From de52f65b3a38d6a9f70793b1a96a091a6b7205c2 Mon Sep 17 00:00:00 2001 From: Sandrine Avakian Date: Wed, 16 May 2012 14:38:48 +0200 Subject: [PATCH] Rmoved parse_filter in GetPersons. Modified LDAP.PY : ldapFinHrn not used anymore, use ldapSearch instead. --- sfa/senslab/LDAPapi.py | 163 +++++++++++++++++++++++++++----------- sfa/senslab/parsing.py | 1 - sfa/senslab/slabdriver.py | 50 +++++++----- sfa/senslab/slabslices.py | 13 ++- 4 files changed, 157 insertions(+), 70 deletions(-) diff --git a/sfa/senslab/LDAPapi.py b/sfa/senslab/LDAPapi.py index 72153cf2..b99f852f 100644 --- a/sfa/senslab/LDAPapi.py +++ b/sfa/senslab/LDAPapi.py @@ -144,38 +144,52 @@ class LDAPapi : return {'bool': True} else: return result - return - - def parse_record(self, record): + return + + + def ldapModify(self, record_filter, new_fileds): + person = self.ldapSearch(record_filter) + if person: + result = self.conn.connect() + if(result['bool']): + req_ldap = self.parse_record(record_filter) + + #TODO Handle OR filtering in the ldap query when + #dealing with a list of records instead of doing a for loop in GetPersons + def parse_record(self, record=None): + req_ldapdict = {} - if 'first_name' in record and 'last_name' in record: - req_ldapdict['cn'] = str(record['first_name'])+" "+str(record['last_name']) - if 'email' in record : - req_ldapdict['mail'] = record['email'] - if 'hrn' in record : - splited_hrn = record['hrn'].split(".") - if splited_hrn[0] != self.authname : - print >>sys.stderr,"i know nothing about",record['hrn'], " my authname is ", self.authname, " not ", splited_hrn[0] - login=splited_hrn[1] - req_ldapdict['uid'] = login + if record : + if 'first_name' in record and 'last_name' in record: + req_ldapdict['cn'] = str(record['first_name'])+" "+str(record['last_name']) + if 'email' in record : + req_ldapdict['mail'] = record['email'] + if 'hrn' in record : + splited_hrn = record['hrn'].split(".") + if splited_hrn[0] != self.authname : + print >>sys.stderr,"i know nothing about",record['hrn'], " my authname is ", self.authname, " not ", splited_hrn[0] + login=splited_hrn[1] + if login == 'avakian': + login = 'savakian' + req_ldapdict['uid'] = login - req_ldap='' - print >>sys.stderr, "\r\n \r\n \t LDAP.PY \t\t parse_record record %s req_ldapdict %s" %(record,req_ldapdict) - for k in req_ldapdict: - req_ldap += '('+str(k)+'='+str(req_ldapdict[k])+')' - if len(req_ldapdict.keys()) >1 : - req_ldap = req_ldap[:0]+"(&"+req_ldap[0:] - size = len(req_ldap) - req_ldap= req_ldap[:(size-1)] +')'+ req_ldap[(size-1):] + req_ldap='' + print >>sys.stderr, "\r\n \r\n \t LDAP.PY \t\t parse_record record %s req_ldapdict %s" %(record,req_ldapdict) + for k in req_ldapdict: + req_ldap += '('+str(k)+'='+str(req_ldapdict[k])+')' + if len(req_ldapdict.keys()) >1 : + req_ldap = req_ldap[:0]+"(&"+req_ldap[0:] + size = len(req_ldap) + req_ldap= req_ldap[:(size-1)] +')'+ req_ldap[(size-1):] + else: + req_ldap = "(cn*)" return req_ldap - - def parse_ldapresults(self, ldapentry): - return + - - def ldapSearch (self, record ): + #Returns one matching entry + def ldapSearch (self, record = None ): self.conn.connect(bind = False) #self.connect() @@ -184,28 +198,47 @@ class LDAPapi : try: msg_id=self.conn.ldapserv.search(self.baseDN,ldap.SCOPE_SUBTREE,req_ldap, ['mail','givenName', 'sn', 'uid','sshPublicKey']) #Get all the results matching the search from ldap in one shot (1 value) - result_type, result_data=self.conn.ldapserv.result(msg_id,1) - results = [] + result_type, result_data = self.conn.ldapserv.result(msg_id,1) + #results = [] print >>sys.stderr, "\r\n \r\n \t LDAP.PY \t\t ldapSearch