|
|
|
# TODO: should be in the configuration file, so find a way to get these parameters
|
|
MIN_UID = 10000
|
|
MAX_UID = 65535
|
|
STEP_UID = 100
|
|
DEFAULT_GROUP = 'dc-users'
|
|
|
|
def self.hook_before_create(shadow, item)
|
|
hook_common(shadow, item)
|
|
end
|
|
|
|
def self.hook_before_modify(shadow, item)
|
|
hook_common(shadow, item)
|
|
end
|
|
|
|
def self.hook_common(shadow, item)
|
|
unless item.attribute_present?('gidNumber')
|
|
item.primaryGroup = shadow.get_object(:group).find(:first, DEFAULT_GROUP)
|
|
end
|
|
|
|
if item.attribute_present?('uidNumber')
|
|
user = ActiveLdap::Base.find(:first, :scope => :sub, :filter => "(&(objectClass=posixAccount)(uidNumber=#{item.uidNumber}))", :attributes => ['uidNumber'])
|
|
unless user.nil? or user.dn == item.dn
|
|
raise_error "UID already used by another item"
|
|
end
|
|
else
|
|
users = ActiveLdap::Base.find(:all, :scope => :sub, :filter => "(&(objectClass=posixAccount)(uidNumber=*))", :attributes => ['uidNumber'])
|
|
uidnumbers = users.collect {|user| user.uidNumber }
|
|
|
|
avail_uidnumber = nil
|
|
min_uidn = MIN_UID
|
|
max_uidn = [min_uidn + STEP_UID, MAX_UID].min
|
|
while avail_uidnumber.nil?
|
|
avail = (min_uidn..max_uidn).to_a - uidnumbers
|
|
unless avail.empty?
|
|
avail_uidnumber = avail.first
|
|
break
|
|
end
|
|
min_uidn = max_uidn
|
|
max_uidn = [min_uidn + STEP_UID, MAX_UID].min
|
|
end
|
|
|
|
if avail_uidnumber.nil?
|
|
raise_error "Available UID range is depleted."
|
|
else
|
|
item.uidNumber = avail_uidnumber
|
|
end
|
|
end
|
|
|
|
unless item.attribute_present?('homeDirectory')
|
|
item.homeDirectory = "/home/" + item.uid
|
|
end
|
|
end
|