kleinhenzes60188
/
social_media_platform
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Development of an internal social media platform with personalised dashboards for students
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
2 Branches
Tree: 95b1878141
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '95b1878141'
${ noResults }
social_media_platform/thesisenv/lib/python3.6/site-packages/ldap3/extend/novell/removeMembersFromGroups.py

removeMembersFromGroups.py 7.5KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156 
  1. """

  2. """

  3. 

  4. # Created on 2016.04.17

  5. #

  6. # Author: Giovanni Cannata

  7. #

  8. # Copyright 2016 - 2018 Giovanni Cannata

  9. #

  10. # This file is part of ldap3.

  11. #

  12. # ldap3 is free software: you can redistribute it and/or modify

  13. # it under the terms of the GNU Lesser General Public License as published

  14. # by the Free Software Foundation, either version 3 of the License, or

  15. # (at your option) any later version.

  16. #

  17. # ldap3 is distributed in the hope that it will be useful,

  18. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  19. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  20. # GNU Lesser General Public License for more details.

  21. #

  22. # You should have received a copy of the GNU Lesser General Public License

  23. # along with ldap3 in the COPYING and COPYING.LESSER files.

  24. # If not, see <http://www.gnu.org/licenses/>.

  25. from ...core.exceptions import LDAPInvalidDnError

  26. from ... import SEQUENCE_TYPES, MODIFY_DELETE, BASE, DEREF_NEVER

  27. from ...utils.dn import safe_dn

  28. 

  29. 

  30. def edir_remove_members_from_groups(connection,

  31.                                     members_dn,

  32.                                     groups_dn,

  33.                                     fix,

  34.                                     transaction):

  35.     """

  36.     :param connection: a bound Connection object

  37.     :param members_dn: the list of members to remove from groups

  38.     :param groups_dn: the list of groups where members are to be removed

  39.     :param fix: checks for inconsistences in the users-groups relation and fixes them

  40.     :param transaction: activates an LDAP transaction

  41.     :return: a boolean where True means that the operation was successful and False means an error has happened

  42.     Removes users-groups relations following the eDirectory rules: groups are removed from securityEquals and groupMembership

  43.     attributes in the member object while members are removed from member and equivalentToMe attributes in the group object.

  44.     Raises LDAPInvalidDnError if members or groups are not found in the DIT.

  45. 

  46.     """

  47.     if not isinstance(members_dn, SEQUENCE_TYPES):

  48.         members_dn = [members_dn]

  49. 

  50.     if not isinstance(groups_dn, SEQUENCE_TYPES):

  51.         groups_dn = [groups_dn]

  52. 

  53.     if connection.check_names:  # builds new lists with sanitized dn

  54.         safe_members_dn = []

  55.         safe_groups_dn = []

  56.         for member_dn in members_dn:

  57.             safe_members_dn.append(safe_dn(member_dn))

  58.         for group_dn in groups_dn:

  59.             safe_groups_dn.append(safe_dn(group_dn))

  60. 

  61.         members_dn = safe_members_dn

  62.         groups_dn = safe_groups_dn

  63. 

  64.     transaction_control = None

  65.     error = False

  66. 

  67.     if transaction:

  68.         transaction_control = connection.extend.novell.start_transaction()

  69. 

  70.     if not error:

  71.         for member in members_dn:

  72.             if fix:  # checks for existance of member and for already assigned groups

  73.                 result = connection.search(member, '(objectclass=*)', BASE, dereference_aliases=DEREF_NEVER, attributes=['securityEquals', 'groupMembership'])

  74. 

  75.                 if not connection.strategy.sync:

  76.                     response, result = connection.get_response(result)

  77.                 else:

  78.                     response, result = connection.response, connection.result

  79. 

  80.                 if not result['description'] == 'success':

  81.                     raise LDAPInvalidDnError(member + ' not found')

  82. 

  83.                 existing_security_equals = response[0]['attributes']['securityEquals'] if 'securityEquals' in response[0]['attributes'] else []

  84.                 existing_group_membership = response[0]['attributes']['groupMembership'] if 'groupMembership' in response[0]['attributes'] else []

  85.             else:

  86.                 existing_security_equals = groups_dn

  87.                 existing_group_membership = groups_dn

  88.             existing_security_equals = [element.lower() for element in existing_security_equals]

  89.             existing_group_membership = [element.lower() for element in existing_group_membership]

  90. 

  91.             changes = dict()

  92.             security_equals_to_remove = [element for element in groups_dn if element.lower() in existing_security_equals]

  93.             group_membership_to_remove = [element for element in groups_dn if element.lower() in existing_group_membership]

  94.             if security_equals_to_remove:

  95.                 changes['securityEquals'] = (MODIFY_DELETE, security_equals_to_remove)

  96.             if group_membership_to_remove:

  97.                 changes['groupMembership'] = (MODIFY_DELETE, group_membership_to_remove)

  98.             if changes:

  99.                 result = connection.modify(member, changes, controls=[transaction_control] if transaction else None)

  100.                 if not connection.strategy.sync:

  101.                     _, result = connection.get_response(result)

  102.                 else:

  103.                     result = connection.result

  104.                 if result['description'] != 'success':

  105.                     error = True

  106.                     break

  107. 

  108.     if not error:

  109.         for group in groups_dn:

  110.             if fix:  # checks for existance of group and for already assigned members

  111.                 result = connection.search(group, '(objectclass=*)', BASE, dereference_aliases=DEREF_NEVER, attributes=['member', 'equivalentToMe'])

  112. 

  113.                 if not connection.strategy.sync:

  114.                     response, result = connection.get_response(result)

  115.                 else:

  116.                     response, result = connection.response, connection.result

  117. 

  118.                 if not result['description'] == 'success':

  119.                     raise LDAPInvalidDnError(group + ' not found')

  120. 

  121.                 existing_members = response[0]['attributes']['member'] if 'member' in response[0]['attributes'] else []

  122.                 existing_equivalent_to_me = response[0]['attributes']['equivalentToMe'] if 'equivalentToMe' in response[0]['attributes'] else []

  123.             else:

  124.                 existing_members = members_dn

  125.                 existing_equivalent_to_me = members_dn

  126. 

  127.             existing_members = [element.lower() for element in existing_members]

  128.             existing_equivalent_to_me = [element.lower() for element in existing_equivalent_to_me]

  129. 

  130.             changes = dict()

  131.             member_to_remove = [element for element in members_dn if element.lower() in existing_members]

  132.             equivalent_to_me_to_remove = [element for element in members_dn if element.lower() in existing_equivalent_to_me]

  133.             if member_to_remove:

  134.                 changes['member'] = (MODIFY_DELETE, member_to_remove)

  135.             if equivalent_to_me_to_remove:

  136.                 changes['equivalentToMe'] = (MODIFY_DELETE, equivalent_to_me_to_remove)

  137.             if changes:

  138.                 result = connection.modify(group, changes, controls=[transaction_control] if transaction else None)

  139.                 if not connection.strategy.sync:

  140.                     _, result = connection.get_response(result)

  141.                 else:

  142.                     result = connection.result

  143.                 if result['description'] != 'success':

  144.                     error = True

  145.                     break

  146. 

  147.     if transaction:

  148.         if error:  # aborts transaction in case of error in the modify operations

  149.             result = connection.extend.novell.end_transaction(commit=False, controls=[transaction_control])

  150.         else:

  151.             result = connection.extend.novell.end_transaction(commit=True, controls=[transaction_control])

  152. 

  153.         if result['description'] != 'success':

  154.             error = True

  155. 

  156.     return not error  # return True if no error is raised in the LDAP operations