1
0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-25 10:44:30 +01:00

adding key handling

This commit is contained in:
kakwa 2015-05-31 18:40:35 +02:00
parent 2860f5af6c
commit c9b971e8b0
5 changed files with 44 additions and 25 deletions

View File

@ -123,7 +123,8 @@ class LdapCherry(object):
raise BackendModuleLoadingFail(module) raise BackendModuleLoadingFail(module)
try: try:
attrslist = self.attributes.get_backend_attributes(backend) attrslist = self.attributes.get_backend_attributes(backend)
self.backends[backend] = bc.Backend(params, cherrypy.log, backend, attrslist) key = self.attributes.get_backend_key(backend)
self.backends[backend] = bc.Backend(params, cherrypy.log, backend, attrslist, key)
except MissingParameter as e: except MissingParameter as e:
raise e raise e
except: except:

View File

@ -80,6 +80,11 @@ class Attributes:
raise WrongBackend(backend) raise WrongBackend(backend)
return self.backend_attributes[backend] return self.backend_attributes[backend]
def get_backend_key(self, backend):
if backend not in self.backends:
raise WrongBackend(backend)
return self.attributes[self.key]['backends'][backend]
def get_attributes(self): def get_attributes(self):
"""get the list of groups from roles""" """get the list of groups from roles"""
return self.self_attributes return self.self_attributes

View File

@ -20,7 +20,7 @@ class DelUserDontExists(Exception):
class Backend(ldapcherry.backend.Backend): class Backend(ldapcherry.backend.Backend):
def __init__(self, config, logger, name, attrslist): def __init__(self, config, logger, name, attrslist, key):
self.config = config self.config = config
self._logger = logger self._logger = logger
self.backend_name = name self.backend_name = name
@ -38,6 +38,7 @@ class Backend(ldapcherry.backend.Backend):
self.search_filter_tmpl = self.get_param('search_filter_tmpl') self.search_filter_tmpl = self.get_param('search_filter_tmpl')
self.dn_user_attr = self.get_param('dn_user_attr') self.dn_user_attr = self.get_param('dn_user_attr')
self.objectclasses = [] self.objectclasses = []
self.key = key
for o in re.split('\W+', self.get_param('objectclasses')): for o in re.split('\W+', self.get_param('objectclasses')):
self.objectclasses.append(self._str(o)) self.objectclasses.append(self._str(o))
@ -216,12 +217,24 @@ class Backend(ldapcherry.backend.Backend):
pass pass
def search(self, searchstring): def search(self, searchstring):
ret = {}
searchfilter = self.search_filter_tmpl % { searchfilter = self.search_filter_tmpl % {
'searchstring': searchstring 'searchstring': searchstring
} }
for u in self._search(searchfilter, None, self.userdn):
return self._search(searchfilter, None, self.userdn) attrs = {}
attrs_tmp = u[1]
for attr in attrs_tmp:
value_tmp = attrs_tmp[attr]
if len(value_tmp) == 1:
attrs[attr] = value_tmp[0]
else:
attrs[attr] = value_tmp
if self.key in attrs:
ret[attrs[self.key]] = attrs
return ret
def get_user(self, username): def get_user(self, username):
ret = {} ret = {}

View File

@ -9,5 +9,5 @@ import ldapcherry.backend
class Backend(ldapcherry.backend.Backend): class Backend(ldapcherry.backend.Backend):
def __init__(self, config, logger, name, attrslist): def __init__(self, config, logger, name, attrslist, key):
pass pass

View File

@ -40,11 +40,11 @@ attr = ['shéll', 'shell', 'cn', 'uid', 'uidNumber', 'gidNumber', 'home', 'userP
class TestError(object): class TestError(object):
def testNominal(self): def testNominal(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
return True return True
def testConnect(self): def testConnect(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
ldap = inv._connect() ldap = inv._connect()
ldap.simple_bind_s(inv.binddn, inv.bindpassword) ldap.simple_bind_s(inv.binddn, inv.bindpassword)
return True return True
@ -53,7 +53,7 @@ class TestError(object):
cfg2 = cfg.copy() cfg2 = cfg.copy()
cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637' cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
cfg2['checkcert'] = 'on' cfg2['checkcert'] = 'on'
inv = Backend(cfg2, cherrypy.log, 'ldap', attr) inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid')
ldap = inv._connect() ldap = inv._connect()
ldap.simple_bind_s(inv.binddn, inv.bindpassword) ldap.simple_bind_s(inv.binddn, inv.bindpassword)
@ -62,7 +62,7 @@ class TestError(object):
cfg2['uri'] = 'ldaps://notaldap:637' cfg2['uri'] = 'ldaps://notaldap:637'
cfg2['checkcert'] = 'on' cfg2['checkcert'] = 'on'
cfg2['ca'] = './cfg/ca.crt' cfg2['ca'] = './cfg/ca.crt'
inv = Backend(cfg2, cherrypy.log, 'ldap', attr) inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid')
ldapc = inv._connect() ldapc = inv._connect()
try: try:
ldapc.simple_bind_s(inv.binddn, inv.bindpassword) ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
@ -76,7 +76,7 @@ class TestError(object):
cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637' cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
cfg2['checkcert'] = 'on' cfg2['checkcert'] = 'on'
cfg2['ca'] = './cfg/wrong_ca.crt' cfg2['ca'] = './cfg/wrong_ca.crt'
inv = Backend(cfg2, cherrypy.log, 'ldap', attr) inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid')
ldapc = inv._connect() ldapc = inv._connect()
try: try:
ldapc.simple_bind_s(inv.binddn, inv.bindpassword) ldapc.simple_bind_s(inv.binddn, inv.bindpassword)
@ -87,21 +87,21 @@ class TestError(object):
# cfg2 = cfg.copy() # cfg2 = cfg.copy()
# cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637' # cfg2['uri'] = 'ldaps://ldap.ldapcherry.org:637'
# cfg2['checkcert'] = 'off' # cfg2['checkcert'] = 'off'
# inv = Backend(cfg2, cherrypy.log, 'ldap', attr) # inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid')
# ldap = inv._connect() # ldap = inv._connect()
# ldap.simple_bind_s(inv.binddn, inv.bindpassword) # ldap.simple_bind_s(inv.binddn, inv.bindpassword)
def testAuthSuccess(self): def testAuthSuccess(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
return True return True
def testAuthSuccess(self): def testAuthSuccess(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
ret = inv.auth('jwatson', 'passwordwatson') ret = inv.auth('jwatson', 'passwordwatson')
assert ret == True assert ret == True
def testAuthFailure(self): def testAuthFailure(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
res = inv.auth('notauser', 'password') or inv.auth('jwatson', 'notapassword') res = inv.auth('notauser', 'password') or inv.auth('jwatson', 'notapassword')
assert res == False assert res == False
@ -109,32 +109,32 @@ class TestError(object):
cfg2 = {} cfg2 = {}
return True return True
try: try:
inv = Backend(cfg2, cherrypy.log, 'ldap', attr) inv = Backend(cfg2, cherrypy.log, 'ldap', attr, 'uid')
except MissingKey: except MissingKey:
return return
else: else:
raise AssertionError("expected an exception") raise AssertionError("expected an exception")
def testGetUser(self): def testGetUser(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
ret = inv.get_user('jwatson') ret = inv.get_user('jwatson')
expected = {'uid': 'jwatson', 'cn': 'John Watson', 'sn': 'watson'} expected = {'uid': 'jwatson', 'cn': 'John Watson', 'sn': 'watson'}
assert ret == expected assert ret == expected
def testGetUser(self): def testGetUser(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
ret = inv.get_groups('jwatson') ret = inv.get_groups('jwatson')
expected = ['cn=itpeople,ou=Groups,dc=example,dc=org'] expected = ['cn=itpeople,ou=Groups,dc=example,dc=org']
assert ret == expected assert ret == expected
def testSearchUser(self): def testSearchUser(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
ret = inv.search('smith') ret = inv.search('smith')
expected = [('cn=Sheri Smith,ou=People,dc=example,dc=org', {'uid': ['ssmith'], 'objectClass': ['inetOrgPerson'], 'carLicense': ['HERCAR 125'], 'sn': ['smith'], 'mail': ['s.smith@example.com', 'ssmith@example.com', 'sheri.smith@example.com'], 'homePhone': ['555-111-2225'], 'cn': ['Sheri Smith']}), ('cn=John Smith,ou=People,dc=example,dc=org', {'uid': ['jsmith'], 'objectClass': ['inetOrgPerson'], 'carLicense': ['HISCAR 125'], 'sn': ['Smith'], 'mail': ['j.smith@example.com', 'jsmith@example.com', 'jsmith.smith@example.com'], 'homePhone': ['555-111-2225'], 'cn': ['John Smith']})] expected = {'ssmith': {'uid': 'ssmith', 'objectClass': 'inetOrgPerson', 'carLicense': 'HERCAR 125', 'sn': 'smith', 'mail': ['s.smith@example.com', 'ssmith@example.com', 'sheri.smith@example.com'], 'homePhone': '555-111-2225', 'cn': 'Sheri Smith'}, 'jsmith': {'uid': 'jsmith', 'objectClass': 'inetOrgPerson', 'carLicense': 'HISCAR 125', 'sn': 'Smith', 'mail': ['j.smith@example.com', 'jsmith@example.com', 'jsmith.smith@example.com'], 'homePhone': '555-111-2225', 'cn': 'John Smith'}}
assert ret == expected assert ret == expected
def testAddUser(self): def testAddUser(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
user = { user = {
'uid': 'test', 'uid': 'test',
'sn': 'test', 'sn': 'test',
@ -148,7 +148,7 @@ class TestError(object):
inv.del_user('test') inv.del_user('test')
def testAddUserDuplicate(self): def testAddUserDuplicate(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
user = { user = {
'uid': 'test', 'uid': 'test',
'sn': 'test', 'sn': 'test',
@ -169,7 +169,7 @@ class TestError(object):
raise AssertionError("expected an exception") raise AssertionError("expected an exception")
def testDelUserDontExists(self): def testDelUserDontExists(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
try: try:
inv.del_user('test') inv.del_user('test')
inv.del_user('test') inv.del_user('test')
@ -179,13 +179,13 @@ class TestError(object):
raise AssertionError("expected an exception") raise AssertionError("expected an exception")
def testGetUser(self): def testGetUser(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
ret = inv.get_user('jwatson') ret = inv.get_user('jwatson')
expected = {'sn': 'watson', 'uid': 'jwatson', 'cn': 'John Watson'} expected = {'sn': 'watson', 'uid': 'jwatson', 'cn': 'John Watson'}
assert ret == expected assert ret == expected
def testAddUserMissingMustAttribute(self): def testAddUserMissingMustattribute(self):
inv = Backend(cfg, cherrypy.log, 'ldap', attr) inv = Backend(cfg, cherrypy.log, 'ldap', attr, 'uid')
user = { user = {
'uid': 'test', 'uid': 'test',
'sn': 'test', 'sn': 'test',