2012-10-08 18:16:43 +02:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
|
|
|
import os
|
|
|
|
import sys
|
|
|
|
import ldap
|
|
|
|
import ldap.modlist as modlist
|
|
|
|
import re
|
|
|
|
import getpass
|
|
|
|
|
|
|
|
|
|
|
|
def colorize(astr, color):
|
2012-10-08 22:00:16 +02:00
|
|
|
"""
|
|
|
|
Print with style ;)
|
|
|
|
|
|
|
|
Keyword arguments:
|
|
|
|
astr -- String to colorize
|
|
|
|
color -- Name of the color
|
|
|
|
|
|
|
|
"""
|
2012-10-08 18:16:43 +02:00
|
|
|
color_dict = {
|
|
|
|
'red' : '31',
|
|
|
|
'green' : '32',
|
|
|
|
'yellow': '33',
|
|
|
|
'cyan' : '34',
|
|
|
|
'purple': '35'
|
|
|
|
}
|
|
|
|
return "\033["+ color_dict[color] +"m\033[1m" + astr + "\033[m"
|
|
|
|
|
2012-10-10 14:19:17 +02:00
|
|
|
def pretty_print_dict(d, depth=0):
|
|
|
|
for k,v in sorted(d.items(), key=lambda x: x[0]):
|
2012-10-10 14:47:11 +02:00
|
|
|
k = colorize(k, 'purple')
|
2012-10-10 14:19:17 +02:00
|
|
|
if isinstance(v, dict):
|
2012-10-10 14:47:11 +02:00
|
|
|
print((" ")*depth + ("%s: " % k))
|
2012-10-10 14:19:17 +02:00
|
|
|
pretty_print_dict(v, depth+1)
|
2012-10-10 14:47:11 +02:00
|
|
|
if isinstance(v, list):
|
|
|
|
print((" ")*depth + ("%s: " % k))
|
|
|
|
for value in v:
|
|
|
|
print((" ")*(depth+1) + "- " + value)
|
2012-10-10 14:19:17 +02:00
|
|
|
else:
|
2012-10-10 14:47:11 +02:00
|
|
|
print((" ")*depth + "%s: %s" % (k, v))
|
2012-10-10 14:19:17 +02:00
|
|
|
|
2012-10-08 18:16:43 +02:00
|
|
|
def win_msg(astr):
|
2012-10-08 22:00:16 +02:00
|
|
|
"""
|
|
|
|
Display a success message if isatty
|
|
|
|
|
|
|
|
Keyword arguments:
|
|
|
|
astr -- Win message to display
|
|
|
|
|
|
|
|
"""
|
2012-10-08 18:16:43 +02:00
|
|
|
if os.isatty(1):
|
|
|
|
print('\n' + colorize(_("Success: "), 'green') + astr + '\n')
|
|
|
|
|
2012-10-08 22:00:16 +02:00
|
|
|
|
2012-10-08 18:16:43 +02:00
|
|
|
def str_to_func(astr):
|
|
|
|
"""
|
|
|
|
Call a function from a string name
|
|
|
|
|
|
|
|
Keyword arguments:
|
|
|
|
astr -- Name of function to call
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
Function
|
|
|
|
|
|
|
|
"""
|
|
|
|
try:
|
2012-10-10 19:47:57 +02:00
|
|
|
module, _, function = astr.rpartition('.')
