entrouvert
/
mandaye
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity

do not use a global LDAP connection, open it for each request

This commit is contained in:
Benjamin Dauvergne 2016-04-22 11:01:56 +02:00
parent 3677cd0c19
commit c136f67de6
1 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
mandaye/backends/ldap_back.py
View File

@ -8,7 +8,6 @@ from datetime import datetime
from mandaye import config from mandaye import config
from mandaye.log import logger from mandaye.log import logger
from mandaye.backends.default import storage_conn
def cmp_reverse_last_connection_date(x, y): def cmp_reverse_last_connection_date(x, y):
return -cmp(x[1]['lastConnectionDate'][0], y[1]['lastConnectionDate'][0]) return -cmp(x[1]['lastConnectionDate'][0], y[1]['lastConnectionDate'][0])
@ -28,6 +27,14 @@ class Association(object):
} }
""" """
@staticmethod
def get_conn():
import ldap
storage_conn = ldap.initialize(config.ldap_url)
storage_conn.protocol_version = ldap.VERSION3
storage_conn.simple_bind(config.ldap_bind_dn, config.ldap_bind_password)
return storage_conn
@staticmethod @staticmethod
def ldap2association(ldap_object): def ldap2association(ldap_object):
return { return {
@ -49,7 +56,7 @@ class Association(object):
def get(sp_name, idp_unique_id, idp_name='default'): def get(sp_name, idp_unique_id, idp_name='default'):
""" return a list of dict with associations matching all of this options """ """ return a list of dict with associations matching all of this options """
associations = [] associations = []
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL, results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
filterstr='(&(objectClass=MandayeUser)(spName=%s)(idpUniqueID=%s)(idpName=%s))' % (sp_name, idp_unique_id, idp_name)) filterstr='(&(objectClass=MandayeUser)(spName=%s)(idpUniqueID=%s)(idpName=%s))' % (sp_name, idp_unique_id, idp_name))
for result in results: for result in results:
associations.append(Association.ldap2association(result[1])) associations.append(Association.ldap2association(result[1]))
@ -59,7 +66,7 @@ class Association(object):
@staticmethod @staticmethod
def get_by_id(asso_id): def get_by_id(asso_id):
""" return a dict of the association with the id or None if it doesn't exist """ """ return a dict of the association with the id or None if it doesn't exist """
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL, results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
filterstr='(&(objectClass=MandayeUser)(uniqueID=%s))' %\ filterstr='(&(objectClass=MandayeUser)(uniqueID=%s))' %\
(asso_id)) (asso_id))
if results: if results:
@ -69,7 +76,7 @@ class Association(object):
@staticmethod @staticmethod
def has_id(asso_id): def has_id(asso_id):
""" check the given user is present in the directory """ """ check the given user is present in the directory """
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL, results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
filterstr='(&(objectClass=MandayeUser)(uniqueID=%s))' %\ filterstr='(&(objectClass=MandayeUser)(uniqueID=%s))' %\
(asso_id)) (asso_id))
if results: if results:
@ -82,7 +89,7 @@ class Association(object):
""" update or create an associtaion which match the following values """ update or create an associtaion which match the following values
return the association id return the association id
""" """
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL, results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
filterstr='(&(objectClass=MandayeUser)(spName=%s)(spLogin=%s)(idpUniqueID=%s)(idpName=%s))' %\ filterstr='(&(objectClass=MandayeUser)(spName=%s)(spLogin=%s)(idpUniqueID=%s)(idpName=%s))' %\
(sp_name, sp_login, idp_unique_id, idp_name)) (sp_name, sp_login, idp_unique_id, idp_name))
if not results: if not results:
@ -102,7 +109,7 @@ class Association(object):
unique_id = random.randint(1, 5000000) unique_id = random.randint(1, 5000000)
dn = "uniqueID=%s,%s" % (unique_id, config.ldap_base_dn) dn = "uniqueID=%s,%s" % (unique_id, config.ldap_base_dn)
try: try:
result = storage_conn.add_s(dn, mod_list) result = Association.get_conn().add_s(dn, mod_list)
except ldap.ALREADY_EXISTS: except ldap.ALREADY_EXISTS:
continue continue
break break
@ -112,7 +119,7 @@ class Association(object):
results.sort(cmp_reverse_last_connection_date) results.sort(cmp_reverse_last_connection_date)
dn = results[0][0] dn = results[0][0]
mod_list = [(ldap.MOD_REPLACE, 'spPostValues', json.dumps(sp_post_values))] mod_list = [(ldap.MOD_REPLACE, 'spPostValues', json.dumps(sp_post_values))]
storage_conn.modify_s(dn, mod_list) Association.get_conn().modify_s(dn, mod_list)
logger.info("Update post values for %r (%r)", sp_login, idp_unique_id) logger.info("Update post values for %r (%r)", sp_login, idp_unique_id)
return results[0][1]['uniqueID'][0] return results[0][1]['uniqueID'][0]
@ -120,7 +127,7 @@ class Association(object):
def delete(asso_id): def delete(asso_id):
""" delete the association which has the following asso_id """ """ delete the association which has the following asso_id """
dn = "uniqueID=%s,%s" % (asso_id, config.ldap_base_dn) dn = "uniqueID=%s,%s" % (asso_id, config.ldap_base_dn)
storage_conn.delete_s(dn) Association.get_conn().delete_s(dn)
logger.info('Delete %r association', dn) logger.info('Delete %r association', dn)
@staticmethod @staticmethod
@ -128,7 +135,7 @@ class Association(object):
""" get the last connecting association which match the parameters """ get the last connecting association which match the parameters
return a dict of the association return a dict of the association
""" """
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL, results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
filterstr='(&(objectClass=MandayeUser)(spName=%s)(idpUniqueID=%s)(idpName=%s))' % (sp_name, idp_unique_id, idp_name)) filterstr='(&(objectClass=MandayeUser)(spName=%s)(idpUniqueID=%s)(idpName=%s))' % (sp_name, idp_unique_id, idp_name))
if results: if results:
results.sort(cmp_reverse_last_connection_date) results.sort(cmp_reverse_last_connection_date)
@ -143,11 +150,11 @@ class Association(object):
last_connection = datetime.utcnow().strftime("%Y%m%d%H%M%SZ") last_connection = datetime.utcnow().strftime("%Y%m%d%H%M%SZ")
dn = "uniqueID=%s,%s" % (asso_id, config.ldap_base_dn) dn = "uniqueID=%s,%s" % (asso_id, config.ldap_base_dn)
mod_list = [(ldap.MOD_REPLACE, 'lastConnectionDate', last_connection)] mod_list = [(ldap.MOD_REPLACE, 'lastConnectionDate', last_connection)]
storage_conn.modify_s(dn, mod_list) Association.get_conn().modify_s(dn, mod_list)
@staticmethod @staticmethod
def has_sp_login(sp_login, sp_name): def has_sp_login(sp_login, sp_name):
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL, results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
filterstr='(&(objectClass=MandayeUser)(spName=%s)(spLogin=%s))' %\ filterstr='(&(objectClass=MandayeUser)(spName=%s)(spLogin=%s))' %\
(sp_name, sp_login)) (sp_name, sp_login))
if results: if results: