[checkmk-commits] Check_MK Git: check_mk: ldap: Moved user_id to userspec config option

git version control git at mathias-kettner.de
Wed Nov 21 14:35:07 CET 2012


Module: check_mk
Branch: master
Commit: f9169bfb7fd177c5276e00eef34b5a06d7e43453
URL:    http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=f9169bfb7fd177c5276e00eef34b5a06d7e43453

Author: Lars Michelsen <lm at mathias-kettner.de>
Date:   Fri Nov 16 15:54:45 2012 +0100

ldap: Moved user_id to userspec config option

---

 web/plugins/userdb/ldap.py                 |   13 ++++++++-----
 web/plugins/wato/check_mk_configuration.py |   16 ++++++++--------
 2 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py
index 00cb989..7379205 100644
--- a/web/plugins/userdb/ldap.py
+++ b/web/plugins/userdb/ldap.py
@@ -218,14 +218,17 @@ def ldap_replace_macros(tmpl):
 
     return dn
 
+def ldap_user_id_attr():
+    return config.ldap_userspec.get('user_id', ldap_attr('user_id', False))
+
 def ldap_get_user_dn(username):
     # Check wether or not the user exists in the directory
     # It's only ok when exactly one entry is found.
     # Returns the DN in this case.
     result = ldap_search(
         ldap_replace_macros(config.ldap_userspec['dn']),
-        '(%s=%s)' % (ldap_attr('user_id'), ldap.filter.escape_filter_chars(username)),
-        [ldap_attr('user_id')],
+        '(%s=%s)' % (ldap_user_id_attr(), ldap.filter.escape_filter_chars(username)),
+        [ldap_user_id_attr()],
     )
 
     if result:
@@ -233,7 +236,7 @@ def ldap_get_user_dn(username):
 
 def ldap_get_users(add_filter = None):
     columns = [
-        ldap_attr('user_id'), # needed in all cases as uniq id
+        ldap_user_id_attr(), # needed in all cases as uniq id
     ] + ldap_needed_attributes()
 
     filt = ldap_filter('users')
@@ -243,7 +246,7 @@ def ldap_get_users(add_filter = None):
     result = {}
     for dn, ldap_user in ldap_search(ldap_replace_macros(config.ldap_userspec['dn']),
                                      filt, columns = columns):
-        user_id = ldap_user[ldap_attr('user_id')][0]
+        user_id = ldap_user[ldap_user_id_attr()][0]
         result[user_id] = ldap_user
 
     return result
@@ -433,7 +436,7 @@ def ldap_sync(add_to_changelog, only_username):
 
     filt = None
     if only_username:
-        filt = '(%s=%s)' % (ldap_attr('user_id'), only_username)
+        filt = '(%s=%s)' % (ldap_user_id_attr(), only_username)
 
     import wato
     users      = wato.load_users()
diff --git a/web/plugins/wato/check_mk_configuration.py b/web/plugins/wato/check_mk_configuration.py
index 7d68aa9..f53f97f 100644
--- a/web/plugins/wato/check_mk_configuration.py
+++ b/web/plugins/wato/check_mk_configuration.py
@@ -397,8 +397,15 @@ register_configvar(group,
                 size = 80,
                 default_value = lambda: userdb.ldap_filter('users', False),
             )),
+            ("user_id", TextAscii(
+                title = _("User-ID"),
+                help  = _("The attribute used to identify the individual users. It must have "
+                          "unique values to make an user identifyable by the value of this "
+                          "attribute."),
+                default_value = lambda: userdb.ldap_attr('user_id', False),
+            )),
         ],
-        optional_keys = ['scope', 'filter'],
+        optional_keys = ['scope', 'filter', 'user_id'],
     ),
     domain = "multisite",
 )
@@ -478,13 +485,6 @@ register_configvar(group,
                   "communication with the LDAP server. It controls which attributes are "
                   "e.g. used for the unique username or similar."),
         elements = [
-            ("user_id", TextAscii(
-                title = _("User-ID"),
-                help  = _("The attribute used to identify the individual users. It must have "
-                          "unique values to make an user identifyable by the value of this "
-                          "attribute."),
-                default_value = lambda: userdb.ldap_attr('user_id', False),
-            )),
             ("pw_changed", TextAscii(
                 title = _("Relogon Indicator"),
                 help  = _("When the value of this attribute changes for a user account, all "



More information about the checkmk-commits mailing list