Skip to content
Snippets Groups Projects
Verified Commit df039094 authored by Jonathan Weth's avatar Jonathan Weth :keyboard:
Browse files

Merge branch 'master' into feature/extensible-model-fk

parents 5514e0ab edc5c39d
No related branches found
No related tags found
1 merge request!305Allow adding a foreign key to Exensible Model
...@@ -209,6 +209,7 @@ if _settings.get("ldap.uri", None): ...@@ -209,6 +209,7 @@ if _settings.get("ldap.uri", None):
import ldap # noqa import ldap # noqa
from django_auth_ldap.config import ( from django_auth_ldap.config import (
LDAPSearch, LDAPSearch,
LDAPSearchUnion,
NestedGroupOfNamesType, NestedGroupOfNamesType,
NestedGroupOfUniqueNamesType, NestedGroupOfUniqueNamesType,
PosixGroupType, PosixGroupType,
...@@ -224,27 +225,44 @@ if _settings.get("ldap.uri", None): ...@@ -224,27 +225,44 @@ if _settings.get("ldap.uri", None):
AUTH_LDAP_BIND_DN = _settings.get("ldap.bind.dn") AUTH_LDAP_BIND_DN = _settings.get("ldap.bind.dn")
AUTH_LDAP_BIND_PASSWORD = _settings.get("ldap.bind.password") AUTH_LDAP_BIND_PASSWORD = _settings.get("ldap.bind.password")
# The TOML config might contain either one table or an array of tables
_AUTH_LDAP_USER_SETTINGS = _settings.get("ldap.users.search")
if not isinstance(_AUTH_LDAP_USER_SETTINGS, list):
_AUTH_LDAP_USER_SETTINGS = [_AUTH_LDAP_USER_SETTINGS]
# Search attributes to find users by username # Search attributes to find users by username
AUTH_LDAP_USER_SEARCH = LDAPSearch( AUTH_LDAP_USER_SEARCH = LDAPSearchUnion(
_settings.get("ldap.users.base"), *[
ldap.SCOPE_SUBTREE, LDAPSearch(entry["base"], ldap.SCOPE_SUBTREE, entry.get("filter", "(uid=%(user)s)"),)
_settings.get("ldap.users.filter", "(uid=%(user)s)"), for entry in _AUTH_LDAP_USER_SETTINGS
]
) )
# Mapping of LDAP attributes to Django model fields # Mapping of LDAP attributes to Django model fields
AUTH_LDAP_USER_ATTR_MAP = { AUTH_LDAP_USER_ATTR_MAP = {
"first_name": _settings.get("ldap.map.first_name", "givenName"), "first_name": _settings.get("ldap.users.map.first_name", "givenName"),
"last_name": _settings.get("ldap.map.last_name", "sn"), "last_name": _settings.get("ldap.users.map.last_name", "sn"),
"email": _settings.get("ldap.map.email", "mail"), "email": _settings.get("ldap.users.map.email", "mail"),
} }
# Discover flags by LDAP groups # Discover flags by LDAP groups
if _settings.get("ldap.groups.base", None): if _settings.get("ldap.groups.search", None):
group_type = _settings.get("ldap.groups.type", "groupOfNames") group_type = _settings.get("ldap.groups.type", "groupOfNames")
AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
_settings.get("ldap.groups.base"), # The TOML config might contain either one table or an array of tables
ldap.SCOPE_SUBTREE, _AUTH_LDAP_GROUP_SETTINGS = _settings.get("ldap.groups.search")
_settings.get("ldap.groups.filter", f"(objectClass={group_type})"), if not isinstance(_AUTH_LDAP_GROUP_SETTINGS, list):
_AUTH_LDAP_GROUP_SETTINGS = [_AUTH_LDAP_GROUP_SETTINGS]
AUTH_LDAP_GROUP_SEARCH = LDAPSearchUnion(
*[
LDAPSearch(
entry["base"],
ldap.SCOPE_SUBTREE,
entry.get("filter", f"(objectClass={group_type})"),
)
for entry in _AUTH_LDAP_GROUP_SETTINGS
]
) )
_group_type = _settings.get("ldap.groups.type", "groupOfNames").lower() _group_type = _settings.get("ldap.groups.type", "groupOfNames").lower()
......
...@@ -28,5 +28,7 @@ existing file or add a new one):: ...@@ -28,5 +28,7 @@ existing file or add a new one)::
[default.ldap] [default.ldap]
uri = "ldaps://ldap.myschool.edu" uri = "ldaps://ldap.myschool.edu"
bind = { dn = "cn=reader,dc=myschool,dc=edu", password = "secret" } bind = { dn = "cn=reader,dc=myschool,dc=edu", password = "secret" }
users = { base = "ou=people,dc=myschool,dc=edu", filter = "(uid=%(user)s)" }
[default.ldap.users]
search = { base = "ou=people,dc=myschool,dc=edu", filter = "(uid=%(user)s)" }
map = { first_name = "givenName", last_name = "sn", email = "mail" } map = { first_name = "givenName", last_name = "sn", email = "mail" }
This diff is collapsed.
...@@ -43,7 +43,7 @@ libsass = "^0.20.0" ...@@ -43,7 +43,7 @@ libsass = "^0.20.0"
colour = "^0.1.5" colour = "^0.1.5"
dynaconf = {version = "^2.0", extras = ["yaml", "toml", "ini"]} dynaconf = {version = "^2.0", extras = ["yaml", "toml", "ini"]}
django-settings-context-processor = "^0.2" django-settings-context-processor = "^0.2"
django-auth-ldap = { version = "^2.0", optional = true } django-auth-ldap = { version = "^2.2", optional = true }
django-maintenance-mode = "^0.14.0" django-maintenance-mode = "^0.14.0"
django-ipware = "^2.1" django-ipware = "^2.1"
easy-thumbnails = "^2.6" easy-thumbnails = "^2.6"
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment