def profile():
with Connection(server,
current_user.dn,
current_user.get_password(),
auto_bind=True) as conn:
person = ObjectDef(["inetOrgPerson"], conn)
r = Reader(conn, person, current_user.dn)
r.search()
# print(r[0].entry_attributes_as_dict)
form = ProfileForm(request.form, obj=current_user)
if request.method == "POST" and form.validate():
w = Writer.from_cursor(r)
# print(w[0].entry_attributes_as_dict)
current_user.email = form.email.data
current_user.vorname = form.vorname.data
current_user.nachname = form.nachname.data
w[0].givenName = current_user.vorname
w[0].sn = current_user.nachname
w[0].mail = current_user.email
result = w[0].entry_commit_changes(refresh=True, controls=None)
if result:
flash(u"Profiländerung erfolgreich", "success")
return redirect(url_for("index"))
else:
flash(u"Profiländerung nicht erfolgreich", "danger")
return render_template(
"/admin/changeprofile.html",
form=form,
user=current_user,
title=u"Profiländerung",
)
def reset_password(self):
ldap_server = Server(host=self.server.server_host,
port=self.server.server_port,
use_ssl=self.server.start_tls,
get_info=ALL)
connection = Connection(server=ldap_server,
user=self.server.admin_username,
password=self.server.admin_password,
raise_exceptions=True,
authentication=NTLM)
connection.bind()
cursor_reader = Reader(connection,
self.person,
self.server.search_base,
query=self.query)
cursor_reader.search()
cursor_writer = Writer.from_cursor(cursor_reader)
if cursor_reader.entries:
ldap_user = cursor_writer[0]
self._reset_password(connection, ldap_user)
ldap_user.entry_commit_changes()
connection.unbind()
def get_listMembers(self, listname, search_base):
memberlist = []
with Connection(
self.__ldap_server,
self.__ldap_user,
self.__ldap_password,
auto_bind=True,
) as conn:
bswlist = ObjectDef(["groupOfURLs"], conn)
bswlist += "uniqueMember"
bswmember = ObjectDef(["inetOrgPerson"], conn)
r = Reader(conn, bswlist, search_base, "cn:=" + listname)
r.search()
for entry in r:
# print(entry.entry_attributes_as_dict)
# print(entry['uniqueMember'])
for item in entry["uniqueMember"]:
# print(item.split(',')[0].split('=')[1])
r2 = Reader(
conn,
bswmember,
self.ldap_basedn,
"cn:=" + item.split(",")[0].split("=")[1],
)
r2.search()
for member in r2:
memberlist.append((
member["sn"][0] + "," + member["givenName"][0],
member["mail"][0],
))
return memberlist
def test_read_entry_with_attribute_from_auxiliary_class(self):
if test_server_type != 'AD':
w = Writer(self.connection,
'inetorgperson',
auxiliary_class='homeInfo')
n = w.new('cn=' + testcase_id + 'new-3,' + test_base)
n.sn = 'sn-test-3'
n.homeState = 'state-test-3'
self.assertEqual(n.entry_status, STATUS_PENDING_CHANGES)
n.entry_commit_changes()
self.assertEqual(n.sn, 'sn-test-3')
self.assertEqual(n.homeState, 'state-test-3')
self.assertEqual(n.entry_status, STATUS_COMMITTED)
r = Reader(self.connection,
'inetorgperson',
test_base,
'(cn=' + testcase_id + 'new-3',
auxiliary_class='homeInfo')
r.search()
self.assertTrue(r[0].cn, testcase_id + 'new-3')
self.assertTrue(r[0].homeState, testcase_id + 'state-test-3')
w1 = Writer.from_cursor(r)
w1[0].entry_delete()
w1.commit()
def Verify():
print()
print('v : verify password', d)
print()
userinput_cn = input(
'please enter the Common Name of the dn-entry you want to check the password : '******'please enter the password stored in attribute \'userPassword\' : ')
print()
entrydn = ('cn=' + userinput_cn + ',' + d)
r = Reader(c, o, entrydn)
r.search()
# dn is unique so we take the first list of attributes and extract userPassword
hash_from_DIT = (r[0].userPassword.value.decode().strip("{CRYPT}"))
if hmac.compare_digest(crypt.crypt(userinput_pwd, hash_from_DIT),
hash_from_DIT):
print()
print("SUCCESS, the password matches")
print()
else:
print()
print("FAILED, the password doesn't match")
print()
def delete(self):
ldap_server = Server(host=self.server.server_host,
port=self.server.server_port,
use_ssl=self.server.start_tls,
get_info=ALL)
connection = Connection(server=ldap_server,
user=self.server.admin_username,
password=self.server.admin_password,
raise_exceptions=True,
authentication=NTLM)
connection.bind()
query = 'cn: {}'.format(self.group.name, )
cursor_reader = Reader(connection,
self.obj,
self.server.search_base,
query=query)
cursor_reader.search()
cursor_writer = Writer.from_cursor(cursor_reader)
if cursor_reader.entries:
ldap_group = cursor_writer[0]
ldap_group.entry_delete()
ldap_group.entry_commit_changes()
connection.unbind()
def test_search_object(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abstract-1'))
o = ObjectDef(['inetorgPerson', 'person'], self.connection)
r = Reader(self.connection, o, test_base, '(cn=' + testcase_id + 'abstract-1)')
r.search(attributes='cn') # AD returns operationError for reading some atributes
self.assertEqual(len(r), 1)
self.assertEqual(r.entries[0].cn, testcase_id + 'abstract-1')
def user_factory(self, username: str, password: str, db) -> Optional[User]:
connection = self._get_connection(username, password)
# Attempting auth
if not connection.bind():
return None
search_filter = config.LDAP_SEARCH_FILTER
connection.search(self.base_dn, (search_filter % username))
user_dn = connection.response[0]['dn']
user_obj = ObjectDef('user', connection)
reader = Reader(connection, user_obj, user_dn)
reader.search()
result = reader.entries[0]
# Saving user to db
user = User(username=username, name=str(result.name))
user.save(db)
UserLDAP(
id=user.id,
title=str(result.title),
department=str(result.department),
company=str(result.company),
).save(db)
return user
def get_groupMembers(self, groupname, search_base):
memberlist = []
with Connection(
self.__ldap_server,
self.__ldap_user,
self.__ldap_password,
auto_bind=True,
) as conn:
bswmember = ObjectDef(["inetOrgPerson"], conn)
bswgroup = ObjectDef(["groupOfUniqueNames"], conn)
r = Reader(conn, bswgroup, search_base, "cn:=" + groupname)
r.search()
for entry in r:
# print(entry.entry_attributes_as_dict)
# print(entry['uniqueMember'])
for item in entry["uniqueMember"]:
r2 = Reader(
conn,
bswmember,
self.ldap_basedn,
"cn:=" + item.split(",")[0].split("=")[1],
)
r2.search()
if len(r2) == 0:
add_members = self.get_groupMembers(
item.split(",")[0].split("=")[1], search_base)
memberlist.extend(add_members)
else:
for member in r2:
memberlist.append((
member["sn"][0] + "," + member["givenName"][0],
member["mail"][0],
))
return memberlist
def test_search_object(self):
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'abstract-1'))
o = ObjectDef(['inetorgPerson', 'person'], self.connection)
r = Reader(self.connection, o, test_base,
'(cn=' + testcase_id + 'abstract-1)')
r.search()
self.assertEqual(len(r), 1)
self.assertEqual(r.entries[0].cn, testcase_id + 'abstract-1')
def test_search_object(self):
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'abstract-1'))
o = ObjectDef(['inetorgPerson', 'person'], self.connection)
r = Reader(self.connection, o, test_base,
'(cn=' + testcase_id + 'abstract-1)')
r.search(attributes='cn'
) # AD returns operationError for reading some atributes
self.assertEqual(len(r), 1)
self.assertEqual(r.entries[0].cn, testcase_id + 'abstract-1')
def process_outbound_entry(queue_entry, ldap_connection):
""" Processes queue_entry and apply changes to the LDAP user/group.
Args:
queue_entry: (dict) A outbound_queue table entry. The mandatory keys in
the dict are:
{
"data": (dict containing current state of LDAP object)
"data_type": (str)
}
ldap_connection: (ldap Connection object) A bound ldap connection object.
