-
Notifications
You must be signed in to change notification settings - Fork 0
For each Group and Object Template, you need to associate a Script Python file.
This Script File enables the Template to make some customization for attributes ONLY for Object Template, group does not need it).
There are two attributes type:
-
compute
-
clean
Compute is a variable created automatically, the user does not need to enter its value.
Clean enables to make some customization for attribute value enter by the user. (For example, put the first letter in upper : if the value is cedj, then its clean_attribute should be Cedj)
All your method from attribute must be : clean_"attributeName" or compute_"attributeName".
In your script file, you need to add some class method, for LDAP Server information, such as the DN of the object (or group) and its object classes (plus attribute name for the Group). Those values are used to manage ldap object.
Example
Object Template:
# All your script File Object Template must inherit the LBEObjectInstanceForm Class for attributes type
class EmployeePostConfig(LBEObjectInstanceForm):
# You need to specify this constructor in order to get the Objects class
def __init__(self, lbeObjectTemplate, lbeObjectInstance=None, *args, **kwargs):
self.template = lbeObjectTemplate
self.instance = lbeObjectInstance
# call LBEObjectInstanceForm constructor class (for creating the attribute type)
super(EmployeePostConfig, self).__init__(self.template, *args, **kwargs)
# This is the DN base value for your object
@classmethod
def base_dn(cls):
return 'ou=Employees,ou=People,dc=opencsi,dc=com'
# This is your object Template LDAP definition
@classmethod
def object_classes(cls):
return ['top', 'person', 'organizationalPerson', 'inetOrgPerson']
# This is the search method for the Target [ldap type search scope]
# if this method does not exist, the default value will be 0 [BASE]
@classmethod
def search_scope(cls):
return 2
# This method enables to ignore some attributes into reconciliation part
@classmethod
def ignore_attributes(cls):
return ['title']
# Now, its time for clean and compute attributes manage
# WARNING: all of your attribute function manage MUST return a list (!)
# if an error occurs, you must (too) raise a forms.ValidationErro to inform
# the user about the error.
# As mentioned above, This function capitalize the attribute value
def clean_givenName(self):
try:
# Mono value:
return [self.cleaned_data['givenName'].capitalize()]
except:
# You can be more specific about the error
raise forms.ValidationError("The field must be a valid attribute.")
# If you manage Multi value, you need to do like this:
def clean_telephoneNumber(self):
try:
# Multi value:
tab = []
i = 0
for value in self.cleaned_data['telephoneNumber'].split(' \ 0 '): # without space
if not value == "":
tab.append(value)
i = i + 1
return tab
except:
raise forms.ValidationError("The field #" + str(i) + " must be a valid attribute.")
# This is a compute value, for example the mail attribute:
# Here, we want the givenName value as we add the @opencsi.com value.
# As you can see, in order to get the givenName value, we use its instance object
# which is self.instance.attributes['givenName'][0] from constructor.
def compute_mail(self):
return [self.instance.attributes['givenName'][0] + '@opencsi.com']You need to add all of your attribute Object Template (less References attribute and list box).
Group Template
class GROUPPostConfig:
# These methods are used only for LDAP target. Must be class methods
# instanceNameAttribute will be used as RDN attribute
@classmethod
def base_dn(cls):
return 'ou=Groups,dc=opencsi,dc=com'
# Note this method must return a list
@classmethod
def object_classes(cls):
return ['top', 'groupOfUniqueNames']
@classmethod
def search_scope(cls):
return 2
# The group's attribute name for the groupOfUniqueNames class
@classmethod
def attribute_name(cls):
return 'uniqueMember'That's all for the Group Template, as you can see we don't need to use the clean_ and compute_ method for Group.
But you need to specify as the Object Template its object classes and DN Base.
The new class method is about its attribute member value. Here for example, the group Template is groupOfUniqueNames in LDAP, then we need to specify in the Script File its attribute name which is uniqueMember.
WARNING: you need to put the same LDAP value in lower and upper case.