Browse Source

Добавлена перегенарация пароля и удаление сервиса

tags/3.5.0_alpha1
parent
commit
e978ae4196
9 changed files with 133 additions and 92 deletions
  1. +8
    -3
      pym/unix/unix.py
  2. +1
    -1
      pym/unix/utils/cl_unix_groupadd.py
  3. +40
    -10
      pym/unix/utils/cl_unix_setup.py
  4. +1
    -1
      pym/unix/utils/cl_unix_useradd.py
  5. +0
    -8
      pym/unix/utils/cl_unix_usermod.py
  6. +3
    -0
      pym/unix/variables/action.py
  7. +39
    -24
      pym/unix/variables/unix.py
  8. +0
    -1
      pym/unix/variables/users.py
  9. +41
    -44
      pym/unix/wsdl_unix.py

+ 8
- 3
pym/unix/unix.py View File

@@ -278,7 +278,8 @@ class UnixUsers(object):
user['loginShell'][0],
self.flag_to_visible(user['shadowFlag'][0]),
self.flag_to_lock(user['shadowExpire'][0]),
self.has_password(user['userPassword'][0]),
self.has_password(user['userPassword'][0])
if 'userPassword' in user else None,
)

def search_ldap_user(self, search_filter):
@@ -554,7 +555,8 @@ class Unix(Ldap):
login=user, groups=", ".join(groups)))
return True

def modify_user(self, login, pw, pw_delete, gid, shell, visible, lock, comment):
def modify_user(self, login, pw, pw_delete, gid, shell, visible, lock,
comment):
""""
Изменить параметры пользователя в LDAP
"""
@@ -759,7 +761,10 @@ class Unix(Ldap):
groups_dn = self.clVars.Get('ld_unix_groups_dn')
ug = UnixGroups(ldap_connect, groups_dn)

yesno = lambda x: _("Yes") if x else _("No")
yesno_map = {True: _("Yes"),
False: _("No"),
None: _("Unavailable")}
yesno = lambda x: yesno_map.get(x, _("Failed value"))

filters = (self.clVars.getInfo(x)
for x in ('cl_unix_user_filter_login',


+ 1
- 1
pym/unix/utils/cl_unix_groupadd.py View File

@@ -58,7 +58,7 @@ class ClUnixGroupaddAction(Action):
# список задач для действия
tasks = [
{'name': 'apply_ldif',
'tasks': meta_tasks.ldif_task("unix.ld_unix_dn,unix.ld_unix_pw",
'tasks': meta_tasks.ldif_task("unix.ld_unix_bind_dn,unix.ld_unix_pw",
Actions.Setup)
},
]

+ 40
- 10
pym/unix/utils/cl_unix_setup.py View File

@@ -46,7 +46,7 @@ class ClUnixSetupAction(Action):
UnixError,
LdapError)

successMessage = __("Unix server configured!")
successMessage = None
failedMessage = __("Failed to configure Unix server!")
interruptMessage = __("Unix server configuration manually interrupted")

@@ -70,34 +70,64 @@ class ClUnixSetupAction(Action):
'method': 'Unix.set_ldap_connection('
'ldap.ld_admin_dn,ldap.ld_admin_pw)',
},
{'name': 'remove_old_db',
{'name': 'remove_service',
'condition': lambda Get: (Get('cl_unix_remove_set') == 'on' or
Get('server.sr_unix_set') != 'on')
},
{'name': 'remove_only',
'message': _("Removing Unix service"),
'condition': lambda Get: (Get('cl_unix_remove_set') == 'on' and
Get('server.sr_unix_set') == 'on')
},
{'name': 'setup_service',
'condition': lambda Get: Get('server.sr_unix_set') != 'on'
},
{'name': 'remove_service:remove_old_db',
'method': 'Unix.remove_ldap_branch(ld_unix_dn)',
'condition': lambda Get: Get('server.sr_unix_set') == 'on'
},
{'name': 'uninstall',
{'name': 'remove_service:uninstall',
'tasks': uninstall_tasks,
'condition': lambda Get: Get('server.sr_unix_set') == 'on'
},
{'name': 'apply_ldif',
{'name': 'setup_service:apply_ldif',
'tasks': meta_tasks.ldif_task("ldap.ld_admin_dn,ldap.ld_admin_pw",
Actions.Setup)
},
{'name': 'set_unix',
{'name': 'setup_service:set_unix',
'method': 'Server.service_install("unix")'
},
{'name': 'generate_password',
'message': _("Create new Unix service password"),
'method': 'Unix.generate_password(ld_unix_bind_dn,'
'ld_unix_hash,"Unix")',
'condition': lambda Get: Get('cl_unix_pw_generate_set') == 'on'
},
{'name': 'templates',
'message': __("Configure LDAP"),
'message': __("Configure system"),
'method': 'Server.applyTemplates(install.cl_source,'
'False,True,None,True,True)',
},
{'name': 'save_creds',
'method': 'Server.save_service_data("unix",ld_unix_dn,ld_unix_pw)'
},
{'name': 'restart_slapd',
'message': __("Restarting LDAP service"),
'method': 'Server.restart_service("%s")' % Ldap.Service.LDAP,
},
#{'name': 'save_data',
{'name': 'save_creds',
'method': 'Server.save_service_data("unix",'
'ld_unix_bind_dn,ld_unix_pw)',
'condition': lambda Get: Get('cl_unix_remove_set') != 'on'
},
{'name': 'success',
'message': __("Unix server configured!"),
'condition': lambda Get: Get('cl_unix_remove_set') != 'on',
'depend': (Tasks.success() & Tasks.hasnot("failed"))
},
{'name': 'success',
'message': __("Unix server removed!"),
'condition': lambda Get: Get('cl_unix_remove_set') == 'on',
'depend': (Tasks.success() & Tasks.hasnot("failed"))
}
# {'name': 'save_data',
# 'method': 'Unix.save_variables()'
# }
]


+ 1
- 1
pym/unix/utils/cl_unix_useradd.py View File

@@ -58,7 +58,7 @@ class ClUnixUseraddAction(Action):
# список задач для действия
tasks = [
{'name': 'apply_ldif',
'tasks': meta_tasks.ldif_task("unix.ld_unix_dn,unix.ld_unix_pw",
'tasks': meta_tasks.ldif_task("unix.ld_unix_bind_dn,unix.ld_unix_pw",
Actions.Setup)
},
{'name': "info",


+ 0
- 8
pym/unix/utils/cl_unix_usermod.py View File

@@ -78,12 +78,4 @@ class ClUnixUsermodAction(Action):
'unix.ur_unix_home_path)',
'condition': lambda Get: Get('unix.ur_unix_home_path_move') == 'on'
},
# {'name': 'apply_ldif',
# 'tasks': meta_tasks.ldif_task("unix.ld_unix_dn,unix.ld_unix_pw",
# Actions.Setup)
# },
# {'name': 'user_groups',
# 'method': 'Unix.add_user_in_groups(ur_unix_login,ur_unix_groups)',
# 'condition': lambda Get: Get('ur_unix_groups')
# },
]

+ 3
- 0
pym/unix/variables/action.py View File

@@ -38,4 +38,7 @@ class VariableClUnixAction(UnixGroupHelper, UnixUserHelper, Variable):
raise VariableError(_("Unix service has not users"))
if value in Actions.GroupExists and not self.ldap_group_list():
raise VariableError(_("Unix service has not groups"))
# проверить соединение с ldap
if value != Actions.Setup:
self.Get('ldap.cl_ldap_connect')


+ 39
- 24
pym/unix/variables/unix.py View File

@@ -15,7 +15,8 @@
# limitations under the License.

import sys
from calculate.lib.datavars import (ReadonlyVariable, Variable)
from calculate.lib.datavars import (ReadonlyVariable, Variable,
VariableError)
from calculate.ldap.variables.helpers import (HashHelper, RandomPasswordHelper,
ServerEnvHelper)

@@ -32,22 +33,23 @@ class VariableLdUnixLogin(ReadonlyVariable):
"""
value = "Unix"


# class VariableLdUnixDn(ServerEnvHelper, ReadonlyVariable):
# """
# DN настроенного сервиса
# """
# fallback_variable = "unix.ld_unix_dn"
# service = "unix"
# parameter = "dn"


class VariableLdUnixDn(ReadonlyVariable):
"""
DN сервиса
"""
value_format = "ou={ld_unix_login},{ldap.ld_services_dn}"

class VariableLdUnixBindDn(ServerEnvHelper, Variable):
"""
Пароль root
"""
service = "unix"
parameter = "DN"

@property
def fallback_value(self):
return self.Get('ld_unix_dn')


class VariableLdUnixUsersDn(ReadonlyVariable):
"""
@@ -80,30 +82,43 @@ class VariableLdUnixPw(ServerEnvHelper, RandomPasswordHelper, Variable):

@property
def fallback_value(self):
#return "test22"
return RandomPasswordHelper.get(self)

#def get(self):
# if self.Get('ld_unix_pw_generate_set') == 'on':
# return "test22"
# return RandomPasswordHelper.get(self)
# else:
# super(VariableLdUnixPw, self).get()
def get(self):
if self.Get('cl_unix_pw_generate_set') == 'on':
return RandomPasswordHelper.get(self)
else:
return super(VariableLdUnixPw, self).get()

class VariableLdUnixPwGenerateSet(Variable):
class VariableClUnixPwGenerateSet(Variable):
"""
Перегенерировать пароль или нет
"""
type = "bool"

opt = ("-g", "--gen-password")
value = "off"

def init(self):
self.label = _("Generate new service password")
self.help = _("generate new service password")

def get(self):
if self.Get('server.sr_unix_set') == 'on':
return "off"
else:
return "on"

class VariableClUnixRemoveSet(Variable):
"""
Удалить сервис Unix
"""
type = "bool"
guitype = "hidden"

opt = ("-r", "--remove")
value = "off"

def init(self):
self.label = _("Remove service")
self.help = _("remove service")

def check(self, value):
if self.Get('server.sr_unix_set') != 'on':
raise VariableError(_("Unix service is not setup"))


+ 0
- 1
pym/unix/variables/users.py View File

@@ -469,7 +469,6 @@ class VariableUrUnixPw(Variable):
delete_pw = self.GetBool('ur_unix_pw_delete_set')
change_lock = (self.GetBool('ur_unix_lock_set') !=
self.GetBool('ur_unix_lock_exists_set'))
print delete_pw, change_lock, self.GetBool('ur_unix_lock_set')
if (self.Get('cl_unix_action') == Actions.Passwd and
not delete_pw and not change_lock and not value):
raise PasswordError(_("Specify user password"))


+ 41
- 44
pym/unix/wsdl_unix.py View File

@@ -18,7 +18,7 @@ import sys

from calculate.lib.datavars import VariableError, DataVarsError

from calculate.core.server.func import WsdlBase
from calculate.core.server.func import WsdlBase, CustomButton
from .unix import Unix, UnixError
from calculate.ldap.ldap import LdapError
from calculate.unix.variables.action import Actions
@@ -88,15 +88,17 @@ class Wsdl(WsdlBase):
'server.sr_ldap_set',
'server.sr_unix_set',
),
expert=('ld_unix_pw_generate_set',
expert=('cl_unix_pw_generate_set',
'cl_unix_remove_set',
'cl_verbose_set',),
hide=(),
custom_buttons=[
('but0', _("Remove"),
Unix.Method.Setup,
"button", None,
lambda Get: Get('server.sr_unix_set') == 'on'),
('but1', None, _("Next"), "button_next"),
CustomButton.run_method(
Unix.Method.Setup, "but0", _("Remove"),
CustomButton.Behavior.setvalue(
'cl_unix_remove_set', 'on'),
lambda Get: Get('server.sr_unix_set') == 'on'),
CustomButton.next_button("but1")
]
),
],
@@ -134,7 +136,7 @@ class Wsdl(WsdlBase):
'server.cl_server_name': Unix.service_name,
'cl_unix_action': Actions.UserAdd,
'cl_autoupdate_set': 'on',
'ldap.cl_ldap_bind_dn!': '{ld_unix_dn}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_bind_dn}',
'ldap.cl_ldap_bind_pw!': '{ld_unix_pw}',
# 'cl_dispatch_conf_default': "usenew"
},
@@ -193,7 +195,7 @@ class Wsdl(WsdlBase):
'server.cl_server_name': Unix.service_name,
'cl_unix_action': Actions.GroupAdd,
'cl_autoupdate_set': 'on',
'ldap.cl_ldap_bind_dn!': '{ld_unix_dn}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_bind_dn}',
'ldap.cl_ldap_bind_pw!': '{ld_unix_pw}',
# 'cl_dispatch_conf_default': "usenew"
},
@@ -244,7 +246,7 @@ class Wsdl(WsdlBase):
'server.cl_server_name': Unix.service_name,
'cl_unix_action': Actions.GroupMod,
'cl_autoupdate_set': 'on',
'ldap.cl_ldap_bind_dn!': '{ld_unix_dn}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_bind_dn}',
'ldap.cl_ldap_bind_pw!': '{ld_unix_pw}',
# 'cl_dispatch_conf_default': "usenew"
},
@@ -266,14 +268,15 @@ class Wsdl(WsdlBase):
'ur_unix_group_users_del',
),
custom_buttons=[
('but0', _("Back"),
Unix.Method.GroupShow,
"button"),
('but1', _("Delete"),
Unix.Method.GroupDel,
"button",),
('but2', _("Modify"),
Unix.Method.GroupMod, "button"),
CustomButton.run_method(
Unix.Method.GroupShow, 'but0', _("Back")),
CustomButton.run_method(
Unix.Method.GroupDel, 'but1', _("Delete"),
CustomButton.Behavior.linkerror(
source='ur_unix_group_name_exists',
target='ur_unix_group_newname')),
CustomButton.run_method(
Unix.Method.GroupMod, 'but2', _("Modify")),
]
),
],
@@ -320,7 +323,7 @@ class Wsdl(WsdlBase):
'server.cl_server_name': Unix.service_name,
'cl_unix_action': Actions.GroupDel,
'cl_autoupdate_set': 'on',
'ldap.cl_ldap_bind_dn!': '{ld_unix_dn}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_bind_dn}',
'ldap.cl_ldap_bind_pw!': '{ld_unix_pw}',
# 'cl_dispatch_conf_default': "usenew"
},
@@ -367,7 +370,7 @@ class Wsdl(WsdlBase):
'server.cl_server_name': Unix.service_name,
'cl_unix_action': Actions.UserMod,
'cl_autoupdate_set': 'on',
'ldap.cl_ldap_bind_dn!': '{ld_unix_dn}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_bind_dn}',
'ldap.cl_ldap_bind_pw!': '{ld_unix_pw}',
# 'cl_dispatch_conf_default': "usenew"
},
@@ -393,14 +396,12 @@ class Wsdl(WsdlBase):
'ur_unix_pw_delete_set',
),
custom_buttons=[
('but0', _("Back"),
Unix.Method.UserShow,
"button"),
('but1', _("Delete"),
Unix.Method.UserDel,
"button",),
('but2', _("Modify"),
Unix.Method.UserMod, "button"),
CustomButton.run_method(Unix.Method.UserShow,
'but0', _("Back")),
CustomButton.run_method(Unix.Method.UserDel,
'but1', _("Delete")),
CustomButton.run_method(Unix.Method.UserMod,
'but2', _("Modify"))
],
next_label=_("Perform")
),
@@ -452,7 +453,7 @@ class Wsdl(WsdlBase):
'server.cl_server_name': Unix.service_name,
'cl_unix_action': Actions.UserDel,
'cl_autoupdate_set': 'on',
'ldap.cl_ldap_bind_dn!': '{ld_unix_dn}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_bind_dn}',
'ldap.cl_ldap_bind_pw!': '{ld_unix_pw}',
# 'cl_dispatch_conf_default': "usenew"
},
@@ -499,7 +500,7 @@ class Wsdl(WsdlBase):
'server.cl_server_name': Unix.service_name,
'cl_unix_action': Actions.Passwd,
'cl_autoupdate_set': 'on',
'ldap.cl_ldap_bind_dn!': '{ld_unix_dn}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_bind_dn}',
'ldap.cl_ldap_bind_pw!': '{ld_unix_pw}',
# 'cl_dispatch_conf_default': "usenew"
},
@@ -552,7 +553,7 @@ class Wsdl(WsdlBase):
'cl_unix_action': Actions.GroupShow,
'cl_autoupdate_set': 'on',
'core.cl_page_max!': '{ur_unix_group_count}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_dn}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_bind_dn}',
'ldap.cl_ldap_bind_pw!': '{ld_unix_pw}',
# 'cl_dispatch_conf_default': "usenew"
},
@@ -574,12 +575,10 @@ class Wsdl(WsdlBase):
'cl_unix_group_fields',
),
custom_buttons=[
('but0', _("Add Group"),
Unix.Method.GroupAdd,
"button_view"),
('but1', _("Show"),
Unix.Method.GroupShow,
"button"),
CustomButton.open_method(Unix.Method.GroupAdd,
'but0', _("Add Group")),
CustomButton.run_method(Unix.Method.GroupShow,
'but1', _("Show"))
]
),
],
@@ -618,7 +617,7 @@ class Wsdl(WsdlBase):
'cl_unix_action': Actions.UserShow,
'cl_autoupdate_set': 'on',
'core.cl_page_max!': '{ur_unix_user_count}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_dn}',
'ldap.cl_ldap_bind_dn!': '{ld_unix_bind_dn}',
'ldap.cl_ldap_bind_pw!': '{ld_unix_pw}',
# 'cl_dispatch_conf_default': "usenew"
},
@@ -646,12 +645,10 @@ class Wsdl(WsdlBase):
'cl_unix_user_fields',
),
custom_buttons=[
('but0', _("Add User"),
Unix.Method.UserAdd,
"button_view"),
('but1', _("Show"),
Unix.Method.UserShow,
"button"),
CustomButton.open_method(Unix.Method.UserAdd,
'but0', _("Add User")),
CustomButton.run_method(Unix.Method.UserShow,
'but1', _("Show")),
]
),
],


Loading…
Cancel
Save