summaryrefslogtreecommitdiffstats
path: root/pykolab/auth/__init__.py
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2011-03-07 15:09:51 +0000
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2011-03-07 15:09:51 +0000
commita593f9575820e6c029a8ff37d7df6253f35d0e84 (patch)
tree9d444534853d15ebc44f8bfa25d614f463bacef1 /pykolab/auth/__init__.py
parenteb8353dd68d593dffb8a8b40d3b16ab665635892 (diff)
downloadpykolab-a593f9575820e6c029a8ff37d7df6253f35d0e84.tar.gz
Resort module imports
Just use the Python loggin library logger Standardize function names a little better Make LDAP page its results so large sets of search results hit no admin or search limit
Diffstat (limited to 'pykolab/auth/__init__.py')
-rw-r--r--pykolab/auth/__init__.py128
1 files changed, 107 insertions, 21 deletions
diff --git a/pykolab/auth/__init__.py b/pykolab/auth/__init__.py
index f744cc1..503867b 100644
--- a/pykolab/auth/__init__.py
+++ b/pykolab/auth/__init__.py
@@ -16,8 +16,11 @@
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
-from pykolab.conf import Conf
+import logging
+import os
+import time
+from pykolab.conf import Conf
from pykolab.translate import _
class Auth(object):
@@ -30,30 +33,113 @@ class Auth(object):
Initialize the authentication class.
"""
self.conf = conf
- if hasattr(self.conf, "log"):
- self.log = self.conf.log
+ self.log = logging.getLogger('pykolab')
+
+ self._auth = {}
+
+ def authenticate(self, login):
+ # Login is a list of authentication credentials:
+ # 0: username
+ # 1: password
+ # 2: service
+ # 3: realm, optional
+
+ if len(login) == 3:
+ # Realm not set
+ use_virtual_domains = self.conf.get('imap', 'virtual_domains', quiet=True)
+ if use_virtual_domains == "userid":
+ print "# Derive domain from login[0]"
+ elif not use_virtual_domains:
+ print "# Explicitly do not user virtual domains??"
+ else:
+ # Do use virtual domains, derive domain from login[0]
+ print "# Derive domain from login[0]"
+
+ if len(login[0].split('@')) > 1:
+ domain = login[0].split('@')[1]
+ else:
+ domain = self.conf.get("kolab", "primary_domain")
+
+ # realm overrides domain
+ if len(login) == 4:
+ domain = login[3]
- self._auth = None
+ self.connect(domain)
- def _connect(self):
- if not self._auth == None:
+ retval = self._auth[domain]._authenticate(login, domain)
+
+ return retval
+
+ def connect(self, domain=None):
+ """
+ Connect to the domain authentication backend using domain, or fall
+ back to the primary domain specified by the configuration.
+ """
+
+ if domain == None:
+ section = 'kolab'
+ domain = self.conf.get('kolab', 'primary_domain')
+ else:
+ section = domain
+
+ if self._auth.has_key(section) and not self._auth[section] == None:
return
- if self.conf.get('kolab', 'auth_mechanism') == 'ldap':
- try:
- from pykolab.auth import ldap
- except:
- if hasattr(self, "log"):
- self.log.error(_("Failure to import authentication layer %s," +
- " please verify module dependencies have been installed") % "ldap")
- self._auth = ldap.LDAP(self.conf)
-
- def users(self):
- self._connect()
- users = self._auth._kolab_users()
+ #print "Connecting to Authentication backend for domain %s" %(domain)
+
+ if not self.conf.has_section(section):
+ section = 'kolab'
+
+ if self.conf.get(section, 'auth_mechanism') == 'ldap':
+ from pykolab.auth import ldap
+ self._auth[domain] = ldap.LDAP(self.conf)
+ elif self.conf.get(section, 'auth_mechanism') == 'sql':
+ from pykolab.auth import sql
+ self._auth[domain] = sql.SQL(self.conf)
+ #else:
+ ## TODO: Fail more verbose
+ #print "COULD NOT FIND AUTHENTICATION MECHANISM FOR DOMAIN %s" %(domain)
+
+ #print self._auth
+
+ def list_domains(self):
+ """
+ List the domains using the auth_mechanism setting in the kolab
+ section of the configuration file, either ldap or sql or (...).
+
+ The actual setting would be used by self.connect(), and stuffed
+ into self._auth, for use with self._auth._list_domains()
+
+ For each domain found, returns a two-part tuple of the primary
+ domain and a list of secondary domains (aliases).
+ """
+
+ # Connect to the global namespace
+ self.connect()
+
+ # Find the domains in the authentication backend.
+ kolab_primary_domain = self.conf.get('kolab', 'primary_domain')
+ domains = self._auth[kolab_primary_domain]._list_domains()
+
+ # If no domains are found, the primary domain is used.
+ if len(domains) < 1:
+ domains = [(kolab_primary_domain, [])]
+
+ return domains
+
+ def list_users(self, primary_domain, secondary_domains=[]):
+ self.connect(domain=primary_domain)
+ users = self._auth[primary_domain]._list_users(primary_domain, secondary_domains)
+ #print "USERS RETURNED FROM self._auth['%s']._list_users():", users
return users
- def set_user_attribute(self, user, attribute, value):
- self._connect()
- self._auth._set_user_attribute(user, attribute, value)
+ def domain_default_quota(self, domain):
+ self.connect(domain=domain)
+ print self._auth
+ return self._auth[domain]._domain_default_quota(domain)
+
+ def get_user_attribute(self, user, attribute):
+ return self._auth[domain]._get_user_attribute(user, attribute)
+ def set_user_attribute(self, domain, user, attribute, value):
+ self._auth[domain]._set_user_attribute(user, attribute, value)