Returns:
write_confirmation: (bool) Returns True if a change to LDAP occurred,
returns False if no LDAP changes occurred
"""
distinguished_name = get_distinguished_name(queue_entry)
data_type = queue_entry["data_type"]
if data_type == "group":
sawtooth_entry_filtered = outbound_group_filter(queue_entry["data"], "ldap")
elif data_type == "user":
# Outbound AD user changes is currently not supported
return False
object_def = ObjectDef(data_type, ldap_connection)
reader_cursor = Reader(ldap_connection, object_def, distinguished_name)
reader_cursor.search()
writer_cursor = Writer.from_cursor(reader_cursor)
if reader_cursor.entries:
LOGGER.debug("Updating AD %s: %s", data_type, distinguished_name)
validated_entry = validate_update_entry(sawtooth_entry_filtered, data_type)
# Grab current state of user/group in LDAP
ldap_resource = writer_cursor[0]
# Update AD user/group
for ad_attribute in validated_entry:
ldap_current_value = ldap_resource[ad_attribute].value
if ad_attribute != "distinguishedName" and validated_entry[ad_attribute]:
# Convert member list to list if value is a string
if ad_attribute == "member" and isinstance(ldap_current_value, str):
ldap_current_value = [ldap_current_value]
# Sort lists for comparison
if isinstance(ldap_current_value, list):
ldap_current_value.sort()
validated_entry[ad_attribute].sort()
if ldap_current_value != validated_entry[ad_attribute]:
ldap_resource[ad_attribute] = validated_entry[ad_attribute]
return ldap_resource.entry_commit_changes()
LOGGER.debug("AD %s %s was not found.", data_type, distinguished_name)
return False
def search_for_users(basedn):
server = Server(IDIR_URL, get_info=ALL)
#objectClass
conn = Connection(server,
user=current_app.config["LDAP_IDIR_USERNAME"],
password=current_app.config["LDAP_IDIR_PASSWORD"],
authentication=NTLM,
auto_bind=True)
obj_user = ObjectDef('user', conn)
r = Reader(conn, obj_user, basedn)
r.search()
return [x.entry_attributes_as_dict for x in r]
def Read():
print()
print('r : read an entry from', d)
print()
userinput = input(
'please enter the Common Name of the dn-entry you want to read : ')
print()
query = ('cn: ' + userinput)
r = Reader(c, o, d, query)
r.search()
print(r.entries)
print()
def test_modify_entry_with_attrdef_with_friendly_name(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'new-9', attributes={test_multivalued_attribute: testcase_id + 'friendly-attr-name-1'}))
a = AttrDef(name=test_multivalued_attribute, key='myname')
o = ObjectDef('inetorgperson')
o += a
r = Reader(self.connection, o, test_base, 'myname:=' + testcase_id + 'friendly*')
r.search()
self.assertTrue(r[0].myname, testcase_id + 'friendly-attr-name-1')
w = Writer.from_cursor(r)
e = w[0]
e.myname += 'xyz'
w.commit()
self.assertTrue('xyz' in e.myname)
def get_reader_result(self):
query = ','.join(self.query)
ldapc = current_app.extensions.get('ldap_conn')
reader = Reader(connection=ldapc.connection,
object_def=self.object_def,
query=query,
base=self.base_dn,
components_in_and=self.components_in_and,
sub_tree=self.sub_tree,
get_operational_attributes=self.operational_attributes,
controls=None)
reader.search()
return reader.entries
def get_reader_result(self):
query = ','.join(self.query)
ldapc = current_app.extensions.get('ldap_conn')
reader = Reader(connection=ldapc.connection,
object_def=self.object_def,
query=query,
base=self.base_dn,
components_in_and=self.components_in_and,
sub_tree=self.sub_tree,
get_operational_attributes=self.operational_attributes,
controls=None)
reader.search()
return reader.entries
def get_lists(self, search_base):
ldap_lists = []
with Connection(
self.__ldap_server,
self.__ldap_user,
self.__ldap_password,
auto_bind=True,
) as conn:
r = Reader(conn, ObjectDef(["groupOfURLs"], conn), search_base)
r.search()
for entry in r.entries:
ldap_lists.append(entry.entry_dn)
return ldap_lists
def test_search_with_dereference(self):
reverse = lambda a, e: e[::-1]
def raise_parentheses_rank(_, l):
up = {'(': '[', ')': ']', '[': '{', ']': '}', '{': '<', '}': '>'}
r = []
for e in l:
s = ''
for c in e:
s += up[c] if c in up else c
r.append(s)
return r
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'abstract-member-4'))
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'abstract-member-5'))
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'abstract-member-6'))
self.delete_at_teardown.append(
add_group(self.connection, testcase_id, 'abstract-group',
self.delete_at_teardown))
ou = ObjectDef('inetOrgPerson')
ou += AttrDef('cn', 'Common Name', post_query=reverse)
ou += AttrDef('sn', 'Surname')
ou += AttrDef('givenName',
'Given Name',
post_query=raise_parentheses_rank)
ou += AttrDef('ACL')
qu = 'Common Name: ' + testcase_id + 'abstract-member-*'
ru = Reader(self.connection, ou, test_base, qu)
lu = ru.search()
self.assertEqual(len(lu), 3)
og = ObjectDef('groupOfNames')
og += AttrDef('member', dereference_dn=ou)
og += 'cn'
qg = 'cn := ' + testcase_id + 'abstract-group'
rg = Reader(self.connection, og, test_base, qg)
lg = rg.search()
self.assertEqual(len(lg), 1)
eg = lg[0]
mg = eg.member
self.assertEqual(len(mg), 3)
ug = eg.member[0]
self.assertTrue(
str(ug.surname) in
['abstract-member-4', 'abstract-member-5', 'abstract-member-6'])
def get_personDetails(self, person):
with Connection(
self.__ldap_server,
self.__ldap_user,
self.__ldap_password,
auto_bind=True,
) as conn:
r = Reader(
conn,
ObjectDef(["inetOrgPerson"], conn),
person,
)
r.search()
print(r.entries[0].entry_to_ldif())
return r.entries[0]
def test_read_entry_with_attribute_from_auxiliary_class(self):
w = Writer(self.connection, 'inetorgperson', auxiliary_class='homeInfo')
n = w.new('cn=' + testcase_id + 'new-3,' + test_base)
n.sn = 'sn-test-3'
n.homeState = 'state-test-3'
self.assertEqual(n.entry_status, STATUS_PENDING_CHANGES)
n.entry_commit_changes()
self.assertEqual(n.sn, 'sn-test-3')
self.assertEqual(n.homeState, 'state-test-3')
self.assertEqual(n.entry_status, STATUS_COMMITTED)
r = Reader(self.connection, 'inetorgperson', test_base, '(cn=' + testcase_id + 'new-3', auxiliary_class='homeInfo')
r.search()
self.assertTrue(r[0].cn, testcase_id + 'new-3')
self.assertTrue(r[0].homeState, testcase_id + 'state-test-3')
def test_find_entry_with_text_index_match(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3'))
o = ObjectDef('inetOrgPerson')
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef(test_multivalued_attribute, 'Given Name')
query_text = 'Common Name:=' + testcase_id + 'mat-*'
r = Reader(self.connection, o, test_base, query_text)
results = r.search()
self.assertEqual(len(results), 3)
try: # multiple matches
e = r['match']
except KeyError:
pass
e = r['-2'] # exact match
self.assertTrue('mat-2' in e.entry_dn)
try:
e = r['no-match'] # no match
except KeyError:
pass
def test_match_in_single_attribute_with_schema(self):
self.delete_at_teardown.append(
add_user(self.connection,
testcase_id,
'mat-1',
attributes={test_singlevalued_attribute: 'FALSE'}))
self.delete_at_teardown.append(
add_user(self.connection,
testcase_id,
'mat-2',
attributes={test_singlevalued_attribute: 'FALSE'}))
self.delete_at_teardown.append(
add_user(self.connection,
testcase_id,
'mat-3',
attributes={test_singlevalued_attribute: 'TRUE'}))
r = Reader(self.connection, 'inetorgperson', test_base,
'cn:=' + testcase_id + 'mat-*')
results = r.search()
self.assertEqual(len(results), 3)
e = r.match(test_singlevalued_attribute, 'FALSE')
self.assertEqual(len(e), 2)
e = r.match(test_singlevalued_attribute, 'fAlSe')
self.assertEqual(len(e), 2)
def get_object(self, ObjectClass, id):
if not id:
return None
reader = Reader(ldap_conn, object_def=obj_inetorgperson, base=id)
entries = reader.search()
return User(entries[0]) if len(entries) > 0 else None
def test_match_dn_in_cursor(self):
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'mat-1'))
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'mat-2'))
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'mat-3'))
o = ObjectDef('inetOrgPerson')
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef(test_multivalued_attribute, 'Given Name')
query_text = 'Common Name:=' + testcase_id + 'mat-*'
r = Reader(self.connection, o, test_base, query_text)
results = r.search()
self.assertEqual(len(results), 3)
e = r.match_dn('mat') # multiple matches
self.assertEqual(len(e), 3)
e = r.match_dn(
'-3'
) # single match. there's domains with -20xx in their names, so use -3 to match
self.assertEqual(len(e), 1)
e = r.match_dn('no-match') # no match
self.assertEqual(len(e), 0)
def test_find_entry_with_text_index_match(self):
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'mat-1'))
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'mat-2'))
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'mat-3'))
o = ObjectDef('inetOrgPerson')
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef(test_multivalued_attribute, 'Given Name')
query_text = 'Common Name:=' + testcase_id + 'mat-*'
r = Reader(self.connection, o, test_base, query_text)
results = r.search()
self.assertEqual(len(results), 3)
try: # multiple matches
e = r['match']
except KeyError:
pass
e = r['-2'] # exact match
self.assertTrue('mat-2' in e.entry_dn)
try:
e = r['no-match'] # no match
except KeyError:
pass
def save(self):
ldap_server = Server(host=self.server.server_host,
port=self.server.server_port,
use_ssl=self.server.start_tls,
get_info=ALL)
connection = Connection(server=ldap_server,
user=self.server.admin_username,
password=self.server.admin_password,
raise_exceptions=True,
authentication=NTLM)
connection.bind()
query = 'cn: {}'.format(self.group.name, )
cursor_reader = Reader(connection,
self.obj,
self.server.search_base,
query=query)
cursor_reader.search()
cursor_writer = Writer.from_cursor(cursor_reader)
if cursor_reader.entries:
ldap_group = cursor_writer[0]
else:
ldap_group = cursor_writer.new(
dn="CN={},{}".format(self.group.name, self.server.search_base))
ldap_group.cn = self.group.name
ldap_group.slug_name = self.group.name
if self.group.service_type == 'security':
ldap_group.type = -2147483646
elif self.group.service_type == 'area':
ldap_group.type = -2147483646
ldap_group.flags = 25
else:
ldap_group.type = 2
#ldap_group.email = self.group.email
ldap_group.email_canonical = self.group.email.strip().split("@")[0]
ldap_group.entry_commit_changes()
connection.unbind()
def List():
print()
print('l : lists all entries in', d)
print()
r = Reader(c, o, d)
output = r.search()
print(output)
print()
def _get_read_cursor(cls, qry=None):
"""
Get a generic read cursor for this class.
"""
from ldap3 import Reader
from ldap3.core.exceptions import LDAPNoSuchObjectResult
conn = current_app.ldap3_login_manager.connection
r = Reader(conn, cls._objectdef(), cls._basedn(), qry)
try:
r.search()
except LDAPNoSuchObjectResult:
raise LookupError("No such object: {qry}".format(qry=qry))
return None
return r
def find_byEmail(self, email, search_base):
found = []
with Connection(
self.__ldap_server,
self.__ldap_user,
self.__ldap_password,
auto_bind=True,
) as conn:
r = Reader(
conn,
ObjectDef(["inetOrgPerson"], conn),
search_base,
"mail:=" + email,
)
r.search()
for entry in r.entries:
found.append(entry.entry_dn)
return found
def test_search_with_None_default(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-12'))
ou = ObjectDef('inetOrgPerson')
ou += AttrDef('cn', 'CommonName')
ou += AttrDef('employeeType', key='Employee', default=None)
qu = 'CommonName := ' + testcase_id + 'abs-12'
ru = Reader(self.connection, ou, test_base, qu)
lu = ru.search()
self.assertEqual(lu[0].employee.value, None)
def test_search_with_default(self):
self.delete_at_teardown.append(
add_user(self.connection, testcase_id, 'abstract-member-10'))
ou = ObjectDef('inetOrgPerson')
ou += AttrDef('cn', 'CommonName')
ou += AttrDef('employeeType', key='Employee', default='not employed')
qu = 'CommonName := ' + testcase_id + 'abstract-member-10'
ru = Reader(self.connection, ou, test_base, qu)
lu = ru.search()
self.assertEqual(str(lu[0].employee), 'not employed')
def get_one(cls, name):
"""Fetch a single host (inventory host mode)."""
reader = Reader(connection=_ldap,
query=cls.__attr_name + ":" + name,
base=cls.base,
object_def=cls.__def,
sub_tree=sub(_cfg.hosts))
entries = reader.search(attributes=cls.__attr)
return cls(entries[0])
def test_read_entry_with_attribute_from_missing_auxiliary_class(self):
if test_server_type != 'AD':
w = Writer(self.connection,
'inetorgperson',
auxiliary_class='homeInfo')
n = w.new('cn=' + testcase_id + 'new-4,' + test_base)
n.sn = 'sn-test-4'
n.homeState = 'state-test-4'
self.assertEqual(n.entry_status, STATUS_PENDING_CHANGES)
n.entry_commit_changes()
self.assertEqual(n.sn, 'sn-test-4')
self.assertEqual(n.homeState, 'state-test-4')
self.assertEqual(n.entry_status, STATUS_COMMITTED)
r = Reader(self.connection, 'inetorgperson', test_base,
'(cn=' + testcase_id + 'new-4')
r.search()
self.assertTrue(r[0].cn, testcase_id + 'new-4')
with self.assertRaises(LDAPCursorError):
self.assertTrue(r[0].homeState, testcase_id + 'state-test-3')
def authenticate(self):
ldap_server = Server(host=self.server.server_host,
port=self.server.server_port,
use_ssl=self.server.start_tls,
get_info=ALL)
connection = Connection(server=ldap_server,
user='******'.format(self.server.domain_name,
self.user.username),
password=self.user._password,
raise_exceptions=True,
authentication=NTLM)
connection.bind()
cursor_reader = Reader(connection,
self.person,
self.server.search_base,
query=self.query)
cursor_reader.search()
connection.unbind()
def test_search_with_dereference(self):
reverse = lambda a, e: e[::-1]
def raise_parentheses_rank(_, l):
up = {'(': '[', ')': ']', '[': '{', ']': '}', '{': '<', '}': '>'}
r = []
for e in l:
s = ''
for c in e:
s += up[c] if c in up else c
r.append(s)
return r
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-4'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-5'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-6'))
self.delete_at_teardown.append(add_group(self.connection, testcase_id, 'abstract-group', self.delete_at_teardown))
ou = ObjectDef('inetOrgPerson')
ou += AttrDef('cn', 'Common Name', post_query=reverse)
ou += AttrDef('sn', 'Surname')
ou += AttrDef(test_multivalued_attribute, 'Given Name', post_query=raise_parentheses_rank)
ou += AttrDef('ACL')
qu = 'Common Name: ' + testcase_id + 'abs-*'
ru = Reader(self.connection, ou, test_base, qu)
lu = ru.search()
self.assertEqual(len(lu), 3)
og = ObjectDef('groupOfNames')
og += AttrDef('member', dereference_dn=ou)
og += 'cn'
qg = 'cn := ' + testcase_id + 'abstract-group'
rg = Reader(self.connection, og, test_base, qg)
lg = rg.search()
self.assertEqual(len(lg), 1)
eg = lg[0]
mg = eg.member
self.assertEqual(len(mg), 3)
ug = eg.member[0]
self.assertTrue(str(ug.surname) in ['abs-4', 'abs-5', 'abs-6'])
def test_match_in_single_attribute_with_schema(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1', attributes={test_singlevalued_attribute: 'FALSE'}))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2', attributes={test_singlevalued_attribute: 'FALSE'}))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3', attributes={test_singlevalued_attribute: 'TRUE'}))
r = Reader(self.connection, 'inetorgperson', test_base, 'cn:=' + testcase_id + 'mat-*')
results = r.search()
self.assertEqual(len(results), 3)
e = r.match(test_singlevalued_attribute, 'FALSE')
self.assertEqual(len(e), 2)
e = r.match(test_singlevalued_attribute, 'fAlSe')
self.assertEqual(len(e), 2)
def test_search_filter_with_object_class(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-1'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-2'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-3'))
self.delete_at_teardown.append(add_group(self.connection, testcase_id, 'abs-grp', self.delete_at_teardown))
reverse = lambda a, e: e[::-1]
o = ObjectDef('inetOrgPerson')
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef(test_multivalued_attribute, 'Given Name', post_query=reverse)
query_text = 'Common Name:=' + testcase_id + 'abs-*'
r = Reader(self.connection, o, test_base, query_text)
results = r.search()
self.assertEqual(len(results), 3)
def test_search_with_pre_query(self):
change = lambda attr, value: testcase_id + 'abs-*'
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-7'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-8'))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-9'))
self.delete_at_teardown.append(add_group(self.connection, testcase_id, 'abstract-group', self.delete_at_teardown))
ou = ObjectDef('inetOrgPerson')
ou += AttrDef('cn', 'Common Name', pre_query=change)
ou += AttrDef('sn', 'Surname')
ou += AttrDef(test_multivalued_attribute, 'Given Name')
ou += AttrDef('ACL')
qu = 'Common Name := bug'
ru = Reader(self.connection, ou, test_base, qu)
lu = ru.search()
self.assertEqual(len(lu), 3)
def test_match_in_single_attribute(self):
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1', attributes={test_multivalued_attribute: ['givenname-1', 'givenname-1a']}))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2', attributes={test_multivalued_attribute: ['givenname-2', 'givenname-2a']}))
self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3', attributes={test_multivalued_attribute: ['givenname-3', 'givenname-3a']}))
o = ObjectDef('inetOrgPerson')
o += AttrDef('cn', 'Common Name')
o += AttrDef('sn', 'Surname')
o += AttrDef(test_multivalued_attribute, 'Given Name')
query_text = 'Common Name:=' + testcase_id + 'mat-*'
r = Reader(self.connection, o, test_base, query_text)
results = r.search()
self.assertEqual(len(results), 3)
e = r.match('Given Name', 'name') # multiple matches
self.assertEqual(len(e), 3)
e = r.match('Given Name', '2a') # single match
self.assertEqual(len(e), 1)
e = r.match('Given Name', 'no-match') # no match
self.assertEqual(len(e), 0)
print(8, conn.last_error)
conn.modify('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_REPLACE, ['Smith'])]})
print(9, conn.last_error)
conn.modify('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_ADD, ['Young', 'Johnson']), (MODIFY_DELETE, ['Smith'])], 'givenname': [(MODIFY_REPLACE, ['Mary', 'Jane'])]})
print(10, conn.last_error)
conn.modify_dn('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'cn=b.smith', new_superior='ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org')
print(11, conn.last_error)
conn.modify('cn=b.smith,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_DELETE, ['Johnson'])], 'givenname': [(MODIFY_REPLACE, ['Beatrix'])]})
print(12, conn.last_error)
conn.modify_dn('cn=b.smith,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'cn=b.young')
print(13, conn.last_error)
conn.add('cn=m.johnson,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'inetOrgPerson', {'givenName': 'Mary Ann', 'sn': 'Johnson', 'departmentNumber': 'DEV', 'telephoneNumber': 2222})
print(14, conn.last_error)
conn.add('cn=q.gray,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'inetOrgPerson', {'givenName': 'Quentin', 'sn': 'Gray', 'departmentNumber': 'QA', 'telephoneNumber': 3333})
print(15, conn.last_error)
obj_person = ObjectDef('inetOrgPerson', conn)
r = Reader(conn, obj_person, 'ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org')
r.search()
print(r)
w = Writer.from_cursor(r)
print(w)
print(w[0])
e = w[0]
print(e.entry_dn)
print(e.entry_attributes)
print(e.entry_attributes_as_dict)
print(e.entry_mandatory_attributes)
print(e.entry_to_ldif())
print(e.entry_to_json(include_empty=False))
