예제 #1
0
    def test_bind_noMatchingServicesFound_fallback_success(self):
        server = self.createServer(
            services=['svc1',
                      'svc2',
                      'svc3',
                      ],
            fallback=True,
            responses=[
            [ pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode) ],
            [ pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode) ],
            [ pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode) ],
            [ pureldap.LDAPBindResponse(resultCode=ldaperrors.Success.resultCode) ],
            ])
        server.dataReceived(str(pureldap.LDAPMessage(pureldap.LDAPBindRequest(dn='cn=jack,dc=example,dc=com', auth='s3krit'), id=4)))
        reactor.iterate() #TODO
        client = server.client

        client.assertSent(
            pureldap.LDAPSearchRequest(baseObject='dc=example,dc=com',
                                       derefAliases=0,
                                       sizeLimit=0,
                                       timeLimit=0,
                                       typesOnly=0,
                                       filter=ldapfilter.parseFilter('(&'
                                                                     +'(objectClass=serviceSecurityObject)'
                                                                     +'(owner=cn=jack,dc=example,dc=com)'
                                                                     +'(cn=svc1)'
                                                                     +('(|(!(validFrom=*))(validFrom<=%s))' % server.now)
                                                                     +('(|(!(validUntil=*))(validUntil>=%s))' % server.now)
                                                                     +')'),
                                       attributes=('1.1',)),
            pureldap.LDAPSearchRequest(baseObject='dc=example,dc=com',
                                       derefAliases=0,
                                       sizeLimit=0,
                                       timeLimit=0,
                                       typesOnly=0,
                                       filter=ldapfilter.parseFilter('(&'
                                                                     +'(objectClass=serviceSecurityObject)'
                                                                     +'(owner=cn=jack,dc=example,dc=com)'
                                                                     +'(cn=svc2)'
                                                                     +('(|(!(validFrom=*))(validFrom<=%s))' % server.now)
                                                                     +('(|(!(validUntil=*))(validUntil>=%s))' % server.now)
                                                                     +')'),
                                       attributes=('1.1',)),
            pureldap.LDAPSearchRequest(baseObject='dc=example,dc=com',
                                       derefAliases=0,
                                       sizeLimit=0,
                                       timeLimit=0,
                                       typesOnly=0,
                                       filter=ldapfilter.parseFilter('(&'
                                                                     +'(objectClass=serviceSecurityObject)'
                                                                     +'(owner=cn=jack,dc=example,dc=com)'
                                                                     +'(cn=svc3)'
                                                                     +('(|(!(validFrom=*))(validFrom<=%s))' % server.now)
                                                                     +('(|(!(validUntil=*))(validUntil>=%s))' % server.now)
                                                                     +')'),
                                       attributes=('1.1',)),
            pureldap.LDAPBindRequest(dn='cn=jack,dc=example,dc=com', auth='s3krit'))
        self.assertEquals(server.transport.value(),
                          str(pureldap.LDAPMessage(pureldap.LDAPBindResponse(resultCode=ldaperrors.Success.resultCode), id=4)))
예제 #2
0
    def search(
        self,
        filterText=None,
        filterObject=None,
        attributes=(),
        scope=None,
        derefAliases=None,
        sizeLimit=0,
        timeLimit=0,
        typesOnly=0,
        callback=None,
    ):
        if filterObject is None and filterText is None:
            filterObject = pureldap.LDAPFilterMatchAll
        elif filterObject is None and filterText is not None:
            filterObject = ldapfilter.parseFilter(filterText)
        elif filterObject is not None and filterText is None:
            pass
        elif filterObject is not None and filterText is not None:
            f = ldapfilter.parseFilter(filterText)
            filterObject = pureldap.LDAPFilter_and((f, filterObject))

        if scope is None:
            scope = pureldap.LDAP_SCOPE_wholeSubtree
        if derefAliases is None:
            derefAliases = pureldap.LDAP_DEREF_neverDerefAliases

        # choose iterator: base/children/subtree
        if scope == pureldap.LDAP_SCOPE_wholeSubtree:
            iterator = self.subtree
        elif scope == pureldap.LDAP_SCOPE_singleLevel:
            iterator = self.children
        elif scope == pureldap.LDAP_SCOPE_baseObject:

            def iterateSelf(callback):
                callback(self)
                return defer.succeed(None)

            iterator = iterateSelf
        else:
            raise ldaperrors.LDAPProtocolError("unknown search scope: %r" %
                                               scope)

        results = []
        if callback is None:
            matchCallback = results.append
        else:
            matchCallback = callback

        # gather results, send them
        def _tryMatch(entry):
            if entry.match(filterObject):
                matchCallback(entry)

        iterator(callback=_tryMatch)

        if callback is None:
            return defer.succeed(results)
        else:
            return defer.succeed(None)
예제 #3
0
    def search(
        self,
        filterText=None,
        filterObject=None,
        attributes=(),
        scope=None,
        derefAliases=None,
        sizeLimit=0,
        timeLimit=0,
        typesOnly=0,
        callback=None,
    ):
        if filterObject is None and filterText is None:
            filterObject = pureldap.LDAPFilterMatchAll
        elif filterObject is None and filterText is not None:
            filterObject = ldapfilter.parseFilter(filterText)
        elif filterObject is not None and filterText is None:
            pass
        elif filterObject is not None and filterText is not None:
            f = ldapfilter.parseFilter(filterText)
            filterObject = pureldap.LDAPFilter_and((f, filterObject))

        if scope is None:
            scope = pureldap.LDAP_SCOPE_wholeSubtree
        if derefAliases is None:
            derefAliases = pureldap.LDAP_DEREF_neverDerefAliases

        # choose iterator: base/children/subtree
        if scope == pureldap.LDAP_SCOPE_wholeSubtree:
            iterator = self.subtree
        elif scope == pureldap.LDAP_SCOPE_singleLevel:
            iterator = self.children
        elif scope == pureldap.LDAP_SCOPE_baseObject:

            def iterateSelf(callback):
                callback(self)
                return defer.succeed(None)

            iterator = iterateSelf
        else:
            raise ldaperrors.LDAPProtocolError, "unknown search scope: %r" % scope

        results = []
        if callback is None:
            matchCallback = results.append
        else:
            matchCallback = callback

        # gather results, send them
        def _tryMatch(entry):
            if entry.match(filterObject):
                matchCallback(entry)

        iterator(callback=_tryMatch)

        if callback is None:
            return defer.succeed(results)
        else:
            return defer.succeed(None)
예제 #4
0
    def search(self,
               filterText=None,
               filterObject=None,
               attributes=(),
               scope=None,
               derefAliases=None,
               sizeLimit=0,
               sizeLimitIsNonFatal=False,
               timeLimit=0,
               typesOnly=0,
               callback=None):
        self._checkState()
        d = defer.Deferred()
        if filterObject is None and filterText is None:
            filterObject = pureldap.LDAPFilterMatchAll
        elif filterObject is None and filterText is not None:
            filterObject = ldapfilter.parseFilter(filterText)
        elif filterObject is not None and filterText is None:
            pass
        elif filterObject is not None and filterText is not None:
            f = ldapfilter.parseFilter(filterText)
            filterObject = pureldap.LDAPFilter_and((f, filterObject))

        if scope is None:
            scope = pureldap.LDAP_SCOPE_wholeSubtree
        if derefAliases is None:
            derefAliases = pureldap.LDAP_DEREF_neverDerefAliases

        if attributes is None:
            attributes = ['1.1']

        results = []
        if callback is None:
            cb = results.append
        else:
            cb = callback
        try:
            op = pureldap.LDAPSearchRequest(baseObject=str(self.dn),
                                            scope=scope,
                                            derefAliases=derefAliases,
                                            sizeLimit=sizeLimit,
                                            timeLimit=timeLimit,
                                            typesOnly=typesOnly,
                                            filter=filterObject,
                                            attributes=attributes)
            self.client.send_multiResponse(
                op,
                self._cbSearchMsg,
                d,
                cb,
                complete=not attributes,
                sizeLimitIsNonFatal=sizeLimitIsNonFatal)
        except ldapclient.LDAPClientConnectionLostException:
            d.errback(Failure())
        else:
            if callback is None:
                d.addCallback(lambda dummy: results)
        return d
예제 #5
0
    def search(self,
               filterText=None,
               filterObject=None,
               attributes=(),
               scope=None,
               derefAliases=None,
               sizeLimit=0,
               sizeLimitIsNonFatal=False,
               timeLimit=0,
               typesOnly=0,
               callback=None):
        self._checkState()
        d=defer.Deferred()
        if filterObject is None and filterText is None:
            filterObject=pureldap.LDAPFilterMatchAll
        elif filterObject is None and filterText is not None:
            filterObject=ldapfilter.parseFilter(filterText)
        elif filterObject is not None and filterText is None:
            pass
        elif filterObject is not None and filterText is not None:
            f=ldapfilter.parseFilter(filterText)
            filterObject=pureldap.LDAPFilter_and((f, filterObject))

        if scope is None:
            scope = pureldap.LDAP_SCOPE_wholeSubtree
        if derefAliases is None:
            derefAliases = pureldap.LDAP_DEREF_neverDerefAliases

        if attributes is None:
            attributes = ['1.1']

        results=[]
        if callback is None:
            cb=results.append
        else:
            cb=callback
        try:
            op = pureldap.LDAPSearchRequest(
                baseObject=str(self.dn),
                scope=scope,
                derefAliases=derefAliases,
                sizeLimit=sizeLimit,
                timeLimit=timeLimit,
                typesOnly=typesOnly,
                filter=filterObject,
                attributes=attributes)
            self.client.send_multiResponse(
                op, self._cbSearchMsg,
                d, cb, complete=not attributes,
                sizeLimitIsNonFatal=sizeLimitIsNonFatal)
        except ldapclient.LDAPClientConnectionLostException:
            d.errback(Failure())
        else:
            if callback is None:
                d.addCallback(lambda dummy: results)
        return d
예제 #6
0
파일: checkers.py 프로젝트: GrayAn/ldaptor
def makeFilter(name, template=None):
    filter=None
    try:
        filter=ldapfilter.parseFilter(name)
    except ldapfilter.InvalidLDAPFilter:
        try:
            filter=ldapfilter.parseFilter('('+name+')')
        except ldapfilter.InvalidLDAPFilter:
            if template is not None:
                try:
                    filter=ldapfilter.parseFilter(template % {'name':name})
                except ldapfilter.InvalidLDAPFilter:
                    pass
    return filter
예제 #7
0
def makeFilter(name, template=None):
    filter = None
    try:
        filter = ldapfilter.parseFilter(name)
    except ldapfilter.InvalidLDAPFilter:
        try:
            filter = ldapfilter.parseFilter("(" + name + ")")
        except ldapfilter.InvalidLDAPFilter:
            if template is not None:
                try:
                    filter = ldapfilter.parseFilter(template % {"name": name})
                except ldapfilter.InvalidLDAPFilter:
                    pass
    return filter
예제 #8
0
def makeFilter(name, template=None):
    filter = None
    try:
        filter = ldapfilter.parseFilter(name)
    except ldapfilter.InvalidLDAPFilter:
        try:
            filter = ldapfilter.parseFilter('(' + name + ')')
        except ldapfilter.InvalidLDAPFilter:
            if template is not None:
                try:
                    filter = ldapfilter.parseFilter(template % {'name': name})
                except ldapfilter.InvalidLDAPFilter:
                    pass
    return filter
예제 #9
0
 def test_cn(self):
     text = '(cn=Babs Jensen)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
         assertionValue=pureldap.LDAPAssertionValue(value='Babs Jensen'))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #10
0
 def test_whitespace_afterEq(self):
     text = r'(cn= foo)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
         assertionValue=pureldap.LDAPAssertionValue(value=' foo'))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #11
0
 def test_andornot(self):
     text = r'(&(!(|(cn=foo)(cn=bar)))(sn=a*b*c*d))'
     filt = pureldap.LDAPFilter_and([
         pureldap.LDAPFilter_not(
             pureldap.LDAPFilter_or([
                 pureldap.LDAPFilter_equalityMatch(
                     attributeDesc=pureldap.LDAPAttributeDescription(
                         value='cn'),
                     assertionValue=pureldap.LDAPAssertionValue(
                         value='foo')),
                 pureldap.LDAPFilter_equalityMatch(
                     attributeDesc=pureldap.LDAPAttributeDescription(
                         value='cn'),
                     assertionValue=pureldap.LDAPAssertionValue(
                         value='bar')),
             ])),
         pureldap.LDAPFilter_substrings(
             type='sn',
             substrings=[
                 pureldap.LDAPFilter_substrings_initial('a'),
                 pureldap.LDAPFilter_substrings_any('b'),
                 pureldap.LDAPFilter_substrings_any('c'),
                 pureldap.LDAPFilter_substrings_final('d'),
             ])
     ])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #12
0
 def test_escape_backslash(self):
     text = r'(filename=C:\5cMyFile)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='filename'),
         assertionValue=pureldap.LDAPAssertionValue(value=r'C:\MyFile'))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #13
0
 def test_cn(self):
     text = '(cn=Babs Jensen)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
         assertionValue=pureldap.LDAPAssertionValue(value='Babs Jensen'))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #14
0
 def test_escape_parens(self):
     text = r'(o=Parens R Us \28for all your parenthetical needs\29)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='o'),
         assertionValue=pureldap.LDAPAssertionValue(value='Parens R Us (for all your parenthetical needs)'))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #15
0
 def test_escape_utf8(self):
     text = r'(sn=Lu\c4\8di\c4\87)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='sn'),
         assertionValue=pureldap.LDAPAssertionValue(
             value='Lu\xc4\x8di\xc4\x87'))
     self.assertEquals(ldapfilter.parseFilter(text), filt)
예제 #16
0
 def test_escape_backslash(self):
     text = r'(filename=C:\5cMyFile)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='filename'),
         assertionValue=pureldap.LDAPAssertionValue(value=r'C:\MyFile'))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #17
0
파일: checkers.py 프로젝트: GrayAn/ldaptor
    def requestAvatarId(self, credentials):
        try:
            baseDN = self.config.getIdentityBaseDN()
        except config.MissingBaseDNError as e:
            return failure.Failure(error.UnauthorizedLogin("Disabled due configuration error: %s." % e))
        if not credentials.username:
            return failure.Failure(error.UnauthorizedLogin("I don't support anonymous"))
        filtText = self.config.getIdentitySearch(credentials.username)
        try:
            filt = ldapfilter.parseFilter(filtText)
        except ldapfilter.InvalidLDAPFilter:
            return failure.Failure(error.UnauthorizedLogin("Couldn't create filter"))

        c = ldapconnector.LDAPClientCreator(reactor, ldapclient.LDAPClient)
        d = c.connect(baseDN, self.config.getServiceLocationOverrides())
        d.addCallback(self._connected, filt, credentials)
        def _err(reason):
            reason.trap(ldaperrors.LDAPInvalidCredentials,

                        # this happens with slapd 2.1.30 when binding
                        # with DN but no password
                        ldaperrors.LDAPUnwillingToPerform)
            return failure.Failure(error.UnauthorizedLogin())
        d.addErrback(_err)
        return d
예제 #18
0
 def test_escape_parens(self):
     text = r'(o=Parens R Us \28for all your parenthetical needs\29)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='o'),
         assertionValue=pureldap.LDAPAssertionValue(value='Parens R Us (for all your parenthetical needs)'))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #19
0
 def test_escape_binary(self):
     text = r"(bin=\00\00\00\04)"
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value="bin"),
         assertionValue=pureldap.LDAPAssertionValue(value="\00\00\00\04"),
     )
     self.assertEqual(ldapfilter.parseFilter(text), filt)
예제 #20
0
    def requestAvatarId(self, credentials):
        try:
            baseDN = self.config.getIdentityBaseDN()
        except config.MissingBaseDNError as e:
            return failure.Failure(
                error.UnauthorizedLogin(
                    "Disabled due configuration error: %s." % e))
        if not credentials.username:
            return failure.Failure(
                error.UnauthorizedLogin("I don't support anonymous"))
        filtText = self.config.getIdentitySearch(credentials.username)
        try:
            filt = ldapfilter.parseFilter(filtText)
        except ldapfilter.InvalidLDAPFilter:
            return failure.Failure(
                error.UnauthorizedLogin("Couldn't create filter"))

        c = ldapconnector.LDAPClientCreator(reactor, ldapclient.LDAPClient)
        d = c.connect(baseDN, self.config.getServiceLocationOverrides())
        d.addCallback(self._connected, filt, credentials)

        def _err(reason):
            reason.trap(
                ldaperrors.LDAPInvalidCredentials,

                # this happens with slapd 2.1.30 when binding
                # with DN but no password
                ldaperrors.LDAPUnwillingToPerform)
            return failure.Failure(error.UnauthorizedLogin())

        d.addErrback(_err)
        return d
예제 #21
0
def main(cfg, filter_text):
    from twisted.python import log

    log.startLogging(sys.stderr, setStdout=0)

    try:
        baseDN = cfg.getBaseDN()
    except config.MissingBaseDNError as e:
        print("{}: {}.".format(sys.argv[0], e), file=sys.stderr)
        sys.exit(1)

    if filter_text is not None:
        filt = ldapfilter.parseFilter(filter_text)
    else:
        filt = None

    c = ldapconnector.LDAPClientCreator(reactor, ldapclient.LDAPClient)
    d = c.connectAnonymously(baseDN,
                             overrides=cfg.getServiceLocationOverrides())
    d.addCallback(cbConnected, cfg, filt)
    d.addErrback(error)
    d.addBoth(lambda x: reactor.stop())

    reactor.run()
    sys.exit(exitStatus)
예제 #22
0
 def test_escape_utf8(self):
     text = r"(sn=Lu\c4\8di\c4\87)"
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value="sn"),
         assertionValue=pureldap.LDAPAssertionValue(value="Lu\xc4\x8di\xc4\x87"),
     )
     self.assertEqual(ldapfilter.parseFilter(text), filt)
예제 #23
0
 def test_andornot(self):
     text = r"(&(!(|(cn=foo)(cn=bar)))(sn=a*b*c*d))"
     filt = pureldap.LDAPFilter_and(
         [
             pureldap.LDAPFilter_not(
                 pureldap.LDAPFilter_or(
                     [
                         pureldap.LDAPFilter_equalityMatch(
                             attributeDesc=pureldap.LDAPAttributeDescription(
                                 value="cn"
                             ),
                             assertionValue=pureldap.LDAPAssertionValue(value="foo"),
                         ),
                         pureldap.LDAPFilter_equalityMatch(
                             attributeDesc=pureldap.LDAPAttributeDescription(
                                 value="cn"
                             ),
                             assertionValue=pureldap.LDAPAssertionValue(value="bar"),
                         ),
                     ]
                 )
             ),
             pureldap.LDAPFilter_substrings(
                 type="sn",
                 substrings=[
                     pureldap.LDAPFilter_substrings_initial("a"),
                     pureldap.LDAPFilter_substrings_any("b"),
                     pureldap.LDAPFilter_substrings_any("c"),
                     pureldap.LDAPFilter_substrings_final("d"),
                 ],
             ),
         ]
     )
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #24
0
 def test_and_or(self):
     text = "(&(objectClass=Person)(|(sn=Jensen)(cn=Babs J*)))"
     filt = pureldap.LDAPFilter_and(
         [
             pureldap.LDAPFilter_equalityMatch(
                 attributeDesc=pureldap.LDAPAttributeDescription(
                     value="objectClass"
                 ),
                 assertionValue=pureldap.LDAPAssertionValue(value="Person"),
             ),
             pureldap.LDAPFilter_or(
                 [
                     pureldap.LDAPFilter_equalityMatch(
                         attributeDesc=pureldap.LDAPAttributeDescription(value="sn"),
                         assertionValue=pureldap.LDAPAssertionValue(value="Jensen"),
                     ),
                     pureldap.LDAPFilter_substrings(
                         type="cn",
                         substrings=[
                             pureldap.LDAPFilter_substrings_initial(value="Babs J")
                         ],
                     ),
                 ]
             ),
         ]
     )
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #25
0
 def coerce(self, *a, **kw):
     val = super(LDAPSearchFilter, self).coerce(*a, **kw)
     try:
         f = ldapfilter.parseFilter(val)
     except ldapfilter.InvalidLDAPFilter, e:
         raise annotate.InputError, \
               "%r is not a valid LDAP search filter: %s" % (val, e)
예제 #26
0
 def coerce(self, *a, **kw):
     val = super(LDAPSearchFilter, self).coerce(*a, **kw)
     try:
         f = ldapfilter.parseFilter(val)
     except ldapfilter.InvalidLDAPFilter, e:
         raise annotate.InputError, \
               "%r is not a valid LDAP search filter: %s" % (val, e)
예제 #27
0
 def test_whitespace_afterEq(self):
     text = r'(cn= foo)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
         assertionValue=pureldap.LDAPAssertionValue(value=' foo'))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #28
0
 def test_not_item(self):
     text = r'(!(cn=foo))'
     filt = pureldap.LDAPFilter_not(
         pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
         assertionValue=pureldap.LDAPAssertionValue(value='foo')))
     self.assertEquals(ldapfilter.parseFilter(text), filt)
     self.assertEquals(filt.asText(), text)
예제 #29
0
 def test_not_item(self):
     text = r'(!(cn=foo))'
     filt = pureldap.LDAPFilter_not(
         pureldap.LDAPFilter_equalityMatch(
             attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
             assertionValue=pureldap.LDAPAssertionValue(value='foo')))
     self.assertEquals(ldapfilter.parseFilter(text), filt)
     self.assertEquals(filt.asText(), text)
예제 #30
0
 def test_escape_asterisk(self):
     text = r'(cn=*\2A*)'
     filt = pureldap.LDAPFilter_substrings(
         type='cn',
         substrings=[ pureldap.LDAPFilter_substrings_any(value='*'),
                      ])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text.lower())
예제 #31
0
 def test_item_substring_any(self):
     text = r'(cn=*foo*)'
     filt = pureldap.LDAPFilter_substrings(
         type='cn',
         substrings=[pureldap.LDAPFilter_substrings_any('foo'),
                     ])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #32
0
 def test_item_substring_any(self):
     text = r'(cn=*foo*)'
     filt = pureldap.LDAPFilter_substrings(
         type='cn',
         substrings=[pureldap.LDAPFilter_substrings_any('foo'),
                     ])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #33
0
 def test_not_cn(self):
     text = '(!(cn=Tim Howes))'
     filt = pureldap.LDAPFilter_not(
         pureldap.LDAPFilter_equalityMatch(
             attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
             assertionValue=pureldap.LDAPAssertionValue(value='Tim Howes')))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #34
0
 def coerce(self, *a, **kw):
     val = super().coerce(*a, **kw)
     try:
         f = ldapfilter.parseFilter(val)
     except ldapfilter.InvalidLDAPFilter as e:
         raise annotate.InputError(
