mirror of
https://github.com/kakwa/ldapcherry
synced 2024-12-22 12:50:18 +01:00
change backend key name in attributes + methods
* adding get_backends * adding get_selfattributes (attributes users can change themselves) * adding unit tests * rename backend-attributes -> bakends (for homogeneity with role.yml)
This commit is contained in:
parent
a71093038c
commit
7cdbe459b6
@ -7,21 +7,21 @@ cn:
|
||||
args:
|
||||
- $first-name
|
||||
- $name
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: cn
|
||||
ad: CN
|
||||
first-name:
|
||||
description: "First name of the user"
|
||||
display_name: "First Name"
|
||||
type: string
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: givenName
|
||||
ad: givenName
|
||||
name:
|
||||
description: "Family name of the user"
|
||||
display_name: "Name"
|
||||
type: string
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: sn
|
||||
ad: sn
|
||||
email:
|
||||
@ -34,7 +34,7 @@ email:
|
||||
- $first-name
|
||||
- $last-name
|
||||
- '@example.com'
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: email
|
||||
ad: EMAIL
|
||||
uid:
|
||||
@ -46,7 +46,7 @@ uid:
|
||||
args:
|
||||
- $first-name
|
||||
- $last-name
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: uid
|
||||
ad: UID
|
||||
uidNumber:
|
||||
@ -58,7 +58,7 @@ uidNumber:
|
||||
args:
|
||||
- $first-name
|
||||
- $last-name
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: uidNumber
|
||||
ad: UIDNumber
|
||||
gidNumber:
|
||||
@ -66,7 +66,7 @@ gidNumber:
|
||||
display_name: "GID Number"
|
||||
type: int
|
||||
default: 10000
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: gidNumber
|
||||
ad: GIDNumber
|
||||
shell:
|
||||
@ -78,7 +78,7 @@ shell:
|
||||
- /bin/bash
|
||||
- /bin/zsh
|
||||
- /bin/sh
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: shell
|
||||
ad: SHELL
|
||||
home:
|
||||
@ -91,7 +91,7 @@ home:
|
||||
- $first-name
|
||||
- $last-name
|
||||
- /home/
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: home
|
||||
ad: Home
|
||||
|
||||
@ -100,7 +100,7 @@ password:
|
||||
display_name: "Password"
|
||||
self: True
|
||||
type: password
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: userPassword
|
||||
ad: userPassword
|
||||
logscript:
|
||||
@ -108,5 +108,5 @@ logscript:
|
||||
display_name: "Login script"
|
||||
type: fix
|
||||
value: login1.bat
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ad: logonScript
|
||||
|
@ -21,6 +21,7 @@ class Attributes:
|
||||
def __init__(self, attributes_file):
|
||||
self.attributes_file = attributes_file
|
||||
self.backends = Set([])
|
||||
self.self_attributes = Set([])
|
||||
try:
|
||||
stream = open(attributes_file, 'r')
|
||||
except:
|
||||
@ -35,15 +36,23 @@ class Attributes:
|
||||
attr = self.attributes[attrid]
|
||||
if not attr['type'] in types:
|
||||
raise WrongAttributeType(attr['type'], attrid, attributes_file)
|
||||
if 'self' in attr and attr['self']:
|
||||
self.self_attributes.add(attrid)
|
||||
for b in attr['backends']:
|
||||
self.backends.add(b)
|
||||
|
||||
def _mandatory_check(self, attr):
|
||||
for m in ['description', 'display_name', 'type', 'backend-attributes']:
|
||||
for m in ['description', 'display_name', 'type', 'backends']:
|
||||
if m not in self.attributes[attr]:
|
||||
raise MissingKey(m, attr, self.attributes_file)
|
||||
|
||||
def get_selfattributes(self):
|
||||
"""get the list of groups from roles"""
|
||||
pass
|
||||
return self.self_attributes
|
||||
|
||||
def get_backends(self):
|
||||
"""return the list of backends in roles file"""
|
||||
return self.backends
|
||||
|
||||
def get_addattributes(self):
|
||||
"""get the list of groups from roles"""
|
||||
|
@ -15,4 +15,8 @@ class CustomDumper(yaml.SafeDumper):
|
||||
def ignore_aliases(self, _data):
|
||||
return True
|
||||
|
||||
inv = Attributes('./conf/attributes.yml')
|
||||
try:
|
||||
#inv = Attributes('./conf/attributes.yml')
|
||||
inv = Attributes('./tests/cfg/attributes_wrong_type.yml')
|
||||
except Exception as e:
|
||||
print e.log
|
||||
|
@ -1 +0,0 @@
|
||||
../../conf/attributes.yml
|
112
tests/cfg/attributes.yml
Normal file
112
tests/cfg/attributes.yml
Normal file
@ -0,0 +1,112 @@
|
||||
cn:
|
||||
description: "Firt Name and Display Name"
|
||||
display_name: "Display Name"
|
||||
type: string
|
||||
autofill:
|
||||
function: cn
|
||||
args:
|
||||
- $first-name
|
||||
- $name
|
||||
backends:
|
||||
ldap: cn
|
||||
ad: CN
|
||||
first-name:
|
||||
description: "First name of the user"
|
||||
display_name: "First Name"
|
||||
type: string
|
||||
backends:
|
||||
ldap: givenName
|
||||
ad: givenName
|
||||
name:
|
||||
description: "Family name of the user"
|
||||
display_name: "Name"
|
||||
type: string
|
||||
backends:
|
||||
ldap: sn
|
||||
ad: sn
|
||||
email:
|
||||
description: "Email of the user"
|
||||
display_name: "Name"
|
||||
type: email
|
||||
autofill:
|
||||
function: email
|
||||
args:
|
||||
- $first-name
|
||||
- $last-name
|
||||
- '@example.com'
|
||||
backends:
|
||||
ldap: email
|
||||
ad: EMAIL
|
||||
uid:
|
||||
description: "UID of the user"
|
||||
display_name: "UID"
|
||||
type: string
|
||||
autofill:
|
||||
function: uid
|
||||
args:
|
||||
- $first-name
|
||||
- $last-name
|
||||
backends:
|
||||
ldap: uid
|
||||
ad: UID
|
||||
uidNumber:
|
||||
description: "User ID Number of the user"
|
||||
display_name: "UID Number"
|
||||
type: int
|
||||
autofill:
|
||||
function: uidNumber
|
||||
args:
|
||||
- $first-name
|
||||
- $last-name
|
||||
backends:
|
||||
ldap: uidNumber
|
||||
ad: UIDNumber
|
||||
gidNumber:
|
||||
description: "Group ID Number of the user"
|
||||
display_name: "GID Number"
|
||||
type: int
|
||||
default: 10000
|
||||
backends:
|
||||
ldap: gidNumber
|
||||
ad: GIDNumber
|
||||
shell:
|
||||
description: "Shell of the user"
|
||||
display_name: "Shell"
|
||||
self: True
|
||||
type: stringlist
|
||||
values:
|
||||
- /bin/bash
|
||||
- /bin/zsh
|
||||
- /bin/sh
|
||||
backends:
|
||||
ldap: shell
|
||||
ad: SHELL
|
||||
home:
|
||||
description: "Home user path"
|
||||
display_name: "Home"
|
||||
type: string
|
||||
autofill:
|
||||
function: home
|
||||
args:
|
||||
- $first-name
|
||||
- $last-name
|
||||
- /home/
|
||||
backends:
|
||||
ldap: home
|
||||
ad: Home
|
||||
|
||||
password:
|
||||
description: "Password of the user"
|
||||
display_name: "Password"
|
||||
self: True
|
||||
type: password
|
||||
backends:
|
||||
ldap: userPassword
|
||||
ad: userPassword
|
||||
logscript:
|
||||
description: "Windows login script"
|
||||
display_name: "Login script"
|
||||
type: fix
|
||||
value: login1.bat
|
||||
backends:
|
||||
ad: logonScript
|
@ -7,21 +7,21 @@ cn:
|
||||
args:
|
||||
- $first-name
|
||||
- $name
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: cn
|
||||
ad: CN
|
||||
first-name:
|
||||
description: "First name of the user"
|
||||
display_name: "First Name"
|
||||
type: string
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: givenName
|
||||
ad: givenName
|
||||
name:
|
||||
description: "Family name of the user"
|
||||
display_name: "Name"
|
||||
type: string
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: sn
|
||||
ad: sn
|
||||
email:
|
||||
@ -34,7 +34,7 @@ email:
|
||||
- $first-name
|
||||
- $last-name
|
||||
- '@example.com'
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: email
|
||||
