/libs/ldaplib/iredldif.py

# Author: Zhang Huangbin <zhb@iredmail.org>

import web
from libs import iredutils
from libs.ldaplib import ldaputils
from time import time

cfg = web.iredconfig


# Define and return LDIF structure of domain.
def ldif_maildomain(domain, cn=None,
        mtaTransport=cfg.general.get('mtaTransport', 'dovecot'),
        enabledService=['mail'], ):
    domain = web.safestr(domain).lower()

    minPasswordLength = cfg.general.get('min_passwd_length', '8')

    ldif = [
            ('objectClass', ['mailDomain']),
            ('domainName', [domain]),
            ('mtaTransport', [mtaTransport]),
            ('accountStatus', ['active']),
            ('enabledService', enabledService),
            ('accountSetting', ['minPasswordLength:%s' % minPasswordLength]),
           ]

    ldif += ldaputils.getLdifOfSingleAttr(attr='cn', value=cn, default=domain,)

    return ldif


def ldif_group(name):
    ldif = [
            ('objectClass', ['organizationalUnit']),
            ('ou', [name]),
            ]

    return ldif


def ldif_mailExternalUser(mail,):
    mail = web.safestr(mail).lower()
    if not iredutils.isEmail(mail):
        return None

    listname, domain = mail.split('@')
    ldif = [
            ('objectClass', ['mailExternalUser']),
            ('accountStatus', ['active']),
            ('memberOfGroup', [mail]),
            ('enabledService', ['mail', 'deliver']),
            ]
    return ldif


# Define and return LDIF structure of domain admin.
def ldif_mailadmin(mail, passwd, cn, preferredLanguage='en_US', domainGlobalAdmin='no'):
    mail = web.safestr(mail).lower()

    ldif = [
            ('objectClass', ['mailAdmin']),
            ('mail', [mail]),
            ('userPassword', [str(passwd)]),
            ('accountStatus', ['active']),
            ('preferredLanguage', [web.safestr(preferredLanguage)]),
            ('domainGlobalAdmin', [web.safestr(domainGlobalAdmin)]),
            ]

    ldif += ldaputils.getLdifOfSingleAttr(attr='cn', value=cn, default=mail.split('@', 1)[0],)

    return ldif


# Define and return LDIF structure of sambaSamAccount
def ldif_samba(uidNumber, gidNumber, sambaNTPassword,):
    ldif = [
            ('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', 'sambaSamAccount', 'posixAccount']),
            ('uidNumber', [str(uidNumber)]),
            ('gidNumber', [str(gidNumber)]),
            ('sambaAcctFlags', ['[U          ]']),
            ('sambaPasswordHistory', ['0000000000000000000000000000000000000000000000000000000000000000']),
            ('sambaSID', [cfg.samba.sid + '-' + str(uidNumber*2+1000)]),
            ('sambaNTPassword', [sambaNTPassword]),
            ('sambaPwdLastSet', [str(int(time()))]),
            ]

    return ldif

# Define and return LDIF structure of mail user.
def ldif_mailuser(domain, username, cn, passwd, quota=0, aliasDomains=[], groups=[], storageBaseDirectory=None,):
    domain = str(domain).lower()
    username = str(username).strip().replace(' ', '').lower()
    mail = username + '@' + domain

    if storageBaseDirectory is None:
        tmpStorageBaseDirectory = cfg.general.get('storage_base_directory').lower()
    else:
        tmpStorageBaseDirectory = storageBaseDirectory

    splitedSBD = tmpStorageBaseDirectory.rstrip('/').split('/')

    storageNode = splitedSBD.pop()
    storageBaseDirectory = '/'.join(splitedSBD)

    mailMessageStore = storageNode + '/' + iredutils.setMailMessageStore(mail)
    homeDirectory = storageBaseDirectory + '/' + mailMessageStore

    # Generate basic LDIF.
    ldif = [
        ('objectClass', ['inetOrgPerson', 'mailUser', 'shadowAccount', 'amavisAccount', ]),
        ('mail', [mail]),
        ('userPassword', [str(passwd)]),
        ('sn', [username]),
        ('uid', [username]),
        ('storageBaseDirectory', [storageBaseDirectory]),
        ('mailMessageStore', [mailMessageStore]),
        ('homeDirectory', [homeDirectory]),
        ('accountStatus', ['active']),
        ('enabledService', ['mail', 'deliver', 'lda', 'smtp', 'smtpsecured',
                            'pop3', 'pop3secured', 'imap', 'imapsecured',
                            'managesieve', 'managesievesecured',
                            # ManageService name In dovecot-1.2.
                            'sieve', 'sievesecured',
                            'forward', 'senderbcc', 'recipientbcc',
                            'internal', 'lib-storage',
                            'shadowaddress', 'displayedInGlobalAddressBook', ]
        ),
        # shadowAccount integration.
        ('shadowLastChange', ['0']),
        # Amavisd integration.
        ('amavisLocal', ['TRUE']),
        ]

    # Append @shadowAddress.
    shadowAddresses = []
    for d in aliasDomains:
        if iredutils.isDomain(d):
            shadowAddresses += [username + '@' + d]

    if len(shadowAddresses) > 0:
        ldif += [('shadowAddress', shadowAddresses)]

    # Append quota. No 'mailQuota' attribute means unlimited.
    quota = str(quota).strip()
    if quota.isdigit():
        quota = int(quota) * 1024 * 1024
        ldif += [('mailQuota', [str(quota)])]

    # Append cn.
    ldif += ldaputils.getLdifOfSingleAttr(attr='cn', value=cn, default=username,)

    # Append groups.
    if isinstance(groups, list) and len(groups) >= 1:
        # Remove duplicate items.
        grps = set()
        for g in groups:
            grps.update([str(g).strip()])

        ldif += [('memberOfGroup', list(grps))]

    return ldif