Add more ldap configuration.

dila/application/authentication.py

@@ -25,7 +25,7 @@ def get_user_records(username):
     with initialize_connection() as connection:
         connection.simple_bind_s(config.LDAP_BIND_DN, config.LDAP_BIND_PASSWORD)
         query = config.LDAP_USER_OBJECT_FILTER % {'user': ldap_filter.escape_filter_chars(username)}
-        records = connection.search_s(config.LDAP_BASE_DN, ldap.SCOPE_SUBTREE, query)
+        records = connection.search_s(config.LDAP_USER_BASE_DN, ldap.SCOPE_SUBTREE, query)
     return records
 
 

dila/config.py

@@ -10,8 +10,9 @@
 LDAP_BIND_DN = ''
 LDAP_BIND_PASSWORD = ''
 LDAP_USER_OBJECT_FILTER = ''
-LDAP_BASE_DN = ''
-
+LDAP_USER_BASE_DN = ''
+LDAP_GROUP_OBJECT_FILTER = ''
+LDAP_GROUP_BASE_DN = ''
 
 def setup_from_module(module_name):
     module = __import__(module_name)

test_resources/test_image/test_config.py

@@ -4,5 +4,7 @@
 LDAP_SERVER_URI = 'ldap://ldap'
 LDAP_BIND_DN = 'cn=admin,dc=example,dc=com'
 LDAP_BIND_PASSWORD = 'admin_password'
-LDAP_BASE_DN = 'ou=employees,dc=example,dc=com'
+LDAP_USER_BASE_DN = 'ou=employees,dc=example,dc=com'
 LDAP_USER_OBJECT_FILTER = "(|(uid=%(user)s)(mail=%(user)s))"
+LDAP_GROUP_OBJECT_FILTER = "(objectClass=posixGroup)"
+LDAP_GROUP_BASE_DN = 'ou=groups,dc=example,dc=com'

tests/conftest.py

@@ -84,8 +84,10 @@ def config_ldap_setup(ldap_server):
         LDAP_SERVER_URI='ldap://{}'.format(get_container_ip(ldap_server)),
         LDAP_BIND_DN='cn=admin,dc=example,dc=com',
         LDAP_BIND_PASSWORD='admin_password',
-        LDAP_BASE_DN='ou=employees,dc=example,dc=com',
+        LDAP_USER_BASE_DN='ou=employees,dc=example,dc=com',
         LDAP_USER_OBJECT_FILTER="(|(uid=%(user)s)(mail=%(user)s))",
+        LDAP_GROUP_BASE_DN='ou=groups,dc=example,dc=com',
+        LDAP_GROUP_OBJECT_FILTER='(objectClass=posixGroup)',
     )
 
 @pytest.fixture(scope="session")