kallithea Changeset - 2afa6b8c2ade

Changeset - 2afa6b8c2ade

Parent rev.

Child rev.

[Not reviewed]

beta

0 2 0

Marcin Kuzminski - 14 years ago 2011-12-19 18:53:08
marcin@python-works.com

code garden
- added more logging to auth ldap
- updated keywords for setuptools

2 files changed with 23 insertions and 19 deletions:

rhodecode/lib/auth_ldap.py

setup.py

0 comments (0 inline, 0 general)

rhodecode/lib/auth_ldap.py

➞

Show inline comments

@@ @@ -43,7 +43,7 @@ class AuthLdap(object): @@
     def __init__(self, server, base_dn, port=389, bind_dn='', bind_pass='',
                  tls_kind='PLAIN', tls_reqcert='DEMAND', ldap_version=3,
                  ldap_filter='(&(objectClass=user)(!(objectClass=computer)))',
-                 search_scope = 'SUBTREE', attr_login = 'uid'):
                  search_scope='SUBTREE', attr_login='uid'):
         self.ldap_version = ldap_version
         ldap_server_type = 'ldap'
@@ @@ -52,9 +52,9 @@ class AuthLdap(object): @@
         if self.TLS_KIND == 'LDAPS':
             port = port or 689
             ldap_server_type = ldap_server_type + 's'
         OPT_X_TLS_DEMAND = 2
-        self.TLS_REQCERT = getattr(ldap, 'OPT_X_TLS_%s' % tls_reqcert,
         self.TLS_REQCERT = getattr(ldap, 'OPT_X_TLS_%s' % tls_reqcert,
                                    OPT_X_TLS_DEMAND)
         self.LDAP_SERVER_ADDRESS = server
         self.LDAP_SERVER_PORT = port
@@ @@ -73,7 +73,8 @@ class AuthLdap(object): @@
         self.attr_login = attr_login
     def authenticate_ldap(self, username, password):
         """Authenticate a user via LDAP and return his/her LDAP properties.
         """
         Authenticate a user via LDAP and return his/her LDAP properties.
         Raises AuthenticationError if the credentials are rejected, or
         EnvironmentError if the LDAP server can't be reached.
@@ @@ -87,13 +88,14 @@ class AuthLdap(object): @@
         uid = chop_at(username, "@%s" % self.LDAP_SERVER_ADDRESS)
         if not password:
             log.debug("Attempt to authenticate LDAP user with blank password rejected.")
             log.debug("Attempt to authenticate LDAP user "
                       "with blank password rejected.")
             raise LdapPasswordError()
         if "," in username:
             raise LdapUsernameError("invalid character in username: ,")
         try:
             if hasattr(ldap,'OPT_X_TLS_CACERTDIR'):
                 ldap.set_option(ldap.OPT_X_TLS_CACERTDIR,
             if hasattr(ldap, 'OPT_X_TLS_CACERTDIR'):
                 ldap.set_option(ldap.OPT_X_TLS_CACERTDIR,
                                 '/etc/openldap/cacerts')
             ldap.set_option(ldap.OPT_REFERRALS, ldap.OPT_OFF)
             ldap.set_option(ldap.OPT_RESTART, ldap.OPT_ON)
@@ @@ -114,12 +116,12 @@ class AuthLdap(object): @@
             if self.LDAP_BIND_DN and self.LDAP_BIND_PASS:
                 server.simple_bind_s(self.LDAP_BIND_DN, self.LDAP_BIND_PASS)
-            filt = '(&%s(%s=%s))' % (self.LDAP_FILTER, self.attr_login,
+            filter_ = '(&%s(%s=%s))' % (self.LDAP_FILTER, self.attr_login,
                                      username)
             log.debug("Authenticating %r filt %s at %s", self.BASE_DN,
                       filt, self.LDAP_SERVER)
             log.debug("Authenticating %r filter %s at %s", self.BASE_DN,
                       filter_, self.LDAP_SERVER)
             lobjects = server.search_ext_s(self.BASE_DN, self.SEARCH_SCOPE,
-                                           filt)
+                                           filter_)
             if not lobjects:
                 raise ldap.NO_SUCH_OBJECT()
@@ @@ -129,12 +131,13 @@ class AuthLdap(object): @@
                     continue
                 try:
                     log.debug('Trying simple bind with %s' % dn)
                     server.simple_bind_s(dn, password)
                     attrs = server.search_ext_s(dn, ldap.SCOPE_BASE,
                                                 '(objectClass=*)')[0][1]
                     break
-                except ldap.INVALID_CREDENTIALS, e:
                 except ldap.INVALID_CREDENTIALS:
                     log.debug("LDAP rejected password for user '%s' (%s): %s",
                               uid, username, dn)
@@ @@ -143,10 +146,10 @@ class AuthLdap(object): @@
                           "of '%s' (%s)", uid, username)
                 raise LdapPasswordError()
-        except ldap.NO_SUCH_OBJECT, e:
         except ldap.NO_SUCH_OBJECT:
             log.debug("LDAP says no such user '%s' (%s)", uid, username)
             raise LdapUsernameError()
-        except ldap.SERVER_DOWN, e:
         except ldap.SERVER_DOWN:
             raise LdapConnectionError("LDAP can't access "
                                       "authentication server")

setup.py

➞

Show inline comments

@@ @@ -53,19 +53,20 @@ if __platform__ in PLATFORM_OTHERS: @@
     requirements.append("py-bcrypt")
 #additional files from project that goes somewhere in the filesystem
 #relative to sys.prefix
 # additional files from project that goes somewhere in the filesystem
 # relative to sys.prefix
 data_files = []
 #additional files that goes into package itself
+# additional files that goes into package itself
 package_data = {'rhodecode': ['i18n/*/LC_MESSAGES/*.mo', ], }
 description = ('Mercurial repository browser/management with '
                'build in push/pull server and full text search')
 keywords = ' '.join(['rhodecode', 'rhodiumcode', 'mercurial', 'git',
                      'code review', 'repo groups', 'ldap'
                       'repository management', 'hgweb replacement'
                       'hgwebdir', 'gitweb replacement', 'serving hgweb', ])
 #long description
+# long description
 try:
     readme_file = 'README.rst'
     changelog_file = 'docs/changelog.rst'
@@ @@ -85,7 +86,7 @@ except ImportError: @@
     from ez_setup import use_setuptools
     use_setuptools()
     from setuptools import setup, find_packages
 #packages
+# packages
 packages = find_packages(exclude=['ez_setup'])
 setup(

0 comments (0 inline, 0 general)