import ldap from geruecht.model import MONEY, USER, GASTRO, BAR from geruecht.exceptions import PermissionDenied from . import Singleton class LDAPController(metaclass=Singleton): ''' Authentification over LDAP. Create Account on-the-fly ''' def __init__(self, url="ldap://192.168.5.108", dn='dc=ldap,dc=example,dc=local'): self.url = url self.dn = dn self.connect() def connect(self): try: self.client = ldap.initialize(self.url, bytes_mode=False) except Exception as err: raise err def login(self, username, password): self.connect() try: cn = self.client.search_s("ou=user,{}".format(self.dn), ldap.SCOPE_SUBTREE, 'uid={}'.format(username),['cn'])[0][1]['cn'][0].decode('utf-8') self.client.bind_s("cn={},ou=user,{}".format(cn, self.dn), password) self.client.unbind_s() except: self.client.unbind_s() raise PermissionDenied("Invalid Password or Username") def getUserData(self, username): self.connect() search_data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'uid={}'.format(username), ['uid', 'givenName', 'sn']) retVal = search_data[0][1] for k,v in retVal.items(): retVal[k] = v[0].decode('utf-8') retVal['dn'] = self.dn retVal['firstname'] = retVal['givenName'] retVal['lastname'] = retVal['sn'] return retVal def getGroup(self, username): retVal = [] self.connect() main_group_data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'uid={}'.format(username), ['gidNumber']) if main_group_data: main_group_number = main_group_data[0][1]['gidNumber'][0].decode('utf-8') group_data = self.client.search_s('ou=group,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'gidNumber={}'.format(main_group_number), ['cn']) if group_data: group_name = group_data[0][1]['cn'][0].decode('utf-8') if group_name == 'ldap-user': retVal.append(USER) groups_data = self.client.search_s('ou=group,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'memberUID={}'.format(username), ['cn']) for data in groups_data: print(data[1]['cn'][0].decode('utf-8')) group_name = data[1]['cn'][0].decode('utf-8') if group_name == 'finanzer': retVal.append(MONEY) elif group_name == 'gastro': retVal.append(GASTRO) elif group_name == 'bar': retVal.append(BAR) return retVal def __isUserInList(self, list, username): help_list = [] for user in list: help_list.append(user['username']) if username in help_list: return True return False def getAllUser(self): self.connect() retVal = [] data = self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, attrlist=['uid', 'givenName', 'sn']) for user in data: if 'uid' in user[1]: username = user[1]['uid'][0].decode('utf-8') firstname = user[1]['givenName'][0].decode('utf-8') lastname = user[1]['sn'][0].decode('utf-8') retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname}) return retVal def searchUser(self, searchString): self.connect() name = searchString.split(" ") for i in range(len(name)): name[i] = "*"+name[i]+"*" print(name) name_result = [] if len(name) == 1: if name[0] == "**": name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, attrlist=['uid', 'givenName', 'sn'])) else: name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'givenName={}'.format(name[0]), ['uid', 'givenName', 'sn'])) name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[0]),['uid', 'givenName', 'sn'])) else: name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'givenName={}'.format(name[1]), ['uid', 'givenName', 'sn'])) name_result.append(self.client.search_s('ou=user,{}'.format(self.dn), ldap.SCOPE_SUBTREE, 'sn={}'.format(name[1]), ['uid', 'givenName', 'sn'])) retVal = [] for names in name_result: for user in names: if 'uid' in user[1]: username = user[1]['uid'][0].decode('utf-8') if not self.__isUserInList(retVal, username): firstname = user[1]['givenName'][0].decode('utf-8') lastname = user[1]['sn'][0].decode('utf-8') retVal.append({'username': username, 'firstname': firstname, 'lastname': lastname}) return retVal if __name__ == '__main__': a = LDAPController() a.getUserData('jhille')