diff --git a/ldapcherry/exceptions.py b/ldapcherry/exceptions.py index bc8517d..44fb287 100644 --- a/ldapcherry/exceptions.py +++ b/ldapcherry/exceptions.py @@ -12,8 +12,11 @@ class MissingParameter(Exception): self.log = "missing parameter <%(key)s> in section <%(section)s>" % { 'key' : key, 'section' : section } class MissingKey(Exception): - def __init__(self, key): + def __init__(self, key, section, ymlfile): self.key = key + self.section = section + self.ymlfile = ymlfile + self.log = "missing key <%(key)s> in section <%(section)s> inside file <%(ymlfile)s>" % {'key': key, 'section': section, 'ymlfile': ymlfile } class DumplicateRoleKey(Exception): def __init__(self, role): diff --git a/ldapcherry/roles.py b/ldapcherry/roles.py index 358316c..9479a78 100644 --- a/ldapcherry/roles.py +++ b/ldapcherry/roles.py @@ -8,6 +8,7 @@ import os import sys +from sets import Set from ldapcherry.pyyamlwrapper import loadNoDump from ldapcherry.pyyamlwrapper import DumplicatedKey from ldapcherry.exceptions import DumplicateRoleKey, MissingKey, DumplicateRoleContent, MissingRolesFile @@ -16,6 +17,8 @@ from ldapcherry.exceptions import DumplicateRoleKey, MissingKey, DumplicateRoleC class Roles: def __init__(self, role_file): + self.role_file = role_file + self.backends = Set([]) try: stream = open(role_file, 'r') except: @@ -29,6 +32,24 @@ class Roles: def _nest(self): """nests the roles (creates roles hierarchy)""" + for roleid in self.roles_raw: + role = self.roles_raw[roleid] + + # Display name is mandatory + if not 'display_name' in role: + raise MissingKey('display_name', role, self.role_file) + + # Backend is mandatory + if not 'backends' in role: + raise MissingKey('backends', role, self.role_file) + + # Create the list of backends + for backend in role['backends']: + self.backends.add(backend['name']) + + # Create the nested groups + for roleid2 in self.roles_raw: + role2 = self.roles_raw[roleid2] self.roles = self.roles_raw def write(self, out_file): diff --git a/tests/cfg/roles.yml b/tests/cfg/roles.yml index a6ca291..fd8c9ee 100644 --- a/tests/cfg/roles.yml +++ b/tests/cfg/roles.yml @@ -2,13 +2,13 @@ admin-lv3: display_name: Administrators Level 3 LC_admins: True backends: - - backend_name: ldap + - name: ldap groups: - cn=dns admins,ou=group,dc=example,dc=com - cn=nagios admins,ou=group,dc=example,dc=com - cn=puppet admins,ou=group,dc=example,dc=com - cn=users,ou=group,dc=example,dc=com - - backend_name: ad + - name: ad groups: - Domain Users - Administrators @@ -17,32 +17,32 @@ admin-lv3: admin-lv2: display_name: Administrators Level 2 backends: - - backend_name: ldap + - name: ldap groups: - cn=nagios admins,ou=group,dc=example,dc=com - cn=users,ou=group,dc=example,dc=com - - backend_name: ad + - name: ad groups: - Domain Users developpers: - diplay_name: Developpers + display_name: Developpers backends: - - backend_name: ldap + - name: ldap groups: - cn=nagios user,ou=group,dc=example,dc=com - cn=developpers,ou=group,dc=example,dc=com - cn=users,ou=group,dc=example,dc=com - - backend_name: ad + - name: ad groups: - Domain Users users: - diplay_name: Simple Users + display_name: Simple Users backends: - - backend_name: ldap + - name: ldap groups: - cn=users,ou=group,dc=example,dc=com - - backend_name: ad + - name: ad groups: - Domain Users