|
30 |
# /usr/share/common-licenses/AGPL-3; if not, see |
30 |
# /usr/share/common-licenses/AGPL-3; if not, see |
31 |
# <http://www.gnu.org/licenses/>. |
31 |
# <http://www.gnu.org/licenses/>. |
32 |
|
32 |
|
33 |
|
33 |
from argparse import ArgumentParser |
|
|
34 |
from textwrap import dedent |
35 |
import sys |
34 |
import getopt |
36 |
import getopt |
35 |
import re |
37 |
import re |
36 |
import string |
|
|
37 |
import base64 |
38 |
import base64 |
38 |
import os |
39 |
import os |
39 |
import subprocess |
40 |
import subprocess |
40 |
import traceback |
41 |
import traceback |
41 |
|
42 |
|
42 |
import univention.debug |
43 |
import univention.debug as ud |
43 |
|
44 |
|
44 |
import univention.admin.uexceptions |
45 |
import univention.admin.uexceptions as uex |
45 |
import univention.admin.uldap |
46 |
import univention.admin.uldap |
46 |
import univention.admin.modules |
47 |
import univention.admin.modules |
47 |
import univention.admin.objects |
48 |
import univention.admin.objects |
48 |
from univention.admin.layout import Tab, Group |
49 |
from univention.admin.layout import Group |
49 |
import univention.config_registry |
50 |
from univention.config_registry import ConfigRegistry |
50 |
import univention.admin.ipaddress |
51 |
import univention.admin.ipaddress |
51 |
|
52 |
|
|
|
53 |
|
52 |
univention.admin.modules.update() |
54 |
univention.admin.modules.update() |
53 |
|
55 |
|
54 |
# update choices-lists which are defined in LDAP |
56 |
# update choices-lists which are defined in LDAP |
55 |
univention.admin.syntax.update_choices() |
57 |
univention.admin.syntax.update_choices() |
56 |
|
58 |
|
57 |
# usage information |
59 |
|
58 |
def usage(): |
60 |
class Failed(Exception): |
59 |
out=[] |
61 |
def __str__(self): |
60 |
out.append('univention-directory-manager: command line interface for managing UCS') |
62 |
return "OPERATION FAILED" |
61 |
out.append('copyright (c) 2001-@%@copyright_lastyear@%@ Univention GmbH, Germany') |
63 |
|
62 |
out.append('') |
64 |
|
63 |
out.append('Syntax:') |
65 |
def parse_commandline(): |
64 |
out.append(' univention-directory-manager module action [options]') |
66 |
usage = dedent("""\ |
65 |
out.append(' univention-directory-manager [--help] [--version]') |
67 |
%(prog)s module action [arguments] |
66 |
out.append('') |
68 |
%(prog)s [--help] [--version] |
67 |
out.append('actions:') |
69 |
""") |
68 |
out.append(' %-32s %s' % ('create:', 'Create a new object')) |
70 |
description = dedent("""\ |
69 |
out.append(' %-32s %s' % ('modify:', 'Modify an existing object')) |
71 |
univention-directory-manager is a tool to handle the configuration for UCS |
70 |
out.append(' %-32s %s' % ('remove:', 'Remove an existing object')) |
72 |
on command line level. |
71 |
out.append(' %-32s %s' % ('list:', 'List objects')) |
73 |
Use "univention-directory-manager modules" for a list of available modules. |
72 |
out.append(' %-32s %s' % ('move:', 'Move object in directory tree')) |
74 |
""") |
73 |
out.append('') |
75 |
version = "%(prog)s @%@package_version@%@" |
74 |
out.append(' %-32s %s' % ('-h | --help | -?:', 'print this usage message')) |
76 |
parser = ArgumentParser( |
75 |
out.append(' %-32s %s' % ('--version:', 'print version information')) |
77 |
usage=usage, |
76 |
out.append('') |
78 |
description=description, |
77 |
out.append('general options:') |
79 |
prog="univention-directory-manager") |
78 |
out.append(' --%-30s %s' % ('logfile', 'path and name of the logfile to be used')) |
80 |
parser.add_argument("-?", action="help") |
79 |
out.append('') |
81 |
parser.add_argument("--version", action="version", version=version) |
80 |
out.append('create options:') |
82 |
|
81 |
out.append(' --%-30s %s' % ('binddn', 'bind DN')) |
83 |
general_opt = parser.add_argument_group("General options") |
82 |
out.append(' --%-30s %s' % ('bindpwd', 'bind password')) |
84 |
general_opt.add_argument( |
83 |
out.append(' --%-30s %s' % ('bindpwdfile', 'file containing bind password')) |
85 |
"--logfile", |
84 |
out.append(' --%-30s %s' % ('position', 'Set position in tree')) |
86 |
dest="logfile", |
85 |
out.append(' --%-30s %s' % ('set', 'Set variable to value, e.g. foo=bar')) |
87 |
default='/var/log/univention/directory-manager-cmd.log', |
86 |
out.append(' --%-30s %s' % ('superordinate', 'Use superordinate module')) |
88 |
help="path and name of the logfile to be used") |
87 |
out.append(' --%-30s %s' % ('option', 'Use only given module options')) |
89 |
general_opt.add_argument( |
88 |
out.append(' --%-30s %s' % ('customattribute', 'Set custom attribute foo=bar')) |
90 |
"--binddn", |
89 |
out.append(' --%-30s %s' % ('policy-reference', 'Reference to policy given by DN')) |
91 |
dest="binddn", |
90 |
out.append(' --%-30s %s' % ('tls', '0 (no); 1 (try); 2 (must)')) |
92 |
help="bind DN") |
91 |
out.append(' --%-30s ' % ('ignore_exists')) |
93 |
general_opt.add_argument( |
92 |
out.append('') |
94 |
"--bindpwd", |
93 |
out.append('modify options:') |
95 |
dest="bindpwd", |
94 |
out.append(' --%-30s %s' % ('binddn', 'bind DN')) |
96 |
help="bind password") |
95 |
out.append(' --%-30s %s' % ('bindpwd', 'bind password')) |
97 |
general_opt.add_argument( |
96 |
out.append(' --%-30s %s' % ('bindpwdfile', 'file containing bind password')) |
98 |
"--bindpwdfile", |
97 |
out.append(' --%-30s %s' % ('dn', 'Edit object with DN')) |
99 |
dest="bindpwdfile", |
98 |
out.append(' --%-30s %s' % ('arg', 'Edit object with ARG')) |
100 |
help="file containing bind password") |
99 |
out.append(' --%-30s %s' % ('set', 'Set variable to value, e.g. foo=bar')) |
101 |
general_opt.add_argument( |
100 |
out.append(' --%-30s %s' % ('append', 'Append value to variable, e.g. foo=bar')) |
102 |
"--tls", |
101 |
out.append(' --%-30s %s' % ('remove', 'Remove value from variable, e.g. foo=bar')) |
103 |
dest="tls", type=int, |
102 |
out.append(' --%-30s %s' % ('option', 'Use only given module options')) |
104 |
default=2, choices=range(3), |
103 |
out.append(' --%-30s %s' % ('append-option', 'Append the module options')) |
105 |
help="0 (no); 1 (try); 2 (must)") |
104 |
out.append(' --%-30s %s' % ('customattribute', 'Set custom attribute foo=bar')) |
106 |
|
105 |
out.append(' --%-30s %s' % ('customattribute-remove', 'Remove custom attribute')) |
107 |
subparsers = parser.add_subparsers( |
106 |
out.append(' --%-30s %s' % ('policy-reference', 'Reference to policy given by DN')) |
108 |
title="sub-commands", |
107 |
out.append(' --%-30s %s' % ('policy-dereference', 'Remove reference to policy given by DN')) |
109 |
description="valid subcommands", |
108 |
out.append(' --%-30s %s' % ('tls', '0 (no); 1 (try); 2 (must)')) |
110 |
help="additional help") |
109 |
out.append('') |
111 |
|
110 |
out.append('remove options:') |
112 |
create_opt = subparsers.add_parser("modules", help="List available modules") |
111 |
out.append(' --%-30s %s' % ('binddn', 'bind DN')) |
113 |
|
112 |
out.append(' --%-30s %s' % ('bindpwd', 'bind password')) |
114 |
create_opt = subparsers.add_parser("create", help="Create a new object") |
113 |
out.append(' --%-30s %s' % ('bindpwdfile', 'file containing bind password')) |
115 |
create_opt.add_argument( |
114 |
out.append(' --%-30s %s' % ('dn', 'Remove object with DN')) |
116 |
"--position", |
115 |
out.append(' --%-30s %s' % ('superordinate', 'Use superordinate module')) |
117 |
dest="position", |
116 |
out.append(' --%-30s %s' % ('arg', 'Remove object with ARG')) |
118 |
help="Set position in tree") |
117 |
out.append(' --%-30s %s' % ('filter', 'Lookup filter e.g. foo=bar')) |
119 |
create_opt.add_argument( |
118 |
out.append(' --%-30s %s' % ('tls', '0 (no); 1 (try); 2 (must)')) |
120 |
"--set", |
119 |
out.append(' --%-30s %s' % ('remove_referring', 'remove referring objects')) |
121 |
action="append", dest="set", required=True, |
120 |
out.append('') |
122 |
help="Set variable to value, e.g. foo=bar") |
121 |
out.append('list options:') |
123 |
create_opt.add_argument( |
122 |
out.append(' --%-30s %s' % ('filter', 'Lookup filter e.g. foo=bar')) |
124 |
"--superordinate", |
123 |
out.append(' --%-30s %s' % ('policies', 'List policy-based settings:')) |
125 |
dest="superordinate", |
124 |
out.append(' %-30s %s' % ('', '0:short, 1:long (with policy-DN)')) |
126 |
help="Use superordinate module") |
125 |
out.append('') |
127 |
create_opt.add_argument( |
126 |
out.append('move options:') |
128 |
"--option", |
127 |
out.append(' --%-30s %s' % ('binddn', 'bind DN')) |
129 |
action="append", dest="option", |
128 |
out.append(' --%-30s %s' % ('bindpwd', 'bind password')) |
130 |
help="Use only given module options") |
129 |
out.append(' --%-30s %s' % ('bindpwdfile', 'file containing bind password')) |
131 |
create_opt.add_argument( |
130 |
out.append(' --%-30s %s' % ('dn', 'Move object with DN')) |
132 |
"--policy-reference", |
131 |
out.append(' --%-30s %s' % ('position', 'Move to position in tree')) |
133 |
action="append", dest="policy_reference", |
132 |
out.append('') |
134 |
help="Reference to policy given by DN") |
133 |
out.append('Description:') |
135 |
create_opt.add_argument( |
134 |
out.append(' univention-directory-manager is a tool to handle the configuration for UCS') |
136 |
"--ignore_exists", |
135 |
out.append(' on command line level.') |
137 |
action="store_true", dest="ignore_exists", |
136 |
out.append(' Use "univention-directory-manager modules" for a list of available modules.') |
138 |
help="Ignore already existing object") |
137 |
out.append('') |
139 |
|
138 |
return out |
140 |
modify_opt = subparsers.add_parser("modify", help="Modify an existing object") |
139 |
|
141 |
modify_opt.add_argument( |
140 |
def version(): |
142 |
"--dn", |
141 |
o=[] |
143 |
dest="dn", required=True, |
142 |
o.append('univention-directory-manager @%@package_version@%@') |
144 |
help="Edit object with DN") |
143 |
return o |
145 |
modify_opt.add_argument( |
144 |
|
146 |
"--set", |
145 |
def _print_property( module, action, name, output ): |
147 |
action="append", dest="set", |
146 |
property = module.property_descriptions.get( name ) |
148 |
help="Set variable to value, e.g. foo=bar") |
|
|
149 |
modify_opt.add_argument( |
150 |
"--append", |
151 |
action="append", dest="append", |
152 |
help="Append value to variable, e.g. foo=bar") |
153 |
modify_opt.add_argument( |
154 |
"--remove", |
155 |
action="append", dest="remove", |
156 |
help="Remove value from variable, e.g. foo=bar") |
157 |
modify_opt.add_argument( |
158 |
"--option", |
159 |
action="append", dest="option", |
160 |
help="Append the module options") |
161 |
modify_opt.add_argument( |
162 |
"--policy-reference", |
163 |
action="append", dest="policy_reference", |
164 |
help="Reference to policy given by DN") |
165 |
modify_opt.add_argument( |
166 |
"--policy-dereference", |
167 |
action="append", dest="policy_dereference", |
168 |
help="Remove reference to policy given by DN") |
169 |
|
170 |
remove_opt = subparsers.add_parser("remove", help="Remove an existing object") |
171 |
remove_opt.add_argument( |
172 |
"--dn", |
173 |
dest="dn", |
174 |
help="Remove object with DN") |
175 |
remove_opt.add_argument( |
176 |
"--superordinate", |
177 |
dest="superordinate", |
178 |
help="Use superordinate module") |
179 |
remove_opt.add_argument( |
180 |
"--filter", |
181 |
dest="filter", |
182 |
help="Lookup filter e.g. foo=bar") |
183 |
remove_opt.add_argument( |
184 |
"--remove_referring", |
185 |
action="store_true", dest="remove_referring", |
186 |
help="Remove referring objects") |
187 |
|
188 |
list_opt = subparsers.add_parser("list", help="List objects") |
189 |
list_opt.add_argument( |
190 |
"--filter", |
191 |
dest="filter", |
192 |
help="Lookup filter e.g. foo=bar") |
193 |
list_opt.add_argument( |
194 |
"--policies", |
195 |
dest="policies", type=int, choices=range(2), |
196 |
help="List policy-based settings: 0:short, 1:long (with policy-DN)") |
197 |
|
198 |
move_opt = subparsers.add_parser("move", help="Move object in directory tree") |
199 |
move_opt.add_argument( |
200 |
"--dn", |
201 |
dest="dn", required=True, |
202 |
help="Move object with DN") |
203 |
move_opt.add_argument( |
204 |
"--position", |
205 |
dest="position", required=True, |
206 |
help="Move to position in tree") |
207 |
|
208 |
args = parser.parse_args() |
209 |
return args |
210 |
|
211 |
|
212 |
def usage(out=sys.stdout): |
213 |
print >> out, dedent("""\ |
214 |
%(prog)s command line interface for managing UCS |
215 |
copyright (c) 2001-%(year)s Univention GmbH, Germany |
216 |
|
217 |
Syntax: |
218 |
%(prog)s module action [options] |
219 |
%(prog)s [--help] [--version] |
220 |
|
221 |
actions: |
222 |
create: Create a new object |
223 |
modify: Modify an existing object |
224 |
remove: Remove an existing object |
225 |
list: List objects |
226 |
move: Move object in directory tree |
227 |
|
228 |
-h | --help | -?: Print this usage message |
229 |
--version: Print version information |
230 |
|
231 |
general options: |
232 |
--logfile Path and name of the logfile to be used |
233 |
--binddn Bind DN |
234 |
--bindpwd Bind password |
235 |
--bindpwdfile file containing bind password |
236 |
--tls 0 (no); 1 (try); 2 (must) |
237 |
|
238 |
create options: |
239 |
--position Set position in tree |
240 |
--set Set variable to value, e.g. foo=bar |
241 |
--superordinate Use superordinate module |
242 |
--option Use only given module options |
243 |
--policy-reference Reference to policy given by DN |
244 |
--ignore_exists |
245 |
|
246 |
modify options: |
247 |
--dn Edit object with DN |
248 |
--set Set variable to value, e.g. foo=bar |
249 |
--append Append value to variable, e.g. foo=bar |
250 |
--remove Remove value from variable, e.g. foo=bar |
251 |
--option Use only given module options |
252 |
--append-option Append the module options |
253 |
--policy-reference Reference to policy given by DN |
254 |
--policy-dereference Remove reference to policy given by DN |
255 |
|
256 |
remove options: |
257 |
--dn Remove object with DN |
258 |
--superordinate Use superordinate module |
259 |
--filter Lookup filter e.g. foo=bar |
260 |
--remove_referring Remove referring objects |
261 |
|
262 |
list options: |
263 |
--filter Lookup filter e.g. foo=bar |
264 |
--policies List policy-based settings: |
265 |
0:short, 1:long (with policy-DN) |
266 |
|
267 |
move options: |
268 |
--dn Move object with DN |
269 |
--position Move to position in tree |
270 |
|
271 |
Description: |
272 |
%(prog)s is a tool to handle the configuration for UCS |
273 |
on command line level. |
274 |
Use "%(prog)s modules" for a list of available modules. |
275 |
""") % { |
276 |
"prog": "univention-directory-manager", |
277 |
"year": "@%@copyright_lastyear@%@", |
278 |
} |
279 |
|
280 |
|
281 |
def version(out=sys.stdout): |
282 |
print >> out, 'univention-directory-manager @%@package_version@%@' |
283 |
|
284 |
|
285 |
def _print_property(module, action, name, out=sys.stdout): |
286 |
property = module.property_descriptions.get(name) |
147 |
if property is None: |
287 |
if property is None: |
148 |
output.append( 'E: unknown property %s of module %s' % ( name, univention.admin.modules.name( module ) ) ) |
288 |
print >> out, 'E: unknown property %s of module %s' % ( |
|
|
289 |
name, |
290 |
univention.admin.modules.name(module), |
291 |
) |
149 |
return |
292 |
return |
150 |
|
293 |
|
151 |
required = { |
294 |
required = { |
152 |
'create' : False, |
295 |
'create': False, |
153 |
'modify' : False, |
296 |
'modify': False, |
154 |
'remove' : False, |
297 |
'remove': False, |
155 |
'editable': True, |
298 |
'editable': True, |
156 |
} |
299 |
} |
157 |
|
300 |
|
158 |
if property.required: |
301 |
if property.required: |
159 |
required [ 'create' ] = True |
302 |
required['create'] = True |
160 |
if property.identifies: |
303 |
if property.identifies: |
161 |
required[ 'modify' ] = True |
304 |
required['modify'] = True |
162 |
required[ 'remove' ] = True |
305 |
required['remove'] = True |
163 |
if not property.editable: |
306 |
if not property.editable: |
164 |
required[ 'modify' ] = False |
307 |
required['modify'] = False |
165 |
required[ 'remove' ] = False |
308 |
required['remove'] = False |
166 |
required[ 'editable' ] = False |
309 |
required['editable'] = False |
167 |
|
310 |
|
168 |
flags = '' |
311 |
flags = [] |
169 |
if action in required and required[ action ]: |
312 |
if action in required and required[action]: |
170 |
flags='*' |
313 |
flags.append('*') |
171 |
elif not action in required: |
314 |
elif not action in required: |
172 |
if required[ 'create' ]: |
315 |
if required['create']: |
173 |
flags += 'c' |
316 |
flags.append('c') |
174 |
if required[ 'modify' ]: |
317 |
if required['modify']: |
175 |
flags += 'm' |
318 |
flags.append('m') |
176 |
if required[ 'remove' ]: |
319 |
if required['remove']: |
177 |
flags += 'r' |
320 |
flags.append('r') |
178 |
if not required[ 'editable' ]: |
321 |
if not required['editable']: |
179 |
flags += 'e' |
322 |
flags.append('e') |
|
|
323 |
if flags: |
324 |
flags = [''.join(flags)] |
180 |
if property.options: |
325 |
if property.options: |
181 |
if flags: |
326 |
flags.extend(property.options) |
182 |
flags += ',' |
|
|
183 |
flags += ','.join(property.options) |
184 |
if property.multivalue: |
327 |
if property.multivalue: |
185 |
if flags: |
328 |
flags.append('[]') |
186 |
flags += ',' |
|
|
187 |
flags += '[]' |
188 |
if flags: |
329 |
if flags: |
189 |
flags = '(' + flags + ')' |
330 |
name += ' (%s)' % (','.join(flags),) |
|
|
331 |
|
332 |
print >> out, ' %-40s %s' % ( |
333 |
name, |
334 |
property.short_description |
335 |
) |
190 |
|
336 |
|
191 |
output.append( ' %-40s %s' % ( name + ' ' + flags, property.short_description ) ) |
|
|
192 |
|
337 |
|
193 |
def module_usage(information, action=''): |
338 |
def module_usage(information, action='', out=sys.stdout): |
194 |
out=[] |
|
|
195 |
for module, l in information.items(): |
339 |
for module, l in information.items(): |
196 |
properties, options = l |
340 |
properties, options = l |
197 |
|
341 |
|
198 |
if options: |
342 |
if options: |
199 |
out.append('') |
343 |
print >> out, '' |
200 |
out.append('%s options:' % module.module) |
344 |
print >> out, '%s options:' % module.module |
201 |
for name, option in options.items(): |
345 |
for name, option in options.items(): |
202 |
out.append(' %-32s %s' % (name, option.short_description)) |
346 |
print >> out, ' %-32s %s' % (name, option.short_description) |
203 |
|
347 |
|
204 |
out.append('') |
348 |
print >> out, '' |
205 |
out.append('%s variables:' % module.module) |
349 |
print >> out, '%s variables:' % module.module |
206 |
|
350 |
|
207 |
if not hasattr(module,"layout"): |
351 |
if not hasattr(module, "layout"): |
208 |
continue |
352 |
continue |
209 |
for moduletab in module.layout: |
353 |
for moduletab in module.layout: |
210 |
out.append(' %s:' % (moduletab.label)) |
354 |
print >> out, ' %s:' % (moduletab.label) |
211 |
|
355 |
|
212 |
for row in moduletab.layout: |
356 |
for row in moduletab.layout: |
213 |
if isinstance( row, Group ): |
357 |
if isinstance(row, Group): |
214 |
out.append( ' %s' % row.label ) |
358 |
print >> out, ' %s' % row.label |
215 |
for row in row.layout: |
359 |
for row in row.layout: |
216 |
if isinstance( row, basestring ): |
360 |
if isinstance(row, basestring): |
217 |
_print_property( module, action, row, out ) |
361 |
_print_property(module, action, row, out) |
218 |
continue |
362 |
continue |
219 |
for item in row: |
363 |
for item in row: |
220 |
_print_property( module, action, item, out ) |
364 |
_print_property(module, action, item, out) |
221 |
else: |
365 |
else: |
222 |
if isinstance( row, basestring ): |
366 |
if isinstance(row, basestring): |
223 |
_print_property( module, action, row, out ) |
367 |
_print_property(module, action, row, out) |
224 |
continue |
368 |
continue |
225 |
for item in row: |
369 |
for item in row: |
226 |
_print_property( module, action, item, out ) |
370 |
_print_property(module, action, item, out) |
227 |
|
371 |
|
228 |
return out |
|
|
229 |
|
372 |
|
230 |
def module_information(module, identifies_only=0): |
373 |
def module_information(module, identifies_only=False): |
231 |
information={module:[{},{}]} |
374 |
information = { |
232 |
if 'superordinate' in dir(module) and module.superordinate: |
375 |
module: [{}, {}], |
233 |
superordinate=univention.admin.modules.get(module.superordinate) |
376 |
} |
234 |
information.update(module_information(superordinate, identifies_only=1)) |
377 |
if getattr(module, 'superordinate', None): |
|
|
378 |
superordinate = univention.admin.modules.get(module.superordinate) |
379 |
information.update(module_information(superordinate, identifies_only=True)) |
235 |
|
380 |
|
236 |
if not identifies_only: |
381 |
if not identifies_only: |
237 |
for name, property in module.property_descriptions.items(): |
382 |
for name, property in module.property_descriptions.items(): |
238 |
information[module][0][name]=property |
383 |
information[module][0][name] = property |
239 |
if hasattr(module,'options'): |
384 |
if hasattr(module, 'options'): |
240 |
for name, option in module.options.items(): |
385 |
for name, option in module.options.items(): |
241 |
information[module][1][name]=option |
386 |
information[module][1][name] = option |
242 |
|
387 |
|
243 |
return information |
388 |
return information |
244 |
|
389 |
|
245 |
def _2utf8( text ): |
390 |
|
|
|
391 |
def _2utf8(text): |
246 |
try: |
392 |
try: |
247 |
return text.encode( 'utf-8' ) |
393 |
return text.encode('utf-8') |
248 |
except: |
394 |
except UnicodeError: |
249 |
return text.decode( 'iso-8859-1' ) |
395 |
return text.decode('iso-8859-1') |
|
|
396 |
|
250 |
|
397 |
|
251 |
def object_input(module, object, input, append=None, remove=None): |
398 |
def object_input(module, object, input, append=None, remove=None, out=sys.stdout): |
252 |
out=[] |
|
|
253 |
if append: |
399 |
if append: |
254 |
for key, value in append.items(): |
400 |
for key, value in append.items(): |
255 |
if module.property_descriptions[key].syntax.name == 'file': |
401 |
if module.property_descriptions[key].syntax.name == 'file': |
256 |
if os.path.exists(value): |
402 |
if os.path.exists(value): |
257 |
fh = open(value, 'r') |
403 |
with open(value, 'r') as fh: |
258 |
content='' |
404 |
object[key] = fh.read() |
259 |
for line in fh.readlines(): |
|
|
260 |
content += line |
261 |
object[key] = content |
262 |
fh.close() |
263 |
else: |
405 |
else: |
264 |
out.append('WARNING: file not found: %s' % value) |
406 |
print >> out, 'WARNING: file not found: %s' % value |
265 |
|
407 |
|
266 |
elif univention.admin.syntax.is_syntax( module.property_descriptions[key].syntax, univention.admin.syntax.complex ): |
