parent
169141c918
commit
b27688a008
@ -0,0 +1,49 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
# Copyright 2016 Mir Calculate. http://www.calculate-linux.org
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
import sys
|
||||||
|
from calculate.lib.cl_template import TemplateFormat
|
||||||
|
from calculate.lib.cl_ldap import LDIFAdd, LDIFError
|
||||||
|
|
||||||
|
from calculate.lib.cl_lang import setLocalTranslate
|
||||||
|
|
||||||
|
_ = lambda x: x
|
||||||
|
setLocalTranslate('cl_ldap3', sys.modules[__name__])
|
||||||
|
|
||||||
|
|
||||||
|
class ldif(TemplateFormat):
|
||||||
|
"""
|
||||||
|
LDIF формат (применяется для изменения базы данных LDAP)
|
||||||
|
"""
|
||||||
|
text = ""
|
||||||
|
|
||||||
|
def __init__(self, text):
|
||||||
|
self.text = text
|
||||||
|
|
||||||
|
def textToXML(self):
|
||||||
|
return self.text
|
||||||
|
|
||||||
|
def processingFile(self, textConfigFile, rootPath=None):
|
||||||
|
"""Обработка конфигурационного файла"""
|
||||||
|
ldap_connect = self.objVar.Get('ldap.cl_ldap_connect')
|
||||||
|
#print self.text
|
||||||
|
try:
|
||||||
|
LDIFAdd(self.text, ldap_connect.conLdap).parse()
|
||||||
|
except LDIFError as e:
|
||||||
|
self.setError("LDIF: %s" % str(e))
|
||||||
|
#except ValueError as e:
|
||||||
|
# self.setError("LDIF: %s" % str(e))
|
||||||
|
return ""
|
@ -0,0 +1,60 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
# Copyright 2016 Mir Calculate. http://www.calculate-linux.org
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
import sys
|
||||||
|
import hashlib
|
||||||
|
import base64
|
||||||
|
from calculate.lib.utils.common import genpassword
|
||||||
|
|
||||||
|
_ = lambda x: x
|
||||||
|
from calculate.lib.cl_lang import (setLocalTranslate, getLazyLocalTranslate)
|
||||||
|
|
||||||
|
setLocalTranslate('cl_ldap3', sys.modules[__name__])
|
||||||
|
__ = getLazyLocalTranslate(_)
|
||||||
|
|
||||||
|
ALL_BYTE_VALUES = "".join(chr(x) for x in xrange(256))
|
||||||
|
|
||||||
|
|
||||||
|
class SlapPasswd(object):
|
||||||
|
"""
|
||||||
|
Получить хэш из пароля
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self, hashtype):
|
||||||
|
self._hash = hashtype
|
||||||
|
|
||||||
|
def _default(self, secret):
|
||||||
|
pass
|
||||||
|
|
||||||
|
def _generate_salt(self, salt_len=4, salt_chars=ALL_BYTE_VALUES):
|
||||||
|
return genpassword(salt_len, salt_chars)
|
||||||
|
|
||||||
|
def _sha1_base64(self, secret):
|
||||||
|
return base64.b64encode(hashlib.sha1(secret).digest())
|
||||||
|
|
||||||
|
def _salted_sha1_base64(self, secret):
|
||||||
|
salt = self._generate_salt()
|
||||||
|
return base64.b64encode("%s%s" % (
|
||||||
|
hashlib.sha1("%s%s" % (secret, salt)).digest(), salt))
|
||||||
|
|
||||||
|
def get_hash(self, secret):
|
||||||
|
return "%s%s" % (
|
||||||
|
self._hash,
|
||||||
|
{
|
||||||
|
'{SHA}': self._sha1_base64,
|
||||||
|
'{SSHA}': self._salted_sha1_base64
|
||||||
|
}.get(self._hash, self._default)(secret))
|
||||||
|
|
@ -0,0 +1,139 @@
|
|||||||
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
|
# Copyright 2016 Mir Calculate. http://www.calculate-linux.org
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
import sys
|
||||||
|
from calculate.lib.datavars import (ReadonlyVariable, Variable,
|
||||||
|
VariableInterface, VariableError)
|
||||||
|
from calculate.lib.utils.common import genpassword
|
||||||
|
from calculate.ldap.tools import SlapPasswd
|
||||||
|
from calculate.lib.utils.tools import repeater
|
||||||
|
from calculate.lib.cl_ldap import LDAPConnect, LDAPConnectError, ldap
|
||||||
|
from calculate.lib.configparser import (ConfigParserLocked,
|
||||||
|
Error as ConfigParserError)
|
||||||
|
|
||||||
|
_ = lambda x: x
|
||||||
|
from calculate.lib.cl_lang import (setLocalTranslate, getLazyLocalTranslate)
|
||||||
|
|
||||||
|
setLocalTranslate('cl_ldap3', sys.modules[__name__])
|
||||||
|
__ = getLazyLocalTranslate(_)
|
||||||
|
|
||||||
|
|
||||||
|
class ServerEnvHelper(VariableInterface):
|
||||||
|
"""
|
||||||
|
Получение значений из env файла или fallback
|
||||||
|
"""
|
||||||
|
fallback_variable = ""
|
||||||
|
fallback_value = ""
|
||||||
|
service = ""
|
||||||
|
parameter = ""
|
||||||
|
|
||||||
|
def get(self):
|
||||||
|
cp_path = self.Get('server.cl_server_env_path')
|
||||||
|
cp = ConfigParserLocked(cp_path)
|
||||||
|
try:
|
||||||
|
with cp.lock_read() as cp:
|
||||||
|
value = cp.get(self.service, self.parameter,
|
||||||
|
fallback=None)
|
||||||
|
if value is None:
|
||||||
|
if self.fallback_variable:
|
||||||
|
return self.Get(self.fallback_variable)
|
||||||
|
else:
|
||||||
|
return self.fallback_value
|
||||||
|
else:
|
||||||
|
return value.encode('utf-8')
|
||||||
|
except ConfigParserError:
|
||||||
|
raise VariableError(_("Failed to remove server parameters"))
|
||||||
|
|
||||||
|
|
||||||
|
class LdapMaxHelper(VariableInterface):
|
||||||
|
"""
|
||||||
|
Получение максимального значение из среди атрибутов
|
||||||
|
"""
|
||||||
|
type = "int"
|
||||||
|
base_dn = ""
|
||||||
|
search_filter = ""
|
||||||
|
attr = ""
|
||||||
|
|
||||||
|
def get_max(self):
|
||||||
|
ldap_connect = self.Get('ldap.cl_ldap_connect')
|
||||||
|
if ldap_connect:
|
||||||
|
base_dn = self._value_formatter.format(self.base_dn, self.Get)
|
||||||
|
try:
|
||||||
|
return max(int(x) for x in ldap_connect.ldap_simple_search(
|
||||||
|
base_dn, self.search_filter, self.attr) if x.isdigit())
|
||||||
|
# max(empty_list)
|
||||||
|
except ValueError:
|
||||||
|
return None
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
|
||||||
|
def get(self):
|
||||||
|
return str(self.get_max() or "")
|
||||||
|
|
||||||
|
|
||||||
|
class LdapSearchHelper(VariableInterface):
|
||||||
|
"""
|
||||||
|
Проверка свободен ли указанный идентификатор
|
||||||
|
"""
|
||||||
|
base_dn = ""
|
||||||
|
search_filter = "uid={value}"
|
||||||
|
|
||||||
|
def value_get(self, value):
|
||||||
|
def get_wrapper(val):
|
||||||
|
if val == "value":
|
||||||
|
return value
|
||||||
|
else:
|
||||||
|
return self.Get(val)
|
||||||
|
|
||||||
|
return get_wrapper
|
||||||
|
|
||||||
|
def check_name(self, value):
|
||||||
|
ldap_connect = self.Get('ldap.cl_ldap_connect')
|
||||||
|
if ldap_connect:
|
||||||
|
base_dn = self._value_formatter.format(self.base_dn,
|
||||||
|
self.value_get(value))
|
||||||
|
search_filter = self._value_formatter.format(self.search_filter,
|
||||||
|
self.value_get(value))
|
||||||
|
print "DEBUG Search:", base_dn, search_filter
|
||||||
|
return any(ldap_connect.ldap_search(
|
||||||
|
base_dn, ldap.SCOPE_ONELEVEL, search_filter))
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
|
||||||
|
|
||||||
|
class HashHelper(VariableInterface):
|
||||||
|
"""
|
||||||
|
Хэш пароля для LDAP
|
||||||
|
"""
|
||||||
|
source = ""
|
||||||
|
hash_var = "ldap.ld_encrypt"
|
||||||
|
|
||||||
|
def get(self):
|
||||||
|
value = self.Get(self.source)
|
||||||
|
if value:
|
||||||
|
return SlapPasswd(self.Get(self.hash_var)).get_hash(value)
|
||||||
|
else:
|
||||||
|
return "crypt{xxx}"
|
||||||
|
|
||||||
|
|
||||||
|
class RandomPasswordHelper(VariableInterface):
|
||||||
|
"""
|
||||||
|
Генератор пароля
|
||||||
|
"""
|
||||||
|
password_len = 9
|
||||||
|
|
||||||
|
def get(self):
|
||||||
|
return genpassword(self.password_len).strip()
|
Loading…
Reference in new issue