mirror of
https://github.com/kakwa/ldapcherry
synced 2024-11-25 10:44:30 +01:00
adding key handling
This commit is contained in:
parent
2860f5af6c
commit
c9b971e8b0
@ -123,7 +123,8 @@ class LdapCherry(object):
|
|||||||
raise BackendModuleLoadingFail(module)
|
raise BackendModuleLoadingFail(module)
|
||||||
try:
|
try:
|
||||||
attrslist = self.attributes.get_backend_attributes(backend)
|
attrslist = self.attributes.get_backend_attributes(backend)
|
||||||
self.backends[backend] = bc.Backend(params, cherrypy.log, backend, attrslist)
|
key = self.attributes.get_backend_key(backend)
|
||||||
|
self.backends[backend] = bc.Backend(params, cherrypy.log, backend, attrslist, key)
|
||||||
except MissingParameter as e:
|
except MissingParameter as e:
|
||||||
raise e
|
raise e
|
||||||
except:
|
except:
|
||||||
|
@ -80,6 +80,11 @@ class Attributes:
|
|||||||
raise WrongBackend(backend)
|
raise WrongBackend(backend)
|
||||||
return self.backend_attributes[backend]
|
return self.backend_attributes[backend]
|
||||||
|
|
||||||
|
def get_backend_key(self, backend):
|
||||||
|
if backend not in self.backends:
|
||||||
|
raise WrongBackend(backend)
|
||||||
|
return self.attributes[self.key]['backends'][backend]
|
||||||
|
|
||||||
def get_attributes(self):
|
def get_attributes(self):
|
||||||
"""get the list of groups from roles"""
|
"""get the list of groups from roles"""
|
||||||
return self.self_attributes
|
return self.self_attributes
|
||||||
|
@ -20,7 +20,7 @@ class DelUserDontExists(Exception):
|
|||||||
|
|
||||||
class Backend(ldapcherry.backend.Backend):
|
class Backend(ldapcherry.backend.Backend):
|
||||||
|
|
||||||
def __init__(self, config, logger, name, attrslist):
|
def __init__(self, config, logger, name, attrslist, key):
|
||||||
self.config = config
|
self.config = config
|
||||||
self._logger = logger
|
self._logger = logger
|
||||||
self.backend_name = name
|
self.backend_name = name
|
||||||
@ -38,6 +38,7 @@ class Backend(ldapcherry.backend.Backend):
|
|||||||
self.search_filter_tmpl = self.get_param('search_filter_tmpl')
|
self.search_filter_tmpl = self.get_param('search_filter_tmpl')
|
||||||
self.dn_user_attr = self.get_param('dn_user_attr')
|
self.dn_user_attr = self.get_param('dn_user_attr')
|
||||||
self.objectclasses = []
|
self.objectclasses = []
|
||||||
|
self.key = key
|
||||||
for o in re.split('\W+', self.get_param('objectclasses')):
|
for o in re.split('\W+', self.get_param('objectclasses')):
|
||||||
self.objectclasses.append(self._str(o))
|
self.objectclasses.append(self._str(o))
|
||||||
|
|
||||||
@ -216,12 +217,24 @@ class Backend(ldapcherry.backend.Backend):
|
|||||||
pass
|
pass
|
||||||
|
|
||||||
def search(self, searchstring):
|
def search(self, searchstring):
|
||||||
|
ret = {}
|
||||||
|
|
||||||
searchfilter = self.search_filter_tmpl % {
|
searchfilter = self.search_filter_tmpl % {
|
||||||
'searchstring': searchstring
|
'searchstring': searchstring
|
||||||
}
|
}
|
||||||
|
for u in self._search(searchfilter, None, self.userdn):
|
||||||
return self._search(searchfilter, None, self.userdn)
|
attrs = {}
|
||||||
|
attrs_tmp = u[1]
|
||||||
|
for attr in attrs_tmp:
|
||||||
|
value_tmp = attrs_tmp[attr]
|
||||||
|
if len(value_tmp) == 1:
|
||||||
|
attrs[attr] = value_tmp[0]
|
||||||
|
else:
|
||||||
|
attrs[attr] = value_tmp
|
||||||
|
|
||||||
|
if self.key in attrs:
|
||||||
|
ret[attrs[self.key]] = attrs
|
||||||
|
return ret
|
||||||
|
|
||||||
def get_user(self, username):
|
def get_user(self, username):
|
||||||
ret = {}
|
ret = {}
|
||||||
|
@ -9,5 +9,5 @@ import ldapcherry.backend
|
|||||||
|
|
||||||
class Backend(ldapcherry.backend.Backend):
|
class Backend(ldapcherry.backend.Backend):
|
||||||
|
|
||||||
def __init__(self, config, logger, name, attrslist):
|
def __init__(self, config, logger, name, attrslist, key):
|
||||||
pass
|
pass
|
||||||
|
@ -40,11 +40,11 @@ attr = ['shéll', 'shell', 'cn', 'uid', 'uidNumber', 'gidNumber', 'home', 'userP
|
|||||||
class TestError(object):
|
class TestError(object):
|
||||||
|
|
||||||
def testNominal(self):
|
def testNominal(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def testConnect(self):
|
def testConnect(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
ldap = inv._connect()
|
ldap = inv._connect()
|
||||||
ldap.simple_bind_s(inv.binddn, inv.bindpassword)
|
ldap.simple_bind_s(inv.binddn, inv.bindpassword)
|
||||||
return True
|
return True
|
||||||
@ -53,7 +53,7 @@ class TestError(object):
|
|||||||
cfg2 = cfg.copy()
|
cfg2 = cfg.copy()
|
||||||
cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
|
cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
|
||||||
cfg2['checkcert'] = 'on'
|
cfg2['checkcert'] = 'on'
|
||||||
inv = Backend(cfg2, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
ldap = inv._connect()
|
ldap = inv._connect()
|
||||||
ldap.simple_bind_s(inv.binddn, inv.bindpassword)
|
ldap.simple_bind_s(inv.binddn, inv.bindpassword)
|
||||||
|
|
||||||
@ -62,7 +62,7 @@ class TestError(object):
|
|||||||
cfg2['uri'] = 'ldaps://notaldap:637'
|
cfg2['uri'] = 'ldaps://notaldap:637'
|
||||||
cfg2['checkcert'] = 'on'
|
cfg2['checkcert'] = 'on'
|
||||||
cfg2['ca'] = './cfg/ca.crt'
|
cfg2['ca'] = './cfg/ca.crt'
|
||||||
inv = Backend(cfg2, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
ldapc = inv._connect()
|
ldapc = inv._connect()
|
||||||
try:
|
try:
|
||||||
ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
|
ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
|
||||||
@ -76,7 +76,7 @@ class TestError(object):
|
|||||||
cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
|
cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
|
||||||
cfg2['checkcert'] = 'on'
|
cfg2['checkcert'] = 'on'
|
||||||
cfg2['ca'] = './cfg/wrong_ca.crt'
|
cfg2['ca'] = './cfg/wrong_ca.crt'
|
||||||
inv = Backend(cfg2, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
ldapc = inv._connect()
|
ldapc = inv._connect()
|
||||||
try:
|
try:
|
||||||
ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
|
ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
|
||||||
@ -87,21 +87,21 @@ class TestError(object):
|
|||||||
# cfg2 = cfg.copy()
|
# cfg2 = cfg.copy()
|
||||||
# cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
|
# cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
|
||||||
# cfg2['checkcert'] = 'off'
|
# cfg2['checkcert'] = 'off'
|
||||||
# inv = Backend(cfg2, cherrypy.log, 'ldap', attr)
|
# inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
# ldap = inv._connect()
|
# ldap = inv._connect()
|
||||||
# ldap.simple_bind_s(inv.binddn, inv.bindpassword)
|
# ldap.simple_bind_s(inv.binddn, inv.bindpassword)
|
||||||
|
|
||||||
def testAuthSuccess(self):
|
def testAuthSuccess(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def testAuthSuccess(self):
|
def testAuthSuccess(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
ret = inv.auth('jwatson', 'passwordwatson')
|
ret = inv.auth('jwatson', 'passwordwatson')
|
||||||
assert ret == True
|
assert ret == True
|
||||||
|
|
||||||
def testAuthFailure(self):
|
def testAuthFailure(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
res = inv.auth('notauser', 'password') or inv.auth('jwatson', 'notapassword')
|
res = inv.auth('notauser', 'password') or inv.auth('jwatson', 'notapassword')
|
||||||
assert res == False
|
assert res == False
|
||||||
|
|
||||||
@ -109,32 +109,32 @@ class TestError(object):
|
|||||||
cfg2 = {}
|
cfg2 = {}
|
||||||
return True
|
return True
|
||||||
try:
|
try:
|
||||||
inv = Backend(cfg2, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
except MissingKey:
|
except MissingKey:
|
||||||
return
|
return
|
||||||
else:
|
else:
|
||||||
raise AssertionError("expected an exception")
|
raise AssertionError("expected an exception")
|
||||||
|
|
||||||
def testGetUser(self):
|
def testGetUser(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
ret = inv.get_user('jwatson')
|
ret = inv.get_user('jwatson')
|
||||||
expected = {'uid': 'jwatson', 'cn': 'John Watson', 'sn': 'watson'}
|
expected = {'uid': 'jwatson', 'cn': 'John Watson', 'sn': 'watson'}
|
||||||
assert ret == expected
|
assert ret == expected
|
||||||
|
|
||||||
def testGetUser(self):
|
def testGetUser(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
ret = inv.get_groups('jwatson')
|
ret = inv.get_groups('jwatson')
|
||||||
expected = ['cn=itpeople,ou=Groups,dc=example,dc=org']
|
expected = ['cn=itpeople,ou=Groups,dc=example,dc=org']
|
||||||
assert ret == expected
|
assert ret == expected
|
||||||
|
|
||||||
def testSearchUser(self):
|
def testSearchUser(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
ret = inv.search('smith')
|
ret = inv.search('smith')
|
||||||
expected = [('cn=Sheri Smith,ou=People,dc=example,dc=org', {'uid': ['ssmith'], 'objectClass': ['inetOrgPerson'], 'carLicense': ['HERCAR 125'], 'sn': ['smith'], 'mail': ['s.smith@example.com', 'ssmith@example.com', 'sheri.smith@example.com'], 'homePhone': ['555-111-2225'], 'cn': ['Sheri Smith']}), ('cn=John Smith,ou=People,dc=example,dc=org', {'uid': ['jsmith'], 'objectClass': ['inetOrgPerson'], 'carLicense': ['HISCAR 125'], 'sn': ['Smith'], 'mail': ['j.smith@example.com', 'jsmith@example.com', 'jsmith.smith@example.com'], 'homePhone': ['555-111-2225'], 'cn': ['John Smith']})]
|
expected = {'ssmith': {'uid': 'ssmith', 'objectClass': 'inetOrgPerson', 'carLicense': 'HERCAR 125', 'sn': 'smith', 'mail': ['s.smith@example.com', 'ssmith@example.com', 'sheri.smith@example.com'], 'homePhone': '555-111-2225', 'cn': 'Sheri Smith'}, 'jsmith': {'uid': 'jsmith', 'objectClass': 'inetOrgPerson', 'carLicense': 'HISCAR 125', 'sn': 'Smith', 'mail': ['j.smith@example.com', 'jsmith@example.com', 'jsmith.smith@example.com'], 'homePhone': '555-111-2225', 'cn': 'John Smith'}}
|
||||||
assert ret == expected
|
assert ret == expected
|
||||||
|
|
||||||
def testAddUser(self):
|
def testAddUser(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
user = {
|
user = {
|
||||||
'uid': 'test',
|
'uid': 'test',
|
||||||
'sn': 'test',
|
'sn': 'test',
|
||||||
@ -148,7 +148,7 @@ class TestError(object):
|
|||||||
inv.del_user('test')
|
inv.del_user('test')
|
||||||
|
|
||||||
def testAddUserDuplicate(self):
|
def testAddUserDuplicate(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
user = {
|
user = {
|
||||||
'uid': 'test',
|
'uid': 'test',
|
||||||
'sn': 'test',
|
'sn': 'test',
|
||||||
@ -169,7 +169,7 @@ class TestError(object):
|
|||||||
raise AssertionError("expected an exception")
|
raise AssertionError("expected an exception")
|
||||||
|
|
||||||
def testDelUserDontExists(self):
|
def testDelUserDontExists(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
try:
|
try:
|
||||||
inv.del_user('test')
|
inv.del_user('test')
|
||||||
inv.del_user('test')
|
inv.del_user('test')
|
||||||
@ -179,13 +179,13 @@ class TestError(object):
|
|||||||
raise AssertionError("expected an exception")
|
raise AssertionError("expected an exception")
|
||||||
|
|
||||||
def testGetUser(self):
|
def testGetUser(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
ret = inv.get_user('jwatson')
|
ret = inv.get_user('jwatson')
|
||||||
expected = {'sn': 'watson', 'uid': 'jwatson', 'cn': 'John Watson'}
|
expected = {'sn': 'watson', 'uid': 'jwatson', 'cn': 'John Watson'}
|
||||||
assert ret == expected
|
assert ret == expected
|
||||||
|
|
||||||
def testAddUserMissingMustAttribute(self):
|
def testAddUserMissingMustattribute(self):
|
||||||
inv = Backend(cfg, cherrypy.log, 'ldap', attr)
|
inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
|
||||||
user = {
|
user = {
|
||||||
'uid': 'test',
|
'uid': 'test',
|
||||||
'sn': 'test',
|
'sn': 'test',
|
||||||
|
Loading…
Reference in New Issue
Block a user