security-and-privacy/ldapcherry
security-and-privacy
/
ldapcherry
mirror of https://github.com/kakwa/ldapcherry
1
0
Fork 0
Code Releases Activity

multiple changes 

* change parameters name for Backend Ldap
* fix default value handling in backends get_param
* correct exception in backends get_param
* fix syntaxe error
* add backend name in test_BackendLdap.py
This commit is contained in:
kakwa 2015-05-21 21:40:13 +02:00
parent cb843a40e5
commit 93ed190913
6 changed files with 34 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
conf/ldapcherry.ini
View File

@ -69,14 +69,14 @@ roles.file = '/etc/ldapcherry/roles.yml'
ldap.module = 'ldapcherry.backend.backendLdap'
ldap.groupdn = 'ou=group,dc=example,dc=com'
ldap.people = 'ou=group,dc=example,dc=com'
ldap.authdn = 'cn=ldapcherry,dc=example,dc=com'
ldap.binddn = 'cn=ldapcherry,dc=example,dc=com'
ldap.password = 'password'
ldap.uri = 'ldaps://ldap.ldapcherry.org'
ldap.ca = '/etc/dnscherry/TEST-cacert.pem'
ldap.starttls = 'on'
ldap.checkcert = 'off'
ldap.user.filter.tmpl = '(uid=%(username)s)'
ldap.group.filter.tmpl = '(member=%(userdn)s)'
ldap.user_filter_tmpl = '(uid=%(username)s)'
ldap.group_filter_tmpl = '(member=%(userdn)s)'
ad.module = 'ldapcherry.backend.backendSamba4'

2
ldapcherry/__init__.py
View File

@ -108,6 +108,8 @@ class LdapCherry(object):
raise BackendModuleLoadingFail(module)
try:
self.backends[backend] = bc.Backend(params, cherrypy.log, backend)
except MissingParameter as e:
raise e
except:
raise BackendModuleInitFail(module)

6
ldapcherry/backend/__init__.py
View File

@ -24,11 +24,11 @@ class Backend:
def rm_from_group(self):
pass
def get_param(self, param, default=False):
def get_param(self, param, default=None):
if param in self.config:
return self.config[param]
elif default:
elif not default is None:
return default
else:
raise MissingParameter(self.backend_name+'.'+param, 'backends')
raise MissingParameter('backends', self.backend_name+'.'+param)

14
ldapcherry/backend/backendLdap.py
View File

@ -16,12 +16,12 @@ class Backend(ldapcherry.backend.Backend):
self.config = config
self._logger = logger
self.backend_name = name
self.binddn = self.get_param(binddn)
self.ca = self.get_param(ca)
self.checkcert = self.get_param(checkcert)
self.starttls = self.get_param(starttls)
self.uri = self.get_param(uri)
self.user_filter_tmpl = self.get_param(user_filter_tmpl)
self.binddn = self.get_param('binddn')
self.ca = self.get_param('ca', False)
self.checkcert = self.get_param('checkcert', 'on')
self.starttls = self.get_param('starttls', 'off')
self.uri = self.get_param('uri')
self.user_filter_tmpl = self.get_param('user_filter_tmpl')
def auth(self, username, password):
@ -97,7 +97,7 @@ class Backend(ldapcherry.backend.Backend):
else:
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT,ldap.OPT_X_TLS_DEMAND)
if self.starttls == 'on':
if self.starttls == 'on':
try:
ldap_client.start_tls_s()
except ldap.OPERATIONS_ERROR:

4
tests/cfg/ldapcherry.ini
View File

@ -69,12 +69,14 @@ roles.file = './tests/cfg/roles.yml'
ldap.module = 'ldapcherry.backend.backendLdap'
ldap.groupdn = 'ou=group,dc=example,dc=com'
ldap.people = 'ou=group,dc=example,dc=com'
ldap.authdn = 'cn=ldapcherry,dc=example,dc=com'
ldap.binddn = 'cn=ldapcherry,dc=example,dc=com'
ldap.password = 'password'
ldap.uri = 'ldaps://ldap.ldapcherry.org'
ldap.ca = '/etc/dnscherry/TEST-cacert.pem'
ldap.starttls = 'on'
ldap.checkcert = 'off'
ldap.user_filter_tmpl = '(uid=%(username)s)'
ldap.group_filter_tmpl = '(member=%(userdn)s)'
ad.module = 'ldapcherry.backend.backendSamba4'
ad.auth = 'Administrator'

29
tests/test_BackendLdap.py
View File

@ -8,6 +8,7 @@ import pytest
import sys
from sets import Set
from ldapcherry.backend.backendLdap import Backend
from ldapcherry import syslog_error
from ldapcherry.exceptions import *
import cherrypy
@ -15,57 +16,59 @@ cfg = {
'module' : 'ldapcherry.backend.ldap',
'groupdn' : 'ou=group,dc=example,dc=com',
'people' : 'ou=group,dc=example,dc=com',
'authdn' : 'cn=ldapcherry,dc=example,dc=com',
'binddn' : 'cn=ldapcherry,dc=example,dc=com',
'password' : 'password',
'uri' : 'ldaps://ldap.ldapcherry.org',
'ca' : '/etc/dnscherry/TEST-cacert.pem',
'starttls' : 'on',
'starttls' : 'off',
'checkcert' : 'off',
'user.filter.tmpl' : '(uid=%(username)s)',
'group.filter.tmpl' : '(member=%(userdn)s)',
'user_filter_tmpl' : '(uid=%(username)s)',
'group_filter_tmpl' : '(member=%(userdn)s)',
}
cherrypy.log.error = syslog_error
class TestError(object):
def testNominal(self):
inv = Backend(cfg, cherrypy.log)
inv = Backend(cfg, cherrypy.log, 'ldap')
return True
def testConnect(self):
inv = Backend(cfg, cherrypy.log)
inv = Backend(cfg, cherrypy.log, 'ldap')
inv._connect()
return True
def testConnectSSL(self):
inv = Backend(cfg, cherrypy.log)
inv = Backend(cfg, cherrypy.log, 'ldap')
return True
def testConnectSSLNoCheck(self):
inv = Backend(cfg, cherrypy.log)
inv = Backend(cfg, cherrypy.log, 'ldap')
return True
def testAuthSuccess(self):
inv = Backend(cfg, cherrypy.log)
inv = Backend(cfg, cherrypy.log, 'ldap')
return True
def testAuthSuccess(self):
inv = Backend(cfg, cherrypy.log)
inv = Backend(cfg, cherrypy.log, 'ldap')
return True
def testAuthFailure(self):
inv = Backend(cfg, cherrypy.log)
inv = Backend(cfg, cherrypy.log, 'ldap')
return True
def testMissingParam(self):
cfg2 = {}
return True
try:
inv = Backend(cfg2, cherrypy.log)
inv = Backend(cfg2, cherrypy.log, 'ldap')
except MissingKey:
return
else:
raise AssertionError("expected an exception")
def testGetUser(self):
inv = Backend(cfg, cherrypy.log)
inv = Backend(cfg, cherrypy.log, 'ldap')
return True