set User.object_class and Group.object_class based on config when setting ldap models

permit filtering with object_class by default in User.filter() and Group.filter()
avoid having user/group base root in default filter results
This commit is contained in:
emillumine 2022-03-10 17:56:47 +01:00
parent 3c9f618564
commit da1b911172
4 changed files with 11 additions and 16 deletions

View file

@ -159,11 +159,7 @@ def firstlogin(uid):
@bp.route("/users")
@permissions_needed("manage_users")
def users(user):
users = User.filter(
objectClass=current_app.config["LDAP"].get(
"USER_CLASS", User.DEFAULT_OBJECT_CLASS
)
)
users = User.filter()
return render_template("users.html", users=users, menuitem="users")

View file

@ -19,11 +19,7 @@ bp = Blueprint("groups", __name__, url_prefix="/groups")
@bp.route("/")
@permissions_needed("manage_groups")
def groups(user):
groups = Group.filter(
objectClass=current_app.config["LDAP"].get(
"GROUP_CLASS", Group.DEFAULT_OBJECT_CLASS
)
)
groups = Group.filter()
return render_template("groups.html", groups=groups, menuitem="groups")

View file

@ -21,12 +21,18 @@ def setup_ldap_models(app):
user_base = user_base[: -len(app.config["LDAP"]["ROOT_DN"]) - 1]
User.base = user_base
User.id = app.config["LDAP"].get("USER_ID_ATTRIBUTE", User.DEFAULT_ID_ATTRIBUTE)
User.object_class = [
app.config["LDAP"].get("USER_CLASS", User.DEFAULT_OBJECT_CLASS)
]
group_base = app.config["LDAP"].get("GROUP_BASE")
if group_base.endswith(app.config["LDAP"]["ROOT_DN"]):
group_base = group_base[: -len(app.config["LDAP"]["ROOT_DN"]) - 1]
Group.base = group_base
Group.id = app.config["LDAP"].get("GROUP_ID_ATTRIBUTE", Group.DEFAULT_ID_ATTRIBUTE)
Group.object_class = [
app.config["LDAP"].get("GROUP_CLASS", Group.DEFAULT_OBJECT_CLASS)
]
def setup_backend(app):

View file

@ -188,18 +188,15 @@ class Group(LDAPObject):
def available_groups(cls, conn=None):
conn = conn or cls.ldap()
try:
attribute = current_app.config["LDAP"].get(
name_attribute = current_app.config["LDAP"].get(
"GROUP_NAME_ATTRIBUTE", Group.DEFAULT_NAME_ATTRIBUTE
)
object_class = current_app.config["LDAP"].get(
"GROUP_CLASS", Group.DEFAULT_OBJECT_CLASS
)
except KeyError:
return []
groups = cls.filter(objectClass=object_class, conn=conn)
groups = cls.filter(conn=conn)
Group.ldap_object_attributes(conn=conn)
return [(group[attribute][0], group.dn) for group in groups]
return [(group[name_attribute][0], group.dn) for group in groups]
@property
def name(self):