[sysadmin-bin] Drop redundant code and start making good use of the gnome_ldap_utils class

From: Andrea Veri <av src gnome org>
To: gnome-sysadmin gnome org,commits-list gnome org
Subject: [sysadmin-bin] Drop redundant code and start making good use of the gnome_ldap_utils class
Date: Thu, 12 Oct 2017 16:06:15 +0000 (UTC)
commit 7dcdae944607f1988f350beb3a83afdbe267c7e3
Author: Andrea Veri <averi redhat com>
Date:   Thu Oct 12 18:05:46 2017 +0200

    Drop redundant code and start making good use of the gnome_ldap_utils class

 gnome_ldap_utils.py  |    7 +++--
 reset-my-password.py |   60 ++++++++-----------------------------------------
 2 files changed, 14 insertions(+), 53 deletions(-)
---
diff --git a/gnome_ldap_utils.py b/gnome_ldap_utils.py
index c5baafc..e46c8f7 100755
--- a/gnome_ldap_utils.py
+++ b/gnome_ldap_utils.py
@@ -19,7 +19,6 @@ class Gnome_ldap_utils:
             print >>sys.stderr, e
             sys.exit(1)
 
-
     def get_group_from_ldap(self, group):
         import ldap.filter
 
@@ -39,7 +38,6 @@ class Gnome_ldap_utils:
 
         return members
 
-
     def get_attributes_from_ldap(self, uid, attr):
         import ldap.filter
 
@@ -51,8 +49,11 @@ class Gnome_ldap_utils:
         else:
             return None
 
-
     def get_uids_from_group(self, group):
         people = self.get_group_from_ldap(group)
 
         return people
+
+    def replace_ldap_password(self, userid, password):
+        replace_password = [(ldap.MOD_REPLACE, 'userPassword', password)]
+        l.modify_s('uid=%s,%s' % (self.LDAP_USER_BASE, userid, replace_password)
\ No newline at end of file
diff --git a/reset-my-password.py b/reset-my-password.py
index df37c8f..1459941 100755
--- a/reset-my-password.py
+++ b/reset-my-password.py
@@ -1,54 +1,16 @@
 #!/usr/bin/python
 
-import ldap
-import ldap.filter
 import string
 import smtplib
 import sys
 import os
-import ldap.modlist as modlist
-from email.MIMEText import MIMEText
-
-LDAP_GROUP_BASE='cn=groups,cn=accounts,dc=gnome,dc=org'
-LDAP_USER_BASE='cn=users,cn=accounts,dc=gnome,dc=org'
 
+from email.MIMEText import MIMEText
+from gnome_ldap_utils import *
 
 execfile('/home/admin/secret/freeipa')
 
-try:
-    l = ldap.open('localhost')
-    l.simple_bind("cn=Directory Manager", ldap_password)
-except ldap.LDAPError, e:
-        print >>sys.stderr, e
-        sys.exit(1)
-
-
-def _parse_members_from_group(group):
-
-    filter = ldap.filter.filter_format('(&(objectClass=posixGroup)(cn=%s))', (group, ))
-    results = l.search_s(LDAP_GROUP_BASE, ldap.SCOPE_SUBTREE, filter, ('member', ))
-
-    members = set()
-
-    for _, attr in results:
-        for userid in attr['member']:
-            splitentry = userid.split(',')
-            singleentry = splitentry[0]
-            splitteduid = singleentry.split('=')
-            uid = splitteduid[1]
-
-            members.add(uid)
-
-    return members
-
-def _get_attributes_from_ldap(userid, attr):
-    filter = ldap.filter.filter_format('(uid=%s)', (userid, ))
-    results = l.search_s(LDAP_USER_BASE, ldap.SCOPE_SUBTREE, filter, ('uid', attr, ))
-
-    if len(results) > 0:
-        return results[0][1][attr][0]
-    else:
-        return None
+glu = Gnome_ldap_utils(LDAP_GROUP_BASE, LDAP_HOST, LDAP_USER_BASE, 'cn=Directory Manager', ldap_password)
 
 
 def gen_passwd(length=12, chars=string.letters + string.digits):
@@ -76,10 +38,10 @@ def gen_passwd(length=12, chars=string.letters + string.digits):
 
 
 def check_existing_password(userid):
-    accountsteam =  _parse_members_from_group('accounts')
-    sysadminteam =  _parse_members_from_group('sysadmin')
+    accountsteam =  glu.get_group_from_ldap('accounts')
+    sysadminteam =  glu.get_group_from_ldap('sysadmin')
 
-    if _get_attributes_from_ldap(userid, 'uid') == None:
+    if glu.get_attributes_from_ldap(userid, 'uid') == None:
        print 'The specified UID does not exist, please get in contact with the GNOME Accounts Team to know 
more'
        sys.exit(1)
 
@@ -91,14 +53,12 @@ def check_existing_password(userid):
 
 
 def update_password(userid):
-    getattr_name = _get_attributes_from_ldap(userid, 'cn')
-    getattr_mail = _get_attributes_from_ldap(userid, 'mail')
+    getattr_name = glu.get_attributes_from_ldap(userid, 'cn')
+    getattr_mail = glu.get_attributes_from_ldap(userid, 'mail')
 
     newpassword = {'userPassword': gen_passwd()}
 
-    replace_password = [(ldap.MOD_REPLACE, 'userPassword', newpassword['userPassword'])]
-    l.modify_s('uid=%s,cn=users,cn=accounts,dc=gnome,dc=org' % userid, replace_password)
-
+    glu.replace_ldap_password(userid, newpassword['userPassword'])
 
     send_password_to_user(getattr_name, getattr_mail, newpassword['userPassword'])
 
@@ -129,4 +89,4 @@ the GNOME Accounts Team""" % (name, password)
         print "ERROR: I wasn't able to send the email correctly, please check /var/log/maillog!"
 
 my_userid = os.getenv('SUDO_USER')
-check_existing_password(my_userid)
+check_existing_password(my_userid)
\ No newline at end of file
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]