Add machine support

pull/1/head
Timothy Pearson 13 years ago
parent 93a591d8f0
commit 6d3279772d

@ -81,11 +81,15 @@ LDAPConfig::LDAPConfig(TQWidget *parent, const char *name, const TQStringList&)
base->user_status->setEnabled(false);
base->user_secondaryGroups->setEnabled(false);
base->machine_name->setEnabled(false);
base->machine_author->setEnabled(false);
connect(base->user_ldapRealm, TQT_SIGNAL(activated(const TQString&)), this, TQT_SLOT(connectToRealm(const TQString&)));
connect(base->group_ldapRealm, TQT_SIGNAL(activated(const TQString&)), this, TQT_SLOT(connectToRealm(const TQString&)));
connect(base->machine_ldapRealm, TQT_SIGNAL(activated(const TQString&)), this, TQT_SLOT(connectToRealm(const TQString&)));
connect(base->user_list, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(userHighlighted()));
connect(base->group_list, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(groupHighlighted()));
connect(base->machine_list, TQT_SIGNAL(selectionChanged()), this, TQT_SLOT(machineHighlighted()));
connect(base->user_buttonAdd, TQT_SIGNAL(clicked()), this, TQT_SLOT(addNewUser()));
connect(base->group_buttonAdd, TQT_SIGNAL(clicked()), this, TQT_SLOT(addNewGroup()));
@ -93,6 +97,7 @@ LDAPConfig::LDAPConfig(TQWidget *parent, const char *name, const TQStringList&)
connect(base->group_buttonModify, TQT_SIGNAL(clicked()), this, TQT_SLOT(modifySelectedGroup()));
connect(base->user_buttonDelete, TQT_SIGNAL(clicked()), this, TQT_SLOT(removeSelectedUser()));
connect(base->group_buttonDelete, TQT_SIGNAL(clicked()), this, TQT_SLOT(removeSelectedGroup()));
connect(base->machine_buttonDelete, TQT_SIGNAL(clicked()), this, TQT_SLOT(removeSelectedMachine()));
load();
@ -183,8 +188,8 @@ void LDAPConfig::processLockouts() {
// FIXME
// Disable machine add/modify as they are not implemented
// In fact, I don't know if I CAN implement them!
base->machine_buttonAdd->setEnabled(true);
base->machine_buttonModify->setEnabled(true);
base->machine_buttonAdd->setEnabled(false);
base->machine_buttonModify->setEnabled(false);
}
void LDAPConfig::connectToRealm(const TQString& realm) {
@ -210,13 +215,11 @@ void LDAPConfig::connectToRealm(const TQString& realm) {
void LDAPConfig::updateAllInformation() {
populateUsers();
populateGroups();
// RAJA FIXME
// Machines??
populateMachines();
updateUsersList();
updateGroupsList();
// RAJA FIXME
// Machines??
updateMachinesList();
}
void LDAPConfig::populateUsers() {
@ -227,6 +230,10 @@ void LDAPConfig::populateGroups() {
m_groupInfoList = m_ldapmanager->groups();
}
void LDAPConfig::populateMachines() {
m_machineInfoList = m_ldapmanager->machines();
}
void LDAPConfig::updateUsersList() {
TQListViewItem* itm = base->user_list->selectedItem();
TQString prevSelectedItemText;
@ -270,6 +277,27 @@ void LDAPConfig::updateGroupsList() {
processLockouts();
}
void LDAPConfig::updateMachinesList() {
TQListViewItem* itm = base->machine_list->selectedItem();
TQString prevSelectedItemText;
if (itm) {
prevSelectedItemText = itm->text(0);
}
base->machine_list->clear();
LDAPMachineInfoList::Iterator it;
for (it = m_machineInfoList.begin(); it != m_machineInfoList.end(); ++it) {
LDAPMachineInfo machine = *it;
itm = new TQListViewItem(base->machine_list, machine.name);
if (prevSelectedItemText != "") {
if (machine.name == prevSelectedItemText) {
base->machine_list->setSelected(itm, true);
}
}
}
processLockouts();
}
LDAPUserInfo LDAPConfig::findUserInfoByName(TQString name) {
// Figure out which user is selected
LDAPUserInfoList::Iterator it;
@ -294,6 +322,18 @@ LDAPGroupInfo LDAPConfig::findGroupInfoByName(TQString name) {
return LDAPGroupInfo();
}
LDAPMachineInfo LDAPConfig::findMachineInfoByName(TQString name) {
// Figure out which machine is selected
LDAPMachineInfoList::Iterator it;
for (it = m_machineInfoList.begin(); it != m_machineInfoList.end(); ++it) {
LDAPMachineInfo machine = *it;
if (machine.name == name) {
return machine;
}
}
return LDAPMachineInfo();
}
LDAPUserInfo LDAPConfig::findUserInfoByNameAndUID(TQString name, TQString uid) {
// Figure out which user is selected
LDAPUserInfoList::Iterator it;
@ -346,6 +386,14 @@ LDAPGroupInfo LDAPConfig::selectedGroup() {
return findGroupInfoByNameAndGID(lvi->text(0), lvi->text(1));
}
LDAPMachineInfo LDAPConfig::selectedMachine() {
TQListViewItem* lvi = base->machine_list->selectedItem();
if (!lvi) {
return LDAPMachineInfo();
}
return findMachineInfoByName(lvi->text(0));
}
LDAPUserInfo LDAPConfig::findUserByDistinguishedName(TQString dn) {
LDAPUserInfoList::Iterator it;
for (it = m_userInfoList.begin(); it != m_userInfoList.end(); ++it) {
@ -415,6 +463,16 @@ void LDAPConfig::groupHighlighted() {
processLockouts();
}
void LDAPConfig::machineHighlighted() {
// Show information in the quick view area
LDAPMachineInfo machine = selectedMachine();
base->machine_name->setText(machine.name);
base->machine_author->setText(findUserByDistinguishedName(machine.creatorsName).name);
processLockouts();
}
void LDAPConfig::addNewUser() {
// Launch a dialog to add the user
LDAPUserInfo user;
@ -603,6 +661,16 @@ void LDAPConfig::removeSelectedGroup() {
updateAllInformation();
}
void LDAPConfig::removeSelectedMachine() {
LDAPMachineInfo machine = selectedMachine();
if (KMessageBox::warningYesNo(this, i18n("<qt><b>You are about to delete the machine %1</b><br>This action cannot be undone<p>Are you sure you want to proceed?</qt>").arg(machine.name), i18n("Confirmation Required")) == KMessageBox::Yes) {
m_ldapmanager->deleteMachineInfo(machine);
}
updateAllInformation();
}
TQString readFullLineFromPtyProcess(PtyProcess* proc) {
TQString result = "";
while ((!result.contains("\n")) && (!result.contains(":")) && (!result.contains(">"))) {

@ -55,21 +55,26 @@ class LDAPConfig: public KCModule
void connectToRealm(const TQString&);
void populateUsers();
void populateGroups();
void populateMachines();
void updateUsersList();
void updateGroupsList();
void updateMachinesList();
void userHighlighted();
void groupHighlighted();
void machineHighlighted();
void addNewUser();
void addNewGroup();
void modifySelectedUser();
void modifySelectedGroup();
void removeSelectedUser();
void removeSelectedGroup();
void removeSelectedMachine();
void updateAllInformation();
public:
LDAPUserInfo findUserInfoByName(TQString name);
LDAPGroupInfo findGroupInfoByName(TQString name);
LDAPMachineInfo findMachineInfoByName(TQString name);
LDAPUserInfo findUserInfoByNameAndUID(TQString name, TQString uid);
LDAPGroupInfo findGroupInfoByNameAndGID(TQString name, TQString gid);
LDAPGroupInfo findGroupInfoByGID(TQString gid);
@ -81,6 +86,7 @@ class LDAPConfig: public KCModule
private:
LDAPUserInfo selectedUser();
LDAPGroupInfo selectedGroup();
LDAPMachineInfo selectedMachine();
int setPasswordForUser(LDAPUserInfo user, TQString *errstr);
private:
@ -92,6 +98,7 @@ class LDAPConfig: public KCModule
LDAPUserInfoList m_userInfoList;
LDAPGroupInfoList m_groupInfoList;
LDAPMachineInfoList m_machineInfoList;
};
#endif

@ -140,9 +140,7 @@ printf("[RAJA DEBUG 600.0] In LDAPManager::bind()\n\r"); fflush(stdout);
LDAPMessage* msg;
TQString ldap_base_dn = m_basedc;
TQString ldap_filter = TQString("(&(objectclass=posixAccount)(uid=%1))").arg(passdlg.m_base->ldapAdminUsername->text());
struct timeval timeout;
timeout.tv_sec = 10; // 10 second timeout
retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, &timeout, 0, &msg);
retcode = ldap_search_ext_s(ldapconn, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), NULL, 0, NULL, NULL, NULL, 0, &msg);
if (retcode != LDAP_SUCCESS) {
KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
}
@ -225,7 +223,10 @@ printf("[RAJA DEBUG 100.3] %s: %s\n\r", attr, vals[i]->bv_val);
userinfo.informationValid = true;
TQString ldap_field = attr;
i=0;
if (ldap_field == "uidNumber") {
if (ldap_field == "creatorsName") {
userinfo.creatorsName = vals[i]->bv_val;