|
|
|
|
if module:
|
|
|
|
__import__(module)
|
|
|
|
mod = sys.modules[module]
|
|
|
|
else:
|
|
|
|
mod = sys.modules['__main__'] # default module
|
|
|
|
|
2012-10-08 18:16:43 +02:00
|
|
|
func = getattr(mod, function)
|
2012-10-10 19:47:57 +02:00
|
|
|
except (AttributeError, ImportError):
|
2012-10-10 14:47:11 +02:00
|
|
|
#raise YunoHostError(168, _('Function is not defined'))
|
|
|
|
return None
|
2012-10-08 18:16:43 +02:00
|
|
|
else:
|
|
|
|
return func
|
|
|
|
|
|
|
|
|
2012-10-10 19:47:57 +02:00
|
|
|
def validate(regex_dict):
|
|
|
|
"""
|
|
|
|
Validate attributes with a pattern
|
|
|
|
|
|
|
|
Keyword arguments:
|
|
|
|
regex_dict -- Dictionnary of values/pattern to check
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
Boolean | YunoHostError
|
|
|
|
|
|
|
|
"""
|
|
|
|
for attr, pattern in regex_dict.items():
|
|
|
|
if re.match(pattern, attr):
|
|
|
|
continue
|
|
|
|
else:
|
|
|
|
raise YunoHostError(22, _('Invalid attribute') + ' ' + attr)
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
2012-10-14 21:48:16 +02:00
|
|
|
def display_error(error):
|
|
|
|
"""
|
|
|
|
Nice error displaying
|
|
|
|
|
|
|
|
"""
|
|
|
|
if not __debug__ :
|
|
|
|
traceback.print_exc()
|
|
|
|
if os.isatty(1):
|
|
|
|
print('\n' + colorize(_("Error: "), 'red') + error.message)
|
|
|
|
else:
|
|
|
|
print(json.dumps({ 'error' : error.message }))
|
|
|
|
|
|
|
|
|
|
|
|
def connect_services(action_map):
|
|
|
|
"""
|
|
|
|
Connect to different services needed by the action
|
|
|
|
|
|
|
|
Keyword arguments:
|
|
|
|
action_map -- Map of actions
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
Dict -- openned connections or error code
|
|
|
|
|
|
|
|
"""
|
|
|
|
action_dict = action_map[sys.argv[1]]['actions'][sys.argv[2]]
|
|
|
|
connections = {}
|
|
|
|
required_connections = []
|
|
|
|
|
|
|
|
if 'connections' in action_dict:
|
|
|
|
required_connections = action_dict['connections']
|
|
|
|
|
|
|
|
try:
|
|
|
|
# Connect to different services if the action is requiring it
|
|
|
|
if 'ldap' in required_connections:
|
|
|
|
connections['ldap'] = YunoHostLDAP()
|
|
|
|
if 'firewall' in required_connections:
|
|
|
|
connections['firewall'] = open('/etc/init.d/iptables', 'w')
|
|
|
|
# TODO: Add other services connections
|
|
|
|
except YunoHostError, error:
|
|
|
|
display_error(error)
|
|
|
|
sys.exit(error.code)
|
|
|
|
else:
|
|
|
|
return connections
|
|
|
|
|
|
|
|
|
|
|
|
def disconnect_services(connections):
|
|
|
|
"""
|
|
|
|
Disconnect openned connections
|
|
|
|
|
|
|
|
Keyword arguments:
|
|
|
|
connections -- Dictionnary of openned connections
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
Boolean
|
|
|
|
|
|
|
|
"""
|
|
|
|
try:
|
|
|
|
if 'ldap' in connections:
|
|
|
|
connections['ldap'].disconnect()
|
|
|
|
if 'firewall' in connections:
|
|
|
|
connections['firewall'].close()
|
|
|
|
# TODO: Add other services deconnections
|
|
|
|
except YunoHostError, error:
|
|
|
|
display_error(error)
|
|
|
|
sys.exit(error.code)
|
|
|
|
else:
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
2012-10-08 18:16:43 +02:00
|
|
|
class YunoHostError(Exception):
|
2012-10-08 22:00:16 +02:00
|
|
|
"""
|
|
|
|
Custom exception
|
|
|
|
|
|
|
|
Keyword arguments:
|
|
|
|
code -- Integer error code
|
|
|
|
message -- Error message to display
|
|
|
|
|
|
|
|
"""
|
2012-10-08 18:16:43 +02:00
|
|
|
def __init__(self, code, message):
|
|
|
|
code_dict = {
|
|
|
|
1 : _('Fail'),
|
|
|
|
13 : _('Permission denied'),
|
|
|
|
17 : _('Already exists'),
|
|
|
|
22 : _('Invalid arguments'),
|
|
|
|
87 : _('Too many users'),
|
|
|
|
111 : _('Connection refused'),
|
|
|
|
122 : _('Quota exceeded'),
|
|
|
|
125 : _('Operation canceled'),
|
|
|
|
167 : _('Not found'),
|
|
|
|
168 : _('Undefined'),
|
|
|
|
169 : _('LDAP operation error')
|
|
|
|
}
|
|
|
|
self.code = code
|
|
|
|
self.message = message
|
|
|
|
if code_dict[code]:
|
|
|
|
self.desc = code_dict[code]
|
|
|
|
else:
|
|
|
|
self.desc = code
|
|
|
|
|
|
|
|
|
|
|
|
class YunoHostLDAP:
|
|
|
|
""" Specific LDAP functions for YunoHost """
|
|
|
|
|
|
|
|
def __init__(self):
|
2012-10-08 22:00:16 +02:00
|
|
|
"""
|
|
|
|
Connect to LDAP base
|
|
|
|
|
|
|
|
Initialize to localhost, base yunohost.org, prompt for password
|
2012-10-08 18:16:43 +02:00
|
|
|
|
2012-10-08 22:00:16 +02:00
|
|
|
"""
|
2012-10-08 18:16:43 +02:00
|
|
|
self.conn = ldap.initialize('ldap://localhost:389')
|
|
|
|
self.base = 'dc=yunohost,dc=org'
|
2012-10-10 20:53:42 +02:00
|
|
|
self.pwd = getpass.getpass(colorize(_('LDAP Admin Password: '), 'yellow'))
|
2012-10-08 18:16:43 +02:00
|
|
|
try:
|
|
|
|
self.conn.simple_bind_s('cn=admin,' + self.base, self.pwd)
|
|
|
|
except ldap.INVALID_CREDENTIALS:
|
|
|
|
raise YunoHostError(13, _('Invalid credentials'))
|
|
|
|
|
2012-10-08 22:00:16 +02:00
|
|
|
|
2012-10-08 18:16:43 +02:00
|
|
|
def disconnect(self):
|
2012-10-08 22:00:16 +02:00
|
|
|
"""
|
|
|
|
Unbind from LDAP
|
|
|
|
|
|
|
|
Returns
|
|
|
|
Boolean | YunoHostError
|
2012-10-08 18:16:43 +02:00
|
|
|
|
2012-10-08 22:00:16 +02:00
|
|
|
"""
|
2012-10-08 18:16:43 +02:00
|
|
|
try:
|
|
|
|
self.conn.unbind_s()
|
|
|
|
except:
|
|
|
|
raise YunoHostError(169, _('An error occured during disconnection'))
|
|
|
|
else:
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
2012-10-08 22:00:16 +02:00
|
|
|
def search(self, base=None, filter='(objectClass=*)', attrs=['dn']):
|
|
|
|
"""
|
|
|
|
Search in LDAP base
|
|
|
|
|
|
|
|
Keyword arguments:
|
|
|
|
base -- Base to search into
|
|
|
|
filter -- LDAP filter
|
|
|
|
attrs -- Array of attributes to fetch
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
Boolean | Dict
|
|
|
|
|
|
|
|
"""
|
2012-10-08 18:16:43 +02:00
|
|
|
if not base:
|
|
|
|
base = self.base
|
|
|
|
|
|
|
|
try:
|
|
|
|
result = self.conn.search_s(base, ldap.SCOPE_SUBTREE, filter, attrs)
|
|
|
|
except:
|
|
|
|
raise YunoHostError(169, _('An error occured during LDAP search'))
|
|
|
|
|
|
|
|
if result:
|
|
|
|
result_list = []
|
|
|
|
for dn, entry in result:
|
|
|
|
if 'dn' in attrs:
|
|
|
|
entry['dn'] = [dn]
|
|
|
|
result_list.append(entry)
|
|
|
|
return result_list
|
|
|
|
else:
|
|
|
|
return False
|
|
|
|
|
2012-10-08 22:00:16 +02:00
|
|
|
|
2012-10-08 18:16:43 +02:00
|
|
|
def add(self, rdn, attr_dict):
|
2012-10-08 22:00:16 +02:00
|
|
|
"""
|
|
|
|
Add LDAP entry
|
|
|
|
|
|
|
|
Keyword arguments:
|
|
|
|
rdn -- DN without domain
|
|
|
|
attr_dict -- Dictionnary of attributes/values to add
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
Boolean | YunoHostError
|
2012-10-08 18:16:43 +02:00
|
|
|
|
2012-10-08 22:00:16 +02:00
|
|
|
"""
|
2012-10-08 18:16:43 +02:00
|
|
|
dn = rdn + ',' + self.base
|
|
|
|
ldif = modlist.addModlist(attr_dict)
|
|
|
|
|
|
|
|
try:
|
|
|
|
self.conn.add_s(dn, ldif)
|
|
|
|
except:
|
|
|
|
raise YunoHostError(169, _('An error occured during LDAP entry creation'))
|
|
|
|
else:
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
def validate_uniqueness(self, value_dict):
|
2012-10-08 22:00:16 +02:00
|
|
|
"""
|
|
|
|
Check uniqueness of values
|
|
|
|
|
|
|
|
Keyword arguments:
|
|
|
|
value_dict -- Dictionnary of attributes/values to check
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
Boolean | YunoHostError
|
|
|
|
|
|
|
|
"""
|
2012-10-08 18:16:43 +02:00
|
|
|
for attr, value in value_dict.items():
|
|
|
|
if not self.search(filter=attr + '=' + value):
|
|
|
|
continue
|
|
|
|
else:
|
|
|
|
raise YunoHostError(17, _('Attribute already exists') + ' "' + attr + '=' + value + '"')
|
|
|
|
return True
|