2013-06-07 12:13:03 +02:00
|
|
|
#!/usr/bin/python
|
|
|
|
|
|
|
|
import ldap
|
|
|
|
import ldap.modlist as modlist
|
|
|
|
import logging
|
|
|
|
|
|
|
|
class LdapServer(object):
|
|
|
|
|
|
|
|
uri = None
|
|
|
|
dn = None
|
|
|
|
pwd = None
|
|
|
|
v2 = None
|
|
|
|
|
|
|
|
con = 0
|
|
|
|
|
2018-12-12 17:11:23 +01:00
|
|
|
def __init__(self,uri,dn=None,pwd=None,v2=None,raiseOnError=False, logger=False):
|
2013-06-07 12:13:03 +02:00
|
|
|
self.uri = uri
|
|
|
|
self.dn = dn
|
|
|
|
self.pwd = pwd
|
2014-06-25 19:16:18 +02:00
|
|
|
self.raiseOnError = raiseOnError
|
2013-06-07 12:13:03 +02:00
|
|
|
if v2:
|
|
|
|
self.v2=True
|
2018-12-12 17:11:23 +01:00
|
|
|
if logger:
|
|
|
|
self.logger = logger
|
|
|
|
else:
|
|
|
|
self.logger = logging.getLogger()
|
2013-06-07 12:13:03 +02:00
|
|
|
|
2014-06-25 19:16:18 +02:00
|
|
|
def _error(self,error,level=logging.WARNING):
|
|
|
|
if self.raiseOnError:
|
2018-02-13 15:30:38 +01:00
|
|
|
raise LdapServerException(error)
|
2014-06-25 19:16:18 +02:00
|
|
|
else:
|
2018-12-12 17:11:23 +01:00
|
|
|
self.logger.log(level,error)
|
2014-06-25 19:16:18 +02:00
|
|
|
|
2013-06-07 12:13:03 +02:00
|
|
|
def connect(self):
|
|
|
|
if self.con == 0:
|
|
|
|
try:
|
|
|
|
con = ldap.initialize(self.uri)
|
|
|
|
if self.v2:
|
|
|
|
con.protocol_version = ldap.VERSION2
|
|
|
|
else:
|
|
|
|
con.protocol_version = ldap.VERSION3
|
|
|
|
|
|
|
|
if self.dn:
|
|
|
|
con.simple_bind_s(self.dn,self.pwd)
|
|
|
|
|
|
|
|
self.con = con
|
2014-06-25 19:16:18 +02:00
|
|
|
return True
|
2013-06-07 12:13:03 +02:00
|
|
|
except ldap.LDAPError, e:
|
2014-06-25 19:16:18 +02:00
|
|
|
self._error('LdapServer - Error connecting and binding to LDAP server : %s' % e,logging.CRITICAL)
|
|
|
|
return False
|
|
|
|
return True
|
2013-06-07 12:13:03 +02:00
|
|
|
|
2019-04-19 09:53:44 +02:00
|
|
|
def get_scope(self, scope):
|
|
|
|
if scope == 'base':
|
|
|
|
return ldap.SCOPE_BASE
|
|
|
|
elif scope == 'one':
|
|
|
|
return ldap.SCOPE_ONELEVEL
|
|
|
|
elif scope == 'sub':
|
|
|
|
return ldap.SCOPE_SUBTREE
|
|
|
|
raise Exception("Unknown LDAP scope '%s'" % scope)
|
|
|
|
|
|
|
|
def search(self, basedn, filterstr, attrs, sizelimit=0, scope='sub'):
|
|
|
|
res_id = self.con.search(basedn, self.get_scope(scope), filterstr, attrs)
|
2013-06-07 12:13:03 +02:00
|
|
|
ret = {}
|
|
|
|
c=0
|
|
|
|
while 1:
|
|
|
|
res_type, res_data = self.con.result(res_id,0)
|
|
|
|
if res_data == [] or sizelimit!=0 and c>sizelimit:
|
|
|
|
break
|
|
|
|
else:
|
|
|
|
if res_type == ldap.RES_SEARCH_ENTRY:
|
|
|
|
ret[res_data[0][0]]=res_data[0][1]
|
|
|
|
c=c+1
|
|
|
|
return ret
|
|
|
|
|
|
|
|
def add_object(self,dn,attrs):
|
|
|
|
ldif = modlist.addModlist(attrs)
|
|
|
|
try:
|
2018-12-12 17:11:23 +01:00
|
|
|
self.logger.debug("LdapServer - Add %s" % dn)
|
2013-06-07 12:13:03 +02:00
|
|
|
self.con.add_s(dn,ldif)
|
|
|
|
return True
|
|
|
|
except ldap.LDAPError, e:
|
2018-02-13 15:30:38 +01:00
|
|
|
self._error("LdapServer - Error adding %s : %s" % (dn,e), logging.error)
|
2013-06-07 12:13:03 +02:00
|
|
|
|
|
|
|
return False
|
|
|
|
|
2018-02-16 10:52:30 +01:00
|
|
|
def update_object(self, dn, old, new, ignore_attrs=[]):
|
|
|
|
ldif = modlist.modifyModlist(old, new, ignore_attr_types=ignore_attrs)
|
2013-06-07 12:13:03 +02:00
|
|
|
if ldif == []:
|
|
|
|
return True
|
|
|
|
try:
|
|
|
|
self.con.modify_s(dn,ldif)
|
|
|
|
return True
|
|
|
|
except ldap.LDAPError, e:
|
2018-02-13 15:30:38 +01:00
|
|
|
self._error("LdapServer - Error updating %s : %s\nOld : %s\nNew : %s" % (dn, e, old, new), logging.error)
|
2013-06-07 12:13:03 +02:00
|
|
|
return False
|
|
|
|
|
2019-04-19 09:55:14 +02:00
|
|
|
def update_need(self, old, new, ignore_attrs=[]):
|
|
|
|
ldif = modlist.modifyModlist(old, new, ignore_attr_types=ignore_attrs)
|
|
|
|
if ldif == []:
|
|
|
|
return False
|
|
|
|
return True
|
|
|
|
|
2015-04-01 17:08:26 +02:00
|
|
|
def rename_object(self,dn,new_rdn):
|
|
|
|
try:
|
2018-12-12 17:11:23 +01:00
|
|
|
self.logger.debug("LdapServer - Rename %s in %s" % (dn,new_rdn))
|
2015-04-01 17:08:26 +02:00
|
|
|
self.con.rename_s(dn,new_rdn)
|
|
|
|
return True
|
|
|
|
except ldap.LDAPError, e:
|
2018-02-13 15:30:38 +01:00
|
|
|
self._error("LdapServer - Error renaming %s in %s : %s" % (dn,new_rdn,e), logging.error)
|
2015-04-01 17:08:26 +02:00
|
|
|
|
|
|
|
return False
|
|
|
|
|
2013-06-07 12:13:03 +02:00
|
|
|
def drop_object(self,dn):
|
|
|
|
try:
|
2018-12-12 17:11:23 +01:00
|
|
|
self.logger.debug("LdapServer - Delete %s" % dn)
|
2013-06-07 12:13:03 +02:00
|
|
|
self.con.delete_s(dn)
|
|
|
|
return True
|
|
|
|
except ldap.LDAPError, e:
|
2018-02-13 15:30:38 +01:00
|
|
|
self._error("LdapServer - Error deleting %s : %s" % (dn,e), logging.error)
|
2013-06-07 12:13:03 +02:00
|
|
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
def get_dn(self,obj):
|
|
|
|
return obj[0][0]
|
|
|
|
|
2015-04-01 17:08:43 +02:00
|
|
|
def get_attr(self,obj,attr,all=None,default=None):
|
2018-02-13 11:59:01 +01:00
|
|
|
if attr not in obj:
|
|
|
|
for k in obj:
|
|
|
|
if k.lower() == attr.lower():
|
|
|
|
attr = k
|
|
|
|
break
|
2013-06-07 12:13:03 +02:00
|
|
|
if all is not None:
|
|
|
|
if attr in obj:
|
|
|
|
return obj[attr]
|
|
|
|
else:
|
2015-04-01 17:08:43 +02:00
|
|
|
return default or []
|
2013-06-07 12:13:03 +02:00
|
|
|
else:
|
|
|
|
if attr in obj:
|
|
|
|
return obj[attr][0]
|
|
|
|
else:
|
2015-04-01 17:08:43 +02:00
|
|
|
return default
|
2015-04-01 17:07:49 +02:00
|
|
|
|
|
|
|
class LdapServerException(BaseException):
|
|
|
|
def __init__(self,msg):
|
|
|
|
BaseException.__init__(self, msg)
|