[CalendarServer-changes] [14114] twext/trunk/twext/who/ldap

Tue Oct 28 11:07:22 PDT 2014

Revision: 14114
          http://trac.calendarserver.org//changeset/14114
Author:   sagen at apple.com
Date:     2014-10-28 11:07:22 -0700 (Tue, 28 Oct 2014)
Log Message:
-----------
Support per recordType filters; work with new mockldap

Modified Paths:
--------------
    twext/trunk/twext/who/ldap/_service.py
    twext/trunk/twext/who/ldap/test/test_service.py

Modified: twext/trunk/twext/who/ldap/_service.py
===================================================================

--- twext/trunk/twext/who/ldap/_service.py	2014-10-28 15:26:59 UTC (rev 14113)
+++ twext/trunk/twext/who/ldap/_service.py	2014-10-28 18:07:22 UTC (rev 14114)
@@ -229,7 +229,7 @@
         useTLS=False,
         fieldNameToAttributesMap=DEFAULT_FIELDNAME_ATTRIBUTE_MAP,
         recordTypeSchemas=DEFAULT_RECORDTYPE_SCHEMAS,
-        extraFilter=None,
+        extraFilters=None,
         ownThreadpool=True,
         threadPoolMax=10,
         connectionMax=10,
@@ -267,9 +267,9 @@
         @type recordTypeSchemas: mapping from L{NamedConstant} to
             L{RecordTypeSchema}
 
-        @param extraFilter: An extra filter fragment to AND in to any generated
-            queries.
-        @type extraFilter: L{unicode}
+        @param extraFilters: A dict (keyed off recordType) of extra filter
+            fragments to AND in to any generated queries.
+        @type extraFilters: L{dicts} of L{unicode}
 
         """
 
@@ -277,7 +277,7 @@
         self._baseDN = baseDN
         self._credentials = credentials
         self._timeout = timeout
-        self._extraFilter = extraFilter
+        self._extraFilters = extraFilters
 
         if tlsCACertificateFile is None:
             self._tlsCACertificateFile = None
@@ -587,10 +587,10 @@
         )
 
 
-    def _addExtraFilter(self, queryString):
-        if self._extraFilter:
+    def _addExtraFilter(self, recordType, queryString):
+        if self._extraFilters and self._extraFilters.get(recordType, ""):
             queryString = "(&{extra}{query})".format(
-                extra=self._extraFilter, query=queryString
+                extra=self._extraFilters[recordType], query=queryString
             )
         return queryString
 
@@ -603,8 +603,6 @@
         This method is always called in a thread.
         """
 
-        queryString = self._addExtraFilter(queryString)
-
         records = []
 
         with DirectoryService.Connection(self) as connection:
@@ -629,10 +627,11 @@
                     ldap.dn.str2dn(rdn.lower()) +
                     ldap.dn.str2dn(self._baseDN.lower())
                 )
+                filteredQuery=self._addExtraFilter(recordType, queryString)
                 self.log.debug(
                     "Performing LDAP query: {rdn} {query} {recordType}{limit}{timeout}",
                     rdn=rdn,
-                    query=queryString,
+                    query=filteredQuery,
                     recordType=recordType,
                     limit=" limit={}".format(limitResults) if limitResults else "",
                     timeout=" timeout={}".format(timeoutSeconds) if timeoutSeconds else "",
@@ -642,7 +641,7 @@
                     s.startSearch(
                         ldap.dn.dn2str(rdn),
                         ldap.SCOPE_SUBTREE,
-                        queryString,
+                        filteredQuery,
                         attrList=self._attributesToFetch,
                         timeout=timeoutSeconds if timeoutSeconds else -1,
                         sizelimit=limitResults if limitResults else 0

Modified: twext/trunk/twext/who/ldap/test/test_service.py
===================================================================
--- twext/trunk/twext/who/ldap/test/test_service.py	2014-10-28 15:26:59 UTC (rev 14113)
+++ twext/trunk/twext/who/ldap/test/test_service.py	2014-10-28 18:07:22 UTC (rev 14114)
@@ -443,22 +443,28 @@
         self.assertEquals(repr(service), u"<TestService u'ldap://localhost/'>")
 
 
-class ExtraFilterTest(BaseTestCase, unittest.TestCase):
+class ExtraFiltersTest(BaseTestCase, unittest.TestCase):
 
-    def test_extra(self):
-        service = self.service(extraFilter="(foo=1)")
+    def test_extraFilters(self):
+        extraFilters = {
+            RecordType.user: "(foo=1)",
+        }
+        service = self.service(extraFilters=extraFilters)
         self.assertEquals(
             "(&(foo=1)(bar=2))",
-            service._addExtraFilter("(bar=2)")
+            service._addExtraFilter(RecordType.user, "(bar=2)")
         )
+        self.assertEquals(
+            "(bar=2)",
+            service._addExtraFilter(RecordType.group, "(bar=2)")
+        )
 
-        service = self.service(extraFilter=None)
+        service = self.service(extraFilters=None)
         self.assertEquals(
             "(bar=2)",
-            service._addExtraFilter("(bar=2)")
+            service._addExtraFilter(RecordType.group, "(bar=2)")
         )
 
-
 class RecordsFromReplyTest(BaseTestCase, unittest.TestCase):
 
     def test_boolean(self):
@@ -548,6 +554,11 @@
             return schema.attributes
 
         else:
+
+            # mockldap requires data in this structure: {dn: {attr: [values]}}
+            if not isinstance(fieldValue, (tuple, list)):
+                fieldValue = [fieldValue]
+
             # Question: why convert to unicode?  We get utf-8 encoded strings
             # back from a real LDAP server, don't we?
             value = toUnicode(fieldValue)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20141028/4b8492f8/attachment-0001.html>
