From 589ae3e3a823ad18631f93f8ce2825a69b61d5ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20Gr=C3=B6ger?= Date: Sun, 22 Dec 2019 23:09:18 +0100 Subject: [PATCH] ldap search --- geruecht/baruser/routes.py | 24 +++++++------------ geruecht/controller/ldapController.py | 33 +++++++++++++++++++++++++++ 2 files changed, 41 insertions(+), 16 deletions(-) diff --git a/geruecht/baruser/routes.py b/geruecht/baruser/routes.py index 1852a36..62f3170 100644 --- a/geruecht/baruser/routes.py +++ b/geruecht/baruser/routes.py @@ -1,5 +1,5 @@ from flask import Blueprint, request, jsonify -from geruecht import BAR, db +from geruecht import BAR, db, ldapController as ldap from geruecht.routes import verifyAccessToken from geruecht.model.user import User from datetime import datetime @@ -90,26 +90,18 @@ def _getUsers(): return jsonify(retVal) return jsonify({"error": "permission denied"}), 401 -@baruser.route("/barGetUser", methods=['POST']) -def _getUser(): - """ Get specified User - - This function returns the user with posted userID and them amount and credit. - - Returns: - JSON-File with userID, amount and credit - or ERROR 401 Permission Denied - """ +@baruser.route("/search", methods=['POST']) +def _search(): token = request.headers.get("Token") - print(token) accToken = verifyAccessToken(token, BAR) + if accToken is not None: data = request.get_json() - userID = data['userId'] - user = User.query.filter_by(userID=userID) - month = user.getGeruecht().getMonth() + searchString = data['searchString'] - return jsonify({"userId": user.userID, "amount": month[1], "credit": month[0]}) + retVal = ldap.searchUser(searchString) + + return jsonify(retVal) return jsonify({"error": "permission denied"}), 401 diff --git a/geruecht/controller/ldapController.py b/geruecht/controller/ldapController.py index dbd5a40..3646d8e 100644 --- a/geruecht/controller/ldapController.py +++ b/geruecht/controller/ldapController.py @@ -50,6 +50,39 @@ class LDAPController(metaclass=Singleton): elif data == 'bar': return BAR + def __isUserInList(self, list, username): + help_list = [] + for user in list: + help_list.append(user[1]['cn'][0].decode('utf-8')) + if username in help_list: + return True + return False + + def searchUser(self, searchString): + self.connect() + + name = searchString.split(" ") + name_result = [] + + if len(name) == 1: + name_result[0] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'givenName={}'.format(name[0]), ['cn', 'givenName', 'sn']) + name_result[1] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[0]),['cn', 'givenName', 'sn']) + else: + name_result[2] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, + 'givenName={}'.format(name[0]), ['cn', 'givenName', 'sn']) + name_result[3] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[0]), + ['cn', 'givenName', 'sn']) + retVal = [] + + for user in name_result: + username = user[1]['cn'][0].decode('utf-8') + if not self.__isUserInList(retVal, username): + firstname = user[1]['givenName'][0].decode('utf-8') + lastname = user[1]['givenName'][0].decode('utf-8') + retVal.append({username: username, firstname: firstname, lastname: lastname}) + + return retVal + if __name__ == '__main__': a = LDAPController()