Compare commits
No commits in common. "d75574e07827f68fb8c89ac4905e09fe88bee70c" and "26d63b7c7d2dcff099c008c6c97041cdc8913361" have entirely different histories.
d75574e078
...
26d63b7c7d
|
@ -41,7 +41,6 @@ class AuthLDAP(AuthPlugin):
|
||||||
self.password_hash = config.get("password_hash", "SSHA").upper()
|
self.password_hash = config.get("password_hash", "SSHA").upper()
|
||||||
self.object_classes = config.get("object_classes", ["inetOrgPerson"])
|
self.object_classes = config.get("object_classes", ["inetOrgPerson"])
|
||||||
self.user_attributes: dict = config.get("user_attributes", {})
|
self.user_attributes: dict = config.get("user_attributes", {})
|
||||||
self.dn_template = config.get("dn_template")
|
|
||||||
|
|
||||||
# TODO: might not be set if modify is called
|
# TODO: might not be set if modify is called
|
||||||
self.root_dn = config.get("root_dn", None)
|
self.root_dn = config.get("root_dn", None)
|
||||||
|
@ -88,34 +87,25 @@ class AuthLDAP(AuthPlugin):
|
||||||
key=lambda i: i["attributes"]["uidNumber"],
|
key=lambda i: i["attributes"]["uidNumber"],
|
||||||
reverse=True,
|
reverse=True,
|
||||||
)
|
)
|
||||||
attributes["uidNumber"] = resp[0]["attributes"]["uidNumber"] + 1 if resp else attributes["uidNumber"]
|
attributes = resp[0]["attributes"]["uidNumber"] + 1 if resp else attributes["uidNumber"]
|
||||||
dn = self.dn_template.format(
|
dn = self.dn_template.format(
|
||||||
user=user,
|
firstname=user.firstname,
|
||||||
|
lastname=user.lastname,
|
||||||
|
userid=user.userid,
|
||||||
|
mail=user.mail,
|
||||||
|
display_name=user.display_name,
|
||||||
base_dn=self.base_dn,
|
base_dn=self.base_dn,
|
||||||
)
|
)
|
||||||
if "default_gid" in attributes:
|
|
||||||
default_gid = attributes.pop("default_gid")
|
|
||||||
attributes["gidNumber"] = default_gid
|
|
||||||
if "homeDirectory" in attributes:
|
|
||||||
attributes["homeDirectory"] = attributes.get("homeDirectory").format(
|
|
||||||
firstname=user.firstname,
|
|
||||||
lastname=user.lastname,
|
|
||||||
userid=user.userid,
|
|
||||||
mail=user.mail,
|
|
||||||
display_name=user.display_name,
|
|
||||||
)
|
|
||||||
attributes.update(
|
attributes.update(
|
||||||
{
|
{
|
||||||
"sn": user.lastname,
|
"sn": user.lastname,
|
||||||
"givenName": user.firstname,
|
"givenName": user.firstname,
|
||||||
"uid": user.userid,
|
"uid": user.userid,
|
||||||
"userPassword": self.__hash(password),
|
"userPassword": self.__hash(password),
|
||||||
"mail": user.mail,
|
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
ldap_conn.add(dn, self.object_classes, attributes)
|
ldap_conn.add(dn, self.object_classes, attributes)
|
||||||
self._set_roles(user)
|
self._set_roles(user)
|
||||||
self.update_user(user)
|
|
||||||
except (LDAPPasswordIsMandatoryError, LDAPBindError):
|
except (LDAPPasswordIsMandatoryError, LDAPBindError):
|
||||||
raise BadRequest
|
raise BadRequest
|
||||||
|
|
||||||
|
|
|
@ -167,28 +167,6 @@ def export(arguments):
|
||||||
gen.write()
|
gen.write()
|
||||||
|
|
||||||
|
|
||||||
def ldap_sync(arguments):
|
|
||||||
from flaschengeist.app import create_app
|
|
||||||
from flaschengeist.controller import userController
|
|
||||||
from flaschengeist.plugins.auth_ldap import AuthLDAP
|
|
||||||
from ldap3 import SUBTREE
|
|
||||||
|
|
||||||
app = create_app()
|
|
||||||
with app.app_context():
|
|
||||||
auth_ldap: AuthLDAP = app.config.get("FG_PLUGINS").get("auth_ldap")
|
|
||||||
if auth_ldap:
|
|
||||||
conn = auth_ldap.ldap.connection
|
|
||||||
if not conn:
|
|
||||||
conn = auth_ldap.ldap.connect(auth_ldap.root_dn, auth_ldap.root_secret)
|
|
||||||
conn.search(auth_ldap.search_dn, "(uid=*)", SUBTREE, attributes=["uid", "givenName", "sn", "mail"])
|
|
||||||
ldap_users_response = conn.response
|
|
||||||
for ldap_user in ldap_users_response:
|
|
||||||
uid = ldap_user["attributes"]["uid"][0]
|
|
||||||
userController.find_user(uid)
|
|
||||||
exit()
|
|
||||||
raise Exception("auth_ldap not found")
|
|
||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
# create the top-level parser
|
# create the top-level parser
|
||||||
parser = argparse.ArgumentParser()
|
parser = argparse.ArgumentParser()
|
||||||
|
@ -214,8 +192,5 @@ if __name__ == "__main__":
|
||||||
)
|
)
|
||||||
parser_export.add_argument("--plugins", help="Also export plugins (none means all)", nargs="*")
|
parser_export.add_argument("--plugins", help="Also export plugins (none means all)", nargs="*")
|
||||||
|
|
||||||
parser_ldap_sync = subparsers.add_parser("ldap_sync", help="synch ldap-users with database")
|
|
||||||
parser_ldap_sync.set_defaults(func=ldap_sync)
|
|
||||||
|
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
args.func(args)
|
args.func(args)
|
||||||
|
|
Loading…
Reference in New Issue