3 commits - bin/kolab_smtp_access_policy.py pykolab/setup pykolab/utils.py tests/unit

Jeroen van Meeuwen vanmeeuwen at kolabsys.com
Thu Dec 20 16:41:10 CET 2012


 bin/kolab_smtp_access_policy.py       |    2 +-
 pykolab/setup/setup_ldap.py           |   30 +++++++++++++++++++++---------
 pykolab/setup/setup_mta.py            |   22 +++++++++++++++-------
 pykolab/utils.py                      |   28 +++++++++++++++++++++++-----
 tests/unit/test-009-parse_ldap_uri.py |   17 +++++++++++++++++
 5 files changed, 77 insertions(+), 22 deletions(-)

New commits:
commit 95fee1f9e7fb1d8ea53857809c18bda66923dc4e
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Thu Dec 20 16:35:41 2012 +0100

    Find a Kolab LDAP schema extensions file starting with kolab and ending with '.ldif' so that it does not actually matter whether kolab2.ldif or kolab3.ldif is installed. (#1487)
    Log an error if the schema file for LDAP schema extensions for Kolab cannot be found, or cannot be copied. (#1487)
    Append the ACI for kolab extensions only when the schema is actually successfully inserted. (#1487)

diff --git a/pykolab/setup/setup_ldap.py b/pykolab/setup/setup_ldap.py
index cb8d776..2c5124f 100644
--- a/pykolab/setup/setup_ldap.py
+++ b/pykolab/setup/setup_ldap.py
@@ -289,18 +289,25 @@ ServerAdminPwd = %(admin_pass)s
     schema_file = None
     for root, directories, filenames in os.walk('/usr/share/doc/'):
         for filename in filenames:
-            if filename == 'kolab2.ldif':
+            if filename.startswith('kolab') and filename.endswith('.ldif') and not schema_file == None:
                 schema_file = os.path.join(root,filename)
 
     if not schema_file == None:
-        shutil.copy(
-                schema_file,
-                '/etc/dirsrv/slapd-%s/schema/99kolab2.ldif' % (
-                        _input['hostname']
-                    )
-            )
+        try:
+            shutil.copy(
+                    schema_file,
+                    '/etc/dirsrv/slapd-%s/schema/99%s' % (
+                            _input['hostname'],
+                            os.path.basename(schema_file)
+                        )
+                )
+            schema_error = False
+        except:
+            log.error(_("Could not copy the LDAP extensions for Kolab"))
+            schema_error = True
     else:
-        log.warning(_("Could not find the ldap Kolab schema file"))
+        log.error(_("Could not find the ldap Kolab schema file"))
+        schema_error = True
 
     if os.path.isfile('/bin/systemctl'):
         subprocess.call(['/bin/systemctl', 'restart', 'dirsrv.target'])
@@ -544,7 +551,12 @@ ServerAdminPwd = %(admin_pass)s
     log.info(_("Setting access control to %s") % (_input['rootdn']))
     dn = _input['rootdn']
     aci = []
-    aci.append('(targetattr = "homePhone || preferredDeliveryMethod || jpegPhoto || postalAddress || carLicense || userPassword || mobile || kolabAllowSMTPRecipient || displayName || kolabDelegate || description || labeledURI || homePostalAddress || postOfficeBox || registeredAddress || postalCode || photo || title || street || kolabInvitationPolicy || pager || o || l || initials || kolabAllowSMTPSender || telephoneNumber || preferredLanguage || facsimileTelephoneNumber") (version 3.0;acl "Enable self write for common attributes";allow (read,compare,search,write)(userdn = "ldap:///self");)')
+
+    if not schema_error:
+        aci.append('(targetattr = "homePhone || preferredDeliveryMethod || jpegPhoto || postalAddress || carLicense || userPassword || mobile || displayName || description || labeledURI || homePostalAddress || postOfficeBox || registeredAddress || postalCode || photo || title || street || pager || o || l || initials || telephoneNumber || preferredLanguage || facsimileTelephoneNumber") (version 3.0;acl "Enable self write for common attributes";allow (read,compare,search,write)(userdn = "ldap:///self");)')
+    else:
+        aci.append('(targetattr = "homePhone || preferredDeliveryMethod || jpegPhoto || postalAddress || carLicense || userPassword || mobile || kolabAllowSMTPRecipient || displayName || kolabDelegate || description || labeledURI || homePostalAddress || postOfficeBox || registeredAddress || postalCode || photo || title || street || kolabInvitationPolicy || pager || o || l || initials || kolabAllowSMTPSender || telephoneNumber || preferredLanguage || facsimileTelephoneNumber") (version 3.0;acl "Enable self write for common attributes";allow (read,compare,search,write)(userdn = "ldap:///self");)')
+
     aci.append('(targetattr = "*") (version 3.0;acl "Directory Administrators Group";allow (all)(groupdn = "ldap:///cn=Directory Administrators,%(rootdn)s" or roledn = "ldap:///cn=kolab-admin,%(rootdn)s");)' % (_input))
     aci.append('(targetattr="*")(version 3.0; acl "Configuration Administrators Group"; allow (all) groupdn="ldap:///cn=Configuration Administrators,ou=Groups,ou=TopologyManagement,o=NetscapeRoot";)')
     aci.append('(targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (all) userdn="ldap:///uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot";)')


