def search_identities(self, providers=None, exact=False, **criteria): """Searches user identities matching certain criteria :param providers: A list of providers to search in. If not specified, all providers are searched. :param exact: If criteria need to match exactly, i.e. no substring matches are performed. :param criteria: The criteria to search for. A criterion can have a list, tuple or set as value if there are many values for the same criterion. :return: An iterable of matching user identities. """ for k, v in iteritems(criteria): if isinstance(v, multi_value_types): criteria[k] = v = set(v) elif not isinstance(v, set): criteria[k] = v = {v} if any(not x for x in v): raise ValueError('Empty search criterion: ' + k) for provider in itervalues(self.identity_providers): if providers is not None and provider.name not in providers: continue if not provider.supports_search: continue for identity_info in provider.search_identities( provider.map_search_criteria(criteria), exact=exact): yield identity_info
def search_identities(self, providers=None, exact=False, **criteria): """Searches user identities matching certain criteria :param providers: A list of providers to search in. If not specified, all providers are searched. :param exact: If criteria need to match exactly, i.e. no substring matches are performed. :param criteria: The criteria to search for. A criterion can have a list, tuple or set as value if there are many values for the same criterion. :return: An iterable of matching user identities. """ for k, v in iteritems(criteria): if isinstance(v, multi_value_types): criteria[k] = v = set(v) elif not isinstance(v, set): criteria[k] = v = {v} if any(not x for x in v): raise ValueError('Empty search criterion: ' + k) for provider in itervalues(self.identity_providers): if providers is not None and provider.name not in providers: continue if not provider.supports_search: continue for identity_info in provider.search_identities(provider.map_search_criteria(criteria), exact=exact): yield identity_info
def _clear_ldap_cache(*args, **kwargs): if not has_app_context() or '_multipass_ldap_connections' not in g: return for conn in itervalues(g._multipass_ldap_connections): try: conn.unbind_s() except ldap.LDAPError: # That's ugly but we couldn't care less about a failure while disconnecting pass del g._multipass_ldap_connections
def validate_provider_map(state): """Validates the provider map :param state: The :class:`._MultipassState` instance """ invalid_keys = viewkeys(state.auth_providers) - viewkeys(state.provider_map) if invalid_keys: raise ValueError('Auth providers not linked to identity providers: ' + ', '.join(invalid_keys)) targeted_providers = {p['identity_provider'] for providers in itervalues(state.provider_map) for p in providers} invalid_keys = targeted_providers - viewkeys(state.identity_providers) if invalid_keys: raise ValueError('Broken identity provider links: ' + ', '.join(invalid_keys))
def search_identities_ex(self, providers=None, exact=False, limit=None, criteria=None): """Search user identities matching search criteria. This is very similar to :meth:`search_identities`, but instead of just yielding identities, it allows specifying a limit and only returns up to that number of identities *per provider*. It also returns the total number of found identities so the application can decide to inform the user that their search criteria may be too broad. :return: A tuple containing ``(identities, total_count)``. """ for k, v in iteritems(criteria): if isinstance(v, multi_value_types): criteria[k] = v = set(v) elif not isinstance(v, set): criteria[k] = v = {v} if any(not x for x in v): raise ValueError('Empty search criterion: ' + k) found_identities = [] total = 0 for provider in itervalues(self.identity_providers): if providers is not None and provider.name not in providers: continue if not provider.supports_search: continue if provider.supports_search_ex: result, subtotal = provider.search_identities_ex( provider.map_search_criteria(criteria), exact=exact, limit=limit) found_identities += result total += subtotal else: result_iter = provider.search_identities( provider.map_search_criteria(criteria), exact=exact) if limit is not None: result = list(itertools.islice(result_iter, limit)) found_identities += result total += len(result) + sum(1 for _ in result_iter) else: result = list(result_iter) found_identities += result total += len(result) return found_identities, total
def search_groups(self, name, providers=None, exact=False): """Searches groups by name :param name: The name to search for. :param providers: A list of providers to search in. If not specified, all providers are searched. :param exact: If the name needs to match exactly, i.e. no substring matches are performed. :return: An iterable of matching groups. """ for provider in itervalues(self.identity_providers): if providers is not None and provider.name not in providers: continue if not provider.supports_groups: continue for group in provider.search_groups(name, exact=exact): yield group
def validate_provider_map(state): """Validates the provider map :param state: The :class:`._MultipassState` instance """ invalid_keys = viewkeys(state.auth_providers) - viewkeys( state.provider_map) if invalid_keys: raise ValueError('Auth providers not linked to identity providers: ' + ', '.join(invalid_keys)) targeted_providers = { p['identity_provider'] for providers in itervalues(state.provider_map) for p in providers } invalid_keys = targeted_providers - viewkeys(state.identity_providers) if invalid_keys: raise ValueError('Broken identity provider links: ' + ', '.join(invalid_keys))