|
30 |
# /usr/share/common-licenses/AGPL-3; if not, see |
30 |
# /usr/share/common-licenses/AGPL-3; if not, see |
31 |
# <http://www.gnu.org/licenses/>. |
31 |
# <http://www.gnu.org/licenses/>. |
32 |
|
32 |
|
|
|
33 |
import ldap.filter |
33 |
import univention.debug |
34 |
import univention.debug |
34 |
import univention.admin.locking |
35 |
import univention.admin.locking |
35 |
import univention.admin.uexceptions |
36 |
import univention.admin.uexceptions |
Lines 161-182
def acquireUnique(lo, position, type, value, attr, scope='base'):
|
Link Here
|
---|
|
161 |
|
162 |
|
162 |
if type=="aRecord": # uniqueness is only relevant among hosts (one or more dns entrys having the same aRecord as a host are allowed) |
163 |
if type=="aRecord": # uniqueness is only relevant among hosts (one or more dns entrys having the same aRecord as a host are allowed) |
163 |
univention.admin.locking.lock(lo, position, type, value, scope=scope) |
164 |
univention.admin.locking.lock(lo, position, type, value, scope=scope) |
164 |
if not lo.searchDn(base=searchBase, filter='(&(objectClass=univentionHost)(%s=%s))' % (attr, value)): |
165 |
if not lo.searchDn(base=searchBase, filter=ldap.filter.filter_format('(&(objectClass=univentionHost)(%s=%s))', (attr, value))): |
165 |
return value |
166 |
return value |
166 |
elif type in ['groupName', 'uid'] and configRegistry.is_true('directory/manager/user_group/uniqueness', True): |
167 |
elif type in ['groupName', 'uid'] and configRegistry.is_true('directory/manager/user_group/uniqueness', True): |
167 |
univention.admin.locking.lock(lo, position, type, value, scope=scope) |
168 |
univention.admin.locking.lock(lo, position, type, value, scope=scope) |
168 |
if not lo.searchDn(base=searchBase, filter='(|(&(cn=%s)(|(objectClass=univentionGroup)(objectClass=sambaGroupMapping)(objectClass=posixGroup)))(uid=%s))' % (value, value)): |
169 |
if not lo.searchDn(base=searchBase, filter=ldap.filter.filter_format('(|(&(cn=%s)(|(objectClass=univentionGroup)(objectClass=sambaGroupMapping)(objectClass=posixGroup)))(uid=%s))', (value, value))): |
169 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'ALLOCATE return %s'% value) |
170 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'ALLOCATE return %s'% value) |
170 |
return value |
171 |
return value |
171 |
elif type == "groupName": # search filter is more complex then in general case |
172 |
elif type == "groupName": # search filter is more complex then in general case |
172 |
univention.admin.locking.lock(lo, position, type, value, scope=scope) |
173 |
univention.admin.locking.lock(lo, position, type, value, scope=scope) |
173 |
if not lo.searchDn(base=searchBase, filter='(&(%s=%s)(|(objectClass=univentionGroup)(objectClass=sambaGroupMapping)(objectClass=posixGroup)))' % (attr, value)): |
174 |
if not lo.searchDn(base=searchBase, filter=ldap.filter.filter_format('(&(%s=%s)(|(objectClass=univentionGroup)(objectClass=sambaGroupMapping)(objectClass=posixGroup)))', (attr, value))): |
174 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'ALLOCATE return %s'% value) |
175 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'ALLOCATE return %s'% value) |
175 |
return value |
176 |
return value |
176 |
else: |
177 |
else: |
177 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'LOCK univention.admin.locking.lock scope = %s' % scope) |
178 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'LOCK univention.admin.locking.lock scope = %s' % scope) |
178 |
univention.admin.locking.lock(lo, position, type, value, scope=scope) |
179 |
univention.admin.locking.lock(lo, position, type, value, scope=scope) |
179 |
if not lo.searchDn(base=searchBase, filter='%s=%s' % (attr, value)): |
180 |
if not lo.searchDn(base=searchBase, filter=ldap.filter.filter_format('%s=%s', (attr, value))): |
180 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'ALLOCATE return %s'% value) |
181 |
univention.debug.debug(univention.debug.ADMIN, univention.debug.INFO, 'ALLOCATE return %s'% value) |
181 |
return value |
182 |
return value |
182 |
|
183 |
|
Lines 191-197
def request(lo, position, type, value=None):
|
Link Here
|
---|
|
191 |
|
192 |
|
192 |
def confirm(lo, position, type, value): |
193 |
def confirm(lo, position, type, value): |
193 |
if type in ( 'uidNumber', 'gidNumber' ): |
194 |
if type in ( 'uidNumber', 'gidNumber' ): |
194 |
startID = lo.modify('cn=%s,cn=temporary,cn=univention,%s' % (type,position.getBase()),[('univentionLastUsedValue','1', value)]) |
195 |
lo.modify('cn=%s,cn=temporary,cn=univention,%s' % (type,position.getBase()),[('univentionLastUsedValue','1', value)]) |
195 |
univention.admin.locking.unlock(lo, position, type, value, _type2scope[type]) |
196 |
univention.admin.locking.unlock(lo, position, type, value, _type2scope[type]) |
196 |
|
197 |
|
197 |
|
198 |
|