commit 4c618bed1dcc99f86251d9cf0f2641a506ded714
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Wed Dec 19 14:47:16 2012 +0100

    Use the ldap server configured in /etc/kolab/kolab.conf (#1475)

diff --git a/pykolab/setup/setup_mta.py b/pykolab/setup/setup_mta.py
index c02b024..35df4fb 100644
--- a/pykolab/setup/setup_mta.py
+++ b/pykolab/setup/setup_mta.py
@@ -52,9 +52,11 @@ def execute(*args, **kw):
 
     resource_filter = conf.get('ldap', 'resource_filter')
 
+    server_host = utils.parse_ldap_uri(conf.get('ldap', 'ldap_uri'))[1]
+
     files = {
             "/etc/postfix/ldap/local_recipient_maps.cf": """
-server_host = localhost
+server_host = %(server_host)s
 server_port = 389
 version = 3
 search_base = %(base_dn)s
@@ -69,6 +71,7 @@ query_filter = (&(|(mail=%%s)(alias=%%s))(|%(kolab_user_filter)s%(kolab_group_fi
 result_attribute = mail
 """ % {
                         "base_dn": conf.get('ldap', 'base_dn'),
+                        "server_host": server_host,
                         "service_bind_dn": conf.get('ldap', 'service_bind_dn'),
                         "service_bind_pw": conf.get('ldap', 'service_bind_pw'),
                         "kolab_user_filter": user_filter,
@@ -76,7 +79,7 @@ result_attribute = mail
                         "resource_filter": resource_filter,
                     },
             "/etc/postfix/ldap/mydestination.cf": """
-server_host = localhost
+server_host = %(server_host)s
 server_port = 389
 version = 3
 search_base = %(domain_base_dn)s
@@ -88,6 +91,7 @@ bind_pw = %(service_bind_pw)s
 query_filter = %(domain_filter)s
 result_attribute = %(domain_name_attribute)s
 """ % {
+                        "server_host": server_host,
                         "domain_base_dn": conf.get('ldap', 'domain_base_dn'),
                         "domain_filter": conf.get('ldap', 'domain_filter').replace('*', '%s'),
                         "domain_name_attribute": conf.get('ldap', 'domain_name_attribute'),
@@ -95,7 +99,7 @@ result_attribute = %(domain_name_attribute)s
                         "service_bind_pw": conf.get('ldap', 'service_bind_pw'),
                     },
             "/etc/postfix/ldap/mailenabled_distgroups.cf": """
-server_host = localhost
+server_host = %(server_host)s
 server_port = 389
 version = 3
 search_base = %(group_base_dn)s
@@ -114,12 +118,13 @@ special_result_attribute = uniqueMember
 result_attribute =
 leaf_result_attribute = mail
 """ % {
+                        "server_host": server_host,
                         "group_base_dn": conf.get('ldap', 'group_base_dn'),
                         "service_bind_dn": conf.get('ldap', 'service_bind_dn'),
                         "service_bind_pw": conf.get('ldap', 'service_bind_pw'),
                     },
             "/etc/postfix/ldap/mailenabled_dynamic_distgroups.cf": """
-server_host = localhost
+server_host = %(server_host)s
 server_port = 389
 version = 3
 search_base = %(group_base_dn)s
@@ -138,12 +143,13 @@ special_result_attribute = memberURL
 result_attribute =
 leaf_result_attribute = mail
 """ % {
+                        "server_host": server_host,
                         "group_base_dn": conf.get('ldap', 'group_base_dn'),
                         "service_bind_dn": conf.get('ldap', 'service_bind_dn'),
                         "service_bind_pw": conf.get('ldap', 'service_bind_pw'),
                     },
             "/etc/postfix/ldap/transport_maps.cf": """
-server_host = localhost
+server_host = %(server_host)s
 server_port = 389
 version = 3
 search_base = %(base_dn)s
@@ -159,11 +165,12 @@ result_attribute = mail
 result_format = lmtp:unix:/var/lib/imap/socket/lmtp
 """ % {
                         "base_dn": conf.get('ldap', 'base_dn'),
+                        "server_host": server_host,
                         "service_bind_dn": conf.get('ldap', 'service_bind_dn'),
                         "service_bind_pw": conf.get('ldap', 'service_bind_pw'),
                     },
             "/etc/postfix/ldap/virtual_alias_maps.cf": """
-server_host = localhost
+server_host = %(server_host)s
 server_port = 389
 version = 3
 search_base = %(base_dn)s
@@ -178,6 +185,7 @@ query_filter = (&(|(mail=%%s)(alias=%%s))(objectclass=kolabinetorgperson))
 result_attribute = mail
 """ % {
                         "base_dn": conf.get('ldap', 'base_dn'),
+                        "server_host": server_host,
                         "service_bind_dn": conf.get('ldap', 'service_bind_dn'),
                         "service_bind_pw": conf.get('ldap', 'service_bind_pw'),
                     },
@@ -280,7 +288,7 @@ result_attribute = mail
         fp.close()
 
