globuzma/canaille-globuzma
1
0
Fork 0
forked from Github-Mirrors/canaille
Code Pull requests Activity

set User.object_class and Group.object_class based on config when setting ldap models

Browse source 
permit filtering with object_class by default in User.filter() and Group.filter()
avoid having user/group base root in default filter results
This commit is contained in:
emillumine 2022-03-10 17:56:47 +01:00
parent 3c9f618564
commit da1b911172
4 changed files with 11 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
canaille/account.py
View file

@ -159,11 +159,7 @@ def firstlogin(uid):
@bp.route("/users") @bp.route("/users")
@permissions_needed("manage_users") @permissions_needed("manage_users")
def users(user): def users(user):
users = User.filter( users = User.filter()
objectClass=current_app.config["LDAP"].get(
"USER_CLASS", User.DEFAULT_OBJECT_CLASS
)
)
return render_template("users.html", users=users, menuitem="users") return render_template("users.html", users=users, menuitem="users")

6
canaille/groups.py
View file

@ -19,11 +19,7 @@ bp = Blueprint("groups", __name__, url_prefix="/groups")
@bp.route("/") @bp.route("/")
@permissions_needed("manage_groups") @permissions_needed("manage_groups")
def groups(user): def groups(user):
groups = Group.filter( groups = Group.filter()
objectClass=current_app.config["LDAP"].get(
"GROUP_CLASS", Group.DEFAULT_OBJECT_CLASS
)
)
return render_template("groups.html", groups=groups, menuitem="groups") return render_template("groups.html", groups=groups, menuitem="groups")

6
canaille/ldap_backend/backend.py
View file

@ -21,12 +21,18 @@ def setup_ldap_models(app):
user_base = user_base[: -len(app.config["LDAP"]["ROOT_DN"]) - 1] user_base = user_base[: -len(app.config["LDAP"]["ROOT_DN"]) - 1]
User.base = user_base User.base = user_base
User.id = app.config["LDAP"].get("USER_ID_ATTRIBUTE", User.DEFAULT_ID_ATTRIBUTE) User.id = app.config["LDAP"].get("USER_ID_ATTRIBUTE", User.DEFAULT_ID_ATTRIBUTE)
User.object_class = [
app.config["LDAP"].get("USER_CLASS", User.DEFAULT_OBJECT_CLASS)
]
group_base = app.config["LDAP"].get("GROUP_BASE") group_base = app.config["LDAP"].get("GROUP_BASE")
if group_base.endswith(app.config["LDAP"]["ROOT_DN"]): if group_base.endswith(app.config["LDAP"]["ROOT_DN"]):
group_base = group_base[: -len(app.config["LDAP"]["ROOT_DN"]) - 1] group_base = group_base[: -len(app.config["LDAP"]["ROOT_DN"]) - 1]
Group.base = group_base Group.base = group_base
Group.id = app.config["LDAP"].get("GROUP_ID_ATTRIBUTE", Group.DEFAULT_ID_ATTRIBUTE) Group.id = app.config["LDAP"].get("GROUP_ID_ATTRIBUTE", Group.DEFAULT_ID_ATTRIBUTE)
Group.object_class = [
app.config["LDAP"].get("GROUP_CLASS", Group.DEFAULT_OBJECT_CLASS)
]
def setup_backend(app): def setup_backend(app):

9
canaille/models.py
View file

@ -188,18 +188,15 @@ class Group(LDAPObject):
def available_groups(cls, conn=None): def available_groups(cls, conn=None):
conn = conn or cls.ldap() conn = conn or cls.ldap()
try: try:
attribute = current_app.config["LDAP"].get( name_attribute = current_app.config["LDAP"].get(
"GROUP_NAME_ATTRIBUTE", Group.DEFAULT_NAME_ATTRIBUTE "GROUP_NAME_ATTRIBUTE", Group.DEFAULT_NAME_ATTRIBUTE
) )
object_class = current_app.config["LDAP"].get(
"GROUP_CLASS", Group.DEFAULT_OBJECT_CLASS
)
except KeyError: except KeyError:
return [] return []
groups = cls.filter(objectClass=object_class, conn=conn) groups = cls.filter(conn=conn)
Group.ldap_object_attributes(conn=conn) Group.ldap_object_attributes(conn=conn)
return [(group[attribute][0], group.dn) for group in groups] return [(group[name_attribute][0], group.dn) for group in groups]
@property @property
def name(self): def name(self):