def searchUsers(self, pattern): try: con = self.__connection() res = [] for r in con.search_ext_s( base=self._ldapBase, scope=ldap.SCOPE_SUBTREE, filterstr='(&(objectClass=%s)(%s=%s*))' % (self._userClass, self._userIdAttr, pattern), sizelimit=LDAP_RESULT_LIMIT): if r[0] is not None: # Must have a dn, we do not accept references to other dct = {k.lower(): v for k, v in r[1].iteritems()} logger.debug('R: {0}'.format(dct)) usrId = dct.get(self._userIdAttr.lower(), '') usrId = type(usrId) == list and usrId[0] or usrId res.append({ 'id': usrId, 'name': self.__getUserRealName(dct) }) logger.debug(res) return res except Exception: logger.exception("Exception: ") raise AuthenticatorException( _('Too many results, be more specific'))
def getGroups(self, username, groupsManager): ''' Looks for the real groups to which the specified user belongs Updates groups manager with valid groups Remember to override it in derived authentication if needed (external auths will need this, for internal authenticators this is never used) ''' user = self.__getUser(username) if user is None: raise AuthenticatorException(_('Username not found')) groupsManager.validate(self.__getGroups(user))
def createGroup(self, groupData): ''' We must override this method in authenticators not based on external sources (i.e. database users, text file users, etc..) External sources already has its own groups and, at most, it can check if it exists on external source before accepting it Groups are only used in case of internal users (non external sources) that must know to witch groups this user belongs to @params groupData: a dict that has, at least, name, comments and active @return: Raises an exception it things don't goes fine ''' res = self.__getGroup(groupData['name']) if res is None: raise AuthenticatorException(_('Group not found'))
def createUser(self, usrData): ''' Groups are only used in case of internal users (non external sources) that must know to witch groups this user belongs to @param usrData: Contains data received from user directly, that is, a dictionary with at least: name, realName, comments, state & password @return: Raises an exception (AuthException) it things didn't went fine ''' res = self.__getUser(usrData['name']) if res is None: raise AuthenticatorException(_('Username not found')) # Fills back realName field usrData['real_name'] = self.__getUserRealName(res)
def createUser(self, usrData): ''' We must override this method in authenticators not based on external sources (i.e. database users, text file users, etc..) External sources already has the user cause they are managed externally, so, it can at most test if the users exists on external source before accepting it. Groups are only used in case of internal users (non external sources) that must know to witch groups this user belongs to @param usrData: Contains data received from user directly, that is, a dictionary with at least: name, real_name, comments, state & password @return: Raises an exception (AuthException) it things didn't went fine ''' res = self.__getUser(usrData['name']) if res is None: raise AuthenticatorException(_('Username not found')) # Fills back realName field usrData['real_name'] = self.__getUserRealName(res)
def searchGroups(self, pattern): try: con = self.__connection() res = [] for r in con.search_ext_s(base=self._ldapBase, scope=ldap.SCOPE_SUBTREE, filterstr='(&(objectClass=%s)(%s=%s*))' % (self._groupClass, self._groupIdAttr, pattern), sizelimit=LDAP_RESULT_LIMIT): grpId = r[1].get(self._groupIdAttr, '') grpId = type(grpId) == list and grpId[0] or grpId res.append({ 'id': grpId, 'name': grpId }) return res except Exception: logger.exception("Exception: ") raise AuthenticatorException(_('Too many results, be more specific'))
def searchGroups(self, pattern): try: res = [] for r in ldaputil.getAsDict( con=self.__connection(), base=self._ldapBase, ldapFilter='(&(objectClass={})({}={}*))'.format( self._groupClass, self._groupIdAttr, pattern), attrList=[self._groupIdAttr], sizeLimit=LDAP_RESULT_LIMIT): grpId = r[self._groupIdAttr][0] res.append({'id': grpId, 'name': grpId}) return res except Exception: logger.exception("Exception: ") raise AuthenticatorException( _('Too many results, be more specific'))
def searchGroups(self, pattern): try: fld = self._groupIdAttr res = [] for r in ldaputil.getAsDict( con=self.__connection(), base=self.__getLdapBase(), ldapFilter='(&(objectClass=%s)(%s=%s*))' % (self._groupClass, self._groupIdAttr, pattern), attrList=[fld, 'memberOf', 'description'], sizeLimit=LDAP_RESULT_LIMIT): res.append({'id': r[fld][0], 'name': r['description'][0]}) return res except Exception: logger.exception("Exception: ") raise AuthenticatorException( _('Too many results, be more specific'))
def searchUsers(self, pattern): try: res = [] for r in ldaputil.getAsDict( con=self.__connection(), base=self._ldapBase, ldapFilter='(&(objectClass={})({}={}*))'.format( self._userClass, self._userIdAttr, pattern), attrList=[self._userIdAttr], sizeLimit=LDAP_RESULT_LIMIT): res.append({ 'id': r[self._userIdAttr][0], # Ignore @... 'name': self.__getUserRealName(r) }) return res except Exception: logger.exception("Exception: ") raise AuthenticatorException( _('Too many results, be more specific'))
def searchUsers(self, pattern): try: res = [] for r in ldaputil.getAsDict( con=self.__connection(), base=self._ldapBase, ldapFilter='(&(&(objectClass={})({}={}*)))'.format(self._userClass, self._userIdAttr, ldaputil.escape(pattern)), attrList=None, # All attrs sizeLimit=LDAP_RESULT_LIMIT ): logger.debug('R: {0}'.format(r)) res.append({ 'id': r.get(self._userIdAttr.lower(), '')[0], 'name': self.__getUserRealName(r) }) logger.debug(res) return res except Exception: logger.exception("Exception: ") raise AuthenticatorException(_('Too many results, be more specific'))