diff options
-rw-r--r-- | linaro_ldap.py | 42 |
1 files changed, 40 insertions, 2 deletions
diff --git a/linaro_ldap.py b/linaro_ldap.py index 2ea5b63..ed8eaef 100644 --- a/linaro_ldap.py +++ b/linaro_ldap.py @@ -37,7 +37,6 @@ def build_config(): config["uri"] = line.split(' ', 1)[1].strip() return config - def validate_key(pubkey): with tempfile.NamedTemporaryFile(delete=True) as f: f.write(pubkey) @@ -49,7 +48,6 @@ def validate_key(pubkey): return False return True - def do_query(search_attr='uid', search_pat='*', attrlist=[]): config = build_config() with ldap_client(config) as client: @@ -60,6 +58,46 @@ def do_query(search_attr='uid', search_pat='*', attrlist=[]): attrlist) return result +def do_complex_query(base = None, search_filter='(uid=*)', \ + attrlist=[], scope=ldap.SCOPE_SUBTREE): + """This allows you to perform more complex LDAP queries by letting + you specify your own LDAP filter, change the basedn for the query, + or change the scope of the query. + + Without any args, this will return the same result as + a call to do_query(). + + Examples: + + search for uid's start with a 'k' but end with an 'n': + do_complex_query(search_filter="(&(uid=k*)(uid=*n))") + + get a list of all groups in Linaro that start with an l: + do_complex_query( + base="ou=groups,dc=linaro,dc=org", + search_filter="(cn=l*)" + ) + + lookup on a specific DN: + do_complex_query( + base="uid=some.person,ou=staff,ou=accounts,dc=linaro,dc=org", + search_filter="(objectClass=*)" + scope=linaro_ldap.ldap.SCOPE_BASE, + attrlist=['displayName'] + ) + """ + config = build_config() + + if base is None: + base = config["basedn"] + + with ldap_client(config) as client: + result = client.search_s( + base, + scope, + search_filter, + attrlist) + return result def get_users_and_keys(only_validated=False): """Gets all the users and their associated SSH key. |