3 from sfa.util.xrn import Xrn,get_authority
5 from sfa.util.config import *
6 from sfa.trust.gid import *
7 from sfa.trust.hierarchy import *
8 from sfa.trust.auth import *
9 from sfa.trust.certificate import *
12 def __init__(self, record_filter = None):
13 self.senslabauth=Hierarchy()
15 self.authname=config.SFA_REGISTRY_ROOT_AUTH
16 authinfo=self.senslabauth.get_auth_info(self.authname)
20 gid=authinfo.get_gid_object()
21 self.ldapdictlist = ['type',
29 self.baseDN = "ou=people,dc=senslab,dc=info"
32 self.ldapserv=ldap.open("192.168.0.251")
34 def authenticate(self):
35 self.l = ldap.initialize("ldaps://192.168.0.251:636/")
37 # Bind/authenticate with a user with apropriate rights to add objects
38 self.l = simple_bind_s(" ","")
40 def ldapAdd(self, record) :
45 def parse_record(self, record):
47 if 'first_name' in record and 'last_name' in record:
48 req_ldapdict['cn'] = str(record['first_name'])+" "+str(record['last_name'])
49 if 'email' in record :
50 req_ldapdict['mail'] = record['email']
53 print >>sys.stderr, "\r\n \r\n \t LDAP.PY \t\t parse_record record %s req_ldapdict %s" %(record,req_ldapdict)
54 for k in req_ldapdict:
55 req_ldap += '('+str(k)+'='+str(req_ldapdict[k])+')'
56 if len(req_ldapdict.keys()) >1 :
57 req_ldap = req_ldap[:0]+"(&"+req_ldap[0:]
59 req_ldap= req_ldap[:(size-1)] +')'+ req_ldap[(size-1):]
63 def parse_ldapresults(self, ldapentry):
68 def ldapSearch (self, record ):
72 req_ldap = self.parse_record(record)
73 print >>sys.stderr, "\r\n \r\n \t LDAP.PY \t\t ldapSearch req_ldap %s" %(req_ldap)
75 msg_id=self.ldapserv.search(self.baseDN,ldap.SCOPE_SUBTREE,req_ldap, ['mail','givenName', 'sn', 'uid','sshPublicKey'])
76 #Get all the results matching the search from ldap in one shot (1 value)
77 result_type, result_data=self.ldapserv.result(msg_id,1)
79 print >>sys.stderr, "\r\n \r\n \t LDAP.PY \t\t ldapSearch result_data %s" %(result_data)
80 #Dafuq is this result_data shit ??
81 ldapentry = result_data[0][1]
82 #print>>sys.stderr, " \r\n \t LDAP : ! mail ldapentry[1]['mail'][0] %s " %(ldapentry[1]['mail'][0])
83 print >>sys.stderr, "\r\n \r\n \t LDAP.PY \t\t ldapSearch ldapentry %s" %(ldapentry)
84 tmpname = ldapentry['uid'][0]
86 if ldapentry['uid'][0] == "savakian":
89 tmpemail = ldapentry['mail'][0]
90 if ldapentry['mail'][0] == "unknown":
94 parent_hrn = get_authority(hrn)
96 if parent_hrn is not self.authname:
97 peer_authority = parent_hrn
101 'pkey': ldapentry['sshPublicKey'][0],
102 #'uid': ldapentry[1]['uid'][0],
105 #'email': ldapentry[1]['mail'][0],
106 'first_name': ldapentry['givenName'][0],
107 'last_name': ldapentry['sn'][0],
110 'authority': parent_hrn,
111 'peer_authority': peer_authority,
118 except ldap.LDAPError,e :
119 print >>sys.stderr, "ERROR LDAP %s" %(e)
124 def ldapFindHrn(self, record_filter = None):
125 #def ldapFindHrn(self, record_filter = None, columns=None):
129 if 'authority' in record_filter:
131 if record_filter['authority']==self.authname:
132 # which is SFA_REGISTRY_ROOT_AUTH
133 # request all records which are under our authority, ie all ldap entries
136 #which is NOT SFA_REGISTRY_ROOT_AUTH
139 if not 'hrn' in record_filter:
140 print >>sys.stderr,"find : don't know how to handle filter ",record_filter
144 h=record_filter['hrn']
145 if isinstance(h,list):
152 splited_hrn=hrn.split(".")
153 if splited_hrn[0] != self.authname :
154 print >>sys.stderr,"i know nothing about",hrn, " my authname is ", self.authname, " not ", splited_hrn[0]
163 rindex=self.ldapserv.search(self.baseDN,ldap.SCOPE_SUBTREE,ldapfilter, ['mail','givenName', 'sn', 'uid','sshPublicKey'])
164 ldapresponse=self.ldapserv.result(rindex,1)
165 #print>>sys.stderr, " \r\n \t LDAP : ldapresponse %s " %(ldapresponse)
166 for ldapentry in ldapresponse[1]:
167 #print>>sys.stderr, " \r\n \t LDAP : ! mail ldapentry[1]['mail'][0] %s " %(ldapentry[1]['mail'][0])
169 tmpname = ldapentry[1]['uid'][0]
171 if ldapentry[1]['uid'][0] == "savakian":
174 hrn=self.authname+"."+ tmpname
176 tmpemail = ldapentry[1]['mail'][0]
177 if ldapentry[1]['mail'][0] == "unknown":
181 # RSA_KEY_STRING=ldapentry[1]['sshPublicKey'][0]
183 # pkey=convert_public_key(RSA_KEY_STRING)
185 # gid=self.senslabauth.create_gid("urn:publicid:IDN+"+self.authname+"+user+"+ldapentry[1]['uid'][0], uuid, pkey, CA=False)
187 parent_hrn = get_authority(hrn)
188 parent_auth_info = self.senslabauth.get_auth_info(parent_hrn)
192 'pkey': ldapentry[1]['sshPublicKey'][0],
193 #'uid': ldapentry[1]['uid'][0],
196 #'email': ldapentry[1]['mail'][0],
197 'first_name': ldapentry[1]['givenName'][0],
198 'last_name': ldapentry[1]['sn'][0],
201 'authority': self.authname,
202 'peer_authority': '',