From d7ec7e24dfbe47f3dce2a6bb0b79cd3b42eaf92e Mon Sep 17 00:00:00 2001 From: Thomas Bruederli Date: Fri, 4 Jul 2014 22:19:25 -0400 Subject: Fix broken Auth.find_user() and LDAP._find_user_dn() methods; add wrapper method Auth.find_user_dn() --- pykolab/auth/__init__.py | 5 ++++- pykolab/auth/ldap/__init__.py | 28 ++++++++++++++++------------ 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/pykolab/auth/__init__.py b/pykolab/auth/__init__.py index fa081b8..7309b21 100644 --- a/pykolab/auth/__init__.py +++ b/pykolab/auth/__init__.py @@ -205,7 +205,10 @@ class Auth(pykolab.base.Base): return result def find_user(self, attr, value, **kw): - return self._auth._find_user(attr, value, **kw) + return self._auth.search_entry_by_attribute(attr, value, **kw) + + def find_user_dn(self, login, kolabuser=False): + return self._auth._find_user_dn(login, kolabuser); def list_domains(self, domain=None): """ diff --git a/pykolab/auth/ldap/__init__.py b/pykolab/auth/ldap/__init__.py index 148ecf8..d1a0b2d 100644 --- a/pykolab/auth/ldap/__init__.py +++ b/pykolab/auth/ldap/__init__.py @@ -1987,16 +1987,17 @@ class LDAP(pykolab.base.Base): else: return _type - def _find_user_dn(self, login, realm): + def _find_user_dn(self, login, kolabuser=False): """ - Find the distinguished name (DN) for an entry in LDAP. + Find the distinguished name (DN) for a (Kolab) user entry in LDAP. """ + conf_prefix = 'kolab_' if kolabuser else '' domain_root_dn = self._kolab_domain_root_dn(self.domain) - base_dn = self.config_get('user_base_dn') - if base_dn == None: - base_dn = self.config_get('base_dn') + user_base_dn = self.config_get(conf_prefix + 'user_base_dn') + if user_base_dn == None: + user_base_dn = self.config_get('base_dn') auth_attrs = self.config_get_list('auth_attributes') @@ -2004,18 +2005,21 @@ class LDAP(pykolab.base.Base): for auth_attr in auth_attrs: auth_search_filter.append('(%s=%s)' % (auth_attr,login)) - auth_search_filter.append( - '(%s=%s@%s)' % ( - auth_attr, - login, - self.domain - ) - ) + if not '@' in login: + auth_search_filter.append( + '(%s=%s@%s)' % ( + auth_attr, + login, + self.domain + ) + ) auth_search_filter.append(')') auth_search_filter = ''.join(auth_search_filter) + user_filter = self.config_get(conf_prefix + 'user_filter') + search_filter = "(&%s%s)" % ( auth_search_filter, user_filter -- cgit v1.1