[tryton-debian-vcs] tryton-modules-ldap-authentication branch upstream updated. upstream/3.2.1-1-gd32b2f5
Mathias Behrle
tryton-debian-vcs at alioth.debian.org
Thu Oct 23 12:16:12 UTC 2014
The following commit has been merged in the upstream branch:
https://alioth.debian.org/plugins/scmgit/cgi-bin/gitweb.cgi/?p=tryton/tryton-modules-ldap-authentication.git;a=commitdiff;h=upstream/3.2.1-1-gd32b2f5
commit d32b2f5875aaa0ccd625c9312cf4abcd96b23b27
Author: Mathias Behrle <mathiasb at m9s.biz>
Date: Tue Oct 21 11:29:14 2014 +0200
Adding upstream version 3.4.0.
Signed-off-by: Mathias Behrle <mathiasb at m9s.biz>
diff --git a/CHANGELOG b/CHANGELOG
index 5688849..109cd4e 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,6 @@
-Version 3.2.1 - 2014-08-03
+Version 3.4.0 - 2014-10-20
* Bug fixes (see mercurial logs for details)
+* Use trytond configuration for connection
Version 3.2.0 - 2014-04-21
* Bug fixes (see mercurial logs for details)
diff --git a/PKG-INFO b/PKG-INFO
index 759c5cb..2889fc0 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,12 +1,12 @@
Metadata-Version: 1.1
Name: trytond_ldap_authentication
-Version: 3.2.1
+Version: 3.4.0
Summary: Tryton module to authenticate users through LDAP
Home-page: http://www.tryton.org/
Author: Tryton
Author-email: issue_tracker at tryton.org
License: GPL-3
-Download-URL: http://downloads.tryton.org/3.2/
+Download-URL: http://downloads.tryton.org/3.4/
Description: trytond_ldap_authentication
===========================
diff --git a/__init__.py b/__init__.py
index 2bc2b00..c79ab3e 100644
--- a/__init__.py
+++ b/__init__.py
@@ -2,12 +2,10 @@
#this repository contains the full copyright notices and license terms.
from trytond.pool import Pool
-from .connection import *
from .res import *
def register():
Pool.register(
- Connection,
User,
module='ldap_authentication', type_='model')
diff --git a/connection.py b/connection.py
deleted file mode 100644
index 8120132..0000000
--- a/connection.py
+++ /dev/null
@@ -1,36 +0,0 @@
-#This file is part of Tryton. The COPYRIGHT file at the top level of
-#this repository contains the full copyright notices and license terms.
-from trytond.model import fields
-from trytond.pool import PoolMeta
-
-__all__ = ['Connection']
-__metaclass__ = PoolMeta
-
-
-class Connection:
- __name__ = 'ldap.connection'
-
- auth_uid = fields.Char('UID', help='UID Attribute for authentication',
- required=True)
- auth_base_dn = fields.Char('Base DN', help='Base DN for authentication',
- required=True)
- auth_require_filter = fields.Char('Require Filter')
- auth_scope = fields.Selection([
- ('base', 'Base'),
- ('onelevel', 'OneLevel'),
- ('subtree', 'Subtree'),
- ], 'Scope', required=True)
- auth_create_user = fields.Boolean('Create User',
- help='Create user if not in database')
-
- @staticmethod
- def default_auth_uid():
- return 'uid'
-
- @staticmethod
- def default_auth_scope():
- return 'base'
-
- @staticmethod
- def default_auth_create_user():
- return False
diff --git a/connection.xml b/connection.xml
deleted file mode 100644
index 1b5bb22..0000000
--- a/connection.xml
+++ /dev/null
@@ -1,13 +0,0 @@
-<?xml version="1.0"?>
-<!-- This file is part of Tryton. The COPYRIGHT file at the top level of
-this repository contains the full copyright notices and license terms. -->
-<tryton>
- <data>
- <record model="ir.ui.view" id="connection_view_form">
- <field name="model">ldap.connection</field>
- <field name="type">form</field>
- <field name="inherit" ref="ldap_connection.connection_view_form"/>
- <field name="name">connection_form</field>
- </record>
- </data>
-</tryton>
diff --git a/doc/index.rst b/doc/index.rst
new file mode 100644
index 0000000..f5c48a7
--- /dev/null
+++ b/doc/index.rst
@@ -0,0 +1,37 @@
+LDAP Authentication Module
+##########################
+
+The LDAP authentication module allows to authenticate users via a LDAP server.
+
+The configuration of the LDAP connection is set in the `ldap_authentication`
+section.
+
+Configuration
+*************
+
+uri
+---
+
+The LDAP URL to use to connect to the server following the RFC-2255_.
+
+bind_pass
+---------
+
+The LDAP password used to bind if needed.
+
+active_directory
+----------------
+
+A boolean to set if the LDAP server is an Active Directory.
+
+uid
+---
+
+The UID Attribute for authentication (default is `uid`).
+
+create_user
+-----------
+
+A boolean to create user if not in the database.
+
+.. _RFC-2255: http://tools.ietf.org/html/rfc2255
diff --git a/locale/bg_BG.po b/locale/bg_BG.po
index ad33793..a28cfa2 100644
--- a/locale/bg_BG.po
+++ b/locale/bg_BG.po
@@ -5,51 +5,3 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
msgstr ""
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr "Base DN"
-
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr "Създадено от"
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr "Допълнителен филтър"
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr "Обсег"
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr "UID"
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr "Base DN за проверка"
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr "Създаване на потребител ако го няма в базата данни"
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr "UID атрибут за проверка"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr "Основа"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr "Едно ниво"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr "Поддърво"
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr "Проверка"
diff --git a/locale/ca_ES.po b/locale/ca_ES.po
index d952d54..fcaeadb 100644
--- a/locale/ca_ES.po
+++ b/locale/ca_ES.po
@@ -5,51 +5,3 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
msgstr "No podeu canviar la contrasenya de l'usuari \"%s\" d'LDAP."
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr "DN base"
-
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr "Crea usuari"
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr "Filtre requerit"
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr "Àmbit"
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr "UID"
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr "DN base per a l'autenticació."
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr "Crea l'usuari si no existeix a la base de dades."
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr "Atribut UID per a l'autenticació."
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr "Base"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr "UnNivell"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr "Subarbre"
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr "Autenticació"
diff --git a/locale/cs_CZ.po b/locale/cs_CZ.po
index 31a305f..a28cfa2 100644
--- a/locale/cs_CZ.po
+++ b/locale/cs_CZ.po
@@ -5,51 +5,3 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
msgstr ""
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr ""
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr ""
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr ""
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr ""
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr ""
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr ""
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr ""
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr ""
diff --git a/locale/de_DE.po b/locale/de_DE.po
index 8de1388..a8d16b5 100644
--- a/locale/de_DE.po
+++ b/locale/de_DE.po
@@ -5,51 +5,3 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
msgstr "Passwort von LDAP-Benutzer \"%s\" kann nicht gesetzt werden."
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr "Basis DN"
-
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr "Benutzer erstellen"
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr "Require Filter"
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr "Suchbereich"
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr "UID"
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr "Basis DN für die Authentifizierung"
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr "Erstellt den Benutzer, wenn er nicht in der Datenbank vorhanden ist"
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr "UID-Attribut für die Authentifizierung"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr "Base"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr "OneLevel"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr "Subtree"
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr "Authentifizierung"
diff --git a/locale/es_AR.po b/locale/es_AR.po
index 19ddfc4..fea3d1d 100644
--- a/locale/es_AR.po
+++ b/locale/es_AR.po
@@ -5,51 +5,3 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
msgstr "No puede establecer la contraseña del usuario LDAP «%s»."
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr "DN base"
-
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr "Crear usuario"
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr "Filtro requerido"
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr "Ámbito"
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr "UID"
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr "DN base para la autentificación"
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr "Crea el usuario si no existe en la base de datos"
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr "Atributo UID para la autentificación"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr "Base"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr "UnNivel"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr "Subárbol"
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr "Autentificación"
diff --git a/locale/es_CO.po b/locale/es_CO.po
index e36d68f..3ca3fe7 100644
--- a/locale/es_CO.po
+++ b/locale/es_CO.po
@@ -4,52 +4,4 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr "DN base"
-
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr "Creado por Usuario"
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr "Filtro requerido"
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr "Ámbito"
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr "UID"
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr "DN base para la autenticación"
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr "Crea el usuario si no existe en la base de datos"
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr "Atributo UID para la autenticación"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr "Base"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr "UnNivel"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr "Subárbol"
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr "Autenticación"
+msgstr "No puede fijar la contraseña del usuario ldap \"%s\"."
diff --git a/locale/es_EC.po b/locale/es_EC.po
new file mode 100644
index 0000000..2ad3b17
--- /dev/null
+++ b/locale/es_EC.po
@@ -0,0 +1,7 @@
+#
+msgid ""
+msgstr "Content-Type: text/plain; charset=utf-8\n"
+
+msgctxt "error:res.user:"
+msgid "You can not set the password of ldap user \"%s\"."
+msgstr "No puede establecer la contraseña del usuario LDAP \"%s\"."
diff --git a/locale/es_ES.po b/locale/es_ES.po
index 528af21..e2c2606 100644
--- a/locale/es_ES.po
+++ b/locale/es_ES.po
@@ -5,51 +5,3 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
msgstr "No puede cambiar la contraseña del usuario \"%s\" de LDAP."
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr "DN base"
-
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr "Crear usuario"
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr "Filtro requerido"
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr "Ámbito"
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr "UID"
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr "DN base para la autenticación."
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr "Crea un usuario si no existe en la base de datos."
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr "Atributo UID para la autenticación."
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr "Base"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr "UnNivel"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr "Subárbol"
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr "Autenticación"
diff --git a/locale/fr_FR.po b/locale/fr_FR.po
index d43b296..6ddf73a 100644
--- a/locale/fr_FR.po
+++ b/locale/fr_FR.po
@@ -4,52 +4,5 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
-msgstr "Vous ne pouvez pas définir le mot de passe de l'utilisateur LDAP \"%s\"."
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr "DN de base"
-
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr "Créer l'utilisateur"
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr "Filtre requis"
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr "Portée"
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr "UID"
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr "DN de base pour l'authentification"
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr "Créer l'utilisateur s'il n'est pas dans la base de données"
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr "Attribut UID de l'authentification"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr "Base"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr "Un niveau"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr "Sous-arbre"
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr "Authentification"
+msgstr ""
+"Vous ne pouvez pas définir le mot de passe de l'utilisateur LDAP « %s »."
diff --git a/locale/nl_NL.po b/locale/nl_NL.po
index 4a87ea1..a28cfa2 100644
--- a/locale/nl_NL.po
+++ b/locale/nl_NL.po
@@ -5,52 +5,3 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
msgstr ""
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr ""
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr ""
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr ""
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr ""
-
-#, fuzzy
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr "Basisbedrag"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr ""
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr ""
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr ""
diff --git a/locale/ru_RU.po b/locale/ru_RU.po
index 9fff19c..a28cfa2 100644
--- a/locale/ru_RU.po
+++ b/locale/ru_RU.po
@@ -5,53 +5,3 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
msgstr ""
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr ""
-
-#, fuzzy
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr "Создано пользователем"
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr ""
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr ""
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr ""
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr ""
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr ""
-
-#, fuzzy
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr "База"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr ""
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr ""
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr ""
diff --git a/locale/sl_SI.po b/locale/sl_SI.po
index 65cc365..8e7d6d9 100644
--- a/locale/sl_SI.po
+++ b/locale/sl_SI.po
@@ -5,51 +5,3 @@ msgstr "Content-Type: text/plain; charset=utf-8\n"
msgctxt "error:res.user:"
msgid "You can not set the password of ldap user \"%s\"."
msgstr "Za LDAP uporabnika \"%s\" ni možno nastaviti gesla."
-
-msgctxt "field:ldap.connection,auth_base_dn:"
-msgid "Base DN"
-msgstr "Osnovni DN"
-
-msgctxt "field:ldap.connection,auth_create_user:"
-msgid "Create User"
-msgstr "Ustvari uporabnika"
-
-msgctxt "field:ldap.connection,auth_require_filter:"
-msgid "Require Filter"
-msgstr "Zahtevan filter"
-
-msgctxt "field:ldap.connection,auth_scope:"
-msgid "Scope"
-msgstr "Pristojnost"
-
-msgctxt "field:ldap.connection,auth_uid:"
-msgid "UID"
-msgstr "UID"
-
-msgctxt "help:ldap.connection,auth_base_dn:"
-msgid "Base DN for authentication"
-msgstr "Osnovni DN za avtentifikacijo"
-
-msgctxt "help:ldap.connection,auth_create_user:"
-msgid "Create user if not in database"
-msgstr "Ustvari uporabnik, če ga ni v bazi podatkov"
-
-msgctxt "help:ldap.connection,auth_uid:"
-msgid "UID Attribute for authentication"
-msgstr "Atribut UID za avtentifikacijo"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Base"
-msgstr "Osnova"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "OneLevel"
-msgstr "Ena raven"
-
-msgctxt "selection:ldap.connection,auth_scope:"
-msgid "Subtree"
-msgstr "Poddrevo"
-
-msgctxt "view:ldap.connection:"
-msgid "Authentication"
-msgstr "Avtentifikacija"
diff --git a/res.py b/res.py
index 46e35ad..31ac1f9 100644
--- a/res.py
+++ b/res.py
@@ -1,12 +1,57 @@
#This file is part of Tryton. The COPYRIGHT file at the top level of
#this repository contains the full copyright notices and license terms.
+import logging
+import urlparse
+
import ldap
from trytond.transaction import Transaction
from trytond.pool import Pool, PoolMeta
+from trytond.config import config, parse_uri
__all__ = ['User']
__metaclass__ = PoolMeta
+logger = logging.getLogger(__name__)
+section = 'ldap_authentication'
+
+
+def parse_ldap_url(uri):
+ unquote = urlparse.unquote
+ uri = parse_uri(uri)
+ dn = unquote(uri.path)[1:]
+ attributes, scope, filter_, extensions = (
+ uri.query.split('?') + [''] * 4)[:4]
+ if not scope:
+ scope = 'base'
+ extensions = urlparse.parse_qs(extensions)
+ return (uri, dn, unquote(attributes), unquote(scope), unquote(filter_),
+ extensions)
+
+
+def ldap_connection():
+ uri = config.get(section, 'uri')
+ if not uri:
+ return
+ uri, _, _, _, _, extensions = parse_ldap_url(uri)
+ if uri.scheme.startswith('ldaps'):
+ scheme, port = 'ldaps', 636
+ else:
+ scheme, port = 'ldap', 389
+ conn = ldap.initialize('%s://%s:%s/' % (
+ scheme, uri.hostname, uri.port or port))
+ if config.getboolean(section, 'active_directory', 'False'):
+ conn.set_option(ldap.OPT_REFERRALS, 0)
+ if 'tls' in uri.scheme:
+ conn.start_tls_s()
+
+ bindname = extensions.get('bindname')
+ if not bindname:
+ bindname = extensions.get('!bindname')
+ if bindname:
+ # XXX find better way to get the password
+ conn.simple_bind_s(bindname, config.get(section, 'bind_pass'))
+ return conn
+
class User:
__name__ = 'res.user'
@@ -20,50 +65,45 @@ class User:
})
@staticmethod
- def ldap_search_user(login, con, connection, attrs=None):
+ def ldap_search_user(login, con, attrs=None):
'''
Return the result of a ldap search for the login using the ldap
connection con based on connection.
The attributes values defined in attrs will be return.
'''
+ _, dn, _, scope, filter_, _ = parse_ldap_url(
+ config.get(section, 'uri'))
scope = {
'base': ldap.SCOPE_BASE,
'onelevel': ldap.SCOPE_ONELEVEL,
'subtree': ldap.SCOPE_SUBTREE,
- }.get(connection.auth_scope)
- if connection.auth_require_filter:
- filter = '(&(%s=%s)%s)' % (connection.auth_uid, login,
- connection.auth_require_filter)
+ }.get(scope)
+ uid = config.get(section, 'uid', 'uid')
+ if filter_:
+ filter_ = '(&(%s=%s)%s)' % (uid, login, filter_)
else:
- filter = '(%s=%s)' % (connection.auth_uid, login)
+ filter_ = '(%s=%s)' % (uid, login)
- result = con.search_s(connection.auth_base_dn or '', scope,
- filter, attrs)
- if connection.active_directory:
+ result = con.search_s(dn, scope, filter_, attrs)
+ if config.get(section, 'active_directory'):
result = [x for x in result if x[0]]
+ if result and len(result) > 1:
+ logger.info('ldap_search_user found more than 1 user')
return result
@classmethod
def _check_passwd_ldap_user(cls, logins):
- Connection = Pool().get('ldap.connection')
- with Transaction().set_user(0):
- connection, = Connection.search([], limit=1)
find = False
try:
- con = ldap.initialize(connection.uri)
- if connection.active_directory:
- con.set_option(ldap.OPT_REFERRALS, 0)
- if connection.secure == 'tls':
- con.start_tls_s()
- if connection.bind_dn:
- con.simple_bind_s(connection.bind_dn, connection.bind_pass)
+ con = ldap_connection()
+ if not con:
+ return
for login in logins:
- if cls.ldap_search_user(login,
- con, connection, attrs=[]):
+ if cls.ldap_search_user(login, con, attrs=[]):
find = True
break
- except Exception:
- pass
+ except ldap.LDAPError, e:
+ logger.error('LDAPError: %s' % str(e))
if find:
cls.raise_user_error('set_passwd_ldap_user', (login.rec_name,))
@@ -74,7 +114,8 @@ class User:
if values.get('password') and 'login' in values:
tocheck.append(values['login'])
if tocheck:
- cls._check_passwd_ldap_user(tocheck)
+ with Transaction().set_context(_check_access=False):
+ cls._check_passwd_ldap_user(tocheck)
return super(User, cls).create(vlist)
@classmethod
@@ -88,60 +129,47 @@ class User:
@classmethod
def set_preferences(cls, values, old_password=False):
- Connection = Pool().get('ldap.connection')
if 'password' in values:
- with Transaction().set_user(0):
- connection, = Connection.search([], limit=1)
try:
- con = ldap.initialize(connection.uri)
- if connection.active_directory:
- con.set_option(ldap.OPT_REFERRALS, 0)
- if connection.secure == 'tls':
- con.start_tls_s()
- if connection.bind_dn:
- con.simple_bind_s(connection.bind_dn, connection.bind_pass)
- user = cls(Transaction().user)
- [(dn, attrs)] = cls.ldap_search_user(user.login, con,
- connection, attrs=[str(connection.auth_uid)])
- if con.simple_bind_s(dn, old_password):
- con.passwd_s(dn, old_password, values['password'])
- values = values.copy()
- del values['password']
- else:
- cls.raise_user_error('wrong_password')
- except Exception:
- pass
