Add the support of the LDAP scope configuration
This commit is contained in:
parent
a2128a4787
commit
5d55b2868f
@ -35,6 +35,12 @@ CONNEXION = ldap.initialize(config.get("acl", "ldap_url"))
|
||||
BINDDN = config.get("acl", "ldap_binddn")
|
||||
PASSWORD = config.get("acl", "ldap_password")
|
||||
|
||||
SCOPE = ldap.SCOPE_ONELEVEL
|
||||
if config.get("acl", "ldap_scope").lower() == 'subtree':
|
||||
SCOPE = ldap.SCOPE_SUBTREE
|
||||
elif config.get("acl", "ldap_scope").lower() == 'base':
|
||||
SCOPE = ldap.SCOPE_BASE
|
||||
|
||||
|
||||
def has_right(owner, user, password):
|
||||
"""Check if ``user``/``password`` couple is valid."""
|
||||
@ -50,7 +56,7 @@ def has_right(owner, user, password):
|
||||
log.LOGGER.debug(
|
||||
"LDAP bind for %s in base %s" % (distinguished_name, BASE))
|
||||
|
||||
users = CONNEXION.search_s(BASE, ldap.SCOPE_ONELEVEL, distinguished_name)
|
||||
users = CONNEXION.search_s(BASE, SCOPE, distinguished_name)
|
||||
if users:
|
||||
log.LOGGER.debug("User %s found" % user)
|
||||
try:
|
||||
|
@ -59,6 +59,7 @@ INITIAL_CONFIG = {
|
||||
"ldap_attribute": "uid",
|
||||
"ldap_binddn": "",
|
||||
"ldap_password": "",
|
||||
"ldap_scope": "OneLevel",
|
||||
"pam_group_membership": "",
|
||||
"courier_socket": ""},
|
||||
"storage": {
|
||||
|
Loading…
Reference in New Issue
Block a user