Add MIFARE interface support, including LDAP layer.

[uccvend-vendserver.git] / sql-edition / servers / LDAPConnector.py

diff --git a/sql-edition/servers/LDAPConnector.py b/sql-edition/servers/LDAPConnector.py
new file mode 100644 (file)
index 0000000..1f35c20
--- /dev/null
+++ b/sql-edition/servers/LDAPConnector.py
@@ -0,0 +1,74 @@
+#!/usr/bin/env python2.4
+
+import ldap
+import ldap.filter
+
+LDAP_TIMEOUT = 10
+
+def get_ldap_connection():
+        ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, '/etc/ssl/UCC-CA.crt')
+        ldap.set_option(ldap.OPT_X_TLS,1)
+        ldap.set_option(ldap.OPT_X_TLS_ALLOW,1)
+        #ldap.set_option(ldap.OPT_DEBUG_LEVEL,255)
+        conn = ldap.initialize('ldaps://mussel.ucc.gu.uwa.edu.au:636/')
+        
+        binddn = 'cn=admin,dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au'
+        passfile = open('/etc/pam_ldap.secret')
+        password = passfile.readline().strip()
+        passfile.close()
+
+        conn.simple_bind_s(binddn, password)
+        return conn
+
+def get_uid(card_id):
+        ldapconn = get_ldap_connection()
+        
+        basedn = 'ou=People,dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au'
+        filter = ldap.filter.filter_format('(uccDispenseMIFARE=%s)', (card_id, ))
+        attrs = ('uidNumber',)
+        
+        results = ldapconn.search_st(basedn, ldap.SCOPE_SUBTREE, filter, attrs, timeout=LDAP_TIMEOUT)
+        
+        ldapconn.unbind()
+        
+        if len(results) != 1:
+                raise ValueError, "no UID found for card ID"
+        
+        return results[0][1]['uidNumber'][0]
+
+def set_card_id(uidNumber, card_id):
+        ldapconn = get_ldap_connection()
+        
+        basedn = 'ou=People,dc=ucc,dc=gu,dc=uwa,dc=edu,dc=au'
+        filter = ldap.filter.filter_format('(uidNumber=%s)', (uidNumber, ))
+        attrs = ('objectClass', )
+        
+        results = ldapconn.search_st(basedn, ldap.SCOPE_SUBTREE, filter, attrs, timeout=LDAP_TIMEOUT)
+        
+        if len(results) != 1:
+                raise "ValueError", 'error in uidNumber'
+        
+        user_dn = results[0][0]
+        
+        mod_attrs = []
+        
+        # Does it have the correct object class?
+        if 'uccDispenseAccount' not in results[0][1]['objectClass']:
+                # Add uccDispenseAccount objectclass
+                mod_attrs.append((ldap.MOD_ADD, 'objectClass', 'uccDispenseAccount'))
+        
+        # Add MIFARE Card ID
+        mod_attrs.append((ldap.MOD_ADD, 'uccDispenseMIFARE', card_id))
+        
+        # Use a double-try here to work around something that's fixed in Python 2.5
+        try:
+            try:
+                ldapconn.modify_s(user_dn, mod_attrs)
+            except ldap.TYPE_OR_VALUE_EXISTS, e:
+                pass
+        finally:
+            ldapconn.unbind()
+
+if __name__ == '__main__':
+        #print get_uid('\x01\x02\x03\x04\x05\x06')
+        set_card_id('11251', '\x01\x02\x03\x04\x05\x06')