Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
"""Print matching OCF usernames."""
search_term = msg.match.group(1).strip()
keywords = search_term.split()
if len(keywords) > 0:
search = '(&{})'.format(
''.join(
# all keywords must match either uid or cn
'(|(uid=*{keyword}*)(cn=*{keyword}*))'.format(
keyword=alphanum(keyword),
)
for keyword in keywords
),
)
with ldap.ldap_ocf() as c:
c.search(
ldap.OCF_LDAP_PEOPLE,
search,
attributes=('uid', 'cn'),
size_limit=5,
)
if len(c.response) > 0:
msg.respond(
', '.join(
sorted(
'{} ({})'.format(
entry['attributes']['uid'][0],
entry['attributes']['cn'][0],
)
for entry in c.response
def calnet_uids_by_name(name):
"""Searches for people by name and returns any CalNet UIDs found.
>>> calnet_uids_by_name("Dara Adib")
[872544]
"""
conds = ''.join(['(cn=*{}*)'.format(n) for n in name.split()])
ldap_filter = '(&{})'.format(conds)
with ldap.ldap_ucb() as c:
c.search(UCB_LDAP_PEOPLE, ldap_filter, attributes=('uid',))
return [int(entry['attributes']['uid'][0]) for entry in c.response]
keywords = search_term.split()
if len(keywords) > 0:
search = '(&{})'.format(
''.join(
# all keywords must match either uid or cn
'(|(uid=*{keyword}*)(cn=*{keyword}*))'.format(
keyword=alphanum(keyword),
)
for keyword in keywords
),
)
with ldap.ldap_ocf() as c:
c.search(
ldap.OCF_LDAP_PEOPLE,
search,
attributes=('uid', 'cn'),
size_limit=5,
)
if len(c.response) > 0:
msg.respond(
', '.join(
sorted(
'{} ({})'.format(
entry['attributes']['uid'][0],
entry['attributes']['cn'][0],
)
for entry in c.response
),
),
def user_attrs(uid, connection=ldap.ldap_ocf, base=OCF_LDAP_PEOPLE, dn=None, password=None):
"""Returns a dictionary of LDAP attributes for a given LDAP UID.
The returned dictionary looks like:
{
'uid': ['somebody'],
'objectClass': ['ocfAccount', 'account', 'posixAccount'],
'loginShell': ['/bin/zsh']
}
Returns None if no account exists with uid=user_account.
"""
with connection(dn, password) as c:
c.search(base, '(uid={})'.format(uid), attributes=ldap3.ALL_ATTRIBUTES)
if len(c.response) > 0:
return c.response[0]['attributes']
def users_by_filter(ldap_filter):
"""Returns a list of users matching an LDAP filter"""
with ldap.ldap_ocf() as c:
c.search(
OCF_LDAP_PEOPLE,
ldap_filter,
attributes=('uid',),
search_scope=ldap3.LEVEL,
)
return [entry['attributes']['uid'][0] for entry in c.response]
def users_by_filter(ldap_filter):
"""Returns a list of users matching an LDAP filter"""
with ldap.ldap_ocf() as c:
c.search(
OCF_LDAP_PEOPLE,
ldap_filter,
attributes=('uid',),
search_scope=ldap3.LEVEL,
)
return [entry['attributes']['uid'][0] for entry in c.response]
def user_attrs_ucb(uid):
return user_attrs(uid, connection=ldap.ldap_ucb,
base=UCB_LDAP_PEOPLE)
"""Adds or modifies arbitrary attributes of a user's LDAP record subject to
minor validation beyond the LDAP schema.
At the moment, the only attribute that benefits from extra validation is
the 'loginShell' attribute.
"""
login_shell = attributes.get('loginShell', None)
if login_shell is not None:
if not isinstance(login_shell, str):
raise ValueError('Login shell must be a string')
if not misc.validators.valid_login_shell(login_shell):
raise ValueError("Invalid login shell '{}'".format(login_shell))
ldap_ocf.modify_ldap_entry(
utils.dn_for_username(username),
attributes,
**kwargs
)