def search_groups(self, name, exact=False):
with ldap_context(self.ldap_settings):
search_filter = build_group_search_filter(
{self.ldap_settings['gid']: {name}}, exact=exact)
if not search_filter:
raise GroupRetrievalFailed(
"Unable to generate search filter from criteria")
for group_dn, group_data in self._search_groups(search_filter):
yield self.group_class(
self,
group_data.get(self.ldap_settings['gid'])[0], group_dn)
def get_group(self, provider, name):
"""Returns a specific group
:param provider: The name of the provider containing the group.
:param name: The name of the group.
:return: An instance of a :class:`.Group` subclass.
"""
try:
provider = self.identity_providers[provider]
except KeyError:
raise GroupRetrievalFailed('Provider does not exist: ' + provider)
return provider.get_group(name)
def search_groups(self, name, exact=False):
with ldap_context(self.ldap_settings):
search_filter = build_group_search_filter(
{self.ldap_settings['gid']: {name}}, exact=exact)
if not search_filter:
raise GroupRetrievalFailed(
"Unable to generate search filter from criteria",
provider=self)
for group_dn, group_data in self._search_groups(search_filter):
group_name = to_unicode(
group_data[self.ldap_settings['gid']][0])
yield self.group_class(self, group_name, group_dn)
def get_identity_groups(self, sub):
identity_data = self._query_single_user_by_sub(sub)
if identity_data is None:
raise GroupRetrievalFailed(
"The user with sub={} does not exist or is not confirmed or not enabled"
.format(sub))
page_iterator = self.cognito_client.get_paginator(
'admin_list_groups_for_user').paginate(
UserPoolId=self.user_pool_id,
Username=identity_data['username'])
for response in page_iterator:
for group in response['Groups']:
yield self.group_class(self, group['GroupName'])
def get_group_by_id(gid, attributes=None):
"""Retrieves a user's data from LDAP, given its identifier.
:param gid: str -- the identifier of the group
:param attributes: list -- Attributes to be retrieved for the group.
If ``None``, all attributes will be retrieved.
:raises GroupRetrievalFailed: If the identifier is falsely.
:return: A tuple containing the `dn` of the group as ``str`` and the
found attributes in a ``dict``.
"""
if not gid:
raise GroupRetrievalFailed("No identifier specified")
group_filter = build_group_search_filter({current_ldap.settings['gid']: {gid}}, exact=True)
return find_one(current_ldap.settings['group_base'], group_filter, attributes=attributes)
def has_member(self, identifier):
identity_data = self.provider._query_single_user_by_sub(identifier)
if identity_data is None:
raise GroupRetrievalFailed(
"The user with sub={} does not exist or is not confirmed or not enabled"
.format(identifier))
page_iterator = self.cognito_client.get_paginator(
'admin_list_groups_for_user').paginate(
UserPoolId=self.user_pool_id,
Username=identity_data['username'])
for response in page_iterator:
for group in response['Groups']:
if group['GroupName'] == self.name:
return True
return False