root/controlies/trunk/Plugins/LdapConnection.py @ 170
| 61 | manumora | ##############################################################################
|
|
# -*- coding: utf-8 -*-
|
|||
# Project: ControlIES
|
|||
# Module: LdapConnection.py
|
|||
# Purpose: Connection with ldap server
|
|||
# Language: Python 2.5
|
|||
# Date: 7-Feb-2011.
|
|||
# Ver: 7-Feb-2011.
|
|||
# Author: Manuel Mora Gordillo
|
|||
# Copyright: 2011 - Manuel Mora Gordillo <manuito @no-spam@ gmail.com>
|
|||
#
|
|||
# ControlIES is free software: you can redistribute it and/or modify
|
|||
# it under the terms of the GNU General Public License as published by
|
|||
# the Free Software Foundation, either version 3 of the License, or
|
|||
# (at your option) any later version.
|
|||
# ControlIES is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
# You should have received a copy of the GNU General Public License
|
|||
# along with ControlAula. If not, see <http://www.gnu.org/licenses/>.
|
|||
#
|
|||
##############################################################################
|
|||
import ldap
|
|||
import logging
|
|||
from zope.interface import Interface, Attribute, implements
|
|||
class ILdapConnection(Interface):
|
|||
connection=Attribute("a ldap connection")
|
|||
class LdapConnection(object):
|
|||
implements(ILdapConnection)
|
|||
def __init__(self,session):
|
|||
| 150 | jredrejo | self.host = ""
|
|
self.user = ""
|
|||
self.passwd = ""
|
|||
pass
|
|||
| 61 | manumora | ||
def setCredentials(self,host,user,passwd):
|
|||
| 150 | jredrejo | self.host = host
|
|
self.user = user
|
|||
self.passwd = passwd
|
|||
| 61 | manumora | ||
def validation(self):
|
|||
| 150 | jredrejo | if self.host == "":
|
|
return "host"
|
|||
| 61 | manumora | ||
| 150 | jredrejo | if self.user == "":
|
|
return "user"
|
|||
| 61 | manumora | ||
| 150 | jredrejo | if self.passwd == "":
|
|
return "password"
|
|||
| 61 | manumora | ||
| 150 | jredrejo | return "OK"
|
|
| 61 | manumora | ||
def process(self):
|
|||
| 150 | jredrejo | val = self.validation()
|
|
if val != "OK":
|
|||
return val
|
|||
| 61 | manumora | ||
| 150 | jredrejo | auth = self.connect()
|
|
return auth
|
|||
| 61 | manumora | ||
def connect(self):
|
|||
| 150 | jredrejo | self.connection=ldap.open(self.host)
|
|
try:
|
|||
self.connection.simple_bind_s("cn="+self.user+",ou=People,dc=instituto,dc=extremadura,dc=es",self.passwd)
|
|||
except ldap.INVALID_CREDENTIALS:
|
|||
logging.getLogger().debug('LDAP user or password incorrect')
|
|||
return False
|
|||
except ldap.CONFIDENTIALITY_REQUIRED:
|
|||
try:
|
|||
#self.connection.set_option(ldap.OPT_X_TLS_DEMAND, True)
|
|||
self.connection=ldap.initialize("ldaps://" +self.host)
|
|||
self.connection.simple_bind_s("cn="+self.user+",ou=People,dc=instituto,dc=extremadura,dc=es",self.passwd)
|
|||
return True
|
|||
except ldap.LDAPError,e:
|
|||
logging.getLogger().debug('A secure connection with the ldap server could not be established')
|
|||
return False
|
|||
except ldap.LDAPError,e:
|
|||
logging.getLogger().debug('LDAP error %s' % e.message["desc"])
|
|||
return False
|
|||
| 61 | manumora | ||
| 150 | jredrejo | return True
|
|
| 61 | manumora | ||
def getConnect(self):
|
|||
| 150 | jredrejo | return self.connection
|
|
| 61 | manumora | def search(self,baseDN,filter,retrieveAttributes):
|
|
| 150 | jredrejo | ||
try:
|
|||
ldap_result_id = self.connection.search(baseDN+",dc=instituto,dc=extremadura,dc=es", ldap.SCOPE_SUBTREE, filter, retrieveAttributes)
|
|||
result_set = []
|
|||
while 1:
|
|||
result_type, result_data = self.connection.result(ldap_result_id, 0)
|
|||
if (result_data == []):
|
|||
break
|
|||
else:
|
|||
if result_type == ldap.RES_SEARCH_ENTRY:
|
|||
result_set.append(result_data)
|
|||
return result_set
|
|||
except ldap.LDAPError, e:
|
|||
logging.getLogger().debug('LDAP error search')
|
|||
"""result = con.search_s( base_dn, ldap.SCOPE_SUBTREE, filter, attrs )
|
|||
return result"""
|
|||
| 61 | manumora | ||
def add(self,baseDN,attr):
|
|||
| 150 | jredrejo | try:
|
|
self.connection.add_s(baseDN+",dc=instituto,dc=extremadura,dc=es", attr)
|
|||
except ldap.ALREADY_EXISTS:
|
|||
logging.getLogger().debug("LDAP already exists %s" % (baseDN))
|
|||
except ldap.OPERATIONS_ERROR:
|
|||
logging.getLogger().debug("LDAP operation error %s" % (baseDN))
|
|||
except ldap.NO_SUCH_OBJECT:
|
|||
logging.getLogger().debug("LDAP no such object %s" % (baseDN))
|
|||
return True
|
|||
| 61 | manumora | ||
def modify(self,baseDN,attr):
|
|||
| 150 | jredrejo | try:
|
|
self.connection.modify_s(baseDN+",dc=instituto,dc=extremadura,dc=es", attr)
|
|||
except ldap.OPERATIONS_ERROR:
|
|||
print "error"
|
|||
except ldap.NO_SUCH_OBJECT:
|
|||
print "no_such_object"
|
|||
return True
|
|||
| 61 | manumora | def delete(self,baseDN):
|
|
| 150 | jredrejo | try:
|
|
self.connection.delete_s(baseDN+",dc=instituto,dc=extremadura,dc=es")
|
|||
except ldap.OPERATIONS_ERROR:
|
|||
print "error"
|
|||
except ldap.NO_SUCH_OBJECT:
|
|||
print "no_such_object"
|
|||
return True
|
|||
| 61 | manumora | """def searchClassroomComputers(self,classroom):
|
|
| 150 | jredrejo | ''' How many groups? '''
|
|
base_dn = 'cn=THINCLIENTS,cn=DHCP Config,dc=instituto,dc=extremadura,dc=es'
|
|||
filter = '(cn=group*)'
|
|||
attrs = ['cn']
|
|||
groups = self.search(self,base_dn,filter,attrs)
|
|||
| 61 | manumora | ||
| 150 | jredrejo | numberDesktops=0;
|
|
for i in range(0,len(groups)):
|
|||
''' search computers of different groups '''
|
|||
base_dn = 'cn='+groups[i][0]['cn'][0]+',cn=THINCLIENTS,cn=DHCP Config,dc=instituto,dc=extremadura,dc=es'
|
|||
filter = '(cn='+classroom+'-o*)'
|
|||
attrs = ['cn','dhcpHWAddress']
|
|||
computers = self.search(self,base_dn,filter,attrs)
|
|||
| 61 | manumora | ||
| 150 | jredrejo | for j in range(0,len(computers)):
|
|
self.Desktops[numberDesktops] = {'desktop':computers[j][1]['cn'][0] , 'mac':computers[j][1]['dhcpHWAddress'][0]}
|
|||
numberDesktops = numberDesktops + 1"""
|