security-and-privacy/ldapcherry
security-and-privacy/ldapcherry
1
0
Fork 0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-25 10:44:30 +01:00
Code Releases Activity

removing trailling spaces

Browse Source
This commit is contained in:
kakwa 2015-06-06 22:23:21 +02:00
parent 30cfd248f7
commit 247a1fed3a
11 changed files with 42 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ldapcherry/__init__.py
View File

@ -31,14 +31,14 @@ SESSION_KEY = '_cp_username'
# Custom log function to overrige weird error.log function # Custom log function to overrige weird error.log function
# of cherrypy # of cherrypy
def syslog_error(msg='', context='', def syslog_error(msg='', context='',
severity=logging.INFO, traceback=False): severity=logging.INFO, traceback=False):
if traceback: if traceback:
msg += cherrypy._cperror.format_exc() msg += cherrypy._cperror.format_exc()
if context == '': if context == '':
cherrypy.log.error_log.log(severity, msg) cherrypy.log.error_log.log(severity, msg)
else: else:
cherrypy.log.error_log.log(severity, cherrypy.log.error_log.log(severity,
' '.join((context, msg))) ' '.join((context, msg)))
class LdapCherry(object): class LdapCherry(object):
@ -120,7 +120,7 @@ class LdapCherry(object):
try: try:
bc = __import__(module, globals(), locals(), ['Backend'], -1) bc = __import__(module, globals(), locals(), ['Backend'], -1)
except: except:
raise BackendModuleLoadingFail(module) raise BackendModuleLoadingFail(module)
try: try:
attrslist = self.attributes.get_backend_attributes(backend) attrslist = self.attributes.get_backend_attributes(backend)
key = self.attributes.get_backend_key(backend) key = self.attributes.get_backend_key(backend)
@ -190,8 +190,8 @@ class LdapCherry(object):
cherrypy.log.error_log.handlers = [] cherrypy.log.error_log.handlers = []
# redefining log.error method because cherrypy does weird # redefining log.error method because cherrypy does weird
# things like adding the date inside the message # things like adding the date inside the message
# or adding space even if context is empty # or adding space even if context is empty
# (by the way, what's the use of "context"?) # (by the way, what's the use of "context"?)
cherrypy.log.error = syslog_error cherrypy.log.error = syslog_error
@ -263,7 +263,7 @@ class LdapCherry(object):
""" """
try: try:
# log configuration handling # log configuration handling
# get log level # get log level
# (if not in configuration file, log level is set to debug) # (if not in configuration file, log level is set to debug)
level = self._get_loglevel(self._get_param('global', 'log.level', config, 'debug')) level = self._get_loglevel(self._get_param('global', 'log.level', config, 'debug'))
# configure access log # configure access log
@ -322,7 +322,7 @@ class LdapCherry(object):
def _search(self, searchstring): def _search(self, searchstring):
if searchstring is None: if searchstring is None:
return {} return {}
ret = {} ret = {}
for b in self.backends: for b in self.backends:
tmp = self.backends[b].search(searchstring) tmp = self.backends[b].search(searchstring)
for u in tmp: for u in tmp:
@ -395,7 +395,7 @@ class LdapCherry(object):
@cherrypy.expose @cherrypy.expose
def logout(self): def logout(self):
""" logout page """ logout page
""" """
sess = cherrypy.session sess = cherrypy.session
username = sess.get(SESSION_KEY, None) username = sess.get(SESSION_KEY, None)

2
ldapcherry/attributes.py
View File

@ -21,7 +21,7 @@ class Attributes:
def __init__(self, attributes_file): def __init__(self, attributes_file):
self.attributes_file = attributes_file self.attributes_file = attributes_file
self.backends = Set([]) self.backends = Set([])
self.self_attributes = {} self.self_attributes = {}
self.backend_attributes = {} self.backend_attributes = {}
self.displayed_attributes = {} self.displayed_attributes = {}
self.key = None self.key = None

4
ldapcherry/backend/__init__.py
View File

@ -12,7 +12,7 @@ class Backend:
def __init__(self): def __init__(self):
pass pass
def auth(self, username, password): def auth(self, username, password):
return False return False
def add_user(self, attrs): def add_user(self, attrs):
@ -44,6 +44,6 @@ class Backend:
return self.config[param] return self.config[param]
elif not default is None: elif not default is None:
return default return default
else: else:
raise MissingParameter('backends', self.backend_name+'.'+param) raise MissingParameter('backends', self.backend_name+'.'+param)

