[CalendarServer-changes] [11574] CalendarServer/trunk/twistedcaldav/directory
source_changes at macosforge.org
source_changes at macosforge.org
Wed Jul 31 21:20:25 PDT 2013
Revision: 11574
http://trac.calendarserver.org//changeset/11574
Author: sagen at apple.com
Date: 2013-07-31 21:20:25 -0700 (Wed, 31 Jul 2013)
Log Message:
-----------
Handle lowercase GUIDs from LDAP
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py
Modified: CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2013-08-01 00:05:09 UTC (rev 11573)
+++ CalendarServer/trunk/twistedcaldav/directory/ldapdirectory.py 2013-08-01 04:20:25 UTC (rev 11574)
@@ -56,7 +56,7 @@
CachingDirectoryRecord)
from twistedcaldav.directory.directory import DirectoryConfigurationError
from twistedcaldav.directory.augment import AugmentRecord
-from twistedcaldav.directory.util import splitIntoBatches
+from twistedcaldav.directory.util import splitIntoBatches, normalizeUUID
from twisted.internet.defer import succeed, inlineCallbacks, returnValue
from twisted.internet.threads import deferToThread
from twext.python.log import Logger
@@ -348,7 +348,7 @@
records.append(record)
if numMissingGuids:
- self.log.info("{num} {recordType] records are missing {attr}",
+ self.log.info("{num} {recordType} records are missing {attr}",
num=numMissingGuids, recordType=recordType, attr=guidAttr)
return records
@@ -405,12 +405,15 @@
dn = normalizeDNstr(dn)
guid = self._getUniqueLdapAttribute(attrs, guidAttr)
if guid:
+ guid = normalizeUUID(guid)
readDelegate = self._getUniqueLdapAttribute(attrs, readAttr)
if readDelegate:
+ readDelegate = normalizeUUID(readDelegate)
assignments.append(("%s#calendar-proxy-read" % (guid,),
[readDelegate]))
writeDelegate = self._getUniqueLdapAttribute(attrs, writeAttr)
if writeDelegate:
+ writeDelegate = normalizeUUID(writeDelegate)
assignments.append(("%s#calendar-proxy-write" % (guid,),
[writeDelegate]))
@@ -782,6 +785,7 @@
if not guid:
self.log.debug("LDAP data for %s is missing guid attribute %s" % (shortNames, guidAttr))
raise MissingGuidException()
+ guid = normalizeUUID(guid)
# Find or build email
# (The emailAddresses mapping is a list of ldap fields)
Modified: CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py 2013-08-01 00:05:09 UTC (rev 11573)
+++ CalendarServer/trunk/twistedcaldav/directory/test/test_ldapdirectory.py 2013-08-01 04:20:25 UTC (rev 11574)
@@ -330,6 +330,10 @@
key, value = fragment.split("=")
if value in attrs.get(key, []):
results.append(("ignored", (dn, attrs)))
+ break
+ elif value == "*" and key in attrs:
+ results.append(("ignored", (dn, attrs)))
+ break
return results
@@ -401,7 +405,8 @@
"uid=odtestamanda,cn=users,dc=example,dc=com",
{
'uid': ['odtestamanda'],
- 'apple-generateduid': ['9DC04A70-E6DD-11DF-9492-0800200C9A66'],
+ # purposely throw in an un-normalized GUID
+ 'apple-generateduid': ['9dc04a70-e6dd-11df-9492-0800200c9a66'],
'sn': ['Test'],
'mail': ['odtestamanda at example.com', 'alternate at example.com'],
'givenName': ['Amanda'],
@@ -452,6 +457,30 @@
'cn': ['Wilfredo Sanchez']
}
),
+ (
+ "uid=testresource , cn=resources , dc=example,dc=com",
+ {
+ 'uid': ['testresource'],
+ 'apple-generateduid': ['D91B21B9-B856-495A-8E36-0E5AD54EFB3A'],
+ 'sn': ['Resource'],
+ 'givenName': ['Test'],
+ 'cn': ['Test Resource'],
+ # purposely throw in an un-normalized GUID
+ 'read-write-proxy' : ['6423f94a-6b76-4a3a-815b-d52cfd77935d'],
+ 'read-only-proxy' : ['5A985493-EE2C-4665-94CF-4DFEA3A89500'],
+ }
+ ),
+ (
+ "uid=testresource2 , cn=resources , dc=example,dc=com",
+ {
+ 'uid': ['testresource2'],
+ 'apple-generateduid': ['753E5A60-AFFD-45E4-BF2C-31DAB459353F'],
+ 'sn': ['Resource2'],
+ 'givenName': ['Test'],
+ 'cn': ['Test Resource2'],
+ 'read-write-proxy' : ['6423F94A-6B76-4A3A-815B-D52CFD77935D'],
+ }
+ ),
),
{
"augmentService" : None,
@@ -546,8 +575,8 @@
"resourceSchema": {
"resourceInfoAttr": "apple-resource-info", # contains location/resource info
"autoScheduleAttr": None,
- "proxyAttr": None,
- "readOnlyProxyAttr": None,
+ "proxyAttr": "read-write-proxy",
+ "readOnlyProxyAttr": "read-only-proxy",
"autoAcceptGroupAttr": None,
},
"partitionSchema": {
@@ -1227,6 +1256,7 @@
self.assertEquals(
len(self.service.ldap.search_s("cn=groups,dc=example,dc=com", 0, "(|(apple-generateduid=right_coast)(apple-generateduid=left_coast))", [])), 2)
+
def test_ldapRecordCreation(self):
"""
Exercise _ldapResultToRecord(), which converts a dictionary
@@ -1468,6 +1498,21 @@
self.assertEquals(record.autoAcceptGroup,
'77A8EB52-AA2A-42ED-8843-B2BEE863AC70')
+ # Record with lowercase guid
+ dn = "uid=odtestamanda,cn=users,dc=example,dc=com"
+ guid = '9dc04a70-e6dd-11df-9492-0800200c9a66'
+ attrs = {
+ 'uid': ['odtestamanda'],
+ 'apple-generateduid': [guid],
+ 'sn': ['Test'],
+ 'mail': ['odtestamanda at example.com', 'alternate at example.com'],
+ 'givenName': ['Amanda'],
+ 'cn': ['Amanda Test']
+ }
+ record = self.service._ldapResultToRecord(dn, attrs,
+ self.service.recordType_users)
+ self.assertEquals(record.guid, guid.upper())
+
def test_listRecords(self):
"""
listRecords makes an LDAP query (with fake results in this test)
@@ -1576,7 +1621,7 @@
@inlineCallbacks
def test_groupMembershipAliases(self):
"""
- Exercise a directory enviornment where group membership does not refer
+ Exercise a directory environment where group membership does not refer
to guids but instead uses LDAP DNs. This example uses the LDAP attribute
"uniqueMember" to specify members of a group. The value of this attribute
is each members' DN. Even though the proxy database deals strictly in
@@ -1608,6 +1653,26 @@
self.assertEquals(groups, (yield record.cachedGroups()))
+ def test_getExternalProxyAssignments(self):
+ """
+ Verify getExternalProxyAssignments can extract assignments from the
+ directory, and that guids are normalized.
+ """
+ self.setupService(self.nestedUsingDifferentAttributeUsingDN)
+ self.assertEquals(
+ self.service.getExternalProxyAssignments(),
+ [
+ ('D91B21B9-B856-495A-8E36-0E5AD54EFB3A#calendar-proxy-read',
+ ['5A985493-EE2C-4665-94CF-4DFEA3A89500']),
+ ('D91B21B9-B856-495A-8E36-0E5AD54EFB3A#calendar-proxy-write',
+ ['6423F94A-6B76-4A3A-815B-D52CFD77935D']),
+ ('753E5A60-AFFD-45E4-BF2C-31DAB459353F#calendar-proxy-write',
+ ['6423F94A-6B76-4A3A-815B-D52CFD77935D'])
+ ]
+ )
+
+
+
def test_splitIntoBatches(self):
self.setupService(self.nestedUsingDifferentAttributeUsingDN)
# Data is perfect multiple of size
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20130731/c2b6164e/attachment-0001.html>
More information about the calendarserver-changes
mailing list