Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
J
jumpserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
jumpserver
Commits
25fcbf37
Commit
25fcbf37
authored
Sep 26, 2019
by
BaiJiangJie
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[Update] LDAP 导入搜索添加分页配置
parent
a6d87f6d
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
39 additions
and
14 deletions
+39
-14
conf.py
apps/jumpserver/conf.py
+1
-0
settings.py
apps/jumpserver/settings.py
+1
-0
utils.py
apps/settings/utils.py
+37
-14
No files found.
apps/jumpserver/conf.py
View file @
25fcbf37
...
@@ -380,6 +380,7 @@ defaults = {
...
@@ -380,6 +380,7 @@ defaults = {
'SECURITY_MFA_VERIFY_TTL'
:
3600
,
'SECURITY_MFA_VERIFY_TTL'
:
3600
,
'ASSETS_PERM_CACHE_ENABLE'
:
False
,
'ASSETS_PERM_CACHE_ENABLE'
:
False
,
'PERM_SINGLE_ASSET_TO_UNGROUP_NODE'
:
False
,
'PERM_SINGLE_ASSET_TO_UNGROUP_NODE'
:
False
,
'AUTH_LDAP_SEARCH_PAGED_SIZE'
:
None
,
}
}
...
...
apps/jumpserver/settings.py
View file @
25fcbf37
...
@@ -424,6 +424,7 @@ OTP_VALID_WINDOW = CONFIG.OTP_VALID_WINDOW
...
@@ -424,6 +424,7 @@ OTP_VALID_WINDOW = CONFIG.OTP_VALID_WINDOW
# Auth LDAP settings
# Auth LDAP settings
AUTH_LDAP
=
False
AUTH_LDAP
=
False
AUTH_LDAP_SEARCH_PAGED_SIZE
=
CONFIG
.
AUTH_LDAP_SEARCH_PAGED_SIZE
AUTH_LDAP_SERVER_URI
=
'ldap://localhost:389'
AUTH_LDAP_SERVER_URI
=
'ldap://localhost:389'
AUTH_LDAP_BIND_DN
=
'cn=admin,dc=jumpserver,dc=org'
AUTH_LDAP_BIND_DN
=
'cn=admin,dc=jumpserver,dc=org'
AUTH_LDAP_BIND_PASSWORD
=
''
AUTH_LDAP_BIND_PASSWORD
=
''
...
...
apps/settings/utils.py
View file @
25fcbf37
...
@@ -47,6 +47,7 @@ class LDAPUtil:
...
@@ -47,6 +47,7 @@ class LDAPUtil:
self
.
search_filter
=
settings
.
AUTH_LDAP_SEARCH_FILTER
self
.
search_filter
=
settings
.
AUTH_LDAP_SEARCH_FILTER
self
.
attr_map
=
settings
.
AUTH_LDAP_USER_ATTR_MAP
self
.
attr_map
=
settings
.
AUTH_LDAP_USER_ATTR_MAP
self
.
auth_ldap
=
settings
.
AUTH_LDAP
self
.
auth_ldap
=
settings
.
AUTH_LDAP
self
.
paged_size
=
settings
.
AUTH_LDAP_SEARCH_PAGED_SIZE
@property
@property
def
connection
(
self
):
def
connection
(
self
):
...
@@ -79,23 +80,45 @@ class LDAPUtil:
...
@@ -79,23 +80,45 @@ class LDAPUtil:
user_item
[
attr
]
=
value
user_item
[
attr
]
=
value
return
user_item
return
user_item
def
_search_user_items_ou
(
self
,
search_ou
,
cookie
=
None
):
ok
=
self
.
connection
.
search
(
search_ou
,
self
.
search_filter
%
({
"user"
:
"*"
}),
attributes
=
list
(
self
.
attr_map
.
values
()),
paged_size
=
self
.
paged_size
,
paged_cookie
=
cookie
)
if
not
ok
:
error
=
_
(
"Search no entry matched in ou {}"
.
format
(
search_ou
))
raise
LDAPOUGroupException
(
error
)
user_items
=
[]
for
entry
in
self
.
connection
.
entries
:
user_item
=
self
.
_ldap_entry_to_user_item
(
entry
)
user
=
self
.
get_user_by_username
(
user_item
[
'username'
])
user_item
[
'existing'
]
=
bool
(
user
)
if
user_item
in
user_items
:
continue
user_items
.
append
(
user_item
)
return
user_items
def
_cookie
(
self
):
if
self
.
paged_size
is
None
:
cookie
=
None
else
:
cookie
=
self
.
connection
.
result
[
'controls'
][
'1.2.840.113556.1.4.319'
][
'value'
][
'cookie'
]
return
cookie
def
search_user_items
(
self
):
def
search_user_items
(
self
):
user_items
=
[]
user_items
=
[]
logger
.
info
(
"Search user items"
)
for
search_ou
in
str
(
self
.
search_ougroup
)
.
split
(
"|"
):
for
search_ou
in
str
(
self
.
search_ougroup
)
.
split
(
"|"
):
ok
=
self
.
connection
.
search
(
logger
.
info
(
"Search user search ou: {}"
.
format
(
search_ou
))
search_ou
,
self
.
search_filter
%
({
"user"
:
"*"
}),
_user_items
=
self
.
_search_user_items_ou
(
search_ou
)
attributes
=
list
(
self
.
attr_map
.
values
())
user_items
.
extend
(
_user_items
)
)
while
self
.
_cookie
():
if
not
ok
:
logger
.
info
(
"Page Search user search ou: {}"
.
format
(
search_ou
))
error
=
_
(
"Search no entry matched in ou {}"
.
format
(
search_ou
))
_user_items
=
self
.
_search_user_items_ou
(
search_ou
,
self
.
_cookie
())
raise
LDAPOUGroupException
(
error
)
user_items
.
extend
(
_user_items
)
for
entry
in
self
.
connection
.
entries
:
logger
.
info
(
"Search user items end"
)
user_item
=
self
.
_ldap_entry_to_user_item
(
entry
)
user
=
self
.
get_user_by_username
(
user_item
[
'username'
])
user_item
[
'existing'
]
=
bool
(
user
)
if
user_item
in
user_items
:
continue
user_items
.
append
(
user_item
)
return
user_items
return
user_items
def
search_filter_user_items
(
self
,
username_list
):
def
search_filter_user_items
(
self
,
username_list
):
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment