mirror of
https://github.com/kakwa/ldapcherry
synced 2024-11-22 09:24:21 +01:00
multiple changes
* implemeting recover user attributes * adding a unit test for unavailable ldap * adding a parameter timeout to set the ldap timeout connexion
This commit is contained in:
parent
6460c33b28
commit
63062be433
@ -77,6 +77,7 @@ ldap.starttls = 'on'
|
|||||||
ldap.checkcert = 'off'
|
ldap.checkcert = 'off'
|
||||||
ldap.user_filter_tmpl = '(uid=%(username)s)'
|
ldap.user_filter_tmpl = '(uid=%(username)s)'
|
||||||
ldap.group_filter_tmpl = '(member=%(userdn)s)'
|
ldap.group_filter_tmpl = '(member=%(userdn)s)'
|
||||||
|
ldap.timeout = 1
|
||||||
|
|
||||||
|
|
||||||
ad.module = 'ldapcherry.backend.backendSamba4'
|
ad.module = 'ldapcherry.backend.backendSamba4'
|
||||||
|
@ -22,14 +22,21 @@ class Backend(ldapcherry.backend.Backend):
|
|||||||
self.checkcert = self.get_param('checkcert', 'on')
|
self.checkcert = self.get_param('checkcert', 'on')
|
||||||
self.starttls = self.get_param('starttls', 'off')
|
self.starttls = self.get_param('starttls', 'off')
|
||||||
self.uri = self.get_param('uri')
|
self.uri = self.get_param('uri')
|
||||||
|
self.timeout = self.get_param('timeout', 1)
|
||||||
self.userdn = self.get_param('userdn')
|
self.userdn = self.get_param('userdn')
|
||||||
self.groupdn = self.get_param('groupdn')
|
self.groupdn = self.get_param('groupdn')
|
||||||
self.user_filter_tmpl = self.get_param('user_filter_tmpl')
|
self.user_filter_tmpl = self.get_param('user_filter_tmpl')
|
||||||
self.attrlist = attrslist
|
self.attrlist = []
|
||||||
|
for a in attrslist:
|
||||||
|
try:
|
||||||
|
self.attrlist.append(str(a))
|
||||||
|
except UnicodeEncodeError:
|
||||||
|
tmp = unicode(a).encode('unicode_escape')
|
||||||
|
self.attrlist.append(tmp)
|
||||||
|
|
||||||
def auth(self, username, password):
|
def auth(self, username, password):
|
||||||
|
|
||||||
binddn = self.get_user(username)
|
binddn = self.get_user(username, False)
|
||||||
if binddn:
|
if binddn:
|
||||||
ldap_client = self._connect()
|
ldap_client = self._connect()
|
||||||
try:
|
try:
|
||||||
@ -57,7 +64,11 @@ class Backend(ldapcherry.backend.Backend):
|
|||||||
def del_user(self, username):
|
def del_user(self, username):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
def get_user(self, username, attrs=None):
|
def get_user(self, username, attrs=True):
|
||||||
|
if attrs:
|
||||||
|
a = self.attrlist
|
||||||
|
else:
|
||||||
|
a = None
|
||||||
ldap_client = self._connect()
|
ldap_client = self._connect()
|
||||||
try:
|
try:
|
||||||
ldap_client.simple_bind_s(self.binddn, self.bindpassword)
|
ldap_client.simple_bind_s(self.binddn, self.bindpassword)
|
||||||
@ -82,19 +93,23 @@ class Backend(ldapcherry.backend.Backend):
|
|||||||
r = ldap_client.search_s(self.userdn,
|
r = ldap_client.search_s(self.userdn,
|
||||||
ldap.SCOPE_SUBTREE,
|
ldap.SCOPE_SUBTREE,
|
||||||
user_filter,
|
user_filter,
|
||||||
attrlist=attrs
|
attrlist=a
|
||||||
)
|
)
|
||||||
if len(r) == 0:
|
if len(r) == 0:
|
||||||
ldap_client.unbind_s()
|
ldap_client.unbind_s()
|
||||||
return False
|
return False
|
||||||
|
|
||||||
ldap_client.unbind_s()
|
ldap_client.unbind_s()
|
||||||
dn_entry = r[0][0]
|
if attrs:
|
||||||
|
dn_entry = r[0]
|
||||||
|
else:
|
||||||
|
dn_entry = r[0][0]
|
||||||
return dn_entry
|
return dn_entry
|
||||||
|
|
||||||
def _connect(self):
|
def _connect(self):
|
||||||
ldap_client = ldap.initialize(self.uri)
|
ldap_client = ldap.initialize(self.uri)
|
||||||
ldap_client.set_option(ldap.OPT_REFERRALS, 0)
|
ldap_client.set_option(ldap.OPT_REFERRALS, 0)
|
||||||
|
ldap_client.set_option(ldap.OPT_TIMEOUT, self.timeout)
|
||||||
if self.starttls == 'on':
|
if self.starttls == 'on':
|
||||||
ldap.set_option(ldap.OPT_X_TLS_DEMAND, True)
|
ldap.set_option(ldap.OPT_X_TLS_DEMAND, True)
|
||||||
else:
|
else:
|
||||||
|
@ -77,6 +77,7 @@ ldap.starttls = 'on'
|
|||||||
ldap.checkcert = 'off'
|
ldap.checkcert = 'off'
|
||||||
ldap.user_filter_tmpl = '(uid=%(username)s)'
|
ldap.user_filter_tmpl = '(uid=%(username)s)'
|
||||||
ldap.group_filter_tmpl = '(member=%(userdn)s)'
|
ldap.group_filter_tmpl = '(member=%(userdn)s)'
|
||||||
|
ldap.timeout = 1
|
||||||
|
|
||||||
ad.module = 'ldapcherry.backend.backendSamba4'
|
ad.module = 'ldapcherry.backend.backendSamba4'
|
||||||
ad.auth = 'Administrator'
|
ad.auth = 'Administrator'
|
||||||
|
@ -28,7 +28,7 @@ cfg = {
|
|||||||
}
|
}
|
||||||
|
|
||||||
cherrypy.log.error = syslog_error
|
cherrypy.log.error = syslog_error
|
||||||
attr = ['shell', 'cn', 'uid', 'uidNumber', 'gidNumber', 'home', 'userPassword', 'givenName', 'email', 'sn']
|
attr = ['shéll', 'shell', 'cn', 'uid', 'uidNumber', 'gidNumber', 'home', 'userPassword', 'givenName', 'email', 'sn']
|
||||||
|
|
||||||
class TestError(object):
|
class TestError(object):
|
||||||
|
|
||||||
@ -110,4 +110,6 @@ class TestError(object):
|
|||||||
|
|
||||||
def testGetUser(self):
|
def testGetUser(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
||||||
return True
|
ret = inv.get_user('jwatson')
|
||||||
|
expected = ('cn=John Watson,ou=People,dc=example,dc=org', {'uid': ['jwatson'], 'cn': ['John Watson'], 'sn': ['watson']})
|
||||||
|
assert ret == expected
|
||||||
|
Loading…
Reference in New Issue
Block a user