import ldap
import time
+import datetime
import userdir_ldap
+import sys
class Account:
- array_values = ['keyFingerPrint', 'mailWhitelist', 'mailRBL', 'mailRHSBL', 'supplementaryGid', 'sshRSAAuthKey', 'sudoPassword']
+ array_values = ['objectClass', 'keyFingerPrint', 'mailWhitelist', 'mailRBL',
+ 'mailRHSBL', 'supplementaryGid', 'sshRSAAuthKey',
+ 'sudoPassword', 'dnsZoneEntry', 'allowedHost']
int_values = ['shadowExpire', 'gidNumber', 'uidNumber']
defaults = {
'accountStatus': 'active',
def from_search(ldap_connection, base, user):
searchresult = ldap_connection.search_s(base, ldap.SCOPE_SUBTREE, 'uid=%s'%(user))
if len(searchresult) < 1:
- sys.stderr.write("No such user: %s\n"%(user))
- return
+ raise IndexError, "No such user: %s\n"%(user)
elif len(searchresult) > 1:
- sys.stderr.write("More than one hit when getting %s\n"%(user))
- return
+ raise IndexError, "More than one hit when getting %s\n"%(user)
else:
return Account(searchresult[0][0], searchresult[0][1])
return '(%s)'%(', '.join(status))
+ def delete_mailforward(self):
+ del self.attributes['emailForward']
+
def get_dn(self):
return self.dn
+ def email_address(self):
+ mailbox = "<%s@%s>" % (self['uid'], userdir_ldap.EmailAppend)
+ tokens = []
+ if 'cn' in self: tokens.append(self['cn'])
+ if 'sn' in self: tokens.append(self['sn'])
+ tokens.append(mailbox)
+ return ' '.join(tokens)
+
+ def is_allowed_by_hostacl(self, host):
+ if not 'allowedHost' in self: return False
+ if host in self['allowedHost']: return True
+ # or maybe it's a date limited ACL
+ for entry in self['allowedHost']:
+ list = entry.split(None,1)
+ if len(list) == 1: continue
+ (h, expire) = list
+ if host != h: continue
+ try:
+ parsed = datetime.datetime.strptime(expire, '%Y%m%d')
+ except ValueError:
+ print >>sys.stderr, "Cannot parse expiry date in '%s' in hostACL entry for %s."%(entry, self['uid'])
+ return False
+ return parsed >= datetime.datetime.now()
+ return False
+
+
# vim:set et:
# vim:set ts=4:
# vim:set shiftwidth=4: