Commit b550cfb5 authored by Benjamin Fischer's avatar Benjamin Fischer
Browse files

[ldap_export] added function to modify user group membership & hooked it

parent 92d22cb3
......@@ -11,7 +11,7 @@ from sqlalchemy.orm import scoped_session, sessionmaker
import ldap3
from ldap3.utils.log import set_library_log_detail_level, OFF, BASIC, NETWORK, EXTENDED
from ldap3.core.exceptions import LDAPNoSuchObjectResult, LDAPAttributeOrValueExistsResult, LDAPEntryAlreadyExistsResult
from ldap3.core.exceptions import LDAPNoSuchObjectResult, LDAPAttributeOrValueExistsResult, LDAPEntryAlreadyExistsResult, LDAPNoSuchAttributeResult
logger = logging.getLogger(__name__)
......@@ -156,13 +156,16 @@ class LDAPExport(object):
self.connection.modify(dn, changes)
def group_add_member(self, groupname, username):
dn = 'cn=%s,%s' % (groupname, self.group_base)
change = {
'memberUid': [(ldap3.MODIFY_ADD, [username])],
}
self.user_set_membership(username, groupname, True)
def user_set_membership(self, username, groupname, active):
try:
self.connection.modify(dn, change)
except LDAPAttributeOrValueExistsResult:
self.connection.modify('cn=%s,%s' % (groupname, self.group_base), {
'memberUid': [
(ldap3.MODIFY_ADD if active else ldap3.MODIFY_DELETE, [username])
],
})
except (LDAPAttributeOrValueExistsResult if active else LDAPNoSuchAttributeResult):
pass
def user_set_password(self, name, password):
......@@ -198,9 +201,13 @@ class LDAPExportExtension(AbstractExtension):
vispa.register_callback("user.activate", self.on_activate)
vispa.register_callback("user.set_password", self.on_set_password)
vispa.register_callback("user.group.membership", self.on_set_membership)
def on_activate(self, user):
self.ldapexport.user_add(unicode(user.name), user.id, user.password)
def on_set_password(self, user):
self.ldapexport.user_set_password(unicode(user.name), user.password)
def on_set_membership(self, user, group, active):
self.ldapexport.user_set_membership(unicode(user.name), unicode(group.name), bool(active))
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment