本文整理匯總了Python中ldap.filter方法的典型用法代碼示例。如果您正苦於以下問題:Python ldap.filter方法的具體用法?Python ldap.filter怎麽用?Python ldap.filter使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類ldap的用法示例。
在下文中一共展示了ldap.filter方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: search_with_additional_terms
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def search_with_additional_terms(self, term_dict, escape=True):
"""
Returns a new search object with additional search terms and-ed to the
filter string. term_dict maps attribute names to assertion values. If
you don't want the values escaped, pass escape=False.
"""
term_strings = [self.filterstr]
for name, value in term_dict.items():
if escape:
value = self.ldap.filter.escape_filter_chars(value)
term_strings.append("({}={})".format(name, value))
filterstr = "(&{})".format("".join(term_strings))
return type(self)(self.base_dn, self.scope, filterstr, attrlist=self.attrlist) 示例2: _escape_filterargs
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def _escape_filterargs(self, filterargs):
"""
Escapes values in filterargs.
filterargs is a value suitable for Django's string formatting operator
(%), which means it's either a tuple or a dict. This return a new tuple
or dict with all values escaped for use in filter strings.
"""
if isinstance(filterargs, tuple):
filterargs = tuple(
self.ldap.filter.escape_filter_chars(value) for value in filterargs
)
elif isinstance(filterargs, dict):
filterargs = {
key: self.ldap.filter.escape_filter_chars(value)
for key, value in filterargs.items()
}
else:
raise TypeError("filterargs must be a tuple or dict.")
return filterargs 示例3: ldap_search
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def ldap_search(self, ldap_filter, base=None, scope=ldap.SCOPE_SUBTREE):
if not base:
base = self.plugin_settings().get(["search_base"])
try:
client = self.get_ldap_client()
if client is not None:
self._logger.debug("Searching LDAP, base: %s and filter: %s" % (base, ldap_filter))
result = client.search_s(base, scope, ldap_filter)
client.unbind_s()
if result:
dn, data = result[0]
"""
# Dump LDAP search query results to logger
self._logger.debug("dn: %s" % dn)
for key, value in data.iteritems():
self._logger.debug("%s: %s" % (key, value))
"""
return dict(dn=dn, data=data)
except ldap.LDAPError as e:
self._logger.error(json.dumps(e.message))
return None 示例4: search_a_user
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def search_a_user(self, user_search_string=None, search_by='all_fields'):
os.environ["KRB5_CLIENT_KTNAME"] = self.FREEIPA_KTNAME
size_limit = 50
if user_search_string and search_by == 'all_fields':
filter = ldap.filter.filter_format("(&(|(givenName=*%s*)(sn=*%s*)(uid=*%s*)(mail=*%s*))(|(nsaccountlock=FALSE)(!(nsaccountlock=*))))", [user_search_string] * 4)
elif user_search_string and search_by == 'username_only':
filter = ldap.filter.filter_format("(&(uid=%s)(|(nsaccountlock=FALSE)(!(nsaccountlock=*))))", [user_search_string])
size_limit = 1
else:
filter = '(objectclass=person)'
searchParameters = {'search_base': self.FREEIPA_USER_SEARCH_BASE,
'search_filter': filter,
'attributes': ['uid', 'sn', 'givenName', 'mail'],
'size_limit': size_limit}
self.conn.search(**searchParameters)
users = []
for idx, entry in enumerate(self.conn.entries, 1):
user_dict = self.parse_ldap_entry(entry)
users.append(user_dict)
logger.info("LDAP user search for %s found %s results", user_search_string, len(users))
return users 示例5: search_a_user
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def search_a_user(self, user_search_string=None, search_by='all_fields'):
size_limit = 50
if user_search_string and search_by == 'all_fields':
filter = ldap.filter.filter_format("(|(givenName=*%s*)(sn=*%s*)(uid=*%s*)(mail=*%s*))", [user_search_string] * 4)
elif user_search_string and search_by == 'username_only':
filter = ldap.filter.filter_format("(uid=%s)", [user_search_string])
size_limit = 1
else:
filter = '(objectclass=person)'
searchParameters = {'search_base': self.LDAP_USER_SEARCH_BASE,
'search_filter': filter,
'attributes': ['uid', 'sn', 'givenName', 'mail'],
'size_limit': size_limit}
self.conn.search(**searchParameters)
users = []
for idx, entry in enumerate(self.conn.entries, 1):
user_dict = self.parse_ldap_entry(entry)
users.append(user_dict)
logger.info("LDAP user search for %s found %s results", user_search_string, len(users))
return users 示例6: ad_recursive_groups
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def ad_recursive_groups(self, groupDN):
"""
Recursively list groups belonging to a group. It will allow checking deep in the Active Directory
whether a user is allowed to enter or not
"""
LDAP_BASE_DN = Setting().get('ldap_base_dn')
groupSearchFilter = "(&(objectcategory=group)(member=%s))" % ldap.filter.escape_filter_chars(
groupDN)
result = [groupDN]
try:
groups = self.ldap_search(groupSearchFilter, LDAP_BASE_DN)
for group in groups:
result += [group[0][0]]
if 'memberOf' in group[0][1]:
for member in group[0][1]['memberOf']:
result += self.ad_recursive_groups(
member.decode("utf-8"))
return result
except ldap.LDAPError as e:
current_app.logger.exception("Recursive AD Group search error")
return result 示例7: revoke_privilege
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def revoke_privilege(self):
"""
Revoke all privileges from a user
"""
user = User.query.filter(User.username == self.username).first()
if user:
user_id = user.id
try:
DomainUser.query.filter(DomainUser.user_id == user_id).delete()
db.session.commit()
return True
except Exception as e:
db.session.rollback()
current_app.logger.error(
'Cannot revoke user {0} privileges. DETAIL: {1}'.format(
self.username, e))
return False
return False 示例8: get_groups
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def get_groups(self, username):
username = ldap.filter.escape_filter_chars(username)
userdn = self._get_user(self._byte_p2(username), NO_ATTR)
searchfilter = self.group_filter_tmpl % {
'userdn': userdn,
'username': username
}
groups = self._search_group(searchfilter, self.groupdn)
groups = groups + self._search_group(searchfilter, self.builtin)
ret = []
self._logger(
severity=logging.DEBUG,
msg="%(backend)s: groups of '%(user)s' are %(groups)s" % {
'user': username,
'groups': str(groups),
'backend': self.backend_name
}
)
for entry in groups:
ret.append(self._uni(entry[1]['cn'][0]))
return ret 示例9: get_groups_with_wildcard
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def get_groups_with_wildcard(self, groups_wildcard):
self.logger.info("Search group with wildcard: %s" % groups_wildcard)
filter = self.group_filter % groups_wildcard
result_groups = []
result = self.conn.search_s(base=self.base,
scope=ldap.SCOPE_SUBTREE,
filterstr=filter, )
for group in result:
# Skip refldap (when Active Directory used)
# [0]==None
if group[0]:
group_name = group[1]['name'][0]
self.logger.info("Find group %s" % group_name)
result_groups.append(group_name)
if not result_groups:
self.logger.info('Unable to find group "%s", skipping group wildcard' % groups_wildcard)
return result_groups 示例10: search_with_additional_term_string
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def search_with_additional_term_string(self, filterstr):
"""
Returns a new search object with filterstr and-ed to the original filter
string. The caller is responsible for passing in a properly escaped
string.
"""
filterstr = "(&{}{})".format(self.filterstr, filterstr)
return type(self)(self.base_dn, self.scope, filterstr, attrlist=self.attrlist) 示例11: execute
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def execute(self, connection, filterargs=(), escape=True):
"""
Executes the search on the given connection (an LDAPObject). filterargs
is an object that will be used for expansion of the filter string.
If escape is True, values in filterargs will be escaped.
The python-ldap library returns utf8-encoded strings. For the sake of
sanity, this method will decode all result strings and return them as
Unicode.
"""
if escape:
filterargs = self._escape_filterargs(filterargs)
try:
filterstr = self.filterstr % filterargs
results = connection.search_s(
self.base_dn, self.scope, filterstr, self.attrlist
)
except ldap.LDAPError as e:
results = []
logger.error(
"search_s('{}', {}, '{}') raised {}".format(
self.base_dn, self.scope, filterstr, pprint.pformat(e)
)
)
return self._process_results(results) 示例12: _begin
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def _begin(self, connection, filterargs=(), escape=True):
"""
Begins an asynchronous search and returns the message id to retrieve
the results.
filterargs is an object that will be used for expansion of the filter
string. If escape is True, values in filterargs will be escaped.
"""
if escape:
filterargs = self._escape_filterargs(filterargs)
try:
filterstr = self.filterstr % filterargs
msgid = connection.search(
self.base_dn, self.scope, filterstr, self.attrlist
)
except ldap.LDAPError as e:
msgid = None
logger.error(
"search('{}', {}, '{}') raised {}".format(
self.base_dn, self.scope, filterstr, pprint.pformat(e)
)
)
return msgid 示例13: find_groups_with_any_member
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def find_groups_with_any_member(self, member_dn_set, group_search, connection):
terms = [
"({}={})".format(self.member_attr, self.ldap.filter.escape_filter_chars(dn))
for dn in member_dn_set
]
filterstr = "(|{})".format("".join(terms))
search = group_search.search_with_additional_term_string(filterstr)
return search.execute(connection) 示例14: get_user_info_by_username
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def get_user_info_by_username(self):
user_info = User.query.filter(User.username == self.username).first()
return user_info 示例15: create_local_user
# 需要導入模塊: import ldap [as 別名]
# 或者: from ldap import filter [as 別名]
def create_local_user(self):
"""
Create local user witch stores username / password in the DB
"""
# check if username existed
user = User.query.filter(User.username == self.username).first()
if user:
return {'status': False, 'msg': 'Username is already in use'}
# check if email existed
user = User.query.filter(User.email == self.email).first()
if user:
return {'status': False, 'msg': 'Email address is already in use'}
# first register user will be in Administrator role
self.role_id = Role.query.filter_by(name='User').first().id
if User.query.count() == 0:
self.role_id = Role.query.filter_by(
name='Administrator').first().id
self.password = self.get_hashed_password(
self.plain_text_password) if self.plain_text_password else '*'
if self.password and self.password != '*':
self.password = self.password.decode("utf-8")
db.session.add(self)
db.session.commit()
return {'status': True, 'msg': 'Created user successfully'}