             "{!r} is not a valid LDAP search filter: {}".format(val, e))
     return f
예제 #35
0
 def test_escape_asterisk(self):
     text = r'(cn=*\2A*)'
     filt = pureldap.LDAPFilter_substrings(
         type='cn',
         substrings=[ pureldap.LDAPFilter_substrings_any(value='*'),
                      ])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text.lower())
예제 #36
0
 def test_not_cn(self):
     text = '(!(cn=Tim Howes))'
     filt = pureldap.LDAPFilter_not(
         pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
         assertionValue=pureldap.LDAPAssertionValue(value='Tim Howes')))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #37
0
 def test_whitespace_beforeCloseParen(self):
     text = r"(cn=foo )"
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value="cn"),
         assertionValue=pureldap.LDAPAssertionValue(value="foo "),
     )
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #38
0
 def test_item_substring_if(self):
     text = r'(cn=foo*bar)'
     filt = pureldap.LDAPFilter_substrings(
         type='cn',
         substrings=[pureldap.LDAPFilter_substrings_initial('foo'),
                     pureldap.LDAPFilter_substrings_final('bar'),
                     ])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #39
0
 def test_item_substring_if(self):
     text = r'(cn=foo*bar)'
     filt = pureldap.LDAPFilter_substrings(
         type='cn',
         substrings=[pureldap.LDAPFilter_substrings_initial('foo'),
                     pureldap.LDAPFilter_substrings_final('bar'),
                     ])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #40
0
 def test_extensible_1(self):
     text = '(cn:1.2.3.4.5:=Fred Flintstone)'
     self.assertEqual(ldapfilter.parseFilter(text),
                       pureldap.LDAPFilter_extensibleMatch(
         type='cn',
         dnAttributes=False,
         matchingRule='1.2.3.4.5',
         matchValue='Fred Flintstone',
         ))
예제 #41
0
 def test_extensible_3(self):
     text = '(o:dn:=Ace Industry)'
     self.assertEqual(ldapfilter.parseFilter(text),
                       pureldap.LDAPFilter_extensibleMatch(
         type='o',
         dnAttributes=True,
         matchingRule=None,
         matchValue='Ace Industry',
         ))
예제 #42
0
 def test_extensible_4(self):
     text = '(:dn:2.4.6.8.10:=Dino)'
     self.assertEqual(ldapfilter.parseFilter(text),
                       pureldap.LDAPFilter_extensibleMatch(
         type=None,
         dnAttributes=True,
         matchingRule='2.4.6.8.10',
         matchValue='Dino',
         ))
예제 #43
0
 def test_extensible_2(self):
     text = '(sn:dn:2.4.6.8.10:=Barney Rubble)'
     self.assertEqual(ldapfilter.parseFilter(text),
                       pureldap.LDAPFilter_extensibleMatch(
         type='sn',
         dnAttributes=True,
         matchingRule='2.4.6.8.10',
         matchValue='Barney Rubble',
         ))
예제 #44
0
 def test_not_item(self):
     text = r"(!(cn=foo))"
     filt = pureldap.LDAPFilter_not(
         pureldap.LDAPFilter_equalityMatch(
             attributeDesc=pureldap.LDAPAttributeDescription(value="cn"),
             assertionValue=pureldap.LDAPAssertionValue(value="foo"),
         )
     )
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #45
0
 def test_extensible_3(self):
     text = "(o:dn:=Ace Industry)"
     filt = pureldap.LDAPFilter_extensibleMatch(
         type="o",
         dnAttributes=True,
         matchingRule=None,
         matchValue="Ace Industry",
     )
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #46
0
 def test_extensible_1(self):
     text = "(cn:1.2.3.4.5:=Fred Flintstone)"
     filt = pureldap.LDAPFilter_extensibleMatch(
         type="cn",
         dnAttributes=False,
         matchingRule="1.2.3.4.5",
         matchValue="Fred Flintstone",
     )
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #47
0
 def test_item_substring_any(self):
     text = r"(cn=*foo*)"
     filt = pureldap.LDAPFilter_substrings(
         type="cn",
         substrings=[
             pureldap.LDAPFilter_substrings_any("foo"),
         ],
     )
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #48
0
 def test_substrings(self):
     text = '(o=univ*of*mich*)'
     filt = pureldap.LDAPFilter_substrings(
         type='o',
         substrings=[ pureldap.LDAPFilter_substrings_initial(value='univ'),
                      pureldap.LDAPFilter_substrings_any(value='of'),
                      pureldap.LDAPFilter_substrings_any(value='mich'),
                      ])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #49
0
 def test_extensible_2(self):
     text = "(sn:dn:2.4.6.8.10:=Barney Rubble)"
     filt = pureldap.LDAPFilter_extensibleMatch(
         type="sn",
         dnAttributes=True,
         matchingRule="2.4.6.8.10",
         matchValue="Barney Rubble",
     )
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #50
0
 def test_and_item(self):
     text = r'(&(cn=foo)(cn=bar))'
     filt = pureldap.LDAPFilter_and([
         pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
         assertionValue=pureldap.LDAPAssertionValue(value='foo')),
         pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
         assertionValue=pureldap.LDAPAssertionValue(value='bar')),
         ])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #51
0
파일: search.py 프로젝트: norox/ldaptor
    def search(self, ctx, scope, searchfilter, **kw):
        filt = []
        for k, v in kw.items():
            assert k.startswith("search_")
            if not k.startswith("search_"):
                continue
            k = k[len("search_") :]
            if v is None:
                continue
            v = v.strip()
            if v == "":
                continue

            # TODO escape ) in v
            # TODO handle unknown filter name right (old form open in browser etc)
            filter_ = config.getSearchFieldByName(k, vars={"input": v})
            filt.append(ldapfilter.parseFilter(filter_))
        if searchfilter:
            try:
                filt.append(ldapfilter.parseFilter(searchfilter))
            except ldapfilter.InvalidLDAPFilter, e:
                raise annotate.ValidateError({"searchfilter": str(e)}, partialForm=inevow.IRequest(ctx).args)
예제 #52
0
 def test_and_or(self):
     text = '(&(objectClass=Person)(|(sn=Jensen)(cn=Babs J*)))'
     filt = pureldap.LDAPFilter_and(
         [ pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='objectClass'),
         assertionValue=pureldap.LDAPAssertionValue(value='Person')),
           pureldap.LDAPFilter_or([ pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='sn'),
         assertionValue=pureldap.LDAPAssertionValue(value='Jensen')),
                                    pureldap.LDAPFilter_substrings(
         type='cn',
         substrings=[ pureldap.LDAPFilter_substrings_initial(value='Babs J')
                      ])
                                    ]),
           ])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #53
0
 def test_andornot(self):
     text = r'(&(!(|(cn=foo)(cn=bar)))(sn=a*b*c*d))'
     filt = pureldap.LDAPFilter_and([
         pureldap.LDAPFilter_not(
         pureldap.LDAPFilter_or([
         pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
         assertionValue=pureldap.LDAPAssertionValue(value='foo')),
         pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='cn'),
         assertionValue=pureldap.LDAPAssertionValue(value='bar')),
         ])),
         pureldap.LDAPFilter_substrings(
         type='sn',
         substrings=[pureldap.LDAPFilter_substrings_initial('a'),
                     pureldap.LDAPFilter_substrings_any('b'),
                     pureldap.LDAPFilter_substrings_any('c'),
                     pureldap.LDAPFilter_substrings_final('d'),
                     ])])
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #54
0
    def test_bind_match_badAuth(self):
        server = self.createServer(
            services=['svc1',
                      'svc2',
                      'svc3',
                      ],
            fallback=True,
            responses=[

            # svc1
            [ pureldap.LDAPSearchResultEntry(r'cn=svc1+owner=cn\=jack\,dc\=example\,dc\=com,dc=example,dc=com',
                                             attributes=[]),
              pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode) ],
            [ pureldap.LDAPBindResponse(resultCode=ldaperrors.LDAPInvalidCredentials.resultCode) ],

            # svc2
            [ pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode) ],

            # svc3
            [ pureldap.LDAPSearchResultEntry(r'cn=svc3+owner=cn\=jack\,dc\=example\,dc\=com,dc=example,dc=com',
                                             attributes=[]),
              pureldap.LDAPSearchResultDone(ldaperrors.Success.resultCode) ],
            [ pureldap.LDAPBindResponse(resultCode=ldaperrors.LDAPInvalidCredentials.resultCode) ],
            [ pureldap.LDAPBindResponse(resultCode=ldaperrors.LDAPInvalidCredentials.resultCode) ],
            ])

        server.dataReceived(
            pureldap.LDAPMessage(
                pureldap.LDAPBindRequest(dn='cn=jack,dc=example,dc=com', auth='wrong-s3krit'),
                id=4
            ).toWire()
        )
        reactor.iterate() #TODO
        client = server.client

        client.assertSent(
            pureldap.LDAPSearchRequest(baseObject='dc=example,dc=com',
                                       derefAliases=0,
                                       sizeLimit=0,
                                       timeLimit=0,
                                       typesOnly=0,
                                       filter=ldapfilter.parseFilter('(&'
                                                                     +'(objectClass=serviceSecurityObject)'
                                                                     +'(owner=cn=jack,dc=example,dc=com)'
                                                                     +'(cn=svc1)'
                                                                     +('(|(!(validFrom=*))(validFrom<=%s))' % server.now)
                                                                     +('(|(!(validUntil=*))(validUntil>=%s))' % server.now)
                                                                     +')'),
                                       attributes=('1.1',)),
            pureldap.LDAPBindRequest(dn=r'cn=svc1+owner=cn\=jack\,dc\=example\,dc\=com,dc=example,dc=com', auth='wrong-s3krit'),
            pureldap.LDAPSearchRequest(baseObject='dc=example,dc=com',
                                       derefAliases=0,
                                       sizeLimit=0,
                                       timeLimit=0,
                                       typesOnly=0,
                                       filter=ldapfilter.parseFilter('(&'
                                                                     +'(objectClass=serviceSecurityObject)'
                                                                     +'(owner=cn=jack,dc=example,dc=com)'
                                                                     +'(cn=svc2)'
                                                                     +('(|(!(validFrom=*))(validFrom<=%s))' % server.now)
                                                                     +('(|(!(validUntil=*))(validUntil>=%s))' % server.now)
                                                                     +')'),
                                       attributes=('1.1',)),
            pureldap.LDAPSearchRequest(baseObject='dc=example,dc=com',
                                       derefAliases=0,
                                       sizeLimit=0,
                                       timeLimit=0,
                                       typesOnly=0,
                                       filter=ldapfilter.parseFilter('(&'
                                                                     +'(objectClass=serviceSecurityObject)'
                                                                     +'(owner=cn=jack,dc=example,dc=com)'
                                                                     +'(cn=svc3)'
                                                                     +('(|(!(validFrom=*))(validFrom<=%s))' % server.now)
                                                                     +('(|(!(validUntil=*))(validUntil>=%s))' % server.now)
                                                                     +')'),
                                       attributes=('1.1',)),
            pureldap.LDAPBindRequest(dn='cn=svc3+owner=cn\=jack\,dc\=example\,dc\=com,dc=example,dc=com', auth='wrong-s3krit'),
            pureldap.LDAPBindRequest(version=3, dn='cn=jack,dc=example,dc=com', auth='wrong-s3krit'),
            )
        self.assertEqual(
            server.transport.value(),
            pureldap.LDAPMessage(
                pureldap.LDAPBindResponse(resultCode=ldaperrors.LDAPInvalidCredentials.resultCode),
                id=4
            ).toWire()
        )
예제 #55
0
 def test_escape_binary(self):
     text = r'(bin=\00\00\00\04)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='bin'),
         assertionValue=pureldap.LDAPAssertionValue(value='\00\00\00\04'))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
예제 #56
0
 def test_escape_utf8(self):
     text = r'(sn=Lu\c4\8di\c4\87)'
     filt = pureldap.LDAPFilter_equalityMatch(
         attributeDesc=pureldap.LDAPAttributeDescription(value='sn'),
         assertionValue=pureldap.LDAPAssertionValue(value='Lu\xc4\x8di\xc4\x87'))
     self.assertEqual(ldapfilter.parseFilter(text), filt)
예제 #57
0
 def test_item_present(self):
     text = r'(cn=*)'
     filt = pureldap.LDAPFilter_present(value='cn')
     self.assertEqual(ldapfilter.parseFilter(text), filt)
     self.assertEqual(filt.asText(), text)
예제 #58
0
 def _doSearch(proto, searchFilter):
     searchFilter = ldapfilter.parseFilter(searchFilter)
     baseEntry = ldapsyntax.LDAPEntry(client=proto,
                                      dn=self.config.getBaseDN())
     d=baseEntry.search(filterObject=searchFilter)
     return d
예제 #59
0
    def search(self,
               filterText=None,
               filterObject=None,
               attributes=(),
               scope=None,
               derefAliases=None,
               sizeLimit=0,
               sizeLimitIsNonFatal=False,
               timeLimit=0,
               typesOnly=0,
               callback=None,
               controls=None,
               return_controls=False):
        self._checkState()
        d = defer.Deferred()
        if filterObject is None and filterText is None:
            filterObject = pureldap.LDAPFilterMatchAll
        elif filterObject is None and filterText is not None:
            filterObject = ldapfilter.parseFilter(filterText)
        elif filterObject is not None and filterText is None:
            pass
        elif filterObject is not None and filterText is not None:
            f = ldapfilter.parseFilter(filterText)
            filterObject = pureldap.LDAPFilter_and((f, filterObject))

        if scope is None:
            scope = pureldap.LDAP_SCOPE_wholeSubtree
        if derefAliases is None:
            derefAliases = pureldap.LDAP_DEREF_neverDerefAliases

        if attributes is None:
            attributes = ['1.1']

        results = []
        if callback is None:
            cb = results.append
        else:
            cb = callback
        try:
            op = pureldap.LDAPSearchRequest(
                baseObject=self.dn.getText(),
                scope=scope,
                derefAliases=derefAliases,
                sizeLimit=sizeLimit,
                timeLimit=timeLimit,
                typesOnly=typesOnly,
                filter=filterObject,
                attributes=attributes)
            dsend = self.client.send_multiResponse_ex(
                op,
                controls,
                self._cbSearchMsg,
                d,
                cb,
                complete=not attributes,
                sizeLimitIsNonFatal=sizeLimitIsNonFatal)
        except ldapclient.LDAPClientConnectionLostException:
            d.errback(Failure())
        else:
            if callback is None:
                if return_controls:
                    d.addCallback(lambda ctls: (results, ctls))
                else:
                    d.addCallback(lambda dummy: results)

            def rerouteerr(e):
                d.errback(e)
                # returning None will stop the error
                # from being propagated and logged.

            dsend.addErrback(rerouteerr)
        return d