fasjson.lib.ldap package

Submodules

fasjson.lib.ldap.client module

class fasjson.lib.ldap.client.LDAP(uri, basedn, login='', timeout=<Mock name='mock.NO_LIMIT' id='140650514456720'>, trace_level=0)

Bases: object

check_membership(groupname, username)

get_group(groupname, attrs=None)

get_group_members(groupname, attrs, page_size, page_number)

get_group_sponsors(groupname, attrs=None)

get_groups(attrs, page_size, page_number)

get_user(username, attrs=None)

get_user_agreements(username, page_size, page_number)

get_user_groups(username, attrs, page_size, page_number)

get_users(attrs, page_size, page_number)

search(model, sub_dn=None, base_dn=None, filters=None, attrs=None, scope=<Mock name='mock.SCOPE_SUBTREE' id='140650590797456'>, page_size=0, page_number=1)

Perform an LDAP query with pagination support.

LDAP’s pagination system is not web-compatible, because the pagination cursor is connection-specific and webservers typically have multiple processes, and therefore multiple LDAP connections. As a result, to implement pagination we proceed as such:

1. query the primary keys for the whole result set (this is rather fast because only the primary keys are queried)

2. slice this list into pages

3. make a second query including only the primary keys that are in the requested page, but requesting all attributes

4. build a LDAPResult object that takes into account the total number of entries to provide pagination information

Parameters:

• model (Model) – The object model that is being queried

• sub_dn (str, optional) – The DN of the subtree to query (no base_dn suffix). Defaults to the sub_dn provided by the model.

• filters (str) – The LDAP filters to use (in LDAP syntax)

• attrs (list, optional) – The list of attributes to request. Defaults to the model’s attributes list.

• scope (int, optional) – The LDAP scope to use. Defaults to ldap.SCOPE_SUBTREE.

• page_size (int, optional) – The number of items per page. If this is zero, disable pagination and request all items. Defaults to 0.

• page_number (int, optional) – The requested page number. Defaults to 1.

Returns:

The query result, with pagination information if appropriate.

Return type:

LDAPResult

search_users(attrs, page_number, page_size, **filters)

whoami()

class fasjson.lib.ldap.client.LDAPResult(items=None, total=None, page_size=None, page_number=None)

Bases: object

fasjson.lib.ldap.converters module

class fasjson.lib.ldap.converters.BinaryConverter(*args, **kwargs)

Bases: Converter

decode(value)

class fasjson.lib.ldap.converters.BoolConverter(ldap_name, multivalued=False)

Bases: Converter

decode(value)

class fasjson.lib.ldap.converters.Converter(ldap_name, multivalued=False)

Bases: object

decode(value)

from_ldap(value)

class fasjson.lib.ldap.converters.GeneralTimeConverter(ldap_name, multivalued=False)

Bases: Converter

decode(value)

gentime_fmt = '%Y%m%d%H%M%SZ'

fasjson.lib.ldap.models module

class fasjson.lib.ldap.models.AgreementModel

Bases: Model

fields = {'name': <fasjson.lib.ldap.converters.Converter object>}

filters = '(&(objectClass=fasAgreement)(ipaEnabledFlag=TRUE))'

primary_key = 'cn'

sub_dn = 'cn=fasagreements'

class fasjson.lib.ldap.models.GroupModel

Bases: Model

fields = {'description': <fasjson.lib.ldap.converters.Converter object>, 'discussion_url': <fasjson.lib.ldap.converters.Converter object>, 'groupname': <fasjson.lib.ldap.converters.Converter object>, 'irc': <fasjson.lib.ldap.converters.Converter object>, 'mailing_list': <fasjson.lib.ldap.converters.Converter object>, 'url': <fasjson.lib.ldap.converters.Converter object>}

filters = '(objectClass=fasGroup)'

primary_key = 'cn'

sub_dn = 'cn=groups,cn=accounts'

class fasjson.lib.ldap.models.Model

Bases: object

always_exact_match = []

classmethod attr_to_ldap(attr)

classmethod attrs_to_ldap(attrs)

classmethod convert_ldap_result(result)

fields = {}

filters = '(objectClass=*)'

classmethod get_ldap_attrs()

classmethod get_search_attrs_map()

classmethod get_sub_dn_for(name)

hidden_fields = []

primary_key = None

sub_dn = None

class fasjson.lib.ldap.models.SponsorModel

Bases: Model

fields = {'sponsors': <fasjson.lib.ldap.converters.Converter object>}

filters = '(&(objectClass=fasUser)(!(nsAccountLock=TRUE)))'

primary_key = 'memberManager'

sub_dn = 'cn=users,cn=accounts'

class fasjson.lib.ldap.models.UserModel

Bases: Model

always_exact_match = ['email', 'group']

classmethod anonymize(user)

fields = {'certificates': <fasjson.lib.ldap.converters.BinaryConverter object>, 'creation': <fasjson.lib.ldap.converters.GeneralTimeConverter object>, 'emails': <fasjson.lib.ldap.converters.Converter object>, 'github_username': <fasjson.lib.ldap.converters.Converter object>, 'gitlab_username': <fasjson.lib.ldap.converters.Converter object>, 'givenname': <fasjson.lib.ldap.converters.Converter object>, 'gpgkeyids': <fasjson.lib.ldap.converters.Converter object>, 'groups': <fasjson.lib.ldap.converters.Converter object>, 'human_name': <fasjson.lib.ldap.converters.Converter object>, 'ircnicks': <fasjson.lib.ldap.converters.Converter object>, 'is_private': <fasjson.lib.ldap.converters.BoolConverter object>, 'locale': <fasjson.lib.ldap.converters.Converter object>, 'locked': <fasjson.lib.ldap.converters.BoolConverter object>, 'pronouns': <fasjson.lib.ldap.converters.Converter object>, 'rhbzemail': <fasjson.lib.ldap.converters.Converter object>, 'rssurl': <fasjson.lib.ldap.converters.Converter object>, 'sshpubkeys': <fasjson.lib.ldap.converters.Converter object>, 'surname': <fasjson.lib.ldap.converters.Converter object>, 'timezone': <fasjson.lib.ldap.converters.Converter object>, 'username': <fasjson.lib.ldap.converters.Converter object>, 'website': <fasjson.lib.ldap.converters.Converter object>}

filters = '(&(objectClass=fasUser)(!(nsAccountLock=TRUE)))'

hidden_fields = ['groups']

primary_key = 'uid'

private_fields = ['human_name', 'surname', 'givenname', 'ircnicks', 'locale', 'timezone', 'gpgkeyids', 'github_username', 'gitlab_username', 'website', 'rssurl', 'pronouns']

sub_dn = 'cn=users,cn=accounts'

Module contents

fasjson.lib.ldap.get_client(uri, basedn, login, **kwargs)