Differential D188 Diff 413 pykolab/auth/ldap/__init__.py

Changeset View

Standalone View

pykolab/auth/ldap/init.py

Show First 20 Lines • Show All 110 Lines • ▼ Show 20 Lines	class LDAP(pykolab.base.Base):
def __init__(self, domain=None):		def __init__(self, domain=None):
"""		"""
Initialize the LDAP object for domain. If no domain is specified,		Initialize the LDAP object for domain. If no domain is specified,
domain name space configured as 'kolab'.'primary_domain' is used.		domain name space configured as 'kolab'.'primary_domain' is used.
"""		"""
pykolab.base.Base.__init__(self, domain=domain)		pykolab.base.Base.__init__(self, domain=domain)

self.ldap = None		self.ldap = None
		self.ldap_priv = None
self.bind = None		self.bind = None

if domain == None:		if domain == None:
self.domain = conf.get('kolab', 'primary_domain')		self.domain = conf.get('kolab', 'primary_domain')
else:		else:
self.domain = domain		self.domain = domain

def authenticate(self, login, realm):		def authenticate(self, login, realm):
▲ Show 20 Lines • Show All 137 Lines • ▼ Show 20 Lines	def authenticate(self, login, realm):
auth_cache.del_entry(_filter)		auth_cache.del_entry(_filter)
except:		except:
log.error(_("Authentication cache failed to clear entry"))		log.error(_("Authentication cache failed to clear entry"))
pass		pass

return self.authenticate(login, realm)		return self.authenticate(login, realm)

except Exception, errmsg:		except Exception, errmsg:
log.debug(_("Exception occured: %r") %(errmsg))		log.debug(_("Exception occured: %r") %(errmsg))
		Lint: PEP8 E225 Inline Actions missing whitespace around operator Lint: PEP8 E225: missing whitespace around operator
try:		try:
log.debug(		log.debug(
_("Failed to authenticate as user %s") % (login[0]),		_("Failed to authenticate as user %s") % (login[0]),
level=8		level=8
)		)
except:		except:
pass		pass

retval = False		retval = False

return retval		return retval

def connect(self):		def connect(self, priv=None):
"""		"""
Connect to the LDAP server through the uri configured.		Connect to the LDAP server through the uri configured.
"""		"""
if not self.ldap == None:		if priv is None and self.ldap is not None:
		return
		if priv is not None and self.ldap_priv is not None:
return		return

log.debug(_("Connecting to LDAP..."), level=8)		log.debug(_("Connecting to LDAP..."), level=8)

uri = self.config_get('ldap_uri')		uri = self.config_get('ldap_uri')

log.debug(_("Attempting to use LDAP URI %s") % (uri), level=8)		log.debug(_("Attempting to use LDAP URI %s") % (uri), level=8)

trace_level = 0		trace_level = 0

if conf.debuglevel > 8:		if conf.debuglevel > 8:
trace_level = 1		trace_level = 1

self.ldap = ldap.ldapobject.ReconnectLDAPObject(		conn = ldap.ldapobject.ReconnectLDAPObject(
uri,		uri,
trace_level=trace_level,		trace_level=trace_level,
retry_max=200,		retry_max=200,
retry_delay=3.0		retry_delay=3.0
)		)

self.ldap.protocol_version = 3		conn.protocol_version = 3
self.ldap.supported_controls = []		conn.supported_controls = []

		if priv is None:
		self.ldap = conn
		else:
		self.ldap_priv = conn

def entry_dn(self, entry_id):		def entry_dn(self, entry_id):
"""		"""
Get a entry's distinguished name for an entry ID.		Get a entry's distinguished name for an entry ID.

The entry ID may be any of:		The entry ID may be any of:

- an entry's value for the configured unique_attribute,		- an entry's value for the configured unique_attribute,
▲ Show 20 Lines • Show All 128 Lines • ▼ Show 20 Lines	def list_delegators(self, entry_id):
delegators = []		delegators = []

mailbox_attribute = conf.get('cyrus-sasl', 'result_attribute')		mailbox_attribute = conf.get('cyrus-sasl', 'result_attribute')
if mailbox_attribute == None:		if mailbox_attribute == None:
mailbox_attribute = 'mail'		mailbox_attribute = 'mail'

for __delegator in self.search_entry_by_attribute('kolabDelegate', entry_id):		for __delegator in self.search_entry_by_attribute('kolabDelegate', entry_id):
(_dn, _delegator) = __delegator		(_dn, _delegator) = __delegator
_delegator['dn'] = _dn;		_delegator['dn'] = _dn;
		Lint: PEP8 E703 Inline Actions statement ends with a semicolon Lint: PEP8 E703: statement ends with a semicolon
_delegator['_mailbox_basename'] = _delegator[mailbox_attribute] if _delegator.has_key(mailbox_attribute) else None		_delegator['_mailbox_basename'] = _delegator[mailbox_attribute] if _delegator.has_key(mailbox_attribute) else None
if isinstance(_delegator['_mailbox_basename'], list):		if isinstance(_delegator['_mailbox_basename'], list):
_delegator['_mailbox_basename'] = _delegator['_mailbox_basename'][0]		_delegator['_mailbox_basename'] = _delegator['_mailbox_basename'][0]
delegators.append(_delegator)		delegators.append(_delegator)

return delegators		return delegators

def find_folder_resource(self, folder="*", exclude_entry_id=None):		def find_folder_resource(self, folder="*", exclude_entry_id=None):
▲ Show 20 Lines • Show All 255 Lines • ▼ Show 20 Lines	def recipient_policy(self, entry):

if len(mail_attributes) >= 2:		if len(mail_attributes) >= 2:
secondary_mail_attribute = mail_attributes[1]		secondary_mail_attribute = mail_attributes[1]

daemon_rcpt_policy = self.config_get('daemon_rcpt_policy')		daemon_rcpt_policy = self.config_get('daemon_rcpt_policy')
if not utils.true_or_false(daemon_rcpt_policy) and not daemon_rcpt_policy == None:		if not utils.true_or_false(daemon_rcpt_policy) and not daemon_rcpt_policy == None:
log.debug(		log.debug(
_(		_(
"Not applying recipient policy for %s " + \		"Not applying recipient policy for %s " + \
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"(disabled through configuration)"		"(disabled through configuration)"
) % (entry_dn),		) % (entry_dn),
level=1		level=1
)		)

return entry_modifications		return entry_modifications

want_attrs = []		want_attrs = []
Show All 10 Lines	def recipient_policy(self, entry):
primary_mail = self.config_get_raw('primary_mail')		primary_mail = self.config_get_raw('primary_mail')

if not secondary_mail_attribute == None:		if not secondary_mail_attribute == None:
secondary_mail = self.config_get_raw('%s_secondary_mail' % (entry_type))		secondary_mail = self.config_get_raw('%s_secondary_mail' % (entry_type))
if secondary_mail == None and entry_type == 'user':		if secondary_mail == None and entry_type == 'user':
secondary_mail = self.config_get_raw('secondary_mail')		secondary_mail = self.config_get_raw('secondary_mail')

log.debug(		log.debug(
_("Using mail attributes: %r, with primary %r and " + \		_("Using mail attributes: %r, with primary %r and " + \
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"secondary %r") % (		"secondary %r") % (
		Lint: PEP8 E127 Inline Actions continuation line over-indented for visual indent Lint: PEP8 E127: continuation line over-indented for visual indent
mail_attributes,		mail_attributes,
primary_mail_attribute,		primary_mail_attribute,
secondary_mail_attribute		secondary_mail_attribute
),		),
level=8		level=8
)		)

for _mail_attr in mail_attributes:		for _mail_attr in mail_attributes:
▲ Show 20 Lines • Show All 80 Lines • ▼ Show 20 Lines	def recipient_policy(self, entry):
),		),
level=8		level=8
)		)

almost_done = True		almost_done = True
for result in results:		for result in results:
if not result == entry_dn:		if not result == entry_dn:
log.debug(		log.debug(
_("Too bad, primary email address %s " + \		_("Too bad, primary email address %s " + \
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"already in use for %s (we are %s)") % (		"already in use for %s (we are %s)") % (
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
_primary_mail,		_primary_mail,
result,		result,
entry_dn		entry_dn
),		),
level=8		level=8
)		)

almost_done = False		almost_done = False
Show All 9 Lines	def recipient_policy(self, entry):
primary_mail_address.split('@')[0],		primary_mail_address.split('@')[0],
i,		i,
primary_mail_address.split('@')[1]		primary_mail_address.split('@')[1]
)		)

primary_mail_address = _primary_mail		primary_mail_address = _primary_mail

###		###
### FIXME		### FIXME
		Lint: PEP8 E266 Inline Actions too many leading '#' for block comment Lint: PEP8 E266: too many leading '#' for block comment
###		###
if not primary_mail_address == None:		if not primary_mail_address == None:
if not entry.has_key(primary_mail_attribute):		if not entry.has_key(primary_mail_attribute):
self.set_entry_attribute(entry, primary_mail_attribute, primary_mail_address)		self.set_entry_attribute(entry, primary_mail_attribute, primary_mail_address)
entry_modifications[primary_mail_attribute] = primary_mail_address		entry_modifications[primary_mail_attribute] = primary_mail_address
else:		else:
if not primary_mail_address == entry[primary_mail_attribute]:		if not primary_mail_address == entry[primary_mail_attribute]:
self.set_entry_attribute(entry, primary_mail_attribute, primary_mail_address)		self.set_entry_attribute(entry, primary_mail_attribute, primary_mail_address)

entry_modifications[primary_mail_attribute] = primary_mail_address		entry_modifications[primary_mail_attribute] = primary_mail_address

if not secondary_mail == None:		if not secondary_mail == None:
# Execute the plugin hook		# Execute the plugin hook
suggested_secondary_mail = conf.plugins.exec_hook(		suggested_secondary_mail = conf.plugins.exec_hook(
"set_secondary_mail",		"set_secondary_mail",
kw={		kw={
'secondary_mail': secondary_mail,		'secondary_mail': secondary_mail,
'entry': entry,		'entry': entry,
'domain': self.domain,		'domain': self.domain,
'primary_domain': self.domain,		'primary_domain': self.domain,
'secondary_domains': self.list_secondary_domains()		'secondary_domains': self.list_secondary_domains()
}		}
) # end of conf.plugins.exec_hook() call		) # end of conf.plugins.exec_hook() call
		Lint: PEP8 E261 Inline Actions at least two spaces before inline comment Lint: PEP8 E261: at least two spaces before inline comment

secondary_mail_addresses = []		secondary_mail_addresses = []

for _secondary_mail in suggested_secondary_mail:		for _secondary_mail in suggested_secondary_mail:
i = 1		i = 1
__secondary_mail = _secondary_mail		__secondary_mail = _secondary_mail

done = False		done = False
Show All 10 Lines	def recipient_policy(self, entry):
level=8		level=8
)		)

done = True		done = True
continue		continue

if len(results) == 1:		if len(results) == 1:
log.debug(		log.debug(
_("1 result for address %s found, " + \		_("1 result for address %s found, " + \
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"verifying...") % (		"verifying...") % (
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
__secondary_mail		__secondary_mail
),		),
level=8		level=8
)		)

almost_done = True		almost_done = True
for result in results:		for result in results:
if not result == entry_dn:		if not result == entry_dn:
log.debug(		log.debug(
_("Too bad, secondary email " + \		_("Too bad, secondary email " + \
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"address %s already in use for " + \		"address %s already in use for " + \
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"%s (we are %s)") % (		"%s (we are %s)") % (
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
__secondary_mail,		__secondary_mail,
result,		result,
entry_dn		entry_dn
),		),
level=8		level=8
)		)

almost_done = False		almost_done = False
else:		else:
log.debug(_("Address assigned to us"), level=8)		log.debug(_("Address assigned to us"), level=8)

if almost_done:		if almost_done:
done = True		done = True
continue		continue

i += 1		i += 1
__secondary_mail = "%s%d@%s" % (		__secondary_mail = "%s%d@%s" % (
_secondary_mail.split('@')[0],		_secondary_mail.split('@')[0],
i,		i,
_secondary_mail.split('@')[1]		_secondary_mail.split('@')[1]
)		)

secondary_mail_addresses.append(__secondary_mail)		secondary_mail_addresses.append(__secondary_mail)

log.debug(_("Recipient policy composed the following set of secondary " + \		log.debug(_("Recipient policy composed the following set of secondary " + \
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"email addresses: %r") % (secondary_mail_addresses), level=8)		"email addresses: %r") % (secondary_mail_addresses), level=8)
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent

if entry.has_key(secondary_mail_attribute):		if entry.has_key(secondary_mail_attribute):
if isinstance(entry[secondary_mail_attribute], list):		if isinstance(entry[secondary_mail_attribute], list):
secondary_mail_addresses.extend(entry[secondary_mail_attribute])		secondary_mail_addresses.extend(entry[secondary_mail_attribute])
else:		else:
secondary_mail_addresses.append(entry[secondary_mail_attribute])		secondary_mail_addresses.append(entry[secondary_mail_attribute])

if not secondary_mail_addresses == None:		if not secondary_mail_addresses == None:
log.debug(		log.debug(
_("Secondary mail addresses that we want is not None: %r") % (		_("Secondary mail addresses that we want is not None: %r") % (
secondary_mail_addresses		secondary_mail_addresses
),		),
level=9		level=9
)		)

secondary_mail_addresses = list(set(secondary_mail_addresses))		secondary_mail_addresses = list(set(secondary_mail_addresses))

# Avoid duplicates		# Avoid duplicates
while primary_mail_address in secondary_mail_addresses:		while primary_mail_address in secondary_mail_addresses:
log.debug(		log.debug(
_("Avoiding the duplication of the primary mail " + \		_("Avoiding the duplication of the primary mail " + \
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"address %r in the list of secondary mail " + \		"address %r in the list of secondary mail " + \
		Lint: PEP8 E127 Inline Actions continuation line over-indented for visual indent Lint: PEP8 E127: continuation line over-indented for visual indent
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"addresses") % (primary_mail_address),		"addresses") % (primary_mail_address),
level=9		level=9
)		)

secondary_mail_addresses.pop(		secondary_mail_addresses.pop(
secondary_mail_addresses.index(primary_mail_address)		secondary_mail_addresses.index(primary_mail_address)
)		)

log.debug(		log.debug(
_("Entry is getting secondary mail addresses: %r") % (		_("Entry is getting secondary mail addresses: %r") % (
secondary_mail_addresses		secondary_mail_addresses
),		),
level=9		level=9
)		)

if not entry.has_key(secondary_mail_attribute):		if not entry.has_key(secondary_mail_attribute):
log.debug(		log.debug(
_("Entry did not have any secondary mail " + \		_("Entry did not have any secondary mail " + \
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"addresses in %r") % (secondary_mail_attribute),		"addresses in %r") % (secondary_mail_attribute),
		Lint: PEP8 E127 Inline Actions continuation line over-indented for visual indent Lint: PEP8 E127: continuation line over-indented for visual indent
level=9		level=9
)		)

if not len(secondary_mail_addresses) == 0:		if not len(secondary_mail_addresses) == 0:
self.set_entry_attribute(		self.set_entry_attribute(
entry,		entry,
secondary_mail_attribute,		secondary_mail_attribute,
secondary_mail_addresses		secondary_mail_addresses
▲ Show 20 Lines • Show All 55 Lines • ▼ Show 20 Lines	def search_entry_by_attribute(self, attr, value, **kw):
override_search='_regular_search'		override_search='_regular_search'
)		)

def set_entry_attribute(self, entry_id, attribute, value):		def set_entry_attribute(self, entry_id, attribute, value):
log.debug(_("Setting entry attribute %r to %r for %r") % (attribute, value, entry_id), level=9)		log.debug(_("Setting entry attribute %r to %r for %r") % (attribute, value, entry_id), level=9)
self.set_entry_attributes(entry_id, { attribute: value })		self.set_entry_attributes(entry_id, { attribute: value })

def set_entry_attributes(self, entry_id, attributes):		def set_entry_attributes(self, entry_id, attributes):
bind_dn = self.config_get('bind_dn')		self._bind()
bind_pw = self.config_get('bind_pw')

self._bind(bind_dn, bind_pw)

entry_dn = self.entry_dn(entry_id)		entry_dn = self.entry_dn(entry_id)

entry = self.get_entry_attributes(entry_dn, ['*'])		entry = self.get_entry_attributes(entry_dn, ['*'])

attrs = {}		attrs = {}

for attribute in attributes.keys():		for attribute in attributes.keys():
Show All 11 Lines	def set_entry_attributes(self, entry_id, attributes):
elif entry.has_key(attribute) and not entry[attribute] == None:		elif entry.has_key(attribute) and not entry[attribute] == None:
if attrs[attribute] == None:		if attrs[attribute] == None:
modlist.append((ldap.MOD_DELETE, attribute, entry[attribute]))		modlist.append((ldap.MOD_DELETE, attribute, entry[attribute]))
else:		else:
modlist.append((ldap.MOD_REPLACE, attribute, attrs[attribute]))		modlist.append((ldap.MOD_REPLACE, attribute, attrs[attribute]))

dn = entry_dn		dn = entry_dn

if len(modlist) > 0:		if len(modlist) > 0 and self._bind_priv() is True:
try:		try:
self.ldap.modify_s(dn, modlist)		self.ldap_priv.modify_s(dn, modlist)
except:		except:
log.error(_("Could not update dn %r:\n%r") % (dn, modlist))		log.error(_("Could not update dn %r:\n%r") % (dn, modlist))

# Drop the privileges
self._unbind()

def synchronize(self, mode=0, callback=None):		def synchronize(self, mode=0, callback=None):
"""		"""
Synchronize with LDAP		Synchronize with LDAP
"""		"""
self._bind()		self._bind()

_filter = self._kolab_filter()		_filter = self._kolab_filter()

▲ Show 20 Lines • Show All 70 Lines • ▼ Show 20 Lines	def user_quota(self, entry_id, folder):

if _imap_quota == None:		if _imap_quota == None:
used = None		used = None
current_imap_quota = None		current_imap_quota = None
else:		else:
(used, current_imap_quota) = _imap_quota		(used, current_imap_quota) = _imap_quota

log.debug(		log.debug(
_("About to consider the user quota for %r (used: %r, " + \		_("About to consider the user quota for %r (used: %r, " + \
		Lint: PEP8 E502 Inline Actions the backslash is redundant between brackets Lint: PEP8 E502: the backslash is redundant between brackets
"imap: %r, ldap: %r, default: %r") % (		"imap: %r, ldap: %r, default: %r") % (
entry_dn,		entry_dn,
used,		used,
current_imap_quota,		current_imap_quota,
current_ldap_quota,		current_ldap_quota,
default_quota		default_quota
),		),
level=9		level=9
Show All 35 Lines	def user_quota(self, entry_id, folder):
if not new_quota == current_imap_quota:		if not new_quota == current_imap_quota:
self.imap.set_quota(folder, new_quota)		self.imap.set_quota(folder, new_quota)

else:		else:
if not new_quota == None:		if not new_quota == None:
self.imap.set_quota(folder, new_quota)		self.imap.set_quota(folder, new_quota)

###		###
### API depth level increasing!		### API depth level increasing!
		Lint: PEP8 E266 Inline Actions too many leading '#' for block comment Lint: PEP8 E266: too many leading '#' for block comment
###		###

def _bind(self, bind_dn=None, bind_pw=None):		def _bind(self, bind_dn=None, bind_pw=None):
# If we have no LDAP, we have no previous state.		# If we have no LDAP, we have no previous state.
if self.ldap is None:		if self.ldap is None:
self.bind = None		self.bind = None
self.connect()		self.connect()

# If we are to bind as foo, we have no state.		# If we are to bind as foo, we have no state.
if bind_dn is not None:		if bind_dn is not None:
self.bind = None		self.bind = None

# Only if we have no state and no bind credentials specified in the		# Only if we have no state and no bind credentials specified in the
# function call.		# function call.
if self.bind is None:		if self.bind is None:

if bind_dn is None:		if bind_dn is None:
bind_dn = self.config_get('service_bind_dn')		bind_dn = self.config_get('service_bind_dn')

if bind_pw is None:		if bind_pw is None:
bind_pw = self.config_get('service_bind_pw')		bind_pw = self.config_get('service_bind_pw')

if bind_dn is not None:		if bind_dn is not None:
log.debug(_("Binding with bind_dn: %s and password: %s")		log.debug(_("Binding with bind_dn: %s and password: %s")
% (bind_dn, '' len(bind_pw)))		% (bind_dn, '' len(bind_pw)))
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent

# TODO: Binding errors control		# TODO: Binding errors control
try:		try:
self.ldap.simple_bind_s(bind_dn, bind_pw)		self.ldap.simple_bind_s(bind_dn, bind_pw)
self.bind = {'dn': bind_dn, 'pw': bind_pw}		self.bind = {'dn': bind_dn, 'pw': bind_pw}
return True		return True
except ldap.SERVER_DOWN, errmsg:		except ldap.SERVER_DOWN, errmsg:
log.error(_("LDAP server unavailable: %r") % (errmsg))		log.error(_("LDAP server unavailable: %r") % (errmsg))
log.error(_("%s") % (traceback.format_exc()))		log.error(_("%s") % (traceback.format_exc()))
return False		return False
except ldap.INVALID_CREDENTIALS:		except ldap.INVALID_CREDENTIALS:
log.error(_("Invalid DN, username and/or password."))		log.error(_("Invalid DN, username and/or password."))
return False		return False
else:		else:
log.debug(_("bind() called but already bound"), level=8)		log.debug(_("bind() called but already bound"), level=8)
return True		return True

		def _bind_priv(self):
		if self.ldap_priv is None:
		self.connect(True)

		bind_dn = self.config_get('bind_dn')
		bind_pw = self.config_get('bind_pw')

		try:
		self.ldap_priv.simple_bind_s(bind_dn, bind_pw)
		return True
		except ldap.SERVER_DOWN, errmsg:
		log.error(_("LDAP server unavailable: %r") % (errmsg))
		log.error(_("%s") % (traceback.format_exc()))
		return False
		except ldap.INVALID_CREDENTIALS:
		log.error(_("Invalid DN, username and/or password."))
		return False
		else:
		log.debug(_("bind_priv() called but already bound"), level=8)
		return True

def _change_add_group(self, entry, change):		def _change_add_group(self, entry, change):
"""		"""
An entry of type group was added.		An entry of type group was added.

The Kolab daemon has little to do for this type of action on this		The Kolab daemon has little to do for this type of action on this
type of entry.		type of entry.
"""		"""
pass		pass
▲ Show 20 Lines • Show All 118 Lines • ▼ Show 20 Lines	def _change_add_sharedfolder(self, entry, change):
self.imap._set_kolab_mailfolder_acls(		self.imap._set_kolab_mailfolder_acls(
entry['kolabfolderaclentry'], folder_path		entry['kolabfolderaclentry'], folder_path
)		)

if entry.has_key(delivery_address_attribute) and \		if entry.has_key(delivery_address_attribute) and \
not entry[delivery_address_attribute] == None:		not entry[delivery_address_attribute] == None:
self.imap.set_acl(folder_path, 'anyone', '+p')		self.imap.set_acl(folder_path, 'anyone', '+p')

#if server == None:		#if server == None:
		Lint: PEP8 E265 Inline Actions block comment should start with '# ' Lint: PEP8 E265: block comment should start with '# '
#self.entry_set_attribute(mailserver_attribute, server)		#self.entry_set_attribute(mailserver_attribute, server)
		Lint: PEP8 E265 Inline Actions block comment should start with '# ' Lint: PEP8 E265: block comment should start with '# '

def _change_add_unknown(self, entry, change):		def _change_add_unknown(self, entry, change):
"""		"""
An entry has been add, and we do not know of what object type		An entry has been add, and we do not know of what object type
the entry was - user, group, role or sharedfolder.		the entry was - user, group, role or sharedfolder.
"""		"""
result_attribute = conf.get('cyrus-sasl', 'result_attribute')		result_attribute = conf.get('cyrus-sasl', 'result_attribute')

▲ Show 20 Lines • Show All 525 Lines • ▼ Show 20 Lines	def _change_none_sharedfolder(self, entry, change):
entry['kolabfolderaclentry'], folder_path, True		entry['kolabfolderaclentry'], folder_path, True
)		)

delivery_address_attribute = self.config_get('sharedfolder_delivery_address_attribute')		delivery_address_attribute = self.config_get('sharedfolder_delivery_address_attribute')
if entry.has_key(delivery_address_attribute) and \		if entry.has_key(delivery_address_attribute) and \
not entry[delivery_address_attribute] == None:		not entry[delivery_address_attribute] == None:
self.imap.set_acl(folder_path, 'anyone', '+p')		self.imap.set_acl(folder_path, 'anyone', '+p')

#if server == None:		#if server == None:
		Lint: PEP8 E265 Inline Actions block comment should start with '# ' Lint: PEP8 E265: block comment should start with '# '
#self.entry_set_attribute(mailserver_attribute, server)		#self.entry_set_attribute(mailserver_attribute, server)
		Lint: PEP8 E265 Inline Actions block comment should start with '# ' Lint: PEP8 E265: block comment should start with '# '

def _change_none_user(self, entry, change):		def _change_none_user(self, entry, change):
"""		"""
A user entry as part of the initial search result set.		A user entry as part of the initial search result set.
"""		"""
mailserver_attribute = self.config_get('mailserver_attribute')		mailserver_attribute = self.config_get('mailserver_attribute')
if mailserver_attribute == None:		if mailserver_attribute == None:
mailserver_attribute = 'mailhost'		mailserver_attribute = 'mailhost'
▲ Show 20 Lines • Show All 77 Lines • ▼ Show 20 Lines	def _change_none_user(self, entry, change):
log.warning(		log.warning(
_("Kolab user %s does not have a result attribute %r") % (		_("Kolab user %s does not have a result attribute %r") % (
entry['id'],		entry['id'],
result_attribute		result_attribute
)		)
)		)

def _disconnect(self):		def _disconnect(self):
self._unbind()
del self.ldap		del self.ldap
		del self.ldap_priv
self.ldap = None		self.ldap = None
		self.ldap_priv = None
self.bind = None		self.bind = None

def _domain_naming_context(self, domain):		def _domain_naming_context(self, domain):
self._bind()		self._bind()

# The list of naming contexts in the LDAP server		# The list of naming contexts in the LDAP server
attrs = self.get_entry_attributes("", ['namingContexts'])		attrs = self.get_entry_attributes("", ['namingContexts'])

▲ Show 20 Lines • Show All 86 Lines • ▼ Show 20 Lines	def _entry_type(self, entry_id):
__filter = self.config_get('%s_filter' % (_type))		__filter = self.config_get('%s_filter' % (_type))

if not __filter == None:		if not __filter == None:
try:		try:
result = self._regular_search(entry_dn, filterstr=__filter)		result = self._regular_search(entry_dn, filterstr=__filter)
except:		except:
result = self._regular_search(		result = self._regular_search(
base_dn,		base_dn,
filterstr="(%s=%s)" %(		filterstr="(%s=%s)" %(
		Lint: PEP8 E225 Inline Actions missing whitespace around operator Lint: PEP8 E225: missing whitespace around operator
self.config_get('unique_attribute'),		self.config_get('unique_attribute'),
entry_id['id'])		entry_id['id'])
)		)

if not result:		if not result:
continue		continue
else:		else:
return _type		return _type
▲ Show 20 Lines • Show All 320 Lines • ▼ Show 20 Lines
#		#
# if not self.imap.user_mailbox_exists(entry[result_attribute]):		# if not self.imap.user_mailbox_exists(entry[result_attribute]):
# folder = self.imap.user_mailbox_create(		# folder = self.imap.user_mailbox_create(
# entry[result_attribute]		# entry[result_attribute]
# )		# )
#		#
# server = self.imap.user_mailbox_server(folder)		# server = self.imap.user_mailbox_server(folder)

def _unbind(self):
"""
Discard the current set of bind credentials.

Virtually disconnects the LDAP connection, and should be followed by
a call to _bind() afterwards.
"""

self.ldap.unbind()
self.bind = None

###		###
### Backend search functions		### Backend search functions
		Lint: PEP8 E266 Inline Actions too many leading '#' for block comment Lint: PEP8 E266: too many leading '#' for block comment
###		###

def _persistent_search(self,		def _persistent_search(self,
base_dn,		base_dn,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
scope=ldap.SCOPE_SUBTREE,		scope=ldap.SCOPE_SUBTREE,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
filterstr="(objectClass=*)",		filterstr="(objectClass=*)",
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrlist=None,		attrlist=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrsonly=0,		attrsonly=0,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
timeout=-1,		timeout=-1,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
callback=False,		callback=False,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
primary_domain=None,		primary_domain=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
secondary_domains=[]		secondary_domains=[]
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
):		):
		Lint: PEP8 E124 Inline Actions closing bracket does not match visual indentation Lint: PEP8 E124: closing bracket does not match visual indentation
		Lint: PEP8 E125 Inline Actions continuation line with same indent as next logical line Lint: PEP8 E125: continuation line with same indent as next logical line

_results = []		_results = []

psearch_server_controls = []		psearch_server_controls = []

psearch_server_controls.append(psearch.PersistentSearchControl(		psearch_server_controls.append(psearch.PersistentSearchControl(
criticality=True,		criticality=True,
changeTypes=[ 'add', 'delete', 'modify', 'modDN' ],		changeTypes=[ 'add', 'delete', 'modify', 'modDN' ],
▲ Show 20 Lines • Show All 68 Lines • ▼ Show 20 Lines	def _persistent_search(self,
previous_dn=previous_dn,		previous_dn=previous_dn,
change_type=change_type,		change_type=change_type,
change_number=change_number,		change_number=change_number,
primary_domain=primary_domain,		primary_domain=primary_domain,
secondary_domains=secondary_domains		secondary_domains=secondary_domains
)		)

def _paged_search(self,		def _paged_search(self,
base_dn,		base_dn,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
scope=ldap.SCOPE_SUBTREE,		scope=ldap.SCOPE_SUBTREE,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
filterstr="(objectClass=*)",		filterstr="(objectClass=*)",
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrlist=None,		attrlist=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrsonly=0,		attrsonly=0,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
timeout=-1,		timeout=-1,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
callback=False,		callback=False,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
primary_domain=None,		primary_domain=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
secondary_domains=[]		secondary_domains=[]
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
):		):
		Lint: PEP8 E124 Inline Actions closing bracket does not match visual indentation Lint: PEP8 E124: closing bracket does not match visual indentation
		Lint: PEP8 E125 Inline Actions continuation line with same indent as next logical line Lint: PEP8 E125: continuation line with same indent as next logical line

page_size = 500		page_size = 500
critical = True		critical = True
_results = []		_results = []

server_page_control = SimplePagedResultsControl(page_size=page_size)		server_page_control = SimplePagedResultsControl(page_size=page_size)

_search = self.ldap.search_ext(		_search = self.ldap.search_ext(
Show All 27 Lines	def _paged_search(self,
callback(entry=_result_data)		callback(entry=_result_data)

_results.extend(_result_data)		_results.extend(_result_data)
if (pages % 2) == 0:		if (pages % 2) == 0:
log.debug(_("%d results...") % (len(_results)))		log.debug(_("%d results...") % (len(_results)))

pctrls = [		pctrls = [
c for c in _result_controls		c for c in _result_controls
if c.controlType == LDAP_CONTROL_PAGED_RESULTS		if c.controlType == LDAP_CONTROL_PAGED_RESULTS
		Lint: PEP8 E131 Inline Actions continuation line unaligned for hanging indent Lint: PEP8 E131: continuation line unaligned for hanging indent
]		]

if pctrls:		if pctrls:
if hasattr(pctrls[0], 'size'):		if hasattr(pctrls[0], 'size'):
size = pctrls[0].size		size = pctrls[0].size
cookie = pctrls[0].cookie		cookie = pctrls[0].cookie
else:		else:
size, cookie = pctrls[0].controlValue		size, cookie = pctrls[0].controlValue
Show All 14 Lines	def _paged_search(self,
else:		else:
# TODO: Error out more verbose		# TODO: Error out more verbose
print "Warning: Server ignores RFC 2696 control."		print "Warning: Server ignores RFC 2696 control."
break		break

return _results		return _results

def _vlv_search(self,		def _vlv_search(self,
base_dn,		base_dn,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
scope=ldap.SCOPE_SUBTREE,		scope=ldap.SCOPE_SUBTREE,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
filterstr="(objectClass=*)",		filterstr="(objectClass=*)",
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrlist=None,		attrlist=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrsonly=0,		attrsonly=0,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
timeout=-1,		timeout=-1,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
callback=False,		callback=False,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
primary_domain=None,		primary_domain=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
secondary_domains=[]		secondary_domains=[]
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
):		):
		Lint: PEP8 E124 Inline Actions closing bracket does not match visual indentation Lint: PEP8 E124: closing bracket does not match visual indentation
		Lint: PEP8 E125 Inline Actions continuation line with same indent as next logical line Lint: PEP8 E125: continuation line with same indent as next logical line
pass		pass

def _sync_repl(self,		def _sync_repl(self,
base_dn,		base_dn,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
scope=ldap.SCOPE_SUBTREE,		scope=ldap.SCOPE_SUBTREE,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
filterstr="(objectClass=*)",		filterstr="(objectClass=*)",
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrlist=None,		attrlist=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrsonly=0,		attrsonly=0,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
timeout=-1,		timeout=-1,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
callback=False,		callback=False,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
primary_domain=None,		primary_domain=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
secondary_domains=[]		secondary_domains=[]
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
):		):
		Lint: PEP8 E125 Inline Actions continuation line with same indent as next logical line Lint: PEP8 E125: continuation line with same indent as next logical line
		Lint: PEP8 E124 Inline Actions closing bracket does not match visual indentation Lint: PEP8 E124: closing bracket does not match visual indentation

import ldapurl		import ldapurl
import syncrepl		import syncrepl

ldap_url = ldapurl.LDAPUrl(self.config_get('ldap_uri'))		ldap_url = ldapurl.LDAPUrl(self.config_get('ldap_uri'))

ldap_sync_conn = syncrepl.DNSync(		ldap_sync_conn = syncrepl.DNSync(
'/var/lib/kolab/syncrepl_%s.db' % (self.domain),		'/var/lib/kolab/syncrepl_%s.db' % (self.domain),
Show All 18 Lines	def _sync_repl(self,
try:		try:
# Here's where returns need to be taken into account...		# Here's where returns need to be taken into account...
while ldap_sync_conn.syncrepl_poll(all=1, msgid=msgid):		while ldap_sync_conn.syncrepl_poll(all=1, msgid=msgid):
pass		pass
except KeyboardInterrupt:		except KeyboardInterrupt:
pass		pass

def _regular_search(self,		def _regular_search(self,
base_dn,		base_dn,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
scope=ldap.SCOPE_SUBTREE,		scope=ldap.SCOPE_SUBTREE,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
filterstr="(objectClass=*)",		filterstr="(objectClass=*)",
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrlist=None,		attrlist=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrsonly=0,		attrsonly=0,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
timeout=-1,		timeout=-1,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
callback=False,		callback=False,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
primary_domain=None,		primary_domain=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
secondary_domains=[]		secondary_domains=[]
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
):		):
		Lint: PEP8 E124 Inline Actions closing bracket does not match visual indentation Lint: PEP8 E124: closing bracket does not match visual indentation
		Lint: PEP8 E125 Inline Actions continuation line with same indent as next logical line Lint: PEP8 E125: continuation line with same indent as next logical line

log.debug(_("Searching with filter %r") % (filterstr), level=8)		log.debug(_("Searching with filter %r") % (filterstr), level=8)

_search = self.ldap.search(		_search = self.ldap.search(
base_dn,		base_dn,
scope=scope,		scope=scope,
filterstr=filterstr,		filterstr=filterstr,
attrlist=attrlist,		attrlist=attrlist,
attrsonly=attrsonly		attrsonly=attrsonly
)		)

_results = []		_results = []
_result_type = None		_result_type = None

while not _result_type == ldap.RES_SEARCH_RESULT:		while not _result_type == ldap.RES_SEARCH_RESULT:
(_result_type, _result) = self.ldap.result(_search, False, 0)		(_result_type, _result) = self.ldap.result(_search, False, 0)

if not _result == None:		if not _result == None:
for result in _result:		for result in _result:
_results.append(result)		_results.append(result)

return _results		return _results

def _search(self,		def _search(self,
base_dn,		base_dn,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
scope=ldap.SCOPE_SUBTREE,		scope=ldap.SCOPE_SUBTREE,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
filterstr="(objectClass=*)",		filterstr="(objectClass=*)",
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrlist=None,		attrlist=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
attrsonly=0,		attrsonly=0,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
timeout=-1,		timeout=-1,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
override_search=False,		override_search=False,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
callback=False,		callback=False,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
primary_domain=None,		primary_domain=None,
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
secondary_domains=[]		secondary_domains=[]
		Lint: PEP8 E128 Inline Actions continuation line under-indented for visual indent Lint: PEP8 E128: continuation line under-indented for visual indent
):		):
		Lint: PEP8 E124 Inline Actions closing bracket does not match visual indentation Lint: PEP8 E124: closing bracket does not match visual indentation
		Lint: PEP8 E125 Inline Actions continuation line with same indent as next logical line Lint: PEP8 E125: continuation line with same indent as next logical line
"""		"""
Search LDAP.		Search LDAP.

Use the priority ordered SUPPORTED_LDAP_CONTROLS and use		Use the priority ordered SUPPORTED_LDAP_CONTROLS and use
the first one supported.		the first one supported.
"""		"""

supported_controls = conf.get_list('ldap', 'supported_controls')		supported_controls = conf.get_list('ldap', 'supported_controls')
▲ Show 20 Lines • Show All 68 Lines • ▼ Show 20 Lines	def _search(self,
scope,		scope,
filterstr,		filterstr,
attrlist,		attrlist,
attrsonly,		attrsonly,
timeout,		timeout,
primary_domain,		primary_domain,
secondary_domains		secondary_domains
)		)
)		)
		Lint: PEP8 E124 Inline Actions closing bracket does not match visual indentation Lint: PEP8 E124: closing bracket does not match visual indentation

break		break

except ldap.SERVER_DOWN, errmsg:		except ldap.SERVER_DOWN, errmsg:
log.error(_("LDAP server unavailable: %r") % (errmsg))		log.error(_("LDAP server unavailable: %r") % (errmsg))
log.error(_("%s") % (traceback.format_exc()))		log.error(_("%s") % (traceback.format_exc()))
log.error(_("-- reconnecting in 10 seconds."))		log.error(_("-- reconnecting in 10 seconds."))

▲ Show 20 Lines • Show All 41 Lines • Show Last 20 Lines