source4/scripting/python/samba/netcmd/group.py

   1 #!/usr/bin/env python
   2 #
   3 # Adds a new user to a Samba4 server
   4 # Copyright Jelmer Vernooij 2008
   5 #
   6 # Based on the original in EJS:
   7 # Copyright Andrew Tridgell 2005
   8 # Copyright Giampaolo Lauria 2011 <lauria2@yahoo.com>
   9 #
  10 # This program is free software; you can redistribute it and/or modify
  11 # it under the terms of the GNU General Public License as published by
  12 # the Free Software Foundation; either version 3 of the License, or
  13 # (at your option) any later version.
  14 #
  15 # This program is distributed in the hope that it will be useful,
  16 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  17 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18 # GNU General Public License for more details.
  19 #
  20 # You should have received a copy of the GNU General Public License
  21 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  22
  23 import samba.getopt as options
  24 from samba.netcmd import Command, SuperCommand, CommandError, Option
  25 import ldb
  26
  27 from getpass import getpass
  28 from samba.auth import system_session
  29 from samba.samdb import SamDB
  30 from samba.dsdb import (
  31     GTYPE_SECURITY_DOMAIN_LOCAL_GROUP,
  32     GTYPE_SECURITY_GLOBAL_GROUP,
  33     GTYPE_SECURITY_UNIVERSAL_GROUP,
  34     GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP,
  35     GTYPE_DISTRIBUTION_GLOBAL_GROUP,
  36     GTYPE_DISTRIBUTION_UNIVERSAL_GROUP,
  37 )
  38
  39 security_group = dict({"Domain": GTYPE_SECURITY_DOMAIN_LOCAL_GROUP, "Global": GTYPE_SECURITY_GLOBAL_GROUP, "Universal": GTYPE_SECURITY_UNIVERSAL_GROUP})
  40 distribution_group = dict({"Domain": GTYPE_DISTRIBUTION_DOMAIN_LOCAL_GROUP, "Global": GTYPE_DISTRIBUTION_GLOBAL_GROUP, "Universal": GTYPE_DISTRIBUTION_UNIVERSAL_GROUP})
  41
  42
  43 class cmd_group_add(Command):
  44     """Creates a new group"""
  45
  46     synopsis = "%prog <groupname> [options]"
  47
  48     takes_options = [
  49         Option("-H", "--URL", help="LDB URL for database or target server", type=str,
  50                metavar="URL", dest="H"),
  51         Option("--groupou",
  52            help="Alternative location (without domainDN counterpart) to default CN=Users in which new user object will be created",
  53            type=str),
  54         Option("--group-scope", type="choice", choices=["Domain", "Global", "Universal"],
  55             help="Group scope (Domain | Global | Universal)"),
  56         Option("--group-type", type="choice", choices=["Security", "Distribution"],
  57             help="Group type (Security | Distribution)"),
  58         Option("--description", help="Group's description", type=str),
  59         Option("--mail-address", help="Group's email address", type=str),
  60         Option("--notes", help="Groups's notes", type=str),
  61     ]
  62
  63     takes_args = ["groupname"]
  64
  65     def run(self, groupname, credopts=None, sambaopts=None,
  66             versionopts=None, H=None, groupou=None, group_scope=None,
  67             group_type=None, description=None, mail_address=None, notes=None):
  68
  69         if (group_type or "Security") == "Security":
  70               gtype = security_group.get(group_scope, GTYPE_SECURITY_GLOBAL_GROUP)
  71         else:
  72               gtype = distribution_group.get(group_scope, GTYPE_DISTRIBUTION_GLOBAL_GROUP)
  73
  74         lp = sambaopts.get_loadparm()
  75         creds = credopts.get_credentials(lp, fallback_machine=True)
  76
  77         try:
  78             samdb = SamDB(url=H, session_info=system_session(),
  79                           credentials=creds, lp=lp)
  80             samdb.newgroup(groupname, groupou=groupou, grouptype = gtype,
  81                           description=description, mailaddress=mail_address, notes=notes)
  82         except Exception, e:
  83             # FIXME: catch more specific exception
  84             raise CommandError('Failed to create group "%s"' % groupname, e)
  85         self.outf.write("Added group %s\n" % groupname)
  86
  87
  88 class cmd_group_delete(Command):
  89     """Delete a group"""
  90
  91     synopsis = "%prog <groupname> [options]"
  92
  93     takes_options = [
  94         Option("-H", "--URL", help="LDB URL for database or target server", type=str,
  95                metavar="URL", dest="H"),
  96     ]
  97
  98     takes_args = ["groupname"]
  99
 100     def run(self, groupname, credopts=None, sambaopts=None, versionopts=None, H=None):
 101
 102         lp = sambaopts.get_loadparm()
 103         creds = credopts.get_credentials(lp, fallback_machine=True)
 104
 105         try:
 106             samdb = SamDB(url=H, session_info=system_session(),
 107                           credentials=creds, lp=lp)
 108             samdb.deletegroup(groupname)
 109         except Exception, e:
 110             # FIXME: catch more specific exception
 111             raise CommandError('Failed to remove group "%s"' % groupname, e)
 112         self.outf.write("Deleted group %s\n" % groupname)
 113
 114
 115 class cmd_group_add_members(Command):
 116     """Add (comma-separated list of) group members"""
 117
 118     synopsis = "%prog <groupname> <listofmembers> [options]"
 119
 120     takes_options = [
 121         Option("-H", "--URL", help="LDB URL for database or target server", type=str,
 122                metavar="URL", dest="H"),
 123     ]
 124
 125     takes_args = ["groupname", "listofmembers"]
 126
 127     def run(self, groupname, listofmembers, credopts=None, sambaopts=None,
 128             versionopts=None, H=None):
 129
 130         lp = sambaopts.get_loadparm()
 131         creds = credopts.get_credentials(lp, fallback_machine=True)
 132
 133         try:
 134             samdb = SamDB(url=H, session_info=system_session(),
 135                           credentials=creds, lp=lp)
 136             samdb.add_remove_group_members(groupname, listofmembers, add_members_operation=True)
 137         except Exception, e:
 138             # FIXME: catch more specific exception
 139             raise CommandError('Failed to add members "%s" to group "%s"' % (
 140                 listofmembers, groupname), e)
 141         self.outf.write("Added members to group %s\n" % groupname)
 142
 143
 144 class cmd_group_remove_members(Command):
 145     """Remove (comma-separated list of) group members"""
 146
 147     synopsis = "%prog <groupname> <listofmembers> [options]"
 148
 149     takes_options = [
 150         Option("-H", "--URL", help="LDB URL for database or target server", type=str,
 151                metavar="URL", dest="H"),
 152     ]
 153
 154     takes_args = ["groupname", "listofmembers"]
 155
 156     def run(self, groupname, listofmembers, credopts=None, sambaopts=None,
 157             versionopts=None, H=None):
 158
 159         lp = sambaopts.get_loadparm()
 160         creds = credopts.get_credentials(lp, fallback_machine=True)
 161
 162         try:
 163             samdb = SamDB(url=H, session_info=system_session(),
 164                           credentials=creds, lp=lp)
 165             samdb.add_remove_group_members(groupname, listofmembers, add_members_operation=False)
 166         except Exception, e:
 167             # FIXME: Catch more specific exception
 168             raise CommandError('Failed to remove members "%s" from group "%s"' % (listofmembers, groupname), e)
 169         self.outf.write("Removed members from group %s\n" % groupname)
 170
 171
 172 class cmd_group(SuperCommand):
 173     """Group management"""
 174
 175     subcommands = {}
 176     subcommands["add"] = cmd_group_add()
 177     subcommands["delete"] = cmd_group_delete()
 178     subcommands["addmembers"] = cmd_group_add_members()
 179     subcommands["removemembers"] = cmd_group_remove_members()