From eba3a3acd588065fc8a36a8a71bfacf09c654f18 Mon Sep 17 00:00:00 2001 From: mutantmonkey Date: Wed, 31 Aug 2011 14:05:47 -0400 Subject: [PATCH] hs: tweak search parameters, handle exceptions more gracefully --- modules/hs.py | 65 ++++++++++++++++++++++++++++----------------------- 1 file changed, 36 insertions(+), 29 deletions(-) diff --git a/modules/hs.py b/modules/hs.py index 9053899..f5b846c 100755 --- a/modules/hs.py +++ b/modules/hs.py @@ -1,53 +1,60 @@ #!/usr/bin/python2 """ hs.py - hokie stalker module -author: mutantmonkey +author: mutantmonkey """ import ldap from urllib import quote as urlquote LDAP_URI = "ldap://directory.vt.edu" +RESULTS_URL = "http://search.vt.edu/search/people.html?q={0}" +PERSON_URL = "http://search.vt.edu/search/person.html?person={0:d}" l = ldap.initialize(LDAP_URI) """Search LDAP using the argument as a query. Argument must be a valid LDAP query.""" def search(query): - result = l.search_s('ou=People,dc=vt,dc=edu', ldap.SCOPE_SUBTREE, query) - if len(result) <= 0: - return False + result = l.search_s('ou=People,dc=vt,dc=edu', ldap.SCOPE_SUBTREE, query) + if len(result) <= 0: + return False - return result + return result def hs(phenny, input): - """.hs - Search for someone on Virginia Tech People Search.""" + """.hs - Search for someone on Virginia Tech People Search.""" - q = input.group(2) - if q is None: - return - q = q.strip() + q = input.group(2) + if q is None: + return + q = q.strip() + results = RESULTS_URL.format(urlquote(q)) - # initially try search by PID - s = search('uupid=%s' % q) + try: + s = search('(|(uupid={0})(mail={0})(cn={1}))'.format(q[0], ' '.join(q))) + if not s: + s = search('(|(uupid=*{0}*)(mail=*{0}*)(cn=*{1}*))'.format(q[0], '*'.join(q))) + except ldap.FILTER_ERROR: + phenny.reply('Filter error; try to avoid injection attacks in the future please.') + return + except ldap.SIZELIMIT_EXCEEDED: + phenny.reply('Too many results to display here; check out {0}'.format(results)) + return + except ldap.TIMELIMIT_EXCEEDED: + phenny.reply('Time limit exceeded; check out {0}'.format(results)) + return - # try partial search on CN if no results for PID - if not s: - s = search('cn=*%s*' % '*'.join(q.split(' '))) - - # try email address if no results found for PID or CN - if not s: - s = search('mail=%s*' % q) - - if s: - if len(s) >1: - phenny.reply("Multiple results found; try http://search.vt.edu/search/people.html?q=%s" % urlquote(q)) - else: - for dh, entry in s: - phenny.reply("%s - http://search.vt.edu/search/person.html?person=%d" % (entry['cn'][0], int(entry['uid'][0]))) - else: - phenny.reply("No results found") + if s: + if len(s) >1: + phenny.reply("Multiple results found; try {0}".format(results)) + else: + for dh, entry in s: + person = PERSON_URL.format(int(entry['uid'][0])) + phenny.reply("{0} - {1}".format(entry['cn'][0], person)) + else: + phenny.reply("No results found") hs.rule = (['hs'], r'(.*)') if __name__ == '__main__': - print __doc__.strip() + print __doc__.strip()