308 self.info('while trying to authenticate %s: %s', user, ex) |
308 self.info('while trying to authenticate %s: %s', user, ex) |
309 raise AuthenticationError() |
309 raise AuthenticationError() |
310 except Exception: |
310 except Exception: |
311 self.error('while trying to authenticate %s', user, exc_info=True) |
311 self.error('while trying to authenticate %s', user, exc_info=True) |
312 raise AuthenticationError() |
312 raise AuthenticationError() |
313 eid = self.extid2eid(user['dn'], 'CWUser', session) |
313 eid = self.repo.extid2eid(self, user['dn'], 'CWUser', session) |
314 if eid < 0: |
314 if eid < 0: |
315 # user has been moved away from this source |
315 # user has been moved away from this source |
316 raise AuthenticationError() |
316 raise AuthenticationError() |
317 return eid |
317 return eid |
318 |
318 |
421 # 1. get eid for each dn and filter according to that eid if necessary |
421 # 1. get eid for each dn and filter according to that eid if necessary |
422 for i, res in enumerate(allresults): |
422 for i, res in enumerate(allresults): |
423 filteredres = [] |
423 filteredres = [] |
424 for resdict in res: |
424 for resdict in res: |
425 # get sure the entity exists in the system table |
425 # get sure the entity exists in the system table |
426 eid = self.extid2eid(resdict['dn'], 'CWUser', session) |
426 eid = self.repo.extid2eid(self, resdict['dn'], 'CWUser', session) |
427 for eidfilter in eidfilters: |
427 for eidfilter in eidfilters: |
428 if not eidfilter(eid): |
428 if not eidfilter(eid): |
429 break |
429 break |
430 else: |
430 else: |
431 resdict['eid'] = eid |
431 resdict['eid'] = eid |
535 res = cnx.search_s(base, scope, searchstr, attrs) |
535 res = cnx.search_s(base, scope, searchstr, attrs) |
536 except ldap.PARTIAL_RESULTS: |
536 except ldap.PARTIAL_RESULTS: |
537 res = cnx.result(all=0)[1] |
537 res = cnx.result(all=0)[1] |
538 except ldap.NO_SUCH_OBJECT: |
538 except ldap.NO_SUCH_OBJECT: |
539 self.info('ldap NO SUCH OBJECT') |
539 self.info('ldap NO SUCH OBJECT') |
540 eid = self.extid2eid(base, 'CWUser', session, insert=False) |
540 eid = self.repo.extid2eid(self, base, 'CWUser', session, insert=False) |
541 if eid: |
541 if eid: |
542 self.warning('deleting ldap user with eid %s and dn %s', |
542 self.warning('deleting ldap user with eid %s and dn %s', |
543 eid, base) |
543 eid, base) |
544 entity = session.entity_from_eid(eid, 'CWUser') |
544 entity = session.entity_from_eid(eid, 'CWUser') |
545 self.repo.delete_info(session, entity, self.uri, base) |
545 self.repo.delete_info(session, entity, self.uri, base) |
644 |
644 |
645 class RQL2LDAPFilter(object): |
645 class RQL2LDAPFilter(object): |
646 """generate an LDAP filter for a rql query""" |
646 """generate an LDAP filter for a rql query""" |
647 def __init__(self, source, session, args=None, mainvars=()): |
647 def __init__(self, source, session, args=None, mainvars=()): |
648 self.source = source |
648 self.source = source |
|
649 self.repo = source.repo |
649 self._ldap_attrs = source.user_rev_attrs |
650 self._ldap_attrs = source.user_rev_attrs |
650 self._base_filters = source.base_filters |
651 self._base_filters = source.base_filters |
651 self._session = session |
652 self._session = session |
652 if args is None: |
653 if args is None: |
653 args = {} |
654 args = {} |
749 '<': lambda x: x < eid, |
750 '<': lambda x: x < eid, |
750 '<=': lambda x: x <= eid, |
751 '<=': lambda x: x <= eid, |
751 }[rhs.operator] |
752 }[rhs.operator] |
752 self._eidfilters.append(filter) |
753 self._eidfilters.append(filter) |
753 return |
754 return |
754 dn = self.source.eid2extid(eid, self._session) |
755 dn = self.repo.eid2extid(self.source, eid, self._session) |
755 raise GotDN(dn) |
756 raise GotDN(dn) |
756 try: |
757 try: |
757 filter = '(%s%s)' % (self._ldap_attrs[relation.r_type], |
758 filter = '(%s%s)' % (self._ldap_attrs[relation.r_type], |
758 rhs.accept(self)) |
759 rhs.accept(self)) |
759 except KeyError: |
760 except KeyError: |