From 589ae3e3a823ad18631f93f8ce2825a69b61d5ae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20Gr=C3=B6ger?= <tim@groeger-clan.de>
Date: Sun, 22 Dec 2019 23:09:18 +0100
Subject: [PATCH] ldap search

---
 geruecht/baruser/routes.py            | 24 +++++++------------
 geruecht/controller/ldapController.py | 33 +++++++++++++++++++++++++++
 2 files changed, 41 insertions(+), 16 deletions(-)

diff --git a/geruecht/baruser/routes.py b/geruecht/baruser/routes.py
index 1852a36..62f3170 100644
--- a/geruecht/baruser/routes.py
+++ b/geruecht/baruser/routes.py
@@ -1,5 +1,5 @@
 from flask import Blueprint, request, jsonify
-from geruecht import BAR, db
+from geruecht import BAR, db, ldapController as ldap
 from geruecht.routes import verifyAccessToken
 from geruecht.model.user import User
 from datetime import datetime
@@ -90,26 +90,18 @@ def _getUsers():
         return jsonify(retVal)
     return jsonify({"error": "permission denied"}), 401
 
-@baruser.route("/barGetUser", methods=['POST'])
-def _getUser():
-    """ Get specified User
-
-        This function returns the user with posted userID and them amount and credit.
-
-        Returns:
-            JSON-File with userID, amount and credit
-            or ERROR 401 Permission Denied
-    """
+@baruser.route("/search", methods=['POST'])
+def _search():
     token = request.headers.get("Token")
-    print(token)
     accToken = verifyAccessToken(token, BAR)
 
+
     if accToken is not None:
         data = request.get_json()
-        userID = data['userId']
 
-        user = User.query.filter_by(userID=userID)
-        month = user.getGeruecht().getMonth()
+        searchString = data['searchString']
 
-        return jsonify({"userId": user.userID, "amount": month[1], "credit": month[0]})
+        retVal = ldap.searchUser(searchString)
+
+        return jsonify(retVal)
     return jsonify({"error": "permission denied"}), 401
diff --git a/geruecht/controller/ldapController.py b/geruecht/controller/ldapController.py
index dbd5a40..3646d8e 100644
--- a/geruecht/controller/ldapController.py
+++ b/geruecht/controller/ldapController.py
@@ -50,6 +50,39 @@ class LDAPController(metaclass=Singleton):
             elif data == 'bar':
                 return BAR
 
+    def __isUserInList(self, list, username):
+        help_list = []
+        for user in list:
+            help_list.append(user[1]['cn'][0].decode('utf-8'))
+        if username in help_list:
+            return True
+        return False
+
+    def searchUser(self, searchString):
+        self.connect()
+
+        name = searchString.split(" ")
+        name_result = []
+
+        if len(name) == 1:
+            name_result[0] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'givenName={}'.format(name[0]), ['cn', 'givenName', 'sn'])
+            name_result[1] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[0]),['cn', 'givenName', 'sn'])
+        else:
+            name_result[2] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE,
+                                              'givenName={}'.format(name[0]), ['cn', 'givenName', 'sn'])
+            name_result[3] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[0]),
+                                             ['cn', 'givenName', 'sn'])
+        retVal = []
+
+        for user in name_result:
+            username = user[1]['cn'][0].decode('utf-8')
+            if not self.__isUserInList(retVal, username):
+                firstname = user[1]['givenName'][0].decode('utf-8')
+                lastname = user[1]['givenName'][0].decode('utf-8')
+                retVal.append({username: username, firstname: firstname, lastname: lastname})
+
+        return retVal
+
 
 if __name__ == '__main__':
     a = LDAPController()