mirror of
https://github.com/kakwa/ldapcherry
synced 2024-12-23 13:20:03 +01:00
pepify the source code
This commit is contained in:
parent
d8631da7ba
commit
b8a65a44b6
@ -26,7 +26,7 @@ class CaFileDontExist(Exception):
|
||||
class MissingAttr(Exception):
|
||||
def __init__(self):
|
||||
self.log = 'attributes "cn" and "unicodePwd" must be declared ' \
|
||||
'in attributes.yml for all Active Directory backends.'
|
||||
'in attributes.yml for all Active Directory backends.'
|
||||
|
||||
NO_ATTR = 0
|
||||
DISPLAYED_ATTRS = 1
|
||||
@ -35,7 +35,7 @@ ALL_ATTRS = 3
|
||||
|
||||
# UserAccountControl Attribute/Flag Values
|
||||
# For details, look at:
|
||||
# https://support.microsoft.com/en-us/kb/305144
|
||||
# https://support.microsoft.com/en-us/kb/305144
|
||||
SCRIPT = 0x0001
|
||||
ACCOUNTDISABLE = 0x0002
|
||||
HOMEDIR_REQUIRED = 0x0008
|
||||
@ -58,7 +58,6 @@ DONT_REQ_PREAUTH = 0x400000
|
||||
PASSWORD_EXPIRED = 0x800000
|
||||
TRUSTED_TO_AUTH_FOR_DELEGATION = 0x1000000
|
||||
PARTIAL_SECRETS_ACCOUNT = 0x04000000
|
||||
|
||||
# Generated by the followin command:
|
||||
|
||||
# samba-tool group list | \
|
||||
@ -143,11 +142,11 @@ class Backend(ldapcherry.backend.backendLdap.Backend):
|
||||
for a in attrslist:
|
||||
self.attrlist.append(self._str(a))
|
||||
|
||||
if 'cn' not in self.attrlist:
|
||||
raise MissingAttr()
|
||||
if 'cn' not in self.attrlist:
|
||||
raise MissingAttr()
|
||||
|
||||
if 'unicodePwd' not in self.attrlist:
|
||||
raise MissingAttr()
|
||||
if 'unicodePwd' not in self.attrlist:
|
||||
raise MissingAttr()
|
||||
|
||||
def _search_group(self, searchfilter, groupdn):
|
||||
searchfilter = self._str(searchfilter)
|
||||
@ -176,42 +175,40 @@ class Backend(ldapcherry.backend.backendLdap.Backend):
|
||||
return ad_groups
|
||||
|
||||
def _set_password(self, cn, password):
|
||||
unicode_pass = '\"' + password + '\"'
|
||||
password_value = unicode_pass.encode('utf-16-le')
|
||||
|
||||
ldap_client = self._bind()
|
||||
|
||||
dn = str('CN=%(cn)s,%(user_dn)s' % {
|
||||
'cn': cn,
|
||||
'user_dn': self.userdn
|
||||
}
|
||||
)
|
||||
|
||||
attrs = {}
|
||||
|
||||
attrs['unicodePwd'] = str(password_value)
|
||||
|
||||
#ldif = modlist.modifyModlist({'unicodePwd': 'asad'}, attrs)
|
||||
ldif = modlist.modifyModlist({'unicodePwd': 'tmp'}, attrs)
|
||||
ldap_client.modify_s(dn,ldif)
|
||||
unicode_pass = '\"' + password + '\"'
|
||||
password_value = unicode_pass.encode('utf-16-le')
|
||||
|
||||
del(attrs['unicodePwd'])
|
||||
attrs['UserAccountControl'] = str(NORMAL_ACCOUNT)
|
||||
ldif = modlist.modifyModlist({'UserAccountControl': 'tmp'}, attrs)
|
||||
ldap_client.modify_s(dn,ldif)
|
||||
ldap_client = self._bind()
|
||||
|
||||
dn = str('CN=%(cn)s,%(user_dn)s' % {
|
||||
'cn': cn,
|
||||
'user_dn': self.userdn
|
||||
})
|
||||
|
||||
attrs = {}
|
||||
|
||||
attrs['unicodePwd'] = str(password_value)
|
||||
|
||||
ldif = modlist.modifyModlist({'unicodePwd': 'tmp'}, attrs)
|
||||
ldap_client.modify_s(dn, ldif)
