| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
|\
| |
| |
| |
| | |
Conflicts:
account.py
|
| | |
|
|/ |
|
| |
|
| |
|
| |
|
|
|
|
| |
To use wildcards you have to use find(..., wildcard=True) otherwise the wildcard gets escaped.
|
|\ |
|
| | |
|
| | |
|
|/
|
|
|
| |
with modify_s passwords will be saved in plain text (base64 encoded). To prevent this
security issue we use passwd_s instead of modify_s.
|
|
|
|
|
|
|
| |
examples:
service.find() # find all users
service.find_by_uid('test') # find users by uid
service.find_by_mail('test@test.de') # find users by mail
|
|
|
|
|
| |
That functionality requires searching through the subtree for services
to be deleted etc.
|
| |
|
| |
|
|
|
|
|
| |
This makes it possible to call the methods (find, register, etc) without
specifying the admin credentials each time again.
|
|\ |
|
| | |
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
AccountService is now stateless. That means every request needs its own authentication
request (bind).
Usage examples:
* register a new user
>> service = AccountService(LDAP_HOST, LDAP_BASE_DN,SERVICES)
>> foo = Account('foo','foo@bar.de', password='bar')
>> service.register(foo, LDAP_ADMIN_USER, LDAP_ADMIN_PASS)
* authenticate a new user
>> service = AccountService(LDAP_HOST, LDAP_BASE_DN,SERVICES)
>> foo = service.auth('foo', 'bar')
* updates an account
>> foo.change_mail('a@b.de')
>> foo.change_password('bar2') # changes root password
>> foo.change_password('bar2', 'gitlab') # changes password for gitlab
>> service.update(foo) # save changes in ldap backend
# save changes in ldap backend as admin user
>> service.update(foo, LDAP_ADMIN_USER, LDAP_ADMIN_USER)
* delete an account
>> service = AccountService(LDAP_HOST, LDAP_BASE_DN,SERVICES)
>> service.delete(Account)
>> service.delete('foo')
* find accounts
>> service = AccountService(LDAP_HOST, LDAP_BASE_DN,SERVICES)
>> all_accounts = service.find(LDAP_ADMIN_USER, LDAP_ADMIN_PASS)
>> print([x.uid for x in all_accounts])
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To auth, register, update or delete an account you have to use the
AccountService class. A basic usage could be the following:
# Simple auth
service = AccountService(LDAP_HOST, LDAP_BASE_DN, LDAP_ADMIN_USER, LDAP_ADMIN_PASS)
acc = service.auth('test', 'secret') # Authenticate against some credentials
print('Mail: %s' % acc.mail)
# Account creation, updating and deletion
a = Account('foo', 'foo@bar.de', password='foobar')
service.register(a) # create
a.mail = 'bar@foo.de'
service.update(a) # update
service.delete(a.uid) # deletete
|
| |
|
|
|