Allow for additional filter parameters to be send through the API

author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com> 2011-07-06 18:23:35 +0100
committer: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com> 2011-07-06 18:23:35 +0100
commit: 00ef2f73974fd25b437f43d4feb978edcdd741e7 (patch)
tree: ae76563788ab74555a9784765fe72690e480db65 /pykolab
parent: a538ca41792679ca44f6abbb0e44d848b5c3f5e3 (diff)
download: pykolab-00ef2f73974fd25b437f43d4feb978edcdd741e7.tar.gz
2 files changed, 19 insertions, 24 deletions
diff --git a/pykolab/auth/__init__.py b/pykolab/auth/__init__.py
index be10efa..b75b214 100644
--- a/pykolab/auth/__init__.py
+++ b/pykolab/auth/__init__.py
@@ -136,9 +136,9 @@ class Auth(object):
 
         self._auth[domain]._disconnect()
 
-    def find_user(self, attr, value, domain=None):
+    def find_user(self, attr, value, domain=None, **kw):
         self.connect(domain)
-        return self._auth[domain]._find_user(attr, value, domain=domain)
+        return self._auth[domain]._find_user(attr, value, domain=domain, **kw)
 
     def list_domains(self):
         """
diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py
index 1849a28..805ebd5 100644
--- a/pykolab/auth/ldap/__init__.py
+++ b/pykolab/auth/ldap/__init__.py
@@ -241,7 +241,7 @@ class LDAP(object):
 
         return _user_dn
 
-    def _find_user(self, attr, value, domain=None):
+    def _find_user(self, attr, value, domain=None, additional_filter=None):
         self._connect()
         self._bind()
 
@@ -260,10 +260,21 @@ class LDAP(object):
                 'user_base_dn'
             ) %({'base_dn': domain_root_dn})
 
-        search_filter = "(%s=%s)" %(
-                attr,
-                value
-            )
+        if type(attr) == str:
+            search_filter = "(%s=%s)" %(
+                    attr,
+                    value
+                )
+        elif type(attr) == list:
+            search_filter = "(|"
+            for _attr in attr:
+                search_filter = "%s(%s=%s)" %(search_filter, _attr, value)
+            search_filter = "%s)" %(search_filter)
+
+        if additional_filter:
+            search_filter = additional_filter % { 'search_filter': search_filter }
+
+        log.debug(_("Attempting to find the user with search filter: %s") %(search_filter), level=8)
 
         _results = self.ldap.search_s(
                 user_base_dn,
@@ -275,23 +286,7 @@ class LDAP(object):
         if len(_results) == 1:
             (_user_dn, _user_attrs) = _results[0]
         else:
-            # Retry to find the user_dn with just uid=%s against the root_dn,
-            # if the login is not fully qualified
-            if len(login.split('@')) < 2:
-                search_filter = "(uid=%s)" %(login)
-                _results = self.ldap.search_s(
-                        domain_root_dn,
-                        scope=ldap.SCOPE_SUBTREE,
-                        filterstr=search_filter,
-                        attrlist=[ 'dn' ]
-                    )
-                if len(_results) == 1:
-                    (_user_dn, _user_attrs) = _results[0]
-                else:
-                    # Overall fail
-                    return False
-            else:
-                return False
+            return False
 
         return _user_dn
author	Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>	2011-07-06 18:23:35 +0100
committer	Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>	2011-07-06 18:23:35 +0100
commit	00ef2f73974fd25b437f43d4feb978edcdd741e7 (patch)
tree	ae76563788ab74555a9784765fe72690e480db65 /pykolab
parent	a538ca41792679ca44f6abbb0e44d848b5c3f5e3 (diff)
download	pykolab-00ef2f73974fd25b437f43d4feb978edcdd741e7.tar.gz