def search_groups(self, name, exact=False): with ldap_context(self.ldap_settings): search_filter = build_group_search_filter({self.ldap_settings['gid']: {name}}, exact=exact) if not search_filter: raise GroupRetrievalFailed("Unable to generate search filter from criteria") for group_dn, group_data in self._search_groups(search_filter): yield self.group_class(self, group_data.get(self.ldap_settings['gid'])[0], group_dn)
def search_groups(self, name, exact=False): with ldap_context(self.ldap_settings): search_filter = build_group_search_filter( {self.ldap_settings['gid']: {name}}, exact=exact) if not search_filter: raise GroupRetrievalFailed( "Unable to generate search filter from criteria") for group_dn, group_data in self._search_groups(search_filter): yield self.group_class( self, group_data.get(self.ldap_settings['gid'])[0], group_dn)
def get_members(self): with ldap_context(self.ldap_settings): group_dns = self._iter_group() group_dn = next(group_dns) while group_dn: user_filter = build_user_search_filter({self.ldap_settings['member_of_attr']: {group_dn}}, exact=True) for _, user_data in self.provider._search_users(user_filter): yield IdentityInfo(self.provider, identifier=user_data[self.ldap_settings['uid']][0], **to_unicode(user_data)) group_filter = build_group_search_filter({self.ldap_settings['member_of_attr']: {group_dn}}, exact=True) subgroups = list(self.provider._search_groups(group_filter)) group_dn = group_dns.send(subgroups)
def search_groups(self, name, exact=False): with ldap_context(self.ldap_settings): search_filter = build_group_search_filter( {self.ldap_settings['gid']: {name}}, exact=exact) if not search_filter: raise GroupRetrievalFailed( "Unable to generate search filter from criteria", provider=self) for group_dn, group_data in self._search_groups(search_filter): group_name = to_unicode( group_data[self.ldap_settings['gid']][0]) yield self.group_class(self, group_name, group_dn)
def get_members(self): with ldap_context(self.ldap_settings): group_dns = self._iter_group() group_dn = next(group_dns) while group_dn: user_filter = build_user_search_filter( {self.ldap_settings['member_of_attr']: {group_dn}}, exact=True) for _, user_data in self.provider._search_users(user_filter): yield IdentityInfo( self.provider, identifier=user_data[self.ldap_settings['uid']][0], **to_unicode(user_data)) group_filter = build_group_search_filter( {self.ldap_settings['member_of_attr']: {group_dn}}, exact=True) subgroups = list(self.provider._search_groups(group_filter)) group_dn = group_dns.send(subgroups)
def get_identity_groups(self, identifier): groups = set() with ldap_context(self.ldap_settings): user_dn, user_data = get_user_by_id(identifier, self._attributes) if not user_dn: return set() if self.ldap_settings['ad_group_style']: for sid in get_token_groups_from_user_dn(user_dn): search_filter = build_group_search_filter( {'objectSid': {sid}}, exact=True) for group_dn, group_data in self._search_groups( search_filter): group_name = to_unicode( group_data[self.ldap_settings['gid']][0]) groups.add(self.group_class(self, group_name, group_dn)) else: # OpenLDAP does not have a way to get all groups for a user including nested ones raise NotImplementedError( 'Only available for active directory') return groups