moulinette/lib/yunohost_ldap.py

# -*- coding: utf-8 -*-

import sys
import ldap
import ldap.modlist as modlist
import re
import getpass
import yunohost_messages as msg

class YunoHostLDAP:
    """ Specific LDAP functions for YunoHost """

    def __init__(self):
        """ Connect to LDAP base """

        self.conn = ldap.initialize('ldap://localhost:389')
        self.base = 'dc=yunohost,dc=org'
        self.pwd = getpass.getpass(_('LDAP Admin Password: '))
        try:
            self.conn.simple_bind_s('cn=admin,' + self.base, self.pwd)
        except ldap.INVALID_CREDENTIALS:
            print(msg.error + _('Wrong credentials'))
            sys.exit(msg.ECONNREFUSED)

    def disconnect(self):
        """ Unbind from LDAP """

        try:
            self.conn.unbind_s()
        except:
            print(msg.error + _('A problem occured during LDAP unbind'))
            return False
        else:
            return True

    def search(self, base=None, filter='(objectClass=*)', attrs=['dn']):
        """ Search in LDAP base """

        if not base:
            base = self.base

        try:
            result = self.conn.search_s(base, ldap.SCOPE_SUBTREE, filter, attrs)
        except:
            print(msg.error + _('An error occured during LDAP search'))
            return False
        
        if result:
            result_list = []
            for dn, entry in result:
                if 'dn' in attrs:
                    entry['dn'] = [dn]
                result_list.append(entry)
            return result_list       
        else:
            return False

    def add(self, rdn, attr_dict):
        """ Add LDAP entry """

        dn = rdn + ',' + self.base
        ldif = modlist.addModlist(attr_dict)

        try:
            self.conn.add_s(dn, ldif)
        except:
            print(msg.error + _('An error occured during LDAP entry creation'))
            return False 
        else:
            return True


    def validate(self, regex_dict):
        for attr, pattern in regex_dict.items():
            if re.match(pattern, attr):
                continue
            else:
                print(msg.error + _('Invalid value') + ' "' + attr + '"')
                sys.exit(msg.EINVAL)
        return True

    def validate_uniqueness(self, value_dict):
        for attr, value in value_dict.items():
            if not self.search(filter=attr + '=' + value):
                continue
            else:
                print(msg.error + _('Attribute already exists') + ' "' + attr + '=' + value + '"')
                sys.exit(msg.EEXIST)
        return True