}
else if (ldap_field == "uidNumber") {
userinfo.uid = atoi(vals[i]->bv_val);
}
else if (ldap_field == "loginShell") {
@ -920,6 +921,26 @@ int LDAPManager::deleteGroupInfo(LDAPGroupInfo group) {
}
}
int LDAPManager::deleteMachineInfo(LDAPMachineInfo machine) {
int retcode;
LDAPMachineInfo machineinfo;
if (bind() < 0) {
return -1;
}
else {
// Delete the base DN entry
retcode = ldap_delete_ext_s(m_ldap, machine.distinguishedName.ascii(), NULL, NULL);
if (retcode != LDAP_SUCCESS) {
KMessageBox::error(0, i18n("<qt>LDAP deletion failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
return -2;
}
else {
return 0;
}
}
}
LDAPGroupInfo LDAPManager::parseLDAPGroupRecord(LDAPMessage* entry) {
char* dn = NULL;
char* attr;
@ -949,7 +970,10 @@ for(i = 0; vals[i] != NULL; i++) {
groupinfo.informationValid = true;
TQString ldap_field = attr;
i=0;
if (ldap_field == "member") {
if (ldap_field == "creatorsName") {
groupinfo.creatorsName = vals[i]->bv_val;
}
else if (ldap_field == "member") {
TQStringList members;
for(i = 0; vals[i] != NULL; i++) {
TQString userdn = vals[i]->bv_val;
@ -977,6 +1001,56 @@ for(i = 0; vals[i] != NULL; i++) {
return groupinfo;
}
LDAPMachineInfo LDAPManager::parseLDAPMachineRecord(LDAPMessage* entry) {
char* dn = NULL;
char* attr;
struct berval **vals;
BerElement* ber;
int i;
LDAPMachineInfo machineinfo;
if((dn = ldap_get_dn(m_ldap, entry)) != NULL) {
printf("Returned dn: %s\n", dn);
machineinfo.distinguishedName = dn;
TQStringList dnParts = TQStringList::split(",", dn);
TQString id = dnParts[0];
if (id.startsWith("krb5PrincipalName=host/")) {
id = id.remove(0, 23);
id.replace("@"+m_realm, "");
machineinfo.name = id;
}
ldap_memfree(dn);
}
for( attr = ldap_first_attribute(m_ldap, entry, &ber); attr != NULL; attr = ldap_next_attribute(m_ldap, entry, ber)) {
if ((vals = ldap_get_values_len(m_ldap, entry, attr)) != NULL) {
for(i = 0; vals[i] != NULL; i++) {
printf("[RAJA DEBUG 120.3] %s: %s\n\r", attr, vals[i]->bv_val);
}
machineinfo.informationValid = true;
TQString ldap_field = attr;
i=0;
if (ldap_field == "creatorsName") {
machineinfo.creatorsName = vals[i]->bv_val;
}
else if (ldap_field == "krb5KDCFlags") {
machineinfo.status = (LDAPKRB5Flags)(atoi(vals[i]->bv_val));
}
ldap_value_free_len(vals);
}
ldap_memfree(attr);
}
if (ber != NULL) {
ber_free(ber, 0);
}
printf("\n\r");
return machineinfo;
}
LDAPGroupInfoList LDAPManager::groups() {
int retcode;
LDAPGroupInfoList groups;
@ -1016,6 +1090,43 @@ printf("[RAJA DEBUG 110.2] The number of entries returned was %d\n\n", ldap_coun
return LDAPGroupInfoList();
}
LDAPMachineInfoList LDAPManager::machines() {
int retcode;
LDAPMachineInfoList machines;
printf("[RAJA DEBUG 120.0] In LDAPManager::machines()\n\r"); fflush(stdout);
if (bind() < 0) {
return LDAPMachineInfoList();
}
else {
printf("[RAJA DEBUG 120.1] In LDAPManager::machines() bind was OK\n\r"); fflush(stdout);
LDAPMessage* msg;
TQString ldap_base_dn = m_basedc;
TQString ldap_filter = "(&(objectClass=krb5Principal)(uid=host/*))";
retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, NULL, 0, &msg);
if (retcode != LDAP_SUCCESS) {
KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
return LDAPMachineInfoList();
}
printf("[RAJA DEBUG 120.2] The number of entries returned was %d\n\n", ldap_count_entries(m_ldap, msg));
// Iterate through the returned entries
LDAPMessage* entry;
for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) {
// RAJA
machines.append(parseLDAPMachineRecord(entry));
}
// clean up
ldap_msgfree(msg);
return machines;
}
return LDAPMachineInfoList();
}
// ===============================================================================================================
//
// DATA CLASS CONSTRUCTORS AND DESTRUCTORS
@ -1058,4 +1169,15 @@ LDAPGroupInfo::~LDAPGroupInfo() {
//
}
LDAPMachineInfo::LDAPMachineInfo() {
// TQStrings are always initialized to TQString::null, so they don't need initialization here...
