Skip to content
Snippets Groups Projects
Commit 3e2d2e7b authored by admiralobvious's avatar admiralobvious
Browse files

fix ldap filter import

parent 2e0a46d3
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
docs/index.rst
+ 4
0
View file @ 3e2d2e7b
...@@ -114,6 +114,10 @@ History ...@@ -114,6 +114,10 @@ History
Changes: Changes:
- 1.0.1 June 5, 2016
- Fix ldap filter import.
- 1.0.0 June 4, 2016 - 1.0.0 June 4, 2016
- Python 3.x support. Switched from python-ldap to pyldap which is a fork with Python 3.x support. - Python 3.x support. Switched from python-ldap to pyldap which is a fork with Python 3.x support.
......
flask_simpleldap/__init__.py
+ 15
15
View file @ 3e2d2e7b
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
import re import re
from functools import wraps from functools import wraps
import ldap import ldap
from ldap import filter from ldap import filter as ldap_filter
from flask import abort, current_app, g, make_response, redirect, url_for, \ from flask import abort, current_app, g, make_response, redirect, url_for, \
request request
...@@ -93,7 +93,7 @@ class LDAP(object): ...@@ -93,7 +93,7 @@ class LDAP(object):
conn.start_tls_s() conn.start_tls_s()
return conn return conn
except ldap.LDAPError as e: except ldap.LDAPError as e:
raise LDAPException(self.error(e)) raise LDAPException(self.error(e.args))
@property @property
def bind(self): def bind(self):
...@@ -111,7 +111,7 @@ class LDAP(object): ...@@ -111,7 +111,7 @@ class LDAP(object):
current_app.config['LDAP_PASSWORD']) current_app.config['LDAP_PASSWORD'])
return conn return conn
except ldap.LDAPError as e: except ldap.LDAPError as e:
raise LDAPException(self.error(e)) raise LDAPException(self.error(e.args))
def bind_user(self, username, password): def bind_user(self, username, password):
"""Attempts to bind a user to the LDAP server using the credentials """Attempts to bind a user to the LDAP server using the credentials
...@@ -158,12 +158,12 @@ class LDAP(object): ...@@ -158,12 +158,12 @@ class LDAP(object):
if user is not None: if user is not None:
if not dn_only: if not dn_only:
fields = current_app.config['LDAP_USER_FIELDS'] fields = current_app.config['LDAP_USER_FIELDS']
query = filter.filter_format( query = ldap_filter.filter_format(
current_app.config['LDAP_USER_OBJECT_FILTER'], (user,)) current_app.config['LDAP_USER_OBJECT_FILTER'], (user,))
elif group is not None: elif group is not None:
if not dn_only: if not dn_only:
fields = current_app.config['LDAP_GROUP_FIELDS'] fields = current_app.config['LDAP_GROUP_FIELDS']
query = filter.filter_format( query = ldap_filter.filter_format(
current_app.config['LDAP_GROUP_OBJECT_FILTER'], (group,)) current_app.config['LDAP_GROUP_OBJECT_FILTER'], (group,))
conn = self.bind conn = self.bind
try: try:
...@@ -187,7 +187,7 @@ class LDAP(object): ...@@ -187,7 +187,7 @@ class LDAP(object):
result[k] = v result[k] = v
return result return result
except ldap.LDAPError as e: except ldap.LDAPError as e:
raise LDAPException(self.error(e)) raise LDAPException(self.error(e.args))
def get_user_groups(self, user): def get_user_groups(self, user):
"""Returns a ``list`` with the user's groups or ``None`` if """Returns a ``list`` with the user's groups or ``None`` if
...@@ -203,14 +203,14 @@ class LDAP(object): ...@@ -203,14 +203,14 @@ class LDAP(object):
[str(current_app.config['LDAP_GROUP_MEMBER_FILTER_FIELD'])] [str(current_app.config['LDAP_GROUP_MEMBER_FILTER_FIELD'])]
records = conn.search_s( records = conn.search_s(
current_app.config['LDAP_BASE_DN'], ldap.SCOPE_SUBTREE, current_app.config['LDAP_BASE_DN'], ldap.SCOPE_SUBTREE,
ldap.filter.filter_format( ldap_filter.filter_format(
current_app.config['LDAP_GROUP_MEMBER_FILTER'], current_app.config['LDAP_GROUP_MEMBER_FILTER'],
(self.get_object_details(user, dn_only=True),)), (self.get_object_details(user, dn_only=True),)),
fields) fields)
else: else:
records = conn.search_s( records = conn.search_s(
current_app.config['LDAP_BASE_DN'], ldap.SCOPE_SUBTREE, current_app.config['LDAP_BASE_DN'], ldap.SCOPE_SUBTREE,
ldap.filter.filter_format( ldap_filter.filter_format(
current_app.config['LDAP_USER_OBJECT_FILTER'], current_app.config['LDAP_USER_OBJECT_FILTER'],
(user,)), (user,)),
[current_app.config['LDAP_USER_GROUPS_FIELD']]) [current_app.config['LDAP_USER_GROUPS_FIELD']])
...@@ -228,11 +228,11 @@ class LDAP(object): ...@@ -228,11 +228,11 @@ class LDAP(object):
records[0][1]: records[0][1]:
groups = records[0][1][ groups = records[0][1][
current_app.config['LDAP_USER_GROUPS_FIELD']] current_app.config['LDAP_USER_GROUPS_FIELD']]
result = [re.findall(b'(?:cn=|CN=)(.*?),', group)[0] for result = [re.findall(b'(?:cn=|CN=)(.*?),', group)[0]
group in groups] for group in groups]
return result return result
except ldap.LDAPError as e: except ldap.LDAPError as e:
raise LDAPException(self.error(e)) raise LDAPException(self.error(e.args))
def get_group_members(self, group): def get_group_members(self, group):
"""Returns a ``list`` with the group's members or ``None`` if """Returns a ``list`` with the group's members or ``None`` if
...@@ -245,7 +245,7 @@ class LDAP(object): ...@@ -245,7 +245,7 @@ class LDAP(object):
try: try:
records = conn.search_s( records = conn.search_s(
current_app.config['LDAP_BASE_DN'], ldap.SCOPE_SUBTREE, current_app.config['LDAP_BASE_DN'], ldap.SCOPE_SUBTREE,
ldap.filter.filter_format( ldap_filter.filter_format(
current_app.config['LDAP_GROUP_OBJECT_FILTER'], (group,)), current_app.config['LDAP_GROUP_OBJECT_FILTER'], (group,)),
[current_app.config['LDAP_GROUP_MEMBERS_FIELD']]) [current_app.config['LDAP_GROUP_MEMBERS_FIELD']])
conn.unbind_s() conn.unbind_s()
...@@ -256,15 +256,15 @@ class LDAP(object): ...@@ -256,15 +256,15 @@ class LDAP(object):
current_app.config['LDAP_GROUP_MEMBERS_FIELD']] current_app.config['LDAP_GROUP_MEMBERS_FIELD']]
return members return members
except ldap.LDAPError as e: except ldap.LDAPError as e:
raise LDAPException(self.error(e)) raise LDAPException(self.error(e.args))
@staticmethod @staticmethod
def error(e): def error(e):
e = e.args[0] e = e[0]
if 'desc' in e: if 'desc' in e:
return e['desc'] return e['desc']
else: else:
return e[0] return e
@staticmethod @staticmethod
def login_required(func): def login_required(func):
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment