def __getGroup(self, groupName):
return ldaputil.getFirst(con=self.__connection(),
base=self._ldapBase,
objectClass=self._groupClass,
field=self._groupIdAttr,
value=groupName,
attributes=[self._memberAttr],
sizeLimit=LDAP_RESULT_LIMIT * 10)
def __getUser(self, username):
return ldaputil.getFirst(
con=self.__connection(),
base=self._ldapBase,
objectClass=self._userClass,
field=self._userIdAttr,
value=username,
attributes=[i for i in self._userNameAttr.split(',')] +
[self._userIdAttr],
sizeLimit=LDAP_RESULT_LIMIT)
def __getGroup(self, groupName):
return ldaputil.getFirst(
con=self.__connection(),
base=self._ldapBase,
objectClass=self._groupClass,
field=self._groupIdAttr,
value=groupName,
attributes=[self._memberAttr],
sizeLimit=LDAP_RESULT_LIMIT * 10
)
def __getUser(self, username):
return ldaputil.getFirst(
con=self.__connection(),
base=self._ldapBase,
objectClass=self._userClass,
field=self._userIdAttr,
value=username,
attributes=[i for i in self._userNameAttr.split(',')] + [self._userIdAttr],
sizeLimit=LDAP_RESULT_LIMIT
)
def __getUser(self, username: str) -> typing.Optional[ldaputil.LDAPResultType]:
"""
Searchs for the username and returns its LDAP entry
@param username: username to search, using user provided parameters at configuration to map search entries.
@return: None if username is not found, an dictionary of LDAP entry attributes if found.
@note: Active directory users contains the groups it belongs to in "memberOf" attribute
"""
attributes = [self._userIdAttr] + self.__getAttrsFromField(self._userNameAttr) + self.__getAttrsFromField(self._groupNameAttr)
user = ldaputil.getFirst(
con=self.__connection(),
base=self._ldapBase,
objectClass=self._userClass,
field=self._userIdAttr,
value=username,
attributes=attributes,
sizeLimit=LDAP_RESULT_LIMIT
)
# If user attributes is split, that is, it has more than one "ldap entry", get a second entry filtering by a new attribute
# and add result attributes to "main" search.
# For example, you can have authentication in an "user" object class and attributes in an "user_attributes" object class.
# Note: This is very rare situation, but it ocurrs :)
if user and self._altClass:
for usr in ldaputil.getAsDict(
con=self.__connection(),
base=self._ldapBase,
ldapFilter='(&(objectClass={})({}={}))'.format(self._altClass, self._userIdAttr, ldaputil.escape(username)),
attrList=attributes,
sizeLimit=LDAP_RESULT_LIMIT
):
for attr in self.__getAttrsFromField(self._groupNameAttr):
v = usr.get(attr)
if not v:
continue
kl = attr.lower()
# If already exists the field, check if it is a list to add new elements...
if kl in usr:
# Convert existing to list, so we can add a new value
if not isinstance(user[kl], (list, tuple)):
user[kl] = [user[kl]]
# Convert values to list, if not list
if not isinstance(v, (list, tuple)):
v = [v]
# Now append to existing values
for x in v:
user[kl].append(x)
else:
user[kl] = v
return user
def __getGroup(self, groupName):
"""
Searchs for the groupName and returns its LDAP entry
@param groupName: group name to search, using user provided parameters at configuration to map search entries.
@return: None if group name is not found, an dictionary of LDAP entry attributes if found.
"""
return ldaputil.getFirst(con=self.__connection(),
base=self.__getLdapBase(),
objectClass=self._groupClass,
field=self._groupIdAttr,
value=groupName,
attributes=[self._memberAttr],
sizeLimit=LDAP_RESULT_LIMIT)
def __getGroup(self, groupName):
"""
Searchs for the groupName and returns its LDAP entry
@param groupName: group name to search, using user provided parameters at configuration to map search entries.
@return: None if group name is not found, an dictionary of LDAP entry attributes if found.
"""
return ldaputil.getFirst(
con=self.__connection(),
base=self.__getLdapBase(),
objectClass=self._groupClass,
field=self._groupIdAttr,
value=groupName,
attributes=[self._memberAttr],
sizeLimit=LDAP_RESULT_LIMIT
)
def __getUser(self, username):
"""
Searchs for the username and returns its LDAP entry
@param username: username to search, using user provided parameters at configuration to map search entries.
@return: None if username is not found, an dictionary of LDAP entry attributes if found.
@note: Active directory users contains the groups it belongs to in "memberOf" attribute
"""
return ldaputil.getFirst(
con=self.__connection(),
base=self._ldapBase,
objectClass=self._userClass,
field=self._userIdAttr,
value=username,
attributes=[self._userIdAttr] + self.__getAttrsFromField(self._userNameAttr) + self.__getAttrsFromField(self._groupNameAttr),
sizeLimit=LDAP_RESULT_LIMIT
)
def __getUser(self, username):
"""
Searchs for the username and returns its LDAP entry
@param username: username to search, using user provided parameters at configuration to map search entries.
@return: None if username is not found, an dictionary of LDAP entry attributes if found.
@note: Active directory users contains the groups it belongs to in "memberOf" attribute
"""
return ldaputil.getFirst(
con=self.__connection(),
base=self._ldapBase,
objectClass=self._userClass,
field=self._userIdAttr,
value=username,
attributes=[self._userIdAttr] + self.__getAttrsFromField(self._userNameAttr) + self.__getAttrsFromField(self._groupNameAttr),
sizeLimit=LDAP_RESULT_LIMIT
)