informationValid = false;
status = (LDAPKRB5Flags)0;
}
LDAPMachineInfo::~LDAPMachineInfo() {
//
}
#include "libtdeldap.moc"

@ -52,6 +52,7 @@ enum LDAPKRB5Flags {
KRB5_ACTIVE_DEFAULT = KRB5_FORWARDABLE | KRB5_RENEWABLE | KRB5_CLIENT | KRB5_CHANGE_PW,
KRB5_DISABLED_ACCOUNT = KRB5_FORWARDABLE | KRB5_SERVER | KRB5_INVALID | KRB5_REQUIRE_PREAUTH | KRB5_REQUIRE_HWAUTH | KRB5_OK_AS_DELEGATE | KRB5_USER_TO_USER,
KRB5_MACHINE_ACCOUNT_DEFAULT = KRB5_FORWARDABLE | KRB5_PROXIABLE | KRB5_RENEWABLE | KRB5_POSTDATE | KRB5_SERVER | KRB5_CLIENT,
KRB5_FLAG_MAX = 0x80000000
};
@ -75,6 +76,7 @@ class LDAPUserInfo
public:
bool informationValid;
TQString distinguishedName;
TQString creatorsName;
TQString name;
uid_t uid;
@ -153,14 +155,31 @@ class LDAPGroupInfo
public:
bool informationValid;
TQString distinguishedName;
TQString creatorsName;
TQString name;
gid_t gid;
TQStringList userlist;
};
class LDAPMachineInfo
{
public:
LDAPMachineInfo();
~LDAPMachineInfo();
public:
bool informationValid;
TQString distinguishedName;
TQString creatorsName;
TQString name;
LDAPKRB5Flags status;
};
typedef TQValueList<LDAPUserInfo> LDAPUserInfoList;
typedef TQValueList<LDAPGroupInfo> LDAPGroupInfoList;
typedef TQValueList<LDAPMachineInfo> LDAPMachineInfoList;
class LDAPManager : public TQObject {
Q_OBJECT
@ -175,6 +194,7 @@ class LDAPManager : public TQObject {
int unbind(bool force);
LDAPUserInfoList users();
LDAPGroupInfoList groups();
LDAPMachineInfoList machines();
LDAPUserInfo getUserByDistinguishedName(TQString dn);
LDAPGroupInfo getGroupByDistinguishedName(TQString dn);
int updateUserInfo(LDAPUserInfo user);
@ -183,12 +203,14 @@ class LDAPManager : public TQObject {
int addGroupInfo(LDAPGroupInfo group);
int deleteUserInfo(LDAPUserInfo user);
int deleteGroupInfo(LDAPGroupInfo group);
int deleteMachineInfo(LDAPMachineInfo machine);
LDAPCredentials currentLDAPCredentials();
private:
LDAPUserInfo parseLDAPUserRecord(LDAPMessage* entry);
LDAPGroupInfo parseLDAPGroupRecord(LDAPMessage* entry);
LDAPMachineInfo parseLDAPMachineRecord(LDAPMessage* entry);
private:
TQString m_realm;

Loading…
Cancel
Save