PLC/LDAP.py

   1 #
   2 # LDAP interface.
   3 # Tony Mack  <tmack@cs.princeton.edu>
   4 # Copyright (C) 2006 The Trustees of Princeton University
   5 #
   6
   7 import ldap
   8 import traceback
   9 from PLC.Debug import profile
  10 from PLC.Faults import *
  11
  12
  13 class LDAP:
  14     def __init__(self, api):
  15         self.api = api
  16         self.debug = False
  17 #        self.debug = True
  18         self.connection = None
  19         self.async = False
  20
  21     def bind(self, async=False):
  22         self.async = async
  23         if self.connection is None:
  24             try:
  25                 if self.api.config.PLC_LDAP_SECURE:
  26                     url = 'ldaps://%s' % \
  27                           (self.api.config.PLC_LDAP_HOST, self.api.config.PLC_LDAP_PORT)
  28                 else:
  29                     url = 'ldap://%s' % \
  30                            (self.api.config.PLC_LDAP_HOST, self.api.config.PLC_LDAP_PORT)
  31                 self.connection = ldap.open(url)
  32                 dn = self.api.config.PLC_LDAP_ROOT_DN
  33                 pw = self.api.config.PLC_LDAP_ROOT_PASSWORD
  34                 if async:
  35                    self.connection.bind(dn, pw, ldap.AUTH_SIMPLE)
  36                 else:
  37                    self.connection.bind_s(dn, pw, ldap.AUTH_SIMPLE)
  38             except ldap.LDAPError, e:
  39                 raise PLCLDAPError, "Unable to bind to server: %s" % e
  40         return connection
  41
  42     def close(self):
  43         """
  44         Close the connection
  45         """
  46         if self.connection is not None:
  47             self.connection.unbind()
  48             self.connection = None
  49
  50     def pl_to_ldap(self, filter):
  51         """
  52         Convert pl fields to ldap fields
  53         """
  54         ldap_filter = {'objectClass': '*'}
  55         if 'first_name' in filter and 'last_name' in filter:
  56             ldap_filter['cn'] = "%s %s" % \
  57                     (filter['first_name'], filter['last_name'])
  58         for key in filter:
  59             if key == 'email':
  60                 ldap_filter['mail'] = filter['email']
  61             if key ==  'objectClass':
  62                 ldap_filter['objectClass'] = filter['objectClass']
  63
  64         return ldap_filter
  65
  66     def to_ldap_filter(search_filter):
  67         search_filter = pl_to_ldap(search_filter)
  68         values = []
  69         for (key,value) in search_filter.items():
  70             values.append("(%s=%s)" % (key,value))
  71
  72         return "(&%s)" % "".join(values)
  73
  74     def to_list_of_dicts(results_list):
  75         """
  76         Convert ldap search results to a list of dicts
  77         """
  78         results = []
  79         for (dn, result_dict) in result_list:
  80             result_dict['dn'] = dn
  81             results.append(result_dict)
  82         return results
  83
  84     def search(self, search_filter):
  85         """
  86         Search the ldap directory
  87         """
  88         self.bind()
  89         dn = self.api.config.PLC_LDAP_SUFFIX
  90         scope = ldap.SCOPE_SUBTREE
  91         filter = to_ldap_filter(search_filter)
  92         # always do synchronous searchers
  93         search = self.connection.search_s
  94         results = to_list_of_dicts(search(dn, scope, filter))
  95         self.close()
  96         return results
  97
  98     def add(self, record, type):
  99         """
 100         Add to the ldap directory
 101         """
 102         self.bind()
 103         self.close()
 104
 105     def update(self, record):
 106         """
 107         Update a record in the ldap directory
 108         """
 109         self.bind()
 110         self.close()
 111
 112     def remove(self, record):
 113         """
 114         Remove a record from the ldap directory
 115         """
 116         self.bind()
 117         self.close()