1
0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-22 01:14:21 +01:00

multiple modification/fix

* add display_name parameter for backend
* handle display_name in modify template (lonely groups) and error
  message
* fix bug in modify when user is in only one backend
* remove redondant exception in ad/ldap backend
* fix unit test accordingly
* fix License in AD backend (GPLv3 -> MIT, previously tought of using
  samba4 python library which is GPL, but this module finaly uses
  python-ldap which is MIT compatible)
This commit is contained in:
kakwa 2015-07-31 20:08:21 +02:00
parent 8c0cbaac3b
commit efcaad54fc
6 changed files with 35 additions and 27 deletions

View File

@ -72,6 +72,8 @@ roles.file = '/etc/ldapcherry/roles.yml'
# name of the module
ldap.module = 'ldapcherry.backend.backendLdap'
# display name of the ldap
ldap.display_name = 'My Ldap Directory'
# uri of the ldap directory
ldap.uri = 'ldap://ldap.ldapcherry.org'
@ -113,6 +115,8 @@ ldap.dn_user_attr = 'uid'
## Name of the backend
#ad.module = 'ldapcherry.backend.backendAD'
## display name of the ldap
#ldap.display_name = 'My Active Directory'
## ad domain
#ad.domain = 'dc.ldapcherry.org'
## ad login

View File

@ -176,6 +176,7 @@ class LdapCherry(object):
"""
self.backends_params = {}
self.backends = {}
self.backends_display_names = {}
for entry in config['backends']:
# split at the first dot
backend, sep, param = entry.partition('.')
@ -184,6 +185,13 @@ class LdapCherry(object):
self.backends_params[backend] = {}
self.backends_params[backend][param] = value
for backend in self.backends_params:
# get the backend display_name
try:
self.backends_display_names[backend] = \
self.backends_params[backend]['display_name']
except:
self.backends_display_names[backend] = backend
self.backends_params[backend]['display_name'] = backend
params = self.backends_params[backend]
# Loading the backend module
try:
@ -527,7 +535,7 @@ class LdapCherry(object):
try:
tmp = self.backends[b].get_user(username)
except UserDoesntExist as e:
break
tmp = {}
for attr in tmp:
if attr in self.attributes.backend_attributes[b]:
attrid = self.attributes.backend_attributes[b][attr]
@ -1011,7 +1019,7 @@ class LdapCherry(object):
graph=self.roles.graph,
graph_js=graph_js,
roles_js=roles_js,
current_roles=None
current_roles=None,
)
return self.temp_adduser.render(
form=form,
@ -1026,7 +1034,10 @@ class LdapCherry(object):
""" remove user page """
self._check_auth(must_admin=True)
is_admin = self._check_admin()
referer = cherrypy.request.headers['Referer']
try:
referer = cherrypy.request.headers['Referer']
except:
referer = '/'
self._deleteuser(user)
raise cherrypy.HTTPRedirect(referer)
@ -1043,7 +1054,10 @@ class LdapCherry(object):
"</script>"
params = self._parse_params(params)
self._modify(params)
referer = cherrypy.request.headers['Referer']
try:
referer = cherrypy.request.headers['Referer']
except:
referer = '/'
raise cherrypy.HTTPRedirect(referer)
else:
notification = ''
@ -1081,14 +1095,15 @@ class LdapCherry(object):
graph=self.roles.graph,
graph_js=graph_js,
roles_js=roles_js,
current_roles=user_roles
current_roles=user_roles,
)
return self.temp_modify.render(
form=form,
roles=roles,
is_admin=is_admin,
notification=notification,
standalone_groups=user_lonely_groups
standalone_groups=user_lonely_groups,
backends_display_names=self.backends_display_names,
)
@cherrypy.expose

View File

@ -1,7 +1,7 @@
# -*- coding: utf-8 -*-
# vim:set expandtab tabstop=4 shiftwidth=4:
#
# License GPLv3
# License MIT
# LdapCherry
# Copyright (c) 2014 Carpentier Pierre-Francois
@ -17,13 +17,6 @@ import os
import re
class DelUserDontExists(Exception):
def __init__(self, user):
self.user = user
self.log = "cannot remove user, user <%(user)s> does not exist" % \
{'user': user}
class CaFileDontExist(Exception):
def __init__(self, cafile):
self.cafile = cafile
@ -77,6 +70,7 @@ class Backend(ldapcherry.backend.backendLdap.Backend):
self.config = config
self._logger = logger
self.backend_name = name
self.backend_display_name = self.get_param('display_name')
self.domain = self.get_param('domain')
self.login = self.get_param('login')
basedn = 'dc=' + re.sub(r'\.', ',DC=', self.domain)

View File

@ -16,13 +16,6 @@ import os
import re
class DelUserDontExists(Exception):
def __init__(self, user):
self.user = user
self.log = "cannot remove user, user <%(user)s> does not exist" % \
{'user': user}
class CaFileDontExist(Exception):
def __init__(self, cafile):
self.cafile = cafile
@ -42,6 +35,7 @@ class Backend(ldapcherry.backend.Backend):
self.config = config
self._logger = logger
self.backend_name = name
self.backend_display_name = self.get_param('display_name')
self.binddn = self.get_param('binddn')
self.bindpassword = self.get_param('password')
self.ca = self.get_param('ca', False)
@ -332,7 +326,7 @@ class Backend(ldapcherry.backend.Backend):
ldap_client.delete_s(dn)
else:
ldap_client.unbind_s()
raise DelUserDontExists(username)
raise UserDoesntExist(username, self.backend_display_name)
ldap_client.unbind_s()
def set_attrs(self, username, attrs):
@ -423,7 +417,7 @@ class Backend(ldapcherry.backend.Backend):
}
)
except ldap.NO_SUCH_OBJECT as e:
raise GroupDoesntExist(group, self.backend_name)
raise GroupDoesntExist(group, self.backend_display_name)
except Exception as e:
ldap_client.unbind_s()
self._exception_handler(e)
@ -493,7 +487,7 @@ class Backend(ldapcherry.backend.Backend):
ret = {}
tmp = self._get_user(username, ALL_ATTRS)
if tmp is None:
raise UserDoesntExist(username, self.backend_name)
raise UserDoesntExist(username, self.backend_display_name)
attrs_tmp = tmp[1]
for attr in attrs_tmp:
value_tmp = attrs_tmp[attr]

View File

@ -37,7 +37,7 @@
% for group in standalone_groups[backend]:
<tr>
<td>
${backend}
${backends_display_names[backend]}
</td>
<td>
${group}

View File

@ -7,7 +7,7 @@ from __future__ import unicode_literals
import pytest
import sys
from sets import Set
from ldapcherry.backend.backendLdap import Backend, DelUserDontExists, CaFileDontExist
from ldapcherry.backend.backendLdap import Backend, CaFileDontExist
from ldapcherry.exceptions import *
from disable import travis_disabled
import cherrypy
@ -31,6 +31,7 @@ cfg = {
'dn_user_attr' : 'uid',
'group_attr.member' : "%(dn)s",
'timeout' : 10,
'display_name' : 'My Test Ldap',
}
def syslog_error(msg='', context='',
@ -228,7 +229,7 @@ class TestError(object):
try:
inv.del_user('test')
inv.del_user('test')
except DelUserDontExists:
except UserDoesntExist:
return
else:
raise AssertionError("expected an exception")