return lower_first_name, lower_last_name
+ # XXX JORDAN: This function writes an error in the log but returns normally :))
def choose_sets_chars_for_login(self, lower_first_name, lower_last_name):
"""
logger.error("LDAP LdapGenerateUniqueLogin failed : \
impossible to generate unique login for %s %s"
% (lower_first_name, lower_last_name))
+ logger.debug("JORDAN choose_sets_chars_for_login %d %s" % (index, login))
return index, login
def generate_password(self):
if index >= 9:
logger.error("LoginException : Generation login error \
with minimum four characters")
+ break
else:
try:
login = \
lower_last_name[0:
self.login_pwd.login_max_length
- index]
+ logger.debug("JORDAN trying login: %r" % login)
login_filter = '(uid=' + login + ')'
except KeyError:
print "lower_first_name - lower_last_name too short"
:rtype: string
"""
+ logger.debug("JORDAN make_ldap_filters_from_record: %r" % record)
req_ldap = ''
req_ldapdict = {}
if record :
if record['first_name'] != record['last_name']:
req_ldapdict['cn'] = str(record['first_name'])+" "\
+ str(record['last_name'])
+ if 'uid' in record:
+ req_ldapdict['uid'] = record['uid']
if 'email' in record:
req_ldapdict['mail'] = record['email']
if 'mail' in record:
:rtype: dict
"""
+ logger.debug("JORDAN make_ldap_attributes_from_record: %r" % record)
attrs = {}
attrs['objectClass'] = ["top", "person", "inetOrgPerson",
return attrs
-
def LdapAddUser(self, record) :
"""Add SFA user to LDAP if it is not in LDAP yet.
"""
logger.debug(" \r\n \t LDAP LdapAddUser \r\n\r\n ================\r\n ")
user_ldap_attrs = self.make_ldap_attributes_from_record(record)
+ logger.debug("JORDAN LdapAddUser (ctd) user_ldap_attrs=%r" % user_ldap_attrs)
#Check if user already in LDAP wih email, first name and last name
filter_by = self.make_ldap_filters_from_record(user_ldap_attrs)
+ logger.debug("JORDAN LdapAddUser (ctd) filter_by = %r" % filter_by)
user_exist = self.LdapSearch(filter_by)
+ logger.debug("JORDAN LdapAddUser (ctd) user_exist = %r" % user_exist)
if user_exist:
logger.warning(" \r\n \t LDAP LdapAddUser user %s %s \
already exists" % (user_ldap_attrs['sn'],
#Bind to the server
result = self.conn.connect()
+ logger.debug("JORDAN LdapAddUser (ctd) result = %r" % result)
if(result['bool']):
.. seealso:: make_ldap_filters_from_record for req_ldap format.
"""
+ logger.debug("JORDAN LdapSearch, req_ldap=%r, expected_fields=%r" % (req_ldap, expected_fields))
result = self.conn.connect(bind=False)
if (result['bool']):
parent_hrn = None
peer_authority = None
- if 'hrn' in record:
+ # If the user is coming from External authority (e.g. OneLab)
+ # Then hrn is None, it should be filled in by the creation of Ldap User
+ # XXX LOIC !!! What if a user email is in 2 authorities?
+ if 'hrn' in record and record['hrn'] is not None:
hrn = record['hrn']
parent_hrn = get_authority(hrn)
if parent_hrn != self.authname:
else:
hrn = None
- results = {
- 'type': 'user',
- 'pkey': ldapentry['sshPublicKey'],
- #'uid': ldapentry[1]['uid'][0],
- 'uid': tmpname,
- 'email': tmpemail,
- #'email': ldapentry[1]['mail'][0],
- 'first_name': ldapentry['givenName'][0],
- 'last_name': ldapentry['sn'][0],
- #'phone': 'none',
- 'serial': 'none',
- 'authority': parent_hrn,
- 'peer_authority': peer_authority,
- 'pointer': -1,
- 'hrn': hrn,
- }
+ if hrn is None:
+ results = {
+ 'type': 'user',
+ 'pkey': ldapentry['sshPublicKey'],
+ #'uid': ldapentry[1]['uid'][0],
+ 'uid': tmpname,
+ 'email': tmpemail,
+ #'email': ldapentry[1]['mail'][0],
+ 'first_name': ldapentry['givenName'][0],
+ 'last_name': ldapentry['sn'][0],
+ #'phone': 'none',
+ 'serial': 'none',
+ 'authority': parent_hrn,
+ 'peer_authority': peer_authority,
+ 'pointer': -1,
+ }
+ else:
+ #hrn = None
+ results = {
+ 'type': 'user',
+ 'pkey': ldapentry['sshPublicKey'],
+ #'uid': ldapentry[1]['uid'][0],
+ 'uid': tmpname,
+ 'email': tmpemail,
+ #'email': ldapentry[1]['mail'][0],
+ 'first_name': ldapentry['givenName'][0],
+ 'last_name': ldapentry['sn'][0],
+ #'phone': 'none',
+ 'serial': 'none',
+ 'authority': parent_hrn,
+ 'peer_authority': peer_authority,
+ 'pointer': -1,
+ 'hrn': hrn,
+ }
return results
def LdapFindUser(self, record=None, is_user_enabled=None,
:rtype: dict or list
"""
+ logger.debug("JORDAN LdapFindUser record=%r, is_user_enabled=%r, expected_fields=%r" % (record, is_user_enabled, expected_fields))
+
custom_record = {}
if is_user_enabled:
custom_record['enabled'] = is_user_enabled
return None
#Asked for a specific user
if record is not None:
+ logger.debug("LOIC - record = %s" % record)
results = self._process_ldap_info_for_one_user(record, result_data)
else:
#Asked for all users in ldap
results = self._process_ldap_info_for_all_users(result_data)
- return results
\ No newline at end of file
+ return results