]>
git.ipfire.org Git - pbs.git/blob - src/buildservice/ldap.py
3 from __future__
import absolute_import
8 log
= logging
.getLogger("ldap")
12 from .decorators
import *
14 class LDAP(base
.Object
):
17 ldap_uri
= self
.settings
.get("ldap_uri")
19 log
.debug("Connecting to %s..." % ldap_uri
)
21 # Establish LDAP connection
22 return ldap
.initialize(ldap_uri
)
24 def search(self
, query
, attrlist
=None, limit
=0):
25 log
.debug("Performing LDAP query: %s" % query
)
27 search_base
= self
.settings
.get("ldap_search_base")
29 results
= self
.ldap
.search_ext_s(search_base
, ldap
.SCOPE_SUBTREE
,
30 query
, attrlist
=attrlist
, sizelimit
=limit
)
34 def auth(self
, username
, password
):
35 log
.debug("Checking credentials for %s" % username
)
37 dn
= self
.get_dn(username
)
39 log
.debug("Could not resolve %s to dn" % username
)
42 return self
.bind(dn
, password
)
44 def bind(self
, dn
, password
):
46 self
.ldap
.simple_bind_s(dn
, password
)
47 except ldap
.INVALID_CREDENTIALS
:
48 log
.debug("Account credentials for %s are invalid" % dn
)
51 log
.debug("Successfully authenticated %s" % dn
)
55 def get_dn_by_uid(self
, uid
):
56 dn
, attrs
= self
.get_user(uid
, attrlist
=["uid"])
61 log
.debug("DN for uid %s is: %s" % (uid
, dn
))
64 def get_dn_by_mail(self
, mail
):
65 result
= self
.search("(&(objectClass=posixAccount)(mail=%s))" % mail
, limit
=1, attrlist
=["uid"])
67 for dn
, attrs
in result
:
70 log
.debug("DN for mail %s is: %s" % (mail
, dn
))
73 def get_dn(self
, name
):
74 return self
.get_dn_by_uid(name
) or self
.get_dn_by_mail(name
)
76 def get_user_by_mail(self
, mail
, **kwargs
):
77 result
= self
.search("(&(objectClass=posixAccount)(mail=%s))" % mail
, limit
=1, **kwargs
)
78 for dn
, attrs
in result
:
83 def get_user_by_dn(self
, uid
, **kwargs
):
84 result
= self
.search("(&(objectClass=posixAccount)(uid=%s))" % uid
, limit
=1, **kwargs
)
85 for dn
, attrs
in result
:
90 def get_user(self
, name
, **kwargs
):
91 return self
.get_user_by_dn(name
, **kwargs
) or self
.get_user_by_mail(name
, **kwargs
)