Commits

Peter Sagerson committed 8bdbba8

Normalize DNs when comparing.

Comments (0)

Files changed (6)

django_auth_ldap/__init__.py

-version = (1, 1, 1)
-version_string = "1.1.1"
+version = (1, 1, 2)
+version_string = "1.1.2"

django_auth_ldap/backend.py

         """
         is_member = None
 
+        # Normalize the DN
+        group_dn = group_dn.lower()
+
         # If we have self._group_dns, we'll use it. Otherwise, we'll try to
         # avoid the cost of loading it.
         if self._group_dns is None:

django_auth_ldap/config.py

     def _process_results(self, results):
         """
         Returns a sanitized copy of raw LDAP results. This scrubs out
-        references, decodes utf8, etc.
+        references, decodes utf8, normalizes DNs, etc.
         """
         results = filter(lambda r: r[0] is not None, results)
         results = _DeepStringCoder('utf-8').decode(results)
 
+        # The normal form of a DN is lower case.
+        results = map(lambda r: (r[0].lower(), r[1]), results)
+
         result_dns = [result[0] for result in results]
         logger.debug(u"search_s('%s', %d, '%s') returned %d objects: %s" %
             (self.base_dn, self.scope, self.filterstr, len(result_dns), "; ".join(result_dns)))

django_auth_ldap/tests.py

             },
         }
         """
-        self.directory = directory
+        self.directory = self.cidict.cidict(directory)
 
         self.reset()
 
         "objectClass": ["groupOfNames"],
         "member": ["cn=nested_gon,ou=groups,o=test"]
     })
-    nested_gon = ("cn=nested_gon,ou=groups,o=test", {
+    nested_gon = ("CN=nested_gon,ou=groups,o=test", {
         "cn": ["nested_gon"],
         "objectClass": ["groupOfNames"],
         "member": [
         bob[0]: bob[1],
         dressler[0]: dressler[1],
         nobody[0]: nobody[1],
+        active_px[0]: active_px[1],
+        staff_px[0]: staff_px[1],
+        superuser_px[0]: superuser_px[1],
         active_gon[0]: active_gon[1],
         staff_gon[0]: staff_gon[1],
         superuser_gon[0]: superuser_gon[1],
         parent_gon[0]: parent_gon[1],
         nested_gon[0]: nested_gon[1],
         circular_gon[0]: circular_gon[1],
-        active_px[0]: active_px[1],
-        staff_px[0]: staff_px[1],
-        superuser_px[0]: superuser_px[1],
     })
 
 
 
         alice = self.backend.authenticate(username='alice', password='password')
 
-        self.assertEqual(alice.ldap_user.group_dns, set((g[0] for g in [self.active_gon, self.staff_gon, self.superuser_gon, self.nested_gon])))
+        self.assertEqual(alice.ldap_user.group_dns, set((g[0].lower() for g in [self.active_gon, self.staff_gon, self.superuser_gon, self.nested_gon])))
 
     def test_group_names(self):
         self._init_settings(
 # The short X.Y version.
 version = '1.1'
 # The full version, including alpha/beta/rc tags.
-release = '1.1.1'
+release = '1.1.2'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
 
 setup(
     name="django-auth-ldap",
-    version="1.1.1",
+    version="1.1.2",
     description="Django LDAP authentication backend",
     long_description=open('README.rst').read(),
     url="http://bitbucket.org/psagers/django-auth-ldap/",