Skip to content

Commit

Permalink
Add basedn functionality check
Browse files Browse the repository at this point in the history
  • Loading branch information
droideck committed Feb 6, 2024
1 parent 8fe7586 commit e6b8f6f
Show file tree
Hide file tree
Showing 7 changed files with 64 additions and 24 deletions.
22 changes: 12 additions & 10 deletions src/lib389/cli/dsidm
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

# --- BEGIN COPYRIGHT BLOCK ---
# Copyright (C) 2016, William Brown <william at blackhats.net.au>
# Copyright (C) 2023 Red Hat, Inc.
# Copyright (C) 2024 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
Expand All @@ -19,6 +19,7 @@ import argparse
import argcomplete
from lib389.utils import get_instance_list, instance_choices
from lib389._constants import DSRC_HOME
from lib389.cli_idm import _get_basedn_arg
from lib389.cli_idm import account as cli_account
from lib389.cli_idm import initialise as cli_init
from lib389.cli_idm import organizationalunit as cli_ou
Expand Down Expand Up @@ -124,14 +125,6 @@ if __name__ == '__main__':
parser.print_help()
sys.exit(1)

if dsrc_inst['basedn'] is None:
errmsg = "Must provide a basedn!"
if args.json:
sys.stderr.write('{"desc": "%s"}\n' % errmsg)
else:
log.error(errmsg)
sys.exit(1)

if not args.verbose:
signal.signal(signal.SIGINT, signal_handler)

Expand All @@ -142,7 +135,16 @@ if __name__ == '__main__':
result = False
try:
inst = connect_instance(dsrc_inst=dsrc_inst, verbose=args.verbose, args=args)
result = args.func(inst, dsrc_inst['basedn'], log, args)
if dsrc_inst['basedn'] is None:
basedn = _get_basedn_arg(inst, args, log, msg="Enter basedn")
if basedn is None:
errmsg = "Must provide a basedn!"
if args.json:
sys.stderr.write('{"desc": "%s"}\n' % errmsg)
else:
log.error(errmsg)
sys.exit(1)
result = args.func(inst, basedn, log, args)
if args.verbose:
log.info("Command successful.")
except Exception as e:
Expand Down
37 changes: 36 additions & 1 deletion src/lib389/lib389/cli_idm/__init__.py
Original file line number Diff line number Diff line change
@@ -1,15 +1,30 @@
# --- BEGIN COPYRIGHT BLOCK ---
# Copyright (C) 2016, William Brown <william at blackhats.net.au>
# Copyright (C) 2023 Red Hat, Inc.
# Copyright (C) 2024 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
# See LICENSE for details.
# --- END COPYRIGHT BLOCK ---

import sys
import ldap
from getpass import getpass
import json
from lib389._mapped_object import DSLdapObject
from lib389.cli_base import _get_dn_arg
from lib389.idm.user import DEFAULT_BASEDN_RDN as DEFAULT_BASEDN_RDN_USER
from lib389.idm.group import DEFAULT_BASEDN_RDN as DEFAULT_BASEDN_RDN_GROUP
from lib389.idm.posixgroup import DEFAULT_BASEDN_RDN as DEFAULT_BASEDN_RDN_POSIXGROUP
from lib389.idm.services import DEFAULT_BASEDN_RDN as DEFAULT_BASEDN_RDN_SERVICES

# Create a dict where key is module and value is an rpm to search
BASEDN_RDNS = {
'user': DEFAULT_BASEDN_RDN_USER,
'group': DEFAULT_BASEDN_RDN_GROUP,
'posixgroup': DEFAULT_BASEDN_RDN_POSIXGROUP,
'services': DEFAULT_BASEDN_RDN_SERVICES,
}


def _get_arg(args, msg=None):
Expand Down Expand Up @@ -37,6 +52,26 @@ def _get_args(args, kws):
return kwargs


def _get_basedn_arg(inst, args, log, msg=None):
basedn_arg = _get_dn_arg(args.basedn, msg="Enter basedn")

# Get the RDN based on the last part of the module name (lib389.cli_idm.user -> user)
try:
object_rdn = BASEDN_RDNS[args.func.__module__.split('.')[-1]]
# Check if the base DN for our command exists
command_basedn = f'{object_rdn},{basedn_arg}'
if not DSLdapObject(inst, command_basedn).exists():
errmsg = f'The DN f"{command_basedn}" does not exist'
if args.json:
sys.stderr.write('{"desc": "%s"}\n' % errmsg)
else:
log.error(errmsg)
sys.exit(1)
except KeyError:
pass
return basedn_arg


# This is really similar to get_args, but generates from an array
def _get_attributes(args, attrs):
kwargs = {}
Expand Down
4 changes: 1 addition & 3 deletions src/lib389/lib389/cli_idm/account.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# --- BEGIN COPYRIGHT BLOCK ---
# Copyright (C) 2023, Red Hat inc,
# Copyright (C) 2024, Red Hat inc,
# Copyright (C) 2018, William Brown <[email protected]>
# All rights reserved.
#
Expand Down Expand Up @@ -90,7 +90,6 @@ def entry_status(inst, basedn, log, args):


def subtree_status(inst, basedn, log, args):
basedn = _get_dn_arg(args.basedn, msg="Enter basedn to check")
filter = ""
scope = ldap.SCOPE_SUBTREE
epoch_inactive_time = None
Expand Down Expand Up @@ -120,7 +119,6 @@ def subtree_status(inst, basedn, log, args):


def bulk_update(inst, basedn, log, args):
basedn = _get_dn_arg(args.basedn, msg="Enter basedn to search")
search_filter = "(objectclass=*)"
scope = ldap.SCOPE_SUBTREE
scope_str = "sub"
Expand Down
10 changes: 6 additions & 4 deletions src/lib389/lib389/idm/group.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# --- BEGIN COPYRIGHT BLOCK ---
# Copyright (C) 2016, William Brown <william at blackhats.net.au>
# Copyright (C) 2023 Red Hat, Inc.
# Copyright (C) 2024 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
Expand All @@ -16,6 +16,8 @@
'cn',
]
RDN = 'cn'
DEFAULT_BASEDN_RDN = 'ou=Groups'
DEFAULT_BASEDN_RDN_ADMIN_GROUPS = 'ou=People'


class Group(DSLdapObject):
Expand Down Expand Up @@ -93,7 +95,7 @@ class Groups(DSLdapObjects):
:type basedn: str
"""

def __init__(self, instance, basedn, rdn='ou=Groups'):
def __init__(self, instance, basedn, rdn=DEFAULT_BASEDN_RDN):
super(Groups, self).__init__(instance)
self._objectclasses = [
'groupOfNames',
Expand Down Expand Up @@ -140,7 +142,7 @@ def remove_member(self, dn):
class UniqueGroups(DSLdapObjects):
# WARNING!!!
# Use group, not unique group!!!
def __init__(self, instance, basedn, rdn='ou=Groups'):
def __init__(self, instance, basedn, rdn=DEFAULT_BASEDN_RDN):
super(UniqueGroups, self).__init__(instance)
self._objectclasses = [
'groupOfUniqueNames',
Expand Down Expand Up @@ -203,7 +205,7 @@ class nsAdminGroups(DSLdapObjects):
:type rdn: str
"""

def __init__(self, instance, basedn, rdn='ou=People'):
def __init__(self, instance, basedn, rdn=DEFAULT_BASEDN_RDN_ADMIN_GROUPS):
super(nsAdminGroups, self).__init__(instance)
self._objectclasses = [
'nsAdminGroup'
Expand Down
5 changes: 3 additions & 2 deletions src/lib389/lib389/idm/posixgroup.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# --- BEGIN COPYRIGHT BLOCK ---
# Copyright (C) 2016, William Brown <william at blackhats.net.au>
# Copyright (C) 2023 Red Hat, Inc.
# Copyright (C) 2024 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
Expand All @@ -17,6 +17,7 @@
'gidNumber',
]
RDN = 'cn'
DEFAULT_BASEDN_RDN = 'ou=Groups'


class PosixGroup(DSLdapObject):
Expand Down Expand Up @@ -72,7 +73,7 @@ class PosixGroups(DSLdapObjects):
:type basedn: str
"""

def __init__(self, instance, basedn, rdn='ou=Groups'):
def __init__(self, instance, basedn, rdn=DEFAULT_BASEDN_RDN):
super(PosixGroups, self).__init__(instance)
self._objectclasses = [
'groupOfNames',
Expand Down
5 changes: 3 additions & 2 deletions src/lib389/lib389/idm/services.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# --- BEGIN COPYRIGHT BLOCK ---
# Copyright (C) 2016, William Brown <william at blackhats.net.au>
# Copyright (C) 2021 Red Hat, Inc.
# Copyright (C) 2024 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
Expand All @@ -16,6 +16,7 @@
MUST_ATTRIBUTES = [
'cn',
]
DEFAULT_BASEDN_RDN = 'ou=Services'

class ServiceAccount(Account):
"""A single instance of Service entry
Expand Down Expand Up @@ -59,7 +60,7 @@ class ServiceAccounts(DSLdapObjects):
:type basedn: str
"""

def __init__(self, instance, basedn, rdn='ou=Services'):
def __init__(self, instance, basedn, rdn=DEFAULT_BASEDN_RDN):
super(ServiceAccounts, self).__init__(instance)
self._objectclasses = [
'applicationProcess',
Expand Down
5 changes: 3 additions & 2 deletions src/lib389/lib389/idm/user.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# --- BEGIN COPYRIGHT BLOCK ---
# Copyright (C) 2016, William Brown <william at blackhats.net.au>
# Copyright (C) 2023 Red Hat, Inc.
# Copyright (C) 2024 Red Hat, Inc.
# All rights reserved.
#
# License: GPL (version 3 or any later version).
Expand All @@ -23,6 +23,7 @@
'homeDirectory',
]
RDN = 'uid'
DEFAULT_BASEDN_RDN = 'ou=People'

TEST_USER_PROPERTIES = {
'uid': 'testuser',
Expand Down Expand Up @@ -201,7 +202,7 @@ class UserAccounts(DSLdapObjects):
:type rdn: str
"""

def __init__(self, instance, basedn, rdn='ou=People'):
def __init__(self, instance, basedn, rdn=DEFAULT_BASEDN_RDN):
super(UserAccounts, self).__init__(instance)
self._objectclasses = [
'account',
Expand Down

0 comments on commit e6b8f6f

Please sign in to comment.