basic upgrade to node.ext.ldap 1.0b1

.gitignore

@@ -18,4 +18,5 @@
 /parts/
 /src/*.egg-info
 /var/
-buildout.cfg
+/buildout.cfg
+/pip-selfcheck.json

CHANGES.rst

@@ -2,16 +2,35 @@
 History
 =======
 
-1.4.1 (unreleased)
+1.5a1 (unreleased)
 ------------------
 
-- fix tests for Plone 5
+- Adopt LDAP instector to use DN instead of RDN for node identification.
+  [rnix]
+
+- Add dummy ``defaults`` setting to ``UsersConfig`` and ``GroupsConfig``
+  adapters. These defaults are used to set child creation defaults, thus
+  concrete implementation is postponed until user and group creation is
+  supported through plone UI.
+  [rnix]
+
+- Add ``ignore_cert`` setting to ``LDAPProps`` adapter.
+  [rnix]
+
+- Remove ``check_duplicates`` setting which is not available any more in
+  node.ext.ldap.
+  [rnix]
+
+- Use node.ext.ldap 1.0b1.
+  [rnix]
+
+- fix tests for Plone 5.
   [jensens]
 
-- use implementer decorator for better readability
+- use implementer decorator for better readability.
   [jensens]
 
-- Fix setuptools to v7.0
+- Fix setuptools to v7.0.
   [jensens]
 
 

LICENSE.rst

@@ -2,7 +2,7 @@
 License
 =======
 
-Copyright (c) 2010-2014, BlueDynamics Alliance, Austria, Germany, Switzerland
+Copyright (c) 2010-2016, BlueDynamics Alliance, Austria, Germany, Switzerland
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without

README.rst

@@ -118,10 +118,8 @@ We appreciate any contribution and if a release is needed to be done on pypi, pl
 Contributors
 ============
 
-- Jens W. Klein <jens@bluedynamics.com>
-
-- Robert Niederrreiter <rnix [at] squarewave [dot] at>
-
-- Florian Friesdorf <flo [at] chaoflow [dot] net>
-
-- Daniel Widerin <daniel@widerin.net>
+- Jens W. Klein
+- Robert Niederrreiter
+- Florian Friesdorf
+- Daniel Widerin
+- Johannes Raggam

TODO.rst

@@ -2,7 +2,8 @@
 TODO
 ====
 
-see also 'Issue-Tracker <https://github.com/collective/pas.plugins.ldap/issues>`_
+See also
+'Issue-Tracker <https://github.com/collective/pas.plugins.ldap/issues>`_
 
 Milestone 2.0
 -------------
@@ -12,20 +13,24 @@ Milestone 2.0
 - add/delete groups
 - add flags for readonly groups and users
 - modes for only groups or only users from ldap
+- SSL/TLS configuration TTW
+- creation defaults TTW
+- group in group (depends on: node.ext.ldap: group.groups support)
+- roles from ldap
+- Option on LDAP inspector whether to use query filters from users and groups
+  config
 
-Nice-to-Have
+Related TODO
 ------------
 
-- group in group (depends on: node.ext.ldap: group.groups support)
-- roles from ldap
+- Fix ``yafowil.plone`` resource registration for Plone 5
 
 Misc
 ----
+
 ::
 
     node.ext.ldap/src/node/ext/ldap/session.py:51:
     UnicodeWarning: Unicode equal comparison failed to convert both arguments to
     Unicode - interpreting them as being unequal
         if queryFilter in ('', u'', None):
-
-

base.cfg

@@ -6,6 +6,7 @@ parts +=
     zopeomelette
     ploneomelette
     coverage
+    test
     test-coverage
     releaser
     code-analysis

setup.py

@@ -4,7 +4,7 @@
     find_packages,
 )
 
-version = '1.4.1.dev0'
+version = '1.5a1.dev0'
 shortdesc = "LDAP Plugin for Zope2 PluggableAuthService (users and groups)"
 longdesc = open(os.path.join(os.path.dirname(__file__), 'README.rst')).read()
 longdesc += open(os.path.join(os.path.dirname(__file__), 'TODO.rst')).read()
@@ -39,7 +39,7 @@
         'bda.cache',
         'five.globalrequest',
         'node',
-        'node.ext.ldap>=0.9.6',
+        'node.ext.ldap>=1.0b1',
         'odict',
         'plone.registry',
         'Products.CMFCore',

src/pas/plugins/ldap/defaults.py

@@ -1,39 +1,42 @@
 # -*- coding: utf-8 -*-
 from node.ext.ldap.scope import ONELEVEL
 
+
 DEFAULTS = {
     'server.uri':               'ldap://127.0.0.1:12345',
     'server.user':              'cn=Manager,dc=my-domain,dc=com',
     'server.password':          'secret',
-    'server.check_duplicates':  True,
+    'server.ignore_cert':       0,
     'server.start_tls':         False,
-    'server.check_duplicates':  False,
 
     'cache.cache':              False,
     'cache.memcached':          '127.0.0.1:11211',
     'cache.timeout':            300,  # seconds
 
     'users.baseDN':             'ou=users,dc=my-domain,dc=com',
-    'users.attrmap':            {'rdn': 'uid',
-                                 'id': 'uid',
-                                 'login': 'uid',
-                                 'fullname': 'cn',
-                                 'email': 'mail',
-                                 'location': 'l'},
+    'users.attrmap':            {
+                                    'rdn': 'uid',
+                                    'id': 'uid',
+                                    'login': 'uid',
+                                    'fullname': 'cn',
+                                    'email': 'mail',
+                                    'location': 'l'
+                                },
     'users.scope':              ONELEVEL,
     'users.queryFilter':        '(objectClass=inetOrgPerson)',
     'users.objectClasses':      ['inetOrgPerson'],
     'users.memberOfSupport':    False,
     'users.account_expiration': False,
     'users.expires_attr':       'shadowExpire',
     'users.expires_unit':       0,
-    'users.check_duplicates':   1,
 
     'groups.baseDN':            'ou=groups,dc=my-domain,dc=com',
-    'groups.attrmap':           {'rdn': 'cn',
-                                 'id': 'cn',
-                                 'title': 'o',
-                                 'description': 'description'},
+    'groups.attrmap':           {
+                                    'rdn': 'cn',
+                                    'id': 'cn',
+                                    'title': 'o',
+                                    'description': 'description'
+                                },
     'groups.scope':             ONELEVEL,
     'groups.queryFilter':       '(objectClass=groupOfNames)',
     'groups.objectClasses':     ['groupOfNames'],

src/pas/plugins/ldap/plonecontrolpanel/inspector.pt

@@ -20,6 +20,7 @@
 
   <div>
     <ul id="ldap_child_listing">
+      <li>No search base selected</li>
     </ul>
   </div>
 
@@ -61,11 +62,19 @@
     (function($) {
         $("select[name=ldap_base_container]").bind('change', function(evt) {
             evt.preventDefault();
-            var val = $(this).attr('value');
+            var val = $(this).val();
             if (val == 'Users') {
                 ldap_inspector.query_users();
             } else if (val == 'Groups') {
                 ldap_inspector.query_groups();
+            } else {
+                var listing = ldap_inspector.listing();
+                listing.empty();
+                var li = $(document.createElement('li'));
+                var span = $(document.createElement('span'));
+                span.text('No search base selected');
+                li.append(span);
+                listing.append(li);
             }
         });
 
@@ -101,10 +110,17 @@
                     var li = $(document.createElement('li'));
                     li.attr('class', 'ldap_child');
                     var a = $(document.createElement('a'));
-                    a.text(this.rdn);
+                    a.text(this.dn);
                     li.append(a);
                     listing.append(li);
                 });
+                if (listing.children().length === 0) {
+                    var li = $(document.createElement('li'));
+                    var span = $(document.createElement('span'));
+                    span.text('Empty result');
+                    li.append(span);
+                    listing.append(li);
+                }
                 $('li a', listing).bind('click',
                                         ldap_inspector.node_attributes);
             },
@@ -116,11 +132,11 @@
                 $('li table', listing).remove();
                 var elem = $(this);
                 elem.addClass('current');
-                var rdn = elem.text();
+                var dn = elem.text();
                 $.ajax({
                     url: '@@plone_ldapnodeattributes',
                     data: {
-                        rdn: rdn,
+                        dn: dn,
                         base: ldap_inspector.listing().data('base')
                     },
                     dataType: 'json',
@@ -133,9 +149,9 @@
                 var listing = ldap_inspector.listing();
                 var elem = $('li a.current', listing).parent();
                 var table = $(document.createElement('table'));
-                table.attr('class', 'ldap_node_attributes')
+                table.attr('class', 'ldap_node_attributes');
                 var chk_arr = function(val) {
-                    var str = Object.prototype.toString.call(val)
+                    var str = Object.prototype.toString.call(val);
                     return str === '[object Array]';
                 };
                 var key, val, m_val, row, key_td, val_td, key_wrap;

src/pas/plugins/ldap/plonecontrolpanel/inspector.py

@@ -38,7 +38,7 @@ def groups_children(self):
         return self.children(groups.baseDN)
 
     def node_attributes(self):
-        rdn = self.request['rdn']
+        dn = self.request['dn']
         base = self.request['base']
         if base == 'users':
             users = ILDAPUsersConfig(self.plugin)
@@ -47,7 +47,7 @@ def node_attributes(self):
             groups = ILDAPGroupsConfig(self.plugin)
             baseDN = groups.baseDN
         root = LDAPNode(baseDN, self.props)
-        node = root[rdn]
+        node = root.node_by_dn(dn, strict=True)
         ret = dict()
         for key, val in node.attrs.items():
             try:
@@ -65,6 +65,7 @@ def node_attributes(self):
     def children(self, baseDN):
         node = LDAPNode(baseDN, self.props)
         ret = list()
-        for key in node:
-            ret.append({'rdn': key})
+        # XXX: related search filters for users and groups container?
+        for dn in node.search():
+            ret.append({'dn': dn})
         return json.dumps(ret)