Commits

sqbell  committed 3e60f58

Made adding user a bit cleaner, added config option for samba_sid.

  • Participants
  • Parent commits 479af4e

Comments (0)

Files changed (6)

File libs/ldaplib/attrs.py

     'mail', 'cn', 'accountStatus', 'mailQuota',
     'employeeNumber', 'title', 'shadowAddress', 'memberOfGroup',
     'storageBaseDirectory', 'mailMessageStore',
+    'uidNumber', 'gidNumber', 'sambaSID',
 ]
 
 USER_ATTRS_ALL = [
     'amavisWhitelistSender', 'amavisBlacklistSender',
     'mailWhitelistRecipient', 'mailBlacklistRecipient',
     'domainGlobalAdmin',    # Global admin
+    'uidNumber', 'gidNumber', 'sambaSID',
 ]

File libs/ldaplib/connUtils.py

             # Account 'EXISTS' (fake) if ldap lookup failed.
             return True
 
+    # Check whether uidNumber exists.
+    def uidNumberExists(self, domain, uidNumber,):
+        self.domain = str(domain)
+        self.uidNumber = int(uidNumber)
+
+        ldap_filter = '(&(objectClass=posixAccount)(uidNumber=%d))' % (self.uidNumber)
+
+        try:
+            self.number = self.getNumberOfCurrentAccountsUnderDomain(
+                domain=self.domain,
+                filter=ldap_filter,
+            )
+
+            if self.number[0] is True and self.number[1] == 0:
+                # Account not exist.
+                return False
+            else:
+                return True
+        except Exception, e:
+            # Account 'EXISTS' (fake) if ldap lookup failed.
+            return True
+
     @decorators.require_domain_access
     def enableOrDisableAccount(self, domain, account, dn, action, accountTypeInLogger=None):
         self.domain = web.safestr(domain).strip().lower()

File libs/ldaplib/iredldif.py

     return ldif
 
 
+# Define and return LDIF structure of sambaSamAccount
+def ldif_samba(uidNumber, gidNumber, sambaNTPassword,):
+    ldif = [
+            ('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', 'sambaSamAccount', 'posixAccount']),
+            ('uidNumber', [str(uidNumber)]),
+            ('gidNumber', [str(gidNumber)]),
+            ('sambaAcctFlags', ['[U          ]']),
+            ('sambaPasswordHistory', ['0000000000000000000000000000000000000000000000000000000000000000']),
+            ('sambaSID', [cfg.samba.sid + '-' + str(uidNumber*2+1000)]),
+            ('sambaNTPassword', [sambaNTPassword]),
+            ('sambaPwdLastSet', [str(int(time()))]),
+            ]
+
+    return ldif
+
 # Define and return LDIF structure of mail user.
-def ldif_mailuser(domain, username, cn, passwd, quota=0, aliasDomains=[], groups=[], storageBaseDirectory=None, samba={},):
+def ldif_mailuser(domain, username, cn, passwd, quota=0, aliasDomains=[], groups=[], storageBaseDirectory=None,):
     domain = str(domain).lower()
     username = str(username).strip().replace(' ', '').lower()
     mail = username + '@' + domain
 
     # Generate basic LDIF.
     ldif = [
+        ('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', ]),
         ('mail', [mail]),
         ('userPassword', [str(passwd)]),
         ('sn', [username]),
         ('amavisLocal', ['TRUE']),
         ]
 
-    # If anything in samba list
-    if len(samba) != 0:
-        # Object classes
-        ldif += [('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', 'sambaSamAccount', 'posixAccount'])]
-
-        # Posix attributes
-        ldif += [
-            ('uidNumber', [samba['uid_number']]),
-            ('gidNumber', [samba['gid_number']]),
-            ]
-
-        # Samba attributes
-        ldif += [
-            ('sambaAcctFlags', ['[U          ]']),
-            ('sambaPasswordHistory', ['0000000000000000000000000000000000000000000000000000000000000000']),
-            ('sambaSID', [samba['samba_sid']]),
-            ('sambaNTPassword', [samba['samba_passwd']]),
-            ('sambaPwdLastSet', [str(int(time()))]),
-            ]
-    else:
-        ldif += [('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', ])]
-
-    import pdb; pdb.set_trace()
-
     # Append @shadowAddress.
     shadowAddresses = []
     for d in aliasDomains:

File libs/ldaplib/user.py

 
             connutils = connUtils.Utils()
             connutils.updateAttrSingleValue(self.domainDN, 'domainCurrentUserNumber', len(self.users))
+            import pdb; pdb.set_trace()
 
             return (True, self.users)
         except ldap.NO_SUCH_OBJECT:
         self.mail = self.username + '@' + self.domain
         self.groups = data.get('groups', [])
 
-        # import pdb; pdb.set_trace()
+        connutils = connUtils.Utils()
+
+        # Lets check if samba values are supplied
+        if 'ddriveStatus' in data:
+            self.ddriveEnabled = True
+
+            self.uidNumber = str(data.get('uidNumber')).strip()
+            if self.uidNumber.isdigit():
+                self.uidNumber = int(self.uidNumber)
+            else:
+                return (False, 'INCORRECT_UID_NUMBER')
+
+            # TODO: Check if such group exists
+            self.gidNumber = str(data.get('gidNumber')).strip()
+            if self.gidNumber.isdigit():
+                self.gidNumber = int(self.gidNumber)
+            else:
+                return (False, 'INCORRECT_GID_NUMBER')
+
+            # Check if given uidNumber is not used
+            if connutils.uidNumberExists(domain=self.domain, uidNumber=self.uidNumber,):
+                return (False, 'UID_ALREADY_EXISTS')
+
+            self.sambaSid = cfg.samba.sid + '-' + str(self.uidNumber*2+1000)
 
         if not iredutils.isDomain(self.domain) or not iredutils.isEmail(self.mail):
             return (False, 'MISSING_DOMAIN_OR_USERNAME')
 
         # Check account existing.
-        connutils = connUtils.Utils()
         if connutils.isAccountExists(domain=self.domain, mail=self.mail,):
             return (False, 'ALREADY_EXISTS')
 
                 self.passwd = ldaputils.generateLDAPPasswd(result[1], pwscheme='PLAIN')
             else:
                 self.passwd = ldaputils.generateLDAPPasswd(result[1])
+            if self.ddriveEnabled:
+                self.sambaPasswd = ldaputils.generateLDAPPasswd(result[1], pwscheme='SAMBA')
         else:
             return result
 
 
         self.defaultStorageBaseDirectory = domainAccountSetting.get('defaultStorageBaseDirectory', None)
 
-        sambaHash = {}
-        if web.safestr(data.get('ddriveStatus')):
-            sambaHash['uid_number']     = web.safestr(data.get('uidNumber'))
-            sambaHash['gid_number']     = web.safestr(data.get('gidNumber'))
-            sambaHash['samba_sid']      = '234234234'
-            sambaHash['samba_passwd']   = ldaputils.generateLDAPPasswd(result[1], pwscheme='SAMBA')
-
         # Get default mail lists which set in domain accountSetting.
         ldif = iredldif.ldif_mailuser(
             domain=self.domain,
             quota=self.quota,
             groups=self.groups,
             storageBaseDirectory=self.defaultStorageBaseDirectory,
-            samba=sambaHash,
         )
 
+        if self.ddriveEnabled:
+            ldif_samba = iredldif.ldif_samba(
+                uidNumber=self.uidNumber,
+                gidNumber=self.gidNumber,
+                sambaNTPassword=self.sambaPasswd,
+            )
+            # FIXME: Get rid of this smelly pop
+            ldif.pop(0)
+            ldif += ldif_samba
+
         domain_dn = ldaputils.convKeywordToDN(self.domain, accountType='domain')
         if domain_dn[0] is False:
             return domain_dn

File templates/default/ldap/user/list.html

 {% from "macros/general.html" import
         display_csrf_token,
         set_account_status_img,
+        set_ddrive_status_img,
         highlight_username_in_mail,
         show_pages,
         with context %}
                                 <th class="checkbox"><input type="checkbox" class="checkbox select-all" /></th>
                                 <th>{{ _('Display Name') }}</th>
                                 <th>{{ _('Mail Address') }}</th>
-                                <th>{{ _('User ID') }}</th>
+                                <th>{{ _('User ID number')}}</th>
+                                <th>{{ _('dDrive?')}}</th>
                                 <th>{{ _('Job Title') }}</th>
                                 <th>{{ _('Quota') }}</th>
                             </tr>
                             {% for (dn, entries) in users %}
                                 {% set mail = entries.get('mail')[0] |string |e %}
                                 {% set cn = entries.get('cn', [''])[0].decode('utf-8') |e %}
-                                {% set employeeid = entries.get('employeeNumber', [''])[0].decode('utf-8') |e %}
+                                {% set uidNumber = entries.get('uidNumber', [''])[0].decode('utf-8') |e %}
+                                {#% set ddrive = entries.get('sambaSID', [''])[0].decode('utf-8') |e %#}
                                 {% set jobTitle = entries.get('title', [''])[0].decode('utf-8') |e %}
-
-                                {### If accountStatus is not present, mark as 'disabled'. #}
                                 {% set accountStatus = entries.get('accountStatus', ['disabled'])[0] |e %}
-
+                                {% set ddriveStatus = entries.get('sambaSID', [''])[0] |e %}
                                 {% set mailQuota = entries.get('mailQuota', ['0'])[0] |e %}
                                 {% set shadowAddresses = entries.get('shadowAddress', []) %}
 
                                         {{ cn |cutString }}
                                     </td>
                                     <td class="vcenter">{{ highlight_username_in_mail(mail) }}</td>
-                                    <td class="vcenter">{{ employeeid }}</td>
+                                    <td class="vcenter">{{ uidNumber }}</td>
+<!--                                     {% if entries.get('sambaSID', [''])[0].decode('utf-8') %}
+                                        <td class="vcenter">Yes</td>
+                                    {% else %}
+                                        <td class="vcenter">No</td>
+                                    {% endif %} -->
+                                    <td class="vcenter">{{ set_ddrive_status_img(ddriveStatus, "center") }}</td>
                                     <td class="vcenter">{{ jobTitle }}</td>
                                     <td class="vcenter">{{ mailQuota |filesizeformat }}</td>
                                 </tr>

File templates/default/macros/general.html

     {% endif %}
 {%- endmacro %}
 
+{% macro set_ddrive_status_img(status, float="right", tooltip=true, vcenter=true) -%}
+    {% if float == 'right' %}
+        {% set imgfloat = 'fr-space' %}
+    {% elif float == 'left' %}
+        {% set imgfloat = 'fl-space' %}
+    {% elif float == 'center' %}
+        {% set imgfloat = 'fl-space' %}
+    {% else %}
+        {% set imgfloat = '' %}
+    {% endif %}
+
+    {% if status %}
+        <img src="{{ctx.homepath}}/static/{{skin}}/images/enabled.png" class="{{ imgfloat }}" {% if tooltip is sameas true %}title="{{ _('dDrive is active.') }}"{% endif %} {% if vcenter is sameas true %}style="vertical-align: middle;"{% endif %}/>
+    {% else %}
+        {% set tooltip = _('dDrive is disabled.') %}
+        <img src="{{ctx.homepath}}/static/{{skin}}/images/ball_grey_16.png" class="{{ imgfloat }}" {% if tooltip is sameas true %}title="{{ _('dDrive is disabled.') }}"{% endif %} {% if vcenter is sameas true %}style="vertical-align: middle;"{% endif %}/>
+    {% endif %}
+{%- endmacro %}
+
 {% macro set_admin_type_img(value) -%}
     {% if value == 'yes' %}
         <img src="{{ctx.homepath}}/static/{{skin}}/images/enabled.png" class="block" title="{{ _('Is a global admin.') }}" alt="" />