Renamed LDAPObject.rdn in LDAPObject.rdn_attribute

2023-03-08 16:25:50 +01:00 · 2023-03-08 16:25:50 +01:00 · 7e42467bfc
commit 7e42467bfc
parent 5d9a41f18b
4 changed files with 21 additions and 17 deletions
--- a/canaille/ldap_backend/backend.py
+++ b/canaille/ldap_backend/backend.py
@ -18,7 +18,9 @@ def setup_ldap_models(config):

    user_base = config["LDAP"]["USER_BASE"].replace(f',{config["LDAP"]["ROOT_DN"]}', "")
    User.base = user_base
-    User.rdn = config["LDAP"].get("USER_ID_ATTRIBUTE", User.DEFAULT_ID_ATTRIBUTE)
+    User.rdn_attribute = config["LDAP"].get(
+        "USER_ID_ATTRIBUTE", User.DEFAULT_ID_ATTRIBUTE
+    )
    User.object_class = [config["LDAP"].get("USER_CLASS", User.DEFAULT_OBJECT_CLASS)]

    group_base = (
@ -27,7 +29,9 @@ def setup_ldap_models(config):
        .replace(f',{config["LDAP"]["ROOT_DN"]}', "")
    )
    Group.base = group_base or None
-    Group.rdn = config["LDAP"].get("GROUP_ID_ATTRIBUTE", Group.DEFAULT_ID_ATTRIBUTE)
+    Group.rdn_attribute = config["LDAP"].get(
+        "GROUP_ID_ATTRIBUTE", Group.DEFAULT_ID_ATTRIBUTE
+    )
    Group.object_class = [config["LDAP"].get("GROUP_CLASS", Group.DEFAULT_OBJECT_CLASS)]


--- a/canaille/ldap_backend/ldapobject.py
+++ b/canaille/ldap_backend/ldapobject.py
@ -13,7 +13,7 @@ class LDAPObject:
    _must = None
    base = None
    root_dn = None
-    rdn = None
+    rdn_attribute = None
    attribute_table = None
    object_class = None

@ -26,8 +26,7 @@ class LDAPObject:
            setattr(self, name, value)

    def __repr__(self):
-        rdn = getattr(self, self.rdn, "?")
-        return f"<{self.__class__.__name__} {self.rdn}={rdn}>"
+        return f"<{self.__class__.__name__} {self.rdn_attribute}={self.rdn_value}>"

    def __eq__(self, other):
        return (
@ -77,13 +76,14 @@ class LDAPObject:
    def __setitem__(self, item, value):
        return setattr(self, item, value)

+    @property
+    def rdn_value(self):
+        value = getattr(self, self.rdn_attribute)
+        return (value[0] if isinstance(value, list) else value).strip()
+
    @property
    def dn(self):
-        if self.rdn in self.changes:
-            rdn = self.changes[self.rdn][0]
-        else:
-            rdn = self.attrs[self.rdn][0]
-        return f"{self.rdn}={ldap.dn.escape_dn_chars(rdn.strip())},{self.base},{self.root_dn}"
+        return f"{self.rdn_attribute}={ldap.dn.escape_dn_chars(self.rdn_value)},{self.base},{self.root_dn}"

    def may(self):
        if not self._may:
@ -205,7 +205,7 @@ class LDAPObject:
        if base is None:
            base = f"{cls.base},{cls.root_dn}"
        elif "=" not in base:
-            base = f"{cls.rdn}={base},{cls.base},{cls.root_dn}"
+            base = f"{cls.rdn_attribute}={base},{cls.base},{cls.root_dn}"

        class_filter = (
            "".join([f"(objectClass={oc})" for oc in cls.object_class])
--- a/canaille/oidc/models.py
+++ b/canaille/oidc/models.py
@ -10,7 +10,7 @@ from canaille.ldap_backend.ldapobject import LDAPObject
 class Client(LDAPObject, ClientMixin):
    object_class = ["oauthClient"]
    base = "ou=clients,ou=oauth"
-    rdn = "oauthClientID"
+    rdn_attribute = "oauthClientID"

    client_info_attributes = {
        "client_id": "oauthClientID",
@ -111,7 +111,7 @@ class Client(LDAPObject, ClientMixin):
 class AuthorizationCode(LDAPObject, AuthorizationCodeMixin):
    object_class = ["oauthAuthorizationCode"]
    base = "ou=authorizations,ou=oauth"
-    rdn = "oauthAuthorizationCodeID"
+    rdn_attribute = "oauthAuthorizationCodeID"
    attribute_table = {
        "authorization_code_id": "oauthAuthorizationCodeID",
        "description": "description",
@ -151,7 +151,7 @@ class AuthorizationCode(LDAPObject, AuthorizationCodeMixin):
 class Token(LDAPObject, TokenMixin):
    object_class = ["oauthToken"]
    base = "ou=tokens,ou=oauth"
-    rdn = "oauthTokenID"
+    rdn_attribute = "oauthTokenID"
    attribute_table = {
        "token_id": "oauthTokenID",
        "access_token": "oauthAccessToken",
@ -212,7 +212,7 @@ class Token(LDAPObject, TokenMixin):
 class Consent(LDAPObject):
    object_class = ["oauthConsent"]
    base = "ou=consents,ou=oauth"
-    rdn = "cn"
+    rdn_attribute = "cn"
    attribute_table = {
        "cn": "cn",
        "subject": "oauthSubject",
--- a/tests/ldap/test_utils.py
+++ b/tests/ldap/test_utils.py
@ -10,8 +10,8 @@ from canaille.models import User


 def test_repr(slapd_connection, foo_group, user):
-    assert repr(foo_group) == "<Group cn=['foo']>"
-    assert repr(user) == "<User cn=['John (johnny) Doe']>"
+    assert repr(foo_group) == "<Group cn=foo>"
+    assert repr(user) == "<User cn=John (johnny) Doe>"


 def test_equality(slapd_connection, foo_group, bar_group):