task ldap_search done.

git-svn-id: https://svn.lusy.fri.uni-lj.si/kpov-public-svn/kpov-public@282 5cf9fbd1-b2bc-434c-b4b7-e852f4f63414

1 files changed, 68 insertions, 44 deletions

diff --git a/kpov_judge/tasks/ldap_search/task.py b/kpov_judge/tasks/ldap_search/task.py
index 637c3dc..4953694 100644
--- a/kpov_judge/tasks/ldap_search/task.py
+++ b/kpov_judge/tasks/ldap_search/task.py
@@ -10,19 +10,18 @@ instructions = {
     'si':u"""
 Ustvari dva navidezna računalnika - SimpleArbiter z diskom simpleArbiterDhcp ter LDAPServer.
 
-Za povezavo na strežnik LDAP uporabi Jxplorer, kjer tudi ustvariš novega uporabnika z danim imenom in geslom.
+Za povezavo na strežnik LDAP lahko uporabiš Jxplorer, kjer tudi ustvariš novega uporabnika z danim imenom in geslom.
 
-Na LDAPServer namesti strežnik LDAP in sicer slapd z apt-get install slapd. Na SimpleArbiter preberi ime domene DOMENA, uporabniško ime USER_A, geslo PASS_A,
-uporabniško ime BIND_DN ter geslo BIND_PASS. Poskrbi, da se bo lahko klient s simpleArbiterDhcp povezal na LDAP strežnik na LDAPServer.
-V primeru, da se klient poveže kot BIND_DN z geslom BIND_PASS, naj strežnik omogoči spreminjanje podatkov za objekt
-CN=USER_A,DC=DOMENA,DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si ter ustvarjanje novih objektov v DC=DOMENA,DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
+Na LDAPServer namesti strežnik LDAP in sicer slapd z apt-get install slapd. Na SimpleArbiter preberi ime domene DOMAIN, uporabniško ime LDAP_USERNAME, geslo LDAP_PASSWORD,
+uporabniško ime BIND_USERNAME ter geslo BIND_PASSWORD. Poskrbi, da se bo lahko klient s simpleArbiterDhcp povezal na LDAP strežnik na LDAPServer.
+V primeru, da se klient poveže kot BIND_USERNAME z geslom BIND_PASSWORD, naj strežnik omogoči spreminjanje podatkov za objekt
+CN=LDAP_USERNAME,ou=Users,DC=DOMAIN,DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si ter ustvarjanje novih objektov v DC=DOMAIN,DC=kpov,DC=lusy,DC=fri,DC=uni-lj,DC=si
 
 CN = Common Name
 OU = Organizational Unit
 DC = Domain Component
 
-Na SimpleArbiter ustvari program, ki bo s pomočjo ldapsearch izpisala seznam lastnosti (otrok), ki jih ima poljuben objekt v domeni DOMENA.kpov.lusy.fri.uni-lj.si. Ime objekta (CN) naj program sprejme kot prvi argument.
-
+Na SimpleArbiter ustvari program, ki bo s pomočjo ldapsearch izpisal seznam lastnosti (otrok), ki jih ima poljuben objekt v domeni DOMAIN.kpov.lusy.fri.uni-lj.si. Ime objekta (CN) naj program sprejme kot prvi argument.
 """
 }
 
@@ -60,63 +59,88 @@ computers = {
 networks = { 'net1': {'public': False}, 'test-net': {'public': True} }
 
 params_meta = {
+    'LDAP_IP': {'descriptions': {'si': 'IP strežnika'}, 'w': True, 'public':True, 'type': 'IP', 'generated': False},
+    'DOMAIN': {'descriptions': {'si': 'Domena (poddomena kpov.lusy.fri.uni-lj.si)'}, 'w': False, 'public':True, 'type': 'username', 'generated': True},
     'LDAP_USERNAME': {'descriptions': {'si': 'Uporabnisko ime v LDAP'}, 'w': False, 'public':True, 'type': 'username', 'generated': True},
     'LDAP_PASSWORD': {'descriptions': {'si': 'Geslo v LDAP'}, 'w': False, 'public':True, 'type': 'password', 'generated': True},
     'BIND_USERNAME': {'descriptions': {'si': 'Uporabnisko ime za dostop do LDAP'}, 'w': False, 'public':True, 'type': 'username', 'generated': True},
     'BIND_PASSWORD': {'descriptions': {'si': 'Geslo za dostop do LDAP'}, 'w': False, 'public':True, 'type': 'password', 'generated': True},
 }
 
