How to use the ocflib.infra.ldap.OCF_LDAP_PEOPLE function in ocflib

To help you get started, we’ve selected a few ocflib examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github ocf / ocflib / ocflib / account / search.py View on Github external
def users_by_filter(ldap_filter):
    """Returns a list of users matching an LDAP filter"""
    with ldap.ldap_ocf() as c:
        c.search(
            OCF_LDAP_PEOPLE,
            ldap_filter,
            attributes=('uid',),
            search_scope=ldap3.LEVEL,
        )
        return [entry['attributes']['uid'][0] for entry in c.response]
github ocf / ocflib / ocflib / account / search.py View on Github external
def user_attrs(uid, connection=ldap.ldap_ocf, base=OCF_LDAP_PEOPLE):
    """Returns a dictionary of LDAP attributes for a given LDAP UID.

    The returned dictionary looks like:
    {
      'uid': ['somebody'],
      'objectClass': ['ocfAccount', 'account', 'posixAccount'],
      'loginShell': ['/bin/zsh']
    }

    Returns None if no account exists with uid=user_account.
    """
    with connection() as c:
        c.search(
            base,
            '(uid={})'.format(escape_filter_chars(uid)),
            attributes=ldap3.ALL_ATTRIBUTES
github ocf / ocflib / ocflib / account / utils.py View on Github external
def dn_for_username(username):
    return 'uid={user},{base_people}'.format(
        user=username,
        base_people=OCF_LDAP_PEOPLE,
    )
github ocf / ocflib / ocflib / account / search.py View on Github external
def users_by_filter(ldap_filter):
    """Returns a list of users matching an LDAP filter"""
    with ldap.ldap_ocf() as c:
        c.search(
            OCF_LDAP_PEOPLE,
            ldap_filter,
            attributes=('uid',),
            search_scope=ldap3.LEVEL,
        )
        return [entry['attributes']['uid'][0] for entry in c.response]
github ocf / ocflib / ocflib / account / creation.py View on Github external
def _get_first_available_uid(known_uid=_KNOWN_UID):
    """Return the first available UID number.

    Searches our entire People ou in order to find it. It seems like there
    should be a better way to do this, but quick searches don't show any.

    We hard-code a value we know has already been reached and only select
    entries greater than that for performance. This value can then be cached
    and passed back in to make subsequent calls faster.
    """
    with ldap_ocf() as c:
        c.search(
            OCF_LDAP_PEOPLE,
            '(uidNumber>={KNOWN_MIN})'.format(KNOWN_MIN=known_uid),
            attributes=['uidNumber'],
        )
        uids = [int(entry['attributes']['uidNumber']) for entry in c.response]
    if uids:
        max_uid = max(uids)
    else:
        # If cached UID is later deleted, LDAP response will be empty.
        max_uid = known_uid

    assert all(start <= end for start, end in RESERVED_UID_RANGES)
    next_uid = max_uid + 1
    for start, end in sorted(RESERVED_UID_RANGES):
        if start <= next_uid <= end:
            next_uid = end + 1