Beispiel #1
0
 def search_groups(self, name, exact=False):
     with ldap_context(self.ldap_settings):
         search_filter = build_group_search_filter({self.ldap_settings['gid']: {name}}, exact=exact)
         if not search_filter:
             raise GroupRetrievalFailed("Unable to generate search filter from criteria")
         for group_dn, group_data in self._search_groups(search_filter):
             yield self.group_class(self, group_data.get(self.ldap_settings['gid'])[0], group_dn)
Beispiel #2
0
 def search_groups(self, name, exact=False):
     with ldap_context(self.ldap_settings):
         search_filter = build_group_search_filter(
             {self.ldap_settings['gid']: {name}}, exact=exact)
         if not search_filter:
             raise GroupRetrievalFailed(
                 "Unable to generate search filter from criteria")
         for group_dn, group_data in self._search_groups(search_filter):
             yield self.group_class(
                 self,
                 group_data.get(self.ldap_settings['gid'])[0], group_dn)
Beispiel #3
0
 def get_members(self):
     with ldap_context(self.ldap_settings):
         group_dns = self._iter_group()
         group_dn = next(group_dns)
         while group_dn:
             user_filter = build_user_search_filter({self.ldap_settings['member_of_attr']: {group_dn}}, exact=True)
             for _, user_data in self.provider._search_users(user_filter):
                 yield IdentityInfo(self.provider, identifier=user_data[self.ldap_settings['uid']][0],
                                    **to_unicode(user_data))
             group_filter = build_group_search_filter({self.ldap_settings['member_of_attr']: {group_dn}}, exact=True)
             subgroups = list(self.provider._search_groups(group_filter))
             group_dn = group_dns.send(subgroups)
Beispiel #4
0
 def search_groups(self, name, exact=False):
     with ldap_context(self.ldap_settings):
         search_filter = build_group_search_filter(
             {self.ldap_settings['gid']: {name}}, exact=exact)
         if not search_filter:
             raise GroupRetrievalFailed(
                 "Unable to generate search filter from criteria",
                 provider=self)
         for group_dn, group_data in self._search_groups(search_filter):
             group_name = to_unicode(
                 group_data[self.ldap_settings['gid']][0])
             yield self.group_class(self, group_name, group_dn)
Beispiel #5
0
 def get_members(self):
     with ldap_context(self.ldap_settings):
         group_dns = self._iter_group()
         group_dn = next(group_dns)
         while group_dn:
             user_filter = build_user_search_filter(
                 {self.ldap_settings['member_of_attr']: {group_dn}},
                 exact=True)
             for _, user_data in self.provider._search_users(user_filter):
                 yield IdentityInfo(
                     self.provider,
                     identifier=user_data[self.ldap_settings['uid']][0],
                     **to_unicode(user_data))
             group_filter = build_group_search_filter(
                 {self.ldap_settings['member_of_attr']: {group_dn}},
                 exact=True)
             subgroups = list(self.provider._search_groups(group_filter))
             group_dn = group_dns.send(subgroups)
Beispiel #6
0
 def get_identity_groups(self, identifier):
     groups = set()
     with ldap_context(self.ldap_settings):
         user_dn, user_data = get_user_by_id(identifier, self._attributes)
         if not user_dn:
             return set()
         if self.ldap_settings['ad_group_style']:
             for sid in get_token_groups_from_user_dn(user_dn):
                 search_filter = build_group_search_filter(
                     {'objectSid': {sid}}, exact=True)
                 for group_dn, group_data in self._search_groups(
                         search_filter):
                     group_name = to_unicode(
                         group_data[self.ldap_settings['gid']][0])
                     groups.add(self.group_class(self, group_name,
                                                 group_dn))
         else:
             # OpenLDAP does not have a way to get all groups for a user including nested ones
             raise NotImplementedError(
                 'Only available for active directory')
     return groups