408 |
elif univention.admin.syntax.is_syntax(module.property_descriptions[key].syntax, univention.admin.syntax.complex): |
267 |
for i in range(0,len(value)): |
409 |
for i in value: |
268 |
test_val=value[i].split('"') |
410 |
test_val = i.split('"') |
269 |
if test_val[0] and test_val[0] == value[i]: |
411 |
if test_val[0] and test_val[0] == i: |
270 |
val=value[i].split(' ') |
412 |
val = i.split(' ') |
271 |
else: |
413 |
else: |
272 |
val=[] |
414 |
val = [] |
273 |
for j in test_val: |
415 |
for j in test_val: |
274 |
if j and j.rstrip().lstrip(): |
416 |
if j and j.strip(): |
275 |
val.append(j.rstrip().lstrip()) |
417 |
val.append(j.strip()) |
276 |
|
418 |
|
277 |
if not object.has_key(key): |
419 |
values = object.setdefault(key, []) |
278 |
object[key]=[] |
420 |
if val in values: |
279 |
if val in object[key]: |
421 |
print >> out, 'WARNING: cannot append %s to %s, value exists' % (val, key) |
280 |
out.append('WARNING: cannot append %s to %s, value exists'%(val,key)) |
422 |
elif values == [''] or values == []: |
281 |
elif object[key] == [''] or object[key] == []: |
423 |
values[:] = [val] |
282 |
object[key]=[val] |
|
|
283 |
else: |
424 |
else: |
284 |
object[key].append(val) |
425 |
values.append(val) |
285 |
else: |
426 |
else: |
286 |
for val in value: |
427 |
for val in value: |
287 |
if val in object[key]: |
428 |
values = object[key] |
288 |
out.append('WARNING: cannot append %s to %s, value exists'%(val,key)) |
429 |
if val in values: |
289 |
elif object[key] == [''] or object[key] == []: |
430 |
print >> out, 'WARNING: cannot append %s to %s, value exists' % (val, key) |
290 |
object[key]=[val] |
431 |
elif values == [''] or values == []: |
|
|
432 |
values[:] = [val] |
291 |
else: |
433 |
else: |
292 |
try: |
434 |
try: |
293 |
tmp = list(object[key]) |
435 |
tmp = list(values) |
294 |
tmp.append(val) |
436 |
tmp.append(val) |
295 |
object[key] = list(tmp) |
437 |
object[key] = list(tmp) |
296 |
except univention.admin.uexceptions.valueInvalidSyntax, errmsg: |
438 |
except uex.valueInvalidSyntax, errmsg: |
297 |
out.append('E: Invalid Syntax: %s' % str(errmsg)) |
439 |
print >> out, 'E: Invalid Syntax: %s' % (errmsg,) |
298 |
if remove: |
440 |
if remove: |
299 |
for key, value in remove.items(): |
441 |
for key, value in remove.items(): |
300 |
if univention.admin.syntax.is_syntax( module.property_descriptions[key].syntax, univention.admin.syntax.complex ): |
442 |
if univention.admin.syntax.is_syntax(module.property_descriptions[key].syntax, univention.admin.syntax.complex): |
301 |
if value: |
443 |
if value: |
302 |
for i in range(0,len(value)): |
444 |
for i in value: |
303 |
test_val=value[i].split('"') |
445 |
test_val = i.split('"') |
304 |
if test_val[0] and test_val[0] == value[i]: |
446 |
if test_val[0] and test_val[0] == i: |
305 |
val=value[i].split(' ') |
447 |
val = i.split(' ') |
306 |
else: |
448 |
else: |
307 |
val=[] |
449 |
val = [] |
308 |
out.append('test_val=%s' % test_val) |
450 |
print >> out, 'test_val=%s' % (test_val,) |
309 |
for j in test_val: |
451 |
for j in test_val: |
310 |
if j and j.rstrip().lstrip(): |
452 |
j = j.strip() |
311 |
val.append(j.rstrip().lstrip()) |
453 |
if j: |
|
|
454 |
val.append(j) |
312 |
|
455 |
|
313 |
for j in range(0,len(val)): |
456 |
val = ['"%s"' % _ for _ in val] |
314 |
val[j]='"%s"' % val[j] |
|
|
315 |
|
457 |
|
316 |
if val and val in object[key]: |
458 |
if val and val in object[key]: |
317 |
object[key].remove(val) |
459 |
object[key].remove(val) |
318 |
else: |
460 |
else: |
319 |
out.append("WARNING: cannot remove %s from %s, value does not exist"%(val,key)) |
461 |
print >> out, "WARNING: cannot remove %s from %s, value does not exist" % (val, key) |
320 |
else: |
462 |
else: |
321 |
object[key]=[] |
463 |
object[key] = [] |
322 |
|
464 |
|
323 |
else: |
465 |
else: |
324 |
if type(object[key]) is str: |
466 |
if isinstance(object[key], basestring): |
325 |
object[key] = [ object[key] ] |
467 |
object[key] = [object[key]] |
326 |
vallist = value |
468 |
vallist = value |
327 |
if type(value) is str: |
469 |
if isinstance(value, basestring): |
328 |
vallist = [ value ] |
470 |
vallist = [value] |
329 |
|
471 |
|
330 |
for val in vallist: |
472 |
for val in vallist: |
331 |
if val in object[key]: |
473 |
if val in object[key]: |
332 |
object[key].remove(val) |
474 |
object[key].remove(val) |
333 |
else: |
475 |
else: |
334 |
out.append("WARNING: cannot remove %s from %s, value does not exist"%(val,key)) |
476 |
print >> out, "WARNING: cannot remove %s from %s, value does not exist" % (val, key) |
335 |
if input: |
477 |
if input: |
336 |
for key, value in input.items(): |
478 |
for key, value in input.items(): |
337 |
if module.property_descriptions[key].syntax.name == 'binaryfile': |
479 |
if module.property_descriptions[key].syntax.name == 'binaryfile': |
338 |
if value == '': |
480 |
if value == '': |
339 |
object[key]=value |
481 |
object[key] = value |
340 |
elif os.path.exists(value): |
482 |
elif os.path.exists(value): |
341 |
fh = open(value, 'r') |
483 |
fh = open(value, 'r') |
342 |
content=fh.read() |
484 |
content = fh.read() |
343 |
if "----BEGIN CERTIFICATE-----" in content: |
485 |
if "----BEGIN CERTIFICATE-----" in content: |
344 |
content = content.replace('----BEGIN CERTIFICATE-----','') |
486 |
content = content.replace('----BEGIN CERTIFICATE-----', '') |
345 |
content = content.replace('----END CERTIFICATE-----','') |
487 |
content = content.replace('----END CERTIFICATE-----', '') |
346 |
object[key]=base64.decodestring(content) |
488 |
object[key] = base64.decodestring(content) |
347 |
else: |
489 |
else: |
348 |
object[key]= content |
490 |
object[key] = content |
349 |
fh.close() |
491 |
fh.close() |
350 |
else: |
492 |
else: |
351 |
out.append('WARNING: file not found: %s' % value) |
493 |
print >> out, 'WARNING: file not found: %s' % value |
352 |
|
494 |
|
353 |
elif univention.admin.syntax.is_syntax( module.property_descriptions[key].syntax, univention.admin.syntax.complex ): |
495 |
elif univention.admin.syntax.is_syntax(module.property_descriptions[key].syntax, univention.admin.syntax.complex): |
354 |
if type(value) == type([]): |
496 |
if isinstance(value, list): |
355 |
for i in range(0,len(value)): |
497 |
for i in value: |
356 |
test_val=value[i].split('"') |
498 |
test_val = i.split('"') |
357 |
if test_val[0] and test_val[0] == value[i]: |
499 |
if test_val[0] and test_val[0] == value[i]: |
358 |
val=value[i].split(' ') |
500 |
val = value[i].split(' ') |
359 |
else: |
501 |
else: |
360 |
val=[] |
502 |
val = [] |
361 |
for j in test_val: |
503 |
for j in test_val: |
362 |
if j and j.rstrip().lstrip(): |
504 |
j = j.strip() |
363 |
val.append(j.rstrip().lstrip()) |
505 |
if j: |
|
|
506 |
val.append(j) |
364 |
else: |
507 |
else: |
365 |
val=value.split(' ') |
508 |
val = value.split(' ') |
366 |
if module.property_descriptions[key].multivalue: |
509 |
if module.property_descriptions[key].multivalue: |
367 |
object[key]=[val] |
510 |
object[key] = [val] |
368 |
else: |
511 |
else: |
369 |
object[key]=val |
512 |
object[key] = val |
370 |
else: |
513 |
else: |
371 |
try: |
514 |
try: |
372 |
object[key]=value |
515 |
object[key] = value |
373 |
except univention.admin.uexceptions.ipOverridesNetwork, e: |
516 |
except uex.ipOverridesNetwork, ex: |
374 |
out.append('WARNING: %s' % e.message) |
517 |
print >> out, 'WARNING: %s' % ex.message |
375 |
except univention.admin.uexceptions.valueMayNotChange, e: |
518 |
except uex.valueMayNotChange, ex: |
376 |
raise univention.admin.uexceptions.valueMayNotChange, "%s: %s"%(e.message, key) |
519 |
raise uex.valueMayNotChange, "%s: %s" % (ex.message, key) |
377 |
return out |
520 |
|
378 |
|
521 |
|
379 |
def list_available_modules(o=[]): |
522 |
def list_available_modules(out=sys.stdout): |
380 |
|
523 |
print >> out, "Available Modules are:" |
381 |
o.append("Available Modules are:") |
524 |
avail_modules = univention.admin.modules.modules.keys() |
382 |
avail_modules = [] |
|
|
383 |
for mod in univention.admin.modules.modules.keys(): |
384 |
avail_modules.append(mod) |
385 |
avail_modules.sort() |
525 |
avail_modules.sort() |
386 |
for mod in avail_modules: |
526 |
for mod in avail_modules: |
387 |
o.append(" %s"%mod) |
527 |
print >> out, " %s" % mod |
388 |
return o |
528 |
|
389 |
|
529 |
|
390 |
def doit(arglist): |
530 |
def doit(arglist, out=sys.stdout): |
391 |
out=[] |
|
|
392 |
try: |
531 |
try: |
393 |
out=_doit(arglist) |
532 |
_doit(arglist, out) |
394 |
except univention.admin.uexceptions.base, e: |
533 |
except uex.base, ex: |
395 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, traceback.format_exc()) |
534 |
ud.debug(ud.ADMIN, ud.WARN, traceback.format_exc()) |
396 |
|
535 |
|
397 |
# collect error information |
536 |
# collect error information |
398 |
msg = [] |
537 |
msg = [] |
399 |
if getattr(e, 'message', None): |
538 |
if getattr(ex, 'message', None): |
400 |
msg.append(e.message) |
539 |
msg.append(ex.message) |
401 |
if getattr(e, 'args', None): |
540 |
if getattr(ex, 'args', None): |
402 |
#avoid duplicate messages |
541 |
#avoid duplicate messages |
403 |
if not len(msg) or len(e.args) > 1 or e.args[0] != msg[0]: |
542 |
if not len(msg) or len(ex.args) > 1 or ex.args[0] != msg[0]: |
404 |
msg.extend(e.args) |
543 |
msg.extend(ex.args) |
405 |
|
544 |
|
406 |
# strip elements and make sure that a ':' is printed iff further information follows |
545 |
# strip elements and make sure that a ':' is printed iff further information follows |
407 |
msg = [i.strip() for i in msg] |
546 |
msg = [_.strip() for _ in msg] |
408 |
if len(msg) == 1: |
547 |
if len(msg) == 1: |
409 |
msg[0] = '%s.' % msg[0].strip(':.') |
548 |
msg[0] = '%s.' % msg[0].strip(':.') |
410 |
elif len(msg) > 1: |
549 |
elif len(msg) > 1: |
411 |
msg[0] = '%s:' % msg[0].strip(':.') |
550 |
msg[0] = '%s:' % msg[0].strip(':.') |
412 |
|
551 |
|
413 |
# append to the output |
552 |
# append to the output |
414 |
out.append(' '.join(msg)) |
553 |
print >> out, ' '.join(msg) |
415 |
return out + ["OPERATION FAILED"] |
554 |
print >> out, Failed() |
416 |
return out |
555 |
except Failed as ex: |
|
|
556 |
print >> out, ex |
557 |
|
558 |
|
559 |
def get_policy(dn, out=sys.stdout, policyOptions=None, policies_with_DN=False): |
560 |
cmd = ['univention_policy_result'] |
561 |
if policyOptions: |
562 |
cmd.extend(policyOptions) |
563 |
cmd.append(dn) |
564 |
|
565 |
policy = attribute = '' |
566 |
value = [] |
567 |
client = {} |
568 |
|
569 |
proc = subprocess.Popen(cmd, stdout=subprocess.PIPE) |
570 |
for line in proc.stdout: |
571 |
line = line.strip() |
572 |
if not line or line.startswith("DN: ") or line.startswith("POLICY "): |
573 |
continue |
574 |
|
575 |
print >> out, " %s" % line |
576 |
if policies_with_DN: |
577 |
key, val = line.split(': ', 1) |
578 |
if key == 'Policy': |
579 |
if attribute and policy: |
580 |
client[attribute] = [policy, value] |
581 |
value = [] |
582 |
policy = val |
583 |
elif key == 'Attribute': |
584 |
attribute = val |
585 |
elif key == 'Value': |
586 |
value.append(val) |
587 |
else: |
588 |
key, val = line.split('=', 1) |
589 |
client.setdefault(key, []).append(val) |
590 |
proc.wait() |
591 |
if policies_with_DN and attribute and policy: |
592 |
