LinaroLdap: add support for a complext LDAP query

This change adds a function similar to do_query() that will allow the programmer to specify a more complex LDAP query that can change the scope, basedn, or search filter used for the request. This is needed as the current do_query() function limits us to only looking for subtree entries from the basedn on a simple filter of (<search_attr>=<search_pat>) Documentation on more complex filters and searches can be found here: https://www.ibm.com/support/knowledgecenter/en/SSYJ99_8.5.0/admin-system/rbug_ldapfltrxprns.html Change-Id: Ic1e290a3dfb6b97dda83c4595848490b8d219025
author: Kelley Spoon <kelley.spoon@linaro.org> 2018-12-21 08:48:14 -0600
committer: Kelley Spoon <kelley.spoon@linaro.org> 2018-12-21 16:18:11 -0600
commit: 3a06fa8eae18e3fed5d319a6f15877f35ea7c307 (patch)
tree: 64719b73f67b670ee3d000b677e024f993f7f677
parent: d057f4708382ff4c9f3073d0cb0d8a96e66e54fb (diff)
1 files changed, 40 insertions, 2 deletions
diff --git a/linaro_ldap.py b/linaro_ldap.py
index 2ea5b63..ed8eaef 100644
--- a/linaro_ldap.py
+++ b/linaro_ldap.py
@@ -37,7 +37,6 @@ def build_config():
                     config["uri"] = line.split(' ', 1)[1].strip()
     return config
 
-
 def validate_key(pubkey):
     with tempfile.NamedTemporaryFile(delete=True) as f:
         f.write(pubkey)
@@ -49,7 +48,6 @@ def validate_key(pubkey):
             return False
     return True
 
-
 def do_query(search_attr='uid', search_pat='*', attrlist=[]):
     config = build_config()
     with ldap_client(config) as client:
@@ -60,6 +58,46 @@ def do_query(search_attr='uid', search_pat='*', attrlist=[]):
             attrlist)
     return result
 
+def do_complex_query(base = None, search_filter='(uid=*)', \
+    attrlist=[], scope=ldap.SCOPE_SUBTREE):
+    """This allows you to perform more complex LDAP queries by letting
+       you specify your own LDAP filter, change the basedn for the query,
+       or change the scope of the query.
+
+       Without any args, this will return the same result as
+       a call to do_query().
+
+       Examples:
+
+       search for uid's start with a 'k' but end with an 'n':
+          do_complex_query(search_filter="(&(uid=k*)(uid=*n))")
+
+       get a list of all groups in Linaro that start with an l:
+          do_complex_query(
+             base="ou=groups,dc=linaro,dc=org",
+             search_filter="(cn=l*)"
+          )
+
+       lookup on a specific DN:
+          do_complex_query(
+             base="uid=some.person,ou=staff,ou=accounts,dc=linaro,dc=org",
+             search_filter="(objectClass=*)"
+             scope=linaro_ldap.ldap.SCOPE_BASE,
+             attrlist=['displayName']
+          )
+    """
+    config = build_config()
+
+    if base is None:
+        base = config["basedn"]
+
+    with ldap_client(config) as client:
+        result = client.search_s(
+            base,
+            scope,
+            search_filter,
+            attrlist)
+    return result
 
 def get_users_and_keys(only_validated=False):
     """Gets all the users and their associated SSH key.
author	Kelley Spoon <kelley.spoon@linaro.org>	2018-12-21 08:48:14 -0600
committer	Kelley Spoon <kelley.spoon@linaro.org>	2018-12-21 16:18:11 -0600
commit	3a06fa8eae18e3fed5d319a6f15877f35ea7c307 (patch)
tree	64719b73f67b670ee3d000b677e024f993f7f677
parent	d057f4708382ff4c9f3073d0cb0d8a96e66e54fb (diff)