16
ldapcherry/backend/backendLdap.py
View File

@ -62,7 +62,7 @@ class Backend(ldapcherry.backend.Backend):
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_ALLOW) ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_ALLOW)
else: else:
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT,ldap.OPT_X_TLS_DEMAND) ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT,ldap.OPT_X_TLS_DEMAND)
if self.starttls == 'on': if self.starttls == 'on':
try: try:
ldap_client.start_tls_s() ldap_client.start_tls_s()
except ldap.OPERATIONS_ERROR as e: except ldap.OPERATIONS_ERROR as e:
@ -91,7 +91,7 @@ class Backend(ldapcherry.backend.Backend):
msg = "Unable to contact ldap server '" + self.uri + "', check 'auth.ldap.uri' and ssl/tls configuration", msg = "Unable to contact ldap server '" + self.uri + "', check 'auth.ldap.uri' and ssl/tls configuration",
) )
ldap_client.unbind_s() ldap_client.unbind_s()
raise e raise e
return ldap_client return ldap_client
def _search(self, searchfilter, attrs, basedn): def _search(self, searchfilter, attrs, basedn):
@ -225,31 +225,31 @@ class Backend(ldapcherry.backend.Backend):
for u in self._search(searchfilter, None, self.userdn): for u in self._search(searchfilter, None, self.userdn):
attrs = {} attrs = {}
attrs_tmp = u[1] attrs_tmp = u[1]
for attr in attrs_tmp: for attr in attrs_tmp:
value_tmp = attrs_tmp[attr] value_tmp = attrs_tmp[attr]
if len(value_tmp) == 1: if len(value_tmp) == 1:
attrs[attr] = value_tmp[0] attrs[attr] = value_tmp[0]
else: else:
attrs[attr] = value_tmp attrs[attr] = value_tmp
if self.key in attrs: if self.key in attrs:
ret[attrs[self.key]] = attrs ret[attrs[self.key]] = attrs
return ret return ret
def get_user(self, username): def get_user(self, username):
ret = {} ret = {}
attrs_tmp = self._get_user(username)[1] attrs_tmp = self._get_user(username)[1]
for attr in attrs_tmp: for attr in attrs_tmp:
value_tmp = attrs_tmp[attr] value_tmp = attrs_tmp[attr]
if len(value_tmp) == 1: if len(value_tmp) == 1:
ret[attr] = value_tmp[0] ret[attr] = value_tmp[0]
else: else:
ret[attr] = value_tmp ret[attr] = value_tmp
return ret return ret
def get_groups(self, username): def get_groups(self, username):
userdn = self._get_user(username, False) userdn = self._get_user(username, False)
searchfilter = self.group_filter_tmpl % { searchfilter = self.group_filter_tmpl % {
'userdn': userdn, 'userdn': userdn,
'username': username 'username': username

4
ldapcherry/exceptions.py
View File

@ -18,7 +18,7 @@ class MissingKey(Exception):
self.key = key self.key = key
self.section = section self.section = section
self.ymlfile = ymlfile self.ymlfile = ymlfile
self.log = "missing key <%(key)s> in section <%(section)s> inside file <%(ymlfile)s>" % {'key': key, 'section': section, 'ymlfile': ymlfile } self.log = "missing key <%(key)s> in section <%(section)s> inside file <%(ymlfile)s>" % {'key': key, 'section': section, 'ymlfile': ymlfile }
class DumplicateRoleKey(Exception): class DumplicateRoleKey(Exception):
def __init__(self, role): def __init__(self, role):
@ -94,4 +94,4 @@ class WrongAttributeType(Exception):
self.key = key self.key = key
self.section = section self.section = section
self.ymlfile = ymlfile self.ymlfile = ymlfile
self.log = "wrong attribute type <%(key)s> in section <%(section)s> inside file <%(ymlfile)s>" % {'key': key, 'section': section, 'ymlfile': ymlfile } self.log = "wrong attribute type <%(key)s> in section <%(section)s> inside file <%(ymlfile)s>" % {'key': key, 'section': section, 'ymlfile': ymlfile }

2
ldapcherry/pyyamlwrapper.py
View File

@ -29,7 +29,7 @@ try:
except ImportError: except ImportError:
from yaml import Loader, Dumper from yaml import Loader, Dumper
# PyYaml wrapper that loads yaml files throwing an exception # PyYaml wrapper that loads yaml files throwing an exception
#if a key is dumplicated #if a key is dumplicated
class MyLoader(Reader, Scanner, Parser, Composer, Constructor, Resolver): class MyLoader(Reader, Scanner, Parser, Composer, Constructor, Resolver):

9
ldapcherry/roles.py
View File

@ -65,7 +65,7 @@ class Roles:
if not groups is None: if not groups is None:
role['backends_groups'] = self._merge_groups([role['backends_groups'], groups]) role['backends_groups'] = self._merge_groups([role['backends_groups'], groups])
if 'subroles' in role: if 'subroles' in role:
self._flatten(role['subroles'], self._flatten(role['subroles'],
role['backends_groups']) role['backends_groups'])
del role['subroles'] del role['subroles']
@ -75,7 +75,6 @@ class Roles:
self.admin_roles.append(r) self.admin_roles.append(r)
self._set_admin(role['subroles'][r]) self._set_admin(role['subroles'][r])
def _is_parent(self, roleid1, roleid2): def _is_parent(self, roleid1, roleid2):
"""Test if roleid1 is contained inside roleid2""" """Test if roleid1 is contained inside roleid2"""
@ -105,7 +104,7 @@ class Roles:
def _nest(self): def _nest(self):
"""nests the roles (creates roles hierarchy)""" """nests the roles (creates roles hierarchy)"""
self._flatten() self._flatten()
parents = {} parents = {}
for roleid in self.flatten: for roleid in self.flatten:
role = copy.deepcopy(self.flatten[roleid]) role = copy.deepcopy(self.flatten[roleid])
@ -143,7 +142,7 @@ class Roles:
if len(parents[p]) == 0: if len(parents[p]) == 0:
return ret return ret
else: else:
for i in parents[p]: for i in parents[p]:
sub = nest(i) sub = nest(i)
ret['subroles'][i] = sub ret['subroles'][i] = sub
return ret return ret
@ -205,7 +204,7 @@ class Roles:
# if not, add role to the list of roles # if not, add role to the list of roles
if flag: if flag:
roles.add(role) roles.add(role)
# else remove it from the list of roles and add # else remove it from the list of roles and add
# it to the list of parentroles # it to the list of parentroles
else: else:
if role in roles: if role in roles:

6
resources/templates/base.tmpl
View File

@ -11,7 +11,7 @@
<!--link rel="stylesheet/less" href="/static/less/responsive.less" type="text/css" /--> <!--link rel="stylesheet/less" href="/static/less/responsive.less" type="text/css" /-->
<!--script src="/static/js/less-1.3.3.min.js"></script--> <!--script src="/static/js/less-1.3.3.min.js"></script-->
<!--append #!watch to the browser URL, then refresh the page. --> <!--append #!watch to the browser URL, then refresh the page. -->
<link href="/static/css/bootstrap.min.css" rel="stylesheet"> <link href="/static/css/bootstrap.min.css" rel="stylesheet">
<link href="/static/css/custom.css" rel="stylesheet"> <link href="/static/css/custom.css" rel="stylesheet">
<link href="/static/css/style.css" rel="stylesheet"> <link href="/static/css/style.css" rel="stylesheet">
@ -28,7 +28,7 @@
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="/static/img/apple-touch-icon-72-precomposed.png"> <link rel="apple-touch-icon-precomposed" sizes="72x72" href="/static/img/apple-touch-icon-72-precomposed.png">
<link rel="apple-touch-icon-precomposed" href="/static/img/apple-touch-icon-57-precomposed.png"> <link rel="apple-touch-icon-precomposed" href="/static/img/apple-touch-icon-57-precomposed.png">
<link rel="shortcut icon" href="/static/img/favicon.png"> <link rel="shortcut icon" href="/static/img/favicon.png">
<script type="text/javascript" src="/static/js/jquery.min.js"></script> <script type="text/javascript" src="/static/js/jquery.min.js"></script>
<script type="text/javascript" src="/static/js/bootstrap.min.js"></script> <script type="text/javascript" src="/static/js/bootstrap.min.js"></script>
<script type="text/javascript" src="/static/js/scripts.js"></script> <script type="text/javascript" src="/static/js/scripts.js"></script>
@ -38,7 +38,7 @@
<script> <script>
$(function(){ $(function(){
$("#RecordTable").tablesorter({ sortList: [[0,0]] }); $("#RecordTable").tablesorter({ sortList: [[0,0]] });
}); });
</script> </script>
</head> </head>

2
resources/templates/error.tmpl
View File

@ -5,7 +5,7 @@
<div class="alert alert-dismissable alert-${alert}"> <div class="alert alert-dismissable alert-${alert}">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button> <button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
<h4> <h4>
${message} ${message}
</h4> </h4>
</div> </div>
<a class="btn btn-default blue" href='/?zone=${current_zone}'><span class="glyphicon glyphicon-home"> Return</a> <a class="btn btn-default blue" href='/?zone=${current_zone}'><span class="glyphicon glyphicon-home"> Return</a>

2
resources/templates/searchadmin.tmpl
View File

@ -52,7 +52,7 @@
</a> </a>
</td> </td>
<td> <td>
<a href="/delete?user=${user}"> <a href="/delete?user=${user}">
<button type="submit" class="btn btn-xs red"> <button type="submit" class="btn btn-xs red">
<span class="glyphicon glyphicon-remove-sign"></span> Delete</button> <span class="glyphicon glyphicon-remove-sign"></span> Delete</button>

22
scripts/ldapcherryd
View File

@ -21,7 +21,7 @@ def start(configfile=None, daemonize=False, environment=None,
cgi=False): cgi=False):
"""Subscribe all engine plugins and start the engine.""" """Subscribe all engine plugins and start the engine."""
sys.path = [''] + sys.path sys.path = [''] + sys.path
# monkey patching cherrypy to disable config interpolation # monkey patching cherrypy to disable config interpolation
def new_as_dict(self, raw=True, vars=None): def new_as_dict(self, raw=True, vars=None):
"""Convert an INI file to a dictionary""" """Convert an INI file to a dictionary"""
@ -50,24 +50,24 @@ def start(configfile=None, daemonize=False, environment=None,
instance.reload(app.config) instance.reload(app.config)
engine = cherrypy.engine engine = cherrypy.engine
if environment is not None: if environment is not None:
cherrypy.config.update({'environment': environment}) cherrypy.config.update({'environment': environment})
# Only daemonize if asked to. # Only daemonize if asked to.
if daemonize: if daemonize:
# Don't print anything to stdout/sterr. # Don't print anything to stdout/sterr.
cherrypy.config.update({'log.screen': False}) cherrypy.config.update({'log.screen': False})
plugins.Daemonizer(engine).subscribe() plugins.Daemonizer(engine).subscribe()
if pidfile: if pidfile:
plugins.PIDFile(engine, pidfile).subscribe() plugins.PIDFile(engine, pidfile).subscribe()
if hasattr(engine, "signal_handler"): if hasattr(engine, "signal_handler"):
engine.signal_handler.subscribe() engine.signal_handler.subscribe()
if hasattr(engine, "console_control_handler"): if hasattr(engine, "console_control_handler"):
engine.console_control_handler.subscribe() engine.console_control_handler.subscribe()
if (fastcgi and (scgi or cgi)) or (scgi and cgi): if (fastcgi and (scgi or cgi)) or (scgi and cgi):
cherrypy.log.error("You may only specify one of the cgi, fastcgi, and " cherrypy.log.error("You may only specify one of the cgi, fastcgi, and "
"scgi options.", 'ENGINE') "scgi options.", 'ENGINE')
@ -77,7 +77,7 @@ def start(configfile=None, daemonize=False, environment=None,
cherrypy.config.update({'engine.autoreload_on': False}) cherrypy.config.update({'engine.autoreload_on': False})
# Turn off the default HTTP server (which is subscribed by default). # Turn off the default HTTP server (which is subscribed by default).
cherrypy.server.unsubscribe() cherrypy.server.unsubscribe()
addr = cherrypy.server.bind_addr addr = cherrypy.server.bind_addr
if fastcgi: if fastcgi:
f = servers.FlupFCGIServer(application=cherrypy.tree, f = servers.FlupFCGIServer(application=cherrypy.tree,
@ -90,7 +90,7 @@ def start(configfile=None, daemonize=False, environment=None,
bindAddress=addr) bindAddress=addr)
s = servers.ServerAdapter(engine, httpserver=f, bind_addr=addr) s = servers.ServerAdapter(engine, httpserver=f, bind_addr=addr)
s.subscribe() s.subscribe()
# Always start the engine; this will start all other services # Always start the engine; this will start all other services
try: try:
engine.start() engine.start()
@ -103,7 +103,7 @@ def start(configfile=None, daemonize=False, environment=None,
if __name__ == '__main__': if __name__ == '__main__':
from optparse import OptionParser from optparse import OptionParser
p = OptionParser() p = OptionParser()
p.add_option('-c', '--config', dest='config', p.add_option('-c', '--config', dest='config',
help="specify config file") help="specify config file")
@ -122,7 +122,7 @@ if __name__ == '__main__':
p.add_option('-P', '--Path', action="append", dest='Path', p.add_option('-P', '--Path', action="append", dest='Path',
help="add the given paths to sys.path") help="add the given paths to sys.path")
options, args = p.parse_args() options, args = p.parse_args()
if options.Path: if options.Path:
for p in options.Path: for p in options.Path:
sys.path.insert(0, p) sys.path.insert(0, p)
@ -134,7 +134,7 @@ if __name__ == '__main__':
if not os.path.isfile(options.config): if not os.path.isfile(options.config):
print('configuration file "'+ options.config + '" doesn\'t exist' ) print('configuration file "'+ options.config + '" doesn\'t exist' )
exit(1) exit(1)
start(options.config, options.daemonize, start(options.config, options.daemonize,
options.environment, options.fastcgi, options.scgi, options.environment, options.fastcgi, options.scgi,
options.pidfile, options.cgi) options.pidfile, options.cgi)