client[attribute] = [policy, value] |
593 |
|
594 |
return client |
417 |
|
595 |
|
418 |
def _doit(arglist): |
|
|
419 |
|
596 |
|
420 |
out=[] |
597 |
def _doit(arglist, out=sys.stdout): |
421 |
# parse module and action |
598 |
# parse module and action |
422 |
if len(arglist) < 2: |
599 |
if set(arglist) & set(('-h', '--help', '-?')): |
423 |
return usage() + ["OPERATION FAILED"] |
600 |
return usage(out=out) |
424 |
|
601 |
|
425 |
module_name=arglist[1] |
602 |
if '--version' in arglist: |
426 |
if module_name in ['-h', '--help', '-?']: |
603 |
return version(out=out) |
427 |
return usage() |
|
|
428 |
|
604 |
|
429 |
if module_name == '--version': |
605 |
if len(arglist) < 2: |
430 |
return version() |
606 |
usage(out=out) |
|
|
607 |
raise Failed() |
431 |
|
608 |
|
|
|
609 |
module_name = arglist[1] |
432 |
if module_name == 'modules': |
610 |
if module_name == 'modules': |
433 |
return list_available_modules() |
611 |
return list_available_modules(out=out) |
434 |
|
612 |
|
435 |
remove_referring=0 |
613 |
remove_referring = False |
436 |
recursive=1 |
614 |
recursive = True # BUG: if this is the default, there's no way to disable it |
437 |
# parse options |
615 |
# parse options |
438 |
longopts=['position=', 'dn=', 'arg=', 'set=', 'append=', 'remove=', 'superordinate=', 'option=', 'append-option=', 'filter=', 'tls=', 'ignore_exists', 'logfile=', 'policies=', 'binddn=', 'bindpwd=', 'bindpwdfile=', 'customattribute=', 'customattribute-remove=','policy-reference=','policy-dereference=','remove_referring','recursive'] |
616 |
longopts = [ |
|
|
617 |
'position=', |
618 |
'dn=', |
619 |
'set=', |
620 |
'append=', |
621 |
'remove=', |
622 |
'superordinate=', |
623 |
'option=', |
624 |
'append-option=', |
625 |
'filter=', |
626 |
'tls=', |
627 |
'ignore_exists', |
628 |
'logfile=', |
629 |
'policies=', |
630 |
'binddn=', |
631 |
'bindpwd=', |
632 |
'bindpwdfile=', |
633 |
'policy-reference=', |
634 |
'policy-dereference=', |
635 |
'remove_referring', |
636 |
'recursive', |
637 |
] |
439 |
try: |
638 |
try: |
440 |
opts, args=getopt.getopt(arglist[3:], '', longopts) |
639 |
opts, args = getopt.getopt(arglist[3:], '', longopts) |
441 |
except getopt.error, msg: |
640 |
except getopt.error, msg: |
442 |
out.append(str(msg)) |
641 |
print >> out, msg |
443 |
return out + ["OPERATION FAILED"] |
642 |
raise Failed() |
444 |
|
643 |
|
445 |
if not args == [] and type(args) == type([]): |
644 |
if isinstance(args, list) and args: |
446 |
msg = "WARNING: the following arguments are ignored:" |
645 |
print >> out, "WARNING: the following arguments are ignored: %s" % ( |
447 |
for argument in args: |
646 |
" ".join(('"%s"' % _ for _ in args)), |
448 |
msg = '%s "%s"' % (msg, argument) |
647 |
) |
449 |
out.append(msg) |
648 |
|
450 |
|
649 |
position_dn = '' |
451 |
position_dn='' |
650 |
dn = '' |
452 |
dn='' |
651 |
binddn = None |
453 |
arg=None |
652 |
bindpwd = None |
454 |
binddn=None |
653 |
list_policies = False |
455 |
bindpwd=None |
654 |
policies_with_DN = False |
456 |
list_policies=False |
655 |
policyOptions = [] |
457 |
policies_with_DN=False |
656 |
logfile = '/var/log/univention/directory-manager-cmd.log' |
458 |
policyOptions=[] |
657 |
tls = 2 |
459 |
logfile='/var/log/univention/directory-manager-cmd.log' |
658 |
ignore_exists = False |
460 |
tls=2 |
659 |
superordinate_dn = '' |
461 |
ignore_exists=0 |
660 |
parsed_append_options = [] |
462 |
superordinate_dn='' |
661 |
parsed_options = [] |
463 |
parsed_append_options=[] |
662 |
filter = '' |
464 |
parsed_options=[] |
663 |
input = {} |
465 |
filter='' |
664 |
append = {} |
466 |
input={} |
665 |
remove = {} |
467 |
append={} |
666 |
policy_reference = [] |
468 |
remove={} |
667 |
policy_dereference = [] |
469 |
customattribute={} |
|
|
470 |
customattribute_remove=[] |
471 |
policy_reference=[] |
472 |
policy_dereference=[] |
473 |
for opt, val in opts: |
668 |
for opt, val in opts: |
474 |
if opt == '--position': |
669 |
if opt == '--position': |
475 |
position_dn = _2utf8( val ) |
670 |
position_dn = _2utf8(val) |
476 |
elif opt == '--logfile': |
671 |
elif opt == '--logfile': |
477 |
logfile=val |
672 |
logfile = val |
478 |
elif opt == '--policies': |
673 |
elif opt == '--policies': |
479 |
policies = True |
674 |
list_policies = True |
480 |
if val=="1": |
675 |
if val == "1": |
481 |
policies_with_DN = True |
676 |
policies_with_DN = True |
482 |
else: |
677 |
else: |
483 |
policyOptions = ['-s'] |
678 |
policyOptions = ['-s'] |
484 |
elif opt == '--binddn': |
679 |
elif opt == '--binddn': |
485 |
binddn=val |
680 |
binddn = val |
486 |
elif opt == '--bindpwd': |
681 |
elif opt == '--bindpwd': |
487 |
bindpwd=val |
682 |
bindpwd = val |
488 |
elif opt == '--bindpwdfile': |
683 |
elif opt == '--bindpwdfile': |
489 |
try: |
684 |
try: |
490 |
with open(val) as fp: |
685 |
with open(val) as fp: |
491 |
bindpwd=fp.read().strip() |
686 |
bindpwd = fp.read().strip() |
492 |
except IOError as e: |
687 |
except IOError as ex: |
493 |
out.append( 'E: could not read bindpwd from file (%s)' % str(e) ) |
688 |
print >> out, 'E: could not read bindpwd from file (%s)' % (ex,) |
494 |
return out + ['OPERATION FAILED'] |
689 |
raise Failed() |
495 |
elif opt == '--dn': |
690 |
elif opt == '--dn': |
496 |
dn = _2utf8( val ) |
691 |
dn = _2utf8(val) |
497 |
elif opt == '--arg': |
|
|
498 |
arg=val |
499 |
elif opt == '--tls': |
692 |
elif opt == '--tls': |
500 |
tls=val |
693 |
tls = val |
501 |
elif opt == '--ignore_exists': |
694 |
elif opt == '--ignore_exists': |
502 |
ignore_exists=1 |
695 |
ignore_exists = True |
503 |
elif opt == '--superordinate': |
696 |
elif opt == '--superordinate': |
504 |
superordinate_dn=val |
697 |
superordinate_dn = val |
505 |
elif opt == '--option': |
698 |
elif opt == '--option': |
506 |
parsed_options.append(val) |
699 |
parsed_options.append(val) |
507 |
elif opt == '--append-option': |
700 |
elif opt == '--append-option': |
508 |
parsed_append_options.append(val) |
701 |
parsed_append_options.append(val) |
509 |
elif opt == '--filter': |
702 |
elif opt == '--filter': |
510 |
filter=val |
703 |
filter = val |
511 |
elif opt == '--customattribute': |
|
|
512 |
pos=val.find('=') |
513 |
name=val[:pos] |
514 |
value= _2utf8( val[ pos + 1 : ] ) |
515 |
if not customattribute.has_key(name): |
516 |
customattribute[name]=[] |
517 |
customattribute[name].append(value) |
518 |
elif opt == '--customattribute-remove': |
519 |
pos=val.find('=') |
520 |
if pos == -1: |
521 |
customattribute_remove.append((val,None)) |
522 |
else: |
523 |
name=val[:pos] |
524 |
value = _2utf8( val[ pos + 1 : ] ) |
525 |
customattribute_remove.append((name,value)) |
526 |
elif opt == '--policy-reference': |
704 |
elif opt == '--policy-reference': |
527 |
policy_reference.append(val) |
705 |
policy_reference.append(val) |
528 |
elif opt == '--policy-dereference': |
706 |
elif opt == '--policy-dereference': |
529 |
policy_dereference.append(val) |
707 |
policy_dereference.append(val) |
530 |
|
708 |
|
531 |
if logfile: |
709 |
if logfile: |
532 |
univention.debug.init(logfile, 1, 0) |
710 |
ud.init(logfile, ud.FLUSH, ud.NO_FUNCTION) |
533 |
else: |
711 |
else: |
534 |
out.append("WARNING: no logfile specified") |
712 |
print >> out, "WARNING: no logfile specified" |
535 |
|
713 |
|
536 |
configRegistry=univention.config_registry.ConfigRegistry() |
714 |
configRegistry = ConfigRegistry() |
537 |
configRegistry.load() |
715 |
configRegistry.load() |
538 |
|
716 |
|
539 |
if configRegistry.has_key('ldap/master') and configRegistry['ldap/master']: |
717 |
if configRegistry.get('ldap/master'): |
540 |
co=univention.admin.config.config(configRegistry['ldap/master']) |
718 |
co = univention.admin.config.config(configRegistry['ldap/master']) |
541 |
else: |
719 |
else: |
542 |
co=univention.admin.config.config() |
720 |
co = univention.admin.config.config() |
543 |
|
721 |
|
544 |
baseDN=configRegistry['ldap/base'] |
722 |
baseDN = configRegistry['ldap/base'] |
545 |
|
|
|
546 |
if configRegistry.has_key('directory/manager/cmd/debug/level'): |
547 |
debug_level=configRegistry['directory/manager/cmd/debug/level'] |
548 |
else: |
549 |
debug_level=0 |
550 |
|
723 |
|
551 |
univention.debug.set_level(univention.debug.LDAP, int(debug_level)) |
724 |
debug_level = int(configRegistry.get('directory/manager/cmd/debug/level', 0)) |
552 |
univention.debug.set_level(univention.debug.ADMIN, int(debug_level)) |
725 |
ud.set_level(ud.LDAP, debug_level) |
|
|
726 |
ud.set_level(ud.ADMIN, debug_level) |
553 |
|
727 |
|
554 |
if binddn and bindpwd: |
728 |
if binddn and bindpwd: |
555 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, "using %s account" % binddn) |
729 |
ud.debug(ud.ADMIN, ud.INFO, "using %s account" % binddn) |
556 |
try: |
730 |
try: |
557 |
lo=univention.admin.uldap.access(host=configRegistry['ldap/master'], port=int(configRegistry.get('ldap/master/port', '7389')), base=baseDN, binddn=binddn, start_tls=tls, bindpw=bindpwd) |
731 |
lo = univention.admin.uldap.access( |
558 |
except Exception, e: |
732 |
host=configRegistry['ldap/master'], |
559 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'authentication error: %s' % str(e)) |
733 |
port=int(configRegistry.get('ldap/master/port', 7389)), |
560 |
out.append('authentication error: %s' % str(e)) |
734 |
base=baseDN, |
561 |
return out + ["OPERATION FAILED"] |
735 |
binddn=binddn, |
562 |
policyOptions.extend(['-D', binddn, '-w', bindpwd]) ## FIXME not so nice |
736 |
start_tls=tls, |
|
|
737 |
bindpw=bindpwd |
738 |
) |
739 |
except Exception, ex: |
740 |
ud.debug(ud.ADMIN, ud.WARN, 'authentication error: %s' % (ex,)) |
741 |
print >> out, 'authentication error: %s' % (ex,) |
742 |
raise Failed() |
743 |
policyOptions.extend(['-D', binddn, '-w', bindpwd]) # FIXME not so nice |
563 |
|
744 |
|
564 |
else: |
745 |
else: |
565 |
if os.path.exists('/etc/ldap.secret'): |
746 |
for binddn, secretFileName in ( |
566 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, "using cn=admin,%s account" % baseDN) |
747 |
('cn=admin,' + baseDN, '/etc/ldap.secret'), |
567 |
secretFileName='/etc/ldap.secret' |
748 |
(configRegistry['ldap/hostdn'], '/etc/machine.secret'), |
568 |
binddn='cn=admin,'+baseDN |
749 |
): |
569 |
policyOptions.extend(['-D', binddn, '-y', secretFileName]) |
750 |
if os.path.exists(secretFileName): |
570 |
elif os.path.exists('/etc/machine.secret'): |
751 |
break |
571 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, "using %s account" % configRegistry['ldap/hostdn']) |
752 |
else: |
572 |
secretFileName='/etc/machine.secret' |
753 |
return ["E: Missing LDAP credentials"] + FAILED |
573 |
binddn=configRegistry['ldap/hostdn'] |
754 |
ud.debug(ud.ADMIN, ud.INFO, "using %s account" % binddn) |
574 |
policyOptions.extend(['-D', binddn, '-y', secretFileName]) |
755 |
policyOptions.extend(['-D', binddn, '-y', secretFileName]) |
575 |
|
756 |
|
576 |
try: |
757 |
try: |
577 |
secretFile=open(secretFileName,'r') |
758 |
secretFile = open(secretFileName, 'r') |
578 |
except IOError: |
759 |
except IOError: |
579 |
out.append('E: Permission denied, try --binddn and --bindpwd') |
760 |
print >> out, 'E: Permission denied, try --binddn and --bindpwd' |
580 |
return out + ["OPERATION FAILED"] |
761 |
raise Failed() |
581 |
pwdLine=secretFile.readline() |
762 |
pwdLine = secretFile.readline() |
582 |
