def test_authenticate_with_ldap_existing_user(self):
assert not User.objects.all().exists()
user = User.objects.create(username="******", first_name=u"P\xe4ter", last_name=u"B\xa3ngtsson")
assert user.groups.all().count() == 0
user.set_unusable_password()
user.save()
ldap.open = Mock("ldap.open")
ldap.open.mock_returns = Mock("ldap_connection")
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(
return_value=MockLDAP({"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": self.fake_group})
)
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
ok_(user)
_first_name = self.fake_user[0][1]["givenName"][0]
eq_(user.first_name, unicode(_first_name, "utf-8"))
_last_name = self.fake_user[0][1]["sn"][0]
eq_(user.last_name, unicode(_last_name, "utf-8"))
eq_(user.email, self.fake_user[0][1]["mail"][0])
user_saved = User.objects.get(username="******")
eq_(user_saved.first_name, user.first_name)
eq_(user_saved.last_name, user.last_name)
ok_(user_saved.groups.filter(name="Localizers").exists())
def test_authenticate_with_ldap_existing_user(self):
assert not User.objects.all().exists()
user = User.objects.create(
username='******',
first_name=u'P\xe4ter',
last_name=u'B\xa3ngtsson',
)
user.set_unusable_password()
user.save()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
ok_(user)
_first_name = self.fake_user[0][1]['givenName'][0]
eq_(user.first_name, unicode(_first_name, 'utf-8'))
_last_name = self.fake_user[0][1]['sn'][0]
eq_(user.last_name, unicode(_last_name, 'utf-8'))
eq_(user.email, self.fake_user[0][1]['mail'][0])
user_saved = User.objects.get(username='******')
eq_(user_saved.first_name, user.first_name)
eq_(user_saved.last_name, user.last_name)
def test_authenticate_with_non_ascii_password(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
email = '*****@*****.**'
fake_user = [('mail=%s,...' % email, {
'cn': ['Peter Bengtsson'],
'givenName': ['Peter'],
'mail': [email],
'sn': ['Bengtsson'],
'uid': ['pbengtsson']
})]
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate(email, u's\xc4cret')
ok_(user)
ok_(User.objects.get(email=email))
def test_authenticate_with_ldap_new_user_with_long_email(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
long_email = '*****@*****.**'
fake_user = [
('mail=%s,...' % long_email,
{'cn': ['Peter Bengtsson'],
'givenName': ['Pet\xc3\xa3r'], # utf-8 encoded
'mail': [long_email],
'sn': ['Bengtss\xc2\xa2n'],
'uid': ['pbengtsson']
})
]
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate(long_email, 'secret')
ok_(user)
ok_(User.objects.get(email=long_email))
ok_(len(User.objects.get(email=long_email).username) <= 30)
user = User.objects.get(first_name=u'Pet\xe3r')
eq_(user.last_name, u'Bengtss\xa2n')
ok_(not user.has_usable_password())
ok_(not user.check_password('secret'))
def test_authenticate_with_non_ascii_password(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
email = '*****@*****.**'
fake_user = [
('mail=%s,...' % email,
{'cn': ['Peter Bengtsson'],
'givenName': ['Peter'],
'mail': [email],
'sn': ['Bengtsson'],
'uid': ['pbengtsson']
})
]
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate(email, 's\xc4cret')
self.assertTrue(user)
self.assertTrue(User.objects.get(email=email))
def test_authenticate_with_ldap_existing_user(self):
assert not User.objects.all().exists()
user = User.objects.create(
username='******',
email='*****@*****.**',
first_name='P\xe4ter',
last_name='B\xa3ngtsson',
)
assert user.groups.all().count() == 0
user.set_unusable_password()
user.save()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('*****@*****.**', 'secret')
self.assertTrue(user)
_first_name = self.fake_user[0][1]['givenName'][0]
self.assertEqual(user.first_name, _first_name.decode('utf-8'))
_last_name = self.fake_user[0][1]['sn'][0]
self.assertEqual(user.last_name, _last_name.decode('utf-8'))
self.assertEqual(user.email, self.fake_user[0][1]['mail'][0])
user_saved = User.objects.get(email='*****@*****.**')
self.assertEqual(user_saved.first_name, user.first_name)
self.assertEqual(user_saved.last_name, user.last_name)
self.assertTrue(user_saved.groups.filter(name='Localizers').exists())
def test_authenticate_with_ldap_new_user_with_long_email(self):
assert not User.objects.all().exists()
ldap.open = Mock("ldap.open")
ldap.open.mock_returns = Mock("ldap_connection")
ldap.set_option = Mock(return_value=None)
long_email = "*****@*****.**"
fake_user = [
(
"mail=%s,..." % long_email,
{
"cn": ["Peter Bengtsson"],
"givenName": ["Pet\xc3\xa3r"], # utf-8 encoded
"mail": [long_email],
"sn": ["Bengtss\xc2\xa2n"],
"uid": ["pbengtsson"],
},
)
]
ldap.initialize = Mock(
return_value=MockLDAP({"dc=mozilla": fake_user, "ou=groups,dc=mozilla": self.fake_group})
)
backend = MozLdapBackend()
user = backend.authenticate(long_email, "secret")
ok_(user)
ok_(User.objects.get(email=long_email))
ok_(len(User.objects.get(email=long_email).username) <= 30)
user = User.objects.get(first_name=u"Pet\xe3r")
eq_(user.last_name, u"Bengtss\xa2n")
ok_(not user.has_usable_password())
ok_(not user.check_password("secret"))
def test_authenticate_with_ldap_new_user_with_long_email(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
long_email = '*****@*****.**'
fake_user = [(
'mail=%s,...' % long_email,
{
'cn': ['Peter Bengtsson'],
'givenName': ['Pet\xc3\xa3r'], # utf-8 encoded
'mail': [long_email],
'sn': ['Bengtss\xc2\xa2n'],
'uid': ['pbengtsson']
})]
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate(long_email, 'secret')
ok_(user)
ok_(User.objects.get(email=long_email))
ok_(len(User.objects.get(email=long_email).username) <= 30)
user = User.objects.get(first_name=u'Pet\xe3r')
eq_(user.last_name, u'Bengtss\xa2n')
ok_(not user.has_usable_password())
ok_(not user.check_password('secret'))
def test_authenticate_with_ldap_existing_user(self):
assert not User.objects.all().exists()
user = User.objects.create(
username='******',
first_name=u'P\xe4ter',
last_name=u'B\xa3ngtsson',
)
assert user.groups.all().count() == 0
user.set_unusable_password()
user.save()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
ok_(user)
_first_name = self.fake_user[0][1]['givenName'][0]
eq_(user.first_name, unicode(_first_name, 'utf-8'))
_last_name = self.fake_user[0][1]['sn'][0]
eq_(user.last_name, unicode(_last_name, 'utf-8'))
eq_(user.email, self.fake_user[0][1]['mail'][0])
user_saved = User.objects.get(username='******')
eq_(user_saved.first_name, user.first_name)
eq_(user_saved.last_name, user.last_name)
ok_(user_saved.groups.filter(name='Localizers').exists())
def test_authenticate_with_ldap_wrong_username(self):
ldap.initialize = Mock(
return_value=MockLDAP(
{"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": self.fake_group},
credentials={"some-other-uid": "secret"},
)
)
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
eq_(user, None)
def test_authenticate_without_ldap(self):
assert not User.objects.all().exists()
user = User.objects.create(username="******", email="*****@*****.**")
user.set_password("secret")
user.save()
backend = MozLdapBackend()
eq_(backend.authenticate("*****@*****.**", "secret"), user)
eq_(backend.authenticate("foo", "secret"), user)
eq_(backend.authenticate("foo", "JUNK"), None)
def test_authentication_ldap_username_not_recognized(self):
ldap.initialize = Mock(
return_value=MockLDAP(
{"dc=mozilla": None, "ou=groups,dc=mozilla": self.fake_group},
credentials={self.fake_user[0][0]: "secret"},
)
)
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
ok_(not user)
def test_authenticate_with_ldap_wrong_password(self):
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}, credentials={
self.fake_user[0][0]: 'rightsecret'
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
eq_(user, None)
def test_authenticate_with_ldap_wrong_username(self):
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}, credentials={
'some-other-uid': 'secret'
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
eq_(user, None)
def test_authentication_ldap_username_not_recognized(self):
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': None,
'ou=groups,dc=mozilla': self.fake_group
}, credentials={
self.fake_user[0][0]: 'secret'
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
ok_(not user)
def test_authenticate_without_ldap(self):
assert not User.objects.all().exists()
user = User.objects.create(username='******', email='*****@*****.**')
user.set_password('secret')
user.save()
backend = MozLdapBackend()
eq_(backend.authenticate('*****@*****.**', 'secret'), user)
eq_(backend.authenticate('foo', 'secret'), user)
eq_(backend.authenticate('foo', 'JUNK'), None)
def test_authenticate_with_ldap_wrong_password(self):
ldap.initialize = Mock(
return_value=MockLDAP(
{"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": self.fake_group},
credentials={self.fake_user[0][0]: "rightsecret"},
)
)
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
eq_(user, None)
def test_authentication_ldap_username_not_recognized(self):
ldap.initialize = Mock(return_value=MockLDAP(
{
'dc=mozilla': None,
'ou=groups,dc=mozilla': self.fake_group
},
credentials={self.fake_user[0][0]: 'secret'}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
ok_(not user)
def test_authenticate_with_ldap_wrong_username(self):
ldap.initialize = Mock(return_value=MockLDAP(
{
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
},
credentials={'some-other-uid': 'secret'}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
eq_(user, None)
def test_authenticate_with_ldap_wrong_password(self):
ldap.initialize = Mock(return_value=MockLDAP(
{
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
},
credentials={self.fake_user[0][0]: 'rightsecret'}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
eq_(user, None)
def test_lost_group_privileges(self):
# test a user that is part of the `Localizers` group one day but not
# the other
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
groups = [('cn=scm_l10n,ou=groups,dc=mozilla', {
'cn': ['scm_l10n']
}), ('cn=buildteam,ou=groups,dc=mozilla', {
'cn': ['buildteam']
})]
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': groups
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(user.groups.filter(name='Localizers').exists())
ok_(user.groups.filter(name='build').exists())
new_groups = [('cn=buildteam,ou=groups,dc=mozilla', {
'cn': ['buildteam']
})]
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': new_groups
}))
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(not user.groups.filter(name='Localizers').exists())
ok_(user.groups.filter(name='build').exists())
# Now reverse it
new_new_groups = [('cn=scm_l10n,ou=groups,dc=mozilla', {
'cn': ['scm_l10n']
})]
ldap.initialize = Mock(
return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': new_new_groups
}))
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(user.groups.filter(name='Localizers').exists())
ok_(not user.groups.filter(name='build').exists())
def test_authenticate_without_ldap(self):
assert not User.objects.all().exists()
user = User.objects.create(username='******', email='*****@*****.**')
user.set_password('secret')
user.save()
backend = MozLdapBackend()
eq_(backend.authenticate('*****@*****.**', 'secret'),
user)
eq_(backend.authenticate('foo', 'secret'), user)
eq_(backend.authenticate('foo', 'JUNK'), None)
def test_lost_group_privileges(self):
# test a user that is part of the `Localizers` group one day but not
# the other
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
groups = [
('cn=scm_l10n,ou=groups,dc=mozilla',
{'cn': ['scm_l10n']}),
('cn=buildteam,ou=groups,dc=mozilla',
{'cn': ['buildteam']})
]
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': groups
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(user.groups.filter(name='Localizers').exists())
ok_(user.groups.filter(name='build').exists())
new_groups = [
('cn=buildteam,ou=groups,dc=mozilla',
{'cn': ['buildteam']})
]
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': new_groups
}))
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(not user.groups.filter(name='Localizers').exists())
ok_(user.groups.filter(name='build').exists())
# Now reverse it
new_new_groups = [
('cn=scm_l10n,ou=groups,dc=mozilla',
{'cn': ['scm_l10n']})
]
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': new_new_groups
}))
user = backend.authenticate('foo', 'secret')
assert user == User.objects.get()
ok_(user.groups.filter(name='Localizers').exists())
ok_(not user.groups.filter(name='build').exists())
def test_authenticate_with_ldap_new_user(self):
assert not User.objects.all().exists()
ldap.open = Mock("ldap.open")
ldap.open.mock_returns = Mock("ldap_connection")
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(
return_value=MockLDAP({"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": self.fake_group})
)
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
ok_(user)
ok_(User.objects.get(username="******"))
user = User.objects.get(first_name=u"Pet\xe3r")
eq_(user.last_name, u"Bengtss\xa2n")
ok_(not user.has_usable_password())
ok_(not user.check_password("secret"))
ok_(user.groups.filter(name="Localizers").exists())
def test_authenticate_with_ldap_new_user(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
ok_(user)
ok_(User.objects.get(username='******'))
user = User.objects.get(first_name=u'Pet\xe3r')
eq_(user.last_name, u'Bengtss\xa2n')
ok_(not user.has_usable_password())
ok_(not user.check_password('secret'))
def test_authenticate_with_ldap_new_user(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('*****@*****.**', 'secret')
self.assertTrue(user)
self.assertTrue(User.objects.get(email='*****@*****.**'))
user = User.objects.get(first_name='Pet\xe3r')
self.assertEqual(user.last_name, 'Bengtss\xa2n')
self.assertFalse(user.has_usable_password())
self.assertFalse(user.check_password('secret'))
self.assertTrue(user.groups.filter(name='Localizers').exists())
def test_authenticate_with_ldap_new_user(self):
assert not User.objects.all().exists()
ldap.open = Mock('ldap.open')
ldap.open.mock_returns = Mock('ldap_connection')
ldap.set_option = Mock(return_value=None)
ldap.initialize = Mock(return_value=MockLDAP({
'dc=mozilla': self.fake_user,
'ou=groups,dc=mozilla': self.fake_group
}))
backend = MozLdapBackend()
user = backend.authenticate('foo', 'secret')
self.assertTrue(user)
self.assertTrue(User.objects.get(username='******'))
user = User.objects.get(first_name='Pet\xe3r')
self.assertEqual(user.last_name, 'Bengtss\xa2n')
self.assertFalse(user.has_usable_password())
self.assertFalse(user.check_password('secret'))
self.assertTrue(user.groups.filter(name='Localizers').exists())
def test_lost_group_privileges(self):
# test a user that is part of the `Localizers` group one day but not
# the other
assert not User.objects.all().exists()
ldap.open = Mock("ldap.open")
ldap.open.mock_returns = Mock("ldap_connection")
ldap.set_option = Mock(return_value=None)
groups = [
("cn=scm_l10n,ou=groups,dc=mozilla", {"cn": ["scm_l10n"]}),
("cn=buildteam,ou=groups,dc=mozilla", {"cn": ["buildteam"]}),
]
ldap.initialize = Mock(return_value=MockLDAP({"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": groups}))
backend = MozLdapBackend()
user = backend.authenticate("foo", "secret")
assert user == User.objects.get()
ok_(user.groups.filter(name="Localizers").exists())
ok_(user.groups.filter(name="build").exists())
new_groups = [("cn=buildteam,ou=groups,dc=mozilla", {"cn": ["buildteam"]})]
ldap.initialize = Mock(
return_value=MockLDAP({"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": new_groups})
)
user = backend.authenticate("foo", "secret")
assert user == User.objects.get()
ok_(not user.groups.filter(name="Localizers").exists())
ok_(user.groups.filter(name="build").exists())
# Now reverse it
new_new_groups = [("cn=scm_l10n,ou=groups,dc=mozilla", {"cn": ["scm_l10n"]})]
ldap.initialize = Mock(
return_value=MockLDAP({"dc=mozilla": self.fake_user, "ou=groups,dc=mozilla": new_new_groups})
)
user = backend.authenticate("foo", "secret")
assert user == User.objects.get()
ok_(user.groups.filter(name="Localizers").exists())
ok_(not user.groups.filter(name="build").exists())
def handle(self, *args, **options):
mail = args[0]
def show(key, value):
if isinstance(value, list) and value and isinstance(value[0], basestring):
value = ", ".join(value)
print key.ljust(20), value
print "\nLOCAL USER ".ljust(79, "-")
try:
user = User.objects.get(email=mail)
show("Username", user.username)
show("Email", user.email)
show("First name", user.first_name)
show("Last name", user.last_name)
show("Active", user.is_active)
show("Superuser", user.is_superuser)
show("Staff", user.is_staff)
print "Groups:".ljust(20),
if user.groups.all():
print ", ".join([x.name for x in user.groups.all()])
else:
print "none"
except User.DoesNotExist:
print "Does NOT exist locally"
backend = MozLdapBackend()
backend.connect()
try:
search_filter = backend.make_search_filter(dict(mail=mail))
results = backend.ldo.search_s("dc=mozilla", ldap.SCOPE_SUBTREE, search_filter)
print "\nIN LDAP ".ljust(79, "-")
uid = None
for uid, data in results:
for key, value in data.iteritems():
if key in LDAP_IGNORE_ATTRIBUTES:
continue
show(key, value)
if uid:
group_names = flatten_group_names(GROUP_MAPPINGS.values())
search_filter1 = backend.make_search_filter(dict(cn=group_names), any_parameter=True)
search_filter2 = backend.make_search_filter(
{
"memberUID": [uid, mail],
"member": [
"mail=%s,o=com,dc=mozilla" % mail,
"mail=%s,o=org,dc=mozilla" % mail,
"mail=%s,o=net,dc=mozillacom" % mail,
],
},
any_parameter=True,
)
# combine the group part with the mail part
search_filter = "(&%s%s)" % (search_filter1, search_filter2)
group_results = backend.ldo.search_s("ou=groups,dc=mozilla", ldap.SCOPE_SUBTREE, search_filter, ["cn"])
print "\nLDAP GROUPS ".ljust(79, "-")
_group_mappings_reverse = {}
for django_name, ldap_names in GROUP_MAPPINGS.items():
ldap_names = flatten_group_names(ldap_names)
for name in ldap_names:
_group_mappings_reverse[name] = django_name
groups = [x[1]["cn"][0] for x in group_results]
for group in groups:
print group.ljust(16), "-> ",
print _group_mappings_reverse.get(group, "*not a Django group*")
finally:
backend.disconnect()
def test_backend_cert_file(self):
backend = MozLdapBackend()
self.assertTrue(backend.certfile)
self.assertTrue(os.path.isfile(os.path.abspath(backend.certfile)))
def test_backend_cert_file(self):
backend = MozLdapBackend()
ok_(backend.certfile)
ok_(os.path.isfile(os.path.abspath(backend.certfile)))
def handle(self, *args, **options):
mail = args[0]
def show(key, value):
if (isinstance(value, list) and value
and isinstance(value[0], basestring)):
value = ', '.join(value)
self.stdout.write(key.ljust(20) + " " + str(value))
self.stdout.write("\nLOCAL USER ".ljust(79, '-'))
try:
user = User.objects.get(email=mail)
show("Username", user.username)
show("Email", user.email)
show("First name", user.first_name)
show("Last name", user.last_name)
show("Active", user.is_active)
show("Superuser", user.is_superuser)
show("Staff", user.is_staff)
self.stdout.write("Groups:".ljust(20), ending='')
if user.groups.all():
self.stdout.write(
', '.join([x.name for x in user.groups.all()])
)
else:
self.stdout.write("none")
except User.DoesNotExist:
self.stdout.write("Does NOT exist locally")
backend = MozLdapBackend()
backend.connect()
try:
search_filter = backend.make_search_filter(dict(mail=mail))
results = backend.ldo.search_s(
"dc=mozilla",
ldap.SCOPE_SUBTREE,
search_filter,
)
self.stdout.write("\nIN LDAP ".ljust(79, '-'))
uid = None
for uid, data in results:
for key, value in data.iteritems():
if key in LDAP_IGNORE_ATTRIBUTES:
continue
show(key, value)
if uid:
group_names = flatten_group_names(GROUP_MAPPINGS.values())
search_filter1 = backend.make_search_filter(
dict(cn=group_names),
any_parameter=True
)
search_filter2 = backend.make_search_filter({
'memberUID': [uid, mail],
'member': ['mail=%s,o=com,dc=mozilla' % mail,
'mail=%s,o=org,dc=mozilla' % mail,
'mail=%s,o=net,dc=mozilla' % mail],
}, any_parameter=True)
# combine the group part with the mail part
search_filter = '(&%s%s)' % (search_filter1, search_filter2)
group_results = backend.ldo.search_s(
"ou=groups,dc=mozilla",
ldap.SCOPE_SUBTREE,
search_filter,
['cn']
)
self.stdout.write("\nLDAP GROUPS ".ljust(79, '-'))
_group_mappings_reverse = {}
for django_name, ldap_names in GROUP_MAPPINGS.items():
ldap_names = flatten_group_names(ldap_names)
for name in ldap_names:
_group_mappings_reverse[name] = django_name
groups = [x[1]['cn'][0] for x in group_results]
for group in groups:
self.stdout.write(group.ljust(16) + ' -> ' +
_group_mappings_reverse.get(
group,
'*not a Django group*'
))
finally:
backend.disconnect()
