security-and-privacy/ldapcherry
security-and-privacy/ldapcherry
1
0
Fork 0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-25 02:34:31 +01:00
Code Releases Activity

implementing modify and add/rm to groups

Browse Source
This commit is contained in:
kakwa 2015-06-14 20:55:23 +02:00
parent fce2f89103
commit 4a302750c0
1 changed files with 49 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
ldapcherry/backend/backendLdap.py
View File

@ -41,6 +41,11 @@ class Backend(ldapcherry.backend.Backend):
self.key = key self.key = key
for o in re.split('\W+', self.get_param('objectclasses')): for o in re.split('\W+', self.get_param('objectclasses')):
self.objectclasses.append(self._str(o)) self.objectclasses.append(self._str(o))
self.group_attrs = {}
for param in config:
name, sep, group = param.partition('.')
if name == 'group_attr':
self.group_attrs[group] = self.get_param(param)
self.attrlist = [] self.attrlist = []
for a in attrslist: for a in attrslist:
@ -182,6 +187,7 @@ class Backend(ldapcherry.backend.Backend):
severity = logging.ERROR, severity = logging.ERROR,
msg = "Configuration error, " + desc + ", " + info, msg = "Configuration error, " + desc + ", " + info,
) )
ldap_client.unbind_s()
raise e raise e
except ldap.INSUFFICIENT_ACCESS as e: except ldap.INSUFFICIENT_ACCESS as e:
info = e[0]['info'] info = e[0]['info']
@ -190,6 +196,7 @@ class Backend(ldapcherry.backend.Backend):
severity = logging.ERROR, severity = logging.ERROR,
msg = "Access error, " + desc + ", " + info, msg = "Access error, " + desc + ", " + info,
) )
ldap_client.unbind_s()
raise e raise e
except ldap.ALREADY_EXISTS as e: except ldap.ALREADY_EXISTS as e:
desc = e[0]['desc'] desc = e[0]['desc']
@ -197,7 +204,9 @@ class Backend(ldapcherry.backend.Backend):
severity = logging.ERROR, severity = logging.ERROR,
msg = "adding user failed, " + desc, msg = "adding user failed, " + desc,
) )
ldap_client.unbind_s()
raise e raise e
ldap_client.unbind_s()
def del_user(self, username): def del_user(self, username):
ldap_client = self._bind() ldap_client = self._bind()
@ -206,15 +215,50 @@ class Backend(ldapcherry.backend.Backend):
ldap_client.delete_s(dn) ldap_client.delete_s(dn)
else: else:
raise DelUserDontExists(username) raise DelUserDontExists(username)
ldap_client.unbind_s()
def set_attrs(self, attrs, username): def set_attrs(self, attrs, username):
pass ldap_client = self._bind()
tmp = self._get_user(username, True)
dn = tmp[0]
old_attrs = tmp[1]
for attr in attrs:
content = attrs[attr]
new = { attr : content }
if attr in old_attrs:
old = { attr: old_attrs[attr]}
ldif = modlist.modifyModlist(old,new)
ldap_client.modify_s(dn,ldif)
else:
ldif = modlist.addModlist({ attr : content })
ldap_client.add_s(dn,ldif)
ldap_client.unbind_s()
def add_to_group(self, username): def add_to_group(self, username, groups):
pass ldap_client = self._bind()
tmp = self._get_user(username, True)
dn = tmp[0]
attrs = tmp[1]
attrs['dn'] = dn
for group in groups:
for attr in self.group_attrs:
content = self.group_attrs[attr] % attrs
ldif = modlist.addModlist({ attr : content })
ldap_client.add_s(group,ldif)
ldap_client.unbind_s()
def rm_from_group(self, username): def rm_from_group(self, username):
pass ldap_client = self._bind()
tmp = self._get_user(username, True)
dn = tmp[0]
attrs = tmp[1]
attrs['dn'] = dn
for group in groups:
for attr in self.group_attrs:
content = self.group_attrs[attr] % attrs
ldif = modlist.addModlist({ attr : content })
ldap_client.delete_s(group,ldif)
ldap_client.unbind_s()
def search(self, searchstring): def search(self, searchstring):
ret = {} ret = {}