ad: EMAIL
|
||||
uid:
|
||||
@ -45,7 +45,7 @@ uid:
|
||||
args:
|
||||
- $first-name
|
||||
- $last-name
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: uid
|
||||
ad: UID
|
||||
uidNumber:
|
||||
@ -57,7 +57,7 @@ uidNumber:
|
||||
args:
|
||||
- $first-name
|
||||
- $last-name
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: uidNumber
|
||||
ad: UIDNumber
|
||||
gidNumber:
|
||||
@ -65,7 +65,7 @@ gidNumber:
|
||||
display_name: "GID Number"
|
||||
type: int
|
||||
default: 10000
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: gidNumber
|
||||
ad: GIDNumber
|
||||
shell:
|
||||
@ -77,7 +77,7 @@ shell:
|
||||
- /bin/bash
|
||||
- /bin/zsh
|
||||
- /bin/sh
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: shell
|
||||
ad: SHELL
|
||||
home:
|
||||
@ -90,7 +90,7 @@ home:
|
||||
- $first-name
|
||||
- $last-name
|
||||
- /home/
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: home
|
||||
ad: Home
|
||||
|
||||
@ -99,7 +99,7 @@ password:
|
||||
display_name: "Password"
|
||||
self: True
|
||||
type: password
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ldap: userPassword
|
||||
ad: userPassword
|
||||
logscript:
|
||||
@ -107,5 +107,5 @@ logscript:
|
||||
display_name: "Login script"
|
||||
type: fix
|
||||
value: login1.bat
|
||||
backend-attributes:
|
||||
bakends:
|
||||
ad: logonScript
|
||||
|
@ -7,7 +7,7 @@ cn:
|
||||
args:
|
||||
- $first-name
|
||||
- $name
|
||||
backend-attributes:
|
||||
backends:
|
||||
ldap: cn
|
||||
ad: CN
|
||||
|
||||
@ -15,6 +15,6 @@ first-name:
|
||||
description: "First name of the user"
|
||||
display_name: "First Name"
|
||||
type: string
|
||||
backend-attributes:
|
||||
backends:
|
||||
ldap: givenName
|
||||
ad: givenName
|
||||
|
@ -1 +0,0 @@
|
||||
../../conf/roles.yml
|
47
tests/cfg/roles.yml
Normal file
47
tests/cfg/roles.yml
Normal file
@ -0,0 +1,47 @@
|
||||
admin-lv3:
|
||||
display_name: Administrators Level 3
|
||||
backends:
|
||||
ldap:
|
||||
groups:
|
||||
- cn=dns admins,ou=group,dc=example,dc=com
|
||||
- cn=nagios admins,ou=group,dc=example,dc=com
|
||||
- cn=puppet admins,ou=group,dc=example,dc=com
|
||||
- cn=users,ou=group,dc=example,dc=com
|
||||
ad:
|
||||
groups:
|
||||
- Domain Users
|
||||
- Administrators
|
||||
- Domain Controllers
|
||||
|
||||
admin-lv2:
|
||||
display_name: Administrators Level 2
|
||||
LC_admins: True
|
||||
backends:
|
||||
ldap:
|
||||
groups:
|
||||
- cn=nagios admins,ou=group,dc=example,dc=com
|
||||
- cn=users,ou=group,dc=example,dc=com
|
||||
ad:
|
||||
groups:
|
||||
- Domain Users
|
||||
|
||||
developpers:
|
||||
display_name: Developpers
|
||||
backends:
|
||||
ldap:
|
||||
groups:
|
||||
- cn=developpers,ou=group,dc=example,dc=com
|
||||
- cn=users,ou=group,dc=example,dc=com
|
||||
ad:
|
||||
groups:
|
||||
- Domain Users
|
||||
|
||||
users:
|
||||
display_name: Simple Users
|
||||
backends:
|
||||
ldap:
|
||||
groups:
|
||||
- cn=users,ou=group,dc=example,dc=com
|
||||
ad:
|
||||
groups:
|
||||
- Domain Users
|
@ -17,6 +17,18 @@ class TestError(object):
|
||||
inv = Attributes('./tests/cfg/attributes.yml')
|
||||
return True
|
||||
|
||||
def testGetSelfAttributes(self):
|
||||
inv = Attributes('./tests/cfg/attributes.yml')
|
||||
ret = inv.get_selfattributes()
|
||||
expected = Set(['password', 'shell'])
|
||||
assert ret == expected
|
||||
|
||||
def testGetSelfAttributes(self):
|
||||
inv = Attributes('./tests/cfg/attributes.yml')
|
||||
ret = inv.get_backends()
|
||||
expected = Set(['ldap', 'ad'])
|
||||
assert ret == expected
|
||||
|
||||
def testNoFile(self):
|
||||
try:
|
||||
inv = Attributes('./tests/cfg/dontexist')
|
||||
|
Loading…
x
Reference in New Issue
Block a user