Branch 'pykolab-0.5' - 3 commits - bin/kolab_smtp_access_policy.py pykolab/setup pykolab/utils.py tests/unit
Jeroen van Meeuwen
vanmeeuwen at kolabsys.com
Thu Dec 20 16:41:11 CET 2012
bin/kolab_smtp_access_policy.py | 2 +-
pykolab/setup/setup_ldap.py | 30 +++++++++++++++++++++---------
pykolab/setup/setup_mta.py | 22 +++++++++++++++-------
pykolab/utils.py | 28 +++++++++++++++++++++++-----
tests/unit/test-009-parse_ldap_uri.py | 17 +++++++++++++++++
5 files changed, 77 insertions(+), 22 deletions(-)
New commits:
commit cc35e6e43844dd5d95ae7ab9c458ae78d57cf2fb
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Thu Dec 20 16:35:41 2012 +0100
Find a Kolab LDAP schema extensions file starting with kolab and ending with '.ldif' so that it does not actually matter whether kolab2.ldif or kolab3.ldif is installed. (#1487)
Log an error if the schema file for LDAP schema extensions for Kolab cannot be found, or cannot be copied. (#1487)
Append the ACI for kolab extensions only when the schema is actually successfully inserted. (#1487)
diff --git a/pykolab/setup/setup_ldap.py b/pykolab/setup/setup_ldap.py
index 23aaf6c..f699e4c 100644
--- a/pykolab/setup/setup_ldap.py
+++ b/pykolab/setup/setup_ldap.py
@@ -286,18 +286,25 @@ ServerAdminPwd = %(admin_pass)s
schema_file = None
for root, directories, filenames in os.walk('/usr/share/doc/'):
for filename in filenames:
- if filename == 'kolab2.ldif':
+ if filename.startswith('kolab') and filename.endswith('.ldif') and not schema_file == None:
schema_file = os.path.join(root,filename)
if not schema_file == None:
- shutil.copy(
- schema_file,
- '/etc/dirsrv/slapd-%s/schema/99kolab2.ldif' % (
- _input['hostname']
- )
- )
+ try:
+ shutil.copy(
+ schema_file,
+ '/etc/dirsrv/slapd-%s/schema/99%s' % (
+ _input['hostname'],
+ os.path.basename(schema_file)
+ )
+ )
+ schema_error = False
+ except:
+ log.error(_("Could not copy the LDAP extensions for Kolab"))
+ schema_error = True
else:
- log.warning(_("Could not find the ldap Kolab schema file"))
+ log.error(_("Could not find the ldap Kolab schema file"))
+ schema_error = True
if os.path.isfile('/bin/systemctl'):
subprocess.call(['/bin/systemctl', 'restart', 'dirsrv.target'])
@@ -536,7 +543,12 @@ ServerAdminPwd = %(admin_pass)s
log.info(_("Setting access control to %s") % (_input['rootdn']))
dn = _input['rootdn']
aci = []
- aci.append('(targetattr = "homePhone || preferredDeliveryMethod || jpegPhoto || postalAddress || carLicense || userPassword || mobile || kolabAllowSMTPRecipient || displayName || kolabDelegate || description || labeledURI || homePostalAddress || postOfficeBox || registeredAddress || postalCode || photo || title || street || kolabInvitationPolicy || pager || o || l || initials || kolabAllowSMTPSender || telephoneNumber || preferredLanguage || facsimileTelephoneNumber") (version 3.0;acl "Enable self write for common attributes";allow (read,compare,search,write)(userdn = "ldap:///self");)')
+
+ if not schema_error:
+ aci.append('(targetattr = "homePhone || preferredDeliveryMethod || jpegPhoto || postalAddress || carLicense || userPassword || mobile || displayName || description || labeledURI || homePostalAddress || postOfficeBox || registeredAddress || postalCode || photo || title || street || pager || o || l || initials || telephoneNumber || preferredLanguage || facsimileTelephoneNumber") (version 3.0;acl "Enable self write for common attributes";allow (read,compare,search,write)(userdn = "ldap:///self");)')
+ else:
+ aci.append('(targetattr = "homePhone || preferredDeliveryMethod || jpegPhoto || postalAddress || carLicense || userPassword || mobile || kolabAllowSMTPRecipient || displayName || kolabDelegate || description || labeledURI || homePostalAddress || postOfficeBox || registeredAddress || postalCode || photo || title || street || kolabInvitationPolicy || pager || o || l || initials || kolabAllowSMTPSender || telephoneNumber || preferredLanguage || facsimileTelephoneNumber") (version 3.0;acl "Enable self write for common attributes";allow (read,compare,search,write)(userdn = "ldap:///self");)')
+
aci.append('(targetattr = "*") (version 3.0;acl "Directory Administrators Group";allow (all)(groupdn = "ldap:///cn=Directory Administrators,%(rootdn)s" or roledn = "ldap:///cn=kolab-admin,%(rootdn)s");)' % (_input))
aci.append('(targetattr="*")(version 3.0; acl "Configuration Administrators Group"; allow (all) groupdn="ldap:///cn=Configuration Administrators,ou=Groups,ou=TopologyManagement,o=NetscapeRoot";)')
aci.append('(targetattr="*")(version 3.0; acl "Configuration Administrator"; allow (all) userdn="ldap:///uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot";)')
commit 8bfceded5c9d758fb590b7ebe218a19eaa192769
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Wed Dec 19 14:47:16 2012 +0100
Use the ldap server configured in /etc/kolab/kolab.conf (#1475)
diff --git a/pykolab/setup/setup_mta.py b/pykolab/setup/setup_mta.py
index 08a31cd..99851b7 100644
--- a/pykolab/setup/setup_mta.py
+++ b/pykolab/setup/setup_mta.py
@@ -52,9 +52,11 @@ def execute(*args, **kw):
resource_filter = conf.get('ldap', 'resource_filter')
+ server_host = utils.parse_ldap_uri(conf.get('ldap', 'ldap_uri'))[1]
+
files = {
"/etc/postfix/ldap/local_recipient_maps.cf": """
-server_host = localhost
+server_host = %(server_host)s
server_port = 389
version = 3
search_base = %(base_dn)s
@@ -69,6 +71,7 @@ query_filter = (&(|(mail=%%s)(alias=%%s))(|%(kolab_user_filter)s%(kolab_group_fi
result_attribute = mail
""" % {
"base_dn": conf.get('ldap', 'base_dn'),
+ "server_host": server_host,
"service_bind_dn": conf.get('ldap', 'service_bind_dn'),
"service_bind_pw": conf.get('ldap', 'service_bind_pw'),
"kolab_user_filter": user_filter,
@@ -76,7 +79,7 @@ result_attribute = mail
"resource_filter": resource_filter,
},
"/etc/postfix/ldap/mydestination.cf": """
-server_host = localhost
+server_host = %(server_host)s
server_port = 389
version = 3
search_base = %(domain_base_dn)s
@@ -88,6 +91,7 @@ bind_pw = %(service_bind_pw)s
query_filter = %(domain_filter)s
result_attribute = %(domain_name_attribute)s
""" % {
+ "server_host": server_host,
"domain_base_dn": conf.get('ldap', 'domain_base_dn'),
"domain_filter": conf.get('ldap', 'domain_filter').replace('*', '%s'),
"domain_name_attribute": conf.get('ldap', 'domain_name_attribute'),
@@ -95,7 +99,7 @@ result_attribute = %(domain_name_attribute)s
"service_bind_pw": conf.get('ldap', 'service_bind_pw'),
},
"/etc/postfix/ldap/mailenabled_distgroups.cf": """
-server_host = localhost
+server_host = %(server_host)s
server_port = 389
version = 3
search_base = %(group_base_dn)s
@@ -114,12 +118,13 @@ special_result_attribute = uniqueMember
result_attribute =
leaf_result_attribute = mail
""" % {
+ "server_host": server_host,
"group_base_dn": conf.get('ldap', 'group_base_dn'),
"service_bind_dn": conf.get('ldap', 'service_bind_dn'),
"service_bind_pw": conf.get('ldap', 'service_bind_pw'),
},
"/etc/postfix/ldap/mailenabled_dynamic_distgroups.cf": """
-server_host = localhost
+server_host = %(server_host)s
server_port = 389
version = 3
search_base = %(group_base_dn)s
@@ -138,12 +143,13 @@ special_result_attribute = memberURL
result_attribute =
leaf_result_attribute = mail
""" % {
+ "server_host": server_host,
"group_base_dn": conf.get('ldap', 'group_base_dn'),
"service_bind_dn": conf.get('ldap', 'service_bind_dn'),
"service_bind_pw": conf.get('ldap', 'service_bind_pw'),
},