     amavisd_settings = {
-            'ldap_server': 'localhost',
+            'ldap_server': '%(server_host)s',
             'ldap_bind_dn': conf.get('ldap', 'service_bind_dn'),
             'ldap_bind_pw': conf.get('ldap', 'service_bind_pw'),
             'primary_domain': conf.get('kolab', 'primary_domain'),


commit 2633cccdd1dfd02205e9d81858d5fcdf571a3179
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Wed Dec 19 14:45:26 2012 +0100

    Adjust utils.parse_ldap_uri()

diff --git a/bin/kolab_smtp_access_policy.py b/bin/kolab_smtp_access_policy.py
index 52ce566..151cc4c 100755
--- a/bin/kolab_smtp_access_policy.py
+++ b/bin/kolab_smtp_access_policy.py
@@ -269,7 +269,7 @@ class PolicyRequest(object):
         if parsed_uri == None:
             return None
 
-        (_protocol, _server, _base_dn, _attrs, _scope, _filter) = \
+        (_protocol, _server, _port, _base_dn, _attrs, _scope, _filter) = \
                 parsed_uri
 
         if len(_attrs) == 0:
diff --git a/pykolab/utils.py b/pykolab/utils.py
index 4fca016..dc2b088 100644
--- a/pykolab/utils.py
+++ b/pykolab/utils.py
@@ -333,11 +333,29 @@ def parse_ldap_uri(uri):
         or None on failure
     """
 
+    _protocol = uri.split(':')[0]
+
     try:
-        _protocol = uri.split(':')[0]
-        _ldap_uri, _attr, _scope, _filter = uri.split('?')
-        _server = _ldap_uri.split('//')[1].split('/')[0]
-        _base_dn = _ldap_uri.split('//')[1].split('/')[1]
+        try:
+            _ldap_uri, _attr, _scope, _filter = uri.split('?')
+            _server = _ldap_uri.split('//')[1].split('/')[0]
+            _base_dn = _ldap_uri.split('//')[1].split('/')[1]
+
+        except:
+            _server = uri.split('//')[1].split('/')[0]
+            _attr = None
+            _scope = None
+            _filter = None
+            _base_dn = None
+
+        if len(_server.split(':')) > 1:
+            _port = _server.split(':')[1]
+            _server = _server.split(':')[0]
+        else:
+            if _protocol == 'ldaps':
+                _port = "636"
+            else:
+                _port = "389"
 
         if _server == '':
             _server = None
@@ -352,7 +370,7 @@ def parse_ldap_uri(uri):
         if _filter == '':
             _filter = "(objectclass=*)"
 
-        return (_protocol, _server, _base_dn, _attr, _scope, _filter)
+        return (_protocol, _server, _port, _base_dn, _attr, _scope, _filter)
 
     except:
         return None
diff --git a/tests/unit/test-009-parse_ldap_uri.py b/tests/unit/test-009-parse_ldap_uri.py
new file mode 100644
index 0000000..d020f8d
--- /dev/null
+++ b/tests/unit/test-009-parse_ldap_uri.py
@@ -0,0 +1,17 @@
+import unittest
+
+from pykolab import utils
+
+class TestParseLdapUri(unittest.TestCase):
+
+    def test_001_ldap_uri(self):
+        ldap_uri = "ldap://localhost"
+        result = utils.parse_ldap_uri(ldap_uri)
+        self.assertEqual(result, ("ldap", "localhost", "389", None, None, None, None))
+
+    def test_002_ldap_uri_port(self):
+        ldap_uri = "ldap://localhost:389"
+        result = utils.parse_ldap_uri(ldap_uri)
+        self.assertEqual(result, ("ldap", "localhost", "389", None, None, None, None))
+
+





More information about the commits mailing list