forked from Github-Mirrors/canaille
LDAP tree refactoring
This commit is contained in:
Éloi Rivard
parent
60e6ababa8
commit
ee05ac0e8b
3 changed files with 25 additions and 14 deletions
|
|
@ -2,15 +2,19 @@ dn: ou=users,dc=mydomain,dc=tld
|
||||||
objectclass: organizationalUnit
|
objectclass: organizationalUnit
|
||||||
ou: users
|
ou: users
|
||||||
|
|
||||||
dn: ou=clients,dc=mydomain,dc=tld
|
dn: ou=oauth,dc=mydomain,dc=tld
|
||||||
objectclass: organizationalUnit
|
objectclass: organizationalUnit
|
||||||
ou: clients
|
ou: clients
|
||||||
|
|
||||||
dn: ou=tokens,dc=mydomain,dc=tld
|
dn: ou=clients,ou=oauth,dc=mydomain,dc=tld
|
||||||
|
objectclass: organizationalUnit
|
||||||
|
ou: clients
|
||||||
|
|
||||||
|
dn: ou=tokens,ou=oauth,dc=mydomain,dc=tld
|
||||||
objectclass: organizationalUnit
|
objectclass: organizationalUnit
|
||||||
ou: tokens
|
ou: tokens
|
||||||
|
|
||||||
dn: ou=groups,dc=mydomain,dc=tld
|
dn: ou=groups,ou=oauth,dc=mydomain,dc=tld
|
||||||
objectclass: organizationalUnit
|
objectclass: organizationalUnit
|
||||||
ou: groups
|
ou: groups
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -60,14 +60,21 @@ class LDAPObjectHelper:
|
||||||
cls.ocs_by_name(conn)
|
cls.ocs_by_name(conn)
|
||||||
cls.attr_type_by_name(conn)
|
cls.attr_type_by_name(conn)
|
||||||
|
|
||||||
dn = f"{cls.base},{cls.root_dn}"
|
acc = ""
|
||||||
|
for organizationalUnit in cls.base.split(",")[::-1]:
|
||||||
|
v = organizationalUnit.split("=")[1]
|
||||||
|
dn = f"{organizationalUnit}{acc},{cls.root_dn}"
|
||||||
|
acc = f",{organizationalUnit}"
|
||||||
|
try:
|
||||||
conn.add_s(
|
conn.add_s(
|
||||||
dn,
|
dn,
|
||||||
[
|
[
|
||||||
("objectClass", [b"organizationalUnit"]),
|
("objectClass", [b"organizationalUnit"]),
|
||||||
("ou", [cls.base.encode("utf-8")]),
|
("ou", [v.encode("utf-8")]),
|
||||||
],
|
],
|
||||||
)
|
)
|
||||||
|
except ldap.ALREADY_EXISTS:
|
||||||
|
pass
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def ocs_by_name(cls, conn=None):
|
def ocs_by_name(cls, conn=None):
|
||||||
|
|
|
||||||
|
|
@ -70,7 +70,7 @@ class User(LDAPObjectHelper):
|
||||||
|
|
||||||
class Client(LDAPObjectHelper, ClientMixin):
|
class Client(LDAPObjectHelper, ClientMixin):
|
||||||
objectClass = ["oauthClient"]
|
objectClass = ["oauthClient"]
|
||||||
base = "ou=clients"
|
base = "ou=clients,ou=oauth"
|
||||||
id = "oauthClientID"
|
id = "oauthClientID"
|
||||||
|
|
||||||
@property
|
@property
|
||||||
|
|
@ -139,7 +139,7 @@ class Client(LDAPObjectHelper, ClientMixin):
|
||||||
|
|
||||||
class AuthorizationCode(LDAPObjectHelper, AuthorizationCodeMixin):
|
class AuthorizationCode(LDAPObjectHelper, AuthorizationCodeMixin):
|
||||||
objectClass = ["oauthAuthorizationCode"]
|
objectClass = ["oauthAuthorizationCode"]
|
||||||
base = "ou=authorizations"
|
base = "ou=authorizations,ou=oauth"
|
||||||
id = "oauthCode"
|
id = "oauthCode"
|
||||||
|
|
||||||
@property
|
@property
|
||||||
|
|
@ -175,7 +175,7 @@ class AuthorizationCode(LDAPObjectHelper, AuthorizationCodeMixin):
|
||||||
|
|
||||||
class Token(LDAPObjectHelper, TokenMixin):
|
class Token(LDAPObjectHelper, TokenMixin):
|
||||||
objectClass = ["oauthToken"]
|
objectClass = ["oauthToken"]
|
||||||
base = "ou=tokens"
|
base = "ou=tokens,ou=oauth"
|
||||||
id = "oauthAccessToken"
|
id = "oauthAccessToken"
|
||||||
|
|
||||||
@property
|
@property
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue