Commit 7dcdae94 authored by Andrea Veri's avatar Andrea Veri

Drop redundant code and start making good use of the gnome_ldap_utils class

parent 2b4d369b
......@@ -19,7 +19,6 @@ class Gnome_ldap_utils:
print >>sys.stderr, e
sys.exit(1)
def get_group_from_ldap(self, group):
import ldap.filter
......@@ -39,7 +38,6 @@ class Gnome_ldap_utils:
return members
def get_attributes_from_ldap(self, uid, attr):
import ldap.filter
......@@ -51,8 +49,11 @@ class Gnome_ldap_utils:
else:
return None
def get_uids_from_group(self, group):
people = self.get_group_from_ldap(group)
return people
def replace_ldap_password(self, userid, password):
replace_password = [(ldap.MOD_REPLACE, 'userPassword', password)]
l.modify_s('uid=%s,%s' % (self.LDAP_USER_BASE, userid, replace_password)
\ No newline at end of file
#!/usr/bin/python
import ldap
import ldap.filter
import string
import smtplib
import sys
import os
import ldap.modlist as modlist
from email.MIMEText import MIMEText
LDAP_GROUP_BASE='cn=groups,cn=accounts,dc=gnome,dc=org'
LDAP_USER_BASE='cn=users,cn=accounts,dc=gnome,dc=org'
from email.MIMEText import MIMEText
from gnome_ldap_utils import *
execfile('/home/admin/secret/freeipa')
try:
l = ldap.open('localhost')
l.simple_bind("cn=Directory Manager", ldap_password)
except ldap.LDAPError, e:
print >>sys.stderr, e
sys.exit(1)
def _parse_members_from_group(group):
filter = ldap.filter.filter_format('(&(objectClass=posixGroup)(cn=%s))', (group, ))
results = l.search_s(LDAP_GROUP_BASE, ldap.SCOPE_SUBTREE, filter, ('member', ))
members = set()
for _, attr in results:
for userid in attr['member']:
splitentry = userid.split(',')
singleentry = splitentry[0]
splitteduid = singleentry.split('=')
uid = splitteduid[1]
members.add(uid)
return members
def _get_attributes_from_ldap(userid, attr):
filter = ldap.filter.filter_format('(uid=%s)', (userid, ))
results = l.search_s(LDAP_USER_BASE, ldap.SCOPE_SUBTREE, filter, ('uid', attr, ))
if len(results) > 0:
return results[0][1][attr][0]
else:
return None
glu = Gnome_ldap_utils(LDAP_GROUP_BASE, LDAP_HOST, LDAP_USER_BASE, 'cn=Directory Manager', ldap_password)
def gen_passwd(length=12, chars=string.letters + string.digits):
......@@ -76,10 +38,10 @@ def gen_passwd(length=12, chars=string.letters + string.digits):
def check_existing_password(userid):
accountsteam = _parse_members_from_group('accounts')
sysadminteam = _parse_members_from_group('sysadmin')
accountsteam = glu.get_group_from_ldap('accounts')
sysadminteam = glu.get_group_from_ldap('sysadmin')
if _get_attributes_from_ldap(userid, 'uid') == None:
if glu.get_attributes_from_ldap(userid, 'uid') == None:
print 'The specified UID does not exist, please get in contact with the GNOME Accounts Team to know more'
sys.exit(1)
......@@ -91,14 +53,12 @@ def check_existing_password(userid):
def update_password(userid):
getattr_name = _get_attributes_from_ldap(userid, 'cn')
getattr_mail = _get_attributes_from_ldap(userid, 'mail')
getattr_name = glu.get_attributes_from_ldap(userid, 'cn')
getattr_mail = glu.get_attributes_from_ldap(userid, 'mail')
newpassword = {'userPassword': gen_passwd()}
replace_password = [(ldap.MOD_REPLACE, 'userPassword', newpassword['userPassword'])]
l.modify_s('uid=%s,cn=users,cn=accounts,dc=gnome,dc=org' % userid, replace_password)
glu.replace_ldap_password(userid, newpassword['userPassword'])
send_password_to_user(getattr_name, getattr_mail, newpassword['userPassword'])
......@@ -129,4 +89,4 @@ the GNOME Accounts Team""" % (name, password)
print "ERROR: I wasn't able to send the email correctly, please check /var/log/maillog!"
my_userid = os.getenv('SUDO_USER')
check_existing_password(my_userid)
check_existing_password(my_userid)
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment