You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@labs.apache.org by ad...@apache.org on 2014/07/05 00:01:13 UTC
svn commit: r1607953 - in /labs/panopticon: pan-commands/bin/moderator
pan-utils/src/asf/data/ldap.py pan-utils/src/asf/utils/test.py
pan-utils/tests/conftest.py
Author: adc
Date: Fri Jul 4 22:01:13 2014
New Revision: 1607953
URL: http://svn.apache.org/r1607953
Log:
Default for ldap should be minotaur.apache.org
Modified:
labs/panopticon/pan-commands/bin/moderator
labs/panopticon/pan-utils/src/asf/data/ldap.py
labs/panopticon/pan-utils/src/asf/utils/test.py
labs/panopticon/pan-utils/tests/conftest.py
Modified: labs/panopticon/pan-commands/bin/moderator
URL: http://svn.apache.org/viewvc/labs/panopticon/pan-commands/bin/moderator?rev=1607953&r1=1607952&r2=1607953&view=diff
==============================================================================
--- labs/panopticon/pan-commands/bin/moderator (original)
+++ labs/panopticon/pan-commands/bin/moderator Fri Jul 4 22:01:13 2014
@@ -23,8 +23,7 @@ Mailing list moderator tool used to mana
import restkit
from asf.cli import entrypoint
-from asf.data import aliases
-from asf.data import lists
+from asf.data import aliases, lists
from asf.utils import committers
from asf.utils.emails import email_from_alias, is_apache_email_address, username_from_apache_email
Modified: labs/panopticon/pan-utils/src/asf/data/ldap.py
URL: http://svn.apache.org/viewvc/labs/panopticon/pan-utils/src/asf/data/ldap.py?rev=1607953&r1=1607952&r2=1607953&view=diff
==============================================================================
--- labs/panopticon/pan-utils/src/asf/data/ldap.py (original)
+++ labs/panopticon/pan-utils/src/asf/data/ldap.py Fri Jul 4 22:01:13 2014
@@ -28,17 +28,20 @@ import os
import ldap
-LDAP_URL = 'ldaps://ldap-tunnel.apache.org:6636'
-LDAP_TLS_CACERTFILE = '/etc/openldap/asf-ldap-client.pem'
+LDAP_URL = 'ldaps://minotaur.apache.org:636'
+LDAP_TLS_CACERTFILE = None
LDAP_BASE = 'ou=people,dc=apache,dc=org'
+TUNNEL_LDAP_URL = 'ldaps://ldap-tunnel.apache.org:6636'
+TUNNEL_LDAP_TLS_CACERTFILE = '/etc/openldap/asf-ldap-client.pem'
+
log = getLogger(__name__)
def check_user_password(username, password):
if not username or not password:
return False
- cnx = _ldap_cnx()
+ cnx = generate_ldap_context()
try:
cnx.simple_bind_s('uid=%s,ou=people,dc=apache,dc=org' % username, password)
except ldap.INVALID_CREDENTIALS:
@@ -63,15 +66,15 @@ class LDAP(object):
...
"""
- def __init__(self, LDAP_URL=None, TLS_CA_cert_file=None):
+ def __init__(self, ldap_url=None, tls_ca_cert_file=None):
"""
Connect to ASF Active Directory Server.
- :param LDAP_URL: LDAP URL to use to connect to ASF Active Directory Server
- :param TLS_CA_cert_file: TLS CA certificate file to use to connect to ASF Active Directory Server
+ :param ldap_url: LDAP URL to use to connect to ASF Active Directory Server
+ :param tls_ca_cert_file: TLS CA certificate file to use to connect to ASF Active Directory Server
"""
self.base = LDAP_BASE
- self.ldap = _ldap_cnx(LDAP_URL, TLS_CA_cert_file)
+ self.ldap = generate_ldap_context(ldap_url, tls_ca_cert_file)
self.ldap.simple_bind_s()
def search(self, search_filter, attributes=None):
@@ -152,7 +155,7 @@ class LDAP(object):
return False
-def cacert_file():
+def default_cacert_file():
""" Return the path to the CA Cert file to validate the TLS connection. """
tls_cacert_file = os.environ.get('PANOPTICON_LDAP_TLS_CACERTFILE', LDAP_TLS_CACERTFILE)
@@ -161,7 +164,7 @@ def cacert_file():
return tls_cacert_file
-def ldap_url():
+def default_ldap_url():
""" Return the path to the CA Cert file to validate the TLS connection. """
url = os.environ.get('PANOPTICON_LDAP_URL', LDAP_URL)
@@ -170,14 +173,14 @@ def ldap_url():
return url
-def _ldap_cnx(LDAP_URL=None, TLS_CA_cert_file=None):
+def generate_ldap_context(ldap_url=None, tls_ca_cert_file=None):
""" Gets an LDAP connection and makes sure the cert file option is set. """
- TLS_CA_cert_file = TLS_CA_cert_file or cacert_file()
- ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, TLS_CA_cert_file)
- LDAP_URL = LDAP_URL or ldap_url()
+ tls_ca_cert_file = tls_ca_cert_file or default_cacert_file()
+ if tls_ca_cert_file:
+ ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, tls_ca_cert_file)
- cnx = ldap.initialize(LDAP_URL)
- cnx.set_option(ldap.OPT_REFERRALS, 0)
+ context = ldap.initialize(ldap_url or default_ldap_url())
+ context.set_option(ldap.OPT_REFERRALS, 0)
- return cnx
+ return context
Modified: labs/panopticon/pan-utils/src/asf/utils/test.py
URL: http://svn.apache.org/viewvc/labs/panopticon/pan-utils/src/asf/utils/test.py?rev=1607953&r1=1607952&r2=1607953&view=diff
==============================================================================
--- labs/panopticon/pan-utils/src/asf/utils/test.py (original)
+++ labs/panopticon/pan-utils/src/asf/utils/test.py Fri Jul 4 22:01:13 2014
@@ -39,11 +39,18 @@ ensure_credentials_stored = pytest.mark.
def test_ldap():
+ saved_ldap_url = ldap.LDAP_URL
+ ldap.LDAP_URL = ldap.TUNNEL_LDAP_URL
+ saved_ldap_cacertfile = ldap.LDAP_TLS_CACERTFILE
+ ldap.LDAP_TLS_CACERTFILE = ldap.TUNNEL_LDAP_TLS_CACERTFILE
try:
ldap.LDAP()
return False
except Exception:
return True
+ finally:
+ ldap.LDAP_URL = saved_ldap_url
+ ldap.LDAP_TLS_CACERTFILE = saved_ldap_cacertfile
ensure_ldap = pytest.mark.skipif(test_ldap(),
Modified: labs/panopticon/pan-utils/tests/conftest.py
URL: http://svn.apache.org/viewvc/labs/panopticon/pan-utils/tests/conftest.py?rev=1607953&r1=1607952&r2=1607953&view=diff
==============================================================================
--- labs/panopticon/pan-utils/tests/conftest.py (original)
+++ labs/panopticon/pan-utils/tests/conftest.py Fri Jul 4 22:01:13 2014
@@ -17,16 +17,35 @@
# under the License.
#
import pytest
+
+from asf.data import ldap
from asf.utils.auth import get_stored_credentials
-@pytest.fixture
+@pytest.fixture(scope='module')
def password():
u, p = get_stored_credentials()
return p
-@pytest.fixture
+@pytest.fixture(scope='module')
def username():
u, p = get_stored_credentials()
return u
+
+
+SAVED_LDAP_URL = None
+SAVED_LDAP_CACERTFILE = None
+
+
+def pytest_runtest_setup(item):
+ global SAVED_LDAP_URL, SAVED_LDAP_CACERTFILE
+ SAVED_LDAP_URL = ldap.LDAP_URL
+ ldap.LDAP_URL = ldap.TUNNEL_LDAP_URL
+ SAVED_LDAP_CACERTFILE = ldap.LDAP_TLS_CACERTFILE
+ ldap.LDAP_TLS_CACERTFILE = ldap.TUNNEL_LDAP_TLS_CACERTFILE
+
+
+def pytest_runtest_teardown(item):
+ ldap.LDAP_URL = SAVED_LDAP_URL
+ ldap.LDAP_TLS_CACERTFILE = SAVED_LDAP_CACERTFILE
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@labs.apache.org
For additional commands, e-mail: commits-help@labs.apache.org