X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=UDLdap.py;h=97fd2fbdcb665800a3746b3f6c79f32a7d10bb2e;hb=4960a0dea00ac93cbcdb2fb82f850aee8d4fb4e9;hp=dcf0bb448e7ed3a40f6aea24b3fa771bdc97f0fb;hpb=4d4ea5e8539d9139b8e417cbc566b582d0c2564c;p=mirror%2Fuserdir-ldap.git

diff --git a/UDLdap.py b/UDLdap.py
index dcf0bb4..97fd2fb 100644
--- a/UDLdap.py
+++ b/UDLdap.py
@@ -1,9 +1,13 @@
 import ldap
 import time
+import datetime
 import userdir_ldap
+import sys
 
 class Account:
-    array_values = ['objectClass', 'keyFingerPrint', 'mailWhitelist', 'mailRBL', 'mailRHSBL', 'supplementaryGid', 'sshRSAAuthKey', 'sudoPassword', 'dnsZoneEntry']
+    array_values = ['objectClass', 'keyFingerPrint', 'mailWhitelist', 'mailRBL',
+                    'mailRHSBL', 'supplementaryGid', 'sshRSAAuthKey',
+                    'sudoPassword', 'dnsZoneEntry', 'allowedHost']
     int_values = ['shadowExpire', 'gidNumber', 'uidNumber']
     defaults = {
                  'accountStatus': 'active',
@@ -14,11 +18,9 @@ class Account:
     def from_search(ldap_connection, base, user):
         searchresult = ldap_connection.search_s(base, ldap.SCOPE_SUBTREE, 'uid=%s'%(user))
         if len(searchresult) < 1:
-            sys.stderr.write("No such user: %s\n"%(user))
-            return
+            raise IndexError, "No such user: %s\n"%(user)
         elif len(searchresult) > 1:
-            sys.stderr.write("More than one hit when getting %s\n"%(user))
-            return
+            raise IndexError, "More than one hit when getting %s\n"%(user)
         else:
             return Account(searchresult[0][0], searchresult[0][1])
 
@@ -94,6 +96,9 @@ class Account:
 
         return '(%s)'%(', '.join(status))
 
+    def delete_mailforward(self):
+        del self.attributes['emailForward']
+
     def get_dn(self):
         return self.dn
 
@@ -105,6 +110,24 @@ class Account:
         tokens.append(mailbox)
         return ' '.join(tokens)
 
+    def is_allowed_by_hostacl(self, host):
+        if not 'allowedHost' in self: return False
+        if host in self['allowedHost']: return True
+        # or maybe it's a date limited ACL
+        for entry in self['allowedHost']:
+            list = entry.split(None,1)
+            if len(list) == 1: continue
+            (h, expire) = list
+            if host != h: continue
+            try:
+                parsed = datetime.datetime.strptime(expire, '%Y%m%d')
+            except ValueError:
+                print >>sys.stderr, "Cannot parse expiry date in '%s' in hostACL entry for %s."%(entry, self['uid'])
+                return False
+            return parsed >= datetime.datetime.now()
+        return False
+
+
 # vim:set et:
 # vim:set ts=4:
 # vim:set shiftwidth=4: