diff --git a/canaille/account.py b/canaille/account.py
index aab2a411..2a04926f 100644
--- a/canaille/account.py
+++ b/canaille/account.py
@@ -354,11 +354,7 @@ def registration(data, hash):
def profile_create(current_app, form):
- user = User(
- objectClass=current_app.config["LDAP"].get(
- "USER_CLASS", User.DEFAULT_OBJECT_CLASS
- )
- )
+ user = User()
for attribute in form:
if attribute.name in user.may + user.must:
if isinstance(attribute.data, FileStorage):
diff --git a/canaille/ldap_backend/backend.py b/canaille/ldap_backend/backend.py
index 95bbd9ec..7161a599 100644
--- a/canaille/ldap_backend/backend.py
+++ b/canaille/ldap_backend/backend.py
@@ -120,7 +120,6 @@ def validate_configuration(config):
try:
User.ldap_object_classes(conn)
user = User(
- objectClass=["inetOrgPerson"],
cn=f"canaille_{uuid.uuid4()}",
sn=f"canaille_{uuid.uuid4()}",
uid=f"canaille_{uuid.uuid4()}",
@@ -140,7 +139,6 @@ def validate_configuration(config):
Group.ldap_object_classes(conn)
user = User(
- objectClass=["inetOrgPerson"],
cn=f"canaille_{uuid.uuid4()}",
sn=f"canaille_{uuid.uuid4()}",
uid=f"canaille_{uuid.uuid4()}",
@@ -150,7 +148,6 @@ def validate_configuration(config):
user.save(conn)
group = Group(
- objectClass=["groupOfNames"],
cn=f"canaille_{uuid.uuid4()}",
member=[user.dn],
)
diff --git a/canaille/models.py b/canaille/models.py
index 23b3293b..d18e0592 100644
--- a/canaille/models.py
+++ b/canaille/models.py
@@ -15,6 +15,10 @@ class User(LDAPObject):
self.write = set()
self.permissions = set()
self._groups = None
+ kwargs.setdefault(
+ "objectClass",
+ current_app.config["LDAP"].get("USER_CLASS", User.DEFAULT_OBJECT_CLASS),
+ )
super().__init__(*args, **kwargs)
@classmethod
@@ -171,6 +175,13 @@ class Group(LDAPObject):
DEFAULT_NAME_ATTRIBUTE = "cn"
DEFAULT_USER_FILTER = "member={user.dn}"
+ def __init__(self, *args, **kwargs):
+ kwargs.setdefault(
+ "objectClass",
+ current_app.config["LDAP"].get("GROUP_CLASS", Group.DEFAULT_OBJECT_CLASS),
+ )
+ super().__init__(*args, **kwargs)
+
@property
def name(self):
attribute = current_app.config["LDAP"].get(
diff --git a/tests/conftest.py b/tests/conftest.py
index 0dfeedac..684fa752 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -162,7 +162,6 @@ def user(app, slapd_connection):
User.ldap_object_classes(slapd_connection)
LDAPObject.ldap_object_attributes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="John (johnny) Doe",
gn="John",
sn="Doe",
@@ -185,7 +184,6 @@ def admin(app, slapd_connection):
User.ldap_object_classes(slapd_connection)
LDAPObject.ldap_object_attributes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Jane Doe",
sn="Doe",
uid="admin",
@@ -202,7 +200,6 @@ def moderator(app, slapd_connection):
User.ldap_object_classes(slapd_connection)
LDAPObject.ldap_object_attributes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Jack Doe",
sn="Doe",
uid="moderator",
@@ -239,7 +236,6 @@ def logged_moderator(moderator, testclient):
def foo_group(app, user, slapd_connection):
Group.ldap_object_classes(slapd_connection)
group = Group(
- objectClass=["groupOfNames"],
member=[user.dn],
cn="foo",
)
@@ -254,7 +250,6 @@ def foo_group(app, user, slapd_connection):
def bar_group(app, admin, slapd_connection):
Group.ldap_object_classes(slapd_connection)
group = Group(
- objectClass=["groupOfNames"],
member=[admin.dn],
cn="bar",
)
diff --git a/tests/ldap/test_utils.py b/tests/ldap/test_utils.py
index 1172597a..4abe30f9 100644
--- a/tests/ldap/test_utils.py
+++ b/tests/ldap/test_utils.py
@@ -24,7 +24,6 @@ def test_equality(slapd_connection, foo_group, bar_group):
def test_dn_when_leading_space_in_id_attribute(slapd_connection):
User.initialize(slapd_connection)
user = User(
- objectClass=["inetOrgPerson"],
cn=" Doe", # leading space
sn="Doe",
uid="user",
@@ -42,7 +41,6 @@ def test_dn_when_leading_space_in_id_attribute(slapd_connection):
def test_dn_when_ldap_special_char_in_id_attribute(slapd_connection):
User.initialize(slapd_connection)
user = User(
- objectClass=["inetOrgPerson"],
cn="#Doe", # special char
sn="Doe",
uid="user",
diff --git a/tests/oidc/test_authorization_code_flow.py b/tests/oidc/test_authorization_code_flow.py
index 755e2814..244319bd 100644
--- a/tests/oidc/test_authorization_code_flow.py
+++ b/tests/oidc/test_authorization_code_flow.py
@@ -806,7 +806,6 @@ def test_authorization_code_expired(testclient, user, client):
def test_code_with_invalid_user(testclient, admin, client):
user = User(
- objectClass=["inetOrgPerson"],
cn="John Doe",
sn="Doe",
uid="temp",
@@ -855,7 +854,6 @@ def test_code_with_invalid_user(testclient, admin, client):
def test_refresh_token_with_invalid_user(testclient, client):
user = User(
- objectClass=["inetOrgPerson"],
cn="John Doe",
sn="Doe",
uid="temp",
diff --git a/tests/test_account.py b/tests/test_account.py
index 3c6fa60f..0a154dc9 100644
--- a/tests/test_account.py
+++ b/tests/test_account.py
@@ -104,7 +104,6 @@ def test_user_without_password_first_login(testclient, slapd_connection, smtpd):
assert len(smtpd.messages) == 0
User.ldap_object_classes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Temp User",
sn="Temp",
uid="temp",
@@ -139,7 +138,6 @@ def test_first_login_account_initialization_mail_sending_failed(
User.ldap_object_classes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Temp User",
sn="Temp",
uid="temp",
@@ -162,7 +160,6 @@ def test_first_login_form_error(testclient, slapd_connection, smtpd):
assert len(smtpd.messages) == 0
User.ldap_object_classes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Temp User",
sn="Temp",
uid="temp",
@@ -187,7 +184,6 @@ def test_first_login_page_unavailable_for_users_with_password(
def test_user_password_deleted_during_login(testclient, slapd_connection):
User.ldap_object_classes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Temp User",
sn="Temp",
uid="temp",
@@ -213,7 +209,6 @@ def test_user_password_deleted_during_login(testclient, slapd_connection):
def test_user_deleted_in_session(testclient, slapd_connection):
User.ldap_object_classes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Jake Doe",
sn="Jake",
uid="jake",
@@ -276,7 +271,6 @@ def test_admin_self_deletion(testclient, slapd_connection):
LDAPObject.ldap_object_attributes(slapd_connection)
admin = User(
- objectClass=["inetOrgPerson"],
cn="Temp admin",
sn="admin",
uid="temp",
@@ -305,7 +299,6 @@ def test_user_self_deletion(testclient, slapd_connection):
LDAPObject.ldap_object_attributes(slapd_connection)
user = User(
- objectClass=["inetOrgPerson"],
cn="Temp user",
sn="user",
uid="temp",
diff --git a/tests/test_groups.py b/tests/test_groups.py
index e1330740..a08be64f 100644
--- a/tests/test_groups.py
+++ b/tests/test_groups.py
@@ -32,7 +32,6 @@ def test_set_groups(app, user, foo_group, bar_group):
def test_set_groups_with_leading_space_in_user_id_attribute(app, foo_group):
user = User(
- objectClass=["inetOrgPerson"],
cn=" Doe", # leading space in id attribute
sn="Doe",
uid="user2",
diff --git a/tests/test_profile.py b/tests/test_profile.py
index 273d93da..acf94da4 100644
--- a/tests/test_profile.py
+++ b/tests/test_profile.py
@@ -354,7 +354,6 @@ def test_password_initialization_mail(
):
User.ldap_object_classes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Temp User",
sn="Temp",
uid="temp",
@@ -390,7 +389,6 @@ def test_password_initialization_mail_send_fail(
SMTP.side_effect = mock.Mock(side_effect=OSError("unit test mail error"))
User.ldap_object_classes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Temp User",
sn="Temp",
uid="temp",
@@ -442,7 +440,6 @@ def test_impersonate_invalid_user(testclient, slapd_connection, logged_admin):
def test_password_reset_email(smtpd, testclient, slapd_connection, logged_admin):
User.ldap_object_classes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Temp User",
sn="Temp",
uid="temp",
@@ -472,7 +469,6 @@ def test_password_reset_email_failed(
SMTP.side_effect = mock.Mock(side_effect=OSError("unit test mail error"))
User.ldap_object_classes(slapd_connection)
u = User(
- objectClass=["inetOrgPerson"],
cn="Temp User",
sn="Temp",
uid="temp",