Lines 420-426
class access(object):
|
Link Here
|
---|
|
420 |
return self.__recode_attribute(attr, val) |
420 |
return self.__recode_attribute(attr, val) |
421 |
|
421 |
|
422 |
@_fix_reconnect_handling |
422 |
@_fix_reconnect_handling |
423 |
def get(self, dn, attr=[], required=False): |
423 |
def get(self, dn, attr=[], required=False, ldap_filter=None): |
424 |
# type: (str, List[str], bool) -> Dict[str, List[str]] |
424 |
# type: (str, List[str], bool) -> Dict[str, List[str]] |
425 |
""" |
425 |
""" |
426 |
Return multiple attributes of a single LDAP object. |
426 |
Return multiple attributes of a single LDAP object. |
Lines 435-441
class access(object):
|
Link Here
|
---|
|
435 |
""" |
435 |
""" |
436 |
if dn: |
436 |
if dn: |
437 |
try: |
437 |
try: |
438 |
result = self.lo.search_s(dn, ldap.SCOPE_BASE, '(objectClass=*)', attr) |
438 |
result = self.lo.search_s(dn, ldap.SCOPE_BASE, ldap_filter or '(objectClass=*)', attr) |
439 |
except ldap.NO_SUCH_OBJECT: |
439 |
except ldap.NO_SUCH_OBJECT: |
440 |
result = [] |
440 |
result = [] |
441 |
if result: |
441 |
if result: |
Lines 544-556
class access(object):
|
Link Here
|
---|
|
544 |
return [x[0] for x in self.search(filter, base, scope, ['dn'], unique, required, timeout, sizelimit, serverctrls, response)] |
544 |
return [x[0] for x in self.search(filter, base, scope, ['dn'], unique, required, timeout, sizelimit, serverctrls, response)] |
545 |
|
545 |
|
546 |
@_fix_reconnect_handling |
546 |
@_fix_reconnect_handling |
547 |
def getPolicies(self, dn, policies=None, attrs=None, result=None, fixedattrs=None): |
547 |
def getPolicies(self, dn, policies=None, attrs=None, result=None, fixedattrs=None, ldap_filter=None): |
548 |
# type: (str, List[str], Dict[str, List[Any]], Any, Any) -> Dict[str, Dict[str, Any]] |
548 |
# type: (str, List[str], Dict[str, List[Any]], Any, Any) -> Dict[str, Dict[str, Any]] |
549 |
""" |
549 |
""" |
550 |
Return |UCS| policies for |LDAP| entry. |
550 |
Return |UCS| policies for |LDAP| entry. |
551 |
|
551 |
|
552 |
:param str dn: The distinguished name of the |LDAP| entry. |
552 |
:param str dn: The distinguished name of the |LDAP| entry. |
553 |
:param list policies: List of policy object classes... |
553 |
:param list policies: List of policy DNs... |
554 |
:param dict attrs: |LDAP| attributes. If not given, the data is fetched from LDAP. |
554 |
:param dict attrs: |LDAP| attributes. If not given, the data is fetched from LDAP. |
555 |
:param result: UNUSED! |
555 |
:param result: UNUSED! |
556 |
:param fixedattrs: UNUSED! |
556 |
:param fixedattrs: UNUSED! |
Lines 582-593
class access(object):
|
Link Here
|
---|
|
582 |
obj_dn = dn |
582 |
obj_dn = dn |
583 |
while True: |
583 |
while True: |
584 |
for policy_dn in policies: |
584 |
for policy_dn in policies: |
585 |
self._merge_policy(policy_dn, obj_dn, object_classes, result) |
585 |
self._merge_policy(policy_dn, obj_dn, object_classes, result, ldap_filter) |
586 |
dn = self.parentDn(dn) |
586 |
dn = self.parentDn(dn) |
587 |
if not dn: |
587 |
if not dn: |
588 |
break |
588 |
break |
589 |
try: |
589 |
try: |
590 |
parent = self.get(dn, attr=['univentionPolicyReference'], required=True) |
590 |
parent = self.get(dn, attr=['univentionPolicyReference'], required=True, ldap_filter=ldap_filter) |
591 |
except ldap.NO_SUCH_OBJECT: |
591 |
except ldap.NO_SUCH_OBJECT: |
592 |
break |
592 |
break |
593 |
policies = parent.get('univentionPolicyReference', []) |
593 |
policies = parent.get('univentionPolicyReference', []) |
Lines 597-603
class access(object):
|
Link Here
|
---|
|
597 |
"getPolicies: result: %s" % result) |
597 |
"getPolicies: result: %s" % result) |
598 |
return result |
598 |
return result |
599 |
|
599 |
|
600 |
def _merge_policy(self, policy_dn, obj_dn, object_classes, result): |
600 |
def _merge_policy(self, policy_dn, obj_dn, object_classes, result, ldap_filter): |
601 |
# type: (str, str, Set[str], Dict[str, Dict[str, Any]]) -> None |
601 |
# type: (str, str, Set[str], Dict[str, Dict[str, Any]]) -> None |
602 |
""" |
602 |
""" |
603 |
Merge policies into result. |
603 |
Merge policies into result. |
Lines 607-613
class access(object):
|
Link Here
|
---|
|
607 |
:param object_classes set: the set of object classes of the LDAP object. |
607 |
:param object_classes set: the set of object classes of the LDAP object. |
608 |
:param result list: A mapping, into which the policy is merged. |
608 |
:param result list: A mapping, into which the policy is merged. |
609 |
""" |
609 |
""" |
610 |
pattrs = self.get(policy_dn) |
610 |
pattrs = self.get(policy_dn, ldap_filter=ldap_filter) |
611 |
if not pattrs: |
611 |
if not pattrs: |
612 |
return |
612 |
return |
613 |
|
613 |
|