Attachment #5684 for bug #33224

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-directory-manager-modules/modules/univention/admincli/admin.py (-3 / +1 lines)

Lines 476-482 def _doit(arglist):	Link Here

476

		elif opt == '--logfile':

476

		elif opt == '--logfile':

477

			logfile=val

477

			logfile=val

478

		elif opt == '--policies':

478

		elif opt == '--policies':

479

			policies = True

479

			list_policies = True

480

			if val=="1":

480

			if val=="1":

481

				policies_with_DN = True

481

				policies_with_DN = True

482

			else:

482

			else:

483

484

--

485

.../modules/univention/admincli/admin.py                                | 2 +-

483

.../modules/univention/admincli/admin.py                                | 2 +-

486

1 file changed, 1 insertion(+), 1 deletion(-)

484

1 file changed, 1 insertion(+), 1 deletion(-)

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-directory-manager-modules/modules/univention/admincli/admin.py (-3 / +1 lines)

Lines 934-940 def _doit(arglist):	Link Here

934

				out.append("need new position for moving object")

934

				out.append("need new position for moving object")

935

			else:

935

			else:

936

				res = ''

936

				res = ''

937

				try: # check if goal-position exists

937

				try:  # check if global-position exists

938

					res = lo.get(position_dn)

938

					res = lo.get(position_dn)

939

				except:

939

				except:

940

					pass

940

					pass

941

942

--

943

.../modules/univention/admincli/admin.py           | 31 +++++++++++++++++-----

941

.../modules/univention/admincli/admin.py           | 31 +++++++++++++++++-----

944

1 file changed, 24 insertions(+), 7 deletions(-)

942

1 file changed, 24 insertions(+), 7 deletions(-)




	out.append('  --%-30s %s' % ('bindpwd', 'bind password'))
	out.append('  --%-30s %s' % ('bindpwdfile', 'file containing bind password'))
	out.append('  --%-30s %s' % ('dn', 'Edit object with DN'))
	out.append('  --%-30s %s' % ('arg', 'Edit object with ARG'))
	out.append('  --%-30s %s' % ('set', 'Set variable to value, e.g. foo=bar'))
	out.append('  --%-30s %s' % ('append', 'Append value to variable, e.g. foo=bar'))
	out.append('  --%-30s %s' % ('remove', 'Remove value from variable, e.g. foo=bar'))

	out.append('  --%-30s %s' % ('bindpwdfile', 'file containing bind password'))
	out.append('  --%-30s %s' % ('dn', 'Remove object with DN'))
	out.append('  --%-30s %s' % ('superordinate', 'Use superordinate module'))
	out.append('  --%-30s %s' % ('arg', 'Remove object with ARG'))
	out.append('  --%-30s %s' % ('filter', 'Lookup filter e.g. foo=bar'))
	out.append('  --%-30s %s' % ('tls', '0 (no); 1 (try); 2 (must)'))
	out.append('  --%-30s %s' % ('remove_referring', 'remove referring objects'))

	remove_referring=0
	recursive=1
	# parse options
	longopts = [
		'position=',
		'dn=',
		'set=',
		'append=',
		'remove=',
		'superordinate=',
		'option=',
		'append-option=',
		'filter=',
		'tls=',
		'ignore_exists',
		'logfile=',
		'policies=',
		'binddn=',
		'bindpwd=',
		'bindpwdfile=',
		'customattribute=',
		'customattribute-remove=',
		'policy-reference=',
		'policy-dereference=',
		'remove_referring',
		'recursive'
	]
	try:
		opts, args=getopt.getopt(arglist[3:], '', longopts)
	except getopt.error, msg:


	position_dn=''
	dn=''
	arg=None
	binddn=None
	bindpwd=None
	list_policies=False

				return out + ['OPERATION FAILED']
		elif opt == '--dn':
			dn = _2utf8( val )
		elif opt == '--arg':
			arg=val
		elif opt == '--tls':
			tls=val
		elif opt == '--ignore_exists':

		try:
			for object in univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=position.getDn(), filter=filter):
				out.append( 'DN: %s' % _2utf8( univention.admin.objects.dn (object ) ) )
				out.append( 'ARG: %s' % univention.admin.objects.arg( object ) )

				if (hasattr(module,'virtual') and not module.virtual) or not hasattr(module,'virtual'):
					object.open()
- 
--
.../modules/univention/admincli/admin.py           | 132 ---------------------
1 file changed, 132 deletions(-)




	out.append('  --%-30s %s' % ('set', 'Set variable to value, e.g. foo=bar'))
	out.append('  --%-30s %s' % ('superordinate', 'Use superordinate module'))
	out.append('  --%-30s %s' % ('option', 'Use only given module options'))
	out.append('  --%-30s %s' % ('customattribute', 'Set custom attribute foo=bar'))
	out.append('  --%-30s %s' % ('policy-reference', 'Reference to policy given by DN'))
	out.append('  --%-30s %s' % ('tls', '0 (no); 1 (try); 2 (must)'))
	out.append('  --%-30s   ' % ('ignore_exists'))

	out.append('  --%-30s %s' % ('remove', 'Remove value from variable, e.g. foo=bar'))
	out.append('  --%-30s %s' % ('option', 'Use only given module options'))
	out.append('  --%-30s %s' % ('append-option', 'Append the module options'))
	out.append('  --%-30s %s' % ('customattribute', 'Set custom attribute foo=bar'))
	out.append('  --%-30s %s' % ('customattribute-remove', 'Remove custom attribute'))
	out.append('  --%-30s %s' % ('policy-reference', 'Reference to policy given by DN'))
	out.append('  --%-30s %s' % ('policy-dereference', 'Remove reference to policy given by DN'))
	out.append('  --%-30s %s' % ('tls', '0 (no); 1 (try); 2 (must)'))

		'binddn=',
		'bindpwd=',
		'bindpwdfile=',
		'customattribute=',
		'customattribute-remove=',
		'policy-reference=',
		'policy-dereference=',
		'remove_referring',

	input={}
	append={}
	remove={}
	customattribute={}
	customattribute_remove=[]
	policy_reference=[]
	policy_dereference=[]
	for opt, val in opts:

			parsed_append_options.append(val)
		elif opt == '--filter':
			filter=val
		elif opt == '--customattribute':
			pos=val.find('=')
			name=val[:pos]
			value= _2utf8( val[ pos + 1 : ] )
			if not customattribute.has_key(name):
				customattribute[name]=[]
			customattribute[name].append(value)
		elif opt == '--customattribute-remove':
			pos=val.find('=')
			if pos == -1:
				customattribute_remove.append((val,None))
			else:
				name=val[:pos]
				value = _2utf8( val[ pos + 1 : ] )
				customattribute_remove.append((name,value))
		elif opt == '--policy-reference':
			policy_reference.append(val)
		elif opt == '--policy-dereference':

			recursive=1


	extraOC=[]
	extraAttributes=[]
	customattributes_set =[]
	if hasattr(module, 'ldap_extra_objectclasses') and action in ['modify','edit','create','new']:
		for oc, pname, syntax, ldapMapping, deleteValues, deleteObjectClass in module.ldap_extra_objectclasses:
			if customattribute.has_key(module.property_descriptions[pname].short_description):
				customattributes_set.append(module.property_descriptions[pname].short_description)
				extraOC.append(oc);
				# check multivalue
				if module.property_descriptions[pname].multivalue:
					if action in ['create','new'] or not dn or dn == '':
						values_found=[]
					else:
						values_found=lo.search(base=dn, attr=[ldapMapping])
					for i in customattribute[module.property_descriptions[pname].short_description]:
						value_already_set=0
						for tmp,val in values_found:
							if val.has_key(ldapMapping):
								if i in val[ldapMapping]:
									value_already_set=1
						if value_already_set:
							out.append('WARNING: customattribute %s is already set to %s'%(module.property_descriptions[pname].short_description,i))
						else:
							extraAttributes.append((ldapMapping,'',[i]))
				else:
					if len(customattribute[module.property_descriptions[pname].short_description])>1:
						out.append('WARNING: cannot set singlevalue customattribute "%s" with more than one entry'%module.property_descriptions[pname].short_description)
					else:
						replaced=0
						if action in ['create','new'] or not dn or dn == '':
							values_found=[]
						else:
							values_found=lo.search(base=dn, attr=[ldapMapping])
						for tmp,val in values_found:
							if val.has_key(ldapMapping):
								extraAttributes.append((ldapMapping,val[ldapMapping][0],[customattribute[module.property_descriptions[pname].short_description][0]]))
								replaced = 1
								if len(val[ldapMapping]) > 1:
									out.append("WARNING: singlevalue customattribute %s has more than one value set, replace first"%customattribute[module.property_descriptions[pname].short_description])
						if not replaced:
							extraAttributes.append((ldapMapping,'',[customattribute[module.property_descriptions[pname].short_description][0]]))

	if action in ['modify','edit','create','new']:
		for i in customattribute.keys():
			if not i in customattributes_set:
				out.append("WARNING: customattribute %s not found, value not set"%i)

		if policy_reference:
			for el in policy_reference:
				oc = lo.get(el,['objectClass'])

				out.append('E: circular group dependency detected: %s' % e)
				return out + ["OPERATION FAILED"]

			if extraOC or extraAttributes:
				if extraOC:
					oc=lo.search(base=dn, scope='base', attr=['objectClass'])

					noc=[]
					for i in range(len(oc[0][1]['objectClass'])):
						noc.append(oc[0][1]['objectClass'][i])

					for i in range(len(extraOC)):
						if extraOC[i] not in noc:
							noc.append(extraOC[i])

					if oc != noc:
						extraAttributes.append(('objectClass',oc,noc))

				if extraAttributes:
					lo.modify(dn,extraAttributes)

			if policy_reference:
				lo.modify(dn,[('objectClass','','univentionPolicyReference')])
				modlist=[]

						out.append('E: Invalid Syntax: %s' % e)
						return out + ["OPERATION FAILED"]

			if extraOC or extraAttributes:
				if extraOC:
					oc=lo.search(base=dn, scope='base', attr=['objectClass'])

					noc=[]
					for i in range(len(oc[0][1]['objectClass'])):
						noc.append(oc[0][1]['objectClass'][i])

					for i in range(len(extraOC)):
						if not extraOC[i] in noc:
							noc.append(extraOC[i])

					if noc != oc[0][1]['objectClass']:
						extraAttributes.append(('objectClass',oc[0][1]['objectClass'],noc))
				if extraAttributes:
					try:
						lo.modify(dn,extraAttributes)
						object_modified+=1
					except univention.admin.uexceptions.ldapError, msg:
						out.append("ldap Error: %s"%msg)

			if customattribute_remove:
				extraAttributes=[]
				removed_attributes=[]
				if hasattr(module, 'ldap_extra_objectclasses'):
					for oc, pname, syntax, ldapMapping, deleteValues, deleteObjectClass in module.ldap_extra_objectclasses:
						for index in range(0,len(customattribute_remove)):
							if customattribute_remove[index][0] == module.property_descriptions[pname].short_description:
								for tmp,val in lo.search(base=dn, attr=[ldapMapping]):
									if val.has_key(ldapMapping):
										for i in range(0, len(val[ldapMapping])):
											if (not customattribute_remove[index][1]) or customattribute_remove[index][1] == val[ldapMapping][i]:
												extraAttributes.append((ldapMapping,val[ldapMapping][i],''))
												removed_attributes.append(module.property_descriptions[pname].short_description)
									else:
										out.append("customattribute %s not set"%module.property_descriptions[pname].short_description)
										removed_attributes.append(module.property_descriptions[pname].short_description)

				if extraAttributes:
					lo.modify(dn,extraAttributes)
					object_modified+=1

				for n,v in customattribute_remove:
					if not n in removed_attributes:
						out.append("WARNING: customattribute %s not found"%n)

			if policy_reference:
				if 'univentionPolicyReference' not in lo.get(dn,['objectClass'])['objectClass']:
					lo.modify(dn,[('objectClass','','univentionPolicyReference')])
- 
--
.../modules/univention/admincli/admin.py           | 582 +++++++++++----------
.../univention-cli-server                          |   9 +-
2 files changed, 300 insertions(+), 291 deletions(-)




# /usr/share/common-licenses/AGPL-3; if not, see
# <http://www.gnu.org/licenses/>.

from textwrap import dedent
import sys
import getopt
import re
import string

# update choices-lists which are defined in LDAP
univention.admin.syntax.update_choices()


class Failed(Exception):
	def __str__(self):
		return "OPERATION FAILED"


def usage(out=sys.stdout):
	print >> out, dedent("""\
		%(prog)s command line interface for managing UCS
		copyright (c) 2001-%(year)s Univention GmbH, Germany

		Syntax:
		  %(prog)s module action [options]
		  %(prog)s [--help] [--version]

		actions:
		  create:               Create a new object
		  modify:               Modify an existing object
		  remove:               Remove an existing object
		  list:                 List objects
		  move:                 Move object in directory tree

		  -h | --help | -?:     Print this usage message
		  --version:            Print version information

		general options:
		  --logfile             Path and name of the logfile to be used
		  --binddn              Bind DN
		  --bindpwd             Bind password
		  --bindpwdfile         file containing bind password
		  --tls                 0 (no); 1 (try); 2 (must)

		create options:
		  --position            Set position in tree
		  --set                 Set variable to value, e.g. foo=bar
		  --superordinate       Use superordinate module
		  --option              Use only given module options
		  --policy-reference    Reference to policy given by DN
		  --ignore_exists

		modify options:
		  --dn                  Edit object with DN
		  --set                 Set variable to value, e.g. foo=bar
		  --append              Append value to variable, e.g. foo=bar
		  --remove              Remove value from variable, e.g. foo=bar
		  --option              Use only given module options
		  --append-option       Append the module options
		  --policy-reference    Reference to policy given by DN
		  --policy-dereference  Remove reference to policy given by DN

		remove options:
		  --dn                  Remove object with DN
		  --superordinate       Use superordinate module
		  --filter              Lookup filter e.g. foo=bar
		  --remove_referring    Remove referring objects

		list options:
		  --filter              Lookup filter e.g. foo=bar
		  --policies            List policy-based settings:
		                        0:short, 1:long (with policy-DN)

		move options:
		  --dn                  Move object with DN
		  --position            Move to position in tree

		Description:
		  %(prog)s is a tool to handle the configuration for UCS
		  on command line level.
		  Use "%(prog)s modules" for a list of available modules.
		""") % {
			"prog": "univention-directory-manager",
			"year": "@%@copyright_lastyear@%@",
		}


def version(out=sys.stdout):
	print >> out, 'univention-directory-manager @%@package_version@%@'


def _print_property(module, action, name, out=sys.stdout):
	o.append('univention-directory-manager @%@package_version@%@')
	return o

def _print_property( module, action, name, output ):
	property = module.property_descriptions.get( name )
	if property is None:
		print >> out, 'E: unknown property %s of module %s' % (
			name,
			univention.admin.modules.name(module),
		)
		return

	required = {

			flags += ','
		flags += '[]'
	if flags:
		name += ' (%s)' % (flags,)

	print >> out, '		%-40s %s' % (
		name,
		property.short_description
	)

	output.append( '		%-40s %s' % ( name + ' ' + flags, property.short_description ) )

def module_usage(information, action='', out=sys.stdout):
	out=[]
	for module, l in information.items():
		properties, options = l

		if options:
			print >> out, ''
			print >> out, '%s options:' % module.module
			for name, option in options.items():
				print >> out, '  %-32s %s' % (name, option.short_description)

		print >> out, ''
		print >> out, '%s variables:' % module.module

		if not hasattr(module,"layout"):
			continue
		for moduletab in module.layout:
			print >> out, '  %s:' % (moduletab.label)

			for row in moduletab.layout:
				if isinstance( row, Group ):
					print >> out, '	%s' % row.label
					for row in row.layout:
						if isinstance( row, basestring ):
							_print_property( module, action, row, out )

					for item in row:
						_print_property( module, action, item, out )

	return out

def module_information(module, identifies_only=0):
	information={module:[{},{}]}

	except:
		return text.decode( 'iso-8859-1' )

def object_input(module, object, input, append=None, remove=None, out=sys.stdout):
	out=[]
	if append:
		for key, value in append.items():
			if module.property_descriptions[key].syntax.name == 'file':

					object[key] = content
					fh.close()
				else:
					print >> out, 'WARNING: file not found: %s' % value

			elif univention.admin.syntax.is_syntax( module.property_descriptions[key].syntax, univention.admin.syntax.complex ):
				for i in range(0,len(value)):

					if not object.has_key(key):
						object[key]=[]
					if val in object[key]:
						print >> out, 'WARNING: cannot append %s to %s, value exists' % (val, key)
					elif object[key] == [''] or object[key] == []:
						object[key]=[val]
					else:

			else:
				for val in value:
					if val in object[key]:
						print >> out, 'WARNING: cannot append %s to %s, value exists' % (val, key)
					elif object[key] == [''] or object[key] == []:
						object[key]=[val]
					else:

							tmp.append(val)
							object[key] = list(tmp)
						except univention.admin.uexceptions.valueInvalidSyntax, errmsg:
							print >> out, 'E: Invalid Syntax: %s' % (errmsg,)
	if remove:
		for key, value in remove.items():
			if univention.admin.syntax.is_syntax( module.property_descriptions[key].syntax, univention.admin.syntax.complex ):

							val=value[i].split(' ')
						else:
							val=[]
							print >> out, 'test_val=%s' % (test_val,)
							for j in test_val:
								if j and j.rstrip().lstrip():
									val.append(j.rstrip().lstrip())

						if val and val in object[key]:
							object[key].remove(val)
						else:
							print >> out, "WARNING: cannot remove %s from %s, value does not exist" % (val, key)
				else:
					object[key]=[]


					if val in object[key]:
						object[key].remove(val)
					else:
						print >> out, "WARNING: cannot remove %s from %s, value does not exist" % (val, key)
	if input:
		for key, value in input.items():
			if module.property_descriptions[key].syntax.name == 'binaryfile':

						object[key]= content
					fh.close()
				else:
					print >> out, 'WARNING: file not found: %s' % value

			elif univention.admin.syntax.is_syntax( module.property_descriptions[key].syntax, univention.admin.syntax.complex ):
				if type(value) == type([]):

				try:
					object[key]=value
				except univention.admin.uexceptions.ipOverridesNetwork, e:
					print >> out, 'WARNING: %s' % e.message
				except univention.admin.uexceptions.valueMayNotChange, e:
					raise univention.admin.uexceptions.valueMayNotChange, "%s: %s"%(e.message, key)
	return out

def list_available_modules(o=[]):

def list_available_modules(out=sys.stdout):
	print >> out, "Available Modules are:"
	avail_modules = []
	for mod in univention.admin.modules.modules.keys():
		avail_modules.append(mod)
	avail_modules.sort()
	for mod in avail_modules:
		print >> out, "  %s" % mod
	return o


def doit(arglist, out=sys.stdout):
	try:
		_doit(arglist, out)
	except univention.admin.uexceptions.base, e:
		univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, traceback.format_exc())


			msg[0] = '%s:' % msg[0].strip(':.')

		# append to the output
		print >> out, ' '.join(msg)
		print >> out, Failed()
	except Failed as ex:
		print >> out, ex

def _doit(arglist):

def _doit(arglist, out=sys.stdout):
	# parse module and action
	if set(arglist) & set(('-h', '--help', '-?')):
		return usage(out=out)

	if '--version' in arglist:
		return version(out=out)

	if len(arglist) < 2:
		usage(out=out)
		raise Failed()

	module_name=arglist[1]
	if module_name in ['-h', '--help', '-?']:
		return usage()

	if module_name == '--version':
		return version()

	if module_name == 'modules':
		return list_available_modules(out=out)

	remove_referring=0
	recursive=1

	try:
		opts, args=getopt.getopt(arglist[3:], '', longopts)
	except getopt.error, msg:
		print >> out, msg
		raise Failed()

	if not args == [] and type(args) == type([]):
		print >> out, "WARNING: the following arguments are ignored: %s" % (
			" ".join(('"%s"' % _ for _ in args)),
		)
		out.append(msg)

	position_dn=''
	dn=''

				with open(val) as fp:
					bindpwd=fp.read().strip()
			except IOError as e:
				print >> out, 'E: could not read bindpwd from file (%s)' % (e,)
				raise Failed()
		elif opt == '--dn':
			dn = _2utf8( val )
		elif opt == '--tls':

	if logfile:
		univention.debug.init(logfile, 1, 0)
	else:
		print >> out, "WARNING: no logfile specified"

	configRegistry=univention.config_registry.ConfigRegistry()
	configRegistry.load()

			lo=univention.admin.uldap.access(host=configRegistry['ldap/master'], port=int(configRegistry.get('ldap/master/port', '7389')), base=baseDN, binddn=binddn, start_tls=tls, bindpw=bindpwd)
		except Exception, e:
			univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'authentication error: %s' % str(e))
			print >> out, 'authentication error: %s' % (e,)
			raise Failed()
		policyOptions.extend(['-D', binddn, '-w', bindpwd])	## FIXME not so nice

	else:

			secretFileName='/etc/machine.secret'
			binddn=configRegistry['ldap/hostdn']
			policyOptions.extend(['-D', binddn, '-y', secretFileName])
		else:
			print >> out, "E: Missing LDAP credentials"
			raise Failed()

		try:
			secretFile=open(secretFileName,'r')
		except IOError:
			print >> out, 'E: Permission denied, try --binddn and --bindpwd'
			raise Failed()
		pwdLine=secretFile.readline()
		pwd=re.sub('\n','',pwdLine)


			lo=univention.admin.uldap.access(host=configRegistry['ldap/master'], port=int(configRegistry.get('ldap/master/port', '7389')), base=baseDN, binddn=binddn, bindpw=pwd, start_tls=tls)
		except Exception, e:
			univention.debug.debug(univention.debug.ADMIN, univention.debug.WARN, 'authentication error: %s' % str(e))
			print >> out, 'authentication error: %s' % (e,)
			raise Failed()

	if not position_dn and superordinate_dn:
		position_dn=superordinate_dn

		position=univention.admin.uldap.position(baseDN)
		position.setDn(position_dn)
	except univention.admin.uexceptions.noObject:
		print >> out, 'E: Invalid position'
		raise Failed()

	try:
		module=univention.admin.modules.get(module_name)
	except:
		print >> out, "failed to get module %s." % module_name
		print >> out, ""
		list_available_modules(out)
		raise Failed()

	if not module:
		print >> out, "unknown module %s." % module_name
		print >> out, ""
		list_available_modules(out)
		raise Failed()

	# initialise modules
	univention.admin.modules.init(lo,position,module)

		try:
			superordinate=univention.admin.objects.get(univention.admin.modules.superordinate(module), co, lo, '', dn=superordinate_dn)
		except univention.admin.uexceptions.insufficientInformation, e:
			print >> out, 'Insufficient Information: %s' % (e,)
			raise Failed()
	else:
		superordinate=None


	if len(arglist) == 2:
		module_usage(information, out=out)
		raise Failed()

	action=arglist[2]

	if len(arglist) == 3 and action != 'list':
		module_usage(information, action, out=out)
		raise Failed()


	for opt, val in opts:

						was_set=1

			if not was_set:
				print >> out, "WARNING: No attribute with name '%s' in this module, value not set." % name
		elif opt == '--append':
			pos=val.find('=')
			name=val[:pos]

						append[name]=value
						was_set=1
			if not was_set:
				print >> out, "WARNING: No attribute with name %s in this module, value not appended." % name

		elif opt == '--remove':
			pos=val.find('=')

						remove[name]=value
						was_set=1
			if not was_set:
				print >> out, "WARNING: No attribute with name %s in this module, value not removed." % name
		elif opt == '--remove_referring':
			remove_referring=1
		elif opt == '--recursive':



	if action in ['modify','edit','create','new']:
		if policy_reference:
			for el in policy_reference:
				oc = lo.get(el, ['objectClass'])
				if not oc:
					print >> out, "Object to be referenced does not exist: %s" % (el,)
					raise Failed()
				if not 'univentionPolicy' in oc['objectClass']:
					print >> out, "Object to be referenced is no valid Policy: %s" % (el,)
					raise Failed()


#+++# ACTION CREATE #+++#
	if action == 'create' or action == 'new':
			if hasattr(module,'operations') and module.operations:
				if not 'add' in module.operations:
					print >> out, 'Create %s not allowed' % module_name
					raise Failed()
			try:
				object=module.object(co, lo, position=position, superordinate=superordinate)
			except univention.admin.uexceptions.insufficientInformation:
				print >> out, 'E: Insufficient information'
				print >> out, 'Superordinate object is missing'
				raise Failed()

			if parsed_options:
				object.options=parsed_options

			object.open()
			if hasattr(object,'	open_warning') and object.open_warning:
				print >> out, 'WARNING:%s' % object.open_warning
			exists=0
			try:
				object_input(module, object, input, append=append, out=out)
			except univention.admin.uexceptions.nextFreeIp:
				if not ignore_exists:
					print >> out, 'E: No free IP address found'
					raise Failed()
			except univention.admin.uexceptions.valueInvalidSyntax, err:
				print >> out, 'E: Invalid Syntax: %s' % err
				raise Failed()
			except Exception, err:
				print >> out, 'E: Option %s is not valid' % err
				raise Failed()

			exists=0
			exists_msg=None

			except univention.admin.uexceptions.objectExists, dn:
				exists_msg = dn
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.uidAlreadyUsed, user:
				exists_msg = '(uid) %s' % user
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.groupNameAlreadyUsed, group:
				exists_msg = '(group) %s' % group
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.dhcpServerAlreadyUsed, name:
				exists_msg = '(dhcpserver) %s' % name
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.macAlreadyUsed, mac:
				exists_msg = '(mac) %s' % mac
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.noLock, e:
				exists_msg = '(nolock) %s' % str(e)
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.invalidDhcpEntry:
				print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.'
				raise Failed()
			except univention.admin.uexceptions.invalidOptions, e:
				if not ignore_exists:
					print >> out, 'E: invalid Options: %s' % e
					raise Failed()
			except univention.admin.uexceptions.insufficientInformation:
				print >> out, 'E: Insufficient information'
				print >> out, 'The following parameters are missing:'
				for i in module.property_descriptions:
					property=module.property_descriptions.get(i)
					if property.required:
						if not object.has_key(i) or (not object[i] or (type(object[i]) == list and object[i]==[''])):
							print >> out, i
				raise Failed()
			except univention.admin.uexceptions.noObject, e:
				print >> out, 'E: object not found: %s' % e
				raise Failed()
			except univention.admin.uexceptions.circularGroupDependency, e:
				print >> out, 'E: circular group dependency detected: %s' % e
				raise Failed()

			if policy_reference:
				lo.modify(dn,[('objectClass','','univentionPolicyReference')])


			if exists == 1:
				if exists_msg:
					print >> out, 'Object exists: %s' % exists_msg
				else:
					print >> out, 'Object exists'
			else:
				if not dn:
					dn=object.dn
				print >> out, 'Object created: %s' % _2utf8(dn)

#+++# ACTION MODIFY #+++#
	elif action == 'modify' or action == 'edit' or action == 'move':
		if not dn:
			print >> out, 'E: DN is missing'
			raise Failed()

		object_modified = 0

		if hasattr(module,'operations') and module.operations:
			if not 'edit' in module.operations:
				print >> out, 'Modify %s not allowed' % module_name
				raise Failed()

		try:
			object=univention.admin.objects.get(module, co, lo, position='', dn=dn)
		except univention.admin.uexceptions.noObject:
			print >> out, 'E: object not found'
			raise Failed()

		object.open()
		if hasattr(object,'open_warning') and object.open_warning:
			print >> out, 'WARNING:%s' % object.open_warning

		if action == 'move':
			if hasattr(module,'operations') and module.operations:
				if not 'move' in module.operations:
					print >> out, 'Move %s not allowed' % module_name
					raise Failed()
			if not position_dn:
				print >> out, "need new position for moving object"
			else:
				res = ''
				try:  # check if global-position exists

				except:
					pass
				if not res:
					print >> out, "position does not exsist: %s" % position_dn
					raise Failed()
				rdn = dn[:string.find(dn,',')]
				newdn="%s,%s" % (rdn,position_dn)
				try:
					object.move(newdn)
					object_modified+=1
				except univention.admin.uexceptions.noObject:
					print >> out, 'E: object not found'
					raise Failed()
				except univention.admin.uexceptions.ldapError, msg:
					print >> out, "ldap Error: %s" % msg
					raise Failed()
				except univention.admin.uexceptions.nextFreeIp:
					print >> out, 'E: No free IP address found'
					raise Failed()
				except univention.admin.uexceptions.valueInvalidSyntax, err:
					print >> out, 'E: Invalid Syntax: %s' % err
					raise Failed()
				except univention.admin.uexceptions.invalidOperation, msg:
					print >> out, str(msg)
					raise Failed()

		else: # modify


					for option in parsed_append_options:
						object.options.append(option)
				try:
					object_input(module, object, input, append, remove, out=out)
				except univention.admin.uexceptions.valueMayNotChange,e:
					print >> out, unicode(e[0])
					raise Failed()
				if object.hasChanged(input.keys()) or object.hasChanged(append.keys()) or object.hasChanged(remove.keys()) or parsed_append_options or parsed_options:
					try:
						dn=object.modify()
						object_modified+=1
					except univention.admin.uexceptions.noObject:
						print >> out, 'E: object not found'
						raise Failed()
					except univention.admin.uexceptions.invalidDhcpEntry:
						print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.'
						raise Failed()
					except univention.admin.uexceptions.circularGroupDependency, e:
						print >> out, 'E: circular group dependency detected: %s' % e
						raise Failed()
					except univention.admin.uexceptions.valueInvalidSyntax, e:
						print >> out, 'E: Invalid Syntax: %s' % e
						raise Failed()

			if policy_reference:
				if 'univentionPolicyReference' not in lo.get(dn,['objectClass'])['objectClass']:

					upr['univentionPolicyReference'] = []
				for el in policy_reference:
					if val in upr['univentionPolicyReference']:
						print >> out, 'WARNING: cannot append %s to univentionPolicyReference, value exists' % val
					else:
						modlist.append(('univentionPolicyReference','',el))
				if modlist:

				object_modified+=1

		if object_modified > 0:
			print >> out, 'Object modified: %s' % _2utf8(dn)
		else:
			print >> out, 'No modification: %s' % _2utf8(dn)

	elif action == 'remove' or action == 'delete':

		if hasattr(module,'operations') and module.operations:
			if not 'remove' in module.operations:
				print >> out, 'Remove %s not allowed' % module_name
				raise Failed()

		try:
			if dn and filter:

			elif filter:
				object=univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=position.getDn(), filter=filter, required=1, unique=1)[0]
			else:
				print >> out, 'E: dn or filter needed'
				raise Failed()
		except (univention.admin.uexceptions.noObject, IndexError):
			print >> out, 'E: object not found'
			raise Failed()

		object.open()
		if hasattr(object,'open_warning') and object.open_warning:
			print >> out, 'WARNING:%s' % object.open_warning

		if remove_referring and univention.admin.objects.wantsCleanup(object):
				univention.admin.objects.performCleanup(object)

			try:
				object.remove(recursive)
			except univention.admin.uexceptions.ldapError,msg:
				print >> out, str(msg)
				raise Failed()
		else:
			try:
				object.remove()
			except univention.admin.uexceptions.primaryGroupUsed:
				print >> out, 'E: object in use'
				raise Failed()
		print >> out, 'Object removed: %s' % _2utf8(dn)

	elif action == 'list' or action == 'lookup':

		if hasattr(module,'operations') and module.operations:
			if not 'search' in module.operations:
				print >> out, 'Search %s not allowed' % module_name
				raise Failed()

		print >> out, _2utf8(filter)

		try:
			for object in univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=position.getDn(), filter=filter):
				print >> out, 'DN: %s' % _2utf8(univention.admin.objects.dn(object))

				if (hasattr(module,'virtual') and not module.virtual) or not hasattr(module,'virtual'):
					object.open()
					if hasattr(object,'open_warning') and object.open_warning:
						print >> out, 'WARNING: %s' % object.open_warning
					for key, value in object.items():
						s=module.property_descriptions[key].syntax
						if module.property_descriptions[key].multivalue:
							for v in value:
								if s.tostring(v):
									print >> out, '  %s: %s' % (_2utf8(key), _2utf8(s.tostring(v)))
								else:
									print >> out, '  %s: %s' % (_2utf8(key), None)
						else:
							if s.tostring(value):
								print >> out, '  %s: %s' % (_2utf8(key), _2utf8(s.tostring(value)))
							else:
								print >> out, '  %s: %s' % (_2utf8(key), None)

					if 'univentionPolicyReference' in lo.get(univention.admin.objects.dn(object),['objectClass'])['objectClass']:
						references = lo.get( _2utf8(univention.admin.objects.dn( object ) ),
										 [ 'univentionPolicyReference' ] )
						if references:
							for el in references['univentionPolicyReference']:
								print >> out, '  %s: %s' % (
									'univentionPolicyReference',
									_2utf8(s.tostring(el))
								)

				if list_policies:
					utf8_objectdn = _2utf8( univention.admin.objects.dn( object ) )
					p1 = subprocess.Popen(['univention_policy_result'] + policyOptions + [utf8_objectdn], stdout=subprocess.PIPE)
					policyResults = p1.communicate()[0].split('\n')

					print >> out, "  Policy-based Settings:"
					policy=''
					value=[]
					client={}
					for line in policyResults:
						if not (line.strip() == "" or line.strip()[:4]=="DN: " or line.strip()[:7]=="POLICY "):
							print >> out, "    %s" % line.strip()
							if policies_with_DN:
								clsplit=string.split(line.strip(), ': ')
								if clsplit[0] == 'Policy':

						client[attribute]=[policy, value]
						value=[]

					print >> out, ''

					if module_name == 'dhcp/host':
							subnet_module=univention.admin.modules.get('dhcp/subnet')

									utf8_subnet_dn = _2utf8( subnet.dn )
									p1 = subprocess.Popen(['univention_policy_result'] + policyOptions + [utf8_subnet_dn], stdout=subprocess.PIPE)
									policyResults = p1.communicate()[0].split('\n')
									print >> out, "  Subnet-based Settings:"
									ddict={}
									policy=''
									value=[]
									for line in policyResults:
										if not (line.strip() == "" or line.strip()[:4]=="DN: " or line.strip()[:7]=="POLICY "):
											print >> out, "    %s" % line.strip()
											if policies_with_DN:
												subsplit=string.split(line.strip(), ': ')
												if subsplit[0] == 'Policy':

													ddict[subsplit[0]] = []
												ddict[subsplit[0]].append(subsplit[1])

									print >> out, ''

									if policies_with_DN:
										ddict[attribute]=[policy, value]
										value=[]

									print >> out, "  Merged Settings:"

									for key in ddict.keys():
										if not client.has_key(key):


									if policies_with_DN:
										for key in client.keys():
											print >> out, "    Policy: " + client[key][0]
											print >> out, "    Attribute: " + key
											for i in range(0, len(client[key][1])):
												print >> out, "    Value: " + client[key][1][i]
									else:
										for key in client.keys():
											for i in range(0, len(client[key])):
												print >> out, "    %s=%s" % (key, client[key][i])
									print >> out, ''

				print >> out, ''
		except univention.admin.uexceptions.ldapError, errmsg:
			print >> out, '%s' % (errmsg,)
			raise Failed()
		except univention.admin.uexceptions.valueInvalidSyntax, errmsg:
			print >> out, '%s' % (errmsg.message,)
			raise Failed()
	else:
		print >> out, "Unknown or no action defined"
		print >> out, ''
		raise Failed()
		return out + ["OPERATION FAILED"]

	return out # nearly the only successfull return

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-directory-manager-modules/univention-cli-server (-3 / +8 lines)

Lines 48-53 try:	Link Here

	licenseImportError = False

	licenseImportError = False

except ImportError:

except ImportError:

	licenseImportError = True

	licenseImportError = True

try:

	from cStringIO import StringIO

except ImportError:

	from StringIO import StringIO

logfile = ''

logfile = ''

Lines 219-225 def doit(sarglist, conn):	Link Here

219

		if cmdfile in ('univention-admin', 'univention-directory-manager', 'udm'):

223

		if cmdfile in ('univention-admin', 'univention-directory-manager', 'udm'):

220

			ud.debug(ud.ADMIN, ud.PROCESS, 'daemon [%s] [%s] Calling univention-directory-manager' % (os.getppid(), os.getpid()))

224

			ud.debug(ud.ADMIN, ud.PROCESS, 'daemon [%s] [%s] Calling univention-directory-manager' % (os.getppid(), os.getpid()))

221

			ud.debug(ud.ADMIN, ud.ALL, 'daemon [%s] [%s] arglist: %s' % (os.getppid(), os.getpid(), arglist))

225

			ud.debug(ud.ADMIN, ud.ALL, 'daemon [%s] [%s] arglist: %s' % (os.getppid(), os.getpid(), arglist))

222

			output = univention.admincli.admin.doit(arglist)

226

			stream = StringIO()

227

			univention.admincli.admin.doit(arglist, stream)

228

			value = stream.getvalue()

229

			output = value.splitlines()

223

		elif cmdfile == 'univention-passwd':

230

		elif cmdfile == 'univention-passwd':

224

			ud.debug(ud.ADMIN, ud.PROCESS, 'daemon [%s] [%s] Calling univention-passwd' % (os.getppid(), os.getpid()))

231

			ud.debug(ud.ADMIN, ud.PROCESS, 'daemon [%s] [%s] Calling univention-passwd' % (os.getppid(), os.getpid()))

225

			ud.debug(ud.ADMIN, ud.ALL, 'daemon [%s] [%s] arglist: %s' % (os.getppid(), os.getpid(), arglist))

232

			ud.debug(ud.ADMIN, ud.ALL, 'daemon [%s] [%s] arglist: %s' % (os.getppid(), os.getpid(), arglist))

226

227

--

228

.../modules/univention/admincli/admin.py                             | 5 +++++

233

.../modules/univention/admincli/admin.py                             | 5 +++++

229

1 file changed, 5 insertions(+)

234

1 file changed, 5 insertions(+)

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-directory-manager-modules/modules/univention/admincli/admin.py (-2 / +5 lines)

Lines 1141-1143 def _doit(arglist, out=sys.stdout):	Link Here

1141

		print >> out, "Unknown or no action defined"

1141

		print >> out, "Unknown or no action defined"

1142

		print >> out, ''

1142

		print >> out, ''

1143

		raise Failed()

1143

		raise Failed()

1144

1145

--

1145

1146

if __name__ == '__main__':

1147

	import sys

1148

	doit(sys.argv, sys.stdout)

1146

.../modules/univention/admincli/admin.py                  | 15 +++++++++------

1149

.../modules/univention/admincli/admin.py                  | 15 +++++++++------

1147

1 file changed, 9 insertions(+), 6 deletions(-)

1150

1 file changed, 9 insertions(+), 6 deletions(-)




					else:
						val=[]
						for j in test_val:
							j = j.strip()
							if j:
								val.append(j)

					if not object.has_key(key):
						object[key]=[]

							val=[]
							print >> out, 'test_val=%s' % (test_val,)
							for j in test_val:
								j = j.strip()
								if j:
									val.append(j)

							for j in range(0,len(val)):
								val[j]='"%s"' % val[j]

						else:
							val=[]
							for j in test_val:
								j = j.strip()
								if j:
									val.append(j)
				else:
					val=value.split(' ')
				if module.property_descriptions[key].multivalue:
- 
--
.../univention-cli-server                                     | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)




	def handle(self):
		ud.debug(ud.ADMIN, ud.INFO, 'daemon [%s] new connection [%s]' % (os.getppid(), os.getpid()))
		sarglist = ''
		while not sarglist.endswith('\0'):
			buf = self.request.recv(1024)
			sarglist += buf
		doit(sarglist.rstrip('\0'), self.request)
				sarglist += buf
				break
			else:
				sarglist += buf
		doit(sarglist, self.request)
		ud.debug(ud.ADMIN, ud.INFO, 'daemon [%s] connection closed [%s]' % (os.getppid(), os.getpid()))

	def finish(self):
- 
--
.../modules/univention/admincli/admin.py                       |  9 +++------
.../univention-directory-manager-modules/univention-cli-server | 10 +++++-----
2 files changed, 8 insertions(+), 11 deletions(-)





	baseDN=configRegistry['ldap/base']

	debug_level = int(configRegistry.get('directory/manager/cmd/debug/level', 0))
		debug_level=configRegistry['directory/manager/cmd/debug/level']
	else:
		debug_level=0

	univention.debug.set_level(univention.debug.LDAP, debug_level)
	univention.debug.set_level(univention.debug.ADMIN, debug_level)

	if binddn and bindpwd:
		univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, "using %s account" % binddn)





	configRegistry = ConfigRegistry()
	configRegistry.load()
	debug_level = int(configRegistry.get('directory/manager/cmd/debug/level', 1))
	ud.set_level(ud.ADMIN, debug_level)
	ud.debug(ud.ADMIN, ud.INFO, 'daemon [%s] forked to background' % os.getpid())

	try:

		else:
			print >> sys.stderr, 'E: socket directory exists (%s)' % socket_dir

	timeout = float(configRegistry.get('directory/manager/cmd/timeout'))
	if timeout:
		if timeout > 2147483647:
			timeout = 2147483647
	else:
		timeout = 300


	try:
		while True:
			rlist, _wlist, _xlist = select([sock], [], [], timeout)
			for handler in rlist:
				handler.handle_request()
			if not rlist:
- 
--
.../univention-directory-manager-modules/univention-cli-server          | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-directory-manager-modules/univention-cli-server (-3 / +1 lines)