pwd=re.sub('\n','',pwdLine) |
763 |
pwd = re.sub('\n', '', pwdLine) |
583 |
|
764 |
|
584 |
try: |
765 |
try: |
585 |
lo=univention.admin.uldap.access(host=configRegistry['ldap/master'], port=int(configRegistry.get('ldap/master/port', '7389')), base=baseDN, binddn=binddn, bindpw=pwd, start_tls=tls) |
766 |
lo = univention.admin.uldap.access( |
586 |
except Exception, e: |
767 |
host=configRegistry['ldap/master'], |
587 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'authentication error: %s' % str(e)) |
768 |
port=int(configRegistry.get('ldap/master/port', '7389')), |
588 |
out.append('authentication error: %s' % str(e)) |
769 |
base=baseDN, |
589 |
return out + ["OPERATION FAILED"] |
770 |
binddn=binddn, |
|
|
771 |
bindpw=pwd, |
772 |
start_tls=tls |
773 |
) |
774 |
except Exception, ex: |
775 |
ud.debug(ud.ADMIN, ud.WARN, 'authentication error: %s' % (ex,)) |
776 |
print >> out, 'authentication error: %s' % (ex,) |
777 |
raise Failed() |
590 |
|
778 |
|
591 |
if not position_dn and superordinate_dn: |
779 |
if not position_dn and superordinate_dn: |
592 |
position_dn=superordinate_dn |
780 |
position_dn = superordinate_dn |
593 |
elif not position_dn: |
781 |
elif not position_dn: |
594 |
position_dn=baseDN |
782 |
position_dn = baseDN |
595 |
|
783 |
|
596 |
try: |
784 |
try: |
597 |
position=univention.admin.uldap.position(baseDN) |
785 |
position = univention.admin.uldap.position(baseDN) |
598 |
position.setDn(position_dn) |
786 |
position.setDn(position_dn) |
599 |
except univention.admin.uexceptions.noObject: |
787 |
except uex.noObject: |
600 |
out.append('E: Invalid position') |
788 |
print >> out, 'E: Invalid position' |
601 |
return out + ["OPERATION FAILED"] |
789 |
raise Failed() |
602 |
|
790 |
|
603 |
try: |
791 |
try: |
604 |
module=univention.admin.modules.get(module_name) |
792 |
module = univention.admin.modules.get(module_name) |
605 |
except: |
793 |
except: |
606 |
out.append("failed to get module %s."%module_name) |
794 |
print >> out, "failed to get module %s." % module_name |
607 |
out.append("") |
795 |
print >> out, "" |
608 |
return list_available_modules(out) + ["OPERATION FAILED"] |
796 |
list_available_modules(out) |
|
|
797 |
raise Failed() |
609 |
|
798 |
|
610 |
if not module: |
799 |
if not module: |
611 |
out.append("unknown module %s." % module_name) |
800 |
print >> out, "unknown module %s." % module_name |
612 |
out.append("") |
801 |
print >> out, "" |
613 |
return list_available_modules(out) + ["OPERATION FAILED"] |
802 |
list_available_modules(out) |
|
|
803 |
raise Failed() |
614 |
|
804 |
|
615 |
# initialise modules |
805 |
# initialise modules |
616 |
univention.admin.modules.init(lo,position,module) |
806 |
univention.admin.modules.init(lo, position, module) |
617 |
|
807 |
|
618 |
information=module_information(module) |
808 |
information = module_information(module) |
619 |
|
809 |
|
620 |
if superordinate_dn and univention.admin.modules.superordinate(module): |
810 |
if superordinate_dn and univention.admin.modules.superordinate(module): |
621 |
try: |
811 |
try: |
622 |
superordinate=univention.admin.objects.get(univention.admin.modules.superordinate(module), co, lo, '', dn=superordinate_dn) |
812 |
superordinate = univention.admin.objects.get(univention.admin.modules.superordinate(module), co, lo, '', dn=superordinate_dn) |
623 |
except univention.admin.uexceptions.insufficientInformation, e: |
813 |
except uex.insufficientInformation, ex: |
624 |
out.append('Insufficient Information: %s' % str(e)) |
814 |
print >> out, 'Insufficient Information: %s' % (ex,) |
625 |
return out + ["OPERATION FAILED"] |
815 |
raise Failed() |
626 |
else: |
816 |
else: |
627 |
superordinate=None |
817 |
superordinate = None |
628 |
|
|
|
629 |
|
818 |
|
630 |
if len(arglist) == 2: |
819 |
if len(arglist) == 2: |
631 |
out = usage() + module_usage(information) |
820 |
module_usage(information, out=out) |
632 |
return out + ["OPERATION FAILED"] |
821 |
raise Failed() |
633 |
|
822 |
|
634 |
action=arglist[2] |
823 |
action = arglist[2] |
635 |
|
824 |
|
636 |
if len(arglist) == 3 and action != 'list': |
825 |
if len(arglist) == 3 and action != 'list': |
637 |
out = usage() + module_usage(information, action) |
826 |
module_usage(information, action, out=out) |
638 |
return out + ["OPERATION FAILED"] |
827 |
raise Failed() |
639 |
|
|
|
640 |
|
828 |
|
641 |
for opt, val in opts: |
829 |
for opt, val in opts: |
642 |
if opt == '--set': |
830 |
if opt == '--set': |
643 |
pos=val.find('=') |
831 |
name, value = val.split('=', 1) |
644 |
name=val[:pos] |
832 |
value = _2utf8(value) |
645 |
value = _2utf8( val[ pos + 1 : ] ) |
833 |
for mod, (properties, options) in information.items(): |
646 |
|
834 |
if name in properties: |
647 |
was_set=0 |
|
|
648 |
for mod, (properties,options) in information.items(): |
649 |
if properties.has_key(name): |
650 |
if properties[name].multivalue: |
835 |
if properties[name].multivalue: |
651 |
if not input.has_key(name): |
836 |
input.setdefault(name, []).append(value) |
652 |
input[name]=[] |
|
|
653 |
was_set=1 |
654 |
if value: |
655 |
input[name].append(value) |
656 |
was_set=1 |
657 |
else: |
837 |
else: |
658 |
input[name]=value |
838 |
input[name] = value |
659 |
was_set=1 |
839 |
break |
|
|
840 |
else: |
841 |
print >> out, "WARNING: No attribute with name '%s' in this module, value not set." % name |
660 |
|
842 |
|
661 |
if not was_set: |
|
|
662 |
out.append("WARNING: No attribute with name '%s' in this module, value not set."%name) |
663 |
elif opt == '--append': |
843 |
elif opt == '--append': |
664 |
pos=val.find('=') |
844 |
name, value = val.split('=', 1) |
665 |
name=val[:pos] |
845 |
value = _2utf8(value) |
666 |
value = _2utf8( val[ pos + 1 : ] ) |
846 |
for mod, (properties, options) in information.items(): |
667 |
was_set=0 |
847 |
if name in properties: |
668 |
for mod, (properties,options) in information.items(): |
|
|
669 |
if properties.has_key(name): |
670 |
if properties[name].multivalue: |
848 |
if properties[name].multivalue: |
671 |
if not append.has_key(name): |
849 |
values = append.setdefault(name, []) |
672 |
append[name]=[] |
|
|
673 |
if value: |
850 |
if value: |
674 |
append[name].append(value) |
851 |
values.append(value) |
675 |
was_set=1 |
|
|
676 |
else: |
852 |
else: |
677 |
append[name]=value |
853 |
append[name] = value |
678 |
was_set=1 |
854 |
break |
679 |
if not was_set: |
855 |
else: |
680 |
out.append("WARNING: No attribute with name %s in this module, value not appended."%name) |
856 |
print >> out, "WARNING: No attribute with name %s in this module, value not appended." % name |
681 |
|
857 |
|
682 |
elif opt == '--remove': |
858 |
elif opt == '--remove': |
683 |
pos=val.find('=') |
859 |
try: |
684 |
if pos == -1: |
860 |
name, value = val.split('=', 1) |
685 |
name=val |
861 |
value = _2utf8(value) |
686 |
value=None |
862 |
except ValueError: |
687 |
else: |
863 |
name, value = val, None |
688 |
name=val[:pos] |
864 |
for mod, (properties, options) in information.items(): |
689 |
value = _2utf8( val[ pos + 1 : ] ) |
865 |
if name in properties: |
690 |
was_set=0 |
|
|
691 |
for mod, (properties,options) in information.items(): |
692 |
if properties.has_key(name): |
693 |
if properties[name].multivalue: |
866 |
if properties[name].multivalue: |
694 |
if not remove.has_key(name): |
867 |
values = remove.setdefault(name, []) |
695 |
remove[name]=[] |
|
|
696 |
if value: |
868 |
if value: |
697 |
remove[name].append(value) |
869 |
values.append(value) |
698 |
was_set=1 |
|
|
699 |
else: |
870 |
else: |
700 |
remove[name]=value |
871 |
remove[name] = value |
701 |
was_set=1 |
872 |
break |
702 |
if not was_set: |
873 |
else: |
703 |
out.append("WARNING: No attribute with name %s in this module, value not removed."%name) |
874 |
print >> out, "WARNING: No attribute with name %s in this module, value not removed." % name |
|
|
875 |
|
704 |
elif opt == '--remove_referring': |
876 |
elif opt == '--remove_referring': |
705 |
remove_referring=1 |
877 |
remove_referring = True |
|
|
878 |
|
706 |
elif opt == '--recursive': |
879 |
elif opt == '--recursive': |
707 |
recursive=1 |
880 |
recursive = True |
708 |
|
881 |
|
709 |
|
882 |
if action in ('modify', 'edit', 'create', 'new'): |
710 |
extraOC=[] |
883 |
for el in policy_reference: |
711 |
extraAttributes=[] |
884 |
oc = lo.get(el, ['objectClass']) |
712 |
customattributes_set =[] |
885 |
if not oc: |
713 |
if hasattr(module, 'ldap_extra_objectclasses') and action in ['modify','edit','create','new']: |
886 |
print >> out, "Object to be referenced does not exist: %s" % (el,) |
714 |
for oc, pname, syntax, ldapMapping, deleteValues, deleteObjectClass in module.ldap_extra_objectclasses: |
887 |
raise Failed() |
715 |
if customattribute.has_key(module.property_descriptions[pname].short_description): |
888 |
if not 'univentionPolicy' in oc['objectClass']: |
716 |
customattributes_set.append(module.property_descriptions[pname].short_description) |
889 |
print >> out, "Object to be referenced is no valid Policy: %s" % (el,) |
717 |
extraOC.append(oc); |
890 |
raise Failed() |
718 |
# check multivalue |
891 |
|
719 |
if module.property_descriptions[pname].multivalue: |
892 |
#+++# ACTION CREATE #+++# |
720 |
if action in ['create','new'] or not dn or dn == '': |
893 |
if action in ('create', 'new'): |
721 |
values_found=[] |
894 |
if getattr(module, 'operations', None): |
722 |
else: |
895 |
if not 'add' in module.operations: |
723 |
values_found=lo.search(base=dn, attr=[ldapMapping]) |
896 |
print >> out, 'Create %s not allowed' % module_name |
724 |
for i in customattribute[module.property_descriptions[pname].short_description]: |
897 |
raise Failed() |
725 |
value_already_set=0 |
898 |
try: |
726 |
for tmp,val in values_found: |
899 |
object = module.object(co, lo, position=position, superordinate=superordinate) |
727 |
if val.has_key(ldapMapping): |
900 |
except uex.insufficientInformation: |
728 |
if i in val[ldapMapping]: |
901 |
print >> out, 'E: Insufficient information' |
729 |
value_already_set=1 |
902 |
print >> out, 'Superordinate object is missing' |
730 |
if value_already_set: |
903 |
raise Failed() |
731 |
out.append('WARNING: customattribute %s is already set to %s'%(module.property_descriptions[pname].short_description,i)) |
|
|
732 |
else: |
733 |
extraAttributes.append((ldapMapping,'',[i])) |
734 |
else: |
735 |
if len(customattribute[module.property_descriptions[pname].short_description])>1: |
736 |
out.append('WARNING: cannot set singlevalue customattribute "%s" with more than one entry'%module.property_descriptions[pname].short_description) |
737 |
else: |
738 |
replaced=0 |
739 |
if action in ['create','new'] or not dn or dn == '': |
740 |
values_found=[] |
741 |
else: |
742 |
values_found=lo.search(base=dn, attr=[ldapMapping]) |
743 |
for tmp,val in values_found: |
744 |
if val.has_key(ldapMapping): |
745 |
extraAttributes.append((ldapMapping,val[ldapMapping][0],[customattribute[module.property_descriptions[pname].short_description][0]])) |
746 |
replaced = 1 |
747 |
if len(val[ldapMapping]) > 1: |
748 |
out.append("WARNING: singlevalue customattribute %s has more than one value set, replace first"%customattribute[module.property_descriptions[pname].short_description]) |
749 |
if not replaced: |
750 |
extraAttributes.append((ldapMapping,'',[customattribute[module.property_descriptions[pname].short_description][0]])) |
751 |
|
752 |
if action in ['modify','edit','create','new']: |
753 |
for i in customattribute.keys(): |
754 |
if not i in customattributes_set: |
755 |
out.append("WARNING: customattribute %s not found, value not set"%i) |
756 |
|
904 |
|
757 |
if policy_reference: |
905 |
if parsed_options: |
758 |
for el in policy_reference: |
906 |
object.options = parsed_options |
759 |
oc = lo.get(el,['objectClass']) |
|
|
760 |
if not oc: |
761 |
out.append("Object to be referenced does not exist:"+el) |
762 |
return out + ["OPERATION FAILED"] |
763 |
if not 'univentionPolicy' in oc['objectClass']: |
764 |
out.append("Object to be referenced is no valid Policy:"+el) |
765 |
return out + ["OPERATION FAILED"] |
766 |
|
767 |
|
768 |
#+++# ACTION CREATE #+++# |
769 |
if action == 'create' or action == 'new': |
770 |
if hasattr(module,'operations') and module.operations: |
771 |
if not 'add' in module.operations: |
772 |
out.append('Create %s not allowed' % module_name) |
773 |
return out + ["OPERATION FAILED"] |
774 |
try: |
775 |
object=module.object(co, lo, position=position, superordinate=superordinate) |
776 |
except univention.admin.uexceptions.insufficientInformation: |
777 |
out.append('E: Insufficient information') |
778 |
out.append('Superordinate object is missing') |
779 |
return out + ["OPERATION FAILED"] |
780 |
|
781 |
if parsed_options: |
782 |
object.options=parsed_options |
783 |
|
784 |
object.open() |
785 |
if hasattr(object,' open_warning') and object.open_warning: |
786 |
out.append('WAR NING:%s'%object.open_warning) |
787 |
exists=0 |
788 |
try: |
789 |
out.extend(object_input(module, object, input, append=append)) |
790 |
except univention.admin.uexceptions.nextFreeIp: |
791 |
if not ignore_exists: |
792 |
out.append('E: No free IP address found') |
793 |
return out + ['OPERATION FAILED'] |
794 |
except univention.admin.uexceptions.valueInvalidSyntax, err: |
795 |
out.append('E: Invalid Syntax: %s' % err) |
796 |
return out + ["OPERATION FAILED"] |
797 |
except Exception, err: |
798 |
out.append('E: Option %s is not valid' %err) |
799 |
return out + ['OPERATION FAILED'] |
800 |
|
801 |
exists=0 |
802 |
exists_msg=None |
803 |
try: |
804 |
dn=object.create() |
805 |
except univention.admin.uexceptions.objectExists, dn: |
806 |
exists_msg = dn |
807 |
if not ignore_exists: |
808 |
out.append('E: Object exists: %s' % exists_msg) |
809 |
return out + ["OPERATION FAILED"] |
810 |
else: |
811 |
exists=1 |
812 |
except univention.admin.uexceptions.uidAlreadyUsed, user: |
813 |
exists_msg = '(uid) %s' % user |
814 |
if not ignore_exists: |
815 |
out.append('E: Object exists: %s' % exists_msg) |
816 |
return out + ["OPERATION FAILED"] |
817 |
else: |
818 |
exists=1 |
819 |
except univention.admin.uexceptions.groupNameAlreadyUsed, group: |
820 |
exists_msg = '(group) %s' % group |
821 |
if not ignore_exists: |
822 |
out.append('E: Object exists: %s' % exists_msg) |
823 |
return out + ["OPERATION FAILED"] |
824 |
else: |
825 |
exists=1 |
826 |
except univention.admin.uexceptions.dhcpServerAlreadyUsed, name: |
827 |
exists_msg = '(dhcpserver) %s' % name |
828 |
if not ignore_exists: |
829 |
out.append('E: Object exists: %s' % exists_msg) |
830 |
return out + ["OPERATION FAILED"] |
831 |
else: |
832 |
exists=1 |
833 |
except univention.admin.uexceptions.macAlreadyUsed, mac: |
834 |
exists_msg = '(mac) %s' % mac |
835 |
if not ignore_exists: |
836 |
out.append('E: Object exists: %s' % exists_msg) |
837 |
return out + ["OPERATION FAILED"] |
838 |
else: |
839 |
exists=1 |
840 |
except univention.admin.uexceptions.noLock, e: |
841 |
exists_msg = '(nolock) %s' % str(e) |
842 |
if not ignore_exists: |
843 |
out.append('E: Object exists: %s' % exists_msg) |
844 |
return out + ["OPERATION FAILED"] |
845 |
else: |
846 |
exists=1 |
847 |
except univention.admin.uexceptions.invalidDhcpEntry: |
848 |
out.append('E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.') |
849 |
return out + ["OPERATION FAILED"] |
850 |
except univention.admin.uexceptions.invalidOptions, e: |
851 |
if not ignore_exists: |
852 |
out.append('E: invalid Options: %s' % e) |
853 |
return out + ["OPERATION FAILED"] |
854 |
except univention.admin.uexceptions.insufficientInformation: |
855 |
out.append('E: Insufficient information') |
856 |
out.append('The following parameters are missing:') |
857 |
for i in module.property_descriptions: |
858 |
property=module.property_descriptions.get(i) |
859 |
if property.required: |
860 |
if not object.has_key(i) or (not object[i] or (type(object[i]) == list and object[i]==[''])): |
861 |
out.append(i) |
862 |
return out + ["OPERATION FAILED"] |
863 |
except univention.admin.uexceptions.noObject, e: |
864 |
out.append('E: object not found: %s' % e) |
865 |
return out + ["OPERATION FAILED"] |
866 |
except univention.admin.uexceptions.circularGroupDependency, e: |
867 |
out.append('E: circular group dependency detected: %s' % e) |
868 |
return out + ["OPERATION FAILED"] |
869 |
|
870 |
if extraOC or extraAttributes: |
871 |
if extraOC: |
872 |
oc=lo.search(base=dn, scope='base', attr=['objectClass']) |
873 |
|
874 |
noc=[] |
875 |
for i in range(len(oc[0][1]['objectClass'])): |
876 |
noc.append(oc[0][1]['objectClass'][i]) |
877 |
|
878 |
for i in range(len(extraOC)): |
879 |
if extraOC[i] not in noc: |
880 |
noc.append(extraOC[i]) |
881 |
|
882 |
if oc != noc: |
883 |
extraAttributes.append(('objectClass',oc,noc)) |
884 |
|
885 |
if extraAttributes: |
886 |
lo.modify(dn,extraAttributes) |
887 |
|
907 |
|
888 |
if policy_reference: |
908 |
object.open() |
889 |
lo.modify(dn,[('objectClass','','univentionPolicyReference')]) |
909 |
if getattr(object, 'open_warning', None): |
890 |
modlist=[] |
910 |
print >> out, 'WARNING:%s' % object.open_warning |
891 |
for el in policy_reference: |
911 |
try: |
892 |
modlist.append(('univentionPolicyReference','',el)) |
912 |
object_input(module, object, input, append=append, out=out) |
893 |
lo.modify(dn,modlist) |
913 |
except uex.nextFreeIp: |
|
|
914 |
if not ignore_exists: |
915 |
print >> out, 'E: No free IP address found' |
916 |
raise Failed() |
917 |
except uex.valueInvalidSyntax, ex: |
918 |
print >> out, 'E: Invalid Syntax: %s' % ex |
919 |
raise Failed() |
920 |
except Exception, ex: |
921 |
print >> out, 'E: Option %s is not valid' % ex |
922 |
raise Failed() |
923 |
|
924 |
exists = False |
925 |
exists_msg = None |
926 |
try: |
927 |
dn = object.create() |
928 |
except uex.objectExists, dn: |
929 |
exists_msg = dn |
930 |
if not ignore_exists: |
931 |
print >> out, 'E: Object exists: %s' % exists_msg |
932 |
raise Failed() |
933 |
else: |
934 |
exists = True |
935 |
except uex.uidAlreadyUsed, user: |
936 |
exists_msg = '(uid) %s' % user |
937 |
if not ignore_exists: |
938 |
print >> out, 'E: Object exists: %s' % exists_msg |
939 |
raise Failed() |
940 |
else: |
941 |
exists = True |
942 |
except uex.groupNameAlreadyUsed, group: |
943 |
exists_msg = '(group) %s' % group |
944 |
if not ignore_exists: |
945 |
print >> out, 'E: Object exists: %s' % exists_msg |
946 |
raise Failed() |
947 |
else: |
948 |
exists = True |
949 |
except uex.dhcpServerAlreadyUsed, name: |
950 |
exists_msg = '(dhcpserver) %s' % name |
951 |
if not ignore_exists: |
952 |
print >> out, 'E: Object exists: %s' % exists_msg |
953 |
raise Failed() |
954 |
else: |
955 |
exists = True |
956 |
except uex.macAlreadyUsed, mac: |
957 |
exists_msg = '(mac) %s' % mac |
958 |
if not ignore_exists: |
959 |
print >> out, 'E: Object exists: %s' % exists_msg |
960 |
raise Failed() |
961 |
else: |
962 |
exists = True |
963 |
except uex.noLock, ex: |
964 |
exists_msg = '(nolock) %s' % (ex,) |
965 |
if not ignore_exists: |
966 |
print >> out, 'E: Object exists: %s' % exists_msg |
967 |
raise Failed() |
968 |
else: |
969 |
exists = True |
970 |
except uex.invalidDhcpEntry: |
971 |
print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.' |
972 |
raise Failed() |
973 |
except uex.invalidOptions, ex: |
974 |
if not ignore_exists: |
975 |
print >> out, 'E: invalid Options: %s' % ex |
976 |
raise Failed() |
977 |
except uex.insufficientInformation: |
978 |
print >> out, 'E: Insufficient information' |
979 |
print >> out, 'The following parameters are missing:' |
980 |
for i in module.property_descriptions: |
981 |
property = module.property_descriptions.get(i) |
982 |
if property.required: |
983 |
if i not in object or (not object[i] or (isinstance(object[i], list) and object[i] == [''])): |
984 |
print >> out, i |
985 |
raise Failed() |
986 |
except uex.noObject, ex: |
987 |
print >> out, 'E: object not found: %s' % ex |
988 |
raise Failed() |
989 |
except uex.circularGroupDependency, ex: |
990 |
print >> out, 'E: circular group dependency detected: %s' % ex |
991 |
raise Failed() |
894 |
|
992 |
|
895 |
if exists == 1: |
993 |
if policy_reference: |
896 |
if exists_msg: |
994 |
lo.modify(dn, [('objectClass', '', 'univentionPolicyReference')]) |
897 |
out.append('Object exists: %s' % exists_msg) |
995 |
modlist = [('univentionPolicyReference', '', el) for el in policy_reference] |
898 |
else: |
996 |
lo.modify(dn, modlist) |
899 |
out.append('Object exists') |
997 |
|
|
|
998 |
if exists: |
999 |
if exists_msg: |
1000 |
print >> out, 'Object exists: %s' % exists_msg |
900 |
else: |
1001 |
else: |
901 |
if not dn: |
1002 |
print >> out, 'Object exists' |
902 |
dn=object.dn |
1003 |
else: |
903 |
out.append('Object created: %s' % _2utf8( dn ) ) |
1004 |
if not dn: |
|
|
1005 |
dn = object.dn |
1006 |
print >> out, 'Object created: %s' % _2utf8(dn) |
904 |
|
1007 |
|
905 |
#+++# ACTION MODIFY #+++# |
1008 |
#+++# ACTION MODIFY #+++# |
906 |
elif action == 'modify' or action == 'edit' or action == 'move': |
1009 |
elif action == 'modify' or action == 'edit' or action == 'move': |
907 |
if not dn: |
1010 |
if not dn: |
908 |
out.append('E: DN is missing') |
1011 |
print >> out, 'E: DN is missing' |
909 |
return out + ["OPERATION FAILED"] |
1012 |
raise Failed() |
910 |
|
1013 |
|
911 |
object_modified = 0 |
1014 |
object_modified = 0 |
912 |
|
1015 |
|
913 |
if hasattr(module,'operations') and module.operations: |
1016 |
if getattr(module, 'operations', None): |
914 |
if not 'edit' in module.operations: |
1017 |
if not 'edit' in module.operations: |
915 |
out.append('Modify %s not allowed' % module_name) |
1018 |
print >> out, 'Modify %s not allowed' % module_name |
916 |
return out + ["OPERATION FAILED"] |
1019 |
raise Failed() |
917 |
|
1020 |
|
918 |
try: |
1021 |
try: |
919 |
object=univention.admin.objects.get(module, co, lo, position='', dn=dn) |
1022 |
object = univention.admin.objects.get(module, co, lo, position='', dn=dn) |
920 |
except univention.admin.uexceptions.noObject: |
1023 |
except uex.noObject: |
921 |
out.append('E: object not found') |
1024 |
print >> out, 'E: object not found' |
922 |
return out + ["OPERATION FAILED"] |
1025 |
raise Failed() |
923 |
|
1026 |
|
924 |
object.open() |
1027 |
object.open() |
925 |
if hasattr(object,'open_warning') and object.open_warning: |
1028 |
if getattr(object, 'open_warning', None): |
926 |
out.append('WARNING:%s'%object.open_warning) |
1029 |
print >> out, 'WARNING:%s' % object.open_warning |
927 |
|
1030 |
|
928 |
if action == 'move': |
1031 |
if action == 'move': |
