class LDAPTestCase(TestCase): def setUp(self): self.ldap = LDAP("wwu") def test_search_groups(self): self.ldap = LDAP("wwu") query = "*webteam*" results = self.ldap.search_groups(query) self.assertTrue(len(results) > 0) def test_search_people(self): query = "Firass Asad" results = self.ldap.search_people(query) self.assertEquals(len(results), 1) def test_get_person_by_username(self): username = "******" person = self.ldap.get_person_by_username(username) self.assertEquals(username, person.sAMAccountName[0]) def test_get_token_groups_by_user(self): username = "******" person = self.ldap.get_person_by_username(username) token_groups = self.ldap.get_token_groups_by_dn(person.dn) self.assertTrue(len(token_groups) > 0) self.assertTrue(token_groups[1] is not None, token_groups) self.assertTrue(token_groups[1].startswith("grp"), token_groups)
class LDAPResultTestCase(TestCase): def setUp(self): self.ldap = LDAP("wwu") def test_get_token_groups_by_user(self): username = "******" person = self.ldap.get_person_by_username(username) self.assertTrue(len(person.groups) > 0) self.assertTrue(person.groups[1] is not None, person.groups) self.assertTrue(person.groups[1].startswith("grp"), person.groups)
def get_group_permissions(self, user): """ Updates the set of locally defined group permissions with all permissions available to the given user through their LDAP group membership. """ # Get locally stored group permissions. permissions_set = super(LDAPBackend, self).get_group_permissions(user) try: key = "group_permissions_%s" % user.username groups = cache.get(key) # Explicitly test for None because the cache may have had a "hit" # for the given key and returned a value that would evaluate to # False (e.g., [] or ""). if groups is None: ldap = LDAP("wwu") ldap_person = ldap.get_person_by_username(user.username) # Try to get the groups attribute from the ldap_person. If # ldap_person is None or doesn't have a groups attribute, the # groups value is just an empty list. groups = getattr(ldap_person, "groups", []) cache.set(key, groups) # The traditional ModelBackend fetches all Permission instances # associated with groups for which the current user is a member. # This backend doesn't rely on local user/group relationships so it # queries Permissions directly by group name instead of by # group__user foreign key relationship. if len(groups) > 0: permissions = Permission.objects \ .filter(group__name__in=groups) \ .values_list("content_type__app_label", "codename") \ .order_by() permissions_set.update(set(["%s.%s" % (ct, name) for ct, name in permissions])) except OPERATIONS_ERROR, e: mail_admins("LDAP Operations Error", "%s" % str(e))