# -*- coding: utf-8 -*- import imp import ldap import sys import subprocess class Golem: PLUGIN_PATH="/usr/share/n4d/python-plugins/" def __init__(self): self.obj=imp.load_source("LdapManager",Golem.PLUGIN_PATH + "LdapManager.py") obj2=imp.load_source("KrbManager",Golem.PLUGIN_PATH + "KrbManager.py") obj3=imp.load_source("NetFilesManager",Golem.PLUGIN_PATH + "NetFilesManager.py") obj4=imp.load_source("PasswordManager",Golem.PLUGIN_PATH + "PasswordManager.py") obj5=imp.load_source("GesItaManager",Golem.PLUGIN_PATH + "GesItaManager.py") obj6=imp.load_source("FileOperations",Golem.PLUGIN_PATH + "FileOperations.py") obj7=imp.load_source("PeterPan",Golem.PLUGIN_PATH + "PeterPan.py") self.ldap=self.obj.LdapManager(llxvars) self.krb=obj2.KrbManager(llxvars) self.netfiles=obj3.NetFilesManager(llxvars) self.pw=obj4.PasswordManager() self.itaca=obj5.GesItaManager(llxvars,self,'llxgesc.xml') self.file_operations=obj6.FileOperations() self.peter_pan=obj7.PeterPan() self.try_count=0 self.sharefunctions = {} #def __init__ def test_uid(self,dic): for key in dic: print key + ":" + dic[key] return generate_uid("Ana Maria","Garcia Torres") #def test_uid def add_user(self,plantille,properties,generic_mode=False): print "Adding user " + properties["uid"] + " ..." generated_user=None properties["uid"]=properties["uid"].encode("utf8") properties["cn"]=properties["cn"].encode("utf8") properties["sn"]=properties["sn"].encode("utf8") if properties.has_key("userPassword"): print "!" print properties["userPassword"] properties["userPassword"]=properties["userPassword"].encode("utf8") print "hasta aqui bien" if type(generic_mode)==type(True): #es un booleano generated_user=self.ldap.add_user(generic_mode,plantille,properties) else: generated_user=self.ldap.add_user(False,plantille,properties) if type(generated_user) is dict: self.krb.add_principal(generated_user["uid"],generated_user["userPassword"]) homepath = self.netfiles.create_home(generated_user) if plantille=="Teachers" or plantille=="Others": self.pw.add_password(generated_user["uid"],generated_user["cn"],generated_user["sn"],generated_user["userPassword"]) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr',homepath],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/var/lib/n4d'],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem','add_user') return "true: " + generated_user["uid"] else: return generated_user #def add_user def add_generic_users(self,plantille,group_type,number,generic_name,pwd_generation_type,pwd=None): generated_list=self.ldap.add_generic_users(plantille,group_type,number,generic_name,pwd_generation_type,pwd) for item in generated_list: # # Item {uid:name,userPassword:password} # self.krb.add_principal(item["uid"],item["userPassword"]) homepath = self.netfiles.create_home(item) self.netfiles.join_to_group(item,group_type) print "password saving..." if plantille=="Teachers" or plantille=="Others": self.pw.add_password(item["uid"],item["cn"],item["sn"],item["userPassword"]) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr',homepath],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/var/lib/n4d'],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem',('add_generic_users'),{'group':group_type,'user':item}) return generated_list #def add_generic_users def add_admin(self,user_name): # existing system user try: uid=pwd.getpwnam(user_name).pw_uid properties={} properties["uid"]=user_name properties["cn"]=user_name properties["sn"]=user_name properties["userPassword"]=uid properties["uidNumber"]=os.environ["SUDO_UID"] self.ldap.add_user(False,"Admin",properties) return True except Exception as e: return [False,e.message] #def add_admin def login(self,user_info): uid,password=user_info dic={} p = subprocess.Popen(["groups",uid],stdout = subprocess.PIPE,stderr = subprocess.PIPE) output = p.communicate()[0] output=output.replace("\n","") dic["groups"]=output students="ou=Students,ou=People," + llxvars["LDAP_BASE_DN"] teachers="ou=Teachers,ou=People," + llxvars["LDAP_BASE_DN"] admins="ou=Admin,ou=People," + llxvars["LDAP_BASE_DN"] group_type="None" if output.find("students")!=-1: dic["path"]="uid=" + uid + "," + students group_type="students" if output.find("teachers")!=-1: dic["path"]="uid=" + uid + "," + teachers group_type="teachers" if output.find("admin")!=-1: dic["path"]="uid=" + uid + "," + admins group_type="admin" if output.find("admins")!=-1 and output.find("teachers")!=-1: dic["path"]="uid=" + uid + "," + teachers group_type="promoted-teacher" print dic["path"] try: tmp_ldap=ldap.initialize(llxvars["LDAP_URI"]+":"+llxvars["LDAP_REPLICATOR_PORT"]) tmp_ldap.set_option(ldap.VERSION,ldap.VERSION3) tmp_ldap.bind_s(dic["path"],password) return "true " + group_type except Exception as e: return e[0]["desc"] #def login def change_own_password(self,user_info,new_password): uid,password=user_info dic={} p = subprocess.Popen(["groups",uid],stdout = subprocess.PIPE,stderr = subprocess.PIPE) output = p.communicate()[0] output=output.replace("\n","") dic["groups"]=output students="ou=Students,ou=People," + llxvars["LDAP_BASE_DN"] teachers="ou=Teachers,ou=People," + llxvars["LDAP_BASE_DN"] admin="ou=Admin,ou=People," + llxvars["LDAP_BASE_DN"] others="ou=Other,ou=People," + llxvars["LDAP_BASE_DN"] if output.find("students")!=-1: path="uid=" + uid + "," + students elif output.find("teachers")!=-1: path="uid=" + uid + "," + teachers elif output.find("others")!=-1: path="uid=" + uid + "," + others elif output.find("admin")!=-1: path="uid=" + uid + "," + admin else: return "false" dic["path"]=path #dic["llxvars"]=llxvars try: tmp_ldap=ldap.initialize(llxvars["LDAP_URI"]+":"+llxvars["LDAP_REPLICATOR_PORT"]) dic["a"]="initialize" tmp_ldap.set_option(ldap.VERSION,ldap.VERSION3) dic["b"]="set_option" tmp_ldap.bind_s(path,password) dic["c"]="bind" self.ldap.change_password(path,new_password) dic["d"]="ldap password" self.krb.change_password(uid,new_password) dic["e"]="krb5 password" return "true" except Exception as inst: dic["exception"]=inst return "false" #def change_own_password def delete_student(self,uid,generic=None): user_info={} user_info["uid"]=uid user_info["profile"]="students" self.unfreeze_user(uid) group_list=self.ldap.get_groups(uid) for group in group_list: self.netfiles.drop_group(user_info,group) homepath = self.netfiles.delete_home(user_info) self.krb.delete_principal(uid) ret=self.ldap.delete_student(uid) if generic == None: if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr',homepath],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups'],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem','delete_student') return ret #def delete_student def delete_teacher(self,uid,generic=None): user_info={} user_info["uid"]=uid user_info["profile"]="teachers" self.unfreeze_user(uid) group_list=self.ldap.get_groups(uid) for group in group_list: self.netfiles.drop_group(user_info,group) homepath = self.netfiles.delete_home(user_info) self.krb.delete_principal(uid) self.pw.remove_password(uid) ret=self.ldap.delete_teacher(uid) if generic == None: if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr',homepath],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/var/lib/n4d'],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem','delete_teacher') return ret #def delete_teacher def delete_other(self,uid,generic=None): user_info={} user_info["uid"]=uid user_info["profile"]="others" self.unfreeze_user(uid) group_list=self.ldap.get_groups(uid) for group in group_list: self.netfiles.drop_group(user_info,group) homepath = self.netfiles.delete_home(user_info) self.krb.delete_principal(uid) self.pw.remove_password(uid) ret=self.ldap.delete_other(uid) if generic == None: if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr',homepath],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/var/lib/n4d'],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem','delete_other') return ret #def delete_other def delete_students(self): list=self.ldap.search_user("*") ret_list=[] for item in list: if item.properties["path"].find("ou=Students")!=-1: ret=self.delete_student(item.properties["uid"],True) ret_list.append(item.properties["uid"] +":"+ret) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/home/students'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups'],stdout=subprocess.PIPE) return ret_list #def delete_students def delete_teachers(self): list=self.ldap.search_user("*") ret_list=[] for item in list: if item.properties["path"].find("ou=Teachers")!=-1: ret=self.delete_teacher(item.properties["uid"],True) ret_list.append(item.properties["uid"] +":"+ret) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/home/teachers'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/var/lib/n4d'],stdout=subprocess.PIPE) return ret_list #def delete_students def delete_all(self): list=self.ldap.search_user("*") ok=True ret_list=[] for item in list: if item.properties["path"].find("ou=Teachers")!=-1: ret=self.delete_teacher(item.properties["uid"],True) ret_list.append(item.properties["uid"] +":"+ret) if item.properties["path"].find("ou=Students")!=-1: ret=self.delete_student(item.properties["uid"],True) ret_list.append(item.properties["uid"] +":"+ret) if item.properties["path"].find("ou=Other")!=-1: ret=self.delete_other(item.properties["uid"],True) ret_list.append(item.properties["uid"] +":"+ret) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/home/'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/var/lib/n4d'],stdout=subprocess.PIPE) return ret_list #def delete_students def get_students_function_list(self): return students_func_list def get_teachers_function_list(self): return teachers_func_list def get_admin_function_list(self): return admin_func_list def get_others_function_list(self): return others_func_list def get_student_list(self): list=self.ldap.search_students("*") return_list=[] for item in list: return_list.append(item.properties) return return_list def get_teacher_list(self): list=self.ldap.search_teachers("*") return_list=[] for item in list: return_list.append(item.properties) return return_list def get_user_list(self,filter): list=self.ldap.search_user(filter) #return self.ldap.light_search(filter) return_list=[] for item in list: return_list.append(item.properties) return return_list #def get_user_list def light_get_user_list(self): list=self.ldap.light_search() return list #def light_get_user_list def get_available_groups(self): return self.ldap.get_available_groups() #def get_available_groups def add_to_group(self,uid,group): result=self.ldap.add_to_group_type(group,uid) user_info={} user_info["uid"]=uid path=self.ldap.get_dn(uid) if path.find("ou=Students")!=-1: user_info["profile"]="students" if path.find("ou=Teachers")!=-1: user_info["profile"]="teachers" if path.find("ou=Other")!=-1: user_info["profile"]="others" self.netfiles.join_to_group(user_info,group) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups/'+group],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem',('add_to_group'),{'group':{'cn':group},'user':user_info}) #return must be "true" (string) return result #def add_to_group def remove_from_group(self,uid,group): result=self.ldap.del_user_from_group(uid,group) user_info={} user_info["uid"]=uid self.netfiles.drop_group(user_info,group) #return must be "true" (string) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups/'+group],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem',('remove_from_group'),{'group':{'cn':group},'user':user_info}) return result #def remove_from_group def change_student_personal_data(self,uid,name,surname): name=unicode(name).encode("utf8") surname=unicode(surname).encode("utf8") result=self.ldap.change_student_name(uid,name) print result result2=self.ldap.change_student_surname(uid,surname) print result2 if result==result2 and result=="true": return result else: return result + "," + result2 #def change_personal_data def change_password(self,path,password,uid="",cn="",sn=""): password=unicode(password).encode("utf8") result=self.ldap.change_password(path,password) #trying to obtain user uid list=path.split(",") uid=list[0].split("=")[1] self.krb.change_password(uid,password) #return=="true" if uid!="" and cn!="" and sn!="": self.pw.add_password(uid,cn,sn,password) return result #def change_student_password def change_student_password(self,uid,password): result=self.ldap.change_user_password(uid,password) self.krb.change_password(uid,password) #return=="true" return result #def change_student_password def freeze_user(self,uid): userlist = [] userlist.append(uid) self.ldap.freeze_user(userlist) return 0 #def freeze_user def freeze_group(self,cn): self.ldap.freeze_group(cn) return 0 #def freeze_group def unfreeze_user(self,uid): userlist = [] userlist.append(uid) self.ldap.unfreeze_user(userlist) return 0 #def unfreeze_user def unfreeze_group(self,cn): self.ldap.unfreeze_group(cn) return 0 #def unfreeze_group def add_teacher_to_admins(self,uid): result=self.ldap.add_teacher_to_admins(uid) return result #def add_teacher_to_admins def del_teacher_from_admins(self,uid): result=self.ldap.del_teacher_from_admins(uid) return result #def de_teacher_from_admins def change_group_description(self,gid,description): description=unicode(description).encode("utf8") result=self.ldap.change_group_description(gid,description) return result #def change_group_description def delete_group(self,gid): self.unfreeze_group(gid) result=self.ldap.delete_group(gid) self.netfiles.delete_group(gid) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups/'],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem',('delete_group'),{'group':{'cn':gid}}) return result #def delete_group def add_group(self,properties): properties["description"]=unicode(properties["description"]).encode("utf8") result=self.ldap.add_group(properties) self.netfiles.create_group(properties["cn"]) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups/'],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem',('add_group'),{'group':properties}) return result #def add_group def get_students_passwords(self): list = self.ldap.get_students_passwords() return self.quicksort(list) #def get_students_passwords def get_teachers_passwords(self): return self.quicksort(self.pw.get_passwords()) #def get_teachers_passwords def get_all_passwords(self): list=self.ldap.get_students_passwords() list2=self.pw.get_passwords() for item in list2: list.append(item) return self.quicksort(list) #def get_all_passwords def quicksort (self,lista): self.sort_quicksort(lista,0,len(lista)-1) return lista #def quicksort def sort_quicksort (self,lista,izdo,dcho) : if izdopivote['sn'].lower() : d-=1 if i<=d : lista[i],lista[d]=lista[d],lista[i] i+=1 d-=1 if izdo 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/home'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/var/lib/n4d'],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem',('gescen_partial'),{}) return 'true' #def gescen_partial def gescen_full(self): self.sharefunctions['generate_uid'] = generate_uid ret=self.itaca.full_import() if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/home'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/groups'],stdout=subprocess.PIPE) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/var/lib/n4d'],stdout=subprocess.PIPE) self.peter_pan.execute_python_dir('/usr/share/n4d/hooks/golem',('gescen_full'),{}) return ret #def gescen_full def empty_students(self,generic=None): list=self.ldap.search_user("*") ret_list=[] for item in list: if item.properties["path"].find("ou=Students")!=-1: ret=self.empty_home(item.properties) ret_list.append(item.properties["uid"] +":"+ret) if generic == None: if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/home/students'],stdout=subprocess.PIPE) return ret_list #def empty_students def empty_teachers(self,generic=None): list=self.ldap.search_user("*") ret_list=[] for item in list: if item.properties["path"].find("ou=Teachers")!=-1: ret=self.empty_home(item.properties) ret_list.append(item.properties["uid"] +":"+ret) if generic == None: if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/home/teachers'],stdout=subprocess.PIPE) return ret_list #def empty_teachers def empty_others(self,generic=None): list=self.ldap.search_user("*") ret_list=[] for item in list: if item.properties["path"].find("ou=Other")!=-1: ret=self.empty_home(item.properties) ret_list.append(item.properties["uid"] +":"+ret) if generic == None: if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/home/others'],stdout=subprocess.PIPE) return ret_list #def empty_others def empty_all(self): ret_list=[] ret_list.extend(self.empty_students(True)) ret_list.extend(self.empty_teachers(True)) ret_list.extend(self.empty_others(True)) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr','/net/home'],stdout=subprocess.PIPE) return ret_list #def empty_all def empty_home(self,user_info): try: self.netfiles.delete_home(user_info) self.netfiles.create_home(user_info) if int(llxvars['SRV_HOST_ID']) > 0 and int(llxvars['SRV_HOST_ID']) <= 254: nethome = os.path.join(self.nethome_path,user_info["profile"],user_info["uid"]) subprocess.Popen(['csync2','-C',llxvars['CAP_ZERO_CAPNAME']+'data','-xr',nethome],stdout=subprocess.PIPE) return "true" except: return "false" #def empty_home def get_frozen_users(self): return self.ldap.get_frozen_users() #def get_frozen_users def get_frozen_groups(self): return self.ldap.get_frozen_groups() #def get_frozen_groups #class Golem if __name__=="__main__": golem=Golem() #golem.add_user("Students","raulito","Raul","Rodrigo Segura","pikachu") #golem.add_generic_users("Students","hectorgroup",3,"golem",golem.ldap.PASS_EQUALS_USER) golem.delete_student("golem24")