Add machine support

13 years ago · 6d3279772d
parent 93a591d8f0
commit 6d3279772d
4 changed files with 230 additions and 11 deletions
--- a/src/ldapmgr.cpp
+++ b/src/ldapmgr.cpp
@ -81,11 +81,15 @@ LDAPConfig::LDAPConfig(TQWidget *parent, const char *name, const TQStringList&)
 	base->user_status->setEnabled(false);
 	base->user_secondaryGroups->setEnabled(false);

+	base->machine_name->setEnabled(false);
+	base->machine_author->setEnabled(false);
+
 	connect(base->user_ldapRealm, TQT_SIGNAL(activated(const TQString&)), this, TQT_SLOT(connectToRealm(const TQString&)));
 	connect(base->group_ldapRealm, TQT_SIGNAL(activated(const TQString&)), this, TQT_SLOT(connectToRealm(const TQString&)));
 	connect(base->machine_ldapRealm, TQT_SIGNAL(activated(const TQString&)), this, TQT_SLOT(connectToRealm(const TQString&)));
 	connect(base->user_list, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(userHighlighted()));
 	connect(base->group_list, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(groupHighlighted()));
+	connect(base->machine_list, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(machineHighlighted()));

 	connect(base->user_buttonAdd, TQT_SIGNAL(clicked()), this, TQT_SLOT(addNewUser()));
 	connect(base->group_buttonAdd, TQT_SIGNAL(clicked()), this, TQT_SLOT(addNewGroup()));
@ -93,6 +97,7 @@ LDAPConfig::LDAPConfig(TQWidget *parent, const char *name, const TQStringList&)
 	connect(base->group_buttonModify, TQT_SIGNAL(clicked()), this, TQT_SLOT(modifySelectedGroup()));
 	connect(base->user_buttonDelete, TQT_SIGNAL(clicked()), this, TQT_SLOT(removeSelectedUser()));
 	connect(base->group_buttonDelete, TQT_SIGNAL(clicked()), this, TQT_SLOT(removeSelectedGroup()));
+	connect(base->machine_buttonDelete, TQT_SIGNAL(clicked()), this, TQT_SLOT(removeSelectedMachine()));
 	
 	load();
 	
@ -183,8 +188,8 @@ void LDAPConfig::processLockouts() {
 	// FIXME
 	// Disable machine add/modify as they are not implemented
 	// In fact, I don't know if I CAN implement them!
-	base->machine_buttonAdd->setEnabled(true);
-	base->machine_buttonModify->setEnabled(true);
+	base->machine_buttonAdd->setEnabled(false);
+	base->machine_buttonModify->setEnabled(false);
 }

 void LDAPConfig::connectToRealm(const TQString& realm) {
@ -210,13 +215,11 @@ void LDAPConfig::connectToRealm(const TQString& realm) {
 void LDAPConfig::updateAllInformation() {
 	populateUsers();
 	populateGroups();
-	// RAJA FIXME
-	// Machines??
+	populateMachines();

 	updateUsersList();
 	updateGroupsList();
-	// RAJA FIXME
-	// Machines??
+	updateMachinesList();
 }

 void LDAPConfig::populateUsers() {
@ -227,6 +230,10 @@ void LDAPConfig::populateGroups() {
 	m_groupInfoList = m_ldapmanager->groups();
 }

+void LDAPConfig::populateMachines() {
+	m_machineInfoList = m_ldapmanager->machines();
+}
+
 void LDAPConfig::updateUsersList() {
 	TQListViewItem* itm = base->user_list->selectedItem();
 	TQString prevSelectedItemText;
@ -270,6 +277,27 @@ void LDAPConfig::updateGroupsList() {
 	processLockouts();
 }

+void LDAPConfig::updateMachinesList() {
+	TQListViewItem* itm = base->machine_list->selectedItem();
+	TQString prevSelectedItemText;
+	if (itm) {
+		prevSelectedItemText = itm->text(0);
+	}
+
+	base->machine_list->clear();
+	LDAPMachineInfoList::Iterator it;
+	for (it = m_machineInfoList.begin(); it != m_machineInfoList.end(); ++it) {
+		LDAPMachineInfo machine = *it;
+		itm = new TQListViewItem(base->machine_list, machine.name);
+		if (prevSelectedItemText != "") {
+			if (machine.name == prevSelectedItemText) {
+				base->machine_list->setSelected(itm, true);
+			}
+		}
+	}
+	processLockouts();
+}
+
 LDAPUserInfo LDAPConfig::findUserInfoByName(TQString name) {
 	// Figure out which user is selected
 	LDAPUserInfoList::Iterator it;
@ -294,6 +322,18 @@ LDAPGroupInfo LDAPConfig::findGroupInfoByName(TQString name) {
 	return LDAPGroupInfo();
 }

+LDAPMachineInfo LDAPConfig::findMachineInfoByName(TQString name) {
+	// Figure out which machine is selected
+	LDAPMachineInfoList::Iterator it;
+	for (it = m_machineInfoList.begin(); it != m_machineInfoList.end(); ++it) {
+		LDAPMachineInfo machine = *it;
+		if (machine.name == name) {
+			return machine;
+		}
+	}
+	return LDAPMachineInfo();
+}
+
 LDAPUserInfo LDAPConfig::findUserInfoByNameAndUID(TQString name, TQString uid) {
 	// Figure out which user is selected
 	LDAPUserInfoList::Iterator it;
@ -346,6 +386,14 @@ LDAPGroupInfo LDAPConfig::selectedGroup() {
 	return findGroupInfoByNameAndGID(lvi->text(0), lvi->text(1));
 }

+LDAPMachineInfo LDAPConfig::selectedMachine() {
+	TQListViewItem* lvi = base->machine_list->selectedItem();
+	if (!lvi) {
+		return LDAPMachineInfo();
+	}
+	return findMachineInfoByName(lvi->text(0));
+}
+
 LDAPUserInfo LDAPConfig::findUserByDistinguishedName(TQString dn) {
 	LDAPUserInfoList::Iterator it;
 	for (it = m_userInfoList.begin(); it != m_userInfoList.end(); ++it) {
@ -415,6 +463,16 @@ void LDAPConfig::groupHighlighted() {
 	processLockouts();
 }

+void LDAPConfig::machineHighlighted() {
+	// Show information in the quick view area
+	LDAPMachineInfo machine = selectedMachine();
+
+	base->machine_name->setText(machine.name);
+	base->machine_author->setText(findUserByDistinguishedName(machine.creatorsName).name);
+
+	processLockouts();
+}
+
 void LDAPConfig::addNewUser() {
 	// Launch a dialog to add the user
 	LDAPUserInfo user;
@ -603,6 +661,16 @@ void LDAPConfig::removeSelectedGroup() {
 	updateAllInformation();
 }

+void LDAPConfig::removeSelectedMachine() {
+	LDAPMachineInfo machine = selectedMachine();
+
+	if (KMessageBox::warningYesNo(this, i18n("<qt><b>You are about to delete the machine %1</b><br>This action cannot be undone<p>Are you sure you want to proceed?</qt>").arg(machine.name), i18n("Confirmation Required")) == KMessageBox::Yes) {
+		m_ldapmanager->deleteMachineInfo(machine);
+	}
+
+	updateAllInformation();
+}
+
 TQString readFullLineFromPtyProcess(PtyProcess* proc) {
 	TQString result = "";
 	while ((!result.contains("\n")) && (!result.contains(":")) && (!result.contains(">"))) {
--- a/src/ldapmgr.h
+++ b/src/ldapmgr.h
@ -55,21 +55,26 @@ class LDAPConfig: public KCModule
 		void connectToRealm(const TQString&);
 		void populateUsers();
 		void populateGroups();
+		void populateMachines();
 		void updateUsersList();
 		void updateGroupsList();
+		void updateMachinesList();
 		void userHighlighted();
 		void groupHighlighted();
+		void machineHighlighted();
 		void addNewUser();
 		void addNewGroup();
 		void modifySelectedUser();
 		void modifySelectedGroup();
 		void removeSelectedUser();
 		void removeSelectedGroup();
+		void removeSelectedMachine();
 		void updateAllInformation();

 	public:
 		LDAPUserInfo findUserInfoByName(TQString name);
 		LDAPGroupInfo findGroupInfoByName(TQString name);
+		LDAPMachineInfo findMachineInfoByName(TQString name);
 		LDAPUserInfo findUserInfoByNameAndUID(TQString name, TQString uid);
 		LDAPGroupInfo findGroupInfoByNameAndGID(TQString name, TQString gid);
 		LDAPGroupInfo findGroupInfoByGID(TQString gid);
@ -81,6 +86,7 @@ class LDAPConfig: public KCModule
 	private:
 		LDAPUserInfo selectedUser();
 		LDAPGroupInfo selectedGroup();
+		LDAPMachineInfo selectedMachine();
 		int setPasswordForUser(LDAPUserInfo user, TQString *errstr);

 	private:
@ -92,6 +98,7 @@ class LDAPConfig: public KCModule

 		LDAPUserInfoList m_userInfoList;
 		LDAPGroupInfoList m_groupInfoList;
+		LDAPMachineInfoList m_machineInfoList;
 };

 #endif
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@ -140,9 +140,7 @@ printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout);
 				LDAPMessage* msg;
 				TQString ldap_base_dn = m_basedc;
 				TQString ldap_filter = TQString("(&(objectclass=posixAccount)(uid=%1))").arg(passdlg.m_base->ldapAdminUsername->text());
-				struct timeval timeout;
-				timeout.tv_sec = 10;	// 10 second timeout
-				retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, &timeout, 0, &msg);
+				retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, NULL, 0, &msg);
 				if (retcode != LDAP_SUCCESS) {
 					KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
 				}
@ -225,7 +223,10 @@ printf("[RAJA DEBUG 100.3] %s: %s\n\r", attr, vals[i]->bv_val);
 			userinfo.informationValid = true;
 			TQString ldap_field = attr;
 			i=0;
-			if (ldap_field == "uidNumber") {
+			if (ldap_field == "creatorsName") {
+				userinfo.creatorsName = vals[i]->bv_val;
+			}
+			else if (ldap_field == "uidNumber") {
 				userinfo.uid = atoi(vals[i]->bv_val);
 			}
 			else if (ldap_field == "loginShell") {
@ -920,6 +921,26 @@ int LDAPManager::deleteGroupInfo(LDAPGroupInfo group) {
 	}
 }

+int LDAPManager::deleteMachineInfo(LDAPMachineInfo machine) {
+	int retcode;
+	LDAPMachineInfo machineinfo;
+
+	if (bind() < 0) {
+		return -1;
+	}
+	else {
+		// Delete the base DN entry
+		retcode = ldap_delete_ext_s(m_ldap, machine.distinguishedName.ascii(), NULL, NULL);
+		if (retcode != LDAP_SUCCESS) {
+			KMessageBox::error(0, i18n("<qt>LDAP deletion failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+			return -2;
+		}
+		else {
+			return 0;
+		}
+	}
+}
+
 LDAPGroupInfo LDAPManager::parseLDAPGroupRecord(LDAPMessage* entry) {
 	char* dn = NULL;
 	char* attr;
@ -949,7 +970,10 @@ for(i = 0; vals[i] != NULL; i++) {
 			groupinfo.informationValid = true;
 			TQString ldap_field = attr;
 			i=0;
-			if (ldap_field == "member") {
+			if (ldap_field == "creatorsName") {
+				groupinfo.creatorsName = vals[i]->bv_val;
+			}
+			else if (ldap_field == "member") {
 				TQStringList members;
 				for(i = 0; vals[i] != NULL; i++) {
 					TQString userdn = vals[i]->bv_val;
@ -977,6 +1001,56 @@ for(i = 0; vals[i] != NULL; i++) {
 	return groupinfo;
 }

+LDAPMachineInfo LDAPManager::parseLDAPMachineRecord(LDAPMessage* entry) {
+	char* dn = NULL;
+	char* attr;
+	struct berval **vals;
+	BerElement* ber;
+	int i;
+
+	LDAPMachineInfo machineinfo;
+
+	if((dn = ldap_get_dn(m_ldap, entry)) != NULL) {
+		printf("Returned dn: %s\n", dn);
+		machineinfo.distinguishedName = dn;
+		TQStringList dnParts = TQStringList::split(",", dn);
+		TQString id = dnParts[0];
+		if (id.startsWith("krb5PrincipalName=host/")) {
+			id = id.remove(0, 23);
+			id.replace("@"+m_realm, "");
+			machineinfo.name = id;
+		}
+		ldap_memfree(dn);
+	}
+
+	for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) {
+		if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL)  {
+for(i = 0; vals[i] != NULL; i++) {
+	printf("[RAJA DEBUG 120.3] %s: %s\n\r", attr, vals[i]->bv_val);
+}
+			machineinfo.informationValid = true;
+			TQString ldap_field = attr;
+			i=0;
+			if (ldap_field == "creatorsName") {
+				machineinfo.creatorsName = vals[i]->bv_val;
+			}
+			else if (ldap_field == "krb5KDCFlags") {
+				machineinfo.status = (LDAPKRB5Flags)(atoi(vals[i]->bv_val));
+			}
+			ldap_value_free_len(vals);
+		}
+		ldap_memfree(attr);
+	}
+
+	if (ber != NULL) {
+		ber_free(ber, 0);
+	}
+
+	printf("\n\r");
+
+	return machineinfo;
+}
+
 LDAPGroupInfoList LDAPManager::groups() {
 	int retcode;
 	LDAPGroupInfoList groups;
@ -1016,6 +1090,43 @@ printf("[RAJA DEBUG 110.2] The number of entries returned was %d\n\n", ldap_coun
 	return LDAPGroupInfoList();
 }

+LDAPMachineInfoList LDAPManager::machines() {
+	int retcode;
+	LDAPMachineInfoList machines;
+printf("[RAJA DEBUG 120.0] In LDAPManager::machines()\n\r"); fflush(stdout);
+
+	if (bind() < 0) {
+		return LDAPMachineInfoList();
+	}
+	else {
+printf("[RAJA DEBUG 120.1] In LDAPManager::machines() bind was OK\n\r"); fflush(stdout);
+		LDAPMessage* msg;
+		TQString ldap_base_dn = m_basedc;
+		TQString ldap_filter = "(&(objectClass=krb5Principal)(uid=host/*))";
+		retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, NULL, 0, &msg);
+		if (retcode != LDAP_SUCCESS) {
+			KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+			return LDAPMachineInfoList();
+		}
+		
+printf("[RAJA DEBUG 120.2] The number of entries returned was %d\n\n", ldap_count_entries(m_ldap, msg));
+
+		// Iterate through the returned entries
+		LDAPMessage* entry;
+		for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) {
+			// RAJA
+			machines.append(parseLDAPMachineRecord(entry));
+		}
+
+		// clean up
+		ldap_msgfree(msg);
+
+		return machines;
+	}
+
+	return LDAPMachineInfoList();
+}
+
 // ===============================================================================================================
 //
 // DATA CLASS CONSTRUCTORS AND DESTRUCTORS
@ -1058,4 +1169,15 @@ LDAPGroupInfo::~LDAPGroupInfo() {
 	//
 }

+LDAPMachineInfo::LDAPMachineInfo() {
+	// TQStrings are always initialized to TQString::null, so they don't need initialization here...
+	informationValid = false;
+
+	status = (LDAPKRB5Flags)0;
+}
+
+LDAPMachineInfo::~LDAPMachineInfo() {
+	//
+}
+
 #include "libtdeldap.moc"
--- a/src/libtdeldap.h
+++ b/src/libtdeldap.h
@ -52,6 +52,7 @@ enum LDAPKRB5Flags {

 	KRB5_ACTIVE_DEFAULT		= KRB5_FORWARDABLE | KRB5_RENEWABLE | KRB5_CLIENT | KRB5_CHANGE_PW,
 	KRB5_DISABLED_ACCOUNT		= KRB5_FORWARDABLE | KRB5_SERVER | KRB5_INVALID | KRB5_REQUIRE_PREAUTH | KRB5_REQUIRE_HWAUTH | KRB5_OK_AS_DELEGATE | KRB5_USER_TO_USER,
+	KRB5_MACHINE_ACCOUNT_DEFAULT	= KRB5_FORWARDABLE | KRB5_PROXIABLE | KRB5_RENEWABLE | KRB5_POSTDATE | KRB5_SERVER | KRB5_CLIENT,
 	KRB5_FLAG_MAX			= 0x80000000
 };

@ -75,6 +76,7 @@ class LDAPUserInfo
 	public:
 		bool informationValid;
 		TQString distinguishedName;
+		TQString creatorsName;

 		TQString name;
 		uid_t uid;
@ -153,14 +155,31 @@ class LDAPGroupInfo
 	public:
 		bool informationValid;
 		TQString distinguishedName;
+		TQString creatorsName;

 		TQString name;
 		gid_t gid;
 		TQStringList userlist;
 };

+class LDAPMachineInfo
+{
+	public:
+		LDAPMachineInfo();
+		~LDAPMachineInfo();
+
+	public:
+		bool informationValid;
+		TQString distinguishedName;
+		TQString creatorsName;
+
+		TQString name;
+		LDAPKRB5Flags status;
+};
+
 typedef TQValueList<LDAPUserInfo> LDAPUserInfoList;
 typedef TQValueList<LDAPGroupInfo> LDAPGroupInfoList;
+typedef TQValueList<LDAPMachineInfo> LDAPMachineInfoList;

 class LDAPManager : public TQObject {
 	Q_OBJECT
@ -175,6 +194,7 @@ class LDAPManager : public TQObject {
 		int unbind(bool force);
 		LDAPUserInfoList users();
 		LDAPGroupInfoList groups();
+		LDAPMachineInfoList machines();
 		LDAPUserInfo getUserByDistinguishedName(TQString dn);
 		LDAPGroupInfo getGroupByDistinguishedName(TQString dn);
 		int updateUserInfo(LDAPUserInfo user);
@ -183,12 +203,14 @@ class LDAPManager : public TQObject {
 		int addGroupInfo(LDAPGroupInfo group);
 		int deleteUserInfo(LDAPUserInfo user);
 		int deleteGroupInfo(LDAPGroupInfo group);
+		int deleteMachineInfo(LDAPMachineInfo machine);

 		LDAPCredentials currentLDAPCredentials();

 	private:
 		LDAPUserInfo parseLDAPUserRecord(LDAPMessage* entry);
 		LDAPGroupInfo parseLDAPGroupRecord(LDAPMessage* entry);
+		LDAPMachineInfo parseLDAPMachineRecord(LDAPMessage* entry);

 	private:
 		TQString m_realm;