+import ldap
+import time
+import userdir_ldap
class Account:
- def __init__(self, user):
- searchresult = lc.search_s(BaseDn,ldap.SCOPE_SUBTREE, 'uid=%s'%(user))
+ array_values = ['keyFingerPrint', 'mailWhitelist', 'mailRBL', 'mailRHSBL']
+ int_values = ['shadowExpire']
+ defaults = {
+ 'accountStatus': 'active',
+ 'keyFingerPrint': []
+ }
+
+ @staticmethod
+ def from_search(ldap_connection, base, user):
+ searchresult = ldap_connection.search_s(base, ldap.SCOPE_SUBTREE, 'uid=%s'%(user))
if len(searchresult) < 1:
sys.stderr.write("No such user: %s\n"%(user))
return
elif len(searchresult) > 1:
sys.stderr.write("More than one hit when getting %s\n"%(user))
return
+ else:
+ return Account(searchresult[0][0], searchresult[0][1])
+
+ def __init__(self, dn, attributes):
+ self.dn = dn
+ self.attributes = attributes
- self.dn, self.attributes = searchresult[0]
+ def __getitem__(self, key):
+ if key in self.attributes:
+ if key in self.array_values:
+ return self.attributes[key]
+ elif key in self.int_values:
+ if len(self.attributes[key]) == 1:
+ return int(self.attributes[key][0])
+ else:
+ raise ValueError, 'non-array value has not exactly one value'
+ else:
+ return self.attributes[key][0]
+ elif key in self.defaults:
+ return self.defaults[key]
+ else:
+ raise IndexError
+ def __contains__(self, key):
+ return key in self.attributes
def has_mail(self):
if 'mailDisableMessage' in self.attributes:
# not locked locked, just reset to something invalid like {crypt}*SSLRESET* is still active
def pw_active(self):
- if self.attributes['userPassword'][0] == '{crypt}*LK*':
+ if self['userPassword'] == '{crypt}*LK*':
+ return False
+ if self['userPassword'].startswith("!"):
return False
return True
# not expired
def shadow_active(self):
- if 'shadowExpire' in self.attributes and \
- int(self.attributes['shadowExpire'][0]) < (time.time() / 3600 / 24):
+ if 'shadowExpire' in self and \
+ self['shadowExpire'] < (time.time() / 3600 / 24):
return False
return True
def numkeys(self):
- if 'keyFingerPrint' in self.attributes:
- return len(self.attributes['keyFingerPrint'])
- return 0
+ return len(self['keyFingerPrint'])
- def account_status(self):
- if 'accountStatus' in self.attributes:
- return self.attributes['accountStatus'][0]
- return 'active'
+ def is_active_user(self):
+ return self['accountStatus'] == 'active' and self.numkeys() != 0
+ def latitude_dec(self, anonymized=False):
+ return userdir_ldap.DecDegree(self['latitude'], anonymized)
+ def longitude_dec(self, anonymized=False):
+ return userdir_ldap.DecDegree(self['longitude'], anonymized)
def verbose_status(self):
status = []
status.append('pw: %s' %(['locked', 'active'][ self.pw_active() ]))
status.append('shadow: %s'%(['expired', 'active'][ self.shadow_active() ]))
status.append('keys: %d' %( self.numkeys() ))
- status.append('status: %s'%( self.account_status() ))
+ status.append('status: %s'%( self['accountStatus'] ))
return '(%s)'%(', '.join(status))