Add an LDAP attribute -> label mapping function to XML-RPC layer

Move some ACI functions around in preparation for cli delegation

ipa-python/aci.py

@@ -17,6 +17,7 @@
 
 import re
 import urllib
+import ldap
 
 import ipa.ipautil
 
@@ -129,3 +130,28 @@ class ACI:
         acistr = self._match(';)', acistr)
         if len(acistr) > 0:
             raise SyntaxError, "unexpected aci suffix at '%s'" % acistr
+
+def extract_group_cns(aci_list, client):
+    """Extracts all the cn's from a list of aci's and returns them as a hash
+       from group_dn to group_cn.
+
+       It first tries to cheat by looking at the first rdn for the
+       group dn.  If that's not cn for some reason, it looks up the group."""
+    group_dn_to_cn = {}
+    for aci in aci_list:
+        for dn in (aci.source_group, aci.dest_group):
+            if not group_dn_to_cn.has_key(dn):
+                rdn_list = ldap.dn.str2dn(dn)
+                first_rdn = rdn_list[0]
+                for (type,value,junk) in first_rdn:
+                    if type == "cn":
+                        group_dn_to_cn[dn] = value
+                        break;
+                else:
+                    try:
+                        group = client.get_entry_by_dn(dn, ['cn'])
+                        group_dn_to_cn[dn] = group.getValue('cn')
+                    except ipaerror.IPAError, e:
+                        group_dn_to_cn[dn] = 'unknown'
+
+    return group_dn_to_cn

ipa-python/ipaclient.py

@@ -311,3 +311,8 @@ class IPAClient:
         """
 
         return self.transport.add_group_to_group(group_cn, tgroup_cn)
+
+    def attrs_to_labels(self,attrs):
+        """Convert a list of LDAP attributes into a more readable form."""
+
+        return self.transport.attrs_to_labels(attrs)

ipa-python/rpcclient.py

@@ -561,3 +561,16 @@ class RPCClient:
             raise xmlrpclib.Fault(value, msg)
     
         return ipautil.unwrap_binary_data(result)
+
+    def attrs_to_labels(self,attrs):
+        """Convert a list of LDAP attributes into a more readable form."""
+
+        server = self.setup_server()
+        try:
+            result = server.attrs_to_labels(attrs)
+        except xmlrpclib.Fault, fault:
+            raise ipaerror.gen_exception(fault.faultCode, fault.faultString)
+        except socket.error, (value, msg):
+            raise xmlrpclib.Fault(value, msg)
+
+        return ipautil.unwrap_binary_data(result)

ipa-server/ipa-gui/ipagui/subcontrollers/delegation.py

@@ -95,7 +95,7 @@ class DelegationController(IPAController):
         try:
             aci_entry = client.get_aci_entry(aci_fields)
             aci = ipa.aci.ACI(acistr)
-            group_dn_to_cn = self.extract_group_cns([aci], client)
+            group_dn_to_cn = ipa.aci.extract_group_cns([aci], client)
 
             delegate = aci.to_dict()
             delegate['source_group_dn'] = delegate['source_group']
@@ -192,7 +192,7 @@ class DelegationController(IPAController):
             except SyntaxError:
                 # ignore aci_str's that ACI can't parse
                 pass
-        group_dn_to_cn = self.extract_group_cns(aci_list, client)
+        group_dn_to_cn = ipa.aci.extract_group_cns(aci_list, client)
 
         # The list page needs to display field labels, not raw
         # LDAP attributes
@@ -268,29 +268,3 @@ class DelegationController(IPAController):
     @identity.require(identity.not_anonymous())
     def delegatevalidate(self, tg_errors=None, **kw):
         return tg_errors, kw
-
-    def extract_group_cns(self, aci_list, client):
-        """Extracts all the cn's from a list of aci's and returns them as a hash
-           from group_dn to group_cn.
-
-           It first tries to cheat by looking at the first rdn for the
-           group dn.  If that's not cn for some reason, it looks up the group."""
-        group_dn_to_cn = {}
-        for aci in aci_list:
-            for dn in (aci.source_group, aci.dest_group):
-                if not group_dn_to_cn.has_key(dn):
-                    rdn_list = ldap.dn.str2dn(dn)
-                    first_rdn = rdn_list[0]
-                    for (type,value,junk) in first_rdn:
-                        if type == "cn":
-                            group_dn_to_cn[dn] = value
-                            break;
-                    else:
-                        try:
-                            group = client.get_entry_by_dn(dn, ['cn'])
-                            group_dn_to_cn[dn] = group.getValue('cn')
-                        except ipaerror.IPAError, e:
-                            group_dn_to_cn[dn] = 'unknown'
-
-        return group_dn_to_cn
-

ipa-server/xmlrpc-server/Makefile.am

@@ -12,6 +12,7 @@ html_DATA =			\
 
 serverdir = $(IPA_DATA_DIR)/ipaserver
 server_PYTHON =			\
+	attrs.py		\
 	funcs.py		\
 	ipaxmlrpc.py		\
 	$(NULL)

ipa-server/xmlrpc-server/attrs.py

@@ -0,0 +1,53 @@
+# Authors: Rob Crittenden <rcritten@redhat.com>
+#
+# Copyright (C) 2007  Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 only
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+attr_label_list = {
+    "givenname":"Given Name",
+    "sn":"Family Name",
+    "cn":"Common Name",
+    "title":"Title",
+    "displayname":"Display Name",
+    "initials":"Initials",
+    "uid":"Login",
+    "userpassword":"Password",
+    "uidnumber":"UID",
+    "gidnumber":"GID",
+    "homedirectory":"Home Directory",
+    "loginshell":"Login Shell",
+    "gecos":"GECOS",
+    "mail":"E-mail Address",
+    "telephonenumber":"Work Number",
+    "facsimiletelephonenumber":"Fax Number",
+    "mobile":"Cell Number",
+    "homephone":"Home Number",
+    "street":"Street Address",
+    "l":"City",
+    "st":"State",
+    "postalcode":"ZIP",
+    "ou":"Org Unit",
+    "businesscategory":"Tags",
+    "description":"Description",
+    "employeetype":"Employee Type",
+    "manager":"Manager",
+    "roomnumber":"Room Number",
+    "secretary":"Secretary",
+    "carlicense":"Car License",
+    "labelduri":"Home Page",
+    "nsaccountlock":"Account Status"
+}

ipa-server/xmlrpc-server/funcs.py

@@ -28,6 +28,7 @@ import ipaserver.ipaldap
 import ipa.ipautil
 import xmlrpclib
 import copy
+import attrs
 from ipa import ipaerror
 
 import string
@@ -1051,6 +1052,16 @@ class IPAServer:
             raise
         return ret
 
+    def attrs_to_labels(self, attr_list, opts=None):
+        """Take a list of LDAP attributes and convert them to more friendly
+           labels."""
+        label_list = {}
+
+        for a in attr_list:
+            label_list[a] = attrs.attr_label_list.get(a,a)
+
+        return label_list
+
 def ldap_search_escape(match):
     """Escapes out nasty characters from the ldap search.
     See RFC 2254."""

ipa-server/xmlrpc-server/ipaxmlrpc.py

@@ -349,6 +349,7 @@ def handler(req, profiling=False):
             h.register_function(f.remove_groups_from_user)
             h.register_function(f.update_group)
             h.register_function(f.delete_group)
+            h.register_function(f.attrs_to_labels)
             h.handle_request(req)
         finally:
              pass