929 |
if hasattr(module,'operations') and module.operations: |
1032 |
if getattr(module, 'operations', None): |
930 |
if not 'move' in module.operations: |
1033 |
if not 'move' in module.operations: |
931 |
out.append('Move %s not allowed' % module_name) |
1034 |
print >> out, 'Move %s not allowed' % module_name |
932 |
return out + ["OPERATION FAILED"] |
1035 |
raise Failed() |
933 |
if not position_dn: |
1036 |
if not position_dn: |
934 |
out.append("need new position for moving object") |
1037 |
print >> out, "need new position for moving object" |
935 |
else: |
1038 |
else: |
936 |
res = '' |
1039 |
try: # check if global-position exists |
937 |
try: # check if goal-position exists |
|
|
938 |
res = lo.get(position_dn) |
1040 |
res = lo.get(position_dn) |
939 |
except: |
1041 |
except: |
940 |
pass |
1042 |
res = '' |
941 |
if not res: |
1043 |
if not res: |
942 |
out.append("position does not exsist: %s"%position_dn) |
1044 |
print >> out, "position does not exsist: %s" % position_dn |
943 |
return out + ["OPERATION FAILED"] |
1045 |
raise Failed() |
944 |
rdn = dn[:string.find(dn,',')] |
1046 |
rdn, _old_base = dn.split(',', 1) |
945 |
newdn="%s,%s" % (rdn,position_dn) |
1047 |
newdn = "%s,%s" % (rdn, position_dn) |
946 |
try: |
1048 |
try: |
947 |
object.move(newdn) |
1049 |
object.move(newdn) |
948 |
object_modified+=1 |
1050 |
object_modified += 1 |
949 |
except univention.admin.uexceptions.noObject: |
1051 |
except uex.noObject: |
950 |
out.append('E: object not found') |
1052 |
print >> out, 'E: object not found' |
951 |
return out + ["OPERATION FAILED"] |
1053 |
raise Failed() |
952 |
except univention.admin.uexceptions.ldapError, msg: |
1054 |
except uex.ldapError, msg: |
953 |
out.append("ldap Error: %s"%msg) |
1055 |
print >> out, "ldap Error: %s" % msg |
954 |
return out + ["OPERATION FAILED"] |
1056 |
raise Failed() |
955 |
except univention.admin.uexceptions.nextFreeIp: |
1057 |
except uex.nextFreeIp: |
956 |
out.append('E: No free IP address found') |
1058 |
print >> out, 'E: No free IP address found' |
957 |
return out + ['OPERATION FAILED'] |
1059 |
raise Failed() |
958 |
except univention.admin.uexceptions.valueInvalidSyntax, err: |
1060 |
except uex.valueInvalidSyntax, err: |
959 |
out.append('E: Invalid Syntax: %s' % err) |
1061 |
print >> out, 'E: Invalid Syntax: %s' % err |
960 |
return out + ["OPERATION FAILED"] |
1062 |
raise Failed() |
961 |
except univention.admin.uexceptions.invalidOperation, msg: |
1063 |
except uex.invalidOperation, msg: |
962 |
out.append(str(msg)) |
1064 |
print >> out, str(msg) |
963 |
return out + ["OPERATION FAILED"] |
1065 |
raise Failed() |
964 |
|
1066 |
|
965 |
else: # modify |
1067 |
else: # modify |
966 |
|
1068 |
if any((input, append, remove, parsed_append_options, parsed_options)): |
967 |
if (len(input)+len(append)+len(remove)+len(parsed_append_options)+len(parsed_options))>0: |
|
|
968 |
if parsed_options: |
1069 |
if parsed_options: |
969 |
object.options=parsed_options |
1070 |
object.options = parsed_options |
970 |
if parsed_append_options: |
1071 |
if parsed_append_options: |
971 |
for option in parsed_append_options: |
1072 |
for option in parsed_append_options: |
972 |
object.options.append(option) |
1073 |
object.options.append(option) |
973 |
try: |
1074 |
try: |
974 |
out.extend(object_input(module, object, input, append, remove)) |
1075 |
object_input(module, object, input, append, remove, out=out) |
975 |
except univention.admin.uexceptions.valueMayNotChange,e: |
1076 |
except uex.valueMayNotChange, ex: |
976 |
out.append(unicode(e[0])) |
1077 |
print >> out, unicode(ex[0]) |
977 |
return out + ["OPERATION FAILED"] |
1078 |
raise Failed() |
978 |
if object.hasChanged(input.keys()) or object.hasChanged(append.keys()) or object.hasChanged(remove.keys()) or parsed_append_options or parsed_options: |
1079 |
if object.hasChanged(input.keys()) or object.hasChanged(append.keys()) or object.hasChanged(remove.keys()) or parsed_append_options or parsed_options: |
979 |
try: |
1080 |
try: |
980 |
dn=object.modify() |
1081 |
dn = object.modify() |
981 |
object_modified+=1 |
1082 |
object_modified += 1 |
982 |
except univention.admin.uexceptions.noObject: |
1083 |
except uex.noObject: |
983 |
out.append('E: object not found') |
1084 |
print >> out, 'E: object not found' |
984 |
return out + ["OPERATION FAILED"] |
1085 |
raise Failed() |
985 |
except univention.admin.uexceptions.invalidDhcpEntry: |
1086 |
except uex.invalidDhcpEntry: |
986 |
out.append('E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.') |
1087 |
print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.' |
987 |
return out + ["OPERATION FAILED"] |
1088 |
raise Failed() |
988 |
except univention.admin.uexceptions.circularGroupDependency, e: |
1089 |
except uex.circularGroupDependency, ex: |
989 |
out.append('E: circular group dependency detected: %s' % e) |
1090 |
print >> out, 'E: circular group dependency detected: %s' % ex |
990 |
return out + ["OPERATION FAILED"] |
1091 |
raise Failed() |
991 |
except univention.admin.uexceptions.valueInvalidSyntax, e: |
1092 |
except uex.valueInvalidSyntax, ex: |
992 |
out.append('E: Invalid Syntax: %s' % e) |
1093 |
print >> out, 'E: Invalid Syntax: %s' % ex |
993 |
return out + ["OPERATION FAILED"] |
1094 |
raise Failed() |
994 |
|
|
|
995 |
if extraOC or extraAttributes: |
996 |
if extraOC: |
997 |
oc=lo.search(base=dn, scope='base', attr=['objectClass']) |
998 |
|
999 |
noc=[] |
1000 |
for i in range(len(oc[0][1]['objectClass'])): |
1001 |
noc.append(oc[0][1]['objectClass'][i]) |
1002 |
|
1003 |
for i in range(len(extraOC)): |
1004 |
if not extraOC[i] in noc: |
1005 |
noc.append(extraOC[i]) |
1006 |
|
1007 |
if noc != oc[0][1]['objectClass']: |
1008 |
extraAttributes.append(('objectClass',oc[0][1]['objectClass'],noc)) |
1009 |
if extraAttributes: |
1010 |
try: |
1011 |
lo.modify(dn,extraAttributes) |
1012 |
object_modified+=1 |
1013 |
except univention.admin.uexceptions.ldapError, msg: |
1014 |
out.append("ldap Error: %s"%msg) |
1015 |
|
1016 |
if customattribute_remove: |
1017 |
extraAttributes=[] |
1018 |
removed_attributes=[] |
1019 |
if hasattr(module, 'ldap_extra_objectclasses'): |
1020 |
for oc, pname, syntax, ldapMapping, deleteValues, deleteObjectClass in module.ldap_extra_objectclasses: |
1021 |
for index in range(0,len(customattribute_remove)): |
1022 |
if customattribute_remove[index][0] == module.property_descriptions[pname].short_description: |
1023 |
for tmp,val in lo.search(base=dn, attr=[ldapMapping]): |
1024 |
if val.has_key(ldapMapping): |
1025 |
for i in range(0, len(val[ldapMapping])): |
1026 |
if (not customattribute_remove[index][1]) or customattribute_remove[index][1] == val[ldapMapping][i]: |
1027 |
extraAttributes.append((ldapMapping,val[ldapMapping][i],'')) |
1028 |
removed_attributes.append(module.property_descriptions[pname].short_description) |
1029 |
else: |
1030 |
out.append("customattribute %s not set"%module.property_descriptions[pname].short_description) |
1031 |
removed_attributes.append(module.property_descriptions[pname].short_description) |
1032 |
|
1033 |
if extraAttributes: |
1034 |
lo.modify(dn,extraAttributes) |
1035 |
object_modified+=1 |
1036 |
|
1037 |
for n,v in customattribute_remove: |
1038 |
if not n in removed_attributes: |
1039 |
out.append("WARNING: customattribute %s not found"%n) |
1040 |
|
1095 |
|
1041 |
if policy_reference: |
1096 |
if policy_reference: |
1042 |
if 'univentionPolicyReference' not in lo.get(dn,['objectClass'])['objectClass']: |
1097 |
if 'univentionPolicyReference' not in lo.get(dn, ['objectClass'])['objectClass']: |
1043 |
lo.modify(dn,[('objectClass','','univentionPolicyReference')]) |
1098 |
lo.modify(dn, [('objectClass', '', 'univentionPolicyReference')]) |
1044 |
object_modified+=1 |
1099 |
object_modified += 1 |
1045 |
modlist=[] |
1100 |
modlist = [] |
1046 |
upr = lo.search(base=dn, scope='base', attr=['univentionPolicyReference'])[0][1] |
1101 |
upr = lo.search(base=dn, scope='base', attr=['univentionPolicyReference'])[0][1] |
1047 |
if not upr.has_key('univentionPolicyReference'): |
1102 |
if 'univentionPolicyReference' not in upr: |
1048 |
upr['univentionPolicyReference'] = [] |
1103 |
upr['univentionPolicyReference'] = [] |
1049 |
for el in policy_reference: |
1104 |
for el in policy_reference: |
1050 |
if val in upr['univentionPolicyReference']: |
1105 |
if val in upr['univentionPolicyReference']: |
1051 |
out.append('WARNING: cannot append %s to univentionPolicyReference, value exists' % val) |
1106 |
print >> out, 'WARNING: cannot append %s to univentionPolicyReference, value exists' % val |
1052 |
else: |
1107 |
else: |
1053 |
modlist.append(('univentionPolicyReference','',el)) |
1108 |
modlist.append(('univentionPolicyReference', '', el)) |
1054 |
if modlist: |
1109 |
if modlist: |
1055 |
lo.modify(dn,modlist) |
1110 |
lo.modify(dn, modlist) |
1056 |
object_modified+=1 |
1111 |
object_modified += 1 |
1057 |
|
1112 |
|
1058 |
if policy_dereference: |
1113 |
if policy_dereference: |
1059 |
modlist=[] |
1114 |
modlist = [('univentionPolicyReference', el, '') for el in policy_dereference] |
1060 |
for el in policy_dereference: |
1115 |
lo.modify(dn, modlist) |
1061 |
modlist.append(('univentionPolicyReference',el,'')) |
1116 |
object_modified += 1 |
1062 |
lo.modify(dn,modlist) |
|
|
1063 |
object_modified+=1 |
1064 |
|
1117 |
|
1065 |
if object_modified > 0: |
1118 |
if object_modified > 0: |
1066 |
out.append( 'Object modified: %s'% _2utf8( dn ) ) |
1119 |
print >> out, 'Object modified: %s' % _2utf8(dn) |
1067 |
else: |
1120 |
else: |
1068 |
out.append( 'No modification: %s'% _2utf8( dn ) ) |
1121 |
print >> out, 'No modification: %s' % _2utf8(dn) |
1069 |
|
1122 |
|
1070 |
elif action == 'remove' or action == 'delete': |
1123 |
elif action == 'remove' or action == 'delete': |
1071 |
|
1124 |
if getattr(module, 'operations', None): |
1072 |
if hasattr(module,'operations') and module.operations: |
|
|
1073 |
if not 'remove' in module.operations: |
1125 |
if not 'remove' in module.operations: |
1074 |
out.append('Remove %s not allowed' % module_name) |
1126 |
print >> out, 'Remove %s not allowed' % module_name |
1075 |
return out + ["OPERATION FAILED"] |
1127 |
raise Failed() |
1076 |
|
1128 |
|
1077 |
try: |
1129 |
try: |
1078 |
if dn and filter: |
1130 |
if dn and filter: |
1079 |
object=univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=dn, filter=filter, required=1, unique=1)[0] |
1131 |
object = univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=dn, filter=filter, required=1, unique=1)[0] |
1080 |
elif dn: |
1132 |
elif dn: |
1081 |
object=univention.admin.modules.lookup(module, co, lo, scope='base', superordinate=superordinate, base=dn, filter=filter, required=1, unique=1)[0] |
1133 |
object = univention.admin.modules.lookup(module, co, lo, scope='base', superordinate=superordinate, base=dn, filter=filter, required=1, unique=1)[0] |
1082 |
elif filter: |
1134 |
elif filter: |
1083 |
object=univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=position.getDn(), filter=filter, required=1, unique=1)[0] |
1135 |
object = univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=position.getDn(), filter=filter, required=1, unique=1)[0] |
1084 |
else: |
1136 |
else: |
1085 |
out.append('E: dn or filter needed') |
