1
0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-25 18:54:29 +01:00

multiple changes

* change parameters name for Backend Ldap
* fix default value handling in backends get_param
* correct exception in backends get_param
* fix syntaxe error
* add backend name in test_BackendLdap.py
This commit is contained in:
kakwa 2015-05-21 21:40:13 +02:00
parent cb843a40e5
commit 93ed190913
6 changed files with 34 additions and 27 deletions

View File

@ -69,14 +69,14 @@ roles.file = '/etc/ldapcherry/roles.yml'
ldap.module = 'ldapcherry.backend.backendLdap' ldap.module = 'ldapcherry.backend.backendLdap'
ldap.groupdn = 'ou=group,dc=example,dc=com' ldap.groupdn = 'ou=group,dc=example,dc=com'
ldap.people = 'ou=group,dc=example,dc=com' ldap.people = 'ou=group,dc=example,dc=com'
ldap.authdn = 'cn=ldapcherry,dc=example,dc=com' ldap.binddn = 'cn=ldapcherry,dc=example,dc=com'
ldap.password = 'password' ldap.password = 'password'
ldap.uri = 'ldaps://ldap.ldapcherry.org' ldap.uri = 'ldaps://ldap.ldapcherry.org'
ldap.ca = '/etc/dnscherry/TEST-cacert.pem' ldap.ca = '/etc/dnscherry/TEST-cacert.pem'
ldap.starttls = 'on' ldap.starttls = 'on'
ldap.checkcert = 'off' ldap.checkcert = 'off'
ldap.user.filter.tmpl = '(uid=%(username)s)' ldap.user_filter_tmpl = '(uid=%(username)s)'
ldap.group.filter.tmpl = '(member=%(userdn)s)' ldap.group_filter_tmpl = '(member=%(userdn)s)'
ad.module = 'ldapcherry.backend.backendSamba4' ad.module = 'ldapcherry.backend.backendSamba4'

View File

@ -108,6 +108,8 @@ class LdapCherry(object):
raise BackendModuleLoadingFail(module) raise BackendModuleLoadingFail(module)
try: try:
self.backends[backend] = bc.Backend(params, cherrypy.log, backend) self.backends[backend] = bc.Backend(params, cherrypy.log, backend)
except MissingParameter as e:
raise e
except: except:
raise BackendModuleInitFail(module) raise BackendModuleInitFail(module)

View File

@ -24,11 +24,11 @@ class Backend:
def rm_from_group(self): def rm_from_group(self):
pass pass
def get_param(self, param, default=False): def get_param(self, param, default=None):
if param in self.config: if param in self.config:
return self.config[param] return self.config[param]
elif default: elif not default is None:
return default return default
else: else:
raise MissingParameter(self.backend_name+'.'+param, 'backends') raise MissingParameter('backends', self.backend_name+'.'+param)

View File

@ -16,12 +16,12 @@ class Backend(ldapcherry.backend.Backend):
self.config = config self.config = config
self._logger = logger self._logger = logger
self.backend_name = name self.backend_name = name
self.binddn = self.get_param(binddn) self.binddn = self.get_param('binddn')
self.ca = self.get_param(ca) self.ca = self.get_param('ca', False)
self.checkcert = self.get_param(checkcert) self.checkcert = self.get_param('checkcert', 'on')
self.starttls = self.get_param(starttls) self.starttls = self.get_param('starttls', 'off')
self.uri = self.get_param(uri) self.uri = self.get_param('uri')
self.user_filter_tmpl = self.get_param(user_filter_tmpl) self.user_filter_tmpl = self.get_param('user_filter_tmpl')
def auth(self, username, password): def auth(self, username, password):
@ -97,7 +97,7 @@ class Backend(ldapcherry.backend.Backend):
else: else:
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT,ldap.OPT_X_TLS_DEMAND) ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT,ldap.OPT_X_TLS_DEMAND)
if self.starttls == 'on': if self.starttls == 'on':
try: try:
ldap_client.start_tls_s() ldap_client.start_tls_s()
except ldap.OPERATIONS_ERROR: except ldap.OPERATIONS_ERROR:

View File

@ -69,12 +69,14 @@ roles.file = './tests/cfg/roles.yml'
ldap.module = 'ldapcherry.backend.backendLdap' ldap.module = 'ldapcherry.backend.backendLdap'
ldap.groupdn = 'ou=group,dc=example,dc=com' ldap.groupdn = 'ou=group,dc=example,dc=com'
ldap.people = 'ou=group,dc=example,dc=com' ldap.people = 'ou=group,dc=example,dc=com'
ldap.authdn = 'cn=ldapcherry,dc=example,dc=com' ldap.binddn = 'cn=ldapcherry,dc=example,dc=com'
ldap.password = 'password' ldap.password = 'password'
ldap.uri = 'ldaps://ldap.ldapcherry.org' ldap.uri = 'ldaps://ldap.ldapcherry.org'
ldap.ca = '/etc/dnscherry/TEST-cacert.pem' ldap.ca = '/etc/dnscherry/TEST-cacert.pem'
ldap.starttls = 'on' ldap.starttls = 'on'
ldap.checkcert = 'off' ldap.checkcert = 'off'
ldap.user_filter_tmpl = '(uid=%(username)s)'
ldap.group_filter_tmpl = '(member=%(userdn)s)'
ad.module = 'ldapcherry.backend.backendSamba4' ad.module = 'ldapcherry.backend.backendSamba4'
ad.auth = 'Administrator' ad.auth = 'Administrator'

View File

@ -8,6 +8,7 @@ import pytest
import sys import sys
from sets import Set from sets import Set
from ldapcherry.backend.backendLdap import Backend from ldapcherry.backend.backendLdap import Backend
from ldapcherry import syslog_error
from ldapcherry.exceptions import * from ldapcherry.exceptions import *
import cherrypy import cherrypy
@ -15,57 +16,59 @@ cfg = {
'module' : 'ldapcherry.backend.ldap', 'module' : 'ldapcherry.backend.ldap',
'groupdn' : 'ou=group,dc=example,dc=com', 'groupdn' : 'ou=group,dc=example,dc=com',
'people' : 'ou=group,dc=example,dc=com', 'people' : 'ou=group,dc=example,dc=com',
'authdn' : 'cn=ldapcherry,dc=example,dc=com', 'binddn' : 'cn=ldapcherry,dc=example,dc=com',
'password' : 'password', 'password' : 'password',
'uri' : 'ldaps://ldap.ldapcherry.org', 'uri' : 'ldaps://ldap.ldapcherry.org',
'ca' : '/etc/dnscherry/TEST-cacert.pem', 'ca' : '/etc/dnscherry/TEST-cacert.pem',
'starttls' : 'on', 'starttls' : 'off',
'checkcert' : 'off', 'checkcert' : 'off',
'user.filter.tmpl' : '(uid=%(username)s)', 'user_filter_tmpl' : '(uid=%(username)s)',
'group.filter.tmpl' : '(member=%(userdn)s)', 'group_filter_tmpl' : '(member=%(userdn)s)',
} }
cherrypy.log.error = syslog_error
class TestError(object): class TestError(object):
def testNominal(self): def testNominal(self):
inv = Backend(cfg, cherrypy.log) inv = Backend(cfg, cherrypy.log, 'ldap')
return True return True
def testConnect(self): def testConnect(self):
inv = Backend(cfg, cherrypy.log) inv = Backend(cfg, cherrypy.log, 'ldap')
inv._connect() inv._connect()
return True return True
def testConnectSSL(self): def testConnectSSL(self):
inv = Backend(cfg, cherrypy.log) inv = Backend(cfg, cherrypy.log, 'ldap')
return True return True
def testConnectSSLNoCheck(self): def testConnectSSLNoCheck(self):
inv = Backend(cfg, cherrypy.log) inv = Backend(cfg, cherrypy.log, 'ldap')
return True return True
def testAuthSuccess(self): def testAuthSuccess(self):
inv = Backend(cfg, cherrypy.log) inv = Backend(cfg, cherrypy.log, 'ldap')
return True return True
def testAuthSuccess(self): def testAuthSuccess(self):
inv = Backend(cfg, cherrypy.log) inv = Backend(cfg, cherrypy.log, 'ldap')
return True return True
def testAuthFailure(self): def testAuthFailure(self):
inv = Backend(cfg, cherrypy.log) inv = Backend(cfg, cherrypy.log, 'ldap')
return True return True
def testMissingParam(self): def testMissingParam(self):
cfg2 = {} cfg2 = {}
return True return True
try: try:
inv = Backend(cfg2, cherrypy.log) inv = Backend(cfg2, cherrypy.log, 'ldap')
except MissingKey: except MissingKey:
return return
else: else:
raise AssertionError("expected an exception") raise AssertionError("expected an exception")
def testGetUser(self): def testGetUser(self):
inv = Backend(cfg, cherrypy.log) inv = Backend(cfg, cherrypy.log, 'ldap')
return True return True