|
|
|---|
| 947 |
except ValueError: |
947 |
except ValueError: |
| 948 |
return False |
948 |
return False |
| 949 |
|
949 |
|
| 950 |
def _has_another_global_member(self): |
950 |
def _is_member_of_global_group(self): |
| 951 |
searchResult = self.lo.search(base=self.position.getDomain(), filter='(uniqueMember=%s)' % self.dn, attr=['univentionGroupType']) |
951 |
searchResult = self.lo.search(base=self.position.getDomain(), filter='(uniqueMember=%s)' % self.dn, attr=['univentionGroupType']) |
| 952 |
for (dn,attr) in searchResult: |
952 |
for (dn,attr) in searchResult: |
| 953 |
groupType = attr.get('univentionGroupType', [None])[0] |
953 |
groupType = attr.get('univentionGroupType', [None])[0] |
|
|
|---|
| 955 |
return True |
955 |
return True |
| 956 |
return False |
956 |
return False |
| 957 |
|
957 |
|
| 958 |
def _has_another_domain_local_member(self): |
958 |
def _has_domain_local_member(self): |
| 959 |
searchResult = self.lo.search(base=self.position.getDomain(), filter='(uniqueMember=%s)' % self.dn, attr=['univentionGroupType']) |
959 |
for member_dn in self.oldattr.get('uniqueMember'): |
| 960 |
for (dn,attr) in searchResult: |
960 |
searchResult = self.lo.search(base=member_dn, attr=['univentionGroupType']) |
| 961 |
groupType = attr.get('univentionGroupType', [None])[0] |
961 |
if searchResult: |
| 962 |
if self.__is_groupType_domain_local(groupType): |
962 |
(dn, attr) = searchResult |
| 963 |
return True |
963 |
groupType = attr.get('univentionGroupType', [None])[0] |
|
|
964 |
if self.__is_groupType_domain_local(groupType): |
| 965 |
return True |
| 966 |
else: |
| 967 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'groups/group: uniqueMember %s not found during groupType check' % (member_dn,)) |
| 968 |
raise univention.admin.uexceptions.invalidChild |
| 964 |
return False |
969 |
return False |
| 965 |
|
970 |
|
| 966 |
def _has_another_universal_member(self): |
971 |
def _has_universal_member(self): |
| 967 |
searchResult = self.lo.search(base=self.position.getDomain(), filter='(uniqueMember=%s)' % self.dn, attr=['univentionGroupType']) |
972 |
for member_dn in self.oldattr.get('uniqueMember'): |
| 968 |
for (dn,attr) in searchResult: |
973 |
searchResult = self.lo.search(base=member_dn, attr=['univentionGroupType']) |
| 969 |
groupType = attr.get('univentionGroupType', [None])[0] |
974 |
if searchResult: |
| 970 |
if self.__is_groupType_universal(groupType): |
975 |
(dn, attr) = searchResult |
| 971 |
return True |
976 |
groupType = attr.get('univentionGroupType', [None])[0] |
|
|
977 |
if self.__is_groupType_universal(groupType): |
| 978 |
return True |
| 979 |
else: |
| 980 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.ERROR, 'groups/group: uniqueMember %s not found during groupType check' % (member_dn,)) |
| 981 |
raise univention.admin.uexceptions.invalidChild |
| 972 |
return False |
982 |
return False |
| 973 |
|
983 |
|
| 974 |
def check_ad_group_type_change(self): |
984 |
def check_ad_group_type_change(self): |
|
|
|---|
| 1001 |
# Global to universal: |
1011 |
# Global to universal: |
| 1002 |
# This conversion is allowed only if the group that you want to change is not a member of |
1012 |
# This conversion is allowed only if the group that you want to change is not a member of |
| 1003 |
# another global scope group. |
1013 |
# another global scope group. |
| 1004 |
if self._has_another_global_member(): |
1014 |
if self._is_member_of_global_group(): |
| 1005 |
raise univention.admin.uexceptions.adGroupTypeChangeGlobalToUniversal |
1015 |
raise univention.admin.uexceptions.adGroupTypeChangeGlobalToUniversal |
| 1006 |
elif self.__is_groupType_domain_local(old_groupType) and self.__is_groupType_universal(new_groupType): |
1016 |
elif self.__is_groupType_domain_local(old_groupType) and self.__is_groupType_universal(new_groupType): |
| 1007 |
# Domain local to universal: |
1017 |
# Domain local to universal: |
| 1008 |
# This conversion is allowed only if the group that you want to change does not have |
1018 |
# This conversion is allowed only if the group that you want to change does not have |
| 1009 |
# another domain local group as a member. |
1019 |
# another domain local group as a member. |
| 1010 |
if self._has_another_domain_local_member(): |
1020 |
if self._has_domain_local_member(): |
| 1011 |
raise univention.admin.uexceptions.adGroupTypeChangeDomainLocalToUniversal |
1021 |
raise univention.admin.uexceptions.adGroupTypeChangeDomainLocalToUniversal |
| 1012 |
elif self.__is_groupType_universal(old_groupType) and self.__is_groupType_global(new_groupType): |
1022 |
elif self.__is_groupType_universal(old_groupType) and self.__is_groupType_global(new_groupType): |
| 1013 |
# Universal to global: |
1023 |
# Universal to global: |
| 1014 |
# This conversion is allowed only if the group that you want to change does not have |
1024 |
# This conversion is allowed only if the group that you want to change does not have |
| 1015 |
# another universal group as a member. |
1025 |
# another universal group as a member. |
| 1016 |
if self._has_another_universal_member(): |
1026 |
if self._has_universal_member(): |
| 1017 |
raise univention.admin.uexceptions.adGroupTypeChangeUniversalToGlobal |
1027 |
raise univention.admin.uexceptions.adGroupTypeChangeUniversalToGlobal |
| 1018 |
|
1028 |
|
| 1019 |
def __generate_group_sid(self, gidNum): |
1029 |
def __generate_group_sid(self, gidNum): |