1137 |
print >> out, 'E: dn or filter needed' |
1086 |
return out + ["OPERATION FAILED"] |
1138 |
raise Failed() |
1087 |
except (univention.admin.uexceptions.noObject, IndexError): |
1139 |
except (uex.noObject, IndexError): |
1088 |
out.append('E: object not found') |
1140 |
print >> out, 'E: object not found' |
1089 |
return out + ["OPERATION FAILED"] |
1141 |
raise Failed() |
1090 |
|
1142 |
|
1091 |
object.open() |
1143 |
object.open() |
1092 |
if hasattr(object,'open_warning') and object.open_warning: |
1144 |
if getattr(object, 'open_warning', None): |
1093 |
out.append('WARNING:%s'%object.open_warning) |
1145 |
print >> out, 'WARNING:%s' % object.open_warning |
1094 |
|
1146 |
|
1095 |
if remove_referring and univention.admin.objects.wantsCleanup(object): |
1147 |
if remove_referring and univention.admin.objects.wantsCleanup(object): |
1096 |
univention.admin.objects.performCleanup(object) |
1148 |
univention.admin.objects.performCleanup(object) |
Lines 1098-1256
def _doit(arglist):
|
Link Here
|
---|
|
1098 |
if recursive: |
1150 |
if recursive: |
1099 |
try: |
1151 |
try: |
1100 |
object.remove(recursive) |
1152 |
object.remove(recursive) |
1101 |
except univention.admin.uexceptions.ldapError,msg: |
1153 |
except uex.ldapError, msg: |
1102 |
out.append(str(msg)) |
1154 |
print >> out, str(msg) |
1103 |
return out + ["OPERATION FAILED"] |
1155 |
raise Failed() |
1104 |
else: |
1156 |
else: |
1105 |
try: |
1157 |
try: |
1106 |
object.remove() |
1158 |
object.remove() |
1107 |
except univention.admin.uexceptions.primaryGroupUsed: |
1159 |
except uex.primaryGroupUsed: |
1108 |
out.append('E: object in use') |
1160 |
print >> out, 'E: object in use' |
1109 |
return out + ["OPERATION FAILED"] |
1161 |
raise Failed() |
1110 |
out.append( 'Object removed: %s'% _2utf8( dn ) ) |
1162 |
print >> out, 'Object removed: %s' % _2utf8(dn) |
1111 |
|
1163 |
|
1112 |
elif action == 'list' or action == 'lookup': |
1164 |
elif action == 'list' or action == 'lookup': |
1113 |
|
1165 |
if getattr(module, 'operations', None): |
1114 |
if hasattr(module,'operations') and module.operations: |
|
|
1115 |
if not 'search' in module.operations: |
1166 |
if not 'search' in module.operations: |
1116 |
out.append('Search %s not allowed' % module_name) |
1167 |
print >> out, 'Search %s not allowed' % module_name |
1117 |
return out + ["OPERATION FAILED"] |
1168 |
raise Failed() |
1118 |
|
1169 |
|
1119 |
out.append( _2utf8( filter ) ) |
1170 |
print >> out, _2utf8(filter) |
1120 |
|
1171 |
|
1121 |
try: |
1172 |
try: |
1122 |
for object in univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=position.getDn(), filter=filter): |
1173 |
for object in univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=position.getDn(), filter=filter): |
1123 |
out.append( 'DN: %s' % _2utf8( univention.admin.objects.dn (object ) ) ) |
1174 |
print >> out, 'DN: %s' % _2utf8(univention.admin.objects.dn(object)) |
1124 |
out.append( 'ARG: %s' % univention.admin.objects.arg( object ) ) |
|
|
1125 |
|
1175 |
|
1126 |
if (hasattr(module,'virtual') and not module.virtual) or not hasattr(module,'virtual'): |
1176 |
if not getattr(module, 'virtual', None): |
1127 |
object.open() |
1177 |
object.open() |
1128 |
if hasattr(object,'open_warning') and object.open_warning: |
1178 |
if getattr(object, 'open_warning', None): |
1129 |
out.append('WARNING: %s'%object.open_warning) |
1179 |
print >> out, 'WARNING: %s' % object.open_warning |
1130 |
for key, value in object.items(): |
1180 |
for key, value in object.items(): |
1131 |
s=module.property_descriptions[key].syntax |
1181 |
s = module.property_descriptions[key].syntax |
1132 |
if module.property_descriptions[key].multivalue: |
1182 |
if module.property_descriptions[key].multivalue: |
1133 |
for v in value: |
1183 |
for v in value: |
1134 |
if s.tostring(v): |
1184 |
if s.tostring(v): |
1135 |
out.append(' %s: %s' % ( _2utf8( key ), _2utf8( s.tostring( v ) ) ) ) |
1185 |
print >> out, ' %s: %s' % (_2utf8(key), _2utf8(s.tostring(v))) |
1136 |
else: |
1186 |
else: |
1137 |
out.append(' %s: %s' % ( _2utf8( key ), None ) ) |
1187 |
print >> out, ' %s: %s' % (_2utf8(key), None) |
1138 |
else: |
1188 |
else: |
1139 |
if s.tostring(value): |
1189 |
if s.tostring(value): |
1140 |
out.append(' %s: %s' % ( _2utf8( key ), _2utf8( s.tostring( value ) ) ) ) |
1190 |
print >> out, ' %s: %s' % (_2utf8(key), _2utf8(s.tostring(value))) |
1141 |
else: |
1191 |
else: |
1142 |
out.append(' %s: %s' % ( _2utf8( key ), None ) ) |
1192 |
print >> out, ' %s: %s' % (_2utf8(key), None) |
1143 |
|
1193 |
|
1144 |
if 'univentionPolicyReference' in lo.get(univention.admin.objects.dn(object),['objectClass'])['objectClass']: |
1194 |
if 'univentionPolicyReference' in lo.get(univention.admin.objects.dn(object), ['objectClass'])['objectClass']: |
1145 |
references = lo.get( _2utf8(univention.admin.objects.dn( object ) ), |
1195 |
references = lo.get( |
1146 |
[ 'univentionPolicyReference' ] ) |
1196 |
_2utf8(univention.admin.objects.dn(object)), |
|
|
1197 |
['univentionPolicyReference'] |
1198 |
) |
1147 |
if references: |
1199 |
if references: |
1148 |
for el in references['univentionPolicyReference']: |
1200 |
for el in references['univentionPolicyReference']: |
1149 |
out.append(' %s: %s' % ( 'univentionPolicyReference', |
1201 |
print >> out, ' %s: %s' % ( |
1150 |
_2utf8( s.tostring( el ) ) ) ) |
1202 |
'univentionPolicyReference', |
|
|
1203 |
_2utf8(s.tostring(el)) |
1204 |
) |
1151 |
|
1205 |
|
1152 |
if list_policies: |
1206 |
if list_policies: |
1153 |
utf8_objectdn = _2utf8( univention.admin.objects.dn( object ) ) |
1207 |
utf8_objectdn = _2utf8(univention.admin.objects.dn(object)) |
1154 |
p1 = subprocess.Popen(['univention_policy_result'] + policyOptions + [utf8_objectdn], stdout=subprocess.PIPE) |
1208 |
client = get_policy(utf8_objectdn, out, policyOptions, policies_with_DN) |
1155 |
policyResults = p1.communicate()[0].split('\n') |
1209 |
print >> out, '' |
1156 |
|
|
|
1157 |
out.append(" Policy-based Settings:") |
1158 |
policy='' |
1159 |
value=[] |
1160 |
client={} |
1161 |
for line in policyResults: |
1162 |
if not (line.strip() == "" or line.strip()[:4]=="DN: " or line.strip()[:7]=="POLICY "): |
1163 |
out.append(" %s"%line.strip()) |
1164 |
if policies_with_DN: |
1165 |
clsplit=string.split(line.strip(), ': ') |
1166 |
if clsplit[0] == 'Policy': |
1167 |
if policy: |
1168 |
client[attribute]=[policy, value] |
1169 |
value=[] |
1170 |
policy=clsplit[1] |
1171 |
elif clsplit[0] == 'Attribute': |
1172 |
attribute=clsplit[1] |
1173 |
elif clsplit[0] == 'Value': |
1174 |
value.append(clsplit[1]) |
1175 |
else: |
1176 |
clsplit=string.split(line.strip(), '=') |
1177 |
if not client.has_key(clsplit[0]): |
1178 |
client[clsplit[0]] = [] |
1179 |
client[clsplit[0]].append(clsplit[1]) |
1180 |
|
1181 |
if policies_with_DN: |
1182 |
client[attribute]=[policy, value] |
1183 |
value=[] |
1184 |
|
1185 |
out.append('') |
1186 |
|
1210 |
|
1187 |
if module_name == 'dhcp/host': |
1211 |
if module_name == 'dhcp/host': |
1188 |
subnet_module=univention.admin.modules.get('dhcp/subnet') |
1212 |
subnet_module = univention.admin.modules.get('dhcp/subnet') |
1189 |
for subnet in univention.admin.modules.lookup(subnet_module, co, lo, scope='sub', superordinate=superordinate, base='', filter=''): |
1213 |
for subnet in univention.admin.modules.lookup(subnet_module, co, lo, scope='sub', superordinate=superordinate, base='', filter=''): |
1190 |
|
1214 |
if univention.admin.ipaddress.ip_is_in_network(subnet['subnet'], subnet['subnetmask'], object['fixedaddress'][0]): |
1191 |
if univention.admin.ipaddress.ip_is_in_network(subnet['subnet'], subnet['subnetmask'], object['fixedaddress'][0]): |
1215 |
print >> out, " Subnet-based Settings:" |
1192 |
utf8_subnet_dn = _2utf8( subnet.dn ) |
1216 |
utf8_subnet_dn = _2utf8(subnet.dn) |
1193 |
p1 = subprocess.Popen(['univention_policy_result'] + policyOptions + [utf8_subnet_dn], stdout=subprocess.PIPE) |
1217 |
ddict = get_policy(utf8_subnet_dn, out, policyOptions, policies_with_DN) |
1194 |
policyResults = p1.communicate()[0].split('\n') |
1218 |
print >> out, '' |
1195 |
out.append(" Subnet-based Settings:") |
1219 |
|
1196 |
ddict={} |
1220 |
print >> out, " Merged Settings:" |
1197 |
policy='' |
1221 |
for key, values in ddict.items(): |
1198 |
value=[] |
1222 |
if key not in client: |
1199 |
for line in policyResults: |
1223 |
client[key] = values |
1200 |
if not (line.strip() == "" or line.strip()[:4]=="DN: " or line.strip()[:7]=="POLICY "): |
1224 |
|
1201 |
out.append(" %s"%line.strip()) |
1225 |
if policies_with_DN: |
1202 |
if policies_with_DN: |
1226 |
for key, (policy, values) in client.items(): |
1203 |
subsplit=string.split(line.strip(), ': ') |
1227 |
print >> out, " Policy: " + policy |
1204 |
if subsplit[0] == 'Policy': |
1228 |
print >> out, " Attribute: " + key |
1205 |
if policy: |
1229 |
for value in values: |
1206 |
ddict[attribute]=[policy, value] |
1230 |
print >> out, " Value: " + value |
1207 |
value=[] |
1231 |
else: |
1208 |
policy=subsplit[1] |
1232 |
for key, values in client.items(): |
1209 |
elif subsplit[0] == 'Attribute': |
1233 |
for value in values: |
1210 |
attribute=subsplit[1] |
1234 |
print >> out, " %s=%s" % (key, value) |
1211 |
elif subsplit[0] == 'Value': |
1235 |
print >> out, '' |
1212 |
value.append(subsplit[1]) |
1236 |
|
1213 |
else: |
1237 |
print >> out, '' |
1214 |
subsplit=string.split(line.strip(), '=') |
1238 |
except uex.ldapError, errmsg: |
1215 |
if not ddict.has_key(subsplit[0]): |
1239 |
print >> out, '%s' % (errmsg,) |
1216 |
ddict[subsplit[0]] = [] |
1240 |
raise Failed() |
1217 |
ddict[subsplit[0]].append(subsplit[1]) |
1241 |
except uex.valueInvalidSyntax, errmsg: |
1218 |
|
1242 |
print >> out, '%s' % (errmsg.message,) |
1219 |
out.append('') |
1243 |
raise Failed() |
1220 |
|
|
|
1221 |
if policies_with_DN: |
1222 |
ddict[attribute]=[policy, value] |
1223 |
value=[] |
1224 |
|
1225 |
out.append(" Merged Settings:") |
1226 |
|
1227 |
for key in ddict.keys(): |
1228 |
if not client.has_key(key): |
1229 |
client[key]=ddict[key] |
1230 |
|
1231 |
if policies_with_DN: |
1232 |
for key in client.keys(): |
1233 |
out.append(" Policy: "+client[key][0]) |
1234 |
out.append(" Attribute: "+key) |
1235 |
for i in range(0, len(client[key][1])): |
1236 |
out.append(" Value: "+client[key][1][i]) |
1237 |
else: |
1238 |
for key in client.keys(): |
1239 |
for i in range(0, len(client[key])): |
1240 |
out.append(" %s=%s" % (key, client[key][i])) |
1241 |
out.append('') |
1242 |
|
1243 |
out.append('') |
1244 |
except univention.admin.uexceptions.ldapError, errmsg: |
1245 |
out.append('%s' %str(errmsg)) |
1246 |
return out + ["OPERATION FAILED"] |
1247 |
except univention.admin.uexceptions.valueInvalidSyntax, errmsg: |
1248 |
out.append('%s' %str(errmsg.message)) |
1249 |
return out + ["OPERATION FAILED"] |
1250 |
else: |
1244 |
else: |
1251 |
out.append("Unknown or no action defined") |
1245 |
print >> out, "Unknown or no action defined" |
1252 |
out.append('') |
1246 |
print >> out, '' |
1253 |
usage() |
1247 |
raise Failed() |
1254 |
return out + ["OPERATION FAILED"] |
1248 |
|
1255 |
|
1249 |
|
1256 |
return out # nearly the only successfull return |
1250 |
if __name__ == '__main__': |
|
|
1251 |
import sys |
1252 |
doit(sys.argv, sys.stdout) |