Lines 91-97 def server_main():	Link Here

	socket_dir = '/tmp/admincli_%s/' % os.getuid()

	socket_dir = '/tmp/admincli_%s/' % os.getuid()

	socket_filename = 'sock'

	socket_filename = 'sock'

	socket_path = (socket_dir+socket_filename)

	socket_path = os.path.join(socket_dir, socket_filename)

	ud.init(logfile, ud.FLUSH, ud.NO_FUNCTION)

	ud.init(logfile, ud.FLUSH, ud.NO_FUNCTION)

--

100

.../modules/univention/admincli/admin.py                          | 8 ++------

.../modules/univention/admincli/admin.py                          | 8 ++------

101

1 file changed, 2 insertions(+), 6 deletions(-)

1 file changed, 2 insertions(+), 6 deletions(-)




		for key, value in append.items():
			if module.property_descriptions[key].syntax.name == 'file':
				if os.path.exists(value):
					with open(value, 'r') as fh:
						object[key] = fh.read()
					for line in fh.readlines():
						content += line
					object[key] = content
					fh.close()
				else:
					print >> out, 'WARNING: file not found: %s' % value

- 
--
.../modules/univention/admincli/admin.py                       | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)




					object[key]=[]

			else:
				if isinstance(object[key], basestring):
					object[key] = [ object[key] ]
				vallist = value
				if isinstance(value, basestring):
					vallist = [ value ]

				for val in vallist:

					print >> out, 'WARNING: file not found: %s' % value

			elif univention.admin.syntax.is_syntax( module.property_descriptions[key].syntax, univention.admin.syntax.complex ):
				if isinstance(value, list):
					for i in range(0,len(value)):
						test_val=value[i].split('"')
						if test_val[0] and test_val[0] == value[i]:

		print >> out, msg
		raise Failed()

	if args and isinstance(args, list):
		print >> out, "WARNING: the following arguments are ignored: %s" % (
			" ".join(('"%s"' % _ for _ in args)),
		)

				for i in module.property_descriptions:
					property=module.property_descriptions.get(i)
					if property.required:
						if not object.has_key(i) or (not object[i] or (isinstance(object[i], list) and object[i]==[''])):
							print >> out, i
				raise Failed()
			except univention.admin.uexceptions.noObject, e:
- 
--
.../modules/univention/admincli/admin.py                                | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-directory-manager-modules/modules/univention/admincli/admin.py (-3 / +1 lines)

Lines 242-248 def module_information(module, identifies_only=0):	Link Here

242

def _2utf8( text ):

242

def _2utf8( text ):

243

	try:

243

	try:

244

		return text.encode( 'utf-8' )

244

		return text.encode( 'utf-8' )

245

	except:

245

	except UnicodeError:

246

		return text.decode( 'iso-8859-1' )

246

		return text.decode( 'iso-8859-1' )

247

248

def object_input(module, object, input, append=None, remove=None, out=sys.stdout):

248

def object_input(module, object, input, append=None, remove=None, out=sys.stdout):

249

250

--

251

.../modules/univention/admincli/admin.py                              | 4 +---

249

.../modules/univention/admincli/admin.py                              | 4 +---

252

1 file changed, 1 insertion(+), 3 deletions(-)

250

1 file changed, 1 insertion(+), 3 deletions(-)





def list_available_modules(out=sys.stdout):
	print >> out, "Available Modules are:"
	avail_modules = univention.admin.modules.modules.keys()
	for mod in univention.admin.modules.modules.keys():
		avail_modules.append(mod)
	avail_modules.sort()
	for mod in avail_modules:
		print >> out, "  %s" % mod
- 
--
.../modules/univention/admincli/admin.py           | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)





def module_information(module, identifies_only=0):
	information={module:[{},{}]}
	if getattr(module, 'superordinate', None):
		superordinate=univention.admin.modules.get(module.superordinate)
		information.update(module_information(superordinate, identifies_only=1))



#+++# ACTION CREATE #+++#
	if action == 'create' or action == 'new':
			if getattr(module, 'operations', None):
				if not 'add' in module.operations:
					print >> out, 'Create %s not allowed' % module_name
					raise Failed()

				object.options=parsed_options

			object.open()
			if getattr(object, 'open_warning', None):
				print >> out, 'WARNING:%s' % object.open_warning
			exists=0
			try:


		object_modified = 0

		if getattr(module, 'operations', None):
			if not 'edit' in module.operations:
				print >> out, 'Modify %s not allowed' % module_name
				raise Failed()

			raise Failed()

		object.open()
		if getattr(object, 'open_warning', None):
			print >> out, 'WARNING:%s' % object.open_warning

		if action == 'move':
			if getattr(module, 'operations', None):
				if not 'move' in module.operations:
					print >> out, 'Move %s not allowed' % module_name
					raise Failed()


	elif action == 'remove' or action == 'delete':

		if getattr(module, 'operations', None):
			if not 'remove' in module.operations:
				print >> out, 'Remove %s not allowed' % module_name
				raise Failed()

			raise Failed()

		object.open()
		if getattr(object, 'open_warning', None):
			print >> out, 'WARNING:%s' % object.open_warning

		if remove_referring and univention.admin.objects.wantsCleanup(object):


	elif action == 'list' or action == 'lookup':

		if getattr(module, 'operations', None):
			if not 'search' in module.operations:
				print >> out, 'Search %s not allowed' % module_name
				raise Failed()

			for object in univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=position.getDn(), filter=filter):
				print >> out, 'DN: %s' % _2utf8(univention.admin.objects.dn(object))

				if not getattr(module, 'virtual', None):
					object.open()
					if getattr(object, 'open_warning', None):
						print >> out, 'WARNING: %s' % object.open_warning
					for key, value in object.items():
						s=module.property_descriptions[key].syntax
- 
--
.../modules/univention/admincli/admin.py                   | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)




	configRegistry=univention.config_registry.ConfigRegistry()
	configRegistry.load()

	if configRegistry.get('ldap/master'):
		co=univention.admin.config.config(configRegistry['ldap/master'])
	else:
		co=univention.admin.config.config()


			was_set=0
			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:
						if not input.has_key(name):
							input[name]=[]

			value = _2utf8( val[ pos + 1 : ] )
			was_set=0
			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:
						if not append.has_key(name):
							append[name]=[]

				value = _2utf8( val[ pos + 1 : ] )
			was_set=0
			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:
						if not remove.has_key(name):
							remove[name]=[]

				for i in module.property_descriptions:
					property=module.property_descriptions.get(i)
					if property.required:
						if i not in object or (not object[i] or (isinstance(object[i], list) and object[i]==[''])):
							print >> out, i
				raise Failed()
			except univention.admin.uexceptions.noObject, e:

					object_modified+=1
				modlist=[]
				upr = lo.search(base=dn, scope='base', attr=['univentionPolicyReference'])[0][1]
				if 'univentionPolicyReference' not in upr:
					upr['univentionPolicyReference'] = []
				for el in policy_reference:
					if val in upr['univentionPolicyReference']:

									print >> out, "  Merged Settings:"

									for key in ddict.keys():
										if key not in client:
											client[key]=ddict[key]

									if policies_with_DN:
- 
--
.../modules/univention/admincli/admin.py             | 20 ++++++--------------
1 file changed, 6 insertions(+), 14 deletions(-)




			name=val[:pos]
			value = _2utf8( val[ pos + 1 : ] )

			was_set=0
			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:
						if not input.has_key(name):
							input[name]=[]
							was_set=1
						if value:
							input[name].append(value)
							was_set=1
					else:
						input[name]=value
					break
			else:
			if not was_set:
				print >> out, "WARNING: No attribute with name '%s' in this module, value not set." % name
		elif opt == '--append':
			pos=val.find('=')
			name=val[:pos]
			value = _2utf8( val[ pos + 1 : ] )
			was_set=0
			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:

							append[name]=[]
						if value:
							append[name].append(value)
							was_set=1
					else:
						append[name]=value
					break
			else:
				print >> out, "WARNING: No attribute with name %s in this module, value not appended." % name

		elif opt == '--remove':

			else:
				name=val[:pos]
				value = _2utf8( val[ pos + 1 : ] )
			was_set=0
			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:

							remove[name]=[]
						if value:
							remove[name].append(value)
							was_set=1
					else:
						remove[name]=value
					break
			else:
				print >> out, "WARNING: No attribute with name %s in this module, value not removed." % name
		elif opt == '--remove_referring':
			remove_referring=1
- 
--
.../modules/univention/admincli/admin.py                  | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)




			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:
						values = input.setdefault(name, [])
							input[name]=[]
						if value:
							values.append(value)
					else:
						input[name]=value
					break

			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:
						values = append.setdefault(name, [])
							append[name]=[]
						if value:
							values.append(value)
					else:
						append[name]=value
					break

			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:
						values = remove.setdefault(name, [])
							remove[name]=[]
						if value:
							values.append(value)
					else:
						remove[name]=value
					break
- 
--
.../modules/univention/admincli/admin.py           | 58 +++++++++++-----------
1 file changed, 29 insertions(+), 29 deletions(-)




					print >> out, 'WARNING: file not found: %s' % value

			elif univention.admin.syntax.is_syntax( module.property_descriptions[key].syntax, univention.admin.syntax.complex ):
				for i in value:
					test_val = i.split('"')
					if test_val[0] and test_val[0] == i:
						val = i.split(' ')
					else:
						val=[]
						for j in test_val:

							if j:
								val.append(j)

					values = object.setdefault(key, [])
					if val in values:
					if val in object[key]:
						print >> out, 'WARNING: cannot append %s to %s, value exists' % (val, key)
					elif values == [''] or values == []:
						values[:] = [val]
					else:
						values.append(val)
			else:
				for val in value:
					values = object[key]
					if val in values:
						print >> out, 'WARNING: cannot append %s to %s, value exists' % (val, key)
					elif values == [''] or values == []:
						values[:] = [val]
					else:
						try:
							tmp = list(values)
							tmp.append(val)
							object[key] = list(tmp)
						except univention.admin.uexceptions.valueInvalidSyntax, errmsg:

		for key, value in remove.items():
			if univention.admin.syntax.is_syntax( module.property_descriptions[key].syntax, univention.admin.syntax.complex ):
				if value:
					for i in value:
						test_val = i.split('"')
						if test_val[0] and test_val[0] == i:
							val = i.split(' ')
						else:
							val=[]
							print >> out, 'test_val=%s' % (test_val,)


			elif univention.admin.syntax.is_syntax( module.property_descriptions[key].syntax, univention.admin.syntax.complex ):
				if isinstance(value, list):
					for i in value:
						test_val = i.split('"')
						if test_val[0] and test_val[0] == value[i]:
							val=value[i].split(' ')
						else:


									print >> out, "  Merged Settings:"

									for key, values in ddict.items():
										if key not in client:
											client[key] = values

									if policies_with_DN:
										for key, (policy, values) in client.items():
											print >> out, "    Policy: " + policy
											print >> out, "    Attribute: " + key
											for value in values:
												print >> out, "    Value: " + value
									else:
										for key, values in client.items():
											for value in values:
												print >> out, "    %s=%s" % (key, value)
									print >> out, ''

				print >> out, ''
- 
--
.../modules/univention/admincli/admin.py                    | 13 ++++---------
1 file changed, 4 insertions(+), 9 deletions(-)




								if j:
									val.append(j)

							val = ['"%s"' % _ for _ in val]
								val[j]='"%s"' % val[j]

						if val and val in object[key]:
							object[key].remove(val)

				msg.extend(e.args)

		# strip elements and make sure that a ':' is printed iff further information follows
		msg = [_.strip() for _ in msg]
		if len(msg) == 1:
			msg[0] = '%s.' % msg[0].strip(':.')
		elif len(msg) > 1:


			if policy_reference:
				lo.modify(dn,[('objectClass','','univentionPolicyReference')])
				modlist = [('univentionPolicyReference', '', el) for el in policy_reference]
				for el in policy_reference:
					modlist.append(('univentionPolicyReference','',el))
				lo.modify(dn,modlist)

			if exists == 1:

					object_modified+=1

			if policy_dereference:
				modlist = [('univentionPolicyReference', el, '') for el in policy_dereference]
				for el in policy_dereference:
					modlist.append(('univentionPolicyReference',el,''))
				lo.modify(dn,modlist)
				object_modified+=1

- 
--
.../modules/univention/admincli/admin.py           | 35 ++++++----------------
1 file changed, 9 insertions(+), 26 deletions(-)




						_print_property( module, action, item, out )


def module_information(module, identifies_only=False):
	information={module:[{},{}]}
	if getattr(module, 'superordinate', None):
		superordinate=univention.admin.modules.get(module.superordinate)
		information.update(module_information(superordinate, identifies_only=True))

	if not identifies_only:
		for name, property in module.property_descriptions.items():

	if module_name == 'modules':
		return list_available_modules(out=out)

	remove_referring = False
	recursive = True  # BUG: if this is the default, there's no way to disable it
	# parse options
	longopts = [
		'position=',

	policyOptions=[]
	logfile='/var/log/univention/directory-manager-cmd.log'
	tls=2
	ignore_exists = False
	superordinate_dn=''
	parsed_append_options=[]
	parsed_options=[]

		elif opt == '--tls':
			tls=val
		elif opt == '--ignore_exists':
			ignore_exists = True
		elif opt == '--superordinate':
			superordinate_dn=val
		elif opt == '--option':

			else:
				print >> out, "WARNING: No attribute with name %s in this module, value not removed." % name
		elif opt == '--remove_referring':
			remove_referring = True
		elif opt == '--recursive':
			recursive = True


	if action in ['modify','edit','create','new']:

			object.open()
			if getattr(object, 'open_warning', None):
				print >> out, 'WARNING:%s' % object.open_warning
			exists=0
			try:
				object_input(module, object, input, append=append, out=out)
			except univention.admin.uexceptions.nextFreeIp:

				print >> out, 'E: Option %s is not valid' % err
				raise Failed()

			exists=0
			exists_msg=None
			try:
				dn=object.create()

				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.uidAlreadyUsed, user:
				exists_msg = '(uid) %s' % user
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.groupNameAlreadyUsed, group:
				exists_msg = '(group) %s' % group
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.dhcpServerAlreadyUsed, name:
				exists_msg = '(dhcpserver) %s' % name
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.macAlreadyUsed, mac:
				exists_msg = '(mac) %s' % mac
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.noLock, e:
				exists_msg = '(nolock) %s' % str(e)
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
				else:
					exists=1
			except univention.admin.uexceptions.invalidDhcpEntry:
				print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.'
				raise Failed()

				modlist = [('univentionPolicyReference', '', el) for el in policy_reference]
				lo.modify(dn,modlist)

			if exists_msg:
				if exists_msg:
					print >> out, 'Object exists: %s' % exists_msg
				else:
					print >> out, 'Object exists'
			else:
				if not dn:
					dn=object.dn
- 
--
.../modules/univention/admincli/admin.py           | 98 +++++++++-------------
1 file changed, 40 insertions(+), 58 deletions(-)




		print >> out, ex


def get_policy(dn, out=sys.stdout, policyOptions=None, policies_with_DN=False):
	cmd = ['univention_policy_result']
	if policyOptions:
		cmd.extend(policyOptions)
	cmd.append(dn)

	policy = attribute = ''
	value = []
	client = {}

	proc = subprocess.Popen(cmd, stdout=subprocess.PIPE)
	for line in proc.stdout:
		line = line.strip()
		if not line or line.startswith("DN: ") or line.startswith("POLICY "):
			continue

		print >> out, "    %s" % line
		if policies_with_DN:
			key, val = line.split(': ', 1)
			if key == 'Policy':
				if attribute and policy:
					client[attribute] = [policy, value]
					value = []
				policy = val
			elif key == 'Attribute':
				attribute = val
			elif key == 'Value':
				value.append(val)
		else:
			key, val = line.split('=', 1)
			client.setdefault(key, []).append(val)
	proc.wait()
	if policies_with_DN and attribute and policy:
		client[attribute] = [policy, value]

	return client


def _doit(arglist, out=sys.stdout):
	# parse module and action
	if set(arglist) & set(('-h', '--help', '-?')):


				if list_policies:
					utf8_objectdn = _2utf8( univention.admin.objects.dn( object ) )
					p1 = subprocess.Popen(['univention_policy_result'] + policyOptions + [utf8_objectdn], stdout=subprocess.PIPE)
					policyResults = p1.communicate()[0].split('\n')

					print >> out, "  Policy-based Settings:"
					client = get_policy(utf8_objectdn, out, policyOptions, policies_with_DN)
					value=[]
					client={}
					for line in policyResults:
						if not (line.strip() == "" or line.strip()[:4]=="DN: " or line.strip()[:7]=="POLICY "):
							print >> out, "    %s" % line.strip()
							if policies_with_DN:
								clsplit=string.split(line.strip(), ': ')
								if clsplit[0] == 'Policy':
									if policy:
										client[attribute]=[policy, value]
										value=[]
									policy=clsplit[1]
								elif clsplit[0] == 'Attribute':
									attribute=clsplit[1]
								elif clsplit[0] == 'Value':
									value.append(clsplit[1])
							else:
								clsplit=string.split(line.strip(), '=')
								if not client.has_key(clsplit[0]):
									client[clsplit[0]] = []
								client[clsplit[0]].append(clsplit[1])

					if policies_with_DN:
						client[attribute]=[policy, value]
						value=[]

					print >> out, ''

					if module_name == 'dhcp/host':


								if univention.admin.ipaddress.ip_is_in_network(subnet['subnet'], subnet['subnetmask'], object['fixedaddress'][0]):
									utf8_subnet_dn = _2utf8( subnet.dn )
									p1 = subprocess.Popen(['univention_policy_result'] + policyOptions + [utf8_subnet_dn], stdout=subprocess.PIPE)
									policyResults = p1.communicate()[0].split('\n')
									print >> out, "  Subnet-based Settings:"
									ddict = get_policy(utf8_subnet_dn, out, policyOptions, policies_with_DN)
									policy=''
									value=[]
									for line in policyResults:
										if not (line.strip() == "" or line.strip()[:4]=="DN: " or line.strip()[:7]=="POLICY "):
											print >> out, "    %s" % line.strip()
											if policies_with_DN:
												subsplit=string.split(line.strip(), ': ')
												if subsplit[0] == 'Policy':
													if policy:
														ddict[attribute]=[policy, value]
														value=[]
													policy=subsplit[1]
												elif subsplit[0] == 'Attribute':
													attribute=subsplit[1]
												elif subsplit[0] == 'Value':
													value.append(subsplit[1])
											else:
												subsplit=string.split(line.strip(), '=')
												if not ddict.has_key(subsplit[0]):
													ddict[subsplit[0]] = []
												ddict[subsplit[0]].append(subsplit[1])

									print >> out, ''

									if policies_with_DN:
										ddict[attribute]=[policy, value]

									print >> out, "  Merged Settings:"

									for key, values in ddict.items():
- 
--
.../modules/univention/admincli/admin.py                                | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-directory-manager-modules/modules/univention/admincli/admin.py (-3 / +1 lines)

Lines 46-52 import univention.admin.uexceptions	Link Here

import univention.admin.uldap

import univention.admin.uldap

import univention.admin.modules

import univention.admin.modules

import univention.admin.objects

import univention.admin.objects

from univention.admin.layout import Tab, Group

from univention.admin.layout import Group

import univention.config_registry

import univention.config_registry

import univention.admin.ipaddress

import univention.admin.ipaddress

--

.../modules/univention/admincli/admin.py           | 100 ++++++++++-----------

.../modules/univention/admincli/admin.py           | 100 ++++++++++-----------

1 file changed, 50 insertions(+), 50 deletions(-)

1 file changed, 50 insertions(+), 50 deletions(-)




import subprocess
import traceback

import univention.debug as ud

import univention.admin.uexceptions as uex
import univention.admin.uldap
import univention.admin.modules
import univention.admin.objects
from univention.admin.layout import Group
from univention.config_registry import ConfigRegistry
import univention.admin.ipaddress

univention.admin.modules.update()

							tmp = list(values)
							tmp.append(val)
							object[key] = list(tmp)
						except uex.valueInvalidSyntax, errmsg:
							print >> out, 'E: Invalid Syntax: %s' % (errmsg,)
	if remove:
		for key, value in remove.items():

			else:
				try:
					object[key]=value
				except uex.ipOverridesNetwork, e:
					print >> out, 'WARNING: %s' % e.message
				except uex.valueMayNotChange, e:
					raise uex.valueMayNotChange, "%s: %s"%(e.message, key)


def list_available_modules(out=sys.stdout):

def doit(arglist, out=sys.stdout):
	try:
		_doit(arglist, out)
	except uex.base, e:
		ud.debug(ud.ADMIN, ud.WARN, traceback.format_exc())

		# collect error information
		msg = []

			policy_dereference.append(val)

	if logfile:
		ud.init(logfile, 1, 0)
	else:
		print >> out, "WARNING: no logfile specified"

	configRegistry = ConfigRegistry()
	configRegistry.load()

	if configRegistry.get('ldap/master'):


	debug_level = int(configRegistry.get('directory/manager/cmd/debug/level', 0))

	ud.set_level(ud.LDAP, debug_level)
	ud.set_level(ud.ADMIN, debug_level)

	if binddn and bindpwd:
		ud.debug(ud.ADMIN, ud.INFO, "using %s account" % binddn)
		try:
			lo=univention.admin.uldap.access(host=configRegistry['ldap/master'], port=int(configRegistry.get('ldap/master/port', '7389')), base=baseDN, binddn=binddn, start_tls=tls, bindpw=bindpwd)
		except Exception, e:
			ud.debug(ud.ADMIN, ud.WARN, 'authentication error: %s' % str(e))
			print >> out, 'authentication error: %s' % (e,)
			raise Failed()
		policyOptions.extend(['-D', binddn, '-w', bindpwd])	## FIXME not so nice

	else:
		if os.path.exists('/etc/ldap.secret'):
			ud.debug(ud.ADMIN, ud.INFO, "using cn=admin,%s account" % baseDN)
			secretFileName='/etc/ldap.secret'
			binddn='cn=admin,'+baseDN
			policyOptions.extend(['-D', binddn, '-y', secretFileName])
		elif os.path.exists('/etc/machine.secret'):
			ud.debug(ud.ADMIN, ud.INFO, "using %s account" % configRegistry['ldap/hostdn'])
			secretFileName='/etc/machine.secret'
			binddn=configRegistry['ldap/hostdn']
			policyOptions.extend(['-D', binddn, '-y', secretFileName])

		try:
			lo=univention.admin.uldap.access(host=configRegistry['ldap/master'], port=int(configRegistry.get('ldap/master/port', '7389')), base=baseDN, binddn=binddn, bindpw=pwd, start_tls=tls)
		except Exception, e:
			ud.debug(ud.ADMIN, ud.WARN, 'authentication error: %s' % str(e))
			print >> out, 'authentication error: %s' % (e,)
			raise Failed()


	try:
		position=univention.admin.uldap.position(baseDN)
		position.setDn(position_dn)
	except uex.noObject:
		print >> out, 'E: Invalid position'
		raise Failed()


	if superordinate_dn and univention.admin.modules.superordinate(module):
		try:
			superordinate=univention.admin.objects.get(univention.admin.modules.superordinate(module), co, lo, '', dn=superordinate_dn)
		except uex.insufficientInformation, e:
			print >> out, 'Insufficient Information: %s' % (e,)
			raise Failed()
	else:

					raise Failed()
			try:
				object=module.object(co, lo, position=position, superordinate=superordinate)
			except uex.insufficientInformation:
				print >> out, 'E: Insufficient information'
				print >> out, 'Superordinate object is missing'
				raise Failed()

				print >> out, 'WARNING:%s' % object.open_warning
			try:
				object_input(module, object, input, append=append, out=out)
			except uex.nextFreeIp:
				if not ignore_exists:
					print >> out, 'E: No free IP address found'
					raise Failed()
			except uex.valueInvalidSyntax, err:
				print >> out, 'E: Invalid Syntax: %s' % err
				raise Failed()
			except Exception, err:

			exists_msg=None
			try:
				dn=object.create()
			except uex.objectExists, dn:
				exists_msg = dn
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.uidAlreadyUsed, user:
				exists_msg = '(uid) %s' % user
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.groupNameAlreadyUsed, group:
				exists_msg = '(group) %s' % group
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.dhcpServerAlreadyUsed, name:
				exists_msg = '(dhcpserver) %s' % name
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.macAlreadyUsed, mac:
				exists_msg = '(mac) %s' % mac
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.noLock, e:
				exists_msg = '(nolock) %s' % str(e)
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.invalidDhcpEntry:
				print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.'
				raise Failed()
			except uex.invalidOptions, e:
				if not ignore_exists:
					print >> out, 'E: invalid Options: %s' % e
					raise Failed()
			except uex.insufficientInformation:
				print >> out, 'E: Insufficient information'
				print >> out, 'The following parameters are missing:'
				for i in module.property_descriptions:

						if i not in object or (not object[i] or (isinstance(object[i], list) and object[i]==[''])):
							print >> out, i
				raise Failed()
			except uex.noObject, e:
				print >> out, 'E: object not found: %s' % e
				raise Failed()
			except uex.circularGroupDependency, e:
				print >> out, 'E: circular group dependency detected: %s' % e
				raise Failed()



		try:
			object=univention.admin.objects.get(module, co, lo, position='', dn=dn)
		except uex.noObject:
			print >> out, 'E: object not found'
			raise Failed()


				try:
					object.move(newdn)
					object_modified+=1
				except uex.noObject:
					print >> out, 'E: object not found'
					raise Failed()
				except uex.ldapError, msg:
					print >> out, "ldap Error: %s" % msg
					raise Failed()
				except uex.nextFreeIp:
					print >> out, 'E: No free IP address found'
					raise Failed()
				except uex.valueInvalidSyntax, err:
					print >> out, 'E: Invalid Syntax: %s' % err
					raise Failed()
				except uex.invalidOperation, msg:
					print >> out, str(msg)
					raise Failed()


						object.options.append(option)
				try:
					object_input(module, object, input, append, remove, out=out)
				except uex.valueMayNotChange,e:
					print >> out, unicode(e[0])
					raise Failed()
				if object.hasChanged(input.keys()) or object.hasChanged(append.keys()) or object.hasChanged(remove.keys()) or parsed_append_options or parsed_options:
					try:
						dn=object.modify()
						object_modified+=1
					except uex.noObject:
						print >> out, 'E: object not found'
						raise Failed()
					except uex.invalidDhcpEntry:
						print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.'
						raise Failed()
					except uex.circularGroupDependency, e:
						print >> out, 'E: circular group dependency detected: %s' % e
						raise Failed()
					except uex.valueInvalidSyntax, e:
						print >> out, 'E: Invalid Syntax: %s' % e
						raise Failed()


			else:
				print >> out, 'E: dn or filter needed'
				raise Failed()
		except (uex.noObject, IndexError):
			print >> out, 'E: object not found'
			raise Failed()


		if recursive:
			try:
				object.remove(recursive)
			except uex.ldapError,msg:
				print >> out, str(msg)
				raise Failed()
		else:
			try:
				object.remove()
			except uex.primaryGroupUsed:
				print >> out, 'E: object in use'
				raise Failed()
		print >> out, 'Object removed: %s' % _2utf8(dn)

									print >> out, ''

				print >> out, ''
		except uex.ldapError, errmsg:
			print >> out, '%s' % (errmsg,)
			raise Failed()
		except uex.valueInvalidSyntax, errmsg:
			print >> out, '%s' % (errmsg.message,)
			raise Failed()
	else:
- 
--
.../modules/univention/admincli/admin.py                                | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-directory-manager-modules/modules/univention/admincli/admin.py (-3 / +1 lines)

