return lower_first_name, lower_last_name
+ # XXX JORDAN: This function writes an error in the log but returns normally :))
def choose_sets_chars_for_login(self, lower_first_name, lower_last_name):
"""
logger.error("LDAP LdapGenerateUniqueLogin failed : \
impossible to generate unique login for %s %s"
% (lower_first_name, lower_last_name))
+ logger.debug("JORDAN choose_sets_chars_for_login %d %s" % (index, login))
return index, login
def generate_password(self):
if index >= 9:
logger.error("LoginException : Generation login error \
with minimum four characters")
+ break
else:
try:
login = \
lower_last_name[0:
self.login_pwd.login_max_length
- index]
+ logger.debug("JORDAN trying login: %r" % login)
login_filter = '(uid=' + login + ')'
except KeyError:
print "lower_first_name - lower_last_name too short"
:rtype: string
"""
+ logger.debug("JORDAN make_ldap_filters_from_record: %r" % record)
req_ldap = ''
req_ldapdict = {}
if record :
:rtype: dict
"""
+ logger.debug("JORDAN make_ldap_attributes_from_record: %r" % record)
attrs = {}
attrs['objectClass'] = ["top", "person", "inetOrgPerson",
return attrs
-
def LdapAddUser(self, record) :
"""Add SFA user to LDAP if it is not in LDAP yet.
.. seealso:: make_ldap_filters_from_record
"""
- logger.debug(" \r\n \t LDAP LdapAddUser \r\n\r\n ================\r\n ")
- user_ldap_attrs = self.make_ldap_attributes_from_record(record)
-
- #Check if user already in LDAP wih email, first name and last name
- filter_by = self.make_ldap_filters_from_record(user_ldap_attrs)
- user_exist = self.LdapSearch(filter_by)
- if user_exist:
- logger.warning(" \r\n \t LDAP LdapAddUser user %s %s \
- already exists" % (user_ldap_attrs['sn'],
- user_ldap_attrs['mail']))
- return {'bool': False}
-
- #Bind to the server
- result = self.conn.connect()
-
- if(result['bool']):
-
- # A dict to help build the "body" of the object
- logger.debug(" \r\n \t LDAP LdapAddUser attrs %s "
- % user_ldap_attrs)
-
+ filter_by = self.make_ldap_filters_from_record({'email' : record['email']})
+ user = self.LdapSearch(filter_by)
+ if user:
+ logger.debug("LDAPapi.py user ldap exist \t%s" % user)
+ # user = [('uid=saint,ou=People,dc=senslab,dc=info', {'uid': ['saint'], 'givenName': ['Fred'], ...})]
+ return {'bool': True, 'uid': user[0][1]['uid'][0]}
+ else:
+ self.conn.connect()
+ user_ldap_attrs = self.make_ldap_attributes_from_record(record)
+ logger.debug("LDAPapi.py user ldap doesn't exist \t%s" % user_ldap_attrs)
# The dn of our new entry/object
dn = 'uid=' + user_ldap_attrs['uid'] + "," + self.baseDN
-
try:
ldif = modlist.addModlist(user_ldap_attrs)
- logger.debug("LDAPapi.py add attrs %s \r\n ldif %s"
- % (user_ldap_attrs, ldif))
self.conn.ldapserv.add_s(dn, ldif)
-
- logger.info("Adding user %s login %s in LDAP"
- % (user_ldap_attrs['cn'], user_ldap_attrs['uid']))
except ldap.LDAPError, error:
logger.log_exc("LDAP Add Error %s" % error)
return {'bool': False, 'message': error}
-
self.conn.close()
return {'bool': True, 'uid': user_ldap_attrs['uid']}
- else:
- return result
-
+
+
def LdapDelete(self, person_dn):
"""Deletes a person in LDAP. Uses the dn of the user.
.. seealso:: make_ldap_filters_from_record for req_ldap format.
"""
+ logger.debug("JORDAN LdapSearch, req_ldap=%r, expected_fields=%r" % (req_ldap, expected_fields))
result = self.conn.connect(bind=False)
if (result['bool']):
#then the login is different from the one found in its hrn
if tmpname != hrn.split('.')[1]:
hrn = None
+ else:
+ hrn = None
+
+ if hrn is None:
results = {
'type': 'user',
'pkey': ldapentry['sshPublicKey'],
'authority': parent_hrn,
'peer_authority': peer_authority,
'pointer': -1,
- 'hrn': hrn,
}
else:
#hrn = None
'authority': parent_hrn,
'peer_authority': peer_authority,
'pointer': -1,
+ 'hrn': hrn,
}
return results
:rtype: dict or list
"""
+ logger.debug("JORDAN LdapFindUser record=%r, is_user_enabled=%r, expected_fields=%r" % (record, is_user_enabled, expected_fields))
+
custom_record = {}
if is_user_enabled:
custom_record['enabled'] = is_user_enabled
git://git.onelab.eu / sfa.git / blobdiff