From 0fb73121e854169ba1137a16dc531e52d20b74ec Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Fri, 6 Jan 2023 13:21:17 +0100 Subject: [PATCH] Adding bin/check-ldap-dn-attributes and its application module --- bin/check-ldap-dn-attributes | 65 +++++++++ .../app/check_ldap_dn_attributes.py | 124 ++++++++++++++++++ 2 files changed, 189 insertions(+) create mode 100755 bin/check-ldap-dn-attributes create mode 100644 lib/pp_admintools/app/check_ldap_dn_attributes.py diff --git a/bin/check-ldap-dn-attributes b/bin/check-ldap-dn-attributes new file mode 100755 index 0000000..b1eb222 --- /dev/null +++ b/bin/check-ldap-dn-attributes @@ -0,0 +1,65 @@ +#!/usr/bin/env python3 + +from __future__ import print_function + +# Standard modules +import sys + +__exp_py_version_major__ = 3 +__min_py_version_minor__ = 6 + +if sys.version_info[0] != __exp_py_version_major__: + print("This script is intended to use with Python {}.".format( + __exp_py_version_major__), file=sys.stderr) + print("You are using Python: {0}.{1}.{2}-{3}-{4}.".format( + *sys.version_info) + "\n", file=sys.stderr) + sys.exit(1) + +if sys.version_info[1] < __min_py_version_minor__: + print("A minimal Python version of {maj}.{min} is necessary to execute this script.".format( + maj=__exp_py_version_major__, min=__min_py_version_minor__), file=sys.stderr) + print("You are using Python: {0}.{1}.{2}-{3}-{4}.".format( + *sys.version_info) + "\n", file=sys.stderr) + sys.exit(1) + +# Standard modules +import os +import locale + +try: + from pathlib import Path +except ImportError: + from pathlib2 import Path + +__author__ = 'Frank Brehm ' +__copyright__ = '(C) 2023 by Frank Brehm, Digitas Pixelpark GmbH, Berlin' + +# own modules: + +my_path = Path(__file__) +my_real_path = my_path.resolve() +bin_path = my_real_path.parent +base_dir = bin_path.parent +lib_dir = base_dir.joinpath('lib') +module_dir = lib_dir.joinpath('pp_admintools') + +if module_dir.exists(): + sys.path.insert(0, str(lib_dir)) + +from pp_admintools.app.check_ldap_dn_attributes import CheckLdapDnAttributesApplication + +appname = os.path.basename(sys.argv[0]) + +locale.setlocale(locale.LC_ALL, '') + +app = CheckLdapDnAttributesApplication(appname=appname, base_dir=base_dir) +app.initialized = True + +if app.verbose > 2: + print("{c}-Object:\n{a}".format(c=app.__class__.__name__, a=app)) + +app() + +sys.exit(0) + +# vim: tabstop=4 expandtab shiftwidth=4 softtabstop=4 diff --git a/lib/pp_admintools/app/check_ldap_dn_attributes.py b/lib/pp_admintools/app/check_ldap_dn_attributes.py new file mode 100644 index 0000000..27e1a73 --- /dev/null +++ b/lib/pp_admintools/app/check_ldap_dn_attributes.py @@ -0,0 +1,124 @@ +# -*- coding: utf-8 -*- +""" +@summary: An application module for checking all DN-like attributes in a LDAP instance + +@author: Frank Brehm +@contact: frank.brehm@pixelpark.com +@copyright: © 2023 by Frank Brehm, Berlin +""" +from __future__ import absolute_import + +# Standard modules +import sys +import logging +import copy +import time + +# Third party modules +from ldap3 import ALL_ATTRIBUTES + +# Own modules +# from fb_tools.common import to_bool, is_sequence +# from fb_tools.collections import FrozenCIStringSet, CIStringSet, CIDict +from fb_tools.collections import CIDict, CIStringSet +from fb_tools.xlate import format_list + +from .. import pp + +from ..xlate import XLATOR + +from ..config.ldap import LdapConfiguration + +# from .ldap import LdapAppError, FatalLDAPError +from .ldap import LdapAppError +from .ldap import BaseLdapApplication + +from ..argparse_actions import NonNegativeItegerOptionAction +from ..argparse_actions import LimitedFloatOptionAction + +__version__ = '0.1.0' +LOG = logging.getLogger(__name__) + +_ = XLATOR.gettext +ngettext = XLATOR.ngettext + + +# ============================================================================= +class CheckLdapDnAttributesError(LdapAppError): + """Special exception class for exceptions inside this module.""" + + pass + + +# ============================================================================= +class CheckLdapDnAttributesApplication(BaseLdapApplication): + """Application class for checking all DN-like attributes in a LDAP instance.""" + + show_simulate_option = False + + use_default_ldap_connection = False + use_multiple_ldap_connections = False + show_cmdline_ldap_timeout = True + apply_default_ldap_instance_if_not_given = False + show_force_option = False + + check_attributes = ['member', 'uniqueMember', 'owner', 'seeAlso'] + + # ------------------------------------------------------------------------- + def __init__(self, appname=None, base_dir=None): + + self.ldap = None + self.instance = None + self.connect_info = None + + self.allow_strange_jira_group = False + + self.checked_ref_dn = CIDict() + self.all_check_dns = CIStringSet() + self.failed_entries = CIDict() + + attr_list = format_list(self.check_attributes, do_repr=True) + + desc = _( + "Checking all attributes with a DN syntax ({alist}) in the given instance. " + "The check is for the DN-syntax of the attributes and whether they are referencing " + "to existing entries in LDAP.").format(alist=attr_list) + + super(CheckLdapDnAttributesApplication, self).__init__( + appname=appname, description=desc, base_dir=base_dir, + cfg_class=LdapConfiguration, initialized=False) + + self.initialized = True + + # ------------------------------------------------------------------------- + def _verify_instances(self): + + super(CheckLdapDnAttributesApplication, self)._verify_instances(is_admin=True) + + # ------------------------------------------------------------------------- + def post_init(self): + """Execute some actions after initialising.""" + + super(CheckLdapDnAttributesApplication, self).post_init() + + self.instance = self.ldap_instances[0] + self.connect_info = self.cfg.ldap_connection[self.instance] + + # ------------------------------------------------------------------------- + def _run(self): + + ldap_url = self.cfg.ldap_connection[self.instance].url + + msg = _( + "Start checking all DN-like attributes in in LDAP instance {inst!r} " + "({url}) ...").format(inst=self.instance, url=ldap_url) + LOG.debug(msg) + +# ============================================================================= +if __name__ == "__main__": + + pass + +# ============================================================================= + +# vim: tabstop=4 expandtab shiftwidth=4 softtabstop=4 list -- 2.39.5