sfa/senslab/LDAPapi.py

   1
   2
   3
   4 import ldap
   5 from sfa.util.config import *
   6 from sfa.trust.gid import *
   7 from sfa.trust.hierarchy import *
   8 from sfa.trust.auth import *
   9 from sfa.trust.certificate import *
  10
  11 class LDAPapi :
  12         def __init__(self, record_filter = None):
  13                 self.ldapserv=ldap.open("192.168.0.251")
  14                 self.senslabauth=Hierarchy()
  15                 config=Config()
  16                 self.authname=config.SFA_REGISTRY_ROOT_AUTH
  17                 authinfo=self.senslabauth.get_auth_info(self.authname)
  18
  19                 self.auth=Auth()
  20                 gid=authinfo.get_gid_object()
  21                 self.ldapdictlist = ['type',
  22                                 'pkey',
  23                                 'uid',
  24                                 'serial',
  25                                 'authority',
  26                                 'peer_authority',
  27                                 'pointer' ,
  28                                 'hrn']
  29
  30         def ldapFind(self, record_filter = None, columns=None):
  31
  32                 results = []
  33
  34                 if 'authority' in record_filter:
  35                 # ask for authority
  36                         if record_filter['authority']==self.authname:
  37                                 # which is SFA_REGISTRY_ROOT_AUTH
  38                                 # request all records which are under our authority, ie all ldap entries
  39                                 ldapfilter="cn=*"
  40                         else:
  41                                 #which is NOT SFA_REGISTRY_ROOT_AUTH
  42                                 return []
  43                 else :
  44                         if not 'hrn' in record_filter:
  45                                 print >>sys.stderr,"find : don't know how to handle filter ",record_filter
  46                                 return []
  47                         else:
  48                                 hrns=[]
  49                                 h=record_filter['hrn']
  50                                 if  isinstance(h,list):
  51                                         hrns=h
  52                                 else :
  53                                         hrns.append(h)
  54
  55                                 ldapfilter="(|"
  56                                 for hrn in hrns:
  57                                         splited_hrn=hrn.split(".")
  58                                         if splited_hrn[0] != self.authname :
  59                                                 print >>sys.stderr,"i know nothing about",hrn, " my authname is ", self.authname, " not ", splited_hrn[0]
  60                                         else :
  61                                                 login=splited_hrn[1]
  62                                                 ldapfilter+="(uid="
  63                                                 ldapfilter+=login
  64                                                 ldapfilter+=")"
  65                                 ldapfilter+=")"
  66
  67
  68                 rindex=self.ldapserv.search("ou=people,dc=senslab,dc=info",ldap.SCOPE_SUBTREE,ldapfilter, ['mail','givenName', 'sn', 'uid','sshPublicKey'])
  69                 ldapresponse=self.ldapserv.result(rindex,1)
  70                 for ldapentry in ldapresponse[1]:
  71                         hrn=self.authname+"."+ldapentry[1]['uid'][0]
  72 #                       uuid=create_uuid()
  73
  74 #                       RSA_KEY_STRING=ldapentry[1]['sshPublicKey'][0]
  75
  76 #                       pkey=convert_public_key(RSA_KEY_STRING)
  77
  78 #                       gid=self.senslabauth.create_gid("urn:publicid:IDN+"+self.authname+"+user+"+ldapentry[1]['uid'][0], uuid, pkey, CA=False)
  79
  80                         parent_hrn = get_authority(hrn)
  81                         parent_auth_info = self.senslabauth.get_auth_info(parent_hrn)
  82
  83                         results.append(  {
  84                                 'type': 'user',
  85                                 'pkey': ldapentry[1]['sshPublicKey'][0],
  86                                 'uid': ldapentry[1]['uid'][0],
  87 #                               'email': ldapentry[1]['mail'][0],
  88 #                               'first_name': ldapentry[1]['givenName'][0],
  89 #                               'last_name': ldapentry[1]['sn'][0],
  90 #                               'phone': 'none',
  91                                 'serial': 'none',
  92                                 'authority': self.authname,
  93                                 'peer_authority': '',
  94                                 'pointer' : -1,
  95                                 'hrn': hrn,
  96                                 } )
  97                 return results