From 5d55b2868fc3dccd01db8d8bd4d46129770ea6c4 Mon Sep 17 00:00:00 2001 From: Gerhard Schmidt Date: Tue, 29 Nov 2011 12:54:38 +0100 Subject: [PATCH] Add the support of the LDAP scope configuration --- radicale/acl/LDAP.py | 8 +++++++- radicale/config.py | 1 + 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/radicale/acl/LDAP.py b/radicale/acl/LDAP.py index fe5c8fc..7e7ed07 100644 --- a/radicale/acl/LDAP.py +++ b/radicale/acl/LDAP.py @@ -35,6 +35,12 @@ CONNEXION = ldap.initialize(config.get("acl", "ldap_url")) BINDDN = config.get("acl", "ldap_binddn") PASSWORD = config.get("acl", "ldap_password") +SCOPE = ldap.SCOPE_ONELEVEL +if config.get("acl", "ldap_scope").lower() == 'subtree': + SCOPE = ldap.SCOPE_SUBTREE +elif config.get("acl", "ldap_scope").lower() == 'base': + SCOPE = ldap.SCOPE_BASE + def has_right(owner, user, password): """Check if ``user``/``password`` couple is valid.""" @@ -50,7 +56,7 @@ def has_right(owner, user, password): log.LOGGER.debug( "LDAP bind for %s in base %s" % (distinguished_name, BASE)) - users = CONNEXION.search_s(BASE, ldap.SCOPE_ONELEVEL, distinguished_name) + users = CONNEXION.search_s(BASE, SCOPE, distinguished_name) if users: log.LOGGER.debug("User %s found" % user) try: diff --git a/radicale/config.py b/radicale/config.py index 87c0d81..51d939c 100644 --- a/radicale/config.py +++ b/radicale/config.py @@ -59,6 +59,7 @@ INITIAL_CONFIG = { "ldap_attribute": "uid", "ldap_binddn": "", "ldap_password": "", + "ldap_scope": "OneLevel", "pam_group_membership": "", "courier_socket": ""}, "storage": {