/libs/ldaplib/iredldif.py
Python | 162 lines | 134 code | 23 blank | 5 comment | 1 complexity | 6ad8f29777bddc82eea19566138f4281 MD5 | raw file
Possible License(s): GPL-2.0
- # Author: Zhang Huangbin <zhb@iredmail.org>
- import web
- from libs import iredutils
- from libs.ldaplib import ldaputils
- from time import time
- cfg = web.iredconfig
- # Define and return LDIF structure of domain.
- def ldif_maildomain(domain, cn=None,
- mtaTransport=cfg.general.get('mtaTransport', 'dovecot'),
- enabledService=['mail'], ):
- domain = web.safestr(domain).lower()
- minPasswordLength = cfg.general.get('min_passwd_length', '8')
- ldif = [
- ('objectClass', ['mailDomain']),
- ('domainName', [domain]),
- ('mtaTransport', [mtaTransport]),
- ('accountStatus', ['active']),
- ('enabledService', enabledService),
- ('accountSetting', ['minPasswordLength:%s' % minPasswordLength]),
- ]
- ldif += ldaputils.getLdifOfSingleAttr(attr='cn', value=cn, default=domain,)
- return ldif
- def ldif_group(name):
- ldif = [
- ('objectClass', ['organizationalUnit']),
- ('ou', [name]),
- ]
- return ldif
- def ldif_mailExternalUser(mail,):
- mail = web.safestr(mail).lower()
- if not iredutils.isEmail(mail):
- return None
- listname, domain = mail.split('@')
- ldif = [
- ('objectClass', ['mailExternalUser']),
- ('accountStatus', ['active']),
- ('memberOfGroup', [mail]),
- ('enabledService', ['mail', 'deliver']),
- ]
- return ldif
- # Define and return LDIF structure of domain admin.
- def ldif_mailadmin(mail, passwd, cn, preferredLanguage='en_US', domainGlobalAdmin='no'):
- mail = web.safestr(mail).lower()
- ldif = [
- ('objectClass', ['mailAdmin']),
- ('mail', [mail]),
- ('userPassword', [str(passwd)]),
- ('accountStatus', ['active']),
- ('preferredLanguage', [web.safestr(preferredLanguage)]),
- ('domainGlobalAdmin', [web.safestr(domainGlobalAdmin)]),
- ]
- ldif += ldaputils.getLdifOfSingleAttr(attr='cn', value=cn, default=mail.split('@', 1)[0],)
- return ldif
- # Define and return LDIF structure of sambaSamAccount
- def ldif_samba(uidNumber, gidNumber, sambaNTPassword,):
- ldif = [
- ('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', 'sambaSamAccount', 'posixAccount']),
- ('uidNumber', [str(uidNumber)]),
- ('gidNumber', [str(gidNumber)]),
- ('sambaAcctFlags', ['[U ]']),
- ('sambaPasswordHistory', ['0000000000000000000000000000000000000000000000000000000000000000']),
- ('sambaSID', [cfg.samba.sid + '-' + str(uidNumber*2+1000)]),
- ('sambaNTPassword', [sambaNTPassword]),
- ('sambaPwdLastSet', [str(int(time()))]),
- ]
- return ldif
- # Define and return LDIF structure of mail user.
- def ldif_mailuser(domain, username, cn, passwd, quota=0, aliasDomains=[], groups=[], storageBaseDirectory=None,):
- domain = str(domain).lower()
- username = str(username).strip().replace(' ', '').lower()
- mail = username + '@' + domain
- if storageBaseDirectory is None:
- tmpStorageBaseDirectory = cfg.general.get('storage_base_directory').lower()
- else:
- tmpStorageBaseDirectory = storageBaseDirectory
- splitedSBD = tmpStorageBaseDirectory.rstrip('/').split('/')
- storageNode = splitedSBD.pop()
- storageBaseDirectory = '/'.join(splitedSBD)
- mailMessageStore = storageNode + '/' + iredutils.setMailMessageStore(mail)
- homeDirectory = storageBaseDirectory + '/' + mailMessageStore
- # Generate basic LDIF.
- ldif = [
- ('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', ]),
- ('mail', [mail]),
- ('userPassword', [str(passwd)]),
- ('sn', [username]),
- ('uid', [username]),
- ('storageBaseDirectory', [storageBaseDirectory]),
- ('mailMessageStore', [mailMessageStore]),
- ('homeDirectory', [homeDirectory]),
- ('accountStatus', ['active']),
- ('enabledService', ['mail', 'deliver', 'lda', 'smtp', 'smtpsecured',
- 'pop3', 'pop3secured', 'imap', 'imapsecured',
- 'managesieve', 'managesievesecured',
- # ManageService name In dovecot-1.2.
- 'sieve', 'sievesecured',
- 'forward', 'senderbcc', 'recipientbcc',
- 'internal', 'lib-storage',
- 'shadowaddress', 'displayedInGlobalAddressBook', ]
- ),
- # shadowAccount integration.
- ('shadowLastChange', ['0']),
- # Amavisd integration.
- ('amavisLocal', ['TRUE']),
- ]
- # Append @shadowAddress.
- shadowAddresses = []
- for d in aliasDomains:
- if iredutils.isDomain(d):
- shadowAddresses += [username + '@' + d]
- if len(shadowAddresses) > 0:
- ldif += [('shadowAddress', shadowAddresses)]
- # Append quota. No 'mailQuota' attribute means unlimited.
- quota = str(quota).strip()
- if quota.isdigit():
- quota = int(quota) * 1024 * 1024
- ldif += [('mailQuota', [str(quota)])]
- # Append cn.
- ldif += ldaputils.getLdifOfSingleAttr(attr='cn', value=cn, default=username,)
- # Append groups.
- if isinstance(groups, list) and len(groups) >= 1:
- # Remove duplicate items.
- grps = set()
- for g in groups:
- grps.update([str(g).strip()])
- ldif += [('memberOfGroup', list(grps))]
- return ldif