- def ldapFind(self, record_filter = None, columns=None):
-
- results = []
-
- #first, ldap for users
-
- if 'authority' in record_filter:
- # ask for authority
- if record_filter['authority']==self.authname:
- # which is SFA_REGISTRY_ROOT_AUTH
- # request all records which are under our authority, ie all ldap entries
- ldapfilter="cn=*"
- else:
- #which is NOT SFA_REGISTRY_ROOT_AUTH
- return []
- else :
- if not 'hrn' in record_filter:
- print >>sys.stderr,"find : don't know how to handle filter ",record_filter
- return []
- else:
- hrns=[]
- h=record_filter['hrn']
- if isinstance(h,list):
- hrns=h
- else :
- hrns.append(h)
-
- ldapfilter="(|"
- for hrn in hrns:
- splited_hrn=hrn.split(".")
- if splited_hrn[0] != "SFA_REGISTRY_ROOT_AUTH" :
- print >>sys.stderr,"i know nothing about",hrn
- else :
- login=splited_hrn[1]
- ldapfilter+="(uid="
- ldapfilter+=login
- ldapfilter+=")"
- ldapfilter+=")"
-
-
- rindex=self.ldapserv.search("ou=people,dc=senslab,dc=info",ldap.SCOPE_SUBTREE,ldapfilter, ['mail','givenName', 'sn', 'uid','sshPublicKey'])
- ldapresponse=self.ldapserv.result(rindex,1)
- for ldapentry in ldapresponse[1]:
- hrn=self.authname+"."+ldapentry[1]['uid'][0]
- uuid=create_uuid()
-
- RSA_KEY_STRING=ldapentry[1]['sshPublicKey'][0]
-
- pkey=convert_public_key(RSA_KEY_STRING)
-
- gid=self.senslabauth.create_gid("urn:publicid:IDN+"+self.authname+"+user+"+ldapentry[1]['uid'][0], uuid, pkey, CA=False)
-
- parent_hrn = get_authority(hrn)
- parent_auth_info = self.senslabauth.get_auth_info(parent_hrn)
-
- results.append( {
- 'type': 'user',
-# 'email': ldapentry[1]['mail'][0],
-# 'first_name': ldapentry[1]['givenName'][0],
-# 'last_name': ldapentry[1]['sn'][0],
-# 'phone': 'none',
- 'gid': gid.save_to_string(),
- 'serial': 'none',
- 'authority': self.authname,
- 'peer_authority': '',
- 'pointer' : '',
- 'hrn': hrn,
- 'date_created' : 'none',
- 'last_updated': 'none'
- } )
- return results
-