"/etc/postfix/ldap/transport_maps.cf": """
-server_host = localhost
+server_host = %(server_host)s
server_port = 389
version = 3
search_base = %(base_dn)s
@@ -159,11 +165,12 @@ result_attribute = mail
result_format = lmtp:unix:/var/lib/imap/socket/lmtp
""" % {
"base_dn": conf.get('ldap', 'base_dn'),
+ "server_host": server_host,
"service_bind_dn": conf.get('ldap', 'service_bind_dn'),
"service_bind_pw": conf.get('ldap', 'service_bind_pw'),
},
"/etc/postfix/ldap/virtual_alias_maps.cf": """
-server_host = localhost
+server_host = %(server_host)s
server_port = 389
version = 3
search_base = %(base_dn)s
@@ -178,6 +185,7 @@ query_filter = (&(|(mail=%%s)(alias=%%s))(objectclass=kolabinetorgperson))
result_attribute = mail
""" % {
"base_dn": conf.get('ldap', 'base_dn'),
+ "server_host": server_host,
"service_bind_dn": conf.get('ldap', 'service_bind_dn'),
"service_bind_pw": conf.get('ldap', 'service_bind_pw'),
},
@@ -277,7 +285,7 @@ result_attribute = mail
fp.close()
amavisd_settings = {
- 'ldap_server': 'localhost',
+ 'ldap_server': '%(server_host)s',
'ldap_bind_dn': conf.get('ldap', 'service_bind_dn'),
'ldap_bind_pw': conf.get('ldap', 'service_bind_pw'),
'primary_domain': conf.get('kolab', 'primary_domain'),
commit 0d7e29bd4eeeed088cd8abcb78fdc730b949e5bf
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Wed Dec 19 14:45:26 2012 +0100
Adjust utils.parse_ldap_uri()
diff --git a/bin/kolab_smtp_access_policy.py b/bin/kolab_smtp_access_policy.py
index 5a48819..794f3d7 100755
--- a/bin/kolab_smtp_access_policy.py
+++ b/bin/kolab_smtp_access_policy.py
@@ -269,7 +269,7 @@ class PolicyRequest(object):
if parsed_uri == None:
return None
- (_protocol, _server, _base_dn, _attrs, _scope, _filter) = \
+ (_protocol, _server, _port, _base_dn, _attrs, _scope, _filter) = \
parsed_uri
if len(_attrs) == 0:
diff --git a/pykolab/utils.py b/pykolab/utils.py
index 4516297..78cdbf1 100644
--- a/pykolab/utils.py
+++ b/pykolab/utils.py
@@ -333,11 +333,29 @@ def parse_ldap_uri(uri):
or None on failure
"""
+ _protocol = uri.split(':')[0]
+
try:
- _protocol = uri.split(':')[0]
- _ldap_uri, _attr, _scope, _filter = uri.split('?')
- _server = _ldap_uri.split('//')[1].split('/')[0]
- _base_dn = _ldap_uri.split('//')[1].split('/')[1]
+ try:
+ _ldap_uri, _attr, _scope, _filter = uri.split('?')
+ _server = _ldap_uri.split('//')[1].split('/')[0]
+ _base_dn = _ldap_uri.split('//')[1].split('/')[1]
+
+ except:
+ _server = uri.split('//')[1].split('/')[0]
+ _attr = None
+ _scope = None
+ _filter = None
+ _base_dn = None
+
+ if len(_server.split(':')) > 1:
+ _port = _server.split(':')[1]
+ _server = _server.split(':')[0]
+ else:
+ if _protocol == 'ldaps':
+ _port = "636"
+ else:
+ _port = "389"
if _server == '':
_server = None
@@ -352,7 +370,7 @@ def parse_ldap_uri(uri):
if _filter == '':
_filter = "(objectclass=*)"
- return (_protocol, _server, _base_dn, _attr, _scope, _filter)
+ return (_protocol, _server, _port, _base_dn, _attr, _scope, _filter)
except:
return None
diff --git a/tests/unit/test-009-parse_ldap_uri.py b/tests/unit/test-009-parse_ldap_uri.py
new file mode 100644
index 0000000..d020f8d
--- /dev/null
+++ b/tests/unit/test-009-parse_ldap_uri.py
@@ -0,0 +1,17 @@
+import unittest
+
+from pykolab import utils
+
+class TestParseLdapUri(unittest.TestCase):
+
+ def test_001_ldap_uri(self):
+ ldap_uri = "ldap://localhost"
+ result = utils.parse_ldap_uri(ldap_uri)
+ self.assertEqual(result, ("ldap", "localhost", "389", None, None, None, None))
+
+ def test_002_ldap_uri_port(self):
+ ldap_uri = "ldap://localhost:389"
+ result = utils.parse_ldap_uri(ldap_uri)
+ self.assertEqual(result, ("ldap", "localhost", "389", None, None, None, None))
+
+
More information about the commits
mailing list