[checkmk-commits] Check_MK Git: check_mk: ldap: Moved user_id to userspec config option

Module: check_mk Branch: master Commit: f9169bfb7fd177c5276e00eef34b5a06d7e43453 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=f9169bfb7fd177… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Fri Nov 16 15:54:45 2012 +0100 ldap: Moved user_id to userspec config option --- web/plugins/userdb/ldap.py | 13 ++++++++----- web/plugins/wato/check_mk_configuration.py | 16 ++++++++-------- 2 files changed, 16 insertions(+), 13 deletions(-) diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py index 00cb989..7379205 100644 --- a/web/plugins/userdb/ldap.py +++ b/web/plugins/userdb/ldap.py @@ -218,14 +218,17 @@ def ldap_replace_macros(tmpl): return dn +def ldap_user_id_attr(): + return config.ldap_userspec.get('user_id', ldap_attr('user_id', False)) + def ldap_get_user_dn(username): # Check wether or not the user exists in the directory # It's only ok when exactly one entry is found. # Returns the DN in this case. result = ldap_search( ldap_replace_macros(config.ldap_userspec['dn']), - '(%s=%s)' % (ldap_attr('user_id'), ldap.filter.escape_filter_chars(username)), - [ldap_attr('user_id')], + '(%s=%s)' % (ldap_user_id_attr(), ldap.filter.escape_filter_chars(username)), + [ldap_user_id_attr()], ) if result: @@ -233,7 +236,7 @@ def ldap_get_user_dn(username): def ldap_get_users(add_filter = None): columns = [ - ldap_attr('user_id'), # needed in all cases as uniq id + ldap_user_id_attr(), # needed in all cases as uniq id ] + ldap_needed_attributes() filt = ldap_filter('users') @@ -243,7 +246,7 @@ def ldap_get_users(add_filter = None): result = {} for dn, ldap_user in ldap_search(ldap_replace_macros(config.ldap_userspec['dn']), filt, columns = columns): - user_id = ldap_user[ldap_attr('user_id')][0] + user_id = ldap_user[ldap_user_id_attr()][0] result[user_id] = ldap_user return result @@ -433,7 +436,7 @@ def ldap_sync(add_to_changelog, only_username): filt = None if only_username: - filt = '(%s=%s)' % (ldap_attr('user_id'), only_username) + filt = '(%s=%s)' % (ldap_user_id_attr(), only_username) import wato users = wato.load_users() diff --git a/web/plugins/wato/check_mk_configuration.py b/web/plugins/wato/check_mk_configuration.py index 7d68aa9..f53f97f 100644 --- a/web/plugins/wato/check_mk_configuration.py +++ b/web/plugins/wato/check_mk_configuration.py @@ -397,8 +397,15 @@ register_configvar(group, size = 80, default_value = lambda: userdb.ldap_filter('users', False), )), + ("user_id", TextAscii( + title = _("User-ID"), + help = _("The attribute used to identify the individual users. It must have " + "unique values to make an user identifyable by the value of this " + "attribute."), + default_value = lambda: userdb.ldap_attr('user_id', False), + )), ], - optional_keys = ['scope', 'filter'], + optional_keys = ['scope', 'filter', 'user_id'], ), domain = "multisite", ) @@ -478,13 +485,6 @@ register_configvar(group, "communication with the LDAP server. It controls which attributes are " "e.g. used for the unique username or similar."), elements = [ - ("user_id", TextAscii( - title = _("User-ID"), - help = _("The attribute used to identify the individual users. It must have " - "unique values to make an user identifyable by the value of this " - "attribute."), - default_value = lambda: userdb.ldap_attr('user_id', False), - )), ("pw_changed", TextAscii( title = _("Relogon Indicator"), help = _("When the value of this attribute changes for a user account, all "