init__(self, rolefile): self.rolefile = rolefile - self.log = "fail to open role file '%(rolefile)s'" % { 'rolefile' : rolefile} + self.log = "fail to open role file '%(rolefile)s'" % {'rolefile': rolefile} + class MissingMainFile(Exception): def __init__(self, config): self.rolefile = rolefile - self.log = "fail to open main file '%(config)s'" % { 'rolefile' : rolefile} + self.log = "fail to open main file '%(config)s'" % {'rolefile': rolefile} + class MissingAttributesFile(Exception): def __init__(self, attributesfile): self.attributesfile = attributesfile - self.log = "fail to open attributes file '%(attributesfile)s'" % { 'attributesfile' : attributesfile} + self.log = "fail to open attributes file '%(attributesfile)s'" % {'attributesfile': attributesfile} + class BackendModuleLoadingFail(Exception): def __init__(self, module): self.module = module self.log = "module '%(module)s' not in python path" % {'module': module} + class BackendModuleInitFail(Exception): def __init__(self, module): self.module = module self.log = "fail to init module '%(module)s'" % {'module': module} + class WrongParamValue(Exception): def __init__(self, param, section, possible_values): self.possible_values = possible_values @@ -79,19 +92,22 @@ class WrongParamValue(Exception): possible_values_str = string.join(possible_values, ', ') self.log = "wrong value for param '%(param)s' in section '%(section)s', possible values are [%(values)s]" % {'param': param, 'section': section, 'values': possible_values_str} + class DumplicateUserKey(Exception): def __init__(self, attrid1, attrid2): self.attrid1 = attrid1 self.attrid2 = attrid2 self.log = "duplicate key in '%(attrid1)s' and '%(attrid2)s'" % {'attrid1': attrid1, 'attrid2': attrid2} + class MissingUserKey(Exception): def __init__(self): self.log = "missing key" + class WrongAttributeType(Exception): def __init__(self, key, section, ymlfile): self.key = key self.section = section self.ymlfile = ymlfile - self.log = "wrong attribute type '%(key)s' in section '%(section)s' inside file '%(ymlfile)s'" % {'key': key, 'section': section, 'ymlfile': ymlfile } + self.log = "wrong attribute type '%(key)s' in section '%(section)s' inside file '%(ymlfile)s'" % {'key': key, 'section': section, 'ymlfile': ymlfile} diff --git a/ldapcherry/ppolicy/simple.py b/ldapcherry/ppolicy/simple.py index e9a2cfd..6971f35 100644 --- a/ldapcherry/ppolicy/simple.py +++ b/ldapcherry/ppolicy/simple.py @@ -31,8 +31,8 @@ class PPolicy(ldapcherry.ppolicy.PPolicy): def info(self): return \ - "* Minimum length: %(len)n\n"\ - "* Minimum number of uppercase characters: %(upper)n\n"\ + "* Minimum length: %(len)n\n" \ + "* Minimum number of uppercase characters: %(upper)n\n" \ "* Minimum number of digits: %(digit)n" % { 'upper': self.min_upper, 'len': self.min_length, diff --git a/ldapcherry/pyyamlwrapper.py b/ldapcherry/pyyamlwrapper.py index d087e19..0ddf09d 100644 --- a/ldapcherry/pyyamlwrapper.py +++ b/ldapcherry/pyyamlwrapper.py @@ -14,20 +14,22 @@ from yaml.resolver import * class RelationError(Exception): def __init__(self, key, value): - self.key = key + self.key = key self.value = value + class DumplicatedKey(Exception): def __init__(self, host, key): - self.host = host - self.key = key + self.host = host + self.key = key import yaml try: - from yaml import CLoader as Loader, CDumper as Dumper + from yaml import CLoader as Loader, CDumper as Dumper except ImportError: - from yaml import Loader, Dumper + from yaml import Loader, Dumper + # PyYaml wrapper that loads yaml files throwing an exception #if a key is dumplicated diff --git a/ldapcherry/roles.py b/ldapcherry/roles.py index a30aece..4774510 100644 --- a/ldapcherry/roles.py +++ b/ldapcherry/roles.py @@ -15,12 +15,14 @@ from ldapcherry.pyyamlwrapper import DumplicatedKey from ldapcherry.exceptions import DumplicateRoleKey, MissingKey, DumplicateRoleContent, MissingRolesFile, MissingRole import yaml + class CustomDumper(yaml.SafeDumper): "A custom YAML dumper that never emits aliases" def ignore_aliases(self, _data): return True + class Roles: def __init__(self, role_file): @@ -141,7 +143,7 @@ class Roles: self.group2roles[b][g] = Set([]) self.group2roles[b][g].add(roleid) - parent_roles[roleid]=[] + parent_roles[roleid] = [] for roleid2 in self.flatten: role2 = copy.deepcopy(self.flatten[roleid2]) if self._is_parent(roleid, roleid2):