From bb929f4335ecd2a00baac1b4a29033d9a438437a Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 4 May 2010 23:30:42 +0200
Subject: [PATCH] Add classes to communicate with ldap servers.

---
 www/webapp/db.py | 82 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 82 insertions(+)

diff --git a/www/webapp/db.py b/www/webapp/db.py
index 1f08817e..fdab672d 100644
--- a/www/webapp/db.py
+++ b/www/webapp/db.py
@@ -1,6 +1,7 @@
 #!/usr/bin/python
 
 import hashlib
+import ldap
 import sqlite3
 import os.path
 
@@ -49,3 +50,84 @@ class HashDatabase(object):
 		f.close()
 
 		return m.hexdigest()
+
+
+class UserDatabase(object):
+	HOST = "ldap://ldap.ipfire.org"
+	BASEDN = "ou=People,dc=mcfly,dc=local"
+
+	def __init__(self):
+		self.conn = ldap.initialize(self.HOST)
+		self.conn.simple_bind()
+
+	def __del__(self):
+		self.conn.unbind()
+
+	def _find_dn_by_name(self, name):
+		results = self._search(filterstr="(uid=%s)" % name)
+		assert len(results) == 1
+		return results[0][0]
+	
+	def _search(self, filterstr="(objectClass=*)", attrlist=None):
+		return self.conn.search_st(self.BASEDN, ldap.SCOPE_SUBTREE,
+			filterstr=filterstr, attrlist=attrlist)
+
+	def check_password(self, name, password):
+		dn = self._find_dn_by_name(name)
+		conn = ldap.initialize(self.HOST)
+		try:
+			conn.simple_bind_s(dn, password)
+			return True
+		except ldap.INVALID_CREDENTIALS:
+			return False
+		finally:
+			conn.unbind_s()
+
+	def get_user_by_id(self, id):
+		results = self._search(filterstr="(uidNumber=%s)" % id)
+		assert len(results) == 1
+		return User(results[0][1])
+
+	def get_user_by_name(self, name):
+		results = self._search(filterstr="(uid=%s)" % name)
+		assert len(results) == 1
+		return User(results[0][1])
+
+	@property
+	def users(self):
+		ret = []
+
+		for dn, attr in self._search():
+			if dn == self.BASEDN or not attr:
+				continue
+			ret.append(User(attr))
+
+		return sorted(ret)
+
+
+class User(object):
+	def __init__(self, obj):
+		self.obj = obj
+
+	def __cmp__(self, other):
+		return cmp(self.realname, other.realname)
+
+	def __repr__(self):
+		return "<%s '%s'>" % (self.__class__.__name__, self.name)
+
+	@property
+	def name(self):
+		return self.obj["uid"][0]
+
+	@property
+	def id(self):
+		return int(self.obj["uidNumber"][0])
+
+	@property
+	def mail(self):
+		#return self.obj["mail"]
+		return "%s@ipfire.org" % self.name
+
+	@property
+	def realname(self):
+		return self.obj["cn"][0]
-- 
2.47.3