lauri/certidude
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude synced 2024-09-28 21:11:42 +00:00
Code Issues Activity

Don't enforce dependency on ldap module

Browse Source
This commit is contained in:
Lauri Võsandi 2017-04-13 21:03:26 +00:00
parent 413029c5ae
commit 721cce05ac
1 changed files with 6 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
certidude/user.py
View File

@ -1,8 +1,6 @@
import click import click
import grp import grp
import ldap
import ldap.sasl
import os import os
import pwd import pwd
from certidude import const, config from certidude import const, config
@ -65,6 +63,9 @@ class PosixUserManager(object):
class DirectoryConnection(object): class DirectoryConnection(object):
def __enter__(self): def __enter__(self):
import ldap
import ldap.sasl
# TODO: Implement simple bind # TODO: Implement simple bind
if not os.path.exists(config.LDAP_GSSAPI_CRED_CACHE): if not os.path.exists(config.LDAP_GSSAPI_CRED_CACHE):
raise ValueError("Ticket cache at %s not initialized, unable to " raise ValueError("Ticket cache at %s not initialized, unable to "
@ -87,8 +88,7 @@ class ActiveDirectoryUserManager(object):
with DirectoryConnection() as conn: with DirectoryConnection() as conn:
ft = config.LDAP_USER_FILTER % username ft = config.LDAP_USER_FILTER % username
attribs = "cn", "givenName", "sn", "mail", "userPrincipalName" attribs = "cn", "givenName", "sn", "mail", "userPrincipalName"
r = conn.search_s(config.LDAP_BASE, ldap.SCOPE_SUBTREE, r = conn.search_s(config.LDAP_BASE, 2, ft.encode("utf-8"), attribs)
ft.encode("utf-8"), attribs)
for dn, entry in r: for dn, entry in r:
if not dn: if not dn:
continue continue
@ -110,8 +110,7 @@ class ActiveDirectoryUserManager(object):
def filter(self, ft): def filter(self, ft):
with DirectoryConnection() as conn: with DirectoryConnection() as conn:
attribs = "givenName", "surname", "samaccountname", "cn", "mail", "userPrincipalName" attribs = "givenName", "surname", "samaccountname", "cn", "mail", "userPrincipalName"
r = conn.search_s(config.LDAP_BASE, ldap.SCOPE_SUBTREE, r = conn.search_s(config.LDAP_BASE, 2, ft.encode("utf-8"), attribs)
ft.encode("utf-8"), attribs)
for dn,entry in r: for dn,entry in r:
if not dn: if not dn:
continue continue
@ -145,8 +144,7 @@ class ActiveDirectoryUserManager(object):
def is_admin(self, user): def is_admin(self, user):
with DirectoryConnection() as conn: with DirectoryConnection() as conn:
ft = config.LDAP_ADMIN_FILTER % user.name ft = config.LDAP_ADMIN_FILTER % user.name
r = conn.search_s(config.LDAP_BASE, ldap.SCOPE_SUBTREE, r = conn.search_s(config.LDAP_BASE, 2, ft.encode("utf-8"), ["cn"])
ft.encode("utf-8"), ["cn"])
for dn, entry in r: for dn, entry in r:
if not dn: if not dn:
continue continue