{ "info": { "author": "Jeroen Michiel", "author_email": "jmichiel@yahoo.com", "bugtrack_url": null, "classifiers": [ "Framework :: Zope3", "Topic :: System :: Systems Administration :: Authentication/Directory :: LDAP" ], "description": "================\nLDAP GroupFolder\n================\n\nThis is an AuthenticatorPlugin that implements a read-only GroupFolder reflecting the groups\nas defined on an LDAP server. It relies on the registration as a named ILDAPAuthentation utility\nof an ldappas plugin. It works in tandem with ldappas: ldappas authenticates users, while\nldapgroups looks up their groups and adds the users to the groups \n\n\nSetup\n-----\n\n\t>>> from ldappas.authentication import LDAPAuthentication\n\t>>> from zope import component\n\t>>> from ldappas.interfaces import ILDAPAuthentication\n\t\n\t>>> users = LDAPAuthentication()\n\t>>> component.provideUtility(users, ILDAPAuthentication, 'ldap-users')\n\nLDAPAuthentication needs an LDAP adapter, registered as a named ILDAPAdapter utility. \nThere's a fake one in the tests module.\n\n\t>>> from ldapgroups.tests.fakeadapter import FakeLDAPAdapter\n\t>>> adapter = FakeLDAPAdapter()\n\t>>> from ldapadapter.interfaces import ILDAPAdapter\n\t>>> component.provideUtility(adapter, ILDAPAdapter, 'ldap-adapter')\n\nLet's configure the LDAPAuthentication plugin:\n\n\t>>> users.adapterName = u'ldap-adapter'\n\t>>> users.searchBase = u'ou=users,dc=test'\n\t>>> users.searchScope = u'sub'\n\t>>> users.loginAttribute = u'cn'\n\t>>> users.principalIdPrefix = u'ldap.'\n\t>>> users.titleAttribute = u'sn'\n\nThere's no need to fill in the group-related attributes on the LDAPAuthentication plugin,\nas LDAPGroups uses its own. For the idAttribute, you should use the attribute that yields \nthe Distinguished Name of the user, as LDAP uses this to link users to groups:\n\n\t>>> users.idAttribute = u'dn'\n\t\n(For ActiveDirectory, this apparently is 'distinguishedName', so use an LDAP browser to check)\nThere may be a way around this restriction with advanced queries, but is not (yet?) implemented.\n\nLet's get our LDAP GroupFolder up and running\n\n\t>>> from ldapgroups.groupfolder import LDAPGroups\n\t>>> groups = LDAPGroups(u'ldap-users', u'group.ldap.')\n\t>>> groups.groupsSearchBase = u'ou=groups,dc=test'\n\t>>> groups.groupsSearchScope = u'sub' \n\t>>> groups.groupTitleAttribute = u'cn'\n\t>>> groups.groupIdAttribute = u'dn'\n\t>>> groups.groupDescriptionAttribute = u'description'\n\t\nDo some registration tests\n\n >>> groups.getLDAPAuthenticator() == users\n True\n >>> users.getLDAPAdapter() == adapter\n True\n\n\nGroups can't authenticate\n\n >>> groups.authenticateCredentials({'login':u'Domain Users','password':u'pwd'}) is None\n True\n\nWe can lookup groups as principals\n\n >>> principal = groups.principalInfo(u'group.ldap.cn=Domain Users,ou=groups,dc=test')\n >>> principal\n LDAPGroupInformation(u'group.ldap.cn=Domain Users,ou=groups,dc=test')\n >>> from zope.pluggableauth.interfaces import IPrincipalInfo \n >>> IPrincipalInfo.providedBy(principal)\n True\n \nIt also provides IReadGroupInformation, which can be used to get the principals\n\n >>> from ldapgroups.interfaces import IReadGroupInformation\n >>> IReadGroupInformation.providedBy(principal)\n True\n >>> principal.principals\n [u'ldap.cn=Andr\\xe9 de Chimpansee,ou=users,dc=test', u'ldap.cn=Louis Kolibri,ou=users,dc=test']\n\n\n\nContainer behaviour\n-------------------\n\n >>> len(groups)\n 2\n >>> groups.keys()\n [u'Administrators', u'Domain Users']\n >>> 'Administrators' in groups\n True\n >>> groups.has_key('Administrators')\n True\n >>> groups.values() \n [LDAPGroupInformation(u'group.ldap.cn=Administrators,ou=groups,dc=test'), LDAPGroupInformation(u'group.ldap.cn=Domain Users,ou=groups,dc=test')]\n >>> groups.items() == zip(groups.keys(), groups.values())\n True\n >>> group = groups['Domain Users']\n >>> group\n LDAPGroupInformation(u'group.ldap.cn=Domain Users,ou=groups,dc=test')\n >>> group.description\n u'Users with a domain account'\n >>> group == groups.get('Domain Users')\n True\n >>> groups.get('grupo sportivo') is None\n True\n >>> groups['grupo sportivo'] # doctest: +ELLIPSIS\n Traceback (most recent call last):\n ...\n KeyError\n\n\nSearching\n---------\n\n >>> groups.search({'cn':'Domain Users'})\n [u'group.ldap.cn=Domain Users,ou=groups,dc=test']\n >>> groups.search({'cn':'Users'})\n []\n\nPAU integration:\n----------------\n\nRegisters them all to the PAU\n\n >>> from zope.pluggableauth.interfaces import IAuthenticatorPlugin\n >>> component.provideUtility(users, provides=IAuthenticatorPlugin, name='ldap-users')\n >>> component.provideUtility(groups, provides=IAuthenticatorPlugin, name='ldap-groups')\n\nWe also need a credentials plugin that will extract the credentials from the\nrequest:\n\n >>> import zope.interface\n >>> from zope.pluggableauth.interfaces import ICredentialsPlugin\n\n >>> class MyCredentialsPlugin:\n ...\n ... zope.interface.implements(ICredentialsPlugin)\n ...\n ... def extractCredentials(self, request):\n ... return request.get('credentials')\n ...\n ... def challenge(self, request):\n ... pass # challenge is a no-op for this plugin\n ...\n ... def logout(request):\n ... pass # logout is a no-op for this plugin\n\n >>> creds = MyCredentialsPlugin()\n >>> component.provideUtility(creds, name='simple-creds')\n\nRegister the principalFactory\n\n >>> import zope.component.event\n >>> from zope.pluggableauth import factories\n >>> component.provideAdapter(factories.AuthenticatedPrincipalFactory)\n >>> component.provideAdapter(factories.FoundPrincipalFactory)\n\nWe are finally ready to create a pluggable authentication utility and register\nthe two plugins with it:\n\n >>> from zope.pluggableauth import PluggableAuthentication\n >>> pau = PluggableAuthentication()\n >>> pau['ldap-users'] = users\n >>> pau['ldap-groups'] = groups\n >>> pau['simple-creds'] = creds\n >>> pau.credentialsPlugins = ('simple-creds', )\n >>> pau.authenticatorPlugins = ('ldap-users', 'ldap-groups')\n \nLet's authenticate some users\n\n >>> from zope.publisher.browser import TestRequest\n >>> request = TestRequest(credentials={'login': 'Louis Kolibri', 'password': 'louis2000'})\n >>> louis = pau.authenticate(request)\n >>> louis\n Principal(u'ldap.cn=Louis Kolibri,ou=users,dc=test')\n\nGroups are set by the setGroupsForPrincipal event subscriber\n\n >>> louis.groups\n []\n >>> class PrincipalCreatedEvent:\n ... def __init__(self, authentication, principal):\n ... self.authentication = authentication\n ... self.principal = principal\n >>> from ldapgroups.groupfolder import setGroupsForPrincipal\n >>> setGroupsForPrincipal(PrincipalCreatedEvent(pau, louis))\n >>> louis.groups\n [u'group.ldap.cn=Domain Users,ou=groups,dc=test']\n >>> component.provideHandler(setGroupsForPrincipal)\n >>> request = TestRequest(credentials={'login': u'Andr\\xe9 de Chimpansee', 'password': 'dreten'})\n >>> andre = pau.authenticate(request)\n >>> andre\n Principal(u'ldap.cn=Andr\\xe9 de Chimpansee,ou=users,dc=test')\n >>> andre.groups\n [u'group.ldap.cn=Administrators,ou=groups,dc=test', u'group.ldap.cn=Domain Users,ou=groups,dc=test']\n\n \n\nBrowser views\n-------------\n\nThere's an ISized adapter available for the zmi view.\n\n >>> from ldapgroups.groupfolder import LDAPGroupSize\n >>> from zope.size.interfaces import ISized\n >>> component.provideAdapter(LDAPGroupSize)\n >>> ISized(group).sizeForSorting()\n ('item', 2)\n \nThe view's iteminfos function gathers all info about the goups in a groupfolder\n \n >>> from ldapgroups.browser.contents import LDAPGroupFolderContents\n >>> view = LDAPGroupFolderContents(groups, request)\n >>> view.iteminfos()\n [{'url': 'Administrators', 'name': u'Administrators', 'size': u'${items} items'}, {'url': 'Domain%20Users', 'name': u'Domain Users', 'size': u'${items} items'}]\n\nDownload\n========", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "http://code.google.com/p/ldapgroups", "keywords": "Zope3 ldap group folder", "license": "MIT", "maintainer": null, "maintainer_email": null, "name": "ldapgroups", "package_url": "https://pypi.org/project/ldapgroups/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/ldapgroups/", "project_urls": { "Download": "UNKNOWN", "Homepage": "http://code.google.com/p/ldapgroups" }, "release_url": "https://pypi.org/project/ldapgroups/0.2/", "requires_dist": null, "requires_python": null, "summary": "A read-only Zope3 GroupFolder implementation that reflects groups on an LDAP server.\nNeeds ldappas", "version": "0.2" }, "last_serial": 794103, "releases": { "0.1": [ { "comment_text": "", "digests": { "md5": "271ad088dbbc95bad89f119783a07afa", "sha256": "e096100751284381b9d44cd1782c62de36893506c8cfbf3dda4496dc9159b681" }, "downloads": -1, "filename": "ldapgroups-0.1.zip", "has_sig": false, "md5_digest": "271ad088dbbc95bad89f119783a07afa", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 18165, "upload_time": "2010-05-19T12:00:53", "url": "https://files.pythonhosted.org/packages/64/79/97df097211ad51e17cd5afc1324b5c3e8933a551ce8999efde9b20daf1c4/ldapgroups-0.1.zip" } ], "0.1.1": [ { "comment_text": "", "digests": { "md5": "192076a47d397d7975db100245d6eb97", "sha256": "10c2588fad510f4568ff3faae23d7bcdc3550c6e414519921c07d0498573d575" }, "downloads": -1, "filename": "ldapgroups-0.1.1.zip", "has_sig": false, "md5_digest": "192076a47d397d7975db100245d6eb97", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 18249, "upload_time": "2010-07-15T15:24:28", "url": "https://files.pythonhosted.org/packages/e7/63/16fe659a40427e09241c401e0b1317037ef3238156941c8961741674ecc8/ldapgroups-0.1.1.zip" } ], "0.1a1": [ { "comment_text": "", "digests": { "md5": "47252a83b2b7c393e5eca662f755c475", "sha256": "f78d35c1f92b1c380c42ebe52e4f7a0a1cf1c906b5ecae108816e8f18e596861" }, "downloads": -1, "filename": "ldapgroups-0.1a1.zip", "has_sig": false, "md5_digest": "47252a83b2b7c393e5eca662f755c475", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7570, "upload_time": "2009-08-14T15:29:46", "url": "https://files.pythonhosted.org/packages/b5/95/8f602f21457a9ebdf6faf1ac7db699a18a0c398c4652e644b645fa6c5326/ldapgroups-0.1a1.zip" } ], "0.1a2": [ { "comment_text": "", "digests": { "md5": "e2f7952a1ec249782ca8970937b97f0f", "sha256": "facfbb08788e0fd282be68d3748cd328568d3649da834ea0651b557769876eff" }, "downloads": -1, "filename": "ldapgroups-0.1a2.zip", "has_sig": false, "md5_digest": "e2f7952a1ec249782ca8970937b97f0f", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 13582, "upload_time": "2009-08-18T12:15:11", "url": "https://files.pythonhosted.org/packages/72/0a/08fb0e1bb12234775f63ba9981a11d164ddb3f69065b8642274695c2ff50/ldapgroups-0.1a2.zip" } ], "0.1a3": [ { "comment_text": "", "digests": { "md5": "9707f76aec8f0f5da7ed48815fc5af39", "sha256": "231da7b333d0c11df1f796cac9acaf07b5aa90fe49a2ad97455c437ea49ea3c6" }, "downloads": -1, "filename": "ldapgroups-0.1a3.zip", "has_sig": false, "md5_digest": "9707f76aec8f0f5da7ed48815fc5af39", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 17921, "upload_time": "2009-10-15T15:05:52", "url": "https://files.pythonhosted.org/packages/20/82/9ba040241270e4f7402d86c56e131b2d0f34cb2c2856dc185c25600e5d71/ldapgroups-0.1a3.zip" } ], "0.1dev": [ { "comment_text": "", "digests": { "md5": "c2dc9ef1d8f009796e79f3dbfe475129", "sha256": "dbd1128b821c799c21273b06904b26d8e29a593e5fdb530efe57f54850eb9974" }, "downloads": -1, "filename": "ldapgroups-0.1dev.zip", "has_sig": false, "md5_digest": "c2dc9ef1d8f009796e79f3dbfe475129", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6850, "upload_time": "2009-08-14T14:29:29", "url": "https://files.pythonhosted.org/packages/2a/19/00df98bde0fe791c3bf0996fe8df224b1e583fc222c3ac88bb9e0c9447f8/ldapgroups-0.1dev.zip" } ], "0.2": [ { "comment_text": "", "digests": { "md5": "8985a1f14b8e17e37276a474ccc45537", "sha256": "81983d847804278bc420e1550e8a4a5dfd864e6f92ed10a0e884cba2df91b868" }, "downloads": -1, "filename": "ldapgroups-0.2.zip", "has_sig": false, "md5_digest": "8985a1f14b8e17e37276a474ccc45537", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 18657, "upload_time": "2011-05-10T10:53:51", "url": "https://files.pythonhosted.org/packages/0a/40/e020c46657de941366dce9d583b10047257b2529b7d50c4853ef25871d65/ldapgroups-0.2.zip" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "8985a1f14b8e17e37276a474ccc45537", "sha256": "81983d847804278bc420e1550e8a4a5dfd864e6f92ed10a0e884cba2df91b868" }, "downloads": -1, "filename": "ldapgroups-0.2.zip", "has_sig": false, "md5_digest": "8985a1f14b8e17e37276a474ccc45537", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 18657, "upload_time": "2011-05-10T10:53:51", "url": "https://files.pythonhosted.org/packages/0a/40/e020c46657de941366dce9d583b10047257b2529b7d50c4853ef25871d65/ldapgroups-0.2.zip" } ] }