-def task(LDAP_USERNAME, LDAP_PASSWORD, IP_static, DNS_static):
+def task(LDAP_IP, DOMAIN, LDAP_USERNAME, LDAP_PASSWORD, BIND_USERNAME, BIND_PASSWORD):
     import pxssh
     import pexpect
     results = dict()
-    peer_user = 'student'
-    peer_passwd = 'vaje'
-    sA = pxssh.pxssh()
-    sB = pxssh.pxssh()
-    sA.login(IP_NM, peer_user, peer_passwd)
-    sB.login(IP_static, peer_user, peer_passwd)
-    # sA
-    # make sure NM is not handling eth0
-    results['NM_nmcli'] = sA.run('nmcli d')
-    results['NM_nslookup'] = sA.run('nslookup www.arnes.si')
-    # sB
-    # check whether NM is handling eth0
-    results['static_nmcli'] = sB.run('nmcli d')
-    results['static_nslookup'] = sB.run('nslookup www.arnes.si')
-    sA.logout()
-    sB.logout()
+    FULLDOMAIN = "dc={DOMAIN},dc=kpov,dc=lusy,dc=fri,dc=uni-lj,dc=si".format(
+        **locals())
+    BIND_DN = "uid={BIND_USERNAME},ou=Users,{FULLDOMAIN}".format(**locals())
+    s = "ldapsearch -D {BIND_DN} -b {FULLDOMAIN} -w {BIND_PASSWORD}\
+ -h {LDAP_IP}".format(
+        **locals())
+    results['ldapsearch_before'] = pexpect.run(s)
+    s = "ldapmodify -D {BIND_DN} -w {BIND_PASSWORD} -h {LDAP_IP}".format(
+        **locals())
+    modify = pexpect.spawn(s)
+    FORTUNE = kpov_random_helpers.fortune(random.Random(), 20)
+    results['FORTUNE'] = FORTUNE
+    s1 = """
+dn: uid={LDAP_USERNAME},ou=Users,{FULLDOMAIN}
+changetype: modify
+replace: description
+description: {FORTUNE}
+""".format(**locals())
+    modify.write(s1)
+    modify.sendeof()
+    modify.expect(pexpect.EOF)
+    results['modify'] = modify.before
+    s = "ldapsearch -D {BIND_DN} -b {FULLDOMAIN} -w {BIND_PASSWORD}\
+ -h {LDAP_IP}".format(**locals())
+    results['ldapsearch_after'] = pexpect.run(s) 
     return results
     
 def gen_params(user_id, params_meta):
     params = dict()
     r = random.Random(user_id)
-    # IP_NM, DNS_NM, IP_static, DNS_static)
-    dns_servers = ['193.2.1.66', '193.2.1.72', '8.8.8.8', '8.8.4.4', '208.67.222.222', '208.67.220.220']
-    # net = kpov_random_helpers.IPv4_subnet_gen(r, '172.23.128.0/18', 24)
-    # params['DNS_NM'] = r.choice(dns_servers)
-    params['IP_static'] = kpov_random_helpers.IPv4_addr_gen(r, net, 2)
-    params['DNS_static'] = r.choice(dns_servers)
-	
-	#generiranje LDAP_USERNAME in LDAP_PASSWORD
-	params['LDAP_USERNAME'] = kpov_random_helpers.username_gen(r)
-	params['LDAP_PASSWORD'] = kpov_random_helpers.alnum_gen(r, 6)
-	
-	
+    params['DOMAIN'] = kpov_random_helpers.hostname_gen(r)
+    params['LDAP_USERNAME'] = kpov_random_helpers.username_gen(r)
+    params['LDAP_PASSWORD'] = kpov_random_helpers.alnum_gen(r, 6)
+    params['BIND_USERNAME'] = kpov_random_helpers.username_gen(r)
+    params['BIND_PASSWORD'] = kpov_random_helpers.alnum_gen(r, 6)
     return params
 
 def task_check(results, params):
     import re
-    score = -9
-    if results['NM_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_NM'])) > -1:
-        score += 3
-    if results['static_nslookup'].find('Server:\t\t{0}\r'.format(params['DNS_static'])) > -1:
-        score += 3
-    if re.search(r'eth0 +802-.*connected', results['NM_nmcli']):
+    score = 0
+    s = """.*dn: dc={DOMAIN},dc=kpov,dc=lusy,dc=fri,dc=uni-lj,dc=si\r
+objectClass: top\r
+objectClass: dcObject\r
+objectClass: organization\r
+.*""".format(**params)
+#dc: {DOMAIN}\r
+    fortune = results['FORTUNE']
+    if re.match(s, results['ldapsearch_before'], re.DOTALL):
         score += 2
-    if not re.search(r'eth0 +802-.*connected', results['static_nmcli']):
+    else:
+        print (s, results['ldapsearch_before'])
+    s = ".*uid: {}.*".format(re.escape(params['LDAP_USERNAME']))
+    if re.search(s, results['ldapsearch_before']):
         score += 2
-    score = 0
+    else:
+        print (s, results['ldapsearch_before'])
+    s = ".*uid: {0}.*description: {1}.*".format(
+        re.escape(params['LDAP_USERNAME']), re.escape(fortune[:40]))
+    if re.match(s, results['ldapsearch_after'], re.DOTALL):
+        score += 2
+    else:
+        print (s, results['ldapsearch_after'])
+    if results['ldapsearch_before'][:100] == results['ldapsearch_after'][:100]:
+        score += 2
+    s = '.*\r\nmodifying entry "uid={LDAP_USERNAME},ou=Users,dc={DOMAIN},dc=kpov,dc=lusy,dc=fri,dc=uni-lj,dc=si".*'.format(
+        **params)
+    if re.match(s, results['modify'], re.DOTALL):
+        score += 2
+    else:
+        print (s, results['modify'])
     return score
 
 def prepare_disks(templates, params):