Lines 559-565 def _doit(arglist, out=sys.stdout):	Link Here

559

			policy_dereference.append(val)

559

			policy_dereference.append(val)

560

561

	if logfile:

561

	if logfile:

562

		ud.init(logfile, 1, 0)

562

		ud.init(logfile, ud.FLUSH, ud.NO_FUNCTION)

563

	else:

563

	else:

564

		print >> out, "WARNING: no logfile specified"

564

		print >> out, "WARNING: no logfile specified"

565

566

567

--

568

.../modules/univention/admincli/admin.py           | 25 +++++++++-------------

566

.../modules/univention/admincli/admin.py           | 25 +++++++++-------------

569

1 file changed, 10 insertions(+), 15 deletions(-)

567

1 file changed, 10 insertions(+), 15 deletions(-)




import sys
import getopt
import re
import string
import base64
import os
import subprocess


	for opt, val in opts:
		if opt == '--set':
			name, value = val.split('=', 1)
			value = _2utf8(value)
			value = _2utf8( val[ pos + 1 : ] )

			for mod, (properties,options) in information.items():
				if name in properties:

			else:
				print >> out, "WARNING: No attribute with name '%s' in this module, value not set." % name
		elif opt == '--append':
			name, value = val.split('=', 1)
			value = _2utf8(value)
			value = _2utf8( val[ pos + 1 : ] )
			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:

				print >> out, "WARNING: No attribute with name %s in this module, value not appended." % name

		elif opt == '--remove':
			try:
				name, value = val.split('=', 1)
				value = _2utf8(value)
			except ValueError:
				name, value = val, None
				name=val[:pos]
				value = _2utf8( val[ pos + 1 : ] )
			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:

				if not res:
					print >> out, "position does not exsist: %s" % position_dn
					raise Failed()
				rdn, _old_base = dn.split(',', 1)
				newdn="%s,%s" % (rdn,position_dn)
				try:
					object.move(newdn)
- 
--
.../modules/univention/admincli/admin.py                            | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)




			recursive = True


	if action in ('modify', 'edit', 'create', 'new'):
			for el in policy_reference:
				oc = lo.get(el, ['objectClass'])
				if not oc:



#+++# ACTION CREATE #+++#
	if action in ('create', 'new'):
			if getattr(module, 'operations', None):
				if not 'add' in module.operations:
					print >> out, 'Create %s not allowed' % module_name


		else: # modify

			if any((input, append, remove, parsed_append_options, parsed_options)):
				if parsed_options:
					object.options=parsed_options
				if parsed_append_options:
- 
--
.../modules/univention/admincli/admin.py               | 18 ++++++++----------
1 file changed, 8 insertions(+), 10 deletions(-)




		policyOptions.extend(['-D', binddn, '-w', bindpwd])	## FIXME not so nice

	else:
		for binddn, secretFileName in (
			('cn=admin,' + baseDN, '/etc/ldap.secret'),
			(configRegistry['ldap/hostdn'], '/etc/machine.secret'),
		):
			if os.path.exists(secretFileName):
				break
			ud.debug(ud.ADMIN, ud.INFO, "using %s account" % configRegistry['ldap/hostdn'])
			secretFileName='/etc/machine.secret'
			binddn=configRegistry['ldap/hostdn']
			policyOptions.extend(['-D', binddn, '-y', secretFileName])
		else:
			print >> out, "E: Missing LDAP credentials"
			raise Failed()
		ud.debug(ud.ADMIN, ud.INFO, "using %s account" % binddn)
		policyOptions.extend(['-D', binddn, '-y', secretFileName])

		try:
			secretFile=open(secretFileName,'r')
- 
--
.../modules/univention/admincli/admin.py                   | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)

(-)a/branches/ucs-3.2/ucs-3.2-0/management/univention-directory-manager-modules/modules/univention/admincli/admin.py (-6 / +10 lines)

Lines 484-490 def _doit(arglist, out=sys.stdout):	Link Here

484

		'policy-reference=',

484

		'policy-reference=',

485

		'policy-dereference=',

485

		'policy-dereference=',

486

		'remove_referring',

486

		'remove_referring',

487

		'recursive'

487

		'recursive',

488

489

	try:

489

	try:

490

		opts, args=getopt.getopt(arglist[3:], '', longopts)

490

		opts, args=getopt.getopt(arglist[3:], '', longopts)

Lines 580-586 def _doit(arglist, out=sys.stdout):	Link Here

580

	if binddn and bindpwd:

580

	if binddn and bindpwd:

581

		ud.debug(ud.ADMIN, ud.INFO, "using %s account" % binddn)

581

		ud.debug(ud.ADMIN, ud.INFO, "using %s account" % binddn)

582

		try:

582

		try:

583

			lo=univention.admin.uldap.access(host=configRegistry['ldap/master'], port=int(configRegistry.get('ldap/master/port', '7389')), base=baseDN, binddn=binddn, start_tls=tls, bindpw=bindpwd)

583

			lo = univention.admin.uldap.access(

584

				host=configRegistry['ldap/master'],

585

				port=int(configRegistry.get('ldap/master/port', 7389)),

586

				base=baseDN,

587

				binddn=binddn,

588

				start_tls=tls,

589

				bindpw=bindpwd

590

584

		except Exception, e:

591

		except Exception, e:

585

			ud.debug(ud.ADMIN, ud.WARN, 'authentication error: %s' % str(e))

592

			ud.debug(ud.ADMIN, ud.WARN, 'authentication error: %s' % str(e))

586

			print >> out, 'authentication error: %s' % (e,)

593

			print >> out, 'authentication error: %s' % (e,)

Lines 863-873 def _doit(arglist, out=sys.stdout):	Link Here

863

			if not position_dn:

870

			if not position_dn:

864

				print >> out, "need new position for moving object"

871

				print >> out, "need new position for moving object"

865

			else:

872

			else:

866

				res = ''

867

				try:  # check if global-position exists

873

				try:  # check if global-position exists

868

					res = lo.get(position_dn)

874

					res = lo.get(position_dn)

869

				except:

875

				except:

870

					pass

876

					res = ''

871

				if not res:

877

				if not res:

872

					print >> out, "position does not exsist: %s" % position_dn

878

					print >> out, "position does not exsist: %s" % position_dn

873

					raise Failed()

879

					raise Failed()

874

875

--

876

.../modules/univention/admincli/admin.py                    | 13 +++++--------

880

.../modules/univention/admincli/admin.py                    | 13 +++++--------

877

1 file changed, 5 insertions(+), 8 deletions(-)

881

1 file changed, 5 insertions(+), 8 deletions(-)




		required[ 'editable' ] = False

	flags = ''
	if required.get(action):
		flags='*'
	elif not action in required:
		if required[ 'create' ]:

			flags += 'r'
		if not required[ 'editable' ]:
			flags += 'e'
	flags = [flags] if flags else []
	if property.options:
		flags.extend(property.options)
			flags += ','
		flags += ','.join(property.options)
	if property.multivalue:
		flags.append('[]')
			flags += ','
		flags += '[]'
	if flags:
		name += ' (%s)' % (','.join(flags),)

	print >> out, '		%-40s %s' % (
		name,
- 
--
.../modules/univention/admincli/admin.py           | 533 +++++++++++----------
.../univention-cli-server                          |   8 +-
2 files changed, 275 insertions(+), 266 deletions(-)




from univention.config_registry import ConfigRegistry
import univention.admin.ipaddress


univention.admin.modules.update()

# update choices-lists which are defined in LDAP



def _print_property(module, action, name, out=sys.stdout):
	property = module.property_descriptions.get(name)
	if property is None:
		print >> out, 'E: unknown property %s of module %s' % (
			name,

		return

	required = {
		'create': False,
		'modify': False,
		'remove': False,
		'editable': True,
	}

	if property.required:
		required['create'] = True
	if property.identifies:
		required['modify'] = True
		required['remove'] = True
	if not property.editable:
		required['modify'] = False
		required['remove'] = False
		required['editable'] = False

	flags = ''
	if required.get(action):
		flags = '*'
	elif not action in required:
		if required['create']:
			flags += 'c'
		if required['modify']:
			flags += 'm'
		if required['remove']:
			flags += 'r'
		if not required['editable']:
			flags += 'e'
	flags = [flags] if flags else []
	if property.options:

		print >> out, ''
		print >> out, '%s variables:' % module.module

		if not hasattr(module, "layout"):
			continue
		for moduletab in module.layout:
			print >> out, '  %s:' % (moduletab.label)

			for row in moduletab.layout:
				if isinstance(row, Group):
					print >> out, '	%s' % row.label
					for row in row.layout:
						if isinstance(row, basestring):
							_print_property(module, action, row, out)
							continue
						for item in row:
							_print_property(module, action, item, out)
				else:
					if isinstance(row, basestring):
						_print_property(module, action, row, out)
						continue
					for item in row:
						_print_property(module, action, item, out)


def module_information(module, identifies_only=False):
	information = {
		module: [{}, {}],
	}
	if getattr(module, 'superordinate', None):
		superordinate = univention.admin.modules.get(module.superordinate)
		information.update(module_information(superordinate, identifies_only=True))

	if not identifies_only:
		for name, property in module.property_descriptions.items():
			information[module][0][name] = property
		if hasattr(module, 'options'):
			for name, option in module.options.items():
				information[module][1][name] = option

	return information


def _2utf8(text):
	try:
		return text.encode('utf-8')
	except UnicodeError:
		return text.decode('iso-8859-1')


def object_input(module, object, input, append=None, remove=None, out=sys.stdout):
	if append:

				else:
					print >> out, 'WARNING: file not found: %s' % value

			elif univention.admin.syntax.is_syntax(module.property_descriptions[key].syntax, univention.admin.syntax.complex):
				for i in value:
					test_val = i.split('"')
					if test_val[0] and test_val[0] == i:
						val = i.split(' ')
					else:
						val = []
						for j in test_val:
							j = j.strip()
							if j:

							print >> out, 'E: Invalid Syntax: %s' % (errmsg,)
	if remove:
		for key, value in remove.items():
			if univention.admin.syntax.is_syntax(module.property_descriptions[key].syntax, univention.admin.syntax.complex):
				if value:
					for i in value:
						test_val = i.split('"')
						if test_val[0] and test_val[0] == i:
							val = i.split(' ')
						else:
							val = []
							print >> out, 'test_val=%s' % (test_val,)
							for j in test_val:
								j = j.strip()

						else:
							print >> out, "WARNING: cannot remove %s from %s, value does not exist" % (val, key)
				else:
					object[key] = []

			else:
				if isinstance(object[key], basestring):
					object[key] = [object[key]]
				vallist = value
				if isinstance(value, basestring):
					vallist = [value]

				for val in vallist:
					if val in object[key]:

		for key, value in input.items():
			if module.property_descriptions[key].syntax.name == 'binaryfile':
				if value == '':
					object[key] = value
				elif os.path.exists(value):
					fh = open(value, 'r')
					content = fh.read()
					if "----BEGIN CERTIFICATE-----" in content:
						content = content.replace('----BEGIN CERTIFICATE-----', '')
						content = content.replace('----END CERTIFICATE-----', '')
						object[key] = base64.decodestring(content)
					else:
						object[key] = content
					fh.close()
				else:
					print >> out, 'WARNING: file not found: %s' % value

			elif univention.admin.syntax.is_syntax(module.property_descriptions[key].syntax, univention.admin.syntax.complex):
				if isinstance(value, list):
					for i in value:
						test_val = i.split('"')
						if test_val[0] and test_val[0] == value[i]:
							val = value[i].split(' ')
						else:
							val = []
							for j in test_val:
								j = j.strip()
								if j:
									val.append(j)
				else:
					val = value.split(' ')
				if module.property_descriptions[key].multivalue:
					object[key] = [val]
				else:
					object[key] = val
			else:
				try:
					object[key] = value
				except uex.ipOverridesNetwork, e:
					print >> out, 'WARNING: %s' % e.message
				except uex.valueMayNotChange, e:
					raise uex.valueMayNotChange, "%s: %s" % (e.message, key)


def list_available_modules(out=sys.stdout):

		usage(out=out)
		raise Failed()

	module_name = arglist[1]

	if module_name == 'modules':
		return list_available_modules(out=out)


		'recursive',
	]
	try:
		opts, args = getopt.getopt(arglist[3:], '', longopts)
	except getopt.error, msg:
		print >> out, msg
		raise Failed()

			" ".join(('"%s"' % _ for _ in args)),
		)

	position_dn = ''
	dn = ''
	binddn = None
	bindpwd = None
	list_policies = False
	policies_with_DN = False
	policyOptions = []
	logfile = '/var/log/univention/directory-manager-cmd.log'
	tls = 2
	ignore_exists = False
	superordinate_dn = ''
	parsed_append_options = []
	parsed_options = []
	filter = ''
	input = {}
	append = {}
	remove = {}
	policy_reference = []
	policy_dereference = []
	for opt, val in opts:
		if opt == '--position':
			position_dn = _2utf8(val)
		elif opt == '--logfile':
			logfile = val
		elif opt == '--policies':
			list_policies = True
			if val == "1":
				policies_with_DN = True
			else:
				policyOptions = ['-s']
		elif opt == '--binddn':
			binddn = val
		elif opt == '--bindpwd':
			bindpwd = val
		elif opt == '--bindpwdfile':
			try:
				with open(val) as fp:
					bindpwd = fp.read().strip()
			except IOError as e:
				print >> out, 'E: could not read bindpwd from file (%s)' % (e,)
				raise Failed()
		elif opt == '--dn':
			dn = _2utf8(val)
		elif opt == '--tls':
			tls = val
		elif opt == '--ignore_exists':
			ignore_exists = True
		elif opt == '--superordinate':
			superordinate_dn = val
		elif opt == '--option':
			parsed_options.append(val)
		elif opt == '--append-option':
			parsed_append_options.append(val)
		elif opt == '--filter':
			filter = val
		elif opt == '--policy-reference':
			policy_reference.append(val)
		elif opt == '--policy-dereference':

	configRegistry.load()

	if configRegistry.get('ldap/master'):
		co = univention.admin.config.config(configRegistry['ldap/master'])
	else:
		co = univention.admin.config.config()

	baseDN = configRegistry['ldap/base']

	debug_level = int(configRegistry.get('directory/manager/cmd/debug/level', 0))


			ud.debug(ud.ADMIN, ud.WARN, 'authentication error: %s' % str(e))
			print >> out, 'authentication error: %s' % (e,)
			raise Failed()
		policyOptions.extend(['-D', binddn, '-w', bindpwd])  # FIXME not so nice

	else:
		for binddn, secretFileName in (

		policyOptions.extend(['-D', binddn, '-y', secretFileName])

		try:
			secretFile = open(secretFileName, 'r')
		except IOError:
			print >> out, 'E: Permission denied, try --binddn and --bindpwd'
			raise Failed()
		pwdLine = secretFile.readline()
		pwd = re.sub('\n', '', pwdLine)

		try:
			lo = univention.admin.uldap.access(
				host=configRegistry['ldap/master'],
				port=int(configRegistry.get('ldap/master/port', '7389')),
				base=baseDN,
				binddn=binddn,
				bindpw=pwd,
				start_tls=tls
			)
		except Exception, e:
			ud.debug(ud.ADMIN, ud.WARN, 'authentication error: %s' % str(e))
			print >> out, 'authentication error: %s' % (e,)
			raise Failed()

	if not position_dn and superordinate_dn:
		position_dn = superordinate_dn
	elif not position_dn:
		position_dn = baseDN

	try:
		position = univention.admin.uldap.position(baseDN)
		position.setDn(position_dn)
	except uex.noObject:
		print >> out, 'E: Invalid position'
		raise Failed()

	try:
		module = univention.admin.modules.get(module_name)
	except:
		print >> out, "failed to get module %s." % module_name
		print >> out, ""

		raise Failed()

	# initialise modules
	univention.admin.modules.init(lo, position, module)

	information = module_information(module)

	if superordinate_dn and univention.admin.modules.superordinate(module):
		try:
			superordinate = univention.admin.objects.get(univention.admin.modules.superordinate(module), co, lo, '', dn=superordinate_dn)
		except uex.insufficientInformation, e:
			print >> out, 'Insufficient Information: %s' % (e,)
			raise Failed()
	else:
		superordinate = None


	if len(arglist) == 2:
		module_usage(information, out=out)
		raise Failed()

	action = arglist[2]

	if len(arglist) == 3 and action != 'list':
		module_usage(information, action, out=out)
		raise Failed()


	for opt, val in opts:
		if opt == '--set':
			name, value = val.split('=', 1)
			value = _2utf8(value)
			for mod, (properties, options) in information.items():
			for mod, (properties,options) in information.items():
				if name in properties:
					if properties[name].multivalue:
						values = input.setdefault(name, [])
						if value:
							values.append(value)
					else:
						input[name] = value
					break
			else:
				print >> out, "WARNING: No attribute with name '%s' in this module, value not set." % name

		elif opt == '--append':
			name, value = val.split('=', 1)
			value = _2utf8(value)
			for mod, (properties, options) in information.items():
				if name in properties:
					if properties[name].multivalue:
						values = append.setdefault(name, [])
						if value:
							values.append(value)
					else:
						append[name] = value
					break
			else:
				print >> out, "WARNING: No attribute with name %s in this module, value not appended." % name

				value = _2utf8(value)
			except ValueError:
				name, value = val, None
			for mod, (properties, options) in information.items():
				if name in properties:
					if properties[name].multivalue:
						values = remove.setdefault(name, [])
						if value:
							values.append(value)
					else:
						remove[name] = value
					break
			else:
				print >> out, "WARNING: No attribute with name %s in this module, value not removed." % name

		elif opt == '--remove_referring':
			remove_referring = True

		elif opt == '--recursive':
			recursive = True


	if action in ('modify', 'edit', 'create', 'new'):
		for el in policy_reference:
			oc = lo.get(el, ['objectClass'])
			if not oc:
				print >> out, "Object to be referenced does not exist: %s" % (el,)
				raise Failed()
			if not 'univentionPolicy' in oc['objectClass']:
				print >> out, "Object to be referenced is no valid Policy: %s" % (el,)
				raise Failed()


	#+++# ACTION CREATE #+++#
	if action in ('create', 'new'):
		if getattr(module, 'operations', None):
			if not 'add' in module.operations:
				print >> out, 'Create %s not allowed' % module_name
					raise Failed()
			try:
				object=module.object(co, lo, position=position, superordinate=superordinate)
			except uex.insufficientInformation:
				print >> out, 'E: Insufficient information'
				print >> out, 'Superordinate object is missing'
				raise Failed()
		try:
			object = module.object(co, lo, position=position, superordinate=superordinate)
		except uex.insufficientInformation:
			print >> out, 'E: Insufficient information'
			print >> out, 'Superordinate object is missing'
			raise Failed()

		if parsed_options:
			object.options = parsed_options

		object.open()
		if getattr(object, 'open_warning', None):
			print >> out, 'WARNING:%s' % object.open_warning
		try:
			object_input(module, object, input, append=append, out=out)
		except uex.nextFreeIp:
			if not ignore_exists:
				print >> out, 'E: No free IP address found'
					raise Failed()
			except uex.valueInvalidSyntax, err:
				print >> out, 'E: Invalid Syntax: %s' % err
				raise Failed()
			except Exception, err:
				print >> out, 'E: Option %s is not valid' % err
				raise Failed()
		except uex.valueInvalidSyntax, err:
			print >> out, 'E: Invalid Syntax: %s' % err
			raise Failed()
		except Exception, err:
			print >> out, 'E: Option %s is not valid' % err
			raise Failed()

		exists_msg = None
		try:
			dn = object.create()
		except uex.objectExists, dn:
			exists_msg = dn
			if not ignore_exists:
				print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.uidAlreadyUsed, user:
				exists_msg = '(uid) %s' % user
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.groupNameAlreadyUsed, group:
				exists_msg = '(group) %s' % group
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.dhcpServerAlreadyUsed, name:
				exists_msg = '(dhcpserver) %s' % name
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.macAlreadyUsed, mac:
				exists_msg = '(mac) %s' % mac
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.noLock, e:
				exists_msg = '(nolock) %s' % str(e)
				if not ignore_exists:
					print >> out, 'E: Object exists: %s' % exists_msg
					raise Failed()
			except uex.invalidDhcpEntry:
				print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.'
				raise Failed()
		except uex.uidAlreadyUsed, user:
			exists_msg = '(uid) %s' % user
			if not ignore_exists:
				print >> out, 'E: Object exists: %s' % exists_msg
			except uex.insufficientInformation:
				print >> out, 'E: Insufficient information'
				print >> out, 'The following parameters are missing:'
				for i in module.property_descriptions:
					property=module.property_descriptions.get(i)
					if property.required:
						if i not in object or (not object[i] or (isinstance(object[i], list) and object[i]==[''])):
							print >> out, i
				raise Failed()
		except uex.groupNameAlreadyUsed, group:
			exists_msg = '(group) %s' % group
			if not ignore_exists:
				print >> out, 'E: Object exists: %s' % exists_msg
				raise Failed()
		except uex.dhcpServerAlreadyUsed, name:
			exists_msg = '(dhcpserver) %s' % name
			if not ignore_exists:
				print >> out, 'E: Object exists: %s' % exists_msg
				raise Failed()
		except uex.macAlreadyUsed, mac:
			exists_msg = '(mac) %s' % mac
			if not ignore_exists:
				print >> out, 'E: Object exists: %s' % exists_msg
				raise Failed()
		except uex.noLock, e:
			exists_msg = '(nolock) %s' % str(e)
			if not ignore_exists:
				print >> out, 'E: Object exists: %s' % exists_msg
				raise Failed()
		except uex.invalidDhcpEntry:
			print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.'
			raise Failed()
		except uex.invalidOptions, e:
			if not ignore_exists:
				print >> out, 'E: invalid Options: %s' % e
				raise Failed()
		except uex.insufficientInformation:
			print >> out, 'E: Insufficient information'
			print >> out, 'The following parameters are missing:'
			for i in module.property_descriptions:
				property = module.property_descriptions.get(i)
				if property.required:
					if i not in object or (not object[i] or (isinstance(object[i], list) and object[i] == [''])):
						print >> out, i
			raise Failed()
		except uex.noObject, e:
			print >> out, 'E: object not found: %s' % e
			raise Failed()
		except uex.circularGroupDependency, e:
			print >> out, 'E: circular group dependency detected: %s' % e
			raise Failed()

		if policy_reference:
			lo.modify(dn, [('objectClass', '', 'univentionPolicyReference')])
			modlist = [('univentionPolicyReference', '', el) for el in policy_reference]
			lo.modify(dn, modlist)

		if exists_msg:
				print >> out, 'Object exists: %s' % exists_msg
		else:
			if not dn:
				dn = object.dn
			print >> out, 'Object created: %s' % _2utf8(dn)

	#+++# ACTION MODIFY #+++#
	elif action == 'modify' or action == 'edit' or action == 'move':
		if not dn:
			print >> out, 'E: DN is missing'

				raise Failed()

		try:
			object = univention.admin.objects.get(module, co, lo, position='', dn=dn)
		except uex.noObject:
			print >> out, 'E: object not found'
			raise Failed()

					print >> out, "position does not exsist: %s" % position_dn
					raise Failed()
				rdn, _old_base = dn.split(',', 1)
				newdn = "%s,%s" % (rdn, position_dn)
				try:
					object.move(newdn)
					object_modified += 1
				except uex.noObject:
					print >> out, 'E: object not found'
					raise Failed()

					print >> out, str(msg)
					raise Failed()

		else:  # modify

			if any((input, append, remove, parsed_append_options, parsed_options)):
				if parsed_options:
					object.options = parsed_options
				if parsed_append_options:
					for option in parsed_append_options:
						object.options.append(option)
				try:
					object_input(module, object, input, append, remove, out=out)
				except uex.valueMayNotChange, e:
					print >> out, unicode(e[0])
					raise Failed()
				if object.hasChanged(input.keys()) or object.hasChanged(append.keys()) or object.hasChanged(remove.keys()) or parsed_append_options or parsed_options:
					try:
						dn = object.modify()
						object_modified += 1
					except uex.noObject:
						print >> out, 'E: object not found'
						raise Failed()

						raise Failed()

			if policy_reference:
				if 'univentionPolicyReference' not in lo.get(dn, ['objectClass'])['objectClass']:
					lo.modify(dn, [('objectClass', '', 'univentionPolicyReference')])
					object_modified += 1
				modlist = []
				upr = lo.search(base=dn, scope='base', attr=['univentionPolicyReference'])[0][1]
				if 'univentionPolicyReference' not in upr:
					upr['univentionPolicyReference'] = []

					if val in upr['univentionPolicyReference']:
						print >> out, 'WARNING: cannot append %s to univentionPolicyReference, value exists' % val
					else:
						modlist.append(('univentionPolicyReference', '', el))
				if modlist:
					lo.modify(dn, modlist)
					object_modified += 1

			if policy_dereference:
				modlist = [('univentionPolicyReference', el, '') for el in policy_dereference]
				lo.modify(dn, modlist)
				object_modified += 1

		if object_modified > 0:
			print >> out, 'Object modified: %s' % _2utf8(dn)

			print >> out, 'No modification: %s' % _2utf8(dn)

	elif action == 'remove' or action == 'delete':

		if getattr(module, 'operations', None):
			if not 'remove' in module.operations:
				print >> out, 'Remove %s not allowed' % module_name


		try:
			if dn and filter:
				object = univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=dn, filter=filter, required=1, unique=1)[0]
			elif dn:
				object = univention.admin.modules.lookup(module, co, lo, scope='base', superordinate=superordinate, base=dn, filter=filter, required=1, unique=1)[0]
			elif filter:
				object = univention.admin.modules.lookup(module, co, lo, scope='sub', superordinate=superordinate, base=position.getDn(), filter=filter, required=1, unique=1)[0]
			else:
				print >> out, 'E: dn or filter needed'
				raise Failed()

		if recursive:
			try:
				object.remove(recursive)
			except uex.ldapError, msg:
				print >> out, str(msg)
				raise Failed()
		else:

		print >> out, 'Object removed: %s' % _2utf8(dn)

	elif action == 'list' or action == 'lookup':

		if getattr(module, 'operations', None):
			if not 'search' in module.operations:
				print >> out, 'Search %s not allowed' % module_name

					if getattr(object, 'open_warning', None):
						print >> out, 'WARNING: %s' % object.open_warning
					for key, value in object.items():
						s = module.property_descriptions[key].syntax
						if module.property_descriptions[key].multivalue:
							for v in value:
								if s.tostring(v):

							else:
								print >> out, '  %s: %s' % (_2utf8(key), None)

					if 'univentionPolicyReference' in lo.get(univention.admin.objects.dn(object), ['objectClass'])['objectClass']:
						references = lo.get(
							_2utf8(univention.admin.objects.dn(object)),
							['univentionPolicyReference']
						)
						if references:
							for el in references['univentionPolicyReference']:
								print >> out, '  %s: %s' % (

