diff options
Diffstat (limited to 'accounts/backend/user/ldap.py')
-rw-r--r-- | accounts/backend/user/ldap.py | 37 |
1 files changed, 3 insertions, 34 deletions
diff --git a/accounts/backend/user/ldap.py b/accounts/backend/user/ldap.py index a1ed904..fc16270 100644 --- a/accounts/backend/user/ldap.py +++ b/accounts/backend/user/ldap.py @@ -14,7 +14,7 @@ from ldap3.abstract.entry import Entry from ldap3 import Connection from . import Backend, InvalidPasswordError, NoSuchUserError, ShouldNotHappen -from accounts.models import Account, Service +from accounts.models import Account from accounts import AccountsFlask from typing import Optional @@ -54,7 +54,6 @@ class LdapBackend(Backend): self.base_dn: list[tuple[str, str]] = self.app.config["LDAP_BASE_DN"] self.admin_user: str = self.app.config["LDAP_ADMIN_USER"] self.admin_pass: str = self.app.config["LDAP_ADMIN_PASS"] - self.services: list[Service] = self.app.all_services self.admin = False self.binded = False @@ -70,7 +69,6 @@ class LdapBackend(Backend): uid = None mail = None uidNumber = None - services = [] conn.search( user_dn, "(objectClass=*)", @@ -82,13 +80,11 @@ class LdapBackend(Backend): uid = entry.uid.value mail = entry.mail.value uidNumber = entry.uidNumber.value - elif "servicePassword" in entry.objectClass.value: - services.append(entry.cn.value) if uid is None or mail is None or uidNumber is None: raise NoSuchUserError("User not found") - return Account(uid, mail, services, password, uidNumber=uidNumber) + return Account(uid, mail, password, uidNumber=uidNumber) def find(self, filters: Optional[dict[str, str]] = None, wildcard=False): """ @@ -173,10 +169,7 @@ class LdapBackend(Backend): else: conn = self._connect(account.uid, account.password) - dns = [ - [("cn", service), ("uid", account.uid), ("ou", "users")] - for service in account.services - ] + [[("uid", account.uid), ("ou", "users")]] + dns = [[("uid", account.uid), ("ou", "users")]] for dn in dns: conn.delete(self._format_dn(dn)) @@ -219,30 +212,6 @@ class LdapBackend(Backend): _, account.password = account.new_password_root account.new_password_root = None - for service, passwords in list(account.new_password_services.items()): - service_id = service.lower() - service_dn = self._format_dn( - [("cn", service_id), ("uid", account.uid), ("ou", "users")] - ) - _, new = passwords - - if new is not None: - if service_id not in account.services: - attrs = { - "objectClass": ["top", "servicePassword"], - "cn": _escape(service_id), - } - conn.add(service_dn, attributes=attrs) - account.services.append(service_id) - - _change_password(conn, service_dn, passwords, as_admin) - else: - if service_id in account.services: - conn.delete(service_dn) - account.services.remove(service_id) - - del account.new_password_services[service] - def _get_last_uidNumber(self, conn: Connection): uidNumber_dn = self._format_dn([("cn", "uidMax"), ("ou", "other")]) conn.search( |