def profile(): with Connection(server, current_user.dn, current_user.get_password(), auto_bind=True) as conn: person = ObjectDef(["inetOrgPerson"], conn) r = Reader(conn, person, current_user.dn) r.search() # print(r[0].entry_attributes_as_dict) form = ProfileForm(request.form, obj=current_user) if request.method == "POST" and form.validate(): w = Writer.from_cursor(r) # print(w[0].entry_attributes_as_dict) current_user.email = form.email.data current_user.vorname = form.vorname.data current_user.nachname = form.nachname.data w[0].givenName = current_user.vorname w[0].sn = current_user.nachname w[0].mail = current_user.email result = w[0].entry_commit_changes(refresh=True, controls=None) if result: flash(u"Profiländerung erfolgreich", "success") return redirect(url_for("index")) else: flash(u"Profiländerung nicht erfolgreich", "danger") return render_template( "/admin/changeprofile.html", form=form, user=current_user, title=u"Profiländerung", )
def test_read_entry_with_attribute_from_auxiliary_class(self): if test_server_type != 'AD': w = Writer(self.connection, 'inetorgperson', auxiliary_class='homeInfo') n = w.new('cn=' + testcase_id + 'new-3,' + test_base) n.sn = 'sn-test-3' n.homeState = 'state-test-3' self.assertEqual(n.entry_status, STATUS_PENDING_CHANGES) n.entry_commit_changes() self.assertEqual(n.sn, 'sn-test-3') self.assertEqual(n.homeState, 'state-test-3') self.assertEqual(n.entry_status, STATUS_COMMITTED) r = Reader(self.connection, 'inetorgperson', test_base, '(cn=' + testcase_id + 'new-3', auxiliary_class='homeInfo') r.search() self.assertTrue(r[0].cn, testcase_id + 'new-3') self.assertTrue(r[0].homeState, testcase_id + 'state-test-3') w1 = Writer.from_cursor(r) w1[0].entry_delete() w1.commit()
def delete(self): ldap_server = Server(host=self.server.server_host, port=self.server.server_port, use_ssl=self.server.start_tls, get_info=ALL) connection = Connection(server=ldap_server, user=self.server.admin_username, password=self.server.admin_password, raise_exceptions=True, authentication=NTLM) connection.bind() query = 'cn: {}'.format(self.group.name, ) cursor_reader = Reader(connection, self.obj, self.server.search_base, query=query) cursor_reader.search() cursor_writer = Writer.from_cursor(cursor_reader) if cursor_reader.entries: ldap_group = cursor_writer[0] ldap_group.entry_delete() ldap_group.entry_commit_changes() connection.unbind()
def reset_password(self): ldap_server = Server(host=self.server.server_host, port=self.server.server_port, use_ssl=self.server.start_tls, get_info=ALL) connection = Connection(server=ldap_server, user=self.server.admin_username, password=self.server.admin_password, raise_exceptions=True, authentication=NTLM) connection.bind() cursor_reader = Reader(connection, self.person, self.server.search_base, query=self.query) cursor_reader.search() cursor_writer = Writer.from_cursor(cursor_reader) if cursor_reader.entries: ldap_user = cursor_writer[0] self._reset_password(connection, ldap_user) ldap_user.entry_commit_changes() connection.unbind()
def user_factory(self, username: str, password: str, db) -> Optional[User]: connection = self._get_connection(username, password) # Attempting auth if not connection.bind(): return None search_filter = config.LDAP_SEARCH_FILTER connection.search(self.base_dn, (search_filter % username)) user_dn = connection.response[0]['dn'] user_obj = ObjectDef('user', connection) reader = Reader(connection, user_obj, user_dn) reader.search() result = reader.entries[0] # Saving user to db user = User(username=username, name=str(result.name)) user.save(db) UserLDAP( id=user.id, title=str(result.title), department=str(result.department), company=str(result.company), ).save(db) return user
def test_paged_search_accumulator_with_schema_base_object(self): self.delete_at_teardown.append( add_user(self.connection, testcase_id, 'mat-1')) r = Reader(self.connection, 'inetorgperson', self.delete_at_teardown[0][0]) entries = r.search_paged(2, True, generator=False, attributes=['cn']) self.assertEqual(len(entries), 1)
def query_user(conn, obj_user, user, group, tempList): try: r = Reader(conn, obj_user, user) result = r.search_subtree() ldapUserPN = str(result[0]['userPrincipalName']).lower() email = str(result[0]['mail']).lower() ldapUserDisplayName = str(result[0]['displayName']) ldapUsername = f'{ldapUserPN.split("@")[-1].split(".")[0]}\\{ldapUserPN.split("@")[0]}' ldapUserNoDomain = ldapUserPN.split('@')[0] ldapGroupDN = group ldapGroupCN = group.split(',')[0].strip('CN=') tempList['ldapUsers'].append({ 'ldapUsername': ldapUsername, 'ldapUserPN': ldapUserPN, 'ldapUserNoDomain': ldapUserNoDomain, 'ldapUserDisplayName': ldapUserDisplayName, 'email': email, 'ldapGroupDN': ldapGroupDN, 'ldapGroupCN': ldapGroupCN }) print(f'Adding {email} to tempList') return except Exception as e: print(f'Error with user: {user}') print(str(e))
def test_search_object(self): self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abstract-1')) o = ObjectDef(['inetorgPerson', 'person'], self.connection) r = Reader(self.connection, o, test_base, '(cn=' + testcase_id + 'abstract-1)') r.search(attributes='cn') # AD returns operationError for reading some atributes self.assertEqual(len(r), 1) self.assertEqual(r.entries[0].cn, testcase_id + 'abstract-1')
def Verify(): print() print('v : verify password', d) print() userinput_cn = input( 'please enter the Common Name of the dn-entry you want to check the password : '******'please enter the password stored in attribute \'userPassword\' : ') print() entrydn = ('cn=' + userinput_cn + ',' + d) r = Reader(c, o, entrydn) r.search() # dn is unique so we take the first list of attributes and extract userPassword hash_from_DIT = (r[0].userPassword.value.decode().strip("{CRYPT}")) if hmac.compare_digest(crypt.crypt(userinput_pwd, hash_from_DIT), hash_from_DIT): print() print("SUCCESS, the password matches") print() else: print() print("FAILED, the password doesn't match") print()
def get_object(self, ObjectClass, id): if not id: return None reader = Reader(ldap_conn, object_def=obj_inetorgperson, base=id) entries = reader.search() return User(entries[0]) if len(entries) > 0 else None
def test_find_entry_with_text_index_match(self): self.delete_at_teardown.append( add_user(self.connection, testcase_id, 'mat-1')) self.delete_at_teardown.append( add_user(self.connection, testcase_id, 'mat-2')) self.delete_at_teardown.append( add_user(self.connection, testcase_id, 'mat-3')) o = ObjectDef('inetOrgPerson') o += AttrDef('cn', 'Common Name') o += AttrDef('sn', 'Surname') o += AttrDef(test_multivalued_attribute, 'Given Name') query_text = 'Common Name:=' + testcase_id + 'mat-*' r = Reader(self.connection, o, test_base, query_text) results = r.search() self.assertEqual(len(results), 3) try: # multiple matches e = r['match'] except KeyError: pass e = r['-2'] # exact match self.assertTrue('mat-2' in e.entry_dn) try: e = r['no-match'] # no match except KeyError: pass
def test_match_in_single_attribute_with_schema(self): self.delete_at_teardown.append( add_user(self.connection, testcase_id, 'mat-1', attributes={test_singlevalued_attribute: 'FALSE'})) self.delete_at_teardown.append( add_user(self.connection, testcase_id, 'mat-2', attributes={test_singlevalued_attribute: 'FALSE'})) self.delete_at_teardown.append( add_user(self.connection, testcase_id, 'mat-3', attributes={test_singlevalued_attribute: 'TRUE'})) r = Reader(self.connection, 'inetorgperson', test_base, 'cn:=' + testcase_id + 'mat-*') results = r.search() self.assertEqual(len(results), 3) e = r.match(test_singlevalued_attribute, 'FALSE') self.assertEqual(len(e), 2) e = r.match(test_singlevalued_attribute, 'fAlSe') self.assertEqual(len(e), 2)
def test_find_entry_with_text_index_match(self): self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3')) o = ObjectDef('inetOrgPerson') o += AttrDef('cn', 'Common Name') o += AttrDef('sn', 'Surname') o += AttrDef(test_multivalued_attribute, 'Given Name') query_text = 'Common Name:=' + testcase_id + 'mat-*' r = Reader(self.connection, o, test_base, query_text) results = r.search() self.assertEqual(len(results), 3) try: # multiple matches e = r['match'] except KeyError: pass e = r['-2'] # exact match self.assertTrue('mat-2' in e.entry_dn) try: e = r['no-match'] # no match except KeyError: pass
def read_accounts_(): """ Lit la liste des comptes depuis l'annuaire LDAP. :return: un dictionnaire contenant les comptes; les EPPN sont \ utilisés comme clés. """ people_dn = cfg.get('ldap', 'people-dn') mail_domain = '@{}'.format(cfg.get('ldap', 'mail-domain')) obj_person = get_def_(cfg.get_list('ldap-people-classes')) from ldap3 import Reader reader = Reader(ldap_conn, obj_person, people_dn, query) cursor = reader.search_paged(10, True) all_uids = set() accounts = {} # On lit les comptes, en se limitant si nécessaire via la # variable de configuration 'limit' limit = int(cfg.get('ldap', 'limit', 0)) if limit > 0: Logging('ldap').warning( 'synchronisation limitée à {} comptes'.format(limit)) for entry in cursor: all_uids.add(str(entry.uid)) try: a = SyncAccount(cfg).from_ldap_entry(entry) except AttributeError as e: Logging('ldap').warning( 'Compte LDAP {}: erreur sur attribut {}'.format( str(entry.uid), str(e))) continue # Redirection? if isinstance(a.ldapMail, str): a.ldapMail = set([a.ldapMail]) remove = [] for ma in a.ldapMail: if ma.endswith(mail_domain): continue Logging('ldap').info( ('Compte LDAP {}: redirection depuis {} vers ' + '{} ignorée').format(str(entry.uid), a.mail, ma)) remove.append(ma) a.ldapMail.difference_update(remove) if not a.ldapMail: Logging('ldap').info( 'Compte LDAP {}: purement externe'.format( entry.uid)) continue accounts[a.eppn] = a Logging('ldap').debug('Compte {} chargé'.format(a.eppn)) if len(accounts) == limit: break Logging('ldap').info('{} comptes chargés sur {} UIDs'.format( len(accounts), len(all_uids))) return (all_uids, accounts)
def test_paged_search_generator_with_schema_base_object(self): self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1')) r = Reader(self.connection, 'inetorgperson', self.delete_at_teardown[0][0]) entries = r.search_paged(2, True, generator=True, attributes=['cn']) cont = 0 for _ in entries: cont += 1 self.assertEqual(cont, 1)
def List(): print() print('l : lists all entries in', d) print() r = Reader(c, o, d) output = r.search() print(output) print()
def test_search_object(self): self.delete_at_teardown.append( add_user(self.connection, testcase_id, 'abstract-1')) o = ObjectDef(['inetorgPerson', 'person'], self.connection) r = Reader(self.connection, o, test_base, '(cn=' + testcase_id + 'abstract-1)') r.search() self.assertEqual(len(r), 1) self.assertEqual(r.entries[0].cn, testcase_id + 'abstract-1')
def test_paged_search_accumulator_with_schema(self): self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-4')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-5')) r = Reader(self.connection, 'inetorgperson', test_base, 'cn:=' + testcase_id + 'mat-*') entries = r.search_paged(2, True, generator=False, attributes=['cn']) self.assertEqual(len(entries), 5)
def test_search_object(self): self.delete_at_teardown.append( add_user(self.connection, testcase_id, 'abstract-1')) o = ObjectDef(['inetorgPerson', 'person'], self.connection) r = Reader(self.connection, o, test_base, '(cn=' + testcase_id + 'abstract-1)') r.search(attributes='cn' ) # AD returns operationError for reading some atributes self.assertEqual(len(r), 1) self.assertEqual(r.entries[0].cn, testcase_id + 'abstract-1')
def test_create_query_filter_single_attribute_single_value(self): o = ObjectDef() o += AttrDef('cn', 'Common Name') query_text = 'Common Name:John' r = Reader(self.connection, o, test_base, query_text) r._create_query_filter() self.assertEqual('(cn=John)', r.query_filter)
def test_search_with_None_default(self): self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-12')) ou = ObjectDef('inetOrgPerson') ou += AttrDef('cn', 'CommonName') ou += AttrDef('employeeType', key='Employee', default=None) qu = 'CommonName := ' + testcase_id + 'abs-12' ru = Reader(self.connection, ou, test_base, qu) lu = ru.search() self.assertEqual(lu[0].employee.value, None)
def test_create_query_filter_single_attribute_multiple_value(self): o = ObjectDef() o += AttrDef('cn', 'Common Name') query_text = '|Common Name:=john;=Bob' r = Reader(self.connection, o, test_base, query_text) r._create_query_filter() self.assertEqual('(|(cn=Bob)(cn=john))', r.query_filter)
def get_one(cls, name): """Fetch a single host (inventory host mode).""" reader = Reader(connection=_ldap, query=cls.__attr_name + ":" + name, base=cls.base, object_def=cls.__def, sub_tree=sub(_cfg.hosts)) entries = reader.search(attributes=cls.__attr) return cls(entries[0])
def process_outbound_entry(queue_entry, ldap_connection): """ Processes queue_entry and apply changes to the LDAP user/group. Args: queue_entry: (dict) A outbound_queue table entry. The mandatory keys in the dict are: { "data": (dict containing current state of LDAP object) "data_type": (str) } ldap_connection: (ldap Connection object) A bound ldap connection object. Returns: write_confirmation: (bool) Returns True if a change to LDAP occurred, returns False if no LDAP changes occurred """ distinguished_name = get_distinguished_name(queue_entry) data_type = queue_entry["data_type"] if data_type == "group": sawtooth_entry_filtered = outbound_group_filter(queue_entry["data"], "ldap") elif data_type == "user": # Outbound AD user changes is currently not supported return False object_def = ObjectDef(data_type, ldap_connection) reader_cursor = Reader(ldap_connection, object_def, distinguished_name) reader_cursor.search() writer_cursor = Writer.from_cursor(reader_cursor) if reader_cursor.entries: LOGGER.debug("Updating AD %s: %s", data_type, distinguished_name) validated_entry = validate_update_entry(sawtooth_entry_filtered, data_type) # Grab current state of user/group in LDAP ldap_resource = writer_cursor[0] # Update AD user/group for ad_attribute in validated_entry: ldap_current_value = ldap_resource[ad_attribute].value if ad_attribute != "distinguishedName" and validated_entry[ad_attribute]: # Convert member list to list if value is a string if ad_attribute == "member" and isinstance(ldap_current_value, str): ldap_current_value = [ldap_current_value] # Sort lists for comparison if isinstance(ldap_current_value, list): ldap_current_value.sort() validated_entry[ad_attribute].sort() if ldap_current_value != validated_entry[ad_attribute]: ldap_resource[ad_attribute] = validated_entry[ad_attribute] return ldap_resource.entry_commit_changes() LOGGER.debug("AD %s %s was not found.", data_type, distinguished_name) return False
def test_search_with_default(self): self.delete_at_teardown.append( add_user(self.connection, testcase_id, 'abstract-member-10')) ou = ObjectDef('inetOrgPerson') ou += AttrDef('cn', 'CommonName') ou += AttrDef('employeeType', key='Employee', default='not employed') qu = 'CommonName := ' + testcase_id + 'abstract-member-10' ru = Reader(self.connection, ou, test_base, qu) lu = ru.search() self.assertEqual(str(lu[0].employee), 'not employed')
def Read(): print() print('r : read an entry from', d) print() userinput = input( 'please enter the Common Name of the dn-entry you want to read : ') print() query = ('cn: ' + userinput) r = Reader(c, o, d, query) r.search() print(r.entries) print()
def test_validate_query_filter(self): o = ObjectDef() o += AttrDef('cn', 'Common Name') o += AttrDef('sn', 'Surname') o += AttrDef('givenName', 'Given Name') query_text = '|Common Name:=john;=Bob, Surname:=smith' r = Reader(self.connection, o, test_base, query_text) r._validate_query() self.assertEqual('Surname: =smith, |CommonName: =Bob;=john', r.validated_query)
def test_create_query_filter(self): o = ObjectDef() o += AttrDef('cn', 'Common Name') o += AttrDef('sn', 'Surname') o += AttrDef('givenName', 'Given Name') query_text = '|Common Name:=john;Bob, Surname:=smith' r = Reader(self.connection, o, test_base, query_text) r._create_query_filter() self.assertEqual('(&(sn=smith)(|(cn=Bob)(cn=john)))', r.query_filter)
def search_for_users(basedn): server = Server(IDIR_URL, get_info=ALL) #objectClass conn = Connection(server, user=current_app.config["LDAP_IDIR_USERNAME"], password=current_app.config["LDAP_IDIR_PASSWORD"], authentication=NTLM, auto_bind=True) obj_user = ObjectDef('user', conn) r = Reader(conn, obj_user, basedn) r.search() return [x.entry_attributes_as_dict for x in r]
def get_reader_result(self): query = ','.join(self.query) ldapc = current_app.extensions.get('ldap_conn') reader = Reader(connection=ldapc.connection, object_def=self.object_def, query=query, base=self.base_dn, components_in_and=self.components_in_and, sub_tree=self.sub_tree, get_operational_attributes=self.operational_attributes, controls=None) reader.search() return reader.entries
def test_modify_entry_with_attrdef_with_friendly_name(self): self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'new-9', attributes={test_multivalued_attribute: testcase_id + 'friendly-attr-name-1'})) a = AttrDef(name=test_multivalued_attribute, key='myname') o = ObjectDef('inetorgperson') o += a r = Reader(self.connection, o, test_base, 'myname:=' + testcase_id + 'friendly*') r.search() self.assertTrue(r[0].myname, testcase_id + 'friendly-attr-name-1') w = Writer.from_cursor(r) e = w[0] e.myname += 'xyz' w.commit() self.assertTrue('xyz' in e.myname)
def find_user_by_username(self, username: str) -> Attribute: user_def = self.user_def user_def += [self.uid_attr, self.ldap_user_attr] person_reader = Reader(self.conn, user_def, self.search_base, "{}:{}".format(self.ldap_user_attr, username)) results = person_reader.search() try: userUid = results[0][self.uid_attr] except Exception as e: print("User {} cannot be found".format(username), e) return return userUid
def get_user_dn(self, user: User): uid = user.unique_id user_def = self.user_def user_def += self.uid_attr person_reader = Reader(self.conn, user_def, self.search_base, "({}={})".format(self.uid_attr, uid)) results = person_reader.search() try: dn = results[0].entry_dn return dn except IndexError as e: print("User {} cannot be found".format(user), e) return
def test_match_in_single_attribute_with_schema(self): self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1', attributes={test_singlevalued_attribute: 'FALSE'})) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2', attributes={test_singlevalued_attribute: 'FALSE'})) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3', attributes={test_singlevalued_attribute: 'TRUE'})) r = Reader(self.connection, 'inetorgperson', test_base, 'cn:=' + testcase_id + 'mat-*') results = r.search() self.assertEqual(len(results), 3) e = r.match(test_singlevalued_attribute, 'FALSE') self.assertEqual(len(e), 2) e = r.match(test_singlevalued_attribute, 'fAlSe') self.assertEqual(len(e), 2)
def test_read_entry_with_attribute_from_auxiliary_class(self): w = Writer(self.connection, 'inetorgperson', auxiliary_class='homeInfo') n = w.new('cn=' + testcase_id + 'new-3,' + test_base) n.sn = 'sn-test-3' n.homeState = 'state-test-3' self.assertEqual(n.entry_status, STATUS_PENDING_CHANGES) n.entry_commit_changes() self.assertEqual(n.sn, 'sn-test-3') self.assertEqual(n.homeState, 'state-test-3') self.assertEqual(n.entry_status, STATUS_COMMITTED) r = Reader(self.connection, 'inetorgperson', test_base, '(cn=' + testcase_id + 'new-3', auxiliary_class='homeInfo') r.search() self.assertTrue(r[0].cn, testcase_id + 'new-3') self.assertTrue(r[0].homeState, testcase_id + 'state-test-3')
def test_search_filter_with_object_class(self): self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-1')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-2')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-3')) self.delete_at_teardown.append(add_group(self.connection, testcase_id, 'abs-grp', self.delete_at_teardown)) reverse = lambda a, e: e[::-1] o = ObjectDef('inetOrgPerson') o += AttrDef('cn', 'Common Name') o += AttrDef('sn', 'Surname') o += AttrDef(test_multivalued_attribute, 'Given Name', post_query=reverse) query_text = 'Common Name:=' + testcase_id + 'abs-*' r = Reader(self.connection, o, test_base, query_text) results = r.search() self.assertEqual(len(results), 3)
def test_search_with_pre_query(self): change = lambda attr, value: testcase_id + 'abs-*' self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-7')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-8')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-9')) self.delete_at_teardown.append(add_group(self.connection, testcase_id, 'abstract-group', self.delete_at_teardown)) ou = ObjectDef('inetOrgPerson') ou += AttrDef('cn', 'Common Name', pre_query=change) ou += AttrDef('sn', 'Surname') ou += AttrDef(test_multivalued_attribute, 'Given Name') ou += AttrDef('ACL') qu = 'Common Name := bug' ru = Reader(self.connection, ou, test_base, qu) lu = ru.search() self.assertEqual(len(lu), 3)
def test_search_with_dereference(self): reverse = lambda a, e: e[::-1] def raise_parentheses_rank(_, l): up = {'(': '[', ')': ']', '[': '{', ']': '}', '{': '<', '}': '>'} r = [] for e in l: s = '' for c in e: s += up[c] if c in up else c r.append(s) return r self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-4')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-5')) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'abs-6')) self.delete_at_teardown.append(add_group(self.connection, testcase_id, 'abstract-group', self.delete_at_teardown)) ou = ObjectDef('inetOrgPerson') ou += AttrDef('cn', 'Common Name', post_query=reverse) ou += AttrDef('sn', 'Surname') ou += AttrDef(test_multivalued_attribute, 'Given Name', post_query=raise_parentheses_rank) ou += AttrDef('ACL') qu = 'Common Name: ' + testcase_id + 'abs-*' ru = Reader(self.connection, ou, test_base, qu) lu = ru.search() self.assertEqual(len(lu), 3) og = ObjectDef('groupOfNames') og += AttrDef('member', dereference_dn=ou) og += 'cn' qg = 'cn := ' + testcase_id + 'abstract-group' rg = Reader(self.connection, og, test_base, qg) lg = rg.search() self.assertEqual(len(lg), 1) eg = lg[0] mg = eg.member self.assertEqual(len(mg), 3) ug = eg.member[0] self.assertTrue(str(ug.surname) in ['abs-4', 'abs-5', 'abs-6'])
def test_match_in_single_attribute(self): self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1', attributes={test_multivalued_attribute: ['givenname-1', 'givenname-1a']})) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-2', attributes={test_multivalued_attribute: ['givenname-2', 'givenname-2a']})) self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-3', attributes={test_multivalued_attribute: ['givenname-3', 'givenname-3a']})) o = ObjectDef('inetOrgPerson') o += AttrDef('cn', 'Common Name') o += AttrDef('sn', 'Surname') o += AttrDef(test_multivalued_attribute, 'Given Name') query_text = 'Common Name:=' + testcase_id + 'mat-*' r = Reader(self.connection, o, test_base, query_text) results = r.search() self.assertEqual(len(results), 3) e = r.match('Given Name', 'name') # multiple matches self.assertEqual(len(e), 3) e = r.match('Given Name', '2a') # single match self.assertEqual(len(e), 1) e = r.match('Given Name', 'no-match') # no match self.assertEqual(len(e), 0)
from ldap3 import Server, Connection, ObjectDef, AttrDef, Reader, Writer, ALL server = Server('ipa.demo1.freeipa.org', get_info=ALL) conn = Connection(server, 'uid=admin,cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org', 'Secret123', auto_bind=True) obj_person = ObjectDef('person', conn) print(obj_person) print(obj_person.sn) obj_inetorgperson = ObjectDef('inetOrgPerson', conn) r = Reader(conn, obj_inetorgperson, 'ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org') print(r) r.search() print(r) print(r[0]) print(r[0].entry_dn) print(r[0].entry_attributes) print(r[0].entry_attributes_as_dict) print(r[0].entry_mandatory_attributes) print(r[0].entry_to_ldif()) print(r[0].entry_to_json(include_empty=False)) print(obj_person) obj_person += 'uid' print(obj_person) r = Reader(conn, obj_person, 'cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org', 'uid:=admin') print(r) r.search() print(r[0]) obj_person = ObjectDef(['person', 'posixaccount', 'krbprincipalaux'], conn) print(obj_person) r = Reader(conn, obj_person, 'dc=demo1,dc=freeipa,dc=org', 'uid:=admin') r.search() print(r[0])
print(8, conn.last_error) conn.modify('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_REPLACE, ['Smith'])]}) print(9, conn.last_error) conn.modify('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_ADD, ['Young', 'Johnson']), (MODIFY_DELETE, ['Smith'])], 'givenname': [(MODIFY_REPLACE, ['Mary', 'Jane'])]}) print(10, conn.last_error) conn.modify_dn('cn=b.smith,ou=moved,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'cn=b.smith', new_superior='ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org') print(11, conn.last_error) conn.modify('cn=b.smith,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', {'sn': [(MODIFY_DELETE, ['Johnson'])], 'givenname': [(MODIFY_REPLACE, ['Beatrix'])]}) print(12, conn.last_error) conn.modify_dn('cn=b.smith,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'cn=b.young') print(13, conn.last_error) conn.add('cn=m.johnson,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'inetOrgPerson', {'givenName': 'Mary Ann', 'sn': 'Johnson', 'departmentNumber': 'DEV', 'telephoneNumber': 2222}) print(14, conn.last_error) conn.add('cn=q.gray,ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org', 'inetOrgPerson', {'givenName': 'Quentin', 'sn': 'Gray', 'departmentNumber': 'QA', 'telephoneNumber': 3333}) print(15, conn.last_error) obj_person = ObjectDef('inetOrgPerson', conn) r = Reader(conn, obj_person, 'ou=ldap3-tutorial,dc=demo1,dc=freeipa,dc=org') r.search() print(r) w = Writer.from_cursor(r) print(w) print(w[0]) e = w[0] print(e.entry_dn) print(e.entry_attributes) print(e.entry_attributes_as_dict) print(e.entry_mandatory_attributes) print(e.entry_to_ldif()) print(e.entry_to_json(include_empty=False))
def test_paged_search_accumulator_with_schema_base_object(self): self.delete_at_teardown.append(add_user(self.connection, testcase_id, 'mat-1')) r = Reader(self.connection, 'inetorgperson', self.delete_at_teardown[0][0]) entries = r.search_paged(2, True, generator=False, attributes=['cn']) self.assertEqual(len(entries), 1)