Changeset 1510

Show
Ignore:
Timestamp:
05/28/04 22:56:45 (20 years ago)
Author:
jalet
Message:

Extended syntax for LDAP specific newuser and newgroup directives. Untested.

Location:
pykota/trunk
Files:
4 modified

Legend:

Unmodified
Added
Removed

  • pykota/trunk/conf/pykota.conf.sample

    r1502 r1510  
    9898# 
    9999# How to create new accounts and groups 
    100 # authorized values are "below" and "attach(objectclass name)" 
     100# authorized values are "below" and "attach(objectclass name [, fail|warn])" 
    101101# 
    102102# "below" creates the new accounts/groups as standalone entries 
    103103# below the above defined 'userbase' ou 
    104104#  
    105 # attach(objectclass name) tries to find some existing user/group 
     105# attach(objectclass name [, action]) tries to find some existing user/group 
    106106# using the above defined 'userrdn' or 'grouprdn' and 'userbase' 
    107107# 'groupbase', and attach the PyKota specific entries to it. 
    108 # 
    109 # a possible value:  newuser: attach(posixAccount) 
     108# if action is "warn" and no entry exists to attach to, a new 
     109# entry is created, and a message is logged.  
     110# if action is "fail" and no entry exists to attach to, program 
     111# logs an error message and aborts. 
     112# if action is not set, the default value is "fail". 
     113# 
     114# a possible value:  newuser: attach(posixAccount, warn) 
    110115#newuser : below 
    111116#newgroup : below 

  • pykota/trunk/NEWS

    r1502 r1510  
    2525    - 1.19alpha16 : 
    2626     
     27        - the newuser and newgroup LDAP specific directives now accept 
     28          a second parameter to attach(), "fail" or "warn". If no entry 
     29          is found to attach PyKota attributes to, and "fail" was used, 
     30          then action is aborted and program exits in error. If "warn" 
     31          is used, a new entry is created but a warning message is logged. 
     32           
    2733        - The job's originating hostname is now stored in the database, 
    2834          and exported as PYKOTAJOBORIGINATINGHOSTNAME in the environment. 

  • pykota/trunk/pykota/storages/ldapstorage.py

    r1506 r1510  
    2222# 
    2323# $Log$ 
     24# Revision 1.66  2004/05/28 20:56:45  jalet 
     25# Extended syntax for LDAP specific newuser and newgroup directives. Untested. 
     26# 
    2427# Revision 1.65  2004/05/27 12:52:12  jalet 
    2528# More useful error message in case of misconfiguration of an LDAP  search base 
     
    762765        mustadd = 1 
    763766        if self.info["newuser"].lower() != 'below' : 
    764             result = self.doSearch("(&(objectClass=%s)(%s=%s))" % (self.info["newuser"], self.info["userrdn"], user.Name), None, base=self.info["userbase"]) 
     767            try : 
     768                (where, action) = [s.strip() for s in self.info["newuser"].split(",")] 
     769            except ValueError : 
     770                (where, action) = (self.info["newuser"].strip(), "fail") 
     771            result = self.doSearch("(&(objectClass=%s)(%s=%s))" % (where, self.info["userrdn"], user.Name), None, base=self.info["userbase"]) 
    765772            if result : 
    766773                (dn, fields) = result[0] 
     
    769776                self.doModify(dn, fields) 
    770777                mustadd = 0 
     778            else : 
     779                message = _("Unable to find an existing entry to attach pykotaAccount objectclass %s") % user.Name 
     780                if action.lower() == "warn" :     
     781                    self.tool.logger.log_message("%s. A new entry will be created instead." % message, "warn") 
     782                else : # 'fail' or incorrect setting 
     783                    raise PyKotaStorageError, "%s. Action aborted. Please check your configuration." % message 
    771784                 
    772785        if mustadd : 
     
    788801        mustadd = 1 
    789802        if self.info["newgroup"].lower() != 'below' : 
    790             result = self.doSearch("(&(objectClass=%s)(%s=%s))" % (self.info["newgroup"], self.info["grouprdn"], group.Name), None, base=self.info["groupbase"]) 
     803            try : 
     804                (where, action) = [s.strip() for s in self.info["newgroup"].split(",")] 
     805            except ValueError : 
     806                (where, action) = (self.info["newgroup"].strip(), "fail") 
     807            result = self.doSearch("(&(objectClass=%s)(%s=%s))" % (where, self.info["grouprdn"], group.Name), None, base=self.info["groupbase"]) 
    791808            if result : 
    792809                (dn, fields) = result[0] 
     
    795812                self.doModify(dn, fields) 
    796813                mustadd = 0 
     814            else : 
     815                message = _("Unable to find an existing entry to attach pykotaGroup objectclass %s") % group.Name 
     816                if action.lower() == "warn" :     
     817                    self.tool.logger.log_message("%s. A new entry will be created instead." % message, "warn") 
     818                else : # 'fail' or incorrect setting 
     819                    raise PyKotaStorageError, "%s. Action aborted. Please check your configuration." % message 
    797820                 
    798821        if mustadd : 

  • pykota/trunk/TODO

    r1509 r1510  
    4040          is cancelled by the user. 
    4141           
    42         - newuser: attach(posixAccount | inetOrgPerson | ..., fail|warn) 
    43           same for newgroup 
    44            
    4542        - Test and document a possible workaround for knowing 
    4643          if the job is a banner (embed a postscript comment