do not use a global LDAP connection, open it for each request
This commit is contained in:
parent
3677cd0c19
commit
c136f67de6
|
@ -8,7 +8,6 @@ from datetime import datetime
|
||||||
|
|
||||||
from mandaye import config
|
from mandaye import config
|
||||||
from mandaye.log import logger
|
from mandaye.log import logger
|
||||||
from mandaye.backends.default import storage_conn
|
|
||||||
|
|
||||||
def cmp_reverse_last_connection_date(x, y):
|
def cmp_reverse_last_connection_date(x, y):
|
||||||
return -cmp(x[1]['lastConnectionDate'][0], y[1]['lastConnectionDate'][0])
|
return -cmp(x[1]['lastConnectionDate'][0], y[1]['lastConnectionDate'][0])
|
||||||
|
@ -28,6 +27,14 @@ class Association(object):
|
||||||
}
|
}
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_conn():
|
||||||
|
import ldap
|
||||||
|
storage_conn = ldap.initialize(config.ldap_url)
|
||||||
|
storage_conn.protocol_version = ldap.VERSION3
|
||||||
|
storage_conn.simple_bind(config.ldap_bind_dn, config.ldap_bind_password)
|
||||||
|
return storage_conn
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def ldap2association(ldap_object):
|
def ldap2association(ldap_object):
|
||||||
return {
|
return {
|
||||||
|
@ -49,7 +56,7 @@ class Association(object):
|
||||||
def get(sp_name, idp_unique_id, idp_name='default'):
|
def get(sp_name, idp_unique_id, idp_name='default'):
|
||||||
""" return a list of dict with associations matching all of this options """
|
""" return a list of dict with associations matching all of this options """
|
||||||
associations = []
|
associations = []
|
||||||
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
||||||
filterstr='(&(objectClass=MandayeUser)(spName=%s)(idpUniqueID=%s)(idpName=%s))' % (sp_name, idp_unique_id, idp_name))
|
filterstr='(&(objectClass=MandayeUser)(spName=%s)(idpUniqueID=%s)(idpName=%s))' % (sp_name, idp_unique_id, idp_name))
|
||||||
for result in results:
|
for result in results:
|
||||||
associations.append(Association.ldap2association(result[1]))
|
associations.append(Association.ldap2association(result[1]))
|
||||||
|
@ -59,7 +66,7 @@ class Association(object):
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_by_id(asso_id):
|
def get_by_id(asso_id):
|
||||||
""" return a dict of the association with the id or None if it doesn't exist """
|
""" return a dict of the association with the id or None if it doesn't exist """
|
||||||
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
||||||
filterstr='(&(objectClass=MandayeUser)(uniqueID=%s))' %\
|
filterstr='(&(objectClass=MandayeUser)(uniqueID=%s))' %\
|
||||||
(asso_id))
|
(asso_id))
|
||||||
if results:
|
if results:
|
||||||
|
@ -69,7 +76,7 @@ class Association(object):
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def has_id(asso_id):
|
def has_id(asso_id):
|
||||||
""" check the given user is present in the directory """
|
""" check the given user is present in the directory """
|
||||||
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
||||||
filterstr='(&(objectClass=MandayeUser)(uniqueID=%s))' %\
|
filterstr='(&(objectClass=MandayeUser)(uniqueID=%s))' %\
|
||||||
(asso_id))
|
(asso_id))
|
||||||
if results:
|
if results:
|
||||||
|
@ -82,7 +89,7 @@ class Association(object):
|
||||||
""" update or create an associtaion which match the following values
|
""" update or create an associtaion which match the following values
|
||||||
return the association id
|
return the association id
|
||||||
"""
|
"""
|
||||||
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
||||||
filterstr='(&(objectClass=MandayeUser)(spName=%s)(spLogin=%s)(idpUniqueID=%s)(idpName=%s))' %\
|
filterstr='(&(objectClass=MandayeUser)(spName=%s)(spLogin=%s)(idpUniqueID=%s)(idpName=%s))' %\
|
||||||
(sp_name, sp_login, idp_unique_id, idp_name))
|
(sp_name, sp_login, idp_unique_id, idp_name))
|
||||||
if not results:
|
if not results:
|
||||||
|
@ -102,7 +109,7 @@ class Association(object):
|
||||||
unique_id = random.randint(1, 5000000)
|
unique_id = random.randint(1, 5000000)
|
||||||
dn = "uniqueID=%s,%s" % (unique_id, config.ldap_base_dn)
|
dn = "uniqueID=%s,%s" % (unique_id, config.ldap_base_dn)
|
||||||
try:
|
try:
|
||||||
result = storage_conn.add_s(dn, mod_list)
|
result = Association.get_conn().add_s(dn, mod_list)
|
||||||
except ldap.ALREADY_EXISTS:
|
except ldap.ALREADY_EXISTS:
|
||||||
continue
|
continue
|
||||||
break
|
break
|
||||||
|
@ -112,7 +119,7 @@ class Association(object):
|
||||||
results.sort(cmp_reverse_last_connection_date)
|
results.sort(cmp_reverse_last_connection_date)
|
||||||
dn = results[0][0]
|
dn = results[0][0]
|
||||||
mod_list = [(ldap.MOD_REPLACE, 'spPostValues', json.dumps(sp_post_values))]
|
mod_list = [(ldap.MOD_REPLACE, 'spPostValues', json.dumps(sp_post_values))]
|
||||||
storage_conn.modify_s(dn, mod_list)
|
Association.get_conn().modify_s(dn, mod_list)
|
||||||
logger.info("Update post values for %r (%r)", sp_login, idp_unique_id)
|
logger.info("Update post values for %r (%r)", sp_login, idp_unique_id)
|
||||||
return results[0][1]['uniqueID'][0]
|
return results[0][1]['uniqueID'][0]
|
||||||
|
|
||||||
|
@ -120,7 +127,7 @@ class Association(object):
|
||||||
def delete(asso_id):
|
def delete(asso_id):
|
||||||
""" delete the association which has the following asso_id """
|
""" delete the association which has the following asso_id """
|
||||||
dn = "uniqueID=%s,%s" % (asso_id, config.ldap_base_dn)
|
dn = "uniqueID=%s,%s" % (asso_id, config.ldap_base_dn)
|
||||||
storage_conn.delete_s(dn)
|
Association.get_conn().delete_s(dn)
|
||||||
logger.info('Delete %r association', dn)
|
logger.info('Delete %r association', dn)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
@ -128,7 +135,7 @@ class Association(object):
|
||||||
""" get the last connecting association which match the parameters
|
""" get the last connecting association which match the parameters
|
||||||
return a dict of the association
|
return a dict of the association
|
||||||
"""
|
"""
|
||||||
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
||||||
filterstr='(&(objectClass=MandayeUser)(spName=%s)(idpUniqueID=%s)(idpName=%s))' % (sp_name, idp_unique_id, idp_name))
|
filterstr='(&(objectClass=MandayeUser)(spName=%s)(idpUniqueID=%s)(idpName=%s))' % (sp_name, idp_unique_id, idp_name))
|
||||||
if results:
|
if results:
|
||||||
results.sort(cmp_reverse_last_connection_date)
|
results.sort(cmp_reverse_last_connection_date)
|
||||||
|
@ -143,11 +150,11 @@ class Association(object):
|
||||||
last_connection = datetime.utcnow().strftime("%Y%m%d%H%M%SZ")
|
last_connection = datetime.utcnow().strftime("%Y%m%d%H%M%SZ")
|
||||||
dn = "uniqueID=%s,%s" % (asso_id, config.ldap_base_dn)
|
dn = "uniqueID=%s,%s" % (asso_id, config.ldap_base_dn)
|
||||||
mod_list = [(ldap.MOD_REPLACE, 'lastConnectionDate', last_connection)]
|
mod_list = [(ldap.MOD_REPLACE, 'lastConnectionDate', last_connection)]
|
||||||
storage_conn.modify_s(dn, mod_list)
|
Association.get_conn().modify_s(dn, mod_list)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def has_sp_login(sp_login, sp_name):
|
def has_sp_login(sp_login, sp_name):
|
||||||
results = storage_conn.search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
results = Association.get_conn().search_s(config.ldap_base_dn, ldap.SCOPE_ONELEVEL,
|
||||||
filterstr='(&(objectClass=MandayeUser)(spName=%s)(spLogin=%s))' %\
|
filterstr='(&(objectClass=MandayeUser)(spName=%s)(spLogin=%s))' %\
|
||||||
(sp_name, sp_login))
|
(sp_name, sp_login))
|
||||||
if results:
|
if results:
|
||||||
|
|
Reference in New Issue