Skip to content

Commit

Permalink
Fix LDAP code
Browse files Browse the repository at this point in the history
  • Loading branch information
@enolfc
enolfc committed Apr 9, 2024
1 parent 270e144 commit b68d869
Show file tree
Hide file tree
Showing 2 changed files with 38 additions and 20 deletions.
9 changes: 7 additions & 2 deletions fedcloud_vm_monitoring/cli.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,12 @@
@click.option("--show-quotas", default=True, help="Show quotas for VO")
@click.option(
"--ldap-server",
default="ldaps://ldap.aai.egi.eu:636/",
default="ldaps://ldap.aai.egi.eu:636",
help="LDAP server for VO membership",
)
@click.option(
"--ldap-base-dn",
default="dc=vo.access.egi.eu,dc=ldap,dc=aai,dc=egi,dc=eu",
default="ou=people,dc=ldap,dc=aai,dc=egi,dc=eu",
help="LDAP base DN",
)
@click.option("--ldap-user", help="LDAP user")
Expand All @@ -47,6 +47,11 @@ def main(
ldap_password,
ldap_search_filter,
):

import logging
logging.basicConfig(level=logging.CRITICAL)
from ldap3.utils.log import set_library_log_activation_level
set_library_log_activation_level(logging.CRITICAL)
ldap_config = {}
if ldap_user and ldap_password:
ldap_config.update(
Expand Down
49 changes: 31 additions & 18 deletions fedcloud_vm_monitoring/site_monitor.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@

import click
import ldap3
from ldap3.core.exceptions import LDAPException
from dateutil.parser import parse
from fedcloudclient.openstack import fedcloud_openstack
from fedcloudclient.sites import find_endpoint_and_project_id
Expand Down Expand Up @@ -50,6 +51,13 @@ def _run_command(self, command, do_raise=True, json_output=True, scoped=True):
def get_user(self, user_id):
if not self.users:
all_users = []
try:
command = ("user", "list")
all_users = self._run_command(command)
except SiteMonitorException as e:
click.secho(f"WARNING: Unable to get user list: {e}", fg="yellow")
# this didn't work but it's ok
pass
try:
# trick fedcloudclient to give us what we need
command = ("token", "issue")
Expand Down Expand Up @@ -97,28 +105,33 @@ def get_user_email(self, egi_user):
return ""
# TODO: this is untested code
if not self.user_emails:
# get the emails
server = ldap3.Server(self.ldap_config["server"], get_info=ldap3.ALL)
conn = ldap3.Connection(
server,
self.ldap_config["username"],
password=self.ldap_config["password"],
auto_bind=True,
)
entries = conn.search(
self.ldap_config["base_dn"],
self.ldap_config["search_filter"],
attributes=["*"],
)
for entry in entries:
self.user_emails[entry["voPersonID"]] = entry["mail"]
try:
# get the emails
server = ldap3.Server(self.ldap_config["server"],
get_info=ldap3.ALL)
conn = ldap3.Connection(
server,
self.ldap_config["username"],
password=self.ldap_config["password"],
auto_bind=True,
)
conn.search(
self.ldap_config["base_dn"],
self.ldap_config["search_filter"],
attributes=["*"],
)
for entry in conn.entries:
self.user_emails[entry["voPersonID"].value] = entry["mail"].value
except LDAPException as e:
click.secho("WARNING: LDAP error: {e}", fg="yellow")
if egi_user not in self.user_emails:
click.secho(
"WARNING: user {egi_user} not found in the LDAP server, "
f"WARNING: user {egi_user} not found in the LDAP server, "
"or VO membership has expired",
fg="yellow",
)
return ""
return ""
return self.user_emails[egi_user]

def process_vm(self, vm):
vm_info = self.get_vm(vm)
Expand All @@ -139,7 +152,7 @@ def process_vm(self, vm):
(
"flavor",
f"{flv['Name']} with {flv['VCPUs']} vCPU cores, {flv['RAM']} "
"of RAM and {flv['Disk']} GB of local disk",
f"of RAM and {flv['Disk']} GB of local disk",
)
)
output.append(("created at", vm_info["created_at"]))
Expand Down

0 comments on commit b68d869

Please sign in to comment.