1. Peter Sagerson
  2. django-auth-ldap

Commits

Peter Sagerson  committed 4f78b29

Support lists of groups in *_FLAGS_BY_GROUP.

  • Participants
  • Parent commits c3b945a
  • Branches default

Comments (0)

Files changed (3)

File django_auth_ldap/backend.py

View file
  • Ignore whitespace
                 logger.warning("%s does not have a value for the attribute %s", self.dn, attr)
 
     def _populate_user_from_group_memberships(self):
-        for field, group_dn in self.settings.USER_FLAGS_BY_GROUP.iteritems():
-            value = self._get_groups().is_member_of(group_dn)
+        for field, group_dns in self.settings.USER_FLAGS_BY_GROUP.iteritems():
+            if isinstance(group_dns, basestring):
+                group_dns = [group_dns]
+            value = any(self._get_groups().is_member_of(dn) for dn in group_dns)
             setattr(self._user, field, value)
 
     def _populate_and_save_user_profile(self):
         """
         save_profile = False
 
-        for field, group_dn in self.settings.PROFILE_FLAGS_BY_GROUP.iteritems():
-            value = self._get_groups().is_member_of(group_dn)
+        for field, group_dns in self.settings.PROFILE_FLAGS_BY_GROUP.iteritems():
+            if isinstance(group_dns, basestring):
+                group_dns = [group_dns]
+            value = any(self._get_groups().is_member_of(dn) for dn in group_dns)
             setattr(profile, field, value)
             save_profile = True
 

File django_auth_ldap/tests.py

View file
  • Ignore whitespace
     })
 
     # groupOfUniqueName groups
+    empty_gon = ("cn=empty_gon,ou=groups,o=test", {
+        "cn": ["empty_gon"],
+        "objectClass": ["groupOfNames"],
+        "member": []
+    })
     active_gon = ("cn=active_gon,ou=groups,o=test", {
         "cn": ["active_gon"],
         "objectClass": ["groupOfNames"],
     })
 
     directory = dict([top, people, groups, alice, bob, dressler, nobody,
-                      active_px, staff_px, superuser_px, active_gon, staff_gon,
-                      superuser_gon, parent_gon, nested_gon, circular_gon])
+                      active_px, staff_px, superuser_px, empty_gon, active_gon,
+                      staff_gon, superuser_gon, parent_gon, nested_gon,
+                      circular_gon])
 
     @classmethod
     def configure_logger(cls):
             GROUP_TYPE=MemberDNGroupType(member_attr='member'),
             USER_FLAGS_BY_GROUP={
                 'is_active': "cn=active_gon,ou=groups,o=test",
-                'is_staff': "cn=staff_gon,ou=groups,o=test",
+                'is_staff': ["cn=empty_gon,ou=groups,o=test",
+                             "cn=staff_gon,ou=groups,o=test"],
                 'is_superuser': "cn=superuser_gon,ou=groups,o=test"
             }
         )
             GROUP_SEARCH=LDAPSearch('ou=groups,o=test', ldap.SCOPE_SUBTREE),
             GROUP_TYPE=MemberDNGroupType(member_attr='member'),
             PROFILE_FLAGS_BY_GROUP={
-                'is_special': "cn=superuser_gon,ou=groups,o=test"
+                'is_special': ["cn=superuser_gon,ou=groups,o=test"]
             }
         )
 

File docs/source/users.rst

View file
  • Ignore whitespace
 
     AUTH_LDAP_USER_FLAGS_BY_GROUP = {
         "is_active": "cn=active,ou=groups,dc=example,dc=com",
-        "is_staff": "cn=staff,ou=groups,dc=example,dc=com",
+        "is_staff": ["cn=staff,ou=groups,dc=example,dc=com",
+                     "cn=admin,ou=groups,dc=example,dc=com"],
         "is_superuser": "cn=superuser,ou=groups,dc=example,dc=com"
     }
 
     AUTH_LDAP_PROFILE_FLAGS_BY_GROUP = {
-        "is_awesome": "cn=awesome,ou=django,ou=groups,dc=example,dc=com"
+        "is_awesome": ["cn=awesome,ou=groups,dc=example,dc=com"]
     }
 
+If a list of groups is given, the flag will be set if the user is a member of
+any group.
+
 
 Updating Users
 --------------