paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-19 05:58:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

management: Move query_ldap function to zproject/backends.py.

Browse Source 
This will make it simpler to organize and unit-test all of our
authentication backend code.
This commit is contained in:
Harshit Bansal
2019-03-09 06:52:14 +00:00
committed by Tim Abbott
parent 1157aef8b3
commit 13eaa49a42
2 changed files with 20 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
zerver/management/commands/query_ldap.py
View File

@@ -2,28 +2,9 @@
from argparse import ArgumentParser from argparse import ArgumentParser
from typing import Any from typing import Any
from django.conf import settings
from django.contrib.auth import get_backends
from django.core.management.base import BaseCommand from django.core.management.base import BaseCommand
from django_auth_ldap.backend import LDAPBackend, _LDAPUser
# Quick tool to test whether you're correctly authenticating to LDAP from zproject.backends import query_ldap
def query_ldap(**options: str) -> None:
email = options['email']
for backend in get_backends():
if isinstance(backend, LDAPBackend):
ldap_attrs = _LDAPUser(backend, backend.django_to_ldap_username(email)).attrs
if ldap_attrs is None:
print("No such user found")
else:
for django_field, ldap_field in settings.AUTH_LDAP_USER_ATTR_MAP.items():
value = ldap_attrs.get(ldap_field, ["LDAP field not present", ])[0]
if django_field == "avatar":
if isinstance(value, bytes):
value = "(An avatar image file)"
print("%s: %s" % (django_field, value))
if settings.LDAP_EMAIL_ATTR is not None:
print("%s: %s" % ('email', ldap_attrs[settings.LDAP_EMAIL_ATTR]))
class Command(BaseCommand): class Command(BaseCommand):
def add_arguments(self, parser: ArgumentParser) -> None: def add_arguments(self, parser: ArgumentParser) -> None:

19
zproject/backends.py
View File

@@ -3,6 +3,7 @@ from typing import Any, Dict, List, Optional, Set, Tuple, Union
from django_auth_ldap.backend import LDAPBackend, _LDAPUser from django_auth_ldap.backend import LDAPBackend, _LDAPUser
import django.contrib.auth import django.contrib.auth
from django.contrib.auth import get_backends
from django.contrib.auth.backends import RemoteUserBackend from django.contrib.auth.backends import RemoteUserBackend
from django.conf import settings from django.conf import settings
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
@@ -503,6 +504,24 @@ def sync_user_from_ldap(user_profile: UserProfile) -> bool:
return False return False
return True return True
# Quick tool to test whether you're correctly authenticating to LDAP
def query_ldap(**options: str) -> None:
email = options['email']
for backend in get_backends():
if isinstance(backend, LDAPBackend):
ldap_attrs = _LDAPUser(backend, backend.django_to_ldap_username(email)).attrs
if ldap_attrs is None:
print("No such user found")
else:
for django_field, ldap_field in settings.AUTH_LDAP_USER_ATTR_MAP.items():
value = ldap_attrs.get(ldap_field, ["LDAP field not present", ])[0]
if django_field == "avatar":
if isinstance(value, bytes):
value = "(An avatar image file)"
print("%s: %s" % (django_field, value))
if settings.LDAP_EMAIL_ATTR is not None:
print("%s: %s" % ('email', ldap_attrs[settings.LDAP_EMAIL_ATTR]))
class DevAuthBackend(ZulipAuthMixin): class DevAuthBackend(ZulipAuthMixin):
# Allow logging in as any user without a password. # Allow logging in as any user without a password.
# This is used for convenience when developing Zulip. # This is used for convenience when developing Zulip.