|
||||
|
||||
del(attrs['unicodePwd'])
|
||||
attrs['UserAccountControl'] = str(NORMAL_ACCOUNT)
|
||||
ldif = modlist.modifyModlist({'UserAccountControl': 'tmp'}, attrs)
|
||||
ldap_client.modify_s(dn, ldif)
|
||||
|
||||
def add_user(self, attrs):
|
||||
password = attrs['unicodePwd']
|
||||
del(attrs['unicodePwd'])
|
||||
super(Backend, self).add_user(attrs)
|
||||
self._set_password(attrs['cn'], password)
|
||||
del(attrs['unicodePwd'])
|
||||
super(Backend, self).add_user(attrs)
|
||||
self._set_password(attrs['cn'], password)
|
||||
|
||||
def set_attrs(self, username, attrs):
|
||||
if 'unicodePwd' in attrs:
|
||||
if 'unicodePwd' in attrs:
|
||||
password = attrs['unicodePwd']
|
||||
del(attrs['unicodePwd'])
|
||||
self._set_password(attrs['cn'], password)
|
||||
super(Backend, self).set_attrs(username, attrs)
|
||||
del(attrs['unicodePwd'])
|
||||
self._set_password(attrs['cn'], password)
|
||||
super(Backend, self).set_attrs(username, attrs)
|
||||
|
||||
def add_to_groups(self, username, groups):
|
||||
ad_groups = self._build_groupdn(groups)
|
||||
|
@ -259,7 +259,6 @@ class Backend(ldapcherry.backend.Backend):
|
||||
else:
|
||||
dn_entry = r[0]
|
||||
return dn_entry
|
||||
|
||||
# python-ldap talks in bytes,
|
||||
# as the rest of ldapcherry talks in unicode utf-8:
|
||||
# * everything passed to python-ldap must be converted to bytes
|
||||
@ -292,7 +291,7 @@ class Backend(ldapcherry.backend.Backend):
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
|
||||
|
||||
def attrs_pretreatment(self, attrs):
|
||||
attrs_str = {}
|
||||
for a in attrs:
|
||||
@ -304,14 +303,14 @@ class Backend(ldapcherry.backend.Backend):
|
||||
ldap_client = self._bind()
|
||||
# encoding crap
|
||||
attrs_str = self.attrs_pretreatment(attrs)
|
||||
|
||||
|
||||
attrs_str['objectClass'] = self.objectclasses
|
||||
# construct is DN
|
||||
dn = \
|
||||
self._str(self.dn_user_attr) +\
|
||||
'=' +\
|
||||
self._str(attrs[self.dn_user_attr]) +\
|
||||
',' +\
|
||||
self._str(self.dn_user_attr) + \
|
||||
'=' + \
|
||||
self._str(attrs[self.dn_user_attr]) + \
|
||||
',' + \
|
||||
self._str(self.userdn)
|
||||
# gen the ldif fir add_s and add the user
|
||||
ldif = modlist.addModlist(attrs_str)
|
||||
|
@ -127,7 +127,7 @@ class WrongParamValue(Exception):
|
||||
self.param = param
|
||||
possible_values_str = string.join(possible_values, ', ')
|
||||
self.log = \
|
||||
"wrong value for param '%(param)s' in section '%(section)s'"\
|
||||
"wrong value for param '%(param)s' in section '%(section)s'" \
|
||||
", possible values are [%(values)s]" % \
|
||||
{
|
||||
'param': param,
|
||||
@ -167,7 +167,7 @@ class PasswordAttributesCollision(Exception):
|
||||
self.key = key
|
||||
self.log = \
|
||||
"key '" + key + "' type is password," \
|
||||
" keys '" + key + "1' and '" + key + "2'"\
|
||||
" keys '" + key + "1' and '" + key + "2'" \
|
||||
" are reserved and cannot be used"
|
||||
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user