+ con = ldap_connection()
+ if con:
+ user = cls(Transaction().user)
+ uid = config.get(section, 'uid', 'uid')
+ users = cls.ldap_search_user(user.login, con, attrs=[uid])
+ if users and len(users) == 1:
+ [(dn, attrs)] = users
+ if con.simple_bind_s(dn, old_password):
+ con.passwd_s(dn, old_password, values['password'])
+ values = values.copy()
+ del values['password']
+ else:
+ cls.raise_user_error('wrong_password')
+ except ldap.LDAPError, e:
+ logger.error('LDAPError: %s' % str(e))
super(User, cls).set_preferences(values, old_password=old_password)
@classmethod
def get_login(cls, login, password):
pool = Pool()
- Connection = pool.get('ldap.connection')
LoginAttempt = pool.get('res.user.login.attempt')
- with Transaction().set_user(0):
- connection, = Connection.search([], limit=1)
try:
- con = ldap.initialize(connection.uri)
- if connection.active_directory:
- con.set_option(ldap.OPT_REFERRALS, 0)
- if connection.secure == 'tls':
- con.start_tls_s()
- if connection.bind_dn:
- con.simple_bind_s(connection.bind_dn, connection.bind_pass)
- [(dn, attrs)] = cls.ldap_search_user(login, con, connection,
- attrs=[str(connection.auth_uid)])
- if password and con.simple_bind_s(dn, password):
- user_id, _ = cls._get_login(login)
- if user_id:
- LoginAttempt.remove(login)
- return user_id
- elif connection.auth_create_user:
- user, = cls.create([{
- 'name': attrs.get(str(connection.auth_uid),
- [login])[0],
- 'login': login,
- }])
- return user.id
- except Exception:
- pass
+ con = ldap_connection()
+ if con:
+ uid = config.get(section, 'uid', 'uid')
+ users = cls.ldap_search_user(login, con, attrs=[uid])
+ if users and len(users) == 1:
+ [(dn, attrs)] = users
+ if password and con.simple_bind_s(dn, password):
+ user_id, _ = cls._get_login(login)
+ if user_id:
+ LoginAttempt.remove(login)
+ return user_id
+ elif config.getboolean(section, 'create_user'):
+ user, = cls.create([{
+ 'name': attrs.get(uid, [login])[0],
+ 'login': login,
+ }])
+ return user.id
+ except ldap.LDAPError, e:
+ logger.error('LDAPError: %s' % str(e))
return super(User, cls).get_login(login, password)
diff --git a/setup.py b/setup.py
index a5cfec1..de9c700 100644
--- a/setup.py
+++ b/setup.py
@@ -47,6 +47,8 @@ for dep in info.get('depends', []):
requires.append(get_require_version('trytond_%s' % dep))
requires.append(get_require_version('trytond'))
+tests_require = ['mock']
+
setup(name=name,
version=version,
description='Tryton module to authenticate users through LDAP',
@@ -98,4 +100,5 @@ setup(name=name,
""",
test_suite='tests',
test_loader='trytond.test_loader:Loader',
+ tests_require=tests_require,
)
diff --git a/tests/test_ldap_authentication.py b/tests/test_ldap_authentication.py
index b5dd1f6..f42b5fa 100644
--- a/tests/test_ldap_authentication.py
+++ b/tests/test_ldap_authentication.py
@@ -1,8 +1,19 @@
#This file is part of Tryton. The COPYRIGHT file at the top level of
#this repository contains the full copyright notices and license terms.
import unittest
+
+from mock import patch
+import ldap
+
import trytond.tests.test_tryton
-from trytond.tests.test_tryton import test_view, test_depends
+from trytond.tests.test_tryton import test_depends
+from trytond.tests.test_tryton import POOL, DB_NAME, USER, CONTEXT
+from trytond.transaction import Transaction
+from trytond.config import config
+
+from trytond.modules.ldap_authentication.res import parse_ldap_url
+
+section = 'ldap_authentication'
class LDAPAuthenticationTestCase(unittest.TestCase):
@@ -10,15 +21,76 @@ class LDAPAuthenticationTestCase(unittest.TestCase):
def setUp(self):
trytond.tests.test_tryton.install_module('ldap_authentication')
+ config.add_section(section)
+ config.set(section, 'uri', 'ldap://localhost/dc=tryton,dc=org')
- def test0005views(self):
- 'Test views'
- test_view('ldap_authentication')
+ def tearDown(self):
+ config.remove_section(section)
def test0006depends(self):
'Test depends'
test_depends()
+ def test_user_get_login(self):
+ 'Test User.get_login'
+ with Transaction().start(DB_NAME, USER, context=CONTEXT):
+ User = POOL.get('res.user')
+
+ @patch.object(ldap, 'initialize')
+ @patch.object(User, 'ldap_search_user')
+ def get_login(login, password, find, ldap_search_user, initialize):
+ con = initialize.return_value
+ con.simple_bind_s.return_value = True
+ if find:
+ ldap_search_user.return_value = [('dn', {})]
+ else:
+ ldap_search_user.return_value = None
+ return User.get_login(login, password)
+
+ # Test existing user
+ self.assertEqual(get_login('admin', 'admin', False), USER)
+ self.assertEqual(get_login('admin', 'admin', True), USER)
+
+ # Test new user
+ self.assertFalse(get_login('foo', 'bar', False))
+ self.assertFalse(get_login('foo', 'bar', True))
+
+ # Test create new user
+ config.set(section, 'create_user', 'True')
+ user_id = get_login('foo', 'bar', True)
+ foo, = User.search([('login', '=', 'foo')])
+ self.assertEqual(user_id, foo.id)
+ self.assertEqual(foo.name, 'foo')
+
+ def test_parse_ldap_url(self):
+ 'Test parse_ldap_url'
+ self.assertEqual(
+ parse_ldap_url('ldap:///o=University%20of%20Michigan,c=US')[1],
+ 'o=University of Michigan,c=US')
+ self.assertEqual(
+ parse_ldap_url(
+ 'ldap://ldap.itd.umich.edu/o=University%20of%20Michigan,c=US'
+ )[1],
+ 'o=University of Michigan,c=US')
+ self.assertEqual(
+ parse_ldap_url(
+ 'ldap://ldap.itd.umich.edu/o=University%20of%20Michigan,'
+ 'c=US?postalAddress')[2],
+ 'postalAddress')
+ self.assertEqual(
+ parse_ldap_url(
+ 'ldap://host.com:6666/o=University%20of%20Michigan,'
+ 'c=US??sub?(cn=Babs%20Jensen)')[3:5],
+ ('sub', '(cn=Babs Jensen)'))
+ self.assertEqual(
+ parse_ldap_url(
+ 'ldap:///??sub??bindname=cn=Manager%2co=Foo')[5],
+ {'bindname': ['cn=Manager,o=Foo']})
+ self.assertEqual(
+ parse_ldap_url(
+ 'ldap:///??sub??!bindname=cn=Manager%2co=Foo')[5],
+ {'!bindname': ['cn=Manager,o=Foo']})
+
def suite():
suite = trytond.tests.test_tryton.suite()
diff --git a/tryton.cfg b/tryton.cfg
index ee842ee..de04464 100644
--- a/tryton.cfg
+++ b/tryton.cfg
@@ -1,8 +1,5 @@
[tryton]
-version=3.2.1
+version=3.4.0
depends:
ir
- ldap_connection
res
-xml:
- connection.xml
diff --git a/trytond_ldap_authentication.egg-info/PKG-INFO b/trytond_ldap_authentication.egg-info/PKG-INFO
