univention.management.console.modules.udm package#
- class univention.management.console.modules.udm.ObjectPropertySanitizer(**kwargs)[source]#
Bases:
StringSanitizerA LDAP attribute name. must at least be 1 character long.
This sanitizer prevents LDAP search filter injections in the attribute name.
TODO: in theory we should only allow existing attributes for the request object(/object type)
- class univention.management.console.modules.udm.PropertySearchSanitizer(**kwargs)[source]#
Bases:
SearchSanitizer
- class univention.management.console.modules.udm.UDMModuleMeta(name, bases, attrs)[source]#
Bases:
type
- class univention.management.console.modules.udm.Instance(*args, **kwargs)[source]#
Bases:
Base,ProgressMixin- error_handling(etype, exc, etraceback)[source]#
Translate generic UDM exceptions back to LDAP exceptions.
- Parameters:
etype – The exception class.
exc – The exception instance.
etraceback – The exception traceback instance; may be None.
- add(request)[source]#
Creates LDAP objects.
requests.options = [ { ‘options’ : {}, ‘object’ : {} }, … ]
return: [ { ‘$dn$’ : <LDAP DN>, ‘success’ : (True|False), ‘details’ : <message> }, … ]
- put(request)[source]#
Modifies the given list of LDAP objects.
requests.options = [ { ‘options’ : {}, ‘object’ : {} }, … ]
return: [ { ‘$dn$’ : <LDAP DN>, ‘success’ : (True|False), ‘details’ : <message> }, … ]
- remove(request, *args, **kwargs)[source]#
Removes the given list of LDAP objects.
requests.options = [ { ‘object’ : <LDAP DN>, ‘options’ { ‘cleanup’ : (True|False), ‘recursive’ : (True|False) } }, … ]
return: [ { ‘$dn$’ : <LDAP DN>, ‘success’ : (True|False), ‘details’ : <message> }, … ]
- get(request, *args, **kwargs)[source]#
Retrieves the given list of LDAP objects. Password property will be removed.
requests.options = [ <LDAP DN>, … ]
return: [ { ‘$dn$’ : <LDAP DN>, <object properties> }, … ]
- query(request)[source]#
Searches for LDAP objects and returns a few properties of the found objects
- requests.options = {}
‘objectType’ – the object type to search for (default: if not given the flavor is used) ‘objectProperty’ – the object property that should be scanned ‘objectPropertyValue’ – the filter that should be found in the property ‘fields’ – the properties which should be returned ‘container’ – the base container where the search should be started (default: LDAP base) ‘superordinate’ – the superordinate object for the search (default: None) ‘scope’ – the search scope (default: sub)
return: [ { ‘$dn$’ : <LDAP DN>, ‘objectType’ : <UDM module name>, ‘path’ : <location of object> }, … ]
- reports_create(request)[source]#
Creates a report for the given LDAP DNs and returns the URL to access the file
- values(request)[source]#
Returns the default search pattern/value for the given object property
- requests.options = {}
‘objectProperty’ – the object property that should be scanned
return: <value>
- network(request)[source]#
Returns the next IP configuration based on the given network object
- requests.options = {}
‘networkDN’ – the LDAP DN of the network object ‘increaseCounter’ – if given and set to True, network object counter for IP addresses is increased
return: {}
- types(request)[source]#
Returns the list of object types matching the given flavor or container.
- requests.options = {}
‘superordinate’ – if available only types for the given superordinate are returned (not for the navigation) ‘container’ – if available only types suitable for the given container are returned (only for the navigation)
return: [ { ‘id’ : <LDAP DN of container or None>, ‘label’ : <name> }, … ]
- validate(request, *args, **kwargs)[source]#
Validates the correctness of values for properties of the given object type. Therefore the syntax definition of the properties is used.
- requests.options = {}
‘objectType’ – The UDM module name. If not available the flavor is used
return: [ { ‘property’ : <name>, ‘valid’ : (True|False), ‘details’ : <message> }, … ]
- syntax_choices_key(request)[source]#
If size limit is reached search only for the current value (so that the selected value is valid).
Bug #26556: git:ce2b2842b7c6728047c4d4e1cd2d7d399c401e4a
- syntax_choices_info(request)[source]#
Fetch meta information about syntax choices. By doing a search query the number of results is returned. Check if the size limit would be reached. If reached, ComboBoxes add a entry with a search bar. Only used by UDM_Objects (and UDM_Attributes).
- syntax_choices(request)[source]#
Dynamically determine valid values for a given syntax class
- requests.options = {}
‘syntax’ – The UDM syntax class
return: [ { ‘id’ : <name>, ‘label’ : <text> }, … ]
Returns a list of LDAP containers located under the given LDAP base (option ‘container’). If no base container is specified the LDAP base object is returned.
Returns a list of objects in a LDAP container (scope: one)
- requests.options = {}
‘container’ – the base container where the search should be started (default: LDAP base) ‘objectType’ – the object type that should be displayed (optional) ‘objectProperty’ – the object property that should be scanned (optional) ‘objectPropertyValue’ – the filter that should b found in the property (optional)
return: [ { ‘$dn$’ : <LDAP DN>, ‘objectType’ : <UDM module name>, ‘path’ : <location of object> }, … ]
- object_policies(request)[source]#
Returns a virtual policy object containing the values that the given object or container inherits
Submodules#
univention.management.console.modules.udm.syntax module#
module: manages UDM modules
univention.management.console.modules.udm.tools module#
- class univention.management.console.modules.udm.tools.LicenseImport(input_file, ignored_attr_types=None, max_entries=0, process_url_schemes=None, line_sep='\n')[source]#
Bases:
LDIFParserImport license from LDIF.
Parameters: input_file
File-object to read the LDIF input from
- ignored_attr_types
Attributes with these attribute type names will be ignored.
- max_entries
If non-zero specifies the maximum number of entries to be read from f.
- process_url_schemes
List containing strings with URLs schemes to process with urllib. An empty list turns off all URL processing and the attribute is ignored completely.
- line_sep
String used as line separator
- dn = None#
- mod_list = []#
- dncount = 0#
- base = None#
- entry = None#
univention.management.console.modules.udm.udm_ldap module#
- univention.management.console.modules.udm.udm_ldap.LDAP_Connection(func)[source]#
Get a cached ldap connection bound to the user connection.
Deprecated since version UCS: 4.4 This must not be used in udm_ldap.py. Use something explicit like self.get_ldap_connection() instead.
- exception univention.management.console.modules.udm.udm_ldap.UMCError(**kwargs)[source]#
Bases:
UMC_Error
- class univention.management.console.modules.udm.udm_ldap.AppAttributes[source]#
Bases:
object- FNAME = '/var/lib/univention-appcenter/attributes/mapping.json'#
- exception univention.management.console.modules.udm.udm_ldap.UserWithoutDN(username)[source]#
Bases:
UMCError
- exception univention.management.console.modules.udm.udm_ldap.LDAP_AuthenticationFailed[source]#
Bases:
UMCError
- exception univention.management.console.modules.udm.udm_ldap.ObjectDoesNotExist(ldap_dn)[source]#
Bases:
UMCError
- exception univention.management.console.modules.udm.udm_ldap.SuperordinateDoesNotExist(ldap_dn)[source]#
Bases:
ObjectDoesNotExist
- exception univention.management.console.modules.udm.udm_ldap.NoIpLeft(ldap_dn)[source]#
Bases:
UMCError
- exception univention.management.console.modules.udm.udm_ldap.SearchTimeoutError[source]#
Bases:
UMC_Error
- exception univention.management.console.modules.udm.udm_ldap.SearchLimitReached[source]#
Bases:
UMC_Error
- exception univention.management.console.modules.udm.udm_ldap.UDM_Error(exc, dn=None)[source]#
Bases:
Exception
- class univention.management.console.modules.udm.udm_ldap.UDM_ModuleCache[source]#
Bases:
dict- lock = <unlocked _thread.lock object>#
- class univention.management.console.modules.udm.udm_ldap.UDM_Module(module, force_reload=False, ldap_connection=None, ldap_position=None)[source]#
Bases:
objectWraps UDM modules to provide a simple access to the properties and functions
Initializes the object
- load(module=None, template_object=None, force_reload=False)[source]#
Tries to load an UDM module with the given name. Optional a template object is passed to the init function of the module. As the initialisation of a module is expensive the function uses a cache to ensure that each module is just initialized once.
- get_default_values(property_name)[source]#
Depending on the syntax of the given property a default search pattern/value is returned
- search(container=None, attribute=None, value=None, superordinate=None, scope='sub', filter='', simple=False, simple_attrs=None, hidden=True, serverctrls=None, response=None, allow_asterisks=True)[source]#
Searches for LDAP objects based on a search pattern
- get(ldap_dn=None, superordinate=None, attributes=[])[source]#
Retrieves details for a given LDAP object
- property help_link#
- property help_text#
- property name#
Internal name of the UDM module
- property columns#
- property subtitle#
Returns the descriptive name of the UDM module without the part for the module group
- property title#
Descriptive name of the UDM module
- property ldap_base#
Default LDAP base of the UDM module
- property description#
Descriptive text of the UDM module
- property object_name#
- property object_name_plural#
- property identifies#
Property of the UDM module that identifies objects of this type
- property virtual#
- property supports_pagination#
- property childs#
- property child_modules#
List of child modules
- property has_tree#
- property default_search_attrs#
- property password_properties#
All properties with the syntax class passwd or userPasswd
- get_options(object_dn=None, udm_object=None)[source]#
Returns the options of the module. If an LDAP DN or an UDM object instance is given the values of the options are set
- property options#
List of defined options
- property operations#
Allowed operations of the UDM module
- property template#
List of UDM module names of templates
- property superordinate_names#
- property is_policy_multivalue#
- property policies#
Searches in all policy objects for the given object type and returns a list of all matching policy types
- property flavor#
Tries to guess the flavor for a given module
- property mapping#
- univention.management.console.modules.udm.udm_ldap.split_module_name(module_name)[source]#
Splits a module name into category and internal name
- univention.management.console.modules.udm.udm_ldap.ldap_dn2path(ldap_dn, include_rdn=True, ldap_base=None)[source]#
Returns a path representation of an LDAP DN. If include_rdn is false just the container of the given object is returned in a path representation
- univention.management.console.modules.udm.udm_ldap.get_module(flavor, ldap_dn, ldap_connection=None, ldap_position=None)[source]#
Determines an UDM module handling the LDAP object identified by the given LDAP DN
- univention.management.console.modules.udm.udm_ldap.get_obj_module(flavor, ldap_dn, ldap_connection=None, ldap_position=None)[source]#
- univention.management.console.modules.udm.udm_ldap.list_objects(container, object_type=None, ldap_connection=None, ldap_position=None)[source]#
Yields UDM objects
- univention.management.console.modules.udm.udm_ldap.search_syntax_choices_by_key(syn, key, ldap_connection, ldap_position)[source]#