56 ('host', |
56 ('host', |
57 {'type' : 'string', |
57 {'type' : 'string', |
58 'default': 'ldap', |
58 'default': 'ldap', |
59 'help': 'ldap host. It may contains port information using \ |
59 'help': 'ldap host. It may contains port information using \ |
60 <host>:<port> notation.', |
60 <host>:<port> notation.', |
61 'group': 'ldap-source', 'inputlevel': 1, |
61 'group': 'ldap-source', 'level': 1, |
62 }), |
62 }), |
63 ('protocol', |
63 ('protocol', |
64 {'type' : 'choice', |
64 {'type' : 'choice', |
65 'default': 'ldap', |
65 'default': 'ldap', |
66 'choices': ('ldap', 'ldaps', 'ldapi'), |
66 'choices': ('ldap', 'ldaps', 'ldapi'), |
67 'help': 'ldap protocol (allowed values: ldap, ldaps, ldapi)', |
67 'help': 'ldap protocol (allowed values: ldap, ldaps, ldapi)', |
68 'group': 'ldap-source', 'inputlevel': 1, |
68 'group': 'ldap-source', 'level': 1, |
69 }), |
69 }), |
70 |
70 |
71 ('auth-mode', |
71 ('auth-mode', |
72 {'type' : 'choice', |
72 {'type' : 'choice', |
73 'default': 'simple', |
73 'default': 'simple', |
74 'choices': ('simple', 'cram_md5', 'digest_md5', 'gssapi'), |
74 'choices': ('simple', 'cram_md5', 'digest_md5', 'gssapi'), |
75 'help': 'authentication mode used to authenticate user to the ldap.', |
75 'help': 'authentication mode used to authenticate user to the ldap.', |
76 'group': 'ldap-source', 'inputlevel': 1, |
76 'group': 'ldap-source', 'level': 1, |
77 }), |
77 }), |
78 ('auth-realm', |
78 ('auth-realm', |
79 {'type' : 'string', |
79 {'type' : 'string', |
80 'default': None, |
80 'default': None, |
81 'help': 'realm to use when using gssapi/kerberos authentication.', |
81 'help': 'realm to use when using gssapi/kerberos authentication.', |
82 'group': 'ldap-source', 'inputlevel': 1, |
82 'group': 'ldap-source', 'level': 1, |
83 }), |
83 }), |
84 |
84 |
85 ('data-cnx-dn', |
85 ('data-cnx-dn', |
86 {'type' : 'string', |
86 {'type' : 'string', |
87 'default': '', |
87 'default': '', |
88 'help': 'user dn to use to open data connection to the ldap (eg used \ |
88 'help': 'user dn to use to open data connection to the ldap (eg used \ |
89 to respond to rql queries).', |
89 to respond to rql queries).', |
90 'group': 'ldap-source', 'inputlevel': 1, |
90 'group': 'ldap-source', 'level': 1, |
91 }), |
91 }), |
92 ('data-cnx-password', |
92 ('data-cnx-password', |
93 {'type' : 'string', |
93 {'type' : 'string', |
94 'default': '', |
94 'default': '', |
95 'help': 'password to use to open data connection to the ldap (eg used to respond to rql queries).', |
95 'help': 'password to use to open data connection to the ldap (eg used to respond to rql queries).', |
96 'group': 'ldap-source', 'inputlevel': 1, |
96 'group': 'ldap-source', 'level': 1, |
97 }), |
97 }), |
98 |
98 |
99 ('user-base-dn', |
99 ('user-base-dn', |
100 {'type' : 'string', |
100 {'type' : 'string', |
101 'default': 'ou=People,dc=logilab,dc=fr', |
101 'default': 'ou=People,dc=logilab,dc=fr', |
102 'help': 'base DN to lookup for users', |
102 'help': 'base DN to lookup for users', |
103 'group': 'ldap-source', 'inputlevel': 0, |
103 'group': 'ldap-source', 'level': 0, |
104 }), |
104 }), |
105 ('user-scope', |
105 ('user-scope', |
106 {'type' : 'choice', |
106 {'type' : 'choice', |
107 'default': 'ONELEVEL', |
107 'default': 'ONELEVEL', |
108 'choices': ('BASE', 'ONELEVEL', 'SUBTREE'), |
108 'choices': ('BASE', 'ONELEVEL', 'SUBTREE'), |
109 'help': 'user search scope', |
109 'help': 'user search scope', |
110 'group': 'ldap-source', 'inputlevel': 1, |
110 'group': 'ldap-source', 'level': 1, |
111 }), |
111 }), |
112 ('user-classes', |
112 ('user-classes', |
113 {'type' : 'csv', |
113 {'type' : 'csv', |
114 'default': ('top', 'posixAccount'), |
114 'default': ('top', 'posixAccount'), |
115 'help': 'classes of user', |
115 'help': 'classes of user', |
116 'group': 'ldap-source', 'inputlevel': 1, |
116 'group': 'ldap-source', 'level': 1, |
117 }), |
117 }), |
118 ('user-login-attr', |
118 ('user-login-attr', |
119 {'type' : 'string', |
119 {'type' : 'string', |
120 'default': 'uid', |
120 'default': 'uid', |
121 'help': 'attribute used as login on authentication', |
121 'help': 'attribute used as login on authentication', |
122 'group': 'ldap-source', 'inputlevel': 1, |
122 'group': 'ldap-source', 'level': 1, |
123 }), |
123 }), |
124 ('user-default-group', |
124 ('user-default-group', |
125 {'type' : 'csv', |
125 {'type' : 'csv', |
126 'default': ('users',), |
126 'default': ('users',), |
127 'help': 'name of a group in which ldap users will be by default. \ |
127 'help': 'name of a group in which ldap users will be by default. \ |
128 You can set multiple groups by separating them by a comma.', |
128 You can set multiple groups by separating them by a comma.', |
129 'group': 'ldap-source', 'inputlevel': 1, |
129 'group': 'ldap-source', 'level': 1, |
130 }), |
130 }), |
131 ('user-attrs-map', |
131 ('user-attrs-map', |
132 {'type' : 'named', |
132 {'type' : 'named', |
133 'default': {'uid': 'login', 'gecos': 'email'}, |
133 'default': {'uid': 'login', 'gecos': 'email'}, |
134 'help': 'map from ldap user attributes to cubicweb attributes', |
134 'help': 'map from ldap user attributes to cubicweb attributes', |
135 'group': 'ldap-source', 'inputlevel': 1, |
135 'group': 'ldap-source', 'level': 1, |
136 }), |
136 }), |
137 |
137 |
138 ('synchronization-interval', |
138 ('synchronization-interval', |
139 {'type' : 'int', |
139 {'type' : 'int', |
140 'default': 24*60*60, |
140 'default': 24*60*60, |
141 'help': 'interval between synchronization with the ldap \ |
141 'help': 'interval between synchronization with the ldap \ |
142 directory (default to once a day).', |
142 directory (default to once a day).', |
143 'group': 'ldap-source', 'inputlevel': 2, |
143 'group': 'ldap-source', 'level': 2, |
144 }), |
144 }), |
145 ('cache-life-time', |
145 ('cache-life-time', |
146 {'type' : 'int', |
146 {'type' : 'int', |
147 'default': 2*60, |
147 'default': 2*60, |
148 'help': 'life time of query cache in minutes (default to two hours).', |
148 'help': 'life time of query cache in minutes (default to two hours).', |
149 'group': 'ldap-source', 'inputlevel': 2, |
149 'group': 'ldap-source', 'level': 2, |
150 }), |
150 }), |
151 |
151 |
152 ) |
152 ) |
153 |
153 |
154 def __init__(self, repo, appschema, source_config, *args, **kwargs): |
154 def __init__(self, repo, appschema, source_config, *args, **kwargs): |