-
+from sfa.util.xrn import Xrn,get_authority,
import ldap
from sfa.util.config import *
from sfa.trust.gid import *
self.authname=config.SFA_REGISTRY_ROOT_AUTH
authinfo=self.senslabauth.get_auth_info(self.authname)
+
self.auth=Auth()
gid=authinfo.get_gid_object()
self.ldapdictlist = ['type',
'peer_authority',
'pointer' ,
'hrn']
-
- def ldapFind(self, record_filter = None, columns=None):
+ self.baseDN = "ou=people,dc=senslab,dc=info"
+
+ def ldapSearch (self, record ):
+
+ req_ldapdict = {}
+
+ if 'first_name' in record and 'last_name' in record:
+ req_ldapdict['cn'] = str(record['first_name'])+" "+str(record['last_name'])
+ if 'email' in record :
+ req_ldapdict['mail'] = record['email']
+
+ for k in req_ldapdict:
+ req_ldap += '('+str(k)+'='+str(req_ldapdict['k'])+')'
+ if len(req_ldapdict.keys()) >1 :
+ req_ldap = req_ldap[:0]+"(&"+req_ldap[0:]
+ size = len(req_ldap)
+ req_ldap= req_ldap[:(size-1)] +')'+ req_ldap[(size-1):]
+ print >>sys.stderr, "\r\n \r\n \t LDAP.PY \t\t ldapSearch req_ldap %s" %(req_ldap)
+ try:
+ msg_id=self.ldapserv.search(self.baseDN,ldap.SCOPE_SUBTREE,req_ldap, ['mail','givenName', 'sn', 'uid','sshPublicKey'])
+ #Get all the results matching the search from ldap in one shot (1 value)
+ result_type, result_data=self.ldapserv.result(msg_id,1)
+ results = []
+ for ldapentry in result_data[1]:
+ #print>>sys.stderr, " \r\n \t LDAP : ! mail ldapentry[1]['mail'][0] %s " %(ldapentry[1]['mail'][0])
+
+ tmpname = ldapentry[1]['uid'][0]
+
+ if ldapentry[1]['uid'][0] == "savakian":
+ tmpname = 'avakian'
+
+ tmpemail = ldapentry[1]['mail'][0]
+ if ldapentry[1]['mail'][0] == "unknown":
+ tmpemail = None
+
+ hrn = record['hrn']
+ parent_hrn = get_authority(hrn)
+ peer_authority = None
+ if parent_hrn is not self.authname:
+ peer_authority = parent_hrn
+
+ results.append( {
+ 'type': 'user',
+ 'pkey': ldapentry[1]['sshPublicKey'][0],
+ #'uid': ldapentry[1]['uid'][0],
+ 'uid': tmpname ,
+ 'email':tmpemail,
+ #'email': ldapentry[1]['mail'][0],
+ 'first_name': ldapentry[1]['givenName'][0],
+ 'last_name': ldapentry[1]['sn'][0],
+# 'phone': 'none',
+ 'serial': 'none',
+ 'authority': parent_hrn,
+ 'peer_authority': peer_authority,
+ 'pointer' : -1,
+ 'hrn': hrn,
+ } )
+ return results
+
+
+ except ldap.LDAPError,e :
+ print >>sys.stderr, "ERROR LDAP %s" %(e)
+
+
+
+ def ldapFindHrn(self, record_filter = None):
+ #def ldapFindHrn(self, record_filter = None, columns=None):
results = []
ldapfilter+=")"
- rindex=self.ldapserv.search("ou=people,dc=senslab,dc=info",ldap.SCOPE_SUBTREE,ldapfilter, ['mail','givenName', 'sn', 'uid','sshPublicKey'])
+ rindex=self.ldapserv.search(self.baseDN,ldap.SCOPE_SUBTREE,ldapfilter, ['mail','givenName', 'sn', 'uid','sshPublicKey'])
ldapresponse=self.ldapserv.result(rindex,1)
for ldapentry in ldapresponse[1]:
#print>>sys.stderr, " \r\n \t LDAP : ! mail ldapentry[1]['mail'][0] %s " %(ldapentry[1]['mail'][0])
def GetPersons(self, person_filter=None, return_fields=None):
- person_list = self.ldap.ldapFind({'authority': self.root_auth })
+ person_list = self.ldap.ldapFindHrn({'authority': self.root_auth })
#check = False
#if person_filter and isinstance(person_filter, dict):
elif str(record['type']) == 'user':
#Add the data about slice
- print >>sys.stderr, "\r\n \t\t SLABDRIVER.PY fill_record_info USEEEEEEEEEERDESU!"
-
rec = self.GetSlices(slice_filter = record['record_id'], filter_type = 'record_id_user')
+ print >>sys.stderr, "\r\n \t\t SLABDRIVER.PY fill_record_info USEEEEEEEEEERDESU! rec %s" %(rec)
#Append record in records list, therfore fetches user and slice info again(one more loop)
#Will update PIs and researcher for the slice
- user_slab = self.GetPersons(recuser.hrn)
- print >>sys.stderr, "\r\n \t\t SLABDRIVER.PY fill_record_info user_slab %s !" %(user_slab)
+ recuser = dbsession.query(RegRecord).filter_by(record_id = rec['record_id_user']).first()
+ rec.update({'PI':[recuser.hrn],
+ 'researcher': [recuser.hrn],
+ 'name':record['hrn'],
+ 'oar_job_id':rec['oar_job_id'],
+ 'node_ids': [],
+ 'person_ids':[rec['record_id_user']]})
+ #retourne une liste 100512
+ user_slab = self.GetPersons({'hrn':recuser.hrn})
+
+ print >>sys.stderr, "\r\n \t\t SLABDRIVER.PY fill_record_info user_slab %s ! r ecuser %s " %(user_slab, recuser.hrn)
rec.update({'type':'slice','hrn':rec['slice_hrn']})
+ record.update(user_slab[0])
records.append(rec)
- #print >>sys.stderr, "\r\n \t\t SLABDRIVER.PY fill_record_info ADDING SLIC EINFO rec %s" %(rec)
+
+ print >>sys.stderr, "\r\n \t\t SLABDRIVER.PY fill_record_info ADDING SLICEINFO TO USER records %s" %(records)
print >>sys.stderr, "\r\n \t\t SLABDRIVER.PY fill_record_info OKrecords %s" %(records)
except TypeError:
existing_user_ids.append (users_dict[user['hrn']]['person_id'])
#print>>sys.stderr, " \r\n \r\n \t slabslices.py verify_person existing_user_ids.append (users_dict[user['hrn']][k]) %s \r\n existing_users %s " %( existing_user_ids,existing_users)
- #User from another federated site , does not have a senslab account yet
- #Add them to LDAP
+ #User from another federated site , does not have a senslab account yet?
+ #or have multiple SFA accounts
+ #Check before adding them to LDAP
else:
-
- print>>sys.stderr, " \r\n \r\n \t slabslices.py verify_person HUMHUMHUMHUM ..."
+ ldap_reslt = self.driver.ldap.ldapSearch(users)
+ print>>sys.stderr, " \r\n \r\n \t slabslices.py verify_person users HUMHUMHUMHUM ... %s \r\n \t ldap_reslt %s " %(users, ldap_reslt)
pass
# requested slice users
git://git.onelab.eu / sfa.git / commitdiff