Ignore:
Timestamp:
07/27/09 18:05:53 (15 years ago)
Author:
nanardon
Message:
  • reuse code from Ldap, Ad is a ldap
Location:
LATMOS-Accounts/lib/LATMOS/Accounts/Bases
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Ad.pm

    r287 r289  
    55use warnings; 
    66 
    7 use base qw(LATMOS::Accounts::Bases); 
     7use base qw(LATMOS::Accounts::Bases::Ldap); 
    88use Net::LDAP; 
    99use Net::LDAP::Entry; 
     
    8585} 
    8686 
    87 sub param { 
    88     my ($self, $var) = @_; 
    89     return $self->{_param}{$var} 
    90 } 
    91  
    92 sub object_base_dn { 
    93     my ($self, $otype) = @_; 
    94     return join(',', 
    95         ($self->param($otype . '_container') || 'cn=Users'), 
    96         $self->top_dn, 
    97     ); 
    98 } 
    99  
    10087sub load { 
    10188    my ($self) = @_; 
     
    137124} 
    138125 
    139 sub _ldap_url { 
    140     my ($self, $host, $port) = @_; 
    141  
    142     sprintf( 
    143         '%s://%s%s/', 
    144         $self->{_ssl} ? 'ldaps' : 'ldap', 
    145         $host, 
    146         $port ? ":$port" : '', 
    147     ) 
    148 } 
    149  
    150126sub _query_zone_ads { 
    151127    my ($self) = @_; 
     
    154130 
    155131    my $resolver = Net::DNS::Resolver->new; 
    156     my $query = $resolver->query("_ldap._tcp.dc._msdcs." . $self->ad_domain, "SRV"); 
     132    my $query = $resolver->query("_ldap._tcp.dc._msdcs." . $self->ad_domain, 
     133        "SRV") or return; 
    157134    foreach my $rr ( 
    158135        sort { $a->priority <=> $b->priority || $a->weight <=> $b->weight } 
     
    162139 
    163140    @urllist 
    164 } 
    165  
    166 sub ldap { 
    167     return $_[0]->{_ldap}; 
    168 } 
    169  
    170 =head2 top_dn 
    171  
    172 Return the TOP DN of the AD zone. 
    173  
    174 =cut 
    175  
    176 sub top_dn { 
    177     return $_[0]->{_top_dn} 
    178141} 
    179142 
     
    186149sub ad_domain { 
    187150    return $_[0]->{_ad_domain} 
    188 } 
    189  
    190 # _unlimited_search 
    191  
    192 # By default, ldap servers limit results to avoid deni of services. 
    193 # LDAP protocol provide a paging feature to fetch all results. 
    194  
    195 #This function works like Net::LDAP::search functions, but return nothing, 
    196 #use "callback" option to get entries. 
    197  
    198 sub _unlimited_search { 
    199     my $self = shift; 
    200     my @args = @_; 
    201  
    202     my ($page, $cookie) = (Net::LDAP::Control::Paged->new( size => 100 )); 
    203  
    204     while (1) { 
    205         my $search = $self->ldap->search( 
    206             @args, 
    207             control => [ $page ], 
    208         ); 
    209         if ($search->code) { 
    210             return $search; 
    211         } 
    212  
    213         ### After foreach loops ends, client checks LDAP server reponse of how many search results total. 
    214         ### This is a control to end the infinite while loop if there are no search results to go through  
    215         ### If there are search results, this control will always return the total number of results. It is 
    216         ### never decremented 
    217         my ($resp) = $search->control( LDAP_CONTROL_PAGED ) or last; 
    218  
    219  
    220         ### Obtaining the cookie from the search result. When no more results, cookie will be NULL 
    221         ### and infinite while loop will terminate. 
    222         $cookie = $resp->cookie or last; 
    223  
    224         ### Sets cookie so server knows the next search result to send  
    225         $page->cookie($cookie); 
    226     } 
    227     ### This is a control to check for abnormal exit of the while loop. 
    228     ### If this occurs ### we need to tell the LDAP server that remaining 
    229     ### search results are no longer needed ### by sending a search request with a page size of 0 
    230     if ($cookie)    { 
    231         $page->cookie($cookie); 
    232         $page->size(0); 
    233         $self->ldap->search(@args, control => [ $page ]); 
    234     } 
    235     return 1; 
    236 } 
    237  
    238 # _get_object_from_dn($dn) 
    239 # 
    240 # Return Net::LDAP::Entry for $dn 
    241  
    242 sub _get_object_from_dn { 
    243     my ($self, $dn) = @_; 
    244  
    245     my $mesg = $self->ldap->search( 
    246         base => $dn, 
    247         scope => 'base', 
    248         filter => '(objectClass=*)', 
    249     ); 
    250     if ($mesg->code) { 
    251         $self->log(LA_ERR, "Cannot get object: %s", $mesg->error); 
    252         return; 
    253     } 
    254  
    255     return ($mesg->entries)[0]; 
    256151} 
    257152 

  • LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Ad/objects.pm

    r279 r289  
    55use warnings; 
    66 
    7 use base qw(LATMOS::Accounts::Bases::Objects); 
     7use base qw(LATMOS::Accounts::Bases::Ldap::objects); 
    88use Net::LDAP; 
    99use Net::LDAP::Entry; 
     
    3636=cut 
    3737 
    38 sub list { 
    39     my ($class, $base) = @_; 
    40      
    41     my @uids; 
    42     eval { 
    43     my $xx = $base->_unlimited_search( 
    44         attrs => [ $class->_key_attr ], 
    45         base => $base->object_base_dn($class->type), 
    46         filter => $class->_class_filter, 
    47         callback => sub { 
    48             my ($mesg, $entry) = @_; 
    49             #$mesg->code and die $mesg->error; 
    50             $entry or return; 
    51             ref $entry eq 'Net::LDAP::Entry' or return; 
    52             push(@uids, $entry->get_value( $class->_key_attr )); 
    53         }, 
    54     ); 
    55     }; 
    56  
    57     return @uids; 
    58  
    59 } 
    60  
    61 sub _get_field_name { 
    62     my ($self, $field, $base, $for) = @_; 
    63  
    64     my %fields = map { $_ => 1 } $self->_canonical_fields($base, $for); 
    65  
    66     return $fields{$field} ? $field : undef; 
    67 } 
    68  
    69 sub new { 
    70     my ($class, $base, $uid) = @_; 
    71      
    72     my $mesg = $base->ldap->search( 
    73         filter => sprintf( 
    74             '(&%s (%s=%s))', 
    75             $class->_class_filter, 
    76             $class->_key_attr, 
    77             escape_filter_value($uid), 
    78         ), 
    79         base => $base->object_base_dn($class->type), 
    80     ); 
    81  
    82     $mesg->code and return; 
    83  
    84     my ($entry, @others) = $mesg->entries; 
    85  
    86     return if(@others); # we cannot have multiple entries... 
    87     return if (!$entry); 
    88     bless({ entry => $entry, _base => $base, _id => $uid }, $class); 
    89 } 
    90  
    91 sub _delete { 
    92     my ($class, $base, $uid) = @_; 
    93     my $obj = $class->new($base, $uid) or return; 
    94  
    95     my $mesg = $base->ldap->delete($obj->{entry}->dn); 
    96  
    97     if ($mesg->code) { 
    98         $base->log(LA_ERR, "Cannot delete object %s: %s", $uid, $mesg->error); 
    99         return; 
    100     } else { 
    101         $base->log(LA_INFO, "Object (%s) %s delete", $class->type, $uid); 
    102         return 1 
    103     } 
    104 } 
    105  
    106 sub ldap { 
    107     return $_[0]->base->{_ldap}; 
    108 } 
    109  
    110 sub get_field { 
    111     my ($self, $field) = @_; 
    112  
    113     $field eq 'dn' and return $self->{entry}->dn; 
    114     my ($first, @others) = $self->{entry}->get_value($field); 
    115     return @others ? [ sort($first, @others) ] : $first; 
    116 } 
    117  
    118 sub _populate_entry { 
    119     my ($self, $entry, $field, $value) = @_; 
    120     my $val = $entry->get_value($field); 
    121     my $tr =  join(', ', map { $_ || '' } ($field, $val, $value)); 
    122     if ($value) { 
    123         if ((!$val) || $val ne $value) { 
    124             $entry->replace($field, $value); 
    125         } 
    126     } elsif($val) { 
    127         $entry->delete($field); 
    128     } 
    129 } 
    130  
    131 sub set_fields { 
    132     my ($self, %fields) = @_; 
    133  
    134     foreach (keys %fields) { 
    135         $self->get_field_name($_, 'w') or next; 
    136         $self->_populate_entry($self->{entry}, $_, $fields{$_}); 
    137     } 
    138      
    139     my $mesg = $self->{entry}->update($self->base->ldap); 
    140  
    141     if ($mesg->code && $mesg->code != 82) { 
    142         $self->base(LA_ERR, "Cannot set attribute: %s", $mesg->error); 
    143         return; 
    144     } else { return 1 } 
    145 } 
    146  
    147381; 
    14839 
Note: See TracChangeset for help on using the changeset viewer.