/usr/lib/python2.7/dist-packages/django_python3_ldap/utils.py is in python-django-python3-ldap 0.11.1-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 | """
Some useful LDAP utilities.
"""
import re
import binascii
from django.utils.encoding import force_text
from django.utils.module_loading import import_string
from django.utils import six
from django_python3_ldap.conf import settings
def import_func(func):
if callable(func):
return func
elif isinstance(func, six.string_types):
return import_string(func)
raise AttributeError("Expected a function {0!r}".format(func))
def clean_ldap_name(name):
"""
Transforms the given name into a form that
won't interfere with LDAP queries.
"""
return re.sub(
r'[^a-zA-Z0-9 _\-.@]',
lambda c: "\\" + force_text(binascii.hexlify(c.group(0).encode("latin-1", errors="ignore"))).upper(),
force_text(name),
)
def convert_model_fields_to_ldap_fields(model_fields):
"""
Converts a set of model fields into a set of corresponding
LDAP fields.
"""
return {
settings.LDAP_AUTH_USER_FIELDS[field_name]: field_value
for field_name, field_value
in model_fields.items()
}
def format_search_filter(model_fields):
"""
Creates an LDAP search filter for the given set of model
fields.
"""
ldap_fields = convert_model_fields_to_ldap_fields(model_fields)
ldap_fields["objectClass"] = settings.LDAP_AUTH_OBJECT_CLASS
search_filters = import_func(settings.LDAP_AUTH_FORMAT_SEARCH_FILTERS)(ldap_fields)
return "(&{})".format("".join(search_filters))
def clean_user_data(model_fields):
"""
Transforms the user data loaded from
LDAP into a form suitable for creating a user.
"""
return model_fields
def format_username_openldap(model_fields):
"""
Formats a user identifier into a username suitable for
binding to an OpenLDAP server.
"""
return "{user_identifier},{search_base}".format(
user_identifier=",".join(
"{attribute_name}={field_value}".format(
attribute_name=clean_ldap_name(field_name),
field_value=clean_ldap_name(field_value),
)
for field_name, field_value
in convert_model_fields_to_ldap_fields(model_fields).items()
),
search_base=settings.LDAP_AUTH_SEARCH_BASE,
)
def format_username_active_directory(model_fields):
"""
Formats a user identifier into a username suitable for
binding to an Active Directory server.
"""
username = model_fields["username"]
if settings.LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN:
username = "{domain}\\{username}".format(
domain=settings.LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN,
username=username,
)
return username
def format_username_active_directory_principal(model_fields):
"""
Formats a user identifier into a username suitable for
binding to an Active Directory server.
"""
username = model_fields["username"]
if settings.LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN:
username = "{username}@{domain}".format(
username=username,
domain=settings.LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN,
)
return username
def sync_user_relations(user, ldap_attributes):
# do nothing by default
pass
def format_search_filters(ldap_fields):
return [
"({attribute_name}={field_value})".format(
attribute_name=clean_ldap_name(field_name),
field_value=clean_ldap_name(field_value),
)
for field_name, field_value
in ldap_fields.items()
]
|