|
39 |
import univention.debug2 as ud |
39 |
import univention.debug2 as ud |
40 |
from ldap.controls import LDAPControl |
40 |
from ldap.controls import LDAPControl |
41 |
from ldap.controls import SimplePagedResultsControl |
41 |
from ldap.controls import SimplePagedResultsControl |
|
|
42 |
from samba.ndr import ndr_unpack, ndr_pack |
43 |
from samba.dcerpc import security |
42 |
|
44 |
|
43 |
# page results |
45 |
# page results |
44 |
PAGE_SIZE=1000 |
46 |
PAGE_SIZE=1000 |
|
416 |
def encode_object_sid(sid_string, encode_in_base64=True): |
412 |
def encode_object_sid(sid_string, encode_in_base64=True): |
417 |
binary_encoding = "" |
413 |
binary_encoding = "" |
418 |
|
414 |
|
419 |
for i in sid.split("-")[1:]: |
415 |
## equivalent of encode_sid above |
420 |
j = int(i) |
416 |
vlist = sid_string.split("-")[1:] |
|
|
417 |
binary_encoding += chr(int(vlist[0])) + chr(len(vlist)-2) + chr(0) + chr(0) |
418 |
binary_encoding += chr(0) + chr(0) + chr(0) + chr(int(vlist[1])) |
419 |
|
420 |
for i in range(2,len(vlist)): |
421 |
j = int(vlist[i]) |
421 |
|
422 |
|
422 |
oc1 = (j >> 24) |
423 |
oc1 = (j >> 24) |
423 |
oc2 = (j - (oc1 * (2 << 23))) >> 16 |
424 |
oc2 = (j - (oc1 * (2 << 23))) >> 16 |
|
2016 |
for attr,value in object['attributes'].items(): |
1850 |
for attr,value in object['attributes'].items(): |
2017 |
for attribute in self.property[property_type].attributes.keys(): |
1851 |
for attribute in self.property[property_type].attributes.keys(): |
2018 |
if self.property[property_type].attributes[attribute].con_attribute == attr: |
1852 |
if self.property[property_type].attributes[attribute].con_attribute == attr: |
2019 |
addlist.append((attr, value)) |
1853 |
if attr == 'objectSid': |
|
|
1854 |
objectSid = ndr_pack(security.dom_sid(value[0])) # or encode_sid |
1855 |
addlist.append((attr, objectSid)) |
1856 |
else: |
1857 |
addlist.append((attr, value)) |
2020 |
if self.property[property_type].attributes[attribute].con_other_attribute == attr: |
1858 |
if self.property[property_type].attributes[attribute].con_other_attribute == attr: |
2021 |
addlist.append((attr, value)) |
1859 |
addlist.append((attr, value)) |
2022 |
if hasattr(self.property[property_type], 'post_attributes') and self.property[property_type].post_attributes != None: |
1860 |
if hasattr(self.property[property_type], 'post_attributes') and self.property[property_type].post_attributes != None: |
|
2036 |
else: |
1871 |
else: |
2037 |
modlist.append((ldap.MOD_DELETE, attr, None)) |
1872 |
modlist.append((ldap.MOD_DELETE, attr, None)) |
2038 |
|
1873 |
|
2039 |
self.lo_s4.lo.add_s(compatible_modstring(object['dn']), compatible_addlist(addlist)) #FIXME encoding |
1874 |
ud.debug(ud.LDAP, ud.INFO, "sync_from_ucs: addlist: %s" % addlist) |
|
|
1875 |
## compatible_addlist runs decode('latin1').encode('utf8') |
1876 |
## which is not correct at least for binary values |
1877 |
## the following codeblock skips recoding for self.lo_s4.decode_ignorelist: |
1878 |
encoding='utf8' |
1879 |
encoded_addlist=[] |
1880 |
for attr, values in addlist: |
1881 |
if hasattr(attr,'encode'): |
1882 |
newattr=attr.encode(encoding) |
1883 |
else: |
1884 |
newattr=attr |
1885 |
if not attr in self.lo_s4.decode_ignorelist: |
1886 |
if type(values) == type([]): |
1887 |
encoded_addlist.append((newattr, encode_list(values, encoding))) |
1888 |
else: |
1889 |
encoded_addlist.append((newattr, encode_list(values, encoding))) |
1890 |
else: |
1891 |
encoded_addlist.append((newattr, values)) |
1892 |
|
1893 |
self.lo_s4.lo.add_s(compatible_modstring(object['dn']), encoded_addlist) #FIXME encoding |
2040 |
|
1894 |
|
2041 |
if property_type == 'group': |
1895 |
if property_type == 'group': |
2042 |
self.group_members_cache_con[object['dn'].lower()] = [] |
1896 |
self.group_members_cache_con[object['dn'].lower()] = [] |