From a3e46949714b9ded0966d1a8e997fbbc214e2311 Mon Sep 17 00:00:00 2001 From: Derek Feichtinger Date: Thu, 2 May 2013 09:56:22 +0200 Subject: [PATCH] Added sphinx documentation and did some cleanup Converted all docstrings from doxygen to numpydoc formats --- .gitignore | 1 + MANIFEST.in | 2 +- bin/ldapuserdir-ctl | 4 +- docs/Makefile | 177 ++++++++++++++++++++++++++ docs/conf.py | 251 +++++++++++++++++++++++++++++++++++++ docs/index.rst | 30 +++++ docs/ldapuserdir-ctl.rst | 63 ++++++++++ docs/ldapuserdir.rst | 19 +++ docs/modules.rst | 7 ++ ldapuserdir/ldapuserdir.py | 239 ++++++++++++++++++++++++++--------- 10 files changed, 731 insertions(+), 62 deletions(-) create mode 100644 docs/Makefile create mode 100644 docs/conf.py create mode 100644 docs/index.rst create mode 100644 docs/ldapuserdir-ctl.rst create mode 100644 docs/ldapuserdir.rst create mode 100644 docs/modules.rst diff --git a/.gitignore b/.gitignore index ded0138..58786ac 100644 --- a/.gitignore +++ b/.gitignore @@ -18,3 +18,4 @@ pip-log.txt *~ .ropeproject +/docs/_build diff --git a/MANIFEST.in b/MANIFEST.in index c2c21c9..f011ddf 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -1,4 +1,4 @@ include bin/ldapuserdir-ctl include etc/ldapuserdir-ctl.cfg -recursive-include ldapuserdir +recursive-include ldapuserdir *.py diff --git a/bin/ldapuserdir-ctl b/bin/ldapuserdir-ctl index e974748..04a19c0 100755 --- a/bin/ldapuserdir-ctl +++ b/bin/ldapuserdir-ctl @@ -76,10 +76,10 @@ usage = """%prog [options] groupname [usernames] the short names (in that case they will be extended by the standard OU extension) - The configuration is read from a configuration file (default + The configuration is read from a configuration file. Default locations: """ -usage += ", ".join(cfgfile_loc) + ')\n' +usage += "\n\t* " + "\n\t* ".join(cfgfile_loc) + '\n' usage_epilog = """ Examples: diff --git a/docs/Makefile b/docs/Makefile new file mode 100644 index 0000000..d9d7625 --- /dev/null +++ b/docs/Makefile @@ -0,0 +1,177 @@ +# Makefile for Sphinx documentation +# + +# You can set these variables from the command line. +SPHINXOPTS = +SPHINXBUILD = sphinx-build +PAPER = +BUILDDIR = _build + +# User-friendly check for sphinx-build +ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1) +$(error The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/) +endif + +# Internal variables. +PAPEROPT_a4 = -D latex_paper_size=a4 +PAPEROPT_letter = -D latex_paper_size=letter +ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . +# the i18n builder cannot share the environment and doctrees with the others +I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . + +.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext + +help: + @echo "Please use \`make ' where is one of" + @echo " html to make standalone HTML files" + @echo " dirhtml to make HTML files named index.html in directories" + @echo " singlehtml to make a single large HTML file" + @echo " pickle to make pickle files" + @echo " json to make JSON files" + @echo " htmlhelp to make HTML files and a HTML help project" + @echo " qthelp to make HTML files and a qthelp project" + @echo " devhelp to make HTML files and a Devhelp project" + @echo " epub to make an epub" + @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" + @echo " latexpdf to make LaTeX files and run them through pdflatex" + @echo " latexpdfja to make LaTeX files and run them through platex/dvipdfmx" + @echo " text to make text files" + @echo " man to make manual pages" + @echo " texinfo to make Texinfo files" + @echo " info to make Texinfo files and run them through makeinfo" + @echo " gettext to make PO message catalogs" + @echo " changes to make an overview of all changed/added/deprecated items" + @echo " xml to make Docutils-native XML files" + @echo " pseudoxml to make pseudoxml-XML files for display purposes" + @echo " linkcheck to check all external links for integrity" + @echo " doctest to run all doctests embedded in the documentation (if enabled)" + +clean: + rm -rf $(BUILDDIR)/* + +html: + $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html + @echo + @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." + +dirhtml: + $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml + @echo + @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." + +singlehtml: + $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml + @echo + @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." + +pickle: + $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle + @echo + @echo "Build finished; now you can process the pickle files." + +json: + $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json + @echo + @echo "Build finished; now you can process the JSON files." + +htmlhelp: + $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp + @echo + @echo "Build finished; now you can run HTML Help Workshop with the" \ + ".hhp project file in $(BUILDDIR)/htmlhelp." + +qthelp: + $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp + @echo + @echo "Build finished; now you can run "qcollectiongenerator" with the" \ + ".qhcp project file in $(BUILDDIR)/qthelp, like this:" + @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/ldapuserdir.qhcp" + @echo "To view the help file:" + @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/ldapuserdir.qhc" + +devhelp: + $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp + @echo + @echo "Build finished." + @echo "To view the help file:" + @echo "# mkdir -p $$HOME/.local/share/devhelp/ldapuserdir" + @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/ldapuserdir" + @echo "# devhelp" + +epub: + $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub + @echo + @echo "Build finished. The epub file is in $(BUILDDIR)/epub." + +latex: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo + @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." + @echo "Run \`make' in that directory to run these through (pdf)latex" \ + "(use \`make latexpdf' here to do that automatically)." + +latexpdf: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo "Running LaTeX files through pdflatex..." + $(MAKE) -C $(BUILDDIR)/latex all-pdf + @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." + +latexpdfja: + $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex + @echo "Running LaTeX files through platex and dvipdfmx..." + $(MAKE) -C $(BUILDDIR)/latex all-pdf-ja + @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." + +text: + $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text + @echo + @echo "Build finished. The text files are in $(BUILDDIR)/text." + +man: + $(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man + @echo + @echo "Build finished. The manual pages are in $(BUILDDIR)/man." + +texinfo: + $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo + @echo + @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." + @echo "Run \`make' in that directory to run these through makeinfo" \ + "(use \`make info' here to do that automatically)." + +info: + $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo + @echo "Running Texinfo files through makeinfo..." + make -C $(BUILDDIR)/texinfo info + @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." + +gettext: + $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale + @echo + @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." + +changes: + $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes + @echo + @echo "The overview file is in $(BUILDDIR)/changes." + +linkcheck: + $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck + @echo + @echo "Link check complete; look for any errors in the above output " \ + "or in $(BUILDDIR)/linkcheck/output.txt." + +doctest: + $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest + @echo "Testing of doctests in the sources finished, look at the " \ + "results in $(BUILDDIR)/doctest/output.txt." + +xml: + $(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml + @echo + @echo "Build finished. The XML files are in $(BUILDDIR)/xml." + +pseudoxml: + $(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml + @echo + @echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml." diff --git a/docs/conf.py b/docs/conf.py new file mode 100644 index 0000000..168e6b2 --- /dev/null +++ b/docs/conf.py @@ -0,0 +1,251 @@ +# -*- coding: utf-8 -*- +# +# ldapuserdir documentation build configuration file, created by +# sphinx-quickstart on Wed May 1 09:14:23 2013. +# +# This file is execfile()d with the current directory set to its containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import sys, os + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +#sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ----------------------------------------------------- + +# If your documentation needs a minimal Sphinx version, state it here. +#needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be extensions +# coming with Sphinx (named 'sphinx.ext.*') or your custom ones. +extensions = ['sphinx.ext.autodoc', + 'sphinx.ext.viewcode', + 'numpydoc', + 'sphinx.ext.autosummary'] + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# The suffix of source filenames. +source_suffix = '.rst' + +# The encoding of source files. +#source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = u'ldapuserdir' +copyright = u'2013, Derek Feichtinger' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The short X.Y version. +version = '2.0.0' +# The full version, including alpha/beta/rc tags. +release = '2.0.0' + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +#language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +#today = '' +# Else, today_fmt is used as the format for a strftime call. +#today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = ['_build'] + +# The reST default role (used for this markup: `text`) to use for all documents. +#default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +#add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +#add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +#show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +# A list of ignored prefixes for module index sorting. +#modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +#keep_warnings = False + + +# -- Options for HTML output --------------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = 'default' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +#html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +#html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +#html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +#html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +#html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +#html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['_static'] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +#html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +#html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +#html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +#html_additional_pages = {} + +# If false, no module index is generated. +#html_domain_indices = True + +# If false, no index is generated. +#html_use_index = True + +# If true, the index is split into individual pages for each letter. +#html_split_index = False + +# If true, links to the reST sources are added to the pages. +#html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +#html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +#html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +#html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +#html_file_suffix = None + +# Output file base name for HTML help builder. +htmlhelp_basename = 'ldapuserdirdoc' + + +# -- Options for LaTeX output -------------------------------------------------- + +latex_elements = { +# The paper size ('letterpaper' or 'a4paper'). +#'papersize': 'letterpaper', + +# The font size ('10pt', '11pt' or '12pt'). +#'pointsize': '10pt', + +# Additional stuff for the LaTeX preamble. +#'preamble': '', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, author, documentclass [howto/manual]). +latex_documents = [ + ('index', 'ldapuserdir.tex', u'ldapuserdir Documentation', + u'Derek Feichtinger', 'manual'), +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +#latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +#latex_use_parts = False + +# If true, show page references after internal links. +#latex_show_pagerefs = False + +# If true, show URL addresses after external links. +#latex_show_urls = False + +# Documents to append as an appendix to all manuals. +#latex_appendices = [] + +# If false, no module index is generated. +#latex_domain_indices = True + + +# -- Options for manual page output -------------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ('index', 'ldapuserdir', u'ldapuserdir Documentation', + [u'Derek Feichtinger'], 1) +] + +# If true, show URL addresses after external links. +#man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------------ + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ('index', 'ldapuserdir', u'ldapuserdir Documentation', + u'Derek Feichtinger', 'ldapuserdir', 'One line description of project.', + 'Miscellaneous'), +] + +# Documents to append as an appendix to all manuals. +#texinfo_appendices = [] + +# If false, no module index is generated. +#texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +#texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +#texinfo_no_detailmenu = False diff --git a/docs/index.rst b/docs/index.rst new file mode 100644 index 0000000..9ef5b0b --- /dev/null +++ b/docs/index.rst @@ -0,0 +1,30 @@ +.. ldapuserdir documentation master file, created by + sphinx-quickstart on Wed May 1 09:14:23 2013. + You can adapt this file completely to your liking, but it should at least + contain the root `toctree` directive. + +Welcome to ldapuserdir's documentation! +======================================= + +Ldapusedir provides a class to interact with an Active Directory using its +LDAP interface. It allows retrieval of information about users and groups +and also changing group memberships. + +It also provides the command line utility ldapuserdir-ctl. + +Contents: + +.. toctree:: + :maxdepth: 2 + + ldapuserdir - provides class for AD interaction + ldapuserdir-ctl - Command Line Utility + + +Indices and tables +================== + +* :ref:`genindex` +* :ref:`modindex` +* :ref:`search` + diff --git a/docs/ldapuserdir-ctl.rst b/docs/ldapuserdir-ctl.rst new file mode 100644 index 0000000..13a2b02 --- /dev/null +++ b/docs/ldapuserdir-ctl.rst @@ -0,0 +1,63 @@ +Command Line Utility +==================== + +ldapuserdir-ctl +--------------- +Usage: ldapuserdir-ctl [options] groupname [usernames] + +Used to inspect or change members of a group in Active Directory User +names can be given as full distinguished names or just as the short +names (in that case they will be extended by the standard OU +extension) + +Options:: + + -h, --help show this help message and exit + -a add group members + -d delete group members + -c CFGFILE path of a config file + --configfile show an example configuration file + -u USERFILTER list all matching ldap users that have defined unix + mappings + --debug debug mode: log messages at debug level + -D USER_DN DN or CN of ldap user for binding to the AD server + (CN=minpriv_user,OU=Services,DC=example.com,DC=ch) + -f PWFILE path to password file (without this pwd will be + prompted for) + -g USER_TO_GROUP get group memberships for this user + -v use more verbose output (with user list only) + --user-ou=USER_OU default OU for users (OU=Users,DC=example.com,DC=ch) + --group-ou=GROUP_OU default OU for groups (OU=Groups,DC=example.com,DC=ch) + -n, --allow-no-mssfu do not restrict to entries with unix (msSFU) mappings + -V show version information + + +Examples:: + + List group members + $> ldapuserdir-ctl svc_ra_x06sa + $> ldapuserdir-ctl 'svc_ra_*' + + Get group memberships for user mueller + $> ldapuserdir-ctl -g mueller + + Add/delete users to/from a group (requires access rights!) + $> ldapuserdir-ctl -a svc_ra_x06sa user1 user2 user3 + $> ldapuserdir-ctl -d svc_ra_x06sa user1 user2 + + List users matching a pattern + $> ldapuserdir-ctl -u 'mueller*' + + +Configuration file +------------------ + +The configuration is read from a configuration file that is searched +for in these default locations: + +* ~/.ldapuserdir-ctl.cfg +* /etc/ldapuserdir-ctl.cfg + + +.. literalinclude:: ../etc/ldapuserdir-ctl.cfg + :language: ini diff --git a/docs/ldapuserdir.rst b/docs/ldapuserdir.rst new file mode 100644 index 0000000..83e8264 --- /dev/null +++ b/docs/ldapuserdir.rst @@ -0,0 +1,19 @@ +ldapuserdir Package +=================== + +.. + :mod:`ldapuserdir` Package + -------------------------- + + .. automodule:: ldapuserdir.__init__ + :members: + :undoc-members: + :show-inheritance: + +:mod:`ldapuserdir` Module +------------------------- + +.. automodule:: ldapuserdir.ldapuserdir + :members: + :undoc-members: + :show-inheritance: diff --git a/docs/modules.rst b/docs/modules.rst new file mode 100644 index 0000000..b57e7f7 --- /dev/null +++ b/docs/modules.rst @@ -0,0 +1,7 @@ +ldapuserdir +=========== + +.. toctree:: + :maxdepth: 4 + + ldapuserdir diff --git a/ldapuserdir/ldapuserdir.py b/ldapuserdir/ldapuserdir.py index 5986842..20eddb5 100644 --- a/ldapuserdir/ldapuserdir.py +++ b/ldapuserdir/ldapuserdir.py @@ -12,7 +12,6 @@ with an LDAP based user directory service import ldap #import ldap.ldapobject -import os import sys import re from glob import fnmatch @@ -21,12 +20,41 @@ import time class LdapUserDirError(Exception): + """Exception class for LdapUserDir error conditions""" def __init__(self, errmsg): super(LdapUserDirError, self).__init__(errmsg) class LdapUserDir(object): - """ A class to interact with a LDAP based user and group directory + """A class to interact with a LDAP based user and group directory + + Parameters + ---------- + serverurl : str + URL of LDAP server (e.g. ldaps://host:port) + user_dn : str + DN of user for authenticating to LDAP + user_pw : str + password for authenticating to LDAP + group_ou : str, optional + base path for groups + user_ou : str, optional + base path for users + logger : logger instance, optional + + Attributes + ---------- + serverurl : str + group_ou : str + user_ou : str + user_dn : str + user_pw : str + logger : logger instance + + Raises + ------ + ldap.LDAPError + Reraises original exception from ldap modules """ def __init__(self, serverurl, @@ -34,8 +62,7 @@ class LdapUserDir(object): user_pw, group_ou = 'ou=example.com', user_ou = 'ou=example.com', - logger = None, -): + logger = None): self.serverurl = serverurl self.group_ou = group_ou self.user_ou = user_ou @@ -56,14 +83,6 @@ class LdapUserDir(object): self._ldap = ldap.initialize(self.serverurl, trace_level=0, trace_file=sys.stderr) - # use a class which will try reconnections to the server by itself - # self._ldap = ldap.ldapobject.ReconnectLDAPObject(self.serverurl, - # trace_level=0, - # trace_file=sys.stderr, - # retry_max=2) - # note: this strangely led to empty answers after some time of - # running on the test extranet deployment. Maybe need to manage that - # myself self.logger.debug('binding to: %s\n' % serverurl) self.logger.debug('binding as user: %s\n' % user_dn) try: @@ -90,10 +109,32 @@ class LdapUserDir(object): """wrapper of standard ldap.search_s synchronous search that tries to reconnect - Implemented the functionality myself since the use of the - automatic reconnect available (ReconnectLDAPObject) did not do - a rebind (or it failed). This way I have more control. + Implemented the functionality in this class since the use of + the standard automatic reconnect available + (ReconnectLDAPObject) did not do a rebind correctly. + Parameters + ---------- + base : str + base DN + scope : {ldap.SCOPE_BASE, ldap.SCOPE_ONELEVEL, ldap.SCOPE_SUBTREE} + filterstr : str + LDAP search filter, optional + attrlist : list of str, optional + list of attributes to search for + attrsonly : int, optional + do not return values for attributes if nonzero + recon_attempts : int, optional + number of reconnects to attempt in case of failure + + Raises + ------ + Reraises original exception from ldap.search_s + + Returns + ------- + list of tuples + list of tuples of the form (dn, attributes) """ attempts = 0 ok = False @@ -153,10 +194,19 @@ class LdapUserDir(object): def get_users(self, filter='*', ou=None, mssfu=False): """get the names of all users from the directory service - @param filter A filter expression used for the cn part of the ldap dn - @param ou The organisational unit to be used in the ldap search - @param mssfu Whether to only show users with mssfu mappings - @returns A dictionary of the matching users { dn1:list1, ... } + + Parameters + ---------- + filter : str, optional + filter expression used for the cn part of the ldap dn + ou : str, optional + mssfu : bool, optional + Whether to only show users with mssfu mappings + + Returns + ------- + dict + dictionary of the matching users { dn1:list1, ... } """ if ou == None: user_ou = self.user_ou @@ -176,8 +226,12 @@ class LdapUserDir(object): def list_users_etcpwd(self, filter='*', ou=None, verbose = False): """Print '/etc/pwd' format like information about matching users - @param filter A filter expression used for the cn part of the ldap dn - @param ou The organisational unit to be used in the ldap search + Parameters + ---------- + filter : str, optional + filter expression used for the cn part of the ldap dn + ou : str, optional + verbose : bool, optional """ r = self.get_users(filter, ou, mssfu=True) for dn, entry in r: @@ -206,10 +260,22 @@ class LdapUserDir(object): def systemuser2dn(self, uname): """Converts a user's system username to the dn of the ldap directory by performing a search on ldap - @param uname The system username - @returns The DN of the user - @exception may throw an ldap.LDAPError or LdapUserDir("No such user") + Parameters + ---------- + uname : str + system username + + Returns + ------- + str + DN of the user + + Raises + ------ + LdapUserDirError("No such user") + if no such user exists + """ #try: srch = '(&(objectClass=user)(!(objectClass=computer))(msSFU30UidNumber=*)(msSFU30HomeDirectory=*)(cn=%s))' % uname @@ -227,12 +293,22 @@ class LdapUserDir(object): def get_groups_struct(self, gfilter='*', ou = None, mssfu=False): """searches for groups that match filter + returns the full ldap search result structure for the search with the optional filter applied to the cn field - @param filter A filter expression used for the cn part of the ldap dn - @param ou The organisational unit to be used in the ldap search - @param mssfu Whether to only show users with mssfu mappings - @returns A dictionary of the matching groups { dn1:list1, ... } + + Parameters + ---------- + gfilter : str, optional + filter expression used for the cn part of the ldap dn + ou : str, optional + mssfu : bool, optional + Whether to only show users with mssfu mappings + + Returns + ------- + dict + dictionary of the matching groups { dn1:list1, ... } """ if ou == None: group_ou = self.group_ou @@ -257,15 +333,20 @@ class LdapUserDir(object): Parameters ---------- - dn : distinguished name - gfilter : filter expression used for the cn part of the results, optional - returndn : If True then return DNs, optional - recursive : recurse into hierarchical groups, optional - mssfu : whether to only return entries with MSsfu attributes, optional + dn : str + distinguished name + gfilter : str, optional + filter expression used for the cn part of the results + returndn : bool, optional + If True then return DNs, else CNs + recursive : bool, optional + if True, recurse into hierarchical groups + mssfu : bool, optional + whether to only return entries with MSsfu attributes Returns ------- - List of groups + list """ self.logger.debug('get_memberof for %s' % dn) @@ -304,25 +385,35 @@ class LdapUserDir(object): return grplist - - # reslist = []defu - # for dn, entry in r: - # reslist.append(dn) - - # if returndn: - # return reslist def get_groups_for_user(self, user, gfilter='*', ou=None, returndn = False, mssfu=False): """Get groups for a particular user from LDAP. + The function will try to determine whether it receives a DN or a system username that needs to be converted to a DN first. - @param user The user's DN or system name - @param gfilter A filter expression used for the cn part of the ldap dn - @param ou The organisational unit to be used in the ldap search - @param returndn If set True the function will return DN, otherwise CN - @param mssfu Whether to only show users with mssfu mappings - @returns list of group names + + Parameters + ---------- + user : str + system username or user DN + gfilter : str, optional + filter expression used for the cn part of the ldap dn + ou : str, optional + The organisational unit to be used in the ldap search + returndn : bool, optional + If set True the function will return DN, otherwise CN + mssfu : bool, optional + Whether to only show users with mssfu mappings + + Returns + ------- + list + + Raises + ------ + RuntimeError + if CN cannot be identified in a resulting group """ if ou == None: group_ou = self.group_ou @@ -357,14 +448,22 @@ class LdapUserDir(object): return cnlist def list_groups(self, filter = '*', ou = None, mssfu=False): - """Prints a list of groups from the LDAP directory - @param filter A filter expression used for the cn part of the ldap dn - @param ou The organisational unit to be used in the ldap search + """Prints a list of groups from the LDAP directory to stdout + + Parameters + ---------- + filter : str, optional + filter expression used for the cn part of the ldap dn + ou : str, optional + organisational unit to be used in the ldap search + mssfu : bool, optional + Whether to only show users with mssfu mappings + """ r = self.get_groups_struct(filter, ou, mssfu) if len(r) == 0: sys.stderr.write("Error: no groups found (filter: %s)\n" % filter) - return 0 + return for dn, entry in r: print entry['cn'][0] @@ -373,10 +472,22 @@ class LdapUserDir(object): print ' member: ', cn def _mod_groupmembers(self, ldapmode, dngroup, usernames): - """modifies members of an LDAP group entry - @param ldapmode Either ldap.MOD_ADD, or ldap.MOD_DELETE - @param dngroup DN of the group - @param usernames List of usernames (system names or DNs) + """modifies (adds/deletes) members of an LDAP group entry + + Parameters + ---------- + ldapmode : {ldap.MOD_ADD, ldap.MOD_DELETE} + dngroup : str + DN of the group + usernames : list of str + List of usernames (system names or DNs) + + Raises + ------ + ldap.LDAPError + Reraises original exception for LDAP problems + RuntimeError + if no such user exists """ if not self.has_dn_format(dngroup): dngroup = ''.join(['cn=', dngroup, ',', self.group_ou]) @@ -402,15 +513,25 @@ class LdapUserDir(object): def add_groupmembers(self, group, usernames): """Adds users to an LDAP group - @param dngroup DN of the group - @param usernames List of usernames (system names or DNs) + + Parameters + ---------- + dngroup : str + DN of the group + usernames : list of str + List of usernames (system names or DNs) """ self._mod_groupmembers(ldap.MOD_ADD, group, usernames) def del_groupmembers(self, group, usernames): """Deletes users from an LDAP group - @param dngroup DN of the group - @param usernames List of usernames (system names or DNs) + + Parameters + ---------- + dngroup : str + DN of the group + usernames : list of str + List of usernames (system names or DNs) """ self._mod_groupmembers(ldap.MOD_DELETE, group, usernames)