[Kimchi-devel] [PATCH] issue#474: Add check for ldap configuration
Royce Lv
lvroyce at linux.vnet.ibm.com
Wed Dec 10 05:20:41 UTC 2014
On 2014年12月09日 20:47, Daniel Henrique Barboza wrote:
>
> On 12/09/2014 06:24 AM, lvroyce at linux.vnet.ibm.com wrote:
>> From: Royce Lv <lvroyce at linux.vnet.ibm.com>
>>
>> Check ldap server and filter when start up.
>> Ignore admin id if it does not specified in config.
>>
>> Signed-off-by: Royce Lv <lvroyce at linux.vnet.ibm.com>
>> ---
>> src/kimchi/auth.py | 14 +++++++++-----
>> src/kimchid.in | 9 +++++++++
>> 2 files changed, 18 insertions(+), 5 deletions(-)
>>
>> diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py
>> index 22c5c81..23bc5ec 100644
>> --- a/src/kimchi/auth.py
>> +++ b/src/kimchi/auth.py
>> @@ -19,6 +19,7 @@
>>
>> import base64
>> import cherrypy
>> +from ConfigParser import NoOptionError
>> import fcntl
>> import ldap
>> import multiprocessing
>
> The import order is not following the standard of other kimchi files.
> Should be something like this:
>
> import base64
> import cherrypy
> import fcntl
> import ldap
> import multiprocessing
> +from ConfigParser import NoOptionError
ack
>
>
>> @@ -222,11 +223,14 @@ class LDAPUser(User):
>> return self.user[USER_GROUPS]
>>
>> def get_roles(self):
>> - admin_ids = config.get(
>> - "authentication", "ldap_admin_id").strip('"').split(',')
>> - for admin_id in admin_ids:
>> - if self.user[USER_NAME] == admin_id.strip():
>> - self.user[USER_ROLES] = dict.fromkeys(tabs, 'admin')
>> + try:
>> + admin_ids = config.get(
>> + "authentication", "ldap_admin_id").strip('"').split(',')
>> + for admin_id in admin_ids:
>> + if self.user[USER_NAME] == admin_id.strip():
>> + self.user[USER_ROLES] = dict.fromkeys(tabs, 'admin')
>> + except NoOptionError:
>> + pass
>> return self.user[USER_ROLES]
>>
>> def get_user(self):
>> diff --git a/src/kimchid.in b/src/kimchid.in
>> index 0746ba6..0121f97 100644
>> --- a/src/kimchid.in
>> +++ b/src/kimchid.in
>> @@ -49,6 +49,15 @@ def main(options):
>> federation = config.config.get("server", "federation")
>> logDir = config.config.get("logging", "log_dir")
>> logLevel = config.config.get("logging", "log_level")
>> + auth = config.config.get("authentication", "method")
>> + ldap_server = config.config.get("authentication", "ldap_server")
>> + search_base = config.config.get("authentication", "ldap_search_base")
>> + search_filter = config.config.get("authentication",
>> "ldap_search_filter",
>> + vars={"username": "fake"})
>> +
>> + if auth == "ldap" and \
>> + (not all([auth, ldap_server, search_base, search_filter])):
>> + sys.exit("LDAP server is not setup properly.Exiting ...")
>>
>> parser = OptionParser()
>> parser.add_option('--host', type="string", default=host,
>
> _______________________________________________
> Kimchi-devel mailing list
> Kimchi-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
>
More information about the Kimchi-devel
mailing list