diff --git a/conf/attributes.yml b/conf/attributes.yml index d6feeec..da8a083 100644 --- a/conf/attributes.yml +++ b/conf/attributes.yml @@ -7,21 +7,21 @@ args: - $first-name - $name - backend-attributes: + bakends: ldap: cn ad: CN first-name: description: "First name of the user" display_name: "First Name" type: string - backend-attributes: + bakends: ldap: givenName ad: givenName name: description: "Family name of the user" display_name: "Name" type: string - backend-attributes: + bakends: ldap: sn ad: sn email: @@ -34,7 +34,7 @@ - $first-name - $last-name - '@example.com' - backend-attributes: + bakends: ldap: email ad: EMAIL uid: @@ -46,7 +46,7 @@ args: - $first-name - $last-name - backend-attributes: + bakends: ldap: uid ad: UID uidNumber: @@ -58,7 +58,7 @@ args: - $first-name - $last-name - backend-attributes: + bakends: ldap: uidNumber ad: UIDNumber gidNumber: @@ -66,7 +66,7 @@ display_name: "GID Number" type: int default: 10000 - backend-attributes: + bakends: ldap: gidNumber ad: GIDNumber shell: @@ -78,7 +78,7 @@ - /bin/bash - /bin/zsh - /bin/sh - backend-attributes: + bakends: ldap: shell ad: SHELL home: @@ -91,7 +91,7 @@ - $first-name - $last-name - /home/ - backend-attributes: + bakends: ldap: home ad: Home @@ -100,7 +100,7 @@ display_name: "Password" self: True type: password - backend-attributes: + bakends: ldap: userPassword ad: userPassword logscript: @@ -108,5 +108,5 @@ display_name: "Login script" type: fix value: login1.bat - backend-attributes: + bakends: ad: logonScript diff --git a/ldapcherry/attributes.py b/ldapcherry/attributes.py index 485d3ba..5cf9bcc 100644 --- a/ldapcherry/attributes.py +++ b/ldapcherry/attributes.py @@ -21,6 +21,7 @@ def __init__(self, attributes_file): self.attributes_file = attributes_file self.backends = Set([]) + self.self_attributes = Set([]) try: stream = open(attributes_file, 'r') except: @@ -35,15 +36,23 @@ attr = self.attributes[attrid] if not attr['type'] in types: raise WrongAttributeType(attr['type'], attrid, attributes_file) + if 'self' in attr and attr['self']: + self.self_attributes.add(attrid) + for b in attr['backends']: + self.backends.add(b) def _mandatory_check(self, attr): - for m in ['description', 'display_name', 'type', 'backend-attributes']: + for m in ['description', 'display_name', 'type', 'backends']: if m not in self.attributes[attr]: raise MissingKey(m, attr, self.attributes_file) def get_selfattributes(self): """get the list of groups from roles""" - pass + return self.self_attributes + + def get_backends(self): + """return the list of backends in roles file""" + return self.backends def get_addattributes(self): """get the list of groups from roles""" diff --git a/misc/debug_attributes.py b/misc/debug_attributes.py index f338111..31f0b19 100644 --- a/misc/debug_attributes.py +++ b/misc/debug_attributes.py @@ -15,4 +15,8 @@ def ignore_aliases(self, _data): return True -inv = Attributes('./conf/attributes.yml') +try: + #inv = Attributes('./conf/attributes.yml') + inv = Attributes('./tests/cfg/attributes_wrong_type.yml') +except Exception as e: + print e.log diff --git a/tests/cfg/attributes.yml b/tests/cfg/attributes.yml deleted file mode 120000 index 2ef0902..0000000 --- a/tests/cfg/attributes.yml +++ /dev/null @@ -1 +0,0 @@ -../../conf/attributes.yml \ No newline at end of file diff --git a/tests/cfg/attributes.yml b/tests/cfg/attributes.yml new file mode 100644 index 0000000..5f5ebaf --- /dev/null +++ b/tests/cfg/attributes.yml @@ -0,0 +1,112 @@ +cn: + description: "Firt Name and Display Name" + display_name: "Display Name" + type: string + autofill: + function: cn + args: + - $first-name + - $name + backends: + ldap: cn + ad: CN +first-name: + description: "First name of the user" + display_name: "First Name" + type: string + backends: + ldap: givenName + ad: givenName +name: + description: "Family name of the user" + display_name: "Name" + type: string + backends: + ldap: sn + ad: sn +email: + description: "Email of the user" + display_name: "Name" + type: email + autofill: + function: email + args: + - $first-name + - $last-name + - '@example.com' + backends: + ldap: email + ad: EMAIL +uid: + description: "UID of the user" + display_name: "UID" + type: string + autofill: + function: uid + args: + - $first-name + - $last-name + backends: + ldap: uid + ad: UID +uidNumber: + description: "User ID Number of the user" + display_name: "UID Number" + type: int + autofill: + function: uidNumber + args: + - $first-name + - $last-name + backends: + ldap: uidNumber + ad: UIDNumber +gidNumber: + description: "Group ID Number of the user" + display_name: "GID Number" + type: int + default: 10000 + backends: + ldap: gidNumber + ad: GIDNumber +shell: + description: "Shell of the user" + display_name: "Shell" + self: True + type: stringlist + values: + - /bin/bash + - /bin/zsh + - /bin/sh + backends: + ldap: shell + ad: SHELL +home: + description: "Home user path" + display_name: "Home" + type: string + autofill: + function: home + args: + - $first-name + - $last-name + - /home/ + backends: + ldap: home + ad: Home + +password: + description: "Password of the user" + display_name: "Password" + self: True + type: password + backends: + ldap: userPassword + ad: userPassword +logscript: + description: "Windows login script" + display_name: "Login script" + type: fix + value: login1.bat + backends: + ad: logonScript diff --git a/tests/cfg/attributes_missing_mandatory.yml b/tests/cfg/attributes_missing_mandatory.yml index 1d86cb1..07729df 100644 --- a/tests/cfg/attributes_missing_mandatory.yml +++ b/tests/cfg/attributes_missing_mandatory.yml @@ -7,21 +7,21 @@ args: - $first-name - $name - backend-attributes: + bakends: ldap: cn ad: CN first-name: description: "First name of the user" display_name: "First Name" type: string - backend-attributes: + bakends: ldap: givenName ad: givenName name: description: "Family name of the user" display_name: "Name" type: string - backend-attributes: + bakends: ldap: sn ad: sn email: @@ -34,7 +34,7 @@ - $first-name - $last-name - '@example.com' - backend-attributes: + bakends: ldap: email ad: EMAIL uid: @@ -45,7 +45,7 @@ args: - $first-name - $last-name - backend-attributes: + bakends: ldap: uid ad: UID uidNumber: @@ -57,7 +57,7 @@ args: - $first-name - $last-name - backend-attributes: + bakends: ldap: uidNumber ad: UIDNumber gidNumber: @@ -65,7 +65,7 @@ display_name: "GID Number" type: int default: 10000 - backend-attributes: + bakends: ldap: gidNumber ad: GIDNumber shell: @@ -77,7 +77,7 @@ - /bin/bash - /bin/zsh - /bin/sh - backend-attributes: + bakends: ldap: shell ad: SHELL home: @@ -90,7 +90,7 @@ - $first-name - $last-name - /home/ - backend-attributes: + bakends: ldap: home ad: Home @@ -99,7 +99,7 @@ display_name: "Password" self: True type: password - backend-attributes: + bakends: ldap: userPassword ad: userPassword logscript: @@ -107,5 +107,5 @@ display_name: "Login script" type: fix value: login1.bat - backend-attributes: + bakends: ad: logonScript diff --git a/tests/cfg/attributes_wrong_type.yml b/tests/cfg/attributes_wrong_type.yml index 2f27399..9a5bc71 100644 --- a/tests/cfg/attributes_wrong_type.yml +++ b/tests/cfg/attributes_wrong_type.yml @@ -7,7 +7,7 @@ args: - $first-name - $name - backend-attributes: + backends: ldap: cn ad: CN @@ -15,6 +15,6 @@ description: "First name of the user" display_name: "First Name" type: string - backend-attributes: + backends: ldap: givenName ad: givenName diff --git a/tests/cfg/roles.yml b/tests/cfg/roles.yml deleted file mode 120000 index ad11f87..0000000 --- a/tests/cfg/roles.yml +++ /dev/null @@ -1 +0,0 @@ -../../conf/roles.yml \ No newline at end of file diff --git a/tests/cfg/roles.yml b/tests/cfg/roles.yml new file mode 100644 index 0000000..9201be3 --- /dev/null +++ b/tests/cfg/roles.yml @@ -0,0 +1,47 @@ +admin-lv3: + display_name: Administrators Level 3 + backends: + ldap: + groups: + - cn=dns admins,ou=group,dc=example,dc=com + - cn=nagios admins,ou=group,dc=example,dc=com + - cn=puppet admins,ou=group,dc=example,dc=com + - cn=users,ou=group,dc=example,dc=com + ad: + groups: + - Domain Users + - Administrators + - Domain Controllers + +admin-lv2: + display_name: Administrators Level 2 + LC_admins: True + backends: + ldap: + groups: + - cn=nagios admins,ou=group,dc=example,dc=com + - cn=users,ou=group,dc=example,dc=com + ad: + groups: + - Domain Users + +developpers: + display_name: Developpers + backends: + ldap: + groups: + - cn=developpers,ou=group,dc=example,dc=com + - cn=users,ou=group,dc=example,dc=com + ad: + groups: + - Domain Users + +users: + display_name: Simple Users + backends: + ldap: + groups: + - cn=users,ou=group,dc=example,dc=com + ad: + groups: + - Domain Users diff --git a/tests/test_Attributes.py b/tests/test_Attributes.py index b3b8122..190b300 100644 --- a/tests/test_Attributes.py +++ b/tests/test_Attributes.py @@ -17,6 +17,18 @@ inv = Attributes('./tests/cfg/attributes.yml') return True + def testGetSelfAttributes(self): + inv = Attributes('./tests/cfg/attributes.yml') + ret = inv.get_selfattributes() + expected = Set(['password', 'shell']) + assert ret == expected + + def testGetSelfAttributes(self): + inv = Attributes('./tests/cfg/attributes.yml') + ret = inv.get_backends() + expected = Set(['ldap', 'ad']) + assert ret == expected + def testNoFile(self): try: inv = Attributes('./tests/cfg/dontexist')