def test_andornot(self): text = r"(&(!(|(cn=foo)(cn=bar)))(sn=a*b*c*d))" filt = pureldap.LDAPFilter_and( [ pureldap.LDAPFilter_not( pureldap.LDAPFilter_or( [ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value="cn" ), assertionValue=pureldap.LDAPAssertionValue(value="foo"), ), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value="cn" ), assertionValue=pureldap.LDAPAssertionValue(value="bar"), ), ] ) ), pureldap.LDAPFilter_substrings( type="sn", substrings=[ pureldap.LDAPFilter_substrings_initial("a"), pureldap.LDAPFilter_substrings_any("b"), pureldap.LDAPFilter_substrings_any("c"), pureldap.LDAPFilter_substrings_final("d"), ], ), ] ) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def test_andornot(self): text = r'(&(!(|(cn=foo)(cn=bar)))(sn=a*b*c*d))' filt = pureldap.LDAPFilter_and([ pureldap.LDAPFilter_not( pureldap.LDAPFilter_or([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value='cn'), assertionValue=pureldap.LDAPAssertionValue( value='foo')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value='cn'), assertionValue=pureldap.LDAPAssertionValue( value='bar')), ])), pureldap.LDAPFilter_substrings( type='sn', substrings=[ pureldap.LDAPFilter_substrings_initial('a'), pureldap.LDAPFilter_substrings_any('b'), pureldap.LDAPFilter_substrings_any('c'), pureldap.LDAPFilter_substrings_final('d'), ]) ]) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def test_and_or(self): text = "(&(objectClass=Person)(|(sn=Jensen)(cn=Babs J*)))" filt = pureldap.LDAPFilter_and( [ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value="objectClass" ), assertionValue=pureldap.LDAPAssertionValue(value="Person"), ), pureldap.LDAPFilter_or( [ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value="sn"), assertionValue=pureldap.LDAPAssertionValue(value="Jensen"), ), pureldap.LDAPFilter_substrings( type="cn", substrings=[ pureldap.LDAPFilter_substrings_initial(value="Babs J") ], ), ] ), ] ) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def _cb_testDefaultSetting(self, val, client, o): client.assertSent( *[ pureldap.LDAPSearchRequest( baseObject='dc=example,dc=com', scope=2, derefAliases=0, sizeLimit=1, timeLimit=0, typesOnly=0, filter=pureldap.LDAPFilter_equalityMatch(attributeDesc=pureldap.LDAPAttributeDescription(value='uidNumber'), assertionValue=pureldap.LDAPAssertionValue(value='1000')), attributes=()), ] + [ pureldap.LDAPSearchRequest( baseObject='dc=example,dc=com', scope=2, derefAliases=0, sizeLimit=1, timeLimit=0, typesOnly=0, filter=pureldap.LDAPFilter_equalityMatch(attributeDesc=pureldap.LDAPAttributeDescription(value='gidNumber'), assertionValue=pureldap.LDAPAssertionValue(value=str(x))), attributes=()) for x in (1000, 1500, 1250, 1125, 1062, 1031, 1046, 1038, 1042, 1040, 1041)]) self.failUnless('loginShell' in o) self.failUnlessEqual(o['loginShell'], ['/bin/sh']) self.failUnless('uidNumber' in o) self.failUnlessEqual(o['uidNumber'], ['1000']) self.failUnless('gidNumber' in o) self.failUnlessEqual(o['gidNumber'], ['1042'])
def test_escape_and_equal(self): def custom_escaper(s): return ''.join(bin(ord(c)) for c in s) filter1 = pureldap.LDAPFilter_and([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('foo'), assertionValue=pureldap.LDAPAttributeValue('1'), escaper=custom_escaper ), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('foo'), assertionValue=pureldap.LDAPAttributeValue('2') ), ]) filter2 = pureldap.LDAPFilter_and([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('foo'), assertionValue=pureldap.LDAPAttributeValue('1') ), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('foo'), assertionValue=pureldap.LDAPAttributeValue('2'), escaper=custom_escaper ), ]) self.assertEqual(filter1, filter2)
def _tryService(self, services, baseEntry, request, controls, reply): try: serviceName = services.pop(0) except IndexError: return None timestamp = self.timestamp() d = baseEntry.search( filterObject=pureldap.LDAPFilter_and([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( 'objectClass'), assertionValue=pureldap.LDAPAssertionValue( 'serviceSecurityObject')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('owner'), assertionValue=pureldap.LDAPAssertionValue(request.dn)), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('cn'), assertionValue=pureldap.LDAPAssertionValue(serviceName)), pureldap.LDAPFilter_or([ # no time pureldap.LDAPFilter_not( pureldap.LDAPFilter_present('validFrom')), # or already valid pureldap.LDAPFilter_lessOrEqual( attributeDesc=pureldap.LDAPAttributeDescription( 'validFrom'), assertionValue=pureldap.LDAPAssertionValue(timestamp)), ]), pureldap.LDAPFilter_or([ # no time pureldap.LDAPFilter_not( pureldap.LDAPFilter_present('validUntil')), # or still valid pureldap.LDAPFilter_greaterOrEqual( attributeDesc=pureldap.LDAPAttributeDescription( 'validUntil'), assertionValue=pureldap.LDAPAssertionValue(timestamp)), ]), ]), attributes=('1.1', )) def _gotEntries(entries): if not entries: return None assert len(entries) == 1 #TODO e = entries[0] d = e.bind(request.auth) return d d.addCallback(_gotEntries) d.addCallbacks(callback=self._loopIfNone, callbackArgs=(services, baseEntry, request, controls, reply), errback=self._loopIfBindError, errbackArgs=(services, baseEntry, request, controls, reply)) return d
def test_and_item(self): text = r'(&(cn=foo)(cn=bar))' filt = pureldap.LDAPFilter_and([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='cn'), assertionValue=pureldap.LDAPAssertionValue(value='foo')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='cn'), assertionValue=pureldap.LDAPAssertionValue(value='bar')), ]) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def _cb_testDefaultSetting(self, val, client, o): client.assertSent(*[ pureldap.LDAPSearchRequest( baseObject="dc=example,dc=com", scope=2, derefAliases=0, sizeLimit=1, timeLimit=0, typesOnly=0, filter=pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value="uidNumber"), assertionValue=pureldap.LDAPAssertionValue(value="1000"), ), attributes=(), ), ] + [ pureldap.LDAPSearchRequest( baseObject="dc=example,dc=com", scope=2, derefAliases=0, sizeLimit=1, timeLimit=0, typesOnly=0, filter=pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value="gidNumber"), assertionValue=pureldap.LDAPAssertionValue(value=str(x)), ), attributes=(), ) for x in ( 1000, 1500, 1250, 1125, 1062, 1031, 1046, 1038, 1042, 1040, 1041, ) ]) self.failUnless("loginShell" in o) self.failUnlessEqual(o["loginShell"], ["/bin/sh"]) self.failUnless("uidNumber" in o) self.failUnlessEqual(o["uidNumber"], ["1000"]) self.failUnless("gidNumber" in o) self.failUnlessEqual(o["gidNumber"], ["1042"])
def test_nested_equal(self): filter1 = pureldap.LDAPFilter_or([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('foo'), assertionValue=pureldap.LDAPAttributeValue('1')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('bar'), assertionValue=pureldap.LDAPAttributeValue('2')), pureldap.LDAPFilter_and([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('baz'), assertionValue=pureldap.LDAPAttributeValue('1')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('bob'), assertionValue=pureldap.LDAPAttributeValue('2')), ]), ]) filter2 = pureldap.LDAPFilter_or([ pureldap.LDAPFilter_and([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('bob'), assertionValue=pureldap.LDAPAttributeValue('2')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('baz'), assertionValue=pureldap.LDAPAttributeValue('1')), ]), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('bar'), assertionValue=pureldap.LDAPAttributeValue('2')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('foo'), assertionValue=pureldap.LDAPAttributeValue('1')), ]) self.assertEqual(filter1, filter2)
def buildFilter(hosts): for host in hosts: f = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription("member"), assertionValue=pureber.BEROctetString(str(host.dn)), ) yield f
def test_whitespace_afterEq(self): text = r'(cn= foo)' filt = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='cn'), assertionValue=pureldap.LDAPAssertionValue(value=' foo')) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def test_escape_backslash(self): text = r'(filename=C:\5cMyFile)' filt = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='filename'), assertionValue=pureldap.LDAPAssertionValue(value=r'C:\MyFile')) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def test_cn(self): text = '(cn=Babs Jensen)' filt = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='cn'), assertionValue=pureldap.LDAPAssertionValue(value='Babs Jensen')) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def test_escape_parens(self): text = r'(o=Parens R Us \28for all your parenthetical needs\29)' filt = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='o'), assertionValue=pureldap.LDAPAssertionValue(value='Parens R Us (for all your parenthetical needs)')) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def test_escape_utf8(self): text = r'(sn=Lu\c4\8di\c4\87)' filt = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='sn'), assertionValue=pureldap.LDAPAssertionValue( value='Lu\xc4\x8di\xc4\x87')) self.assertEquals(ldapfilter.parseFilter(text), filt)
def _cbCompareGotBase(base, ava, reply): def _done(result_list): if result_list: resultCode = ldaperrors.LDAPCompareTrue.resultCode else: resultCode = ldaperrors.LDAPCompareFalse.resultCode return pureldap.LDAPCompareResponse(resultCode) # base.search only works with Filter Objects, and not with # AttributeValueAssertion objects. Here we convert the AVA to an # equivalent Filter so we can re-use the existing search # functionality we require. search_filter = pureldap.LDAPFilter_equalityMatch( attributeDesc=ava.attributeDesc, assertionValue=ava.assertionValue ) d = base.search( filterObject=search_filter, scope=pureldap.LDAP_SCOPE_baseObject, derefAliases=pureldap.LDAP_DEREF_neverDerefAliases ) d.addCallback(_done) return d
def test_default_escaper(self): chars = '\\*()\0' escaped_chars = '\\5c\\2a\\28\\29\\00' filters = [ (pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('key'), assertionValue=pureldap.LDAPAttributeValue(chars)), '(key={})'.format(escaped_chars)), (pureldap.LDAPFilter_substrings_initial(value=chars), '{}'.format(escaped_chars)), (pureldap.LDAPFilter_substrings_any(value=chars), '{}'.format(escaped_chars)), (pureldap.LDAPFilter_substrings_final(value=chars), '{}'.format(escaped_chars)), (pureldap.LDAPFilter_greaterOrEqual( attributeDesc=pureldap.LDAPString('key'), assertionValue=pureldap.LDAPString(chars)), '(key>={})'.format(escaped_chars)), (pureldap.LDAPFilter_lessOrEqual( attributeDesc=pureldap.LDAPString('key'), assertionValue=pureldap.LDAPString(chars)), '(key<={})'.format(escaped_chars)), (pureldap.LDAPFilter_approxMatch( attributeDesc=pureldap.LDAPString('key'), assertionValue=pureldap.LDAPString(chars)), '(key~={})'.format(escaped_chars)), ] for filt, expected in filters: result = filt.asText() self.assertEqual(expected, result)
def test_escape_simple(self): text = r"f\2aoo(bar" filt = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value="cn"), assertionValue=pureldap.LDAPAssertionValue(value="f*oo(bar"), ) self.assertEqual(ldapfilter.parseMaybeSubstring("cn", text), filt)
def getHosts(nets, e, filter): filt = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription("objectClass"), assertionValue=pureber.BEROctetString("ipHost"), ) if filter: filt = pureldap.LDAPFilter_and(value=(filter, filt)) def _cbGotHost(e): host = Host(str(e.dn), str(only(e, "cn")), list(str(i) for i in e["ipHostNumber"])) for hostIP in host.ipAddresses: parent = None for net in nets: if net.isInNet(hostIP.ipAddress): parent = net break if parent: hostIP.printZone(parent.name) else: sys.stderr.write("IP address %s is in no net, discarding.\n" % hostIP) d = e.search(filterObject=filt, attributes=["ipHostNumber", "cn"], callback=_cbGotHost) return d
def test_escape_utf8(self): text = r"(sn=Lu\c4\8di\c4\87)" filt = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value="sn"), assertionValue=pureldap.LDAPAssertionValue(value="Lu\xc4\x8di\xc4\x87"), ) self.assertEqual(ldapfilter.parseFilter(text), filt)
def test_or_item(self): text = r"(|(cn=foo)(cn=bar))" filt = pureldap.LDAPFilter_or( [ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value="cn"), assertionValue=pureldap.LDAPAssertionValue(value="foo"), ), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value="cn"), assertionValue=pureldap.LDAPAssertionValue(value="bar"), ), ] ) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def test_escape_binary(self): text = r"(bin=\00\00\00\04)" filt = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value="bin"), assertionValue=pureldap.LDAPAssertionValue(value="\00\00\00\04"), ) self.assertEqual(ldapfilter.parseFilter(text), filt)
def test_not_item(self): text = r'(!(cn=foo))' filt = pureldap.LDAPFilter_not( pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='cn'), assertionValue=pureldap.LDAPAssertionValue(value='foo'))) self.assertEquals(ldapfilter.parseFilter(text), filt) self.assertEquals(filt.asText(), text)
def test_whitespace_beforeCloseParen(self): text = r"(cn=foo )" filt = pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value="cn"), assertionValue=pureldap.LDAPAssertionValue(value="foo "), ) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def test_and_or(self): text = '(&(objectClass=Person)(|(sn=Jensen)(cn=Babs J*)))' filt = pureldap.LDAPFilter_and( [ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='objectClass'), assertionValue=pureldap.LDAPAssertionValue(value='Person')), pureldap.LDAPFilter_or([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='sn'), assertionValue=pureldap.LDAPAssertionValue(value='Jensen')), pureldap.LDAPFilter_substrings( type='cn', substrings=[ pureldap.LDAPFilter_substrings_initial(value='Babs J') ]) ]), ]) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def test_not_cn(self): text = '(!(cn=Tim Howes))' filt = pureldap.LDAPFilter_not( pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value='cn'), assertionValue=pureldap.LDAPAssertionValue(value='Tim Howes'))) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def data_servicePasswords(self, ctx, data): user = ctx.locate(inevow.ISession).getLoggedInRoot().loggedIn config = interfaces.ILDAPConfig(ctx) e = ldapsyntax.LDAPEntry(client=user.client, dn=config.getBaseDN()) d = e.search(filterObject=pureldap.LDAPFilter_and([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('objectClass'), assertionValue=pureldap.LDAPAssertionValue( 'serviceSecurityObject')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('owner'), assertionValue=pureldap.LDAPAssertionValue(str(self.dn))), pureldap.LDAPFilter_present('cn'), ]), attributes=['cn']) return d
def guess(self, num): d = self.ldapObject.search( filterObject=pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription( value=self.numberType), assertionValue=pureldap.LDAPAssertionValue(value=str(num))), sizeLimit=1) d.addCallback(lambda results: len(results)) return d
def test_not_item(self): text = r"(!(cn=foo))" filt = pureldap.LDAPFilter_not( pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription(value="cn"), assertionValue=pureldap.LDAPAssertionValue(value="foo"), ) ) self.assertEqual(ldapfilter.parseFilter(text), filt) self.assertEqual(filt.asText(), text)
def test_basic_or_not_equal(self): filter1 = pureldap.LDAPFilter_or([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('foo'), assertionValue=pureldap.LDAPAttributeValue('1')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('bar'), assertionValue=pureldap.LDAPAttributeValue('2')), ]) filter2 = pureldap.LDAPFilter_or([ pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('bar'), assertionValue=pureldap.LDAPAttributeValue('1')), pureldap.LDAPFilter_equalityMatch( attributeDesc=pureldap.LDAPAttributeDescription('foo'), assertionValue=pureldap.LDAPAttributeValue('1')), ]) self.assertNotEqual(filter1, filter2)