summaryrefslogtreecommitdiffstats
path: root/pykolab
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2011-07-06 18:23:35 +0100
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2011-07-06 18:23:35 +0100
commit00ef2f73974fd25b437f43d4feb978edcdd741e7 (patch)
treeae76563788ab74555a9784765fe72690e480db65 /pykolab
parenta538ca41792679ca44f6abbb0e44d848b5c3f5e3 (diff)
downloadpykolab-00ef2f73974fd25b437f43d4feb978edcdd741e7.tar.gz
Allow for additional filter parameters to be send through the API
Diffstat (limited to 'pykolab')
-rw-r--r--pykolab/auth/__init__.py4
-rw-r--r--pykolab/auth/ldap/__init__.py39
2 files changed, 19 insertions, 24 deletions
diff --git a/pykolab/auth/__init__.py b/pykolab/auth/__init__.py
index be10efa..b75b214 100644
--- a/pykolab/auth/__init__.py
+++ b/pykolab/auth/__init__.py
@@ -136,9 +136,9 @@ class Auth(object):
self._auth[domain]._disconnect()
- def find_user(self, attr, value, domain=None):
+ def find_user(self, attr, value, domain=None, **kw):
self.connect(domain)
- return self._auth[domain]._find_user(attr, value, domain=domain)
+ return self._auth[domain]._find_user(attr, value, domain=domain, **kw)
def list_domains(self):
"""
diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index 1849a28..805ebd5 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -241,7 +241,7 @@ class LDAP(object):
return _user_dn
- def _find_user(self, attr, value, domain=None):
+ def _find_user(self, attr, value, domain=None, additional_filter=None):
self._connect()
self._bind()
@@ -260,10 +260,21 @@ class LDAP(object):
'user_base_dn'
) %({'base_dn': domain_root_dn})
- search_filter = "(%s=%s)" %(
- attr,
- value
- )
+ if type(attr) == str:
+ search_filter = "(%s=%s)" %(
+ attr,
+ value
+ )
+ elif type(attr) == list:
+ search_filter = "(|"
+ for _attr in attr:
+ search_filter = "%s(%s=%s)" %(search_filter, _attr, value)
+ search_filter = "%s)" %(search_filter)
+
+ if additional_filter:
+ search_filter = additional_filter % { 'search_filter': search_filter }
+
+ log.debug(_("Attempting to find the user with search filter: %s") %(search_filter), level=8)
_results = self.ldap.search_s(
user_base_dn,
@@ -275,23 +286,7 @@ class LDAP(object):
if len(_results) == 1:
(_user_dn, _user_attrs) = _results[0]
else:
- # Retry to find the user_dn with just uid=%s against the root_dn,
- # if the login is not fully qualified
- if len(login.split('@')) < 2:
- search_filter = "(uid=%s)" %(login)
- _results = self.ldap.search_s(
- domain_root_dn,
- scope=ldap.SCOPE_SUBTREE,
- filterstr=search_filter,
- attrlist=[ 'dn' ]
- )
- if len(_results) == 1:
- (_user_dn, _user_attrs) = _results[0]
- else:
- # Overall fail
- return False
- else:
- return False
+ return False
return _user_dn