py.lib
5:f5082aa9fe60
Go to Latest
py.lib/ldapUtil.py
* Делаем скрипт автономней
4 # ===========================================================
5 # Статус завершения оперций
6 STATUS_OK = 0 # Всё ОК.
7 STATUS_BADAUTH = 1 # Не верные пользователь или пароль.
8 STATUS_SERVERDOWN = 2 # Сервер не доступен.
9 STATUS_SERVERERROR = 3 # Ошибка при взаимодействии с сервером.
11 class LdapError(Exception): pass
13 class LdapAuth(object):
14 def __init__(self, server, userPrefix = 'CORP\\', baseDN = 'DC=example,DC=net', attr = []):
16 self.prefix = userPrefix
22 self._needAttr = [ i for i in map(str, attr) ]
24 def __call__(self, user, passwd):
26 conn = ldap.initialize(self.server)
27 conn.set_option(ldap.OPT_REFERRALS, 0)
28 conn.simple_bind_s(self.prefix + user, passwd)
29 except ldap.INVALID_CREDENTIALS:
31 self.status = 'Invalid credentials'
32 self.statusCode = STATUS_BADAUTH
34 except ldap.SERVER_DOWN:
35 self.status = 'Server is down'
36 self.statusCode = STATUS_SERVERDOWN
41 ldapData = conn.search_s(self.baseDN, ldap.SCOPE_SUBTREE, '(cn=%s)' % user, ['memberOf'] + self._needAttr)[0][1]
42 for i in ldapData['memberOf']:
43 self.groups.append(i.split(',')[0].split('=')[1].decode('utf-8'))
44 del ldapData['memberOf']
47 self.status = 'User object from LDAP is wrong, it can be anonymous logon'
48 self.statusCode = STATUS_SERVERERROR
55 def __getitem__(self, key):
58 def memberOf(self, group):
59 """Проверка на присутствие у пользователя некоторой группы
61 if self.groups == None:
62 raise LdapError('Request membership before auth call.')
64 if not isinstance(group, unicode):
65 if isinstance(group, str):
66 group = group.decode('utf-8')
68 group = str(group).decode('utf-8')
70 if group in self.groups:
75 def __contains__(self, group):
76 return self.memberOf(group)
78 def memberOfGroups(self, groups):
79 if not len(groups) > 0: