[checkmk-commits] Check_MK Git: check_mk: FIX: LDAP: Custom user attributes can now be synced again

Module: check_mk Branch: master Commit: 22b9790bb52ef1447e6fb5449a372b76cbc04dad URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=22b9790bb52ef1… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Wed Oct 23 15:49:09 2013 +0200 FIX: LDAP: Custom user attributes can now be synced again --- ChangeLog | 1 + web/plugins/userdb/ldap.py | 22 +++++++++++----------- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/ChangeLog b/ChangeLog index 99321d3..834cc10 100644 --- a/ChangeLog +++ b/ChangeLog @@ -39,6 +39,7 @@ (This might break code which uses some uncommon chars for varnames) * FIX: Fixed computation of perfometer values, which did not care about the snmp_check_interval. Simplyfied computation of perfometer values + * FIX: LDAP: Custom user attributes can now be synced again BI: * FIX: Fix exception when showing BI tree in reporting time warp diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py index 77faf2e..a8c1056 100644 --- a/web/plugins/userdb/ldap.py +++ b/web/plugins/userdb/ldap.py @@ -608,7 +608,7 @@ def ldap_convert_simple(user_id, ldap_user, user, user_attr, attr): else: return {} -def ldap_convert_mail(params, user_id, ldap_user, user): +def ldap_convert_mail(plugin, params, user_id, ldap_user, user): mail = '' if ldap_user.get(params.get('attr', ldap_attr('mail'))): mail = ldap_user[params.get('attr', ldap_attr('mail'))][0].lower() @@ -641,7 +641,7 @@ ldap_attribute_plugins['alias'] = { 'help': _('Populates the alias attribute of the WATO user by syncrhonizing an attribute ' 'from the LDAP user account. By default the LDAP attribute "cn" is used.'), 'needed_attributes': lambda params: [ params.get('attr', ldap_attr('cn')) ], - 'convert': lambda params, user_id, ldap_user, user: \ + 'convert': lambda plugin, params, user_id, ldap_user, user: \ ldap_convert_simple(user_id, ldap_user, user, 'alias', params.get('attr', ldap_attr('cn'))), 'lock_attributes': [ 'alias' ], @@ -657,7 +657,7 @@ ldap_attribute_plugins['alias'] = { # Checks wether or not the user auth must be invalidated (increasing the serial). # In first instance, it must parse the pw-changed field, then check wether or not # a date has been stored in the user before and then maybe increase the serial. -def ldap_convert_auth_expire(params, user_id, ldap_user, user): +def ldap_convert_auth_expire(plugin, params, user_id, ldap_user, user): changed_attr = params.get('attr', ldap_attr('pw_changed')) if not changed_attr in ldap_user: raise MKLDAPException(_('The "Authentication Expiration" attribute (%s) could not be fetched ' @@ -710,7 +710,7 @@ ldap_attribute_plugins['pager'] = { 'of the WATO user accounts, which is then forwarded to Nagios and can be used' 'for notifications. By default the LDAP attribute "mobile" is used.'), 'needed_attributes': lambda params: [ params.get('attr', ldap_attr('mobile')) ], - 'convert': lambda params, user_id, ldap_user, user: \ + 'convert': lambda plugin, params, user_id, ldap_user, user: \ ldap_convert_simple(user_id, ldap_user, user, 'pager', params.get('attr', ldap_attr('mobile'))), 'lock_attributes': ['pager'], @@ -729,10 +729,10 @@ def register_user_attribute_sync_plugins(): ldap_attribute_plugins[attr] = { 'title': val['valuespec'].title(), 'help': val['valuespec'].help(), - 'needed_attributes': lambda params: [ params.get('attr', ldap_attr(attr)) ], - 'convert': lambda params, user_id, ldap_user, user: \ - ldap_convert_simple(user_id, ldap_user, user, attr, - params.get('attr', ldap_attr(attr))), + 'needed_attributes': lambda params: [ params.get('attr', ldap_attr(attr)).lower() ], + 'convert': lambda plugin, params, user_id, ldap_user, user: \ + ldap_convert_simple(user_id, ldap_user, user, plugin, + params.get('attr', ldap_attr(plugin)).lower()), 'lock_attributes': [ attr ], 'parameters': [ ('attr', TextAscii( @@ -745,7 +745,7 @@ def register_user_attribute_sync_plugins(): register_user_attribute_sync_plugins() -def ldap_convert_groups_to_contactgroups(params, user_id, ldap_user, user): +def ldap_convert_groups_to_contactgroups(plugin, params, user_id, ldap_user, user): groups = [] # 1. Fetch CNs of all LDAP groups of the user (use group_dn, group_filter) ldap_groups = ldap_user_groups(user_id, ldap_user['dn'], nested = params.get('nested', False)) @@ -777,7 +777,7 @@ ldap_attribute_plugins['groups_to_contactgroups'] = { ], } -def ldap_convert_groups_to_roles(params, user_id, ldap_user, user): +def ldap_convert_groups_to_roles(plugin, params, user_id, ldap_user, user): groups = [] # 1. Fetch DNs of all LDAP groups of the user ldap_groups = [ g.lower() for g in ldap_user_groups(user_id, ldap_user['dn'], @@ -911,7 +911,7 @@ def ldap_sync(add_to_changelog, only_username): # Gather config from convert functions of plugins for key, params in config.ldap_active_plugins.items(): - user.update(ldap_attribute_plugins[key]['convert'](params or {}, user_id, ldap_user, user)) + user.update(ldap_attribute_plugins[key]['convert'](key, params or {}, user_id, ldap_user, user)) if not mode_create and user == users[user_id]: continue # no modification. Skip this user.