import ldap from geruecht import MONEY, USER, GASTRO, BAR, Singleton class LDAPController(metaclass=Singleton): ''' Authentification over LDAP. Create Account on-the-fly ''' def __init__(self, url="ldap://192.168.5.108", dn='dc=ldap,dc=example,dc=local'): self.url = url self.dn = dn self.connect() def connect(self): try: self.client = ldap.initialize(self.url, bytes_mode=False) except Exception as err: raise err def login(self, username, password): self.connect() try: self.client.bind_s("cn={},ou=user,{}".format(username, self.dn), password) self.client.unbind_s() except: self.client.unbind_s() raise Exception("Invalid Password or Username") def getUserData(self, username): self.connect() search_data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'cn={}'.format(username), ['cn', 'givenName', 'sn']) retVal = search_data[0][1] for k,v in retVal.items(): retVal[k] = v[0].decode('utf-8') retVal['dn'] = self.dn return retVal def getGroup(self, username): retVal = [] self.connect() main_group_data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'cn={}'.format(username), ['gidNumber']) if main_group_data: main_group_number = main_group_data[0][1]['gidNumber'][0].decode('utf-8') group_data = self.client.search_s('ou=group,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'gidNumber={}'.format(main_group_number), ['cn']) if group_data: group_name = group_data[0][1]['cn'][0].decode('utf-8') if group_name == 'ldap-user': retVal.append(USER) groups_data = self.client.search_s('ou=group,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'memberUID={}'.format(username), ['cn']) for data in groups_data: print(data[1]['cn'][0].decode('utf-8')) group_name = data[1]['cn'][0].decode('utf-8') if group_name == 'finanzer': retVal.append(MONEY) elif group_name == 'gastro': retVal.append(GASTRO) elif group_name == 'bar': retVal.append(BAR) return retVal def __isUserInList(self, list, username): help_list = [] for user in list: help_list.append(user[1]['cn'][0].decode('utf-8')) if username in help_list: return True return False def searchUser(self, searchString): self.connect() name = searchString.split(" ") name_result = [] if len(name) == 1: name_result[0] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'givenName={}'.format(name[0]), ['cn', 'givenName', 'sn']) name_result[1] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[0]),['cn', 'givenName', 'sn']) else: name_result[2] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'givenName={}'.format(name[0]), ['cn', 'givenName', 'sn']) name_result[3] = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[0]), ['cn', 'givenName', 'sn']) retVal = [] for user in name_result: username = user[1]['cn'][0].decode('utf-8') if not self.__isUserInList(retVal, username): firstname = user[1]['givenName'][0].decode('utf-8') lastname = user[1]['givenName'][0].decode('utf-8') retVal.append({username: username, firstname: firstname, lastname: lastname}) return retVal if __name__ == '__main__': a = LDAPController() a.getUserData('jhille')