sfa/senslab/LDAPapi.py

   1
   2
   3
   4 import ldap
   5 from sfa.util.config import *
   6 from sfa.trust.gid import *
   7 from sfa.trust.hierarchy import *
   8 from sfa.trust.auth import *
   9 from sfa.trust.certificate import *
  10
  11 class LDAPapi :
  12         def __init__(self, record_filter = None):
  13                 self.ldapserv=ldap.open("192.168.0.251")
  14                 self.senslabauth=Hierarchy()
  15                 config=Config()
  16                 self.authname=config.SFA_REGISTRY_ROOT_AUTH
  17                 authinfo=self.senslabauth.get_auth_info(self.authname)
  18
  19                 self.auth=Auth()
  20                 gid=authinfo.get_gid_object()
  21                 self.ldapdictlist = ['type',
  22                                 'pkey',
  23                                 'uid',
  24                                 'serial',
  25                                 'authority',
  26                                 'peer_authority',
  27                                 'pointer' ,
  28                                 'hrn']
  29
  30         def ldapFind(self, record_filter = None, columns=None):
  31
  32                 results = []
  33
  34                 if 'authority' in record_filter:
  35                 # ask for authority
  36                         if record_filter['authority']==self.authname:
  37                                 # which is SFA_REGISTRY_ROOT_AUTH
  38                                 # request all records which are under our authority, ie all ldap entries
  39                                 ldapfilter="cn=*"
  40                         else:
  41                                 #which is NOT SFA_REGISTRY_ROOT_AUTH
  42                                 return []
  43                 else :
  44                         if not 'hrn' in record_filter:
  45                                 print >>sys.stderr,"find : don't know how to handle filter ",record_filter
  46                                 return []
  47                         else:
  48                                 hrns=[]
  49                                 h=record_filter['hrn']
  50                                 if  isinstance(h,list):
  51                                         hrns=h
  52                                 else :
  53                                         hrns.append(h)
  54
  55                                 ldapfilter="(|"
  56                                 for hrn in hrns:
  57                                         splited_hrn=hrn.split(".")
  58                                         if splited_hrn[0] != self.authname :
  59                                                 print >>sys.stderr,"i know nothing about",hrn, " my authname is ", self.authname, " not ", splited_hrn[0]
  60                                         else :
  61                                                 login=splited_hrn[1]
  62                                                 ldapfilter+="(uid="
  63                                                 ldapfilter+=login
  64                                                 ldapfilter+=")"
  65                                 ldapfilter+=")"
  66
  67
  68                 rindex=self.ldapserv.search("ou=people,dc=senslab,dc=info",ldap.SCOPE_SUBTREE,ldapfilter, ['mail','givenName', 'sn', 'uid','sshPublicKey'])
  69                 ldapresponse=self.ldapserv.result(rindex,1)
  70                 for ldapentry in ldapresponse[1]:
  71                         #print>>sys.stderr, " \r\n \t LDAP : ! mail ldapentry[1]['mail'][0] %s " %(ldapentry[1]['mail'][0])
  72
  73                         tmpname = ldapentry[1]['uid'][0]
  74
  75                         if ldapentry[1]['uid'][0] == "savakian":
  76                             tmpname = 'avakian'
  77
  78                         hrn=self.authname+"."+ tmpname
  79
  80                         tmpemail = ldapentry[1]['mail'][0]
  81                         if ldapentry[1]['mail'][0] == "unknown":
  82                             tmpemail = None
  83 #                       uuid=create_uuid()
  84
  85 #                       RSA_KEY_STRING=ldapentry[1]['sshPublicKey'][0]
  86
  87 #                       pkey=convert_public_key(RSA_KEY_STRING)
  88
  89 #                       gid=self.senslabauth.create_gid("urn:publicid:IDN+"+self.authname+"+user+"+ldapentry[1]['uid'][0], uuid, pkey, CA=False)
  90
  91                         parent_hrn = get_authority(hrn)
  92                         parent_auth_info = self.senslabauth.get_auth_info(parent_hrn)
  93
  94                         results.append(  {
  95                                 'type': 'user',
  96                                 'pkey': ldapentry[1]['sshPublicKey'][0],
  97                                 #'uid': ldapentry[1]['uid'][0],
  98                                 'uid': tmpname ,
  99                                 'email':tmpemail,
 100                                 #'email': ldapentry[1]['mail'][0],
 101                                 'first_name': ldapentry[1]['givenName'][0],
 102                                 'last_name': ldapentry[1]['sn'][0],
 103 #                               'phone': 'none',
 104                                 'serial': 'none',
 105                                 'authority': self.authname,
 106                                 'peer_authority': '',
 107                                 'pointer' : -1,
 108                                 'hrn': hrn,
 109                                 } )
 110                 return results