Example #1
0
    def search_identities(self, providers=None, exact=False, **criteria):
        """Searches user identities matching certain criteria

        :param providers: A list of providers to search in. If not
                          specified, all providers are searched.
        :param exact: If criteria need to match exactly, i.e. no
                      substring matches are performed.
        :param criteria: The criteria to search for. A criterion can
                         have a list, tuple or set as value if there are
                         many values for the same criterion.
        :return: An iterable of matching user identities.
        """
        for k, v in iteritems(criteria):
            if isinstance(v, multi_value_types):
                criteria[k] = v = set(v)
            elif not isinstance(v, set):
                criteria[k] = v = {v}
            if any(not x for x in v):
                raise ValueError('Empty search criterion: ' + k)

        for provider in itervalues(self.identity_providers):
            if providers is not None and provider.name not in providers:
                continue
            if not provider.supports_search:
                continue
            for identity_info in provider.search_identities(
                    provider.map_search_criteria(criteria), exact=exact):
                yield identity_info
Example #2
0
    def search_identities(self, providers=None, exact=False, **criteria):
        """Searches user identities matching certain criteria

        :param providers: A list of providers to search in. If not
                          specified, all providers are searched.
        :param exact: If criteria need to match exactly, i.e. no
                      substring matches are performed.
        :param criteria: The criteria to search for. A criterion can
                         have a list, tuple or set as value if there are
                         many values for the same criterion.
        :return: An iterable of matching user identities.
        """
        for k, v in iteritems(criteria):
            if isinstance(v, multi_value_types):
                criteria[k] = v = set(v)
            elif not isinstance(v, set):
                criteria[k] = v = {v}
            if any(not x for x in v):
                raise ValueError('Empty search criterion: ' + k)

        for provider in itervalues(self.identity_providers):
            if providers is not None and provider.name not in providers:
                continue
            if not provider.supports_search:
                continue
            for identity_info in provider.search_identities(provider.map_search_criteria(criteria), exact=exact):
                yield identity_info
Example #3
0
def _clear_ldap_cache(*args, **kwargs):
    if not has_app_context() or '_multipass_ldap_connections' not in g:
        return
    for conn in itervalues(g._multipass_ldap_connections):
        try:
            conn.unbind_s()
        except ldap.LDAPError:
            # That's ugly but we couldn't care less about a failure while disconnecting
            pass
    del g._multipass_ldap_connections
Example #4
0
def _clear_ldap_cache(*args, **kwargs):
    if not has_app_context() or '_multipass_ldap_connections' not in g:
        return
    for conn in itervalues(g._multipass_ldap_connections):
        try:
            conn.unbind_s()
        except ldap.LDAPError:
            # That's ugly but we couldn't care less about a failure while disconnecting
            pass
    del g._multipass_ldap_connections
Example #5
0
def validate_provider_map(state):
    """Validates the provider map

    :param state: The :class:`._MultipassState` instance
    """
    invalid_keys = viewkeys(state.auth_providers) - viewkeys(state.provider_map)
    if invalid_keys:
        raise ValueError('Auth providers not linked to identity providers: ' + ', '.join(invalid_keys))
    targeted_providers = {p['identity_provider'] for providers in itervalues(state.provider_map) for p in providers}
    invalid_keys = targeted_providers - viewkeys(state.identity_providers)
    if invalid_keys:
        raise ValueError('Broken identity provider links: ' + ', '.join(invalid_keys))
Example #6
0
    def search_identities_ex(self,
                             providers=None,
                             exact=False,
                             limit=None,
                             criteria=None):
        """Search user identities matching search criteria.

        This is very similar to :meth:`search_identities`, but instead of just
        yielding identities, it allows specifying a limit and only returns up
        to that number of identities *per provider*. It also returns the total
        number of found identities so the application can decide to inform the
        user that their search criteria may be too broad.

        :return: A tuple containing ``(identities, total_count)``.
        """
        for k, v in iteritems(criteria):
            if isinstance(v, multi_value_types):
                criteria[k] = v = set(v)
            elif not isinstance(v, set):
                criteria[k] = v = {v}
            if any(not x for x in v):
                raise ValueError('Empty search criterion: ' + k)

        found_identities = []
        total = 0
        for provider in itervalues(self.identity_providers):
            if providers is not None and provider.name not in providers:
                continue
            if not provider.supports_search:
                continue
            if provider.supports_search_ex:
                result, subtotal = provider.search_identities_ex(
                    provider.map_search_criteria(criteria),
                    exact=exact,
                    limit=limit)
                found_identities += result
                total += subtotal
            else:
                result_iter = provider.search_identities(
                    provider.map_search_criteria(criteria), exact=exact)
                if limit is not None:
                    result = list(itertools.islice(result_iter, limit))
                    found_identities += result
                    total += len(result) + sum(1 for _ in result_iter)
                else:
                    result = list(result_iter)
                    found_identities += result
                    total += len(result)

        return found_identities, total
Example #7
0
    def search_groups(self, name, providers=None, exact=False):
        """Searches groups by name

        :param name: The name to search for.
        :param providers: A list of providers to search in. If not
                          specified, all providers are searched.
        :param exact: If the name needs to match exactly, i.e. no
                      substring matches are performed.
        :return: An iterable of matching groups.
        """
        for provider in itervalues(self.identity_providers):
            if providers is not None and provider.name not in providers:
                continue
            if not provider.supports_groups:
                continue
            for group in provider.search_groups(name, exact=exact):
                yield group
Example #8
0
    def search_groups(self, name, providers=None, exact=False):
        """Searches groups by name

        :param name: The name to search for.
        :param providers: A list of providers to search in. If not
                          specified, all providers are searched.
        :param exact: If the name needs to match exactly, i.e. no
                      substring matches are performed.
        :return: An iterable of matching groups.
        """
        for provider in itervalues(self.identity_providers):
            if providers is not None and provider.name not in providers:
                continue
            if not provider.supports_groups:
                continue
            for group in provider.search_groups(name, exact=exact):
                yield group
Example #9
0
def validate_provider_map(state):
    """Validates the provider map

    :param state: The :class:`._MultipassState` instance
    """
    invalid_keys = viewkeys(state.auth_providers) - viewkeys(
        state.provider_map)
    if invalid_keys:
        raise ValueError('Auth providers not linked to identity providers: ' +
                         ', '.join(invalid_keys))
    targeted_providers = {
        p['identity_provider']
        for providers in itervalues(state.provider_map) for p in providers
    }
    invalid_keys = targeted_providers - viewkeys(state.identity_providers)
    if invalid_keys:
        raise ValueError('Broken identity provider links: ' +
                         ', '.join(invalid_keys))