								)

				if list_policies:
					utf8_objectdn = _2utf8(univention.admin.objects.dn(object))
					print >> out, "  Policy-based Settings:"
					client = get_policy(utf8_objectdn, out, policyOptions, policies_with_DN)
					print >> out, ''

					if module_name == 'dhcp/host':
						subnet_module = univention.admin.modules.get('dhcp/subnet')
						for subnet in univention.admin.modules.lookup(subnet_module, co, lo, scope='sub', superordinate=superordinate, base='', filter=''):
							if univention.admin.ipaddress.ip_is_in_network(subnet['subnet'], subnet['subnetmask'], object['fixedaddress'][0]):
								utf8_subnet_dn = _2utf8(subnet.dn)
								print >> out, "  Subnet-based Settings:"
								ddict = get_policy(utf8_subnet_dn, out, policyOptions, policies_with_DN)
								print >> out, ''

								print >> out, "  Merged Settings:"

								for key, values in ddict.items():
									if key not in client:
										client[key] = values

								if policies_with_DN:
									for key, (policy, values) in client.items():
										print >> out, "    Policy: " + policy
										print >> out, "    Attribute: " + key
										for value in values:
											print >> out, "    Value: " + value
								else:
									for key, values in client.items():
										for value in values:
											print >> out, "    %s=%s" % (key, value)
								print >> out, ''
									print >> out, ''

				print >> out, ''
		except uex.ldapError, errmsg:





logfile = ''


class MyRequestHandler(SocketServer.BaseRequestHandler):
	"""Handle request on listeneing socket to open new connection."""
	def handle(self):

	"""UDM server listening on UNIX socket."""
	address_family = socket.AF_UNIX
	allow_reuse_address = 1

	def server_bind(self):
		SocketServer.TCPServer.server_bind(self)
		_host, port = self.socket.getsockname()[:2]
		self.server_name = 'localhost'  # socket.getfqdn(host)
		self.server_port = port



				os.kill(pid, signal.SIGCONT)
		except (ValueError, OSError):
			pid = 0
		if not pid:  # no pid found or no server running
			os.unlink(socket_path)
			os.unlink(runfilename)
			os.rmdir(socket_dir)

			if not rlist:
				ud.debug(ud.ADMIN, ud.INFO, 'daemon [%s] stopped after %s seconds idle' % (os.getpid(), timeout))
				sys.exit(0)

	finally:
		os.unlink(socket_path)
		os.unlink(runfilename)

	else:  # parent
		os.waitpid(pid, os.P_NOWAIT)


if __name__ == "__main__":
	main()
- 
--
.../modules/univention/admincli/admin.py           | 108 ++++++++++-----------
1 file changed, 54 insertions(+), 54 deletions(-)




							tmp = list(values)
							tmp.append(val)
							object[key] = list(tmp)
						except uex.valueInvalidSyntax, ex:
							print >> out, 'E: Invalid Syntax: %s' % (ex,)
	if remove:
		for key, value in remove.items():
			if univention.admin.syntax.is_syntax(module.property_descriptions[key].syntax, univention.admin.syntax.complex):

			else:
				try:
					object[key] = value
				except uex.ipOverridesNetwork, ex:
					print >> out, 'WARNING: %s' % ex.message
				except uex.valueMayNotChange, ex:
					raise uex.valueMayNotChange, "%s: %s" % (ex.message, key)


def list_available_modules(out=sys.stdout):

def doit(arglist, out=sys.stdout):
	try:
		_doit(arglist, out)
	except uex.base, ex:
		ud.debug(ud.ADMIN, ud.WARN, traceback.format_exc())

		# collect error information
		msg = []
		if getattr(ex, 'message', None):
			msg.append(ex.message)
		if getattr(ex, 'args', None):
			#avoid duplicate messages
			if not len(msg) or len(ex.args) > 1 or ex.args[0] != msg[0]:
				msg.extend(ex.args)

		# strip elements and make sure that a ':' is printed iff further information follows
		msg = [_.strip() for _ in msg]

	]
	try:
		opts, args = getopt.getopt(arglist[3:], '', longopts)
	except getopt.error, ex:
		print >> out, ex
		raise Failed()

	if args and isinstance(args, list):

			try:
				with open(val) as fp:
					bindpwd = fp.read().strip()
			except IOError as ex:
				print >> out, 'E: could not read bindpwd from file (%s)' % (ex,)
				raise Failed()
		elif opt == '--dn':
			dn = _2utf8(val)

				start_tls=tls,
				bindpw=bindpwd
			)
		except Exception, ex:
			ud.debug(ud.ADMIN, ud.WARN, 'authentication error: %s' % (ex,))
			print >> out, 'authentication error: %s' % (ex,)
			raise Failed()
		policyOptions.extend(['-D', binddn, '-w', bindpwd])  # FIXME not so nice


				bindpw=pwd,
				start_tls=tls
			)
		except Exception, ex:
			ud.debug(ud.ADMIN, ud.WARN, 'authentication error: %s' % (ex,))
			print >> out, 'authentication error: %s' % (ex,)
			raise Failed()

	if not position_dn and superordinate_dn:

	if superordinate_dn and univention.admin.modules.superordinate(module):
		try:
			superordinate = univention.admin.objects.get(univention.admin.modules.superordinate(module), co, lo, '', dn=superordinate_dn)
		except uex.insufficientInformation, ex:
			print >> out, 'Insufficient Information: %s' % (ex,)
			raise Failed()
	else:
		superordinate = None

			if not ignore_exists:
				print >> out, 'E: No free IP address found'
				raise Failed()
		except uex.valueInvalidSyntax, ex:
			print >> out, 'E: Invalid Syntax: %s' % ex
			raise Failed()
		except Exception, ex:
			print >> out, 'E: Option %s is not valid' % ex
			raise Failed()

		exists_msg = None

			if not ignore_exists:
				print >> out, 'E: Object exists: %s' % exists_msg
				raise Failed()
		except uex.noLock, ex:
			exists_msg = '(nolock) %s' % (ex,)
			if not ignore_exists:
				print >> out, 'E: Object exists: %s' % exists_msg
				raise Failed()
		except uex.invalidDhcpEntry:
			print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.'
			raise Failed()
		except uex.invalidOptions, ex:
			if not ignore_exists:
				print >> out, 'E: invalid Options: %s' % ex
				raise Failed()
		except uex.insufficientInformation:
			print >> out, 'E: Insufficient information'

					if i not in object or (not object[i] or (isinstance(object[i], list) and object[i] == [''])):
						print >> out, i
			raise Failed()
		except uex.noObject, ex:
			print >> out, 'E: object not found: %s' % ex
			raise Failed()
		except uex.circularGroupDependency, ex:
			print >> out, 'E: circular group dependency detected: %s' % ex
			raise Failed()

		if policy_reference:

				except uex.noObject:
					print >> out, 'E: object not found'
					raise Failed()
				except uex.ldapError, ex:
					print >> out, "ldap Error: %s" % ex
					raise Failed()
				except uex.nextFreeIp:
					print >> out, 'E: No free IP address found'
					raise Failed()
				except uex.valueInvalidSyntax, ex:
					print >> out, 'E: Invalid Syntax: %s' % ex
					raise Failed()
				except uex.invalidOperation, ex:
					print >> out, ex
					raise Failed()

		else:  # modify

						object.options.append(option)
				try:
					object_input(module, object, input, append, remove, out=out)
				except uex.valueMayNotChange, ex:
					print >> out, unicode(ex[0])
					raise Failed()
				if object.hasChanged(input.keys()) or object.hasChanged(append.keys()) or object.hasChanged(remove.keys()) or parsed_append_options or parsed_options:
					try:

					except uex.invalidDhcpEntry:
						print >> out, 'E: The DHCP entry for this host should contain the zone dn, the ip address and the mac address.'
						raise Failed()
					except uex.circularGroupDependency, ex:
						print >> out, 'E: circular group dependency detected: %s' % ex
						raise Failed()
					except uex.valueInvalidSyntax, ex:
						print >> out, 'E: Invalid Syntax: %s' % ex
						raise Failed()

			if policy_reference:

		if recursive:
			try:
				object.remove(recursive)
			except uex.ldapError, ex:
				print >> out, ex
				raise Failed()
		else:
			try:

								print >> out, ''

				print >> out, ''
		except uex.ldapError, ex:
			print >> out, ex
			raise Failed()
		except uex.valueInvalidSyntax, ex:
			print >> out, ex.message
			raise Failed()
	else:
		print >> out, "Unknown or no action defined"
- 
--
.../modules/univention/admincli/admin.py           | 148 +++++++++++++++++++++
1 file changed, 148 insertions(+)





from textwrap import dedent
import sys
from argparse import ArgumentParser
import getopt
import re
import base64

univention.admin.syntax.update_choices()


def parse_commandline():
	usage = dedent("""\
	%(prog)s module action [arguments]
	%(prog)s [--help] [--version]
	""")
	description = dedent("""\
	univention-directory-manager is a tool to handle the configuration for UCS
	on command line level.
	Use "univention-directory-manager modules" for a list of available modules.
	""")
	version = "%(prog)s @%@package_version@%@"
	parser = ArgumentParser(
		usage=usage,
		description=description,
		prog="univention-directory-manager")
	parser.add_argument("-?", action="help")
	parser.add_argument("--version", action="version", version=version)

	general_opt = parser.add_argument_group("General options")
	general_opt.add_argument(
		"--logfile",
		dest="logfile",
		default='/var/log/univention/directory-manager-cmd.log',
		help="path and name of the logfile to be used")
	general_opt.add_argument(
		"--binddn",
		dest="binddn",
		help="bind DN")
	general_opt.add_argument(
		"--bindpwd",
		dest="bindpwd",
		help="bind password")
	general_opt.add_argument(
		"--bindpwdfile",
		dest="bindpwdfile",
		help="file containing bind password")
	general_opt.add_argument(
		"--tls",
		dest="tls", type=int,
		default=2, choices=range(3),
		help="0 (no); 1 (try); 2 (must)")

	subparsers = parser.add_subparsers(
			title="sub-commands",
			description="valid subcommands",
			help="additional help")

	create_opt = subparsers.add_parser("modules", help="List available modules")

	create_opt = subparsers.add_parser("create", help="Create a new object")
	create_opt.add_argument(
		"--position",
		dest="position",
		help="Set position in tree")
	create_opt.add_argument(
		"--set",
		action="append", dest="set", required=True,
		help="Set variable to value, e.g. foo=bar")
	create_opt.add_argument(
		"--superordinate",
		dest="superordinate",
		help="Use superordinate module")
	create_opt.add_argument(
		"--option",
		action="append", dest="option",
		help="Use only given module options")
	create_opt.add_argument(
		"--policy-reference",
		action="append", dest="policy_reference",
		help="Reference to policy given by DN")
	create_opt.add_argument(
		"--ignore_exists",
		action="store_true", dest="ignore_exists",
		help="Ignore already existing object")

	modify_opt = subparsers.add_parser("modify", help="Modify an existing object")
	modify_opt.add_argument(
		"--dn",
		dest="dn", required=True,
		help="Edit object with DN")
	modify_opt.add_argument(
		"--set",
		action="append", dest="set",
		help="Set variable to value, e.g. foo=bar")
	modify_opt.add_argument(
		"--append",
		action="append", dest="append",
		help="Append value to variable, e.g. foo=bar")
	modify_opt.add_argument(
		"--remove",
		action="append", dest="remove",
		help="Remove value from variable, e.g. foo=bar")
	modify_opt.add_argument(
		"--option",
		action="append", dest="option",
		help="Append the module options")
	modify_opt.add_argument(
		"--policy-reference",
		action="append", dest="policy_reference",
		help="Reference to policy given by DN")
	modify_opt.add_argument(
		"--policy-dereference",
		action="append", dest="policy_dereference",
		help="Remove reference to policy given by DN")

	remove_opt = subparsers.add_parser("remove", help="Remove an existing object")
	remove_opt.add_argument(
		"--dn",
		dest="dn",
		help="Remove object with DN")
	remove_opt.add_argument(
		"--superordinate",
		dest="superordinate",
		help="Use superordinate module")
	remove_opt.add_argument(
		"--filter",
		dest="filter",
		help="Lookup filter e.g. foo=bar")
	remove_opt.add_argument(
		"--remove_referring",
		action="store_true", dest="remove_referring",
		help="Remove referring objects")

	list_opt = subparsers.add_parser("list", help="List objects")
	list_opt.add_argument(
		"--filter",
		dest="filter",
		help="Lookup filter e.g. foo=bar")
	list_opt.add_argument(
		"--policies",
		dest="policies", type=int, choices=range(2),
		help="List policy-based settings: 0:short, 1:long (with policy-DN)")

	move_opt = subparsers.add_parser("move", help="Move object in directory tree")
	move_opt.add_argument(
		"--dn",
		dest="dn", required=True,
		help="Move object with DN")
	move_opt.add_argument(
		"--position",
		dest="position", required=True,
		help="Move to position in tree")

	args = parser.parse_args()
	return args


class Failed(Exception):
	def __str__(self):
		return "OPERATION FAILED"
- 

Return to bug 33224