projects
/
mirror
/
userdir-ldap.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
521c785
)
give Account class a __getitem__ method and use it
author
Peter Palfrader
<peter@palfrader.org>
Mon, 2 Aug 2010 19:58:10 +0000
(19:58 +0000)
committer
Peter Palfrader
<peter@palfrader.org>
Mon, 2 Aug 2010 19:58:10 +0000
(19:58 +0000)
UDLdap.py
patch
|
blob
|
history
ud-lock
patch
|
blob
|
history
diff --git
a/UDLdap.py
b/UDLdap.py
index
ce25bbb
..
447368d
100644
(file)
--- a/
UDLdap.py
+++ b/
UDLdap.py
@@
-1,16
+1,45
@@
+import ldap
+import time
class Account:
class Account:
- def __init__(self, user):
- searchresult = lc.search_s(BaseDn,ldap.SCOPE_SUBTREE, 'uid=%s'%(user))
+ array_values = ['keyFingerPrint']
+ int_values = ['shadowExpire']
+ defaults = {
+ 'accountStatus': 'active',
+ 'keyFingerPrint': []
+ }
+
+ @staticmethod
+ def from_search(ldap_connection, base, user):
+ searchresult = ldap_connection.search_s(base, ldap.SCOPE_SUBTREE, 'uid=%s'%(user))
if len(searchresult) < 1:
sys.stderr.write("No such user: %s\n"%(user))
return
elif len(searchresult) > 1:
sys.stderr.write("More than one hit when getting %s\n"%(user))
return
if len(searchresult) < 1:
sys.stderr.write("No such user: %s\n"%(user))
return
elif len(searchresult) > 1:
sys.stderr.write("More than one hit when getting %s\n"%(user))
return
+ else:
+ return Account(searchresult[0][0], searchresult[0][1])
+
+ def __init__(self, dn, attributes):
+ self.dn = dn
+ self.attributes = attributes
- self.dn, self.attributes = searchresult[0]
+ def __getitem__(self, key):
+ if key in self.attributes:
+ if key in self.array_values:
+ return self.attributes[key]
+ elif key in self.int_values:
+ return int(self.attributes[key][0])
+ else:
+ return self.attributes[key][0]
+ elif key in self.defaults:
+ return self.defaults[key]
+ else:
+ raise IndexError
+ def __contains__(self, key):
+ return key in self.attributes
def has_mail(self):
if 'mailDisableMessage' in self.attributes:
def has_mail(self):
if 'mailDisableMessage' in self.attributes:
@@
-19,27
+48,19
@@
class Account:
# not locked locked, just reset to something invalid like {crypt}*SSLRESET* is still active
def pw_active(self):
# not locked locked, just reset to something invalid like {crypt}*SSLRESET* is still active
def pw_active(self):
- if self
.attributes['userPassword'][0
] == '{crypt}*LK*':
+ if self
['userPassword'
] == '{crypt}*LK*':
return False
return True
# not expired
def shadow_active(self):
return False
return True
# not expired
def shadow_active(self):
- if 'shadowExpire' in self
.attributes
and \
-
int(self.attributes['shadowExpire'][0])
< (time.time() / 3600 / 24):
+ if 'shadowExpire' in self and \
+
self['shadowExpire']
< (time.time() / 3600 / 24):
return False
return True
def numkeys(self):
return False
return True
def numkeys(self):
- if 'keyFingerPrint' in self.attributes:
- return len(self.attributes['keyFingerPrint'])
- return 0
-
- def account_status(self):
- if 'accountStatus' in self.attributes:
- return self.attributes['accountStatus'][0]
- return 'active'
-
+ return len(self['keyFingerPrint'])
def verbose_status(self):
status = []
def verbose_status(self):
status = []
@@
-47,7
+68,7
@@
class Account:
status.append('pw: %s' %(['locked', 'active'][ self.pw_active() ]))
status.append('shadow: %s'%(['expired', 'active'][ self.shadow_active() ]))
status.append('keys: %d' %( self.numkeys() ))
status.append('pw: %s' %(['locked', 'active'][ self.pw_active() ]))
status.append('shadow: %s'%(['expired', 'active'][ self.shadow_active() ]))
status.append('keys: %d' %( self.numkeys() ))
- status.append('status: %s'%( self
.account_status()
))
+ status.append('status: %s'%( self
['accountStatus']
))
return '(%s)'%(', '.join(status))
return '(%s)'%(', '.join(status))
diff --git
a/ud-lock
b/ud-lock
index
7035ed0
..
a274274
100755
(executable)
--- a/
ud-lock
+++ b/
ud-lock
@@
-48,8
+48,8
@@
def connect(user):
return l
def do_one_user(lc, user, ticket):
return l
def do_one_user(lc, user, ticket):
- u = UDLdap.Account
(
user)
- if not u
.account_status()
== 'active':
+ u = UDLdap.Account
.from_search(lc, BaseDn,
user)
+ if not u
['accountStatus']
== 'active':
sys.stderr.write('%s: Account is not active, skipping. (details: %s)\n'%(user, u.verbose_status()))
return
sys.stderr.write('%s: Account is not active, skipping. (details: %s)\n'%(user, u.verbose_status()))
return