From c8cade622a94a5eb22c16a2f845e721087cc6daf Mon Sep 17 00:00:00 2001 From: BaiJiangJie Date: Wed, 9 Oct 2019 18:36:38 +0800 Subject: [PATCH] =?UTF-8?q?[Update]=20=E4=BC=98=E5=8C=96=20LDAP=20?= =?UTF-8?q?=E5=AF=BC=E5=85=A5/=E6=90=9C=E7=B4=A2=20=E9=80=BB=E8=BE=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/settings/api.py | 7 ++++--- apps/settings/utils.py | 38 ++++++++++++++++++++++++++++---------- 2 files changed, 32 insertions(+), 13 deletions(-) diff --git a/apps/settings/api.py b/apps/settings/api.py index 82d483c5e..d327bde17 100644 --- a/apps/settings/api.py +++ b/apps/settings/api.py @@ -101,10 +101,11 @@ class LDAPUserListApi(generics.ListAPIView): def get_queryset(self): if hasattr(self, 'swagger_fake_view'): return [] - util = LDAPUtil() - + q = self.request.query_params.get('search') try: - users = util.search_user_items() + util = LDAPUtil() + extra_filter = util.construct_extra_filter(util.SEARCH_FIELD_ALL, q) + users = util.search_user_items(extra_filter) except Exception as e: users = [] logger.error(e) diff --git a/apps/settings/utils.py b/apps/settings/utils.py index fabdb3967..9ecd5d286 100644 --- a/apps/settings/utils.py +++ b/apps/settings/utils.py @@ -22,6 +22,9 @@ class LDAPOUGroupException(Exception): class LDAPUtil: _conn = None + SEARCH_FIELD_ALL = 'all' + SEARCH_FIELD_USERNAME = 'username' + def __init__(self, use_settings_config=True, server_uri=None, bind_dn=None, password=None, use_ssl=None, search_ougroup=None, search_filter=None, attr_map=None, auth_ldap=None): @@ -84,7 +87,8 @@ class LDAPUtil: def _search_user_items_ou(self, search_ou, extra_filter=None, cookie=None): search_filter = self.search_filter % {"user": "*"} if extra_filter: - search_filter = '(&({})({}))'.format(search_filter, extra_filter) + search_filter = '(&{}{})'.format(search_filter, extra_filter) + ok = self.connection.search( search_ou, search_filter, attributes=list(self.attr_map.values()), @@ -111,14 +115,10 @@ class LDAPUtil: cookie = self.connection.result['controls']['1.2.840.113556.1.4.319']['value']['cookie'] return cookie - def search_user_items(self, q=None): + def search_user_items(self, extra_filter=None): user_items = [] logger.info("Search user items") - extra_filter = '' - if q: - for attr in self.attr_map.values(): - extra_filter += '({}={})'.format(attr, q) - extra_filter = '(|{})'.format(extra_filter) + for search_ou in str(self.search_ougroup).split("|"): logger.info("Search user search ou: {}".format(search_ou)) _user_items = self._search_user_items_ou(search_ou, extra_filter=extra_filter) @@ -130,10 +130,28 @@ class LDAPUtil: logger.info("Search user items end") return user_items + def construct_extra_filter(self, field, q): + if not q: + return None + extra_filter = '' + if field == self.SEARCH_FIELD_ALL: + for attr in self.attr_map.values(): + extra_filter += '({}={})'.format(attr, q) + extra_filter = '(|{})'.format(extra_filter) + return extra_filter + + if field == self.SEARCH_FIELD_USERNAME and isinstance(q, list): + attr = self.attr_map.get('username') + for username in q: + extra_filter += '({}={})'.format(attr, username) + extra_filter = '(|{})'.format(extra_filter) + return extra_filter + def search_filter_user_items(self, username_list): - user_items = self.search_user_items() - if username_list: - user_items = [u for u in user_items if u['username'] in username_list] + extra_filter = self.construct_extra_filter( + self.SEARCH_FIELD_USERNAME, username_list + ) + user_items = self.search_user_items(extra_filter) return user_items @staticmethod