# Third party modules
# Own modules
+from fb_tools.common import to_bool
+
from ..xlate import XLATOR
from ..app.ldap import LdapAppError
from ..app.ldap import BaseLdapApplication
-__version__ = '0.1.1'
+__version__ = '0.2.0'
LOG = logging.getLogger(__name__)
_ = XLATOR.gettext
class RemoveLdapUserApplication(BaseLdapApplication):
"""Application class for disabling or removing a user from LDAP."""
- pass
+ default_nologin_shell = "/usr/sbin/nologin"
+ value_inactive = 'inactive'
+
+ # -------------------------------------------------------------------------
+ def __init__(self, appname=None, base_dir=None):
+
+ self.ldap_instances = []
+ self.given_users = []
+ self.nologin_shell = self.default_nologin_shell
+ self._deactivate = False
+
+ desc = _(
+ "Disables or removes the given users from LDAP. "
+ "If disabling, then the user will not be really removed, but disabled "
+ "by locking the password, setting all status flags to {inact!r}, "
+ "assigning {shell!r} as login shell und removing the user from all groups. "
+ "When removing (or purging) the user will be really removed from LDAP.")
+ desc = desc.format(inact=self.value_inactive, shell=self.nologin_shell)
+
+ super(RemoveLdapUserApplication, self).__init__(
+ appname=appname, description=desc, base_dir=base_dir, initialized=False)
+
+ self.initialized = True
+
+ # -------------------------------------------
+ @property
+ def deactivate(self):
+ """Defines, that the given users will not be removed, bur deactivated instaed."""
+
+ return self._deactivate
+
+ @deactivate.setter
+ def deactivate(self, value):
+ self._deactivate = to_bool(value)
+
+ # -------------------------------------------------------------------------
+ def as_dict(self, short=True):
+ """
+ Transforms the elements of the object into a dict
+
+ @param short: don't include local properties in resulting dict.
+ @type short: bool
+
+ @return: structure as dict
+ @rtype: dict
+ """
+
+ res = super(RemoveLdapUserApplication, self).as_dict(short=short)
+
+ res['deactivate'] = self.deactivate
+
+ return res
+
+ # -------------------------------------------------------------------------
+ def init_arg_parser(self):
+
+ super(RemoveLdapUserApplication, self).init_arg_parser()
+
+ remove_group = self.arg_parser.add_argument_group(_('Removing options'))
+
+ remove_mode_group = remove_group.add_mutually_exclusive_group()
+
+ remove_mode_group.add_argument(
+ '-d', '--deactivate', dest="deactivate", action='store_true',
+ help=_(
+ "Deactivating the user instead of removing it. "
+ "This is mutually exclusive to {!r}.").format('--remove'),
+ )
+
+ remove_mode_group.add_argument(
+ '-R', '--remove', dest="deactivate", action='store_false',
+ help=_(
+ "Removing the user from LDAP. This is the default and is "
+ "mutually exclusive to {!r}.").format('--deactivate'),
+ )
+
+ remove_group.add_argument(
+ '-I', '--instance', dest="instance", nargs='*', type=str,
+ metavar=_('INSTANCE'),
+ help=_(
+ "The LDAP instance (LDAP cluster) from configuration, where to remove the user. "
+ "Multiple instances may be given. It is possible to give here the value "
+ "{val_all!r}, the then all found LDAP instances except {default!r} are used. "
+ "If not given, the the instance {default!r} will be used.").format(
+ val_all='all', default='default'),
+ )
+
+ remove_group.add_argument(
+ 'users', nargs='+', metavar=_('USER'),
+ help=_(
+ "The user, which should be deactivated or removed. "
+ "They may be given by their Uid (the alphanumeric POSIX name), "
+ "their mail address or their LDAP DN (be aware, that this may be "
+ "different in the particular LDAP instances).")
+ )
# =============================================================================
projects / pixelpark / pp-admin-tools.git / commitdiff