2
# group.py - group entry lookup routines
4
# Copyright (C) 2010, 2011 Arthur de Jong
6
# This library is free software; you can redistribute it and/or
7
# modify it under the terms of the GNU Lesser General Public
8
# License as published by the Free Software Foundation; either
9
# version 2.1 of the License, or (at your option) any later version.
11
# This library is distributed in the hope that it will be useful,
12
# but WITHOUT ANY WARRANTY; without even the implied warranty of
13
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14
# Lesser General Public License for more details.
16
# You should have received a copy of the GNU Lesser General Public
17
# License along with this library; if not, write to the Free Software
18
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26
from passwd import dn2uid, uid2dn
32
yield i.replace('\0', '')
35
attmap = common.Attributes(cn='cn',
37
gidNumber='gidNumber',
38
memberUid='memberUid',
40
filter = '(|(objectClass=posixGroup)(objectClass=groupOfNames))'
43
class GroupRequest(common.Request):
47
def write(self, dn, attributes, parameters):
48
# get group names and check against requested group name
49
names = attributes['cn']
50
if 'cn' in parameters:
51
if parameters['cn'] not in names:
53
names = ( parameters['cn'], )
54
# get group group password
55
passwd = attributes['userPassword'][0]
57
gids = ( parameters['gidNumber'], ) if 'gidNumber' in parameters else attributes['gidNumber']
58
gids = [ int(x) for x in gids ]
62
# add the memberUid values
63
for member in clean(attributes['memberUid']):
64
if common.isvalidname(member):
66
# translate and add the member values
67
for memberdn in clean(attributes['member']):
68
member = dn2uid(self.conn, memberdn)
69
if member and common.isvalidname(member):
71
# actually return the results
73
if not common.isvalidname(name):
74
print 'Warning: group entry %s contains invalid group name: "%s"' % ( dn, name )
77
self.fp.write_int32(constants.NSLCD_RESULT_BEGIN)
78
self.fp.write_string(name)
79
self.fp.write_string(passwd)
80
self.fp.write_gid_t(gid)
81
self.fp.write_stringlist(members)
84
class GroupByNameRequest(GroupRequest):
86
action = constants.NSLCD_ACTION_GROUP_BYNAME
88
def read_parameters(self, fp):
89
name = fp.read_string()
90
common.validate_name(name)
94
class GroupByGidRequest(GroupRequest):
96
action = constants.NSLCD_ACTION_GROUP_BYGID
98
def read_parameters(self, fp):
99
return dict(gidNumber=fp.read_gid_t())
102
class GroupByMemberRequest(GroupRequest):
104
action = constants.NSLCD_ACTION_GROUP_BYMEMBER
107
def __init__(self, *args, **kwargs):
108
super(GroupByMemberRequest, self).__init__(*args, **kwargs)
109
# set up our own attributes that leave out membership attributes
110
self.attmap = common.Attributes(attmap)
111
del self.attmap['memberUid']
112
del self.attmap['member']
114
def read_parameters(self, fp):
115
memberuid = fp.read_string()
116
common.validate_name(memberuid)
117
return dict(memberUid=memberuid)
119
def attributes(self):
120
return self.attmap.attributes()
122
def mk_filter(self, parameters):
123
# we still need a custom mk_filter because this is an | query
124
memberuid = parameters['memberUid']
126
dn = uid2dn(self.conn, memberuid)
128
return '(&%s(|(%s=%s)(%s=%s)))' % ( self.filter,
129
attmap['memberUid'], ldap.filter.escape_filter_chars(memberuid),
130
attmap['member'], ldap.filter.escape_filter_chars(dn) )
131
return '(&%s(%s=%s))' % ( self.filter,
132
attmap['memberUid'], ldap.filter.escape_filter_chars(memberuid) )
135
class GroupAllRequest(GroupRequest):
137
action = constants.NSLCD_ACTION_GROUP_ALL