|
|
|---|
| 39 |
import univention.debug2 as ud |
39 |
import univention.debug2 as ud |
| 40 |
from ldap.controls import LDAPControl |
40 |
from ldap.controls import LDAPControl |
| 41 |
from ldap.controls import SimplePagedResultsControl |
41 |
from ldap.controls import SimplePagedResultsControl |
|
|
42 |
from samba.ndr import ndr_unpack, ndr_pack |
| 43 |
from samba.dcerpc import security |
| 42 |
|
44 |
|
| 43 |
# page results |
45 |
# page results |
| 44 |
PAGE_SIZE=1000 |
46 |
PAGE_SIZE=1000 |
|
|
|---|
| 416 |
def encode_object_sid(sid_string, encode_in_base64=True): |
412 |
def encode_object_sid(sid_string, encode_in_base64=True): |
| 417 |
binary_encoding = "" |
413 |
binary_encoding = "" |
| 418 |
|
414 |
|
| 419 |
for i in sid.split("-")[1:]: |
415 |
## equivalent of encode_sid above |
| 420 |
j = int(i) |
416 |
vlist = sid_string.split("-")[1:] |
|
|
417 |
binary_encoding += chr(int(vlist[0])) + chr(len(vlist)-2) + chr(0) + chr(0) |
| 418 |
binary_encoding += chr(0) + chr(0) + chr(0) + chr(int(vlist[1])) |
| 419 |
|
| 420 |
for i in range(2,len(vlist)): |
| 421 |
j = int(vlist[i]) |
| 421 |
|
422 |
|
| 422 |
oc1 = (j >> 24) |
423 |
oc1 = (j >> 24) |
| 423 |
oc2 = (j - (oc1 * (2 << 23))) >> 16 |
424 |
oc2 = (j - (oc1 * (2 << 23))) >> 16 |
|
|
|---|
| 2016 |
for attr,value in object['attributes'].items(): |
1850 |
for attr,value in object['attributes'].items(): |
| 2017 |
for attribute in self.property[property_type].attributes.keys(): |
1851 |
for attribute in self.property[property_type].attributes.keys(): |
| 2018 |
if self.property[property_type].attributes[attribute].con_attribute == attr: |
1852 |
if self.property[property_type].attributes[attribute].con_attribute == attr: |
| 2019 |
addlist.append((attr, value)) |
1853 |
if attr == 'objectSid': |
|
|
1854 |
objectSid = ndr_pack(security.dom_sid(value[0])) # or encode_sid |
| 1855 |
addlist.append((attr, objectSid)) |
| 1856 |
else: |
| 1857 |
addlist.append((attr, value)) |
| 2020 |
if self.property[property_type].attributes[attribute].con_other_attribute == attr: |
1858 |
if self.property[property_type].attributes[attribute].con_other_attribute == attr: |
| 2021 |
addlist.append((attr, value)) |
1859 |
addlist.append((attr, value)) |
| 2022 |
if hasattr(self.property[property_type], 'post_attributes') and self.property[property_type].post_attributes != None: |
1860 |
if hasattr(self.property[property_type], 'post_attributes') and self.property[property_type].post_attributes != None: |
|
|
|---|
| 2036 |
else: |
1871 |
else: |
| 2037 |
modlist.append((ldap.MOD_DELETE, attr, None)) |
1872 |
modlist.append((ldap.MOD_DELETE, attr, None)) |
| 2038 |
|
1873 |
|
| 2039 |
self.lo_s4.lo.add_s(compatible_modstring(object['dn']), compatible_addlist(addlist)) #FIXME encoding |
1874 |
ud.debug(ud.LDAP, ud.INFO, "sync_from_ucs: addlist: %s" % addlist) |
|
|
1875 |
## compatible_addlist runs decode('latin1').encode('utf8') |
| 1876 |
## which is not correct at least for binary values |
| 1877 |
## the following codeblock skips recoding for self.lo_s4.decode_ignorelist: |
| 1878 |
encoding='utf8' |
| 1879 |
encoded_addlist=[] |
| 1880 |
for attr, values in addlist: |
| 1881 |
if hasattr(attr,'encode'): |
| 1882 |
newattr=attr.encode(encoding) |
| 1883 |
else: |
| 1884 |
newattr=attr |
| 1885 |
if not attr in self.lo_s4.decode_ignorelist: |
| 1886 |
if type(values) == type([]): |
| 1887 |
encoded_addlist.append((newattr, encode_list(values, encoding))) |
| 1888 |
else: |
| 1889 |
encoded_addlist.append((newattr, encode_list(values, encoding))) |
| 1890 |
else: |
| 1891 |
encoded_addlist.append((newattr, values)) |
| 1892 |
|
| 1893 |
self.lo_s4.lo.add_s(compatible_modstring(object['dn']), encoded_addlist) #FIXME encoding |
| 2040 |
|
1894 |
|
| 2041 |
if property_type == 'group': |
1895 |
if property_type == 'group': |
| 2042 |
self.group_members_cache_con[object['dn'].lower()] = [] |
1896 |
self.group_members_cache_con[object['dn'].lower()] = [] |