index b2a9a4a..b4310ff 100644
--- a/trytond_ldap_authentication.egg-info/PKG-INFO
+++ b/trytond_ldap_authentication.egg-info/PKG-INFO
@@ -1,12 +1,12 @@
Metadata-Version: 1.1
Name: trytond-ldap-authentication
-Version: 3.2.1
+Version: 3.4.0
Summary: Tryton module to authenticate users through LDAP
Home-page: http://www.tryton.org/
Author: Tryton
Author-email: issue_tracker at tryton.org
License: GPL-3
-Download-URL: http://downloads.tryton.org/3.2/
+Download-URL: http://downloads.tryton.org/3.4/
Description: trytond_ldap_authentication
===========================
diff --git a/trytond_ldap_authentication.egg-info/SOURCES.txt b/trytond_ldap_authentication.egg-info/SOURCES.txt
index f366a96..388a2c2 100644
--- a/trytond_ldap_authentication.egg-info/SOURCES.txt
+++ b/trytond_ldap_authentication.egg-info/SOURCES.txt
@@ -4,20 +4,33 @@ INSTALL
LICENSE
MANIFEST.in
README
-connection.xml
setup.py
tryton.cfg
./__init__.py
-./connection.py
./res.py
+./tryton.cfg
+./locale/bg_BG.po
+./locale/ca_ES.po
+./locale/cs_CZ.po
+./locale/de_DE.po
+./locale/es_AR.po
+./locale/es_CO.po
+./locale/es_EC.po
+./locale/es_ES.po
+./locale/fr_FR.po
+./locale/nl_NL.po
+./locale/ru_RU.po
+./locale/sl_SI.po
./tests/__init__.py
./tests/test_ldap_authentication.py
+doc/index.rst
locale/bg_BG.po
locale/ca_ES.po
locale/cs_CZ.po
locale/de_DE.po
locale/es_AR.po
locale/es_CO.po
+locale/es_EC.po
locale/es_ES.po
locale/fr_FR.po
locale/nl_NL.po
@@ -29,5 +42,4 @@ trytond_ldap_authentication.egg-info/dependency_links.txt
trytond_ldap_authentication.egg-info/entry_points.txt
trytond_ldap_authentication.egg-info/not-zip-safe
trytond_ldap_authentication.egg-info/requires.txt
-trytond_ldap_authentication.egg-info/top_level.txt
-view/connection_form.xml
\ No newline at end of file
+trytond_ldap_authentication.egg-info/top_level.txt
\ No newline at end of file
diff --git a/trytond_ldap_authentication.egg-info/requires.txt b/trytond_ldap_authentication.egg-info/requires.txt
index 8a3f7e3..775bac8 100644
--- a/trytond_ldap_authentication.egg-info/requires.txt
+++ b/trytond_ldap_authentication.egg-info/requires.txt
@@ -1,3 +1,2 @@
python-ldap
-trytond_ldap_connection >= 3.2, < 3.3
-trytond >= 3.2, < 3.3
\ No newline at end of file
+trytond >= 3.4, < 3.5
\ No newline at end of file
diff --git a/view/connection_form.xml b/view/connection_form.xml
deleted file mode 100644
index 690fed0..0000000
--- a/view/connection_form.xml
+++ /dev/null
@@ -1,22 +0,0 @@
-<?xml version="1.0"?>
-<!-- This file is part of Tryton. The COPYRIGHT file at the top level of
-this repository contains the full copyright notices and license terms. -->
-<data>
- <xpath expr="/form/group[@id='buttons']" position="before">
- <separator string="Authentication" id="authentication"
- colspan="6"/>
- <label name="auth_uid"/>
- <field name="auth_uid"/>
- <label name="auth_base_dn"/>
- <field name="auth_base_dn"/>
- <newline/>
- <label name="auth_require_filter"/>
- <field name="auth_require_filter"/>
- <label name="auth_scope"/>
- <field name="auth_scope"/>
- <newline/>
- <label name="auth_create_user"/>
- <field name="auth_create_user"/>
- <newline/>
- </xpath>
-</data>
--
tryton-modules-ldap-authentication
More information about the tryton-debian-vcs
mailing list