security-and-privacy/ldapcherry
security-and-privacy/ldapcherry
1
0
Fork 0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-22 09:24:21 +01:00
Code Releases Activity

code factoring

Browse Source
This commit is contained in:
kakwa 2015-05-25 19:52:54 +02:00
parent 7a7d6f5f6f
commit 8da0b7c533
1 changed files with 23 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
ldapcherry/backend/backendLdap.py
View File

@ -66,7 +66,7 @@ class Backend(ldapcherry.backend.Backend):
def del_user(self, username): def del_user(self, username):
pass pass
def search(self, searchstring): def _search(self, searchfilter, attrs):
ldap_client = self._connect() ldap_client = self._connect()
try: try:
ldap_client.simple_bind_s(self.binddn, self.bindpassword) ldap_client.simple_bind_s(self.binddn, self.bindpassword)
@ -75,69 +75,57 @@ class Backend(ldapcherry.backend.Backend):
logging.ERROR, logging.ERROR,
"Configuration error, wrong credentials, unable to connect to ldap with '" + self.binddn + "'", "Configuration error, wrong credentials, unable to connect to ldap with '" + self.binddn + "'",
) )
#raise cherrypy.HTTPError("500", "Configuration Error, contact administrator") ldap_client.unbind_s()
raise e raise e
except ldap.SERVER_DOWN as e: except ldap.SERVER_DOWN as e:
self._logger( self._logger(
logging.ERROR, logging.ERROR,
"Unable to contact ldap server '" + self.uri + "', check 'auth.ldap.uri' and ssl/tls configuration", "Unable to contact ldap server '" + self.uri + "', check 'auth.ldap.uri' and ssl/tls configuration",
) )
ldap_client.unbind_s()
raise e raise e
user_filter = self.search_filter_tmpl % {
'searchstring': searchstring
}
print user_filter
try: try:
r = ldap_client.search_s(self.userdn, r = ldap_client.search_s(self.userdn,
ldap.SCOPE_SUBTREE, ldap.SCOPE_SUBTREE,
user_filter, searchfilter,
attrlist=None attrlist=attrs
) )
except ldap.FILTER_ERROR as e: except ldap.FILTER_ERROR as e:
#self._logger( self._logger(
# logging.ERROR, logging.ERROR,
# "Bad search filter, check '" + self.backend_name + ".search_filter_tmpl'", "Bad search filter, check '" + self.backend_name + ".*_filter_tmpl' params",
# ) )
ldap_client.unbind_s()
raise e raise e
ldap_client.unbind_s()
return r return r
def search(self, searchstring):
searchfilter = self.search_filter_tmpl % {
'searchstring': searchstring
}
return self._search(searchfilter, None)
def get_user(self, username, attrs=True): def get_user(self, username, attrs=True):
if attrs: if attrs:
a = self.attrlist a = self.attrlist
else: else:
a = None a = None
ldap_client = self._connect()
try:
ldap_client.simple_bind_s(self.binddn, self.bindpassword)
except ldap.INVALID_CREDENTIALS as e:
self._logger(
logging.ERROR,
"Configuration error, wrong credentials, unable to connect to ldap with '" + self.binddn + "'",
)
#raise cherrypy.HTTPError("500", "Configuration Error, contact administrator")
raise e
except ldap.SERVER_DOWN as e:
self._logger(
logging.ERROR,
"Unable to contact ldap server '" + self.uri + "', check 'auth.ldap.uri' and ssl/tls configuration",
)
raise e
user_filter = self.user_filter_tmpl % { user_filter = self.user_filter_tmpl % {
'username': username 'username': username
} }
r = ldap_client.search_s(self.userdn, r = self._search(user_filter, a)
ldap.SCOPE_SUBTREE,
user_filter,
attrlist=a
)
if len(r) == 0: if len(r) == 0:
ldap_client.unbind_s()
return None return None
ldap_client.unbind_s()
if attrs: if attrs:
dn_entry = r[0] dn_entry = r[0]
else: else: