def profile():
with Connection(server,
current_user.dn,
current_user.get_password(),
auto_bind=True) as conn:
person = ObjectDef(["inetOrgPerson"], conn)
r = Reader(conn, person, current_user.dn)
r.search()
# print(r[0].entry_attributes_as_dict)
form = ProfileForm(request.form, obj=current_user)
if request.method == "POST" and form.validate():
w = Writer.from_cursor(r)
# print(w[0].entry_attributes_as_dict)
current_user.email = form.email.data
current_user.vorname = form.vorname.data
current_user.nachname = form.nachname.data
w[0].givenName = current_user.vorname
w[0].sn = current_user.nachname
w[0].mail = current_user.email
result = w[0].entry_commit_changes(refresh=True, controls=None)
if result:
flash(u"Profiländerung erfolgreich", "success")
return redirect(url_for("index"))
else:
flash(u"Profiländerung nicht erfolgreich", "danger")
return render_template(
"/admin/changeprofile.html",
form=form,
user=current_user,
title=u"Profiländerung",
)
def test_read_entry_with_attribute_from_auxiliary_class(self):
if test_server_type != 'AD':
w = Writer(self.connection,
'inetorgperson',
auxiliary_class='homeInfo')
n = w.new('cn=' + testcase_id + 'new-3,' + test_base)
n.sn = 'sn-test-3'
n.homeState = 'state-test-3'
self.assertEqual(n.entry_status, STATUS_PENDING_CHANGES)
n.entry_commit_changes()
self.assertEqual(n.sn, 'sn-test-3')
self.assertEqual(n.homeState, 'state-test-3')
self.assertEqual(n.entry_status, STATUS_COMMITTED)
r = Reader(self.connection,
'inetorgperson',
test_base,
'(cn=' + testcase_id + 'new-3',
auxiliary_class='homeInfo')
r.search()
self.assertTrue(r[0].cn, testcase_id + 'new-3')
self.assertTrue(r[0].homeState, testcase_id + 'state-test-3')
w1 = Writer.from_cursor(r)
w1[0].entry_delete()
w1.commit()
def delete(self):
ldap_server = Server(host=self.server.server_host,
port=self.server.server_port,
use_ssl=self.server.start_tls,
get_info=ALL)
connection = Connection(server=ldap_server,
user=self.server.admin_username,
password=self.server.admin_password,
raise_exceptions=True,
authentication=NTLM)
connection.bind()
query = 'cn: {}'.format(self.group.name, )
cursor_reader = Reader(connection,
self.obj,
self.server.search_base,
query=query)
cursor_reader.search()
cursor_writer = Writer.from_cursor(cursor_reader)
if cursor_reader.entries:
ldap_group = cursor_writer[0]
ldap_group.entry_delete()
ldap_group.entry_commit_changes()
connection.unbind()
def reset_password(self):
ldap_server = Server(host=self.server.server_host,
port=self.server.server_port,
use_ssl=self.server.start_tls,
get_info=ALL)
connection = Connection(server=ldap_server,
user=self.server.admin_username,
password=self.server.admin_password,
raise_exceptions=True,
authentication=NTLM)
connection.bind()
cursor_reader = Reader(connection,
self.person,
self.server.search_base,
query=self.query)
cursor_reader.search()
cursor_writer = Writer.from_cursor(cursor_reader)
if cursor_reader.entries:
ldap_user = cursor_writer[0]
self._reset_password(connection, ldap_user)
ldap_user.entry_commit_changes()
connection.unbind()
def user_factory(self, username: str, password: str, db) -> Optional[User]:
connection = self._get_connection(username, password)
# Attempting auth
if not connection.bind():
return None
search_filter = config.LDAP_SEARCH_FILTER
connection.search(self.base_dn, (search_filter % username))
user_dn = connection.response[0]['dn']
user_obj = ObjectDef('user', connection)
reader = Reader(connection, user_obj, user_dn)
reader.search()
result = reader.entries[0]
# Saving user to db
user = User(username=username, name=str(result.name))
user.save(db)
UserLDAP(
id=user.id,
title=str(result.title),
department=str(result.department),
company=str(result.company),
).save(db)
return user
def test_paged_search_accumulator_with_schema_base_object(self):
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'mat-1'))
r = Reader(self.connection, 'inetorgperson',
self.delete_at_teardown[0][0])
entries = r.search_paged(2, True, generator=False, attributes=['cn'])
self.assertEqual(len(entries), 1)
def query_user(conn, obj_user, user, group, tempList):
try:
r = Reader(conn, obj_user, user)
result = r.search_subtree()
ldapUserPN = str(result[0]['userPrincipalName']).lower()
email = str(result[0]['mail']).lower()
ldapUserDisplayName = str(result[0]['displayName'])
ldapUsername = f'{ldapUserPN.split("@")[-1].split(".")[0]}\\{ldapUserPN.split("@")[0]}'
ldapUserNoDomain = ldapUserPN.split('@')[0]
ldapGroupDN = group
ldapGroupCN = group.split(',')[0].strip('CN=')
tempList['ldapUsers'].append({
'ldapUsername': ldapUsername,
'ldapUserPN': ldapUserPN,
'ldapUserNoDomain': ldapUserNoDomain,
'ldapUserDisplayName': ldapUserDisplayName,
'email': email,
'ldapGroupDN': ldapGroupDN,
'ldapGroupCN': ldapGroupCN
})
print(f'Adding {email} to tempList')
return
except Exception as e:
print(f'Error with user: {user}')
print(str(e))
def test_search_object(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abstract-1'))
o = ObjectDef(['inetorgPerson', 'person'], self.connection)
r = Reader(self.connection, o, test_base, '(cn=' + testcase_id + 'abstract-1)')
r.search(attributes='cn') # AD returns operationError for reading some atributes
self.assertEqual(len(r), 1)
self.assertEqual(r.entries[0].cn, testcase_id + 'abstract-1')
def Verify():
print()
print('v : verify password', d)
print()
userinput_cn = input(
'please enter the Common Name of the dn-entry you want to check the password : '******'please enter the password stored in attribute \'userPassword\' : ')
print()
entrydn = ('cn=' + userinput_cn + ',' + d)
r = Reader(c, o, entrydn)
r.search()
# dn is unique so we take the first list of attributes and extract userPassword
hash_from_DIT = (r[0].userPassword.value.decode().strip("{CRYPT}"))
if hmac.compare_digest(crypt.crypt(userinput_pwd, hash_from_DIT),
hash_from_DIT):
print()
print("SUCCESS, the password matches")
print()
else:
print()
print("FAILED, the password doesn't match")
print()
def get_object(self, ObjectClass, id):
if not id:
return None
reader = Reader(ldap_conn, object_def=obj_inetorgperson, base=id)
entries = reader.search()
return User(entries[0]) if len(entries) > 0 else None
def test_find_entry_with_text_index_match(self):
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'mat-1'))
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'mat-2'))
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'mat-3'))
o = ObjectDef('inetOrgPerson')
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef(test_multivalued_attribute, 'Given Name')
query_text = 'Common Name:=' + testcase_id + 'mat-*'
r = Reader(self.connection, o, test_base, query_text)
results = r.search()
self.assertEqual(len(results), 3)
try: # multiple matches
e = r['match']
except KeyError:
pass
e = r['-2'] # exact match
self.assertTrue('mat-2' in e.entry_dn)
try:
e = r['no-match'] # no match
except KeyError:
pass
def test_match_in_single_attribute_with_schema(self):
self.delete_at_teardown.append(
add_user(self.connection,
testcase_id,
'mat-1',
attributes={test_singlevalued_attribute: 'FALSE'}))
self.delete_at_teardown.append(
add_user(self.connection,
testcase_id,
'mat-2',
attributes={test_singlevalued_attribute: 'FALSE'}))
self.delete_at_teardown.append(
add_user(self.connection,
testcase_id,
'mat-3',
attributes={test_singlevalued_attribute: 'TRUE'}))
r = Reader(self.connection, 'inetorgperson', test_base,
'cn:=' + testcase_id + 'mat-*')
results = r.search()
self.assertEqual(len(results), 3)
e = r.match(test_singlevalued_attribute, 'FALSE')
self.assertEqual(len(e), 2)
e = r.match(test_singlevalued_attribute, 'fAlSe')
self.assertEqual(len(e), 2)
def test_find_entry_with_text_index_match(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3'))
o = ObjectDef('inetOrgPerson')
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef(test_multivalued_attribute, 'Given Name')
query_text = 'Common Name:=' + testcase_id + 'mat-*'
r = Reader(self.connection, o, test_base, query_text)
results = r.search()
self.assertEqual(len(results), 3)
try: # multiple matches
e = r['match']
except KeyError:
pass
e = r['-2'] # exact match
self.assertTrue('mat-2' in e.entry_dn)
try:
e = r['no-match'] # no match
except KeyError:
pass
def read_accounts_():
"""
Lit la liste des comptes depuis l'annuaire LDAP.
:return: un dictionnaire contenant les comptes; les EPPN sont \
utilisés comme clés.
"""
people_dn = cfg.get('ldap', 'people-dn')
mail_domain = '@{}'.format(cfg.get('ldap', 'mail-domain'))
obj_person = get_def_(cfg.get_list('ldap-people-classes'))
from ldap3 import Reader
reader = Reader(ldap_conn, obj_person, people_dn, query)
cursor = reader.search_paged(10, True)
all_uids = set()
accounts = {}
# On lit les comptes, en se limitant si nécessaire via la
# variable de configuration 'limit'
limit = int(cfg.get('ldap', 'limit', 0))
if limit > 0:
Logging('ldap').warning(
'synchronisation limitée à {} comptes'.format(limit))
for entry in cursor:
all_uids.add(str(entry.uid))
try:
a = SyncAccount(cfg).from_ldap_entry(entry)
except AttributeError as e:
Logging('ldap').warning(
'Compte LDAP {}: erreur sur attribut {}'.format(
str(entry.uid), str(e)))
continue
# Redirection?
if isinstance(a.ldapMail, str):
a.ldapMail = set([a.ldapMail])
remove = []
for ma in a.ldapMail:
if ma.endswith(mail_domain):
continue
Logging('ldap').info(
('Compte LDAP {}: redirection depuis {} vers ' +
'{} ignorée').format(str(entry.uid), a.mail, ma))
remove.append(ma)
a.ldapMail.difference_update(remove)
if not a.ldapMail:
Logging('ldap').info(
'Compte LDAP {}: purement externe'.format(
entry.uid))
continue
accounts[a.eppn] = a
Logging('ldap').debug('Compte {} chargé'.format(a.eppn))
if len(accounts) == limit:
break
Logging('ldap').info('{} comptes chargés sur {} UIDs'.format(
len(accounts), len(all_uids)))
return (all_uids, accounts)
def test_paged_search_generator_with_schema_base_object(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1'))
r = Reader(self.connection, 'inetorgperson', self.delete_at_teardown[0][0])
entries = r.search_paged(2, True, generator=True, attributes=['cn'])
cont = 0
for _ in entries:
cont += 1
self.assertEqual(cont, 1)
def List():
print()
print('l : lists all entries in', d)
print()
r = Reader(c, o, d)
output = r.search()
print(output)
print()
def test_search_object(self):
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'abstract-1'))
o = ObjectDef(['inetorgPerson', 'person'], self.connection)
r = Reader(self.connection, o, test_base,
'(cn=' + testcase_id + 'abstract-1)')
r.search()
self.assertEqual(len(r), 1)
self.assertEqual(r.entries[0].cn, testcase_id + 'abstract-1')
def test_paged_search_accumulator_with_schema(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-4'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-5'))
r = Reader(self.connection, 'inetorgperson', test_base, 'cn:=' + testcase_id + 'mat-*')
entries = r.search_paged(2, True, generator=False, attributes=['cn'])
self.assertEqual(len(entries), 5)
def test_search_object(self):
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'abstract-1'))
o = ObjectDef(['inetorgPerson', 'person'], self.connection)
r = Reader(self.connection, o, test_base,
'(cn=' + testcase_id + 'abstract-1)')
r.search(attributes='cn'
) # AD returns operationError for reading some atributes
self.assertEqual(len(r), 1)
self.assertEqual(r.entries[0].cn, testcase_id + 'abstract-1')
def test_create_query_filter_single_attribute_single_value(self):
o = ObjectDef()
o += AttrDef('cn', 'Common Name')
query_text = 'Common Name:John'
r = Reader(self.connection, o, test_base, query_text)
r._create_query_filter()
self.assertEqual('(cn=John)', r.query_filter)
def test_search_with_None_default(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-12'))
ou = ObjectDef('inetOrgPerson')
ou += AttrDef('cn', 'CommonName')
ou += AttrDef('employeeType', key='Employee', default=None)
qu = 'CommonName := ' + testcase_id + 'abs-12'
ru = Reader(self.connection, ou, test_base, qu)
lu = ru.search()
self.assertEqual(lu[0].employee.value, None)
def test_create_query_filter_single_attribute_multiple_value(self):
o = ObjectDef()
o += AttrDef('cn', 'Common Name')
query_text = '|Common Name:=john;=Bob'
r = Reader(self.connection, o, test_base, query_text)
r._create_query_filter()
self.assertEqual('(|(cn=Bob)(cn=john))', r.query_filter)
def get_one(cls, name):
"""Fetch a single host (inventory host mode)."""
reader = Reader(connection=_ldap,
query=cls.__attr_name + ":" + name,
base=cls.base,
object_def=cls.__def,
sub_tree=sub(_cfg.hosts))
entries = reader.search(attributes=cls.__attr)
return cls(entries[0])
def process_outbound_entry(queue_entry, ldap_connection):
""" Processes queue_entry and apply changes to the LDAP user/group.
Args:
queue_entry: (dict) A outbound_queue table entry. The mandatory keys in
the dict are:
{
"data": (dict containing current state of LDAP object)
"data_type": (str)
}
ldap_connection: (ldap Connection object) A bound ldap connection object.
Returns:
write_confirmation: (bool) Returns True if a change to LDAP occurred,
returns False if no LDAP changes occurred
"""
distinguished_name = get_distinguished_name(queue_entry)
data_type = queue_entry["data_type"]
if data_type == "group":
sawtooth_entry_filtered = outbound_group_filter(queue_entry["data"], "ldap")
elif data_type == "user":
# Outbound AD user changes is currently not supported
return False
object_def = ObjectDef(data_type, ldap_connection)
reader_cursor = Reader(ldap_connection, object_def, distinguished_name)
reader_cursor.search()
writer_cursor = Writer.from_cursor(reader_cursor)
if reader_cursor.entries:
LOGGER.debug("Updating AD %s: %s", data_type, distinguished_name)
validated_entry = validate_update_entry(sawtooth_entry_filtered, data_type)
# Grab current state of user/group in LDAP
ldap_resource = writer_cursor[0]
# Update AD user/group
for ad_attribute in validated_entry:
ldap_current_value = ldap_resource[ad_attribute].value
if ad_attribute != "distinguishedName" and validated_entry[ad_attribute]:
# Convert member list to list if value is a string
if ad_attribute == "member" and isinstance(ldap_current_value, str):
ldap_current_value = [ldap_current_value]
# Sort lists for comparison
if isinstance(ldap_current_value, list):
ldap_current_value.sort()
validated_entry[ad_attribute].sort()
if ldap_current_value != validated_entry[ad_attribute]:
ldap_resource[ad_attribute] = validated_entry[ad_attribute]
return ldap_resource.entry_commit_changes()
LOGGER.debug("AD %s %s was not found.", data_type, distinguished_name)
return False
def test_search_with_default(self):
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'abstract-member-10'))
ou = ObjectDef('inetOrgPerson')
ou += AttrDef('cn', 'CommonName')
ou += AttrDef('employeeType', key='Employee', default='not employed')
qu = 'CommonName := ' + testcase_id + 'abstract-member-10'
ru = Reader(self.connection, ou, test_base, qu)
lu = ru.search()
self.assertEqual(str(lu[0].employee), 'not employed')
def Read():
print()
print('r : read an entry from', d)
print()
userinput = input(
'please enter the Common Name of the dn-entry you want to read : ')
print()
query = ('cn: ' + userinput)
r = Reader(c, o, d, query)
r.search()
print(r.entries)
print()
def test_validate_query_filter(self):
o = ObjectDef()
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef('givenName', 'Given Name')
query_text = '|Common Name:=john;=Bob, Surname:=smith'
r = Reader(self.connection, o, test_base, query_text)
r._validate_query()
self.assertEqual('Surname: =smith, |CommonName: =Bob;=john', r.validated_query)
def test_create_query_filter(self):
o = ObjectDef()
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef('givenName', 'Given Name')
query_text = '|Common Name:=john;Bob, Surname:=smith'
r = Reader(self.connection, o, test_base, query_text)
r._create_query_filter()
self.assertEqual('(&(sn=smith)(|(cn=Bob)(cn=john)))', r.query_filter)
def search_for_users(basedn):
server = Server(IDIR_URL, get_info=ALL)
#objectClass
conn = Connection(server,
user=current_app.config["LDAP_IDIR_USERNAME"],
password=current_app.config["LDAP_IDIR_PASSWORD"],
authentication=NTLM,
auto_bind=True)
obj_user = ObjectDef('user', conn)
r = Reader(conn, obj_user, basedn)
r.search()
return [x.entry_attributes_as_dict for x in r]
def get_reader_result(self):
query = ','.join(self.query)
ldapc = current_app.extensions.get('ldap_conn')
reader = Reader(connection=ldapc.connection,
object_def=self.object_def,
query=query,
base=self.base_dn,
components_in_and=self.components_in_and,
sub_tree=self.sub_tree,
get_operational_attributes=self.operational_attributes,
controls=None)
reader.search()
return reader.entries
def test_modify_entry_with_attrdef_with_friendly_name(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'new-9', attributes={test_multivalued_attribute: testcase_id + 'friendly-attr-name-1'}))
a = AttrDef(name=test_multivalued_attribute, key='myname')
o = ObjectDef('inetorgperson')
o += a
r = Reader(self.connection, o, test_base, 'myname:=' + testcase_id + 'friendly*')
r.search()
self.assertTrue(r[0].myname, testcase_id + 'friendly-attr-name-1')
w = Writer.from_cursor(r)
e = w[0]
e.myname += 'xyz'
w.commit()
self.assertTrue('xyz' in e.myname)
def find_user_by_username(self, username: str) -> Attribute:
user_def = self.user_def
user_def += [self.uid_attr, self.ldap_user_attr]
person_reader = Reader(self.conn, user_def, self.search_base,
"{}:{}".format(self.ldap_user_attr, username))
results = person_reader.search()
try:
userUid = results[0][self.uid_attr]
except Exception as e:
print("User {} cannot be found".format(username), e)
return
return userUid
def get_user_dn(self, user: User):
uid = user.unique_id
user_def = self.user_def
user_def += self.uid_attr
person_reader = Reader(self.conn, user_def, self.search_base,
"({}={})".format(self.uid_attr, uid))
results = person_reader.search()
try:
dn = results[0].entry_dn
return dn
except IndexError as e:
print("User {} cannot be found".format(user), e)
return
def test_match_in_single_attribute_with_schema(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1', attributes={test_singlevalued_attribute: 'FALSE'}))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2', attributes={test_singlevalued_attribute: 'FALSE'}))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3', attributes={test_singlevalued_attribute: 'TRUE'}))
r = Reader(self.connection, 'inetorgperson', test_base, 'cn:=' + testcase_id + 'mat-*')
results = r.search()
self.assertEqual(len(results), 3)
e = r.match(test_singlevalued_attribute, 'FALSE')
self.assertEqual(len(e), 2)
e = r.match(test_singlevalued_attribute, 'fAlSe')
self.assertEqual(len(e), 2)
def get_reader_result(self):
query = ','.join(self.query)
ldapc = current_app.extensions.get('ldap_conn')
reader = Reader(connection=ldapc.connection,
object_def=self.object_def,
query=query,
base=self.base_dn,
components_in_and=self.components_in_and,
sub_tree=self.sub_tree,
get_operational_attributes=self.operational_attributes,
controls=None)
reader.search()
return reader.entries
def test_read_entry_with_attribute_from_auxiliary_class(self):
w = Writer(self.connection, 'inetorgperson', auxiliary_class='homeInfo')
n = w.new('cn=' + testcase_id + 'new-3,' + test_base)
n.sn = 'sn-test-3'
n.homeState = 'state-test-3'
self.assertEqual(n.entry_status, STATUS_PENDING_CHANGES)
n.entry_commit_changes()
self.assertEqual(n.sn, 'sn-test-3')
self.assertEqual(n.homeState, 'state-test-3')
self.assertEqual(n.entry_status, STATUS_COMMITTED)
r = Reader(self.connection, 'inetorgperson', test_base, '(cn=' + testcase_id + 'new-3', auxiliary_class='homeInfo')
r.search()
self.assertTrue(r[0].cn, testcase_id + 'new-3')
self.assertTrue(r[0].homeState, testcase_id + 'state-test-3')
def test_search_filter_with_object_class(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-1'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-2'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-3'))
self.delete_at_teardown.append(add_group(self.connection, testcase_id, 'abs-grp', self.delete_at_teardown))
reverse = lambda a, e: e[::-1]
o = ObjectDef('inetOrgPerson')
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef(test_multivalued_attribute, 'Given Name', post_query=reverse)
query_text = 'Common Name:=' + testcase_id + 'abs-*'
r = Reader(self.connection, o, test_base, query_text)
results = r.search()
self.assertEqual(len(results), 3)
def test_search_with_pre_query(self):
change = lambda attr, value: testcase_id + 'abs-*'
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-7'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-8'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-9'))
self.delete_at_teardown.append(add_group(self.connection, testcase_id, 'abstract-group', self.delete_at_teardown))
ou = ObjectDef('inetOrgPerson')
ou += AttrDef('cn', 'Common Name', pre_query=change)
ou += AttrDef('sn', 'Surname')
ou += AttrDef(test_multivalued_attribute, 'Given Name')
ou += AttrDef('ACL')
qu = 'Common Name := bug'
ru = Reader(self.connection, ou, test_base, qu)
lu = ru.search()
self.assertEqual(len(lu), 3)
def test_search_with_dereference(self):
reverse = lambda a, e: e[::-1]
def raise_parentheses_rank(_, l):
up = {'(': '[', ')': ']', '[': '{', ']': '}', '{': '<', '}': '>'}
r = []
for e in l:
s = ''
for c in e:
s += up[c] if c in up else c
r.append(s)
return r
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-4'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-5'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-6'))
self.delete_at_teardown.append(add_group(self.connection, testcase_id, 'abstract-group', self.delete_at_teardown))
ou = ObjectDef('inetOrgPerson')
ou += AttrDef('cn', 'Common Name', post_query=reverse)
ou += AttrDef('sn', 'Surname')
ou += AttrDef(test_multivalued_attribute, 'Given Name', post_query=raise_parentheses_rank)
ou += AttrDef('ACL')
qu = 'Common Name: ' + testcase_id + 'abs-*'
ru = Reader(self.connection, ou, test_base, qu)
lu = ru.search()
self.assertEqual(len(lu), 3)
og = ObjectDef('groupOfNames')
og += AttrDef('member', dereference_dn=ou)
og += 'cn'
qg = 'cn := ' + testcase_id + 'abstract-group'
rg = Reader(self.connection, og, test_base, qg)
lg = rg.search()
self.assertEqual(len(lg), 1)
eg = lg[0]
mg = eg.member
self.assertEqual(len(mg), 3)
ug = eg.member[0]
self.assertTrue(str(ug.surname) in ['abs-4', 'abs-5', 'abs-6'])
def test_match_in_single_attribute(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1', attributes={test_multivalued_attribute: ['givenname-1', 'givenname-1a']}))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2', attributes={test_multivalued_attribute: ['givenname-2', 'givenname-2a']}))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3', attributes={test_multivalued_attribute: ['givenname-3', 'givenname-3a']}))
o = ObjectDef('inetOrgPerson')
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef(test_multivalued_attribute, 'Given Name')
query_text = 'Common Name:=' + testcase_id + 'mat-*'
r = Reader(self.connection, o, test_base, query_text)
results = r.search()
self.assertEqual(len(results), 3)
e = r.match('Given Name', 'name') # multiple matches
self.assertEqual(len(e), 3)
e = r.match('Given Name', '2a') # single match
self.assertEqual(len(e), 1)
e = r.match('Given Name', 'no-match') # no match
self.assertEqual(len(e), 0)
from ldap3 import Server, Connection, ObjectDef, AttrDef, Reader, Writer, ALL
server = Server('ipa.demo1.freeipa.org', get_info=ALL)
conn = Connection(server, 'uid=admin,cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org', 'Secret123', auto_bind=True)
obj_person = ObjectDef('person', conn)
print(obj_person)
print(obj_person.sn)
obj_inetorgperson = ObjectDef('inetOrgPerson', conn)
r = Reader(conn, obj_inetorgperson, 'ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org')
print(r)
r.search()
print(r)
print(r[0])
print(r[0].entry_dn)
print(r[0].entry_attributes)
print(r[0].entry_attributes_as_dict)
print(r[0].entry_mandatory_attributes)
print(r[0].entry_to_ldif())
print(r[0].entry_to_json(include_empty=False))
print(obj_person)
obj_person += 'uid'
print(obj_person)
r = Reader(conn, obj_person, 'cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org', 'uid:=admin')
print(r)
r.search()
print(r[0])
obj_person = ObjectDef(['person', 'posixaccount', 'krbprincipalaux'], conn)
print(obj_person)
r = Reader(conn, obj_person, 'dc=demo1,dc=freeipa,dc=org', 'uid:=admin')
r.search()
print(r[0])
print(8, conn.last_error)
conn.modify('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_REPLACE, ['Smith'])]})
print(9, conn.last_error)
conn.modify('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_ADD, ['Young', 'Johnson']), (MODIFY_DELETE, ['Smith'])], 'givenname': [(MODIFY_REPLACE, ['Mary', 'Jane'])]})
print(10, conn.last_error)
conn.modify_dn('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'cn=b.smith', new_superior='ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org')
print(11, conn.last_error)
conn.modify('cn=b.smith,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_DELETE, ['Johnson'])], 'givenname': [(MODIFY_REPLACE, ['Beatrix'])]})
print(12, conn.last_error)
conn.modify_dn('cn=b.smith,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'cn=b.young')
print(13, conn.last_error)
conn.add('cn=m.johnson,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'inetOrgPerson', {'givenName': 'Mary Ann', 'sn': 'Johnson', 'departmentNumber': 'DEV', 'telephoneNumber': 2222})
print(14, conn.last_error)
conn.add('cn=q.gray,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'inetOrgPerson', {'givenName': 'Quentin', 'sn': 'Gray', 'departmentNumber': 'QA', 'telephoneNumber': 3333})
print(15, conn.last_error)
obj_person = ObjectDef('inetOrgPerson', conn)
r = Reader(conn, obj_person, 'ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org')
r.search()
print(r)
w = Writer.from_cursor(r)
print(w)
print(w[0])
e = w[0]
print(e.entry_dn)
print(e.entry_attributes)
print(e.entry_attributes_as_dict)
print(e.entry_mandatory_attributes)
print(e.entry_to_ldif())
print(e.entry_to_json(include_empty=False))
def test_paged_search_accumulator_with_schema_base_object(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1'))
r = Reader(self.connection, 'inetorgperson', self.delete_at_teardown[0][0])
entries = r.search_paged(2, True, generator=False, attributes=['cn'])
self.assertEqual(len(entries), 1)
