=OOfFRdZddlmZddlmZddlmZmZmZddl m Z dZ dZ d Z y )  )edir_add_members_to_groups)LDAPInvalidDnError)SEQUENCE_TYPESBASE DEREF_NEVER)safe_dnc t|ts|g}t|ts|g}d}|D]3}|j|dttddg}|j j s|j|\}}n6|j jr|\}}}}n|j}|j}|ddk(st|dzd|d d vr |d d dng}d|d d vr |d d dng} |D cgc]} | j}} | D cgc]} | j} } |D],} | j| vry | j|vs+d }.6d |fScc} wcc} w) a :param connection: a bound Connection object :param members_dn: the list of members to add to groups :param groups_dn: the list of groups where members are to be added :return: two booleans. The first when True means that all members have membership in all groups, The second when True means that there are inconsistences in the securityEquals attribute Checks user's group membership. Raises LDAPInvalidDNError if member is not found in the DIT. F(objectclass=*)groupMembershipsecurityEqualsdereference_aliases attributes descriptionsuccess not foundrFFT isinstancersearchrr strategysync get_response thread_saferesultresponserlower) connection members_dn groups_dnpartialmemberrr_existing_security_equalsexisting_group_membershipelementgroups k/var/www/premiumrankchecker/venv/lib/python3.12/site-packages/ldap3/extend/novell/checkGroupsMemberships.py_check_members_have_membershipsr,!s j. 1 \ i 0K G""6+ Hf""..)/&68Q#**%..m$ 1$Vl%:; ;Rbfnopfqr~fR8A;|#<=M#NFH TeiqrsitvBjCUCHQK $=>O$PIK!C[#\GMMO#\ #\D]$^W]]_$^!$^ E{{}$==#{{}$<<  )4 =$]$^ 8E&E+c t|ts|g}t|ts|g}d}|D]3}|j|dttddg}|j j s|j|\}}n6|j jr|\}}}}n|j}|j}|ddk(st|dzd|d d vr |d d dng}d|d d vr |d d dng} |D cgc]} | j}} | D cgc]} | j} } |D],} | j|vry | j| vs+d }.6d |fScc} wcc} w) a :param connection: a bound Connection object :param members_dn: the list of members to add to groups :param groups_dn: the list of groups where members are to be added :return: two booleans. The first when True means that all members have membership in all groups, The second when True means that there are inconsistences in the EquivalentToMe attribute Checks if groups have members in their 'member' attribute. Raises LDAPInvalidDNError if member is not found in the DIT. Fr r%equivalentToMerrrrrrrTr) r!r#r"r$r*rrr&existing_membersexisting_equivalent_to_mer)r%s r+_check_groups_contain_membersr2Qs i 0K j. 1 \ G""5*;TWbpx{KpL"M""'')66v> Hf""..)/&68Q#**%..m$ 1$U\%9: :BJhWXkZfNgBg8A;|4X>moScgopqgrshATAHQK $=>N$OGI!;KLGMMOLLD]$^W]]_$^!$^  F||~%55#||~%>>  '2 =M$^r-c t|ts|g}t|ts|g}|jrJg}g}|D]}|jt ||D]}|jt ||}|} t |||\} } t |||\} } | s| sy|r)| r| r| r| r| s| r|D]} |D]}t|| |d|y#t$rYywxYw)a :param connection: a bound Connection object :param members_dn: the list of members to check :param groups_dn: the list of groups to check :param fix: checks for inconsistences in the users-groups relation and fixes them :param transaction: activates an LDAP transaction when fixing :return: a boolean where True means that the operation was successful and False means an error has happened Checks and fixes users-groups relations following the eDirectory rules: groups are checked against 'groupMembership' attribute in the member object while members are checked against 'member' attribute in the group object. Raises LDAPInvalidDnError if members or groups are not found in the DIT. FT) rr check_namesappendr r,r2rr)r!r"r#fix transactionsafe_members_dnsafe_groups_dn member_dngroup_dnmembers_have_membershipspartial_member_securitygroups_contain_memberspartial_group_securityr%r*s r+edir_check_groups_membershipsr@s* i 0K j. 1 \ # 7I  " "79#5 6 7! 5H  ! !'("3 4 5% " <[\fhrt}<~9 "99VWaclnx9y6 6 $,B $-C*3K)*$ ]&]E.z65$P[\] ] ! s> C CCN)__doc__addMembersToGroupsrcore.exceptionsrrrr utils.dnr r,r2r@r+rHs,4;111-`,^4rG