result_data %s" %(result_data) - - ldapentry = result_data[0][1] - print >>sys.stderr, "\r\n \r\n \t LDAP.PY \t\t ldapSearch ldapentry %s" %(ldapentry) - tmpname = ldapentry['uid'][0] - if ldapentry['uid'][0] == "savakian": - tmpname = 'avakian' - - tmpemail = ldapentry['mail'][0] - if ldapentry['mail'][0] == "unknown": - tmpemail = None + #Asked for a specific user + if record: + ldapentry = result_data[0][1] + print >>sys.stderr, "\r\n \r\n \t LDAP.PY \t\t ldapSearch ldapentry %s" %(ldapentry) + tmpname = ldapentry['uid'][0] - hrn = record['hrn'] - parent_hrn = get_authority(hrn) - peer_authority = None - if parent_hrn is not self.authname: - peer_authority = parent_hrn + if ldapentry['uid'][0] == "savakian": + tmpname = 'avakian' + + tmpemail = ldapentry['mail'][0] + if ldapentry['mail'][0] == "unknown": + tmpemail = None - results.append( { + hrn = record['hrn'] + parent_hrn = get_authority(hrn) + peer_authority = None + if parent_hrn is not self.authname: + peer_authority = parent_hrn + + #results.append( { + #'type': 'user', + #'pkey': ldapentry['sshPublicKey'][0], + ##'uid': ldapentry[1]['uid'][0], + #'uid': tmpname , + #'email':tmpemail, + ##'email': ldapentry[1]['mail'][0], + #'first_name': ldapentry['givenName'][0], + #'last_name': ldapentry['sn'][0], + ## 'phone': 'none', + #'serial': 'none', + #'authority': parent_hrn, + #'peer_authority': peer_authority, + #'pointer' : -1, + #'hrn': hrn, + #} ) + + results= { 'type': 'user', 'pkey': ldapentry['sshPublicKey'][0], #'uid': ldapentry[1]['uid'][0], @@ -214,14 +247,50 @@ class LDAPapi : #'email': ldapentry[1]['mail'][0], 'first_name': ldapentry['givenName'][0], 'last_name': ldapentry['sn'][0], -# 'phone': 'none', + #'phone': 'none', 'serial': 'none', 'authority': parent_hrn, 'peer_authority': peer_authority, 'pointer' : -1, 'hrn': hrn, - } ) - return results + } + else: + #Asked for all users in ldap + results = [] + for ldapentry in result_data[1]: + + tmpname = ldapentry[1]['uid'][0] + + if ldapentry[1]['uid'][0] == "savakian": + tmpname = 'avakian' + + hrn=self.authname+"."+ tmpname + + tmpemail = ldapentry[1]['mail'][0] + if ldapentry[1]['mail'][0] == "unknown": + tmpemail = None + + + parent_hrn = get_authority(hrn) + parent_auth_info = self.senslabauth.get_auth_info(parent_hrn) + + results.append( { + 'type': 'user', + 'pkey': ldapentry[1]['sshPublicKey'][0], + #'uid': ldapentry[1]['uid'][0], + 'uid': tmpname , + 'email':tmpemail, + #'email': ldapentry[1]['mail'][0], + 'first_name': ldapentry[1]['givenName'][0], + 'last_name': ldapentry[1]['sn'][0], +# 'phone': 'none', + 'serial': 'none', + 'authority': self.authname, + 'peer_authority': '', + 'pointer' : -1, + 'hrn': hrn, + } ) + return results except ldap.LDAPError,e : diff --git a/sfa/senslab/parsing.py b/sfa/senslab/parsing.py index a1604dd5..3f459135 100644 --- a/sfa/senslab/parsing.py +++ b/sfa/senslab/parsing.py @@ -1,5 +1,4 @@ -# import modules used here -- sys is a very standard one import sys import httplib import json diff --git a/sfa/senslab/slabdriver.py b/sfa/senslab/slabdriver.py index dcd3d9b6..c5f42a3f 100644 --- a/sfa/senslab/slabdriver.py +++ b/sfa/senslab/slabdriver.py @@ -426,25 +426,38 @@ class SlabDriver(Driver): return return_records - + #TODO : Handling OR request in parse_records instead of the for loop + #over the records' list def GetPersons(self, person_filter=None, return_fields=None): - - #if isinstance(person_filter,list): - #for f in person_filter: - #person = self.ldap.ldapSearch(f) - #if isinstance(person_filter,dict): - person_list = self.ldap.ldapFindHrn({'authority': self.root_auth }) - - #check = False - #if person_filter and isinstance(person_filter, dict): - #for k in person_filter.keys(): - #if k in person_list[0].keys(): - #check = True + """ + person_filter should be a list of dictionnaries when not set to None. + Returns a list of users found. + + """ + print>>sys.stderr, "\r\n \r\n \t\t\t GetPersons person_filter %s" %(person_filter) + person_list = [] + if person_filter and isinstance(person_filter,list): + #If we are looking for a list of users (list of dict records) + #Usually the list contains only one user record + for f in person_filter: + person = self.ldap.ldapSearch(f) + person_list.append(person) + + else: + person_list = self.ldap.ldapSearch() + + return person_list + #person_list = self.ldap.ldapFindHrn({'authority': self.root_auth }) + ##check = False + ##if person_filter and isinstance(person_filter, dict): + ##for k in person_filter.keys(): + ##if k in person_list[0].keys(): + ##check = True - return_person_list = parse_filter(person_list,person_filter ,'persons', return_fields) - if return_person_list: - print>>sys.stderr, " \r\n GetPersons person_filter %s return_fields %s " %(person_filter,return_fields) - return return_person_list + #return_person_list = parse_filter(person_list,person_filter ,'persons', return_fields) + #if return_person_list: + #print>>sys.stderr, " \r\n GetPersons person_filter %s return_fields %s " %(person_filter,return_fields) + #return return_person_list def GetTimezone(self): server_timestamp,server_tz = self.oar.parser.SendRequest("GET_timezone") @@ -905,7 +918,8 @@ class SlabDriver(Driver): 'person_ids':[rec['record_id_user']]}) #retourne une liste 100512 - user_slab = self.GetPersons({'hrn':recuser.hrn}) + #GetPersons takes [] as filters + user_slab = self.GetPersons([{'hrn':recuser.hrn}]) rec.update({'type':'slice','hrn':rec['slice_hrn']}) diff --git a/sfa/senslab/slabslices.py b/sfa/senslab/slabslices.py index 715e3b68..131b4a57 100644 --- a/sfa/senslab/slabslices.py +++ b/sfa/senslab/slabslices.py @@ -346,8 +346,13 @@ class SlabSlices: #Check if user is in LDAP using its hrn. #Assuming Senslab is centralised : one LDAP for all sites, user_id unknown from LDAP # LDAP does not provide users id, therfore we rely on hrns - if users_by_hrn: - existing_users = self.driver.GetPersons({'hrn': users_by_hrn.keys()}) + if users_by_hrn: + #Construct the list of filters for GetPersons + filter_user = [] + for hrn in users_by_hrn: + filter_user.append ( {'hrn':hrn}) + existing_users = self.driver.GetPersons(filter_user) + #existing_users = self.driver.GetPersons({'hrn': users_by_hrn.keys()}) #existing_users = self.driver.GetPersons({'hrn': users_by_hrn.keys()}, #['hrn','pkey']) if existing_users: @@ -381,10 +386,10 @@ class SlabSlices: requested_user_hrns = users_by_hrn.keys() print>>sys.stderr, " \r\n \r\n \t slabslices.py verify_person requested_user_ids %s user_by_hrn %s " %( requested_user_ids,users_by_hrn) # existing slice users - existing_slice_users_filter = {'hrn': slice_record.get('PI', [])} + existing_slice_users_filter = {'hrn': slice_record['PI'][0]} print>>sys.stderr, " \r\n \r\n slices.py verify_person requested_user_ids %s existing_slice_users_filter %s slice_record %s" %(requested_user_ids,existing_slice_users_filter,slice_record) - existing_slice_users = self.driver.GetPersons(existing_slice_users_filter) + existing_slice_users = self.driver.GetPersons([existing_slice_users_filter]) #existing_slice_users = self.driver.GetPersons(existing_slice_users_filter,['hrn','pkey']) print>>sys.stderr, " \r\n \r\n slices.py verify_person existing_slice_users %s " %(existing_slice_users) -- 2.43.0