[gen, shared] More work on LDAP.

2013-09-06 16:19:56 +02:00 · 2013-09-06 16:19:56 +02:00 · 79d89aca2b
commit 79d89aca2b
parent 1be7d9f0ab
5 changed files with 231 additions and 103 deletions
--- a/gen/init.py
+++ b/gen/init.py
@ -368,7 +368,12 @@ class User(Model):

 # ------------------------------------------------------------------------------
 class LdapConfig:
-    '''Parameters for authenticating users to an external LDAP.'''
+    '''Parameters for authenticating users to an LDAP server.'''
+    ldapAttributes = { 'loginAttribute':None, 'emailAttribute':'email',
+                       'fullNameAttribute':'title',
+                       'firstNameAttribute':'firstName',
+                       'lastNameAttribute':'name' }
+
    def __init__(self):
        self.server = '' # Name of the LDAP server
        self.port = None # Port for this server.
@ -378,7 +383,17 @@ class LdapConfig:
        self.adminPassword = ''
        # LDAP attribute to use as login for authenticating users.
        self.loginAttribute = 'dn' # Can also be "mail", "sAMAccountName", "cn"
-        self.baseDn = '' # Base distinguished name where to find users.
+        # LDAP attributes for storing email
+        self.emailAttribute = None
+        # LDAP attribute for storing full name (first + last name)
+        self.fullNameAttribute = None
+        # Alternately, LDAP attributes for storing 1st & last names separately.
+        self.firstNameAttribute = None
+        self.lastNameAttribute = None
+        # LDAP classes defining the users stored in the LDAP.
+        self.userClasses = ('top', 'person')
+        self.baseDn = '' # Base DN where to find users in the LDAP.
+        self.scope = 'SUBTREE' # Scope of the search within self.baseDn

    def getServerUri(self):
        '''Returns the complete URI for accessing the LDAP, ie
@ -386,6 +401,37 @@ class LdapConfig:
        port = self.port or 389
        return 'ldap://%s:%d' % (self.server, port)

+    def getUserFilterValues(self, login):
+        '''Gets the filter values required to perform a query for finding user
+           corresponding to p_login in the LDAP.'''
+        res = [(self.loginAttribute, login)]
+        for userClass in self.userClasses:
+            res.append( ('objectClass', userClass) )
+        return res
+
+    def getUserAttributes(self):
+        '''Gets the attributes we want to get from the LDAP for characterizing
+           a user.'''
+        res = [self.loginAttribute]
+        for name in self.ldapAttributes.iterkeys():
+            if getattr(self, name):
+                res.append(getattr(self, name))
+        return res
+
+    def getUserParams(self, ldapData):
+        '''Formats the user-related p_ldapData retrieved from the ldap, as a
+           dict of params usable for creating or updating the corresponding
+           Appy user.'''
+        res = {}
+        for name, appyName in self.ldapAttributes.iteritems():
+            if not appyName: continue
+            # Get the name of the attribute as known in the LDAP.
+            ldapName = getattr(self, name)
+            if not ldapName: continue
+            if ldapData.has_key(ldapName) and ldapData[ldapName]:
+                res[appyName] = ldapData[ldapName]
+        return res
+
 # ------------------------------------------------------------------------------
 class Config:
    '''If you want to specify some configuration parameters for appy.gen and
@ -397,7 +443,6 @@ class Config:
       class Config(appy.gen.Config):
           langages = ('en', 'fr')
    '''
-
    # For every language code that you specify in this list, appy.gen will
    # produce and maintain translation files.
    languages = ['en']