def addChild(self, rdn, attributes): self._checkState() a = [] if attributes.get('objectClass', None): a.append(('objectClass', attributes['objectClass'])) del attributes['objectClass'] attributes = a + sorted(attributes.items()) del a rdn = distinguishedname.RelativeDistinguishedName(rdn) dn = distinguishedname.DistinguishedName(listOfRDNs=(rdn, ) + self.dn.split()) ldapAttrs = [] for attrType, values in attributes: ldapAttrType = pureldap.LDAPAttributeDescription(attrType) lst = [] for value in values: if (isinstance(value, six.text_type)): value = value.encode('utf-8') lst.append(pureldap.LDAPAttributeValue(value)) ldapValues = pureber.BERSet(lst) ldapAttrs.append((ldapAttrType, ldapValues)) op = pureldap.LDAPAddRequest(entry=dn.getText(), attributes=ldapAttrs) d = self.client.send(op) d.addCallback(self._cbAddDone, dn) return d
def test_add_fail_existsAlready(self): self.server.dataReceived( pureldap.LDAPMessage( pureldap.LDAPAddRequest( entry=self.thingie.dn.getText(), attributes=[ ( pureldap.LDAPAttributeDescription("objectClass"), pureber.BERSet( value=[ pureldap.LDAPAttributeValue('something'), ]) ) ]), id=2).toWire()) self.assertEqual( self.server.transport.value(), pureldap.LDAPMessage( pureldap.LDAPAddResponse( resultCode=ldaperrors.LDAPEntryAlreadyExists.resultCode, errorMessage=self.thingie.dn.getText()), id=2).toWire()) # tree did not change d = self.stuff.children() d.addCallback(lambda actual: six.assertCountEqual( self, actual, [self.thingie, self.another])) return d
def test_add_success(self): dn = 'cn=new,ou=stuff,dc=example,dc=com' self.server.dataReceived( str( pureldap.LDAPMessage(pureldap.LDAPAddRequest( entry=dn, attributes=[ (pureldap.LDAPAttributeDescription("objectClass"), pureber.BERSet( value=[pureldap.LDAPAttributeValue('something')])) ]), id=2))) self.assertEquals( self.server.transport.value(), str( pureldap.LDAPMessage(pureldap.LDAPAddResponse( resultCode=ldaperrors.Success.resultCode), id=2))) # tree changed d = self.stuff.children() d.addCallback(self.assertItemsEqual, [ self.thingie, self.another, inmemory.ReadOnlyInMemoryLDAPEntry( 'cn=new,ou=stuff,dc=example,dc=com', {'objectClass': ['something']}) ]) return d
def entry_to_attribs_(self, entry): """ Convert a simple mapping to the data structures required for an entry in the DIT. Returns: (dn, attributes) """ attribs = {} dn = None for prop, value in entry.items(): if prop == 'dn': dn = value.encode('utf-8') continue msg = ("Account template value should be an iterable: " "prop='{}', value='{}'").format(prop, value) assert iterable_not_string(value), msg attribs[prop] = set(value) if dn is None: raise Exception("Entry needs to include key, `dn`!") ldap_attrs = [] for attrib, values in attribs.items(): ldap_attrib_type = pureldap.LDAPAttributeDescription(attrib) l = [] for value in values: if (isinstance(value, unicode)): value = value.encode('utf-8') l.append(pureldap.LDAPAttributeValue(value)) ldap_values = pureber.BERSet(l) ldap_attrs.append((ldap_attrib_type, ldap_values)) return dn, ldap_attrs
def entry_to_attributes(entry): """ Convert a simple mapping to the data structures required for an entry in the DIT. Returns: (dn, attributes) """ attributes = {} dn = None for prop, value in entry.items(): if prop == "dn": dn = value continue attributes.setdefault(prop, set()).add(value) if dn is None: raise Exception("Entry needs to include key, `dn`!") ldap_attributes = [] for attrib, values in attributes.items(): ldap_attribute_type = pureldap.LDAPAttributeDescription(attrib) ldap_attribute_values = [] for value in values: ldap_attribute_values.append(pureldap.LDAPAttributeValue(value)) ldap_values = pureber.BERSet(ldap_attribute_values) ldap_attributes.append((ldap_attribute_type, ldap_values)) return dn, ldap_attributes
def test_add_success(self): dn = "cn=new,ou=stuff,dc=example,dc=com" self.server.dataReceived( pureldap.LDAPMessage( pureldap.LDAPAddRequest( entry=dn, attributes=[( pureldap.LDAPAttributeDescription("objectClass"), pureber.BERSet( value=[pureldap.LDAPAttributeValue("something")]), )], ), id=2, ).toWire()) self.assertEqual( self.server.transport.value(), pureldap.LDAPMessage(pureldap.LDAPAddResponse( resultCode=ldaperrors.Success.resultCode), id=2).toWire(), ) # tree changed d = self.stuff.children() d.addCallback(lambda actual: self.assertCountEqual( actual, [ self.thingie, self.another, inmemory.ReadOnlyInMemoryLDAPEntry( b"cn=new,ou=stuff,dc=example,dc=com", {b"objectClass": [b"something"]}, ), ], )) return d
def asLDAP(self): if self._LDAP_OP is None: raise NotImplementedError("%s.asLDAP not implemented" % self.__class__.__name__) return str( pureber.BERSequence([ pureber.BEREnumerated(self._LDAP_OP), pureber.BERSequence([ pureldap.LDAPAttributeDescription(self.key), pureber.BERSet(map(pureldap.LDAPString, list(self))), ]), ]))
def addChild(self, rdn, attributes): self._checkState() rdn = distinguishedname.RelativeDistinguishedName(rdn) dn = distinguishedname.DistinguishedName(listOfRDNs=(rdn, ) + self.dn.split()) ldapAttrs = [] for attrType, values in attributes.items(): ldapAttrType = pureldap.LDAPAttributeDescription(attrType) l = [] for value in values: l.append(pureldap.LDAPAttributeValue(value)) ldapValues = pureber.BERSet(l) ldapAttrs.append((ldapAttrType, ldapValues)) op = pureldap.LDAPAddRequest(entry=str(dn), attributes=ldapAttrs) d = self.client.send(op) d.addCallback(self._cbAddDone, dn) return d
def asLDAP(self): if self._LDAP_OP is None: raise NotImplementedError("%s.asLDAP not implemented" % self.__class__.__name__) tmplist = list(self) newlist = [] for x in range(len(tmplist)): if (isinstance(tmplist[x], unicode)): value = tmplist[x].encode('utf-8') newlist.append(value) else: value = tmplist[x] newlist.append(value) return str(pureber.BERSequence([ pureber.BEREnumerated(self._LDAP_OP), pureber.BERSequence([ pureldap.LDAPAttributeDescription(self.key), pureber.BERSet(map(pureldap.LDAPString, newlist)), ]), ]))
class KnownValues(unittest.TestCase): knownValues = ( # class, args, kwargs, expected_result (pureldap.LDAPModifyRequest, [], { "object": 'cn=foo, dc=example, dc=com', "modification": [ pureber.BERSequence([ pureber.BEREnumerated(0), pureber.BERSequence([ pureldap.LDAPAttributeDescription('bar'), pureber.BERSet([ pureldap.LDAPString('a'), pureldap.LDAPString('b'), ]), ]), ]), ], }, None, [0x66, 50] + ([0x04, 0x1a] + l("cn=foo, dc=example, dc=com") + [0x30, 20] + ([0x30, 18] + ([0x0a, 0x01, 0x00] + [0x30, 13] + ([0x04, len("bar")] + l("bar") + [0x31, 0x06] + ([0x04, len("a")] + l("a") + [0x04, len("b")] + l("b"))))))), (pureldap.LDAPModifyRequest, [], { "object": 'cn=foo, dc=example, dc=com', "modification": [ pureber.BERSequence([ pureber.BEREnumerated(1L), pureber.BERSequence([ pureber.BEROctetString('bar'), pureber.BERSet([]), ]), ]), ], }, None, [0x66, 0x2c] + ([0x04, 0x1a] + l("cn=foo, dc=example, dc=com") + [0x30, 0x0e] + ([0x30, 0x0c] + ([0x0a, 0x01, 0x01] + [0x30, 0x07] + ([0x04, 0x03] + l("bar") + [0x31, 0x00]))))), (pureldap.LDAPFilter_not, [], { "value": pureldap.LDAPFilter_present("foo"), }, pureldap.LDAPBERDecoderContext_Filter( fallback=pureber.BERDecoderContext()), [0xa2, 0x05] + [0x87] + [len("foo")] + l("foo")), ( pureldap.LDAPFilter_or, [], { "value": [ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value='cn'), assertionValue=pureldap.LDAPAssertionValue( value='foo')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value='uid'), assertionValue=pureldap.LDAPAssertionValue( value='foo')), ] }, pureldap.LDAPBERDecoderContext_Filter( fallback=pureber.BERDecoderContext()), [0xa1, 23] + [0xa3, 9] + [0x04] + [len("cn")] + l("cn") + [0x04] + [len("foo")] + l("foo") + [0xa3, 10] + [0x04] + [len("uid")] + l("uid") + [0x04] + [len("foo")] + l("foo"), ), ( pureldap.LDAPFilter_and, [], { "value": [ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value='cn'), assertionValue=pureldap.LDAPAssertionValue( value='foo')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value='uid'), assertionValue=pureldap.LDAPAssertionValue( value='foo')), ] }, pureldap.LDAPBERDecoderContext_Filter( fallback=pureber.BERDecoderContext()), [0xa0, 23] + [0xa3, 9] + [0x04] + [len("cn")] + l("cn") + [0x04] + [len("foo")] + l("foo") + [0xa3, 10] + [0x04] + [len("uid")] + l("uid") + [0x04] + [len("foo")] + l("foo"), ), (pureldap.LDAPModifyDNRequest, [], { 'entry': 'cn=foo,dc=example,dc=com', 'newrdn': 'uid=bar', 'deleteoldrdn': 0, }, None, [0x6c, 0x26] + [0x04] + [len("cn=foo,dc=example,dc=com")] + l("cn=foo,dc=example,dc=com") + [0x04] + [len("uid=bar")] + l("uid=bar") + [0x01, 0x01, 0x00]), (pureldap.LDAPModifyDNRequest, [], { 'entry': 'cn=aoue,dc=example,dc=com', 'newrdn': 'uid=aoue', 'deleteoldrdn': 0, 'newSuperior': 'ou=People,dc=example,dc=com', }, None, [0x6c, 69] + [0x04] + [len("cn=aoue,dc=example,dc=com")] + l("cn=aoue,dc=example,dc=com") + [0x04] + [len("uid=aoue")] + l("uid=aoue") + [0x01, 0x01, 0x00] + [0x80] + [len("ou=People,dc=example,dc=com")] + l("ou=People,dc=example,dc=com")), ( pureldap.LDAPSearchRequest, [], { 'baseObject': 'dc=yoja,dc=example,dc=com', }, None, [0x63, 57] + [0x04] + [len('dc=yoja,dc=example,dc=com')] + l('dc=yoja,dc=example,dc=com') # scope + [0x0a, 1, 2] # derefAliases + [0x0a, 1, 0] # sizeLimit + [0x02, 1, 0] # timeLimit + [0x02, 1, 0] # typesOnly + [0x01, 1, 0] # filter + [135, 11] + l('objectClass') # attributes + [48, 0]), (pureldap.LDAPUnbindRequest, [], {}, None, [0x42, 0x00]), ( pureldap.LDAPSearchResultDone, [], { 'resultCode': 0, }, None, [0x65, 0x07] # resultCode + [0x0a, 0x01, 0x00] # matchedDN + [0x04] + [len('')] + l('') # errorMessage + [0x04] + [len('')] + l('') # referral, TODO + []), ( pureldap.LDAPSearchResultDone, [], { 'resultCode': 0, 'matchedDN': 'dc=foo,dc=example,dc=com', }, None, [0x65, 31] # resultCode + [0x0a, 0x01, 0x00] # matchedDN + [0x04] + [len('dc=foo,dc=example,dc=com')] + l('dc=foo,dc=example,dc=com') # errorMessage + [0x04] + [len('')] + l('') # referral, TODO + []), ( pureldap.LDAPSearchResultDone, [], { 'resultCode': 0, 'matchedDN': 'dc=foo,dc=example,dc=com', 'errorMessage': 'the foobar was fubar', }, None, [0x65, 51] # resultCode + [0x0a, 0x01, 0x00] # matchedDN + [0x04] + [len('dc=foo,dc=example,dc=com')] + l('dc=foo,dc=example,dc=com') # errorMessage + [0x04] + [len('the foobar was fubar')] + l('the foobar was fubar', ) # referral, TODO + []), ( pureldap.LDAPSearchResultDone, [], { 'resultCode': 0, 'errorMessage': 'the foobar was fubar', }, None, [0x65, 27] # resultCode + [0x0a, 0x01, 0x00] # matchedDN + [0x04] + [len('')] + l('') # errorMessage + [0x04] + [len('the foobar was fubar')] + l('the foobar was fubar', ) # referral, TODO + []), ( pureldap.LDAPMessage, [], { 'id': 42, 'value': pureldap.LDAPBindRequest(), }, pureldap.LDAPBERDecoderContext_TopLevel( inherit=pureldap.LDAPBERDecoderContext_LDAPMessage( fallback=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()), inherit=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()))), [0x30, 12] # id + [0x02, 0x01, 42] # value + l(str(pureldap.LDAPBindRequest()))), ( pureldap.LDAPControl, [], { 'controlType': '1.2.3.4', }, None, [0x30, 9] # controlType + [0x04, 7] + l("1.2.3.4")), ( pureldap.LDAPControl, [], { 'controlType': '1.2.3.4', 'criticality': True, }, None, [0x30, 12] # controlType + [0x04, 7] + l("1.2.3.4") # criticality + [0x01, 1, 0xFF]), ( pureldap.LDAPControl, [], { 'controlType': '1.2.3.4', 'criticality': True, 'controlValue': 'silly', }, None, [0x30, 19] # controlType + [0x04, 7] + l("1.2.3.4") # criticality + [0x01, 1, 0xFF] # controlValue + [0x04, len("silly")] + l("silly")), ( pureldap.LDAPMessage, [], { 'id': 42, 'value': pureldap.LDAPBindRequest(), 'controls': [ ('1.2.3.4', None, None), ('2.3.4.5', False), ('3.4.5.6', True, '\x00\x01\x02\xFF'), ], }, pureldap.LDAPBERDecoderContext_TopLevel( inherit=pureldap.LDAPBERDecoderContext_LDAPMessage( fallback=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()), inherit=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()))), [0x30, 59] # id + [0x02, 0x01, 42] # value + l(str(pureldap.LDAPBindRequest())) # controls + l( str( pureldap.LDAPControls(value=[ pureldap.LDAPControl(controlType='1.2.3.4'), pureldap.LDAPControl(controlType='2.3.4.5', criticality=False), pureldap.LDAPControl(controlType='3.4.5.6', criticality=True, controlValue='\x00\x01\x02\xFF'), ]))), ), (pureldap.LDAPFilter_equalityMatch, [], { 'attributeDesc': pureldap.LDAPAttributeDescription('cn'), 'assertionValue': pureldap.LDAPAssertionValue('foo'), }, pureldap.LDAPBERDecoderContext_Filter( fallback=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()), inherit=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext())), [0xa3, 9] + ([0x04, 2] + l('cn') + [0x04, 3] + l('foo'))), (pureldap.LDAPFilter_or, [[ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('cn'), assertionValue=pureldap.LDAPAssertionValue('foo')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('uid'), assertionValue=pureldap.LDAPAssertionValue('foo')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('mail'), assertionValue=pureldap.LDAPAssertionValue('foo')), pureldap.LDAPFilter_substrings( type='mail', substrings=[pureldap.LDAPFilter_substrings_initial('foo@')]), ]], {}, pureldap.LDAPBERDecoderContext_Filter( fallback=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()), inherit=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext())), [0xA1, 52] + ([0xa3, 9] + ([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] + ([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] + ([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] + ([0x04, 4] + l('mail') + [0x30, 6] + ([0x80, 4] + l('foo@'))))), (pureldap.LDAPSearchRequest, [], { 'baseObject': 'dc=example,dc=com', 'scope': pureldap.LDAP_SCOPE_wholeSubtree, 'derefAliases': pureldap.LDAP_DEREF_neverDerefAliases, 'sizeLimit': 1, 'timeLimit': 0, 'typesOnly': False, 'filter': pureldap.LDAPFilter_or([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('cn'), assertionValue=pureldap.LDAPAssertionValue('foo')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('uid'), assertionValue=pureldap.LDAPAssertionValue('foo')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('mail'), assertionValue=pureldap.LDAPAssertionValue('foo')), pureldap.LDAPFilter_substrings( type='mail', substrings=[ pureldap.LDAPFilter_substrings_initial('foo@') ]), ]), 'attributes': [''], }, pureldap.LDAPBERDecoderContext_LDAPMessage( fallback=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()), inherit=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext())), [0x63, 92] + ([0x04, 17] + l('dc=example,dc=com') + [0x0a, 1, 0x02] + [0x0a, 1, 0x00] + [0x02, 1, 0x01] + [0x02, 1, 0x00] + [0x01, 1, 0x00] + [0xA1, 52] + ([0xa3, 9] + ([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] + ([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] + ([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] + ([0x04, 4] + l('mail') + [0x30, 6] + ([0x80, 4] + l('foo@')))) + [0x30, 2] + ([0x04, 0]))), ( pureldap.LDAPMessage, [], { 'id': 1L, 'value': pureldap.LDAPSearchRequest( baseObject='dc=example,dc=com', scope=pureldap.LDAP_SCOPE_wholeSubtree, derefAliases=pureldap.LDAP_DEREF_neverDerefAliases, sizeLimit=1, timeLimit=0, typesOnly=False, filter=pureldap.LDAPFilter_or([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( 'cn'), assertionValue=pureldap.LDAPAssertionValue('foo')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( 'uid'), assertionValue=pureldap.LDAPAssertionValue('foo')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( 'mail'), assertionValue=pureldap.LDAPAssertionValue('foo')), pureldap.LDAPFilter_substrings( type='mail', substrings=[ pureldap.LDAPFilter_substrings_initial('foo@') ]), ]), attributes=[''], ), }, pureldap.LDAPBERDecoderContext_TopLevel( inherit=pureldap.LDAPBERDecoderContext_LDAPMessage( fallback=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()), inherit=pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()))), [0x30, 97] # id + [0x02, 1, 1] # value + [0x63, 92] + ([0x04, 17] + l('dc=example,dc=com') + [0x0a, 1, 0x02] + [0x0a, 1, 0x00] + [0x02, 1, 0x01] + [0x02, 1, 0x00] + [0x01, 1, 0x00] + [0xA1, 52] + ([0xa3, 9] + ([0x04, 2] + l('cn') + [0x04, 3] + l('foo')) + [0xa3, 10] + ([0x04, 3] + l('uid') + [0x04, 3] + l('foo')) + [0xa3, 11] + ([0x04, 4] + l('mail') + [0x04, 3] + l('foo')) + [0xa4, 14] + ([0x04, 4] + l('mail') + [0x30, 6] + ([0x80, 4] + l('foo@')))) + [0x30, 2] + ([0x04, 0]))), (pureldap.LDAPExtendedRequest, [], { 'requestName': '42.42.42', 'requestValue': 'foo', }, None, [0x40 | 0x20 | 23, 1 + 1 + 8 + 1 + 1 + 3] + ([0x80 | 0] + [len('42.42.42')] + l('42.42.42')) + ([0x80 | 1] + [len('foo')] + l('foo'))), ) def testToLDAP(self): """str(LDAPClass(...)) should give known result with known input""" for klass, args, kwargs, decoder, encoded in self.knownValues: result = klass(*args, **kwargs) result = str(result) result = map(ord, result) if result != encoded: raise AssertionError, \ "Class %s(*%s, **%s) doesn't encode properly: " \ "%s != %s" % (klass.__name__, repr(args), repr(kwargs), repr(result), repr(encoded)) def testFromLDAP(self): """LDAPClass(encoded="...") should give known result with known input""" for klass, args, kwargs, decoder, encoded in self.knownValues: if decoder is None: decoder = pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()) m = s(*encoded) result, bytes = pureber.berDecodeObject(decoder, m) self.assertEquals(bytes, len(m)) shouldBe = klass(*args, **kwargs) #TODO shouldn't use str below assert str(result)==str(shouldBe), \ "Class %s(*%s, **%s) doesn't decode properly: " \ "%s != %s" % (klass.__name__, repr(args), repr(kwargs), repr(result), repr(shouldBe)) def testPartial(self): """LDAPClass(encoded="...") with too short input should throw BERExceptionInsufficientData""" for klass, args, kwargs, decoder, encoded in self.knownValues: if decoder is None: decoder = pureldap.LDAPBERDecoderContext( fallback=pureber.BERDecoderContext()) for i in xrange(1, len(encoded)): m = s(*encoded)[:i] self.assertRaises(pureber.BERExceptionInsufficientData, pureber.berDecodeObject, decoder, m) self.assertEquals((None, 0), pureber.berDecodeObject(decoder, ''))