From 07ff3331c257ad0e3c773c0c011adc9667cec135 Mon Sep 17 00:00:00 2001 From: Michael Patrick McGrath Date: Fri, 13 Jul 2007 12:51:54 -0700 Subject: [PATCH] Added group dump --- fas/fas/controllers.py | 19 ++++++-- fas/fas/fasLDAP.py | 108 ++++++++++++++++++++++++++++++++++++----- fas/ldap/PgToLDAP.py | 2 +- 3 files changed, 111 insertions(+), 18 deletions(-) diff --git a/fas/fas/controllers.py b/fas/fas/controllers.py index 87f2354..ffff527 100644 --- a/fas/fas/controllers.py +++ b/fas/fas/controllers.py @@ -9,6 +9,7 @@ from fas.fasLDAP import UserGroup from turbogears import exception_handler import turbogears import ldap +import time # from fas import json # import logging # log = logging.getLogger("fas.controllers") @@ -52,8 +53,9 @@ class Root(controllers.RootController): @expose(template="fas.templates.welcome") # @identity.require(identity.in_group("admin")) def index(self): - import time # log.debug("Happy TurboGears Controller Responding For Duty") + if turbogears.identity.not_anonymous(): + turbogears.redirect('home') return dict(now=time.ctime()) @expose(template="fas.templates.home") @@ -62,6 +64,11 @@ class Root(controllers.RootController): builds = Koji(turbogears.identity.current.user_name) return dict(builds=builds) + @expose(template="fas.templates.dump", format="plain", content_type="text/plain") + def groupDump(self, groupName=None): + groups = Groups.byGroupName(groupName) + return dict(groups=groups, Person=Person) + @expose(template="fas.templates.login") def login(self, forward_url=None, previous_url=None, *args, **kw): @@ -124,13 +131,18 @@ class Root(controllers.RootController): groups = Groups.byGroupName(groupName, includeUnapproved=True) except KeyError, e: raise ValueError, 'Group: %s - Does not exist!' % e - group = Groups.groups(groupName)[groupName] + try: + group = Groups.groups(groupName)[groupName] + except TypeError: + raise ValueError, 'Group: %s - does not exist' % groupName userName = turbogears.identity.current.user_name try: myStatus = groups[userName].fedoraRoleStatus except KeyError: # Not in group myStatus = 'Not a Member' + except TypeError: + groups = {} try: me = groups[userName] except: @@ -154,7 +166,6 @@ class Root(controllers.RootController): groups = {} return dict(groups=groups, search=search, myGroups=myGroups) - @expose(template="fas.templates.resetPassword") @exception_handler(errorMessage,rules="isinstance(tg_exceptions,ValueError)") def resetPassword(self, userName=None, password=None, passwordCheck=None, mail=None): @@ -204,7 +215,7 @@ class Root(controllers.RootController): @expose(template="fas.templates.userList") @exception_handler(errorMessage,rules="isinstance(tg_exceptions,ValueError)") -# @identity.require(identity.in_group("accounts")) + @identity.require(identity.in_group("accounts")) def listUser(self, search='a*'): users = Person.users(search) try: diff --git a/fas/fas/fasLDAP.py b/fas/fas/fasLDAP.py index 7be59b0..b0b3e8c 100644 --- a/fas/fas/fasLDAP.py +++ b/fas/fas/fasLDAP.py @@ -7,8 +7,19 @@ class Server: self.ldapConn = ldap.open(server) self.ldapConn.simple_bind_s(who, password) + +############################################################################### +# Group - Contains information about a specific group, 'sysadmin' would be +# an example of a Group +############################################################################### + class Group: ''' Group abstraction class ''' + __base = 'ou=FedoraGroups,dc=fedoraproject,dc=org' + __server = Server() + __filter = '' + __cn = '' + def __init__(self, cn, fedoraGroupOwner, fedoraGroupType, fedoraGroupNeedsSponsor, fedoraGroupUserCanRemove, fedoraGroupJoinMsg): self.cn = cn self.fedoraGroupOwner = fedoraGroupOwner @@ -17,7 +28,61 @@ class Group: self.fedoraGroupUserCanRemove = fedoraGroupUserCanRemove self.fedoraGroupJoinMsg = fedoraGroupJoinMsg +# def __getattr__(self, attr): +# if attr.startswith('_'): +# print 'GET %s=%s' % (attr, self.__getattr__(attr)) +# if attr == '__filter': +# return self.__filter +# if attr == 'userName': +# return self.__getattr__('cn') +# try: +# attributes = [] +# attributes.append(attr) +# return search(self.__base, self.__filter, attributes)[0][0][1][attr][0] +# except: +# # Should probably raise here. +# return None +# +# def __setattr__(self, attr, value): +# if attr.startswith('_'): +# #return setattr(self.__class__, attr, value) +# self.__dict__[attr] = value +# return +# base = 'cn=%s,ou=FedoraGroups,dc=fedoraproject,dc=org' % self.__getattr__('cn') +# +# if self.__getattr__(attr): +# modify(base, attr, value, self.__getattr__(attr)) +# else: +# try: +# modify(base, attr, value) +# except: +# modify(base, attr, value, self.__getattr__(attr)) + @classmethod + def newGroup(self, cn, fedoraGroupOwner, fedoraGroupNeedsSponsor, fedoraGroupUserCanRemove, fedoraGroupJoinMsg): + ''' Create a new group ''' + attributes = { 'cn' : cn, + 'objectClass' : ('fedoraGroup'), + 'fedoraGroupOwner' : fedoraGroupOwner, + 'fedoraGroupType' : '1', + 'fedoraGroupNeedsSponsor' : fedoraGroupNeedsSponsor, + 'fedoraGroupUserCanRemove' : fedoraGroupUserCanRemove, + 'fedoraGroupJoinMsg' : fedoraGroupJoinMsg, + } + add('cn=%s,%s' % (cn, self.__base), attributes) +# attributes = { +# 'objectClass' : ('organizationalUnit', 'top'), +# 'ou' : 'FedoraGroups' +# } +# add('ou=FedoraGroups,cn=%s,%s' % (cn, self.__base), attributes) + return 0 + + +############################################################################### +# UserGroup - Determines information about a user in a group, when they joined +# who their sponsor is and their approval status are examples of +# things found in this group +############################################################################### class UserGroup: ''' Individual User->Group abstraction class ''' def __init__(self, fedoraRoleApprovalDate=None, fedoraRoleSponsor=None, cn=None, fedoraRoleCreationDate=None, objectClass=None, fedoraRoleType=None, fedoraRoleStatus='Not a Member', fedoraRoleDomain=None): @@ -30,13 +95,18 @@ class UserGroup: self.fedoraRoleStatus = fedoraRoleStatus self.fedoraRoleDomain = fedoraRoleDomain + +############################################################################### +# Groups - Returns actual information in a group. This class actual queries +# the LDAP database. +############################################################################### class Groups: ''' Class contains group information ''' __userName = None @classmethod def byUserName(self, cn, includeUnapproved=None, unapprovedOnly=None): - ''' Return list of groups a certain user is in. Excludes all non-approved groups''' + ''' Return list of groups a certain user is in. Default excludes all non-approved groups''' server = Server() groups = {} if includeUnapproved: @@ -70,6 +140,7 @@ class Groups: @classmethod def groups(self, searchExpression='*', attributes=[]): + ''' Return a list of available groups ''' groups = {} filter = 'cn=%s' % (searchExpression) base = 'ou=FedoraGroups,dc=fedoraproject,dc=org' @@ -91,6 +162,7 @@ class Groups: @classmethod def remove(self, groupName, userName=None): + ''' Remove user from a group ''' if not userName: userName = self.__userName print "userName: %s" % userName @@ -143,6 +215,7 @@ class Groups: @classmethod def byGroupName(cls, cn, includeUnapproved=None, unapprovedOnly=None): + ''' List users in a group. Default does not show unapproved ''' self = cls() server = Server() users = {} @@ -156,19 +229,22 @@ class Groups: self.__attributes = ['cn'] attributes = ['cn'] usersDict = search(base, filter) - for user in usersDict: - userName = user[0][0].split(',')[2].split('=')[1] + try: + for user in usersDict: + userName = user[0][0].split(',')[2].split('=')[1] - users[userName] = UserGroup( - fedoraRoleApprovalDate = user[0][1]['fedoraRoleApprovalDate'][0], - fedoraRoleSponsor = user[0][1]['fedoraRoleSponsor'][0], - cn = user[0][1]['cn'][0], - fedoraRoleCreationDate = user[0][1]['fedoraRoleCreationDate'][0], - objectClass = user[0][1]['objectClass'][0], - fedoraRoleType = user[0][1]['fedoraRoleType'][0], - fedoraRoleStatus = user[0][1]['fedoraRoleStatus'][0], - fedoraRoleDomain = user[0][1]['fedoraRoleDomain'][0] - ) + users[userName] = UserGroup( + fedoraRoleApprovalDate = user[0][1]['fedoraRoleApprovalDate'][0], + fedoraRoleSponsor = user[0][1]['fedoraRoleSponsor'][0], + cn = user[0][1]['cn'][0], + fedoraRoleCreationDate = user[0][1]['fedoraRoleCreationDate'][0], + objectClass = user[0][1]['objectClass'][0], + fedoraRoleType = user[0][1]['fedoraRoleType'][0], + fedoraRoleStatus = user[0][1]['fedoraRoleStatus'][0], + fedoraRoleDomain = user[0][1]['fedoraRoleDomain'][0] + ) + except TypeError: + users = [] return users class Person: @@ -180,6 +256,7 @@ class Person: @classmethod def newPerson(self, cn, givenName, mail, telephoneNumber, postalAddress): + ''' Create a new user ''' import datetime dt = datetime.datetime.now() now = '%.2i-%.2i-%.2i %.2i:%.2i:%.2i.%.2i' % (dt.year, @@ -283,6 +360,7 @@ class Person: ldapServer.simple_bind_s(who, password) def upgrade(self, group): + ''' Upgrade user in group ''' base = 'cn=%s,ou=Roles,cn=%s,ou=People,dc=fedoraproject,dc=org' % (group, self.cn) g = Groups.byGroupName(group, includeUnapproved=True)[self.cn] if not g.fedoraRoleStatus.lower() == 'approved': @@ -296,6 +374,7 @@ class Person: modify(base, 'fedoraRoleType', 'sponsor', g.fedoraRoleType) def downgrade(self, group): + ''' Downgrade user in group ''' base = 'cn=%s,ou=Roles,cn=%s,ou=People,dc=fedoraproject,dc=org' % (group, self.cn) g = Groups.byGroupName(group, includeUnapproved=True)[self.cn] if not g.fedoraRoleStatus.lower() == 'approved': @@ -309,6 +388,7 @@ class Person: modify(base, 'fedoraRoleType', 'sponsor', g.fedoraRoleType) def sponsor(self, groupName, sponsor): + ''' Sponsor current user ''' import datetime base = 'cn=%s,ou=Roles,cn=%s,ou=People,dc=fedoraproject,dc=org' % (groupName, self.cn) g = Groups.byGroupName(groupName, includeUnapproved=True)[self.cn] @@ -330,6 +410,7 @@ class Person: modify(base, 'fedoraRoleStatus', 'approved') def generatePassword(self,password=None,length=14,salt=''): + ''' Generate Password ''' from random import Random import sha import sha @@ -412,6 +493,7 @@ def modify(base, attribute, new, old=None, ldapServer=None): ldapServer.unbind_s() def search(base, filter, attributes=None, ldapServer=None): + ''' Basic search function ''' if not ldapServer: s = Server() ldapServer = s.ldapConn diff --git a/fas/ldap/PgToLDAP.py b/fas/ldap/PgToLDAP.py index 6487f24..3b83868 100644 --- a/fas/ldap/PgToLDAP.py +++ b/fas/ldap/PgToLDAP.py @@ -320,7 +320,7 @@ def main(): #id0, name1, owner_id2, group_type3, needs_sponsor4, user_can_remove5, prerequisite_id6, joinmsg7 userLdif = [["objectClass",["fedoraGroup"]] ] - userLdif.append(["cn",[str(group[1])]]) + userLdif.append(["cn",[str(group[7])]]) userLdif.append(["fedoraGroupOwner",owner]) # need to get a cn for this not just the id #userLdif.append(["groupOwner",[str(group[2])]]) # need to get a cn for this not just the id userLdif.append(["fedoraGroupType",[str(group[3]) or "None" ]])